diff --git a/flake.lock b/flake.lock index 1a131f0f..ed171014 100644 --- a/flake.lock +++ b/flake.lock @@ -523,11 +523,11 @@ }, "stable": { "locked": { - "lastModified": 1748437600, - "narHash": "sha256-hYKMs3ilp09anGO7xzfGs3JqEgUqFMnZ8GMAqI6/k04=", + "lastModified": 1749024892, + "narHash": "sha256-OGcDEz60TXQC+gVz5sdtgGJdKVYr6rwdzQKuZAJQpCA=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "7282cb574e0607e65224d33be8241eae7cfe0979", + "rev": "8f1b52b04f2cb6e5ead50bd28d76528a2f0380ef", "type": "github" }, "original": { @@ -589,11 +589,11 @@ }, "unstable": { "locked": { - "lastModified": 1748460289, - "narHash": "sha256-7doLyJBzCllvqX4gszYtmZUToxKvMUrg45EUWaUYmBg=", + "lastModified": 1748929857, + "narHash": "sha256-lcZQ8RhsmhsK8u7LIFsJhsLh/pzR9yZ8yqpTzyGdj+Q=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "96ec055edbe5ee227f28cdbc3f1ddf1df5965102", + "rev": "c2a03962b8e24e669fb37b7df10e7c79531ff1a4", "type": "github" }, "original": { diff --git a/hosts/detritus/colmena/default.nix b/hosts/detritus/colmena/default.nix deleted file mode 100644 index 654be402..00000000 --- a/hosts/detritus/colmena/default.nix +++ /dev/null @@ -1,10 +0,0 @@ -{ config, ... }: -{ - deployment = { - tags = [ - "latptop" - "pc" - ]; - targetHost = ""; - }; -} diff --git a/hosts/detritus/default.nix b/hosts/detritus/default.nix index 209d0479..d5241c60 100644 --- a/hosts/detritus/default.nix +++ b/hosts/detritus/default.nix @@ -2,7 +2,6 @@ { imports = [ ./boot - ./colmena ./disko ./filesystems ./hardware @@ -11,7 +10,9 @@ ]; system = { - desktop.enable = true; + nixos.tags = [ "pc" ]; stateVersion = "25.05"; }; + + deployment.targetHost = ""; } diff --git a/hosts/detritus/filesystems/default.nix b/hosts/detritus/filesystems/default.nix index d8b41833..8d38c55d 100644 --- a/hosts/detritus/filesystems/default.nix +++ b/hosts/detritus/filesystems/default.nix @@ -1,7 +1,6 @@ -{ config, nodes, ... }: +{ ... }: { - fileSystems = with config.sysusers; with nodes; { - # Local mounts + fileSystems = { "/persist/storage" = { device = "/dev/disk/by-uuid/d0d6783f-ad51-4d85-b8a9-3374f6460ef6"; fsType = "btrfs"; @@ -11,43 +10,10 @@ "subvol=storage" ]; }; - "/persist/home/${main}/games" = { - device = "/dev/disk/by-uuid/d0d6783f-ad51-4d85-b8a9-3374f6460ef6"; - fsType = "btrfs"; - options = [ - "nofail" - "nosuid" - "subvol=games" - ]; - }; # Network mounts - "/home/${main}/Network/Midas" = { - device = "[${midas.config.deployment.targetHost}]:/storage"; - fsType = "nfs4"; - options = [ - "noauto" - "soft" - "x-systemd.automount" - ]; - }; - "/home/${main}/Network/Kitty" = { - device = "[${kitty.config.deployment.targetHost}]:/storage/bun"; - fsType = "nfs4"; - options = [ - "noauto" - "soft" - "x-systemd.automount" - ]; - }; - "/home/${main}/Network/Prophet" = { - device = "[${prophet.config.deployment.targetHost}]:/storage"; - fsType = "nfs4"; - options = [ - "noauto" - "soft" - "x-systemd.automount" - ]; - }; + "kitty".enable = true; + "midas".enable = true; + "prophet".enable = true; }; } diff --git a/hosts/detritus/hardware/default.nix b/hosts/detritus/hardware/default.nix index 3154c225..73a80f35 100644 --- a/hosts/detritus/hardware/default.nix +++ b/hosts/detritus/hardware/default.nix @@ -1,4 +1,4 @@ -{ config, lib, modulesPath, ... }: +{ modulesPath, ... }: { imports = [ (modulesPath + "/installer/scan/not-detected.nix") ]; @@ -17,6 +17,7 @@ kernelModules = [ "kvm-intel" ]; }; - nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; - hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; + hardware.cpu.intel.updateMicrocode = true; + + nixpkgs.hostPlatform = "x86_64-linux"; } diff --git a/hosts/detritus/user/default.nix b/hosts/detritus/user/default.nix index 90368007..7f8f4e27 100644 --- a/hosts/detritus/user/default.nix +++ b/hosts/detritus/user/default.nix @@ -1,6 +1,6 @@ { config, lib, pkgs, ... }: { - home-manager.users."${config.sysusers.main}" = { + home-manager.users."${config.vars.mainUser}" = { home = { desktop.enable = true; gaming.enable = true; diff --git a/hosts/hidden/colmena/default.nix b/hosts/hidden/colmena/default.nix deleted file mode 100644 index fee43533..00000000 --- a/hosts/hidden/colmena/default.nix +++ /dev/null @@ -1,10 +0,0 @@ -{ config, ... }: -{ - deployment = { - tags = [ - "misc" - "pc" - ]; - targetHost = "4ec:1001:ca5a:ae79:40e2:cb4c:e3c9:f401"; - }; -} diff --git a/hosts/hidden/default.nix b/hosts/hidden/default.nix index c552cd89..cff6beaf 100644 --- a/hosts/hidden/default.nix +++ b/hosts/hidden/default.nix @@ -1,8 +1,7 @@ -{ lib, ... }: +{ ... }: { imports = [ ./boot - ./colmena ./disko ./hardware ./services @@ -11,7 +10,9 @@ ]; system = { - desktop.enable = true; + nixos.tags = [ "pc" ]; stateVersion = "24.11"; }; + + deployment.targetHost = "4ec:1001:ca5a:ae79:40e2:cb4c:e3c9:f401"; } diff --git a/hosts/hidden/hardware/default.nix b/hosts/hidden/hardware/default.nix index 46514093..93d299a4 100644 --- a/hosts/hidden/hardware/default.nix +++ b/hosts/hidden/hardware/default.nix @@ -1,4 +1,4 @@ -{ config, lib, modulesPath, ... }: +{ modulesPath, ... }: { imports = [ (modulesPath + "/installer/scan/not-detected.nix") ]; @@ -18,6 +18,10 @@ kernelModules = [ "kvm-intel" ]; }; - nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; - hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; + hardware.cpu = { + amd.updateMicrocode = true; + intel.updateMicrocode = true; + }; + + nixpkgs.hostPlatform = "x86_64-linux"; } diff --git a/hosts/hidden/user/default.nix b/hosts/hidden/user/default.nix index 4e49c399..129d9409 100644 --- a/hosts/hidden/user/default.nix +++ b/hosts/hidden/user/default.nix @@ -1,6 +1,6 @@ { config, lib, ... }: { - home-manager.users."${config.sysusers.main}".home = { + home-manager.users."${config.vars.mainUser}".home = { desktop.enable = true; school.enable = true; stateVersion = lib.mkForce config.system.stateVersion; diff --git a/hosts/intuos/colmena/default.nix b/hosts/intuos/colmena/default.nix deleted file mode 100644 index 65811f1e..00000000 --- a/hosts/intuos/colmena/default.nix +++ /dev/null @@ -1,10 +0,0 @@ -{ config, ... }: -{ - deployment = { - tags = [ - "latptop" - "pc" - ]; - targetHost = "40e:404:a427:da33:163e:97b3:a2a3:9ed4"; - }; -} diff --git a/hosts/intuos/default.nix b/hosts/intuos/default.nix index b12e9c30..98bf8713 100644 --- a/hosts/intuos/default.nix +++ b/hosts/intuos/default.nix @@ -2,7 +2,6 @@ { imports = [ ./boot - ./colmena ./disko ./filesystems ./hardware @@ -11,7 +10,9 @@ ]; system = { - desktop.enable = true; + nixos.tags = [ "pc" ]; stateVersion = "24.11"; }; + + deployment.targetHost = "40e:404:a427:da33:163e:97b3:a2a3:9ed4"; } diff --git a/hosts/intuos/filesystems/default.nix b/hosts/intuos/filesystems/default.nix index dc72c3fd..ee9adee1 100644 --- a/hosts/intuos/filesystems/default.nix +++ b/hosts/intuos/filesystems/default.nix @@ -1,33 +1,9 @@ -{ config, nodes, ... }: +{ ... }: { - fileSystems = with config.sysusers; with nodes; { + fileSystems = { # Network mounts - "/home/${main}/Network/Midas" = { - device = "[${midas.config.deployment.targetHost}]:/storage"; - fsType = "nfs4"; - options = [ - "noauto" - "soft" - "x-systemd.automount" - ]; - }; - "/home/${main}/Network/Kitty" = { - device = "[${kitty.config.deployment.targetHost}]:/storage/bun"; - fsType = "nfs4"; - options = [ - "noauto" - "soft" - "x-systemd.automount" - ]; - }; - "/home/${main}/Network/Prophet" = { - device = "[${prophet.config.deployment.targetHost}]:/storage"; - fsType = "nfs4"; - options = [ - "noauto" - "soft" - "x-systemd.automount" - ]; - }; + "kitty".enable = true; + "midas".enable = true; + "prophet".enable = true; }; } diff --git a/hosts/intuos/hardware/default.nix b/hosts/intuos/hardware/default.nix index a6b9aa1b..bf6c9f70 100644 --- a/hosts/intuos/hardware/default.nix +++ b/hosts/intuos/hardware/default.nix @@ -1,4 +1,4 @@ -{ config, lib, modulesPath, ... }: +{ modulesPath, ... }: { imports = [ (modulesPath + "/installer/scan/not-detected.nix") ]; @@ -16,6 +16,7 @@ kernelModules = [ "kvm-intel" ]; }; - nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; - hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; + hardware.cpu.intel.updateMicrocode = true; + + nixpkgs.hostPlatform = "x86_64-linux"; } diff --git a/hosts/intuos/user/default.nix b/hosts/intuos/user/default.nix index b609338c..ad39df5c 100644 --- a/hosts/intuos/user/default.nix +++ b/hosts/intuos/user/default.nix @@ -1,6 +1,6 @@ { config, lib, ... }: { - home-manager.users."${config.sysusers.main}".home = { + home-manager.users."${config.vars.mainUser}".home = { desktop.enable = true; production.enable = true; stateVersion = lib.mkForce config.system.stateVersion; diff --git a/hosts/jupiter/colmena/default.nix b/hosts/jupiter/colmena/default.nix deleted file mode 100644 index 29231ea0..00000000 --- a/hosts/jupiter/colmena/default.nix +++ /dev/null @@ -1,10 +0,0 @@ -{ config, ... }: -{ - deployment = { - tags = [ - "latptop" - "pc" - ]; - targetHost = "5ce:969c:40d1:9575:f5e:591d:c377:a20b"; - }; -} diff --git a/hosts/jupiter/default.nix b/hosts/jupiter/default.nix index e2fad6f5..cf2feb40 100644 --- a/hosts/jupiter/default.nix +++ b/hosts/jupiter/default.nix @@ -2,7 +2,6 @@ { imports = [ ./boot - ./colmena ./disko ./filesystems ./hardware @@ -13,8 +12,10 @@ ]; system = { - desktop.enable = true; + nixos.tags = [ "pc" ]; steamdeck.enable = true; stateVersion = "24.11"; }; + + deployment.targetHost = "5ce:969c:40d1:9575:f5e:591d:c377:a20b"; } diff --git a/hosts/jupiter/filesystems/default.nix b/hosts/jupiter/filesystems/default.nix index f2428858..33a063c6 100644 --- a/hosts/jupiter/filesystems/default.nix +++ b/hosts/jupiter/filesystems/default.nix @@ -1,7 +1,6 @@ -{ config, nodes, ... }: +{ config, ... }: { - fileSystems = with config.sysusers; with nodes; { - # Local mounts + fileSystems = { "/mnt/Games" = { device = "/dev/disk/by-uuid/cb109a85-846d-4417-9c50-a2279bd20803"; fsType = "btrfs"; @@ -12,32 +11,8 @@ }; # Network mounts - "/home/${main}/Network/Midas" = { - device = "[${midas.config.deployment.targetHost}]:/storage"; - fsType = "nfs4"; - options = [ - "noauto" - "soft" - "x-systemd.automount" - ]; - }; - "/home/${main}/Network/Kitty" = { - device = "[${kitty.config.deployment.targetHost}]:/storage/bun"; - fsType = "nfs4"; - options = [ - "noauto" - "soft" - "x-systemd.automount" - ]; - }; - "/home/${main}/Network/Prophet" = { - device = "[${prophet.config.deployment.targetHost}]:/storage"; - fsType = "nfs4"; - options = [ - "noauto" - "soft" - "x-systemd.automount" - ]; - }; + "kitty".enable = !config.system.steamdeck.enable; + "midas".enable = !config.system.steamdeck.enable; + "prophet".enable = !config.system.steamdeck.enable; }; } diff --git a/hosts/jupiter/hardware/default.nix b/hosts/jupiter/hardware/default.nix index a3e7b2bf..811cc7c9 100644 --- a/hosts/jupiter/hardware/default.nix +++ b/hosts/jupiter/hardware/default.nix @@ -1,4 +1,4 @@ -{ config, lib, modulesPath, ... }: +{ modulesPath, ... }: { imports = [ (modulesPath + "/installer/scan/not-detected.nix") ]; @@ -15,6 +15,7 @@ kernelModules = [ "kvm-amd" ]; }; - nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; - hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; + hardware.cpu.amd.updateMicrocode = true; + + nixpkgs.hostPlatform = "x86_64-linux"; } diff --git a/hosts/jupiter/jovian/default.nix b/hosts/jupiter/jovian/default.nix index 68264bb0..0384fe5f 100644 --- a/hosts/jupiter/jovian/default.nix +++ b/hosts/jupiter/jovian/default.nix @@ -30,9 +30,9 @@ programs.steam.extest.enable = true; services = { + desktopManager.gnome.enable = true; keyd.enable = lib.mkForce false; tlp.enable = lib.mkForce false; - desktopManager.gnome.enable = true; }; hardware.xone.enable = true; diff --git a/hosts/jupiter/user/default.nix b/hosts/jupiter/user/default.nix index 94de4373..0298f932 100644 --- a/hosts/jupiter/user/default.nix +++ b/hosts/jupiter/user/default.nix @@ -1,6 +1,6 @@ { config, lib, ... }: { - home-manager.users."${config.sysusers.main}".home = { + home-manager.users."${config.vars.mainUser}".home = { guifull.enable = true; school.enable = true; enableNixpkgsReleaseCheck = false; diff --git a/hosts/kitty/colmena/default.nix b/hosts/kitty/colmena/default.nix deleted file mode 100644 index a9d36fa0..00000000 --- a/hosts/kitty/colmena/default.nix +++ /dev/null @@ -1,7 +0,0 @@ -{ config, ... }: -{ - deployment = { - tags = [ "server" ]; - targetHost = "53f:dc2d:80c9:3ca2:4b15:ef4d:38a0:c868"; - }; -} diff --git a/hosts/kitty/default.nix b/hosts/kitty/default.nix index 908f7d33..29f7a690 100644 --- a/hosts/kitty/default.nix +++ b/hosts/kitty/default.nix @@ -2,7 +2,6 @@ { imports = [ ./boot - ./colmena ./disko ./filesystems ./hardware @@ -10,13 +9,17 @@ ../../modules/system ]; - networking.hostId = "8745e22e"; - system = { - server.enable = true; - extraUsers.enable = true; + nixos.tags = [ + "extra-users" + "server" + ]; stateVersion = "24.11"; }; + deployment.targetHost = "53f:dc2d:80c9:3ca2:4b15:ef4d:38a0:c868"; + + networking.hostId = "8745e22e"; + services.nfs.server.enable = true; } diff --git a/hosts/kitty/filesystems/default.nix b/hosts/kitty/filesystems/default.nix index 71035999..c23bf7ca 100644 --- a/hosts/kitty/filesystems/default.nix +++ b/hosts/kitty/filesystems/default.nix @@ -1,6 +1,6 @@ -{ config, nodes, ... }: +{ ... }: { - fileSystems = with config.sysusers; with nodes; { + fileSystems = { "/persist/storage" = { device = "/dev/disk/by-uuid/edd3e293-1aff-4fc0-96fa-4e17d6cccfca"; fsType = "btrfs"; @@ -11,23 +11,7 @@ }; # Network mounts - "/home/${main}/Network/Midas" = { - device = "[${midas.config.deployment.targetHost}]:/storage"; - fsType = "nfs4"; - options = [ - "noauto" - "soft" - "x-systemd.automount" - ]; - }; - "/home/${main}/Network/Prophet" = { - device = "[${prophet.config.deployment.targetHost}]:/storage"; - fsType = "nfs4"; - options = [ - "noauto" - "soft" - "x-systemd.automount" - ]; - }; + "midas".enable = true; + "prophet".enable = true; }; } diff --git a/hosts/kitty/hardware/default.nix b/hosts/kitty/hardware/default.nix index 3e917a7a..64943f7a 100644 --- a/hosts/kitty/hardware/default.nix +++ b/hosts/kitty/hardware/default.nix @@ -1,4 +1,4 @@ -{ config, lib, ... }: +{ ... }: { boot.initrd = { availableKernelModules = [ @@ -9,6 +9,7 @@ kernelModules = [ "dm-snapshot" ]; }; - nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; - hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; + hardware.cpu.intel.updateMicrocode = true; + + nixpkgs.hostPlatform = "x86_64-linux"; } diff --git a/hosts/kitty/user/default.nix b/hosts/kitty/user/default.nix index 9366cadc..f07f3b38 100644 --- a/hosts/kitty/user/default.nix +++ b/hosts/kitty/user/default.nix @@ -1,6 +1,6 @@ { config, lib, ... }: { - home-manager.users."${config.sysusers.main}".home = { + home-manager.users."${config.vars.mainUser}".home = { stateVersion = lib.mkForce config.system.stateVersion; }; } diff --git a/hosts/midas/colmena/default.nix b/hosts/midas/colmena/default.nix deleted file mode 100644 index a6f434c3..00000000 --- a/hosts/midas/colmena/default.nix +++ /dev/null @@ -1,7 +0,0 @@ -{ config, ... }: -{ - deployment = { - tags = [ "server" ]; - targetHost = "538:e163:87ba:f847:3646:18b6:6b01:d8f8"; - }; -} diff --git a/hosts/midas/default.nix b/hosts/midas/default.nix index e2be2de8..9eca5e59 100644 --- a/hosts/midas/default.nix +++ b/hosts/midas/default.nix @@ -2,7 +2,6 @@ { imports = [ ./boot - ./colmena ./disko ./filesystems ./hardware @@ -12,10 +11,10 @@ ../../modules/system ]; - networking.hostId = "38ba3f57"; - system = { - server.enable = true; + nixos.tags = [ "server" ]; stateVersion = "24.11"; }; + + deployment.targetHost = "538:e163:87ba:f847:3646:18b6:6b01:d8f8"; } diff --git a/hosts/midas/filesystems/default.nix b/hosts/midas/filesystems/default.nix index e68fd763..bd59eb6e 100644 --- a/hosts/midas/filesystems/default.nix +++ b/hosts/midas/filesystems/default.nix @@ -1,6 +1,6 @@ -{ config, nodes, ... }: +{ ... }: { - fileSystems = with config.sysusers; with nodes; { + fileSystems = { "/persist" = { device = "/dev/disk/by-uuid/acf95700-8669-45c7-9a72-bf3215b3c325"; fsType = "btrfs"; @@ -10,14 +10,9 @@ "subvol=persist" ]; }; - "/kitty" = { - device = "[${kitty.config.deployment.targetHost}]:/storage/${main}"; - fsType = "nfs4"; - options = [ - "noauto" - "soft" - "x-systemd.automount" - ]; - }; + + # Network mounts + "kitty".enable = true; + "prophet".enable = true; }; } diff --git a/hosts/midas/hardware/default.nix b/hosts/midas/hardware/default.nix index 4793a3aa..d3f129ad 100644 --- a/hosts/midas/hardware/default.nix +++ b/hosts/midas/hardware/default.nix @@ -1,4 +1,4 @@ -{ config, lib, ... }: +{ ... }: { boot.initrd = { availableKernelModules = [ @@ -10,6 +10,7 @@ kernelModules = [ "dm-snapshot" ]; }; - nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; - hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; + hardware.cpu.intel.updateMicrocode = true; + + nixpkgs.hostPlatform = "x86_64-linux"; } diff --git a/hosts/midas/network/default.nix b/hosts/midas/network/default.nix index 32932ea6..1066ff65 100644 --- a/hosts/midas/network/default.nix +++ b/hosts/midas/network/default.nix @@ -9,5 +9,6 @@ address = "10.1.0.1"; interface = "enp0s31f6"; }; + hostId = "38ba3f57"; }; } diff --git a/hosts/midas/services/default.nix b/hosts/midas/services/default.nix index 683391b3..439e9348 100644 --- a/hosts/midas/services/default.nix +++ b/hosts/midas/services/default.nix @@ -1,21 +1,20 @@ { ... }: { + imports = [ ./nginx ]; + services = { cloudflare-dyndns.enable = true; forgejo.enable = true; icecast.enable = true; jellyfin.enable = true; - lemmy.enable = true; mastodon.enable = true; matrix-synapse.enable = true; mysql.enable = true; nextcloud.enable = true; nfs.server.enable = true; - nginx.enable = true; owncast.enable = true; transmission.enable = true; vaultwarden.enable = true; - webserver.enable = true; minecraft-servers = { enable = true; diff --git a/hosts/midas/services/nginx/default.nix b/hosts/midas/services/nginx/default.nix new file mode 100644 index 00000000..99142a59 --- /dev/null +++ b/hosts/midas/services/nginx/default.nix @@ -0,0 +1,6 @@ +{ ... }: +{ + imports = [ ./nixfox ]; + + services.nginx.enable = true; +} diff --git a/modules/system/services/server/nginx/hosts/nixfox/default.nix b/hosts/midas/services/nginx/nixfox/default.nix similarity index 90% rename from modules/system/services/server/nginx/hosts/nixfox/default.nix rename to hosts/midas/services/nginx/nixfox/default.nix index adbcbd1c..c8264276 100644 --- a/modules/system/services/server/nginx/hosts/nixfox/default.nix +++ b/hosts/midas/services/nginx/nixfox/default.nix @@ -1,6 +1,6 @@ { config, lib, ... }: { - services.nginx.virtualHosts = lib.mkIf config.services.webserver.enable { + services.nginx.virtualHosts = { "www.nixfox.ca" = { enableACME = true; addSSL = true; diff --git a/hosts/midas/user/default.nix b/hosts/midas/user/default.nix index 9366cadc..f07f3b38 100644 --- a/hosts/midas/user/default.nix +++ b/hosts/midas/user/default.nix @@ -1,6 +1,6 @@ { config, lib, ... }: { - home-manager.users."${config.sysusers.main}".home = { + home-manager.users."${config.vars.mainUser}".home = { stateVersion = lib.mkForce config.system.stateVersion; }; } diff --git a/hosts/prophet/colmena/default.nix b/hosts/prophet/colmena/default.nix deleted file mode 100644 index ea5fbdc9..00000000 --- a/hosts/prophet/colmena/default.nix +++ /dev/null @@ -1,8 +0,0 @@ -{ config, ... }: -{ - deployment = { - buildOnTarget = true; - tags = [ "server" ]; - targetHost = "42f:2737:2aed:4dee:cbe4:3c73:1918:ad9b"; - }; -} diff --git a/hosts/prophet/default.nix b/hosts/prophet/default.nix index 171c6311..f2a75861 100644 --- a/hosts/prophet/default.nix +++ b/hosts/prophet/default.nix @@ -2,7 +2,6 @@ { imports = [ ./boot - ./colmena ./disko ./filesystems ./hardware @@ -12,10 +11,15 @@ (modulesPath + "/profiles/headless.nix") ]; - networking.hostId = "97a21a38"; - system = { - server.enable = true; + nixos.tags = [ "server" ]; stateVersion = "24.05"; }; + + deployment = { + buildOnTarget = true; + targetHost = "42f:2737:2aed:4dee:cbe4:3c73:1918:ad9b"; + }; + + networking.hostId = "97a21a38"; } diff --git a/hosts/prophet/filesystems/default.nix b/hosts/prophet/filesystems/default.nix index f3943967..57be3eb0 100644 --- a/hosts/prophet/filesystems/default.nix +++ b/hosts/prophet/filesystems/default.nix @@ -1,11 +1,17 @@ { ... }: { - fileSystems."/persist/storage" = { - device = "/dev/disk/by-uuid/ef465845-cc56-4db5-9260-8ae515eb025e"; - fsType = "btrfs"; - options = [ - "nofail" - "nosuid" - ]; + fileSystems = { + "/persist/storage" = { + device = "/dev/disk/by-uuid/ef465845-cc56-4db5-9260-8ae515eb025e"; + fsType = "btrfs"; + options = [ + "nofail" + "nosuid" + ]; + }; + + # Network mounts + "kitty".enable = true; + "midas".enable = true; }; } diff --git a/hosts/prophet/hardware/default.nix b/hosts/prophet/hardware/default.nix index 4b2b3178..3e057fc7 100644 --- a/hosts/prophet/hardware/default.nix +++ b/hosts/prophet/hardware/default.nix @@ -1,4 +1,4 @@ -{ lib, ... }: +{ ... }: { boot.initrd = { availableKernelModules = [ @@ -8,5 +8,5 @@ kernelModules = [ "dm-snapshot" ]; }; - nixpkgs.hostPlatform = lib.mkDefault "aarch64-linux"; + nixpkgs.hostPlatform = "aarch64-linux"; } diff --git a/hosts/prophet/services/default.nix b/hosts/prophet/services/default.nix index 1c8b896a..71ffb3cf 100644 --- a/hosts/prophet/services/default.nix +++ b/hosts/prophet/services/default.nix @@ -2,9 +2,10 @@ { services = { cloudflare-dyndns.enable = true; - mailserver.enable = true; mysql.enable = true; nfs.server.enable = true; nginx.enable = true; }; + + mailserver.enable = true; } diff --git a/hosts/prophet/user/@! b/hosts/prophet/user/@! new file mode 100644 index 00000000..f07f3b38 --- /dev/null +++ b/hosts/prophet/user/@! @@ -0,0 +1,6 @@ +{ config, lib, ... }: +{ + home-manager.users."${config.vars.mainUser}".home = { + stateVersion = lib.mkForce config.system.stateVersion; + }; +} diff --git a/hosts/prophet/user/default.nix b/hosts/prophet/user/default.nix index 9366cadc..f07f3b38 100644 --- a/hosts/prophet/user/default.nix +++ b/hosts/prophet/user/default.nix @@ -1,6 +1,6 @@ { config, lib, ... }: { - home-manager.users."${config.sysusers.main}".home = { + home-manager.users."${config.vars.mainUser}".home = { stateVersion = lib.mkForce config.system.stateVersion; }; } diff --git a/hosts/tower/boot/default.nix b/hosts/tower/boot/default.nix index 7d9298aa..25e12301 100644 --- a/hosts/tower/boot/default.nix +++ b/hosts/tower/boot/default.nix @@ -1,17 +1,11 @@ { config, lib, pkgs, ... }: let commonKernelParams = [ - # VM/GPU passthrough "amd_iommu=on" "iommu=pt" - - # Isolate devices into IOMMU groups - "pcie_acs_override=downstream,multifunction" - "pci=routeirq" ]; in { boot = { - # Latest kernel and IOMMU isolation kernelPackages = pkgs.linuxPackages_6_14; kernelParams = commonKernelParams ++ [ "vfio-pci.ids=10de:1f82,10de:10fa" ]; @@ -30,8 +24,5 @@ in { }; # Use second GPU on boot - specialisation.gputwo.configuration = { - boot.kernelParams = commonKernelParams ++ [ "vfio-pci.ids=10de:2504,10de:228e" ]; - environment.sessionVariables.WLR_RENDERER = lib.mkForce "gles2"; - }; + specialisation.gputwo.configuration.boot.kernelParams = commonKernelParams ++ [ "vfio-pci.ids=10de:2504,10de:228e" ]; } diff --git a/hosts/tower/colmena/default.nix b/hosts/tower/colmena/default.nix index a9fee8f3..b04b69b6 100644 --- a/hosts/tower/colmena/default.nix +++ b/hosts/tower/colmena/default.nix @@ -1,4 +1,4 @@ -{ config, ... }: +{ ... }: { deployment = { tags = [ diff --git a/hosts/tower/default.nix b/hosts/tower/default.nix index 49b7c8aa..a4deabb7 100644 --- a/hosts/tower/default.nix +++ b/hosts/tower/default.nix @@ -2,7 +2,6 @@ { imports = [ ./boot - ./colmena ./disko ./filesystems ./hardware @@ -11,10 +10,13 @@ ]; system = { - desktop.enable = true; - nvidia.enable = true; + nixos.tags = [ "pc" ]; stateVersion = "24.05"; }; + deployment.targetHost = "4e4:535:9d47:f367:becd:6557:458d:5b1b"; + + services.xserver.videoDrivers = [ "nvidia" ]; + virtualisation.libvirtd.enable = true; } diff --git a/hosts/tower/filesystems/default.nix b/hosts/tower/filesystems/default.nix index a80b45f9..ad9f218f 100644 --- a/hosts/tower/filesystems/default.nix +++ b/hosts/tower/filesystems/default.nix @@ -1,6 +1,6 @@ -{ config, nodes, ... }: +{ ... }: { - fileSystems = with config.sysusers; with nodes; { + fileSystems = { # Games and such "/mnt/Linux1" = { device = "/dev/disk/by-uuid/b2901f8c-ffda-4b88-bb63-a9ea0c96ccb4"; @@ -39,32 +39,8 @@ }; # Network mounts - "/home/${main}/Network/Midas" = { - device = "[${midas.config.deployment.targetHost}]:/storage"; - fsType = "nfs4"; - options = [ - "noauto" - "soft" - "x-systemd.automount" - ]; - }; - "/home/${main}/Network/Kitty" = { - device = "[${kitty.config.deployment.targetHost}]:/storage/${main}"; - fsType = "nfs4"; - options = [ - "noauto" - "soft" - "x-systemd.automount" - ]; - }; - "/home/${main}/Network/Prophet" = { - device = "[${prophet.config.deployment.targetHost}]:/storage"; - fsType = "nfs4"; - options = [ - "noauto" - "soft" - "x-systemd.automount" - ]; - }; + "kitty".enable = true; + "midas".enable = true; + "prophet".enable = true; }; } diff --git a/hosts/tower/hardware/default.nix b/hosts/tower/hardware/default.nix index 4ee8328d..37c93ab7 100644 --- a/hosts/tower/hardware/default.nix +++ b/hosts/tower/hardware/default.nix @@ -1,4 +1,4 @@ -{ config, lib, modulesPath, ... }: +{ modulesPath, ... }: { imports = [ (modulesPath + "/installer/scan/not-detected.nix") ]; @@ -16,6 +16,7 @@ kernelModules = [ "kvm-amd" ]; }; - nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; - hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; + hardware.cpu.amd.updateMicrocode = true; + + nixpkgs.hostPlatform = "x86_64-linux"; } diff --git a/hosts/tower/user/default.nix b/hosts/tower/user/default.nix index becbf7bc..3eaf7dc9 100644 --- a/hosts/tower/user/default.nix +++ b/hosts/tower/user/default.nix @@ -1,6 +1,6 @@ { config, lib, ... }: { - home-manager.users."${config.sysusers.main}" = { + home-manager.users."${config.vars.mainUser}" = { home = { guifull.enable = true; stateVersion = lib.mkForce config.system.stateVersion; diff --git a/modules/home/default.nix b/modules/home/default.nix index 6527a8ba..c1e04428 100644 --- a/modules/home/default.nix +++ b/modules/home/default.nix @@ -9,5 +9,5 @@ ./wms ]; - config.home.stateVersion = "24.11"; + config.home.stateVersion = "25.05"; } diff --git a/modules/home/programs/gui/foot/default.nix b/modules/home/programs/gui/foot/default.nix index 27f704d5..a1974e51 100644 --- a/modules/home/programs/gui/foot/default.nix +++ b/modules/home/programs/gui/foot/default.nix @@ -6,11 +6,11 @@ settings = { main = { term = "xterm-256color"; - font = "${config.look.fonts.mono}:size=14.7"; + font = "${config.vars.fonts.mono}:size=14.7"; }; colors = { alpha = "0.85"; - background = config.look.colors.dark; + background = config.vars.colors.dark; regular0 = "3f3f3f"; regular1 = "cc0000"; regular2 = "4e9a06"; @@ -29,7 +29,10 @@ bright7 = "ffffff"; }; cursor.style = "beam"; - key-bindings.search-start = "Control+f"; + key-bindings = { + search-start = "Control+f"; + show-urls-launch = "Control+s"; + }; }; }; } diff --git a/modules/home/programs/gui/librewolf/default.nix b/modules/home/programs/gui/librewolf/default.nix index e28e01ac..6e208d51 100644 --- a/modules/home/programs/gui/librewolf/default.nix +++ b/modules/home/programs/gui/librewolf/default.nix @@ -146,9 +146,9 @@ "webgl.disabled" = false; # Fonts - "font.name.monospace.x-western" = config.look.fonts.mono; - "font.name.sans-serif.x-western" = config.look.fonts.main; - "font.name.serif.x-western" = config.look.fonts.main; + "font.name.monospace.x-western" = config.vars.fonts.mono; + "font.name.sans-serif.x-western" = config.vars.fonts.main; + "font.name.serif.x-western" = config.vars.fonts.main; # Theming and visibility "browser.aboutConfig.showWarning" = false; @@ -235,16 +235,16 @@ userChrome = '' :root { - --tab-active-bg-color: #${config.look.colors.prime}; - --tab-hover-bg-color: #${config.look.colors.accent}; - --tab-inactive-bg-color: #${config.look.colors.dark}; + --tab-active-bg-color: #${config.vars.colors.prime}; + --tab-hover-bg-color: #${config.vars.colors.accent}; + --tab-inactive-bg-color: #${config.vars.colors.dark}; --tab-active-fg-fallback-color: #FFFFFF; - --tab-inactive-fg-fallback-color: #${config.look.colors.text}; - --urlbar-focused-bg-color: #${config.look.colors.dark}; - --urlbar-not-focused-bg-color: #${config.look.colors.dark}; - --toolbar-bgcolor: #${config.look.colors.dark} !important; - --tab-font: '${config.look.fonts.main}'; - --urlbar-font: '${config.look.fonts.main}'; + --tab-inactive-fg-fallback-color: #${config.vars.colors.text}; + --urlbar-focused-bg-color: #${config.vars.colors.dark}; + --urlbar-not-focused-bg-color: #${config.vars.colors.dark}; + --toolbar-bgcolor: #${config.vars.colors.dark} !important; + --tab-font: '${config.vars.fonts.main}'; + --urlbar-font: '${config.vars.fonts.main}'; ${builtins.readFile ./quteFox.css} ''; }; diff --git a/modules/home/programs/terminal/neovim/default.nix b/modules/home/programs/terminal/neovim/default.nix index 78c5225b..f07a4f3b 100644 --- a/modules/home/programs/terminal/neovim/default.nix +++ b/modules/home/programs/terminal/neovim/default.nix @@ -92,8 +92,8 @@ let g:airline_theme='onedark' let g:airline#extensions#tabline#enabled = 1 hi Normal guibg=none - hi Visual guibg=#${config.look.colors.mid} - hi Pmenu guibg=#${config.look.colors.mid} + hi Visual guibg=#${config.vars.colors.mid} + hi Pmenu guibg=#${config.vars.colors.mid} hi EndOfBuffer guibg=none hi LineNr guibg=none lua require'colorizer'.setup() diff --git a/modules/home/settings/fonts/fontconfig/default.nix b/modules/home/settings/fonts/fontconfig/default.nix index 0ad9bae1..395aeef2 100644 --- a/modules/home/settings/fonts/fontconfig/default.nix +++ b/modules/home/settings/fonts/fontconfig/default.nix @@ -3,8 +3,8 @@ fonts.fontconfig = { enable = config.home.desktop.enable; defaultFonts = { - sansSerif = [ config.look.fonts.main ]; - monospace = [ config.look.fonts.mono ]; + sansSerif = [ config.vars.fonts.main ]; + monospace = [ config.vars.fonts.mono ]; emoji = [ "Twitter Color Emoji" ]; }; }; diff --git a/modules/home/settings/gtk/theme/default.nix b/modules/home/settings/gtk/theme/default.nix index 34918d00..9b7f6719 100644 --- a/modules/home/settings/gtk/theme/default.nix +++ b/modules/home/settings/gtk/theme/default.nix @@ -2,7 +2,7 @@ { gtk = with pkgs; { font = { - name = config.look.fonts.main; + name = config.vars.fonts.main; size = 11; }; theme = { @@ -21,7 +21,7 @@ iconTheme = { name = "Papirus-Dark"; package = papirus-icon-theme.override { - color = config.look.colors.folder; + color = config.vars.colors.folder; }; }; }; diff --git a/modules/home/settings/xdg/default.nix b/modules/home/settings/xdg/default.nix index f489ee0e..daa8a344 100644 --- a/modules/home/settings/xdg/default.nix +++ b/modules/home/settings/xdg/default.nix @@ -1,9 +1,6 @@ { config, ... }: { - imports = [ - ./defaults - ./folders - ]; + imports = [ ./dirs ]; xdg.enable = config.home.desktop.enable; diff --git a/modules/home/settings/xdg/defaults/default.nix b/modules/home/settings/xdg/defaults/default.nix deleted file mode 100644 index 8a1f04d4..00000000 --- a/modules/home/settings/xdg/defaults/default.nix +++ /dev/null @@ -1,21 +0,0 @@ -{ config, ... }: -{ - xdg.mimeApps = { - enable = config.xdg.enable; - defaultApplications = { - # Media - "image/*" = [ "imv.desktop" ]; - "image/gif" = [ "mpv.desktop" ]; - "video/*" = [ "mpv.desktop" ]; - - # Apps - "inode/directory" = [ "pcmanfm-qt.desktop" ]; - "text/plain" = [ "nvim.desktop" ]; - - # Browser - "application/x-mswinurl" = [ "librewolf.desktop" ]; - "x-scheme-handler/http" = [ "librewolf.desktop" ]; - "x-scheme-handler/https" = [ "librewolf.desktop" ]; - }; - }; -} diff --git a/modules/home/settings/xdg/folders/default.nix b/modules/home/settings/xdg/dirs/default.nix similarity index 91% rename from modules/home/settings/xdg/folders/default.nix rename to modules/home/settings/xdg/dirs/default.nix index 5722c561..5473ab0a 100644 --- a/modules/home/settings/xdg/folders/default.nix +++ b/modules/home/settings/xdg/dirs/default.nix @@ -13,7 +13,7 @@ extraConfig = { XDG_GAMES_DIR = "${homeDirectory}/Games"; XDG_KEEPERS_DIR = "${homeDirectory}/Keepers"; - XDG_NETWORK_DIR = "${homeDirectory}/Network"; + XDG_NETWORK_DIR = "/network"; XDG_PERSIST_DIR = "/persist${homeDirectory}"; XDG_PROJECTS_DIR = "${homeDirectory}/Projects"; XDG_SCREENSHOTS_DIR = "${config.xdg.userDirs.pictures}/Screenshots"; diff --git a/modules/home/variables/look/border/default.nix b/modules/home/variables/border/default.nix similarity index 72% rename from modules/home/variables/look/border/default.nix rename to modules/home/variables/border/default.nix index 1c81d9c5..938c98b5 100644 --- a/modules/home/variables/look/border/default.nix +++ b/modules/home/variables/border/default.nix @@ -1,6 +1,6 @@ { ... }: { - look.border = rec { + vars.border = rec { int = 3; string = toString int; }; diff --git a/modules/home/variables/look/colors/default.nix b/modules/home/variables/colors/default.nix similarity index 94% rename from modules/home/variables/look/colors/default.nix rename to modules/home/variables/colors/default.nix index 1376a541..b15c1a34 100644 --- a/modules/home/variables/look/colors/default.nix +++ b/modules/home/variables/colors/default.nix @@ -1,6 +1,6 @@ { ... }: { - look.colors = { + vars.colors = { prime = "3823C4"; #3823C4 accent = "1B1F59"; #1B1F59 split = "555B9E"; #555B9E diff --git a/modules/home/variables/default.nix b/modules/home/variables/default.nix index 2a4872ac..675dee94 100644 --- a/modules/home/variables/default.nix +++ b/modules/home/variables/default.nix @@ -1,8 +1,14 @@ -{ ... }: +{ lib, ... }: { imports = [ + ./border + ./colors ./displays - ./look + ./fonts ./workspaces ]; + + options.vars = lib.mkOption { + type = lib.types.attrs; + }; } diff --git a/modules/home/variables/displays/default.nix b/modules/home/variables/displays/default.nix index 883ae4d6..e923dc96 100644 --- a/modules/home/variables/displays/default.nix +++ b/modules/home/variables/displays/default.nix @@ -1,10 +1,6 @@ -{ config, lib, ... }: +{ ... }: { - options.displays = lib.mkOption { - type = lib.types.attrs; - }; - - config.displays = { + vars.displays = { tower1 = "Microstep MSI G24C 0000000000001"; tower2 = "BNQ BenQ GW2270 6CH00781019"; tower3 = "Eizo Nanao Corporation CG223W 23252050"; diff --git a/modules/home/variables/look/fonts/default.nix b/modules/home/variables/fonts/default.nix similarity index 83% rename from modules/home/variables/look/fonts/default.nix rename to modules/home/variables/fonts/default.nix index 3a55f47d..a9a26c8b 100644 --- a/modules/home/variables/look/fonts/default.nix +++ b/modules/home/variables/fonts/default.nix @@ -1,6 +1,6 @@ { ... }: { - look.fonts = { + vars.fonts = { main = "Ubuntu Nerd Font"; mono = "UbuntuMono Nerd Font"; }; diff --git a/modules/home/variables/look/default.nix b/modules/home/variables/look/default.nix deleted file mode 100644 index 82be4f01..00000000 --- a/modules/home/variables/look/default.nix +++ /dev/null @@ -1,12 +0,0 @@ -{ config, lib, ... }: -{ - imports = [ - ./border - ./colors - ./fonts - ]; - - options.look = lib.mkOption { - type = lib.types.attrs; - }; -} diff --git a/modules/home/variables/workspaces/default.nix b/modules/home/variables/workspaces/default.nix index ead54949..80875cb0 100644 --- a/modules/home/variables/workspaces/default.nix +++ b/modules/home/variables/workspaces/default.nix @@ -1,10 +1,6 @@ -{ config, lib, ... }: +{ ... }: { - options.ws = lib.mkOption { - type = lib.types.attrs; - }; - - config.ws = { + vars.ws = { w0 = "0"; w1 = "1"; w2 = "2"; diff --git a/modules/home/wms/programs/kanshi/default.nix b/modules/home/wms/programs/kanshi/default.nix index 1e30d7da..0d18aa3d 100644 --- a/modules/home/wms/programs/kanshi/default.nix +++ b/modules/home/wms/programs/kanshi/default.nix @@ -2,11 +2,11 @@ { services.kanshi = { enable = config.home.desktop.enable; - settings = [ + settings = with config.vars.displays; [ # Outputs { output = { - criteria = config.displays.tower1; + criteria = tower1; adaptiveSync = true; mode = "1920x1080@143.979996Hz"; }; @@ -18,20 +18,20 @@ name = "tower-tv"; outputs = [ { - criteria = config.displays.tower1; + criteria = tower1; position = "3840,405"; } { - criteria = config.displays.tower2; + criteria = tower2; position = "1920,405"; } { - criteria = config.displays.tower3; + criteria = tower3; position = "5760,0"; transform = "90"; } { - criteria = config.displays.tower4; + criteria = tower4; position = "0,405"; } ]; @@ -42,15 +42,15 @@ name = "tower"; outputs = [ { - criteria = config.displays.tower1; + criteria = tower1; position = "1920,405"; } { - criteria = config.displays.tower2; + criteria = tower2; position = "0,405"; } { - criteria = config.displays.tower3; + criteria = tower3; position = "3840,0"; transform = "90"; } @@ -63,11 +63,11 @@ name = "detritus"; outputs = [ { - criteria = config.displays.detritus1; + criteria = detritus1; position = "0,0"; } { - criteria = config.displays.detritus2; + criteria = detritus2; position = "1920,0"; scale = 0.85; } diff --git a/modules/home/wms/programs/mako/default.nix b/modules/home/wms/programs/mako/default.nix index b8555a15..1e689e1e 100644 --- a/modules/home/wms/programs/mako/default.nix +++ b/modules/home/wms/programs/mako/default.nix @@ -4,10 +4,10 @@ enable = config.home.desktop.enable; settings = { # Theme - background-color = "#${config.look.colors.dark}D9"; - border-color = "#${config.look.colors.accent}"; - border-size = config.look.border.int; - font = "${config.look.fonts.main} 12"; + background-color = "#${config.vars.colors.dark}D9"; + border-color = "#${config.vars.colors.accent}"; + border-size = config.vars.border.int; + font = "${config.vars.fonts.main} 12"; margin = 0; max-icon-size = 40; outer-margin = 10; diff --git a/modules/home/wms/programs/rofi/default.nix b/modules/home/wms/programs/rofi/default.nix index a32f7076..bcdaddf5 100644 --- a/modules/home/wms/programs/rofi/default.nix +++ b/modules/home/wms/programs/rofi/default.nix @@ -7,7 +7,7 @@ enable = true; package = pkgs.rofi-wayland; terminal = "foot"; - font = "${config.look.fonts.main} 14"; + font = "${config.vars.fonts.main} 14"; theme = let inherit (config.lib.formats.rasi) mkLiteral; in { @@ -18,24 +18,24 @@ red = mkLiteral "#DC322F"; background-color = mkLiteral "#00000000"; separatorcolor = mkLiteral "#00000000"; - normal-foreground = mkLiteral "#${config.look.colors.text}"; - normal-background = mkLiteral "#${config.look.colors.dark}1A"; - urgent-foreground = mkLiteral "#${config.look.colors.urgent}"; - active-foreground = mkLiteral "#${config.look.colors.split}"; - selected-active-foreground = mkLiteral "#${config.look.colors.prime}"; - background = mkLiteral "#${config.look.colors.dark}D9"; - bordercolor = mkLiteral "#${config.look.colors.prime}"; + normal-foreground = mkLiteral "#${config.vars.colors.text}"; + normal-background = mkLiteral "#${config.vars.colors.dark}1A"; + urgent-foreground = mkLiteral "#${config.vars.colors.urgent}"; + active-foreground = mkLiteral "#${config.vars.colors.split}"; + selected-active-foreground = mkLiteral "#${config.vars.colors.prime}"; + background = mkLiteral "#${config.vars.colors.dark}D9"; + bordercolor = mkLiteral "#${config.vars.colors.prime}"; selected-normal-foreground = mkLiteral "#FFFFFF"; - selected-normal-background = mkLiteral "#${config.look.colors.prime}80"; - border-color = mkLiteral "#${config.look.colors.prime}"; - urgent-background = mkLiteral "#${config.look.colors.accent}26"; - active-background = mkLiteral "#${config.look.colors.accent}26"; - selected-active-background = mkLiteral "#${config.look.colors.split}54"; + selected-normal-background = mkLiteral "#${config.vars.colors.prime}80"; + border-color = mkLiteral "#${config.vars.colors.prime}"; + urgent-background = mkLiteral "#${config.vars.colors.accent}26"; + active-background = mkLiteral "#${config.vars.colors.accent}26"; + selected-active-background = mkLiteral "#${config.vars.colors.split}54"; }; "#window" = { background-color = mkLiteral "@background"; width = 500; - border = mkLiteral "${config.look.border.string}"; + border = mkLiteral "${config.vars.border.string}"; padding = 5; }; "#message" = { diff --git a/modules/home/wms/programs/swaylock/default.nix b/modules/home/wms/programs/swaylock/default.nix index c2494e4e..ca361fd9 100644 --- a/modules/home/wms/programs/swaylock/default.nix +++ b/modules/home/wms/programs/swaylock/default.nix @@ -1,8 +1,8 @@ { config, pkgs, ... }: let - default = "#${config.look.colors.prime}FF"; - wrong = "#${config.look.colors.split}FF"; - verifying = "#${config.look.colors.accent}FF"; + default = "#${config.vars.colors.prime}FF"; + wrong = "#${config.vars.colors.split}FF"; + verifying = "#${config.vars.colors.accent}FF"; blank = "#00000000"; clear = "#FFFFFF22"; text = "#FFFFFFFF"; @@ -13,7 +13,7 @@ in { settings = { clock = true; image = ".wallpapers/lock.png"; - font = config.look.fonts.main; + font = config.vars.fonts.main; font-size = 30; timestr = "%I:%M%p"; datestr = "%a %b %d %Y"; diff --git a/modules/home/wms/programs/wallpapers/wpaperd/default.nix b/modules/home/wms/programs/wallpapers/wpaperd/default.nix index c3575bda..98892d90 100644 --- a/modules/home/wms/programs/wallpapers/wpaperd/default.nix +++ b/modules/home/wms/programs/wallpapers/wpaperd/default.nix @@ -5,8 +5,8 @@ settings = { default.mode = "center"; any.path = ".wallpapers/1.png"; - "${config.displays.tower2}".path = ".wallpapers/2.png"; - "${config.displays.tower3}".path = ".wallpapers/3.png"; + "${config.vars.displays.tower2}".path = ".wallpapers/2.png"; + "${config.vars.displays.tower3}".path = ".wallpapers/3.png"; }; }; } diff --git a/modules/home/wms/programs/waybar/default.nix b/modules/home/wms/programs/waybar/default.nix index 281ebb19..ad68a398 100644 --- a/modules/home/wms/programs/waybar/default.nix +++ b/modules/home/wms/programs/waybar/default.nix @@ -236,9 +236,9 @@ position = "top"; layer = "top"; output = [ - "!${config.displays.tower2}" - "!${config.displays.tower3}" - "!${config.displays.detritus2}" + "!${config.vars.displays.tower2}" + "!${config.vars.displays.tower3}" + "!${config.vars.displays.detritus2}" "*" ]; modules-left = [ @@ -271,9 +271,9 @@ position = "top"; layer = "top"; output = [ - config.displays.tower2 - config.displays.tower3 - config.displays.detritus2 + config.vars.displays.tower2 + config.vars.displays.tower3 + config.vars.displays.detritus2 ]; modules-left = [ "sway/workspaces" @@ -294,12 +294,11 @@ border: 0; border-radius: 0; min-height: 0; - font-family: ${config.look.fonts.main}; font-size: 15.5px; - color: #${config.look.colors.text}; + color: #${config.vars.colors.text}; } - #waybar { background: #${config.look.colors.dark}; } + #waybar { background: #${config.vars.colors.dark}; } #network { padding: 0 6px 0 4px; } #gamemode, #scratchpad, #privacy, #tray, #bluetooth { margin: 0 2px 0 2px; } #pulseaudio, #mpris, #custom-notifs, #idle_inhibitor, #custom-weather, #cpu, #memory, #custom-vram, #backlight, #battery, #clock { margin: 0 2px 0 4px; } @@ -312,15 +311,15 @@ min-width: 20px; } #workspaces button.visible, #workspaces button.active { - border-bottom: 3px solid #${config.look.colors.prime}; - background: #${config.look.colors.mid}; + border-bottom: 3px solid #${config.vars.colors.prime}; + background: #${config.vars.colors.mid}; } #workspaces button.urgent { - border-bottom: 3px solid #${config.look.colors.urgent}; + border-bottom: 3px solid #${config.vars.colors.urgent}; } #workspaces button:hover { box-shadow: none; - background: #${config.look.colors.light}; + background: #${config.vars.colors.light}; } #mpris { border-bottom: 3px solid #ffb066; } diff --git a/modules/home/wms/sway/hotkeys/default.nix b/modules/home/wms/sway/hotkeys/default.nix index c14d1a90..ffd9e6e2 100644 --- a/modules/home/wms/sway/hotkeys/default.nix +++ b/modules/home/wms/sway/hotkeys/default.nix @@ -8,7 +8,7 @@ in { # Hotkeys modifier = "${primeMod}"; - keybindings = { + keybindings = with config.vars.ws; { ## Launchers # Browser @@ -78,50 +78,50 @@ "${primeMod}+Shift+r" = ''reload''; # Switch to workspaces - "${primeMod}+grave" = ''workspace 0:${config.ws.w0}''; - "${primeMod}+1" = ''workspace 1:${config.ws.w1}''; - "${primeMod}+2" = ''workspace 2:${config.ws.w2}''; - "${primeMod}+3" = ''workspace 3:${config.ws.w3}''; - "${primeMod}+4" = ''workspace 4:${config.ws.w4}''; - "${primeMod}+5" = ''workspace 5:${config.ws.w5}''; - "${primeMod}+6" = ''workspace 6:${config.ws.w6}''; - "${primeMod}+7" = ''workspace 7:${config.ws.w7}''; - "${primeMod}+8" = ''workspace 8:${config.ws.w8}''; - "${primeMod}+9" = ''workspace 9:${config.ws.w9}''; + "${primeMod}+grave" = ''workspace 0:${w0}''; + "${primeMod}+1" = ''workspace 1:${w1}''; + "${primeMod}+2" = ''workspace 2:${w2}''; + "${primeMod}+3" = ''workspace 3:${w3}''; + "${primeMod}+4" = ''workspace 4:${w4}''; + "${primeMod}+5" = ''workspace 5:${w5}''; + "${primeMod}+6" = ''workspace 6:${w6}''; + "${primeMod}+7" = ''workspace 7:${w7}''; + "${primeMod}+8" = ''workspace 8:${w8}''; + "${primeMod}+9" = ''workspace 9:${w9}''; # Switch to alternate workspaces - "${secMod}+F1" = ''workspace 11:${config.ws.w1a}''; - "${secMod}+F2" = ''workspace 22:${config.ws.w2a}''; - "${secMod}+F3" = ''workspace 33:${config.ws.w3a}''; - "${secMod}+F4" = ''workspace 44:${config.ws.w4a}''; - "${secMod}+F5" = ''workspace 55:${config.ws.w5a}''; - "${secMod}+F6" = ''workspace 66:${config.ws.w6a}''; - "${secMod}+F7" = ''workspace 77:${config.ws.w7a}''; - "${secMod}+F8" = ''workspace 88:${config.ws.w8a}''; - "${secMod}+F9" = ''workspace 99:${config.ws.w9a}''; + "${secMod}+F1" = ''workspace 11:${w1a}''; + "${secMod}+F2" = ''workspace 22:${w2a}''; + "${secMod}+F3" = ''workspace 33:${w3a}''; + "${secMod}+F4" = ''workspace 44:${w4a}''; + "${secMod}+F5" = ''workspace 55:${w5a}''; + "${secMod}+F6" = ''workspace 66:${w6a}''; + "${secMod}+F7" = ''workspace 77:${w7a}''; + "${secMod}+F8" = ''workspace 88:${w8a}''; + "${secMod}+F9" = ''workspace 99:${w9a}''; # Move window to and focus workspace - "${primeMod}+Shift+grave" = ''move container to workspace 0:${config.ws.w0}; workspace 0:${config.ws.w0}''; - "${primeMod}+Shift+1" = ''move container to workspace 1:${config.ws.w1}; workspace 1:${config.ws.w1}''; - "${primeMod}+Shift+2" = ''move container to workspace 2:${config.ws.w2}; workspace 2:${config.ws.w2}''; - "${primeMod}+Shift+3" = ''move container to workspace 3:${config.ws.w3}; workspace 3:${config.ws.w3}''; - "${primeMod}+Shift+4" = ''move container to workspace 4:${config.ws.w4}; workspace 4:${config.ws.w4}''; - "${primeMod}+Shift+5" = ''move container to workspace 5:${config.ws.w5}; workspace 5:${config.ws.w5}''; - "${primeMod}+Shift+6" = ''move container to workspace 6:${config.ws.w6}; workspace 6:${config.ws.w6}''; - "${primeMod}+Shift+7" = ''move container to workspace 7:${config.ws.w7}; workspace 7:${config.ws.w7}''; - "${primeMod}+Shift+8" = ''move container to workspace 8:${config.ws.w8}; workspace 8:${config.ws.w8}''; - "${primeMod}+Shift+9" = ''move container to workspace 9:${config.ws.w9}; workspace 9:${config.ws.w9}''; + "${primeMod}+Shift+grave" = ''move container to workspace 0:${w0}; workspace 0:${w0}''; + "${primeMod}+Shift+1" = ''move container to workspace 1:${w1}; workspace 1:${w1}''; + "${primeMod}+Shift+2" = ''move container to workspace 2:${w2}; workspace 2:${w2}''; + "${primeMod}+Shift+3" = ''move container to workspace 3:${w3}; workspace 3:${w3}''; + "${primeMod}+Shift+4" = ''move container to workspace 4:${w4}; workspace 4:${w4}''; + "${primeMod}+Shift+5" = ''move container to workspace 5:${w5}; workspace 5:${w5}''; + "${primeMod}+Shift+6" = ''move container to workspace 6:${w6}; workspace 6:${w6}''; + "${primeMod}+Shift+7" = ''move container to workspace 7:${w7}; workspace 7:${w7}''; + "${primeMod}+Shift+8" = ''move container to workspace 8:${w8}; workspace 8:${w8}''; + "${primeMod}+Shift+9" = ''move container to workspace 9:${w9}; workspace 9:${w9}''; # Move window to and focus alternate workspace - "${secMod}+Shift+F1" = ''move container to workspace 11:${config.ws.w1a}; workspace 11:${config.ws.w1a}''; - "${secMod}+Shift+F2" = ''move container to workspace 22:${config.ws.w2a}; workspace 22:${config.ws.w2a}''; - "${secMod}+Shift+F3" = ''move container to workspace 33:${config.ws.w3a}; workspace 33:${config.ws.w3a}''; - "${secMod}+Shift+F4" = ''move container to workspace 44:${config.ws.w4a}; workspace 44:${config.ws.w4a}''; - "${secMod}+Shift+F5" = ''move container to workspace 55:${config.ws.w5a}; workspace 55:${config.ws.w5a}''; - "${secMod}+Shift+F6" = ''move container to workspace 66:${config.ws.w6a}; workspace 66:${config.ws.w6a}''; - "${secMod}+Shift+F7" = ''move container to workspace 77:${config.ws.w7a}; workspace 77:${config.ws.w7a}''; - "${secMod}+Shift+F8" = ''move container to workspace 88:${config.ws.w8a}; workspace 88:${config.ws.w8a}''; - "${secMod}+Shift+F9" = ''move container to workspace 99:${config.ws.w9a}; workspace 99:${config.ws.w9a}''; + "${secMod}+Shift+F1" = ''move container to workspace 11:${w1a}; workspace 11:${w1a}''; + "${secMod}+Shift+F2" = ''move container to workspace 22:${w2a}; workspace 22:${w2a}''; + "${secMod}+Shift+F3" = ''move container to workspace 33:${w3a}; workspace 33:${w3a}''; + "${secMod}+Shift+F4" = ''move container to workspace 44:${w4a}; workspace 44:${w4a}''; + "${secMod}+Shift+F5" = ''move container to workspace 55:${w5a}; workspace 55:${w5a}''; + "${secMod}+Shift+F6" = ''move container to workspace 66:${w6a}; workspace 66:${w6a}''; + "${secMod}+Shift+F7" = ''move container to workspace 77:${w7a}; workspace 77:${w7a}''; + "${secMod}+Shift+F8" = ''move container to workspace 88:${w8a}; workspace 88:${w8a}''; + "${secMod}+Shift+F9" = ''move container to workspace 99:${w9a}; workspace 99:${w9a}''; # Change focused window "${primeMod}+h" = ''focus left''; diff --git a/modules/home/wms/sway/outputs/default.nix b/modules/home/wms/sway/outputs/default.nix index e44120f2..8416e7dd 100644 --- a/modules/home/wms/sway/outputs/default.nix +++ b/modules/home/wms/sway/outputs/default.nix @@ -2,47 +2,42 @@ { # Monitors wayland.windowManager.sway.config = { - workspaceOutputAssign = let + workspaceOutputAssign = with config.vars.ws; with config.vars.displays; let workspaces1 = [ - "0:${config.ws.w0}" - "1:${config.ws.w1}" - "2:${config.ws.w2}" - "3:${config.ws.w3}" - "11:${config.ws.w1a}" - "22:${config.ws.w2a}" - "33:${config.ws.w3a}" + "0:${w0}" + "1:${w1}" + "2:${w2}" + "3:${w3}" + "11:${w1a}" + "22:${w2a}" + "33:${w3a}" ]; workspaces2 = [ - "4:${config.ws.w4}" - "5:${config.ws.w5}" - "6:${config.ws.w6}" - "44:${config.ws.w4a}" - "55:${config.ws.w5a}" + "4:${w4}" + "5:${w5}" + "6:${w6}" + "44:${w4a}" + "55:${w5a}" ]; workspaces3 = [ - "7:${config.ws.w7}" - "8:${config.ws.w8}" - "9:${config.ws.w9}" - "77:${config.ws.w7a}" - "88:${config.ws.w8a}" + "7:${w7}" + "8:${w8}" + "9:${w9}" + "77:${w7a}" + "88:${w8a}" ]; workspaces4 = [ - "66:${config.ws.w6a}" - "99:${config.ws.w9a}" + "66:${w6a}" + "99:${w9a}" ]; assign = output: workspaces: map (workspace: { inherit workspace; inherit output; }) workspaces; in - (assign "${config.displays.tower1}" workspaces1) ++ - (assign "${config.displays.tower2}" workspaces2) ++ - (assign "${config.displays.tower3}" workspaces3) ++ - (assign "${config.displays.tower4}" workspaces4) ++ - - (assign "${config.displays.detritus1}" workspaces1) ++ - (assign "${config.displays.detritus1}" workspaces2) ++ - (assign "${config.displays.detritus2}" workspaces3) ++ - (assign "${config.displays.detritus2}" workspaces4); + (assign "${tower1}" workspaces1) ++ + (assign "${tower2}" workspaces2) ++ + (assign "${tower3}" workspaces3) ++ + (assign "${tower4}" workspaces4); }; } diff --git a/modules/home/wms/sway/rules/default.nix b/modules/home/wms/sway/rules/default.nix index d50a4e73..8d213281 100644 --- a/modules/home/wms/sway/rules/default.nix +++ b/modules/home/wms/sway/rules/default.nix @@ -1,7 +1,7 @@ { config, ... }: { - wayland.windowManager.sway.config = { - defaultWorkspace = "workspace 1:${config.ws.w1}"; + wayland.windowManager.sway.config = with config.vars.ws; { + defaultWorkspace = "workspace 1:${w1}"; focus = { mouseWarping = "container"; @@ -34,7 +34,7 @@ # Give apps that don't have them borders { criteria = { con_mark = "giveborder"; }; - command = ''border pixel ${config.look.border.string}''; + command = ''border pixel ${config.vars.border.string}''; } { criteria = { class = "steam"; }; @@ -56,22 +56,22 @@ }; assigns = { # Browser - "1:${config.ws.w1}" = [{ app_id = "librewolf"; }]; + "1:${w1}" = [{ app_id = "librewolf"; }]; # Communication - "7:${config.ws.w7}" = [ + "7:${w7}" = [ { app_id = "teams-for-linux"; } { app_id = "vesktop"; } { class = "vesktop"; } ]; - "9:${config.ws.w9}" = [{ app_id = "thunderbird"; }]; + "9:${w9}" = [{ app_id = "thunderbird"; }]; # Etc - "2:${config.ws.w2}" = [ + "2:${w2}" = [ { class = "steam"; } { app_id = "heroic"; } ]; - "44:${config.ws.w4a}" = [{ app_id = "com.obsproject.Studio"; }]; + "44:${w4a}" = [{ app_id = "com.obsproject.Studio"; }]; }; }; } diff --git a/modules/home/wms/sway/theme/default.nix b/modules/home/wms/sway/theme/default.nix index 94e997a9..6c042bdb 100644 --- a/modules/home/wms/sway/theme/default.nix +++ b/modules/home/wms/sway/theme/default.nix @@ -3,49 +3,49 @@ wayland.windowManager.sway.config = { colors = { focused = { - border = "#${config.look.colors.prime}"; - background = "#${config.look.colors.prime}"; + border = "#${config.vars.colors.prime}"; + background = "#${config.vars.colors.prime}"; text = "#FFFFFF"; - indicator = "#${config.look.colors.actSplit}"; - childBorder = "#${config.look.colors.prime}"; + indicator = "#${config.vars.colors.actSplit}"; + childBorder = "#${config.vars.colors.prime}"; }; focusedInactive = { - border = "#${config.look.colors.accent}"; - background = "#${config.look.colors.accent}"; - text = "#${config.look.colors.text}"; - indicator = "#${config.look.colors.split}"; - childBorder = "#${config.look.colors.accent}"; + border = "#${config.vars.colors.accent}"; + background = "#${config.vars.colors.accent}"; + text = "#${config.vars.colors.text}"; + indicator = "#${config.vars.colors.split}"; + childBorder = "#${config.vars.colors.accent}"; }; unfocused = { - border = "#${config.look.colors.dark}"; - background = "#${config.look.colors.dark}"; - text = "#${config.look.colors.text}"; - indicator = "#${config.look.colors.split}"; - childBorder = "#${config.look.colors.split}"; + border = "#${config.vars.colors.dark}"; + background = "#${config.vars.colors.dark}"; + text = "#${config.vars.colors.text}"; + indicator = "#${config.vars.colors.split}"; + childBorder = "#${config.vars.colors.split}"; }; urgent = { - border = "#${config.look.colors.urgent}"; - background = "#${config.look.colors.urgent}"; - text = "#${config.look.colors.text}"; - indicator = "#${config.look.colors.urgent}"; - childBorder = "#${config.look.colors.urgent}"; + border = "#${config.vars.colors.urgent}"; + background = "#${config.vars.colors.urgent}"; + text = "#${config.vars.colors.text}"; + indicator = "#${config.vars.colors.urgent}"; + childBorder = "#${config.vars.colors.urgent}"; }; }; bars = [ ]; fonts = { - names = [ config.look.fonts.main ]; + names = [ config.vars.fonts.main ]; size = 10.5; }; window = { - border = config.look.border.int; + border = config.vars.border.int; hideEdgeBorders = "smart"; }; floating = { - border = config.look.border.int; + border = config.vars.border.int; titlebar = false; }; diff --git a/modules/system/default.nix b/modules/system/default.nix index b397e67a..e2c3b9d7 100644 --- a/modules/system/default.nix +++ b/modules/system/default.nix @@ -1,4 +1,4 @@ -{ config, lib, name, ... }: +{ config, name, ... }: { imports = [ ./devices @@ -7,12 +7,9 @@ ./services ./settings ./users + ./variables ]; - options.system = with lib; { - desktop.enable = mkEnableOption "Desktop apps and services"; - server.enable = mkEnableOption "Server apps and services"; - }; - - config.networking.hostName = name; + networking.hostName = name; + deployment.tags = config.system.nixos.tags; } diff --git a/modules/system/devices/audio/default.nix b/modules/system/devices/audio/default.nix index 08950259..4d66e614 100644 --- a/modules/system/devices/audio/default.nix +++ b/modules/system/devices/audio/default.nix @@ -1,13 +1,13 @@ { config, ... }: { services.pipewire = { - enable = config.system.desktop.enable; - wireplumber.extraConfig."wireplumber.settings"."bluetooth.autoswitch-to-headset-profile" = false; + enable = builtins.elem "pc" config.system.nixos.tags; alsa = { enable = true; support32Bit = true; }; pulse.enable = true; #jack.enable = true; + wireplumber.extraConfig."wireplumber.settings"."bluetooth.autoswitch-to-headset-profile" = false; }; } diff --git a/modules/system/devices/bluetooth/default.nix b/modules/system/devices/bluetooth/default.nix index b6885d45..e735bf31 100644 --- a/modules/system/devices/bluetooth/default.nix +++ b/modules/system/devices/bluetooth/default.nix @@ -1,6 +1,6 @@ -{ config, lib, pkgs, ... }: +{ config, lib, ... }: { - config = lib.mkIf config.system.desktop.enable { + config = lib.mkIf (builtins.elem "pc" config.system.nixos.tags) { hardware.bluetooth = { enable = true; settings = { @@ -8,9 +8,7 @@ Policy.AutoEnable = "true"; }; }; - environment = { - systemPackages = with pkgs; [ bluetui ]; - persistence."/persist".directories = [ "/var/lib/bluetooth" ]; - }; + + environment.persistence."/persist".directories = [ "/var/lib/bluetooth" ]; }; } diff --git a/modules/system/devices/boot/default.nix b/modules/system/devices/boot/default.nix index 41c0496b..40fd3718 100644 --- a/modules/system/devices/boot/default.nix +++ b/modules/system/devices/boot/default.nix @@ -10,7 +10,6 @@ boot = { kernelPackages = lib.mkDefault pkgs.linuxPackages_latest; - kernelParams = [ "nouveau.config=NvGspRm=1" ]; blacklistedKernelModules = [ "pcspkr" ]; kernel.sysctl = { "vm.max_map_count" = 2147483642; diff --git a/modules/system/devices/default.nix b/modules/system/devices/default.nix index 0ccbcf4d..a99c9a26 100644 --- a/modules/system/devices/default.nix +++ b/modules/system/devices/default.nix @@ -7,6 +7,7 @@ ./disks ./networking ./printing + ./tlp ./udev ./video ]; diff --git a/modules/system/devices/disks/filesystems/default.nix b/modules/system/devices/disks/filesystems/default.nix index a6a1f3ba..71fe167e 100644 --- a/modules/system/devices/disks/filesystems/default.nix +++ b/modules/system/devices/disks/filesystems/default.nix @@ -2,17 +2,20 @@ { boot = { supportedFilesystems = { - ntfs = config.system.desktop.enable; - zfs = config.system.server.enable; + ntfs = builtins.elem "pc" config.system.nixos.tags; + zfs = builtins.elem "server" config.system.nixos.tags; }; swraid = { - enable = config.system.server.enable; + enable = builtins.elem "server" config.system.nixos.tags; mdadmConf = "MAILADDR contact@nixfox.ca"; }; }; services = lib.mkIf config.environment.persistence."/persist".enable { - btrfs.autoScrub.enable = true; + btrfs.autoScrub = { + enable = true; + interval = "weekly"; + }; fstrim.enable = true; }; diff --git a/modules/system/devices/networking/default.nix b/modules/system/devices/networking/default.nix index aed59229..fd8e9172 100644 --- a/modules/system/devices/networking/default.nix +++ b/modules/system/devices/networking/default.nix @@ -1,6 +1,7 @@ { config, ... }: { imports = [ + ./mounts ./mycelium ./nameservers ./wireless diff --git a/modules/system/devices/networking/mounts/default.nix b/modules/system/devices/networking/mounts/default.nix new file mode 100644 index 00000000..3bb69619 --- /dev/null +++ b/modules/system/devices/networking/mounts/default.nix @@ -0,0 +1,32 @@ +{ config, lib, nodes, ... }: +{ + fileSystems = let + netOpts = [ + "noauto" + "soft" + "x-systemd.automount" + ]; + in with nodes; { + "midas" = { + enable = lib.mkDefault false; + device = "[${midas.config.deployment.targetHost}]:/storage"; + mountPoint = "/network/Midas"; + fsType = "nfs4"; + options = netOpts; + }; + "kitty" = { + enable = lib.mkDefault false; + device = "[${kitty.config.deployment.targetHost}]:/storage"; + mountPoint = "/network/Kitty"; + fsType = "nfs4"; + options = netOpts; + }; + "prophet" = { + enable = lib.mkDefault false; + device = "[${prophet.config.deployment.targetHost}]:/storage"; + mountPoint = "/network/Prophet"; + fsType = "nfs4"; + options = netOpts; + }; + }; +} diff --git a/modules/system/devices/networking/wireless/default.nix b/modules/system/devices/networking/wireless/default.nix index 2bddfeef..eab13bb7 100644 --- a/modules/system/devices/networking/wireless/default.nix +++ b/modules/system/devices/networking/wireless/default.nix @@ -1,7 +1,7 @@ -{ config, ... }: +{ ... }: { networking.wireless = { - enable = config.system.desktop.enable; + enable = true; userControlled.enable = true; }; } diff --git a/modules/system/devices/printing/default.nix b/modules/system/devices/printing/default.nix index 8ea5eed7..a57dbaff 100644 --- a/modules/system/devices/printing/default.nix +++ b/modules/system/devices/printing/default.nix @@ -2,7 +2,7 @@ { services = { printing = { - enable = config.system.desktop.enable; + enable = builtins.elem "pc" config.system.nixos.tags; drivers = with pkgs; [ hplip ]; }; avahi = { diff --git a/modules/system/devices/tlp/default.nix b/modules/system/devices/tlp/default.nix new file mode 100644 index 00000000..694db2be --- /dev/null +++ b/modules/system/devices/tlp/default.nix @@ -0,0 +1,31 @@ +{ config, ... }: +{ + services.tlp = { + enable = true; + settings = let + leastBat = 80; + maxBat = 85; + in { + # Stop battery charging after threshold + START_CHARGE_THRESH_BAT0 = leastBat; + STOP_CHARGE_THRESH_BAT0 = maxBat; + START_CHARGE_THRESH_BAT1 = leastBat; + STOP_CHARGE_THRESH_BAT1 = maxBat; + + # Change CPU energy/performance policy to power + CPU_ENERGY_PERF_POLICY_ON_AC = "performance"; + CPU_ENERGY_PERF_POLICY_ON_BAT = "power"; + + # Enable the platform profile low-power + PLATFORM_PROFILE_ON_AC = "performance"; + PLATFORM_PROFILE_ON_BAT = "low-power"; + + # Disable turbo boost + CPU_BOOST_ON_AC = 1; + CPU_BOOST_ON_BAT = 0; + + CPU_HWP_DYN_BOOST_ON_AC = 1; + CPU_HWP_DYN_BOOST_ON_BAT = 0; + }; + }; +} diff --git a/modules/system/devices/udev/default.nix b/modules/system/devices/udev/default.nix index 37191c01..728dba1e 100644 --- a/modules/system/devices/udev/default.nix +++ b/modules/system/devices/udev/default.nix @@ -1,6 +1,7 @@ -{ config, lib, pkgs, ... }: +{ pkgs, ... }: { - services.udev.packages = with pkgs; lib.mkIf config.system.desktop.enable [ + services.udev.packages = with pkgs; [ + android-udev-rules game-devices-udev-rules ]; } diff --git a/modules/system/devices/video/default.nix b/modules/system/devices/video/default.nix index de825e6f..6db0c37f 100644 --- a/modules/system/devices/video/default.nix +++ b/modules/system/devices/video/default.nix @@ -3,7 +3,7 @@ imports = [ ./nvidia ]; hardware.graphics = { - enable = config.system.desktop.enable; + enable = builtins.elem "pc" config.system.nixos.tags; enable32Bit = if config.nixpkgs.hostPlatform.linuxArch == "x86_64" then true else false; extraPackages = with pkgs; [ vulkan-loader diff --git a/modules/system/devices/video/nvidia/default.nix b/modules/system/devices/video/nvidia/default.nix index f9d10a1c..40156146 100644 --- a/modules/system/devices/video/nvidia/default.nix +++ b/modules/system/devices/video/nvidia/default.nix @@ -1,20 +1,18 @@ { config, lib, ... }: { - options.system.nvidia.enable = lib.mkEnableOption "Nvidia graphic drivers"; + config = lib.mkIf (lib.elem "nvidia" config.services.xserver.videoDrivers) { + boot.kernelParams = [ "nvidia_drm.fbdev=1" ]; # Framebuffer fixes TTY access - config = lib.mkIf config.system.nvidia.enable { hardware.nvidia = { modesetting.enable = true; nvidiaSettings = false; open = true; }; - boot.kernelParams = [ "nvidia_drm.fbdev=1" ]; # Framebuffer fixes TTY access - - services.xserver.videoDrivers = [ "nvidia" ]; - nixpkgs.allowUnfreePackages = [ "nvidia-x11" ]; - specialisation.nouveau.configuration.config.system.nvidia.enable = lib.mkForce false; + specialisation.nouveau.configuration.config.services.xserver.videoDrivers = lib.mkForce [ "nouveau" ]; + } // { + boot.kernelParams = [ "nouveau.config=NvGspRm=1" ]; }; } diff --git a/modules/system/programs/desktops/default.nix b/modules/system/programs/desktops/default.nix index 9ffc2855..39b1ab5c 100644 --- a/modules/system/programs/desktops/default.nix +++ b/modules/system/programs/desktops/default.nix @@ -1,6 +1,6 @@ { config, lib, ... }: { - config = lib.mkIf config.system.desktop.enable { + config = lib.mkIf (builtins.elem "pc" config.system.nixos.tags) { programs.sway.enable = true; security.pam.services.swaylock = {}; }; diff --git a/modules/system/programs/gaming/default.nix b/modules/system/programs/gaming/default.nix index b2a135a6..44949786 100644 --- a/modules/system/programs/gaming/default.nix +++ b/modules/system/programs/gaming/default.nix @@ -1,7 +1,7 @@ { config, ... }: { programs.gamemode = { - enable = config.system.desktop.enable; + enable = builtins.elem "pc" config.system.nixos.tags; settings = { general.renice = 10; gpu = { diff --git a/modules/system/programs/udevil/default.nix b/modules/system/programs/udevil/default.nix index 604943ab..d5dac7fb 100644 --- a/modules/system/programs/udevil/default.nix +++ b/modules/system/programs/udevil/default.nix @@ -1,4 +1,4 @@ -{ config, ... }: +{ ... }: { - programs.udevil.enable = config.system.desktop.enable; + programs.udevil.enable = true; } diff --git a/modules/system/secrets/default.nix b/modules/system/secrets/default.nix index e2904a3e..0ba12e4d 100644 Binary files a/modules/system/secrets/default.nix and b/modules/system/secrets/default.nix differ diff --git a/modules/system/services/general/default.nix b/modules/system/services/general/default.nix index 96b68f06..1fbfcf57 100644 --- a/modules/system/services/general/default.nix +++ b/modules/system/services/general/default.nix @@ -6,7 +6,6 @@ ./libvirtd ./snowflake ./ssh - ./tlp ./userborn ./vmware ]; diff --git a/modules/system/services/general/displaymanager/default.nix b/modules/system/services/general/displaymanager/default.nix index 585e7f35..c1cf9e25 100644 --- a/modules/system/services/general/displaymanager/default.nix +++ b/modules/system/services/general/displaymanager/default.nix @@ -1,6 +1,6 @@ { config, lib, pkgs, ... }: { - config = lib.mkIf config.system.desktop.enable { + config = lib.mkIf (builtins.elem "pc" config.system.nixos.tags) { services.greetd = { enable = true; settings.default_session.command = lib.mkDefault (lib.strings.concatStringsSep " " [ diff --git a/modules/system/services/general/libvirtd/default.nix b/modules/system/services/general/libvirtd/default.nix index 8cb556dd..bbf47a4e 100644 --- a/modules/system/services/general/libvirtd/default.nix +++ b/modules/system/services/general/libvirtd/default.nix @@ -14,13 +14,15 @@ }; }; - programs.virt-manager.enable = true; - - networking.firewall.trustedInterfaces = [ - "virbr0" - "virbr1" + # Isolate devices into more IOMMU groups + boot.kernelParams = [ + "pcie_acs_override=downstream,multifunction" + "pci=routeirq" ]; + programs.virt-manager.enable = true; + + # Allow looking glass to be accessed by users systemd.tmpfiles.rules = [ "f /dev/shm/looking-glass 0660 - libvirtd -" ]; environment.persistence."/persist".directories = [ "/var/lib/libvirt" ]; diff --git a/modules/system/services/general/tlp/default.nix b/modules/system/services/general/tlp/default.nix deleted file mode 100644 index 4b030f55..00000000 --- a/modules/system/services/general/tlp/default.nix +++ /dev/null @@ -1,4 +0,0 @@ -{ config, ... }: -{ - services.tlp.enable = config.system.desktop.enable; -} diff --git a/modules/system/services/server/cfdyndns/default.nix b/modules/system/services/server/cfdyndns/default.nix index b281886b..922c774b 100644 --- a/modules/system/services/server/cfdyndns/default.nix +++ b/modules/system/services/server/cfdyndns/default.nix @@ -1,4 +1,4 @@ -{ config, lib, pkgs, ... }: +{ config, lib, ... }: { config = lib.mkIf config.services.cloudflare-dyndns.enable { services.cloudflare-dyndns.apiTokenFile = "/var/lib/private/cloudflare-dyndns/key"; diff --git a/modules/system/services/server/default.nix b/modules/system/services/server/default.nix index 6e2a762f..9d19264e 100644 --- a/modules/system/services/server/default.nix +++ b/modules/system/services/server/default.nix @@ -5,7 +5,6 @@ ./forgejo ./icecast ./jellyfin - ./lemmy ./mailserver ./mastodon ./matrix diff --git a/modules/system/services/server/forgejo/default.nix b/modules/system/services/server/forgejo/default.nix index 37ce0176..af4d132f 100644 --- a/modules/system/services/server/forgejo/default.nix +++ b/modules/system/services/server/forgejo/default.nix @@ -8,17 +8,17 @@ lfs.enable = true; settings = { server = { - DOMAIN = "git.nixfox.ca"; - ROOT_URL = "https://git.nixfox.ca:443"; + DOMAIN = "git.${config.vars.mainDomain}"; + ROOT_URL = "https://git.${config.vars.mainDomain}:443"; HTTP_PORT = 3110; SSH_PORT = 2299; START_SSH_SERVER = true; }; mailer = { ENABLED = true; - SMTP_ADDR = "mx.nixfox.ca"; - FROM = "NixFox Git "; - USER = "noreply@nixfox.ca"; + SMTP_ADDR = "mx.${config.vars.mainDomain}"; + FROM = "NixFox Git "; + USER = "noreply@${config.vars.mainDomain}"; PASSWD = config.secrets.mailPass.nixfoxNoReply; PROTOCOL = "smtps"; }; @@ -32,7 +32,7 @@ networking.firewall.allowedTCPPorts = [ 2299 ]; - services.cloudflare-dyndns.domains = [ "git.nixfox.ca" ]; + services.cloudflare-dyndns.domains = [ "git.${config.vars.mainDomain}" ]; environment.persistence."/persist".directories = [ "/var/lib/forgejo" ]; }; diff --git a/modules/system/services/server/forgejo/nginx/default.nix b/modules/system/services/server/forgejo/nginx/default.nix index 5428884a..ad2223ad 100644 --- a/modules/system/services/server/forgejo/nginx/default.nix +++ b/modules/system/services/server/forgejo/nginx/default.nix @@ -1,6 +1,6 @@ { config, lib, ... }: { - services.nginx.virtualHosts."git.nixfox.ca" = lib.mkIf config.services.forgejo.enable { + services.nginx.virtualHosts."git.${config.vars.mainDomain}" = lib.mkIf config.services.forgejo.enable { enableACME = true; forceSSL = true; locations."/" = { diff --git a/modules/system/services/server/icecast/default.nix b/modules/system/services/server/icecast/default.nix index ec3dce64..498c184f 100644 --- a/modules/system/services/server/icecast/default.nix +++ b/modules/system/services/server/icecast/default.nix @@ -7,9 +7,9 @@ services.icecast = { listen.port = 73; - hostname = "radio.nixfox.ca"; + hostname = "radio.${config.vars.mainDomain}"; admin = { - user = config.sysusers.main; + user = "admin"; password = config.secrets.cast.adminPass; }; extraConf = '' @@ -17,7 +17,7 @@ ${config.secrets.cast.sourcePass} Canada - contact@nixfox.ca + contact@${config.vars.mainDomain} ''; }; } diff --git a/modules/system/services/server/icecast/nginx/default.nix b/modules/system/services/server/icecast/nginx/default.nix index 6573d11f..8993503a 100644 --- a/modules/system/services/server/icecast/nginx/default.nix +++ b/modules/system/services/server/icecast/nginx/default.nix @@ -1,6 +1,6 @@ { config, lib, ... }: { - services.nginx.virtualHosts."radio.nixfox.ca" = lib.mkIf config.services.icecast.enable { + services.nginx.virtualHosts."radio.${config.vars.mainDomain}" = lib.mkIf config.services.icecast.enable { enableACME = true; forceSSL = true; locations."/" = { diff --git a/modules/system/services/server/jellyfin/nginx/default.nix b/modules/system/services/server/jellyfin/nginx/default.nix index 26d20ab9..d79599e9 100644 --- a/modules/system/services/server/jellyfin/nginx/default.nix +++ b/modules/system/services/server/jellyfin/nginx/default.nix @@ -1,6 +1,6 @@ { config, lib, ... }: { - services.nginx.virtualHosts."jelly.nixfox.ca" = lib.mkIf config.services.jellyfin.enable { + services.nginx.virtualHosts."jelly.${config.vars.mainDomain}" = lib.mkIf config.services.jellyfin.enable { enableACME = true; forceSSL = true; locations."/" = { diff --git a/modules/system/services/server/lemmy/default.nix b/modules/system/services/server/lemmy/default.nix deleted file mode 100644 index 2cc6ed6d..00000000 --- a/modules/system/services/server/lemmy/default.nix +++ /dev/null @@ -1,22 +0,0 @@ -{ config, lib, ... }: -{ - imports = [ ./nginx ]; - - config = lib.mkIf config.services.lemmy.enable { - services.lemmy = lib.mkIf config.services.lemmy.enable { - nginx.enable = true; - database.createLocally = true; - settings = { - hostname = "lemmy.nixfox.ca"; - email = { - smtp_server = "mx.nixfox.ca:587"; - smtp_login = "noreply@nixfox.ca"; - smtp_from_address = "NixFox Lemmy "; - smtp_password = config.secrets.mailPass.nixfoxNoReply; - tls_type = "starttls"; - }; - }; - }; - environment.persistence."/persist".directories = [ "/var/lib/postgresql" ]; - }; -} diff --git a/modules/system/services/server/lemmy/nginx/default.nix b/modules/system/services/server/lemmy/nginx/default.nix deleted file mode 100644 index 0ab2106e..00000000 --- a/modules/system/services/server/lemmy/nginx/default.nix +++ /dev/null @@ -1,7 +0,0 @@ -{ config, lib, ... }: -{ - services.nginx.virtualHosts."lemmy.nixfox.ca" = lib.mkIf config.services.lemmy.enable { - enableACME = true; - forceSSL = true; - }; -} diff --git a/modules/system/services/server/mailserver/default.nix b/modules/system/services/server/mailserver/default.nix index b2edc8eb..c2418a80 100644 --- a/modules/system/services/server/mailserver/default.nix +++ b/modules/system/services/server/mailserver/default.nix @@ -1,11 +1,75 @@ -{ lib, ... }: +{ config, lib, pkgs, mailserver, ... }: { imports = [ ./go-autoconfig ./radicale ./roundcube - ./simplenix + mailserver.nixosModule ]; - options.services.mailserver.enable = lib.mkEnableOption "Simple NixOS Mailserver"; + config = lib.mkIf config.mailserver.enable { + mailserver = { + fqdn = "mx.${config.vars.mainDomain}"; + domains = [ + "nixfox.ca" + "bloxelcom.net" + "freecorn1854.win" + "lunamoonlight.xyz" + ]; + certificateScheme = "acme-nginx"; + localDnsResolver = false; + redis.port = 1515; + + # Passwords made with 'mkpasswd -sm bcrypt' + loginAccounts = { + "jimbo@nixfox.ca" = { + hashedPassword = config.secrets.mailHash.bun; + aliases = [ + "james@nixfox.ca" + + "bun@nixfox.ca" + "bun@bloxelcom.net" + + "contact@nixfox.ca" + ]; + }; + + "luna@lunamoonlight.xyz" = { + hashedPassword = config.secrets.mailHash.luna; + aliases = [ + "luna@bloxelcom.net" + "contact@bloxelcom.net" + "ibu@bloxelcom.net" + ]; + }; + + "contact@freecorn1854.win" = { + hashedPassword = config.secrets.mailHash.corn; + aliases = [ "freecorn@bloxelcom.net" ]; + }; + + # Noreply emails + "noreply@nixfox.ca" = { + hashedPassword = config.secrets.mailHash.nixfoxNoReply; + sendOnly = true; + }; + "noreply@bloxelcom.net" = { + hashedPassword = config.secrets.mailHash.bloxelNoReply; + sendOnly = true; + }; + }; + }; + + services = { + redis.servers.rspamd.port = config.mailserver.redis.port; + cloudflare-dyndns.domains = [ config.mailserver.fqdn ]; + }; + + environment.persistence."/persist".directories = [ + "/var/vmail" + "/var/lib/dovecot" + "/var/lib/postfix" + "/var/lib/redis-rspamd" + ]; + }; } diff --git a/modules/system/services/server/mailserver/go-autoconfig/default.nix b/modules/system/services/server/mailserver/go-autoconfig/default.nix index 740a3fb6..0a9d5746 100644 --- a/modules/system/services/server/mailserver/go-autoconfig/default.nix +++ b/modules/system/services/server/mailserver/go-autoconfig/default.nix @@ -2,7 +2,7 @@ { imports = [ ./nginx ]; - services = lib.mkIf config.services.mailserver.enable { + services = lib.mkIf config.mailserver.enable { go-autoconfig = { enable = true; settings = { diff --git a/modules/system/services/server/mailserver/go-autoconfig/nginx/default.nix b/modules/system/services/server/mailserver/go-autoconfig/nginx/default.nix index 1bb0d687..14937c85 100644 --- a/modules/system/services/server/mailserver/go-autoconfig/nginx/default.nix +++ b/modules/system/services/server/mailserver/go-autoconfig/nginx/default.nix @@ -1,6 +1,6 @@ { config, lib, ... }: { - services.nginx.virtualHosts."autoconfig.nixfox.ca" = lib.mkIf config.services.go-autoconfig.enable { + services.nginx.virtualHosts."autoconfig.${config.vars.mainDomain}" = lib.mkIf config.services.go-autoconfig.enable { enableACME = true; forceSSL = true; locations."/" = { diff --git a/modules/system/services/server/mailserver/radicale/default.nix b/modules/system/services/server/mailserver/radicale/default.nix index 148d064f..6321c3d1 100644 --- a/modules/system/services/server/mailserver/radicale/default.nix +++ b/modules/system/services/server/mailserver/radicale/default.nix @@ -2,7 +2,7 @@ { imports = [ ./nginx ]; - config = lib.mkIf config.services.mailserver.enable { + config = lib.mkIf config.mailserver.enable { services = { radicale = { enable = true; diff --git a/modules/system/services/server/mailserver/radicale/nginx/default.nix b/modules/system/services/server/mailserver/radicale/nginx/default.nix index d6e1a5be..71b9481b 100644 --- a/modules/system/services/server/mailserver/radicale/nginx/default.nix +++ b/modules/system/services/server/mailserver/radicale/nginx/default.nix @@ -1,6 +1,6 @@ { config, lib, ... }: { - services.nginx.virtualHosts."cal.nixfox.ca" = lib.mkIf config.services.go-autoconfig.enable { + services.nginx.virtualHosts."cal.${config.vars.mainDomain}" = lib.mkIf config.services.radicale.enable { enableACME = true; forceSSL = true; locations."/" = { diff --git a/modules/system/services/server/mailserver/roundcube/default.nix b/modules/system/services/server/mailserver/roundcube/default.nix index f1d8d44c..ac7ad946 100644 --- a/modules/system/services/server/mailserver/roundcube/default.nix +++ b/modules/system/services/server/mailserver/roundcube/default.nix @@ -1,11 +1,11 @@ { config, lib, ... }: { - config = lib.mkIf config.services.mailserver.enable { + config = lib.mkIf config.mailserver.enable { services.roundcube = { enable = true; - hostName = "mail.nixfox.ca"; + hostName = "mail.${config.vars.mainDomain}"; extraConfig = '' - $config['smtp_server'] = "tls://mx.nixfox.ca"; + $config['smtp_server'] = "tls://mx.${config.vars.mainDomain}"; $config['smtp_user'] = "%u"; $config['smtp_pass'] = "%p"; ''; diff --git a/modules/system/services/server/mailserver/simplenix/default.nix b/modules/system/services/server/mailserver/simplenix/default.nix deleted file mode 100644 index 2e022966..00000000 --- a/modules/system/services/server/mailserver/simplenix/default.nix +++ /dev/null @@ -1,72 +0,0 @@ -{ config, lib, pkgs, mailserver, ... }: -{ - imports = [ mailserver.nixosModule ]; - - config = lib.mkIf config.services.mailserver.enable { - mailserver = { - enable = true; - fqdn = "mx.nixfox.ca"; - domains = [ - "nixfox.ca" - "bloxelcom.net" - "freecorn1854.win" - "lunamoonlight.xyz" - ]; - certificateScheme = "acme-nginx"; - localDnsResolver = false; - redis.port = 1515; - - # Passwords made with 'mkpasswd -sm bcrypt' - loginAccounts = { - "jimbo@nixfox.ca" = { - hashedPassword = config.secrets.mailHash.bun; - aliases = [ - "james@nixfox.ca" - "jimbo@bloxelcom.net" - - "bun@nixfox.ca" - "bun@bloxelcom.net" - - "contact@nixfox.ca" - ]; - }; - - "luna@lunamoonlight.xyz" = { - hashedPassword = config.secrets.mailHash.luna; - aliases = [ - "luna@bloxelcom.net" - "contact@bloxelcom.net" - "ibu@bloxelcom.net" - ]; - }; - - "contact@freecorn1854.win" = { - hashedPassword = config.secrets.mailHash.corn; - aliases = [ "freecorn@bloxelcom.net" ]; - }; - - # Noreply emails - "noreply@nixfox.ca" = { - hashedPassword = config.secrets.mailHash.nixfoxNoReply; - sendOnly = true; - }; - "noreply@bloxelcom.net" = { - hashedPassword = config.secrets.mailHash.bloxelNoReply; - sendOnly = true; - }; - }; - }; - - services = { - redis.servers.rspamd.port = config.mailserver.redis.port; - cloudflare-dyndns.domains = [ config.mailserver.fqdn ]; - }; - - environment.persistence."/persist".directories = [ - "/var/vmail" - "/var/lib/dovecot" - "/var/lib/postfix" - "/var/lib/redis-rspamd" - ]; - }; -} diff --git a/modules/system/services/server/matrix/coturn/default.nix b/modules/system/services/server/matrix/coturn/default.nix index 6f98c201..bf7c5ec5 100644 --- a/modules/system/services/server/matrix/coturn/default.nix +++ b/modules/system/services/server/matrix/coturn/default.nix @@ -12,7 +12,7 @@ max-port = 50000; use-auth-secret = true; static-auth-secret = config.secrets.coturnSecret; - realm = "turn.nixfox.ca"; + realm = "turn.${config.vars.mainDomain}"; cert = "/var/lib/acme/${config.services.coturn.realm}/fullchain.pem"; pkey = "/var/lib/acme/${config.services.coturn.realm}/key.pem"; }; diff --git a/modules/system/services/server/matrix/coturn/nginx/default.nix b/modules/system/services/server/matrix/coturn/nginx/default.nix index f73bb312..dc53becb 100644 --- a/modules/system/services/server/matrix/coturn/nginx/default.nix +++ b/modules/system/services/server/matrix/coturn/nginx/default.nix @@ -1,7 +1,7 @@ { config, lib, ... }: { config = lib.mkIf config.services.coturn.enable { - services.nginx.virtualHosts."turn.nixfox.ca" = { + services.nginx.virtualHosts."turn.${config.vars.mainDomain}" = { enableACME = true; forceSSL = true; listen = [{ @@ -12,11 +12,9 @@ locations."/".proxyPass = "http://127.0.0.1:1380"; }; - security.acme.certs = { - "turn.nixfox.ca" = { - group = "turnserver"; - postRun = "systemctl restart coturn.service"; - }; + security.acme.certs."turn.${config.vars.mainDomain}" = { + group = "turnserver"; + postRun = "systemctl restart coturn.service"; }; }; } diff --git a/modules/system/services/server/matrix/element/default.nix b/modules/system/services/server/matrix/element/default.nix index 5e8492a4..34326b31 100644 --- a/modules/system/services/server/matrix/element/default.nix +++ b/modules/system/services/server/matrix/element/default.nix @@ -4,14 +4,14 @@ nixpkgs.config.element-web.conf = { default_server_config."m.homeserver" = { - base_url = "https://matrix.nixfox.ca"; - server_name = "matrix.nixfox.ca"; + base_url = "https://matrix.${config.vars.mainDomain}"; + server_name = "matrix.${config.vars.mainDomain}"; }; branding = { - auth_header_logo_url = "https://www.nixfox.ca/images/copyright/profile.png"; - #welcome_background_url = "https://www.nixfox.ca/images/backgrounds/template-background.png"; + auth_header_logo_url = "https://www.${config.vars.mainDomain}/images/copyright/profile.png"; + #welcome_background_url = "https://www.${config.vars.mainDomain}/images/backgrounds/template-background.png"; }; - embedded_pages.home_url = "https://www.nixfox.ca/"; + embedded_pages.home_url = "https://www.${config.vars.mainDomain}/"; disable_custom_urls = true; disable_guests = true; default_theme = "dark"; diff --git a/modules/system/services/server/matrix/element/nginx/default.nix b/modules/system/services/server/matrix/element/nginx/default.nix index 1c085eb3..960f3598 100644 --- a/modules/system/services/server/matrix/element/nginx/default.nix +++ b/modules/system/services/server/matrix/element/nginx/default.nix @@ -1,6 +1,6 @@ { config, lib, pkgs, ... }: { - services.nginx.virtualHosts."chat.nixfox.ca" = lib.mkIf config.services.matrix-synapse.enable { + services.nginx.virtualHosts."chat.${config.vars.mainDomain}" = lib.mkIf config.services.matrix-synapse.enable { enableACME = true; addSSL = true; root = "${pkgs.element-web}"; diff --git a/modules/system/services/server/matrix/synapse/default.nix b/modules/system/services/server/matrix/synapse/default.nix index 342fff38..fb557659 100644 --- a/modules/system/services/server/matrix/synapse/default.nix +++ b/modules/system/services/server/matrix/synapse/default.nix @@ -5,15 +5,15 @@ config = lib.mkIf config.services.matrix-synapse.enable { services.matrix-synapse = { settings = { - server_name = "nixfox.ca"; - public_baseurl = "https://matrix.nixfox.ca"; + server_name = "${config.vars.mainDomain}"; + public_baseurl = "https://matrix.${config.vars.mainDomain}"; suppress_key_server_warning = true; # Email notifications about account status email = { - notif_from = "NixFox Matrix "; - smtp_host = "mx.nixfox.ca"; - smtp_user = "noreply@nixfox.ca"; + notif_from = "NixFox Matrix "; + smtp_host = "mx.${config.vars.mainDomain}"; + smtp_user = "noreply@${config.vars.mainDomain}"; smtp_pass = config.secrets.mailPass.nixfoxNoReply; enable_tls = true; smtp_port = 587; diff --git a/modules/system/services/server/matrix/synapse/nginx/default.nix b/modules/system/services/server/matrix/synapse/nginx/default.nix index c5d9d5fe..f50834ad 100644 --- a/modules/system/services/server/matrix/synapse/nginx/default.nix +++ b/modules/system/services/server/matrix/synapse/nginx/default.nix @@ -1,6 +1,6 @@ { config, lib, ... }: { - services.nginx.virtualHosts."matrix.nixfox.ca" = lib.mkIf config.services.matrix-synapse.enable { + services.nginx.virtualHosts."matrix.${config.vars.mainDomain}" = lib.mkIf config.services.matrix-synapse.enable { enableACME = true; forceSSL = true; locations = { diff --git a/modules/system/services/server/minecraft/servers/blockworld/default.nix b/modules/system/services/server/minecraft/servers/blockworld/default.nix index d6525204..0f5b1363 100644 --- a/modules/system/services/server/minecraft/servers/blockworld/default.nix +++ b/modules/system/services/server/minecraft/servers/blockworld/default.nix @@ -14,6 +14,6 @@ symlinks = config.services.minecraft-servers.common.paperSymlinks; files = config.services.minecraft-servers.common.configFiles; }; - cloudflare-dyndns.domains = lib.mkIf config.services.minecraft-servers.servers.blockworld.enable [ "bloxel.nixfox.ca" ]; + cloudflare-dyndns.domains = lib.mkIf config.services.minecraft-servers.servers.blockworld.enable [ "bloxel.${config.vars.mainDomain}" ]; }; } diff --git a/modules/system/services/server/minecraft/servers/cornworld/default.nix b/modules/system/services/server/minecraft/servers/cornworld/default.nix index fafef772..33fcaec7 100644 --- a/modules/system/services/server/minecraft/servers/cornworld/default.nix +++ b/modules/system/services/server/minecraft/servers/cornworld/default.nix @@ -13,6 +13,6 @@ symlinks = config.services.minecraft-servers.common.paperSymlinks; files = config.services.minecraft-servers.common.configFiles; }; - cloudflare-dyndns.domains = lib.mkIf config.services.minecraft-servers.servers.cornworld.enable [ "corn.nixfox.ca" ]; + cloudflare-dyndns.domains = lib.mkIf config.services.minecraft-servers.servers.cornworld.enable [ "corn.${config.vars.mainDomain}" ]; }; } diff --git a/modules/system/services/server/minecraft/servers/default.nix b/modules/system/services/server/minecraft/servers/default.nix index b7088614..5eab36e7 100644 --- a/modules/system/services/server/minecraft/servers/default.nix +++ b/modules/system/services/server/minecraft/servers/default.nix @@ -6,7 +6,6 @@ ./dewdemolisher ./johnside ./marsh - ./roguecraft ./skyblock ./uberbeta ./velocity diff --git a/modules/system/services/server/minecraft/servers/dewdemolisher/default.nix b/modules/system/services/server/minecraft/servers/dewdemolisher/default.nix index f3d13191..11d2eecd 100644 --- a/modules/system/services/server/minecraft/servers/dewdemolisher/default.nix +++ b/modules/system/services/server/minecraft/servers/dewdemolisher/default.nix @@ -13,6 +13,6 @@ symlinks = config.services.minecraft-servers.common.paperSymlinks; files = config.services.minecraft-servers.common.configFiles; }; - cloudflare-dyndns.domains = lib.mkIf config.services.minecraft-servers.servers.dewdemolisher.enable [ "dew.nixfox.ca" ]; + cloudflare-dyndns.domains = lib.mkIf config.services.minecraft-servers.servers.dewdemolisher.enable [ "dew.${config.vars.mainDomain}" ]; }; } diff --git a/modules/system/services/server/minecraft/servers/johnside/default.nix b/modules/system/services/server/minecraft/servers/johnside/default.nix index c65ff0ce..9af650a4 100644 --- a/modules/system/services/server/minecraft/servers/johnside/default.nix +++ b/modules/system/services/server/minecraft/servers/johnside/default.nix @@ -26,6 +26,6 @@ }; files = config.services.minecraft-servers.common.configFiles; }; - cloudflare-dyndns.domains = lib.mkIf config.services.minecraft-servers.servers.johnside.enable [ "john.nixfox.ca" ]; + cloudflare-dyndns.domains = lib.mkIf config.services.minecraft-servers.servers.johnside.enable [ "john.${config.vars.mainDomain}" ]; }; } diff --git a/modules/system/services/server/minecraft/servers/marsh/default.nix b/modules/system/services/server/minecraft/servers/marsh/default.nix index 4bdbbd2e..3eb18bfd 100644 --- a/modules/system/services/server/minecraft/servers/marsh/default.nix +++ b/modules/system/services/server/minecraft/servers/marsh/default.nix @@ -13,6 +13,6 @@ symlinks = config.services.minecraft-servers.common.paperSymlinks; files = config.services.minecraft-servers.common.configFiles; }; - cloudflare-dyndns.domains = lib.mkIf config.services.minecraft-servers.servers.marsh.enable [ "marsh.nixfox.ca" ]; + cloudflare-dyndns.domains = lib.mkIf config.services.minecraft-servers.servers.marsh.enable [ "marsh.${config.vars.mainDomain}" ]; }; } diff --git a/modules/system/services/server/minecraft/servers/roguecraft/default.nix b/modules/system/services/server/minecraft/servers/roguecraft/default.nix deleted file mode 100644 index b7a15a0e..00000000 --- a/modules/system/services/server/minecraft/servers/roguecraft/default.nix +++ /dev/null @@ -1,36 +0,0 @@ -{ config, lib, pkgs, ... }: -{ - services = { - minecraft-servers.servers.roguecraft = { - package = pkgs.paperServers.paper-1_21_1; - jvmOpts = "-Xmx3000M"; - serverProperties = config.services.minecraft-servers.common.serverProperties // { - difficulty = 3; - server-port = 30014; - motd = "\\u00A7l\\u00A7bNixFox \\u00A7cRoguecraft \\u00A7bserver."; - require-resource-pack = true; - resource-pack = "https://nixfox.ca/roguecraftresourcepackredir"; - resource-pack-sha1 = "b540c0562aba90c3ead2356bb9cb74fcf0db36b3"; - }; - whitelist = config.services.minecraft-servers.common.whitelist; - symlinks = config.services.minecraft-servers.common.paperSymlinks; - files = config.services.minecraft-servers.common.configFiles // { - "world/datapacks/roguecraft.zip" = builtins.fetchurl { - url = "https://nixfox.ca/roguecraftdatapackredir"; - sha256 = "04zrkvzvi1i898al45fh9j3k635sf9qhwca7phbv4ynkfl8bz3q3"; - }; - }; - }; - - cloudflare-dyndns.domains = lib.mkIf config.services.minecraft-servers.servers.roguecraft.enable [ "rogue.nixfox.ca" ]; - - nginx.virtualHosts."nixfox.ca".locations = lib.mkIf config.services.minecraft-servers.servers.roguecraft.enable { - "/roguecraftdatapackredir" = { - return = "301 https://cdn.modrinth.com/data/HtKjVijx/versions/Rme4c23R/Roguecraft%201.2.6%20-%20Data%20Pack.zip"; - }; - "/roguecraftresourcepackredir" = { - return = "301 https://cdn.modrinth.com/data/HtKjVijx/versions/C6bITJnq/Roguecraft%201.2.5.4%20-%20Resource%20Pack.zip"; - }; - }; - }; -} diff --git a/modules/system/services/server/minecraft/servers/skyblock/default.nix b/modules/system/services/server/minecraft/servers/skyblock/default.nix index 956f84ec..2a538120 100644 --- a/modules/system/services/server/minecraft/servers/skyblock/default.nix +++ b/modules/system/services/server/minecraft/servers/skyblock/default.nix @@ -13,6 +13,6 @@ symlinks = config.services.minecraft-servers.common.paperSymlinks; files = config.services.minecraft-servers.common.configFiles; }; - cloudflare-dyndns.domains = lib.mkIf config.services.minecraft-servers.servers.skyblock.enable [ "skyblock.nixfox.ca" ]; + cloudflare-dyndns.domains = lib.mkIf config.services.minecraft-servers.servers.skyblock.enable [ "skyblock.${config.vars.mainDomain}" ]; }; } diff --git a/modules/system/services/server/minecraft/servers/uberbeta/default.nix b/modules/system/services/server/minecraft/servers/uberbeta/default.nix index 6f3b3dc5..1e1c35ff 100644 --- a/modules/system/services/server/minecraft/servers/uberbeta/default.nix +++ b/modules/system/services/server/minecraft/servers/uberbeta/default.nix @@ -18,6 +18,6 @@ in { server-port = 30005; }; }; - cloudflare-dyndns.domains = lib.mkIf config.services.minecraft-servers.servers.uberbeta.enable [ "beta.nixfox.ca" ]; + cloudflare-dyndns.domains = lib.mkIf config.services.minecraft-servers.servers.uberbeta.enable [ "beta.${config.vars.mainDomain}" ]; }; } diff --git a/modules/system/services/server/nextcloud/default.nix b/modules/system/services/server/nextcloud/default.nix index 69f857e2..4425c795 100644 --- a/modules/system/services/server/nextcloud/default.nix +++ b/modules/system/services/server/nextcloud/default.nix @@ -8,10 +8,10 @@ config = lib.mkIf config.services.nextcloud.enable { services.nextcloud = { package = pkgs.nextcloud31; - hostName = "files.nixfox.ca"; + hostName = "files.${config.vars.mainDomain}"; https = true; config = { - adminuser = config.sysusers.main; + adminuser = "admin"; adminpassFile = "${pkgs.writeText "initial" config.secrets.initialPass}"; dbtype = "sqlite"; }; @@ -19,11 +19,11 @@ trusted_proxies = [ "127.0.0.1" ]; trusted_domains = [ config.services.nextcloud.hostName ]; overwriteprotocol = "https"; - mail_smtphost = "mx.nixfox.ca"; - mail_domain = "nixfox.ca"; + mail_smtphost = "mx.${config.vars.mainDomain}"; + mail_domain = "${config.vars.mainDomain}"; mail_from_address = "noreply"; mail_smtpauth = "true"; - mail_smtpname = "noreply@nixfox.ca"; + mail_smtpname = "noreply@${config.vars.mainDomain}"; mail_smtppassword = config.secrets.mailPass.nixfoxNoReply; mail_smtpmode = "smtp"; mail_smtpport = 587; diff --git a/modules/system/services/server/nextcloud/nginx/default.nix b/modules/system/services/server/nextcloud/nginx/default.nix index 5212d535..2ae51b50 100644 --- a/modules/system/services/server/nextcloud/nginx/default.nix +++ b/modules/system/services/server/nextcloud/nginx/default.nix @@ -1,6 +1,6 @@ { config, lib, ... }: { - services.nginx.virtualHosts."files.nixfox.ca" = lib.mkIf config.services.nextcloud.enable { + services.nginx.virtualHosts."files.${config.vars.mainDomain}" = lib.mkIf config.services.nextcloud.enable { enableACME = true; addSSL = true; locations."/" = { diff --git a/modules/system/services/server/nginx/acme/default.nix b/modules/system/services/server/nginx/acme/default.nix index a88a2b7b..234eae09 100644 --- a/modules/system/services/server/nginx/acme/default.nix +++ b/modules/system/services/server/nginx/acme/default.nix @@ -3,7 +3,7 @@ config = lib.mkIf config.services.nginx.enable { security.acme = { acceptTerms = true; - defaults.email = "contact@nixfox.ca"; + defaults.email = "contact@${config.vars.mainDomain}"; }; environment.persistence."/persist".directories = [ "/var/lib/acme" ]; }; diff --git a/modules/system/services/server/nginx/default.nix b/modules/system/services/server/nginx/default.nix index 2325e731..0981fe41 100644 --- a/modules/system/services/server/nginx/default.nix +++ b/modules/system/services/server/nginx/default.nix @@ -2,23 +2,21 @@ { imports = [ ./acme - ./hosts - ./rtmp ./user ]; - options.services.webserver.enable = lib.mkEnableOption "Nginx webpages"; - config = lib.mkIf config.services.nginx.enable { services.nginx = { - recommendedTlsSettings = true; - recommendedOptimisation = true; + recommendedBrotliSettings = true; recommendedGzipSettings = true; + recommendedOptimisation = true; recommendedProxySettings = true; + recommendedTlsSettings = true; }; networking.firewall.allowedTCPPorts = [ - 80 - 443 + config.services.nginx.defaultHTTPListenPort + config.services.nginx.defaultSSLListenPort ]; + environment.persistence."/persist".directories = [ "/var/www" ]; }; } diff --git a/modules/system/services/server/nginx/hosts/default.nix b/modules/system/services/server/nginx/hosts/default.nix deleted file mode 100644 index aef9846f..00000000 --- a/modules/system/services/server/nginx/hosts/default.nix +++ /dev/null @@ -1,9 +0,0 @@ -{ config, lib, ... }: -{ - imports = [ - ./files - ./nixfox - ]; - - environment.persistence."/persist".directories = lib.mkIf config.services.webserver.enable [ "/var/www" ]; -} diff --git a/modules/system/services/server/nginx/hosts/files/default.nix b/modules/system/services/server/nginx/hosts/files/default.nix deleted file mode 100644 index 882ffebe..00000000 --- a/modules/system/services/server/nginx/hosts/files/default.nix +++ /dev/null @@ -1,8 +0,0 @@ -{ config, lib, ... }: -{ - services.nginx.virtualHosts."jimbosfiles.com" = lib.mkIf config.services.webserver.enable { - enableACME = true; - addSSL = true; - globalRedirect = "www.nixfox.ca"; - }; -} diff --git a/modules/system/services/server/nginx/rtmp/default.nix b/modules/system/services/server/nginx/rtmp/default.nix deleted file mode 100644 index a8bdca83..00000000 --- a/modules/system/services/server/nginx/rtmp/default.nix +++ /dev/null @@ -1,34 +0,0 @@ -{ config, lib, pkgs, nodes, ... }: -{ - config = lib.mkIf config.services.webserver.enable { - services.nginx = { - additionalModules = with pkgs.nginxModules; [ rtmp ]; - appendConfig = '' - rtmp { - server { - listen 1935; - chunk_size 4096; - allow publish all; - application stream { - record off; - live on; - allow play all; - hls on; - hls_path /var/www/landing-page/streams/hls/; - hls_fragment_naming system; - hls_fragment 3; - hls_playlist_length 40; - } - } - } - ''; - }; - networking.firewall.extraInputRules = let - targetHosts = lib.attrValues (lib.mapAttrs (_: node: node.config.deployment.targetHost) nodes); - in '' - ip6 saddr { ${lib.concatStringsSep ", " targetHosts} } tcp dport 1935 accept - ip saddr { ${config.secrets.ips.luna}, ${config.secrets.ips.corn} } tcp dport 1935 accept - ''; - systemd.services.nginx.serviceConfig.ReadWritePaths = [ "/var/www/landing-page/streams/hls/" ]; - }; -} diff --git a/modules/system/services/server/owncast/nginx/default.nix b/modules/system/services/server/owncast/nginx/default.nix index abc052ff..87fbf579 100644 --- a/modules/system/services/server/owncast/nginx/default.nix +++ b/modules/system/services/server/owncast/nginx/default.nix @@ -1,6 +1,6 @@ { config, lib, ... }: { - services.nginx.virtualHosts."live.nixfox.ca" = lib.mkIf config.services.owncast.enable { + services.nginx.virtualHosts."live.${config.vars.mainDomain}" = lib.mkIf config.services.owncast.enable { enableACME = true; forceSSL = true; locations."/" = { diff --git a/modules/system/services/server/transmission/default.nix b/modules/system/services/server/transmission/default.nix index 50d2abb2..78f2411b 100644 --- a/modules/system/services/server/transmission/default.nix +++ b/modules/system/services/server/transmission/default.nix @@ -4,6 +4,7 @@ config = lib.mkIf config.services.transmission.enable { services.transmission = { + package = pkgs.transmission_4; credentialsFile = pkgs.writeText "credentials" config.secrets.transmissionCredFile; openPeerPorts = true; settings = { diff --git a/modules/system/services/server/transmission/nginx/default.nix b/modules/system/services/server/transmission/nginx/default.nix index c4c737ab..e7db20d5 100644 --- a/modules/system/services/server/transmission/nginx/default.nix +++ b/modules/system/services/server/transmission/nginx/default.nix @@ -1,6 +1,6 @@ { config, lib, ... }: { - services.nginx.virtualHosts."tor.nixfox.ca" = lib.mkIf config.services.transmission.enable { + services.nginx.virtualHosts."tor.${config.vars.mainDomain}" = lib.mkIf config.services.transmission.enable { enableACME = true; forceSSL = true; locations."/" = { diff --git a/modules/system/services/server/vaultwarden/default.nix b/modules/system/services/server/vaultwarden/default.nix index 928b3458..3ab93f9c 100644 --- a/modules/system/services/server/vaultwarden/default.nix +++ b/modules/system/services/server/vaultwarden/default.nix @@ -4,16 +4,16 @@ config = lib.mkIf config.services.vaultwarden.enable { services.vaultwarden.config = { - domain = "https://pass.nixfox.ca"; + domain = "https://pass.${config.vars.mainDomain}"; signupsAllowed = false; rocketAddress = "127.0.0.1"; rocketPort = 8222; # Smtp email - smtpHost = "mx.nixfox.ca"; - smtpFrom = "noreply@nixfox.ca"; + smtpHost = "mx.${config.vars.mainDomain}"; + smtpFrom = "noreply@${config.vars.mainDomain}"; smtpFromName = "Vaultwarden"; - smtpUsername = "noreply@nixfox.ca"; + smtpUsername = "noreply@${config.vars.mainDomain}"; smtpPassword = config.secrets.mailPass.nixfoxNoReply; smtpSecurity = "starttls"; smtpPort = 587; diff --git a/modules/system/services/server/vaultwarden/nginx/default.nix b/modules/system/services/server/vaultwarden/nginx/default.nix index 0877413e..cc85f420 100644 --- a/modules/system/services/server/vaultwarden/nginx/default.nix +++ b/modules/system/services/server/vaultwarden/nginx/default.nix @@ -1,6 +1,6 @@ { config, lib, ... }: { - services.nginx.virtualHosts."pass.nixfox.ca" = lib.mkIf config.services.vaultwarden.enable { + services.nginx.virtualHosts."pass.${config.vars.mainDomain}" = lib.mkIf config.services.vaultwarden.enable { enableACME = true; forceSSL = true; locations."/" = { diff --git a/modules/system/settings/logind/default.nix b/modules/system/settings/logind/default.nix index 4df55cd5..78b2fd1e 100644 --- a/modules/system/settings/logind/default.nix +++ b/modules/system/settings/logind/default.nix @@ -1,7 +1,7 @@ { config, lib, ... }: { services.logind = { - powerKey = lib.mkIf config.system.desktop.enable "suspend"; + powerKey = lib.mkIf (builtins.elem "pc" config.system.nixos.tags) "suspend"; powerKeyLongPress = "reboot"; }; } diff --git a/modules/system/settings/security/rtkit/default.nix b/modules/system/settings/security/rtkit/default.nix index 31a54f74..eea12fa0 100644 --- a/modules/system/settings/security/rtkit/default.nix +++ b/modules/system/settings/security/rtkit/default.nix @@ -1,4 +1,4 @@ { config, ... }: { - security.rtkit.enable = config.system.desktop.enable; + security.rtkit.enable = builtins.elem "pc" config.system.nixos.tags; } diff --git a/modules/system/users/corn/default.nix b/modules/system/users/corn/default.nix deleted file mode 100644 index 82483f41..00000000 --- a/modules/system/users/corn/default.nix +++ /dev/null @@ -1,19 +0,0 @@ -{ config, lib, pkgs, ... }: -{ - users.users."freecorn" = lib.mkIf config.system.extraUsers.enable { - isNormalUser = true; - createHome = true; - openssh.authorizedKeys.keys = [ - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBCADciME1/rtWOlR2BxaAkRSgIZt61SYOgjTi6hw+yS Chinook" - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICtoHVAmq8Ps7EguBsV3VY4snagzkhH6aXqwbKzuGs2H Radiant" - ]; - extraGroups = [ - "audio" - "video" - ]; - uid = 1001; - shell = pkgs.zsh; - }; - - environment.persistence."/persist".directories = [ "/home/freecorn" ]; -} diff --git a/modules/system/users/default.nix b/modules/system/users/default.nix index 138e7f2e..f882f271 100644 --- a/modules/system/users/default.nix +++ b/modules/system/users/default.nix @@ -1,6 +1,8 @@ -{ lib, ... }: +{ ... }: { - imports = [ ./main ]; - - options.system.extraUsers.enable = lib.mkEnableOption "Enable a shared system"; + imports = [ + ./freecorn + ./luna + ./main + ]; } diff --git a/modules/system/users/freecorn/default.nix b/modules/system/users/freecorn/default.nix new file mode 100644 index 00000000..16e7253a --- /dev/null +++ b/modules/system/users/freecorn/default.nix @@ -0,0 +1,19 @@ +{ config, lib, pkgs, ... }: +let + user = "freecorn"; +in { + config = lib.mkIf (builtins.elem "extra-users" config.system.nixos.tags) { + users.users.${user} = { + isNormalUser = true; + createHome = true; + openssh.authorizedKeys.keys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBCADciME1/rtWOlR2BxaAkRSgIZt61SYOgjTi6hw+yS Chinook" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICtoHVAmq8Ps7EguBsV3VY4snagzkhH6aXqwbKzuGs2H Radiant" + ]; + shell = pkgs.zsh; + uid = 1001; + }; + + environment.persistence."/persist".directories = [ "/home/${user}" ]; + }; +} diff --git a/modules/system/users/luna/default.nix b/modules/system/users/luna/default.nix index 683b8015..234d98a6 100644 --- a/modules/system/users/luna/default.nix +++ b/modules/system/users/luna/default.nix @@ -1,17 +1,17 @@ { config, lib, ... }: -{ - users.users."luna" = lib.mkIf config.system.extraUsers.enable { - isNormalUser = true; - createHome = true; - openssh.authorizedKeys.keys = [ - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDJ3hzXkv5MVuGZy4HqfEZD0Ck7ZKiLeVmUTFzGSwZkumCpwX/zirD/tY4SNutPczhhYNn1jwkwnnyCwgkaQ7QWBs72G0opmjXDcSqxXJskSKYgjnUHoPV8uAcMwp5C5GNlwo3DFKXc1c7Sipy1s6y9ZnoKfVmjsr0AhamnC/bHEWg8vx0zuamCzvQ5vLWfpULRKwj286f0s2xaAvYaAJwGD0QMHC0ylFYZuq7Og4HVdlnUt+40BxCi+GAQqsFd4vM+RFjZKKD7ioP5DcIDfvfvxX4UpdKtCxVjeyyF+UJpFnQKytO9HvH4H+CRSAuJ+Vguiq/F3lGhvF0yIQ9M2MD3+tl3RZAj4D6n2ew30mn+QGh2fZgC7Utuzo02pMVUzkpm+mM4x8VyESpC1AuBdh0TAKBwS3ubMpegiCWCfIbNC0CQ/zgIq/5xwhXL8zhmfQrIiULBCd1xqThye0tt7knoPZlVCzOuVYoqxYnwYYGcXhzlArrmgRquyMYHdpFd+DTzJfcQIGdT4a+s0Mc2jRa0KT3A4ZrjziP0OPMQ+cpTd1tmQdEKXN6YhB87Hp9meCefFdzGvVembose82d3BOl45+rWM2ZcH93fNguWwYX0ez8+GiGW4P+gDQcfWfQCNa1daDjgoBwjmbG5rYoS6tfLxSSvYB1YOOK9U3AlPxEuTw== luna@ThinkPad-T480-Arch" - ]; - extraGroups = [ - "audio" - "video" - ]; - uid = 1002; - }; +let + user = "luna"; +in { + config = lib.mkIf (builtins.elem "extra-users" config.system.nixos.tags) { + users.users.${user} = { + isNormalUser = true; + createHome = true; + openssh.authorizedKeys.keys = [ + "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDJ3hzXkv5MVuGZy4HqfEZD0Ck7ZKiLeVmUTFzGSwZkumCpwX/zirD/tY4SNutPczhhYNn1jwkwnnyCwgkaQ7QWBs72G0opmjXDcSqxXJskSKYgjnUHoPV8uAcMwp5C5GNlwo3DFKXc1c7Sipy1s6y9ZnoKfVmjsr0AhamnC/bHEWg8vx0zuamCzvQ5vLWfpULRKwj286f0s2xaAvYaAJwGD0QMHC0ylFYZuq7Og4HVdlnUt+40BxCi+GAQqsFd4vM+RFjZKKD7ioP5DcIDfvfvxX4UpdKtCxVjeyyF+UJpFnQKytO9HvH4H+CRSAuJ+Vguiq/F3lGhvF0yIQ9M2MD3+tl3RZAj4D6n2ew30mn+QGh2fZgC7Utuzo02pMVUzkpm+mM4x8VyESpC1AuBdh0TAKBwS3ubMpegiCWCfIbNC0CQ/zgIq/5xwhXL8zhmfQrIiULBCd1xqThye0tt7knoPZlVCzOuVYoqxYnwYYGcXhzlArrmgRquyMYHdpFd+DTzJfcQIGdT4a+s0Mc2jRa0KT3A4ZrjziP0OPMQ+cpTd1tmQdEKXN6YhB87Hp9meCefFdzGvVembose82d3BOl45+rWM2ZcH93fNguWwYX0ez8+GiGW4P+gDQcfWfQCNa1daDjgoBwjmbG5rYoS6tfLxSSvYB1YOOK9U3AlPxEuTw== ${user}@ThinkPad-T480-Arch" + ]; + uid = 1002; + }; - environment.persistence."/persist".directories = [ "/home/luna" ]; + environment.persistence."/persist".directories = [ "/home/${user}" ]; + }; } diff --git a/modules/system/users/main/default.nix b/modules/system/users/main/default.nix index 7c65165f..dcc831c6 100644 --- a/modules/system/users/main/default.nix +++ b/modules/system/users/main/default.nix @@ -1,56 +1,48 @@ { config, lib, pkgs, ... }: { - options.sysusers = lib.mkOption { - type = lib.types.attrs; + users.users."${config.vars.mainUser}" = { + isNormalUser = true; + createHome = true; + linger = true; + hashedPassword = config.secrets.accPass.main; + openssh.authorizedKeys.keyFiles = [ + ../../../../hosts/tower/id_ed25519.pub + ../../../../hosts/detritus/id_ed25519.pub + + ../../../../hosts/intuos/id_ed25519.pub + ../../../../hosts/jupiter/id_ed25519.pub + + ../../../../hosts/midas/id_ed25519.pub + ../../../../hosts/kitty/id_ed25519.pub + ../../../../hosts/prophet/id_ed25519.pub + ]; + openssh.authorizedKeys.keys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIN3B9Uf3h5JiD2HjF/vQ5Zx9pibMgRrlf7ZoBktev9eB Warden" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJahAoF74BY6GCTsFkt1ADKaraFgJJozW1Y1aBTLK0j9 Pixel9" + ]; + extraGroups = [ + "wheel" + + "audio" + "input" + "render" + "video" + + "dialout" + "disk" + "rtkit" + + "kvm" + "libvirtd" + "qemu-libvirtd" + + "minecraft" + "nfsShare" + "nginx" + ]; + shell = pkgs.zsh; + uid = 1000; }; - config = { - sysusers.main = "bun"; - - users.users."${config.sysusers.main}" = { - isNormalUser = true; - createHome = true; - linger = true; - hashedPassword = config.secrets.accPass.main; - openssh.authorizedKeys.keyFiles = [ - ../../../../hosts/tower/id_ed25519.pub - ../../../../hosts/detritus/id_ed25519.pub - - ../../../../hosts/intuos/id_ed25519.pub - ../../../../hosts/jupiter/id_ed25519.pub - - ../../../../hosts/midas/id_ed25519.pub - ../../../../hosts/kitty/id_ed25519.pub - ../../../../hosts/prophet/id_ed25519.pub - ]; - openssh.authorizedKeys.keys = [ - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIN3B9Uf3h5JiD2HjF/vQ5Zx9pibMgRrlf7ZoBktev9eB Warden" - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJahAoF74BY6GCTsFkt1ADKaraFgJJozW1Y1aBTLK0j9 Pixel9" - ]; - extraGroups = [ - "wheel" - - "audio" - "input" - "render" - "video" - - "dialout" - "disk" - "rtkit" - - "kvm" - "libvirtd" - "qemu-libvirtd" - - "minecraft" - "nfsShare" - "nginx" - ]; - uid = 1000; - shell = pkgs.zsh; - }; - - home-manager.users."${config.sysusers.main}" = import ../../../home; - }; + home-manager.users."${config.vars.mainUser}" = import ../../../home; } diff --git a/modules/system/variables/default.nix b/modules/system/variables/default.nix new file mode 100644 index 00000000..cc613993 --- /dev/null +++ b/modules/system/variables/default.nix @@ -0,0 +1,11 @@ +{ lib, ... }: +{ + options.vars = lib.mkOption { + type = lib.types.attrs; + }; + + config.vars = { + mainUser = "bun"; + mainDomain = "nixfox.ca"; + }; +}