Blunkall-Technologies/Olympus
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

test

Browse Source
This commit is contained in:
Nathan
2026-04-09 14:25:40 -05:00
parent 58eec1d59d
commit 11048faa79
10 changed files with 544 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
flake.nix
View File

@@ -37,8 +37,6 @@
#aurora.url = "git+https://gitea.esotericbytes.com/Blunkall-Technologies/Aurora";
aurora.url = "git+file:///home/nathan/Projects/Aurora";
self.submodules = true;
};
outputs = { ... } @ inputs:
@@ -46,7 +44,6 @@
(inputs.import-tree [
./profiles
./homes
./machines
./system
./templates/default.nix
./flake-parts.nix

7
profiles/homebox/.sops.yaml Normal file
View File

@@ -0,0 +1,7 @@
keys:
- &homebox age1640eg0pnmkruc89m5xguz0m8fek44fl4tzez6qwuzlz6kmapqewsp8esxd
creation_rules:
- path_regex: ^secrets.yaml$
key_groups:
- age:
- *homebox

131
profiles/homebox/config.nix Normal file
View File

@@ -0,0 +1,131 @@
{ self, inputs, ... }: {
flake.nixosConfigurations."homebox" = inputs.nixpkgs.lib.nixosSystem {
modules = [
self.nixosModules.homebox
self.nixosModules.default
];
};
flake.nixosModules.homebox = { config, lib, pkgs, ... }:
{
imports = [ # Include the results of the hardware scan.
(import ./disko.nix { device1 = "/dev/nvme0n1"; device2 = "/dev/nvme1n1"; device3 = "/dev/sda"; })
];
config = {
services = {
xserver = {
enable = false;
videoDrivers = ["nvidia"];
};
displayManager = {
enable = false;
defaultSession = "hyprland";
autoLogin = {
enable = true;
user = "nathan";
};
};
pulseaudio.enable = false;
hardware.openrgb = {
enable = true;
motherboard = "amd";
};
};
hardware = {
nvidia = {
open = true;
modesetting.enable = true;
nvidiaPersistenced = true;
};
bluetooth = {
enable = true;
powerOnBoot = false;
};
};
sops = {
age.keyFile = "/var/lib/sops/age/keys.txt";
defaultSopsFile = ./secrets.yaml;
defaultSopsFormat = "yaml";
secrets = {
"nathan/pass" = {
neededForUsers = true;
};
};
};
sysconfig = {
host = "homebox";
docker.nvidia = true;
remoteBuildClient = false;
users = {
nathan = {
isSuperuser = true;
extraGroups = [ "networkmanager" "docker" ];
ssh.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAsU69CxfQk58CvItPN426h5Alnpb60SH37wet97Vb57 nathan@laptop"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEnUhN2uHwAJF/SLRX3wlGRmfhV3zpP88JQAYB+gh8jW nathan@localhost"
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCM7ZgIu4+ntHZbzo9iQPq5pUt7AhpOnfvvI0lWDgO4CgtkPGvyFrDnW87wjAKGKYkgKeHWHIkwq2hkEDqlPD+7xxtPpwzfyo7ZS23xlP31rL14HcG21jGHgx9SO7RmGDHHylu4PwJzz/KX59hcVmpSSV4hgB/mYA9UKe6VHv39X4y3HsjmiHwNBOKXltG4V+VkxOZD6HcZ62sgkyDTaqDpE7p+q8vHPbm6dVTKC9cMjtJmjB5EesMGKcEAy3VN2tA9M0EndtaLcBKM39vDXGpBsjURYZTu7NbQnncnO7L8kVL0nT4vA/d4mCjB51dPoXIcxn1ise0TOb9G7TxMbBQQO5YMOpiB2iuZRRvB3sYoKwbO8YfSxZi0EhvLcxkF9GBFw+pWPl0p0D2fPBbW88YQfEpoAt2EWvEu/pgaMJsTHpgaIuDwPLVQmDciX4MRoi324oElGSK8yN0P8IaCHhFchuehLBWvTi34Qot0GpnxeTzmlLzImICO9Yq0I7dk2rk= nathan@rpi-3dp"
];
shell = pkgs.zsh;
hashedPasswordFile = config.sops.secrets."nathan/pass".path;
home-manager = {
enable = true;
standalone = false;
extraModules = [
{
homeconfig = {
minimal = false;
virtual-machines = true;
hyprland.enable = false;
hypridle.enable = false;
wal.enable = true;
mpd.enable = true;
calcurse.enable = true;
rofi.enable = false;
firefox.enable = false;
git.enable = true;
nh.enable = true;
};
services.hypridle.enable = lib.mkForce false;
home.packages = with pkgs; [
wayvnc
openrgb
];
}
];
};
};
};
};
# This value determines the NixOS release from which the default
# settings for stateful data, like file locations and database versions
# on your system were taken. Its perfectly fine and recommended to leave
# this value at the release version of the first install of this system.
# Before changing this value read the documentation for this option
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
system.stateVersion = "23.05"; # Did you read the comment?
};
};
}

148
profiles/homebox/disko.nix Normal file
View File

@@ -0,0 +1,148 @@
{ ... }: {
flake.diskoConfigurations.homebox = {
device1 ? throw "Set this to your disk device, e.g. /dev/sda",
device2,
device3,
...
}: {
disko.devices = {
disk = {
main = {
device = device1;
type = "disk";
content = {
type = "gpt";
partitions = {
boot = {
name = "boot";
size = "1M";
type = "EF02";
};
esp = {
name = "ESP";
size = "500M";
type = "EF00";
content = {
type = "filesystem";
format = "vfat";
mountpoint = "/boot";
};
};
swap = {
size = "4G";
content = {
type = "swap";
resumeDevice = true;
};
};
root = {
name = "root";
size = "100%";
content = {
type = "lvm_pv";
vg = "root_vg";
};
};
};
};
};
ssd1 = {
device = device2;
type = "disk";
content = {
type = "gpt";
partitions = {
ssd1 = {
name = "ssd1";
size = "100%";
content = {
type = "lvm_pv";
vg = "ssd1_vg";
};
};
};
};
};
hdd1 = {
device = device3;
type = "disk";
content = {
type = "gpt";
partitions = {
hdd1 = {
name = "hdd1";
size = "100%";
content = {
type = "lvm_pv";
vg = "hdd1_vg";
};
};
};
};
};
};
lvm_vg = {
root_vg = {
type = "lvm_vg";
lvs = {
root = {
size = "100%FREE";
content = {
type = "btrfs";
extraArgs = ["-f"];
subvolumes = {
"/root" = {
mountpoint = "/";
};
"/nix" = {
mountOptions = ["subvol=nix" "noatime"];
mountpoint = "/nix";
};
};
};
};
};
};
ssd1_vg = {
type = "lvm_vg";
lvs = {
ssd1 = {
size = "100%FREE";
content = {
type = "btrfs";
extraArgs = [ "-f" ];
subvolumes = {
"/ssd1" = {
mountOptions = [ "subvol=ssd1" "noatime" ];
mountpoint = "/ssd1";
};
};
};
};
};
};
hdd1_vg = {
type = "lvm_vg";
lvs = {
hdd1 = {
size = "100%FREE";
content = {
type = "btrfs";
extraArgs = [ "-f" ];
subvolumes = {
"/hdd1" = {
mountOptions = [ "subvol=hdd1" "noatime" ];
mountpoint = "/hdd1";
};
};
};
};
};
};
};
};
};
}

24
profiles/homebox/hardware-configuration.nix Normal file
View File

@@ -0,0 +1,24 @@
{ ... }: {
flake.nixosModules.homebox = { config, lib, pkgs, modulesPath, ... }:
{
imports =
[ (modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "ahci" "usbhid" "sd_mod" "sr_mod" ];
boot.initrd.kernelModules = [ "dm-snapshot" ];
boot.kernelModules = [ "kvm-amd" ];
boot.extraModulePackages = [ ];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
};
}

44
profiles/homebox/secrets.yaml Normal file
View File

@@ -0,0 +1,44 @@
nathan:
pass: ENC[AES256_GCM,data:HP/kF665VvIUybXmqaluJikeHWR0lvTXjA8Ry/dpbjDd3VUfiDuWFKlBkUzIZ1brAc86PV1xl4JWu2CNEz7uc3TmPuJ+GsFFOA==,iv:uPQZE7s3PvfShOaVCNRnnhXlcvA5aIiXRxi7UPbXfdU=,tag:Wg0IuCm4ljSPBmB/H2OSFA==,type:str]
traefik:
cf_email: ENC[AES256_GCM,data:ujvdfobp/aTcyC+kUYeYYeaiXQnQhoHYhg==,iv:LBzvuMMt76jX70a68rzaMgkmzHtVE2TlbrJlWE7I6o8=,tag:cTO1ApZQ214zjJyumunvPg==,type:str]
cf_api_key: ENC[AES256_GCM,data:CrtkBlhUZT3rlZAqiEHz7/OhPaoQ5nAz+deWmrh2zmwJfAp95lGZCA==,iv:qPXTm5zjTVYupot/hUkI/pSe0QNs17rapDrvdweRDTQ=,tag:VL2Cnig8Ih0iSL7myqlTgA==,type:str]
authentik:
pass: ENC[AES256_GCM,data:pTjpwRgdUVU5543T199P7Zoy,iv:93WpIK6qq+A1LhaQdBvMQ4jzuAOmMUt575y/p8m8Ugk=,tag:jTg/JED3vpdOVHF8LdIyLg==,type:str]
secret_key: ENC[AES256_GCM,data:tIWDGtB/z7Ysizz9FPQJe2EeSTAxDPkeHJnaDfytDvbqvRaiCgg7qGpEF6hAQFdZ,iv:gloup5aI0qY+SYJt8V6lvUdE+18IWH09BXtz8dRi6JE=,tag:vFwF9h1Rsa/X1bjvdSRSfQ==,type:str]
pihole:
pass: ENC[AES256_GCM,data:hintZA==,iv:HA5K8mHYlLtf5s8iaLI/QRolYgcKwG8DWCH+LXnWI4k=,tag:DlnXxG0n9dBVpk2kILlPKg==,type:str]
gitea:
dbpass: ENC[AES256_GCM,data:hVRLXACRECNSnXRn8BEP0ZFT,iv:zuIvzStek6OEu+P4Nh8Wsq9eRVt/zP8KGVXYZWjSvW0=,tag:m4t8vKNGhz8NqkDWbCRgnA==,type:str]
keycloak:
dbpass: ENC[AES256_GCM,data:tc4wIAqzY7nonBhz8s+YdAux,iv:Wg0b0/xnl6cANLTOJWBsX+gw1iF8Q/GvO/iKyKwqJrM=,tag:LORKRmo4RjcrVbPNhk2A9Q==,type:str]
netbird:
secret_key: ENC[AES256_GCM,data:isJHGh/InvgJUSqISqxpWhZH0OMN/QG7WBbSS7WqHaWTdfZDBOh//PBP8g==,iv:j0D6feM3qnDjXijXRHgZPboFLHzPwWIhT5bYz3M+QMU=,tag:pOHRxOEdOUrL3n6DgqGDsA==,type:str]
gitlab:
db_pass: ENC[AES256_GCM,data:N3KvXkXql/PDjxZSpGo/Apr/,iv:OOzhR4BEmV3T01PA50vqdJMg7D2OGKHn/8hiqKEaOd4=,tag:jzdonXH/D/5kZ5Cld2W//w==,type:str]
root_pass: ENC[AES256_GCM,data:bALaUkoJw3N0ugZP/4MCnEsD,iv:LJdJpXlyzA6o00UVlK+l5WCCFIL/sT/fQNjI8wA5LAg=,tag:BYk1o/rjubyEpeHbgYA1Sg==,type:str]
secrets:
secret: ENC[AES256_GCM,data:3/26giCD58RErtEDxQ90KxRl3aa8oH4co2Urw21r7hHCKaoSti1VpYoBtlvHdr5j,iv:SwliwLWSFfTZoc31JSm9YKBDGKiPQE7ujkiGaZmCQUc=,tag:2KT5BpJukixvhb6tnZb6lw==,type:str]
otp: ENC[AES256_GCM,data:RWOkQVPRsrJgPVtx49hiWRMAxVOszKxaDl40XQDL+QoDuoZi03wSxHiu4Ix9X2BR,iv:uO+CTR5S4r1q7n1ycQw0hYdu8JflSrvkgLiBbCmT8mk=,tag:gqCwNOqD78lFtgxUPyUw3A==,type:str]
db: ENC[AES256_GCM,data:rF4IIp1uFSGa67LVm8fy4/qFOmZLInRcG2IAfnuZG3+xtS9Z2RXpNcTZNFBDdOaD,iv:/KYwf3ZH6w48L49rY/FmaGQOt3jGdOUTZ9vFhmLZG60=,tag:f38iYIgpgdjWF34qD1fz2w==,type:str]
jws: ENC[AES256_GCM,data:C+GVDeO319QGjq2+fBMr1LaY6/6Tuz6jWomkvFVul6ydJjmMFO3A9dYI66WWY6g2iZgYEWDKUikW1qDK5sGgU5ZAZzaqS01LUsSsPHUcMqIg/AjtcRfaEvHYODYPPSEwdISzhceDaim8yqhrNTIOHUHvOxcILvtUmsI61hNfVSnOQbqifIJDgGP7bKaf96t8+qcBvp/UBwP1qHj/m4jD83yc8Pdih+ZuPmyNdo3Ew0nbLTykYVX3XsrO1RlJ/Gp+KPfRSJzVGAnqUKr8mI+32LUpXSJ96bEGA67/blSh1dbBxSVo3K83aZYuY6vvXb+Et6qd4piZYKGCxA+waSrTkYHvSgS5vJRbCGWauXKCYFASxxqmdJ3cu+rbphbshBVA3SIPHhZxun6BWaP0qTYZyfB/YsSU4J+kYiE3UEYX9GYEAY9bsO89IYZSsTsmYke2EI4KMcjyUFstZ2WTYqCpwJ6CMAuerDEMHP6N3xCO5MVDZfE4sKKHpfSCVQg8ak7IxV+3jZvZi2tUbvZZf/tYORzPeTUSEpcC4cGwwAJd3XKUetaiuDwQVkLa13xotfL0d+Lwc6eZil0e/sureLqvQM6kpWhK7yscu2hKGOzxx/OZClry2Uyc1fL5iWWxvM8Djg+ShoAS5m3Nt0R+mcLdgaylkZvMl9gNWFO1uzlnhGnJQtekVaXCJ9f9QZt5RizJYwM9pMKhSDTZ0vd4y69iZpz3YXhKtkvYX02RIFtTiqsbyU0pXVjK0SpKsb5T+yphacGeZRwQS9QadW9dE6xQsxwwYC//swm5l6ke+DyZrcsc/J+MBHFuN71D2st+jtfywZYg/YT9EcCFOMjqEgfDq7YICgyqfqRGAdVWQy660T5Mi+gYKcHqbYXaaB3VNL2RGIu/uybih/7ynGRM2+0ro9oKJ+fEbdi1alSFFJ0IvA5lU6XHd2CSyizEC9ak+HBLkYeSqOPfItfLH82jRiUtrY5u4fIlioLQTA1aKHax6q8cIf30FCGenhjM6jMj2WpXKI16+1xK9Om9mg94YmFjM+erQh3o/fbPuMbkNaNJQwabupshBK2h3caaE0cDUnDukUFUANHz9q5LVxSkw39GTjGpovxQJiZHbSdeIC/AzFXRVA1ojhzkeuefygdP27Aa+fLjEBn2x8AcdhyP1n8lQyjy0Wnxq9hJDbVXJF93FIdcCmF/JGejgHcr3YZUMY4OFG9gzISDEdgR99fYvKM+A9Pj2JNtCQ5iKCctg5opIEKA1z4RIpRQs0KmXq3JgjWhU1LeOWaX2YzS5rCJWyhxnTJXGk4a/cMvhbLRjFOKcDNNMp8yJrXk1pth7nFOJ4Put6o67jtjbgpgnPuEdelnXEEaReCfJEo2z8zka63kYqbIvcG4W2pKwsA4tT0QctVwltRdYU8YyKuOpQJtKvVdlZL0oxOwxPioTT8fOebRBaecKhQKF4fp9UGlE/GStud6oFSbN685U2TKihvYNmfLRSWQk1Y/APyCRlhOmhFLaIzJxogdlKzpg4AEg/2SRoEZPsqyZThI8uhCIT1qG0UBiZBTjey322fsEEZtNxO5nX/JeBDOVty3sIGs1OKBTjMXSZ+nzU9AIH6dek9Bz+Fix7a90IkQUB5xtgrIYgCH34L4a0o1jWy5bzT9fl53VnbzrICcT/wdRU/GznYYjxlF2uRBKIu7s0glDmsPXCZuorqvJlr2hySgN/hJKOlrCghraUD14pRk4OfRVKULkPQ7betgaCVbsihXplodrAgJ0BdIbf3tKRC8Ghx8+mYAWNXj+PtWBydEjEirCH70SJu53gjF5mNgl2EIaHNK7jqBgXhDr2/7uH97Tl+S9ue+TDlpr067T5JAqU3fOqq+ZS4wqEvqMYRfXd/V2FjNbBpoH8UW6pMuFaM06DBI+6p9O9xBl1eP3Sy3vrBwK2pCwLbi0LdJ2apQTl/51ZXp2xaaUAAh1Fu/bM21V7ENa5sGxpSTYwdSLyPnd8usqECw9W1XDNUI2EmJnp9AelD/joNwuL6U7pydrNUCguCjxHfbd+m0vc/te53GerJlSXbjEWz53f3RjSB90AaA6sOGhi1BFiHYSAjzMdqVSj4M68r+UF3YIuEuoaOzrVrkb5st3tYD0dz+ORhxo44aKEzgohseha5fg0wcTz9orqkeP/FyoOeItG2UwNVAWWGh/lBtXh8c4ILUMolZ1m2DWiYj/pyDvODVnP96u6TvyMC0H8aolgGHn7nDMTi+mCIvNFQYeXdVrRCpWS9aQik=,iv:cxdargXx2a7pET7BjCSZ/yXL7AnxNqncyDQ7CR3E3AA=,tag:2xKXfhBjynDqlvH377lpSA==,type:str]
oidc:
id: ENC[AES256_GCM,data:b6o2cCCSXJ5bIhA47InfhqwjO5Tjr0Mls+7VT5cunFfEHkdOInxplw==,iv:txren/8jnAUvCI/k9cxN29ZkSgCuPEAo0IpyREf2E9A=,tag:BFOZrM18zUJMEACpLz7KRw==,type:str]
secret: ENC[AES256_GCM,data:4HPPbVBOeDjdL81d402Rz6Luk1DZbk8InHfO+Sx/OJIvUf/shkCRyp3hStIDC03bA8HV66GeejvWFte+vQ2b5X3Fl2GXfHQi7brMFVEYfYdR2XRdra0aOeSrHtW5uUn0MpVCRwYDb1JahIWhLyqcYyOpV91xjNiIVg8S3MHr+mo=,iv:c3Q4qPMxZJuoO5XRzUDZh5XJOtff9eiMTlOx+MDMSaE=,tag:07fIkN9YXXJMEV59QEFIag==,type:str]
nextcloud:
pass: ENC[AES256_GCM,data:U/VI/uHDT1a5O4iAHUVwsz/h,iv:W0hAXBddFKhXmDWHpCB2JhjPPTEGer7721WtIRxg4Zo=,tag:OE4wzibNaaXsbfFuk0dwTA==,type:str]
sops:
age:
- recipient: age1640eg0pnmkruc89m5xguz0m8fek44fl4tzez6qwuzlz6kmapqewsp8esxd
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBDVFhtcWkreVV6UmJkcW1P
WUluUTlOcjYzME1yVVNpVWJldXVsWG1vN3dNCmlvYURNV285anlIa3FrbXRVTERB
dXZDWHhEbFp3YWw5d2w4Y09vbUVCNHcKLS0tIEF4ZU5ZdWI5MVBtN0FOUUZDQUR4
S0NMRGJSeks0Q0UrVnZmUVdyU2NqVm8KLu2kQpD1fJdU0fTdR9A2cTQzRp+waJ6M
8vA+E8xYb2U4d7m0YnwKkGzw0CBPb0BvdEgvWvqpFViftoDwRv5KGA==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2026-02-01T12:56:37Z"
mac: ENC[AES256_GCM,data:clu/WnwHAQaowQ99Z8tNlIKKcVnLHYeYsgQK0meftXgiQKnLyLzqNipwfaU3qjITdm6fB7wY+TcySygpwFbY2f2TKrqAk7RxdnTFa61vQDqMF7rYPG90Ub79P+R5URZI8yjv69Hmrav0Y6z92vH8ItbPSRBLtgrbYZx36IFq0LU=,iv:qzBVA0xATM979tzu6cTvMrX77firvA5K0WU2hoUggoA=,tag:Fm3IqH0GUHBq9Din6ZW6ng==,type:str]
unencrypted_suffix: _unencrypted
version: 3.11.0

7
profiles/laptop/.sops.yaml Normal file
View File

@@ -0,0 +1,7 @@
keys:
- &laptop age1yqgyp2uxz4lzrc9f9ka0mfjl5fr6ahf8nf24nlmran2wulg6fpvq9hyp9q
creation_rules:
- path_regex: ^secrets.yaml$
key_groups:
- age:
- *laptop

126
profiles/laptop/config.nix Normal file
View File

@@ -0,0 +1,126 @@
{ self, inputs, ... }: {
flake.nixosConfigurations."laptop" = inputs.nixpkgs.lib.nixosSystem {
modules = [
self.nixosModules.laptop
self.nixosModules.default
];
};
flake.nixosModules.laptop = { config, pkgs, ... }:
{
config = {
boot.kernelParams = [ "snd-intel-dspcfg.dsp_driver=1" ];
hardware = {
nvidia = {
modesetting.enable = true;
powerManagement.enable = true;
powerManagement.finegrained = true;
open = false;
nvidiaSettings = true;
package = config.boot.kernelPackages.nvidiaPackages.stable;
prime = {
# Make sure to use the correct Bus ID values for your system!
intelBusId = "PCI:0:2:0";
nvidiaBusId = "PCI:1:0:0";
# WARNING: sync and offload are mutually exclusive.
# You can only pick one!!
#sync.enable = true;
offload = {
enable = true;
enableOffloadCmd = true;
};
};
};
};
sops = {
defaultSopsFile = ./secrets.yaml;
secrets = {
"nathan/pass" = {
neededForUsers = true;
};
remoteBuildKey = {};
};
};
services.wyoming.satellite.user = "nathan";
sysconfig = {
host = "laptop";
services = {
wyoming = {
enable = true;
satellite = true;
};
};
remoteBuildClient = true;
users = {
nathan = {
isSuperuser = true;
extraGroups = [ "networkmanager" ];
hashedPasswordFile = config.sops.secrets."nathan/pass".path;
shell = pkgs.zsh;
home-manager = {
enable = true;
standalone = false;
extraModules = [
{
homeconfig = {
minimal = false;
graphical = true;
virtual-machines = true;
hyprland.enable = true;
hypridle.enable = true;
wal.enable = true;
mpd.enable = true;
calcurse.enable = true;
rofi.enable = true;
firefox.enable = true;
git.enable = true;
nh.enable = true;
aurora.enable = true;
};
#monitor=eDP-1, addreserved, 40,0,0,0
wayland.windowManager.hyprland.extraConfig = ''
monitor=eDP-1,1920x1080@60,0x0,1
bind = CTRL SHIFT, XF86Launch2, exec, bash -c 'if [[ $(hyprctl monitors | grep 0x0 | sed -n -e "s/\t*1920x1080@//" -e "s/.[1234567890]* at 0x0//p") == 300 ]]; then pkexec --user root /nix/var/nix/profiles/system/bin/switch-to-configuration switch; else pkexec --user root /nix/var/nix/profiles/system/specialisation/docked/bin/switch-to-configuration switch; fi'
bind = ALT, Escape, exec, if [[ $(hyprctl monitors | grep 0x0 | sed -n -e "s/\t*1920x1080@//" -e "s/.[1234567890]* at 0x0//p") == 300 ]]; then hyprctl keyword monitor eDP-1,1920x1080@60,0x0,1; else hyprctl keyword monitor eDP-1,1920x1080@300,0x0,1; fi
'';
}
];
};
};
};
};
services.xserver.videoDrivers = [ "nvidia" ];
# This value determines the NixOS release from which the default
# settings for stateful data, like file locations and database versions
# on your system were taken. Its perfectly fine and recommended to leave
# this value at the release version of the first install of this system.
# Before changing this value read the documentation for this option
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
system.stateVersion = "23.05"; # Did you read the comment?
};
};
}

39
profiles/laptop/hardware-configuration.nix Normal file
View File

@@ -0,0 +1,39 @@
{ ... }: {
flake.nixosModules.laptop = { config, lib, pkgs, modulesPath, ... }:
{
imports =
[ (modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "nvme" "usb_storage" "sd_mod" "sdhci_pci" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ];
fileSystems."/" =
{ device = "/dev/disk/by-uuid/78c0964d-c09e-4e31-8a73-eb719d79917a";
fsType = "ext4";
};
fileSystems."/boot" =
{ device = "/dev/disk/by-uuid/AE5E-AC86";
fsType = "vfat";
options = [ "fmask=0022" "dmask=0022" ];
};
swapDevices = [ ];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true;
# networking.interfaces.eno1.useDHCP = lib.mkDefault true;
# networking.interfaces.wlo1.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
};
}

18
profiles/laptop/secrets.yaml Normal file
View File

@@ -0,0 +1,18 @@
nathan:
pass: ENC[AES256_GCM,data:H/duNPyclGoCF/Z90TQcqaUymowHOLRDmcfDxSubNGdmijknsCq+UH5PaWUmXGZ7uZqcpYWBcsVbYfQO/98OHH/kbwAFD/Hgkw==,iv:74M2PQqVzAgMXA8Z4RVLJKawt0Lzh94IKbn8YCTx3tY=,tag:B/xgA4mrhWEccaXQ+qvjCA==,type:str]
remoteBuildKey: ENC[AES256_GCM,data:CN7AyOCV4iYzYrwVh2Af5YB0nwR4raXfj5FbbeIZg5Bfha0sUPnLAG+oqVUyzVQA3yftFhfwPGaALOyb6VlT13pTifG+uEoyiq1dQP6dimlmk/p/6kVtg4aiETJ/61EUeQF/HTVTZ3F7akgQRsKNFQYbF2srcurPQSY0Q2gjlkkFA3A3aLoN2LrkFPJvtnNP6SJzXDFHVOTPmbc/DvF9UbMiYu0viIlfiPqeBs26lAqcOWhrYlOxKqEL2IoP3kADDncedxT42c1rCPB/2kGvKg+mXSlaIH3a0Hb8hrnjVUB0edyqYnNCurVhPF8mg2yoqrtyaxRkZKvUsa5LBZwS+iL9bYQdU/4hxT9c7wRC+ZtWkwF4l/gy8Ggc+VuB+YT9JUCJY96o8f2wKFup0BS+oiYLGJKpcOLMFrPJLEtOMrqPN/Z6+gZ9LVbhlSliIV/yUTJAa26el0w6tP9Ebs6tHiFakpkMahsBbRxmHBmqkHW5zfa5YpvD5Ii/EC+F8Vb/Efn6LkBZBwSB6K33NSOy,iv:4i0bGQe7wiDSvmygY2VNSEhuYfYIi9YY1g7qLgDTcMo=,tag:MJqOovOcZ97COsVjxZus8w==,type:str]
sops:
age:
- recipient: age1yqgyp2uxz4lzrc9f9ka0mfjl5fr6ahf8nf24nlmran2wulg6fpvq9hyp9q
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB2MEIyRjR0a25UU3hnR2Zw
WXFaaXJYNWFSMmZsR1FsYVB1WlBkZWptSHhzCkRGRitnNkc3MEtjV05KRXlXT3RR
TVhnVlpUdzFiSEwxbHNOT3dyQ0dzbG8KLS0tIElMc3g4SHRxZTVnOCtVcktRb25D
Y2ZpR25VNGVoMi9ibW8wbW5rYTQ3R00Ka6/KLXSSRP9WJDV0RBHHS5nALfd/3xDu
y+QS+Ueh56kQT2zbYpYBRIPDgI3LZgwlTifQCDJ9ZPq0LGgu4XbEqQ==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2025-08-23T03:46:50Z"
mac: ENC[AES256_GCM,data:QJLMqnmkrgtTqqmLN9NCfV8PPm5N/F0gtGw/XlX+nnfbesGVeYubSjtHmYWmY7ha41jEvLYu8rmIXaxDepfogyOf4wzuRPLkJxO7Wu0UVdr5uZlHNrcxZh4Ex6YGgg8Lbcjs0iVCev66lWfuhuxuvPOKsGLZvoNTq0V1hLpo/Fw=,iv:VFrL0L6tC1JvWM3BOJP4Dh+q1xSMBecCtPnNcY/loAU=,tag:p5VmBaGPTxyTmm1Ha9Le3Q==,type:str]
unencrypted_suffix: _unencrypted
version: 3.10.2