Bun/nixos-config
1
0
Fork 1
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Add Colmena to manage systems, use better pathing for smallfetch, use better mountpoints and hostnames from Colema

Browse source
This commit is contained in:
Bun 2025-06-01 06:17:48 -04:00
parent 215ad6b1a7
commit 1f7d01bb4d
53 changed files with 254 additions and 166 deletions
Download patch file Download diff file Expand all files Collapse all files

42
flake.lock generated
View file

@ -269,11 +269,11 @@
}, },
"hardware": { "hardware": {
"locked": { "locked": {
"lastModified": 1747900541, "lastModified": 1748634340,
"narHash": "sha256-dn64Pg9xLETjblwZs9Euu/SsjW80pd6lr5qSiyLY1pg=", "narHash": "sha256-pZH4bqbOd8S+si6UcfjHovWDiWKiIGRNRMpmRWaDIms=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixos-hardware", "repo": "nixos-hardware",
"rev": "11f2d9ea49c3e964315215d6baa73a8d42672f06", "rev": "daa628a725ab4948e0e2b795e8fb6f4c3e289a7a",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -289,11 +289,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1748226808, "lastModified": 1748665073,
"narHash": "sha256-GaBRgxjWO1bAQa8P2+FDxG4ANBVhjnSjBms096qQdxo=", "narHash": "sha256-RMhjnPKWtCoIIHiuR9QKD7xfsKb3agxzMfJY8V9MOew=",
"owner": "nix-community", "owner": "nix-community",
"repo": "home-manager", "repo": "home-manager",
"rev": "83665c39fa688bd6a1f7c43cf7997a70f6a109f9", "rev": "282e1e029cb6ab4811114fc85110613d72771dea",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -326,11 +326,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1748411314, "lastModified": 1748683484,
"narHash": "sha256-fvtRp+oHGDLiSQico9+LTAr6Z8CU1AIldLYLQ9mHqjo=", "narHash": "sha256-RXiY6t9E9oLEtfdGChHk/OIPqxYg1tu8XLvbPnJlfi4=",
"owner": "Jovian-Experiments", "owner": "Jovian-Experiments",
"repo": "Jovian-NixOS", "repo": "Jovian-NixOS",
"rev": "9d69aed9023082af370b71bffdfcd414b6b61593", "rev": "6f6bd4a27fb01c9dd623a157d769f34561407f47",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -396,11 +396,11 @@
"nixpkgs": "nixpkgs_2" "nixpkgs": "nixpkgs_2"
}, },
"locked": { "locked": {
"lastModified": 1748225187, "lastModified": 1748570485,
"narHash": "sha256-gpNN43fNJQoHhnK1Z+nms4lo6i/t9t2rfZMAxc165vQ=", "narHash": "sha256-oDnEc/rxyDf+uUXO56Z2TJtrrQoBe0Z4MCIRaY6lVZ0=",
"owner": "Infinidoge", "owner": "Infinidoge",
"repo": "nix-minecraft", "repo": "nix-minecraft",
"rev": "98c1bcaaa4dbd5980523a08a5b32e35d44e830e5", "rev": "6c961ee42ff2301ee61c75aa42cbe8c8adecf3c8",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -487,11 +487,11 @@
"treefmt-nix": "treefmt-nix" "treefmt-nix": "treefmt-nix"
}, },
"locked": { "locked": {
"lastModified": 1748444636, "lastModified": 1748748623,
"narHash": "sha256-wjcrY2/bFfHLm16HPuxDhHEqe3HBbLwZ5kT/BBklPKE=", "narHash": "sha256-ajFTvgFyRxLMjpJxK+KOEp2+dNRl/Bc8Mnby7W8uPk4=",
"owner": "nix-community", "owner": "nix-community",
"repo": "NUR", "repo": "NUR",
"rev": "c68efc6197f91cae2904f68937bdfb235c3c7799", "rev": "58a80c3ede0cdfa480f3bd8f0e79c010677f2a07",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -566,11 +566,11 @@
}, },
"stable": { "stable": {
"locked": { "locked": {
"lastModified": 1748162331, "lastModified": 1748437600,
"narHash": "sha256-rqc2RKYTxP3tbjA+PB3VMRQNnjesrT0pEofXQTrMsS8=", "narHash": "sha256-hYKMs3ilp09anGO7xzfGs3JqEgUqFMnZ8GMAqI6/k04=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "7c43f080a7f28b2774f3b3f43234ca11661bf334", "rev": "7282cb574e0607e65224d33be8241eae7cfe0979",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -632,11 +632,11 @@
}, },
"unstable": { "unstable": {
"locked": { "locked": {
"lastModified": 1748370509, "lastModified": 1748460289,
"narHash": "sha256-QlL8slIgc16W5UaI3w7xHQEP+Qmv/6vSNTpoZrrSlbk=", "narHash": "sha256-7doLyJBzCllvqX4gszYtmZUToxKvMUrg45EUWaUYmBg=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "4faa5f5321320e49a78ae7848582f684d64783e9", "rev": "96ec055edbe5ee227f28cdbc3f1ddf1df5965102",
"type": "github" "type": "github"
}, },
"original": { "original": {

39
flake.nix
View file

@ -41,6 +41,7 @@
url = "github:nix-community/home-manager/release-25.05"; url = "github:nix-community/home-manager/release-25.05";
inputs.nixpkgs.follows = "stable"; inputs.nixpkgs.follows = "stable";
}; };
nur = { nur = {
url = "github:nix-community/NUR"; url = "github:nix-community/NUR";
inputs.nixpkgs.follows = "unstable"; inputs.nixpkgs.follows = "unstable";
@ -52,23 +53,31 @@
outputs = inputs: with inputs; outputs = inputs: with inputs;
let {
mkNix = name: channel: channel.lib.nixosSystem { colmena = {
modules = [ (./hosts + "/${name}") ]; meta = {
specialArgs = inputs; nixpkgs = import stable {};
}; specialArgs = inputs;
in {
nixosConfigurations = builtins.mapAttrs (name: channel: mkNix name channel) {
tower = stable;
detritus = stable;
hidden = stable;
intuos = stable; # Use a different Nixpkgs import on some systems
jupiter = unstable; nodeNixpkgs.jupiter = import unstable {};
};
midas = stable; # Desktops
kitty = stable; tower.imports = [ ./hosts/tower ];
prophet = stable; #detritus.imports = [ ./hosts/detritus ];
# Laptops
intuos.imports = [ ./hosts/intuos ];
jupiter.imports = [ ./hosts/jupiter ];
# Servers
midas.imports = [ ./hosts/midas ];
kitty.imports = [ ./hosts/kitty ];
prophet.imports = [ ./hosts/prophet ];
# Misc
hidden.imports = [ ./hosts/hidden ];
}; };
} }

10
hosts/detritus/colmena/default.nix Normal file
View file

@ -0,0 +1,10 @@
{ config, ... }:
{
deployment = {
tags = [
"latptop"
"pc"
];
targetHost = "";
};
}

7
hosts/detritus/default.nix
View file

@ -2,6 +2,7 @@
{ {
imports = [ imports = [
./boot ./boot
./colmena
./disko ./disko
./filesystems ./filesystems
./hardware ./hardware
@ -9,12 +10,8 @@
../../modules/system ../../modules/system
]; ];
networking.hostName = "detritus";
system = { system = {
desktop.enable = true; desktop.enable = true;
stateVersion = "24.11"; stateVersion = "25.05";
}; };
services.xserver.videoDrivers = [ "amdgpu" ];
} }

18
hosts/detritus/filesystems/default.nix
View file

@ -1,6 +1,6 @@
{ config, ... }: { config, nodes, ... }:
{ {
fileSystems = with config.services.mycelium.ips; { fileSystems = with config.sysusers; with nodes; {
# Local mounts # Local mounts
"/persist/storage" = { "/persist/storage" = {
device = "/dev/disk/by-uuid/d0d6783f-ad51-4d85-b8a9-3374f6460ef6"; device = "/dev/disk/by-uuid/d0d6783f-ad51-4d85-b8a9-3374f6460ef6";
@ -11,7 +11,7 @@
"subvol=storage" "subvol=storage"
]; ];
}; };
"/persist/home/${config.sysusers.main}/games" = { "/persist/home/${main}/games" = {
device = "/dev/disk/by-uuid/d0d6783f-ad51-4d85-b8a9-3374f6460ef6"; device = "/dev/disk/by-uuid/d0d6783f-ad51-4d85-b8a9-3374f6460ef6";
fsType = "btrfs"; fsType = "btrfs";
options = [ options = [
@ -22,8 +22,8 @@
}; };
# Network mounts # Network mounts
"/home/${config.sysusers.main}/Network/Midas" = { "/home/${main}/Network/Midas" = {
device = "[${midas}]:/storage"; device = "[${midas.config.deployment.targetHost}]:/storage";
fsType = "nfs4"; fsType = "nfs4";
options = [ options = [
"noauto" "noauto"
@ -31,8 +31,8 @@
"x-systemd.automount" "x-systemd.automount"
]; ];
}; };
"/home/${config.sysusers.main}/Network/Kitty" = { "/home/${main}/Network/Kitty" = {
device = "[${kitty}]:/storage/bun"; device = "[${kitty.config.deployment.targetHost}]:/storage/bun";
fsType = "nfs4"; fsType = "nfs4";
options = [ options = [
"noauto" "noauto"
@ -40,8 +40,8 @@
"x-systemd.automount" "x-systemd.automount"
]; ];
}; };
"/home/${config.sysusers.main}/Network/Prophet" = { "/home/${main}/Network/Prophet" = {
device = "[${prophet}]:/storage"; device = "[${prophet.config.deployment.targetHost}]:/storage";
fsType = "nfs4"; fsType = "nfs4";
options = [ options = [
"noauto" "noauto"

3
hosts/hidden/boot/default.nix
View file

@ -1,6 +1,7 @@
{ ... }: { pkgs, ... }:
{ {
boot = { boot = {
kernelPackages = pkgs.linuxPackages_6_14;
loader.systemd-boot.enable = true; loader.systemd-boot.enable = true;
plymouth.enable = true; plymouth.enable = true;
}; };

10
hosts/hidden/colmena/default.nix Normal file
View file

@ -0,0 +1,10 @@
{ config, ... }:
{
deployment = {
tags = [
"misc"
"pc"
];
targetHost = "4ec:1001:ca5a:ae79:40e2:cb4c:e3c9:f401";
};
}

3
hosts/hidden/default.nix
View file

@ -2,6 +2,7 @@
{ {
imports = [ imports = [
./boot ./boot
./colmena
./disko ./disko
./hardware ./hardware
./services ./services
@ -9,8 +10,6 @@
../../modules/system ../../modules/system
]; ];
networking.hostName = "hidden";
system = { system = {
desktop.enable = true; desktop.enable = true;
stateVersion = "24.11"; stateVersion = "24.11";

10
hosts/intuos/colmena/default.nix Normal file
View file

@ -0,0 +1,10 @@
{ config, ... }:
{
deployment = {
tags = [
"latptop"
"pc"
];
targetHost = "40e:404:a427:da33:163e:97b3:a2a3:9ed4";
};
}

3
hosts/intuos/default.nix
View file

@ -2,6 +2,7 @@
{ {
imports = [ imports = [
./boot ./boot
./colmena
./disko ./disko
./filesystems ./filesystems
./hardware ./hardware
@ -9,8 +10,6 @@
../../modules/system ../../modules/system
]; ];
networking.hostName = "intuos";
system = { system = {
desktop.enable = true; desktop.enable = true;
stateVersion = "24.11"; stateVersion = "24.11";

16
hosts/intuos/filesystems/default.nix
View file

@ -1,9 +1,9 @@
{ config, ... }: { config, nodes, ... }:
{ {
fileSystems = with config.services.mycelium.ips; { fileSystems = with config.sysusers; with nodes; {
# Network mounts # Network mounts
"/home/${config.sysusers.main}/Network/Midas" = { "/home/${main}/Network/Midas" = {
device = "[${midas}]:/storage"; device = "[${midas.config.deployment.targetHost}]:/storage";
fsType = "nfs4"; fsType = "nfs4";
options = [ options = [
"noauto" "noauto"
@ -11,8 +11,8 @@
"x-systemd.automount" "x-systemd.automount"
]; ];
}; };
"/home/${config.sysusers.main}/Network/Kitty" = { "/home/${main}/Network/Kitty" = {
device = "[${kitty}]:/storage/bun"; device = "[${kitty.config.deployment.targetHost}]:/storage/bun";
fsType = "nfs4"; fsType = "nfs4";
options = [ options = [
"noauto" "noauto"
@ -20,8 +20,8 @@
"x-systemd.automount" "x-systemd.automount"
]; ];
}; };
"/home/${config.sysusers.main}/Network/Prophet" = { "/home/${main}/Network/Prophet" = {
device = "[${prophet}]:/storage"; device = "[${prophet.config.deployment.targetHost}]:/storage";
fsType = "nfs4"; fsType = "nfs4";
options = [ options = [
"noauto" "noauto"

2
hosts/jupiter/boot/default.nix
View file

@ -1,7 +1,7 @@
{ pkgsStable, ... }: { pkgsStable, ... }:
{ {
boot = { boot = {
kernelPackages = pkgsStable.linuxPackages_latest; kernelPackages = pkgsStable.linuxPackages_6_14;
loader.systemd-boot.enable = true; loader.systemd-boot.enable = true;
plymouth.enable = true; plymouth.enable = true;
}; };

10
hosts/jupiter/colmena/default.nix Normal file
View file

@ -0,0 +1,10 @@
{ config, ... }:
{
deployment = {
tags = [
"latptop"
"pc"
];
targetHost = "5ce:969c:40d1:9575:f5e:591d:c377:a20b";
};
}

3
hosts/jupiter/default.nix
View file

@ -2,6 +2,7 @@
{ {
imports = [ imports = [
./boot ./boot
./colmena
./disko ./disko
./filesystems ./filesystems
./hardware ./hardware
@ -11,8 +12,6 @@
../../modules/system ../../modules/system
]; ];
networking.hostName = "jupiter";
system = { system = {
desktop.enable = true; desktop.enable = true;
steamdeck.enable = true; steamdeck.enable = true;

16
hosts/jupiter/filesystems/default.nix
View file

@ -1,6 +1,6 @@
{ config, ... }: { config, nodes, ... }:
{ {
fileSystems = with config.services.mycelium.ips; { fileSystems = with config.sysusers; with nodes; {
# Local mounts # Local mounts
"/mnt/Games" = { "/mnt/Games" = {
device = "/dev/disk/by-uuid/cb109a85-846d-4417-9c50-a2279bd20803"; device = "/dev/disk/by-uuid/cb109a85-846d-4417-9c50-a2279bd20803";
@ -12,8 +12,8 @@
}; };
# Network mounts # Network mounts
"/home/${config.sysusers.main}/Network/Midas" = { "/home/${main}/Network/Midas" = {
device = "[${midas}]:/storage"; device = "[${midas.config.deployment.targetHost}]:/storage";
fsType = "nfs4"; fsType = "nfs4";
options = [ options = [
"noauto" "noauto"
@ -21,8 +21,8 @@
"x-systemd.automount" "x-systemd.automount"
]; ];
}; };
"/home/${config.sysusers.main}/Network/Kitty" = { "/home/${main}/Network/Kitty" = {
device = "[${kitty}]:/storage/bun"; device = "[${kitty.config.deployment.targetHost}]:/storage/bun";
fsType = "nfs4"; fsType = "nfs4";
options = [ options = [
"noauto" "noauto"
@ -30,8 +30,8 @@
"x-systemd.automount" "x-systemd.automount"
]; ];
}; };
"/home/${config.sysusers.main}/Network/Prophet" = { "/home/${main}/Network/Prophet" = {
device = "[${prophet}]:/storage"; device = "[${prophet.config.deployment.targetHost}]:/storage";
fsType = "nfs4"; fsType = "nfs4";
options = [ options = [
"noauto" "noauto"

2
hosts/jupiter/jovian/default.nix
View file

@ -32,7 +32,7 @@
services = { services = {
keyd.enable = lib.mkForce false; keyd.enable = lib.mkForce false;
tlp.enable = lib.mkForce false; tlp.enable = lib.mkForce false;
xserver.desktopManager.gnome.enable = true; desktopManager.gnome.enable = true;
}; };
hardware.xone.enable = true; hardware.xone.enable = true;

7
hosts/kitty/colmena/default.nix Normal file
View file

@ -0,0 +1,7 @@
{ config, ... }:
{
deployment = {
tags = [ "server" ];
targetHost = "53f:dc2d:80c9:3ca2:4b15:ef4d:38a0:c868";
};
}

6
hosts/kitty/default.nix
View file

@ -2,6 +2,7 @@
{ {
imports = [ imports = [
./boot ./boot
./colmena
./disko ./disko
./filesystems ./filesystems
./hardware ./hardware
@ -9,10 +10,7 @@
../../modules/system ../../modules/system
]; ];
networking = { networking.hostId = "8745e22e";
hostName = "kitty";
hostId = "8745e22e";
};
system = { system = {
server.enable = true; server.enable = true;

14
hosts/kitty/filesystems/default.nix
View file

@ -1,6 +1,6 @@
{ config, ... }: { config, nodes, ... }:
{ {
fileSystems = with config.services.mycelium.ips; { fileSystems = with config.sysusers; with nodes; {
"/persist/storage" = { "/persist/storage" = {
device = "/dev/disk/by-uuid/edd3e293-1aff-4fc0-96fa-4e17d6cccfca"; device = "/dev/disk/by-uuid/edd3e293-1aff-4fc0-96fa-4e17d6cccfca";
fsType = "btrfs"; fsType = "btrfs";
@ -11,17 +11,17 @@
}; };
# Network mounts # Network mounts
"/home/${config.sysusers.main}/Network/Midas" = { "/home/${main}/Network/Midas" = {
device = "[${midas}]:/storage"; device = "[${midas.config.deployment.targetHost}]:/storage";
fsType = "nfs4"; fsType = "nfs4";
options = [ options = [
"x-systemd.automount"
"noauto" "noauto"
"soft" "soft"
"x-systemd.automount"
]; ];
}; };
"/home/${config.sysusers.main}/Network/Prophet" = { "/home/${main}/Network/Prophet" = {
device = "[${prophet}]:/storage"; device = "[${prophet.config.deployment.targetHost}]:/storage";
fsType = "nfs4"; fsType = "nfs4";
options = [ options = [
"noauto" "noauto"

7
hosts/midas/colmena/default.nix Normal file
View file

@ -0,0 +1,7 @@
{ config, ... }:
{
deployment = {
tags = [ "server" ];
targetHost = "538:e163:87ba:f847:3646:18b6:6b01:d8f8";
};
}

6
hosts/midas/default.nix
View file

@ -2,6 +2,7 @@
{ {
imports = [ imports = [
./boot ./boot
./colmena
./disko ./disko
./filesystems ./filesystems
./hardware ./hardware
@ -11,10 +12,7 @@
../../modules/system ../../modules/system
]; ];
networking = { networking.hostId = "38ba3f57";
hostName = "midas";
hostId = "38ba3f57";
};
system = { system = {
server.enable = true; server.enable = true;

6
hosts/midas/filesystems/default.nix
View file

@ -1,6 +1,6 @@
{ config, ... }: { config, nodes, ... }:
{ {
fileSystems = with config.services.mycelium.ips; { fileSystems = with config.sysusers; with nodes; {
"/persist" = { "/persist" = {
device = "/dev/disk/by-uuid/acf95700-8669-45c7-9a72-bf3215b3c325"; device = "/dev/disk/by-uuid/acf95700-8669-45c7-9a72-bf3215b3c325";
fsType = "btrfs"; fsType = "btrfs";
@ -11,7 +11,7 @@
]; ];
}; };
"/kitty" = { "/kitty" = {
device = "[${kitty}]:/storage/bun"; device = "[${kitty.config.deployment.targetHost}]:/storage/${main}";
fsType = "nfs4"; fsType = "nfs4";
options = [ options = [
"noauto" "noauto"

8
hosts/prophet/colmena/default.nix Normal file
View file

@ -0,0 +1,8 @@
{ config, ... }:
{
deployment = {
buildOnTarget = true;
tags = [ "server" ];
targetHost = "42f:2737:2aed:4dee:cbe4:3c73:1918:ad9b";
};
}

6
hosts/prophet/default.nix
View file

@ -2,6 +2,7 @@
{ {
imports = [ imports = [
./boot ./boot
./colmena
./disko ./disko
./filesystems ./filesystems
./hardware ./hardware
@ -11,10 +12,7 @@
(modulesPath + "/profiles/headless.nix") (modulesPath + "/profiles/headless.nix")
]; ];
networking = { networking.hostId = "97a21a38";
hostName = "prophet";
hostId = "97a21a38";
};
system = { system = {
server.enable = true; server.enable = true;

5
hosts/tower/boot/default.nix
View file

@ -12,7 +12,7 @@ let
in { in {
boot = { boot = {
# Latest kernel and IOMMU isolation # Latest kernel and IOMMU isolation
kernelPackages = pkgs.linuxPackages_latest; kernelPackages = pkgs.linuxPackages_6_14;
kernelParams = commonKernelParams ++ [ "vfio-pci.ids=10de:1f82,10de:10fa" ]; kernelParams = commonKernelParams ++ [ "vfio-pci.ids=10de:1f82,10de:10fa" ];
# Load into GPU before video driver # Load into GPU before video driver
@ -24,6 +24,9 @@ in {
# Secure boot # Secure boot
lanzaboote.enable = true; lanzaboote.enable = true;
# Emulate different architectures for remote builds
binfmt.emulatedSystems = [ "aarch64-linux" ];
}; };
# Use second GPU on boot # Use second GPU on boot

10
hosts/tower/colmena/default.nix Normal file
View file

@ -0,0 +1,10 @@
{ config, ... }:
{
deployment = {
tags = [
"desktop"
"pc"
];
targetHost = "4e4:535:9d47:f367:becd:6557:458d:5b1b";
};
}

3
hosts/tower/default.nix
View file

@ -2,6 +2,7 @@
{ {
imports = [ imports = [
./boot ./boot
./colmena
./disko ./disko
./filesystems ./filesystems
./hardware ./hardware
@ -9,8 +10,6 @@
../../modules/system ../../modules/system
]; ];
networking.hostName = "tower";
system = { system = {
desktop.enable = true; desktop.enable = true;
nvidia.enable = true; nvidia.enable = true;

16
hosts/tower/filesystems/default.nix
View file

@ -1,6 +1,6 @@
{ config, ... }: { config, nodes, ... }:
{ {
fileSystems = with config.services.mycelium.ips; { fileSystems = with config.sysusers; with nodes; {
# Games and such # Games and such
"/mnt/Linux1" = { "/mnt/Linux1" = {
device = "/dev/disk/by-uuid/b2901f8c-ffda-4b88-bb63-a9ea0c96ccb4"; device = "/dev/disk/by-uuid/b2901f8c-ffda-4b88-bb63-a9ea0c96ccb4";
@ -39,8 +39,8 @@
}; };
# Network mounts # Network mounts
"/home/${config.sysusers.main}/Network/Midas" = { "/home/${main}/Network/Midas" = {
device = "[${midas}]:/storage"; device = "[${midas.config.deployment.targetHost}]:/storage";
fsType = "nfs4"; fsType = "nfs4";
options = [ options = [
"noauto" "noauto"
@ -48,8 +48,8 @@
"x-systemd.automount" "x-systemd.automount"
]; ];
}; };
"/home/${config.sysusers.main}/Network/Kitty" = { "/home/${main}/Network/Kitty" = {
device = "[${kitty}]:/storage/bun"; device = "[${kitty.config.deployment.targetHost}]:/storage/${main}";
fsType = "nfs4"; fsType = "nfs4";
options = [ options = [
"noauto" "noauto"
@ -57,8 +57,8 @@
"x-systemd.automount" "x-systemd.automount"
]; ];
}; };
"/home/${config.sysusers.main}/Network/Prophet" = { "/home/${main}/Network/Prophet" = {
device = "[${prophet}]:/storage"; device = "[${prophet.config.deployment.targetHost}]:/storage";
fsType = "nfs4"; fsType = "nfs4";
options = [ options = [
"noauto" "noauto"

1
modules/home/programs/misc/headless/default.nix
View file

@ -2,6 +2,7 @@
{ {
home.packages = with pkgs; [ home.packages = with pkgs; [
bc bc
colmena
ncdu ncdu
p7zip p7zip
vimv vimv

1
modules/home/programs/terminal/default.nix
View file

@ -11,7 +11,6 @@
./lazygit ./lazygit
./ncmpcpp ./ncmpcpp
./neovim ./neovim
./nh
./nix-index ./nix-index
./ranger ./ranger
./ssh ./ssh

8
modules/home/programs/terminal/fastfetch/smallfetch/default.nix
View file

@ -1,9 +1,11 @@
{ pkgs, ... }: { config, pkgs, ... }:
{ {
home.packages = with pkgs; [ home.packages = with pkgs; with lib; with config.home; with config.xdg; [
(writeScriptBin "smallfetch" '' (writeScriptBin "smallfetch" ''
#!/bin/sh #!/bin/sh
fastfetch --config ${builtins.toString ./config.jsonc} fastfetch --config ${removePrefix "${homeDirectory}/" configHome}/fastfetch/small.jsonc
'') '')
]; ];
xdg.configFile."fastfetch/small.jsonc".source = ./small.jsonc;
} }

0
modules/home/programs/terminal/fastfetch/smallfetch/config.jsonc → modules/home/programs/terminal/fastfetch/smallfetch/small.jsonc
View file

12
modules/home/programs/terminal/nh/default.nix
View file

@ -1,12 +0,0 @@
{ config, ... }:
{
programs.nh = {
enable = true;
flake = "${config.xdg.userDirs.extraConfig.XDG_PROJECTS_DIR}/nixos-config";
};
home.shellAliases = {
nhs = "nh os switch";
nht = "nh os test";
};
}

2
modules/home/wms/programs/default.nix
View file

@ -8,9 +8,9 @@
./rofi ./rofi
./swayidle ./swayidle
./swaylock ./swaylock
./wallpapers
./waybar ./waybar
./wlsunset ./wlsunset
./wpaperd
]; ];
home.packages = with pkgs; lib.mkIf config.home.desktop.enable [ home.packages = with pkgs; lib.mkIf config.home.desktop.enable [

2
modules/home/wms/programs/swaylock/default.nix
View file

@ -12,7 +12,7 @@ in {
package = pkgs.swaylock-effects; package = pkgs.swaylock-effects;
settings = { settings = {
clock = true; clock = true;
image = builtins.toString ./lock.png; image = ".wallpapers/lock.png";
font = config.look.fonts.main; font = config.look.fonts.main;
font-size = 30; font-size = 30;
timestr = "%I:%M%p"; timestr = "%I:%M%p";

8
modules/home/wms/programs/wallpapers/default.nix Normal file
View file

@ -0,0 +1,8 @@
{ config, lib, ... }:
{
imports = [ ./wpaperd ];
config = lib.mkIf config.home.desktop.enable {
home.file.".wallpapers".source = ./photos;
};
}

0
modules/home/wms/programs/wpaperd/wallpapers/1.png → modules/home/wms/programs/wallpapers/photos/1.png
View file

Side by side Swipe Overlay

Before

Width:  |  Height:  |  Size: 2 MiB

After

Width:  |  Height:  |  Size: 2 MiB

Before After
Before After

0
modules/home/wms/programs/wpaperd/wallpapers/2.png → modules/home/wms/programs/wallpapers/photos/2.png
View file

Side by side Swipe Overlay

Before

Width:  |  Height:  |  Size: 2.3 MiB

After

Width:  |  Height:  |  Size: 2.3 MiB

Before After
Before After

0
modules/home/wms/programs/wpaperd/wallpapers/3.png → modules/home/wms/programs/wallpapers/photos/3.png
View file

Side by side Swipe Overlay

Before

Width:  |  Height:  |  Size: 1.9 MiB

After

Width:  |  Height:  |  Size: 1.9 MiB

Before After
Before After

0
modules/home/wms/programs/swaylock/lock.png → modules/home/wms/programs/wallpapers/photos/lock.png
View file

Side by side Swipe Overlay

Before

Width:  |  Height:  |  Size: 314 KiB

After

Width:  |  Height:  |  Size: 314 KiB

Before After
Before After

12
modules/home/wms/programs/wallpapers/wpaperd/default.nix Normal file
View file

@ -0,0 +1,12 @@
{ config, ... }:
{
services.wpaperd = {
enable = config.home.desktop.enable;
settings = {
default.mode = "center";
any.path = ".wallpapers/1.png";
"${config.displays.tower2}".path = ".wallpapers/2.png";
"${config.displays.tower3}".path = ".wallpapers/3.png";
};
};
}

12
modules/home/wms/programs/wpaperd/default.nix
View file

@ -1,12 +0,0 @@
{ config, ... }:
{
services.wpaperd = {
enable = config.home.desktop.enable;
settings = {
default.mode = "center";
any.path = builtins.toString ./wallpapers/1.png;
"${config.displays.tower2}".path = builtins.toString ./wallpapers/2.png;
"${config.displays.tower3}".path = builtins.toString ./wallpapers/3.png;
};
};
}

4
modules/system/default.nix
View file

@ -1,4 +1,4 @@
{ config, lib, ... }: { config, lib, name, ... }:
{ {
imports = [ imports = [
./devices ./devices
@ -13,4 +13,6 @@
desktop.enable = mkEnableOption "Desktop apps and services"; desktop.enable = mkEnableOption "Desktop apps and services";
server.enable = mkEnableOption "Server apps and services"; server.enable = mkEnableOption "Server apps and services";
}; };
config.networking.hostName = name;
} }

2
modules/system/devices/networking/mycelium/default.nix
View file

@ -1,7 +1,5 @@
{ ... }: { ... }:
{ {
imports = [ ./ips ];
services.mycelium = { services.mycelium = {
enable = true; enable = true;
openFirewall = true; openFirewall = true;

15
modules/system/devices/networking/mycelium/ips/default.nix
View file

@ -1,15 +0,0 @@
{ config, lib, ... }:
{
options.services.mycelium.ips = lib.mkOption {
type = lib.types.attrs;
};
config.services.mycelium.ips = {
tower = "4e4:535:9d47:f367:becd:6557:458d:5b1b";
intuos = "40e:404:a427:da33:163e:97b3:a2a3:9ed4";
jupiter = "5ce:969c:40d1:9575:f5e:591d:c377:a20b";
midas = "538:e163:87ba:f847:3646:18b6:6b01:d8f8";
kitty = "53f:dc2d:80c9:3ca2:4b15:ef4d:38a0:c868";
prophet = "42f:2737:2aed:4dee:cbe4:3c73:1918:ad9b";
};
}

4
modules/system/programs/colmena/default.nix Normal file
View file

@ -0,0 +1,4 @@
{ ... }:
{
deployment.targetUser = "sudo";
}

1
modules/system/programs/default.nix
View file

@ -1,6 +1,7 @@
{ ... }: { ... }:
{ {
imports = [ imports = [
./colmena
./desktops ./desktops
./gaming ./gaming
./git ./git

2
modules/system/services/general/ssh/default.nix
View file

@ -12,6 +12,8 @@
}; };
}; };
programs.ssh.startAgent = true;
security.pam.services.sshd.allowNullPassword = true; security.pam.services.sshd.allowNullPassword = true;
environment.persistence."/persist".files = [ environment.persistence."/persist".files = [

8
modules/system/services/server/nfs/default.nix
View file

@ -1,11 +1,13 @@
{ config, lib, ... }: { config, lib, nodes, ... }:
{ {
imports = [ ./user ]; imports = [ ./user ];
config = lib.mkIf config.services.nfs.server.enable { config = lib.mkIf config.services.nfs.server.enable {
services.nfs.server.exports = "/storage *(rw)"; services.nfs.server.exports = "/storage *(rw)";
networking.firewall.extraInputRules = with lib; '' networking.firewall.extraInputRules = let
ip6 saddr { ${concatStringsSep ", " (attrValues config.services.mycelium.ips)} } tcp dport 2049 accept targetHosts = lib.attrValues (lib.mapAttrs (_: node: node.config.deployment.targetHost) nodes);
in ''
ip6 saddr { ${lib.concatStringsSep ", " targetHosts} } tcp dport 2049 accept
''; '';
}; };
} }

8
modules/system/services/server/nginx/rtmp/default.nix
View file

@ -1,4 +1,4 @@
{ config, lib, pkgs, ... }: { config, lib, pkgs, nodes, ... }:
{ {
config = lib.mkIf config.services.webserver.enable { config = lib.mkIf config.services.webserver.enable {
services.nginx = { services.nginx = {
@ -23,8 +23,10 @@
} }
''; '';
}; };
networking.firewall.extraInputRules = with config.services.mycelium.ips; '' networking.firewall.extraInputRules = let
ip6 saddr { ${tower}, ${intuos}, ${jupiter} } tcp dport 1935 accept targetHosts = lib.attrValues (lib.mapAttrs (_: node: node.config.deployment.targetHost) nodes);
in ''
ip6 saddr { ${lib.concatStringsSep ", " targetHosts} } tcp dport 1935 accept
ip saddr { ${config.secrets.ips.luna}, ${config.secrets.ips.corn} } tcp dport 1935 accept ip saddr { ${config.secrets.ips.luna}, ${config.secrets.ips.corn} } tcp dport 1935 accept
''; '';
systemd.services.nginx.serviceConfig.ReadWritePaths = [ "/var/www/landing-page/streams/hls/" ]; systemd.services.nginx.serviceConfig.ReadWritePaths = [ "/var/www/landing-page/streams/hls/" ];

8
modules/system/services/server/owncast/default.nix
View file

@ -1,4 +1,4 @@
{ config, lib, ... }: { config, lib, nodes, ... }:
{ {
imports = [ ./nginx ]; imports = [ ./nginx ];
@ -7,8 +7,10 @@
port = 8060; port = 8060;
rtmp-port = 1945; rtmp-port = 1945;
}; };
networking.firewall.extraInputRules = with config.services.mycelium.ips; '' networking.firewall.extraInputRules = let
ip6 saddr { ${tower}, ${intuos}, ${jupiter} } tcp dport 1935 accept targetHosts = lib.attrValues (lib.mapAttrs (_: node: node.config.deployment.targetHost) nodes);
in ''
ip6 saddr { ${lib.concatStringsSep ", " targetHosts} } tcp dport ${toString config.services.owncast.rtmp-port} accept
''; '';
environment.persistence."/persist".directories = [ "/var/lib/owncast" ]; environment.persistence."/persist".directories = [ "/var/lib/owncast" ];
}; };

20
modules/system/settings/security/privilege/default.nix
View file

@ -3,5 +3,25 @@
security.sudo-rs = { security.sudo-rs = {
enable = true; enable = true;
execWheelOnly = true; execWheelOnly = true;
extraRules = [
{
users = [ "sudo" ];
commands = [
{
command = "ALL";
options = [ "NOPASSWD" ];
}
];
}
];
};
# Create a user that has admin non-interactively
users.users.sudo = {
isNormalUser = true;
extraGroups = [ "wheel" ];
openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIN3B9Uf3h5JiD2HjF/vQ5Zx9pibMgRrlf7ZoBktev9eB Warden"
];
}; };
} }

2
modules/system/users/main/default.nix
View file

@ -23,7 +23,7 @@
../../../../hosts/prophet/id_ed25519.pub ../../../../hosts/prophet/id_ed25519.pub
]; ];
openssh.authorizedKeys.keys = [ openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKn+61Hd+nQ5tQgt4219+h/zsnej1j2dHU5uvC3k3Bnw Warden" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIN3B9Uf3h5JiD2HjF/vQ5Zx9pibMgRrlf7ZoBktev9eB Warden"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJahAoF74BY6GCTsFkt1ADKaraFgJJozW1Y1aBTLK0j9 Pixel9" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJahAoF74BY6GCTsFkt1ADKaraFgJJozW1Y1aBTLK0j9 Pixel9"
]; ];
extraGroups = [ extraGroups = [