Blunkall-Technologies/Olympus
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

restructure

Browse Source
This commit is contained in:
Nathan
2026-04-22 12:30:34 -05:00
parent 03bec1dcaf
commit 06385f94f6
51 changed files with 698 additions and 1552 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
modules/hosts/container/default.nix → modules/hosts/container/configuration.nix
View File

@@ -136,21 +136,6 @@
};
};
sysconfig = {
opts = {
novnc.enable = true;
sddm.enable = true;
openssh.enable = true;
pipewire.enable = true;
hyprpanel.enable = false;
hyprland.enable = false;
kdePlasma6.enable = true;
git.enable = true;
nh.enable = true;
netbird.enable = true;
};
};
fonts.packages = with pkgs; [ nerd-fonts.fira-code ];
};

130
modules/hosts/homebox/config.nix
View File

@@ -1,130 +0,0 @@
{ self, inputs, ... }: {
flake.nixosConfigurations."homebox" = inputs.nixpkgs.lib.nixosSystem {
modules = [
self.nixosModules.homebox
self.diskoConfigurations.homebox
];
};
flake.nixosModules.homebox = { config, lib, pkgs, ... }:
{
config = {
services = {
xserver = {
enable = false;
videoDrivers = ["nvidia"];
};
displayManager = {
enable = false;
defaultSession = "hyprland";
autoLogin = {
enable = true;
user = "nathan";
};
};
pulseaudio.enable = false;
hardware.openrgb = {
enable = true;
motherboard = "amd";
};
};
hardware = {
nvidia = {
open = true;
modesetting.enable = true;
nvidiaPersistenced = true;
};
bluetooth = {
enable = true;
powerOnBoot = false;
};
};
sops = {
age.keyFile = "/var/lib/sops/age/keys.txt";
defaultSopsFile = ./secrets.yaml;
defaultSopsFormat = "yaml";
secrets = {
"nathan/pass" = {
neededForUsers = true;
};
"remoteBuildClientKeys/laptop".sopsFile = ./../../system/secrets.yaml;
"remoteBuildClientKeys/pi4".sopsFile = ./../../system/secrets.yaml;
"remoteBuildClientKeys/android".sopsFile = ./../../system/secrets.yaml;
};
};
sysconfig = {
host = "homebox";
docker.nvidia = true;
remoteBuildClient = false;
users = {
nathan = {
isSuperuser = true;
extraGroups = [ "networkmanager" "docker" ];
ssh.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAsU69CxfQk58CvItPN426h5Alnpb60SH37wet97Vb57 nathan@laptop"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEnUhN2uHwAJF/SLRX3wlGRmfhV3zpP88JQAYB+gh8jW nathan@localhost"
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCM7ZgIu4+ntHZbzo9iQPq5pUt7AhpOnfvvI0lWDgO4CgtkPGvyFrDnW87wjAKGKYkgKeHWHIkwq2hkEDqlPD+7xxtPpwzfyo7ZS23xlP31rL14HcG21jGHgx9SO7RmGDHHylu4PwJzz/KX59hcVmpSSV4hgB/mYA9UKe6VHv39X4y3HsjmiHwNBOKXltG4V+VkxOZD6HcZ62sgkyDTaqDpE7p+q8vHPbm6dVTKC9cMjtJmjB5EesMGKcEAy3VN2tA9M0EndtaLcBKM39vDXGpBsjURYZTu7NbQnncnO7L8kVL0nT4vA/d4mCjB51dPoXIcxn1ise0TOb9G7TxMbBQQO5YMOpiB2iuZRRvB3sYoKwbO8YfSxZi0EhvLcxkF9GBFw+pWPl0p0D2fPBbW88YQfEpoAt2EWvEu/pgaMJsTHpgaIuDwPLVQmDciX4MRoi324oElGSK8yN0P8IaCHhFchuehLBWvTi34Qot0GpnxeTzmlLzImICO9Yq0I7dk2rk= nathan@rpi-3dp"
];
shell = pkgs.zsh;
hashedPasswordFile = config.sops.secrets."nathan/pass".path;
home-manager = {
enable = true;
standalone = false;
extraModules = [
{
homeconfig = {
minimal = false;
virtual-machines = true;
hyprland.enable = false;
hypridle.enable = false;
wal.enable = true;
mpd.enable = true;
calcurse.enable = true;
rofi.enable = false;
firefox.enable = false;
git.enable = true;
nh.enable = true;
};
services.hypridle.enable = lib.mkForce false;
home.packages = with pkgs; [
wayvnc
openrgb
];
}
];
};
};
};
};
# This value determines the NixOS release from which the default
# settings for stateful data, like file locations and database versions
# on your system were taken. Its perfectly fine and recommended to leave
# this value at the release version of the first install of this system.
# Before changing this value read the documentation for this option
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
system.stateVersion = "23.05"; # Did you read the comment?
};
};
}

125
modules/hosts/homebox/configuration.nix Normal file
View File

@@ -0,0 +1,125 @@
{ self, inputs, ... }: {
flake.nixosModules.homebox = { config, pkgs, lib, ... }:
{
imports =
[
inputs.disko.nixosModules.default
inputs.home-manager.nixosModules.default
self.nixosModules.default
];
config = {
boot = {
kernelPackages = pkgs.linuxKernel.packages.linux_6_18;
loader = {
systemd-boot.enable = true;
efi.canTouchEfiVariables = true;
};
binfmt.emulatedSystems = [ "aarch64-linux" ];
};
systemd.settings.Manager.DefaultLimitNOFILE = 2048;
programs.zsh.enable = true;
environment.shells = with pkgs; [ zsh bashInteractive ];
nixpkgs.config.allowUnfree = true;
networking = {
nameservers = lib.mkDefault [ "1.1.1.1" "1.0.0.1" ];
networkmanager = {
enable = true;
dns = "none";
};
useDHCP = false;
dhcpcd.enable = false;
nftables = {};
nat = {
enable = true;
internalInterfaces = [ "ve-.+" ];
externalInterface = "wlp7s0"; # wifi
#externalInterface = "enp6s0"; # ethernet
};
};
services.netbird.clients.default.environment = {
NB_EXTRA_DNS_LABELS = "server";
};
fonts.packages = with pkgs; [ nerd-fonts.fira-code ];
services = {
xserver = {
enable = false;
videoDrivers = ["nvidia"];
};
displayManager = {
enable = false;
defaultSession = "hyprland";
autoLogin = {
enable = true;
user = "nathan";
};
};
pulseaudio.enable = false;
hardware.openrgb = {
enable = true;
motherboard = "amd";
};
};
hardware = {
nvidia = {
open = true;
modesetting.enable = true;
nvidiaPersistenced = true;
};
bluetooth = {
enable = true;
powerOnBoot = false;
};
};
sops = {
age.keyFile = "/var/lib/sops/age/keys.txt";
defaultSopsFile = ./secrets.yaml;
defaultSopsFormat = "yaml";
secrets = {
"nathan/pass" = {
neededForUsers = true;
};
"remoteBuildClientKeys/laptop".sopsFile = ./../../features/secrets.yaml;
"remoteBuildClientKeys/pi4".sopsFile = ./../../features/secrets.yaml;
"remoteBuildClientKeys/android".sopsFile = ./../../features/secrets.yaml;
};
};
nix = {
settings = {
trusted-users = [ "remote-builder" ];
};
};
# This value determines the NixOS release from which the default
# settings for stateful data, like file locations and database versions
# on your system were taken. Its perfectly fine and recommended to leave
# this value at the release version of the first install of this system.
# Before changing this value read the documentation for this option
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
system.stateVersion = "23.05"; # Did you read the comment?
};
};
}

121
modules/hosts/homebox/default.nix
View File

@@ -1,120 +1,11 @@
{ self, inputs, ... }: {
flake.nixosModules.homebox = { config, pkgs, lib, ... }:
{
imports =
[
inputs.disko.nixosModules.default
inputs.home-manager.nixosModules.default
self.nixosModules.default
];
config = {
boot = {
kernelPackages = pkgs.linuxKernel.packages.linux_6_18;
loader = {
systemd-boot.enable = true;
efi.canTouchEfiVariables = true;
};
binfmt.emulatedSystems = lib.mkIf config.sysconfig.remoteBuildHost [ "aarch64-linux" ];
};
systemd.settings.Manager.DefaultLimitNOFILE = 2048;
programs.zsh.enable = true;
environment.shells = with pkgs; [ zsh bashInteractive ];
nixpkgs.config.allowUnfree = true;
networking = {
nameservers = lib.mkDefault [ "1.1.1.1" "1.0.0.1" ];
networkmanager = {
enable = true;
dns = "none";
};
useDHCP = false;
dhcpcd.enable = false;
nftables = {};
nat = {
enable = true;
internalInterfaces = [ "ve-.+" ];
externalInterface = "wlp7s0"; # wifi
#externalInterface = "enp6s0"; # ethernet
};
};
services.netbird.clients.default.environment = {
NB_EXTRA_DNS_LABELS = "server";
};
sysconfig = {
remoteBuildHost = true;
graphical = false;
services = {
sddm.enable = false;
openssh.enable = true;
pipewire.enable = true;
netbird.enable = true;
ollama.enable = false;
avahi.enable = true;
wyoming = {
enable = true;
piper = true;
openwakeword = true;
faster-whisper = true;
};
};
programs = {
hyprland.enable = false;
steam.enable = false;
};
docker = {
enable = true;
portainer.enable = true;
traefik.enable = true;
pihole.enable = true;
authentik.enable = true;
netbird.enable = true;
openwebui.enable = true;
ollama.enable = true;
searxng.enable = true;
home-assistant.enable = true;
n8n.enable = true;
nextcloud.enable = false;
jellyfin.enable = true;
};
containers = {
"esotericbytes.com".enable = true;
gitea.enable = true;
code-server.enable = true;
sandbox.enable = false;
};
virtual-machines = {
enable = true;
};
};
fonts.packages = with pkgs; [ nerd-fonts.fira-code ];
};
flake.nixosConfigurations."homebox" = inputs.nixpkgs.lib.nixosSystem {
modules = [
self.nixosModules.homebox
self.nixosModules.homebox-hardware
self.diskoConfigurations.homebox
];
};
}

2
modules/hosts/homebox/hardware-configuration.nix
View File

@@ -1,6 +1,6 @@
{ ... }: {
flake.nixosModules.homebox = { config, lib, pkgs, modulesPath, ... }:
flake.nixosModules.homebox-hardware = { config, lib, pkgs, modulesPath, ... }:
{
imports =

48
modules/hosts/iso/configuration.nix Normal file
View File

@@ -0,0 +1,48 @@
{ self, inputs, ... }: {
flake.nixosModules.iso = { lib, pkgs, modulesPath, ... }: {
imports = with inputs; [
(modulesPath + "/installer/cd-dvd/installation-cd-minimal.nix")
self.nixosModules.default
self.nixosModules.aurora-greeter
home-manager.nixosModules.default
];
config = {
fonts.fontconfig.enable = lib.mkForce true;
fonts.packages = with pkgs; [ nerd-fonts.fira-code ];
environment.systemPackages = with pkgs; [ nerd-fonts.fira-code ];
system.stateVersion = "25.11";
nixpkgs.hostPlatform = "x86_64-linux";
users.users."nathan" = {
hashedPassword = "$y$j9T$F0pn6l4C45lz4a0FTZLqE0$Fc48Ptbmz/3MJCk/Jsaqop4ff.bY3J3GcjhmJx5R7k6";
packages = with pkgs; [
git
nerd-fonts.fira-code
];
};
users.users.nixos.enable = lib.mkForce false;
networking = {
nameservers = [ "1.1.1.1" "1.0.0.1" ];
networkmanager.enable = true;
};
programs.zsh.enable = true;
environment.shells = with pkgs; [ zsh bashInteractive ];
};
};
}

93
modules/hosts/iso/default.nix
View File

@@ -1,4 +1,4 @@
{ self, inputs, ... }: {
{ self, inputs, ...}: {
perSystem = { config, system, pkgs, self', inputs', ... }: {
packages.iso = self.nixosConfigurations.iso.config.system.build.isoImage;
@@ -11,96 +11,5 @@
];
};
flake.nixosModules.iso = { lib, pkgs, modulesPath, ... }: {
imports = with inputs; [
(modulesPath + "/installer/cd-dvd/installation-cd-minimal.nix")
self.nixosModules.default
self.nixosModules.aurora-greeter
home-manager.nixosModules.default
];
config = {
fonts.fontconfig.enable = lib.mkForce true;
fonts.packages = with pkgs; [ nerd-fonts.fira-code ];
environment.systemPackages = with pkgs; [ nerd-fonts.fira-code ];
system.stateVersion = "25.11";
nixpkgs.hostPlatform = "x86_64-linux";
users.users."nathan" = {
hashedPassword = "$y$j9T$F0pn6l4C45lz4a0FTZLqE0$Fc48Ptbmz/3MJCk/Jsaqop4ff.bY3J3GcjhmJx5R7k6";
packages = with pkgs; [
git
nerd-fonts.fira-code
];
};
users.users.nixos.enable = lib.mkForce false;
networking = {
nameservers = [ "1.1.1.1" "1.0.0.1" ];
networkmanager.enable = true;
};
programs.zsh.enable = true;
environment.shells = with pkgs; [ zsh bashInteractive ];
sysconfig = {
host = "iso";
graphical = true;
users = {
nathan = {
extraGroups = [ "wheel" "networkmanager" ];
shell = pkgs.zsh;
ssh.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAsU69CxfQk58CvItPN426h5Alnpb60SH37wet97Vb57 nathan@laptop"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEnUhN2uHwAJF/SLRX3wlGRmfhV3zpP88JQAYB+gh8jW nathan@localhost"
];
home-manager = {
enable = true;
standalone = false;
extraModules = [
{
homeconfig = {
minimal = false;
hyprland.enable = true;
wal.enable = true;
mpd.enable = true;
rofi.enable = true;
firefox.enable = true;
git.enable = false;
nh.enable = true;
aurora.enable = true;
};
}
];
};
};
};
services = {
openssh.enable = true;
pipewire.enable = true;
#kdePlasma6.enable = true;
netbird.enable = true;
#ollama.enable = true;
};
programs = {
#steam.enable = true;
hyprland.enable = true;
};
};
};
};
}

113
modules/hosts/jesstop/configuration.nix Normal file
View File

@@ -0,0 +1,113 @@
{ inputs, ... }: {
flake.nixosModules.jesstop = { config, pkgs, lib, ... }:
{
config = {
nixpkgs.config = {
allowUnfree = true;
};
# Bootloader.
boot = {
loader = {
systemd-boot.enable = true;
efi.canTouchEfiVariables = true;
};
};
systemd.extraConfig = "DefaultLimitNOFILE=2048";
hardware = {
graphics.enable = true;
#enable bluetooth
bluetooth.enable = true;
};
services.pulseaudio.enable = false;
environment.systemPackages = with pkgs; [
alsa-utils
];
# Enable the X11 windowing system.
services.xserver = {
enable = true;
desktopManager.enlightenment.enable = true;
};
services.acpid.enable = true;
services.displayManager.enable = true;
# Enable CUPS to print documents.
services.printing.enable = true;
system.stateVersion = "23.05"; # Did you read the comment?
# Set your time zone.
time.timeZone = "America/Chicago";
# Select internationalisation properties.
i18n.defaultLocale = "en_US.UTF-8";
i18n.extraLocaleSettings = {
LC_ADDRESS = "en_US.UTF-8";
LC_IDENTIFICATION = "en_US.UTF-8";
LC_MEASUREMENT = "en_US.UTF-8";
LC_MONETARY = "en_US.UTF-8";
LC_NAME = "en_US.UTF-8";
LC_NUMERIC = "en_US.UTF-8";
LC_PAPER = "en_US.UTF-8";
LC_TELEPHONE = "en_US.UTF-8";
LC_TIME = "en_US.UTF-8";
};
networking = {
hostName = "jesstop";
nameservers = [ "1.1.1.1" "1.0.0.1" ];
networkmanager.enable = true;
};
users.users."nickelback" = {
isNormalUser = true;
description = "Thomas Jefferson";
initialPassword = "89453712";
#hashedPasswordFile = config.sops.secrets."nathan/pass".path;
extraGroups = [
"wheel"
"networkmanager"
]; # Enable sudo for the user.
openssh.authorizedKeys.keys = [];
packages = with pkgs; [
(writeShellScriptBin "beets" ''
bluetoothctl connect A4:16:C0:74:1F:55
'')
spotify
gnome-network-displays
discord
krita
rpcs3
];
};
nix = {
nixPath = [ "nixpkgs=${inputs.nixpkgs}" ];
settings = {
experimental-features = [ "nix-command" "flakes" ];
};
};
fonts.packages = with pkgs; [ nerd-fonts.fira-code ];
};
};
}

135
modules/hosts/jesstop/default.nix
View File

@@ -1,132 +1,11 @@
{ inputs, ... }: {
{ self, inputs, ... }: {
flake.nixosConfigurations."jesstop" = inputs.nixpkgs.lib.nixosSystem {
flake.nixosModules.jesstop = { config, pkgs, lib, ... }:
{
imports = [
#inputs.home-manager.nixosModules.default
inputs.sops-nix.nixosModules.sops
modules = [
self.nixosModules.jesstop
self.nixosModules.jesstop-hardware
];
config = {
nixpkgs.config = {
allowUnfree = true;
};
# Bootloader.
boot = {
loader = {
systemd-boot.enable = true;
efi.canTouchEfiVariables = true;
};
};
systemd.extraConfig = "DefaultLimitNOFILE=2048";
hardware = {
graphics.enable = true;
#enable bluetooth
bluetooth.enable = true;
};
services.pulseaudio.enable = false;
environment.systemPackages = with pkgs; [
alsa-utils
];
sysconfig.opts = {
sddm.enable = true;
openssh.enable = false;
steam.enable = true;
pipewire.enable = true;
hyprpanel.enable = false;
hyprland.enable = false;
git.enable = false;
nh.enable = true;
};
# Enable the X11 windowing system.
services.xserver = {
enable = true;
desktopManager.enlightenment.enable = true;
};
services.acpid.enable = true;
services.displayManager.enable = true;
# Enable CUPS to print documents.
services.printing.enable = true;
system.stateVersion = "23.05"; # Did you read the comment?
# Set your time zone.
time.timeZone = "America/Chicago";
# Select internationalisation properties.
i18n.defaultLocale = "en_US.UTF-8";
i18n.extraLocaleSettings = {
LC_ADDRESS = "en_US.UTF-8";
LC_IDENTIFICATION = "en_US.UTF-8";
LC_MEASUREMENT = "en_US.UTF-8";
LC_MONETARY = "en_US.UTF-8";
LC_NAME = "en_US.UTF-8";
LC_NUMERIC = "en_US.UTF-8";
LC_PAPER = "en_US.UTF-8";
LC_TELEPHONE = "en_US.UTF-8";
LC_TIME = "en_US.UTF-8";
};
networking = {
hostName = "jesstop";
nameservers = [ "1.1.1.1" "1.0.0.1" ];
networkmanager.enable = true;
};
users.users."nickelback" = {
isNormalUser = true;
description = "Thomas Jefferson";
initialPassword = "89453712";
#hashedPasswordFile = config.sops.secrets."nathan/pass".path;
extraGroups = [
"wheel"
"networkmanager"
]; # Enable sudo for the user.
openssh.authorizedKeys.keys = [];
packages = with pkgs; [
(writeShellScriptBin "beets" ''
bluetoothctl connect A4:16:C0:74:1F:55
'')
spotify
gnome-network-displays
discord
krita
rpcs3
];
};
nix = {
nixPath = [ "nixpkgs=${inputs.nixpkgs}" ];
settings = {
experimental-features = [ "nix-command" "flakes" ];
};
};
fonts.packages = with pkgs; [ nerd-fonts.fira-code ];
};
};
}

2
modules/hosts/jesstop/hardware-configuration.nix
View File

@@ -1,6 +1,6 @@
{ ... }: {
flake.nixosModules.jesstop = { config, lib, pkgs, modulesPath, ... }:
flake.nixosModules.jesstop-hardware = { config, lib, pkgs, modulesPath, ... }:
{
imports =

125
modules/hosts/laptop/config.nix
View File

@@ -1,125 +0,0 @@
{ self, inputs, ... }: {
flake.nixosConfigurations."laptop" = inputs.nixpkgs.lib.nixosSystem {
modules = [
self.nixosModules.laptop
];
};
flake.nixosModules.laptop = { config, pkgs, ... }:
{
config = {
boot.kernelParams = [ "snd-intel-dspcfg.dsp_driver=1" ];
hardware = {
nvidia = {
modesetting.enable = true;
powerManagement.enable = true;
powerManagement.finegrained = true;
open = false;
nvidiaSettings = true;
package = config.boot.kernelPackages.nvidiaPackages.stable;
prime = {
# Make sure to use the correct Bus ID values for your system!
intelBusId = "PCI:0:2:0";
nvidiaBusId = "PCI:1:0:0";
# WARNING: sync and offload are mutually exclusive.
# You can only pick one!!
#sync.enable = true;
offload = {
enable = true;
enableOffloadCmd = true;
};
};
};
};
sops = {
defaultSopsFile = ./secrets.yaml;
secrets = {
"nathan/pass" = {
neededForUsers = true;
};
remoteBuildKey = {};
};
};
services.wyoming.satellite.user = "nathan";
sysconfig = {
host = "laptop";
services = {
wyoming = {
enable = true;
satellite = true;
};
};
remoteBuildClient = true;
users = {
nathan = {
isSuperuser = true;
extraGroups = [ "networkmanager" ];
hashedPasswordFile = config.sops.secrets."nathan/pass".path;
shell = pkgs.zsh;
home-manager = {
enable = true;
standalone = false;
extraModules = [
{
homeconfig = {
minimal = false;
graphical = true;
virtual-machines = true;
hyprland.enable = true;
hypridle.enable = true;
wal.enable = true;
mpd.enable = true;
calcurse.enable = true;
rofi.enable = true;
firefox.enable = true;
git.enable = true;
nh.enable = true;
aurora.enable = true;
};
#monitor=eDP-1, addreserved, 40,0,0,0
wayland.windowManager.hyprland.extraConfig = ''
monitor=eDP-1,1920x1080@60,0x0,1
bind = CTRL SHIFT, XF86Launch2, exec, bash -c 'if [[ $(hyprctl monitors | grep 0x0 | sed -n -e "s/\t*1920x1080@//" -e "s/.[1234567890]* at 0x0//p") == 300 ]]; then pkexec --user root /nix/var/nix/profiles/system/bin/switch-to-configuration switch; else pkexec --user root /nix/var/nix/profiles/system/specialisation/docked/bin/switch-to-configuration switch; fi'
bind = ALT, Escape, exec, if [[ $(hyprctl monitors | grep 0x0 | sed -n -e "s/\t*1920x1080@//" -e "s/.[1234567890]* at 0x0//p") == 300 ]]; then hyprctl keyword monitor eDP-1,1920x1080@60,0x0,1; else hyprctl keyword monitor eDP-1,1920x1080@300,0x0,1; fi
'';
}
];
};
};
};
};
services.xserver.videoDrivers = [ "nvidia" ];
# This value determines the NixOS release from which the default
# settings for stateful data, like file locations and database versions
# on your system were taken. Its perfectly fine and recommended to leave
# this value at the release version of the first install of this system.
# Before changing this value read the documentation for this option
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
system.stateVersion = "23.05"; # Did you read the comment?
};
};
}

135
modules/hosts/laptop/configuration.nix Normal file
View File

@@ -0,0 +1,135 @@
{ self, inputs, ... }: {
flake.nixosModules.laptop = { config, pkgs, lib, ... }:
{
imports = with self.nixosModules; [
inputs.home-manager.nixosModules.default
self.nixosModules.default
aurora-greeter
hyprland
pipewire
steam
avahi
netbird
];
config = {
nixpkgs.config = {
allowUnfree = true;
};
# Bootloader.
boot = {
kernelPackages = pkgs.linuxKernel.packages.linux_6_18;
loader = {
systemd-boot.enable = true;
efi.canTouchEfiVariables = true;
timeout = null;
};
};
systemd.settings.Manager.DefaultLimitNOFILE = 2048;
hardware = {
graphics.enable = true;
firmware = with pkgs; [
sof-firmware
];
#enable bluetooth
bluetooth.enable = true;
};
programs.partition-manager.enable = true;
services.pulseaudio.enable = false;
environment.systemPackages = with pkgs; [
alsa-utils
];
# Enable the X11 windowing system.
services.xserver = {
enable = true;
};
services.displayManager.enable = true;
environment.shells = with pkgs; [ zsh bashInteractive ];
# Enable CUPS to print documents.
services.printing.enable = true;
programs.adb.enable = true;
programs.zsh.enable = true;
networking = {
nameservers = [
"1.1.1.1"
"1.0.0.1"
];
networkmanager = {
enable = true;
dns = "none";
};
useDHCP = false;
dhcpcd.enable = false;
};
fonts.packages = with pkgs; [ nerd-fonts.fira-code ];
boot.kernelParams = [ "snd-intel-dspcfg.dsp_driver=1" ];
hardware = {
nvidia = {
modesetting.enable = true;
powerManagement.enable = true;
powerManagement.finegrained = true;
open = false;
nvidiaSettings = true;
package = config.boot.kernelPackages.nvidiaPackages.stable;
prime = {
# Make sure to use the correct Bus ID values for your system!
intelBusId = "PCI:0:2:0";
nvidiaBusId = "PCI:1:0:0";
# WARNING: sync and offload are mutually exclusive.
# You can only pick one!!
#sync.enable = true;
offload = {
enable = true;
enableOffloadCmd = true;
};
};
};
};
sops = {
defaultSopsFile = ./secrets.yaml;
secrets = {
remoteBuildKey = {};
};
};
services.xserver.videoDrivers = [ "nvidia" ];
# This value determines the NixOS release from which the default
# settings for stateful data, like file locations and database versions
# on your system were taken. Its perfectly fine and recommended to leave
# this value at the release version of the first install of this system.
# Before changing this value read the documentation for this option
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
system.stateVersion = "23.05"; # Did you read the comment?
};
};
}

121
modules/hosts/laptop/default.nix
View File

@@ -1,120 +1,11 @@
{ self, inputs, ... }: {
flake.nixosConfigurations."laptop" = inputs.nixpkgs.lib.nixosSystem {
flake.nixosModules.laptop = { config, pkgs, lib, ... }:
{
imports = [
inputs.home-manager.nixosModules.default
self.nixosModules.default
self.nixosModules.aurora-greeter
modules = [
self.nixosModules.laptop
self.nixosModules.laptop-hardware
];
config = {
nixpkgs.config = {
allowUnfree = true;
};
# Bootloader.
boot = {
kernelPackages = pkgs.linuxKernel.packages.linux_6_18;
loader = {
systemd-boot.enable = true;
efi.canTouchEfiVariables = true;
timeout = null;
};
};
systemd.settings.Manager.DefaultLimitNOFILE = 2048;
hardware = {
graphics.enable = true;
firmware = with pkgs; [
sof-firmware
];
#enable bluetooth
bluetooth.enable = true;
};
programs.partition-manager.enable = true;
services.pulseaudio.enable = false;
environment.systemPackages = with pkgs; [
alsa-utils
];
sysconfig = with lib; {
remoteBuildClient = mkDefault true;
graphical = mkDefault true;
services = {
sddm.enable = mkDefault true;
openssh.enable = mkDefault false;
pipewire.enable = mkDefault true;
netbird.enable = mkDefault true;
ollama.enable = mkDefault true;
avahi.enable = mkDefault true;
};
programs = {
steam.enable = mkDefault true;
hyprland.enable = mkDefault true;
};
containers = {
wyoming = {
enable = mkDefault false;
};
};
virtual-machines = {
enable = true;
};
};
# Enable the X11 windowing system.
services.xserver = {
enable = true;
};
services.displayManager.enable = true;
environment.shells = with pkgs; [ zsh bashInteractive ];
# Enable CUPS to print documents.
services.printing.enable = true;
programs.adb.enable = true;
programs.zsh.enable = true;
networking = {
nameservers = [
"1.1.1.1"
"1.0.0.1"
];
networkmanager = {
enable = true;
dns = "none";
};
useDHCP = false;
dhcpcd.enable = false;
};
fonts.packages = with pkgs; [ nerd-fonts.fira-code ];
};
};
}

2
modules/hosts/laptop/hardware-configuration.nix
View File

@@ -1,6 +1,6 @@
{ ... }: {
flake.nixosModules.laptop = { config, lib, pkgs, modulesPath, ... }:
flake.nixosModules.laptop-hardware = { config, lib, pkgs, modulesPath, ... }:
{
imports =

60
modules/hosts/live/configuration.nix Normal file
View File

@@ -0,0 +1,60 @@
{ inputs, ... }: {
flake.nixosModules.live = { pkgs, ... }: {
imports = with inputs; [
disko.nixosModules.default
(import ./disko.nix { device = "/dev/mmcblk0"; })
sops-nix.nixosModules.sops
home-manager.nixosModules.default
];
config = {
hardware.enableRedistributableFirmware = true;
hardware.enableAllHardware = true;
programs.zsh.enable = true;
environment.shells = with pkgs; [ zsh bashInteractive ];
networking = {
nameservers = [ "1.1.1.1" "1.0.0.1" ];
networkmanager.enable = true;
};
nixpkgs.hostPlatform = "x86_64-linux";
boot = {
loader = {
systemd-boot.enable = true;
efi.canTouchEfiVariables = true;
};
};
users.users."nathan" = {
hashedPassword = "$y$j9T$F0pn6l4C45lz4a0FTZLqE0$Fc48Ptbmz/3MJCk/Jsaqop4ff.bY3J3GcjhmJx5R7k6";
packages = with pkgs; [
git
nerd-fonts.fira-code
];
};
sops = {
age.keyFile = "/var/lib/sops/age/keys.txt";
defaultSopsFile = ./secrets.yaml;
defaultSopsFormat = "yaml";
#secrets."nathan/pass".neededForUsers = true;
};
system.stateVersion = "25.05";
fonts.packages = with pkgs; [ nerd-fonts.fira-code ];
};
};
}

126
modules/hosts/live/default.nix
View File

@@ -1,123 +1,11 @@
{ inputs, ... }: {
flake.nixosModules.live = { pkgs, ... }: {
imports = with inputs; [
disko.nixosModules.default
(import ./disko.nix { device = "/dev/mmcblk0"; })
sops-nix.nixosModules.sops
home-manager.nixosModules.default
{ self, inputs, ... }: {
flake.nixosConfigurations."live" = inputs.nixpkgs.lib.nixosSystem {
modules = [
self.nixosModules.live
self.diskoConfigurations.live
];
config = {
hardware.enableRedistributableFirmware = true;
hardware.enableAllHardware = true;
programs.zsh.enable = true;
environment.shells = with pkgs; [ zsh bashInteractive ];
networking = {
nameservers = [ "1.1.1.1" "1.0.0.1" ];
networkmanager.enable = true;
};
nixpkgs.hostPlatform = "x86_64-linux";
boot = {
loader = {
systemd-boot.enable = true;
efi.canTouchEfiVariables = true;
};
};
users.users."nathan" = {
hashedPassword = "$y$j9T$F0pn6l4C45lz4a0FTZLqE0$Fc48Ptbmz/3MJCk/Jsaqop4ff.bY3J3GcjhmJx5R7k6";
packages = with pkgs; [
git
nerd-fonts.fira-code
];
};
sops = {
age.keyFile = "/var/lib/sops/age/keys.txt";
defaultSopsFile = ./secrets.yaml;
defaultSopsFormat = "yaml";
#secrets."nathan/pass".neededForUsers = true;
};
sysconfig = {
#remoteBuildClient = true;
host = "live";
graphical = true;
users = {
nathan = {
extraGroups = [ "wheel" "networkmanager" ];
#hashedPasswordFile = config.sops.secrets."nathan/pass".path;
shell = pkgs.zsh;
sshKeys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAsU69CxfQk58CvItPN426h5Alnpb60SH37wet97Vb57 nathan@laptop"
];
home-manager = {
enable = true;
standalone = false;
extraModules = [
{
homeconfig = {
minimal = false;
hyprland.enable = true;
wal.enable = true;
mpd.enable = true;
calcurse.enable = true;
rofi.enable = true;
firefox.enable = true;
#git.enable = true;
nh.enable = true;
aurora.enable = true;
};
}
];
};
};
};
services = {
sddm.enable = true;
openssh.enable = true;
pipewire.enable = true;
#kdePlasma6.enable = true;
netbird.enable = true;
#ollama.enable = true;
};
programs = {
#steam.enable = true;
hyprpanel.enable = true;
hyprland.enable = true;
};
virtualization = {
wyoming = {
enable = false;
};
homeassistant = {
enable = false;
};
};
};
system.stateVersion = "25.05";
fonts.packages = with pkgs; [ nerd-fonts.fira-code ];
};
};
}

87
modules/hosts/pi4/configuration.nix Normal file
View File

@@ -0,0 +1,87 @@
{ inputs, ... }: {
flake.nixosModules.pi4 = { config, pkgs, ... }: {
imports = [
inputs.disko.nixosModules.default
inputs.home-manager.nixosModules.default
];
config = {
boot = {
loader = {
grub.enable = false;
generic-extlinux-compatible.enable = true;
};
};
networking = {
hostName = "pi4";
nameservers = [ "1.1.1.1" "1.0.0.1" ];
networkmanager.enable = true;
};
time.timeZone = "America/Chicago";
i18n.defaultLocale = "en_US.UTF-8";
i18n.extraLocaleSettings = {
LC_ADDRESS = "en_US.UTF-8";
LC_IDENTIFICATION = "en_US.UTF-8";
LC_MEASUREMENT = "en_US.UTF-8";
LC_MONETARY = "en_US.UTF-8";
LC_NAME = "en_US.UTF-8";
LC_NUMERIC = "en_US.UTF-8";
LC_PAPER = "en_US.UTF-8";
LC_TELEPHONE = "en_US.UTF-8";
LC_TIME = "en_US.UTF-8";
};
hardware = {
bluetooth.enable = true;
};
programs.zsh.enable = true;
environment.shells = with pkgs; [ zsh ];
users = {
groups.gpio = {};
};
services = {
udev.extraRules = ''
SUBSYSTEM=="bcm2835-gpiomem", KERNEL=="gpiomem", GROUP="gpio",MODE="0660"
SUBSYSTEM=="gpio", KERNEL=="gpiochip*", ACTION=="add", RUN+="${pkgs.bash}/bin/bash -c 'chown root:gpio /sys/class/gpio/export /sys/class/gpio/unexport ; chmod 220 /sys/class/gpio/export /sys/class/gpio/unexport'"
SUBSYSTEM=="gpio", KERNEL=="gpio*", ACTION=="add",RUN+="${pkgs.bash}/bin/bash -c 'chown root:gpio /sys%p/active_low /sys%p/direction /sys%p/edge /sys%p/value ; chmod 660 /sys%p/active_low /sys%p/direction /sys%p/edge /sys%p/value'"
'';
pulseaudio = {
enable = true;
extraConfig = ''
load-module module-native-protocol-tcp auth-ip-acl=127.0.0.1
'';
};
};
sops = {
age.keyFile = "/var/lib/sops/age/keys.txt";
defaultSopsFile = ./secrets.yaml;
defaultSopsFormat = "yaml";
};
fonts.packages = with pkgs; [ nerd-fonts.fira-code ];
sound.enable = true;
security.rtkit.enable = true;
system.stateVersion = "25.05";
};
};
}

142
modules/hosts/pi4/default.nix
View File

@@ -1,138 +1,12 @@
{ inputs, ... }: {
{ self, inputs, ... }: {
flake.nixosConfigurations."pi4" = inputs.nixpkgs.lib.nixosSystem {
flake.nixosModules.pi4 = { config, pkgs, ... }: {
imports = [
./hardware-configuration.nix
inputs.disko.nixosModules.default
(import ./disko.nix { device1 = "/dev/mmcblk0"; })
inputs.home-manager.nixosModules.default
inputs.sops-nix.nixosModules.sops
modules = [
self.nixosModules.pi4
self.nixosModules.pi4-hardware
self.diskoConfigurations.pi4
];
config = {
sysconfig = {
remoteBuildClient = true;
users = {
nathan = {
hashedPasswordFile = config.sops.secrets."nathan/pass".path;
shell = pkgs.zsh;
sshKeys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAsU69CxfQk58CvItPN426h5Alnpb60SH37wet97Vb57 nathan@laptop"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEnUhN2uHwAJF/SLRX3wlGRmfhV3zpP88JQAYB+gh8jW nathan@localhost"
];
extraGroups = [
"wheel"
"networkmanager"
"gpio"
"spi"
"audio"
"pulse"
"pulse-access"
];
home-manager = {
enable = true;
standalone = false;
extraModules = [
{
homeconfig = {
scripts.enable = false;
minimal = true;
mpd.enable = true;
git.enable = true;
nh.enable = true;
};
}
];
};
};
};
services = {
openssh.enable = true;
#pipewire.enable = true;
netbird.enable = true;
};
};
boot = {
loader = {
grub.enable = false;
generic-extlinux-compatible.enable = true;
};
};
networking = {
hostName = "pi4";
nameservers = [ "1.1.1.1" "1.0.0.1" ];
networkmanager.enable = true;
};
time.timeZone = "America/Chicago";
i18n.defaultLocale = "en_US.UTF-8";
i18n.extraLocaleSettings = {
LC_ADDRESS = "en_US.UTF-8";
LC_IDENTIFICATION = "en_US.UTF-8";
LC_MEASUREMENT = "en_US.UTF-8";
LC_MONETARY = "en_US.UTF-8";
LC_NAME = "en_US.UTF-8";
LC_NUMERIC = "en_US.UTF-8";
LC_PAPER = "en_US.UTF-8";
LC_TELEPHONE = "en_US.UTF-8";
LC_TIME = "en_US.UTF-8";
};
hardware = {
bluetooth.enable = true;
};
programs.zsh.enable = true;
environment.shells = with pkgs; [ zsh ];
users = {
groups.gpio = {};
};
services = {
udev.extraRules = ''
SUBSYSTEM=="bcm2835-gpiomem", KERNEL=="gpiomem", GROUP="gpio",MODE="0660"
SUBSYSTEM=="gpio", KERNEL=="gpiochip*", ACTION=="add", RUN+="${pkgs.bash}/bin/bash -c 'chown root:gpio /sys/class/gpio/export /sys/class/gpio/unexport ; chmod 220 /sys/class/gpio/export /sys/class/gpio/unexport'"
SUBSYSTEM=="gpio", KERNEL=="gpio*", ACTION=="add",RUN+="${pkgs.bash}/bin/bash -c 'chown root:gpio /sys%p/active_low /sys%p/direction /sys%p/edge /sys%p/value ; chmod 660 /sys%p/active_low /sys%p/direction /sys%p/edge /sys%p/value'"
'';
pulseaudio = {
enable = true;
extraConfig = ''
load-module module-native-protocol-tcp auth-ip-acl=127.0.0.1
'';
};
};
sops = {
age.keyFile = "/var/lib/sops/age/keys.txt";
defaultSopsFile = ./secrets.yaml;
defaultSopsFormat = "yaml";
};
fonts.packages = with pkgs; [ nerd-fonts.fira-code ];
sound.enable = true;
security.rtkit.enable = true;
system.stateVersion = "25.05";
};
};
}

2
modules/hosts/pi4/hardware-configuration.nix
View File

@@ -1,6 +1,6 @@
{ ... }: {
flake.nixosModules.pi4 = { config, lib, pkgs, modulesPath, ... }:
flake.nixosModules.pi4-hardware = { config, lib, pkgs, modulesPath, ... }:
{
imports =