diff --git a/README.md b/README.md index 09109f3..4a9d3bb 100644 --- a/README.md +++ b/README.md @@ -17,14 +17,17 @@ nix run - X1 Carbon: https://www.srid.ca/x1c7-install - Windows (via WSL): https://github.com/nix-community/NixOS-WSL - Clone this repo at `/etc/nixos` - - Edit `flake.nix` and add your Linux's hostname in the `nixosConfigurations` set, as well as update `userName`. + - Edit `flake.nix` and + - add your Linux's hostname in the `nixosConfigurations` set, as well as + - update `people.myself` to your desired username. + - put your SSH keys in `./nixos/takemessh` - Run `nix run`. That's it. Re-open your shell. - macOS: - Install Nix normally (multi-user) - Install [nix-darwin](https://github.com/LnL7/nix-darwin) - This will create a `~/.nixpkgs/darwin-configuration.nix`, but we do not need that. - Clone this repo anywhere - - Edit `flake.nix` to update `userName`. + - Edit `flake.nix` to update `people.myself` to your desired username. - Run `nix run`.[^cleanup] That's it. Re-open your shell. [^cleanup]: You might have to `rm -rf /etc/nix/nix.conf`, so our flake.nix can do its thing. diff --git a/activate.nix b/activate.nix new file mode 100644 index 0000000..54f6143 --- /dev/null +++ b/activate.nix @@ -0,0 +1,32 @@ +# A rough flake-parts module for activating the system +# +# TODO: Replace with deploy-rs or (new) nixinate +{ self, inputs, ... }: +{ + perSystem = { system, pkgs, lib, ... }: { + apps.default = + let + # Create a flake app that wraps the given bash CLI. + bashCmdApp = name: cmd: { + type = "app"; + program = + (pkgs.writeShellApplication { + inherit name; + text = '' + set -x + ${cmd} + ''; + }) + "/bin/${name}"; + }; + in + if system == "aarch64-darwin" then + bashCmdApp "darwin" '' + ${self.darwinConfigurations.default.system}/sw/bin/darwin-rebuild \ + switch --flake ${self}#default + '' + else + bashCmdApp "linux" '' + ${lib.getExe pkgs.nixos-rebuild} --use-remote-sudo switch -j auto + ''; + }; +} diff --git a/config.nix b/config.nix new file mode 100644 index 0000000..8368415 --- /dev/null +++ b/config.nix @@ -0,0 +1,35 @@ +{ config, lib, ... }: +let + userSubmodule = lib.types.submodule { + options = { + name = lib.mkOption { + type = lib.types.str; + }; + email = lib.mkOption { + type = lib.types.str; + }; + }; + }; + peopleSubmodule = lib.types.submodule { + options = { + users = lib.mkOption { + type = lib.types.attrsOf userSubmodule; + }; + myself = lib.mkOption { + type = lib.types.str; + description = '' + The name of the user that represents myself. + + Admin user in all contexts. + ''; + }; + }; + }; +in +{ + options = { + people = lib.mkOption { + type = peopleSubmodule; + }; + }; +} diff --git a/flake.nix b/flake.nix index 05de5fc..9382d88 100644 --- a/flake.nix +++ b/flake.nix @@ -32,157 +32,53 @@ outputs = inputs@{ self, home-manager, nixpkgs, darwin, ... }: inputs.flake-parts.lib.mkFlake { inherit (inputs) self; } { systems = [ "x86_64-linux" "aarch64-darwin" ]; - imports = [ ]; - perSystem = { self', inputs', config, pkgs, lib, system, ... }: { - devShells.default = pkgs.mkShell { - buildInputs = with pkgs; [ - nixpkgs-fmt - # To enable webhint to analyze source files - nodejs + imports = [ + ./config.nix + ./home + ./nixos + ./nix-darwin + ./activate.nix + ]; + + people = { + myself = "srid"; + users = { + srid = { + name = "Sridhar Ratnakumar"; + email = "srid@srid.ca"; + }; + uday = { + name = "Uday Kiran"; + email = "udaycruise2903@gmail.com"; + }; + }; + }; + flake = { + # Configurations for Linux (NixOS) systems + nixosConfigurations = { + # My Linux development computer (on Hetzner) + pinch = self.lib.mkLinuxSystem [ + ./systems/hetzner/ax41.nix + ./nixos/server/harden.nix + # I share my Hetzner server with other people who need it. + self.nixosModules.guests ]; }; + # Configurations for my only[^1] macOS machine (using nix-darwin) + # + # [^1]: This is why attr key is 'default'. + darwinConfigurations = { + default = self.lib-darwin.mkMacosSystem [ + ./systems/darwin.nix + ]; + }; + }; + + perSystem = { pkgs, ... }: { + devShells.default = pkgs.mkShell { + buildInputs = [ pkgs.nixpkgs-fmt ]; + }; formatter = pkgs.nixpkgs-fmt; - apps.default = - let - # Create a flake app that wraps the given bash CLI. - bashCmdApp = name: cmd: { - type = "app"; - program = - (pkgs.writeShellApplication { - inherit name; - text = '' - set -x - ${cmd} - ''; - }) + "/bin/${name}"; - }; - in - if system == "aarch64-darwin" then - bashCmdApp "darwin" '' - ${self.darwinConfigurations.default.system}/sw/bin/darwin-rebuild \ - switch --flake ${self}#default - '' - else - bashCmdApp "linux" '' - ${lib.getExe pkgs.nixos-rebuild} --use-remote-sudo switch -j auto - ''; }; - flake = - let - userName = "srid"; - platformIndependentModules = [ - ./nixos/caches - ]; - platformIndependentHomeModules = [ - ./home/tmux.nix - ./home/neovim.nix - ./home/emacs.nix - ./home/starship.nix - ./home/terminal.nix - ./home/direnv.nix - ]; - in - { - # Configurations for Linux (NixOS) systems - nixosConfigurations = - let - system = "x86_64-linux"; - pkgs = nixpkgs.legacyPackages.${system}; - # Configuration common to all Linux systems - commonFeatures = platformIndependentModules ++ [ - ./nixos/self-ide.nix - ./nixos/takemessh - ./nixos/current-location.nix - ]; - homeFeatures = [ - home-manager.nixosModules.home-manager - { - home-manager.useGlobalPkgs = true; - home-manager.useUserPackages = true; - home-manager.extraSpecialArgs = { inherit system inputs; }; - home-manager.users.${userName} = { pkgs, ... }: { - imports = platformIndependentHomeModules ++ [ - (import ./home/git.nix { - userName = "Sridhar Ratnakumar"; - userEmail = "srid@srid.ca"; - }) - ./home/vscode-server.nix - ]; - - programs.bash = { - enable = true; - } // (import ./home/shellcommon.nix { inherit pkgs; }); - home.stateVersion = "22.11"; - }; - home-manager.users."uday" = { - imports = platformIndependentHomeModules ++ [ - (import ./home/git.nix { - userName = "Uday Kiran"; - userEmail = "udaycruise2903@gmail.com"; - }) - ]; - programs.bash.enable = true; - home.stateVersion = "22.11"; - }; - } - ]; - mkLinuxSystem = extraModules: nixpkgs.lib.nixosSystem { - inherit system pkgs; - # Arguments to pass to all modules. - specialArgs = { inherit system inputs; }; - modules = - commonFeatures ++ homeFeatures ++ extraModules; - }; - in - { - # My Linux development computer (on Hetzner) - pinch = mkLinuxSystem - [ - ./systems/hetzner/ax41.nix - ./nixos/server/harden.nix - ]; - }; - - # Configurations for macOS systems (using nix-darwin) - darwinConfigurations = - let - system = "aarch64-darwin"; - mkMacosSystem = darwin.lib.darwinSystem; - defaultMacosSystem = mkMacosSystem { - inherit system; - specialArgs = { - inherit inputs system; - rosettaPkgs = import nixpkgs { system = "x86_64-darwin"; }; - }; - modules = platformIndependentModules ++ [ - ./systems/darwin.nix - home-manager.darwinModules.home-manager - { - home-manager.useGlobalPkgs = true; - home-manager.useUserPackages = true; - home-manager.extraSpecialArgs = { inherit system inputs; }; - home-manager.users.${userName} = { pkgs, ... }: { - imports = platformIndependentHomeModules ++ [ - (import ./home/git.nix { - userName = "Sridhar Ratnakumar"; - userEmail = "srid@srid.ca"; - }) - ]; - programs.zsh = { - enable = true; - initExtra = '' - export PATH=/etc/profiles/per-user/${userName}/bin:/run/current-system/sw/bin/:$PATH - ''; - } // (import ./home/shellcommon.nix { inherit pkgs; }); - home.stateVersion = "21.11"; - }; - } - ]; - }; - in - { - default = defaultMacosSystem; - }; - }; }; } diff --git a/home/default.nix b/home/default.nix new file mode 100644 index 0000000..2baede9 --- /dev/null +++ b/home/default.nix @@ -0,0 +1,65 @@ +{ self, inputs, config, ... }: +{ + flake = { + homeModules = { + common = { + home.stateVersion = "22.11"; + imports = [ + ./tmux.nix + ./neovim.nix + ./emacs.nix + ./starship.nix + ./terminal.nix + ./direnv.nix + ]; + }; + common-linux = { + imports = [ + self.homeModules.common + ./vscode-server.nix + ]; + programs.bash.enable = true; + }; + common-darwin = { + imports = [ + self.homeModules.common + ]; + + programs.zsh.enable = true; + # To put nix and home-manager-installed packages in PATH. + home.sessionPath = [ + "/etc/profiles/per-user/$USER/bin" + "/run/current-system/sw/bin" + ]; + }; + }; + nixosModules.home-manager = { + imports = [ + inputs.home-manager.nixosModules.home-manager + ({ + home-manager.useGlobalPkgs = true; + home-manager.useUserPackages = true; + home-manager.extraSpecialArgs = { + inherit inputs; + system = "x86_64-linux"; + flake = { inherit config; }; + }; + }) + ]; + }; + darwinModules.home-manager = { + imports = [ + inputs.home-manager.darwinModules.home-manager + ({ + home-manager.useGlobalPkgs = true; + home-manager.useUserPackages = true; + home-manager.extraSpecialArgs = { + inherit inputs; + system = "aarch64-darwin"; + flake = { inherit config; }; + }; + }) + ]; + }; + }; +} diff --git a/home/email.nix b/home/email.nix deleted file mode 100644 index bfe591e..0000000 --- a/home/email.nix +++ /dev/null @@ -1,55 +0,0 @@ -{ pkgs, ... }: -let - realName = "Sridhar Ratnakumar"; - # IMAP/SMTP settings for standard email servers - servers = { - icloud = { - imap = { - host = "imap.mail.me.com"; - port = 993; - tls.enable = true; - }; - smtp = { - host = "smtp.mail.me.com"; - port = 587; - tls.enable = true; - }; - }; - protonmail = { - imap = { - host = "127.0.0.1"; - port = 1143; - tls.enable = true; - tls.useStartTls = true; - }; - smtp = { - host = "127.0.0.1"; - port = 1025; - tls.enable = true; - }; - }; - }; -in -{ - programs.himalaya = { - enable = true; - settings = { }; - }; - accounts.email.accounts = { - proton = servers.protonmail // { - inherit realName; - primary = true; - himalaya.enable = true; - address = "srid@srid.ca"; - userName = "hey@srid.ca"; - passwordCommand = "cat /Users/srid/.protonmail.password"; # Temporary password from ProtonMail Bridge, so I don't care - }; - icloud = servers.icloud // { - inherit realName; - address = "happyandharmless@icloud.com"; - userName = "happyandharmless"; - passwordCommand = "op item get iCloud --fields label=himalaya"; - }; - }; -} - diff --git a/home/git.nix b/home/git.nix index b804a03..8e2f358 100644 --- a/home/git.nix +++ b/home/git.nix @@ -1,12 +1,12 @@ -{ userName, userEmail }: -{ pkgs, ... }: +{ pkgs, config, flake, ... }: { home.packages = [ pkgs.git-lfs ]; programs.git = { package = pkgs.gitAndTools.gitFull; enable = true; - inherit userName userEmail; + userName = flake.config.people.users.${config.home.username}.name; + userEmail = flake.config.people.users.${config.home.username}.email; aliases = { co = "checkout"; ci = "commit"; diff --git a/home/shellcommon.nix b/home/shellcommon.nix index 86ad2cb..54b451a 100644 --- a/home/shellcommon.nix +++ b/home/shellcommon.nix @@ -1,5 +1,5 @@ { pkgs, ... }: -{ +let shellAliases = { e = "nvim"; ee = "nvim \"$(fzf)\""; @@ -15,4 +15,8 @@ # TODO: Gotta specify ~/.todo/config in Nix t = "${pkgs.todo-txt-cli}/bin/todo.sh"; }; +in +{ + programs.bash = { inherit shellAliases; }; + programs.zsh = { inherit shellAliases; }; } diff --git a/nix-darwin/default.nix b/nix-darwin/default.nix new file mode 100644 index 0000000..9077145 --- /dev/null +++ b/nix-darwin/default.nix @@ -0,0 +1,33 @@ +{ self, inputs, config, ... }: +{ + # Configuration common to all macOS systems + flake = { + darwinModules = { + myself = { + home-manager.users.${config.people.myself} = { pkgs, ... }: { + imports = [ + self.homeModules.common-darwin + ../home/shellcommon.nix + ../home/git.nix + ]; + }; + }; + default.imports = [ + self.darwinModules.home-manager + self.darwinModules.myself + ../nixos/caches + ]; + }; + lib-darwin.mkMacosSystem = extraModules: inputs.darwin.lib.darwinSystem rec { + system = "aarch64-darwin"; + specialArgs = { + inherit inputs system; + flake = { inherit config; }; + rosettaPkgs = import inputs.nixpkgs { system = "x86_64-darwin"; }; + }; + modules = [ + self.darwinModules.default + ] ++ extraModules; + }; + }; +} diff --git a/nixos/default.nix b/nixos/default.nix new file mode 100644 index 0000000..8343b72 --- /dev/null +++ b/nixos/default.nix @@ -0,0 +1,46 @@ +{ self, inputs, config, ... }: +let + mkHomeModule = name: extraModules: { + users.users.${name}.isNormalUser = true; + home-manager.users.${name} = { + imports = [ + self.homeModules.common-linux + ../home/git.nix + ] ++ extraModules; + }; + }; +in +{ + # Configuration common to all Linux systems + flake = { + nixosModules = { + guests.imports = [ + # Temporarily sharing with Uday, until he gets better machine. + (mkHomeModule "uday" [ ]) + ]; + myself = mkHomeModule config.people.myself [ + ../home/shellcommon.nix + ]; + default.imports = [ + self.nixosModules.home-manager + self.nixosModules.myself + ./caches + ./self-ide.nix + ./takemessh + ./current-location.nix + ]; + }; + + lib.mkLinuxSystem = extraModules: inputs.nixpkgs.lib.nixosSystem rec { + system = "x86_64-linux"; + # Arguments to pass to all modules. + specialArgs = { + inherit system inputs; + flake = { inherit config; }; + }; + modules = [ + self.nixosModules.default + ] ++ extraModules; + }; + }; +} diff --git a/nixos/docker.nix b/nixos/docker.nix index eecc6d9..08950dc 100644 --- a/nixos/docker.nix +++ b/nixos/docker.nix @@ -1,7 +1,7 @@ -{ pkgs, ... }: { +{ pkgs, config, ... }: { virtualisation.docker.enable = true; - users.users.srid = { + users.users.${config.people.myself} = { extraGroups = [ "docker" ]; }; } diff --git a/nixos/ema/emanote.nix b/nixos/ema/emanote.nix index f154d2d..63d4711 100644 --- a/nixos/ema/emanote.nix +++ b/nixos/ema/emanote.nix @@ -1,4 +1,4 @@ -{ pkgs, inputs, system, ... }: +{ pkgs, inputs, system, flake, ... }: let emanote = inputs.emanote.outputs.defaultPackage.${system}; in @@ -12,9 +12,9 @@ in PORT = "7000"; }; serviceConfig = { - User = "srid"; + User = flake.config.people.myself; Restart = "always"; - ExecStart = "${emanote}/bin/emanote -L /home/srid/Documents/Notes"; + ExecStart = "${emanote}/bin/emanote -L /home/${flake.config.people.myself}/Documents/Notes"; }; }; } diff --git a/nixos/lxd.nix b/nixos/lxd.nix index 0c0c06d..560b12c 100644 --- a/nixos/lxd.nix +++ b/nixos/lxd.nix @@ -1,7 +1,7 @@ -{ pkgs, ... }: { +{ pkgs, flake, ... }: { virtualisation.lxd.enable = true; - users.users.srid = { + users.users.${flake.config.people.myself} = { extraGroups = [ "lxd" ]; }; } diff --git a/nixos/monitor-brightness.nix b/nixos/monitor-brightness.nix index 5ab66cf..2d18403 100644 --- a/nixos/monitor-brightness.nix +++ b/nixos/monitor-brightness.nix @@ -1,6 +1,6 @@ # TODO: GNOME support via https://extensions.gnome.org/extension/2645/brightness-control-using-ddcutil/ -{ pkgs, ... }: { +{ pkgs, flake, ... }: { # ddcutils requires i2c hardware.i2c.enable = true; @@ -15,7 +15,7 @@ security.sudo.extraRules = [ { - users = [ "srid" ]; + users = [ flake.config.people.myself ]; commands = [ { command = "${pkgs.ddcutil}/bin/ddcutil"; @@ -25,7 +25,7 @@ } ]; - users.users.srid = { + users.users.${flake.config.people.myself} = { extraGroups = [ "i2c" ]; }; diff --git a/nixos/protonvpn.nix b/nixos/protonvpn.nix index 5f6edf7..6bb46c6 100644 --- a/nixos/protonvpn.nix +++ b/nixos/protonvpn.nix @@ -1,4 +1,4 @@ -{ pkgs, ... }: +{ pkgs, flake, ... }: { environment.systemPackages = with pkgs; [ @@ -8,7 +8,7 @@ security.sudo.extraRules = [ { - users = [ "srid" ]; + users = [ flake.config.people.myself ]; commands = [ { command = "${pkgs.protonvpn-cli}/bin/protonvpn"; diff --git a/nixos/self-ide.nix b/nixos/self-ide.nix index f85b295..4f9414e 100644 --- a/nixos/self-ide.nix +++ b/nixos/self-ide.nix @@ -1,8 +1,8 @@ -{ pkgs, inputs, ... }: { +{ pkgs, inputs, flake, ... }: { # For no-prompt Ctrl+Shift+B in VSCode security.sudo.extraRules = [ { - users = [ "srid" ]; + users = [ flake.config.people.myself ]; commands = [ { command = "/run/current-system/sw/bin/nixos-rebuild"; diff --git a/nixos/server/harden.nix b/nixos/server/harden.nix index f218e77..81a3d4c 100644 --- a/nixos/server/harden.nix +++ b/nixos/server/harden.nix @@ -1,4 +1,4 @@ -{ pkgs, ... }: { +{ pkgs, flake, ... }: { # Firewall networking.firewall.enable = true; @@ -22,5 +22,5 @@ }; }; nix.settings.allowed-users = [ "root" "@users" ]; - nix.settings.trusted-users = [ "root" "srid" ]; + nix.settings.trusted-users = [ "root" flake.config.people.myself ]; } diff --git a/nixos/takemessh/default.nix b/nixos/takemessh/default.nix index e13addb..abbcdf0 100644 --- a/nixos/takemessh/default.nix +++ b/nixos/takemessh/default.nix @@ -1,9 +1,9 @@ -{ config, pkgs, lib, ... }: +{ config, pkgs, lib, flake, ... }: { # Let me login users.users = { root.openssh.authorizedKeys.keys = [ (builtins.readFile ./id_rsa.pub) ]; - srid.openssh.authorizedKeys.keys = [ (builtins.readFile ./id_rsa.pub) ]; + ${flake.config.people.myself}.openssh.authorizedKeys.keys = [ (builtins.readFile ./id_rsa.pub) ]; }; } diff --git a/nixos/virtualbox.nix b/nixos/virtualbox.nix index 674d188..5e8b4fb 100644 --- a/nixos/virtualbox.nix +++ b/nixos/virtualbox.nix @@ -1,7 +1,7 @@ -{ pkgs, ... }: { +{ pkgs, flake, ... }: { virtualisation.virtualbox.host = { enable = true; enableExtensionPack = true; }; - users.extraGroups.vboxusers.members = [ "srid" ]; + users.extraGroups.vboxusers.members = [ flake.config.people.myself ]; } diff --git a/systems/darwin.nix b/systems/darwin.nix index fc3216e..83b8173 100644 --- a/systems/darwin.nix +++ b/systems/darwin.nix @@ -1,4 +1,4 @@ -{ config, pkgs, lib, inputs, system, rosettaPkgs, ... }: +{ config, pkgs, lib, inputs, system, flake, rosettaPkgs, ... }: { # List packages installed in system profile. To search by name, run: @@ -63,7 +63,7 @@ serviceConfig.ProgramArguments = [ (lib.getExe inputs.emanote.packages.${system}.default) "-L" - "/Users/srid/Keybase/Notes" + "/Users/${flake.config.people.myself}/Keybase/Notes" "run" "-p" "7000" @@ -74,8 +74,10 @@ security.pam.enableSudoTouchIdAuth = true; # For home-manager to work. - users.users.srid.name = "srid"; - users.users.srid.home = "/Users/srid"; + users.users.${flake.config.people.myself} = { + name = flake.config.people.myself; + home = "/Users/${flake.config.people.myself}"; + }; # Use a custom configuration.nix location. # $ darwin-rebuild switch -I darwin-config=$HOME/.config/nixpkgs/darwin/configuration.nix diff --git a/systems/hetzner/ax101.nix b/systems/hetzner/ax101.nix deleted file mode 100644 index 34c5680..0000000 --- a/systems/hetzner/ax101.nix +++ /dev/null @@ -1,148 +0,0 @@ -{ config, pkgs, lib, inputs, modulesPath, ... }: - -{ - imports = - [ - (modulesPath + "/installer/scan/not-detected.nix") - ]; - - boot.initrd.availableKernelModules = [ "nvme" "ahci" ]; - boot.initrd.kernelModules = [ "dm-snapshot" ]; - boot.kernelModules = [ "kvm-amd" ]; - boot.extraModulePackages = [ ]; - - fileSystems."/" = - { - device = "/dev/disk/by-uuid/480156e1-b229-4f5b-883a-34b7e5a9e0e9"; - fsType = "ext4"; - }; - - swapDevices = [ ]; - - nix.settings.max-jobs = lib.mkDefault 32; - powerManagement.cpuFreqGovernor = lib.mkDefault "ondemand"; - hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; - - # Use GRUB2 as the boot loader. - # We don't use systemd-boot because Hetzner uses BIOS legacy boot. - boot.loader.systemd-boot.enable = false; - boot.loader.grub = { - enable = true; - efiSupport = false; - devices = [ "/dev/nvme1n1" "/dev/nvme0n1" ]; - }; - - # The madm RAID was created with a certain hostname, which madm will consider - # the "home hostname". Changing the system hostname will result in the array - # being considered "foregin" as opposed to "local", and showing it as - # '/dev/md/:root0' instead of '/dev/md/root0'. - - # This is mdadm's protection against accidentally putting a RAID disk - # into the wrong machine and corrupting data by accidental sync, see - # https://bugzilla.redhat.com/show_bug.cgi?id=606481#c14 and onward. - # We set the HOMEHOST manually go get the short '/dev/md' names, - # and so that things look and are configured the same on all such - # machines irrespective of host names. - # We do not worry about plugging disks into the wrong machine because - # we will never exchange disks between machines. - environment.etc."mdadm.conf".text = '' - HOMEHOST now - ''; - - # The RAIDs are assembled in stage1, so we need to make the config - # available there. - boot.initrd.services.swraid.mdadmConf = config.environment.etc."mdadm.conf".text; - - # Network (Hetzner uses static IP assignments, and we don't use DHCP here) - networking.useDHCP = false; - - networking.interfaces."enp7s0" = { - ipv4 = { - addresses = [{ - # Server main IPv4 address - address = "136.243.12.116"; - prefixLength = 24; - }]; - - routes = [ - # Default IPv4 gateway route - { - address = "0.0.0.0"; - prefixLength = 0; - via = "136.243.12.65"; - } - ]; - }; - - ipv6 = { - addresses = [{ - address = "2a01:4f8:211:25c9::1"; - prefixLength = 64; - }]; - - # Default IPv6 route - routes = [{ - address = "::"; - prefixLength = 0; - via = "fe80::1"; - }]; - }; - }; - - networking = { - nameservers = [ "8.8.8.8" "8.8.4.4" ]; - hostName = "now"; - }; - - nix = { - # package = pkgs.nixUnstable; - extraOptions = '' - experimental-features = nix-command flakes repl-flake - ''; - }; - - services.netdata.enable = true; - - environment.systemPackages = with pkgs; [ - lsof - inputs.nixos-shell.defaultPackage.${system} - - # Encrypted private directory stuff - # See https://srid.ca/vf.enc - cryptsetup - (pkgs.writeShellApplication { - name = "now-mount-priv"; - runtimeInputs = [ cryptsetup ]; - text = '' - set -x - sudo cryptsetup luksOpen /dev/nvme0n1p3 crypted0 - sudo mount /dev/mapper/crypted0 /extra0 - ''; - }) - ]; - - services.openssh.permitRootLogin = "prohibit-password"; - services.openssh.enable = true; - services.syncthing = { - enable = true; - user = "srid"; - dataDir = "/home/srid/priv/syncthing"; - }; - services.tailscale.enable = true; - - # Define a user account. Don't forget to set a password with ‘passwd’. - users.users.srid = { - isNormalUser = true; - extraGroups = [ "wheel" "networkmanager" ]; - }; - security.sudo.wheelNeedsPassword = false; - - # This value determines the NixOS release from which the default - # settings for stateful data, like file locations and database versions - # on your system were taken. It‘s perfectly fine and recommended to leave - # this value at the release version of the first install of this system. - # Before changing this value read the documentation for this option - # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). - system.stateVersion = "21.11"; # Did you read the comment? - -} diff --git a/systems/hetzner/ax41.nix b/systems/hetzner/ax41.nix index ba6815b..b2ce0c9 100644 --- a/systems/hetzner/ax41.nix +++ b/systems/hetzner/ax41.nix @@ -1,4 +1,4 @@ -{ config, pkgs, lib, inputs, modulesPath, ... }: +{ config, pkgs, lib, inputs, modulesPath, flake, ... }: { imports = @@ -114,13 +114,10 @@ networking.firewall.checkReversePath = "loose"; # Tailscale recommends this # Define a user account. Don't forget to set a password with ‘passwd’. - users.users.srid = { + users.users.${flake.config.people.myself} = { isNormalUser = true; extraGroups = [ "wheel" "networkmanager" ]; }; - users.users.uday = { - isNormalUser = true; - }; security.sudo.wheelNeedsPassword = false; system.stateVersion = "20.03"; diff --git a/systems/laptops/p71.nix b/systems/laptops/p71.nix deleted file mode 100644 index 56a7208..0000000 --- a/systems/laptops/p71.nix +++ /dev/null @@ -1,103 +0,0 @@ -{ config, pkgs, lib, modulesPath, inputs, ... }: - -{ - imports = - [ - (modulesPath + "/installer/scan/not-detected.nix") - ]; - - boot.initrd.availableKernelModules = [ "xhci_pci" "nvme" "usb_storage" "sd_mod" "rtsx_pci_sdmmc" ]; - boot.initrd.kernelModules = [ ]; - boot.kernelModules = [ "kvm-intel" ]; - boot.kernelPackages = pkgs.linuxPackages_latest; - # Kernel w/ clear linux like patches: https://github.com/NixOS/nixpkgs/issues/63708#issuecomment-1003875463 - # boot.kernelPackages = pkgs.linuxPackages_xanmod; - boot.supportedFilesystems = [ "ntfs" ]; - # https://notes.srid.ca/rtl8821cu - # boot.extraModulePackages = [ config.boot.kernelPackages.rtl8821cu ]; - - # Use the systemd-boot EFI boot loader. - boot.loader.systemd-boot.enable = true; - boot.loader.efi.canTouchEfiVariables = true; - - fileSystems."/" = - { - device = "/dev/disk/by-uuid/25d3748c-b6fc-43d6-819a-e916821bd06e"; - fsType = "ext4"; - }; - boot.initrd.luks.devices."crypted".device = "/dev/disk/by-uuid/ccc661bc-c59f-4172-b6e0-2ba54d34de5c"; - fileSystems."/boot" = - { - device = "/dev/disk/by-uuid/A782-D559"; - fsType = "vfat"; - }; - - swapDevices = [ ]; - - # high-resolution display - hardware.video.hidpi.enable = lib.mkDefault true; - - hardware.pulseaudio.enable = true; - hardware.pulseaudio.support32Bit = true; ## If compatibility with 32-bit applications is desired. - - # services.xserver.videoDrivers = [ "nvidia" "intel" ]; - services.xserver.videoDrivers = [ "intel" ]; - #hardware.nvidia.modesetting.enable = true; # Required for Wayland+GDM, apparently. - # On KDE+nvidia, display scaling can only be set here. - services.xserver.dpi = 170; - # Not sure how to merge two screens in KDE - # cf. https://github.com/srid/nix-config/blob/master/device/p71/graphics.nix - # These are the default. - #services.xserver.deviceSection = '' - # Option "Twinview" - #''; - #services.xserver.serverLayoutSection = '' - # Option "Xinerama" "off" - #''; - - nix = { - package = pkgs.nixFlakes; - extraOptions = '' - experimental-features = nix-command flakes repl-flake - ''; - }; - - networking.hostName = "thick"; # Define your hostname. - networking.networkmanager.enable = true; - - services.openssh.enable = true; - services = { - syncthing = { - enable = true; - user = "srid"; - dataDir = "/home/srid"; - }; - neo4j = { - enable = false; - }; - }; - services.ipfs = { - enable = false; # 8080 conflicts with playground-server - autoMigrate = true; - }; - - programs = { - mosh.enable = true; - ssh.startAgent = true; - }; - - # Define a user account. Don't forget to set a password with ‘passwd’. - users.users.srid = { - isNormalUser = true; - extraGroups = [ "wheel" "networkmanager" "audio" ]; - }; - - # This value determines the NixOS release from which the default - # settings for stateful data, like file locations and database versions - # on your system were taken. It‘s perfectly fine and recommended to leave - # this value at the release version of the first install of this system. - # Before changing this value read the documentation for this option - # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). - system.stateVersion = "21.11"; # Did you read the comment? - -}