From 36e9a950b2aac1ea41988381c579674c36f9ca38 Mon Sep 17 00:00:00 2001 From: Tasia Iso Date: Mon, 22 Apr 2024 06:39:13 +0200 Subject: [PATCH] unfree packages no awawa --- common/default.nix | 18 +++++++++++-- common/hardware/nvidia-gpu-offload.nix | 2 +- common/packages/auditd.nix | 8 ++++++ common/packages/syncthing.nix | 4 +-- hosts/enry/configuration.nix | 3 +-- hosts/new-new-phoenix/configuration.nix | 36 +++++++++---------------- hosts/new-phoenix/configuration.nix | 5 ++-- hosts/phoenix/configuration.nix | 8 +++--- hosts/stuff/configuration.nix | 4 +-- hosts/theseus/configuration.nix | 5 ++-- 10 files changed, 52 insertions(+), 41 deletions(-) create mode 100644 common/packages/auditd.nix diff --git a/common/default.nix b/common/default.nix index 0fc8044..0c218ed 100644 --- a/common/default.nix +++ b/common/default.nix @@ -7,10 +7,12 @@ ... }: { imports = [ + ./locales/paris.nix + + ./packages/sshd.nix ./packages/neovim.nix ./packages/zsh.nix ./packages/git.nix - ./locales/paris.nix ]; nixpkgs = { @@ -43,7 +45,19 @@ auto-optimise-store = true; }; - # systemd-boot + # Unfree packages that can be installe even if "allow-unfree.nix" isn't imported + nixpkgs.config.allowUnfreePredicate = pkg: + builtins.elem (lib.getName pkg) [ + # Steam + "steam" + "steam-original" + "steam-run" + + # Nvidia drivers + "nvidia-x11" + "nvidia-settings" + ]; + boot.loader = { systemd-boot.enable = true; efi.canTouchEfiVariables = true; diff --git a/common/hardware/nvidia-gpu-offload.nix b/common/hardware/nvidia-gpu-offload.nix index 3a482c2..c92b038 100644 --- a/common/hardware/nvidia-gpu-offload.nix +++ b/common/hardware/nvidia-gpu-offload.nix @@ -5,4 +5,4 @@ enableOffloadCmd = true; }; }; -} \ No newline at end of file +} diff --git a/common/packages/auditd.nix b/common/packages/auditd.nix new file mode 100644 index 0000000..33f5626 --- /dev/null +++ b/common/packages/auditd.nix @@ -0,0 +1,8 @@ +{ + # security.auditd.enable = true; + # security.audit.enable = true; + # security.audit.rules = [ + # "-a exit,always -F arch=b64 -S execve" + # ]; + # You can monitor these logs with journalctl -f. If you don't see any audit logs show up, ssh in from another window and run some commands like ls. You should see a flurry of them show up. +} diff --git a/common/packages/syncthing.nix b/common/packages/syncthing.nix index 5342a21..fb7f64c 100644 --- a/common/packages/syncthing.nix +++ b/common/packages/syncthing.nix @@ -1,8 +1,8 @@ -{ +{lib, ...}: { # File sync service services.syncthing = { enable = true; - user = "user"; + user = lib.mkDefault "user"; group = "users"; openDefaultPorts = true; diff --git a/hosts/enry/configuration.nix b/hosts/enry/configuration.nix index db20f01..46ae8cf 100644 --- a/hosts/enry/configuration.nix +++ b/hosts/enry/configuration.nix @@ -8,9 +8,8 @@ in { imports = [ ./hardware-configuration.nix ../../common/default.nix - ../../common/hardware/raspberry-pi.nix - ../../common/packages/sshd.nix + ../../common/hardware/raspberry-pi.nix ../../modules/nixos/vedirect-reader.nix ]; diff --git a/hosts/new-new-phoenix/configuration.nix b/hosts/new-new-phoenix/configuration.nix index 2fbc979..c661264 100644 --- a/hosts/new-new-phoenix/configuration.nix +++ b/hosts/new-new-phoenix/configuration.nix @@ -9,10 +9,11 @@ in { ./hardware-configuration.nix ../../common/default.nix ../../common/full-install.nix - ../../common/allow-unfree.nix + ../../common/tasia-packages.nix ../../common/locales/en.nix ../../common/locales/fr-keymap.nix + ../../common/hardware/intel-cpu.nix ../../common/hardware/nvidia-gpu.nix ../../common/hardware/nvidia-gpu-offload.nix @@ -21,28 +22,18 @@ in { ../../common/hardware/latest-kernel.nix ../../common/de/plasma6.nix - # ../../common/de/hyprland.nix + ../../common/de/hyprland.nix - ../../common/tasia-packages.nix - ../../common/packages/sshd.nix ../../common/packages/steam.nix - # ../../common/packages/syncthing.nix + ../../common/packages/syncthing.nix - # ../../modules/nixos/vedirect-reader.nix + ../../modules/nixos/vedirect-reader.nix ]; - # boot.kernelModules = [ "fuse" "kvm-intel" "coretemp" ]; - - hardware.nvidia.prime = { - intelBusId = "PCI:1:0:0"; - nvidiaBusId = "PCI:0:2:0"; - }; - networking = { hostName = "new-new-phoenix"; firewall = { - enable = true; allowedTCPPorts = [ 8080 # ? 12345 # tildefriends @@ -54,6 +45,11 @@ in { }; }; + hardware.nvidia.prime = { + intelBusId = "PCI:1:0:0"; + nvidiaBusId = "PCI:0:2:0"; + }; + users.users.tasia = { isNormalUser = true; description = "User"; @@ -72,8 +68,9 @@ in { # services.flatpak.enable = false; services.syncthing = { - dataDir = lib.mkForce "/home/user"; - configDir = lib.mkForce "/data/sync/configuration/"; + user = "tasia"; + dataDir = lib.mkForce "/home/tasia/Sync/data"; + configDir = lib.mkForce "/home/tasia/Sync/configuration"; }; # Needed to build enry @@ -83,13 +80,6 @@ in { # ]; - # security.auditd.enable = true; - # security.audit.enable = true; - # security.audit.rules = [ - # "-a exit,always -F arch=b64 -S execve" - # ]; - # You can monitor these logs with journalctl -f. If you don't see any audit logs show up, ssh in from another window and run some commands like ls. You should see a flurry of them show up. - # https://nixos.wiki/wiki/FAQ/When_do_I_update_stateVersion system.stateVersion = "23.11"; } diff --git a/hosts/new-phoenix/configuration.nix b/hosts/new-phoenix/configuration.nix index 70d1f2b..88c617f 100644 --- a/hosts/new-phoenix/configuration.nix +++ b/hosts/new-phoenix/configuration.nix @@ -2,7 +2,7 @@ pkgs, lib, ... -}: let +}: let sshKeys = import ../../crypto/ssh-keys.nix; in { imports = [ @@ -11,12 +11,13 @@ in { ../../common/locales/en.nix ../../common/locales/fr-keymap.nix + ../../common/hardware/intel-cpu.nix ../../common/hardware/ssd.nix ../../common/hardware/btrfs.nix - ../../common/packages/syncthing.nix ../../common/packages/adguardhome.nix + ../../common/packages/syncthing.nix ]; networking = { diff --git a/hosts/phoenix/configuration.nix b/hosts/phoenix/configuration.nix index c7b1c4b..832bf15 100644 --- a/hosts/phoenix/configuration.nix +++ b/hosts/phoenix/configuration.nix @@ -2,17 +2,18 @@ pkgs, lib, ... -}: let +}: let sshKeys = import ../../crypto/ssh-keys.nix; in { imports = [ ./hardware-configuration.nix ../../common/default.nix ../../common/full-install.nix - ../../common/allow-unfree.nix + ../../common/tasia-packages.nix ../../common/locales/en.nix ../../common/locales/fr-keymap.nix + ../../common/hardware/intel-cpu.nix ../../common/hardware/amd-gpu.nix ../../common/hardware/ssd.nix @@ -21,10 +22,9 @@ in { ../../common/de/plasma6.nix - ../../common/tasia-packages.nix - ../../common/packages/syncthing.nix ../../common/packages/adguardhome.nix ../../common/packages/steam.nix + ../../common/packages/syncthing.nix ../../modules/nixos/vedirect-reader.nix ]; diff --git a/hosts/stuff/configuration.nix b/hosts/stuff/configuration.nix index 0d7df32..ba35854 100644 --- a/hosts/stuff/configuration.nix +++ b/hosts/stuff/configuration.nix @@ -1,12 +1,13 @@ {pkgs, ...}: let sshKeys = import ../../crypto/ssh-keys.nix; -in { +in { imports = [ ./hardware-configuration.nix ../../common/default.nix ../../common/locales/fr.nix ../../common/locales/fr-keymap.nix + ../../common/hardware/intel-cpu.nix ../../common/hardware/ssd.nix ../../common/hardware/btrfs.nix @@ -14,7 +15,6 @@ in { ../../common/de/plasma5.nix ../../common/packages/syncthing.nix - ../../common/packages/sshd.nix ]; networking.hostName = "stuff"; diff --git a/hosts/theseus/configuration.nix b/hosts/theseus/configuration.nix index 69abc38..d2f3749 100644 --- a/hosts/theseus/configuration.nix +++ b/hosts/theseus/configuration.nix @@ -2,7 +2,7 @@ pkgs, lib, ... -}: let +}: let sshKeys = import ../../crypto/ssh-keys.nix; in { imports = [ @@ -13,6 +13,7 @@ in { ../../common/locales/en.nix ../../common/locales/en-keymap.nix + ../../common/hardware/intel-cpu.nix ../../common/hardware/nvidia-gpu.nix ../../common/hardware/ssd.nix @@ -22,11 +23,9 @@ in { ../../common/de/plasma6.nix # ../../common/de/hyprland.nix - ../../common/tasia-packages.nix ../../common/packages/syncthing.nix ../../common/packages/adguardhome.nix ../../common/packages/steam.nix - ../../common/packages/sshd.nix ]; networking = {