Blunkall-Technologies/Olympus
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

restructure

Browse Source
This commit is contained in:
Nathan
2026-04-22 12:30:34 -05:00
parent 03bec1dcaf
commit 06385f94f6
51 changed files with 698 additions and 1552 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
modules/features/authentik.nix
View File

@@ -10,12 +10,7 @@
in { in {
options.sysconfig.docker.authentik.enable = with lib; mkOption { config = {
type = with types; bool;
default = false;
};
config = lib.mkIf (config.sysconfig.docker.authentik.enable && config.sysconfig.docker.enable) {
networking.firewall.interfaces = { networking.firewall.interfaces = {
"ve-traefik" = { "ve-traefik" = {

9
modules/features/avahi.nix
View File

@@ -2,14 +2,7 @@
flake.nixosModules.avahi = { config, lib, ... }: { flake.nixosModules.avahi = { config, lib, ... }: {
options = { config = {
sysconfig.services.avahi.enable = lib.options.mkOption {
type = lib.types.bool;
default = false;
};
};
config = lib.mkIf config.sysconfig.services.avahi.enable {
services.avahi = { services.avahi = {

7
modules/features/code-server.nix
View File

@@ -2,12 +2,7 @@
flake.nixosModules.code-server = { config, lib, ... }: { flake.nixosModules.code-server = { config, lib, ... }: {
options.sysconfig.containers.code-server.enable = lib.options.mkOption { config = {
type = lib.types.bool;
default = false;
};
config = lib.mkIf config.sysconfig.containers.code-server.enable {
containers.code-server = { containers.code-server = {

52
modules/features/default.nix
View File

@@ -2,48 +2,26 @@
flake.nixosModules.default = { config, lib, pkgs, ... }: { flake.nixosModules.default = { config, lib, pkgs, ... }: {
options.sysconfig = with lib; {
host = mkOption {
type = with types; nullOr str;
default = null;
};
graphical = mkOption {
type = with types; bool;
default = config.hardware.graphics.enable;
};
remoteBuildHost = mkOption {
type = with types; bool;
default = false;
};
remoteBuildClient = mkOption {
type = with types; bool;
default = false;
};
};
imports = [ imports = [
inputs.sops-nix.nixosModules.sops inputs.sops-nix.nixosModules.sops
]; ];
config = { config = {
networking.hostName = lib.mkDefault config.sysconfig.host;
nix = { nix = {
nixPath = [ "nixpkgs=${inputs.nixpkgs}" ]; nixPath = [ "nixpkgs=${inputs.nixpkgs}" ];
channel.enable = false; channel.enable = false;
settings = { settings = {
experimental-features = [ "nix-command" "flakes" ]; experimental-features = [ "nix-command" "flakes" ];
builders-use-substitutes = lib.mkIf config.sysconfig.remoteBuildClient true; builders-use-substitutes = lib.mkIf true;
trusted-users = lib.mkIf config.sysconfig.remoteBuildHost [ "remote-builder" ];
substituters = lib.mkIf config.sysconfig.programs.hyprland.enable ["https://hyprland.cachix.org"]; substituters = lib.mkIf config.programs.hyprland.enable ["https://hyprland.cachix.org"];
trusted-substituters = lib.mkIf config.sysconfig.programs.hyprland.enable ["https://hyprland.cachix.org"]; trusted-substituters = lib.mkIf config.programs.hyprland.enable ["https://hyprland.cachix.org"];
trusted-public-keys = lib.mkIf config.sysconfig.programs.hyprland.enable ["hyprland.cachix.org-1:a7pgxzMz7+chwVL3/pzj6jIBMioiJM7ypFP8PwtkuGc="]; trusted-public-keys = lib.mkIf config.programs.hyprland.enable ["hyprland.cachix.org-1:a7pgxzMz7+chwVL3/pzj6jIBMioiJM7ypFP8PwtkuGc="];
}; };
distributedBuilds = config.sysconfig.remoteBuildClient; distributedBuilds = lib.mkDefault (config.sops.secrets ? "remoteBuildKey");
buildMachines = lib.mkIf config.sysconfig.remoteBuildClient [ buildMachines = lib.mkIf (config.sops.secrets ? "remoteBuildKey") [
{ {
hostName = "esotericbytes.com"; hostName = "esotericbytes.com";
sshUser = "remote-builder"; sshUser = "remote-builder";
@@ -59,12 +37,18 @@
]; ];
}; };
users.users."remote-builder" = lib.mkIf config.sysconfig.remoteBuildHost { users.users."remote-builder" = lib.mkIf (builtins.any
(x: (builtins.match "^remoteBuildClientKeys/.+" x) != null)
(builtins.attrNames config.sops.secrets)
) {
isNormalUser = true; isNormalUser = true;
createHome = false; createHome = false;
}; };
sops.templates."remote-builder" = lib.mkIf config.sysconfig.remoteBuildHost { sops.templates."remote-builder" = lib.mkIf (builtins.any
(x: (builtins.match "^remoteBuildClientKeys/.+" x) != null)
(builtins.attrNames config.sops.secrets)
) {
content = builtins.concatStringsSep ''''\n'' (builtins.map content = builtins.concatStringsSep ''''\n'' (builtins.map
(y: config.sops.placeholder.${y}) (y: config.sops.placeholder.${y})
(builtins.filter (builtins.filter
@@ -81,6 +65,14 @@
defaultSopsFormat = "yaml"; defaultSopsFormat = "yaml";
}; };
programs.fuse.userAllowOther = true;
home-manager = {
backupFileExtension = "backup";
useUserPackages = true;
sharedModules = [];
};
time.timeZone = lib.mkDefault "America/Chicago"; time.timeZone = lib.mkDefault "America/Chicago";
i18n = lib.mkDefault { i18n = lib.mkDefault {

19
modules/features/docker.nix
View File

@@ -2,19 +2,7 @@
flake.nixosModules.docker = { config, lib, pkgs, ... }: { flake.nixosModules.docker = { config, lib, pkgs, ... }: {
options.sysconfig.docker = { config = {
enable = with lib; mkOption {
type = with types; bool;
default = false;
};
nvidia = with lib; mkOption {
type = with types; bool;
default = false;
};
};
config = lib.mkIf config.sysconfig.docker.enable {
networking.nat.internalInterfaces = [ "docker0" "docker-main" ]; networking.nat.internalInterfaces = [ "docker0" "docker-main" ];
@@ -29,7 +17,10 @@
}; };
}; };
hardware.nvidia-container-toolkit.enable = config.sysconfig.docker.nvidia; hardware.nvidia-container-toolkit.enable = lib.mkDefault (builtins.any
(x: x == "nvidia")
config.services.xserver.videoDrivers
);
systemd.services."docker-network-setup" = { systemd.services."docker-network-setup" = {
path = [ pkgs.docker ]; path = [ pkgs.docker ];

8
modules/features/dynamicDNS.nix
View File

@@ -2,13 +2,7 @@
flake.nixosModules.dynamicDNS = { config, lib, pkgs, ... }: { flake.nixosModules.dynamicDNS = { config, lib, pkgs, ... }: {
options.sysconfig.services.dynamicDNS.enable = with lib; mkOption { config = {
type = with types; bool;
default = false;
};
config = lib.mkIf config.sysconfig.services.dynamicDNS.enable {
systemd.timers.dynamicDNS = { systemd.timers.dynamicDNS = {

14
modules/features/gitea.nix
View File

@@ -2,12 +2,7 @@
flake.nixosModules.gitea = { config, lib, ... }: { flake.nixosModules.gitea = { config, lib, ... }: {
options.sysconfig.containers.gitea.enable = lib.options.mkOption { config = {
type = lib.types.bool;
default = false;
};
config = lib.mkIf config.sysconfig.containers.gitea.enable {
networking = { networking = {
nat.internalInterfaces = [ "ve-gitea" ]; nat.internalInterfaces = [ "ve-gitea" ];
@@ -121,12 +116,7 @@
in { in {
options.sysconfig.docker."${name}".enable = with lib; mkOption { config = {
type = with types; bool;
default = false;
};
config = lib.mkIf (config.sysconfig.docker."${name}".enable && config.sysconfig.docker.enable) {
virtualisation.oci-containers.containers."${name}" = { virtualisation.oci-containers.containers."${name}" = {

16
modules/features/home-assistant/home-assistant.nix
View File

@@ -8,12 +8,7 @@
in { in {
options.sysconfig.docker.home-assistant.enable = with lib; mkOption { config = {
type = with types; bool;
default = false;
};
config = lib.mkIf (config.sysconfig.docker.home-assistant.enable && config.sysconfig.docker.enable) {
environment.etc."home-assistant/configuration.yaml".source = ./configuration.yaml; environment.etc."home-assistant/configuration.yaml".source = ./configuration.yaml;
@@ -61,14 +56,7 @@
flake.nixosModules.home-assistant-vm = { config, lib, ... }: { flake.nixosModules.home-assistant-vm = { config, lib, ... }: {
options.sysconfig.virtual-machines.home-assistant = { config = {
enable = lib.options.mkOption {
type = lib.types.bool;
default = false;
};
};
config = lib.mkIf config.sysconfig.virtual-machines.home-assistant.enable {
}; };
}; };

9
modules/features/hyprland.nix
View File

@@ -2,14 +2,7 @@
flake.nixosModules.hyprland = { config, lib, pkgs, ... }: { flake.nixosModules.hyprland = { config, lib, pkgs, ... }: {
options.sysconfig.programs.hyprland.enable = lib.options.mkOption { config = {
type = lib.types.bool;
default = false;
};
config = lib.mkIf config.sysconfig.programs.hyprland.enable {
sysconfig.services.sddm.enable = lib.mkDefault true;
environment.sessionVariables.NIXOS_OZONE_WL = "1"; environment.sessionVariables.NIXOS_OZONE_WL = "1";

13
modules/features/jellyfin.nix
View File

@@ -8,12 +8,7 @@
in { in {
options.sysconfig.docker.jellyfin.enable = with lib; mkOption { config = {
type = with types; bool;
default = false;
};
config = lib.mkIf (config.sysconfig.docker.jellyfin.enable && config.sysconfig.docker.enable) {
networking.firewall.allowedUDPPorts = [ 7359 ]; networking.firewall.allowedUDPPorts = [ 7359 ];
@@ -50,9 +45,11 @@
"traefik.http.services.${name}.loadbalancer.server.port" = "8096"; "traefik.http.services.${name}.loadbalancer.server.port" = "8096";
}; };
extraOptions = lib.mkIf config.sysconfig.docker.nvidia [ extraOptions = lib.mkMerge [
(lib.mkIf config.hardware.nvidia-container-toolkit.enable [
"--device=nvidia.com/gpu=all" "--device=nvidia.com/gpu=all"
"--ip=192.168.101.21" ])
[ "--ip=192.168.101.21" ]
]; ];
environment = { environment = {

9
modules/features/kdePlasma6.nix
View File

@@ -2,17 +2,10 @@
flake.nixosModules.kdePlasma6 = { config, lib, pkgs, ... }: { flake.nixosModules.kdePlasma6 = { config, lib, pkgs, ... }: {
options.sysconfig.services.kdePlasma6.enable = lib.options.mkOption { config = {
type = lib.types.bool;
default = false;
};
config = lib.mkIf config.sysconfig.services.kdePlasma6.enable {
services.desktopManager.plasma6.enable = true; services.desktopManager.plasma6.enable = true;
sysconfig.services.sddm.enable = lib.mkDefault true;
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
kdePackages.discover # Optional: Install if you use Flatpak or fwupd firmware update sevice kdePackages.discover # Optional: Install if you use Flatpak or fwupd firmware update sevice
kdePackages.kcalc # Calculator kdePackages.kcalc # Calculator

7
modules/features/n8n.nix
View File

@@ -8,12 +8,7 @@
in { in {
options.sysconfig.docker."${name}".enable = with lib; mkOption { config = {
type = with types; bool;
default = false;
};
config = lib.mkIf (config.sysconfig.docker."${name}".enable && config.sysconfig.docker.enable) {
virtualisation.oci-containers.containers."${name}" = { virtualisation.oci-containers.containers."${name}" = {

21
modules/features/netbird/netbird.nix
View File

@@ -3,22 +3,14 @@
flake.nixosModules.netbird = { config, lib, pkgs, ... }: { flake.nixosModules.netbird = { config, lib, pkgs, ... }: {
options.sysconfig = {
services.netbird.enable = lib.options.mkOption {
type = lib.types.bool;
default = false;
};
};
config = let config = let
pkgs-us = import inputs.nixpkgs-us { pkgs-us = import inputs.nixpkgs-us {
system = "x86_64-linux"; system = "x86_64-linux";
}; };
in lib.mkIf config.sysconfig.services.netbird.enable { in {
services.netbird = { services.netbird = {
enable = lib.mkDefault config.sysconfig.services.netbird.enable; enable = lib.mkDefault true;
clients.default = { clients.default = {
port = 51820; port = 51820;
@@ -27,7 +19,7 @@
hardened = false; hardened = false;
ui = { ui = {
enable = lib.mkDefault config.sysconfig.graphical; enable = lib.mkDefault config.hardware.graphics.enable;
#package = pkgs-us.netbird-ui; #package = pkgs-us.netbird-ui;
#package = pkgs.netbird-ui; #package = pkgs.netbird-ui;
}; };
@@ -41,12 +33,7 @@
flake.nixosModules.netbird-docker = { config, lib, pkgs, ... }: { flake.nixosModules.netbird-docker = { config, lib, pkgs, ... }: {
options.sysconfig.docker.netbird.enable = with lib; mkOption { config = {
type = with types; bool;
default = false;
};
config = lib.mkIf (config.sysconfig.docker.netbird.enable && config.sysconfig.docker.enable) {
networking.firewall.allowedUDPPorts = [ 3478 ]; networking.firewall.allowedUDPPorts = [ 3478 ];

7
modules/features/nextcloud.nix
View File

@@ -8,12 +8,7 @@
in { in {
options.sysconfig.docker.nextcloud.enable = with lib; mkOption { config = {
type = with types; bool;
default = false;
};
config = lib.mkIf (config.sysconfig.docker.nextcloud.enable && config.sysconfig.docker.enable) {
virtualisation.oci-containers.containers."nextcloud-aio-mastercontainer" = { virtualisation.oci-containers.containers."nextcloud-aio-mastercontainer" = {
image = "ghcr.io/nextcloud-releases/all-in-one:20260122_105751"; image = "ghcr.io/nextcloud-releases/all-in-one:20260122_105751";

7
modules/features/nginx.nix
View File

@@ -2,12 +2,7 @@
flake.nixosModules.nginx = { config, lib, ... }: { flake.nixosModules.nginx = { config, lib, ... }: {
options.sysconfig.containers."esotericbytes.com".enable = lib.mkOption { config = {
type = lib.types.bool;
default = false;
};
config = lib.mkIf config.sysconfig.containers."esotericbytes.com".enable {
containers.esotericbytes-com = { containers.esotericbytes-com = {

14
modules/features/novnc.nix
View File

@@ -2,12 +2,7 @@
flake.nixosModules.novnc = { config, lib, pkgs, ... }: { flake.nixosModules.novnc = { config, lib, pkgs, ... }: {
options.sysconfig.services.novnc.enable = lib.mkOption { config = {
type = lib.types.bool;
default = false;
};
config = lib.mkIf config.sysconfig.services.novnc.enable {
systemd.services.novnc = { systemd.services.novnc = {
enable = true; enable = true;
@@ -33,12 +28,7 @@
flake.nixosModules.novnc-container = { config, lib, pkgs, ... }: { flake.nixosModules.novnc-container = { config, lib, pkgs, ... }: {
options.sysconfig.containers.novnc.enable = lib.mkOption { config = {
type = lib.types.bool;
default = false;
};
config = lib.mkIf config.sysconfig.containers.novnc.enable {
networking = { networking = {
firewall.interfaces."ve-novnc" = { firewall.interfaces."ve-novnc" = {

7
modules/features/ntfy.nix
View File

@@ -2,12 +2,7 @@
flake.nixosModules.ntfy = { config, lib, ... }: { flake.nixosModules.ntfy = { config, lib, ... }: {
options.sysconfig.containers.ntfy.enable = lib.mkOption { config = {
type = lib.types.bool;
default = false;
};
config = lib.mkIf config.sysconfig.containers.ntfy.enable {
containers.ntfy = { containers.ntfy = {

18
modules/features/ollama.nix
View File

@@ -2,14 +2,7 @@
flake.nixosModules.ollama = { config, lib, ... }: { flake.nixosModules.ollama = { config, lib, ... }: {
options = { config = {
sysconfig.services.ollama.enable = lib.options.mkOption {
type = lib.types.bool;
default = false;
};
};
config = lib.mkIf config.sysconfig.services.ollama.enable {
services.ollama = { services.ollama = {
enable = true; enable = true;
acceleration = "cuda"; acceleration = "cuda";
@@ -36,12 +29,7 @@
in { in {
options.sysconfig.docker.ollama.enable = with lib; mkOption { config = {
type = with types; bool;
default = false;
};
config = lib.mkIf (config.sysconfig.docker.ollama.enable && config.sysconfig.docker.enable) {
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
ollama ollama
@@ -88,7 +76,7 @@
"traefik.http.services.${name}.loadbalancer.server.port" = "11434"; "traefik.http.services.${name}.loadbalancer.server.port" = "11434";
}; };
extraOptions = lib.mkIf config.sysconfig.docker.nvidia [ extraOptions = lib.mkIf config.hardware.nvidia-container-toolkit.enable [
"--device=nvidia.com/gpu=all" "--device=nvidia.com/gpu=all"
"--ip=192.168.101.22" "--ip=192.168.101.22"
]; ];

9
modules/features/openssh.nix
View File

@@ -2,14 +2,7 @@
flake.nixosModules.openssh = { config, lib, ... }: { flake.nixosModules.openssh = { config, lib, ... }: {
options = { config = {
sysconfig.services.openssh.enable = lib.options.mkOption {
type = lib.types.bool;
default = false;
};
};
config = lib.mkIf (config.sysconfig.services.openssh.enable || config.sysconfig.remoteBuildHost) {
services.openssh = { services.openssh = {
enable = true; enable = true;

9
modules/features/openwebui.nix
View File

@@ -8,12 +8,7 @@
in { in {
options.sysconfig.docker.openwebui.enable = with lib; mkOption { config = {
type = with types; bool;
default = false;
};
config = lib.mkIf (config.sysconfig.docker.openwebui.enable && config.sysconfig.docker.enable) {
virtualisation.oci-containers.containers.openwebui = { virtualisation.oci-containers.containers.openwebui = {
image = "ghcr.io/open-webui/open-webui:v0.7.2"; image = "ghcr.io/open-webui/open-webui:v0.7.2";
@@ -45,7 +40,7 @@
"traefik.http.services.${name}.loadbalancer.server.port" = "8080"; "traefik.http.services.${name}.loadbalancer.server.port" = "8080";
}; };
extraOptions = lib.mkIf config.sysconfig.docker.nvidia [ extraOptions = lib.mkIf config.hardware.nvidia-container-toolkit.enable [
"--device=nvidia.com/gpu=all" "--device=nvidia.com/gpu=all"
"--ip=192.168.101.8" "--ip=192.168.101.8"
]; ];

7
modules/features/pihole.nix
View File

@@ -10,12 +10,7 @@
in { in {
options.sysconfig.docker.pihole.enable = with lib; mkOption { config = {
type = with types; bool;
default = false;
};
config = lib.mkIf (config.sysconfig.docker.pihole.enable && config.sysconfig.docker.enable) {
virtualisation.docker.daemon.settings.dns = [ "192.168.101.12" ]; virtualisation.docker.daemon.settings.dns = [ "192.168.101.12" ];

9
modules/features/pipewire.nix
View File

@@ -2,14 +2,7 @@
flake.nixosModules.pipewire = { config, lib, pkgs, ... }: { flake.nixosModules.pipewire = { config, lib, pkgs, ... }: {
options = { config = {
sysconfig.services.pipewire.enable = lib.options.mkOption {
type = lib.types.bool;
default = false;
};
};
config = lib.mkIf config.sysconfig.services.pipewire.enable {
# Enable sound with pipewire. # Enable sound with pipewire.
#sound.enable = true; #sound.enable = true;

7
modules/features/portainer.nix
View File

@@ -10,12 +10,7 @@
in { in {
options.sysconfig.docker.portainer.enable = with lib; mkOption { config = {
type = with types; bool;
default = true;
};
config = lib.mkIf (config.sysconfig.docker.portainer.enable && config.sysconfig.docker.enable) {
networking.firewall.interfaces = { networking.firewall.interfaces = {
"ve-traefik" = { "ve-traefik" = {

7
modules/features/sandbox.nix
View File

@@ -2,12 +2,7 @@
flake.nixosModules.sandbox = { config, lib, self, ... }: { flake.nixosModules.sandbox = { config, lib, self, ... }: {
options.sysconfig.containers.sandbox.enable = lib.mkOption { config = {
type = lib.types.bool;
default = false;
};
config = lib.mkIf config.sysconfig.containers.sandbox.enable {
networking = { networking = {

7
modules/features/sddm.nix
View File

@@ -2,12 +2,7 @@
flake.nixosModules.sddm = { config, lib, pkgs, ... }: { flake.nixosModules.sddm = { config, lib, pkgs, ... }: {
options.sysconfig.services.sddm.enable = lib.mkOption { config = {
type = lib.types.bool;
default = false;
};
config = lib.mkIf config.sysconfig.services.sddm.enable {
qt.enable = true; qt.enable = true;

7
modules/features/searxng/searxng.nix
View File

@@ -8,12 +8,7 @@
in { in {
options.sysconfig.docker.searxng.enable = with lib; mkOption { config = {
type = with types; bool;
default = false;
};
config = lib.mkIf (config.sysconfig.docker.searxng.enable && config.sysconfig.docker.enable) {
environment.etc."searxng/settings.yml".source = ./settings.yml; environment.etc."searxng/settings.yml".source = ./settings.yml;

7
modules/features/steam.nix
View File

@@ -2,12 +2,7 @@
flake.nixosModules.steam = { config, lib, ... }: { flake.nixosModules.steam = { config, lib, ... }: {
options.sysconfig.programs.steam.enable = lib.options.mkOption { config = {
type = lib.types.bool;
default = false;
};
config = lib.mkIf config.sysconfig.programs.steam.enable {
programs.steam = { programs.steam = {
enable = true; enable = true;

7
modules/features/traefik/traefik.nix
View File

@@ -2,12 +2,7 @@
flake.nixosModules.traefik = { config, lib, ... }: { flake.nixosModules.traefik = { config, lib, ... }: {
options.sysconfig.docker.traefik.enable = with lib; mkOption { config = {
type = with types; bool;
default = false;
};
config = lib.mkIf (config.sysconfig.docker.traefik.enable && config.sysconfig.docker.enable) {
networking.firewall.allowedTCPPorts = [ 80 81 443 444 2222 ]; networking.firewall.allowedTCPPorts = [ 80 81 443 444 2222 ];

138
modules/features/users.nix
View File

@@ -1,138 +0,0 @@
{ self, ... }: {
flake.nixosModules.default = { config, lib, pkgs, ... }: {
options.sysconfig = with lib; {
sshHostKeys = lib.mkOption {
type = with lib.types; attrsOf str;
default = {};
};
users = let
userType = types.submodule ({ name, ... }: {
options = with lib; {
name = mkOption {
type = with types; passwdEntry str;
default = name;
};
home-manager = {
enable = mkOption {
type = with types; bool;
default = false;
};
standalone = mkOption {
type = with types; bool;
default = true;
description = "is this home-manager standalone?";
};
extraModules = mkOption {
type = with types; listOf raw;
default = [];
};
};
isSuperuser = mkOption {
type = with types; bool;
default = false;
description = "sudo?";
};
usePresets = mkOption {
type = with types; bool;
default = true;
description = "search for predefined settings?";
};
ssh = {
keys = mkOption {
type = with types; listOf str;
default = [];
description = "public keys used to login as this user";
};
hosts = mkOption {
type = with types; listOf str;
default = [];
description = "user@host's used to login as this user";
};
};
uid = mkOption {
type = with types; nullOr int;
default = null;
};
hashedPasswordFile = mkOption {
type = with types; nullOr str;
default = null;
};
extraGroups = mkOption {
type = with types; listOf str;
default = [];
};
shell = mkOption {
type = with types; package;
default = pkgs.shadow;
};
};
});
in lib.mkOption {
type = with lib.types; attrsOf userType;
default = {};
};
};
config = {
users.users = builtins.mapAttrs (x: y: let
cfg = config.sysconfig.users.${x};
in {
name = cfg.name;
isNormalUser = true;
uid = cfg.uid;
hashedPasswordFile = lib.mkIf (cfg.hashedPasswordFile != null) cfg.hashedPasswordFile;
shell = cfg.shell;
extraGroups = cfg.extraGroups ++ (if cfg.isSuperuser then [ "wheel" ] else []);
openssh.authorizedKeys.keys = lib.mkIf config.sysconfig.services.openssh.enable (cfg.ssh.keys ++ (map (z: config.sysconfig.sshHostKeys.${z}) cfg.ssh.hosts));
packages = with pkgs; lib.mkIf (cfg.home-manager.enable && cfg.home-manager.standalone) [ home-manager ];
}) config.sysconfig.users;
programs.fuse.userAllowOther = true;
home-manager = {
backupFileExtension = "backup";
useUserPackages = true;
sharedModules = [];
users = builtins.listToAttrs (builtins.map
(x: {
name = x;
value = (lib.mkMerge ([
(lib.mkIf (self.homeModules ? ${x}) self.homeModules.${x})
] ++ config.sysconfig.users.${x}.home-manager.extraModules));
})
(builtins.filter
(y: (config.sysconfig.users.${y}.home-manager.enable && !config.sysconfig.users.${y}.home-manager.standalone))
(builtins.attrNames config.sysconfig.users)
)
);
};
nix.settings.trusted-users = (builtins.filter
(y: config.sysconfig.users.${y}.isSuperuser)
(builtins.attrNames config.sysconfig.users)
);
};
};
}

9
modules/features/virtual-machines.nix
View File

@@ -2,12 +2,7 @@
flake.nixosModules.virtual-machines = { config, lib, pkgs, ... }: { flake.nixosModules.virtual-machines = { config, lib, pkgs, ... }: {
options.sysconfig.virtual-machines.enable = with lib; mkOption { config = {
type = with types; bool;
default = false;
};
config = lib.mkIf config.sysconfig.virtual-machines.enable {
programs.virt-manager.enable = true; programs.virt-manager.enable = true;
virtualisation = { virtualisation = {
@@ -19,7 +14,7 @@
spiceUSBRedirection.enable = true; spiceUSBRedirection.enable = true;
}; };
environment.systemPackages = with pkgs; lib.mkIf config.sysconfig.graphical [ environment.systemPackages = with pkgs; lib.mkIf config.hardware.graphics.enable [
virt-viewer virt-viewer
]; ];
}; };

172
modules/features/wyoming.nix
View File

@@ -2,170 +2,21 @@
flake.nixosModules.wyoming = { config, lib, ... }: { flake.nixosModules.wyoming = { config, lib, ... }: {
options.sysconfig.services.wyoming = {
enable = lib.options.mkOption {
type = lib.types.bool;
default = false;
};
piper = lib.options.mkOption {
type = lib.types.bool;
default = false;
};
openwakeword = lib.options.mkOption {
type = lib.types.bool;
default = false;
};
faster-whisper = lib.options.mkOption {
type = lib.types.bool;
default = false;
};
satellite = lib.options.mkOption {
type = lib.types.bool;
default = false;
};
};
config = lib.mkIf config.sysconfig.services.wyoming.enable {
services.wyoming = {
piper = lib.mkIf config.sysconfig.services.wyoming.piper {
servers.piper = {
enable = true;
voice = "en-us-ryan-medium";
uri = "tcp://0.0.0.0:11435";
};
};
openwakeword = lib.mkIf config.sysconfig.services.wyoming.openwakeword {
enable = true;
uri = "tcp://0.0.0.0:11432";
threshold = 0.5;
customModelsDirectories = [
#./wake_words
];
};
faster-whisper = lib.mkIf config.sysconfig.services.wyoming.faster-whisper {
servers.whisper = {
enable = true;
device = "auto";
language = "en";
model = "medium.en";
uri = "tcp://0.0.0.0:11433";
};
};
satellite = lib.mkIf config.sysconfig.services.wyoming.satellite {
enable = true;
uri = "tcp://0.0.0.0:11431";
};
};
};
};
flake.nixosModules.wyoming-container = { config, lib, ... }: {
options.sysconfig.containers.wyoming = {
enable = lib.options.mkOption {
type = lib.types.bool;
default = false;
};
piper = lib.options.mkOption {
type = lib.types.bool;
default = false;
};
openwakeword = lib.options.mkOption {
type = lib.types.bool;
default = false;
};
faster-whisper = lib.options.mkOption {
type = lib.types.bool;
default = false;
};
satellite = lib.options.mkOption {
type = lib.types.bool;
default = false;
};
};
config = lib.mkIf config.sysconfig.containers.wyoming.enable {
containers.wyoming = {
autoStart = true;
privateNetwork = true;
hostAddress = "192.168.100.10";
localAddress = "192.168.100.26";
bindMounts = lib.mkIf config.sysconfig.containers.wyoming.faster-whisper {
"/dev/nvidia0" = {
hostPath = "/dev/nvidia0";
isReadOnly = false;
};
"/dev/nvidiactl" = {
hostPath = "/dev/nvidiactl";
isReadOnly = false;
};
"/dev/nvidia-uvm" = {
hostPath = "/dev/nvidia-uvm";
isReadOnly = false;
};
"/dev/nvidia-modeset" = {
hostPath = "/dev/nvidia-modeset";
isReadOnly = false;
};
"/dev/nvidia-uvm-tools" = {
hostPath = "/dev/nvidia-uvm-tools";
isReadOnly = false;
};
};
allowedDevices = lib.mkIf config.sysconfig.containers.wyoming.faster-whisper [
{
node = "/dev/nvidia0";
modifier = "rw";
}
{
node = "/dev/nvidiactl";
modifier = "rw";
}
{
node = "/dev/nvidia-uvm";
modifier = "rw";
}
{
node = "/dev/nvidia-modeset";
modifier = "rw";
}
{
node = "/dev/nvidia-uvm-tools";
modifier = "rw";
}
];
config = { config = {
networking.firewall = {
allowedTCPPorts = [ 11431 11432 11433 11435 ];
};
services.wyoming = { services.wyoming = {
piper = lib.mkIf config.sysconfig.containers.wyoming.piper { piper = {
servers.piper = { servers.piper = {
enable = true; enable = lib.mkDefault true;
voice = "en-us-ryan-medium"; voice = "en-us-ryan-medium";
uri = "tcp://0.0.0.0:11435"; uri = "tcp://0.0.0.0:11435";
}; };
}; };
openwakeword = lib.mkIf config.sysconfig.containers.wyoming.openwakeword { openwakeword = {
enable = true; enable = lib.mkDefault true;
uri = "tcp://0.0.0.0:11432"; uri = "tcp://0.0.0.0:11432";
threshold = 0.5; threshold = 0.5;
@@ -174,9 +25,9 @@
]; ];
}; };
faster-whisper = lib.mkIf config.sysconfig.containers.wyoming.faster-whisper { faster-whisper = {
servers.whisper = { servers.whisper = {
enable = true; enable = lib.mkDefault true;
device = "auto"; device = "auto";
language = "en"; language = "en";
model = "medium.en"; model = "medium.en";
@@ -184,19 +35,12 @@
}; };
}; };
satellite = lib.mkIf config.sysconfig.containers.wyoming.satellite { satellite = {
enable = true; enable = lib.mkDefault true;
uri = "tcp://0.0.0.0:11431"; uri = "tcp://0.0.0.0:11431";
#user = "nathan";
vad.enable = false;
};
};
system.stateVersion = "25.05";
}; };
}; };
}; };
}; };
} }

15
modules/hosts/container/default.nix → modules/hosts/container/configuration.nix
View File

@@ -136,21 +136,6 @@
}; };
}; };
sysconfig = {
opts = {
novnc.enable = true;
sddm.enable = true;
openssh.enable = true;
pipewire.enable = true;
hyprpanel.enable = false;
hyprland.enable = false;
kdePlasma6.enable = true;
git.enable = true;
nh.enable = true;
netbird.enable = true;
};
};
fonts.packages = with pkgs; [ nerd-fonts.fira-code ]; fonts.packages = with pkgs; [ nerd-fonts.fira-code ];
}; };

130
modules/hosts/homebox/config.nix
View File

@@ -1,130 +0,0 @@
{ self, inputs, ... }: {
flake.nixosConfigurations."homebox" = inputs.nixpkgs.lib.nixosSystem {
modules = [
self.nixosModules.homebox
self.diskoConfigurations.homebox
];
};
flake.nixosModules.homebox = { config, lib, pkgs, ... }:
{
config = {
services = {
xserver = {
enable = false;
videoDrivers = ["nvidia"];
};
displayManager = {
enable = false;
defaultSession = "hyprland";
autoLogin = {
enable = true;
user = "nathan";
};
};
pulseaudio.enable = false;
hardware.openrgb = {
enable = true;
motherboard = "amd";
};
};
hardware = {
nvidia = {
open = true;
modesetting.enable = true;
nvidiaPersistenced = true;
};
bluetooth = {
enable = true;
powerOnBoot = false;
};
};
sops = {
age.keyFile = "/var/lib/sops/age/keys.txt";
defaultSopsFile = ./secrets.yaml;
defaultSopsFormat = "yaml";
secrets = {
"nathan/pass" = {
neededForUsers = true;
};
"remoteBuildClientKeys/laptop".sopsFile = ./../../system/secrets.yaml;
"remoteBuildClientKeys/pi4".sopsFile = ./../../system/secrets.yaml;
"remoteBuildClientKeys/android".sopsFile = ./../../system/secrets.yaml;
};
};
sysconfig = {
host = "homebox";
docker.nvidia = true;
remoteBuildClient = false;
users = {
nathan = {
isSuperuser = true;
extraGroups = [ "networkmanager" "docker" ];
ssh.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAsU69CxfQk58CvItPN426h5Alnpb60SH37wet97Vb57 nathan@laptop"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEnUhN2uHwAJF/SLRX3wlGRmfhV3zpP88JQAYB+gh8jW nathan@localhost"
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCM7ZgIu4+ntHZbzo9iQPq5pUt7AhpOnfvvI0lWDgO4CgtkPGvyFrDnW87wjAKGKYkgKeHWHIkwq2hkEDqlPD+7xxtPpwzfyo7ZS23xlP31rL14HcG21jGHgx9SO7RmGDHHylu4PwJzz/KX59hcVmpSSV4hgB/mYA9UKe6VHv39X4y3HsjmiHwNBOKXltG4V+VkxOZD6HcZ62sgkyDTaqDpE7p+q8vHPbm6dVTKC9cMjtJmjB5EesMGKcEAy3VN2tA9M0EndtaLcBKM39vDXGpBsjURYZTu7NbQnncnO7L8kVL0nT4vA/d4mCjB51dPoXIcxn1ise0TOb9G7TxMbBQQO5YMOpiB2iuZRRvB3sYoKwbO8YfSxZi0EhvLcxkF9GBFw+pWPl0p0D2fPBbW88YQfEpoAt2EWvEu/pgaMJsTHpgaIuDwPLVQmDciX4MRoi324oElGSK8yN0P8IaCHhFchuehLBWvTi34Qot0GpnxeTzmlLzImICO9Yq0I7dk2rk= nathan@rpi-3dp"
];
shell = pkgs.zsh;
hashedPasswordFile = config.sops.secrets."nathan/pass".path;
home-manager = {
enable = true;
standalone = false;
extraModules = [
{
homeconfig = {
minimal = false;
virtual-machines = true;
hyprland.enable = false;
hypridle.enable = false;
wal.enable = true;
mpd.enable = true;
calcurse.enable = true;
rofi.enable = false;
firefox.enable = false;
git.enable = true;
nh.enable = true;
};
services.hypridle.enable = lib.mkForce false;
home.packages = with pkgs; [
wayvnc
openrgb
];
}
];
};
};
};
};
# This value determines the NixOS release from which the default
# settings for stateful data, like file locations and database versions
# on your system were taken. Its perfectly fine and recommended to leave
# this value at the release version of the first install of this system.
# Before changing this value read the documentation for this option
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
system.stateVersion = "23.05"; # Did you read the comment?
};
};
}

125
modules/hosts/homebox/configuration.nix Normal file
View File

@@ -0,0 +1,125 @@
{ self, inputs, ... }: {
flake.nixosModules.homebox = { config, pkgs, lib, ... }:
{
imports =
[
inputs.disko.nixosModules.default
inputs.home-manager.nixosModules.default
self.nixosModules.default
];
config = {
boot = {
kernelPackages = pkgs.linuxKernel.packages.linux_6_18;
loader = {
systemd-boot.enable = true;
efi.canTouchEfiVariables = true;
};
binfmt.emulatedSystems = [ "aarch64-linux" ];
};
systemd.settings.Manager.DefaultLimitNOFILE = 2048;
programs.zsh.enable = true;
environment.shells = with pkgs; [ zsh bashInteractive ];
nixpkgs.config.allowUnfree = true;
networking = {
nameservers = lib.mkDefault [ "1.1.1.1" "1.0.0.1" ];
networkmanager = {
enable = true;
dns = "none";
};
useDHCP = false;
dhcpcd.enable = false;
nftables = {};
nat = {
enable = true;
internalInterfaces = [ "ve-.+" ];
externalInterface = "wlp7s0"; # wifi
#externalInterface = "enp6s0"; # ethernet
};
};
services.netbird.clients.default.environment = {
NB_EXTRA_DNS_LABELS = "server";
};
fonts.packages = with pkgs; [ nerd-fonts.fira-code ];
services = {
xserver = {
enable = false;
videoDrivers = ["nvidia"];
};
displayManager = {
enable = false;
defaultSession = "hyprland";
autoLogin = {
enable = true;
user = "nathan";
};
};
pulseaudio.enable = false;
hardware.openrgb = {
enable = true;
motherboard = "amd";
};
};
hardware = {
nvidia = {
open = true;
modesetting.enable = true;
nvidiaPersistenced = true;
};
bluetooth = {
enable = true;
powerOnBoot = false;
};
};
sops = {
age.keyFile = "/var/lib/sops/age/keys.txt";
defaultSopsFile = ./secrets.yaml;
defaultSopsFormat = "yaml";
secrets = {
"nathan/pass" = {
neededForUsers = true;
};
"remoteBuildClientKeys/laptop".sopsFile = ./../../features/secrets.yaml;
"remoteBuildClientKeys/pi4".sopsFile = ./../../features/secrets.yaml;
"remoteBuildClientKeys/android".sopsFile = ./../../features/secrets.yaml;
};
};
nix = {
settings = {
trusted-users = [ "remote-builder" ];
};
};
# This value determines the NixOS release from which the default
# settings for stateful data, like file locations and database versions
# on your system were taken. Its perfectly fine and recommended to leave
# this value at the release version of the first install of this system.
# Before changing this value read the documentation for this option
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
system.stateVersion = "23.05"; # Did you read the comment?
};
};
}

119
modules/hosts/homebox/default.nix
View File

@@ -1,120 +1,11 @@
{ self, inputs, ... }: { { self, inputs, ... }: {
flake.nixosModules.homebox = { config, pkgs, lib, ... }: flake.nixosConfigurations."homebox" = inputs.nixpkgs.lib.nixosSystem {
{
imports =
[
inputs.disko.nixosModules.default
inputs.home-manager.nixosModules.default
self.nixosModules.default
modules = [
self.nixosModules.homebox
self.nixosModules.homebox-hardware
self.diskoConfigurations.homebox
]; ];
config = {
boot = {
kernelPackages = pkgs.linuxKernel.packages.linux_6_18;
loader = {
systemd-boot.enable = true;
efi.canTouchEfiVariables = true;
};
binfmt.emulatedSystems = lib.mkIf config.sysconfig.remoteBuildHost [ "aarch64-linux" ];
};
systemd.settings.Manager.DefaultLimitNOFILE = 2048;
programs.zsh.enable = true;
environment.shells = with pkgs; [ zsh bashInteractive ];
nixpkgs.config.allowUnfree = true;
networking = {
nameservers = lib.mkDefault [ "1.1.1.1" "1.0.0.1" ];
networkmanager = {
enable = true;
dns = "none";
};
useDHCP = false;
dhcpcd.enable = false;
nftables = {};
nat = {
enable = true;
internalInterfaces = [ "ve-.+" ];
externalInterface = "wlp7s0"; # wifi
#externalInterface = "enp6s0"; # ethernet
};
};
services.netbird.clients.default.environment = {
NB_EXTRA_DNS_LABELS = "server";
};
sysconfig = {
remoteBuildHost = true;
graphical = false;
services = {
sddm.enable = false;
openssh.enable = true;
pipewire.enable = true;
netbird.enable = true;
ollama.enable = false;
avahi.enable = true;
wyoming = {
enable = true;
piper = true;
openwakeword = true;
faster-whisper = true;
};
};
programs = {
hyprland.enable = false;
steam.enable = false;
};
docker = {
enable = true;
portainer.enable = true;
traefik.enable = true;
pihole.enable = true;
authentik.enable = true;
netbird.enable = true;
openwebui.enable = true;
ollama.enable = true;
searxng.enable = true;
home-assistant.enable = true;
n8n.enable = true;
nextcloud.enable = false;
jellyfin.enable = true;
};
containers = {
"esotericbytes.com".enable = true;
gitea.enable = true;
code-server.enable = true;
sandbox.enable = false;
};
virtual-machines = {
enable = true;
};
};
fonts.packages = with pkgs; [ nerd-fonts.fira-code ];
};
}; };
} }

2
modules/hosts/homebox/hardware-configuration.nix
View File

@@ -1,6 +1,6 @@
{ ... }: { { ... }: {
flake.nixosModules.homebox = { config, lib, pkgs, modulesPath, ... }: flake.nixosModules.homebox-hardware = { config, lib, pkgs, modulesPath, ... }:
{ {
imports = imports =

48
modules/hosts/iso/configuration.nix Normal file
View File

@@ -0,0 +1,48 @@
{ self, inputs, ... }: {
flake.nixosModules.iso = { lib, pkgs, modulesPath, ... }: {
imports = with inputs; [
(modulesPath + "/installer/cd-dvd/installation-cd-minimal.nix")
self.nixosModules.default
self.nixosModules.aurora-greeter
home-manager.nixosModules.default
];
config = {
fonts.fontconfig.enable = lib.mkForce true;
fonts.packages = with pkgs; [ nerd-fonts.fira-code ];
environment.systemPackages = with pkgs; [ nerd-fonts.fira-code ];
system.stateVersion = "25.11";
nixpkgs.hostPlatform = "x86_64-linux";
users.users."nathan" = {
hashedPassword = "$y$j9T$F0pn6l4C45lz4a0FTZLqE0$Fc48Ptbmz/3MJCk/Jsaqop4ff.bY3J3GcjhmJx5R7k6";
packages = with pkgs; [
git
nerd-fonts.fira-code
];
};
users.users.nixos.enable = lib.mkForce false;
networking = {
nameservers = [ "1.1.1.1" "1.0.0.1" ];
networkmanager.enable = true;
};
programs.zsh.enable = true;
environment.shells = with pkgs; [ zsh bashInteractive ];
};
};
}

93
modules/hosts/iso/default.nix
View File

@@ -1,4 +1,4 @@
{ self, inputs, ... }: { { self, inputs, ...}: {
perSystem = { config, system, pkgs, self', inputs', ... }: { perSystem = { config, system, pkgs, self', inputs', ... }: {
packages.iso = self.nixosConfigurations.iso.config.system.build.isoImage; packages.iso = self.nixosConfigurations.iso.config.system.build.isoImage;
@@ -11,96 +11,5 @@
]; ];
}; };
flake.nixosModules.iso = { lib, pkgs, modulesPath, ... }: {
imports = with inputs; [
(modulesPath + "/installer/cd-dvd/installation-cd-minimal.nix")
self.nixosModules.default
self.nixosModules.aurora-greeter
home-manager.nixosModules.default
];
config = {
fonts.fontconfig.enable = lib.mkForce true;
fonts.packages = with pkgs; [ nerd-fonts.fira-code ];
environment.systemPackages = with pkgs; [ nerd-fonts.fira-code ];
system.stateVersion = "25.11";
nixpkgs.hostPlatform = "x86_64-linux";
users.users."nathan" = {
hashedPassword = "$y$j9T$F0pn6l4C45lz4a0FTZLqE0$Fc48Ptbmz/3MJCk/Jsaqop4ff.bY3J3GcjhmJx5R7k6";
packages = with pkgs; [
git
nerd-fonts.fira-code
];
};
users.users.nixos.enable = lib.mkForce false;
networking = {
nameservers = [ "1.1.1.1" "1.0.0.1" ];
networkmanager.enable = true;
};
programs.zsh.enable = true;
environment.shells = with pkgs; [ zsh bashInteractive ];
sysconfig = {
host = "iso";
graphical = true;
users = {
nathan = {
extraGroups = [ "wheel" "networkmanager" ];
shell = pkgs.zsh;
ssh.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAsU69CxfQk58CvItPN426h5Alnpb60SH37wet97Vb57 nathan@laptop"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEnUhN2uHwAJF/SLRX3wlGRmfhV3zpP88JQAYB+gh8jW nathan@localhost"
];
home-manager = {
enable = true;
standalone = false;
extraModules = [
{
homeconfig = {
minimal = false;
hyprland.enable = true;
wal.enable = true;
mpd.enable = true;
rofi.enable = true;
firefox.enable = true;
git.enable = false;
nh.enable = true;
aurora.enable = true;
};
}
];
};
};
};
services = {
openssh.enable = true;
pipewire.enable = true;
#kdePlasma6.enable = true;
netbird.enable = true;
#ollama.enable = true;
};
programs = {
#steam.enable = true;
hyprland.enable = true;
};
};
};
};
} }

113
modules/hosts/jesstop/configuration.nix Normal file
View File

@@ -0,0 +1,113 @@
{ inputs, ... }: {
flake.nixosModules.jesstop = { config, pkgs, lib, ... }:
{
config = {
nixpkgs.config = {
allowUnfree = true;
};
# Bootloader.
boot = {
loader = {
systemd-boot.enable = true;
efi.canTouchEfiVariables = true;
};
};
systemd.extraConfig = "DefaultLimitNOFILE=2048";
hardware = {
graphics.enable = true;
#enable bluetooth
bluetooth.enable = true;
};
services.pulseaudio.enable = false;
environment.systemPackages = with pkgs; [
alsa-utils
];
# Enable the X11 windowing system.
services.xserver = {
enable = true;
desktopManager.enlightenment.enable = true;
};
services.acpid.enable = true;
services.displayManager.enable = true;
# Enable CUPS to print documents.
services.printing.enable = true;
system.stateVersion = "23.05"; # Did you read the comment?
# Set your time zone.
time.timeZone = "America/Chicago";
# Select internationalisation properties.
i18n.defaultLocale = "en_US.UTF-8";
i18n.extraLocaleSettings = {
LC_ADDRESS = "en_US.UTF-8";
LC_IDENTIFICATION = "en_US.UTF-8";
LC_MEASUREMENT = "en_US.UTF-8";
LC_MONETARY = "en_US.UTF-8";
LC_NAME = "en_US.UTF-8";
LC_NUMERIC = "en_US.UTF-8";
LC_PAPER = "en_US.UTF-8";
LC_TELEPHONE = "en_US.UTF-8";
LC_TIME = "en_US.UTF-8";
};
networking = {
hostName = "jesstop";
nameservers = [ "1.1.1.1" "1.0.0.1" ];
networkmanager.enable = true;
};
users.users."nickelback" = {
isNormalUser = true;
description = "Thomas Jefferson";
initialPassword = "89453712";
#hashedPasswordFile = config.sops.secrets."nathan/pass".path;
extraGroups = [
"wheel"
"networkmanager"
]; # Enable sudo for the user.
openssh.authorizedKeys.keys = [];
packages = with pkgs; [
(writeShellScriptBin "beets" ''
bluetoothctl connect A4:16:C0:74:1F:55
'')
spotify
gnome-network-displays
discord
krita
rpcs3
];
};
nix = {
nixPath = [ "nixpkgs=${inputs.nixpkgs}" ];
settings = {
experimental-features = [ "nix-command" "flakes" ];
};
};
fonts.packages = with pkgs; [ nerd-fonts.fira-code ];
};
};
}

131
modules/hosts/jesstop/default.nix
View File

@@ -1,132 +1,11 @@
{ inputs, ... }: { { self, inputs, ... }: {
flake.nixosModules.jesstop = { config, pkgs, lib, ... }: flake.nixosConfigurations."jesstop" = inputs.nixpkgs.lib.nixosSystem {
{ modules = [
self.nixosModules.jesstop
imports = [ self.nixosModules.jesstop-hardware
#inputs.home-manager.nixosModules.default
inputs.sops-nix.nixosModules.sops
];
config = {
nixpkgs.config = {
allowUnfree = true;
};
# Bootloader.
boot = {
loader = {
systemd-boot.enable = true;
efi.canTouchEfiVariables = true;
};
};
systemd.extraConfig = "DefaultLimitNOFILE=2048";
hardware = {
graphics.enable = true;
#enable bluetooth
bluetooth.enable = true;
};
services.pulseaudio.enable = false;
environment.systemPackages = with pkgs; [
alsa-utils
];
sysconfig.opts = {
sddm.enable = true;
openssh.enable = false;
steam.enable = true;
pipewire.enable = true;
hyprpanel.enable = false;
hyprland.enable = false;
git.enable = false;
nh.enable = true;
};
# Enable the X11 windowing system.
services.xserver = {
enable = true;
desktopManager.enlightenment.enable = true;
};
services.acpid.enable = true;
services.displayManager.enable = true;
# Enable CUPS to print documents.
services.printing.enable = true;
system.stateVersion = "23.05"; # Did you read the comment?
# Set your time zone.
time.timeZone = "America/Chicago";
# Select internationalisation properties.
i18n.defaultLocale = "en_US.UTF-8";
i18n.extraLocaleSettings = {
LC_ADDRESS = "en_US.UTF-8";
LC_IDENTIFICATION = "en_US.UTF-8";
LC_MEASUREMENT = "en_US.UTF-8";
LC_MONETARY = "en_US.UTF-8";
LC_NAME = "en_US.UTF-8";
LC_NUMERIC = "en_US.UTF-8";
LC_PAPER = "en_US.UTF-8";
LC_TELEPHONE = "en_US.UTF-8";
LC_TIME = "en_US.UTF-8";
};
networking = {
hostName = "jesstop";
nameservers = [ "1.1.1.1" "1.0.0.1" ];
networkmanager.enable = true;
};
users.users."nickelback" = {
isNormalUser = true;
description = "Thomas Jefferson";
initialPassword = "89453712";
#hashedPasswordFile = config.sops.secrets."nathan/pass".path;
extraGroups = [
"wheel"
"networkmanager"
]; # Enable sudo for the user.
openssh.authorizedKeys.keys = [];
packages = with pkgs; [
(writeShellScriptBin "beets" ''
bluetoothctl connect A4:16:C0:74:1F:55
'')
spotify
gnome-network-displays
discord
krita
rpcs3
]; ];
}; };
nix = {
nixPath = [ "nixpkgs=${inputs.nixpkgs}" ];
settings = {
experimental-features = [ "nix-command" "flakes" ];
};
};
fonts.packages = with pkgs; [ nerd-fonts.fira-code ];
};
};
} }

2
modules/hosts/jesstop/hardware-configuration.nix
View File

@@ -1,6 +1,6 @@
{ ... }: { { ... }: {
flake.nixosModules.jesstop = { config, lib, pkgs, modulesPath, ... }: flake.nixosModules.jesstop-hardware = { config, lib, pkgs, modulesPath, ... }:
{ {
imports = imports =

125
modules/hosts/laptop/config.nix
View File

@@ -1,125 +0,0 @@
{ self, inputs, ... }: {
flake.nixosConfigurations."laptop" = inputs.nixpkgs.lib.nixosSystem {
modules = [
self.nixosModules.laptop
];
};
flake.nixosModules.laptop = { config, pkgs, ... }:
{
config = {
boot.kernelParams = [ "snd-intel-dspcfg.dsp_driver=1" ];
hardware = {
nvidia = {
modesetting.enable = true;
powerManagement.enable = true;
powerManagement.finegrained = true;
open = false;
nvidiaSettings = true;
package = config.boot.kernelPackages.nvidiaPackages.stable;
prime = {
# Make sure to use the correct Bus ID values for your system!
intelBusId = "PCI:0:2:0";
nvidiaBusId = "PCI:1:0:0";
# WARNING: sync and offload are mutually exclusive.
# You can only pick one!!
#sync.enable = true;
offload = {
enable = true;
enableOffloadCmd = true;
};
};
};
};
sops = {
defaultSopsFile = ./secrets.yaml;
secrets = {
"nathan/pass" = {
neededForUsers = true;
};
remoteBuildKey = {};
};
};
services.wyoming.satellite.user = "nathan";
sysconfig = {
host = "laptop";
services = {
wyoming = {
enable = true;
satellite = true;
};
};
remoteBuildClient = true;
users = {
nathan = {
isSuperuser = true;
extraGroups = [ "networkmanager" ];
hashedPasswordFile = config.sops.secrets."nathan/pass".path;
shell = pkgs.zsh;
home-manager = {
enable = true;
standalone = false;
extraModules = [
{
homeconfig = {
minimal = false;
graphical = true;
virtual-machines = true;
hyprland.enable = true;
hypridle.enable = true;
wal.enable = true;
mpd.enable = true;
calcurse.enable = true;
rofi.enable = true;
firefox.enable = true;
git.enable = true;
nh.enable = true;
aurora.enable = true;
};
#monitor=eDP-1, addreserved, 40,0,0,0
wayland.windowManager.hyprland.extraConfig = ''
monitor=eDP-1,1920x1080@60,0x0,1
bind = CTRL SHIFT, XF86Launch2, exec, bash -c 'if [[ $(hyprctl monitors | grep 0x0 | sed -n -e "s/\t*1920x1080@//" -e "s/.[1234567890]* at 0x0//p") == 300 ]]; then pkexec --user root /nix/var/nix/profiles/system/bin/switch-to-configuration switch; else pkexec --user root /nix/var/nix/profiles/system/specialisation/docked/bin/switch-to-configuration switch; fi'
bind = ALT, Escape, exec, if [[ $(hyprctl monitors | grep 0x0 | sed -n -e "s/\t*1920x1080@//" -e "s/.[1234567890]* at 0x0//p") == 300 ]]; then hyprctl keyword monitor eDP-1,1920x1080@60,0x0,1; else hyprctl keyword monitor eDP-1,1920x1080@300,0x0,1; fi
'';
}
];
};
};
};
};
services.xserver.videoDrivers = [ "nvidia" ];
# This value determines the NixOS release from which the default
# settings for stateful data, like file locations and database versions
# on your system were taken. Its perfectly fine and recommended to leave
# this value at the release version of the first install of this system.
# Before changing this value read the documentation for this option
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
system.stateVersion = "23.05"; # Did you read the comment?
};
};
}

135
modules/hosts/laptop/configuration.nix Normal file
View File

@@ -0,0 +1,135 @@
{ self, inputs, ... }: {
flake.nixosModules.laptop = { config, pkgs, lib, ... }:
{
imports = with self.nixosModules; [
inputs.home-manager.nixosModules.default
self.nixosModules.default
aurora-greeter
hyprland
pipewire
steam
avahi
netbird
];
config = {
nixpkgs.config = {
allowUnfree = true;
};
# Bootloader.
boot = {
kernelPackages = pkgs.linuxKernel.packages.linux_6_18;
loader = {
systemd-boot.enable = true;
efi.canTouchEfiVariables = true;
timeout = null;
};
};
systemd.settings.Manager.DefaultLimitNOFILE = 2048;
hardware = {
graphics.enable = true;
firmware = with pkgs; [
sof-firmware
];
#enable bluetooth
bluetooth.enable = true;
};
programs.partition-manager.enable = true;
services.pulseaudio.enable = false;
environment.systemPackages = with pkgs; [
alsa-utils
];
# Enable the X11 windowing system.
services.xserver = {
enable = true;
};
services.displayManager.enable = true;
environment.shells = with pkgs; [ zsh bashInteractive ];
# Enable CUPS to print documents.
services.printing.enable = true;
programs.adb.enable = true;
programs.zsh.enable = true;
networking = {
nameservers = [
"1.1.1.1"
"1.0.0.1"
];
networkmanager = {
enable = true;
dns = "none";
};
useDHCP = false;
dhcpcd.enable = false;
};
fonts.packages = with pkgs; [ nerd-fonts.fira-code ];
boot.kernelParams = [ "snd-intel-dspcfg.dsp_driver=1" ];
hardware = {
nvidia = {
modesetting.enable = true;
powerManagement.enable = true;
powerManagement.finegrained = true;
open = false;
nvidiaSettings = true;
package = config.boot.kernelPackages.nvidiaPackages.stable;
prime = {
# Make sure to use the correct Bus ID values for your system!
intelBusId = "PCI:0:2:0";
nvidiaBusId = "PCI:1:0:0";
# WARNING: sync and offload are mutually exclusive.
# You can only pick one!!
#sync.enable = true;
offload = {
enable = true;
enableOffloadCmd = true;
};
};
};
};
sops = {
defaultSopsFile = ./secrets.yaml;
secrets = {
remoteBuildKey = {};
};
};
services.xserver.videoDrivers = [ "nvidia" ];
# This value determines the NixOS release from which the default
# settings for stateful data, like file locations and database versions
# on your system were taken. Its perfectly fine and recommended to leave
# this value at the release version of the first install of this system.
# Before changing this value read the documentation for this option
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
system.stateVersion = "23.05"; # Did you read the comment?
};
};
}

117
modules/hosts/laptop/default.nix
View File

@@ -1,120 +1,11 @@
{ self, inputs, ... }: { { self, inputs, ... }: {
flake.nixosModules.laptop = { config, pkgs, lib, ... }: flake.nixosConfigurations."laptop" = inputs.nixpkgs.lib.nixosSystem {
{ modules = [
self.nixosModules.laptop
imports = [ self.nixosModules.laptop-hardware
inputs.home-manager.nixosModules.default
self.nixosModules.default
self.nixosModules.aurora-greeter
]; ];
config = {
nixpkgs.config = {
allowUnfree = true;
}; };
# Bootloader.
boot = {
kernelPackages = pkgs.linuxKernel.packages.linux_6_18;
loader = {
systemd-boot.enable = true;
efi.canTouchEfiVariables = true;
timeout = null;
};
};
systemd.settings.Manager.DefaultLimitNOFILE = 2048;
hardware = {
graphics.enable = true;
firmware = with pkgs; [
sof-firmware
];
#enable bluetooth
bluetooth.enable = true;
};
programs.partition-manager.enable = true;
services.pulseaudio.enable = false;
environment.systemPackages = with pkgs; [
alsa-utils
];
sysconfig = with lib; {
remoteBuildClient = mkDefault true;
graphical = mkDefault true;
services = {
sddm.enable = mkDefault true;
openssh.enable = mkDefault false;
pipewire.enable = mkDefault true;
netbird.enable = mkDefault true;
ollama.enable = mkDefault true;
avahi.enable = mkDefault true;
};
programs = {
steam.enable = mkDefault true;
hyprland.enable = mkDefault true;
};
containers = {
wyoming = {
enable = mkDefault false;
};
};
virtual-machines = {
enable = true;
};
};
# Enable the X11 windowing system.
services.xserver = {
enable = true;
};
services.displayManager.enable = true;
environment.shells = with pkgs; [ zsh bashInteractive ];
# Enable CUPS to print documents.
services.printing.enable = true;
programs.adb.enable = true;
programs.zsh.enable = true;
networking = {
nameservers = [
"1.1.1.1"
"1.0.0.1"
];
networkmanager = {
enable = true;
dns = "none";
};
useDHCP = false;
dhcpcd.enable = false;
};
fonts.packages = with pkgs; [ nerd-fonts.fira-code ];
};
};
} }

2
modules/hosts/laptop/hardware-configuration.nix
View File

@@ -1,6 +1,6 @@
{ ... }: { { ... }: {
flake.nixosModules.laptop = { config, lib, pkgs, modulesPath, ... }: flake.nixosModules.laptop-hardware = { config, lib, pkgs, modulesPath, ... }:
{ {
imports = imports =

60
modules/hosts/live/configuration.nix Normal file
View File

@@ -0,0 +1,60 @@
{ inputs, ... }: {
flake.nixosModules.live = { pkgs, ... }: {
imports = with inputs; [
disko.nixosModules.default
(import ./disko.nix { device = "/dev/mmcblk0"; })
sops-nix.nixosModules.sops
home-manager.nixosModules.default
];
config = {
hardware.enableRedistributableFirmware = true;
hardware.enableAllHardware = true;
programs.zsh.enable = true;
environment.shells = with pkgs; [ zsh bashInteractive ];
networking = {
nameservers = [ "1.1.1.1" "1.0.0.1" ];
networkmanager.enable = true;
};
nixpkgs.hostPlatform = "x86_64-linux";
boot = {
loader = {
systemd-boot.enable = true;
efi.canTouchEfiVariables = true;
};
};
users.users."nathan" = {
hashedPassword = "$y$j9T$F0pn6l4C45lz4a0FTZLqE0$Fc48Ptbmz/3MJCk/Jsaqop4ff.bY3J3GcjhmJx5R7k6";
packages = with pkgs; [
git
nerd-fonts.fira-code
];
};
sops = {
age.keyFile = "/var/lib/sops/age/keys.txt";
defaultSopsFile = ./secrets.yaml;
defaultSopsFormat = "yaml";
#secrets."nathan/pass".neededForUsers = true;
};
system.stateVersion = "25.05";
fonts.packages = with pkgs; [ nerd-fonts.fira-code ];
};
};
}

122
modules/hosts/live/default.nix
View File

@@ -1,123 +1,11 @@
{ inputs, ... }: { { self, inputs, ... }: {
flake.nixosModules.live = { pkgs, ... }: { flake.nixosConfigurations."live" = inputs.nixpkgs.lib.nixosSystem {
imports = with inputs; [ modules = [
self.nixosModules.live
disko.nixosModules.default self.diskoConfigurations.live
(import ./disko.nix { device = "/dev/mmcblk0"; })
sops-nix.nixosModules.sops
home-manager.nixosModules.default
];
config = {
hardware.enableRedistributableFirmware = true;
hardware.enableAllHardware = true;
programs.zsh.enable = true;
environment.shells = with pkgs; [ zsh bashInteractive ];
networking = {
nameservers = [ "1.1.1.1" "1.0.0.1" ];
networkmanager.enable = true;
};
nixpkgs.hostPlatform = "x86_64-linux";
boot = {
loader = {
systemd-boot.enable = true;
efi.canTouchEfiVariables = true;
};
};
users.users."nathan" = {
hashedPassword = "$y$j9T$F0pn6l4C45lz4a0FTZLqE0$Fc48Ptbmz/3MJCk/Jsaqop4ff.bY3J3GcjhmJx5R7k6";
packages = with pkgs; [
git
nerd-fonts.fira-code
]; ];
}; };
sops = {
age.keyFile = "/var/lib/sops/age/keys.txt";
defaultSopsFile = ./secrets.yaml;
defaultSopsFormat = "yaml";
#secrets."nathan/pass".neededForUsers = true;
};
sysconfig = {
#remoteBuildClient = true;
host = "live";
graphical = true;
users = {
nathan = {
extraGroups = [ "wheel" "networkmanager" ];
#hashedPasswordFile = config.sops.secrets."nathan/pass".path;
shell = pkgs.zsh;
sshKeys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAsU69CxfQk58CvItPN426h5Alnpb60SH37wet97Vb57 nathan@laptop"
];
home-manager = {
enable = true;
standalone = false;
extraModules = [
{
homeconfig = {
minimal = false;
hyprland.enable = true;
wal.enable = true;
mpd.enable = true;
calcurse.enable = true;
rofi.enable = true;
firefox.enable = true;
#git.enable = true;
nh.enable = true;
aurora.enable = true;
};
}
];
};
};
};
services = {
sddm.enable = true;
openssh.enable = true;
pipewire.enable = true;
#kdePlasma6.enable = true;
netbird.enable = true;
#ollama.enable = true;
};
programs = {
#steam.enable = true;
hyprpanel.enable = true;
hyprland.enable = true;
};
virtualization = {
wyoming = {
enable = false;
};
homeassistant = {
enable = false;
};
};
};
system.stateVersion = "25.05";
fonts.packages = with pkgs; [ nerd-fonts.fira-code ];
};
};
} }

87
modules/hosts/pi4/configuration.nix Normal file
View File

@@ -0,0 +1,87 @@
{ inputs, ... }: {
flake.nixosModules.pi4 = { config, pkgs, ... }: {
imports = [
inputs.disko.nixosModules.default
inputs.home-manager.nixosModules.default
];
config = {
boot = {
loader = {
grub.enable = false;
generic-extlinux-compatible.enable = true;
};
};
networking = {
hostName = "pi4";
nameservers = [ "1.1.1.1" "1.0.0.1" ];
networkmanager.enable = true;
};
time.timeZone = "America/Chicago";
i18n.defaultLocale = "en_US.UTF-8";
i18n.extraLocaleSettings = {
LC_ADDRESS = "en_US.UTF-8";
LC_IDENTIFICATION = "en_US.UTF-8";
LC_MEASUREMENT = "en_US.UTF-8";
LC_MONETARY = "en_US.UTF-8";
LC_NAME = "en_US.UTF-8";
LC_NUMERIC = "en_US.UTF-8";
LC_PAPER = "en_US.UTF-8";
LC_TELEPHONE = "en_US.UTF-8";
LC_TIME = "en_US.UTF-8";
};
hardware = {
bluetooth.enable = true;
};
programs.zsh.enable = true;
environment.shells = with pkgs; [ zsh ];
users = {
groups.gpio = {};
};
services = {
udev.extraRules = ''
SUBSYSTEM=="bcm2835-gpiomem", KERNEL=="gpiomem", GROUP="gpio",MODE="0660"
SUBSYSTEM=="gpio", KERNEL=="gpiochip*", ACTION=="add", RUN+="${pkgs.bash}/bin/bash -c 'chown root:gpio /sys/class/gpio/export /sys/class/gpio/unexport ; chmod 220 /sys/class/gpio/export /sys/class/gpio/unexport'"
SUBSYSTEM=="gpio", KERNEL=="gpio*", ACTION=="add",RUN+="${pkgs.bash}/bin/bash -c 'chown root:gpio /sys%p/active_low /sys%p/direction /sys%p/edge /sys%p/value ; chmod 660 /sys%p/active_low /sys%p/direction /sys%p/edge /sys%p/value'"
'';
pulseaudio = {
enable = true;
extraConfig = ''
load-module module-native-protocol-tcp auth-ip-acl=127.0.0.1
'';
};
};
sops = {
age.keyFile = "/var/lib/sops/age/keys.txt";
defaultSopsFile = ./secrets.yaml;
defaultSopsFormat = "yaml";
};
fonts.packages = with pkgs; [ nerd-fonts.fira-code ];
sound.enable = true;
security.rtkit.enable = true;
system.stateVersion = "25.05";
};
};
}

138
modules/hosts/pi4/default.nix
View File

@@ -1,138 +1,12 @@
{ inputs, ... }: { { self, inputs, ... }: {
flake.nixosModules.pi4 = { config, pkgs, ... }: { flake.nixosConfigurations."pi4" = inputs.nixpkgs.lib.nixosSystem {
imports = [ modules = [
./hardware-configuration.nix self.nixosModules.pi4
self.nixosModules.pi4-hardware
inputs.disko.nixosModules.default self.diskoConfigurations.pi4
(import ./disko.nix { device1 = "/dev/mmcblk0"; })
inputs.home-manager.nixosModules.default
inputs.sops-nix.nixosModules.sops
];
config = {
sysconfig = {
remoteBuildClient = true;
users = {
nathan = {
hashedPasswordFile = config.sops.secrets."nathan/pass".path;
shell = pkgs.zsh;
sshKeys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAsU69CxfQk58CvItPN426h5Alnpb60SH37wet97Vb57 nathan@laptop"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEnUhN2uHwAJF/SLRX3wlGRmfhV3zpP88JQAYB+gh8jW nathan@localhost"
];
extraGroups = [
"wheel"
"networkmanager"
"gpio"
"spi"
"audio"
"pulse"
"pulse-access"
];
home-manager = {
enable = true;
standalone = false;
extraModules = [
{
homeconfig = {
scripts.enable = false;
minimal = true;
mpd.enable = true;
git.enable = true;
nh.enable = true;
};
}
]; ];
}; };
};
};
services = {
openssh.enable = true;
#pipewire.enable = true;
netbird.enable = true;
};
};
boot = {
loader = {
grub.enable = false;
generic-extlinux-compatible.enable = true;
};
};
networking = {
hostName = "pi4";
nameservers = [ "1.1.1.1" "1.0.0.1" ];
networkmanager.enable = true;
};
time.timeZone = "America/Chicago";
i18n.defaultLocale = "en_US.UTF-8";
i18n.extraLocaleSettings = {
LC_ADDRESS = "en_US.UTF-8";
LC_IDENTIFICATION = "en_US.UTF-8";
LC_MEASUREMENT = "en_US.UTF-8";
LC_MONETARY = "en_US.UTF-8";
LC_NAME = "en_US.UTF-8";
LC_NUMERIC = "en_US.UTF-8";
LC_PAPER = "en_US.UTF-8";
LC_TELEPHONE = "en_US.UTF-8";
LC_TIME = "en_US.UTF-8";
};
hardware = {
bluetooth.enable = true;
};
programs.zsh.enable = true;
environment.shells = with pkgs; [ zsh ];
users = {
groups.gpio = {};
};
services = {
udev.extraRules = ''
SUBSYSTEM=="bcm2835-gpiomem", KERNEL=="gpiomem", GROUP="gpio",MODE="0660"
SUBSYSTEM=="gpio", KERNEL=="gpiochip*", ACTION=="add", RUN+="${pkgs.bash}/bin/bash -c 'chown root:gpio /sys/class/gpio/export /sys/class/gpio/unexport ; chmod 220 /sys/class/gpio/export /sys/class/gpio/unexport'"
SUBSYSTEM=="gpio", KERNEL=="gpio*", ACTION=="add",RUN+="${pkgs.bash}/bin/bash -c 'chown root:gpio /sys%p/active_low /sys%p/direction /sys%p/edge /sys%p/value ; chmod 660 /sys%p/active_low /sys%p/direction /sys%p/edge /sys%p/value'"
'';
pulseaudio = {
enable = true;
extraConfig = ''
load-module module-native-protocol-tcp auth-ip-acl=127.0.0.1
'';
};
};
sops = {
age.keyFile = "/var/lib/sops/age/keys.txt";
defaultSopsFile = ./secrets.yaml;
defaultSopsFormat = "yaml";
};
fonts.packages = with pkgs; [ nerd-fonts.fira-code ];
sound.enable = true;
security.rtkit.enable = true;
system.stateVersion = "25.05";
};
};
} }

2
modules/hosts/pi4/hardware-configuration.nix
View File

@@ -1,6 +1,6 @@
{ ... }: { { ... }: {
flake.nixosModules.pi4 = { config, lib, pkgs, modulesPath, ... }: flake.nixosModules.pi4-hardware = { config, lib, pkgs, modulesPath, ... }:
{ {
imports = imports =

23
modules/users/nathan/nathan.nix
View File

@@ -1,10 +1,8 @@
{ self, inputs, ... }: { { self, inputs, ... }: {
flake.nixosModules.user-nathan = { config, lib, pkgs, ... }: { flake.nixosModules.user-nathan = host: { config, lib, pkgs, ... }: {
config = lib.mkIf ( config = {
config.sysconfig.users ? nathan && config.sysconfig.users.nathan.usePresets
) {
sops.secrets."nathan/pass".neededForUsers = true; sops.secrets."nathan/pass".neededForUsers = true;
@@ -14,14 +12,19 @@
isNormalUser = lib.mkDefault true; isNormalUser = lib.mkDefault true;
#hashedPasswordFile = lib.mkIf (cfg.hashedPasswordFile != null) cfg.hashedPasswordFile; #hashedPasswordFile = lib.mkIf (cfg.hashedPasswordFile != null) cfg.hashedPasswordFile;
extraGroups = [ "networkmanager" "docker" "libvirtd" ]; extraGroups = [ "networkmanager" "docker" "libvirtd" ];
openssh.authorizedKeys.keys = with config.sysconfig.users.nathan; lib.mkIf config.sysconfig.services.openssh.enable ( openssh.authorizedKeys.keys = [
ssh.keys ++ (map (z: config.sysconfig.sshHostKeys.${z}) ssh.hosts) "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAsU69CxfQk58CvItPN426h5Alnpb60SH37wet97Vb57 nathan@laptop"
); "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEnUhN2uHwAJF/SLRX3wlGRmfhV3zpP88JQAYB+gh8jW nathan@localhost"
packages = lib.mkIf ( "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCM7ZgIu4+ntHZbzo9iQPq5pUt7AhpOnfvvI0lWDgO4CgtkPGvyFrDnW87wjAKGKYkgKeHWHIkwq2hkEDqlPD+7xxtPpwzfyo7ZS23xlP31rL14HcG21jGHgx9SO7RmGDHHylu4PwJzz/KX59hcVmpSSV4hgB/mYA9UKe6VHv39X4y3HsjmiHwNBOKXltG4V+VkxOZD6HcZ62sgkyDTaqDpE7p+q8vHPbm6dVTKC9cMjtJmjB5EesMGKcEAy3VN2tA9M0EndtaLcBKM39vDXGpBsjURYZTu7NbQnncnO7L8kVL0nT4vA/d4mCjB51dPoXIcxn1ise0TOb9G7TxMbBQQO5YMOpiB2iuZRRvB3sYoKwbO8YfSxZi0EhvLcxkF9GBFw+pWPl0p0D2fPBbW88YQfEpoAt2EWvEu/pgaMJsTHpgaIuDwPLVQmDciX4MRoi324oElGSK8yN0P8IaCHhFchuehLBWvTi34Qot0GpnxeTzmlLzImICO9Yq0I7dk2rk= nathan@rpi-3dp"
config.sysconfig.users.nathan.home-manager.enable && config.sysconfig.users.nathan.home-manager.standalone ];
) [ pkgs.home-manager ]; packages = lib.mkIf (false) [ pkgs.home-manager ];
}; };
wayland.windowManager.hyprland.extraConfig = if host == "laptop" then ''
monitor=eDP-1,1920x1080@60,0x0,1
bind = CTRL SHIFT, XF86Launch2, exec, bash -c 'if [[ $(hyprctl monitors | grep 0x0 | sed -n -e "s/\t*1920x1080@//" -e "s/.[1234567890]* at 0x0//p") == 300 ]]; then pkexec --user root /nix/var/nix/profiles/system/bin/switch-to-configuration switch; else pkexec --user root /nix/var/nix/profiles/system/specialisation/docked/bin/switch-to-configuration switch; fi'
bind = ALT, Escape, exec, if [[ $(hyprctl monitors | grep 0x0 | sed -n -e "s/\t*1920x1080@//" -e "s/.[1234567890]* at 0x0//p") == 300 ]]; then hyprctl keyword monitor eDP-1,1920x1080@60,0x0,1; else hyprctl keyword monitor eDP-1,1920x1080@300,0x0,1; fi
'' else '''';
}; };
}; };