From 2f84976ee253fe97f86966d84bfba94656a7c0cf Mon Sep 17 00:00:00 2001 From: xqtc Date: Fri, 8 Nov 2024 00:53:37 +0100 Subject: [PATCH] Set up yosai --- flake-mods/nixosHosts.nix | 1 + flake.lock | 80 +++++----- home/modules/home-pkgs.nix | 6 +- home/modules/spotify-cli.nix | 20 +-- home/modules/yazi.nix | 2 +- hosts/x86_64-linux/beleth/monitoring.nix | 2 +- hosts/x86_64-linux/yosai/default.nix | 143 ++++++++++++++++++ .../yosai/hardware-configuration.nix | 43 ++++++ 8 files changed, 242 insertions(+), 55 deletions(-) create mode 100644 hosts/x86_64-linux/yosai/default.nix create mode 100644 hosts/x86_64-linux/yosai/hardware-configuration.nix diff --git a/flake-mods/nixosHosts.nix b/flake-mods/nixosHosts.nix index 1705e75..c42b130 100644 --- a/flake-mods/nixosHosts.nix +++ b/flake-mods/nixosHosts.nix @@ -10,6 +10,7 @@ "lilith" "lambda" "beleth" + "yosai" ] (name: inputs.nixpkgs.lib.nixosSystem { system = "x86_64-linux"; diff --git a/flake.lock b/flake.lock index 140b834..2cf9189 100644 --- a/flake.lock +++ b/flake.lock @@ -125,11 +125,11 @@ }, "locked": { "dir": "pkgs/firefox-addons", - "lastModified": 1730693000, - "narHash": "sha256-baSXoP6mctfc29ZzMS8AFJfJPnE6Vm4qZ0kjC/G3qs8=", + "lastModified": 1730952203, + "narHash": "sha256-iLs5wy7AyF7+vhnRyWZuQQRl1oX0YNF/yCS/nFxFr9Q=", "owner": "rycee", "repo": "nur-expressions", - "rev": "9c9f6b64926d03dba28f3088887699cc7f5da1f5", + "rev": "045b65b4a6812498a04df7704cbf1550bdf125ae", "type": "gitlab" }, "original": { @@ -356,11 +356,11 @@ ] }, "locked": { - "lastModified": 1730302582, - "narHash": "sha256-W1MIJpADXQCgosJZT8qBYLRuZls2KSiKdpnTVdKBuvU=", + "lastModified": 1730814269, + "narHash": "sha256-fWPHyhYE6xvMI1eGY3pwBTq85wcy1YXqdzTZF+06nOg=", "owner": "cachix", "repo": "git-hooks.nix", - "rev": "af8a16fe5c264f5e9e18bcee2859b40a656876cf", + "rev": "d70155fdc00df4628446352fc58adc640cd705c2", "type": "github" }, "original": { @@ -398,11 +398,11 @@ ] }, "locked": { - "lastModified": 1730633670, - "narHash": "sha256-ZFJqIXpvVKvzOVFKWNRDyIyAo+GYdmEPaYi1bZB6uf0=", + "lastModified": 1730837930, + "narHash": "sha256-0kZL4m+bKBJUBQse0HanewWO0g8hDdCvBhudzxgehqc=", "owner": "nix-community", "repo": "home-manager", - "rev": "8f6ca7855d409aeebe2a582c6fd6b6a8d0bf5661", + "rev": "2f607e07f3ac7e53541120536708e824acccfaa8", "type": "github" }, "original": { @@ -420,11 +420,11 @@ ] }, "locked": { - "lastModified": 1730633670, - "narHash": "sha256-ZFJqIXpvVKvzOVFKWNRDyIyAo+GYdmEPaYi1bZB6uf0=", + "lastModified": 1730837930, + "narHash": "sha256-0kZL4m+bKBJUBQse0HanewWO0g8hDdCvBhudzxgehqc=", "owner": "nix-community", "repo": "home-manager", - "rev": "8f6ca7855d409aeebe2a582c6fd6b6a8d0bf5661", + "rev": "2f607e07f3ac7e53541120536708e824acccfaa8", "type": "github" }, "original": { @@ -447,16 +447,16 @@ ] }, "locked": { - "lastModified": 1729544999, - "narHash": "sha256-YcyJLvTmN6uLEBGCvYoMLwsinblXMkoYkNLEO4WnKus=", + "lastModified": 1729958008, + "narHash": "sha256-EiOq8jF4Z/zQe0QYVc3+qSKxRK//CFHMB84aYrYGwEs=", "owner": "NuschtOS", "repo": "ixx", - "rev": "65c207c92befec93e22086da9456d3906a4e999c", + "rev": "9fd01aad037f345350eab2cd45e1946cc66da4eb", "type": "github" }, "original": { "owner": "NuschtOS", - "ref": "v0.0.5", + "ref": "v0.0.6", "repo": "ixx", "type": "github" } @@ -522,11 +522,11 @@ ] }, "locked": { - "lastModified": 1730600078, - "narHash": "sha256-BoyFmE59HDF3uybBySsWVoyjNuHvz3Wv8row/mSb958=", + "lastModified": 1730779758, + "narHash": "sha256-5WI9AnsBwhLzVRnQm3Qn9oAbROnuLDQTpaXeyZCK8qw=", "owner": "lnl7", "repo": "nix-darwin", - "rev": "4652874d014b82cb746173ffc64f6a70044daa7e", + "rev": "0e3f3f017c14467085f15d42343a3aaaacd89bcb", "type": "github" }, "original": { @@ -578,11 +578,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1730537918, - "narHash": "sha256-GJB1/aaTnAtt9sso/EQ77TAGJ/rt6uvlP0RqZFnWue8=", + "lastModified": 1730919458, + "narHash": "sha256-yMO0T0QJlmT/x4HEyvrCyigGrdYfIXX3e5gWqB64wLg=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "f6e0cd5c47d150c4718199084e5764f968f1b560", + "rev": "e1cc1f6483393634aee94514186d21a4871e78d7", "type": "github" }, "original": { @@ -610,11 +610,11 @@ }, "nixpkgs-2405": { "locked": { - "lastModified": 1730327045, - "narHash": "sha256-xKel5kd1AbExymxoIfQ7pgcX6hjw9jCgbiBjiUfSVJ8=", + "lastModified": 1730883749, + "narHash": "sha256-mwrFF0vElHJP8X3pFCByJR365Q2463ATp2qGIrDUdlE=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "080166c15633801df010977d9d7474b4a6c549d7", + "rev": "dba414932936fde69f0606b4f1d87c5bc0003ede", "type": "github" }, "original": { @@ -638,11 +638,11 @@ }, "nixpkgs-master": { "locked": { - "lastModified": 1730735745, - "narHash": "sha256-NjoafRvrkYXurHxzs2kcoQ6HBkO/9fV/rmjRy9nkLd0=", + "lastModified": 1731021573, + "narHash": "sha256-+mkGFp2FrO/HA4YO2ZnDVGOMsAKoDs67CmF7SVi7E5E=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "a61cd8ff1b45f760bdf142914d517e0ccd31ffed", + "rev": "68ed257875da2037398cc7bcf3071ee1494c52ee", "type": "github" }, "original": { @@ -748,11 +748,11 @@ }, "nixpkgs_5": { "locked": { - "lastModified": 1730531603, - "narHash": "sha256-Dqg6si5CqIzm87sp57j5nTaeBbWhHFaVyG7V6L8k3lY=", + "lastModified": 1730785428, + "narHash": "sha256-Zwl8YgTVJTEum+L+0zVAWvXAGbWAuXHax3KzuejaDyo=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "7ffd9ae656aec493492b44d0ddfb28e79a1ea25d", + "rev": "4aa36568d413aca0ea84a1684d2d46f55dbabad7", "type": "github" }, "original": { @@ -809,11 +809,11 @@ "treefmt-nix": "treefmt-nix" }, "locked": { - "lastModified": 1730731617, - "narHash": "sha256-W7FNEe+gewzTSx0lykzZ3XUKmJ8uKk/SpIPblZIfYc0=", + "lastModified": 1731009822, + "narHash": "sha256-VwGfFYHjizs7yQwh8JRlDUVkHLPc34jdqkQ2vyv6ddY=", "owner": "nix-community", "repo": "nixvim", - "rev": "aa06b176e78c9ae9e779e605cab61c9d8681a54e", + "rev": "aabbd60633947baba11db44df84f402edc241440", "type": "github" }, "original": { @@ -832,11 +832,11 @@ ] }, "locked": { - "lastModified": 1730515563, - "narHash": "sha256-8lklUZRV7nwkPLF3roxzi4C2oyLydDXyAzAnDvjkOms=", + "lastModified": 1730760712, + "narHash": "sha256-F4H98tjNgySlSLItuOqHYo9LF85rFoS/Vr0uOrq7BM4=", "owner": "NuschtOS", "repo": "search", - "rev": "9e22bd742480916ff5d0ab20ca2522eaa3fa061e", + "rev": "aa5214c81b904a19f7a54f7a8f288f7902586eee", "type": "github" }, "original": { @@ -936,11 +936,11 @@ "nixpkgs-stable": "nixpkgs-stable_2" }, "locked": { - "lastModified": 1730605784, - "narHash": "sha256-1NveNAMLHbxOg0BpBMSVuZ2yW2PpDnZLbZ25wV50PMc=", + "lastModified": 1731008979, + "narHash": "sha256-yN1NxvmqV8UltLkqYBWTeZNgpD/eyh/7LM58caHiEfE=", "owner": "Mic92", "repo": "sops-nix", - "rev": "e9b5eef9b51cdf966c76143e13a9476725b2f760", + "rev": "fe63071416471abdab06caa234122932a7c4b980", "type": "github" }, "original": { diff --git a/home/modules/home-pkgs.nix b/home/modules/home-pkgs.nix index 520c9ad..71554eb 100644 --- a/home/modules/home-pkgs.nix +++ b/home/modules/home-pkgs.nix @@ -13,19 +13,19 @@ in { (lib.optionals (config.os == "linux") (with pkgs; [ element-desktop cargo - yubioath-flutter + #yubioath-flutter steam heroic mpv protonup-qt via telegram-desktop - jetbrains.rust-rover + #jetbrains.rust-rover tor-browser tutanota-desktop bitwarden-desktop bottles - flameshot + #flameshot grim networkmanagerapplet nextcloud-client diff --git a/home/modules/spotify-cli.nix b/home/modules/spotify-cli.nix index a830403..5f69259 100644 --- a/home/modules/spotify-cli.nix +++ b/home/modules/spotify-cli.nix @@ -6,15 +6,15 @@ ... }: { services.spotifyd.enable = config.os == "linux"; - services.spotifyd.settings.global = { - bitrate = 320; - username = "xqtc@tutanota.com"; - password_cmd = "cat /etc/spotifyd_pw"; - }; + #services.spotifyd.settings.global = { + # bitrate = 320; + # username = "xqtc@tutanota.com"; + # password_cmd = "cat /etc/spotifyd_pw"; + #}; - sops.secrets = lib.mkIf (config.os == "linux") { - "spotify/password" = { - path = "/etc/spotifyd_pw"; - }; - }; + #sops.secrets = lib.mkIf (config.os == "linux") { + # "spotify/password" = { + # path = "/etc/spotifyd_pw"; + # }; + #}; } diff --git a/home/modules/yazi.nix b/home/modules/yazi.nix index c1a0ca8..68a8704 100644 --- a/home/modules/yazi.nix +++ b/home/modules/yazi.nix @@ -5,7 +5,7 @@ ... }: { programs.yazi = { - enable = true; + enable = false; enableNushellIntegration = true; theme = builtins.fromTOML (builtins.readFile ../config-files/yazi-catppuccin-mocha.toml); }; diff --git a/hosts/x86_64-linux/beleth/monitoring.nix b/hosts/x86_64-linux/beleth/monitoring.nix index 00be39a..7c7b5d5 100644 --- a/hosts/x86_64-linux/beleth/monitoring.nix +++ b/hosts/x86_64-linux/beleth/monitoring.nix @@ -62,7 +62,7 @@ "127.0.0.1:${toString config.services.prometheus.exporters.node.port}" "127.0.0.1:${toString config.services.prometheus.exporters.nextcloud.port}" "127.0.0.1:${toString config.services.forgejo.settings.server.HTTP_PORT}" - "127.0.0.1:${toString config.services.comin.exporter.port}" + "127.0.0.1:${toString config.services.comin.exporter.port}" ]; } ]; diff --git a/hosts/x86_64-linux/yosai/default.nix b/hosts/x86_64-linux/yosai/default.nix new file mode 100644 index 0000000..f1e62da --- /dev/null +++ b/hosts/x86_64-linux/yosai/default.nix @@ -0,0 +1,143 @@ +# Edit this configuration file to define what should be installed on +# your system. Help is available in the configuration.nix(5) man page, on +# https://search.nixos.org/options and in the NixOS manual (`nixos-help`). +{ + config, + lib, + inputs, + pkgs, + ... +}: { + imports = [ + ./hardware-configuration.nix + ../../../common + #../../docker.nix + #../../antivirus.nix + ../../../modules/home-manager.nix + inputs.nixos-hardware.nixosModules.lenovo-thinkpad-t420 + ../../gc.nix + ]; + + nixpkgs.config.allowUnfree = true; + + boot.loader.systemd-boot.enable = true; + boot.loader.efi.canTouchEfiVariables = true; + boot.initrd.luks.devices = { + root = { + device = "/dev/disk/by-uuid/4df4ef63-896b-4954-98b4-77bf9f4297c6"; + preLVM = true; + # allowDiscards = true; + }; + }; + + nix.settings.experimental-features = ["nix-command" "flakes"]; + + programs.dconf.enable = true; + + networking.hostName = "yosai"; # Define your hostname. + # Pick only one of the below networking options. + # networking.wireless.enable = true; # Enables wireless support via wpa_supplicant. + networking.networkmanager.enable = true; # Easiest to use and most distros use this by default. + + # Set your time zone. + time.timeZone = "Europe/Berlin"; + + # Configure network proxy if necessary + # networking.proxy.default = "http://user:password@proxy:port/"; + # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain"; + + # Select internationalisation properties. + # i18n.defaultLocale = "en_US.UTF-8"; + # console = { + # font = "Lat2-Terminus16"; + # keyMap = "us"; + # useXkbConfig = true; # use xkb.options in tty. + # }; + + # Enable the X11 windowing system. + # services.xserver.enable = true; + + hardware.opengl.enable = true; + hardware.opengl.driSupport32Bit = true; + + # Configure keymap in X11 + # services.xserver.xkb.layout = "us"; + # services.xserver.xkb.options = "eurosign:e,caps:escape"; + + # Enable CUPS to print documents. + # services.printing.enable = true; + + # Enable sound. + # hardware.pulseaudio.enable = true; + # OR + services.pipewire = { + enable = true; + pulse.enable = true; + }; + + # Enable touchpad support (enabled default in most desktopManager). + services.libinput.enable = true; + + # Define a user account. Don't forget to set a password with ‘passwd’. + users.users.xqtc = { + isNormalUser = true; + extraGroups = ["wheel"]; # Enable ‘sudo’ for the user. + packages = with pkgs; [ + firefox + neovim + git + foot + tree + ]; + }; + + # List packages installed in system profile. To search, run: + # $ nix search wget + # environment.systemPackages = with pkgs; [ + # vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default. + # wget + # ]; + + # Some programs need SUID wrappers, can be configured further or are + # started in user sessions. + programs.mtr.enable = true; + programs.gnupg.agent = { + enable = true; + enableSSHSupport = true; + }; + + # List services that you want to enable: + + # Enable the OpenSSH daemon. + services.openssh.enable = true; + + # Open ports in the firewall. + # networking.firewall.allowedTCPPorts = [ ... ]; + # networking.firewall.allowedUDPPorts = [ ... ]; + # Or disable the firewall altogether. + # networking.firewall.enable = false; + + # Copy the NixOS configuration file and link it from the resulting system + # (/run/current-system/configuration.nix). This is useful in case you + # accidentally delete configuration.nix. + # system.copySystemConfiguration = true; + + # This option defines the first version of NixOS you have installed on this particular machine, + # and is used to maintain compatibility with application data (e.g. databases) created on older NixOS versions. + # + # Most users should NEVER change this value after the initial install, for any reason, + # even if you've upgraded your system to a new NixOS release. + # + # This value does NOT affect the Nixpkgs version your packages and OS are pulled from, + # so changing it will NOT upgrade your system - see https://nixos.org/manual/nixos/stable/#sec-upgrading for how + # to actually do that. + # + # This value being lower than the current NixOS release does NOT mean your system is + # out of date, out of support, or vulnerable. + # + # Do NOT change this value unless you have manually inspected all the changes it would make to your configuration, + # and migrated your data accordingly. + # + # For more information, see `man configuration.nix` or https://nixos.org/manual/nixos/stable/options#opt-system.stateVersion . + system.stateVersion = "24.05"; # Did you read the comment? +} diff --git a/hosts/x86_64-linux/yosai/hardware-configuration.nix b/hosts/x86_64-linux/yosai/hardware-configuration.nix new file mode 100644 index 0000000..a97cf0f --- /dev/null +++ b/hosts/x86_64-linux/yosai/hardware-configuration.nix @@ -0,0 +1,43 @@ +# Do not modify this file! It was generated by ‘nixos-generate-config’ +# and may be overwritten by future invocations. Please make changes +# to /etc/nixos/configuration.nix instead. +{ + config, + lib, + pkgs, + modulesPath, + ... +}: { + imports = [ + (modulesPath + "/installer/scan/not-detected.nix") + ]; + + boot.initrd.availableKernelModules = ["ehci_pci" "ata_piix" "usb_storage" "sd_mod" "sr_mod" "sdhci_pci"]; + boot.initrd.kernelModules = ["dm-snapshot"]; + boot.kernelModules = []; + boot.extraModulePackages = []; + + fileSystems."/" = { + device = "/dev/disk/by-uuid/778c036a-5e13-4946-8cdc-9aad0309713f"; + fsType = "btrfs"; + }; + + fileSystems."/boot" = { + device = "/dev/disk/by-uuid/76AB-764E"; + fsType = "vfat"; + options = ["fmask=0022" "dmask=0022"]; + }; + + swapDevices = []; + + # Enables DHCP on each ethernet and wireless interface. In case of scripted networking + # (the default) this is the recommended approach. When using systemd-networkd it's + # still possible to use this option, but it's recommended to use it in conjunction + # with explicit per-interface declarations with `networking.interfaces..useDHCP`. + networking.useDHCP = lib.mkDefault true; + # networking.interfaces.enp0s25.useDHCP = lib.mkDefault true; + # networking.interfaces.wlp3s0.useDHCP = lib.mkDefault true; + + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; + hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; +}