Add back everything I lost oops

PC/configuration.nix

@@ -0,0 +1,411 @@
+{ config, pkgs, options, lib, ... }: 
+let
+  # Import home manager, set common boot paramaters
+  homeManager = fetchTarball 
+    "https://github.com/nix-community/home-manager/archive/release-24.05.tar.gz";
+  commonKernelParams = [
+    # Nvidia GSP firmware
+    "nouveau.config=NvGspRm=1"
+
+    # VM/GPU passthrough
+    "amd_iommu=on"
+    "iommu=pt"
+    "nested=1"
+
+    # Virtualization nonsense
+    "transparent_hugepage=never"
+
+    # Isolate devices into IOMMU groups
+    "pcie_acs_override=downstream,multifunction"
+    "pci=routeirq"
+  ];
+in
+
+{
+  # Import other nix files and firmware
+  imports = [
+    ./hardware-configuration.nix
+    ./jimbo.nix
+    "${homeManager}/nixos"
+  ];
+
+  # Allow unfree packages and accept packages from the Nix User Repos
+  nixpkgs = {
+    config = {
+      allowUnfree = true;
+      packageOverrides = pkgs: {
+        unstable = import (builtins.fetchTarball 
+          "https://github.com/NixOS/nixpkgs/archive/nixos-unstable.tar.gz") {
+          inherit pkgs;
+          config.allowUnfree = true;
+        };
+      };
+    };
+
+    # Package overlays/patches
+    overlays = [
+      # MPV scripts
+      (self: super: {
+        mpv = super.mpv.override {
+          scripts = with self.mpvScripts; 
+            [ mpris sponsorblock thumbnail ];
+        };
+      })
+    ];
+  };
+
+  # Allow flakes and enable garbage collection
+  nix = {
+    settings.experimental-features = [ "nix-command" "flakes" ];
+    gc = {
+      automatic = true;
+      dates = "weekly";
+      options = "--delete-older-than 14d";
+    };
+  };
+
+  # Set all boot options
+  boot = {
+    # Set a kernel version and load/blacklist drivers
+    kernelPackages = pkgs.linuxPackages_xanmod_latest;
+    blacklistedKernelModules = [ "pcspkr" ];
+    kernelParams = commonKernelParams ++ [ "vfio-pci.ids=10de:13c2,10de:0fbb" ];
+    initrd.kernelModules = [ "vfio" "vfio_pci" "vfio_iommu_type1" ];
+
+    # Manage supported filesystems
+    supportedFilesystems = {
+      ntfs = true;
+      zfs = lib.mkForce false;
+    };
+
+    # Modprobe settings
+    extraModprobeConfig = ''
+      options hid_apple fnmode=2
+    '';
+
+    # Use the Systemd-Boot bootloader
+    loader.systemd-boot = {
+      enable = true;
+      netbootxyz.enable = true;
+    };
+  };
+
+  # Add a kernel entry to boot from the secondary GPU
+  specialisation = {
+    gputwo.configuration = {
+      boot.kernelParams = commonKernelParams ++ [ "vfio-pci.ids=10de:2504,10de:228e" ];
+    };
+  };
+
+  # Allow binary firmware
+  hardware.enableRedistributableFirmware = true;
+
+  # Enable the Nouveau drivers
+  services.xserver.videoDrivers = [ "nouveau" ];
+
+  # Enable a permissioning system
+  security = {
+    sudo.enable = false;
+    doas = {
+      enable = true;
+      extraRules = [
+        # Give wheel root access, allow persistant session
+        { groups = [ "wheel" ]; keepEnv = true; persist = true; }
+      ];
+    };
+  };
+
+  # Enable the ZSH shell
+  programs.zsh.enable = true;
+
+  # Disable Nano
+  programs.nano.enable = false;
+
+  # Timezone
+  time.timeZone = "America/New_York";
+
+  # Define a user account
+  users.users.jimbo = {
+    description = "Jimbo Awesome";
+    isNormalUser = true;
+    hashedPassword = 
+      "$6$gYpE.pG/zPXgin06$2kydjDfd0K62Dhf9P0PFvJhRNz6xIC/bHYaf/XYqyKcLyZNzPQpy8uy9tCRcSYlj1wwBhzVtTRyItwajOHCEj0";
+    openssh.authorizedKeys.keys = [
+      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDLe/HioxCOkszFQdm1vb3ZwuzLzsOThqHNvEI4IXeXZ JimPhone"
+    ];
+    extraGroups = [ 
+      "wheel" "audio" "video" "input" "disk" "dialout"
+      "networkmanager" "kvm" "libvirtd" "qemu-libvirtd"
+    ];
+    uid = 1000;
+    shell = pkgs.zsh;
+  };
+
+  # Installed programs to the system profile.
+  environment.systemPackages = with pkgs; [
+    # Essential system tools
+    cifs-utils parted git
+
+    # Printer control
+    system-config-printer
+
+    # Virtual machines
+    virt-manager virtiofsd dnsmasq
+    spice-vdagent looking-glass-client
+  ];
+
+  # Disable the HTML documentation link
+  documentation = {
+    nixos.enable = false;
+    info.enable = false;
+  };
+
+  # Enable OpenGL
+  hardware.opengl = {
+    enable = true;
+    package = pkgs.unstable.mesa.drivers;
+    package32 = pkgs.unstable.pkgsi686Linux.mesa.drivers;
+    driSupport = true;
+    driSupport32Bit = true;
+    extraPackages = with pkgs; [
+      vulkan-loader
+      vulkan-validation-layers
+      vulkan-extension-layer
+    ];
+  };
+
+  # Enable Steam hardware and gamemode
+  hardware.steam-hardware.enable = true;
+  programs.gamemode.enable = true;
+
+  # Networking settings
+  networking = {
+    # Set hostname
+    hostName = "JimNixPC";
+
+    # Choose networking method
+    dhcpcd.enable = true;
+    wireless.enable = false;
+    #networkmanager.enable = true;
+    #enableB43Firmware = true;
+
+    # Enable firewall passthrough
+    firewall = {
+      allowedTCPPorts = [ 
+	# Sunshine TCP
+	47984 47989 48010
+      ];
+      allowedUDPPorts = [
+        # Sunshine UDP
+	47998 47999 48000
+
+	# Games
+	27005 27015 7777
+      ];
+      allowPing = false;
+    };
+    extraHosts = ''
+      192.168.1.18 pc
+      192.168.1.17 server
+      192.168.2.2 vm
+    '';
+    nameservers = [ 
+      "1.1.1.1"
+      "9.9.9.9" 
+    ];
+  };
+
+  # Enable Bluetooth
+  hardware.bluetooth = {
+    enable = true;
+    settings = {
+      General.Experimental = "true";
+      Policy.AutoEnable = "true";
+    };
+  };
+
+  # Enable lingering for Bluetooth and allow Looking-Glass permissions
+  systemd.tmpfiles.rules = [ 
+    "f /var/lib/systemd/linger/jimbo"
+    "f /dev/shm/looking-glass 0660 jimbo libvirtd -"
+  ];
+
+  # Make udev rules to make PDP controller and Oculus Rift CV1 work
+  services.udev = let
+    oculusRules = pkgs.writeTextFile {
+      name = "10-oculus.rules";
+      text = ''
+        KERNEL=="hidraw*", ATTRS{idVendor}=="0e6f", ATTRS{idProduct}=="0184", MODE="0660", TAG+="uaccess"
+      '';
+      destination = "/etc/udev/rules.d/10-oculus.rules";
+    };
+    pdpRules = pkgs.writeTextFile {
+      name = "10-pdp.rules";
+      text = ''
+        SUBSYSTEM=="usb", ATTR{idVendor}=="2833", MODE="0666", GROUP="plugdev"
+      '';
+      destination = "/etc/udev/rules.d/10-pdp.rules";
+    };
+  in {
+   packages = [ oculusRules pdpRules ];
+  };
+
+  # Enable audio
+  security.rtkit.enable = true;
+  hardware.pulseaudio.enable = false;
+  services.pipewire = {
+    enable = true;
+    alsa.enable = true;
+    alsa.support32Bit = true;
+    pulse.enable = true;
+    #jack.enable = true;
+  };
+
+  # Fonts
+  fonts = {
+    packages = with pkgs; [
+      liberation_ttf twitter-color-emoji ubuntu_font_family noto-fonts sarasa-gothic
+      orbitron (nerdfonts.override { fonts = [ "UbuntuMono" ]; })
+    ];
+    fontconfig.defaultFonts.emoji = [ "Twitter Color Emoji" ];
+  };
+
+  # Enable Dconf and some portals
+  services.dbus.enable = true;
+  programs.dconf.enable = true;
+  programs.light.enable = true;
+  security.pam.services.swaylock = {};
+  xdg.portal = {
+    enable = true;
+    config.common.default = "*";
+    wlr = {
+      enable = true;
+      settings = {
+        screencast = {
+          max_fps = 60;
+          chooser_type = "simple";
+          chooser_cmd = "${pkgs.slurp}/bin/slurp -f %o -or -B 00000066 -b 00000099";
+        };
+      };
+    };
+    extraPortals = [ pkgs.xdg-desktop-portal-gtk ];
+  };
+
+  # Configure greetd for remote login
+  services.greetd = {
+    enable = true;
+    restart = true;
+    settings = {
+      terminal = {
+        vt = 2;
+        switch = true;
+      };
+      default_session = {
+        command = "/home/jimbo/.config/sway/start.sh";
+        user = "jimbo";
+      };
+    };
+  };
+
+  # QT theming
+  qt = {
+    enable = true;
+    style = "gtk2";
+    platformTheme = "gtk2";
+  };
+
+  # Enable printing
+  services = {
+    printing = {
+      enable = true;
+      drivers = with pkgs; [ hplip ];
+      webInterface = false;
+    };
+    avahi = {
+      enable = true;
+      nssmdns4 = true;
+      openFirewall = true;
+    };
+  };
+
+  # Enable virtualization
+  virtualisation = {
+    libvirtd = {
+      enable = true;
+      onBoot = "ignore";
+      onShutdown = "shutdown";
+      qemu = {
+        ovmf = {
+          enable = true;
+          packages = [ pkgs.OVMFFull.fd ];
+        };
+        swtpm.enable = true;
+      };
+    };
+    spiceUSBRedirection.enable = true;
+  };
+
+  # Enable SSH
+  services.openssh = {
+    enable = true;
+    settings = {
+      LogLevel = "VERBOSE";
+      PermitRootLogin = "no";
+      PrintLastLog = "no";
+      PasswordAuthentication = false;
+    };
+    ports = [ 2211 ];
+  };
+
+  # Block SSH connections after numerous attempts
+  services.fail2ban = {
+    enable = true;
+    maxretry = 10;
+  };
+
+  # Enable AppImages
+  programs.appimage = {
+   enable = true;
+   binfmt = true;
+  };
+
+  # Enable MPD
+  services.mpd = {
+    enable = true;
+    user = "jimbo";
+    group = "users";
+    musicDirectory = "/home/jimbo/JimboNFS/Music";
+    playlistDirectory = "/home/jimbo/JimboNFS/Music/Playlists";
+    extraConfig = ''
+      audio_output {
+        type "pipewire"
+        name "Local Pipewire"
+      }
+    '';
+  };
+  systemd.services.mpd.environment = {
+    XDG_RUNTIME_DIR = "/run/user/${toString config.users.users.jimbo.uid}";
+  };
+
+  # Enable AppArmor
+  security.apparmor.enable = true;
+
+  # Enable Polkit for authentication
+  security.polkit.enable = true;
+
+  # Battery saver for laptops
+  services.tlp.enable = true;
+
+  # Enable extra functionality in file managers
+  services.gvfs.enable = true;
+
+  # Attempt to automount USB drives
+  services.udisks2.enable = true;
+
+  # Used for Seneca VPN
+  services.globalprotect.enable = true;
+
+  # Define the initial install version and allow auto-upgrades
+  system.stateVersion = "23.11";
+  system.autoUpgrade.enable = true;
+}

PC/hardware-configuration.nix

@@ -0,0 +1,73 @@
+# This file was generated by 'nixos-generate-config'
+# and may be overwritten by future invocations.
+{ config, lib, pkgs, modulesPath, ... }:
+
+{
+  imports = [
+    (modulesPath + "/installer/scan/not-detected.nix")
+  ];
+
+  # Load kernel modules on boot
+  boot = {
+    initrd = {
+      availableKernelModules = [ "nvme" "xhci_pci" "ahci" "usbhid" "usb_storage" "sd_mod" ];
+      kernelModules = [ ];
+    };
+    kernelModules = [ "kvm-amd" ];
+    extraModulePackages = [ ];
+  };
+
+  # Mount everything as necessary
+  fileSystems = {
+    "/" = {
+      device = "/dev/disk/by-uuid/f0786b07-8303-416f-87ff-276bfd696387";
+      fsType = "bcachefs";
+    };
+    "/boot" = {
+      device = "/dev/disk/by-uuid/EF6D-9009";
+      fsType = "vfat";
+    };
+    "/etc/libvirt" = {
+      device = "/dev/disk/by-label/Qemu";
+      options = [ "nosuid" "nodev" "nofail" ] ;
+    };
+    "/var/lib/libvirt" = {
+      depends = [ "/etc/libvirt" ];
+      device = "/etc/libvirt/varlibvirt";
+      options = [ "bind" "rw" ];
+    };
+    "/mnt/Linux1" = {
+      device = "/dev/disk/by-label/Linux1";
+      options = [ "nosuid" "nodev" "nofail" "x-gvfs-show" ];
+    };
+    "/mnt/Linux2" = {
+      device = "/dev/disk/by-label/Linux2";
+      options = [ "nosuid" "nodev" "nofail" "x-gvfs-show" ];
+    };
+    "/mnt/Windows1" = {
+      device = "/dev/disk/by-label/Windows1";
+      options = [ "nosuid" "nodev" "noauto" ];
+    };
+    "/mnt/Windows2" = {
+      device = "/dev/disk/by-label/Windows2";
+      options = [ "nosuid" "nodev" "noauto" ];
+    };
+    "/home/jimbo/JimboNFS" = {
+      device = "server:/export/JimboNFS";
+      fsType = "nfs";
+      options = [ "nofail" ];
+    };
+  };
+
+  # Set the swap partition
+  swapDevices = [
+    { device = "/dev/disk/by-uuid/2e4c5120-716d-4cdc-84a0-c9e6391760db"; }
+  ];
+
+  # Enables DHCP on each ethernet and wireless interface. 
+  networking.useDHCP = lib.mkDefault true;
+  # networking.interfaces.enp42s0.useDHCP = lib.mkDefault true;
+
+  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
+  hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
+}