Blunkall-Technologies/Olympus
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

ready?

Browse Source
This commit is contained in:
Nathan
2025-08-18 22:47:55 -05:00
parent 8622694fd3
commit d8231a5f2a
7 changed files with 123 additions and 250 deletions
Download Patch File Download Diff File Expand all files Collapse all files

43
flake.nix
View File

@@ -56,16 +56,6 @@
hyprland.url = "git+https://github.com/hyprwm/Hyprland?submodules=1"; hyprland.url = "git+https://github.com/hyprwm/Hyprland?submodules=1";
#hyprland.url = "git+ssh://gitea@gitea.blunkall.us/Blunkall-Technologies/hyprland?submodules=1"; #hyprland.url = "git+ssh://gitea@gitea.blunkall.us/Blunkall-Technologies/hyprland?submodules=1";
tokyo-night-sddm = {
url = "github:siddrs/tokyo-night-sddm";
flake = false;
};
sugar-dark-sddm = {
url = "github:MarianArlt/sddm-sugar-dark";
flake = false;
};
nixvim.url = "git+ssh://gitea@gitea.blunkall.us/Blunkall-Technologies/Moirai"; nixvim.url = "git+ssh://gitea@gitea.blunkall.us/Blunkall-Technologies/Moirai";
#nixvim.url = "git+https://gitea.blunkall.us/Blunkall-Technologies/Moirai"; #nixvim.url = "git+https://gitea.blunkall.us/Blunkall-Technologies/Moirai";
@@ -80,33 +70,6 @@
outputs = { self, nixpkgs, home-manager, ... } @ inputs: { outputs = { self, nixpkgs, home-manager, ... } @ inputs: {
tokyo-night-sddm-theme = { pkgs }: pkgs.stdenv.mkDerivation {
name = "tokyo-night";
src = inputs.tokyo-night-sddm;
installPhase = ''
mkdir -p $out
cp -R $src/* $out/
'';
};
sugar-dark-sddm-theme = { pkgs }: pkgs.stdenv.mkDerivation {
name = "sugar-dark";
src = inputs.sugar-dark-sddm;
installPhase = ''
mkdir -p $out
cp -R $src/* $out/
'';
};
nixosConfigurations = { nixosConfigurations = {
homebox = nixpkgs.lib.nixosSystem { homebox = nixpkgs.lib.nixosSystem {
@@ -114,7 +77,6 @@
inputs = inputs // { inputs = inputs // {
nathan = import ./home-manager/users/nathan; nathan = import ./home-manager/users/nathan;
home-manager-config = import ./home-manager; home-manager-config = import ./home-manager;
tokyo-night-sddm-theme = self.tokyo-night-sddm-theme;
inherit self; inherit self;
}; };
}; };
@@ -129,7 +91,6 @@
inputs = inputs // { inputs = inputs // {
nathan = import ./home-manager/users/nathan; nathan = import ./home-manager/users/nathan;
home-manager-config = import ./home-manager; home-manager-config = import ./home-manager;
tokyo-night-sddm-theme = self.tokyo-night-sddm-theme;
inherit self; inherit self;
}; };
}; };
@@ -142,7 +103,6 @@
jesstop = nixpkgs.lib.nixosSystem { jesstop = nixpkgs.lib.nixosSystem {
specialArgs = { specialArgs = {
inputs = inputs // { inputs = inputs // {
tokyo-night-sddm-theme = self.tokyo-night-sddm-theme;
}; };
}; };
modules = [ modules = [
@@ -168,7 +128,6 @@
specialArgs = { specialArgs = {
inputs = inputs // { inputs = inputs // {
nathan-home-manager = import ./home-manager/nathan; nathan-home-manager = import ./home-manager/nathan;
tokyo-night-sddm-theme = self.tokyo-night-sddm-theme;
}; };
}; };
modules = [ modules = [
@@ -208,7 +167,7 @@
*/ */
homeConfigurations = { homeConfigurations = {
nathan = inputs.home-manager.lib.homeManagerConfiguration { nathan = home-manager.lib.homeManagerConfiguration {
pkgs = import nixpkgs { pkgs = import nixpkgs {
system = builtins.currentSystem; system = builtins.currentSystem;
}; };

16
home-manager/users/nathan/default.nix
View File

@@ -43,12 +43,20 @@
nixPath = [ "nixpkgs=${inputs.nixpkgs}" ]; nixPath = [ "nixpkgs=${inputs.nixpkgs}" ];
settings = { settings = {
experimental-features = [ "nix-command" "flakes" ]; experimental-features = [ "nix-command" "flakes" ];
builders = ''
ssh://remote-builder@blunkall.us
'';
builders-use-substituters = true;
};
}; };
distributedBuilds = config.sysconfig.remoteBuildClient; programs.ssh.matchBlocks = {
buildMachines = lib.mkIf config.sysconfig.remoteBuildClient {}; "builder" = {
hostname = "blunkall.us";
trusted-users = lib.mkIf config.sysconfig.remoteBuildHost [ config.users.users."remote-builder".name ]; user = "remote-builder";
identityFile = config.sops.secrets."".path;
port = 2222;
};
}; };
services.mpris-proxy.enable = true; services.mpris-proxy.enable = true;

1
home-manager/users/nathan/programs/terminal/bash/default.nix
View File

@@ -5,6 +5,7 @@
programs.bash = { programs.bash = {
enable = true; enable = true;
enableCompletion = true; enableCompletion = true;
blesh.enable = true;
shellAliases = { shellAliases = {
ls = "eza"; ls = "eza";

55
system-config/configuration/homebox/default.nix
View File

@@ -62,8 +62,7 @@
}; };
programs.zsh.enable = true; programs.zsh.enable = true;
environment.shells = with pkgs; [ zsh ]; environment.shells = with pkgs; [ zsh bashInteractive ];
users.defaultUserShell = pkgs.zsh;
nixpkgs.config.allowUnfree = true; nixpkgs.config.allowUnfree = true;
@@ -91,19 +90,6 @@
system.stateVersion = "23.05"; # Did you read the comment? system.stateVersion = "23.05"; # Did you read the comment?
users.users."nathan" = {
isNormalUser = true;
initialPassword = "7567";
#hashedPasswordFile = config.sops.secrets."nathan/pass".path;
extraGroups = [
"wheel"
]; # Enable sudo for the user.
openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAsU69CxfQk58CvItPN426h5Alnpb60SH37wet97Vb57 nathan@laptop"
];
};
sops = { sops = {
age.keyFile = "/home/nathan/.config/sops/age/keys.txt"; age.keyFile = "/home/nathan/.config/sops/age/keys.txt";
defaultSopsFile = ./secrets.yaml; defaultSopsFile = ./secrets.yaml;
@@ -116,48 +102,17 @@
}; };
}; };
home-manager = {
backupFileExtension = "backup";
extraSpecialArgs = {inherit inputs;};
sharedModules = [ inputs.sops-nix.homeManagerModules.sops ];
users = {
"nathan" = lib.mkMerge [
inputs.nathan-home-manager
{
config.homeconfig = {
host = "homebox";
minimal = false;
wayvnc.enable = false;
hyprland.enable = true;
swaylock.enable = true;
wal.enable = true;
mpd.enable = true;
ags.enable = true;
calcurse.enable = true;
rofi.enable = true;
firefox.enable = true;
git.enable = true;
nh.enable = true;
};
}
{
home.packages = [
pkgs.wayvnc
];
}
];
};
};
sysconfig = { sysconfig = {
#remoteBuildHost = true;
host = "homebox";
graphical = true;
users = { users = {
nathan = { nathan = {
extraGroups = [ "wheel" "networkmanager" ]; extraGroups = [ "wheel" "networkmanager" ];
sshKeys = [ sshKeys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAsU69CxfQk58CvItPN426h5Alnpb60SH37wet97Vb57 nathan@laptop" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAsU69CxfQk58CvItPN426h5Alnpb60SH37wet97Vb57 nathan@laptop"
]; ];
shell = pkgs.zsh;
hashedPasswordFile = config.sops.secrets."nathan/pass".path; hashedPasswordFile = config.sops.secrets."nathan/pass".path;
home-manager = { home-manager = {
enable = true; enable = true;

47
system-config/configuration/laptop/default.nix
View File

@@ -58,28 +58,24 @@
services.pulseaudio.enable = false; services.pulseaudio.enable = false;
virtualisation.docker.enable = true;
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
docker
docker-compose
alsa-utils alsa-utils
]; ];
sysconfig = { sysconfig = {
#remoteBuildClient = true;
host = "laptop";
graphical = true;
users = { users = {
nathan = { nathan = {
extraGroups = [ "wheel" "networkmanager" ]; extraGroups = [ "wheel" "networkmanager" ];
sshKeys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAsU69CxfQk58CvItPN426h5Alnpb60SH37wet97Vb57 nathan@laptop"
];
hashedPasswordFile = config.sops.secrets."nathan/pass".path; hashedPasswordFile = config.sops.secrets."nathan/pass".path;
shell = pkgs.zsh;
home-manager = { home-manager = {
enable = true; enable = true;
extraModules = [ extraModules = [
{ {
homeconfig = { homeconfig = {
host = "homebox";
minimal = false; minimal = false;
wayvnc.enable = false; wayvnc.enable = false;
hyprland.enable = true; hyprland.enable = true;
@@ -132,38 +128,6 @@
}; };
home-manager = {
backupFileExtension = "backup";
extraSpecialArgs = { inherit inputs; };
sharedModules = [ inputs.sops-nix.homeManagerModules.sops ];
users = {
"nathan" = lib.mkMerge [
{
homeconfig = {
host = "laptop";
minimal = false;
hyprland.enable = true;
swaylock.enable = true;
wal.enable = true;
wayvnc.enable = false;
mpd.enable = true;
ags.enable = true;
calcurse.enable = true;
rofi.enable = true;
firefox.enable = true;
git.enable = true;
nh.enable = true;
};
}
(inputs.nathan-home-manager {
config = config.home-manager.users."nathan";
inherit lib pkgs;
})
];
};
};
# Enable the X11 windowing system. # Enable the X11 windowing system.
services.xserver = { services.xserver = {
enable = true; enable = true;
@@ -184,14 +148,13 @@
}; };
environment.shells = with pkgs; [ zsh ]; environment.shells = with pkgs; [ zsh bashInteractive ];
# Enable CUPS to print documents. # Enable CUPS to print documents.
services.printing.enable = true; services.printing.enable = true;
programs.adb.enable = true; programs.adb.enable = true;
users.defaultUserShell = pkgs.zsh;
programs.zsh.enable = true; programs.zsh.enable = true;
system.stateVersion = "23.05"; # Did you read the comment? system.stateVersion = "23.05"; # Did you read the comment?

6
system-config/configuration/laptop/secrets.yaml
View File

@@ -1,5 +1,5 @@
nathan: nathan:
pass: ENC[AES256_GCM,data:O8d4PQ==,iv:CClnfFd/xUrfLBIb2ZDlBYm1GQVWwawMqePRYnRtSeE=,tag:mk++Mml+x5xT7aHiOQv25Q==,type:str] pass: ENC[AES256_GCM,data:H/duNPyclGoCF/Z90TQcqaUymowHOLRDmcfDxSubNGdmijknsCq+UH5PaWUmXGZ7uZqcpYWBcsVbYfQO/98OHH/kbwAFD/Hgkw==,iv:74M2PQqVzAgMXA8Z4RVLJKawt0Lzh94IKbn8YCTx3tY=,tag:B/xgA4mrhWEccaXQ+qvjCA==,type:str]
sops: sops:
age: age:
- recipient: age1yqgyp2uxz4lzrc9f9ka0mfjl5fr6ahf8nf24nlmran2wulg6fpvq9hyp9q - recipient: age1yqgyp2uxz4lzrc9f9ka0mfjl5fr6ahf8nf24nlmran2wulg6fpvq9hyp9q
@@ -11,7 +11,7 @@ sops:
Y2ZpR25VNGVoMi9ibW8wbW5rYTQ3R00Ka6/KLXSSRP9WJDV0RBHHS5nALfd/3xDu Y2ZpR25VNGVoMi9ibW8wbW5rYTQ3R00Ka6/KLXSSRP9WJDV0RBHHS5nALfd/3xDu
y+QS+Ueh56kQT2zbYpYBRIPDgI3LZgwlTifQCDJ9ZPq0LGgu4XbEqQ== y+QS+Ueh56kQT2zbYpYBRIPDgI3LZgwlTifQCDJ9ZPq0LGgu4XbEqQ==
-----END AGE ENCRYPTED FILE----- -----END AGE ENCRYPTED FILE-----
lastmodified: "2025-08-01T23:42:11Z" lastmodified: "2025-08-19T03:46:09Z"
mac: ENC[AES256_GCM,data:7kHz3rhmzaieuY97ISA7RmEQnPn6E7Ta6sioPXvVBCLOmgwqhtITDXZw7be7/Da/BZr7O2rFcw6RaFiOdreLEzz9Kp8c5AzqXa5V6Mxhs0XJPFZ4Xkabzc3cBrm6QqKVi5PSUjPv6wDmZP7tvgzS/pny9SBmzlWOItSvs3Dw+5I=,iv:yNdtnJkmt3veZj6sDrbuNpBFc9UQVYaWlG6zmfdyfI4=,tag:tRwXGMHtQtXWrTzzMFFN0w==,type:str] mac: ENC[AES256_GCM,data:oDQaS7PdVa2U8mJtv5lwj6DKO25dxyzAfhDuI+fBeAeKlq7RlILpxCsT3iXcltblMhz8Jk2QronMtAy53r/aCIEhmIeEKGqGWr/sPV5DRWmIcIvZU2EDAEqbcbrxOV8BQFmEvRvJ7RhpG90ffK51SdaczzTcod9PGMst7LHTeMw=,iv:4/MeKQ2j0CLXHwusfsyOzUVSz78j3q1aipw1ugWtW8Y=,tag:Tkn9Zx9vk93Ka28tBpcjWQ==,type:str]
unencrypted_suffix: _unencrypted unencrypted_suffix: _unencrypted
version: 3.10.2 version: 3.10.2

53
system-config/default.nix
View File

@@ -25,35 +25,7 @@
}; };
}; };
config = let config = {
dirs = (builtins.partition
(x: ((builtins.readDir ./configuration).${x} == "directory" && (import x).config.sysconfig.host != config.sysconfig.host))
(builtins.attrNames (builtins.readDir ./configuration))
).right;
rbHosts = (builtins.listToAttrs
(builtins.map
(x: let
host = import x;
in {
name = x;
value = {
hostName = host.config.networking.hostName;
sshUser = "remote-builder";
sshKey = config.sops.secrets."remoteBuildSSHKey".path;
supportedFeatures = [
"nixos-test"
"benchmark"
"big-parallel"
"kvm"
];
system = pkgs.stdenv.hostPlatform.system;
};
})
dirs
)
);
in {
sops.secrets."remoteBuildSSHKey" = lib.mkIf config.sysconfig.remoteBuildClient {}; sops.secrets."remoteBuildSSHKey" = lib.mkIf config.sysconfig.remoteBuildClient {};
@@ -69,17 +41,32 @@
}; };
distributedBuilds = config.sysconfig.remoteBuildClient; distributedBuilds = config.sysconfig.remoteBuildClient;
buildMachines = lib.mkIf config.sysconfig.remoteBuildClient {}; buildMachines = lib.mkIf config.sysconfig.remoteBuildClient [
{
hostName = "blunkall.us";
sshUser = "remote-builder";
sshKey = config.sops.secrets."remoteBuildSSHKey".path;
supportedFeatures = [
"nixos-test"
"benchmark"
"big-parallel"
"kvm"
];
systems = [ "x86_64-linux" "aarch64-linux" ];
}
];
trusted-users = lib.mkIf config.sysconfig.remoteBuildHost [ config.users.users."remote-builder".name ]; trusted-users = lib.mkIf config.sysconfig.remoteBuildHost [ "remote-builder" ];
}; };
environment.etc = lib.mkIf config.sysconfig.remoteBuildHost {}; boot.binfmt.emulatedSystems = lib.mkIf config.sysconfig.remoteBuildHost [ "aarch64-linux" ];
users.users."remote-builder" = lib.mkIf config.sysconfig.remoteBuildHost { users.users."remote-builder" = lib.mkIf config.sysconfig.remoteBuildHost {
isNormalUser = true; isNormalUser = true;
createHome = false; createHome = false;
openssh.authorizedKeys.keyFiles = []; openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIN7wpZD7mpHHpfHBSBV28x3ify+dtoLRDXO91mJ/WhUj root@laptop"
];
}; };
time.timeZone = lib.mkDefault "America/Chicago"; time.timeZone = lib.mkDefault "America/Chicago";