From eefe3cc4ba691674b2e6941b2b579fb1f261acfe Mon Sep 17 00:00:00 2001 From: Tasia Iso Date: Mon, 22 Apr 2024 05:51:31 +0200 Subject: [PATCH] lol --- README.md | 11 ------- common/full-install.nix | 27 ++++++++++++++++- common/hardware/{amdgpu.nix => amd-gpu.nix} | 0 common/hardware/btrfs.nix | 2 +- .../hardware/{intelcpu.nix => intel-cpu.nix} | 0 common/hardware/latest-kernel.nix | 5 ++++ common/hardware/nvidia-gpu-offload.nix | 8 +++++ .../{nvidiagpu.nix => nvidia-gpu.nix} | 0 common/packages/sshd.nix | 2 +- common/tasia-packages.nix | 23 -------------- crypto/ssh-keys.nix | 18 +++++++++++ hosts/enry/configuration.nix | 8 +++-- hosts/new-new-phoenix/configuration.nix | 30 +++++++------------ hosts/new-phoenix/configuration.nix | 11 +++---- hosts/phoenix/configuration.nix | 16 +++++----- hosts/stuff/configuration.nix | 15 +++++----- hosts/theseus/configuration.nix | 17 +++++------ 17 files changed, 103 insertions(+), 90 deletions(-) rename common/hardware/{amdgpu.nix => amd-gpu.nix} (100%) rename common/hardware/{intelcpu.nix => intel-cpu.nix} (100%) create mode 100644 common/hardware/latest-kernel.nix create mode 100644 common/hardware/nvidia-gpu-offload.nix rename common/hardware/{nvidiagpu.nix => nvidia-gpu.nix} (100%) create mode 100644 crypto/ssh-keys.nix diff --git a/README.md b/README.md index 0d47e37..dc23726 100644 --- a/README.md +++ b/README.md @@ -39,8 +39,6 @@ My main PC. Mostly unused because of power constraints ## phoenix -`phoenix ssh-ed25519 AAAAC3Nza C1lZDI1NTE5AAAAIJTqExIIZuW9yvK7mgveNK8KDGKaRswrjj/nwVDwUdeL` - My old laptop. ## stuff @@ -49,17 +47,8 @@ Another person's laptop. ### enry -`enry ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHCPPE7U87PZ4+BQrdJtPuD/ibf9ubyPAqcRJe6Lpc2D` - This is my Raspberry Pi 3B+ inside my electrical cabinet. ### new-new-phoenix -``` -SHA256:hV3Kumt4I9Bt0/IAX3D9Y1kN93COAQFNSsAdiv9mpIg new-new-phoenix - -SHA256:KiRjUay5C9i6objsEOIycygBHn54pDBB3Lj7fyJ0Elw tasia@new-new-phoenix -ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILLyDLtqUhEQwIsPx0XgQ9OJb2+XxL+2ra4goNJEgwf0 tasia@new-new-phoenix -``` - New laptop. Main driver. TODO: give it a name. diff --git a/common/full-install.nix b/common/full-install.nix index 688c7a8..ff53c06 100644 --- a/common/full-install.nix +++ b/common/full-install.nix @@ -14,6 +14,31 @@ }; environment.systemPackages = with pkgs; [ - # + bat + + nextdns + + # need to test + helix + holehe + smartmontools + cheat + lazygit + ripgrep + jq + yq + neofetch + tldr + dust + powertop + fzf + atuin + zellij + eza + lapce + gotty + gping + yazi + vulnix # once im on stable ]; } diff --git a/common/hardware/amdgpu.nix b/common/hardware/amd-gpu.nix similarity index 100% rename from common/hardware/amdgpu.nix rename to common/hardware/amd-gpu.nix diff --git a/common/hardware/btrfs.nix b/common/hardware/btrfs.nix index c304bb0..ab931af 100644 --- a/common/hardware/btrfs.nix +++ b/common/hardware/btrfs.nix @@ -2,6 +2,6 @@ services.btrfs.autoScrub = { enable = true; interval = "weekly"; - fileSystems = lb.mkDefault ["/"]; + fileSystems = lib.mkDefault ["/"]; }; } diff --git a/common/hardware/intelcpu.nix b/common/hardware/intel-cpu.nix similarity index 100% rename from common/hardware/intelcpu.nix rename to common/hardware/intel-cpu.nix diff --git a/common/hardware/latest-kernel.nix b/common/hardware/latest-kernel.nix new file mode 100644 index 0000000..556dcdc --- /dev/null +++ b/common/hardware/latest-kernel.nix @@ -0,0 +1,5 @@ +{pkgs, ...}: { + boot = { + kernelPackages = pkgs.linuxPackages_latest; + }; +} diff --git a/common/hardware/nvidia-gpu-offload.nix b/common/hardware/nvidia-gpu-offload.nix new file mode 100644 index 0000000..3a482c2 --- /dev/null +++ b/common/hardware/nvidia-gpu-offload.nix @@ -0,0 +1,8 @@ +{ + hardware.nvidia.prime = { + offload = { + enable = true; + enableOffloadCmd = true; + }; + }; +} \ No newline at end of file diff --git a/common/hardware/nvidiagpu.nix b/common/hardware/nvidia-gpu.nix similarity index 100% rename from common/hardware/nvidiagpu.nix rename to common/hardware/nvidia-gpu.nix diff --git a/common/packages/sshd.nix b/common/packages/sshd.nix index 19178e9..2adaf04 100644 --- a/common/packages/sshd.nix +++ b/common/packages/sshd.nix @@ -4,7 +4,7 @@ # https://cyber.gouv.fr/en/publications/openssh-secure-use-recommendations services.openssh = { enable = true; - banner = "hello world"; + # banner = "hello world"; allowSFTP = false; diff --git a/common/tasia-packages.nix b/common/tasia-packages.nix index 0650b54..11c6bad 100644 --- a/common/tasia-packages.nix +++ b/common/tasia-packages.nix @@ -1,7 +1,6 @@ {pkgs, ...}: { environment.systemPackages = with pkgs; [ bitwarden - nextdns # android-tools gocryptfs #endless-sky @@ -32,28 +31,6 @@ openssl # qgis - helix - holehe - smartmontools - cheat - lazygit - ripgrep - jq - yq - neofetch - tldr - bat - dust - powertop - fzf - atuin - zellij - eza - lapce - gotty - gping - yazi - vulnix # once im on stable tildefriends ]; diff --git a/crypto/ssh-keys.nix b/crypto/ssh-keys.nix new file mode 100644 index 0000000..75e43aa --- /dev/null +++ b/crypto/ssh-keys.nix @@ -0,0 +1,18 @@ +rec { + new-new-phoenix = { + # host = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFXu/iFf6yhi6A0f6Lvp+wyltMHq1YgxZan5OdCKP9gE root@new-new-phoenix"; + # host-sha = "SHA256:hV3Kumt4I9Bt0/IAX3D9Y1kN93COAQFNSsAdiv9mpIg root@new-new-phoenix"; + tasia = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILLyDLtqUhEQwIsPx0XgQ9OJb2+XxL+2ra4goNJEgwf0 tasia@new-new-phoenix"; + # tasia-sha = "SHA256:KiRjUay5C9i6objsEOIycygBHn54pDBB3Lj7fyJ0Elw tasia@new-new-phoenix"; + }; + + phoenix = { + host = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJTqExIIZuW9yvK7mgveNK8KDGKaRswrjj/nwVDwUdeL root@phoenix"; # host or user ? + user = "null"; + }; + + enry = { + host = "enry ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHCPPE7U87PZ4+BQrdJtPuD/ibf9ubyPAqcRJe6Lpc2D"; # same + user = "null"; + }; +} diff --git a/hosts/enry/configuration.nix b/hosts/enry/configuration.nix index 50a64ec..db20f01 100644 --- a/hosts/enry/configuration.nix +++ b/hosts/enry/configuration.nix @@ -2,7 +2,9 @@ pkgs, lib, ... -}: { +}: let + sshKeys = import ../../crypto/ssh-keys.nix; +in { imports = [ ./hardware-configuration.nix ../../common/default.nix @@ -23,8 +25,8 @@ extraGroups = ["networkmanager" "wheel" "dialout"]; initialPassword = "correcthorsebatterystaple"; openssh.authorizedKeys.keys = [ - "SHA256:RrcbPCE9BPVLAEhERm81NwXA28OKpn9U6irR2vG7K5I user@phoenix" - "SHA256:KiRjUay5C9i6objsEOIycygBHn54pDBB3Lj7fyJ0Elw tasia@new-new-phoenix" + sshKeys.phoenix.tasia + sshKeys.new-new-phoenix.tasia ]; }; diff --git a/hosts/new-new-phoenix/configuration.nix b/hosts/new-new-phoenix/configuration.nix index 4869c80..2fbc979 100644 --- a/hosts/new-new-phoenix/configuration.nix +++ b/hosts/new-new-phoenix/configuration.nix @@ -2,7 +2,9 @@ pkgs, lib, ... -}: { +}: let + sshKeys = import ../../crypto/ssh-keys.nix; +in { imports = [ ./hardware-configuration.nix ../../common/default.nix @@ -11,9 +13,12 @@ ../../common/locales/en.nix ../../common/locales/fr-keymap.nix - ../../common/hardware/intelcpu.nix - ../../common/hardware/nvidiagpu.nix + ../../common/hardware/intel-cpu.nix + ../../common/hardware/nvidia-gpu.nix + ../../common/hardware/nvidia-gpu-offload.nix ../../common/hardware/ssd.nix + ../../common/hardware/btrfs.nix + ../../common/hardware/latest-kernel.nix ../../common/de/plasma6.nix # ../../common/de/hyprland.nix @@ -26,20 +31,11 @@ # ../../modules/nixos/vedirect-reader.nix ]; - boot = { - kernelPackages = pkgs.linuxPackages_latest; - # boot.kernelModules = [ "fuse" "kvm-intel" "coretemp" ]; - }; + # boot.kernelModules = [ "fuse" "kvm-intel" "coretemp" ]; hardware.nvidia.prime = { - # Make sure to use the correct Bus ID values for your system! intelBusId = "PCI:1:0:0"; nvidiaBusId = "PCI:0:2:0"; - - offload = { - enable = true; - enableOffloadCmd = true; - }; }; networking = { @@ -64,15 +60,11 @@ extraGroups = ["networkmanager" "wheel" "syncthing"]; initialPassword = "correcthorsebatterystaple"; openssh.authorizedKeys.keys = [ - "SHA256:KiRjUay5C9i6objsEOIycygBHn54pDBB3Lj7fyJ0Elw tasia@new-new-phoenix" # self + sshKeys.new-new-phoenix.tasia ]; }; - services.btrfs.autoScrub = { - enable = true; - interval = "weekly"; - fileSystems = ["/"]; - }; + services.btrfs.autoScrub.fileSystems = ["/"]; # services.vedirect-reader.enable = true; diff --git a/hosts/new-phoenix/configuration.nix b/hosts/new-phoenix/configuration.nix index 815d497..70d1f2b 100644 --- a/hosts/new-phoenix/configuration.nix +++ b/hosts/new-phoenix/configuration.nix @@ -2,14 +2,16 @@ pkgs, lib, ... -}: { +}: let + sshKeys = import ../../crypto/ssh-keys.nix; +in { imports = [ ./hardware-configuration.nix ../../common/default.nix ../../common/locales/en.nix ../../common/locales/fr-keymap.nix - ../../common/hardware/intelcpu.nix + ../../common/hardware/intel-cpu.nix ../../common/hardware/ssd.nix ../../common/hardware/btrfs.nix @@ -20,7 +22,6 @@ networking = { hostName = "phoenix"; - firewall.enable = true; firewall.allowedTCPPorts = [ 12345 # tildefriends 13378 # audiobookshelf @@ -36,11 +37,11 @@ extraGroups = ["networkmanager" "wheel" "syncthing"]; initialPassword = "correcthorsebatterystaple"; openssh.authorizedKeys.keys = [ - "SHA256:KiRjUay5C9i6objsEOIycygBHn54pDBB3Lj7fyJ0Elw tasia@new-new-phoenix" + sshKeys.new-new-phoenix.tasia ]; }; - services.btrfs.autoScrub.fileSystems = ["/" "/data"]; + services.btrfs.autoScrub.fileSystems = lib.mkForce ["/" "/data"]; virtualisation.docker.enable = true; diff --git a/hosts/phoenix/configuration.nix b/hosts/phoenix/configuration.nix index 0f17c8c..c7b1c4b 100644 --- a/hosts/phoenix/configuration.nix +++ b/hosts/phoenix/configuration.nix @@ -2,7 +2,9 @@ pkgs, lib, ... -}: { +}: let + sshKeys = import ../../crypto/ssh-keys.nix; +in { imports = [ ./hardware-configuration.nix ../../common/default.nix @@ -11,10 +13,11 @@ ../../common/locales/en.nix ../../common/locales/fr-keymap.nix - ../../common/hardware/intelcpu.nix - ../../common/hardware/amdgpu.nix + ../../common/hardware/intel-cpu.nix + ../../common/hardware/amd-gpu.nix ../../common/hardware/ssd.nix ../../common/hardware/btrfs.nix + ../../common/hardware/latest-kernel.nix ../../common/de/plasma6.nix @@ -26,11 +29,6 @@ ../../modules/nixos/vedirect-reader.nix ]; - boot = { - kernelPackages = pkgs.linuxPackages_latest; - # boot.kernelModules = [ "fuse" "kvm-intel" "coretemp" ]; - }; - networking = { hostName = "phoenix"; @@ -53,7 +51,7 @@ extraGroups = ["networkmanager" "wheel" "syncthing"]; initialPassword = "correcthorsebatterystaple"; openssh.authorizedKeys.keys = [ - "SHA256:KiRjUay5C9i6objsEOIycygBHn54pDBB3Lj7fyJ0Elw tasia@new-new-phoenix" + sshKeys.new-new-phoenix.tasia ]; }; diff --git a/hosts/stuff/configuration.nix b/hosts/stuff/configuration.nix index 0d5b470..0d7df32 100644 --- a/hosts/stuff/configuration.nix +++ b/hosts/stuff/configuration.nix @@ -1,11 +1,13 @@ -{pkgs, ...}: { +{pkgs, ...}: let + sshKeys = import ../../crypto/ssh-keys.nix; +in { imports = [ ./hardware-configuration.nix ../../common/default.nix ../../common/locales/fr.nix ../../common/locales/fr-keymap.nix - ../../common/hardware/intelcpu.nix + ../../common/hardware/intel-cpu.nix ../../common/hardware/ssd.nix ../../common/hardware/btrfs.nix @@ -13,23 +15,20 @@ ../../common/packages/syncthing.nix ../../common/packages/sshd.nix - # ../../common/packages/adguardhome.nix ]; + networking.hostName = "stuff"; + users.users.user = { isNormalUser = true; description = "User"; extraGroups = ["networkmanager" "wheel" "syncthing"]; initialPassword = "correcthorsebatterystaple"; openssh.authorizedKeys.keys = [ - "SHA256:KiRjUay5C9i6objsEOIycygBHn54pDBB3Lj7fyJ0Elw tasia@new-new-phoenix" + sshKeys.new-new-phoenix.tasia ]; }; - networking = { - hostName = "stuff"; - }; - environment.systemPackages = with pkgs; [ # Additional system packages here ]; diff --git a/hosts/theseus/configuration.nix b/hosts/theseus/configuration.nix index e04f608..69abc38 100644 --- a/hosts/theseus/configuration.nix +++ b/hosts/theseus/configuration.nix @@ -2,7 +2,9 @@ pkgs, lib, ... -}: { +}: let + sshKeys = import ../../crypto/ssh-keys.nix; +in { imports = [ ./hardware-configuration.nix ../../common/default.nix @@ -11,13 +13,14 @@ ../../common/locales/en.nix ../../common/locales/en-keymap.nix - ../../common/hardware/intelcpu.nix - ../../common/hardware/nvidiagpu.nix + ../../common/hardware/intel-cpu.nix + ../../common/hardware/nvidia-gpu.nix ../../common/hardware/ssd.nix ../../common/hardware/btrfs.nix + ../../common/hardware/latest-kernel.nix ../../common/de/plasma6.nix - ../../common/de/hyprland.nix + # ../../common/de/hyprland.nix ../../common/tasia-packages.nix ../../common/packages/syncthing.nix @@ -26,10 +29,6 @@ ../../common/packages/sshd.nix ]; - boot = { - kernelPackages = pkgs.linuxPackages_latest; - }; - networking = { hostName = "theseus"; }; @@ -40,7 +39,7 @@ extraGroups = ["networkmanager" "wheel" "syncthing"]; initialPassword = "correcthorsebatterystaple"; openssh.authorizedKeys.keys = [ - "SHA256:KiRjUay5C9i6objsEOIycygBHn54pDBB3Lj7fyJ0Elw tasia@new-new-phoenix" + sshKeys.new-new-phoenix.tasia ]; };