Compare commits
No commits in common. "300d1faec4b2d388b71717c666e8492422a9d88a" and "6f16d8ec34d925ea0923c1cdac507bcfe4cbe4e6" have entirely different histories.
300d1faec4
...
6f16d8ec34
|
@ -19,7 +19,7 @@
|
||||||
"sd_mod" # SCSI disk support
|
"sd_mod" # SCSI disk support
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
kernelModules = ["hid_multitouch" "kvm-intel" "psmouse"]; # Enable kvm for libvirtd
|
kernelModules = ["kvm-intel"]; # Enable kvm for libvirtd
|
||||||
};
|
};
|
||||||
|
|
||||||
fileSystems = {
|
fileSystems = {
|
||||||
|
|
|
@ -26,11 +26,10 @@
|
||||||
allowDiscards = true;
|
allowDiscards = true;
|
||||||
preLVM = true;
|
preLVM = true;
|
||||||
};
|
};
|
||||||
"cryptmirror" = {
|
#"cryptswap" = {
|
||||||
device = "/dev/disk/by-label/cryptmirror";
|
# device = "/dev/disk/by-label/cryptswap";
|
||||||
allowDiscards = true;
|
# # keyFile = "/root/swap.key"; # enable encrypted hibernation & sleep
|
||||||
preLVM = true;
|
#};
|
||||||
};
|
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
@ -46,10 +45,6 @@
|
||||||
device = "/dev/disk/by-label/EFI";
|
device = "/dev/disk/by-label/EFI";
|
||||||
fsType = "vfat";
|
fsType = "vfat";
|
||||||
};
|
};
|
||||||
"/var/lib/backup" = {
|
|
||||||
device = "/dev/disk/by-label/backup";
|
|
||||||
fsType = "ext4";
|
|
||||||
};
|
|
||||||
};
|
};
|
||||||
|
|
||||||
swapDevices = [
|
swapDevices = [
|
||||||
|
|
|
@ -1,74 +0,0 @@
|
||||||
# Hardware configuration file for the System76 Thelio Mira
|
|
||||||
{
|
|
||||||
config,
|
|
||||||
lib,
|
|
||||||
pkgs,
|
|
||||||
modulesPath,
|
|
||||||
...
|
|
||||||
}: {
|
|
||||||
imports = [<nixpkgs/nixos/modules/installer/scan/not-detected.nix>];
|
|
||||||
|
|
||||||
boot = {
|
|
||||||
initrd = {
|
|
||||||
availableKernelModules = [
|
|
||||||
"ahci"
|
|
||||||
"nvme" # NVMe drives (really fast SSDs)
|
|
||||||
"sd_mod" # SCSI disk support
|
|
||||||
"usb_storage" # USB Mass Storage support
|
|
||||||
"usbhid"
|
|
||||||
"xhci_pci" # USB 3.0 (eXtensible Host Controller Interface)
|
|
||||||
];
|
|
||||||
kernelModules = ["dm-snapshot"];
|
|
||||||
luks = {
|
|
||||||
devices = {
|
|
||||||
"cryptroot" = {
|
|
||||||
device = "/dev/disk/by-label/cryptroot";
|
|
||||||
allowDiscards = true;
|
|
||||||
preLVM = true;
|
|
||||||
};
|
|
||||||
"cryptstore" = {
|
|
||||||
device = "/dev/disk/by-label/cryptstore";
|
|
||||||
allowDiscards = true;
|
|
||||||
preLVM = true;
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
kernelModules = ["kvm-intel"]; # Enable kvm for libvirtd
|
|
||||||
};
|
|
||||||
|
|
||||||
fileSystems = {
|
|
||||||
"/" = {
|
|
||||||
device = "/dev/disk/by-label/nixos";
|
|
||||||
fsType = "ext4";
|
|
||||||
};
|
|
||||||
"/nix" = {
|
|
||||||
device = "/dev/disk/by-label/nixStore";
|
|
||||||
fsType = "ext4";
|
|
||||||
};
|
|
||||||
"/boot" = {
|
|
||||||
device = "/dev/disk/by-uuid/677E-FD28";
|
|
||||||
fsType = "vfat";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
swapDevices = [
|
|
||||||
{
|
|
||||||
device = "/dev/disk/by-label/swap";
|
|
||||||
discardPolicy = "both";
|
|
||||||
}
|
|
||||||
];
|
|
||||||
|
|
||||||
networking.useDHCP = lib.mkDefault true;
|
|
||||||
|
|
||||||
nix.settings.max-jobs = lib.mkDefault 12;
|
|
||||||
|
|
||||||
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
|
|
||||||
hardware = {
|
|
||||||
cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
|
|
||||||
system76 = {
|
|
||||||
enableAll = true; # all recommended configuration for system76 systems
|
|
||||||
power-daemon.enable = true;
|
|
||||||
};
|
|
||||||
};
|
|
||||||
}
|
|
|
@ -15,7 +15,7 @@
|
||||||
../profiles/ipv6.nix
|
../profiles/ipv6.nix
|
||||||
../profiles/mastodon.nix
|
../profiles/mastodon.nix
|
||||||
../profiles/matrix.nix
|
../profiles/matrix.nix
|
||||||
../profiles/mcwhirter.io.nix
|
#../profiles/mcwhirter.io.nix
|
||||||
../profiles/minecraftServer.nix
|
../profiles/minecraftServer.nix
|
||||||
../profiles/nextcloud.nix
|
../profiles/nextcloud.nix
|
||||||
../profiles/nixpkgs-dev.nix
|
../profiles/nixpkgs-dev.nix
|
||||||
|
@ -41,11 +41,6 @@
|
||||||
sshHostname = "tmate.mcwhirter.io";
|
sshHostname = "tmate.mcwhirter.io";
|
||||||
};
|
};
|
||||||
nginx = {
|
nginx = {
|
||||||
virtualHosts."git.mcwhirter.io" = {
|
|
||||||
enableACME = true;
|
|
||||||
forceSSL = true;
|
|
||||||
globalRedirect = "reciproka.dev"; # Redirect permanently to the host
|
|
||||||
};
|
|
||||||
virtualHosts."source.mcwhirter.io" = {
|
virtualHosts."source.mcwhirter.io" = {
|
||||||
enableACME = true;
|
enableACME = true;
|
||||||
forceSSL = true;
|
forceSSL = true;
|
||||||
|
@ -56,7 +51,6 @@
|
||||||
|
|
||||||
security.acme = {
|
security.acme = {
|
||||||
acceptTerms = true;
|
acceptTerms = true;
|
||||||
certs = {"git.mcwhirter.io" = {email = "craige@mcwhirter.io";};};
|
|
||||||
certs = {"source.mcwhirter.io" = {email = "craige@mcwhirter.io";};};
|
certs = {"source.mcwhirter.io" = {email = "craige@mcwhirter.io";};};
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
|
@ -1,126 +0,0 @@
|
||||||
# NixOS configuration for ŝanĝanto
|
|
||||||
{
|
|
||||||
config,
|
|
||||||
pkgs,
|
|
||||||
...
|
|
||||||
}: {
|
|
||||||
imports = [
|
|
||||||
../hardware/system76_thelioMira.nix # Include results of the hardware scan.
|
|
||||||
../profiles/cron-craige.nix # Provide Craige's cron jobs
|
|
||||||
../profiles/desktopCraige.nix # Craige's desktop tools and apps
|
|
||||||
../profiles/haskell-dev.nix # Haskell dev environment
|
|
||||||
../profiles/host_common.nix # Common host configuration options
|
|
||||||
../profiles/iog.nix # IOHK environment
|
|
||||||
../profiles/keyboard.nix
|
|
||||||
../profiles/neomutt.nix # Neomutt email
|
|
||||||
../profiles/nix-community.nix # Nix community aarch64 tooling
|
|
||||||
../profiles/nixpkgs-dev.nix # Nix pkgs dev tools
|
|
||||||
../profiles/openssh.nix # Enable and configure openssh
|
|
||||||
../profiles/pantheon.nix # Enable and configure the pantheon desktop
|
|
||||||
../profiles/pipewire.nix # Enable and pipewire audio system
|
|
||||||
../profiles/xmonad.nix # Xmonad desktop environment
|
|
||||||
../profiles/yubikey.nix # Yubikey tooling
|
|
||||||
../secrets/craige.nix # Ssshhhhh!
|
|
||||||
../secrets/root.nix # Ssshhhhh!
|
|
||||||
];
|
|
||||||
|
|
||||||
deployment.targetHost = "10.42.0.11";
|
|
||||||
|
|
||||||
nixpkgs = {
|
|
||||||
config = {
|
|
||||||
allowUnfree = true;
|
|
||||||
permittedInsecurePackages = [
|
|
||||||
"openssl-1.0.2u"
|
|
||||||
];
|
|
||||||
};
|
|
||||||
overlays = [(import ../overlays/ncmpcpp.nix)];
|
|
||||||
};
|
|
||||||
|
|
||||||
boot = {
|
|
||||||
loader = {
|
|
||||||
systemd-boot.enable = true;
|
|
||||||
efi.canTouchEfiVariables = true;
|
|
||||||
};
|
|
||||||
kernel.sysctl."net.ipv4.ip_forward" = "1";
|
|
||||||
extraModprobeConfig = "options kvm_intel nested=1";
|
|
||||||
};
|
|
||||||
|
|
||||||
networking = {
|
|
||||||
hostName = "sanganto"; # Define your hostname.
|
|
||||||
networkmanager.enable = true; # Enables network support via NetworkManager.
|
|
||||||
};
|
|
||||||
|
|
||||||
fonts.packages = with pkgs; [
|
|
||||||
anonymousPro
|
|
||||||
dejavu_fonts # A typeface family based on the Bitstream Vera fonts
|
|
||||||
fira-code # Monospace font with programming ligaturess
|
|
||||||
font-awesome
|
|
||||||
hack-font # A typeface designed for source code
|
|
||||||
jetbrains-mono
|
|
||||||
nerdfonts # Iconic font aggregator, collection, & patcher
|
|
||||||
open-sans # Used in in my polybar configuration
|
|
||||||
xkcd-font # Font based handwriting in xkcd comics
|
|
||||||
];
|
|
||||||
|
|
||||||
# List packages installed in system profile. To search, run:
|
|
||||||
environment.systemPackages = with pkgs; [
|
|
||||||
];
|
|
||||||
|
|
||||||
services = {
|
|
||||||
acpid.enable = true;
|
|
||||||
blueman.enable = true;
|
|
||||||
gvfs.enable = true; # required by pcmanfm
|
|
||||||
kbfs.enable = true;
|
|
||||||
};
|
|
||||||
|
|
||||||
networking.firewall = {
|
|
||||||
enable = true;
|
|
||||||
checkReversePath = false; # Needed for libvirtd
|
|
||||||
allowedTCPPorts = [15000];
|
|
||||||
};
|
|
||||||
|
|
||||||
# Virtualisation configuration:
|
|
||||||
virtualisation = {
|
|
||||||
libvirtd = {
|
|
||||||
enable = true; # Enable libvirtd
|
|
||||||
qemu = {
|
|
||||||
#package = pkgs.qemu_kvm; # Enable guest only for the same arch
|
|
||||||
package = pkgs.qemu; # Enable full emulation
|
|
||||||
verbatimConfig = ''
|
|
||||||
user = "craige"
|
|
||||||
group = "libvirtd"
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
onShutdown = "shutdown"; # Set gust VMs to shutdown on host shutdown
|
|
||||||
extraConfig = ''
|
|
||||||
disk_bus = "virtio"
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
# Enable sound.
|
|
||||||
sound.enable = true;
|
|
||||||
hardware = {
|
|
||||||
bluetooth = {
|
|
||||||
enable = true;
|
|
||||||
settings = {Policy = {AutoEnable = "true";};};
|
|
||||||
};
|
|
||||||
opengl.enable = true;
|
|
||||||
};
|
|
||||||
|
|
||||||
# The below pair are set to overcome flakey connections / busy servers that
|
|
||||||
# fail to respond to ssh keep alive requests, sometimes triggering:
|
|
||||||
# client_loop: send disconnect: Broken pipe
|
|
||||||
programs.ssh.extraConfig = ''
|
|
||||||
ServerAliveInterval 20
|
|
||||||
TCPKeepAlive no
|
|
||||||
'';
|
|
||||||
|
|
||||||
users.groups = {lp.members = ["messagebus"];};
|
|
||||||
|
|
||||||
# This value determines the NixOS release with which your system is to be
|
|
||||||
# compatible, in order to avoid breaking some software such as database
|
|
||||||
# servers. You should change this only after NixOS release notes say you
|
|
||||||
# should.
|
|
||||||
system.stateVersion = "23.05"; # Did you read the comment?
|
|
||||||
}
|
|
|
@ -27,7 +27,7 @@
|
||||||
#../secrets/wireless.nix # Hey look! A squirrel!
|
#../secrets/wireless.nix # Hey look! A squirrel!
|
||||||
];
|
];
|
||||||
|
|
||||||
deployment.targetHost = "10.42.0.180";
|
deployment.targetHost = "10.42.0.126";
|
||||||
|
|
||||||
nixpkgs = {
|
nixpkgs = {
|
||||||
config = {
|
config = {
|
||||||
|
|
|
@ -86,10 +86,10 @@
|
||||||
"homepage": "https://github.com/NixOS/nixpkgs",
|
"homepage": "https://github.com/NixOS/nixpkgs",
|
||||||
"owner": "NixOS",
|
"owner": "NixOS",
|
||||||
"repo": "nixpkgs",
|
"repo": "nixpkgs",
|
||||||
"rev": "9d29cd266cebf80234c98dd0b87256b6be0af44e",
|
"rev": "a8695cbd09a7ecf3376bd62c798b9864d20f86ee",
|
||||||
"sha256": "0bkrjx4x6sy4g9kmcddhlwrl4cpm4yvj7cljd7b8crf7kxpvaaf6",
|
"sha256": "0qwypwz0gabw6nzrgl1pb74zlqpmfwwiilc0043gfvij6j1kpwcb",
|
||||||
"type": "tarball",
|
"type": "tarball",
|
||||||
"url": "https://github.com/NixOS/nixpkgs/archive/9d29cd266cebf80234c98dd0b87256b6be0af44e.tar.gz",
|
"url": "https://github.com/NixOS/nixpkgs/archive/a8695cbd09a7ecf3376bd62c798b9864d20f86ee.tar.gz",
|
||||||
"url_template": "https://github.com/<owner>/<repo>/archive/<rev>.tar.gz"
|
"url_template": "https://github.com/<owner>/<repo>/archive/<rev>.tar.gz"
|
||||||
},
|
},
|
||||||
"nixpkgsUnstable": {
|
"nixpkgsUnstable": {
|
||||||
|
|
|
@ -27,7 +27,6 @@
|
||||||
eamhair = import hosts/eamhair.nix;
|
eamhair = import hosts/eamhair.nix;
|
||||||
ceitidh = import hosts/ceitidh.nix;
|
ceitidh = import hosts/ceitidh.nix;
|
||||||
paidh-uachdar = import hosts/paidh-uachdar.nix;
|
paidh-uachdar = import hosts/paidh-uachdar.nix;
|
||||||
sanganto = import hosts/sanganto.nix;
|
|
||||||
sercanto = import hosts/sercanto.nix;
|
sercanto = import hosts/sercanto.nix;
|
||||||
sithlainnir = import hosts/sithlainnir.nix;
|
sithlainnir = import hosts/sithlainnir.nix;
|
||||||
teintidh = import hosts/teintidh.nix;
|
teintidh = import hosts/teintidh.nix;
|
||||||
|
|
|
@ -27,7 +27,6 @@
|
||||||
nvme-cli # NVM-Express user space tooling for Linux
|
nvme-cli # NVM-Express user space tooling for Linux
|
||||||
pandoc # Conversion between documentation formats
|
pandoc # Conversion between documentation formats
|
||||||
pwgen # Password generator
|
pwgen # Password generator
|
||||||
siji # An iconic bitmap font based on Stlarch with additional glyphs
|
|
||||||
shared-mime-info # A database of common MIME types
|
shared-mime-info # A database of common MIME types
|
||||||
shotwell # Photo organizer
|
shotwell # Photo organizer
|
||||||
signal-desktop # Private, simple, and secure messenger
|
signal-desktop # Private, simple, and secure messenger
|
||||||
|
|
|
@ -68,13 +68,7 @@
|
||||||
gdm.enable = false; # Enable the GNOME display manager
|
gdm.enable = false; # Enable the GNOME display manager
|
||||||
lightdm.greeters.pantheon.enable = true;
|
lightdm.greeters.pantheon.enable = true;
|
||||||
};
|
};
|
||||||
libinput = {
|
libinput.enable = true; # Enable touchpad support.
|
||||||
enable = true; # Enable touchpad support.
|
|
||||||
touchpad = {
|
|
||||||
tapping = true;
|
|
||||||
tappingButtonMap = "lrm"; # Set the touchpad button mappeing
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
};
|
||||||
|
|
||||||
pipewire = {
|
pipewire = {
|
||||||
|
|
|
@ -31,8 +31,6 @@
|
||||||
# Required to redirect requests to the mastodon service
|
# Required to redirect requests to the mastodon service
|
||||||
"mcwhirter.io" = {
|
"mcwhirter.io" = {
|
||||||
locations."/.well-known/host-meta".extraConfig = "return 301 $scheme://social.mcwhirter.io$request_uri;";
|
locations."/.well-known/host-meta".extraConfig = "return 301 $scheme://social.mcwhirter.io$request_uri;";
|
||||||
enableACME = true; # Use ACME certs
|
|
||||||
forceSSL = true; # Force SSL
|
|
||||||
};
|
};
|
||||||
"social.mcwhirter.io" = {
|
"social.mcwhirter.io" = {
|
||||||
enableACME = true; # Use ACME certs
|
enableACME = true; # Use ACME certs
|
||||||
|
|
|
@ -1,10 +1,6 @@
|
||||||
# Use the Nix community aarch64 server as a build server
|
# Use the Nix community aarch64 server as a build server
|
||||||
# https://github.com/nix-community/aarch64-build-box
|
# https://github.com/nix-community/aarch64-build-box
|
||||||
{
|
{
|
||||||
programs.ssh.knownHosts."aarch64.nixos.community" = {
|
|
||||||
publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMUTz5i9u5H2FHNAmZJyoJfIGyUm/HfGhfwnc142L3ds";
|
|
||||||
};
|
|
||||||
|
|
||||||
nix = {
|
nix = {
|
||||||
distributedBuilds = true;
|
distributedBuilds = true;
|
||||||
buildMachines = [
|
buildMachines = [
|
||||||
|
|
|
@ -1,24 +0,0 @@
|
||||||
# Configuration for my pantheon desktop requirements
|
|
||||||
{
|
|
||||||
config,
|
|
||||||
pkgs,
|
|
||||||
...
|
|
||||||
}: {
|
|
||||||
services = {
|
|
||||||
pantheon = {
|
|
||||||
apps.enable = true;
|
|
||||||
contractor.enable = true;
|
|
||||||
};
|
|
||||||
xserver = {
|
|
||||||
enable = true; # Enable the X11 windowing system.
|
|
||||||
desktopManager = {
|
|
||||||
pantheon.enable = true;
|
|
||||||
};
|
|
||||||
libinput.enable = true; # Enable touchpad support.
|
|
||||||
};
|
|
||||||
};
|
|
||||||
programs = {
|
|
||||||
dconf.enable = true;
|
|
||||||
pantheon-tweaks.enable = true; # additional system settings
|
|
||||||
};
|
|
||||||
}
|
|
|
@ -15,12 +15,6 @@
|
||||||
logind = {
|
logind = {
|
||||||
lidSwitch = "suspend-then-hibernate";
|
lidSwitch = "suspend-then-hibernate";
|
||||||
lidSwitchDocked = "ignore";
|
lidSwitchDocked = "ignore";
|
||||||
# powerKey = "suspend-then-hibernate"; # Enable in 23.11
|
|
||||||
extraConfig = ''
|
|
||||||
HandlePowerKey=suspend-then-hibernate
|
|
||||||
IdleAction=suspend-then-hibernate
|
|
||||||
IdleActionSec=10m
|
|
||||||
'';
|
|
||||||
};
|
};
|
||||||
thermald.enable = true;
|
thermald.enable = true;
|
||||||
auto-cpufreq = {
|
auto-cpufreq = {
|
||||||
|
@ -43,14 +37,4 @@
|
||||||
criticalPowerAction = "Hibernate";
|
criticalPowerAction = "Hibernate";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
programs.xss-lock = {
|
|
||||||
enable = true;
|
|
||||||
lockerCommand = "${pkgs.xscreensaver}/bin/screensaver-command -lock";
|
|
||||||
extraOptions = [
|
|
||||||
"-n ${pkgs.libnotify}/bin/notify-send \"Locking screen now\""
|
|
||||||
"IdleAction=lock"
|
|
||||||
"IdleActionSec=5m"
|
|
||||||
];
|
|
||||||
};
|
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue