From 10a44cbc2db5aff4dba825fa4df17b2653f4d8bd Mon Sep 17 00:00:00 2001 From: Evie Litherland-Smith Date: Sun, 10 Sep 2023 17:07:11 +0100 Subject: [PATCH] Major re-write to make things more modularised Move collection expressions from hosts/ into services/ as importable modules Remove service/hostname.nix collections Remove all imports from host/ expressions and include as modules in flake.nix Set sensible defaults that propagate to (I think) everything --- flake.nix | 254 ++++++++++++++++++++++++------ home/accounts/service.nix | 2 +- home/hyprland/default.nix | 7 +- hosts/Legion/configuration.nix | 100 ++++++++++-- hosts/Legion/home.nix | 21 +-- hosts/Monarch/home.nix | 22 +-- hosts/Northstar/configuration.nix | 20 --- hosts/Northstar/home.nix | 11 +- hosts/Ronin/configuration.nix | 23 +-- hosts/Ronin/home.nix | 22 +-- hosts/Vanguard/configuration.nix | 33 +--- hosts/Vanguard/home.nix | 17 +- hosts/common.nix | 51 ------ services/Legion.nix | 103 ------------ services/Northstar.nix | 18 --- services/Ronin.nix | 18 --- services/Vanguard.nix | 18 --- services/syncthing/default.nix | 26 +-- {hosts => system}/desktop.nix | 14 +- {hosts => system}/gamescope.nix | 27 ++-- {hosts => system}/hyprland.nix | 30 ++-- {hosts => system}/plasma.nix | 0 22 files changed, 388 insertions(+), 449 deletions(-) delete mode 100644 hosts/common.nix delete mode 100644 services/Legion.nix delete mode 100644 services/Northstar.nix delete mode 100644 services/Ronin.nix delete mode 100644 services/Vanguard.nix rename {hosts => system}/desktop.nix (74%) rename {hosts => system}/gamescope.nix (59%) rename {hosts => system}/hyprland.nix (84%) rename {hosts => system}/plasma.nix (100%) diff --git a/flake.nix b/flake.nix index ad0ea909..018f2a29 100644 --- a/flake.nix +++ b/flake.nix @@ -46,8 +46,7 @@ }; }; - outputs = - inputs@{ self, nixpkgs, home-manager, hyprland, anyrun, wallpapers, ... }: + outputs = { self, nixpkgs, ... }@inputs: let catppuccin-themes = with inputs; { alacritty = "${catppuccin-alacritty}/catppuccin-mocha.yml"; @@ -59,8 +58,37 @@ zsh = "${catppuccin-zsh}/themes/catppuccin_mocha-zsh-syntax-highlighting.zsh"; }; - systemConfig = - { hostName, user ? "xenia", system ? "x86_64-linux", shell ? "zsh" }: + default = { + hostName = "Atlas"; + user = "xenia"; + system = "x86_64-linux"; + group = "users"; + shell = "zsh"; + systemModules = [ ./system/hyprland.nix ]; + serviceModules = + [ ./services/sshd/default.nix ./services/syncthing/default.nix ]; + homeModules = [ + ./home/accounts/service.nix + ./home/pass/service.nix + ./home/git/default.nix + ./home/ssh/default.nix + ./home/tui/default.nix + ./home/tmux/default.nix + ./home/hyprland/default.nix + ./home/alacritty/default.nix + ./home/firefox/default.nix + ./home/zathura/default.nix + ./home/emacs/default.nix + ./home/neovim/default.nix + ]; + stateVersion = "23.05"; + }; + systemConfig = { hostName ? default.hostName, user ? default.user + , system ? default.system, group ? default.group, shell ? default.shell + , systemModules ? default.systemModules + , serviceModules ? default.serviceModules + , homeModules ? default.homeModules, stateVersion ? default.stateVersion + }: let pkgs = import nixpkgs { inherit system; @@ -73,77 +101,209 @@ }) ]; }; + commonModule = { + nix = { + settings = { + experimental-features = [ "nix-command" "flakes" ]; + auto-optimise-store = true; + }; + gc = { + automatic = true; + dates = "weekly"; + options = "--delete-older-than 30d"; + }; + extraOptions = '' + keep-outputs = true + keep-derivations = true + min-free = ${toString (100 * 1024 * 1024)} + max-free = ${toString (1024 * 1024 * 1024)} + ''; + }; + networking = { + inherit hostName; + networkmanager.enable = true; + }; + environment = { + localBinInPath = true; + shellAliases.nou = + ''sudo nixos-rebuild switch --flake "${self}"''; + }; + services = { + power-profiles-daemon.enable = true; + passSecretService.enable = true; + }; + virtualisation.podman.enable = true; + time.timeZone = "Europe/London"; + i18n = let locale = "en_GB.UTF-8"; + in { + # Select internationalisation properties. + defaultLocale = locale; + extraLocaleSettings = { + LC_ADDRESS = locale; + LC_IDENTIFICATION = locale; + LC_MEASUREMENT = locale; + LC_MONETARY = locale; + LC_NAME = locale; + LC_NUMERIC = locale; + LC_PAPER = locale; + LC_TELEPHONE = locale; + LC_TIME = locale; + }; + }; + programs.${shell}.enable = true; + system = { + inherit stateVersion; + autoUpgrade.flake = self; + }; + users.users.${user} = { + inherit group; + isNormalUser = true; + description = "Evie Litherland-Smith"; + extraGroups = [ "networkmanager" "wheel" "video" ]; + shell = pkgs.${shell}; + openssh.authorizedKeys.keys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIANfkqd5lPTsSPU3SRYnAa1UjCYDmDeBTyzq5McmWlm6 xenia@Vanguard" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINI1dWlS16Keil0MGPWmMsBzx8F9ylfz+fRwxUr8/tZ/ ion" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAII1tJFdbiyJApuVZFvo9E9kjlBwvXZeySqVuS2qGdxha tux@monarch" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDI44C35I2x9tqzeZDmIpbzmGJWXfATn/Wp5KzVRdlCi root@debian" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKMVEXJTqWkrpmvinPJGsSvome9bCd0CM4iu13aVG6UZ elitherl@Ronin" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJ/ZSSCN5sqrA+tdoIZr5EUm5DRuBV4dQ7J+QBEtUwUU xenia@Northstar" + ]; + }; + home-manager = { + useGlobalPkgs = true; + useUserPackages = true; + extraSpecialArgs = { + inherit hostName user shell inputs catppuccin-themes; + hyprland = inputs.hyprland; + anyrun = inputs.anyrun; + wallpapers = inputs.wallpapers; + }; + users.${user} = { + imports = + [ ./home/shell/${shell}.nix ./hosts/${hostName}/home.nix ] + ++ homeModules; + home = { + inherit stateVersion; + username = user; + homeDirectory = nixpkgs.lib.mkDefault "/home/${user}"; + }; + programs.home-manager.enable = true; + }; + }; + }; in nixpkgs.lib.nixosSystem { inherit pkgs; - specialArgs = { inherit hostName user shell hyprland; }; + specialArgs = { inherit hostName user group shell inputs; }; modules = [ ./hosts/${hostName}/configuration.nix - ./services/${hostName}.nix - { - networking = { inherit hostName; }; - users.users.${user} = { - isNormalUser = true; - description = "Evie Litherland-Smith"; - group = "users"; - extraGroups = [ "networkmanager" "wheel" "video" ]; - shell = pkgs.${shell}; - openssh.authorizedKeys.keys = import ./auth/authorized_keys.nix; - }; - programs.${shell}.enable = true; - } - home-manager.nixosModules.home-manager - { - home-manager = { - useGlobalPkgs = true; - useUserPackages = true; - extraSpecialArgs = { - inherit hostName user shell hyprland anyrun wallpapers - catppuccin-themes; - shellConfig = ./home/shell/${shell}.nix; - }; - users.${user} = import ./hosts/${hostName}/home.nix; - }; - } - ]; + ./hosts/${hostName}/hardware-configuration.nix + inputs.home-manager.nixosModules.home-manager + commonModule + ] ++ systemModules ++ serviceModules; }; - homeConfig = { hostName, user, system ? "x86_64-linux", shell ? "zsh" }: - home-manager.lib.homeManagerConfiguration { + homeConfig = { hostName ? default.hostName, user ? default.user + , system ? default.system, shell ? default.shell + , homeModules ? default.homeModules, stateVersion ? default.stateVersion + }: + inputs.home-manager.lib.homeManagerConfiguration { pkgs = nixpkgs.legacyPackages.${system}; extraSpecialArgs = { - inherit hostName user shell hyprland anyrun wallpapers - catppuccin-themes; - shellConfig = ./home/shell/${shell}.nix; + inherit hostName user shell inputs catppuccin-themes; + hyprland = inputs.hyprland; + anyrun = inputs.anyrun; + wallpapers = inputs.wallpapers; }; - modules = [ ./hosts/${hostName}/home.nix ]; + modules = [ + ./home/shell/${shell}.nix + ./hosts/${hostName}/home.nix + { + home = { + inherit stateVersion; + username = user; + homeDirectory = nixpkgs.lib.mkDefault "/home/${user}"; + }; + } + ] ++ homeModules; }; in { nixosConfigurations = { - Legion = systemConfig { + + Legion = let hostName = "Legion"; user = "xenia"; system = "x86_64-linux"; - shell = "zsh"; + in systemConfig { + inherit hostName user system; + systemModules = [ ]; + serviceModules = [ + ./services/adguardhome/default.nix + ./services/gitea/default.nix + ./services/nextcloud/default.nix + ./services/sshd/default.nix + ./services/syncthing/default.nix + ./services/terraria/windy_limbo_of_melancholy.nix + ./services/traefik/adguardhome.nix + ./services/traefik/gitea.nix + ./services/traefik/nextcloud.nix + ./services/traefik/qbittorrent.nix + ]; + homeModules = [ + ./home/git/default.nix + ./home/ssh/default.nix + ./home/tui/default.nix + ]; }; - Northstar = systemConfig {hostName = "Northstar"; user = "xenia"; system = "x86_64-linux"; shell = "zsh";}; - Ronin = systemConfig { + + Northstar = let + hostName = "Northstar"; + user = "xenia"; + system = "x86_64-linux"; + in systemConfig { + inherit hostName user system; + systemModules = default.systemModules ++ [ ]; + }; + + Ronin = let hostName = "Ronin"; user = "elitherl"; system = "x86_64-linux"; - shell = "zsh"; - }; - Vanguard = systemConfig { + in systemConfig { inherit hostName user systemConfig; }; + + Vanguard = let hostName = "Vanguard"; user = "xenia"; system = "x86_64-linux"; - shell = "zsh"; + in systemConfig { + inherit hostName user system; + systemModules = [ ./system/gamepass.nix ]; + serviceModules = [ ./services/sshd/default.nix ]; + homeModules = [ + ./home/git/default.nix + ./home/ssh/default.nix + ./home/tui/default.nix + ]; }; + }; homeConfigurations = { - "tux@Monarch" = homeConfig { + "tux@Monarch" = let hostName = "Monarch"; user = "tux"; system = "aarch64-darwin"; shell = "zsh"; + in homeConfig { + inherit hostName user system shell; + homeModules = [ + ./home/accounts/default.nix + ./home/pass/default.nix + ./home/git/default.nix + ./home/ssh/default.nix + ./home/tui/default.nix + ./home/tmux/default.nix + ./home/alacritty/default.nix + ./home/emacs/default.nix + ]; }; }; }; diff --git a/home/accounts/service.nix b/home/accounts/service.nix index cb6f4045..59dccf26 100644 --- a/home/accounts/service.nix +++ b/home/accounts/service.nix @@ -4,6 +4,6 @@ imports = [ ./default.nix ]; services.mbsync = { enable = true; - frequency = "*:00:00"; + frequency = "*-*-* *:*/15:00"; }; } diff --git a/home/hyprland/default.nix b/home/hyprland/default.nix index 011053af..866586b0 100644 --- a/home/hyprland/default.nix +++ b/home/hyprland/default.nix @@ -11,7 +11,12 @@ ./swaylock.nix ./gtk.nix ]; - home.packages = [ pkgs.libsForQt5.polkit-kde-agent ]; + home.packages = with pkgs; [ + libsForQt5.polkit-kde-agent + signal-desktop + libreoffice + zotero + ]; programs = { emacs.package = pkgs.emacs29-pgtk; firefox.package = pkgs.firefox-wayland; diff --git a/hosts/Legion/configuration.nix b/hosts/Legion/configuration.nix index 8a16456b..aa43abaf 100644 --- a/hosts/Legion/configuration.nix +++ b/hosts/Legion/configuration.nix @@ -1,13 +1,14 @@ # Edit this configuration file to define what should be installed on # your system. Help is available in the configuration.nix(5) man page # and in the NixOS manual (accessible by running `nixos-help`). -{ ... }: { - imports = [ - # Include the results of the hardware scan. - ./hardware-configuration.nix - ../common.nix - ]; - +{ ... }: +let + # generate via openvpn --genkey --secret openvpn-laptop.key + client-key = "/root/openvpn.key"; + domain = "vpn.xenia.me.uk"; + vpn-dev = "tun0"; + port = 1194; +in { # Use the systemd-boot EFI boot loader. boot.loader.systemd-boot.enable = true; boot.loader.efi.canTouchEfiVariables = true; @@ -21,12 +22,83 @@ upper = "05:00"; }; }; + networking = { + nat = { + enable = true; + externalInterface = "enp42s0"; + internalInterfaces = [ vpn-dev ]; + }; + firewall = { + trustedInterfaces = [ vpn-dev ]; + allowedUDPPorts = [ port ]; + }; + }; + services = { + syncthing = let dataDir = "/var/lib/syncthing"; + in { + inherit dataDir; + settings.folders = { + "Archive".path = dataDir + "/Archive"; + "Books".path = dataDir + "/Books"; + "Comics".path = dataDir + "/Comics"; + "Documents".path = dataDir + "/Documents"; + "Exports".path = dataDir + "/Exports"; + "Notes".path = dataDir + "/Notes"; + "Pictures".path = dataDir + "/Pictures"; + "Tasks".path = dataDir + "/Tasks"; + "Zotero".path = dataDir + "/Zotero"; + }; + }; + openvpn = { + restartAfterSleep = true; + servers.xenia.config = '' + dev ${vpn-dev} + proto udp + ifconfig 10.8.0.1 10.8.0.2 + secret ${client-key} + port ${toString port} - # This value determines the NixOS release from which the default - # settings for stateful data, like file locations and database versions - # on your system were taken. It's perfectly fine and recommended to leave - # this value at the release version of the first install of this system. - # Before changing this value read the documentation for this option - # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). - system.stateVersion = "23.05"; # Did you read the comment? + cipher AES-256-CBC + auth-nocache + + comp-lzo + keepalive 10 60 + ping-timer-rem + persist-tun + persist-key + ''; + }; + }; + + environment.etc."openvpn/client.ovpn" = { + text = '' + dev tun + remote "${domain}" + ifconfig 10.8.0.2 10.8.0.1 + port ${toString port} + redirect-gateway def1 + + cipher AES-256-CBC + auth-nocache + + comp-lzo + keepalive 10 60 + resolv-retry infinite + nobind + persist-key + persist-tun + secret [inline] + + ''; + mode = "600"; + }; + system.activationScripts.openvpn-addkey = '' + f="/etc/openvpn/client.ovpn" + if ! grep -q '' $f; then + echo "appending secret key" + echo "" >> $f + cat ${client-key} >> $f + echo "" >> $f + fi + ''; } diff --git a/hosts/Legion/home.nix b/hosts/Legion/home.nix index 4d357bab..ffcd4415 100644 --- a/hosts/Legion/home.nix +++ b/hosts/Legion/home.nix @@ -1,20 +1 @@ -{ pkgs, user, shellConfig, ... }: -let homeDirectory = "/home/${user}"; -in { - imports = [ - shellConfig - ../../home/emacs - ../../home/git - ../../home/ssh - ../../home/tui - ]; - home = { - inherit homeDirectory; - username = user; - stateVersion = "22.11"; - }; - programs = { - home-manager.enable = true; - emacs.package = pkgs.emacs29; - }; -} +{ } diff --git a/hosts/Monarch/home.nix b/hosts/Monarch/home.nix index 6424fbd3..79aa0202 100644 --- a/hosts/Monarch/home.nix +++ b/hosts/Monarch/home.nix @@ -1,25 +1,11 @@ -{ pkgs, user, shell ? "zsh", ... }: -let homeDirectory = "/Users/${user}"; -in { - imports = [ - ../../home/shell/${shell}.nix - ../../home/accounts/default.nix - ../../home/pass/default.nix - ../../home/git/default.nix - ../../home/ssh/default.nix - ../../home/tui/default.nix - ../../home/tmux/default.nix - ../../home/alacritty/default.nix - ../../home/emacs/default.nix - ]; +{ config, pkgs, ... }: + +{ home = { - inherit homeDirectory; - username = user; - stateVersion = "23.05"; + homeDirectory = "/Users/${config.home.username}"; packages = with pkgs; [ coreutils-prefixed ]; }; programs = { - home-manager.enable = true; zsh = { sessionVariables.CC = "${pkgs.gcc}/bin/gcc"; envExtra = '' diff --git a/hosts/Northstar/configuration.nix b/hosts/Northstar/configuration.nix index b96dafc6..1a2144eb 100644 --- a/hosts/Northstar/configuration.nix +++ b/hosts/Northstar/configuration.nix @@ -1,27 +1,7 @@ -# Edit this configuration file to define what should be installed on -# your system. Help is available in the configuration.nix(5) man page -# and in the NixOS manual (accessible by running `nixos-help`). - { config, pkgs, ... }: { - imports = - [ # Include the results of the hardware scan. - ./hardware-configuration.nix - ../hyprland.nix - ]; - # Use the systemd-boot EFI boot loader. boot.loader.systemd-boot.enable = true; boot.loader.efi.canTouchEfiVariables = true; - - # This value determines the NixOS release from which the default - # settings for stateful data, like file locations and database versions - # on your system were taken. It's perfectly fine and recommended to leave - # this value at the release version of the first install of this system. - # Before changing this value read the documentation for this option - # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). - system.stateVersion = "23.05"; # Did you read the comment? - } - diff --git a/hosts/Northstar/home.nix b/hosts/Northstar/home.nix index c0477ebe..ffcd4415 100644 --- a/hosts/Northstar/home.nix +++ b/hosts/Northstar/home.nix @@ -1,10 +1 @@ -{ pkgs, lib, user, shellConfig, ... }: -let homeDirectory = "/home/${user}"; -in { - imports = [ shellConfig ../../home/default.nix ]; - home = { - inherit homeDirectory; - username = user; - stateVersion = "23.05"; - }; -} +{ } diff --git a/hosts/Ronin/configuration.nix b/hosts/Ronin/configuration.nix index 4f7ffae7..abcb5db2 100644 --- a/hosts/Ronin/configuration.nix +++ b/hosts/Ronin/configuration.nix @@ -2,11 +2,6 @@ # your system. Help is available in the configuration.nix(5) man page # and in the NixOS manual (accessible by running ‘nixos-help’). { ... }: { - imports = [ - # Include the results of the hardware scan. - ./hardware-configuration.nix - ../hyprland.nix - ]; # Bootloader. boot.loader.systemd-boot.enable = true; boot.loader.efi.canTouchEfiVariables = true; @@ -20,21 +15,19 @@ boot.initrd.luks.devices."luks-761eeb11-3091-4142-9232-4fb33165eccd".keyFile = "/crypto_keyfile.bin"; - hardware.bluetooth.enable = true; environment.etc."ppp/options".text = '' ipcp-accept-remote ''; - programs.light.enable = true; system.autoUpgrade = { enable = true; allowReboot = false; }; - - # This value determines the NixOS release from which the default - # settings for stateful data, like file locations and database versions - # on your system were taken. It‘s perfectly fine and recommended to leave - # this value at the release version of the first install of this system. - # Before changing this value read the documentation for this option - # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). - system.stateVersion = "23.05"; # Did you read the comment? + services.syncthing.settings.folders = { + "Archive".enable = false; + "Books".enable = false; + "Comics".enable = false; + "Documents".enable = false; + "Exports".enable = false; + "Pictures".enable = false; + }; } diff --git a/hosts/Ronin/home.nix b/hosts/Ronin/home.nix index e3fd0ca1..474ecb46 100644 --- a/hosts/Ronin/home.nix +++ b/hosts/Ronin/home.nix @@ -1,18 +1,12 @@ { pkgs, lib, user, shellConfig, ... }: -let homeDirectory = "/home/${user}"; -in { - imports = [ shellConfig ../../home ]; - home = { - inherit homeDirectory; - username = user; - stateVersion = "22.11"; - packages = with pkgs; [ - openfortivpn - nomachine-client - teams-for-linux - zoom-us - ]; - }; + +{ + home.packages = with pkgs; [ + openfortivpn + nomachine-client + teams-for-linux + zoom-us + ]; programs = { git.userEmail = "evie.litherland-smith@ukaea.uk"; ssh.matchBlocks = { diff --git a/hosts/Vanguard/configuration.nix b/hosts/Vanguard/configuration.nix index a72841a0..7da38019 100644 --- a/hosts/Vanguard/configuration.nix +++ b/hosts/Vanguard/configuration.nix @@ -1,38 +1,21 @@ # Edit this configuration file to define what should be installed on # your system. Help is available in the configuration.nix(5) man page # and in the NixOS manual (accessible by running ‘nixos-help’). -{ pkgs, ... }: { - imports = [ - # Include the results of the hardware scan. - ./hardware-configuration.nix - ../gamescope.nix - ]; +{ ... }: { # Bootloader. boot.loader.systemd-boot.enable = true; boot.loader.efi.canTouchEfiVariables = true; networking.nameservers = [ "192.168.1.230" "9.9.9.9" ]; - environment.systemPackages = with pkgs; [ mesa ]; - hardware = { - bluetooth.enable = true; - opengl.driSupport32Bit = true; - steam-hardware.enable = true; - }; - programs.steam = { - enable = true; - remotePlay.openFirewall = true; - dedicatedServer.openFirewall = true; - }; system.autoUpgrade = { enable = false; allowReboot = false; }; - - # This value determines the NixOS release from which the default - # settings for stateful data, like file locations and database versions - # on your system were taken. It‘s perfectly fine and recommended to leave - # this value at the release version of the first install of this system. - # Before changing this value read the documentation for this option - # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). - system.stateVersion = "23.05"; # Did you read the comment? + services.syncthing.settings.folders = { + "Archive".enable = false; + "Books".enable = false; + "Comics".enable = false; + "Exports".enable = false; + "Pictures".enable = false; + }; } diff --git a/hosts/Vanguard/home.nix b/hosts/Vanguard/home.nix index d99bae28..ffcd4415 100644 --- a/hosts/Vanguard/home.nix +++ b/hosts/Vanguard/home.nix @@ -1,16 +1 @@ -{ user, shellConfig, ... }: -let homeDirectory = "/home/${user}"; -in { - imports = [ - shellConfig - ../../home/git - ../../home/ssh - ../../home/tui - ]; - home = { - inherit homeDirectory; - username = user; - stateVersion = "22.11"; - }; - programs.home-manager.enable = true; -} +{ } diff --git a/hosts/common.nix b/hosts/common.nix deleted file mode 100644 index 2a768517..00000000 --- a/hosts/common.nix +++ /dev/null @@ -1,51 +0,0 @@ -{ pkgs, shell, ... }: -let flakeURL = "git+https://git.xenia.me.uk/xenia/nixos.git?ref=main"; -in { - nix = { - settings = { - experimental-features = [ "nix-command" "flakes" ]; - auto-optimise-store = true; - }; - gc = { - automatic = true; - dates = "weekly"; - options = "--delete-older-than 30d"; - }; - extraOptions = '' - keep-outputs = true - keep-derivations = true - min-free = ${toString (100 * 1024 * 1024)} - max-free = ${toString (1024 * 1024 * 1024)} - ''; - }; - system.autoUpgrade.flake = flakeURL; - environment = { - localBinInPath = true; - systemPackages = with pkgs; [ distrobox ]; - shellAliases.nou = ''sudo nixos-rebuild switch --flake "${flakeURL}"''; - }; - networking.networkmanager.enable = true; - services = { - power-profiles-daemon.enable = true; - passSecretService.enable = true; - }; - virtualisation.podman.enable = true; - programs = { ${shell}.enable = true; }; - # Set your time zone. - time.timeZone = "Europe/London"; - i18n = { - # Select internationalisation properties. - defaultLocale = "en_GB.UTF-8"; - extraLocaleSettings = { - LC_ADDRESS = "en_GB.UTF-8"; - LC_IDENTIFICATION = "en_GB.UTF-8"; - LC_MEASUREMENT = "en_GB.UTF-8"; - LC_MONETARY = "en_GB.UTF-8"; - LC_NAME = "en_GB.UTF-8"; - LC_NUMERIC = "en_GB.UTF-8"; - LC_PAPER = "en_GB.UTF-8"; - LC_TELEPHONE = "en_GB.UTF-8"; - LC_TIME = "en_GB.UTF-8"; - }; - }; -} diff --git a/services/Legion.nix b/services/Legion.nix deleted file mode 100644 index aebcd9b7..00000000 --- a/services/Legion.nix +++ /dev/null @@ -1,103 +0,0 @@ -{ ... }: -let - # generate via openvpn --genkey --secret openvpn-laptop.key - client-key = "/root/openvpn.key"; - domain = "vpn.xenia.me.uk"; - vpn-dev = "tun0"; - port = 1194; -in { - imports = [ - ./adguardhome/default.nix - ./gitea/default.nix - ./nextcloud/default.nix - ./sshd/default.nix - ./syncthing/default.nix - ./terraria/windy_limbo_of_melancholy.nix - ./traefik/adguardhome.nix - ./traefik/gitea.nix - ./traefik/nextcloud.nix - ./traefik/qbittorrent.nix - ]; - services.syncthing = let - user = "xenia"; - group = "users"; - dataDir = "/var/lib/syncthing"; - in { - inherit user group dataDir; - settings.folders = { - "Archive".path = dataDir + "/Archive"; - "Books".path = dataDir + "/Books"; - "Comics".path = dataDir + "/Comics"; - "Documents".path = dataDir + "/Documents"; - "Exports".path = dataDir + "/Exports"; - "Notes".path = dataDir + "/Notes"; - "Pictures".path = dataDir + "/Pictures"; - "Tasks".path = dataDir + "/Tasks"; - "Zotero".path = dataDir + "/Zotero"; - }; - }; - - networking = { - nat = { - enable = true; - externalInterface = "enp42s0"; - internalInterfaces = [ vpn-dev ]; - }; - firewall = { - trustedInterfaces = [ vpn-dev ]; - allowedUDPPorts = [ port ]; - }; - }; - - services.openvpn = { - restartAfterSleep = true; - servers.xenia.config = '' - dev ${vpn-dev} - proto udp - ifconfig 10.8.0.1 10.8.0.2 - secret ${client-key} - port ${toString port} - - cipher AES-256-CBC - auth-nocache - - comp-lzo - keepalive 10 60 - ping-timer-rem - persist-tun - persist-key - ''; - }; - - environment.etc."openvpn/client.ovpn" = { - text = '' - dev tun - remote "${domain}" - ifconfig 10.8.0.2 10.8.0.1 - port ${toString port} - redirect-gateway def1 - - cipher AES-256-CBC - auth-nocache - - comp-lzo - keepalive 10 60 - resolv-retry infinite - nobind - persist-key - persist-tun - secret [inline] - - ''; - mode = "600"; - }; - system.activationScripts.openvpn-addkey = '' - f="/etc/openvpn/client.ovpn" - if ! grep -q '' $f; then - echo "appending secret key" - echo "" >> $f - cat ${client-key} >> $f - echo "" >> $f - fi - ''; -} diff --git a/services/Northstar.nix b/services/Northstar.nix deleted file mode 100644 index b79ca1d4..00000000 --- a/services/Northstar.nix +++ /dev/null @@ -1,18 +0,0 @@ -{ ... }: -let - user = "xenia"; - group = "users"; - dataDir = "/home/${user}"; -in { - imports = [ ./sshd ./syncthing ]; - services.syncthing = { - inherit user group dataDir; - settings.folders = { - "Archive".enable = false; - "Books".enable = false; - "Comics".enable = false; - "Exports".enable = false; - "Pictures".enable = false; - }; - }; -} diff --git a/services/Ronin.nix b/services/Ronin.nix deleted file mode 100644 index 28f165ee..00000000 --- a/services/Ronin.nix +++ /dev/null @@ -1,18 +0,0 @@ -{...}: let - user = "elitherl"; - group = "users"; - dataDir = "/home/${user}"; -in { - imports = [./syncthing]; - services.syncthing = { - inherit user group dataDir; - settings.folders = { - "Archive".enable = false; - "Books".enable = false; - "Comics".enable = false; - "Documents".enable = false; - "Exports".enable = false; - "Pictures".enable = false; - }; - }; -} diff --git a/services/Vanguard.nix b/services/Vanguard.nix deleted file mode 100644 index b79ca1d4..00000000 --- a/services/Vanguard.nix +++ /dev/null @@ -1,18 +0,0 @@ -{ ... }: -let - user = "xenia"; - group = "users"; - dataDir = "/home/${user}"; -in { - imports = [ ./sshd ./syncthing ]; - services.syncthing = { - inherit user group dataDir; - settings.folders = { - "Archive".enable = false; - "Books".enable = false; - "Comics".enable = false; - "Exports".enable = false; - "Pictures".enable = false; - }; - }; -} diff --git a/services/syncthing/default.nix b/services/syncthing/default.nix index 8556ae17..b19e3f54 100644 --- a/services/syncthing/default.nix +++ b/services/syncthing/default.nix @@ -1,20 +1,26 @@ -{ lib, ... }: -let - defaultDataDir = "/var/lib/syncthing"; - devices = [ "Ion" "Legion" "Monarch" "Ronin" "Vanguard" ]; +{ lib, user, group, ... }: +let devices = [ "Ion" "Legion" "Monarch" "Northstar" "Ronin" "Vanguard" ]; in { services.syncthing = { + inherit user group; enable = true; - dataDir = lib.mkDefault defaultDataDir; + dataDir = lib.mkDefault "/home/${user}"; systemService = true; openDefaultPorts = true; settings = { devices = { - "Ion".id = "7DD4NPH-6T2ET5A-4FCLFWW-CS6UR2W-IO5XQXC-DM5B2Q4-6X7DGU2-UKKVEAB"; - "Legion".id = "6OX54CG-EAQMXKA-K7TXB5P-G5A27HB-52JE2FA-XNAYZU6-YMIDBXP-RKPBJQV"; - "Monarch".id = "CJSUZQY-67XBLEZ-VKVHQHI-BLEUZNF-G4237AV-AW44CGH-F3JDKXU-CWT3RQZ"; - "Ronin".id = "ZOL5YHK-ZZZULIE-UHGVKHW-H5E4BP7-S4CZBOX-OIZVUCV-RZUXOKA-QVBUBAJ"; - "Vanguard".id = "I366QNQ-D3FTDRX-RNOTXMW-YITZXOF-DSCDMQD-63Q72LI-ME2Y4HZ-T34RMQK"; + "Ion".id = + "7DD4NPH-6T2ET5A-4FCLFWW-CS6UR2W-IO5XQXC-DM5B2Q4-6X7DGU2-UKKVEAB"; + "Legion".id = + "6OX54CG-EAQMXKA-K7TXB5P-G5A27HB-52JE2FA-XNAYZU6-YMIDBXP-RKPBJQV"; + "Monarch".id = + "CJSUZQY-67XBLEZ-VKVHQHI-BLEUZNF-G4237AV-AW44CGH-F3JDKXU-CWT3RQZ"; + "Northstar".id = + "HNK5Z72-757G3BP-I4PBWXY-FM5FWCM-ES4XP56-E5ULWB5-RGRCBUI-RHWRXQV"; + "Ronin".id = + "ZOL5YHK-ZZZULIE-UHGVKHW-H5E4BP7-S4CZBOX-OIZVUCV-RZUXOKA-QVBUBAJ"; + "Vanguard".id = + "I366QNQ-D3FTDRX-RNOTXMW-YITZXOF-DSCDMQD-63Q72LI-ME2Y4HZ-T34RMQK"; }; folders = { "Archive" = { diff --git a/hosts/desktop.nix b/system/desktop.nix similarity index 74% rename from hosts/desktop.nix rename to system/desktop.nix index eea61bc2..9aa4b8ef 100644 --- a/hosts/desktop.nix +++ b/system/desktop.nix @@ -1,15 +1,18 @@ { pkgs, ... }: { - imports = [ ./common.nix ]; environment.systemPackages = with pkgs; [ + mesa libnotify glib gsettings-desktop-schemas ]; security.rtkit.enable = true; sound.enable = true; - hardware.pulseaudio.enable = false; + hardware = { + pulseaudio.enable = false; + bluetooth.enable = true; + }; services = { pipewire = { enable = true; @@ -23,8 +26,11 @@ }; }; console.keyMap = "uk"; - programs.ssh.startAgent = true; - programs.dconf.enable = true; + programs = { + ssh.startAgent = true; + dconf.enable = true; + light.enable = true; + }; gtk.iconCache.enable = true; qt = { enable = true; diff --git a/hosts/gamescope.nix b/system/gamescope.nix similarity index 59% rename from hosts/gamescope.nix rename to system/gamescope.nix index fba8aaa9..6cafd460 100644 --- a/hosts/gamescope.nix +++ b/system/gamescope.nix @@ -2,8 +2,7 @@ let sessionCommand = '' gamescope\ - --output-width 3840 --output-height 2160 --framerate-limit 60\ - --nested-width 1920 --nested-height 1080 --nested-refresh 60\ + --nested-refresh 60\ --scaler auto --filter fsr --fsr-sharpness 10\ --hide-cursor-delay 5 --steam -- steam -gamepadui ''; @@ -11,18 +10,24 @@ in { imports = [ ./desktop.nix ]; services = { blueman.enable = true; - greetd.enable = true; - greetd.settings = { - default_session = { - inherit user; - command = sessionCommand; - }; - initial_session = { - inherit user; - command = sessionCommand; + greetd = { + enable = true; + settings = { + default_session = { + inherit user; + command = sessionCommand; + }; + initial_session = { + inherit user; + command = sessionCommand; + }; }; }; }; + hardware = { + opengl.driSupport32Bit = true; + steam-hardware.enable = true; + }; programs = { xwayland.enable = true; gamescope = { diff --git a/hosts/hyprland.nix b/system/hyprland.nix similarity index 84% rename from hosts/hyprland.nix rename to system/hyprland.nix index 8cd8d592..2297fb97 100644 --- a/hosts/hyprland.nix +++ b/system/hyprland.nix @@ -1,9 +1,8 @@ -{ pkgs, hyprland, user ? "xenia", ... }: { - imports = [ ./desktop.nix hyprland.nixosModules.default ]; +{ pkgs, user ? "xenia", inputs, ... }: { + imports = [ ./desktop.nix inputs.hyprland.nixosModules.default ]; environment.systemPackages = with pkgs; [ xdg-utils wlr-randr - gsettings-desktop-schemas hyprpaper pipewire wireplumber @@ -38,22 +37,19 @@ }; fonts = { packages = with pkgs; [ + # normal fonts + noto-fonts + noto-fonts-cjk + noto-fonts-emoji + font-awesome + # nerdfonts + (nerdfonts.override { fonts = [ "FiraCode" ]; }) # icon fonts material-symbols emacs-all-the-icons-fonts material-design-icons weather-icons vscode-extensions.file-icons.file-icons - # normal fonts - jost - lexend - noto-fonts - noto-fonts-cjk - noto-fonts-emoji - roboto - font-awesome - # nerdfonts - (nerdfonts.override { fonts = [ "FiraCode" ]; }) ]; fontconfig = { enable = true; @@ -63,7 +59,7 @@ defaultFonts = { serif = [ "Noto Serif" "Noto Color Emoji" ]; sansSerif = [ "Noto Sans" "Noto Color Emoji" ]; - monospace = [ "FiraCode Nerd Font" "Noto Color Emoji" ]; + monospace = [ "FiraCode Nerd Font" "Noto Sans" "Noto Color Emoji" ]; emoji = [ "Noto Color Emoji" ]; }; }; @@ -75,7 +71,11 @@ programs = { hyprland = { enable = true; - package = hyprland.packages.${pkgs.system}.hyprland; + package = inputs.hyprland.packages.${pkgs.system}.hyprland; + xwayland = { + enable = true; + hidpi = true; + }; }; thunar = { enable = true; diff --git a/hosts/plasma.nix b/system/plasma.nix similarity index 100% rename from hosts/plasma.nix rename to system/plasma.nix