tasiaiso/nixos-config
1
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity

lol

Browse source
This commit is contained in:
Tasia Iso 2024-04-22 05:51:31 +02:00
parent 82815bd863
commit eefe3cc4ba
Signed by: tasiaiso
SSH key fingerprint: SHA256:KiRjUay5C9i6objsEOIycygBHn54pDBB3Lj7fyJ0Elw
17 changed files with 103 additions and 90 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

11
README.md
View file

@ -39,8 +39,6 @@ My main PC. Mostly unused because of power constraints
## phoenix
`phoenix ssh-ed25519 AAAAC3Nza C1lZDI1NTE5AAAAIJTqExIIZuW9yvK7mgveNK8KDGKaRswrjj/nwVDwUdeL`
My old laptop.
## stuff
@ -49,17 +47,8 @@ Another person's laptop.
### enry
`enry ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHCPPE7U87PZ4+BQrdJtPuD/ibf9ubyPAqcRJe6Lpc2D`
This is my Raspberry Pi 3B+ inside my electrical cabinet.
### new-new-phoenix
```
SHA256:hV3Kumt4I9Bt0/IAX3D9Y1kN93COAQFNSsAdiv9mpIg new-new-phoenix
SHA256:KiRjUay5C9i6objsEOIycygBHn54pDBB3Lj7fyJ0Elw tasia@new-new-phoenix
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILLyDLtqUhEQwIsPx0XgQ9OJb2+XxL+2ra4goNJEgwf0 tasia@new-new-phoenix
```
New laptop. Main driver. TODO: give it a name.

27
common/full-install.nix
View file

@ -14,6 +14,31 @@
};
environment.systemPackages = with pkgs; [
#
bat
nextdns
# need to test
helix
holehe
smartmontools
cheat
lazygit
ripgrep
jq
yq
neofetch
tldr
dust
powertop
fzf
atuin
zellij
eza
lapce
gotty
gping
yazi
vulnix # once im on stable
];
}

0
common/hardware/amdgpu.nix → common/hardware/amd-gpu.nix
View file

2
common/hardware/btrfs.nix
View file

@ -2,6 +2,6 @@
services.btrfs.autoScrub = {
enable = true;
interval = "weekly";
fileSystems = lb.mkDefault ["/"];
fileSystems = lib.mkDefault ["/"];
};
}

0
common/hardware/intelcpu.nix → common/hardware/intel-cpu.nix
View file

5
common/hardware/latest-kernel.nix Normal file
View file

@ -0,0 +1,5 @@
{pkgs, ...}: {
boot = {
kernelPackages = pkgs.linuxPackages_latest;
};
}

8
common/hardware/nvidia-gpu-offload.nix Normal file
View file

@ -0,0 +1,8 @@
{
hardware.nvidia.prime = {
offload = {
enable = true;
enableOffloadCmd = true;
};
};
}

0
common/hardware/nvidiagpu.nix → common/hardware/nvidia-gpu.nix
View file

2
common/packages/sshd.nix
View file

@ -4,7 +4,7 @@
# https://cyber.gouv.fr/en/publications/openssh-secure-use-recommendations
services.openssh = {
enable = true;
banner = "hello world";
# banner = "hello world";
allowSFTP = false;

23
common/tasia-packages.nix
View file

@ -1,7 +1,6 @@
{pkgs, ...}: {
environment.systemPackages = with pkgs; [
bitwarden
nextdns
# android-tools
gocryptfs
#endless-sky
@ -32,28 +31,6 @@
openssl
# qgis
helix
holehe
smartmontools
cheat
lazygit
ripgrep
jq
yq
neofetch
tldr
bat
dust
powertop
fzf
atuin
zellij
eza
lapce
gotty
gping
yazi
vulnix # once im on stable
tildefriends
];

18
crypto/ssh-keys.nix Normal file
View file

@ -0,0 +1,18 @@
rec {
new-new-phoenix = {
# host = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFXu/iFf6yhi6A0f6Lvp+wyltMHq1YgxZan5OdCKP9gE root@new-new-phoenix";
# host-sha = "SHA256:hV3Kumt4I9Bt0/IAX3D9Y1kN93COAQFNSsAdiv9mpIg root@new-new-phoenix";
tasia = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILLyDLtqUhEQwIsPx0XgQ9OJb2+XxL+2ra4goNJEgwf0 tasia@new-new-phoenix";
# tasia-sha = "SHA256:KiRjUay5C9i6objsEOIycygBHn54pDBB3Lj7fyJ0Elw tasia@new-new-phoenix";
};
phoenix = {
host = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJTqExIIZuW9yvK7mgveNK8KDGKaRswrjj/nwVDwUdeL root@phoenix"; # host or user ?
user = "null";
};
enry = {
host = "enry ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHCPPE7U87PZ4+BQrdJtPuD/ibf9ubyPAqcRJe6Lpc2D"; # same
user = "null";
};
}

8
hosts/enry/configuration.nix
View file

@ -2,7 +2,9 @@
pkgs,
lib,
...
}: {
}: let
sshKeys = import ../../crypto/ssh-keys.nix;
in {
imports = [
./hardware-configuration.nix
../../common/default.nix
@ -23,8 +25,8 @@
extraGroups = ["networkmanager" "wheel" "dialout"];
initialPassword = "correcthorsebatterystaple";
openssh.authorizedKeys.keys = [
"SHA256:RrcbPCE9BPVLAEhERm81NwXA28OKpn9U6irR2vG7K5I user@phoenix"
"SHA256:KiRjUay5C9i6objsEOIycygBHn54pDBB3Lj7fyJ0Elw tasia@new-new-phoenix"
sshKeys.phoenix.tasia
sshKeys.new-new-phoenix.tasia
];
};

28
hosts/new-new-phoenix/configuration.nix
View file

@ -2,7 +2,9 @@
pkgs,
lib,
...
}: {
}: let
sshKeys = import ../../crypto/ssh-keys.nix;
in {
imports = [
./hardware-configuration.nix
../../common/default.nix
@ -11,9 +13,12 @@
../../common/locales/en.nix
../../common/locales/fr-keymap.nix
../../common/hardware/intelcpu.nix
../../common/hardware/nvidiagpu.nix
../../common/hardware/intel-cpu.nix
../../common/hardware/nvidia-gpu.nix
../../common/hardware/nvidia-gpu-offload.nix
../../common/hardware/ssd.nix
../../common/hardware/btrfs.nix
../../common/hardware/latest-kernel.nix
../../common/de/plasma6.nix
# ../../common/de/hyprland.nix
@ -26,20 +31,11 @@
# ../../modules/nixos/vedirect-reader.nix
];
boot = {
kernelPackages = pkgs.linuxPackages_latest;
# boot.kernelModules = [ "fuse" "kvm-intel" "coretemp" ];
};
hardware.nvidia.prime = {
# Make sure to use the correct Bus ID values for your system!
intelBusId = "PCI:1:0:0";
nvidiaBusId = "PCI:0:2:0";
offload = {
enable = true;
enableOffloadCmd = true;
};
};
networking = {
@ -64,15 +60,11 @@
extraGroups = ["networkmanager" "wheel" "syncthing"];
initialPassword = "correcthorsebatterystaple";
openssh.authorizedKeys.keys = [
"SHA256:KiRjUay5C9i6objsEOIycygBHn54pDBB3Lj7fyJ0Elw tasia@new-new-phoenix" # self
sshKeys.new-new-phoenix.tasia
];
};
services.btrfs.autoScrub = {
enable = true;
interval = "weekly";
fileSystems = ["/"];
};
services.btrfs.autoScrub.fileSystems = ["/"];
# services.vedirect-reader.enable = true;

11
hosts/new-phoenix/configuration.nix
View file

@ -2,14 +2,16 @@
pkgs,
lib,
...
}: {
}: let
sshKeys = import ../../crypto/ssh-keys.nix;
in {
imports = [
./hardware-configuration.nix
../../common/default.nix
../../common/locales/en.nix
../../common/locales/fr-keymap.nix
../../common/hardware/intelcpu.nix
../../common/hardware/intel-cpu.nix
../../common/hardware/ssd.nix
../../common/hardware/btrfs.nix
@ -20,7 +22,6 @@
networking = {
hostName = "phoenix";
firewall.enable = true;
firewall.allowedTCPPorts = [
12345 # tildefriends
13378 # audiobookshelf
@ -36,11 +37,11 @@
extraGroups = ["networkmanager" "wheel" "syncthing"];
initialPassword = "correcthorsebatterystaple";
openssh.authorizedKeys.keys = [
"SHA256:KiRjUay5C9i6objsEOIycygBHn54pDBB3Lj7fyJ0Elw tasia@new-new-phoenix"
sshKeys.new-new-phoenix.tasia
];
};
services.btrfs.autoScrub.fileSystems = ["/" "/data"];
services.btrfs.autoScrub.fileSystems = lib.mkForce ["/" "/data"];
virtualisation.docker.enable = true;

16
hosts/phoenix/configuration.nix
View file

@ -2,7 +2,9 @@
pkgs,
lib,
...
}: {
}: let
sshKeys = import ../../crypto/ssh-keys.nix;
in {
imports = [
./hardware-configuration.nix
../../common/default.nix
@ -11,10 +13,11 @@
../../common/locales/en.nix
../../common/locales/fr-keymap.nix
../../common/hardware/intelcpu.nix
../../common/hardware/amdgpu.nix
../../common/hardware/intel-cpu.nix
../../common/hardware/amd-gpu.nix
../../common/hardware/ssd.nix
../../common/hardware/btrfs.nix
../../common/hardware/latest-kernel.nix
../../common/de/plasma6.nix
@ -26,11 +29,6 @@
../../modules/nixos/vedirect-reader.nix
];
boot = {
kernelPackages = pkgs.linuxPackages_latest;
# boot.kernelModules = [ "fuse" "kvm-intel" "coretemp" ];
};
networking = {
hostName = "phoenix";
@ -53,7 +51,7 @@
extraGroups = ["networkmanager" "wheel" "syncthing"];
initialPassword = "correcthorsebatterystaple";
openssh.authorizedKeys.keys = [
"SHA256:KiRjUay5C9i6objsEOIycygBHn54pDBB3Lj7fyJ0Elw tasia@new-new-phoenix"
sshKeys.new-new-phoenix.tasia
];
};

15
hosts/stuff/configuration.nix
View file

@ -1,11 +1,13 @@
{pkgs, ...}: {
{pkgs, ...}: let
sshKeys = import ../../crypto/ssh-keys.nix;
in {
imports = [
./hardware-configuration.nix
../../common/default.nix
../../common/locales/fr.nix
../../common/locales/fr-keymap.nix
../../common/hardware/intelcpu.nix
../../common/hardware/intel-cpu.nix
../../common/hardware/ssd.nix
../../common/hardware/btrfs.nix
@ -13,23 +15,20 @@
../../common/packages/syncthing.nix
../../common/packages/sshd.nix
# ../../common/packages/adguardhome.nix
];
networking.hostName = "stuff";
users.users.user = {
isNormalUser = true;
description = "User";
extraGroups = ["networkmanager" "wheel" "syncthing"];
initialPassword = "correcthorsebatterystaple";
openssh.authorizedKeys.keys = [
"SHA256:KiRjUay5C9i6objsEOIycygBHn54pDBB3Lj7fyJ0Elw tasia@new-new-phoenix"
sshKeys.new-new-phoenix.tasia
];
};
networking = {
hostName = "stuff";
};
environment.systemPackages = with pkgs; [
# Additional system packages here
];

17
hosts/theseus/configuration.nix
View file

@ -2,7 +2,9 @@
pkgs,
lib,
...
}: {
}: let
sshKeys = import ../../crypto/ssh-keys.nix;
in {
imports = [
./hardware-configuration.nix
../../common/default.nix
@ -11,13 +13,14 @@
../../common/locales/en.nix
../../common/locales/en-keymap.nix
../../common/hardware/intelcpu.nix
../../common/hardware/nvidiagpu.nix
../../common/hardware/intel-cpu.nix
../../common/hardware/nvidia-gpu.nix
../../common/hardware/ssd.nix
../../common/hardware/btrfs.nix
../../common/hardware/latest-kernel.nix
../../common/de/plasma6.nix
../../common/de/hyprland.nix
# ../../common/de/hyprland.nix
../../common/tasia-packages.nix
../../common/packages/syncthing.nix
@ -26,10 +29,6 @@
../../common/packages/sshd.nix
];
boot = {
kernelPackages = pkgs.linuxPackages_latest;
};
networking = {
hostName = "theseus";
};
@ -40,7 +39,7 @@
extraGroups = ["networkmanager" "wheel" "syncthing"];
initialPassword = "correcthorsebatterystaple";
openssh.authorizedKeys.keys = [
"SHA256:KiRjUay5C9i6objsEOIycygBHn54pDBB3Lj7fyJ0Elw tasia@new-new-phoenix"
sshKeys.new-new-phoenix.tasia
];
};