diff --git a/auxin/configuration.nix b/auxin/configuration.nix index 892c7b9..458b25a 100644 --- a/auxin/configuration.nix +++ b/auxin/configuration.nix @@ -3,7 +3,8 @@ lib, pkgs, ... -}: let +}: +let ports = [ 111 # RPC? 2049 # NFS @@ -28,12 +29,14 @@ 8842 # Crowdsec (-> 8842) 8888 # Kodi 9000 # Portainer (-> 9443) - ]; #// lib.lists.range 6800 7568 ; -in { + ]; # // lib.lists.range 6800 7568 ; +in +{ imports = [ # Include the results of the hardware scan. # ./hardware-configuration.nix ]; + nix.package = pkgs.lix; nixpkgs = { config = { kodi.enableAdvancedLauncher = true; @@ -49,8 +52,9 @@ in { } ]; # hostName = "auxin"; # Define your hostname. - nameservers = ["192.168.1.1"]; + nameservers = [ "192.168.1.1" ]; firewall = { + trustedInterfaces = [ "br-+" ]; enable = true; allowedUDPPorts = ports; allowedTCPPorts = ports; @@ -60,15 +64,16 @@ in { }; }; - environment.sessionVariables = {LIBVA_DRIVER_NAME = "iHD";}; # + environment.sessionVariables = { + LIBVA_DRIVER_NAME = "iHD"; + }; environment.systemPackages = with pkgs; [ - alacritty + ghostty czkawka gcc go hyperfine sof-firmware - jellyfin-media-player lazydocker gamescope lazygit @@ -78,6 +83,7 @@ in { upower nodePackages.nodejs nodePackages.pnpm + glibcLocales ]; # Define a user account. Don't forget to set a password with ‘passwd’. users = { @@ -161,7 +167,7 @@ in { enable = true; openFirewall = true; }; - x2goserver.enable = true; + x2goserver.enable = false; # Enable the X11 windowing system. xserver = { @@ -172,8 +178,9 @@ in { # Kodi desktopManager.kodi = { enable = true; - package = pkgs.kodi.withPackages (pkgs: - with pkgs; [ + package = pkgs.kodi.withPackages ( + pkgs: with pkgs; [ + pvr-iptvsimple jellyfin jellycon sendtokodi @@ -188,22 +195,23 @@ in { visualization-spectrum visualization-waveform inputstream-adaptive - ]); + ] + ); }; }; displayManager = { - sddm = { - enable = true; - wayland.enable = false; - }; + # sddm = { + # enable = true; + # wayland.enable = false; + # }; autoLogin = { - enable = false; + enable = true; user = "mira"; }; }; - btrbk = {}; # TODO: - caddy = {}; # TODO: + btrbk = { }; # TODO: + caddy = { }; # TODO: fail2ban = { enable = true; ignoreIP = [ @@ -242,8 +250,12 @@ in { # }; # }; # }; - pipewire = { + pulseaudio = { enable = true; + support32Bit = true; # # If compatibility with 32-bit applications is desired. + }; + pipewire = { + enable = false; alsa.enable = true; alsa.support32Bit = true; pulse.enable = true; @@ -259,42 +271,30 @@ in { autoPrune.enable = true; # TODO: you're gonna need to disable this eventually # extraOptions = "--userns-remap=default"; - liveRestore = false; # NOTE: Incompatible with swarm + liveRestore = false; }; virtualisation.libvirtd.enable = true; # TODO: - powerManagement.enable = - lib.mkForce - false; + powerManagement.enable = lib.mkForce false; systemd = { targets = { sleep.enable = false; suspend.enable = false; }; timers."qbittorrent-healthcheck" = { - wantedBy = ["timers.target"]; + wantedBy = [ "timers.target" ]; timerConfig = { OnCalendar = "*/5 * * * *"; Unit = "qbittorrent-healthcheck"; }; }; services = { - "qbittorrent-healthcheck" = { - script = '' - ${pkgs.docker}/bin/docker exec qbittorrent ping -c 1 -w 5 -I protonwire0 8.8.8.8 || ${pkgs.docker}/bin/docker restart qbittorrent - ''; - serviceConfig = { - Type = "oneshot"; - User = "root"; - }; - }; - docker = { unitConfig = { RequiresMountsFor = "/raid"; }; - wantedBy = ["graphical.target"]; + wantedBy = [ "graphical.target" ]; }; # TODO: switch to ntfy? sshdAlert = { @@ -308,7 +308,7 @@ in { ${pkgs.curl}/bin/curl --request POST --url https://discord.com/api/webhooks/1235751608046846012/CU7tz271Z3Rbq9mPV0_rB5RBCRDhLKhGH14ebBm-TePpWFqKKJaCRYVMHYTJsIaSq2H- --header 'Content-Type: application/json' --data '{"username": "Auxin SSH status","avatar_url": "https://pbs.twimg.com/media/GMPtuovaQAAQ7Qr?format=png&name=large","content": "SSHD is Running!"}' ''; }; - wantedBy = ["multi-user.target"]; + wantedBy = [ "multi-user.target" ]; }; }; }; diff --git a/auxin/hardware-configuration.nix b/auxin/hardware-configuration.nix index 8c2e7b9..b2219bb 100644 --- a/auxin/hardware-configuration.nix +++ b/auxin/hardware-configuration.nix @@ -22,25 +22,30 @@ # initrd.kernelModules = ["i915"]; kernelModules = ["kvm-amd" "iscsi_tcp"]; extraModulePackages = []; - kernelParams = ["i915.force_probe=56a5" -#"i915.enable_guc=0" + kernelParams = [ + # "i915.enable_guc=1" ]; # kernelPackages = pkgs.linuxPackages_latest; }; fileSystems."/" = { device = "/dev/disk/by-label/SYSTEM"; fsType = "btrfs"; - options = ["subvol=@nixos" "noatime"]; + options = ["subvol=@nixos" "noatime" "compress=zstd"]; }; fileSystems."/raid" = { - device = "//192.168.2.146/raid"; - fsType = "cifs"; - options = ["credentials=/etc/nixos/smb-secrets" "_netdev" "uid=1000" "gid=1000" "file_mode=0777" "dir_mode=0777"]; + device = "192.168.1.146:/mnt/raid"; + fsType = "nfs"; + # options = ["credentials=/etc/nixos/smb-secrets" "_netdev" "uid=1000" "gid=1000" "file_mode=0777" "dir_mode=0777"]; }; + # fileSystems."/samba" = { + # device = "//192.168.2.146/raid"; + # fsType = "cifs"; + # options = ["credentials=/etc/nixos/smb-secrets" "_netdev"]; + # }; fileSystems."/nix" = { device = "/dev/disk/by-label/SYSTEM"; fsType = "btrfs"; - options = ["subvol=@nix" "noatime"]; + options = ["subvol=@nix" "noatime" "compress=zstd"]; }; fileSystems."/home" = { @@ -61,8 +66,6 @@ nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; hardware = { enableRedistributableFirmware = true; - # pulseaudio.enable = true; - # pulseaudio.support32Bit = true; ## If compatibility with 32-bit applications is desired. graphics = { enable = true; extraPackages = with pkgs; [ diff --git a/common.nix b/common.nix index aff145b..63bc31c 100644 --- a/common.nix +++ b/common.nix @@ -1,10 +1,10 @@ -{ config -, lib -, pkgs -, meta -, ... -}: -let +{ + config, + lib, + pkgs, + meta, + ... +}: let sshKeys = [ "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCZ87vi3BF+Mtb8Pv1Gqc9wyeXQCncJrg3lq4dwl15bkHUw4BlR2h1z8payBpGiKMnZy/NtWCclt3Jh562YhjLYHy9VtlTUlADGTvIPtczizZYPCzceC3fP1zCh2N8pUluR8J9Y+EvYWvSQkvSpwD8hhpLXeuOtFjjg0stLliI2YuVk4TJrXNmF8UNweeiBvaJW4Nye5no9h+IKTU8FPehB5BrWhTi9aTiTSxzgX3anOaTzRL1x+Lbeoo27AfZXwQJDlYHdg93csXyAP4l2g4lvtU98W3AlG7ZsipUgRWClfe4OBz1l2rT5F+l28daOFae+THOf2iG6kymesCeJiLBILWk45hmiA8Vv3XAdWxtqPJhQKrqtfm5GMm3cNZPc6N3CJe6gVw75eBCG1TjFhSVXmrHQgbmN0nFs6HU3+ghSnPmDI8A7DvWdRAKceWP39pb3g5kp/pTg+Lj+yFV2ll4/MvbN1wcSdW5azDAYLVnMCS6b8ikO16tpnLT1bbUN4M0= ceph-f4745d24-7f5e-11ef-b66f-14ac604688a3" "sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIMggnmTj7KL409V2mtbPgKERbmyJAeCGBcyzxWW+arRZAAAABHNzaDo= yubikey-black" @@ -20,8 +20,7 @@ let "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDm1kPy3bxyLX2nUwvETrsBbjmPDHEvKxmzn9dCoaa/C1tWttrvaXUhYZ6svftR7ofqjCailq1WHU4qkIlfz6Hxwq/mxZdOGRg3A2lzDgbJ5C9RSA8LIfYht2UhbqW40wHCEa1B6+bcwLHFWbDyoeT+NQO007lK4Tu1OY3nTNz3QFJgxAPtFuqQSTFpkxL8JZetQtc/KwJ5ofZBZ+nFc4PUstPE47uf4OEOaKY+fbDZ2bf8tmybGhVq6Oc+BQKij5usnQLTeN8XyVxPxGvXahXHx7ESnp//wCs6DrzoMHBbAVFVXS+w6ZzX2el9gCAcUeyZt8iu0zl9GxnVkpyQzHuuBgYON3orYaCdM5vRCnECFoK8XNwP45jNPzFxrIpSYeJ4tR4uhLxCfD3OHB/BQtOQsEdMJvnLnynzyWePeweTe2S1+ohg9zskyxt9c2rSxw8OlWdHds32JuWka6mTJCdfZgHaNY+Ppz1NEo5XYIfz9Jt0vevmaCVbBHo73Tyh6+k= norepinephrine" "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDmOATOG9brF/pBmMufk0LQkPQuLwgZAOZMeHCSdOpr+4Tap/mmqCHGtDL/JW6KsDfFpOFmdnSoeihVPGT3r/Mixt3cGOJlzoWXDt2bHyaEOsLz5B3MuYqBIXG3d2wvxharbmlVg3xyArSaCtuBZcopC5rXajnrPW4HxW+pxPC1NsL3RRGSF0edWdJVdX8oJJBsMMUzfeWh1bxEz2iLKMSYb6KPbQITwFTr+RuiEIppOW3n0zJko1wNG8oWTOgHdkmY4C4rUOk6KgW4qs19t7Mjlc7CnZa3XV7/0DcxERGsphpKvS7dpnEtOt7RaHUr/t0V3yLgl58MPbJKG6WSNIRaXZ0EPSlzz8k+4JjuEFdCDg7WjEDSZsBS9U4AyYQjlEwrkinT7g+LUVKYEDqb0hE539SwARvHZsOXrRgtA+Jh2CJIb/rRWfQRkgxpT9hKiBfYbSj8qbphUrbJ/g72UOQyhIbEW8fF9vmWY75NV/X2+EFZyF56ZhvLFk08sjGIF+s= u0_a441@localhost" ]; -in -{ +in { nix = { # package = pkgs.nixFlakes; optimise.automatic = true; @@ -87,29 +86,29 @@ in tuptime.timer.enable = true; } // lib.optionalAttrs - ((builtins.match ".*-linux" pkgs.stdenv.hostPlatform.system) + ((builtins.match ".*-linux" pkgs.stdenv.hostPlatform.system) != null) - { - avahi = { - enable = true; - ipv4 = true; - ipv6 = true; - nssmdns6 = true; - nssmdns4 = true; - openFirewall = true; - }; - # smartd - smartd.enable = lib.mkDefault true; - } + { + avahi = { + enable = true; + ipv4 = true; + ipv6 = true; + nssmdns6 = true; + nssmdns4 = true; + openFirewall = true; + }; + # smartd + smartd.enable = lib.mkDefault true; + } # Mac Services // lib.optionalAttrs - ((builtins.match ".*-darwin" pkgs.stdenv.hostPlatform.system) + ((builtins.match ".*-darwin" pkgs.stdenv.hostPlatform.system) != null) - { - nix-daemon.enable = true; - }; + { + nix-daemon.enable = true; + }; users = { - groups.dockremap = { }; + groups.dockremap = {}; groups."mira".gid = 1000; users = { root.openssh.authorizedKeys.keys = sshKeys; @@ -117,7 +116,7 @@ in isNormalUser = true; group = "mira"; uid = 1000; - extraGroups = [ "wheel" "docker" "dockremap" "audio" ]; + extraGroups = ["wheel" "docker" "dockremap" "audio"]; packages = with pkgs; [ firefox tree @@ -127,59 +126,59 @@ in }; anish = { isNormalUser = true; - extraGroups = [ "wheel" "docker" "dockremap" ]; + extraGroups = ["wheel" "docker" "dockremap"]; shell = pkgs.zsh; - openssh.authorizedKeys.keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIF6+YE7GteMK6Lmo0oW266LmaD6jwQMnCxwv0/V9zqKR akristipati6@gatech.edu" ]; + openssh.authorizedKeys.keys = ["ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIF6+YE7GteMK6Lmo0oW266LmaD6jwQMnCxwv0/V9zqKR akristipati6@gatech.edu" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGG85YYqWTZVFL61l8/R4eBPPWeG/brocJy5wCdUx9yj akristipati6@gatech.edu" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINd1sJYpn4u731IJwG1HrvAGrEXwB60HdkklXPoFr4CX akristipati6@gatech.edu"]; }; }; }; - environment.systemPackages = with pkgs; lib.lists.unique [ - - # zellij - bat - brightnessctl - btdu - btop - btrbk - cargo - chezmoi - cifs-utils - delta - difftastic - duf - fastfetch - fd - file - fzf - gdu - ghostty - glibcLocales - hyfetch - killall - lsd - lsof - mcfly - neovim - nushell - powertop - python3 - ripgrep - sheldon - starship - statix - tealdeer - unzip - viddy - vivid - wget - xonsh - zoxide - zsh - ] ++ [ - alejandra - lua-language-server + environment.systemPackages = with pkgs; + lib.lists.unique [ + bat + brightnessctl + btdu + btop + btrbk + cargo + chezmoi + cifs-utils + delta + difftastic + duf + fastfetch + fd + file + fzf + gdu + ghostty + glibcLocales + hyfetch + killall + lsd + lsof + mcfly + neovim + nushell + powertop + python3 + ripgrep + sheldon + starship + statix + tealdeer + unzip + viddy + vivid + wget + xonsh + zoxide + zsh + ] + ++ [ + alejandra + lua-language-server stylua - ]; + ]; programs = { tmux = { enable = true; @@ -194,7 +193,7 @@ in lazygit.enable = true; yazi.enable = true; zsh.enable = true; - thefuck.enable = true; + # thefuck.enable = true; # direnv.enable = true; neovim.enable = true; starship.enable = true; diff --git a/flake.lock b/flake.lock index a1c8b52..0934774 100644 --- a/flake.lock +++ b/flake.lock @@ -38,38 +38,6 @@ "type": "github" } }, - "flake-compat_2": { - "flake": false, - "locked": { - "lastModified": 1733328505, - "narHash": "sha256-NeCCThCEP3eCl2l/+27kNNK7QrwZB1IJCrXfrbv5oqU=", - "owner": "edolstra", - "repo": "flake-compat", - "rev": "ff81ac966bb2cae68946d5ed5fc4994f96d0ffec", - "type": "github" - }, - "original": { - "owner": "edolstra", - "repo": "flake-compat", - "type": "github" - } - }, - "flake-compat_3": { - "flake": false, - "locked": { - "lastModified": 1696426674, - "narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=", - "owner": "edolstra", - "repo": "flake-compat", - "rev": "0f9255e01c2351cc7d116c072cb317785dd33b33", - "type": "github" - }, - "original": { - "owner": "edolstra", - "repo": "flake-compat", - "type": "github" - } - }, "flake-parts": { "inputs": { "nixpkgs-lib": [ @@ -78,11 +46,11 @@ ] }, "locked": { - "lastModified": 1736143030, - "narHash": "sha256-+hu54pAoLDEZT9pjHlqL9DNzWz0NbUn8NEAHP7PQPzU=", + "lastModified": 1762980239, + "narHash": "sha256-8oNVE8TrD19ulHinjaqONf9QWCKK+w4url56cdStMpM=", "owner": "hercules-ci", "repo": "flake-parts", - "rev": "b905f6fc23a9051a6e1b741e1438dbfc0634c6de", + "rev": "52a2caecc898d0b46b2b905f058ccc5081f842da", "type": "github" }, "original": { @@ -91,27 +59,6 @@ "type": "github" } }, - "flake-parts_2": { - "inputs": { - "nixpkgs-lib": [ - "neovim-nightly-overlay", - "hercules-ci-effects", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1733312601, - "narHash": "sha256-4pDvzqnegAfRkPwO3wmwBhVi/Sye1mzps0zHWYnP88c=", - "owner": "hercules-ci", - "repo": "flake-parts", - "rev": "205b12d8b7cd4802fbcb8e8ef6a0f1408781a4f9", - "type": "github" - }, - "original": { - "id": "flake-parts", - "type": "indirect" - } - }, "flake-utils": { "inputs": { "systems": "systems" @@ -130,73 +77,6 @@ "type": "github" } }, - "git-hooks": { - "inputs": { - "flake-compat": "flake-compat_3", - "gitignore": "gitignore", - "nixpkgs": [ - "neovim-nightly-overlay", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1735882644, - "narHash": "sha256-3FZAG+pGt3OElQjesCAWeMkQ7C/nB1oTHLRQ8ceP110=", - "owner": "cachix", - "repo": "git-hooks.nix", - "rev": "a5a961387e75ae44cc20f0a57ae463da5e959656", - "type": "github" - }, - "original": { - "owner": "cachix", - "repo": "git-hooks.nix", - "type": "github" - } - }, - "gitignore": { - "inputs": { - "nixpkgs": [ - "neovim-nightly-overlay", - "git-hooks", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1709087332, - "narHash": "sha256-HG2cCnktfHsKV0s4XW83gU3F57gaTljL9KNSuG6bnQs=", - "owner": "hercules-ci", - "repo": "gitignore.nix", - "rev": "637db329424fd7e46cf4185293b9cc8c88c95394", - "type": "github" - }, - "original": { - "owner": "hercules-ci", - "repo": "gitignore.nix", - "type": "github" - } - }, - "hercules-ci-effects": { - "inputs": { - "flake-parts": "flake-parts_2", - "nixpkgs": [ - "neovim-nightly-overlay", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1735695978, - "narHash": "sha256-cwk53OX1S1bCFY09zydubZNmmwcx9l5XEba8mVYuNE4=", - "owner": "hercules-ci", - "repo": "hercules-ci-effects", - "rev": "f6233b5cfbada692d93a73d6ed35bdbfd0fdb9c4", - "type": "github" - }, - "original": { - "owner": "hercules-ci", - "repo": "hercules-ci-effects", - "type": "github" - } - }, "mirafetch": { "inputs": { "cargo2nix": "cargo2nix", @@ -212,11 +92,11 @@ ] }, "locked": { - "lastModified": 1728409373, - "narHash": "sha256-574pVToueBW5O7GrYqOIP7LXWLaL8DtVItIYL7McMyw=", + "lastModified": 1736958443, + "narHash": "sha256-RygnAZb+BQ+hx9eDmk7ucAg28l5cIM8sM0zbGX0bHbM=", "owner": "ArgentumCation", "repo": "mirafetch", - "rev": "4ee59bf0ed1f8c7d645de3c07a8a8d38b6cd5447", + "rev": "a03be8e4340fbf93a29c9904393ff3721c060667", "type": "github" }, "original": { @@ -227,20 +107,16 @@ }, "neovim-nightly-overlay": { "inputs": { - "flake-compat": "flake-compat_2", "flake-parts": "flake-parts", - "git-hooks": "git-hooks", - "hercules-ci-effects": "hercules-ci-effects", "neovim-src": "neovim-src", - "nixpkgs": "nixpkgs_2", - "treefmt-nix": "treefmt-nix" + "nixpkgs": "nixpkgs_2" }, "locked": { - "lastModified": 1736640403, - "narHash": "sha256-1rpSNc0RuUSzy/p+FSrKscnzkki9OY8fKJCOe7z8fDA=", + "lastModified": 1763683496, + "narHash": "sha256-k20voxbsi+899PeXlvWpKU5tcgNYfNqC52rgrh+MOto=", "owner": "nix-community", "repo": "neovim-nightly-overlay", - "rev": "e22b81280db26159447ea54ea06ea6d20435999a", + "rev": "1ddc8e956c8165df29735202b76bb0cfa827916d", "type": "github" }, "original": { @@ -252,11 +128,11 @@ "neovim-src": { "flake": false, "locked": { - "lastModified": 1736639038, - "narHash": "sha256-ezIZc9Y1m5ERCpVpl2Dx8DMEgTDe0eVU7Q5eXa0fMw8=", + "lastModified": 1763682595, + "narHash": "sha256-/dUf5I0DyLvPgFzjJj0/lUHKZ2M1sVlbYCgudDabxIo=", "owner": "neovim", "repo": "neovim", - "rev": "88dca6a83593a0cf33866addf36cad2e847a2899", + "rev": "a8b9660ca3452a27b68bf914f618df2d78b64180", "type": "github" }, "original": { @@ -270,11 +146,11 @@ "nixpkgs": "nixpkgs_3" }, "locked": { - "lastModified": 1736631212, - "narHash": "sha256-mG9lRZBcPiAGiVJ9B97BJoIGQcSBWIVlBiN30QYCtG0=", + "lastModified": 1763505477, + "narHash": "sha256-nJRd4LY2kT3OELfHqdgWjvToNZ4w+zKCMzS2R6z4sXE=", "owner": "LnL7", "repo": "nix-darwin", - "rev": "6ace2f2d12bdf74235d5cbf9fbd34a71c9716685", + "rev": "3bda9f6b14161becbd07b3c56411f1670e19b9b5", "type": "github" }, "original": { @@ -285,11 +161,11 @@ }, "nixos-unstable": { "locked": { - "lastModified": 1736523798, - "narHash": "sha256-Xb8mke6UCYjge9kPR9o4P1nVrhk7QBbKv3xQ9cj7h2s=", + "lastModified": 1763421233, + "narHash": "sha256-Stk9ZYRkGrnnpyJ4eqt9eQtdFWRRIvMxpNRf4sIegnw=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "130595eba61081acde9001f43de3248d8888ac4a", + "rev": "89c2b2330e733d6cdb5eae7b899326930c2c0648", "type": "github" }, "original": { @@ -333,11 +209,11 @@ }, "nixpkgs-unstable": { "locked": { - "lastModified": 1736657626, - "narHash": "sha256-FWlPMUzp0lkQBdhKlPqtQdqmp+/C+1MBiEytaYfrCTY=", + "lastModified": 1763618868, + "narHash": "sha256-v5afmLjn/uyD9EQuPBn7nZuaZVV9r+JerayK/4wvdWA=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "2f9e2f85cb14a46410a1399aa9ea7ecf433e422e", + "rev": "a8d610af3f1a5fb71e23e08434d8d61a466fc942", "type": "github" }, "original": { @@ -349,11 +225,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1736420959, - "narHash": "sha256-dMGNa5UwdtowEqQac+Dr0d2tFO/60ckVgdhZU9q2E2o=", + "lastModified": 1763618868, + "narHash": "sha256-v5afmLjn/uyD9EQuPBn7nZuaZVV9r+JerayK/4wvdWA=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "32af3611f6f05655ca166a0b1f47b57c762b5192", + "rev": "a8d610af3f1a5fb71e23e08434d8d61a466fc942", "type": "github" }, "original": { @@ -365,16 +241,18 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1718149104, - "narHash": "sha256-Ds1QpobBX2yoUDx9ZruqVGJ/uQPgcXoYuobBguyKEh8=", + "lastModified": 1747728033, + "narHash": "sha256-NnXFQu7g4LnvPIPfJmBuZF7LFy/fey2g2+LCzjQhTUk=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "e913ae340076bbb73d9f4d3d065c2bca7caafb16", + "rev": "2f9173bde1d3fbf1ad26ff6d52f952f9e9da52ea", "type": "github" }, "original": { - "id": "nixpkgs", - "type": "indirect" + "owner": "NixOS", + "ref": "nixpkgs-unstable", + "repo": "nixpkgs", + "type": "github" } }, "nixpkgs_4": { @@ -445,27 +323,6 @@ "repo": "default", "type": "github" } - }, - "treefmt-nix": { - "inputs": { - "nixpkgs": [ - "neovim-nightly-overlay", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1736154270, - "narHash": "sha256-p2r8xhQZ3TYIEKBoiEhllKWQqWNJNoT9v64Vmg4q8Zw=", - "owner": "numtide", - "repo": "treefmt-nix", - "rev": "13c913f5deb3a5c08bb810efd89dc8cb24dd968b", - "type": "github" - }, - "original": { - "owner": "numtide", - "repo": "treefmt-nix", - "type": "github" - } } }, "root": "root", diff --git a/galanin/configuration.nix b/galanin/configuration.nix index 3257469..a156a19 100644 --- a/galanin/configuration.nix +++ b/galanin/configuration.nix @@ -3,16 +3,16 @@ # https://search.nixos.org/options and in the NixOS manual (`nixos-help`). { config, - lib, - pkgs, - ... + lib, + pkgs, + ... }: { imports = [ -# Include the results of the hardware scan. -# ./hardware-configuration.nix + # Include the results of the hardware scan. + # ./hardware-configuration.nix ]; -# Use the systemd-boot EFI boot loader. + # Use the systemd-boot EFI boot loader. boot.loader.systemd-boot.enable = true; boot.loader.efi.canTouchEfiVariables = true; @@ -25,12 +25,12 @@ defaultGateway.address = "192.168.1.1"; }; -# List packages installed in system profile. To search, run: -# $ nix search wget -# environment.systemPackages = with pkgs; [ -# vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default. -# wget -# ]; + # List packages installed in system profile. To search, run: + # $ nix search wget + # environment.systemPackages = with pkgs; [ + # vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default. + # wget + # ]; users = { users = { @@ -39,24 +39,24 @@ uid = 100000; group = "dockremap"; subUidRanges = [ - { - startUid = 100000; - count = 65536; - } + { + startUid = 100000; + count = 65536; + } ]; subGidRanges = [ - { - startGid = 100000; - count = 65536; - } + { + startGid = 100000; + count = 65536; + } ]; }; }; }; -# Some programs need SUID wrappers, can be configured further or are -# started in user sessions. -# programs.mtr.enable = true; -# programs. + # Some programs need SUID wrappers, can be configured further or are + # started in user sessions. + # programs.mtr.enable = true; + # programs. programs = { gnupg.agent = { enable = true; @@ -76,7 +76,7 @@ configure = { customRC = '' set number relativenumber - ''; + ''; }; defaultEditor = true; @@ -90,7 +90,7 @@ extraOptions = "--userns-remap=default"; liveRestore = false; # NOTE: Incompatible with swarm }; -# List services that you want to enable: + # List services that you want to enable: services.keepalived = { enable = true; openFirewall = true; @@ -101,14 +101,14 @@ delay 1 } ''; - vrrpInstances = { - VI_1 = { - state = "BACKUP"; - interface = "enp0s31f6"; - virtualRouterId = 51; - priority=100; - virtualIps = [ {addr = "192.168.1.64";}]; - extraConfig = '' + vrrpInstances = { + VI_1 = { + state = "BACKUP"; + interface = "enp0s31f6"; + virtualRouterId = 51; + priority = 100; + virtualIps = [{addr = "192.168.1.64";}]; + extraConfig = '' authentication { auth_type PASS auth_pass 3141 @@ -117,27 +117,27 @@ track_traefik } advert_int 1 - ''; - }; + ''; }; + }; }; -# Enable the OpenSSH daemon. -# services.openssh.enable = true; + # Enable the OpenSSH daemon. + # services.openssh.enable = true; -# Open ports in the firewall. -# networking.firewall.allowedTCPPorts = [ ... ]; -# networking.firewall.allowedUDPPorts = [ ... ]; -# Or disable the firewall altogether. + # Open ports in the firewall. + # networking.firewall.allowedTCPPorts = [ ... ]; + # networking.firewall.allowedUDPPorts = [ ... ]; + # Or disable the firewall altogether. -# Copy the NixOS configuration file and link it from the resulting system -# (/run/current-system/configuration.nix). This is useful in case you -# accidentally delete configuration.nix. -# system.copySystemConfiguration = true; - services.logind.lidSwitch = "ignore"; - systemd.targets.sleep.enable = false; - systemd.targets.suspend.enable = false; - systemd.targets.hibernate.enable = false; - systemd.targets.hybrid-sleep.enable = false; + # Copy the NixOS configuration file and link it from the resulting system + # (/run/current-system/configuration.nix). This is useful in case you + # accidentally delete configuration.nix. + # system.copySystemConfiguration = true; + services.logind.lidSwitch = "ignore"; + systemd.targets.sleep.enable = false; + systemd.targets.suspend.enable = false; + systemd.targets.hibernate.enable = false; + systemd.targets.hybrid-sleep.enable = false; - system.stateVersion = "24.05"; # Did you read the comment? - } + system.stateVersion = "24.05"; # Did you read the comment? +} diff --git a/node.nix b/node.nix index bbcd767..80af0ff 100644 --- a/node.nix +++ b/node.nix @@ -1,10 +1,9 @@ -{ config -, lib -, pkgs -, meta -, ... -}: -let +{ + config, + lib, + pkgs, + meta, + ... +}: let foo = "bar"; -in -{ } +in {} diff --git a/orexin/hardware-configuration.nix b/orexin/hardware-configuration.nix index e5a87c0..38b4bd1 100644 --- a/orexin/hardware-configuration.nix +++ b/orexin/hardware-configuration.nix @@ -35,11 +35,11 @@ options = ["subvol=@nix" "noatime" "space_cache=v2" "compress=zstd"]; }; -# fileSystems."/data" = { -# device = "/dev/disk/by-uuid/d57652b7-5506-4cdd-8694-90bcd4810d7b"; -# fsType = "btrfs"; -# options = ["noatime" "space_cache=v2" "compress=zstd"]; -# }; + # fileSystems."/data" = { + # device = "/dev/disk/by-uuid/d57652b7-5506-4cdd-8694-90bcd4810d7b"; + # fsType = "btrfs"; + # options = ["noatime" "space_cache=v2" "compress=zstd"]; + # }; fileSystems."/boot" = { device = "/dev/disk/by-uuid/8BA9-84E8"; diff --git a/primary.nix b/primary.nix deleted file mode 100644 index be18ebb..0000000 --- a/primary.nix +++ /dev/null @@ -1,59 +0,0 @@ -inputs @ { config -, pkgs -, flakes -, ... -}: { - imports = [ - ./etc/seaweedfs.nix # the file from dermetfan - ]; - - services.seaweedfs.clusters.default = { - package = pkgs.seaweedfs; - - masters.main = { - openFirewall = true; - ip = "${config.networking.hostName}.lan"; - mdir = "/raid/@weed/metadata/"; - volumePreallocate = true; - - defaultReplication = { - dataCenter = 0; - rack = 0; - server = 0; - }; - }; - volumes.${config.networking.hostName} = { - openFirewall = true; - dataCenter = "ribosome"; - rack = "${config.networking.hostName}"; - ip = "${config.networking.hostName}.lan"; - dir = [ "/raid/@weed/volumes/volume_${config.networking.hostName}/" ]; - disk = "hdd"; # Replication gets screwy if these don't match - max = [ 0 ]; # use all space - port = 9334; - - mserver = [ - { - ip = "${config.networking.hostName}.lan"; - port = 9333; - } - ]; - }; - - filers.main = { - openFirewall = true; - dataCenter = "ribosome"; - encryptVolumeData = false; - ip = "${config.networking.hostName}.lan"; - peers = [ ]; - port = 4208; - master = [ - # this is actually in cluster.masters that I import in the real file - { - ip = "${config.networking.hostName}.lan"; - port = 9333; - } - ]; - }; - }; -}