Blunkall-Technologies/Olympus
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: Blunkall-Technologies:fada73a69c2dc4e410a9d4e13f8ffcdaf2fac26e
Branches Tags
Blunkall-Technologies:master Blunkall-Technologies:dev
..
compare: Blunkall-Technologies:dev
Branches Tags
Blunkall-Technologies:dev Blunkall-Technologies:master

47 Commits
fada73a69c ... dev

Author SHA1 Message Date
Nathan
2f89e5771d smol iso pls 2026-04-23 22:08:15 -05:00
Nathan
13eecd7ae7 fix n8n 2026-04-23 20:49:04 -05:00
Nathan
a9deafe5dd fix n8n 2026-04-23 20:47:19 -05:00
Nathan
ce0391f0e3 fix n8n 2026-04-23 20:37:09 -05:00
Nathan
d32b7d135d fix sops 2026-04-23 20:30:52 -05:00
Nathan
e0401af9f4 fix sops 2026-04-23 20:26:06 -05:00
Nathan
f7ed1862a0 fix imports 2026-04-23 20:23:46 -05:00
Nathan
1e3cf30292 fix website 2026-04-23 20:21:38 -05:00
Nathan
47c9437df7 test iso 2026-04-23 19:12:28 -05:00
Nathan
dea26059eb test iso 2026-04-23 18:38:55 -05:00
Nathan
ac32833239 test iso 2026-04-23 16:10:32 -05:00
Nathan
0a26675f7c test iso 2026-04-23 16:09:18 -05:00
Nathan
4a39c705b9 test iso 2026-04-23 16:05:13 -05:00
Nathan
250c949bd6 more separation 2026-04-23 16:03:32 -05:00
Nathan
779310fb2c test iso 2026-04-23 13:45:13 -05:00
Nathan
2d7517fe5c test iso 2026-04-23 13:29:58 -05:00
Nathan
62c6498568 test iso 2026-04-23 13:29:08 -05:00
Nathan
ae0732d2a2 fix 2026-04-23 10:23:24 -05:00
Nathan
686e99dd64 fix initial colors 2026-04-23 10:02:15 -05:00
Nathan
fac59cb6ce restructure homebox 2026-04-23 09:48:55 -05:00
Nathan
0f54f4b26b restructure homebox 2026-04-23 09:10:22 -05:00
Nathan
0921731fc9 restructure homebox 2026-04-23 09:07:22 -05:00
Nathan
020441b3b3 restructure homebox 2026-04-23 08:56:43 -05:00
Nathan
b28d7babf1 restructure homebox 2026-04-23 08:54:59 -05:00
Nathan
806e8900b4 ssh for laptop 2026-04-22 23:02:19 -05:00
Nathan
5731f191f7 ssh for laptop test 2026-04-22 21:59:17 -05:00
Nathan
c6b84a7c49 fix 2026-04-22 14:51:39 -05:00
Nathan
cbebf1639f restructure 2026-04-22 14:09:08 -05:00
Nathan
4ae1389378 restructure 2026-04-22 13:56:19 -05:00
Nathan
2fd2e5f2aa restructure 2026-04-22 13:53:13 -05:00
Nathan
e950b4c162 restructure 2026-04-22 13:27:21 -05:00
Nathan
06385f94f6 restructure 2026-04-22 12:30:34 -05:00
Nathan
03bec1dcaf restructure 2026-04-22 09:46:04 -05:00
Nathan
cff3aec197 restructure 2026-04-22 09:23:44 -05:00
Nathan
e2a6515ad6 restructure 2026-04-22 09:22:24 -05:00
Nathan
63559c16ac top level restructure 2026-04-22 08:25:10 -05:00
Nathan
846d33ac50 iso package test 2026-04-21 23:14:21 -05:00
Nathan
9a98e3256f iso package test 2026-04-21 23:12:38 -05:00
Nathan
f525b68345 iso package test 2026-04-21 23:06:48 -05:00
Nathan
0c7cafdc17 netbird unstable 2026-04-21 22:16:02 -05:00
Nathan
eff446334d netbird unstable 2026-04-21 19:54:14 -05:00
Nathan
97c84ff716 test 2026-04-21 19:33:46 -05:00
Nathan
f0860c2602 fix docker 2026-04-19 10:21:54 -05:00
Nathan
54d4d5aadf fix sops 2026-04-19 08:34:52 -05:00
Nathan
3b386828af fix disko 2026-04-19 07:55:25 -05:00
Nathan
300b407208 remove submodules 2026-04-19 00:32:04 -05:00
Nathan
711b1f198e remote flakes 2026-04-19 00:27:55 -05:00
201 changed files with 1596 additions and 2736 deletions
Expand all files Collapse all files

6
.gitmodules vendored
View File

@@ -1,6 +0,0 @@
[submodule "machines/homebox"]
path = machines/homebox
url = ssh://gitea@gitea.esotericbytes.com:2222/Blunkall-Technologies/homebox
[submodule "machines/laptop"]
path = machines/laptop
url = ssh://gitea@gitea.esotericbytes.com:2222/Blunkall-Technologies/laptop

26
.sops.yaml
View File

@@ -3,7 +3,31 @@ keys:
- &laptop age1yqgyp2uxz4lzrc9f9ka0mfjl5fr6ahf8nf24nlmran2wulg6fpvq9hyp9q
- &android age12pnf36uqesjmy3e0lythfnpwam3zg5mv8m936fc4jphy4ces2fdqwn0s74
creation_rules:
- path_regex: system/secrets.yaml$
- path_regex: features/secrets.yaml$
key_groups:
- age:
- *laptop
- *homebox
- *android
- path_regex: iso/secrets.yaml$
key_groups:
- age:
- *laptop
- *homebox
- *android
- path_regex: live/secrets.yaml$
key_groups:
- age:
- *laptop
- *homebox
- *android
- path_regex: container/secrets.yaml$
key_groups:
- age:
- *laptop
- *homebox
- *android
- path_regex: users/.*/secrets.yaml$
key_groups:
- age:
- *laptop

63
flake.lock generated
View File

@@ -47,11 +47,11 @@
"rev": "b2ec3d9cd0a6e52c4922b26d8b8e25823afd89d1",
"revCount": 52,
"type": "git",
"url": "file:///home/nathan/Projects/Aurora"
"url": "https://gitea.esotericbytes.com/Blunkall-Technologies/Aurora"
},
"original": {
"type": "git",
"url": "file:///home/nathan/Projects/Aurora"
"url": "https://gitea.esotericbytes.com/Blunkall-Technologies/Aurora"
}
},
"disko": {
@@ -249,6 +249,24 @@
"type": "github"
}
},
"home-manager_3": {
"inputs": {
"nixpkgs": "nixpkgs_5"
},
"locked": {
"lastModified": 1776885253,
"narHash": "sha256-vslJ5ezhyD+HBMEqzsPLOBfalILmPrAABR68yxrhEuM=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "d79c987e654347083e903ab6d2a89ed3d0752177",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "home-manager",
"type": "github"
}
},
"hyprcursor": {
"inputs": {
"hyprlang": [
@@ -663,11 +681,11 @@
},
"nixpkgs-us": {
"locked": {
"lastModified": 1775710090,
"narHash": "sha256-ar3rofg+awPB8QXDaFJhJ2jJhu+KqN/PRCXeyuXR76E=",
"lastModified": 1776548001,
"narHash": "sha256-ZSK0NL4a1BwVbbTBoSnWgbJy9HeZFXLYQizjb2DPF24=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "4c1018dae018162ec878d42fec712642d214fdfa",
"rev": "b12141ef619e0a9c1c84dc8c684040326f27cdcc",
"type": "github"
},
"original": {
@@ -726,6 +744,22 @@
}
},
"nixpkgs_5": {
"locked": {
"lastModified": 1775423009,
"narHash": "sha256-vPKLpjhIVWdDrfiUM8atW6YkIggCEKdSAlJPzzhkQlw=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "68d8aa3d661f0e6bd5862291b5bb263b2a6595c9",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_6": {
"locked": {
"lastModified": 1775710090,
"narHash": "sha256-ar3rofg+awPB8QXDaFJhJ2jJhu+KqN/PRCXeyuXR76E=",
@@ -741,7 +775,7 @@
"type": "github"
}
},
"nixpkgs_6": {
"nixpkgs_7": {
"locked": {
"lastModified": 1774701658,
"narHash": "sha256-CIS/4AMUSwUyC8X5g+5JsMRvIUL3YUfewe8K4VrbsSQ=",
@@ -760,27 +794,28 @@
"nixvim": {
"inputs": {
"flake-parts": "flake-parts_3",
"nixpkgs": "nixpkgs_5",
"home-manager": "home-manager_3",
"nixpkgs": "nixpkgs_6",
"nixvim": "nixvim_2"
},
"locked": {
"lastModified": 1775908700,
"narHash": "sha256-LCKSjajVfYyjsw1k1oNZPrDblPHt36jyJZWS2+1XybU=",
"lastModified": 1776887413,
"narHash": "sha256-zIx29OCh30Bpi4lHwce/5Qz86n6OVqDFi3P5QLRXh7Y=",
"ref": "refs/heads/master",
"rev": "a62d8ce7f86424a297adead378be5f5a441add3c",
"revCount": 39,
"rev": "7fb16160f7170a580d6791d0f26736ff68cceb3c",
"revCount": 40,
"type": "git",
"url": "file:///home/nathan/Projects/Moirai"
"url": "https://gitea.esotericbytes.com/Blunkall-Technologies/Moirai"
},
"original": {
"type": "git",
"url": "file:///home/nathan/Projects/Moirai"
"url": "https://gitea.esotericbytes.com/Blunkall-Technologies/Moirai"
}
},
"nixvim_2": {
"inputs": {
"flake-parts": "flake-parts_4",
"nixpkgs": "nixpkgs_6",
"nixpkgs": "nixpkgs_7",
"systems": "systems_2"
},
"locked": {

16
flake.nix
View File

@@ -32,20 +32,14 @@
hyprland.url = "git+https://github.com/hyprwm/Hyprland?submodules=1";
#nixvim.url = "git+https://gitea.esotericbytes.com/Blunkall-Technologies/Moirai";
nixvim.url = "git+file:///home/nathan/Projects/Moirai";
nixvim.url = "git+https://gitea.esotericbytes.com/Blunkall-Technologies/Moirai";
#nixvim.url = "git+file:///home/nathan/Projects/Moirai";
#aurora.url = "git+https://gitea.esotericbytes.com/Blunkall-Technologies/Aurora";
aurora.url = "git+file:///home/nathan/Projects/Aurora";
aurora.url = "git+https://gitea.esotericbytes.com/Blunkall-Technologies/Aurora";
#aurora.url = "git+file:///home/nathan/Projects/Aurora";
};
outputs = { ... } @ inputs:
inputs.flake-parts.lib.mkFlake { inherit inputs; }
(inputs.import-tree [
./profiles
./homes
./system
./templates/default.nix
./flake-parts.nix
]);
(inputs.import-tree [ ./modules ]);
}

11
homes/nathan/home-manager/.sops.yaml
View File

@@ -1,11 +0,0 @@
keys:
- &homebox age1640eg0pnmkruc89m5xguz0m8fek44fl4tzez6qwuzlz6kmapqewsp8esxd
- &laptop age1yqgyp2uxz4lzrc9f9ka0mfjl5fr6ahf8nf24nlmran2wulg6fpvq9hyp9q
- &android age12pnf36uqesjmy3e0lythfnpwam3zg5mv8m936fc4jphy4ces2fdqwn0s74
creation_rules:
- path_regex: ^secrets.yaml$
key_groups:
- age:
- *laptop
- *homebox
- *android

113
homes/nathan/home-manager/default.nix
View File

@@ -1,113 +0,0 @@
{ inputs, ... }: {
flake.homeModules.nathan = { config, lib, pkgs, ... }: {
imports = [
inputs.sops-nix.homeManagerModules.sops
];
options.homeconfig = with lib; {
name = mkOption {
type = with types; nullOr str;
default = null;
};
graphical = mkOption {
type = with types; bool;
default = true;
};
standalone = mkOption {
type = with types; bool;
default = false;
};
virtual-machines = mkOption {
type = with types; bool;
default = false;
};
};
config = {
homeconfig = {
name = "nathan";
mpd.enable = lib.mkDefault true;
calcurse.enable = lib.mkDefault true;
git.enable = lib.mkDefault true;
nh.enable = lib.mkDefault true;
minimal = lib.mkDefault false;
hyprland.enable = lib.mkDefault config.homeconfig.graphical;
hypridle.enable = lib.mkDefault config.homeconfig.hyprland.enable;
wal.enable = lib.mkDefault config.homeconfig.graphical;
rofi.enable = lib.mkDefault config.homeconfig.hyprland.enable;
firefox.enable = lib.mkDefault config.homeconfig.graphical;
aurora.enable = lib.mkDefault config.homeconfig.hyprland.enable;
};
home.username = lib.mkDefault config.homeconfig.name;
home.homeDirectory = lib.mkDefault "/home/${config.home.username}";
home.stateVersion = "23.11";
home.pointerCursor = lib.mkIf config.homeconfig.graphical {
gtk.enable = true;
package = pkgs.bibata-cursors;
name = "Bibata-Modern-Classic";
size = 16;
};
dconf.settings = lib.mkIf config.homeconfig.virtual-machines {
"org/virt-manager/virt-manager/connections" = {
autoconnect = ["qemu:///system"];
uris = ["qemu:///system"];
};
};
gtk = lib.mkIf (config.homeconfig.graphical && config.homeconfig.hyprland.enable) {
enable = true;
theme.name = "Tokyonight-Dark";
theme.package = pkgs.tokyonight-gtk-theme;
iconTheme.package = pkgs.rose-pine-icon-theme;
iconTheme.name = "rose-pine-moon";
};
sops = {
age.keyFile = "${config.home.homeDirectory}/.config/sops/age/keys.txt";
defaultSopsFile = ./secrets.yaml;
defaultSopsFormat = "yaml";
#secrets."remoteBuildKey" = {};
};
services.mpris-proxy.enable = true;
programs.ssh = {
enable = true;
matchBlocks = {
"builder" = {
hostname = "esotericbytes.com";
user = "remote-builder";
identityFile = "${config.home.homeDirectory}/.ssh/id_ed25519";
port = 22;
};
"remote" = {
hostname = "esotericbytes.com";
user = "nathan";
identityFile = "${config.home.homeDirectory}/.ssh/id_ed25519";
port = 22;
};
};
};
};
};
}

13
homes/nathan/home-manager/dotfiles/default.nix
View File

@@ -1,13 +0,0 @@
{ ... }: {
flake.homeModules.nathan = { config, lib, ... }: {
home.file = {
".config/hypr" = lib.mkIf config.homeconfig.hyprland.enable { source = ./hypr; recursive = true; };
".config/wal/templates" = lib.mkIf config.homeconfig.wal.enable { source = ./wal/templates; recursive = true; };
".config/ohmyposh" = { source = ./ohmyposh; recursive = true; };
"Pictures/Wallpaper" = lib.mkIf config.homeconfig.graphical { source = ./Wallpaper; recursive = true; };
};
};
}

71
homes/nathan/home-manager/packages/scripts/default.nix
View File

@@ -1,71 +0,0 @@
{ ... }: {
flake.homeModules.nathan = { config, lib, pkgs, ... }: {
options = {
homeconfig.scripts.enable = lib.options.mkOption {
type = lib.types.bool;
default = true;
};
};
config = lib.mkMerge [
(lib.mkIf config.homeconfig.scripts.enable {
home.packages = [
#scripts
(pkgs.writeShellScriptBin "randWallpaper" ''
file=''$(ls ${config.home.homeDirectory}/Pictures/Wallpaper/ | shuf -n 1)
aurora-set-wallpaper ${config.home.homeDirectory}/Pictures/Wallpaper/''$file
'')
(pkgs.writeShellScriptBin "colorPrefix" ''
pidof firefox > /dev/null && ${pkgs.pywalfox-native}/bin/pywalfox update &
pidof kitty > /dev/null && pkill -USR1 kitty
pidof cava > /dev/null && pkill -USR1 cava
for i in ''$(ls /run/user/1000 | grep nvim); do
${pkgs.neovim-remote}/bin/nvr -s --servername /run/user/1000/''$i --remote-send '<cmd>colorscheme pywal<CR>';
done
eval "''$@"
'')
(pkgs.writeShellScriptBin "onSystemStart" ''
if [[ -f /tmp/aurora/tmp.jpg ]]; then
hyprctl --batch "\
dispatch exec aurora-init ;\
dispatch exec aurora-set-wallpaper ;\
dispatch exec ${pkgs.pyprland}/bin/pypr ;\
dispatch exec ${pkgs.netbird-ui}/bin/netbird-ui ;\
dispatch exec ${pkgs.hyprpolkitagent}/libexec/hyprpolkitagent ;\
setcursor Bibata-Modern-Classic 16"
else
hyprctl --batch "\
dispatch exec aurora-init ;\
dispatch exec aurora-set-wallpaper ${config.home.homeDirectory}/Pictures/Wallpaper/bluescape.jpg ;\
dispatch exec ${pkgs.pyprland}/bin/pypr ;\
dispatch exec ${pkgs.netbird-ui}/bin/netbird-ui ;\
dispatch exec ${pkgs.hyprpolkitagent}/libexec/hyprpolkitagent ;\
setcursor Bibata-Modern-Classic 16"
fi
if [[ -f ${config.home.homeDirectory}/.local/share/calcurse/.calcurse.pid ]]; then
rm ${config.home.homeDirectory}/.local/share/calcurse/.calcurse.pid
fi
sleep 3
aurora ipc call shell reload
hyprctl reload
'')
];
})
];
};
}

17
homes/nathan/home-manager/programs/calcurse/default.nix
View File

@@ -1,17 +0,0 @@
{ ... }: {
flake.homeModules.nathan = { config, lib, pkgs, ... }: {
options.homeconfig.calcurse.enable = lib.options.mkOption {
type = lib.types.bool;
default = false;
};
config = lib.mkIf config.homeconfig.calcurse.enable {
home.packages = with pkgs; [
calcurse
libnotify
];
};
};
}

14
homes/nathan/home-manager/programs/default.nix
View File

@@ -1,14 +0,0 @@
{ inputs, ... }: {
flake.homeModules.nathan = { config, lib, pkgs, ... }: {
config = {
home.packages = lib.mkIf (!config.homeconfig.wal.enable) [
inputs.nixvim.packages.${pkgs.stdenv.hostPlatform.system}.default
];
home.sessionVariables.EDITOR = "nvim";
};
};
}

50
homes/nathan/home-manager/programs/git/default.nix
View File

@@ -1,50 +0,0 @@
{ ... }: {
flake.homeModules.nathan = { config, lib, ... }: {
options.homeconfig.git.enable = lib.options.mkOption {
type = lib.types.bool;
default = false;
};
config = lib.mkIf config.homeconfig.git.enable {
sops = {
secrets = {
"git/username" = {};
"git/email" = {};
};
templates.gitconfig.content = ''
[user]
name = "${config.sops.placeholder."git/username"}"
email = "${config.sops.placeholder."git/email"}"
'';
};
programs.git = {
enable = true;
includes = [
{ path = "${config.sops.templates.gitconfig.path}"; }
];
settings = {
init = {
defaultBranch = "master";
};
safe.directory = "/etc/nixos";
url = {
"ssh://gitea@gitea.esotericbytes.com/" = {
insteadOf = [
"server:"
];
};
};
};
};
};
};
}

22
homes/nathan/home-manager/programs/pywal/default.nix
View File

@@ -1,22 +0,0 @@
{ inputs, ... }: {
flake.homeModules.nathan = { config, lib, pkgs, ... }: {
options.homeconfig.wal.enable = lib.options.mkOption {
type = lib.types.bool;
default = false;
};
config = lib.mkIf config.homeconfig.wal.enable {
home.packages = with pkgs; [
inputs.nixvim.packages.${pkgs.stdenv.hostPlatform.system}.pywal
pywal16
imagemagick
];
};
};
}

23
homes/nathan/home-manager/programs/rofi/default.nix
View File

@@ -1,23 +0,0 @@
{ ... }: {
flake.homeModules.nathan = { config, lib, pkgs, ... }: {
options.homeconfig.rofi.enable = lib.options.mkOption {
type = lib.types.bool;
default = false;
};
config = lib.mkIf config.homeconfig.rofi.enable {
programs.rofi = {
enable = true;
package = pkgs.rofi;
cycle = true;
theme = "/home/nathan/.cache/wal/colors-rofi-dark.rasi";
};
};
};
}

35
homes/nathan/home-manager/programs/terminal/bash/default.nix
View File

@@ -1,35 +0,0 @@
{ ... }: {
flake.homeModules.nathan = { config, lib, pkgs, ... }: {
home.packages = with pkgs; [ oh-my-posh ];
programs.bash = {
enable = true;
enableCompletion = true;
shellAliases = {
ls = "eza";
ll = "ls -l";
ksh = "kitten ssh";
v = "nvim";
vi = "nvim";
vim = "nvim";
};
bashrcExtra = ''
source ${pkgs.blesh}/share/blesh/ble.sh
'';
initExtra = if config.homeconfig.wal.enable then (lib.mkBefore ''
cat ${config.home.homeDirectory}/.cache/wal/sequences
eval "$(oh-my-posh init bash --config ${config.home.homeDirectory}/.cache/wal/ohmyposh.toml)"
'') else (lib.mkBefore ''
eval "$(oh-my-posh init bash --config ${config.home.homeDirectory}/.config/ohmyposh/ohmyposh.toml)"
'');
};
};
}

27
homes/nathan/home-manager/programs/terminal/ssh/default.nix
View File

@@ -1,27 +0,0 @@
{ ... }: {
flake.homeModules.nathan = { ... }: {
programs.ssh = {
enable = true;
# defaults as of 25.11
matchBlocks."*" = {
forwardAgent = false;
addKeysToAgent = "no";
compression = false;
serverAliveInterval = 0;
serverAliveCountMax = 3;
hashKnownHosts = false;
userKnownHostsFile = "~/.ssh/known_hosts";
controlMaster = "no";
controlPath = "~/.ssh/master-%r@%n:%p";
controlPersist = "no";
};
enableDefaultConfig = false;
};
};
}

36
homes/nathan/home-manager/secrets.yaml
View File

@@ -1,36 +0,0 @@
git:
username: ENC[AES256_GCM,data:418z4cCK,iv:tgPmynsW8fEJs6n+OGfm6IypOjNNhVdVaqFImeKXpC4=,tag:V5zI47vb9FnSO/OWurbJ+A==,type:str]
email: ENC[AES256_GCM,data:xp6HlIO1pTgvrXpGAOQwl0UvcnY4zrLrmw==,iv:LzGkluWeSe8MQqPXQMnNOv062UY+BkQE1fGjGqd/nCg=,tag:Y9nwo+Hjcg4ea2GxGKWApA==,type:str]
sops:
age:
- recipient: age1yqgyp2uxz4lzrc9f9ka0mfjl5fr6ahf8nf24nlmran2wulg6fpvq9hyp9q
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBvMktJdFhxRjhaT0MyZ0N3
YVBMYlNkRnl1eU8zajZLWXRPajZzWDBGQWxVCkhMcEdsNlVKQ1VHR2hjZWdsR1gx
MkhCeVZGUDJwdkdDTiswRW40QjRRYWMKLS0tIENIN2pheisyR21YZkIzblVZZ1cw
bHpLWEdPdUc4d2ZSS1FjUDM0QWRQUWsKqvlH0oWHH/PhMDTYT5KhCTzaEffsf1jM
r0o60YUCe6pUFs0qPvOxEPM3bq+7MkUpH4eXVAw3tCov3nUkmwlVZg==
-----END AGE ENCRYPTED FILE-----
- recipient: age1640eg0pnmkruc89m5xguz0m8fek44fl4tzez6qwuzlz6kmapqewsp8esxd
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB5K3ovcmpPck1reGVPQ0lm
YTYvNGtaSk4vLzlYSW0rSkpHcjZWUnBMS2dBCmt3RU1PMkJ1VU5wNUc1NC9lbGFk
cjl6cXp6M292enFHckkyamwwaDRia2MKLS0tIGRUTzFGdDZFaS9LdkRjMW56U25B
emRDTncvNnlycHF3V2VJN3NlZTNVSjgK8RUx9qImdqjHBHisnwY+qRZ9vuafl3MN
jnJsIsKSdF51dWYskEMVnPYwn9HdOKkAh6amwSITcw3ZCcK7ftfT+g==
-----END AGE ENCRYPTED FILE-----
- recipient: age12pnf36uqesjmy3e0lythfnpwam3zg5mv8m936fc4jphy4ces2fdqwn0s74
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBRWXVTSVQvNEhsMkQ2QkRl
SlZLTWN2eUdMa3MwdTBHZE8vdENKTTRKYVF3Ck01N2VNQUJPeHBwVHZTNWYzbXR5
ZS9hUDQydy9nQnR0SVpiUHV6ejhPb0EKLS0tIEZKeXV5QnpZYzBCVDR3WjVSV2Vv
TmJkL3VUbTRLNGNISGhFaGpmaXJ1cDAKpiZ8Nfml0KFq46JRg+394BCyZmnpE4XC
zqxRrNlGH/EDp00q5/jN84vQA+bOhGHcScQpvRCDKMXehQn3H4jksw==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2025-08-16T16:08:48Z"
mac: ENC[AES256_GCM,data:3/ztJNXhOIPqgQ47QxjM5KTeAJwXPpUuVtvI5/xJsMOOZhXYRt+uhL584F98rJiMHhnbsuGIZi+jGlYRiE6c+GJ9X7TKLj9yRqKvCMSCdWHGzY721GH5kMPcjD2YDYZ4tt+olIMePNJBPjC1XJgfhfOvs43o2HyDTCS95cEQzB4=,iv:qofZBAwxbTrc/hPyuSi8nxibJ0bGhoytZpUTZwwzbuI=,tag:z1SJXutJmlJ+j6RnV4u29Q==,type:str]
unencrypted_suffix: _unencrypted
version: 3.10.2

1
homes/nathan/home-manager/services/custom/default.nix
View File

@@ -1 +0,0 @@
{ ... }: {}

38
homes/nathan/home.nix
View File

@@ -1,38 +0,0 @@
{ self, inputs, ... }: {
flake.homeModules.nathan = { lib, ... }:
{
config = {
homeconfig = {
graphical = lib.mkDefault false;
minimal = lib.mkDefault false;
hyprland.enable = lib.mkDefault false;
};
nix = {
nixPath = [ "nixpkgs=${inputs.nixpkgs}" ];
settings = {
experimental-features = [ "nix-command" "flakes" ];
builders = "ssh://builder x86_64-linux,aarch64-linux /run/secrets/remoteBuildKey 1 1 nixos-test,benchmark,big-parallel,kvm - -";
builders-use-substitutes = true;
};
};
programs.home-manager.enable = true;
};
};
flake.homeConfigurations.nathan = inputs.home-manager.lib.homeManagerConfiguration {
pkgs = import inputs.nixpkgs {
system = builtins.currentSystem;
};
modules = [
self.homeModules.nathan
];
};
}

1
machines/homebox

Submodule machines/homebox deleted from e3e98541fa

1
machines/laptop

Submodule machines/laptop deleted from ae51730c19

0
system/services/aurora-greeter/default.nix → modules/features/aurora-greeter.nix
View File

14
system/virtualization/docker/authentik/default.nix → modules/features/authentik.nix
View File

@@ -1,6 +1,6 @@
{ ... }: {
{ self, ... }: {
flake.nixosModules.default = { config, lib, pkgs, ... }: let
flake.nixosModules.authentik = { config, lib, pkgs, ... }: let
hostPort = 9005;
@@ -10,12 +10,11 @@
in {
options.sysconfig.docker.authentik.enable = with lib; mkOption {
type = with types; bool;
default = false;
};
imports = [
self.nixosModules.docker
];
config = lib.mkIf (config.sysconfig.docker.authentik.enable && config.sysconfig.docker.enable) {
config = {
networking.firewall.interfaces = {
"ve-traefik" = {
@@ -121,6 +120,7 @@
"--network-alias=server"
"--network-alias=authentik-server"
"--network-alias=${name}"
"--ip=192.168.101.6"
];
networks = [
"docker-main"

20
modules/features/avahi.nix Normal file
View File

@@ -0,0 +1,20 @@
{ ... }: {
flake.nixosModules.avahi = { config, lib, ... }: {
config = {
services.avahi = {
enable = true;
ipv4 = true;
ipv6 = true;
openFirewall = true;
nssmdns4 = true;
wideArea = true;
};
};
};
}

9
system/virtualization/containers/code-server/default.nix → modules/features/code-server.nix
View File

@@ -1,13 +1,8 @@
{ ... }: {
flake.nixosModules.default = { config, lib, ... }: {
flake.nixosModules.code-server = { config, lib, ... }: {
options.sysconfig.containers.code-server.enable = lib.options.mkOption {
type = lib.types.bool;
default = false;
};
config = lib.mkIf config.sysconfig.containers.code-server.enable {
config = {
containers.code-server = {

0
system/virtualization/docker/docker-mailserver/default.nix → modules/features/docker-mailserver.nix
View File

21
system/virtualization/docker/default.nix → modules/features/docker.nix
View File

@@ -1,20 +1,8 @@
{ ... }: {
flake.nixosModules.default = { config, lib, pkgs, ... }: {
flake.nixosModules.docker = { config, lib, pkgs, ... }: {
options.sysconfig.docker = {
enable = with lib; mkOption {
type = with types; bool;
default = false;
};
nvidia = with lib; mkOption {
type = with types; bool;
default = false;
};
};
config = lib.mkIf config.sysconfig.docker.enable {
config = {
networking.nat.internalInterfaces = [ "docker0" "docker-main" ];
@@ -29,7 +17,10 @@
};
};
hardware.nvidia-container-toolkit.enable = config.sysconfig.docker.nvidia;
hardware.nvidia-container-toolkit.enable = lib.mkDefault (builtins.any
(x: x == "nvidia")
config.services.xserver.videoDrivers
);
systemd.services."docker-network-setup" = {
path = [ pkgs.docker ];

10
system/services/dynamicDNS/default.nix → modules/features/dynamicDNS.nix
View File

@@ -1,14 +1,8 @@
{ ... }: {
flake.nixosModules.default = { config, lib, pkgs, ... }: {
flake.nixosModules.dynamicDNS = { config, lib, pkgs, ... }: {
options.sysconfig.services.dynamicDNS.enable = with lib; mkOption {
type = with types; bool;
default = false;
};
config = lib.mkIf config.sysconfig.services.dynamicDNS.enable {
config = {
systemd.timers.dynamicDNS = {

118
system/virtualization/docker/gitea/default.nix → modules/features/gitea.nix
View File

@@ -1,6 +1,114 @@
{ ... }: {
flake.nixosModules.default = { config, lib, pkgs, ... }: let
flake.nixosModules.gitea = { config, lib, ... }: {
config = {
networking = {
nat.internalInterfaces = [ "ve-gitea" ];
};
sops.secrets = {
"gitea/dbpass" = {};
};
containers.gitea = {
autoStart = true;
privateNetwork = true;
hostAddress = "192.168.100.10";
localAddress = "192.168.100.20";
bindMounts = {
"/etc/gitea/data" = {
hostPath = "/ssd1/Gitea/data";
isReadOnly = false;
};
};
extraFlags = [
"--load-credential=dbpass:${config.sops.secrets."gitea/dbpass".path}"
];
config = {
systemd.services.secrets_setup = {
wantedBy = [ "gitea.service" ];
serviceConfig = {
LoadCredential = [
"dbpass"
];
};
script = ''
cat ''${CREDENTIALS_DIRECTORY}/dbpass > /etc/gitea/dbpass
chown gitea:gitea /etc/gitea/*
'';
};
services.gitea = {
enable = true;
stateDir = "/etc/gitea/data";
dump.enable = false;
appName = "Gitea";
settings = {
server = {
DOMAIN = "gitea.esotericbytes.com";
HTTP_PORT = 3000;
ROOT_URL = "https://gitea.esotericbytes.com/";
};
service = {
DISABLE_REGISTRATION = false;
ALLOW_ONLY_EXTERNAL_REGISTRATION = true;
REQUIRE_SIGNIN_VIEW = false;
};
oauth2_client = {
ENABLE_AUTO_REGISTRATION = true;
};
session.COOKIE_SECURE = true;
cron = {
ENABLED = true;
RUN_AT_START = true;
};
repository = {
DEFAULT_BRANCH = "master";
};
};
database = {
passwordFile = "/etc/gitea/dbpass";
type = "postgres";
};
};
services.openssh = {
enable = true;
openFirewall = true;
settings = {
PermitRootLogin = lib.mkForce "no";
PasswordAuthentication = false;
KbdInteractiveAuthentication = false;
};
ports = [ 2222 ];
};
networking.firewall.allowedTCPPorts = [ 3000 ];
system.stateVersion = "24.11";
};
};
};
};
flake.nixosModules.gitea-docker = { config, lib, pkgs, ... }: let
subdomain = "gitea";
@@ -8,12 +116,7 @@
in {
options.sysconfig.docker."${name}".enable = with lib; mkOption {
type = with types; bool;
default = false;
};
config = lib.mkIf (config.sysconfig.docker."${name}".enable && config.sysconfig.docker.enable) {
config = {
virtualisation.oci-containers.containers."${name}" = {
@@ -151,4 +254,5 @@
};
};
}

0
system/virtualization/docker/home-assistant/configuration.yaml → modules/features/home-assistant/configuration.yaml
View File

21
system/virtualization/docker/home-assistant/default.nix → modules/features/home-assistant/home-assistant.nix
View File

@@ -1,6 +1,6 @@
{ ... }: {
{ self, ... }: {
flake.nixosModules.default = { config, lib, ... }: let
flake.nixosModules.home-assistant = { config, lib, ... }: let
subdomain = "hass";
@@ -8,12 +8,12 @@
in {
options.sysconfig.docker.home-assistant.enable = with lib; mkOption {
type = with types; bool;
default = false;
};
imports = [
self.nixosModules.docker
];
config = lib.mkIf (config.sysconfig.docker.home-assistant.enable && config.sysconfig.docker.enable) {
config = {
environment.etc."home-assistant/configuration.yaml".source = ./configuration.yaml;
@@ -58,4 +58,11 @@
};
};
};
flake.nixosModules.home-assistant-vm = { config, lib, ... }: {
config = {
};
};
}

21
modules/features/home-manager.nix Normal file
View File

@@ -0,0 +1,21 @@
{ inputs, ... }: {
flake.nixosModules.default = { config, lib, pkgs, ... }: {
imports = [
inputs.home-manager.nixosModules.default
];
config = {
programs.fuse.userAllowOther = true;
home-manager = {
backupFileExtension = "backup";
useUserPackages = true;
sharedModules = [];
};
};
};
}

11
system/programs/hyprland/default.nix → modules/features/hyprland.nix
View File

@@ -1,15 +1,8 @@
{ inputs, ... }: {
flake.nixosModules.default = { config, lib, pkgs, ... }: {
flake.nixosModules.hyprland = { config, lib, pkgs, ... }: {
options.sysconfig.programs.hyprland.enable = lib.options.mkOption {
type = lib.types.bool;
default = false;
};
config = lib.mkIf config.sysconfig.programs.hyprland.enable {
sysconfig.services.sddm.enable = lib.mkDefault true;
config = {
environment.sessionVariables.NIXOS_OZONE_WL = "1";

20
system/virtualization/docker/jellyfin/default.nix → modules/features/jellyfin.nix
View File

@@ -1,6 +1,6 @@
{ ... }: {
{ self, ... }: {
flake.nixosModules.default = { config, lib, pkgs, ... }: let
flake.nixosModules.jellyfin = { config, lib, pkgs, ... }: let
subdomain = "watch";
@@ -8,12 +8,12 @@
in {
options.sysconfig.docker.jellyfin.enable = with lib; mkOption {
type = with types; bool;
default = false;
};
imports = [
self.nixosModules.docker
];
config = lib.mkIf (config.sysconfig.docker.jellyfin.enable && config.sysconfig.docker.enable) {
config = {
networking.firewall.allowedUDPPorts = [ 7359 ];
@@ -50,9 +50,11 @@
"traefik.http.services.${name}.loadbalancer.server.port" = "8096";
};
extraOptions = lib.mkIf config.sysconfig.docker.nvidia [
extraOptions = lib.mkMerge [
(lib.mkIf config.hardware.nvidia-container-toolkit.enable [
"--device=nvidia.com/gpu=all"
"--ip=192.168.101.21"
])
[ "--ip=192.168.101.21" ]
];
environment = {

11
system/services/kdePlasma6/default.nix → modules/features/kdePlasma6.nix
View File

@@ -1,18 +1,11 @@
{ ... }: {
flake.nixosModules.default = { config, lib, pkgs, ... }: {
flake.nixosModules.kdePlasma6 = { config, lib, pkgs, ... }: {
options.sysconfig.services.kdePlasma6.enable = lib.options.mkOption {
type = lib.types.bool;
default = false;
};
config = lib.mkIf config.sysconfig.services.kdePlasma6.enable {
config = {
services.desktopManager.plasma6.enable = true;
sysconfig.services.sddm.enable = lib.mkDefault true;
environment.systemPackages = with pkgs; [
kdePackages.discover # Optional: Install if you use Flatpak or fwupd firmware update sevice
kdePackages.kcalc # Calculator

0
system/virtualization/docker/kiwix/default.nix → modules/features/kiwix.nix
View File

27
modules/features/locale.nix Normal file
View File

@@ -0,0 +1,27 @@
{ ... }: {
flake.nixosModules.default = { config, lib, pkgs, ... }: {
config = {
time.timeZone = lib.mkDefault "America/Chicago";
i18n = lib.mkDefault {
defaultLocale = "en_US.UTF-8";
extraLocaleSettings = {
LC_ADDRESS = "en_US.UTF-8";
LC_IDENTIFICATION = "en_US.UTF-8";
LC_MEASUREMENT = "en_US.UTF-8";
LC_MONETARY = "en_US.UTF-8";
LC_NAME = "en_US.UTF-8";
LC_NUMERIC = "en_US.UTF-8";
LC_PAPER = "en_US.UTF-8";
LC_TELEPHONE = "en_US.UTF-8";
LC_TIME = "en_US.UTF-8";
};
};
};
};
}

0
system/virtualization/docker/minecraft/default.nix → modules/features/minecraft.nix
View File

16
system/virtualization/docker/n8n/default.nix → modules/features/n8n.nix
View File

@@ -1,6 +1,6 @@
{ ... }: {
{ self, ... }: {
flake.nixosModules.default = { config, lib, pkgs, ... }: let
flake.nixosModules.n8n = { config, lib, pkgs, ... }: let
subdomain = "n8n";
@@ -8,12 +8,12 @@
in {
options.sysconfig.docker."${name}".enable = with lib; mkOption {
type = with types; bool;
default = false;
};
imports = [
self.nixosModules.docker
];
config = lib.mkIf (config.sysconfig.docker."${name}".enable && config.sysconfig.docker.enable) {
config = {
virtualisation.oci-containers.containers."${name}" = {
@@ -42,7 +42,7 @@
];
extraOptions = [
"--ip=192.168.101.2"
"--ip=192.168.101.14"
];
volumes = [

0
system/virtualization/docker/netbird/config/management.json → modules/features/netbird/config/management.json
View File

44
system/virtualization/docker/netbird/default.nix → modules/features/netbird/netbird.nix
View File

@@ -1,13 +1,44 @@
{ ... }: {
{ self, inputs, ... }: {
flake.nixosModules.default = { config, lib, pkgs, ... }: {
options.sysconfig.docker.netbird.enable = with lib; mkOption {
type = with types; bool;
default = false;
flake.nixosModules.netbird = { config, lib, pkgs, ... }: {
config = let
pkgs-us = import inputs.nixpkgs-us {
system = "x86_64-linux";
};
in {
services.netbird = {
enable = lib.mkDefault true;
clients.default = {
port = 51820;
name = "netbird";
interface = "wt0";
hardened = false;
ui = {
enable = lib.mkDefault config.hardware.graphics.enable;
#package = pkgs-us.netbird-ui;
#package = pkgs.netbird-ui;
};
};
config = lib.mkIf (config.sysconfig.docker.netbird.enable && config.sysconfig.docker.enable) {
package = pkgs-us.netbird;
#package = pkgs.netbird;
};
};
};
flake.nixosModules.netbird-docker = { config, lib, pkgs, ... }: {
imports = [
self.nixosModules.docker
];
config = {
networking.firewall.allowedUDPPorts = [ 3478 ];
@@ -187,6 +218,7 @@
extraOptions = [
"--network-alias=signal"
"--network=docker-main"
"--ip=192.168.101.2"
];
};
systemd.services."docker-netbird-signal" = {

9
system/virtualization/docker/nextcloud/default.nix → modules/features/nextcloud.nix
View File

@@ -1,6 +1,6 @@
{ ... }: {
flake.nixosModules.default = { config, lib, pkgs, ... }: let
flake.nixosModules.nextcloud = { config, lib, pkgs, ... }: let
subdomain = "cloud";
@@ -8,12 +8,7 @@
in {
options.sysconfig.docker.nextcloud.enable = with lib; mkOption {
type = with types; bool;
default = false;
};
config = lib.mkIf (config.sysconfig.docker.nextcloud.enable && config.sysconfig.docker.enable) {
config = {
virtualisation.oci-containers.containers."nextcloud-aio-mastercontainer" = {
image = "ghcr.io/nextcloud-releases/all-in-one:20260122_105751";

9
system/virtualization/containers/nginx/default.nix → modules/features/nginx.nix
View File

@@ -1,13 +1,8 @@
{ ... }: {
flake.nixosModules.default = { config, lib, ... }: {
flake.nixosModules.nginx = { config, lib, ... }: {
options.sysconfig.containers."esotericbytes.com".enable = lib.mkOption {
type = lib.types.bool;
default = false;
};
config = lib.mkIf config.sysconfig.containers."esotericbytes.com".enable {
config = {
containers.esotericbytes-com = {

21
modules/features/nix.nix Normal file
View File

@@ -0,0 +1,21 @@
{ inputs, ... }: {
flake.nixosModules.default = { config, lib, pkgs, ... }: {
config = {
nix = {
nixPath = [ "nixpkgs=${inputs.nixpkgs}" ];
channel.enable = false;
settings = {
experimental-features = [ "nix-command" "flakes" ];
substituters = lib.mkIf config.programs.hyprland.enable ["https://hyprland.cachix.org"];
trusted-substituters = lib.mkIf config.programs.hyprland.enable ["https://hyprland.cachix.org"];
trusted-public-keys = lib.mkIf config.programs.hyprland.enable ["hyprland.cachix.org-1:a7pgxzMz7+chwVL3/pzj6jIBMioiJM7ypFP8PwtkuGc="];
};
};
};
};
}

33
system/virtualization/containers/novnc/default.nix → modules/features/novnc.nix
View File

@@ -1,13 +1,34 @@
{ ... }: {
flake.nixosModules.default = { config, lib, pkgs, ... }: {
flake.nixosModules.novnc = { config, lib, pkgs, ... }: {
options.sysconfig.containers.novnc.enable = lib.mkOption {
type = lib.types.bool;
default = false;
config = {
systemd.services.novnc = {
enable = true;
path = with pkgs; [
novnc
ps
];
script = ''
novnc --listen 80 --vnc 127.0.0.1:5900
'';
serviceConfig = {
Type = "exec";
};
config = lib.mkIf config.sysconfig.containers.novnc.enable {
wantedBy = [ "multi-user.target" ];
};
networking.firewall.allowedTCPPorts = [ 80 ];
};
};
flake.nixosModules.novnc-container = { config, lib, pkgs, ... }: {
config = {
networking = {
firewall.interfaces."ve-novnc" = {
@@ -52,4 +73,6 @@
};
};
};
}

9
system/virtualization/containers/ntfy/default.nix → modules/features/ntfy.nix
View File

@@ -1,13 +1,8 @@
{ ... }: {
flake.nixosModules.default = { config, lib, ... }: {
flake.nixosModules.ntfy = { config, lib, ... }: {
options.sysconfig.containers.ntfy.enable = lib.mkOption {
type = lib.types.bool;
default = false;
};
config = lib.mkIf config.sysconfig.containers.ntfy.enable {
config = {
containers.ntfy = {

36
system/virtualization/docker/ollama/default.nix → modules/features/ollama.nix
View File

@@ -1,6 +1,25 @@
{ ... }: {
{ self, inputs, ... }: {
flake.nixosModules.default = { config, lib, pkgs, ... }: let
flake.nixosModules.ollama = { config, lib, ... }: {
config = {
services.ollama = {
enable = true;
acceleration = "cuda";
environmentVariables = {
OLLAMA_CONTEXT_LENGTH = lib.mkDefault "16000";
};
package = let
pkgs-us = import inputs.nixpkgs-us {
system = "x86_64-linux";
config.allowUnfree = true;
};
in pkgs-us.ollama-cuda;
};
};
};
flake.nixosModules.ollama-docker = { config, lib, pkgs, ... }: let
hostPort = 11434;
@@ -10,12 +29,12 @@
in {
options.sysconfig.docker.ollama.enable = with lib; mkOption {
type = with types; bool;
default = false;
};
imports = [
self.nixosModules.docker
];
config = lib.mkIf (config.sysconfig.docker.ollama.enable && config.sysconfig.docker.enable) {
config = {
environment.systemPackages = with pkgs; [
ollama
@@ -62,7 +81,7 @@
"traefik.http.services.${name}.loadbalancer.server.port" = "11434";
};
extraOptions = lib.mkIf config.sysconfig.docker.nvidia [
extraOptions = lib.mkIf config.hardware.nvidia-container-toolkit.enable [
"--device=nvidia.com/gpu=all"
"--ip=192.168.101.22"
];
@@ -74,3 +93,4 @@
};
};
}

18
modules/features/openssh.nix Normal file
View File

@@ -0,0 +1,18 @@
{ ... }: {
flake.nixosModules.openssh = { config, lib, ... }: {
config = {
services.openssh = {
enable = true;
openFirewall = lib.mkDefault true;
settings = {
PasswordAuthentication = false;
KbdInteractiveAuthentication = false;
};
};
};
};
}

16
system/virtualization/docker/openwebui/default.nix → modules/features/openwebui.nix
View File

@@ -1,6 +1,6 @@
{ ... }: {
{ self, ... }: {
flake.nixosModules.default = { config, lib, pkgs, ... }: let
flake.nixosModules.openwebui = { config, lib, pkgs, ... }: let
subdomain = "ai";
@@ -8,12 +8,12 @@
in {
options.sysconfig.docker.openwebui.enable = with lib; mkOption {
type = with types; bool;
default = false;
};
imports = [
self.nixosModules.docker
];
config = lib.mkIf (config.sysconfig.docker.openwebui.enable && config.sysconfig.docker.enable) {
config = {
virtualisation.oci-containers.containers.openwebui = {
image = "ghcr.io/open-webui/open-webui:v0.7.2";
@@ -45,7 +45,7 @@
"traefik.http.services.${name}.loadbalancer.server.port" = "8080";
};
extraOptions = lib.mkIf config.sysconfig.docker.nvidia [
extraOptions = lib.mkIf config.hardware.nvidia-container-toolkit.enable [
"--device=nvidia.com/gpu=all"
"--ip=192.168.101.8"
];

1
system/packages/default.nix → modules/features/packages.nix
View File

@@ -3,6 +3,7 @@
flake.nixosModules.default = { pkgs, ... }: {
environment.systemPackages = with pkgs; [
age
sops
inputs.disko.packages.${pkgs.stdenv.hostPlatform.system}.disko-install
];

0
system/virtualization/docker/passbolt/docker-compose.nix-txt → modules/features/passbolt/docker-compose.nix-txt
View File

0
system/virtualization/docker/passbolt/default.nix → modules/features/passbolt/passbolt.nix
View File

14
system/virtualization/docker/pihole/default.nix → modules/features/pihole.nix
View File

@@ -1,6 +1,6 @@
{ ... }: {
{ self, ... }: {
flake.nixosModules.default = { config, lib, ... }: let
flake.nixosModules.pihole = { config, lib, ... }: let
hostPort = 9001;
@@ -10,12 +10,12 @@
in {
options.sysconfig.docker.pihole.enable = with lib; mkOption {
type = with types; bool;
default = false;
};
imports = [
self.nixosModules.docker
];
config = lib.mkIf (config.sysconfig.docker.pihole.enable && config.sysconfig.docker.enable) {
config = {
virtualisation.docker.daemon.settings.dns = [ "192.168.101.12" ];

11
system/services/pipewire/default.nix → modules/features/pipewire.nix
View File

@@ -1,15 +1,8 @@
{ ... }: {
flake.nixosModules.default = { config, lib, pkgs, ... }: {
flake.nixosModules.pipewire = { config, lib, pkgs, ... }: {
options = {
sysconfig.services.pipewire.enable = lib.options.mkOption {
type = lib.types.bool;
default = false;
};
};
config = lib.mkIf config.sysconfig.services.pipewire.enable {
config = {
# Enable sound with pipewire.
#sound.enable = true;

14
system/virtualization/docker/portainer/default.nix → modules/features/portainer.nix
View File

@@ -1,6 +1,6 @@
{ ... }: {
{ self, ... }: {
flake.nixosModules.default = { config, lib, ... }: let
flake.nixosModules.portainer = { config, lib, ... }: let
hostPort = 9000;
@@ -10,12 +10,12 @@
in {
options.sysconfig.docker.portainer.enable = with lib; mkOption {
type = with types; bool;
default = true;
};
imports = [
self.nixosModules.docker
];
config = lib.mkIf (config.sysconfig.docker.portainer.enable && config.sysconfig.docker.enable) {
config = {
networking.firewall.interfaces = {
"ve-traefik" = {

60
modules/features/remoteBuilds.nix Normal file
View File

@@ -0,0 +1,60 @@
{ inputs, ... }: {
flake.nixosModules.sops = { config, lib, ... }: {
imports = [
inputs.sops-nix.nixosModules.sops
];
config = {
nix = {
settings = {
builders-use-substitutes = (config.sops.secrets ? "remoteBuildKey");
};
distributedBuilds = lib.mkDefault (config.sops.secrets ? "remoteBuildKey");
buildMachines = lib.mkIf (config.sops.secrets ? "remoteBuildKey") [
{
hostName = "esotericbytes.com";
sshUser = "remote-builder";
sshKey = config.sops.secrets."remoteBuildKey".path;
supportedFeatures = [
"nixos-test"
"benchmark"
"big-parallel"
"kvm"
];
systems = [ "x86_64-linux" "aarch64-linux" ];
}
];
};
users.users."remote-builder" = lib.mkIf (builtins.any
(x: (builtins.match "^remoteBuildClientKeys/.+" x) != null)
(builtins.attrNames config.sops.secrets)
) {
isNormalUser = true;
createHome = false;
};
sops.templates."remote-builder" = lib.mkIf (builtins.any
(x: (builtins.match "^remoteBuildClientKeys/.+" x) != null)
(builtins.attrNames config.sops.secrets)
) {
content = builtins.concatStringsSep ''''\n'' (builtins.map
(y: config.sops.placeholder.${y})
(builtins.filter
(x: (builtins.match "^remoteBuildClientKeys/.+" x) != null)
(builtins.attrNames config.sops.secrets)
)
);
path = "/etc/ssh/authorized_keys.d/remote-builder";
owner = "remote-builder";
};
};
};
}

0
system/virtualization/docker/rustdesk/default.nix → modules/features/rustdesk/default.nix
View File

0
system/virtualization/docker/rustdesk/docker-compose.nix-txt → modules/features/rustdesk/docker-compose.nix-txt
View File

9
system/virtualization/containers/sandbox/default.nix → modules/features/sandbox.nix
View File

@@ -1,13 +1,8 @@
{ ... }: {
flake.nixosModules.default = { config, lib, self, ... }: {
flake.nixosModules.sandbox = { config, lib, self, ... }: {
options.sysconfig.containers.sandbox.enable = lib.mkOption {
type = lib.types.bool;
default = false;
};
config = lib.mkIf config.sysconfig.containers.sandbox.enable {
config = {
networking = {

9
system/services/sddm/default.nix → modules/features/sddm.nix
View File

@@ -1,13 +1,8 @@
{ ... }: {
flake.nixosModules.default = { config, lib, pkgs, ... }: {
flake.nixosModules.sddm = { config, lib, pkgs, ... }: {
options.sysconfig.services.sddm.enable = lib.mkOption {
type = lib.types.bool;
default = false;
};
config = lib.mkIf config.sysconfig.services.sddm.enable {
config = {
qt.enable = true;

14
system/virtualization/docker/searxng/default.nix → modules/features/searxng/searxng.nix
View File

@@ -1,6 +1,6 @@
{ ... }: {
{ self, ... }: {
flake.nixosModules.default = { config, lib, ... }: let
flake.nixosModules.searxng = { config, lib, ... }: let
subdomain = "searxng";
@@ -8,12 +8,12 @@
in {
options.sysconfig.docker.searxng.enable = with lib; mkOption {
type = with types; bool;
default = false;
};
imports = [
self.nixosModules.docker
];
config = lib.mkIf (config.sysconfig.docker.searxng.enable && config.sysconfig.docker.enable) {
config = {
environment.etc."searxng/settings.yml".source = ./settings.yml;

0
system/virtualization/docker/searxng/settings.yml → modules/features/searxng/settings.yml
View File

0
system/secrets.yaml → modules/features/secrets.yaml
View File

21
modules/features/sops.nix Normal file
View File

@@ -0,0 +1,21 @@
{ inputs, ... }: {
flake.nixosModules.sops = { config, lib, ... }: {
imports = [
inputs.sops-nix.nixosModules.sops
];
config = {
sops = {
age = {
keyFile = "/var/lib/sops/age/keys.txt";
#generateKey = true;
};
defaultSopsFormat = "yaml";
};
};
};
}

13
modules/features/steam.nix Normal file
View File

@@ -0,0 +1,13 @@
{ ... }: {
flake.nixosModules.steam = { config, lib, ... }: {
config = {
programs.steam = {
enable = true;
};
};
};
}

2
system/virtualization/docker/traefik/config/routing.yml → modules/features/traefik/config/routing.yml
View File

@@ -8,7 +8,7 @@ http:
rule: "Host(`esotericbytes.com`) || Host(`www.esotericbytes.com`)"
service: "homepage"
middlewares:
- authentik
- authentik@docker
tls:
certResolver: "cloudflare"

0
system/virtualization/docker/traefik/config/traefik.yml → modules/features/traefik/config/traefik.yml
View File

14
system/virtualization/docker/traefik/default.nix → modules/features/traefik/traefik.nix
View File

@@ -1,13 +1,13 @@
{ ... }: {
{ self, ... }: {
flake.nixosModules.default = { config, lib, ... }: {
flake.nixosModules.traefik = { config, lib, ... }: {
options.sysconfig.docker.traefik.enable = with lib; mkOption {
type = with types; bool;
default = false;
};
imports = [
self.nixosModules.docker
];
config = lib.mkIf (config.sysconfig.docker.traefik.enable && config.sysconfig.docker.enable) {
config = {
networking.firewall.allowedTCPPorts = [ 80 81 443 444 2222 ];

11
system/virtualization/virtual-machines/default.nix → modules/features/virtual-machines.nix
View File

@@ -1,13 +1,8 @@
{ ... }: {
flake.nixosModules.default = { config, lib, pkgs, ... }: {
flake.nixosModules.virtual-machines = { config, lib, pkgs, ... }: {
options.sysconfig.virtual-machines.enable = with lib; mkOption {
type = with types; bool;
default = false;
};
config = lib.mkIf config.sysconfig.virtual-machines.enable {
config = {
programs.virt-manager.enable = true;
virtualisation = {
@@ -19,7 +14,7 @@
spiceUSBRedirection.enable = true;
};
environment.systemPackages = with pkgs; lib.mkIf config.sysconfig.graphical [
environment.systemPackages = with pkgs; lib.mkIf config.hardware.graphics.enable [
virt-viewer
];
};

46
modules/features/wyoming.nix Normal file
View File

@@ -0,0 +1,46 @@
{ ... }: {
flake.nixosModules.wyoming = { config, lib, ... }: {
config = {
services.wyoming = {
piper = {
servers.piper = {
enable = lib.mkDefault true;
voice = "en-us-ryan-medium";
uri = "tcp://0.0.0.0:11435";
};
};
openwakeword = {
enable = lib.mkDefault true;
uri = "tcp://0.0.0.0:11432";
threshold = 0.5;
customModelsDirectories = [
#./wake_words
];
};
faster-whisper = {
servers.whisper = {
enable = lib.mkDefault true;
device = "auto";
language = "en";
model = "medium.en";
uri = "tcp://0.0.0.0:11433";
};
};
satellite = {
enable = lib.mkDefault true;
uri = "tcp://0.0.0.0:11431";
};
};
};
};
}

39
profiles/container/default.nix → modules/hosts/container/configuration.nix
View File

@@ -113,45 +113,6 @@
};
};*/
programs.fuse.userAllowOther = true;
home-manager = {
backupFileExtension = "backup";
extraSpecialArgs = {inherit inputs;};
users = {
"nathan" = lib.mkMerge [
inputs.nathan-home-manager
{
config.homeconfig = {
minimal = false;
hyprland.enable = false;
wal.enable = false;
hyprlock.enable = false;
mpd.enable = true;
calcurse.enable = true;
rofi.enable = true;
firefox.enable = true;
};
}
];
};
};
sysconfig = {
opts = {
novnc.enable = true;
sddm.enable = true;
openssh.enable = true;
pipewire.enable = true;
hyprpanel.enable = false;
hyprland.enable = false;
kdePlasma6.enable = true;
git.enable = true;
nh.enable = true;
netbird.enable = true;
};
};
fonts.packages = with pkgs; [ nerd-fonts.fira-code ];
};

0
profiles/homebox/.sops.yaml → modules/hosts/homebox/.sops.yaml
View File

150
modules/hosts/homebox/configuration.nix Normal file
View File

@@ -0,0 +1,150 @@
{ self, inputs, ... }: {
flake.nixosModules.homebox = { config, pkgs, lib, ... }:
{
imports = with self.nixosModules; [
inputs.disko.nixosModules.default
inputs.home-manager.nixosModules.default
self.nixosModules.default
pipewire
avahi
netbird
openssh
sops
docker
traefik
authentik
searxng
home-assistant
netbird-docker
n8n
code-server
gitea
jellyfin
nginx
ollama-docker
openwebui
pihole
portainer
wyoming
virtual-machines
];
config = {
boot = {
kernelPackages = pkgs.linuxKernel.packages.linux_6_18;
loader = {
systemd-boot.enable = true;
efi.canTouchEfiVariables = true;
};
binfmt.emulatedSystems = [ "aarch64-linux" ];
};
systemd.settings.Manager.DefaultLimitNOFILE = 2048;
users.users.root.openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAsU69CxfQk58CvItPN426h5Alnpb60SH37wet97Vb57 nathan@laptop"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEnUhN2uHwAJF/SLRX3wlGRmfhV3zpP88JQAYB+gh8jW nathan@localhost"
];
programs.zsh.enable = true;
environment.shells = with pkgs; [ zsh bashInteractive ];
nixpkgs.config.allowUnfree = true;
networking = {
hostName = "homebox";
nameservers = lib.mkDefault [ "1.1.1.1" "1.0.0.1" ];
networkmanager = {
enable = true;
dns = "none";
};
useDHCP = false;
dhcpcd.enable = false;
nftables = {};
nat = {
enable = true;
internalInterfaces = [ "ve-.+" ];
externalInterface = "wlp7s0"; # wifi
#externalInterface = "enp6s0"; # ethernet
};
};
services.netbird.clients.default.environment = {
NB_EXTRA_DNS_LABELS = "server";
};
fonts.packages = with pkgs; [ nerd-fonts.fira-code ];
services = {
xserver = {
enable = false;
videoDrivers = ["nvidia"];
};
pulseaudio.enable = false;
hardware.openrgb = {
enable = true;
motherboard = "amd";
};
};
hardware = {
nvidia = {
open = true;
modesetting.enable = true;
nvidiaPersistenced = true;
};
bluetooth = {
enable = true;
powerOnBoot = false;
};
};
sops = {
age.keyFile = "/var/lib/sops/age/keys.txt";
defaultSopsFile = ./secrets.yaml;
defaultSopsFormat = "yaml";
secrets = {
"nathan/pass" = {
neededForUsers = true;
};
"remoteBuildClientKeys/laptop".sopsFile = ./../../features/secrets.yaml;
"remoteBuildClientKeys/pi4".sopsFile = ./../../features/secrets.yaml;
"remoteBuildClientKeys/android".sopsFile = ./../../features/secrets.yaml;
};
};
nix = {
settings = {
trusted-users = [ "remote-builder" ];
};
};
# This value determines the NixOS release from which the default
# settings for stateful data, like file locations and database versions
# on your system were taken. Its perfectly fine and recommended to leave
# this value at the release version of the first install of this system.
# Before changing this value read the documentation for this option
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
system.stateVersion = "23.05"; # Did you read the comment?
};
};
}

12
modules/hosts/homebox/default.nix Normal file
View File

@@ -0,0 +1,12 @@
{ self, inputs, ... }: {
flake.nixosConfigurations."homebox" = inputs.nixpkgs.lib.nixosSystem {
modules = with self.nixosModules; [
user-nathan
homebox
homebox-hardware
self.diskoConfigurations.homebox
];
};
}

11
profiles/homebox/disko.nix → modules/hosts/homebox/disko.nix
View File

@@ -1,15 +1,10 @@
{ ... }: {
flake.diskoConfigurations.homebox = {
device1 ? throw "Set this to your disk device, e.g. /dev/sda",
device2,
device3,
...
}: {
disko.devices = {
disk = {
main = {
device = device1;
device = "/dev/nvme0n1";
type = "disk";
content = {
type = "gpt";
@@ -48,7 +43,7 @@
};
};
ssd1 = {
device = device2;
device = "/dev/nvme1n1";
type = "disk";
content = {
type = "gpt";
@@ -65,7 +60,7 @@
};
};
hdd1 = {
device = device3;
device = "/dev/sda";
type = "disk";
content = {
type = "gpt";

2
profiles/homebox/hardware-configuration.nix → modules/hosts/homebox/hardware-configuration.nix
View File

@@ -1,6 +1,6 @@
{ ... }: {
flake.nixosModules.homebox = { config, lib, pkgs, modulesPath, ... }:
flake.nixosModules.homebox-hardware = { config, lib, pkgs, modulesPath, ... }:
{
imports =

0
profiles/homebox/secrets.yaml → modules/hosts/homebox/secrets.yaml
View File

56
modules/hosts/iso/configuration.nix Normal file
View File

@@ -0,0 +1,56 @@
{ self, inputs, ... }: {
flake.nixosModules.iso = { lib, pkgs, modulesPath, ... }: {
imports = with self.nixosModules; [
(modulesPath + "/installer/cd-dvd/installation-cd-minimal.nix")
inputs.home-manager.nixosModules.default
self.nixosModules.default
aurora-greeter
hyprland
pipewire
avahi
netbird
openssh
];
config = {
fonts.fontconfig.enable = lib.mkForce true;
fonts.packages = with pkgs; [ nerd-fonts.fira-code ];
environment.systemPackages = with pkgs; [ nerd-fonts.fira-code ];
system.stateVersion = "25.11";
nixpkgs.hostPlatform = "x86_64-linux";
users.users."nathan" = {
hashedPassword = "$y$j9T$F0pn6l4C45lz4a0FTZLqE0$Fc48Ptbmz/3MJCk/Jsaqop4ff.bY3J3GcjhmJx5R7k6";
packages = with pkgs; [
git
nerd-fonts.fira-code
];
};
users.users.nixos.enable = lib.mkForce false;
networking = {
hostName = "iso";
nameservers = [ "1.1.1.1" "1.0.0.1" ];
networkmanager.enable = true;
};
programs.zsh.enable = true;
environment.shells = with pkgs; [ zsh bashInteractive ];
};
};
}

16
modules/hosts/iso/default.nix Normal file
View File

@@ -0,0 +1,16 @@
{ self, inputs, ...}: {
perSystem = { config, system, pkgs, self', inputs', ... }: {
packages.iso = self.nixosConfigurations.iso.config.system.build.isoImage;
};
flake.nixosConfigurations.iso = inputs.nixpkgs.lib.nixosSystem {
modules = with self.nixosModules; [
iso
user-nathan
];
};
}

19
profiles/jesstop/default.nix → modules/hosts/jesstop/configuration.nix
View File

@@ -4,12 +4,6 @@
{
imports = [
#inputs.home-manager.nixosModules.default
inputs.sops-nix.nixosModules.sops
];
config = {
nixpkgs.config = {
@@ -40,19 +34,6 @@
alsa-utils
];
sysconfig.opts = {
sddm.enable = true;
openssh.enable = false;
steam.enable = true;
pipewire.enable = true;
hyprpanel.enable = false;
hyprland.enable = false;
git.enable = false;
nh.enable = true;
};
# Enable the X11 windowing system.
services.xserver = {
enable = true;

11
modules/hosts/jesstop/default.nix Normal file
View File

@@ -0,0 +1,11 @@
{ self, inputs, ... }: {
flake.nixosConfigurations."jesstop" = inputs.nixpkgs.lib.nixosSystem {
modules = [
self.nixosModules.jesstop
self.nixosModules.jesstop-hardware
];
};
}

2
profiles/jesstop/hardware-configuration.nix → modules/hosts/jesstop/hardware-configuration.nix
View File

@@ -1,6 +1,6 @@
{ ... }: {
flake.nixosModules.jesstop = { config, lib, pkgs, modulesPath, ... }:
flake.nixosModules.jesstop-hardware = { config, lib, pkgs, modulesPath, ... }:
{
imports =

0
profiles/laptop/.sops.yaml → modules/hosts/laptop/.sops.yaml
View File

94
profiles/laptop/default.nix → modules/hosts/laptop/configuration.nix
View File

@@ -4,12 +4,18 @@
{
imports = [
imports = with self.nixosModules; [
inputs.home-manager.nixosModules.default
inputs.sops-nix.nixosModules.sops
self.nixosModules.aurora-greeter
self.nixosModules.default
aurora-greeter
hyprland
pipewire
steam
avahi
netbird
openssh
sops
];
config = {
@@ -49,38 +55,6 @@
alsa-utils
];
sysconfig = with lib; {
remoteBuildClient = mkDefault true;
graphical = mkDefault true;
services = {
sddm.enable = mkDefault true;
openssh.enable = mkDefault false;
pipewire.enable = mkDefault true;
netbird.enable = mkDefault true;
ollama.enable = mkDefault true;
avahi.enable = mkDefault true;
};
programs = {
steam.enable = mkDefault true;
hyprland.enable = mkDefault true;
};
containers = {
wyoming = {
enable = mkDefault false;
};
};
virtual-machines = {
enable = true;
};
};
# Enable the X11 windowing system.
services.xserver = {
enable = true;
@@ -99,6 +73,9 @@
programs.zsh.enable = true;
networking = {
hostName = "laptop";
nameservers = [
"1.1.1.1"
"1.0.0.1"
@@ -111,9 +88,54 @@
dhcpcd.enable = false;
};
services.openssh.openFirewall = false;
fonts.packages = with pkgs; [ nerd-fonts.fira-code ];
boot.kernelParams = [ "snd-intel-dspcfg.dsp_driver=1" ];
hardware = {
nvidia = {
modesetting.enable = true;
powerManagement.enable = true;
powerManagement.finegrained = true;
open = false;
nvidiaSettings = true;
package = config.boot.kernelPackages.nvidiaPackages.stable;
prime = {
# Make sure to use the correct Bus ID values for your system!
intelBusId = "PCI:0:2:0";
nvidiaBusId = "PCI:1:0:0";
# WARNING: sync and offload are mutually exclusive.
# You can only pick one!!
#sync.enable = true;
offload = {
enable = true;
enableOffloadCmd = true;
};
};
};
};
sops = {
defaultSopsFile = ./secrets.yaml;
secrets = {
remoteBuildKey = {};
};
};
services.xserver.videoDrivers = [ "nvidia" ];
# This value determines the NixOS release from which the default
# settings for stateful data, like file locations and database versions
# on your system were taken. Its perfectly fine and recommended to leave
# this value at the release version of the first install of this system.
# Before changing this value read the documentation for this option
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
system.stateVersion = "23.05"; # Did you read the comment?
};
};

12
modules/hosts/laptop/default.nix Normal file
View File

@@ -0,0 +1,12 @@
{ self, inputs, ... }: {
flake.nixosConfigurations."laptop" = inputs.nixpkgs.lib.nixosSystem {
modules = with self.nixosModules; [
user-nathan
laptop
laptop-hardware
];
};
}

2
profiles/laptop/hardware-configuration.nix → modules/hosts/laptop/hardware-configuration.nix
View File

@@ -1,6 +1,6 @@
{ ... }: {
flake.nixosModules.laptop = { config, lib, pkgs, modulesPath, ... }:
flake.nixosModules.laptop-hardware = { config, lib, pkgs, modulesPath, ... }:
{
imports =

0
profiles/laptop/secrets.yaml → modules/hosts/laptop/secrets.yaml
View File

60
modules/hosts/live/configuration.nix Normal file
View File

@@ -0,0 +1,60 @@
{ inputs, ... }: {
flake.nixosModules.live = { pkgs, ... }: {
imports = with inputs; [
disko.nixosModules.default
(import ./disko.nix { device = "/dev/mmcblk0"; })
sops-nix.nixosModules.sops
home-manager.nixosModules.default
];
config = {
hardware.enableRedistributableFirmware = true;
hardware.enableAllHardware = true;
programs.zsh.enable = true;
environment.shells = with pkgs; [ zsh bashInteractive ];
networking = {
nameservers = [ "1.1.1.1" "1.0.0.1" ];
networkmanager.enable = true;
};
nixpkgs.hostPlatform = "x86_64-linux";
boot = {
loader = {
systemd-boot.enable = true;
efi.canTouchEfiVariables = true;
};
};
users.users."nathan" = {
hashedPassword = "$y$j9T$F0pn6l4C45lz4a0FTZLqE0$Fc48Ptbmz/3MJCk/Jsaqop4ff.bY3J3GcjhmJx5R7k6";
packages = with pkgs; [
git
nerd-fonts.fira-code
];
};
sops = {
age.keyFile = "/var/lib/sops/age/keys.txt";
defaultSopsFile = ./secrets.yaml;
defaultSopsFormat = "yaml";
#secrets."nathan/pass".neededForUsers = true;
};
system.stateVersion = "25.05";
fonts.packages = with pkgs; [ nerd-fonts.fira-code ];
};
};
}

11
modules/hosts/live/default.nix Normal file
View File

@@ -0,0 +1,11 @@
{ self, inputs, ... }: {
flake.nixosConfigurations."live" = inputs.nixpkgs.lib.nixosSystem {
modules = [
self.nixosModules.live
self.diskoConfigurations.live
];
};
}

0
profiles/live/disko.nix → modules/hosts/live/disko.nix
View File

0
profiles/live/secrets.yaml → modules/hosts/live/secrets.yaml
View File

65
profiles/pi4/default.nix → modules/hosts/pi4/configuration.nix
View File

@@ -1,66 +1,23 @@
{ inputs, ... }: {
{ self, inputs, ... }: {
flake.nixosModules.pi4 = { config, pkgs, ... }: {
imports = [
./hardware-configuration.nix
imports = with self.nixosModules; [
inputs.disko.nixosModules.default
(import ./disko.nix { device1 = "/dev/mmcblk0"; })
inputs.home-manager.nixosModules.default
inputs.sops-nix.nixosModules.sops
self.nixosModules.default
user-nathan
netbird
avahi
openssh
remoteBuilds
sops
];
config = {
sysconfig = {
remoteBuildClient = true;
users = {
nathan = {
hashedPasswordFile = config.sops.secrets."nathan/pass".path;
shell = pkgs.zsh;
sshKeys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAsU69CxfQk58CvItPN426h5Alnpb60SH37wet97Vb57 nathan@laptop"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEnUhN2uHwAJF/SLRX3wlGRmfhV3zpP88JQAYB+gh8jW nathan@localhost"
];
extraGroups = [
"wheel"
"networkmanager"
"gpio"
"spi"
"audio"
"pulse"
"pulse-access"
];
home-manager = {
enable = true;
standalone = false;
extraModules = [
{
homeconfig = {
scripts.enable = false;
minimal = true;
mpd.enable = true;
git.enable = true;
nh.enable = true;
};
}
];
};
};
};
services = {
openssh.enable = true;
#pipewire.enable = true;
netbird.enable = true;
};
};
boot = {
loader = {
grub.enable = false;
@@ -128,11 +85,9 @@
fonts.packages = with pkgs; [ nerd-fonts.fira-code ];
sound.enable = true;
security.rtkit.enable = true;
system.stateVersion = "25.05";
system.stateVersion = "25.11";
};
};
}

12
modules/hosts/pi4/default.nix Normal file
View File

@@ -0,0 +1,12 @@
{ self, inputs, ... }: {
flake.nixosConfigurations."pi4" = inputs.nixpkgs.lib.nixosSystem {
modules = [
self.nixosModules.pi4
self.nixosModules.pi4-hardware
self.diskoConfigurations.pi4
];
};
}

0
profiles/pi4/disko.nix → modules/hosts/pi4/disko.nix
View File

2
profiles/pi4/hardware-configuration.nix → modules/hosts/pi4/hardware-configuration.nix
View File

@@ -1,6 +1,6 @@
{ ... }: {
flake.nixosModules.pi4 = { config, lib, pkgs, modulesPath, ... }:
flake.nixosModules.pi4-hardware = { config, lib, pkgs, modulesPath, ... }:
{
imports =

0
profiles/pi4/secrets.yaml → modules/hosts/pi4/secrets.yaml
View File

0
flake-parts.nix → modules/parts.nix
View File

45
modules/users/nathan/home-manager/default.nix Normal file
View File

@@ -0,0 +1,45 @@
{ self, ... }: {
flake.homeModules.nathan = { config, lib, pkgs, ... }: {
imports = with self.homeModules; [
nathan-terminal
nathan-mpd
nathan-nh
];
config = {
home.username = "nathan";
home.homeDirectory = lib.mkDefault "/home/${config.home.username}";
home.stateVersion = "23.11";
home.pointerCursor = {
gtk.enable = true;
package = pkgs.bibata-cursors;
name = "Bibata-Modern-Classic";
size = 16;
};
dconf.settings = {
"org/virt-manager/virt-manager/connections" = {
autoconnect = ["qemu:///system"];
uris = ["qemu:///system"];
};
};
gtk = {
enable = true;
theme.name = "Tokyonight-Dark";
theme.package = pkgs.tokyonight-gtk-theme;
iconTheme.package = pkgs.rose-pine-icon-theme;
iconTheme.name = "rose-pine-moon";
};
services.mpris-proxy.enable = true;
};
};
}

0
homes/nathan/home-manager/dotfiles/Wallpaper/Tron.jpg → modules/users/nathan/home-manager/dotfiles/Wallpaper/Tron.jpg
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 1.4 MiB

After

Width:  |  Height:  |  Size: 1.4 MiB

0
homes/nathan/home-manager/dotfiles/Wallpaper/bluescape.jpg → modules/users/nathan/home-manager/dotfiles/Wallpaper/bluescape.jpg
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 1.0 MiB

After

Width:  |  Height:  |  Size: 1.0 MiB

0
homes/nathan/home-manager/dotfiles/Wallpaper/chainsaw_man.png → modules/users/nathan/home-manager/dotfiles/Wallpaper/chainsaw_man.png
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 2.9 MiB

After

Width:  |  Height:  |  Size: 2.9 MiB

Some files were not shown because too many files have changed in this diff Show More