From 582f93d9ed024555c22c1abe352e336504d75239 Mon Sep 17 00:00:00 2001 From: Gene Liverman Date: Sun, 22 Mar 2026 18:32:08 -0400 Subject: [PATCH 1/3] Restructure modules/shared and update all imports - Delete 2024-12-rework/ folder - Rename modules/hosts/common to modules/shared, then split into: - modules/shared/home/general - modules/shared/home/linux - modules/shared/nixos - Update all import paths throughout the codebase - Update lib/*.nix to use new paths - Fix hardcoded /Users/${username} to use config.home.homeDirectory - Update README and examples/flake-structure.nix --- .sops.yaml | 2 +- 2024-12-rework/.gitignore | 2 - 2024-12-rework/configuration.nix | 25 --- 2024-12-rework/flake.lock | 183 ------------------ 2024-12-rework/flake.nix | 30 --- 2024-12-rework/hardware-configuration.nix | 44 ----- 2024-12-rework/nixpkgs-settings.nix | 9 - examples/flake-structure.nix | 91 +++++---- flake.nix | 22 --- lib/mkDarwinHost.nix | 4 +- lib/mkHomeConfig.nix | 2 +- lib/mkNixosHost.nix | 4 +- modules/hosts/nixos/bigboy/default.nix | 4 +- modules/hosts/nixos/bigboy/home-gene.nix | 6 +- modules/hosts/nixos/default.nix | 2 +- modules/hosts/nixos/hetznix01/default.nix | 2 +- .../nixos/hetznix01/post-install/default.nix | 4 +- .../hetznix01/post-install/monitoring.nix | 2 +- modules/hosts/nixos/hetznix02/default.nix | 2 +- .../nixos/hetznix02/post-install/default.nix | 2 +- .../hetznix02/post-install/monitoring.nix | 2 +- .../hosts/nixos/kiosk-entryway/default.nix | 2 +- .../hosts/nixos/kiosk-entryway/monitoring.nix | 2 +- .../hosts/nixos/kiosk-gene-desk/default.nix | 2 +- modules/hosts/nixos/nixnas1/default.nix | 2 +- modules/hosts/nixos/nixnuc/default.nix | 4 +- .../hosts/nixos/nixnuc/monitoring-stack.nix | 2 +- .../hosts/nixos/rainbow-planet/default.nix | 4 +- .../hosts/nixos/rainbow-planet/home-gene.nix | 12 +- .../files/Microsoft.PowerShell_profile.ps1 | 0 .../files/nvim/lua/config/vim-options.lua | 0 .../files/nvim/lua/disabled/barbar.lua | 0 .../files/nvim/lua/disabled/cheatsheet.lua | 0 .../files/nvim/lua/disabled/nvim-tree.lua | 0 .../nvim/lua/disabled/themes/dracula.lua | 0 .../nvim/lua/disabled/themes/gruvbox.lua | 0 .../nvim/lua/disabled/themes/kanagawa.lua | 0 .../nvim/lua/disabled/themes/oxocarbon.lua | 0 .../nvim/lua/disabled/themes/tokyonight.lua | 0 .../files/nvim/lua/plugins/alpha.lua | 0 .../files/nvim/lua/plugins/bufferline.lua | 0 .../files/nvim/lua/plugins/catppuccin.lua | 0 .../files/nvim/lua/plugins/completions.lua | 0 .../files/nvim/lua/plugins/edgy.lua | 0 .../files/nvim/lua/plugins/git-stuff.lua | 0 .../files/nvim/lua/plugins/lsp-config.lua | 0 .../files/nvim/lua/plugins/lualine.lua | 0 .../files/nvim/lua/plugins/neo-tree.lua | 0 .../files/nvim/lua/plugins/noice.lua | 0 .../files/nvim/lua/plugins/none-ls.lua | 0 .../nvim/lua/plugins/nvim-web-devicons.lua | 0 .../files/nvim/lua/plugins/telescope.lua | 0 .../files/nvim/lua/plugins/todo-comments.lua | 0 .../files/nvim/lua/plugins/toggleterm.lua | 0 .../files/nvim/lua/plugins/treesitter.lua | 0 .../files/nvim/lua/plugins/trouble.lua | 0 .../nvim/lua/plugins/vim-tmux-navigator.lua | 0 .../files/nvim/lua/plugins/which-key.lua | 0 .../files/tilix/Beanbag-Mathias.json | 0 .../common => shared}/files/waybar/config | 0 .../common => shared}/files/waybar/style.css | 0 .../files/xfce4/terminal/accels.scm | 0 .../files/xfce4/terminal/terminalrc | 0 .../home/general}/all-gui.nix | 0 .../home/general}/default.nix | 12 +- .../home}/linux/apps/hexchat.nix | 0 .../home}/linux/apps/pidgin.nix | 0 .../home}/linux/apps/tilix.nix | 2 +- .../home}/linux/apps/waybar.nix | 4 +- .../home}/linux/apps/xfce4-terminal.nix | 2 +- .../home/linux/default.nix} | 0 .../linux => shared/nixos}/flatpaks.nix | 0 .../nixos}/internationalisation.nix | 0 .../linux => shared/nixos}/lets-encrypt.nix | 0 .../linux => shared/nixos}/nixroutes.nix | 0 .../common/linux => shared/nixos}/restic.nix | 0 .../common/linux => shared/nixos}/ripping.nix | 0 modules/{hosts/common => shared}/secrets.yaml | 0 78 files changed, 88 insertions(+), 406 deletions(-) delete mode 100644 2024-12-rework/.gitignore delete mode 100644 2024-12-rework/configuration.nix delete mode 100644 2024-12-rework/flake.lock delete mode 100644 2024-12-rework/flake.nix delete mode 100644 2024-12-rework/hardware-configuration.nix delete mode 100644 2024-12-rework/nixpkgs-settings.nix rename modules/{hosts/common => shared}/files/Microsoft.PowerShell_profile.ps1 (100%) rename modules/{hosts/common => shared}/files/nvim/lua/config/vim-options.lua (100%) rename modules/{hosts/common => shared}/files/nvim/lua/disabled/barbar.lua (100%) rename modules/{hosts/common => shared}/files/nvim/lua/disabled/cheatsheet.lua (100%) rename modules/{hosts/common => shared}/files/nvim/lua/disabled/nvim-tree.lua (100%) rename modules/{hosts/common => shared}/files/nvim/lua/disabled/themes/dracula.lua (100%) rename modules/{hosts/common => shared}/files/nvim/lua/disabled/themes/gruvbox.lua (100%) rename modules/{hosts/common => shared}/files/nvim/lua/disabled/themes/kanagawa.lua (100%) rename modules/{hosts/common => shared}/files/nvim/lua/disabled/themes/oxocarbon.lua (100%) rename modules/{hosts/common => shared}/files/nvim/lua/disabled/themes/tokyonight.lua (100%) rename modules/{hosts/common => shared}/files/nvim/lua/plugins/alpha.lua (100%) rename modules/{hosts/common => shared}/files/nvim/lua/plugins/bufferline.lua (100%) rename modules/{hosts/common => shared}/files/nvim/lua/plugins/catppuccin.lua (100%) rename modules/{hosts/common => shared}/files/nvim/lua/plugins/completions.lua (100%) rename modules/{hosts/common => shared}/files/nvim/lua/plugins/edgy.lua (100%) rename modules/{hosts/common => shared}/files/nvim/lua/plugins/git-stuff.lua (100%) rename modules/{hosts/common => shared}/files/nvim/lua/plugins/lsp-config.lua (100%) rename modules/{hosts/common => shared}/files/nvim/lua/plugins/lualine.lua (100%) rename modules/{hosts/common => shared}/files/nvim/lua/plugins/neo-tree.lua (100%) rename modules/{hosts/common => shared}/files/nvim/lua/plugins/noice.lua (100%) rename modules/{hosts/common => shared}/files/nvim/lua/plugins/none-ls.lua (100%) rename modules/{hosts/common => shared}/files/nvim/lua/plugins/nvim-web-devicons.lua (100%) rename modules/{hosts/common => shared}/files/nvim/lua/plugins/telescope.lua (100%) rename modules/{hosts/common => shared}/files/nvim/lua/plugins/todo-comments.lua (100%) rename modules/{hosts/common => shared}/files/nvim/lua/plugins/toggleterm.lua (100%) rename modules/{hosts/common => shared}/files/nvim/lua/plugins/treesitter.lua (100%) rename modules/{hosts/common => shared}/files/nvim/lua/plugins/trouble.lua (100%) rename modules/{hosts/common => shared}/files/nvim/lua/plugins/vim-tmux-navigator.lua (100%) rename modules/{hosts/common => shared}/files/nvim/lua/plugins/which-key.lua (100%) rename modules/{hosts/common => shared}/files/tilix/Beanbag-Mathias.json (100%) rename modules/{hosts/common => shared}/files/waybar/config (100%) rename modules/{hosts/common => shared}/files/waybar/style.css (100%) rename modules/{hosts/common => shared}/files/xfce4/terminal/accels.scm (100%) rename modules/{hosts/common => shared}/files/xfce4/terminal/terminalrc (100%) rename modules/{hosts/common => shared/home/general}/all-gui.nix (100%) rename modules/{hosts/common => shared/home/general}/default.nix (97%) rename modules/{hosts/common => shared/home}/linux/apps/hexchat.nix (100%) rename modules/{hosts/common => shared/home}/linux/apps/pidgin.nix (100%) rename modules/{hosts/common => shared/home}/linux/apps/tilix.nix (96%) rename modules/{hosts/common => shared/home}/linux/apps/waybar.nix (74%) rename modules/{hosts/common => shared/home}/linux/apps/xfce4-terminal.nix (94%) rename modules/{hosts/common/linux/home.nix => shared/home/linux/default.nix} (100%) rename modules/{hosts/common/linux => shared/nixos}/flatpaks.nix (100%) rename modules/{hosts/common/linux => shared/nixos}/internationalisation.nix (100%) rename modules/{hosts/common/linux => shared/nixos}/lets-encrypt.nix (100%) rename modules/{hosts/common/linux => shared/nixos}/nixroutes.nix (100%) rename modules/{hosts/common/linux => shared/nixos}/restic.nix (100%) rename modules/{hosts/common/linux => shared/nixos}/ripping.nix (100%) rename modules/{hosts/common => shared}/secrets.yaml (100%) diff --git a/.sops.yaml b/.sops.yaml index 6f2ac3b..bc2cfd3 100644 --- a/.sops.yaml +++ b/.sops.yaml @@ -60,7 +60,7 @@ creation_rules: key_groups: - age: - *system_rainbow_planet - - path_regex: modules/hosts/common/secrets.yaml$ + - path_regex: modules/shared/secrets.yaml$ key_groups: - age: - *system_bigboy diff --git a/2024-12-rework/.gitignore b/2024-12-rework/.gitignore deleted file mode 100644 index e370078..0000000 --- a/2024-12-rework/.gitignore +++ /dev/null @@ -1,2 +0,0 @@ -result/ -result diff --git a/2024-12-rework/configuration.nix b/2024-12-rework/configuration.nix deleted file mode 100644 index 5d52004..0000000 --- a/2024-12-rework/configuration.nix +++ /dev/null @@ -1,25 +0,0 @@ -{ inputs, pkgs, ... }: { - imports = [ - ./hardware-configuration.nix - ]; - - system.stateVersion = "23.05"; - - boot = { - initrd.systemd = { - enable = true; - network.wait-online.enable = false; # Handled by NetworkManager - }; - loader = { - efi.canTouchEfiVariables = true; - systemd-boot= { - enable = true; - consoleMode = "1"; - }; - }; - }; - - environment.systemPackages = with pkgs; [ - olm - ]; -} \ No newline at end of file diff --git a/2024-12-rework/flake.lock b/2024-12-rework/flake.lock deleted file mode 100644 index 49ad4fd..0000000 --- a/2024-12-rework/flake.lock +++ /dev/null @@ -1,183 +0,0 @@ -{ - "nodes": { - "config": { - "locked": { - "dir": "templates/config", - "lastModified": 1719931926, - "narHash": "sha256-B8j9lHX0LqWlZkm8JxZRN6919RQjJEu/1J1SR8pU/ww=", - "owner": "stackbuilders", - "repo": "nixpkgs-terraform", - "rev": "034287ee462c87dadc14a94d4b53a48ed66c7b3d", - "type": "github" - }, - "original": { - "dir": "templates/config", - "owner": "stackbuilders", - "repo": "nixpkgs-terraform", - "type": "github" - } - }, - "flake-parts": { - "inputs": { - "nixpkgs-lib": "nixpkgs-lib" - }, - "locked": { - "lastModified": 1722555600, - "narHash": "sha256-XOQkdLafnb/p9ij77byFQjDf5m5QYl9b2REiVClC+x4=", - "owner": "hercules-ci", - "repo": "flake-parts", - "rev": "8471fe90ad337a8074e957b69ca4d0089218391d", - "type": "github" - }, - "original": { - "owner": "hercules-ci", - "repo": "flake-parts", - "type": "github" - } - }, - "home-manager": { - "inputs": { - "nixpkgs": [ - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1733050161, - "narHash": "sha256-lYnT+EYE47f5yY3KS/Kd4pJ6CO9fhCqumkYYkQ3TK20=", - "owner": "nix-community", - "repo": "home-manager", - "rev": "62d536255879be574ebfe9b87c4ac194febf47c5", - "type": "github" - }, - "original": { - "owner": "nix-community", - "ref": "release-24.11", - "repo": "home-manager", - "type": "github" - } - }, - "nixpkgs": { - "locked": { - "lastModified": 1733120037, - "narHash": "sha256-En+gSoVJ3iQKPDU1FHrR6zIxSLXKjzKY+pnh9tt+Yts=", - "owner": "nixos", - "repo": "nixpkgs", - "rev": "f9f0d5c5380be0a599b1fb54641fa99af8281539", - "type": "github" - }, - "original": { - "owner": "nixos", - "ref": "nixos-24.11", - "repo": "nixpkgs", - "type": "github" - } - }, - "nixpkgs-1_0": { - "locked": { - "lastModified": 1699291058, - "narHash": "sha256-5ggduoaAMPHUy4riL+OrlAZE14Kh7JWX4oLEs22ZqfU=", - "owner": "nixos", - "repo": "nixpkgs", - "rev": "41de143fda10e33be0f47eab2bfe08a50f234267", - "type": "github" - }, - "original": { - "owner": "nixos", - "repo": "nixpkgs", - "rev": "41de143fda10e33be0f47eab2bfe08a50f234267", - "type": "github" - } - }, - "nixpkgs-1_6": { - "locked": { - "lastModified": 1712757991, - "narHash": "sha256-kR7C7Fqt3JP40h0mzmSZeWI5pk1iwqj4CSeGjnUbVHc=", - "owner": "nixos", - "repo": "nixpkgs", - "rev": "d6b3ddd253c578a7ab98f8011e59990f21dc3932", - "type": "github" - }, - "original": { - "owner": "nixos", - "repo": "nixpkgs", - "rev": "d6b3ddd253c578a7ab98f8011e59990f21dc3932", - "type": "github" - } - }, - "nixpkgs-1_9": { - "locked": { - "lastModified": 1732617236, - "narHash": "sha256-PYkz6U0bSEaEB1al7O1XsqVNeSNS+s3NVclJw7YC43w=", - "owner": "nixos", - "repo": "nixpkgs", - "rev": "af51545ec9a44eadf3fe3547610a5cdd882bc34e", - "type": "github" - }, - "original": { - "owner": "nixos", - "repo": "nixpkgs", - "rev": "af51545ec9a44eadf3fe3547610a5cdd882bc34e", - "type": "github" - } - }, - "nixpkgs-lib": { - "locked": { - "lastModified": 1722555339, - "narHash": "sha256-uFf2QeW7eAHlYXuDktm9c25OxOyCoUOQmh5SZ9amE5Q=", - "type": "tarball", - "url": "https://github.com/NixOS/nixpkgs/archive/a5d394176e64ab29c852d03346c1fc9b0b7d33eb.tar.gz" - }, - "original": { - "type": "tarball", - "url": "https://github.com/NixOS/nixpkgs/archive/a5d394176e64ab29c852d03346c1fc9b0b7d33eb.tar.gz" - } - }, - "nixpkgs-terraform": { - "inputs": { - "config": "config", - "flake-parts": "flake-parts", - "nixpkgs-1_0": "nixpkgs-1_0", - "nixpkgs-1_6": "nixpkgs-1_6", - "nixpkgs-1_9": "nixpkgs-1_9", - "systems": "systems" - }, - "locked": { - "lastModified": 1732844581, - "narHash": "sha256-BwHD1d6Bl5LL/HciTf+mQmBN3I3S6nYqcB+5BXVozNk=", - "owner": "stackbuilders", - "repo": "nixpkgs-terraform", - "rev": "b4db1b59d8f62cd37b6f9540e368d0e2627c4a2d", - "type": "github" - }, - "original": { - "owner": "stackbuilders", - "repo": "nixpkgs-terraform", - "type": "github" - } - }, - "root": { - "inputs": { - "home-manager": "home-manager", - "nixpkgs": "nixpkgs", - "nixpkgs-terraform": "nixpkgs-terraform" - } - }, - "systems": { - "locked": { - "lastModified": 1681028828, - "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", - "owner": "nix-systems", - "repo": "default", - "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", - "type": "github" - }, - "original": { - "owner": "nix-systems", - "repo": "default", - "type": "github" - } - } - }, - "root": "root", - "version": 7 -} diff --git a/2024-12-rework/flake.nix b/2024-12-rework/flake.nix deleted file mode 100644 index 394abbb..0000000 --- a/2024-12-rework/flake.nix +++ /dev/null @@ -1,30 +0,0 @@ -{ - inputs = { - nixpkgs.url = "github:nixos/nixpkgs/nixos-24.11"; - - home-manager = { - url = "github:nix-community/home-manager/release-24.11"; - inputs.nixpkgs.follows = "nixpkgs"; - }; - - nixpkgs-terraform = { - url = "github:stackbuilders/nixpkgs-terraform"; - # inputs.nixpkgs-1_6.follows = "nixpkgs"; - # inputs.nixpkgs-1_9.follows = "nixpkgs-unstable"; - }; - }; - - outputs = inputs: { - nixosConfigurations = { - rainbow-planet = inputs.nixpkgs.lib.nixosSystem { - specialArgs = { inherit inputs; }; - system = "x86_64-linux"; - modules = [ - ./configuration.nix - ./nixpkgs-settings.nix - inputs.home-manager.nixosModules.home-manager - ]; - }; - }; - }; -} diff --git a/2024-12-rework/hardware-configuration.nix b/2024-12-rework/hardware-configuration.nix deleted file mode 100644 index d3c51fe..0000000 --- a/2024-12-rework/hardware-configuration.nix +++ /dev/null @@ -1,44 +0,0 @@ -# Do not modify this file! It was generated by ‘nixos-generate-config’ -# and may be overwritten by future invocations. Please make changes -# to /etc/nixos/configuration.nix instead. -{ config, lib, modulesPath, ... }: - -{ - imports = - [ (modulesPath + "/installer/scan/not-detected.nix") - ]; - - boot.initrd.availableKernelModules = [ "xhci_pci" "nvme" "usb_storage" "sd_mod" "rtsx_pci_sdmmc" ]; - boot.initrd.kernelModules = [ ]; - boot.kernelModules = [ "kvm-intel" ]; - boot.kernelParams = [ - "i915.enable_fbc=1" - "i915.enable_psr=2" - ]; - boot.extraModulePackages = [ ]; - - fileSystems."/" = - { device = "/dev/disk/by-uuid/eb9a2c7e-ae61-4d06-9464-49b98d576f7c"; - fsType = "ext4"; - }; - - fileSystems."/boot" = - { device = "/dev/disk/by-uuid/924D-E7A4"; - fsType = "vfat"; - }; - - swapDevices = - [ { device = "/dev/disk/by-uuid/166d24ca-401c-492e-845d-bb1d0d6d7d86"; } - ]; - - # Enables DHCP on each ethernet and wireless interface. In case of scripted networking - # (the default) this is the recommended approach. When using systemd-networkd it's - # still possible to use this option, but it's recommended to use it in conjunction - # with explicit per-interface declarations with `networking.interfaces..useDHCP`. - networking.useDHCP = lib.mkDefault true; - # networking.interfaces.wlp58s0.useDHCP = lib.mkDefault true; - - nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; - powerManagement.cpuFreqGovernor = lib.mkDefault "powersave"; - hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; -} diff --git a/2024-12-rework/nixpkgs-settings.nix b/2024-12-rework/nixpkgs-settings.nix deleted file mode 100644 index ec86e08..0000000 --- a/2024-12-rework/nixpkgs-settings.nix +++ /dev/null @@ -1,9 +0,0 @@ -{ inputs, ... }: { - nixpkgs = { - config = { - allowUnfree = true; - permittedInsecurePackages = [ "olm-3.2.16" "electron-27.3.11" ]; - }; - overlays = [ inputs.nixpkgs-terraform.overlays.default ]; - }; -} \ No newline at end of file diff --git a/examples/flake-structure.nix b/examples/flake-structure.nix index b47d1a5..5575f26 100644 --- a/examples/flake-structure.nix +++ b/examples/flake-structure.nix @@ -1,49 +1,46 @@ { - inputs = {}; - outputs = inputs@{}: let - darwinHostConfig = { system, hostname, username, additionalModules, additionalSpecialArgs }: - nix-darwin.lib.darwinSystem { }; - - mkNixosHost = { system, hostname, username, additionalModules, additionalSpecialArgs }: - nixpkgs.lib.nixosSystem { }; - - linuxHomeConfig = { system, hostname, username, additionalModules, additionalSpecialArgs }: - home-manager.lib.homeManagerConfiguration { }; - - in { - # Darwin (macOS) hosts - darwinConfigurations = { - mightymac = darwinHostConfig { - system = "aarch64-darwin"; - hostname = "mightymac"; - username = "gene.liverman"; - additionalModules = []; - additionalSpecialArgs = {}; - }; - }; - - # NixOS hosts - nixosConfigurations = { - rainbow-planet = mkNixosHost { - system = "x86_64-linux"; - hostname = "rainbow-planet"; - username = "gene"; - additionalModules = [ - nixos-hardware.nixosModules.dell-xps-13-9360 - ]; - additionalSpecialArgs = {}; - }; - }; - - # Home Manager (only) users - homeConfigurations = { - gene = linuxHomeConfig { - system = "x86_64-linux"; - hostname = "mini-watcher"; - username = "gene"; - additionalModules = []; - additionalSpecialArgs = {}; - }; - }; + inputs = { + nixpkgs.url = "github:nixos/nixpkgs/nixos-25.05"; + home-manager.url = "github:nix-community/home-manager"; + nix-darwin.url = "github:lnl7/nix-darwin"; + nixos-hardware.url = "github:NixOS/nixos-hardware"; }; -} \ No newline at end of file + + outputs = + inputs@{ self, ... }: + let + # Import helper functions from lib/ + localLib = import ./lib { inherit inputs; }; + in + { + # Darwin (macOS) hosts + darwinConfigurations = { + mightymac = localLib.mkDarwinHost { + system = "aarch64-darwin"; + hostname = "mightymac"; + username = "gene.liverman"; + }; + }; + + # NixOS hosts + nixosConfigurations = { + rainbow-planet = localLib.mkNixosHost { + system = "x86_64-linux"; + hostname = "rainbow-planet"; + username = "gene"; + additionalModules = [ + inputs.nixos-hardware.nixosModules.dell-xps-13-9360 + ]; + }; + }; + + # Home Manager (only) users + homeConfigurations = { + gene = localLib.mkHomeConfig { + system = "x86_64-linux"; + homeDirectory = "/home/gene"; + username = "gene"; + }; + }; + }; +} diff --git a/flake.nix b/flake.nix index c21312c..b5b03e1 100644 --- a/flake.nix +++ b/flake.nix @@ -87,28 +87,6 @@ # Functions that setup systems localLib = import ./lib { inherit inputs; }; - linuxHomeConfig = { system, hostname, username, additionalModules, additionalSpecialArgs }: inputs.home-manager.lib.homeManagerConfiguration { - extraSpecialArgs = { inherit inputs hostname username; - pkgs = import inputs.nixpkgs { - inherit system; - config = { - allowUnfree = true; - permittedInsecurePackages = [ "olm-3.2.16" "electron-21.4.4" ]; - }; - }; - } // additionalSpecialArgs; - modules = [ - ./modules/home-manager/hosts/${hostname}/${username}.nix - { - home = { - username = "${username}"; - homeDirectory = "/home/${username}"; - }; - } - inputs.sops-nix.homeManagerModules.sops - ] ++ additionalModules; - }; # end homeManagerConfiguration - in { # Darwin (macOS) hosts darwinConfigurations = { diff --git a/lib/mkDarwinHost.nix b/lib/mkDarwinHost.nix index bdcd92a..0d53859 100644 --- a/lib/mkDarwinHost.nix +++ b/lib/mkDarwinHost.nix @@ -26,8 +26,8 @@ useUserPackages = true; users.${username}.imports = [ inputs.sops-nix.homeManagerModule # user-level secrets management - ../modules/hosts/common - ../modules/hosts/common/all-gui.nix + ../modules/shared/home/general + ../modules/shared/home/general/all-gui.nix ../modules/hosts/darwin/home.nix ../modules/hosts/darwin/${hostname}/home-${username}.nix ]; diff --git a/lib/mkHomeConfig.nix b/lib/mkHomeConfig.nix index f4ef0cf..d09cc99 100644 --- a/lib/mkHomeConfig.nix +++ b/lib/mkHomeConfig.nix @@ -12,7 +12,7 @@ # the path to your home.nix. modules = [ ./nixpkgs-settings.nix - ../modules/hosts/common + ../modules/shared/home/general ../modules/hosts/home-manager-only ../modules/hosts/home-manager-only/home-${username}.nix diff --git a/lib/mkNixosHost.nix b/lib/mkNixosHost.nix index 68b050b..b4023d2 100644 --- a/lib/mkNixosHost.nix +++ b/lib/mkNixosHost.nix @@ -19,8 +19,8 @@ useGlobalPkgs = true; useUserPackages = true; users.${username}.imports = [ - ../modules/hosts/common - ../modules/hosts/common/linux/home.nix + ../modules/shared/home/general + ../modules/shared/home/linux ../modules/hosts/nixos/${hostname}/home-${username}.nix ]; }; diff --git a/modules/hosts/nixos/bigboy/default.nix b/modules/hosts/nixos/bigboy/default.nix index 9556bf2..6a0025d 100644 --- a/modules/hosts/nixos/bigboy/default.nix +++ b/modules/hosts/nixos/bigboy/default.nix @@ -10,8 +10,8 @@ { imports = [ # Include the results of the hardware scan. ./hardware-configuration.nix - ../../common/linux/flatpaks.nix - ../../common/linux/ripping.nix + ../../../shared/nixos/flatpaks.nix + ../../../shared/nixos/ripping.nix ]; system.stateVersion = "24.11"; # Did you read the comment? diff --git a/modules/hosts/nixos/bigboy/home-gene.nix b/modules/hosts/nixos/bigboy/home-gene.nix index 962d99e..9042b47 100644 --- a/modules/hosts/nixos/bigboy/home-gene.nix +++ b/modules/hosts/nixos/bigboy/home-gene.nix @@ -1,9 +1,9 @@ { ... }: { home.stateVersion = "24.05"; imports = [ - ../../common/all-gui.nix - ../../common/linux/apps/tilix.nix - ../../common/linux/apps/xfce4-terminal.nix + ../../../shared/home/general/all-gui.nix + ../../../shared/home/linux/apps/tilix.nix + ../../../shared/home/linux/apps/xfce4-terminal.nix ]; programs = { diff --git a/modules/hosts/nixos/default.nix b/modules/hosts/nixos/default.nix index cef3366..9027d2b 100644 --- a/modules/hosts/nixos/default.nix +++ b/modules/hosts/nixos/default.nix @@ -1,6 +1,6 @@ { hostname, pkgs, username, ... }: { imports = [ - ../common/linux/internationalisation.nix + ../../shared/nixos/internationalisation.nix ]; environment = { diff --git a/modules/hosts/nixos/hetznix01/default.nix b/modules/hosts/nixos/hetznix01/default.nix index 5f06448..63a5019 100644 --- a/modules/hosts/nixos/hetznix01/default.nix +++ b/modules/hosts/nixos/hetznix01/default.nix @@ -1,6 +1,6 @@ { inputs, pkgs, username, ... }: { imports = [ - ../../common/linux/nixroutes.nix + ../../../shared/nixos/nixroutes.nix ./disk-config.nix ./hardware-configuration.nix ./post-install diff --git a/modules/hosts/nixos/hetznix01/post-install/default.nix b/modules/hosts/nixos/hetznix01/post-install/default.nix index 83eddd6..8807f58 100644 --- a/modules/hosts/nixos/hetznix01/post-install/default.nix +++ b/modules/hosts/nixos/hetznix01/post-install/default.nix @@ -3,8 +3,8 @@ restic_backup_time = "01:00"; in { imports = [ - ../../../common/linux/lets-encrypt.nix - ../../../common/linux/restic.nix + ../../../../shared/nixos/lets-encrypt.nix + ../../../../shared/nixos/restic.nix ./containers/emqx.nix ./matrix-synapse.nix ./monitoring.nix diff --git a/modules/hosts/nixos/hetznix01/post-install/monitoring.nix b/modules/hosts/nixos/hetznix01/post-install/monitoring.nix index 20fc60b..97d9c85 100644 --- a/modules/hosts/nixos/hetznix01/post-install/monitoring.nix +++ b/modules/hosts/nixos/hetznix01/post-install/monitoring.nix @@ -120,7 +120,7 @@ in { vmagent_push_pw = { owner = "vmagent"; restartUnits = ["vmagent.service"]; - sopsFile = ../../../common/secrets.yaml; + sopsFile = ../../../../shared/secrets.yaml; }; }; }; diff --git a/modules/hosts/nixos/hetznix02/default.nix b/modules/hosts/nixos/hetznix02/default.nix index 6d33499..d3f18a0 100644 --- a/modules/hosts/nixos/hetznix02/default.nix +++ b/modules/hosts/nixos/hetznix02/default.nix @@ -1,6 +1,6 @@ { inputs, pkgs, username, ... }: { imports = [ - ../../common/linux/nixroutes.nix + ../../../shared/nixos/nixroutes.nix ./disk-config.nix ./hardware-configuration.nix ./post-install diff --git a/modules/hosts/nixos/hetznix02/post-install/default.nix b/modules/hosts/nixos/hetznix02/post-install/default.nix index 2500481..9daed2b 100644 --- a/modules/hosts/nixos/hetznix02/post-install/default.nix +++ b/modules/hosts/nixos/hetznix02/post-install/default.nix @@ -1,6 +1,6 @@ { config, username, ... }: { imports = [ - ../../../common/linux/lets-encrypt.nix + ../../../../shared/nixos/lets-encrypt.nix ./monitoring.nix ./nginx.nix ]; diff --git a/modules/hosts/nixos/hetznix02/post-install/monitoring.nix b/modules/hosts/nixos/hetznix02/post-install/monitoring.nix index 20fc60b..97d9c85 100644 --- a/modules/hosts/nixos/hetznix02/post-install/monitoring.nix +++ b/modules/hosts/nixos/hetznix02/post-install/monitoring.nix @@ -120,7 +120,7 @@ in { vmagent_push_pw = { owner = "vmagent"; restartUnits = ["vmagent.service"]; - sopsFile = ../../../common/secrets.yaml; + sopsFile = ../../../../shared/secrets.yaml; }; }; }; diff --git a/modules/hosts/nixos/kiosk-entryway/default.nix b/modules/hosts/nixos/kiosk-entryway/default.nix index a694dbf..15e13f7 100644 --- a/modules/hosts/nixos/kiosk-entryway/default.nix +++ b/modules/hosts/nixos/kiosk-entryway/default.nix @@ -97,7 +97,7 @@ path = "${config.users.users.${username}.home}/.private-env"; }; wifi_creds = { - sopsFile = ../../common/secrets.yaml; + sopsFile = ../../../shared/secrets.yaml; restartUnits = [ "wpa_supplicant.service" ]; diff --git a/modules/hosts/nixos/kiosk-entryway/monitoring.nix b/modules/hosts/nixos/kiosk-entryway/monitoring.nix index 20fc60b..97d9c85 100644 --- a/modules/hosts/nixos/kiosk-entryway/monitoring.nix +++ b/modules/hosts/nixos/kiosk-entryway/monitoring.nix @@ -120,7 +120,7 @@ in { vmagent_push_pw = { owner = "vmagent"; restartUnits = ["vmagent.service"]; - sopsFile = ../../../common/secrets.yaml; + sopsFile = ../../../../shared/secrets.yaml; }; }; }; diff --git a/modules/hosts/nixos/kiosk-gene-desk/default.nix b/modules/hosts/nixos/kiosk-gene-desk/default.nix index ace2fe5..24e208a 100644 --- a/modules/hosts/nixos/kiosk-gene-desk/default.nix +++ b/modules/hosts/nixos/kiosk-gene-desk/default.nix @@ -90,7 +90,7 @@ path = "${config.users.users.${username}.home}/.private-env"; }; wifi_creds = { - sopsFile = ../../common/secrets.yaml; + sopsFile = ../../../shared/secrets.yaml; restartUnits = [ "wpa_supplicant.service" ]; diff --git a/modules/hosts/nixos/nixnas1/default.nix b/modules/hosts/nixos/nixnas1/default.nix index 708ccba..bf285a6 100644 --- a/modules/hosts/nixos/nixnas1/default.nix +++ b/modules/hosts/nixos/nixnas1/default.nix @@ -2,7 +2,7 @@ imports = [ ./disk-config.nix ./hardware-configuration.nix - ../../../system/common/linux/restic.nix + ../../../shared/nixos/restic.nix ]; system.stateVersion = "24.05"; diff --git a/modules/hosts/nixos/nixnuc/default.nix b/modules/hosts/nixos/nixnuc/default.nix index c3e1fb1..1e3111c 100644 --- a/modules/hosts/nixos/nixnuc/default.nix +++ b/modules/hosts/nixos/nixnuc/default.nix @@ -11,8 +11,8 @@ in { ./containers/mountain-mesh-bot-discord.nix ./containers/psitransfer.nix ./monitoring-stack.nix - ../../common/linux/lets-encrypt.nix - ../../common/linux/restic.nix + ../../../shared/nixos/lets-encrypt.nix + ../../../shared/nixos/restic.nix ]; system.stateVersion = "23.11"; diff --git a/modules/hosts/nixos/nixnuc/monitoring-stack.nix b/modules/hosts/nixos/nixnuc/monitoring-stack.nix index e486512..89e7ae0 100644 --- a/modules/hosts/nixos/nixnuc/monitoring-stack.nix +++ b/modules/hosts/nixos/nixnuc/monitoring-stack.nix @@ -363,7 +363,7 @@ in { uptimekuma_grafana_api_key = { owner = "vmagent"; restartUnits = ["vmagent.service"]; - sopsFile = ../../common/secrets.yaml; + sopsFile = ../../../shared/secrets.yaml; }; }; }; diff --git a/modules/hosts/nixos/rainbow-planet/default.nix b/modules/hosts/nixos/rainbow-planet/default.nix index 1a0ae65..d0c5439 100644 --- a/modules/hosts/nixos/rainbow-planet/default.nix +++ b/modules/hosts/nixos/rainbow-planet/default.nix @@ -1,8 +1,8 @@ { inputs, config, pkgs, username, ... }: { imports = [ ./hardware-configuration.nix - ../../common/linux/flatpaks.nix - ../../common/linux/ripping.nix + ../../../shared/nixos/flatpaks.nix + ../../../shared/nixos/ripping.nix ]; system.stateVersion = "23.05"; diff --git a/modules/hosts/nixos/rainbow-planet/home-gene.nix b/modules/hosts/nixos/rainbow-planet/home-gene.nix index 2c501a5..9abb351 100644 --- a/modules/hosts/nixos/rainbow-planet/home-gene.nix +++ b/modules/hosts/nixos/rainbow-planet/home-gene.nix @@ -1,12 +1,12 @@ { pkgs, ... }: { home.stateVersion = "23.11"; imports = [ - ../../common/all-gui.nix - ../../common/linux/apps/hexchat.nix - ../../common/linux/apps/pidgin.nix - ../../common/linux/apps/tilix.nix - ../../common/linux/apps/waybar.nix - ../../common/linux/apps/xfce4-terminal.nix + ../../../shared/home/general/all-gui.nix + ../../../shared/home/linux/apps/hexchat.nix + ../../../shared/home/linux/apps/pidgin.nix + ../../../shared/home/linux/apps/tilix.nix + ../../../shared/home/linux/apps/waybar.nix + ../../../shared/home/linux/apps/xfce4-terminal.nix ]; home.file = { diff --git a/modules/hosts/common/files/Microsoft.PowerShell_profile.ps1 b/modules/shared/files/Microsoft.PowerShell_profile.ps1 similarity index 100% rename from modules/hosts/common/files/Microsoft.PowerShell_profile.ps1 rename to modules/shared/files/Microsoft.PowerShell_profile.ps1 diff --git a/modules/hosts/common/files/nvim/lua/config/vim-options.lua b/modules/shared/files/nvim/lua/config/vim-options.lua similarity index 100% rename from modules/hosts/common/files/nvim/lua/config/vim-options.lua rename to modules/shared/files/nvim/lua/config/vim-options.lua diff --git a/modules/hosts/common/files/nvim/lua/disabled/barbar.lua b/modules/shared/files/nvim/lua/disabled/barbar.lua similarity index 100% rename from modules/hosts/common/files/nvim/lua/disabled/barbar.lua rename to modules/shared/files/nvim/lua/disabled/barbar.lua diff --git a/modules/hosts/common/files/nvim/lua/disabled/cheatsheet.lua b/modules/shared/files/nvim/lua/disabled/cheatsheet.lua similarity index 100% rename from modules/hosts/common/files/nvim/lua/disabled/cheatsheet.lua rename to modules/shared/files/nvim/lua/disabled/cheatsheet.lua diff --git a/modules/hosts/common/files/nvim/lua/disabled/nvim-tree.lua b/modules/shared/files/nvim/lua/disabled/nvim-tree.lua similarity index 100% rename from modules/hosts/common/files/nvim/lua/disabled/nvim-tree.lua rename to modules/shared/files/nvim/lua/disabled/nvim-tree.lua diff --git a/modules/hosts/common/files/nvim/lua/disabled/themes/dracula.lua b/modules/shared/files/nvim/lua/disabled/themes/dracula.lua similarity index 100% rename from modules/hosts/common/files/nvim/lua/disabled/themes/dracula.lua rename to modules/shared/files/nvim/lua/disabled/themes/dracula.lua diff --git a/modules/hosts/common/files/nvim/lua/disabled/themes/gruvbox.lua b/modules/shared/files/nvim/lua/disabled/themes/gruvbox.lua similarity index 100% rename from modules/hosts/common/files/nvim/lua/disabled/themes/gruvbox.lua rename to modules/shared/files/nvim/lua/disabled/themes/gruvbox.lua diff --git a/modules/hosts/common/files/nvim/lua/disabled/themes/kanagawa.lua b/modules/shared/files/nvim/lua/disabled/themes/kanagawa.lua similarity index 100% rename from modules/hosts/common/files/nvim/lua/disabled/themes/kanagawa.lua rename to modules/shared/files/nvim/lua/disabled/themes/kanagawa.lua diff --git a/modules/hosts/common/files/nvim/lua/disabled/themes/oxocarbon.lua b/modules/shared/files/nvim/lua/disabled/themes/oxocarbon.lua similarity index 100% rename from modules/hosts/common/files/nvim/lua/disabled/themes/oxocarbon.lua rename to modules/shared/files/nvim/lua/disabled/themes/oxocarbon.lua diff --git a/modules/hosts/common/files/nvim/lua/disabled/themes/tokyonight.lua b/modules/shared/files/nvim/lua/disabled/themes/tokyonight.lua similarity index 100% rename from modules/hosts/common/files/nvim/lua/disabled/themes/tokyonight.lua rename to modules/shared/files/nvim/lua/disabled/themes/tokyonight.lua diff --git a/modules/hosts/common/files/nvim/lua/plugins/alpha.lua b/modules/shared/files/nvim/lua/plugins/alpha.lua similarity index 100% rename from modules/hosts/common/files/nvim/lua/plugins/alpha.lua rename to modules/shared/files/nvim/lua/plugins/alpha.lua diff --git a/modules/hosts/common/files/nvim/lua/plugins/bufferline.lua b/modules/shared/files/nvim/lua/plugins/bufferline.lua similarity index 100% rename from modules/hosts/common/files/nvim/lua/plugins/bufferline.lua rename to modules/shared/files/nvim/lua/plugins/bufferline.lua diff --git a/modules/hosts/common/files/nvim/lua/plugins/catppuccin.lua b/modules/shared/files/nvim/lua/plugins/catppuccin.lua similarity index 100% rename from modules/hosts/common/files/nvim/lua/plugins/catppuccin.lua rename to modules/shared/files/nvim/lua/plugins/catppuccin.lua diff --git a/modules/hosts/common/files/nvim/lua/plugins/completions.lua b/modules/shared/files/nvim/lua/plugins/completions.lua similarity index 100% rename from modules/hosts/common/files/nvim/lua/plugins/completions.lua rename to modules/shared/files/nvim/lua/plugins/completions.lua diff --git a/modules/hosts/common/files/nvim/lua/plugins/edgy.lua b/modules/shared/files/nvim/lua/plugins/edgy.lua similarity index 100% rename from modules/hosts/common/files/nvim/lua/plugins/edgy.lua rename to modules/shared/files/nvim/lua/plugins/edgy.lua diff --git a/modules/hosts/common/files/nvim/lua/plugins/git-stuff.lua b/modules/shared/files/nvim/lua/plugins/git-stuff.lua similarity index 100% rename from modules/hosts/common/files/nvim/lua/plugins/git-stuff.lua rename to modules/shared/files/nvim/lua/plugins/git-stuff.lua diff --git a/modules/hosts/common/files/nvim/lua/plugins/lsp-config.lua b/modules/shared/files/nvim/lua/plugins/lsp-config.lua similarity index 100% rename from modules/hosts/common/files/nvim/lua/plugins/lsp-config.lua rename to modules/shared/files/nvim/lua/plugins/lsp-config.lua diff --git a/modules/hosts/common/files/nvim/lua/plugins/lualine.lua b/modules/shared/files/nvim/lua/plugins/lualine.lua similarity index 100% rename from modules/hosts/common/files/nvim/lua/plugins/lualine.lua rename to modules/shared/files/nvim/lua/plugins/lualine.lua diff --git a/modules/hosts/common/files/nvim/lua/plugins/neo-tree.lua b/modules/shared/files/nvim/lua/plugins/neo-tree.lua similarity index 100% rename from modules/hosts/common/files/nvim/lua/plugins/neo-tree.lua rename to modules/shared/files/nvim/lua/plugins/neo-tree.lua diff --git a/modules/hosts/common/files/nvim/lua/plugins/noice.lua b/modules/shared/files/nvim/lua/plugins/noice.lua similarity index 100% rename from modules/hosts/common/files/nvim/lua/plugins/noice.lua rename to modules/shared/files/nvim/lua/plugins/noice.lua diff --git a/modules/hosts/common/files/nvim/lua/plugins/none-ls.lua b/modules/shared/files/nvim/lua/plugins/none-ls.lua similarity index 100% rename from modules/hosts/common/files/nvim/lua/plugins/none-ls.lua rename to modules/shared/files/nvim/lua/plugins/none-ls.lua diff --git a/modules/hosts/common/files/nvim/lua/plugins/nvim-web-devicons.lua b/modules/shared/files/nvim/lua/plugins/nvim-web-devicons.lua similarity index 100% rename from modules/hosts/common/files/nvim/lua/plugins/nvim-web-devicons.lua rename to modules/shared/files/nvim/lua/plugins/nvim-web-devicons.lua diff --git a/modules/hosts/common/files/nvim/lua/plugins/telescope.lua b/modules/shared/files/nvim/lua/plugins/telescope.lua similarity index 100% rename from modules/hosts/common/files/nvim/lua/plugins/telescope.lua rename to modules/shared/files/nvim/lua/plugins/telescope.lua diff --git a/modules/hosts/common/files/nvim/lua/plugins/todo-comments.lua b/modules/shared/files/nvim/lua/plugins/todo-comments.lua similarity index 100% rename from modules/hosts/common/files/nvim/lua/plugins/todo-comments.lua rename to modules/shared/files/nvim/lua/plugins/todo-comments.lua diff --git a/modules/hosts/common/files/nvim/lua/plugins/toggleterm.lua b/modules/shared/files/nvim/lua/plugins/toggleterm.lua similarity index 100% rename from modules/hosts/common/files/nvim/lua/plugins/toggleterm.lua rename to modules/shared/files/nvim/lua/plugins/toggleterm.lua diff --git a/modules/hosts/common/files/nvim/lua/plugins/treesitter.lua b/modules/shared/files/nvim/lua/plugins/treesitter.lua similarity index 100% rename from modules/hosts/common/files/nvim/lua/plugins/treesitter.lua rename to modules/shared/files/nvim/lua/plugins/treesitter.lua diff --git a/modules/hosts/common/files/nvim/lua/plugins/trouble.lua b/modules/shared/files/nvim/lua/plugins/trouble.lua similarity index 100% rename from modules/hosts/common/files/nvim/lua/plugins/trouble.lua rename to modules/shared/files/nvim/lua/plugins/trouble.lua diff --git a/modules/hosts/common/files/nvim/lua/plugins/vim-tmux-navigator.lua b/modules/shared/files/nvim/lua/plugins/vim-tmux-navigator.lua similarity index 100% rename from modules/hosts/common/files/nvim/lua/plugins/vim-tmux-navigator.lua rename to modules/shared/files/nvim/lua/plugins/vim-tmux-navigator.lua diff --git a/modules/hosts/common/files/nvim/lua/plugins/which-key.lua b/modules/shared/files/nvim/lua/plugins/which-key.lua similarity index 100% rename from modules/hosts/common/files/nvim/lua/plugins/which-key.lua rename to modules/shared/files/nvim/lua/plugins/which-key.lua diff --git a/modules/hosts/common/files/tilix/Beanbag-Mathias.json b/modules/shared/files/tilix/Beanbag-Mathias.json similarity index 100% rename from modules/hosts/common/files/tilix/Beanbag-Mathias.json rename to modules/shared/files/tilix/Beanbag-Mathias.json diff --git a/modules/hosts/common/files/waybar/config b/modules/shared/files/waybar/config similarity index 100% rename from modules/hosts/common/files/waybar/config rename to modules/shared/files/waybar/config diff --git a/modules/hosts/common/files/waybar/style.css b/modules/shared/files/waybar/style.css similarity index 100% rename from modules/hosts/common/files/waybar/style.css rename to modules/shared/files/waybar/style.css diff --git a/modules/hosts/common/files/xfce4/terminal/accels.scm b/modules/shared/files/xfce4/terminal/accels.scm similarity index 100% rename from modules/hosts/common/files/xfce4/terminal/accels.scm rename to modules/shared/files/xfce4/terminal/accels.scm diff --git a/modules/hosts/common/files/xfce4/terminal/terminalrc b/modules/shared/files/xfce4/terminal/terminalrc similarity index 100% rename from modules/hosts/common/files/xfce4/terminal/terminalrc rename to modules/shared/files/xfce4/terminal/terminalrc diff --git a/modules/hosts/common/all-gui.nix b/modules/shared/home/general/all-gui.nix similarity index 100% rename from modules/hosts/common/all-gui.nix rename to modules/shared/home/general/all-gui.nix diff --git a/modules/hosts/common/default.nix b/modules/shared/home/general/default.nix similarity index 97% rename from modules/hosts/common/default.nix rename to modules/shared/home/general/default.nix index 80d0f93..a33fc2d 100644 --- a/modules/hosts/common/default.nix +++ b/modules/shared/home/general/default.nix @@ -1,4 +1,4 @@ -{ inputs, pkgs, username, ... }: let +{ config, inputs, pkgs, ... }: let sqlite_lib = if builtins.elem pkgs.stdenv.hostPlatform.system [ "aarch64-darwin" "x86_64-darwin" @@ -166,7 +166,7 @@ in { }; nh = { enable = true; - flake = "/Users/${username}/repos/dots"; + flake = "${config.home.homeDirectory}/repos/dots"; }; oh-my-posh = { enable = true; @@ -353,14 +353,14 @@ in { home.file = { ".config/nvim/lua/config" = { - source = ./files/nvim/lua/config; + source = ../../files/nvim/lua/config; recursive = true; }; ".config/nvim/lua/plugins" = { - source = ./files/nvim/lua/plugins; + source = ../../files/nvim/lua/plugins; recursive = true; }; - ".config/powershell/Microsoft.PowerShell_profile.ps1".source = ./files/Microsoft.PowerShell_profile.ps1; - ".config/powershell/Microsoft.VSCode_profile.ps1".source = ./files/Microsoft.PowerShell_profile.ps1; + ".config/powershell/Microsoft.PowerShell_profile.ps1".source = ../../files/Microsoft.PowerShell_profile.ps1; + ".config/powershell/Microsoft.VSCode_profile.ps1".source = ../../files/Microsoft.PowerShell_profile.ps1; }; } diff --git a/modules/hosts/common/linux/apps/hexchat.nix b/modules/shared/home/linux/apps/hexchat.nix similarity index 100% rename from modules/hosts/common/linux/apps/hexchat.nix rename to modules/shared/home/linux/apps/hexchat.nix diff --git a/modules/hosts/common/linux/apps/pidgin.nix b/modules/shared/home/linux/apps/pidgin.nix similarity index 100% rename from modules/hosts/common/linux/apps/pidgin.nix rename to modules/shared/home/linux/apps/pidgin.nix diff --git a/modules/hosts/common/linux/apps/tilix.nix b/modules/shared/home/linux/apps/tilix.nix similarity index 96% rename from modules/hosts/common/linux/apps/tilix.nix rename to modules/shared/home/linux/apps/tilix.nix index bd7433c..b8fa94a 100644 --- a/modules/hosts/common/linux/apps/tilix.nix +++ b/modules/shared/home/linux/apps/tilix.nix @@ -19,7 +19,7 @@ }; home.file = { - ".config/tilix/schemes/Beanbag-Mathias.json".source = ../../files/tilix/Beanbag-Mathias.json; + ".config/tilix/schemes/Beanbag-Mathias.json".source = ../../../files/tilix/Beanbag-Mathias.json; ".config/tilix/schemes/Catppuccin-Frappe.json".source = (pkgs.fetchFromGitHub { owner = "catppuccin"; repo = "tilix"; diff --git a/modules/hosts/common/linux/apps/waybar.nix b/modules/shared/home/linux/apps/waybar.nix similarity index 74% rename from modules/hosts/common/linux/apps/waybar.nix rename to modules/shared/home/linux/apps/waybar.nix index 3fdd87a..b48c3be 100644 --- a/modules/hosts/common/linux/apps/waybar.nix +++ b/modules/shared/home/linux/apps/waybar.nix @@ -1,13 +1,13 @@ { pkgs, ... }: { home.file = { - ".config/waybar/config".source = ../../files/waybar/config; + ".config/waybar/config".source = ../../../files/waybar/config; ".config/waybar/frappe.css".source = (pkgs.fetchFromGitHub { owner = "catppuccin"; repo = "waybar"; rev = "f74ab1eecf2dcaf22569b396eed53b2b2fbe8aff"; hash = "sha256-WLJMA2X20E5PCPg0ZPtSop0bfmu+pLImP9t8A8V4QK8="; } + "/themes/frappe.css"); - ".config/waybar/style.css".source = ../../files/waybar/style.css; + ".config/waybar/style.css".source = ../../../files/waybar/style.css; }; programs = { diff --git a/modules/hosts/common/linux/apps/xfce4-terminal.nix b/modules/shared/home/linux/apps/xfce4-terminal.nix similarity index 94% rename from modules/hosts/common/linux/apps/xfce4-terminal.nix rename to modules/shared/home/linux/apps/xfce4-terminal.nix index 6b49e4d..d3e67fc 100644 --- a/modules/hosts/common/linux/apps/xfce4-terminal.nix +++ b/modules/shared/home/linux/apps/xfce4-terminal.nix @@ -1,6 +1,6 @@ { ... }: { home.file = { - ".config/xfce4/terminal/accels.scm".source = ../../files/xfce4/terminal/accels.scm; + ".config/xfce4/terminal/accels.scm".source = ../../../files/xfce4/terminal/accels.scm; }; xfconf.settings = { diff --git a/modules/hosts/common/linux/home.nix b/modules/shared/home/linux/default.nix similarity index 100% rename from modules/hosts/common/linux/home.nix rename to modules/shared/home/linux/default.nix diff --git a/modules/hosts/common/linux/flatpaks.nix b/modules/shared/nixos/flatpaks.nix similarity index 100% rename from modules/hosts/common/linux/flatpaks.nix rename to modules/shared/nixos/flatpaks.nix diff --git a/modules/hosts/common/linux/internationalisation.nix b/modules/shared/nixos/internationalisation.nix similarity index 100% rename from modules/hosts/common/linux/internationalisation.nix rename to modules/shared/nixos/internationalisation.nix diff --git a/modules/hosts/common/linux/lets-encrypt.nix b/modules/shared/nixos/lets-encrypt.nix similarity index 100% rename from modules/hosts/common/linux/lets-encrypt.nix rename to modules/shared/nixos/lets-encrypt.nix diff --git a/modules/hosts/common/linux/nixroutes.nix b/modules/shared/nixos/nixroutes.nix similarity index 100% rename from modules/hosts/common/linux/nixroutes.nix rename to modules/shared/nixos/nixroutes.nix diff --git a/modules/hosts/common/linux/restic.nix b/modules/shared/nixos/restic.nix similarity index 100% rename from modules/hosts/common/linux/restic.nix rename to modules/shared/nixos/restic.nix diff --git a/modules/hosts/common/linux/ripping.nix b/modules/shared/nixos/ripping.nix similarity index 100% rename from modules/hosts/common/linux/ripping.nix rename to modules/shared/nixos/ripping.nix diff --git a/modules/hosts/common/secrets.yaml b/modules/shared/secrets.yaml similarity index 100% rename from modules/hosts/common/secrets.yaml rename to modules/shared/secrets.yaml From 5dbcce7686f8d7119941afde0bf39f262aa31dfe Mon Sep 17 00:00:00 2001 From: Gene Liverman Date: Sun, 22 Mar 2026 18:32:20 -0400 Subject: [PATCH 2/3] Add linting, formatting, and CI infrastructure - Add deadnix, nixfmt, and statix to flake inputs - Add formatter output to flake for nix fmt support - Add deadnix, nixfmt, statix to Home Manager packages - Add GitHub Actions workflow for CI validation - Add .pre-commit-config.yaml with hooks for nixfmt, deadnix, and statix - Support x86_64-darwin in formatter --- .gitattributes | 1 + .github/workflows/validate.yml | 27 ++ .pre-commit-config.yaml | 26 ++ flake.lock | 204 ++++++++++++--- flake.nix | 193 +++++++------- lib/default.nix | 6 +- lib/mkDarwinHost.nix | 83 ++++--- lib/mkHomeConfig.nix | 60 +++-- lib/mkNixosHost.nix | 74 +++--- lib/nixpkgs-settings.nix | 2 +- modules/hosts/darwin/AirPuppet/default.nix | 2 +- modules/hosts/darwin/AirPuppet/home-gene.nix | 3 +- modules/hosts/darwin/Blue-Rock/default.nix | 3 +- .../darwin/Blue-Rock/home-gene.liverman.nix | 5 +- modules/hosts/darwin/default.nix | 18 +- modules/hosts/darwin/home.nix | 3 +- modules/hosts/darwin/mightymac/default.nix | 3 +- .../darwin/mightymac/home-gene.liverman.nix | 3 +- modules/hosts/home-manager-only/default.nix | 9 +- .../home-manager-only/home-gene.liverman.nix | 4 +- modules/hosts/home-manager-only/home-gene.nix | 3 +- modules/hosts/nixos/bigboy/default.nix | 36 ++- .../nixos/bigboy/hardware-configuration.nix | 55 ++-- modules/hosts/nixos/bigboy/home-gene.nix | 4 +- modules/hosts/nixos/default.nix | 15 +- modules/hosts/nixos/hetznix01/default.nix | 28 ++- .../hetznix01/hardware-configuration.nix | 26 +- modules/hosts/nixos/hetznix01/home-gene.nix | 4 +- .../post-install/containers/emqx.nix | 6 +- .../nixos/hetznix01/post-install/default.nix | 71 +++--- .../hetznix01/post-install/matrix-synapse.nix | 5 +- .../hetznix01/post-install/monitoring.nix | 21 +- .../hetznix01/post-install/mosquitto.nix | 137 +++++----- .../nixos/hetznix01/post-install/nginx.nix | 43 +++- modules/hosts/nixos/hetznix02/default.nix | 19 +- modules/hosts/nixos/hetznix02/disk-config.nix | 8 +- .../hetznix02/hardware-configuration.nix | 31 ++- modules/hosts/nixos/hetznix02/home-gene.nix | 2 +- .../nixos/hetznix02/post-install/default.nix | 4 +- .../hetznix02/post-install/monitoring.nix | 21 +- .../nixos/hetznix02/post-install/nginx.nix | 7 +- .../hosts/nixos/kiosk-entryway/default.nix | 48 ++-- .../kiosk-entryway/hardware-configuration.nix | 32 ++- .../hosts/nixos/kiosk-entryway/home-gene.nix | 3 +- .../hosts/nixos/kiosk-entryway/monitoring.nix | 21 +- .../hosts/nixos/kiosk-gene-desk/default.nix | 49 ++-- .../hosts/nixos/kiosk-gene-desk/home-gene.nix | 3 +- modules/hosts/nixos/nixnas1/default.nix | 14 +- modules/hosts/nixos/nixnas1/disk-config.nix | 3 +- .../nixos/nixnas1/hardware-configuration.nix | 78 ++++-- modules/hosts/nixos/nixnas1/home-gene.nix | 4 +- .../nixnuc/containers/audiobookshelf.nix | 6 +- .../containers/mountain-mesh-bot-discord.nix | 10 +- .../nixos/nixnuc/containers/psitransfer.nix | 7 +- modules/hosts/nixos/nixnuc/default.nix | 235 +++++++++++++----- .../nixos/nixnuc/hardware-configuration.nix | 54 ++-- modules/hosts/nixos/nixnuc/home-gene.nix | 4 +- .../hosts/nixos/nixnuc/monitoring-stack.nix | 109 ++++---- .../hosts/nixos/rainbow-planet/default.nix | 31 ++- modules/hosts/nixos/rainbow-planet/gnome.nix | 6 +- .../rainbow-planet/hardware-configuration.nix | 60 +++-- .../hosts/nixos/rainbow-planet/home-gene.nix | 19 +- modules/shared/home/general/all-gui.nix | 3 +- modules/shared/home/general/default.nix | 173 +++++++------ modules/shared/home/linux/apps/hexchat.nix | 2 +- modules/shared/home/linux/apps/pidgin.nix | 2 +- modules/shared/home/linux/apps/tilix.nix | 39 ++- modules/shared/home/linux/apps/waybar.nix | 21 +- .../shared/home/linux/apps/xfce4-terminal.nix | 7 +- modules/shared/home/linux/default.nix | 3 +- modules/shared/nixos/flatpaks.nix | 3 +- modules/shared/nixos/internationalisation.nix | 4 +- modules/shared/nixos/lets-encrypt.nix | 7 +- modules/shared/nixos/nixroutes.nix | 10 +- modules/shared/nixos/restic.nix | 4 +- modules/shared/nixos/ripping.nix | 4 +- 76 files changed, 1522 insertions(+), 831 deletions(-) create mode 100644 .github/workflows/validate.yml create mode 100644 .pre-commit-config.yaml diff --git a/.gitattributes b/.gitattributes index 9f1cb3c..1917907 100644 --- a/.gitattributes +++ b/.gitattributes @@ -1,2 +1,3 @@ *.yaml diff=sopsdiffer +.pre-commit-config.yaml diff=default diff --git a/.github/workflows/validate.yml b/.github/workflows/validate.yml new file mode 100644 index 0000000..aca0e80 --- /dev/null +++ b/.github/workflows/validate.yml @@ -0,0 +1,27 @@ +name: Validate + +on: + pull_request: + +jobs: + validate: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + + - uses: cachix/install-nix-action@v26 + with: + extra_nix_config: | + trusted-users = root @runner + + - name: Validate flake + run: nix flake show + + - name: Check formatting + run: nix fmt -- --ci . + + - name: Run deadnix + run: nix run nixpkgs#deadnix ./modules ./lib + + - name: Run statix + run: nix run nixpkgs#statix check -- . diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml new file mode 100644 index 0000000..700ab74 --- /dev/null +++ b/.pre-commit-config.yaml @@ -0,0 +1,26 @@ +repos: + - repo: local + hooks: + - id: nixfmt + name: nixfmt + entry: nix + language: system + types: [nix] + pass_filenames: false + args: ["fmt"] + + - id: deadnix + name: deadnix + entry: deadnix + language: system + types: [nix] + args: ["./modules", "./lib"] + + - id: statix + name: statix + entry: statix + language: system + types: [nix] + pass_filenames: false + args: ["check", "."] + diff --git a/flake.lock b/flake.lock index b906cdf..4513a73 100644 --- a/flake.lock +++ b/flake.lock @@ -69,6 +69,25 @@ "type": "github" } }, + "deadnix": { + "inputs": { + "nixpkgs": "nixpkgs", + "utils": "utils" + }, + "locked": { + "lastModified": 1764114543, + "narHash": "sha256-+C39E8qmGODT6eB0rhE/VX+DcekXW/Xww5IL/xlERNY=", + "owner": "astro", + "repo": "deadnix", + "rev": "d590041677add62267bef35ddec63cd9402d3505", + "type": "github" + }, + "original": { + "owner": "astro", + "repo": "deadnix", + "type": "github" + } + }, "disko": { "inputs": { "nixpkgs": [ @@ -111,6 +130,28 @@ "type": "github" } }, + "fenix_2": { + "inputs": { + "nixpkgs": [ + "statix", + "nixpkgs" + ], + "rust-analyzer-src": "rust-analyzer-src_2" + }, + "locked": { + "lastModified": 1645251813, + "narHash": "sha256-cQ66tGjnZclBCS3nD26mZ5fUH+3/HnysGffBiWXUSHk=", + "owner": "nix-community", + "repo": "fenix", + "rev": "9892337b588c38ec59466a1c89befce464aae7f8", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "fenix", + "type": "github" + } + }, "flake-compat": { "flake": false, "locked": { @@ -197,7 +238,7 @@ "crane": "crane", "fenix": "fenix", "nix-unit-src": "nix-unit-src", - "nixpkgs": "nixpkgs", + "nixpkgs": "nixpkgs_2", "pre-commit-hooks": "pre-commit-hooks" }, "locked": { @@ -308,11 +349,11 @@ ] }, "locked": { - "lastModified": 1772985280, - "narHash": "sha256-FdrNykOoY9VStevU4zjSUdvsL9SzJTcXt4omdEDZDLk=", + "lastModified": 1773264488, + "narHash": "sha256-rK0507bDuWBrZo+0zts9bCs/+RRUEHuvFE5DHWPxX/Q=", "owner": "nix-community", "repo": "home-manager", - "rev": "8f736f007139d7f70752657dff6a401a585d6cbc", + "rev": "5c0f63f8d55040a7eed69df7e3fcdd15dfb5a04c", "type": "github" }, "original": { @@ -331,11 +372,11 @@ "treefmt-nix": "treefmt-nix" }, "locked": { - "lastModified": 1772680513, - "narHash": "sha256-zwVeM1TgfwMIq026uln9hqcCIINsLv6jEjztPqx0q+U=", + "lastModified": 1773371628, + "narHash": "sha256-G9+d9C/7hz8qBFHOCzdH34Cj6MBNOlE9kCNfF+PKPZM=", "owner": "numtide", "repo": "nix-auth", - "rev": "77c07e9a107972dd2170da6da9ed1e73e65c4a4a", + "rev": "09a9b568631cfbf4a70058bbff495b7e854aedc4", "type": "github" }, "original": { @@ -480,16 +521,16 @@ }, "nixpkgs": { "locked": { - "lastModified": 1742889210, - "narHash": "sha256-hw63HnwnqU3ZQfsMclLhMvOezpM7RSB0dMAtD5/sOiw=", - "owner": "flox", + "lastModified": 1763934636, + "narHash": "sha256-9glbI7f1uU+yzQCq5LwLgdZqx6svOhZWkd4JRY265fc=", + "owner": "NixOS", "repo": "nixpkgs", - "rev": "698214a32beb4f4c8e3942372c694f40848b360d", + "rev": "ee09932cedcef15aaf476f9343d1dea2cb77e261", "type": "github" }, "original": { - "owner": "flox", - "ref": "stable", + "owner": "NixOS", + "ref": "nixpkgs-unstable", "repo": "nixpkgs", "type": "github" } @@ -511,11 +552,11 @@ }, "nixpkgs-unstable": { "locked": { - "lastModified": 1772956932, - "narHash": "sha256-M0yS4AafhKxPPmOHGqIV0iKxgNO8bHDWdl1kOwGBwRY=", + "lastModified": 1773231277, + "narHash": "sha256-Xy3WEpUAbpsz8ydgvVAQAGGB/WB+8cNA5cshiL0McTI=", "owner": "nixos", "repo": "nixpkgs", - "rev": "608d0cadfed240589a7eea422407a547ad626a14", + "rev": "75690239f08f885ca9b0267580101f60d10fbe62", "type": "github" }, "original": { @@ -526,6 +567,22 @@ } }, "nixpkgs_2": { + "locked": { + "lastModified": 1742889210, + "narHash": "sha256-hw63HnwnqU3ZQfsMclLhMvOezpM7RSB0dMAtD5/sOiw=", + "owner": "flox", + "repo": "nixpkgs", + "rev": "698214a32beb4f4c8e3942372c694f40848b360d", + "type": "github" + }, + "original": { + "owner": "flox", + "ref": "stable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_3": { "locked": { "lastModified": 1770107345, "narHash": "sha256-tbS0Ebx2PiA1FRW8mt8oejR0qMXmziJmPaU1d4kYY9g=", @@ -541,13 +598,13 @@ "type": "github" } }, - "nixpkgs_3": { + "nixpkgs_4": { "locked": { - "lastModified": 1773068389, - "narHash": "sha256-vMrm7Pk2hjBRPnCSjhq1pH0bg350Z+pXhqZ9ICiqqCs=", + "lastModified": 1773375660, + "narHash": "sha256-SEzUWw2Rf5Ki3bcM26nSKgbeoqi2uYy8IHVBqOKjX3w=", "owner": "nixos", "repo": "nixpkgs", - "rev": "44bae273f9f82d480273bab26f5c50de3724f52f", + "rev": "3e20095fe3c6cbb1ddcef89b26969a69a1570776", "type": "github" }, "original": { @@ -557,6 +614,22 @@ "type": "github" } }, + "nixpkgs_5": { + "locked": { + "lastModified": 1645013224, + "narHash": "sha256-b7OEC8vwzJv3rsz9pwnTX2LQDkeOWz2DbKypkVvNHXc=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "b66b39216b1fef2d8c33cc7a5c72d8da80b79970", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixpkgs-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, "onchg": { "inputs": { "nix-pre-commit": "nix-pre-commit", @@ -631,6 +704,7 @@ "root": { "inputs": { "compose2nix": "compose2nix", + "deadnix": "deadnix", "disko": "disko", "flox": "flox", "genebean-omp-themes": "genebean-omp-themes", @@ -641,11 +715,12 @@ "nix-homebrew": "nix-homebrew", "nixos-cosmic": "nixos-cosmic", "nixos-hardware": "nixos-hardware", - "nixpkgs": "nixpkgs_3", + "nixpkgs": "nixpkgs_4", "nixpkgs-unstable": "nixpkgs-unstable", "private-flake": "private-flake", "simple-nixos-mailserver": "simple-nixos-mailserver", - "sops-nix": "sops-nix" + "sops-nix": "sops-nix", + "statix": "statix" } }, "rust-analyzer-src": { @@ -665,6 +740,23 @@ "type": "github" } }, + "rust-analyzer-src_2": { + "flake": false, + "locked": { + "lastModified": 1645205556, + "narHash": "sha256-e4lZW3qRyOEJ+vLKFQP7m2Dxh5P44NrnekZYLxlucww=", + "owner": "rust-analyzer", + "repo": "rust-analyzer", + "rev": "acf5874b39f3dc5262317a6074d9fc7285081161", + "type": "github" + }, + "original": { + "owner": "rust-analyzer", + "ref": "nightly", + "repo": "rust-analyzer", + "type": "github" + } + }, "rust-overlay": { "inputs": { "nixpkgs": [ @@ -696,11 +788,11 @@ ] }, "locked": { - "lastModified": 1766537863, - "narHash": "sha256-HEt+wbazRgJYeY+lgj65bxhPyVc4x7NEB2bs5NU6DF8=", + "lastModified": 1773313890, + "narHash": "sha256-NXm/kOAk7HLziH1uWaUbNb9MhDS8yxFfQ8fMK5eN8/A=", "owner": "simple-nixos-mailserver", "repo": "nixos-mailserver", - "rev": "23f0a53ca6e58e61e1ea2b86791c69b79c91656d", + "rev": "9cdd6869e513df8153db4b920c8f15d394e150f7", "type": "gitlab" }, "original": { @@ -730,16 +822,50 @@ "type": "github" } }, - "treefmt-nix": { + "statix": { "inputs": { - "nixpkgs": "nixpkgs_2" + "fenix": "fenix_2", + "nixpkgs": "nixpkgs_5" }, "locked": { - "lastModified": 1772660329, - "narHash": "sha256-IjU1FxYqm+VDe5qIOxoW+pISBlGvVApRjiw/Y/ttJzY=", + "lastModified": 1676888642, + "narHash": "sha256-C73LOMVVCkeL0jA5xN7klLEDEB4NkuiATEJY4A/tIyM=", + "owner": "astro", + "repo": "statix", + "rev": "3c7136a23f444db252a556928c1489869ca3ab4e", + "type": "github" + }, + "original": { + "owner": "astro", + "repo": "statix", + "type": "github" + } + }, + "systems": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + }, + "treefmt-nix": { + "inputs": { + "nixpkgs": "nixpkgs_3" + }, + "locked": { + "lastModified": 1773297127, + "narHash": "sha256-6E/yhXP7Oy/NbXtf1ktzmU8SdVqJQ09HC/48ebEGBpk=", "owner": "numtide", "repo": "treefmt-nix", - "rev": "3710e0e1218041bbad640352a0440114b1e10428", + "rev": "71b125cd05fbfd78cab3e070b73544abe24c5016", "type": "github" }, "original": { @@ -747,6 +873,24 @@ "repo": "treefmt-nix", "type": "github" } + }, + "utils": { + "inputs": { + "systems": "systems" + }, + "locked": { + "lastModified": 1731533236, + "narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "11707dc2f618dd54ca8739b309ec4fc024de578b", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } } }, "root": "root", diff --git a/flake.nix b/flake.nix index b5b03e1..9320164 100644 --- a/flake.nix +++ b/flake.nix @@ -8,7 +8,7 @@ compose2nix = { url = "github:aksiksi/compose2nix"; - inputs.nixpkgs.follows ="nixpkgs"; + inputs.nixpkgs.follows = "nixpkgs"; }; # Format disks with nix-config @@ -79,100 +79,115 @@ # Secrets managemnt sops-nix = { url = "github:mic92/sops-nix"; - inputs.nixpkgs.follows ="nixpkgs"; + inputs.nixpkgs.follows = "nixpkgs"; }; + # Linting and formatting + deadnix.url = "github:astro/deadnix"; + statix.url = "github:astro/statix"; + }; # end inputs - outputs = inputs@{ self, ... }: let - # Functions that setup systems - localLib = import ./lib { inherit inputs; }; + outputs = + inputs@{ self, nixpkgs, ... }: + let + # Functions that setup systems + localLib = import ./lib { inherit inputs; }; + forAllSystems = nixpkgs.lib.genAttrs [ + "x86_64-linux" + "aarch64-linux" + "x86_64-darwin" + "aarch64-darwin" + ]; + in + { + formatter = forAllSystems (system: nixpkgs.legacyPackages.${system}.nixfmt-tree); - in { - # Darwin (macOS) hosts - darwinConfigurations = { - AirPuppet = localLib.mkDarwinHost { - system = "x86_64-darwin"; - hostname = "AirPuppet"; - }; - Blue-Rock = localLib.mkDarwinHost { - system = "x86_64-darwin"; - hostname = "Blue-Rock"; - username = "gene.liverman"; - }; - mightymac = localLib.mkDarwinHost { - hostname = "mightymac"; - username = "gene.liverman"; - }; - }; # end darwinConfigurations + # Darwin (macOS) hosts + darwinConfigurations = { + AirPuppet = localLib.mkDarwinHost { + system = "x86_64-darwin"; + hostname = "AirPuppet"; + }; + Blue-Rock = localLib.mkDarwinHost { + system = "x86_64-darwin"; + hostname = "Blue-Rock"; + username = "gene.liverman"; + }; + mightymac = localLib.mkDarwinHost { + hostname = "mightymac"; + username = "gene.liverman"; + }; + }; # end darwinConfigurations - # NixOS hosts - nixosConfigurations = { - bigboy = localLib.mkNixosHost { - hostname = "bigboy"; - additionalModules = [ - inputs.nixos-hardware.nixosModules.lenovo-thinkpad-p52 - ]; - }; - hetznix01 = localLib.mkNixosHost { - hostname = "hetznix01"; - additionalModules = [ - inputs.private-flake.nixosModules.private.hetznix01 - ]; - }; - hetznix02 = localLib.mkNixosHost { - system = "aarch64-linux"; - hostname = "hetznix02"; - additionalModules = [ - # inputs.simple-nixos-mailserver.nixosModule - ]; - }; - kiosk-entryway = localLib.mkNixosHost { - # Lenovo IdeaCentre Q190 - hostname = "kiosk-entryway"; - }; - kiosk-gene-desk = localLib.mkNixosHost { - system = "aarch64-linux"; - hostname = "kiosk-gene-desk"; - additionalModules = [ - inputs.nixos-hardware.nixosModules.raspberry-pi-4 - ]; - }; - nixnas1 = localLib.mkNixosHost { - hostname = "nixnas1"; - additionalModules = [ - inputs.simple-nixos-mailserver.nixosModule - ]; - }; - nixnuc = localLib.mkNixosHost { - hostname = "nixnuc"; - additionalModules = [ - inputs.simple-nixos-mailserver.nixosModule - ]; - }; - rainbow-planet = localLib.mkNixosHost { - hostname = "rainbow-planet"; - additionalModules = [ - inputs.nixos-cosmic.nixosModules.default - inputs.nixos-hardware.nixosModules.dell-xps-13-9360 - ]; - }; - }; # end nixosConfigurations + # NixOS hosts + nixosConfigurations = { + bigboy = localLib.mkNixosHost { + hostname = "bigboy"; + additionalModules = [ + inputs.nixos-hardware.nixosModules.lenovo-thinkpad-p52 + ]; + }; + hetznix01 = localLib.mkNixosHost { + hostname = "hetznix01"; + additionalModules = [ + inputs.private-flake.nixosModules.private.hetznix01 + ]; + }; + hetznix02 = localLib.mkNixosHost { + system = "aarch64-linux"; + hostname = "hetznix02"; + additionalModules = [ + # inputs.simple-nixos-mailserver.nixosModule + ]; + }; + kiosk-entryway = localLib.mkNixosHost { + # Lenovo IdeaCentre Q190 + hostname = "kiosk-entryway"; + }; + kiosk-gene-desk = localLib.mkNixosHost { + system = "aarch64-linux"; + hostname = "kiosk-gene-desk"; + additionalModules = [ + inputs.nixos-hardware.nixosModules.raspberry-pi-4 + ]; + }; + nixnas1 = localLib.mkNixosHost { + hostname = "nixnas1"; + additionalModules = [ + inputs.simple-nixos-mailserver.nixosModule + ]; + }; + nixnuc = localLib.mkNixosHost { + hostname = "nixnuc"; + additionalModules = [ + inputs.simple-nixos-mailserver.nixosModule + ]; + }; + rainbow-planet = localLib.mkNixosHost { + hostname = "rainbow-planet"; + additionalModules = [ + inputs.nixos-cosmic.nixosModules.default + inputs.nixos-hardware.nixosModules.dell-xps-13-9360 + ]; + }; + }; # end nixosConfigurations - # Home Manager (only) users - homeConfigurations = { - gene-x86_64-linux = localLib.mkHomeConfig { - homeDirectory = "/home/gene"; - username = "gene"; - system = "x86_64-linux"; - }; + # Home Manager (only) users + homeConfigurations = { + gene-x86_64-linux = localLib.mkHomeConfig { + homeDirectory = "/home/gene"; + username = "gene"; + system = "x86_64-linux"; + }; - gene-aarch64-linux = localLib.mkHomeConfig { - homeDirectory = "/home/gene"; - username = "gene"; - system = "aarch64-linux"; - }; - }; # end homeConfigurations + gene-aarch64-linux = localLib.mkHomeConfig { + homeDirectory = "/home/gene"; + username = "gene"; + system = "aarch64-linux"; + }; + }; # end homeConfigurations - packages.aarch64-linux.kiosk-gene-desk-sdImage = self.nixosConfigurations.kiosk-gene-desk.config.system.build.sdImage; - }; + packages.aarch64-linux.kiosk-gene-desk-sdImage = + self.nixosConfigurations.kiosk-gene-desk.config.system.build.sdImage; + }; } diff --git a/lib/default.nix b/lib/default.nix index 5d79385..3d7d901 100644 --- a/lib/default.nix +++ b/lib/default.nix @@ -1,8 +1,10 @@ -{ inputs, ... }: let +{ inputs, ... }: +let mkDarwinHost = import ./mkDarwinHost.nix { inherit inputs; }; mkHomeConfig = import ./mkHomeConfig.nix { inherit inputs; }; mkNixosHost = import ./mkNixosHost.nix { inherit inputs; }; -in { +in +{ inherit (mkDarwinHost) mkDarwinHost; inherit (mkHomeConfig) mkHomeConfig; inherit (mkNixosHost) mkNixosHost; diff --git a/lib/mkDarwinHost.nix b/lib/mkDarwinHost.nix index 0d53859..02c0236 100644 --- a/lib/mkDarwinHost.nix +++ b/lib/mkDarwinHost.nix @@ -1,41 +1,50 @@ -{ inputs, ... }: { - mkDarwinHost = { - system ? "aarch64-darwin", - hostname, - username ? "gene", - additionalModules ? [], - additionalSpecialArgs ? {} - }: inputs.nix-darwin.lib.darwinSystem { - inherit system; - specialArgs = { inherit inputs hostname username; } // additionalSpecialArgs; - modules = [ - ./nixpkgs-settings.nix - - inputs.nix-homebrew.darwinModules.nix-homebrew { - nix-homebrew = { - enable = true; # Install Homebrew under the default prefix - user = "${username}"; # User owning the Homebrew prefix - autoMigrate = true; # Automatically migrate existing Homebrew installations - }; +{ inputs, ... }: +{ + mkDarwinHost = + { + system ? "aarch64-darwin", + hostname, + username ? "gene", + additionalModules ? [ ], + additionalSpecialArgs ? { }, + }: + inputs.nix-darwin.lib.darwinSystem { + inherit system; + specialArgs = { + inherit inputs hostname username; } + // additionalSpecialArgs; + modules = [ + ./nixpkgs-settings.nix - inputs.home-manager.darwinModules.home-manager { - home-manager = { - extraSpecialArgs = { inherit inputs username; }; - useGlobalPkgs = true; - useUserPackages = true; - users.${username}.imports = [ - inputs.sops-nix.homeManagerModule # user-level secrets management - ../modules/shared/home/general - ../modules/shared/home/general/all-gui.nix - ../modules/hosts/darwin/home.nix - ../modules/hosts/darwin/${hostname}/home-${username}.nix - ]; - }; - } + inputs.nix-homebrew.darwinModules.nix-homebrew + { + nix-homebrew = { + enable = true; # Install Homebrew under the default prefix + user = "${username}"; # User owning the Homebrew prefix + autoMigrate = true; # Automatically migrate existing Homebrew installations + }; + } - ../modules/hosts/darwin # system-wide stuff - ../modules/hosts/darwin/${hostname} # host specific stuff - ] ++ additionalModules; # end modules - }; # end darwinSystem + inputs.home-manager.darwinModules.home-manager + { + home-manager = { + extraSpecialArgs = { inherit inputs username; }; + useGlobalPkgs = true; + useUserPackages = true; + users.${username}.imports = [ + inputs.sops-nix.homeManagerModule # user-level secrets management + ../modules/shared/home/general + ../modules/shared/home/general/all-gui.nix + ../modules/hosts/darwin/home.nix + ../modules/hosts/darwin/${hostname}/home-${username}.nix + ]; + }; + } + + ../modules/hosts/darwin # system-wide stuff + ../modules/hosts/darwin/${hostname} # host specific stuff + ] + ++ additionalModules; # end modules + }; # end darwinSystem } diff --git a/lib/mkHomeConfig.nix b/lib/mkHomeConfig.nix index d09cc99..0e61a2d 100644 --- a/lib/mkHomeConfig.nix +++ b/lib/mkHomeConfig.nix @@ -1,29 +1,39 @@ -{ inputs, ... }: { - mkHomeConfig = { - homeDirectory, - system, - username, - }: inputs.home-manager.lib.homeManagerConfiguration { - extraSpecialArgs = { inherit inputs homeDirectory system username; }; +{ inputs, ... }: +{ + mkHomeConfig = + { + homeDirectory, + system, + username, + }: + inputs.home-manager.lib.homeManagerConfiguration { + extraSpecialArgs = { + inherit + inputs + homeDirectory + system + username + ; + }; - pkgs = inputs.nixpkgs.legacyPackages.${system}; + pkgs = inputs.nixpkgs.legacyPackages.${system}; - # Specify your home configuration modules here, for example, - # the path to your home.nix. - modules = [ - ./nixpkgs-settings.nix - ../modules/shared/home/general - ../modules/hosts/home-manager-only - ../modules/hosts/home-manager-only/home-${username}.nix + # Specify your home configuration modules here, for example, + # the path to your home.nix. + modules = [ + ./nixpkgs-settings.nix + ../modules/shared/home/general + ../modules/hosts/home-manager-only + ../modules/hosts/home-manager-only/home-${username}.nix - { - home = { - username = "${username}"; - homeDirectory = "${homeDirectory}"; - }; - } + { + home = { + username = "${username}"; + homeDirectory = "${homeDirectory}"; + }; + } - inputs.sops-nix.homeManagerModules.sops - ]; - }; -} \ No newline at end of file + inputs.sops-nix.homeManagerModules.sops + ]; + }; +} diff --git a/lib/mkNixosHost.nix b/lib/mkNixosHost.nix index b4023d2..9d4a35b 100644 --- a/lib/mkNixosHost.nix +++ b/lib/mkNixosHost.nix @@ -1,36 +1,44 @@ -{ inputs, ... }: { - mkNixosHost = { - system ? "x86_64-linux", - hostname, - username ? "gene", - additionalModules ? [], - additionalSpecialArgs ? {} - }: inputs.nixpkgs.lib.nixosSystem { - inherit system; - specialArgs = { inherit inputs hostname username; } // additionalSpecialArgs; - modules = [ - ./nixpkgs-settings.nix - - inputs.disko.nixosModules.disko - - inputs.home-manager.nixosModules.home-manager { - home-manager = { - extraSpecialArgs = { inherit inputs hostname username; }; - useGlobalPkgs = true; - useUserPackages = true; - users.${username}.imports = [ - ../modules/shared/home/general - ../modules/shared/home/linux - ../modules/hosts/nixos/${hostname}/home-${username}.nix - ]; - }; +{ inputs, ... }: +{ + mkNixosHost = + { + system ? "x86_64-linux", + hostname, + username ? "gene", + additionalModules ? [ ], + additionalSpecialArgs ? { }, + }: + inputs.nixpkgs.lib.nixosSystem { + inherit system; + specialArgs = { + inherit inputs hostname username; } + // additionalSpecialArgs; + modules = [ + ./nixpkgs-settings.nix - inputs.nix-flatpak.nixosModules.nix-flatpak - inputs.private-flake.nixosModules.private.ssh-keys - inputs.sops-nix.nixosModules.sops # system wide secrets management - ../modules/hosts/nixos # system-wide stuff - ../modules/hosts/nixos/${hostname} # host specific stuff - ] ++ additionalModules; - }; + inputs.disko.nixosModules.disko + + inputs.home-manager.nixosModules.home-manager + { + home-manager = { + extraSpecialArgs = { inherit inputs hostname username; }; + useGlobalPkgs = true; + useUserPackages = true; + users.${username}.imports = [ + ../modules/shared/home/general + ../modules/shared/home/linux + ../modules/hosts/nixos/${hostname}/home-${username}.nix + ]; + }; + } + + inputs.nix-flatpak.nixosModules.nix-flatpak + inputs.private-flake.nixosModules.private.ssh-keys + inputs.sops-nix.nixosModules.sops # system wide secrets management + ../modules/hosts/nixos # system-wide stuff + ../modules/hosts/nixos/${hostname} # host specific stuff + ] + ++ additionalModules; + }; } diff --git a/lib/nixpkgs-settings.nix b/lib/nixpkgs-settings.nix index 6255854..bd0c8c9 100644 --- a/lib/nixpkgs-settings.nix +++ b/lib/nixpkgs-settings.nix @@ -1,4 +1,4 @@ -{ inputs, ... }: { +{ nixpkgs = { config = { allowUnfree = true; diff --git a/modules/hosts/darwin/AirPuppet/default.nix b/modules/hosts/darwin/AirPuppet/default.nix index 84afcb1..4dc5d60 100644 --- a/modules/hosts/darwin/AirPuppet/default.nix +++ b/modules/hosts/darwin/AirPuppet/default.nix @@ -1,4 +1,4 @@ -{ ... }: { +{ system.stateVersion = 4; homebrew = { diff --git a/modules/hosts/darwin/AirPuppet/home-gene.nix b/modules/hosts/darwin/AirPuppet/home-gene.nix index 644bc76..2643ed1 100644 --- a/modules/hosts/darwin/AirPuppet/home-gene.nix +++ b/modules/hosts/darwin/AirPuppet/home-gene.nix @@ -1,4 +1,5 @@ -{ username, ... }: { +{ username, ... }: +{ home.stateVersion = "23.11"; sops = { diff --git a/modules/hosts/darwin/Blue-Rock/default.nix b/modules/hosts/darwin/Blue-Rock/default.nix index a2a98f4..a6efc0d 100644 --- a/modules/hosts/darwin/Blue-Rock/default.nix +++ b/modules/hosts/darwin/Blue-Rock/default.nix @@ -1,4 +1,5 @@ -{ pkgs, ... }: { +{ pkgs, ... }: +{ system.stateVersion = 4; environment = { diff --git a/modules/hosts/darwin/Blue-Rock/home-gene.liverman.nix b/modules/hosts/darwin/Blue-Rock/home-gene.liverman.nix index 7f1fa1a..2ed7e0a 100644 --- a/modules/hosts/darwin/Blue-Rock/home-gene.liverman.nix +++ b/modules/hosts/darwin/Blue-Rock/home-gene.liverman.nix @@ -1,6 +1,7 @@ -{ username, ... }: { +{ username, ... }: +{ home.stateVersion = "23.11"; - + programs = { go = { enable = true; diff --git a/modules/hosts/darwin/default.nix b/modules/hosts/darwin/default.nix index 7f3e7e5..2db0fb8 100644 --- a/modules/hosts/darwin/default.nix +++ b/modules/hosts/darwin/default.nix @@ -1,8 +1,17 @@ -{ pkgs, hostname, username, ... }: { +{ + pkgs, + hostname, + username, + ... +}: +{ system.primaryUser = username; environment = { - shells = with pkgs; [ bash zsh ]; + shells = with pkgs; [ + bash + zsh + ]; pathsToLink = [ "/Applications" "/share/zsh" @@ -113,7 +122,10 @@ "flox-cache-public-1:7F4OyH7ZCnFhcze3fJdfyXYLQw/aV7GEed86nQ7IsOs=" "cache.thalheim.io-1:R7msbosLEZKrxk/lKxf9BTjOOH7Ax3H0Qj0/6wiHOgc=" ]; - trusted-users = [ "@admin" "${username}" ]; + trusted-users = [ + "@admin" + "${username}" + ]; }; extraOptions = '' # Generated by https://github.com/DeterminateSystems/nix-installer, version 0.11.0. diff --git a/modules/hosts/darwin/home.nix b/modules/hosts/darwin/home.nix index 3767a24..7df380e 100644 --- a/modules/hosts/darwin/home.nix +++ b/modules/hosts/darwin/home.nix @@ -1,4 +1,5 @@ -{ username, ... }: { +{ username, ... }: +{ # dawrwin-specific shell config programs = { zsh = { diff --git a/modules/hosts/darwin/mightymac/default.nix b/modules/hosts/darwin/mightymac/default.nix index 49e1f76..074ca67 100644 --- a/modules/hosts/darwin/mightymac/default.nix +++ b/modules/hosts/darwin/mightymac/default.nix @@ -1,4 +1,5 @@ -{ inputs, pkgs, ... }: { +{ inputs, pkgs, ... }: +{ system.stateVersion = 4; environment = { diff --git a/modules/hosts/darwin/mightymac/home-gene.liverman.nix b/modules/hosts/darwin/mightymac/home-gene.liverman.nix index 2d4fa73..49aaea2 100644 --- a/modules/hosts/darwin/mightymac/home-gene.liverman.nix +++ b/modules/hosts/darwin/mightymac/home-gene.liverman.nix @@ -1,4 +1,5 @@ -{ config, ... }: { +{ config, ... }: +{ home.stateVersion = "23.11"; programs = { diff --git a/modules/hosts/home-manager-only/default.nix b/modules/hosts/home-manager-only/default.nix index 3b00ffd..d4932be 100644 --- a/modules/hosts/home-manager-only/default.nix +++ b/modules/hosts/home-manager-only/default.nix @@ -1,4 +1,11 @@ -{ config, pkgs, system, username, ... }: { +{ + config, + pkgs, + system, + username, + ... +}: +{ home.stateVersion = "25.05"; home.packages = with pkgs; [ age diff --git a/modules/hosts/home-manager-only/home-gene.liverman.nix b/modules/hosts/home-manager-only/home-gene.liverman.nix index 7095165..28f3d15 100644 --- a/modules/hosts/home-manager-only/home-gene.liverman.nix +++ b/modules/hosts/home-manager-only/home-gene.liverman.nix @@ -1,3 +1,3 @@ -{ ... }: { +{ # Settings just for work machines go here -} \ No newline at end of file +} diff --git a/modules/hosts/home-manager-only/home-gene.nix b/modules/hosts/home-manager-only/home-gene.nix index 29c0c0f..7c6b6bf 100644 --- a/modules/hosts/home-manager-only/home-gene.nix +++ b/modules/hosts/home-manager-only/home-gene.nix @@ -1,4 +1,5 @@ -{ pkgs, ... }: { +{ pkgs, ... }: +{ # Settings just for personal machines go here home.packages = with pkgs; [ diff --git a/modules/hosts/nixos/bigboy/default.nix b/modules/hosts/nixos/bigboy/default.nix index 6a0025d..1c3c050 100644 --- a/modules/hosts/nixos/bigboy/default.nix +++ b/modules/hosts/nixos/bigboy/default.nix @@ -1,14 +1,20 @@ -{ config, pkgs, username, ... }: - let - libbluray = pkgs.libbluray.override { - withAACS = true; - withBDplus = true; - withJava = true; - }; - vlc-with-decoding = pkgs.vlc.override { inherit libbluray; }; - in { - imports = [ # Include the results of the hardware scan. + config, + pkgs, + username, + ... +}: +let + libbluray = pkgs.libbluray.override { + withAACS = true; + withBDplus = true; + withJava = true; + }; + vlc-with-decoding = pkgs.vlc.override { inherit libbluray; }; +in +{ + imports = [ + # Include the results of the hardware scan. ./hardware-configuration.nix ../../../shared/nixos/flatpaks.nix ../../../shared/nixos/ripping.nix @@ -43,7 +49,6 @@ zoom-us ]; - networking.networkmanager.enable = true; programs = { @@ -118,10 +123,15 @@ users.users.${username} = { isNormalUser = true; description = "Gene Liverman"; - extraGroups = [ "networkmanager" "wheel" "dialout" "input" ]; + extraGroups = [ + "networkmanager" + "wheel" + "dialout" + "input" + ]; packages = with pkgs; [ kdePackages.kate - # thunderbird + # thunderbird ]; }; } diff --git a/modules/hosts/nixos/bigboy/hardware-configuration.nix b/modules/hosts/nixos/bigboy/hardware-configuration.nix index b124fad..7b7baf8 100644 --- a/modules/hosts/nixos/bigboy/hardware-configuration.nix +++ b/modules/hosts/nixos/bigboy/hardware-configuration.nix @@ -1,32 +1,55 @@ # Do not modify this file! It was generated by ‘nixos-generate-config’ # and may be overwritten by future invocations. Please make changes # to /etc/nixos/configuration.nix instead. -{ config, lib, pkgs, modulesPath, ... }: +{ + config, + lib, + modulesPath, + ... +}: { - imports = - [ (modulesPath + "/installer/scan/not-detected.nix") + imports = [ + (modulesPath + "/installer/scan/not-detected.nix") + ]; + + boot = { + initrd = { + availableKernelModules = [ + "xhci_pci" + "nvme" + "usb_storage" + "sd_mod" + "rtsx_pci_sdmmc" + ]; + kernelModules = [ ]; + }; + kernelModules = [ + "kvm-intel" + "sg" ]; + extraModulePackages = [ ]; + }; - boot.initrd.availableKernelModules = [ "xhci_pci" "nvme" "usb_storage" "sd_mod" "rtsx_pci_sdmmc" ]; - boot.initrd.kernelModules = [ ]; - boot.kernelModules = [ "kvm-intel" "sg" ]; - boot.extraModulePackages = [ ]; - - fileSystems."/" = - { device = "/dev/disk/by-uuid/9c2d2979-dc8d-40e0-9ec2-c3cce33cd832"; + fileSystems = { + "/" = { + device = "/dev/disk/by-uuid/9c2d2979-dc8d-40e0-9ec2-c3cce33cd832"; fsType = "ext4"; }; - fileSystems."/boot" = - { device = "/dev/disk/by-uuid/59CB-16DE"; + "/boot" = { + device = "/dev/disk/by-uuid/59CB-16DE"; fsType = "vfat"; - options = [ "fmask=0077" "dmask=0077" ]; + options = [ + "fmask=0077" + "dmask=0077" + ]; }; + }; - swapDevices = - [ { device = "/dev/disk/by-uuid/878ff032-3de0-4efe-a12f-8eccd0ac3253"; } - ]; + swapDevices = [ + { device = "/dev/disk/by-uuid/878ff032-3de0-4efe-a12f-8eccd0ac3253"; } + ]; # Enables DHCP on each ethernet and wireless interface. In case of scripted networking # (the default) this is the recommended approach. When using systemd-networkd it's diff --git a/modules/hosts/nixos/bigboy/home-gene.nix b/modules/hosts/nixos/bigboy/home-gene.nix index 9042b47..fa2f7e0 100644 --- a/modules/hosts/nixos/bigboy/home-gene.nix +++ b/modules/hosts/nixos/bigboy/home-gene.nix @@ -1,4 +1,5 @@ -{ ... }: { +{ ... }: +{ home.stateVersion = "24.05"; imports = [ ../../../shared/home/general/all-gui.nix @@ -27,4 +28,3 @@ }; }; } - diff --git a/modules/hosts/nixos/default.nix b/modules/hosts/nixos/default.nix index 9027d2b..485afff 100644 --- a/modules/hosts/nixos/default.nix +++ b/modules/hosts/nixos/default.nix @@ -1,10 +1,19 @@ -{ hostname, pkgs, username, ... }: { +{ + hostname, + pkgs, + username, + ... +}: +{ imports = [ - ../../shared/nixos/internationalisation.nix + ../../shared/nixos/internationalisation.nix ]; environment = { - shells = with pkgs; [ bash zsh ]; + shells = with pkgs; [ + bash + zsh + ]; systemPackages = with pkgs; [ age dconf2nix diff --git a/modules/hosts/nixos/hetznix01/default.nix b/modules/hosts/nixos/hetznix01/default.nix index 63a5019..092dbb3 100644 --- a/modules/hosts/nixos/hetznix01/default.nix +++ b/modules/hosts/nixos/hetznix01/default.nix @@ -1,4 +1,9 @@ -{ inputs, pkgs, username, ... }: { +{ + pkgs, + username, + ... +}: +{ imports = [ ../../../shared/nixos/nixroutes.nix ./disk-config.nix @@ -24,14 +29,14 @@ networking = { # Open ports in the firewall. firewall.allowedTCPPorts = [ - 22 # ssh - 25 # SMTP (unencrypted) - 80 # http to local Nginx - 143 # imap - 443 # https to local Nginx - 465 # SMTP with TLS - 587 # SMTP with STARTTLS - 993 # imaps + 22 # ssh + 25 # SMTP (unencrypted) + 80 # http to local Nginx + 143 # imap + 443 # https to local Nginx + 465 # SMTP with TLS + 587 # SMTP with STARTTLS + 993 # imaps 1883 # mqtt 8333 # Bitcoin Core 8448 # Matrix Synapse @@ -88,7 +93,10 @@ users.users.${username} = { isNormalUser = true; description = "Gene Liverman"; - extraGroups = [ "networkmanager" "wheel" ]; + extraGroups = [ + "networkmanager" + "wheel" + ]; linger = true; }; } diff --git a/modules/hosts/nixos/hetznix01/hardware-configuration.nix b/modules/hosts/nixos/hetznix01/hardware-configuration.nix index 67a3557..87f1802 100644 --- a/modules/hosts/nixos/hetznix01/hardware-configuration.nix +++ b/modules/hosts/nixos/hetznix01/hardware-configuration.nix @@ -4,14 +4,25 @@ { lib, modulesPath, ... }: { - imports = - [ (modulesPath + "/profiles/qemu-guest.nix") - ]; + imports = [ + (modulesPath + "/profiles/qemu-guest.nix") + ]; - boot.initrd.availableKernelModules = [ "ahci" "xhci_pci" "virtio_pci" "virtio_scsi" "sd_mod" "sr_mod" ]; - boot.initrd.kernelModules = [ ]; - boot.kernelModules = [ ]; - boot.extraModulePackages = [ ]; + boot = { + initrd = { + availableKernelModules = [ + "ahci" + "xhci_pci" + "virtio_pci" + "virtio_scsi" + "sd_mod" + "sr_mod" + ]; + kernelModules = [ ]; + }; + kernelModules = [ ]; + extraModulePackages = [ ]; + }; fileSystems."pack1828" = { device = "/dev/disk/by-id/scsi-0HC_Volume_102600992"; @@ -25,4 +36,3 @@ nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; } - diff --git a/modules/hosts/nixos/hetznix01/home-gene.nix b/modules/hosts/nixos/hetznix01/home-gene.nix index ec20c58..13c6855 100644 --- a/modules/hosts/nixos/hetznix01/home-gene.nix +++ b/modules/hosts/nixos/hetznix01/home-gene.nix @@ -1,3 +1,3 @@ -{ ... }: { - home.stateVersion = "24.05"; +{ + home.stateVersion = "24.05"; } diff --git a/modules/hosts/nixos/hetznix01/post-install/containers/emqx.nix b/modules/hosts/nixos/hetznix01/post-install/containers/emqx.nix index 33188e9..f350c4e 100644 --- a/modules/hosts/nixos/hetznix01/post-install/containers/emqx.nix +++ b/modules/hosts/nixos/hetznix01/post-install/containers/emqx.nix @@ -1,6 +1,8 @@ -{ config, username, ... }: let +{ config, username, ... }: +let volume_base = "/var/lib/emqx"; -in { +in +{ # Based on docs at https://docs.emqx.com/en/emqx/latest/deploy/install-docker.html virtualisation.oci-containers.containers = { "emqx" = { diff --git a/modules/hosts/nixos/hetznix01/post-install/default.nix b/modules/hosts/nixos/hetznix01/post-install/default.nix index 8807f58..3aaa909 100644 --- a/modules/hosts/nixos/hetznix01/post-install/default.nix +++ b/modules/hosts/nixos/hetznix01/post-install/default.nix @@ -1,7 +1,15 @@ -{ config, lib, pkgs, username, ... }: let +{ + config, + lib, + pkgs, + username, + ... +}: +let domain = "technicalissues.us"; restic_backup_time = "01:00"; -in { +in +{ imports = [ ../../../../shared/nixos/lets-encrypt.nix ../../../../shared/nixos/restic.nix @@ -26,7 +34,7 @@ in { # Listen on loopback interface only, and accept requests from ::1 net = { listen = "loopback"; - post_allow.host = ["::1"]; + post_allow.host = [ "::1" ]; }; # Restrict loading documents from WOPI Host nextcloud.example.com @@ -162,14 +170,14 @@ in { }; matrix_secrets_yaml = { owner = config.users.users.matrix-synapse.name; - restartUnits = ["matrix-synapse.service"]; + restartUnits = [ "matrix-synapse.service" ]; }; matrix_homeserver_signing_key.owner = config.users.users.matrix-synapse.name; - mqtt_recorder_pass.restartUnits = ["mosquitto.service"]; + mqtt_recorder_pass.restartUnits = [ "mosquitto.service" ]; nextcloud_admin_pass.owner = config.users.users.nextcloud.name; owntracks_basic_auth = { owner = config.users.users.nginx.name; - restartUnits = ["nginx.service"]; + restartUnits = [ "nginx.service" ]; }; plausible_admin_pass.owner = config.users.users.nginx.name; plausible_secret_key_base.owner = config.users.users.nginx.name; @@ -180,31 +188,36 @@ in { }; systemd.services = { - nextcloud-config-collabora = let - inherit (config.services.nextcloud) occ; + nextcloud-config-collabora = + let + inherit (config.services.nextcloud) occ; - wopi_url = "http://[::1]:${toString config.services.collabora-online.port}"; - public_wopi_url = "https://collabora.pack1828.org"; - wopi_allowlist = lib.concatStringsSep "," [ - "127.0.0.1" - "::1" - "5.161.244.95" - "2a01:4ff:f0:977c::1" - ]; - in { - wantedBy = ["multi-user.target"]; - after = ["nextcloud-setup.service" "coolwsd.service"]; - requires = ["coolwsd.service"]; - script = '' - ${occ}/bin/nextcloud-occ config:app:set richdocuments wopi_url --value ${lib.escapeShellArg wopi_url} - ${occ}/bin/nextcloud-occ config:app:set richdocuments public_wopi_url --value ${lib.escapeShellArg public_wopi_url} - ${occ}/bin/nextcloud-occ config:app:set richdocuments wopi_allowlist --value ${lib.escapeShellArg wopi_allowlist} - ${occ}/bin/nextcloud-occ richdocuments:setup - ''; - serviceConfig = { - Type = "oneshot"; + wopi_url = "http://[::1]:${toString config.services.collabora-online.port}"; + public_wopi_url = "https://collabora.pack1828.org"; + wopi_allowlist = lib.concatStringsSep "," [ + "127.0.0.1" + "::1" + "5.161.244.95" + "2a01:4ff:f0:977c::1" + ]; + in + { + wantedBy = [ "multi-user.target" ]; + after = [ + "nextcloud-setup.service" + "coolwsd.service" + ]; + requires = [ "coolwsd.service" ]; + script = '' + ${occ}/bin/nextcloud-occ config:app:set richdocuments wopi_url --value ${lib.escapeShellArg wopi_url} + ${occ}/bin/nextcloud-occ config:app:set richdocuments public_wopi_url --value ${lib.escapeShellArg public_wopi_url} + ${occ}/bin/nextcloud-occ config:app:set richdocuments wopi_allowlist --value ${lib.escapeShellArg wopi_allowlist} + ${occ}/bin/nextcloud-occ richdocuments:setup + ''; + serviceConfig = { + Type = "oneshot"; + }; }; - }; }; # Enable common container config files in /etc/containers diff --git a/modules/hosts/nixos/hetznix01/post-install/matrix-synapse.nix b/modules/hosts/nixos/hetznix01/post-install/matrix-synapse.nix index 7c83bc2..0421a1d 100644 --- a/modules/hosts/nixos/hetznix01/post-install/matrix-synapse.nix +++ b/modules/hosts/nixos/hetznix01/post-install/matrix-synapse.nix @@ -1,4 +1,5 @@ -{ config, ... }: { +{ config, ... }: +{ services.matrix-synapse = { enable = true; configureRedisLocally = true; @@ -33,7 +34,7 @@ ]; url_preview_enabled = true; enable_registration = false; - trusted_key_servers = [{ server_name = "matrix.org"; }]; + trusted_key_servers = [ { server_name = "matrix.org"; } ]; }; }; diff --git a/modules/hosts/nixos/hetznix01/post-install/monitoring.nix b/modules/hosts/nixos/hetznix01/post-install/monitoring.nix index 97d9c85..8f44f00 100644 --- a/modules/hosts/nixos/hetznix01/post-install/monitoring.nix +++ b/modules/hosts/nixos/hetznix01/post-install/monitoring.nix @@ -1,6 +1,8 @@ -{ config, pkgs, ... }: let +{ config, pkgs, ... }: +let metrics_server = "https://monitoring.home.technicalissues.us/remotewrite"; -in { +in +{ services = { vmagent = { enable = true; @@ -14,11 +16,11 @@ in { { job_name = "node"; static_configs = [ - { targets = ["127.0.0.1:9100"]; } + { targets = [ "127.0.0.1:9100" ]; } ]; metric_relabel_configs = [ { - source_labels = ["__name__"]; + source_labels = [ "__name__" ]; regex = "go_.*"; action = "drop"; } @@ -35,11 +37,11 @@ in { { job_name = "nginx"; static_configs = [ - { targets = ["127.0.0.1:9113"]; } + { targets = [ "127.0.0.1:9113" ]; } ]; metric_relabel_configs = [ { - source_labels = ["__name__"]; + source_labels = [ "__name__" ]; regex = "go_.*"; action = "drop"; } @@ -77,7 +79,7 @@ in { # ---------------------------- # Exporters (using built-in NixOS modules) # ---------------------------- - + # Node exporter - using the built-in module prometheus.exporters.node = { enable = true; @@ -110,7 +112,7 @@ in { group = "vmagent"; }; - users.groups.vmagent = {}; + users.groups.vmagent = { }; # ---------------------------- # SOPS secrets configuration @@ -119,10 +121,9 @@ in { secrets = { vmagent_push_pw = { owner = "vmagent"; - restartUnits = ["vmagent.service"]; + restartUnits = [ "vmagent.service" ]; sopsFile = ../../../../shared/secrets.yaml; }; }; }; } - diff --git a/modules/hosts/nixos/hetznix01/post-install/mosquitto.nix b/modules/hosts/nixos/hetznix01/post-install/mosquitto.nix index d3405e4..282557f 100644 --- a/modules/hosts/nixos/hetznix01/post-install/mosquitto.nix +++ b/modules/hosts/nixos/hetznix01/post-install/mosquitto.nix @@ -1,16 +1,21 @@ -{ config, ... }: let +{ config, ... }: +let mqtt_domain = "mqtt.technicalissues.us"; -in { - security.acme.certs.${mqtt_domain}.postRun = "systemctl restart ${config.systemd.services.mosquitto.name}"; +in +{ + security.acme.certs.${mqtt_domain}.postRun = + "systemctl restart ${config.systemd.services.mosquitto.name}"; services.mosquitto = { enable = true; bridges = { liamcottle = { - addresses = [{ - address = "mqtt.meshtastic.liamcottle.net"; - port = 1883; - }]; + addresses = [ + { + address = "mqtt.meshtastic.liamcottle.net"; + port = 1883; + } + ]; topics = [ "msh/# out 1 \"\"" ]; @@ -24,10 +29,12 @@ in { }; }; meshtastic = { - addresses = [{ - address = "mqtt.meshtastic.org"; - port = 1883; - }]; + addresses = [ + { + address = "mqtt.meshtastic.org"; + port = 1883; + } + ]; topics = [ "msh/# out 1 \"\"" ]; @@ -42,10 +49,12 @@ in { }; }; homeassistant = { - addresses = [{ - address = "homeasistant-lc.atlas-snares.ts.net"; - port = 1883; - }]; + addresses = [ + { + address = "homeasistant-lc.atlas-snares.ts.net"; + port = 1883; + } + ]; topics = [ "msh/US/2/e/LongFast/!a386c80 out 1 \"\"" "msh/US/2/e/LongFast/!b03bcb24 out 1 \"\"" @@ -62,53 +71,59 @@ in { }; }; }; - listeners = let - mqtt_users = { - genebean = { - acl = [ - "readwrite msh/#" - ]; - hashedPasswordFile = config.sops.secrets.mosquitto_genebean.path; + listeners = + let + mqtt_users = { + genebean = { + acl = [ + "readwrite msh/#" + ]; + hashedPasswordFile = config.sops.secrets.mosquitto_genebean.path; + }; + mountain_mesh = { + acl = [ + "readwrite msh/#" + ]; + hashedPasswordFile = config.sops.secrets.mosquitto_mountain_mesh.path; + }; }; - mountain_mesh = { - acl = [ - "readwrite msh/#" - ]; - hashedPasswordFile = config.sops.secrets.mosquitto_mountain_mesh.path; - }; - }; - in [ - { - port = 1883; - users = mqtt_users; - settings.allow_anonymous = false; - } - { - port = 8883; - users = mqtt_users; - settings = let - certDir = config.security.acme.certs."${mqtt_domain}".directory; - in { - allow_anonymous = false; - keyfile = certDir + "/key.pem"; - certfile = certDir + "/cert.pem"; - cafile = certDir + "/chain.pem"; - }; - } - { - port = 9001; - users = mqtt_users; - settings = let - certDir = config.security.acme.certs."${mqtt_domain}".directory; - in { - allow_anonymous = false; - keyfile = certDir + "/key.pem"; - certfile = certDir + "/cert.pem"; - cafile = certDir + "/chain.pem"; - protocol = "websockets"; - }; - } - ]; + in + [ + { + port = 1883; + users = mqtt_users; + settings.allow_anonymous = false; + } + { + port = 8883; + users = mqtt_users; + settings = + let + certDir = config.security.acme.certs."${mqtt_domain}".directory; + in + { + allow_anonymous = false; + keyfile = certDir + "/key.pem"; + certfile = certDir + "/cert.pem"; + cafile = certDir + "/chain.pem"; + }; + } + { + port = 9001; + users = mqtt_users; + settings = + let + certDir = config.security.acme.certs."${mqtt_domain}".directory; + in + { + allow_anonymous = false; + keyfile = certDir + "/key.pem"; + certfile = certDir + "/cert.pem"; + cafile = certDir + "/chain.pem"; + protocol = "websockets"; + }; + } + ]; }; sops.secrets = { diff --git a/modules/hosts/nixos/hetznix01/post-install/nginx.nix b/modules/hosts/nixos/hetznix01/post-install/nginx.nix index c714b31..fd39b68 100644 --- a/modules/hosts/nixos/hetznix01/post-install/nginx.nix +++ b/modules/hosts/nixos/hetznix01/post-install/nginx.nix @@ -1,9 +1,11 @@ -{ config, ... }: let +{ config, ... }: +let domain = "technicalissues.us"; http_port = 80; https_port = 443; private_btc = "umbrel.atlas-snares.ts.net"; -in { +in +{ services.nginx = { enable = true; @@ -134,14 +136,36 @@ in { }; "matrix.${domain}" = { listen = [ - { port = http_port; addr = "0.0.0.0"; } - { port = http_port; addr = "[::]"; } + { + port = http_port; + addr = "0.0.0.0"; + } + { + port = http_port; + addr = "[::]"; + } - { port = https_port; addr = "0.0.0.0"; ssl = true; } - { port = https_port; addr = "[::]"; ssl = true; } + { + port = https_port; + addr = "0.0.0.0"; + ssl = true; + } + { + port = https_port; + addr = "[::]"; + ssl = true; + } - { port = 8448; addr = "0.0.0.0"; ssl = true; } - { port = 8448; addr = "[::]"; ssl = true; } + { + port = 8448; + addr = "0.0.0.0"; + ssl = true; + } + { + port = 8448; + addr = "[::]"; + ssl = true; + } ]; enableACME = true; acmeRoot = null; @@ -195,7 +219,8 @@ in { "/" = { proxyPass = "http://127.0.0.1:8083"; }; - "/pub" = { # Client apps need to point to this path + "/pub" = { + # Client apps need to point to this path extraConfig = "proxy_set_header X-Limit-U $remote_user;"; proxyPass = "http://127.0.0.1:8083/pub"; }; diff --git a/modules/hosts/nixos/hetznix02/default.nix b/modules/hosts/nixos/hetznix02/default.nix index d3f18a0..77b2cf8 100644 --- a/modules/hosts/nixos/hetznix02/default.nix +++ b/modules/hosts/nixos/hetznix02/default.nix @@ -1,4 +1,10 @@ -{ inputs, pkgs, username, ... }: { +{ + inputs, + pkgs, + username, + ... +}: +{ imports = [ ../../../shared/nixos/nixroutes.nix ./disk-config.nix @@ -29,9 +35,9 @@ networking = { # Open ports in the firewall. firewall.allowedTCPPorts = [ - 22 # ssh - 80 # Nginx - 443 # Nginx + 22 # ssh + 80 # Nginx + 443 # Nginx ]; # firewall.allowedUDPPorts = [ ... ]; # Or disable the firewall altogether. @@ -56,7 +62,10 @@ users.users.${username} = { isNormalUser = true; description = "Gene Liverman"; - extraGroups = [ "networkmanager" "wheel" ]; + extraGroups = [ + "networkmanager" + "wheel" + ]; linger = true; }; diff --git a/modules/hosts/nixos/hetznix02/disk-config.nix b/modules/hosts/nixos/hetznix02/disk-config.nix index bf22bdd..c1f51ca 100644 --- a/modules/hosts/nixos/hetznix02/disk-config.nix +++ b/modules/hosts/nixos/hetznix02/disk-config.nix @@ -44,10 +44,10 @@ content = { type = "gpt"; partitions = { - nix = { - name = "nix"; - size = "100%"; - content = { + nix = { + name = "nix"; + size = "100%"; + content = { type = "filesystem"; format = "ext4"; mountpoint = "/nix"; diff --git a/modules/hosts/nixos/hetznix02/hardware-configuration.nix b/modules/hosts/nixos/hetznix02/hardware-configuration.nix index d13bb36..047c685 100644 --- a/modules/hosts/nixos/hetznix02/hardware-configuration.nix +++ b/modules/hosts/nixos/hetznix02/hardware-configuration.nix @@ -4,34 +4,43 @@ { lib, modulesPath, ... }: { - imports = - [ (modulesPath + "/profiles/qemu-guest.nix") - ]; + imports = [ + (modulesPath + "/profiles/qemu-guest.nix") + ]; boot = { initrd = { - availableKernelModules = [ "xhci_pci" "virtio_scsi" "sr_mod" ]; + availableKernelModules = [ + "xhci_pci" + "virtio_scsi" + "sr_mod" + ]; kernelModules = [ ]; }; kernelModules = [ ]; extraModulePackages = [ ]; }; - fileSystems."/" = - { device = "/dev/disk/by-partlabel/disk-primary-root"; + fileSystems = { + "/" = { + device = "/dev/disk/by-partlabel/disk-primary-root"; fsType = "ext4"; }; - fileSystems."/boot" = - { device = "/dev/disk/by-partlabel/disk-primary-ESP"; + "/boot" = { + device = "/dev/disk/by-partlabel/disk-primary-ESP"; fsType = "vfat"; - options = [ "fmask=0022" "dmask=0022" ]; + options = [ + "fmask=0022" + "dmask=0022" + ]; }; - fileSystems."/nix" = - { device = "/dev/disk/by-partlabel/disk-volume1-nix"; + "/nix" = { + device = "/dev/disk/by-partlabel/disk-volume1-nix"; fsType = "ext4"; }; + }; swapDevices = [ ]; diff --git a/modules/hosts/nixos/hetznix02/home-gene.nix b/modules/hosts/nixos/hetznix02/home-gene.nix index 945badd..13c6855 100644 --- a/modules/hosts/nixos/hetznix02/home-gene.nix +++ b/modules/hosts/nixos/hetznix02/home-gene.nix @@ -1,3 +1,3 @@ -{ ... }: { +{ home.stateVersion = "24.05"; } diff --git a/modules/hosts/nixos/hetznix02/post-install/default.nix b/modules/hosts/nixos/hetznix02/post-install/default.nix index 9daed2b..823dabb 100644 --- a/modules/hosts/nixos/hetznix02/post-install/default.nix +++ b/modules/hosts/nixos/hetznix02/post-install/default.nix @@ -1,4 +1,5 @@ -{ config, username, ... }: { +{ config, username, ... }: +{ imports = [ ../../../../shared/nixos/lets-encrypt.nix ./monitoring.nix @@ -23,4 +24,3 @@ }; }; } - diff --git a/modules/hosts/nixos/hetznix02/post-install/monitoring.nix b/modules/hosts/nixos/hetznix02/post-install/monitoring.nix index 97d9c85..8f44f00 100644 --- a/modules/hosts/nixos/hetznix02/post-install/monitoring.nix +++ b/modules/hosts/nixos/hetznix02/post-install/monitoring.nix @@ -1,6 +1,8 @@ -{ config, pkgs, ... }: let +{ config, pkgs, ... }: +let metrics_server = "https://monitoring.home.technicalissues.us/remotewrite"; -in { +in +{ services = { vmagent = { enable = true; @@ -14,11 +16,11 @@ in { { job_name = "node"; static_configs = [ - { targets = ["127.0.0.1:9100"]; } + { targets = [ "127.0.0.1:9100" ]; } ]; metric_relabel_configs = [ { - source_labels = ["__name__"]; + source_labels = [ "__name__" ]; regex = "go_.*"; action = "drop"; } @@ -35,11 +37,11 @@ in { { job_name = "nginx"; static_configs = [ - { targets = ["127.0.0.1:9113"]; } + { targets = [ "127.0.0.1:9113" ]; } ]; metric_relabel_configs = [ { - source_labels = ["__name__"]; + source_labels = [ "__name__" ]; regex = "go_.*"; action = "drop"; } @@ -77,7 +79,7 @@ in { # ---------------------------- # Exporters (using built-in NixOS modules) # ---------------------------- - + # Node exporter - using the built-in module prometheus.exporters.node = { enable = true; @@ -110,7 +112,7 @@ in { group = "vmagent"; }; - users.groups.vmagent = {}; + users.groups.vmagent = { }; # ---------------------------- # SOPS secrets configuration @@ -119,10 +121,9 @@ in { secrets = { vmagent_push_pw = { owner = "vmagent"; - restartUnits = ["vmagent.service"]; + restartUnits = [ "vmagent.service" ]; sopsFile = ../../../../shared/secrets.yaml; }; }; }; } - diff --git a/modules/hosts/nixos/hetznix02/post-install/nginx.nix b/modules/hosts/nixos/hetznix02/post-install/nginx.nix index bd91204..880b521 100644 --- a/modules/hosts/nixos/hetznix02/post-install/nginx.nix +++ b/modules/hosts/nixos/hetznix02/post-install/nginx.nix @@ -1,7 +1,8 @@ - -{ pkgs, ... }: let +{ pkgs, ... }: +let domain = "genebean.me"; -in { +in +{ environment.etc.nginx-littlelinks = { # Info generated via # nurl https://github.com/genebean/littlelink genebean-sometag diff --git a/modules/hosts/nixos/kiosk-entryway/default.nix b/modules/hosts/nixos/kiosk-entryway/default.nix index 15e13f7..f3b88a7 100644 --- a/modules/hosts/nixos/kiosk-entryway/default.nix +++ b/modules/hosts/nixos/kiosk-entryway/default.nix @@ -1,4 +1,11 @@ -{ config, lib, pkgs, username, ... }: { +{ + config, + lib, + pkgs, + username, + ... +}: +{ imports = [ ./disk-config.nix ./hardware-configuration.nix @@ -42,7 +49,7 @@ # Home "Diagon Alley".pskRaw = "ext:psk_diagon_alley"; # Public networks - "Gallery Row-GuestWiFi" = {}; + "Gallery Row-GuestWiFi" = { }; "LocalTies Guest".pskRaw = "ext:psk_local_ties"; }; secretsFile = "${config.sops.secrets.wifi_creds.path}"; @@ -50,26 +57,27 @@ }; nixpkgs.overlays = [ - (final: super: { - makeModulesClosure = x: - super.makeModulesClosure (x // { allowMissing = true; }); + (_final: super: { + makeModulesClosure = x: super.makeModulesClosure (x // { allowMissing = true; }); }) ]; services = { - cage = let - kioskProgram = pkgs.writeShellScript "kiosk.sh" '' - WAYLAND_DISPLAY=wayland-0 wlr-randr --output HDMI-A-1 - /etc/profiles/per-user/gene/bin/chromium-browser - ''; - in { - enable = true; - program = kioskProgram; - user = "gene"; - environment = { - WLR_LIBINPUT_NO_DEVICES = "1"; # boot up even if no mouse/keyboard connected + cage = + let + kioskProgram = pkgs.writeShellScript "kiosk.sh" '' + WAYLAND_DISPLAY=wayland-0 wlr-randr --output HDMI-A-1 + /etc/profiles/per-user/gene/bin/chromium-browser + ''; + in + { + enable = true; + program = kioskProgram; + user = "gene"; + environment = { + WLR_LIBINPUT_NO_DEVICES = "1"; # boot up even if no mouse/keyboard connected + }; }; - }; prometheus.exporters.node = { enable = true; enabledCollectors = [ @@ -115,7 +123,10 @@ users.users.${username} = { isNormalUser = true; description = "Gene Liverman"; - extraGroups = [ "networkmanager" "wheel" ]; + extraGroups = [ + "networkmanager" + "wheel" + ]; linger = true; }; @@ -125,4 +136,3 @@ memoryPercent = 90; }; } - diff --git a/modules/hosts/nixos/kiosk-entryway/hardware-configuration.nix b/modules/hosts/nixos/kiosk-entryway/hardware-configuration.nix index 23c2071..f7bbe15 100644 --- a/modules/hosts/nixos/kiosk-entryway/hardware-configuration.nix +++ b/modules/hosts/nixos/kiosk-entryway/hardware-configuration.nix @@ -1,17 +1,33 @@ # Do not modify this file! It was generated by ‘nixos-generate-config’ # and may be overwritten by future invocations. Please make changes # to /etc/nixos/configuration.nix instead. -{ config, lib, pkgs, modulesPath, ... }: +{ + config, + lib, + modulesPath, + ... +}: { - imports = - [ (modulesPath + "/installer/scan/not-detected.nix") - ]; + imports = [ + (modulesPath + "/installer/scan/not-detected.nix") + ]; - boot.initrd.availableKernelModules = [ "xhci_pci" "ehci_pci" "ahci" "usbhid" "sd_mod" "rtsx_pci_sdmmc" ]; - boot.initrd.kernelModules = [ ]; - boot.kernelModules = [ "kvm-intel" ]; - boot.extraModulePackages = [ ]; + boot = { + initrd = { + availableKernelModules = [ + "xhci_pci" + "ehci_pci" + "ahci" + "usbhid" + "sd_mod" + "rtsx_pci_sdmmc" + ]; + kernelModules = [ ]; + }; + kernelModules = [ "kvm-intel" ]; + extraModulePackages = [ ]; + }; # Enables DHCP on each ethernet and wireless interface. In case of scripted networking # (the default) this is the recommended approach. When using systemd-networkd it's diff --git a/modules/hosts/nixos/kiosk-entryway/home-gene.nix b/modules/hosts/nixos/kiosk-entryway/home-gene.nix index 8e3e8b1..8ff51f9 100644 --- a/modules/hosts/nixos/kiosk-entryway/home-gene.nix +++ b/modules/hosts/nixos/kiosk-entryway/home-gene.nix @@ -1,4 +1,4 @@ -{ ... }: { +{ home.stateVersion = "24.11"; programs = { @@ -21,4 +21,3 @@ }; } - diff --git a/modules/hosts/nixos/kiosk-entryway/monitoring.nix b/modules/hosts/nixos/kiosk-entryway/monitoring.nix index 97d9c85..8f44f00 100644 --- a/modules/hosts/nixos/kiosk-entryway/monitoring.nix +++ b/modules/hosts/nixos/kiosk-entryway/monitoring.nix @@ -1,6 +1,8 @@ -{ config, pkgs, ... }: let +{ config, pkgs, ... }: +let metrics_server = "https://monitoring.home.technicalissues.us/remotewrite"; -in { +in +{ services = { vmagent = { enable = true; @@ -14,11 +16,11 @@ in { { job_name = "node"; static_configs = [ - { targets = ["127.0.0.1:9100"]; } + { targets = [ "127.0.0.1:9100" ]; } ]; metric_relabel_configs = [ { - source_labels = ["__name__"]; + source_labels = [ "__name__" ]; regex = "go_.*"; action = "drop"; } @@ -35,11 +37,11 @@ in { { job_name = "nginx"; static_configs = [ - { targets = ["127.0.0.1:9113"]; } + { targets = [ "127.0.0.1:9113" ]; } ]; metric_relabel_configs = [ { - source_labels = ["__name__"]; + source_labels = [ "__name__" ]; regex = "go_.*"; action = "drop"; } @@ -77,7 +79,7 @@ in { # ---------------------------- # Exporters (using built-in NixOS modules) # ---------------------------- - + # Node exporter - using the built-in module prometheus.exporters.node = { enable = true; @@ -110,7 +112,7 @@ in { group = "vmagent"; }; - users.groups.vmagent = {}; + users.groups.vmagent = { }; # ---------------------------- # SOPS secrets configuration @@ -119,10 +121,9 @@ in { secrets = { vmagent_push_pw = { owner = "vmagent"; - restartUnits = ["vmagent.service"]; + restartUnits = [ "vmagent.service" ]; sopsFile = ../../../../shared/secrets.yaml; }; }; }; } - diff --git a/modules/hosts/nixos/kiosk-gene-desk/default.nix b/modules/hosts/nixos/kiosk-gene-desk/default.nix index 24e208a..e9668a9 100644 --- a/modules/hosts/nixos/kiosk-gene-desk/default.nix +++ b/modules/hosts/nixos/kiosk-gene-desk/default.nix @@ -1,4 +1,12 @@ -{ inputs, config, lib, pkgs, username, ... }: { +{ + inputs, + config, + lib, + pkgs, + username, + ... +}: +{ imports = [ # SD card image "${inputs.nixpkgs}/nixos/modules/installer/sd-card/sd-image-aarch64.nix" @@ -34,7 +42,7 @@ # Home "Diagon Alley".pskRaw = "ext:psk_diagon_alley"; # Public networks - "Gallery Row-GuestWiFi" = {}; + "Gallery Row-GuestWiFi" = { }; "LocalTies Guest".pskRaw = "ext:psk_local_ties"; }; secretsFile = "${config.sops.secrets.wifi_creds.path}"; @@ -42,28 +50,29 @@ }; nixpkgs.overlays = [ - (final: super: { - makeModulesClosure = x: - super.makeModulesClosure (x // { allowMissing = true; }); + (_final: super: { + makeModulesClosure = x: super.makeModulesClosure (x // { allowMissing = true; }); }) ]; sdImage.compressImage = true; services = { - cage = let - kioskProgram = pkgs.writeShellScript "kiosk.sh" '' - WAYLAND_DISPLAY=wayland-0 wlr-randr --output HDMI-A-1 --transform 90 - /etc/profiles/per-user/gene/bin/chromium-browser - ''; - in { - enable = true; - program = kioskProgram; - user = "gene"; - environment = { - WLR_LIBINPUT_NO_DEVICES = "1"; # boot up even if no mouse/keyboard connected + cage = + let + kioskProgram = pkgs.writeShellScript "kiosk.sh" '' + WAYLAND_DISPLAY=wayland-0 wlr-randr --output HDMI-A-1 --transform 90 + /etc/profiles/per-user/gene/bin/chromium-browser + ''; + in + { + enable = true; + program = kioskProgram; + user = "gene"; + environment = { + WLR_LIBINPUT_NO_DEVICES = "1"; # boot up even if no mouse/keyboard connected + }; }; - }; prometheus.exporters.node = { enable = true; enabledCollectors = [ @@ -108,7 +117,10 @@ users.users.${username} = { isNormalUser = true; description = "Gene Liverman"; - extraGroups = [ "networkmanager" "wheel" ]; + extraGroups = [ + "networkmanager" + "wheel" + ]; linger = true; }; @@ -118,4 +130,3 @@ memoryPercent = 90; }; } - diff --git a/modules/hosts/nixos/kiosk-gene-desk/home-gene.nix b/modules/hosts/nixos/kiosk-gene-desk/home-gene.nix index b6f0a3c..f5700df 100644 --- a/modules/hosts/nixos/kiosk-gene-desk/home-gene.nix +++ b/modules/hosts/nixos/kiosk-gene-desk/home-gene.nix @@ -1,4 +1,4 @@ -{ ... }: { +{ home.stateVersion = "24.11"; programs = { @@ -20,4 +20,3 @@ }; } - diff --git a/modules/hosts/nixos/nixnas1/default.nix b/modules/hosts/nixos/nixnas1/default.nix index bf285a6..6ab4184 100644 --- a/modules/hosts/nixos/nixnas1/default.nix +++ b/modules/hosts/nixos/nixnas1/default.nix @@ -1,4 +1,10 @@ -{ config, pkgs, username, ... }: { +{ + config, + pkgs, + username, + ... +}: +{ imports = [ ./disk-config.nix ./hardware-configuration.nix @@ -17,16 +23,16 @@ device = "nodev"; mirroredBoots = [ { - devices = ["/dev/disk/by-uuid/02A5-6FCC"]; + devices = [ "/dev/disk/by-uuid/02A5-6FCC" ]; path = "/boot"; } { - devices = ["/dev/disk/by-uuid/02F1-B12D"]; + devices = [ "/dev/disk/by-uuid/02F1-B12D" ]; path = "/boot-fallback"; } ]; }; - supportedFilesystems = ["zfs"]; + supportedFilesystems = [ "zfs" ]; zfs = { extraPools = [ "storage" ]; forceImportRoot = false; diff --git a/modules/hosts/nixos/nixnas1/disk-config.nix b/modules/hosts/nixos/nixnas1/disk-config.nix index dcb9555..8720d6e 100644 --- a/modules/hosts/nixos/nixnas1/disk-config.nix +++ b/modules/hosts/nixos/nixnas1/disk-config.nix @@ -1,4 +1,3 @@ -{ ... }: { disko.devices = { disk = { @@ -124,4 +123,4 @@ }; # end zroot }; }; -} \ No newline at end of file +} diff --git a/modules/hosts/nixos/nixnas1/hardware-configuration.nix b/modules/hosts/nixos/nixnas1/hardware-configuration.nix index 8cce237..7423268 100644 --- a/modules/hosts/nixos/nixnas1/hardware-configuration.nix +++ b/modules/hosts/nixos/nixnas1/hardware-configuration.nix @@ -1,46 +1,72 @@ # Do not modify this file! It was generated by ‘nixos-generate-config’ # and may be overwritten by future invocations. Please make changes # to /etc/nixos/configuration.nix instead. -{ config, lib, modulesPath, ... }: +{ + config, + lib, + modulesPath, + ... +}: { - imports = - [ (modulesPath + "/installer/scan/not-detected.nix") - ]; + imports = [ + (modulesPath + "/installer/scan/not-detected.nix") + ]; - boot.initrd.availableKernelModules = [ "ehci_pci" "ahci" "usbhid" "usb_storage" "sd_mod" "sr_mod" ]; - boot.initrd.kernelModules = [ "nvme" ]; - boot.kernelModules = [ "kvm-intel" ]; - boot.extraModulePackages = [ ]; + boot = { + initrd = { + availableKernelModules = [ + "ehci_pci" + "ahci" + "usbhid" + "usb_storage" + "sd_mod" + "sr_mod" + ]; + kernelModules = [ "nvme" ]; + }; + kernelModules = [ "kvm-intel" ]; + extraModulePackages = [ ]; + }; - fileSystems."/" = - { device = "zroot/root"; + fileSystems = { + "/" = { + device = "zroot/root"; fsType = "zfs"; }; - fileSystems."/nix" = - { device = "zroot/root/nix"; + "/nix" = { + device = "zroot/root/nix"; fsType = "zfs"; }; - fileSystems."/home" = - { device = "zroot/root/home"; + "/home" = { + device = "zroot/root/home"; fsType = "zfs"; }; - fileSystems."/boot" = - # { device = "/dev/disk/by-uuid/02A5-6FCC"; - { device = "/dev/disk/by-partlabel/disk-sdc-BOOT"; - fsType = "vfat"; - options = [ "fmask=0022" "dmask=0022" ]; - }; + "/boot" = + # { device = "/dev/disk/by-uuid/02A5-6FCC"; + { + device = "/dev/disk/by-partlabel/disk-sdc-BOOT"; + fsType = "vfat"; + options = [ + "fmask=0022" + "dmask=0022" + ]; + }; - fileSystems."/boot-fallback" = - # { device = "/dev/disk/by-uuid/02F1-B12D"; - { device = "/dev/disk/by-partlabel/disk-sdd-BOOT-FALLBACK"; - fsType = "vfat"; - options = [ "fmask=0022" "dmask=0022" ]; - }; + "/boot-fallback" = + # { device = "/dev/disk/by-uuid/02F1-B12D"; + { + device = "/dev/disk/by-partlabel/disk-sdd-BOOT-FALLBACK"; + fsType = "vfat"; + options = [ + "fmask=0022" + "dmask=0022" + ]; + }; + }; swapDevices = [ ]; diff --git a/modules/hosts/nixos/nixnas1/home-gene.nix b/modules/hosts/nixos/nixnas1/home-gene.nix index b6eed65..13c6855 100644 --- a/modules/hosts/nixos/nixnas1/home-gene.nix +++ b/modules/hosts/nixos/nixnas1/home-gene.nix @@ -1,3 +1,3 @@ -{ ... }: { - home.stateVersion = "24.05"; +{ + home.stateVersion = "24.05"; } diff --git a/modules/hosts/nixos/nixnuc/containers/audiobookshelf.nix b/modules/hosts/nixos/nixnuc/containers/audiobookshelf.nix index 2c8f134..4e8d2b0 100644 --- a/modules/hosts/nixos/nixnuc/containers/audiobookshelf.nix +++ b/modules/hosts/nixos/nixnuc/containers/audiobookshelf.nix @@ -1,7 +1,9 @@ -{ ... }: let +_: +let volume_base = "/var/lib/audiobookshelf"; http_port = "13378"; -in { +in +{ # Audiobookshelf virtualisation.oci-containers.containers = { diff --git a/modules/hosts/nixos/nixnuc/containers/mountain-mesh-bot-discord.nix b/modules/hosts/nixos/nixnuc/containers/mountain-mesh-bot-discord.nix index 670918b..35d6819 100644 --- a/modules/hosts/nixos/nixnuc/containers/mountain-mesh-bot-discord.nix +++ b/modules/hosts/nixos/nixnuc/containers/mountain-mesh-bot-discord.nix @@ -1,6 +1,8 @@ -{ config, username, ... }: let +{ config, ... }: +let volume_base = "/orico/mountain-mesh-bot-discord"; -in { +in +{ # My mountain-mesh-bot-discord container virtualisation.oci-containers.containers = { @@ -17,6 +19,8 @@ in { sops.secrets.mtnmesh_bot_dot_env = { path = "${volume_base}/.env"; - restartUnits = [ "${config.virtualisation.oci-containers.containers.mtnmesh_bot_discord.serviceName}" ]; + restartUnits = [ + "${config.virtualisation.oci-containers.containers.mtnmesh_bot_discord.serviceName}" + ]; }; } diff --git a/modules/hosts/nixos/nixnuc/containers/psitransfer.nix b/modules/hosts/nixos/nixnuc/containers/psitransfer.nix index b8f6e55..f1e3558 100644 --- a/modules/hosts/nixos/nixnuc/containers/psitransfer.nix +++ b/modules/hosts/nixos/nixnuc/containers/psitransfer.nix @@ -1,8 +1,10 @@ -{ config, ... }: let +{ config, ... }: +let volume_base = "/orico/psitransfer"; http_port = "3000"; psitransfer_dot_env = "${config.sops.secrets.psitransfer_dot_env.path}"; -in { +in +{ ############################################################################# # My intent as of now is to only make this available to the outside world # @@ -29,4 +31,3 @@ in { }; }; } - diff --git a/modules/hosts/nixos/nixnuc/default.nix b/modules/hosts/nixos/nixnuc/default.nix index 1e3111c..d2172dd 100644 --- a/modules/hosts/nixos/nixnuc/default.nix +++ b/modules/hosts/nixos/nixnuc/default.nix @@ -1,10 +1,17 @@ -{ inputs, config, pkgs, username, ... }: let - http_port = 80; +{ + inputs, + config, + pkgs, + username, + ... +}: +let https_port = 443; home_domain = "home.technicalissues.us"; backend_ip = "127.0.0.1"; restic_backup_time = "02:00"; -in { +in +{ imports = [ ./hardware-configuration.nix ./containers/audiobookshelf.nix @@ -31,7 +38,9 @@ in { }; environment = { - sessionVariables = { LIBVA_DRIVER_NAME = "iHD"; }; + sessionVariables = { + LIBVA_DRIVER_NAME = "iHD"; + }; systemPackages = with pkgs; [ inputs.compose2nix.packages.${pkgs.stdenv.hostPlatform.system}.default docker-compose @@ -57,7 +66,7 @@ in { intel-ocl # Generic OpenCL support ]; }; - + mailserver = { enable = true; enableImap = false; @@ -81,26 +90,26 @@ in { # Open ports in the firewall. firewall = { allowedTCPPorts = [ - 22 # ssh - 80 # http to local Nginx - 443 # https to local Nginx - 3000 # PsiTransfer in oci-container - 3001 # immich-kiosk in compose - 3002 # grafana - 3005 # Firefly III - 3006 # Firefly III Data Importer - 3030 # Forgejo - 3087 # Youtarr in docker compose - 8001 # Tube Archivist - 8384 # Syncthing gui - 8888 # Atuin - 8090 # Wallabag in docker compose - 8945 # Pinchflat + 22 # ssh + 80 # http to local Nginx + 443 # https to local Nginx + 3000 # PsiTransfer in oci-container + 3001 # immich-kiosk in compose + 3002 # grafana + 3005 # Firefly III + 3006 # Firefly III Data Importer + 3030 # Forgejo + 3087 # Youtarr in docker compose + 8001 # Tube Archivist + 8384 # Syncthing gui + 8888 # Atuin + 8090 # Wallabag in docker compose + 8945 # Pinchflat 13378 # Audiobookshelf in oci-container ]; allowedUDPPorts = [ - 1900 # Jellyfin service auto-discovery - 7359 # Jellyfin auto-discovery + 1900 # Jellyfin service auto-discovery + 7359 # Jellyfin auto-discovery ]; }; # Or disable the firewall altogether. @@ -112,23 +121,24 @@ in { networkmanager.enable = false; useNetworkd = true; vlans = { - vlan23 = { id = 23; interface = "eno1"; }; + vlan23 = { + id = 23; + interface = "eno1"; + }; }; interfaces = { eno1.useDHCP = true; - vlan23.ipv4.addresses = [{ address = "192.168.23.21"; prefixLength = 24; }]; + vlan23.ipv4.addresses = [ + { + address = "192.168.23.21"; + prefixLength = 24; + } + ]; }; }; # Enable sound with pipewire. security.rtkit.enable = true; - services.pipewire = { - enable = true; - alsa.enable = true; - alsa.support32Bit = true; - pulse.enable = true; - }; - services.pulseaudio.enable = false; programs = { mtr.enable = true; @@ -136,6 +146,13 @@ in { # List services that you want to enable: services = { + pipewire = { + enable = true; + alsa.enable = true; + alsa.support32Bit = true; + pulse.enable = true; + }; + pulseaudio.enable = false; atuin = { enable = true; host = "127.0.0.1"; @@ -311,7 +328,11 @@ in { "nix-tester.${home_domain}" ]; listen = [ - { port = https_port; addr = "0.0.0.0"; ssl = true; } + { + port = https_port; + addr = "0.0.0.0"; + ssl = true; + } ]; enableACME = true; acmeRoot = null; @@ -331,7 +352,13 @@ in { }; }; "ab.${home_domain}" = { - listen = [{ port = https_port; addr = "0.0.0.0"; ssl = true; }]; + listen = [ + { + port = https_port; + addr = "0.0.0.0"; + ssl = true; + } + ]; enableACME = true; acmeRoot = null; forceSSL = true; @@ -342,17 +369,41 @@ in { ''; }; "atuin.${home_domain}" = { - listen = [{ port = https_port; addr = "0.0.0.0"; ssl = true; }]; + listen = [ + { + port = https_port; + addr = "0.0.0.0"; + ssl = true; + } + ]; enableACME = true; acmeRoot = null; forceSSL = true; locations."/".proxyPass = "http://${backend_ip}:8888"; }; # budget.${home_domain} - "${config.services.firefly-iii.virtualHost}".listen = [{ port = 3005; addr = "0.0.0.0"; ssl = false; }]; - "${config.services.firefly-iii-data-importer.virtualHost}".listen = [{ port = 3006; addr = "0.0.0.0"; ssl = false; }]; + "${config.services.firefly-iii.virtualHost}".listen = [ + { + port = 3005; + addr = "0.0.0.0"; + ssl = false; + } + ]; + "${config.services.firefly-iii-data-importer.virtualHost}".listen = [ + { + port = 3006; + addr = "0.0.0.0"; + ssl = false; + } + ]; "git.${home_domain}" = { - listen = [{ port = https_port; addr = "0.0.0.0"; ssl = true; }]; + listen = [ + { + port = https_port; + addr = "0.0.0.0"; + ssl = true; + } + ]; enableACME = true; acmeRoot = null; forceSSL = true; @@ -362,7 +413,13 @@ in { ''; }; "id.${home_domain}" = { - listen = [{ port = https_port; addr = "0.0.0.0"; ssl = true; }]; + listen = [ + { + port = https_port; + addr = "0.0.0.0"; + ssl = true; + } + ]; enableACME = true; acmeRoot = null; forceSSL = true; @@ -374,7 +431,13 @@ in { ''; }; "immich.${home_domain}" = { - listen = [{ port = https_port; addr = "0.0.0.0"; ssl = true; }]; + listen = [ + { + port = https_port; + addr = "0.0.0.0"; + ssl = true; + } + ]; enableACME = true; acmeRoot = null; forceSSL = true; @@ -388,7 +451,13 @@ in { ''; }; "immich-kiosk.${home_domain}" = { - listen = [{ port = https_port; addr = "0.0.0.0"; ssl = true; }]; + listen = [ + { + port = https_port; + addr = "0.0.0.0"; + ssl = true; + } + ]; enableACME = true; acmeRoot = null; forceSSL = true; @@ -403,7 +472,13 @@ in { ''; }; "jellyfin.${home_domain}" = { - listen = [{ port = https_port; addr = "0.0.0.0"; ssl = true; }]; + listen = [ + { + port = https_port; + addr = "0.0.0.0"; + ssl = true; + } + ]; enableACME = true; acmeRoot = null; forceSSL = true; @@ -428,7 +503,13 @@ in { ''; }; "mealie.${home_domain}" = { - listen = [{ port = https_port; addr = "0.0.0.0"; ssl = true; }]; + listen = [ + { + port = https_port; + addr = "0.0.0.0"; + ssl = true; + } + ]; enableACME = true; acmeRoot = null; forceSSL = true; @@ -438,7 +519,13 @@ in { ''; }; "monitoring.${home_domain}" = { - listen = [{ port = https_port; addr = "0.0.0.0"; ssl = true; }]; + listen = [ + { + port = https_port; + addr = "0.0.0.0"; + ssl = true; + } + ]; enableACME = true; acmeRoot = null; forceSSL = true; @@ -469,7 +556,13 @@ in { ''; }; "readit.${home_domain}" = { - listen = [{ port = https_port; addr = "0.0.0.0"; ssl = true; }]; + listen = [ + { + port = https_port; + addr = "0.0.0.0"; + ssl = true; + } + ]; enableACME = true; acmeRoot = null; forceSSL = true; @@ -557,7 +650,7 @@ in { secrets = { firefly_app_key = { owner = config.services.firefly-iii.user; - restartUnits = ["nginx.service"]; + restartUnits = [ "nginx.service" ]; }; firefly_pat_data_import = { owner = config.services.firefly-iii-data-importer.user; @@ -582,7 +675,7 @@ in { }; immich_kiosk_basic_auth = { owner = config.users.users.nginx.name; - restartUnits = ["nginx.service"]; + restartUnits = [ "nginx.service" ]; }; local_git_config = { owner = "${username}"; @@ -594,12 +687,12 @@ in { }; mealie = { mode = "0444"; - restartUnits = ["mealie.service"]; + restartUnits = [ "mealie.service" ]; }; nextcloud_admin_pass.owner = config.users.users.nextcloud.name; nginx_basic_auth = { owner = "nginx"; - restartUnits = ["nginx.service"]; + restartUnits = [ "nginx.service" ]; }; tailscale_key = { restartUnits = [ "tailscaled-autoconnect.service" ]; @@ -610,38 +703,44 @@ in { systemd.services = { jellyfin.environment.LIBVA_DRIVER_NAME = "iHD"; "mealie" = { - requires = ["postgresql.service"]; - after = ["postgresql.service"]; + requires = [ "postgresql.service" ]; + after = [ "postgresql.service" ]; }; "nextcloud-setup" = { - requires = ["postgresql.service"]; - after = ["postgresql.service"]; + requires = [ "postgresql.service" ]; + after = [ "postgresql.service" ]; }; }; users.users.${username} = { isNormalUser = true; description = "Gene Liverman"; - extraGroups = [ "docker" "podman" "networkmanager" "wheel" ]; + extraGroups = [ + "docker" + "podman" + "networkmanager" + "wheel" + ]; linger = true; }; # Enable common container config files in /etc/containers - virtualisation.containers.enable = true; + virtualisation = { + containers.enable = true; + oci-containers.backend = "podman"; + # Compose based apps were crashing with podman compose, so back to Docker... + docker = { + enable = true; + package = pkgs.docker; + }; + podman = { + enable = true; + autoPrune.enable = true; + #dockerCompat = true; + extraPackages = [ pkgs.zfs ]; # Required if the host is running ZFS - virtualisation.oci-containers.backend = "podman"; - - # Compose based apps were crashing with podman compose, so back to Docker... - virtualisation.docker.enable = true; - virtualisation.docker.package = pkgs.docker; - - virtualisation.podman = { - enable = true; - autoPrune.enable = true; - #dockerCompat = true; - extraPackages = [ pkgs.zfs ]; # Required if the host is running ZFS - - # Required for container networking to be able to use names. - defaultNetwork.settings.dns_enabled = true; + # Required for container networking to be able to use names. + defaultNetwork.settings.dns_enabled = true; + }; }; } diff --git a/modules/hosts/nixos/nixnuc/hardware-configuration.nix b/modules/hosts/nixos/nixnuc/hardware-configuration.nix index c4d326f..220502f 100644 --- a/modules/hosts/nixos/nixnuc/hardware-configuration.nix +++ b/modules/hosts/nixos/nixnuc/hardware-configuration.nix @@ -1,42 +1,60 @@ # Do not modify this file! It was generated by ‘nixos-generate-config’ # and may be overwritten by future invocations. Please make changes # to /etc/nixos/configuration.nix instead. -{ config, lib, modulesPath, ... }: +{ + config, + lib, + modulesPath, + ... +}: { - imports = - [ (modulesPath + "/installer/scan/not-detected.nix") - ]; + imports = [ + (modulesPath + "/installer/scan/not-detected.nix") + ]; - boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "usbhid" "usb_storage" "sd_mod" "sdhci_pci" ]; - boot.initrd.kernelModules = [ ]; - boot.kernelModules = [ "kvm-intel" ]; - boot.extraModulePackages = [ ]; + boot = { + initrd = { + availableKernelModules = [ + "xhci_pci" + "ahci" + "usbhid" + "usb_storage" + "sd_mod" + "sdhci_pci" + ]; + kernelModules = [ ]; + }; + kernelModules = [ "kvm-intel" ]; + extraModulePackages = [ ]; + }; - fileSystems."/" = - { device = "/dev/disk/by-uuid/0ee15ee9-37ea-448d-aa3b-23eb25994df0"; + fileSystems = { + "/" = { + device = "/dev/disk/by-uuid/0ee15ee9-37ea-448d-aa3b-23eb25994df0"; fsType = "ext4"; }; - fileSystems."/boot" = - { device = "/dev/disk/by-uuid/4814-3E47"; + "/boot" = { + device = "/dev/disk/by-uuid/4814-3E47"; fsType = "vfat"; }; - fileSystems."/var/lib/audiobookshelf" = - { device = "orico/audiobookshelf"; + "/var/lib/audiobookshelf" = { + device = "orico/audiobookshelf"; fsType = "zfs"; }; - fileSystems."/var/lib/postgresql" = - { device = "orico/postgresql-data"; + "/var/lib/postgresql" = { + device = "orico/postgresql-data"; fsType = "zfs"; }; - fileSystems."/var/lib/postgresql/16/pg_wal" = - { device = "orico/postgresql-wal-16"; + "/var/lib/postgresql/16/pg_wal" = { + device = "orico/postgresql-wal-16"; fsType = "zfs"; }; + }; # Second disk inside case #fileSystems."/var/lib/postgresql" = diff --git a/modules/hosts/nixos/nixnuc/home-gene.nix b/modules/hosts/nixos/nixnuc/home-gene.nix index 21ec006..e48c48c 100644 --- a/modules/hosts/nixos/nixnuc/home-gene.nix +++ b/modules/hosts/nixos/nixnuc/home-gene.nix @@ -1,3 +1,3 @@ -{ ... }: { - home.stateVersion = "23.11"; +{ + home.stateVersion = "23.11"; } diff --git a/modules/hosts/nixos/nixnuc/monitoring-stack.nix b/modules/hosts/nixos/nixnuc/monitoring-stack.nix index 89e7ae0..3d489f8 100644 --- a/modules/hosts/nixos/nixnuc/monitoring-stack.nix +++ b/modules/hosts/nixos/nixnuc/monitoring-stack.nix @@ -1,6 +1,8 @@ -{ config, pkgs, ... }: let +{ config, pkgs, ... }: +let home_domain = "home.technicalissues.us"; -in { +in +{ environment.systemPackages = with pkgs; [ # Keeping empty for manual testing if needed ]; @@ -25,7 +27,7 @@ in { # ---------------------------- victoriametrics = { enable = true; - stateDir = "victoriametrics"; # Just the directory name, module adds /var/lib/ prefix + stateDir = "victoriametrics"; # Just the directory name, module adds /var/lib/ prefix package = pkgs.victoriametrics; }; @@ -47,21 +49,24 @@ in { static_configs = [ { targets = [ - "127.0.0.1:9100" # nixnuc - "192.168.22.22:9100" # home assistant + "127.0.0.1:9100" # nixnuc + "192.168.22.22:9100" # home assistant "umbrel:9100" ]; } ]; metric_relabel_configs = [ { - source_labels = ["__name__" "nodename"]; + source_labels = [ + "__name__" + "nodename" + ]; regex = "node_uname_info;0d869efa-prometheus-node-exporter"; target_label = "nodename"; replacement = "homeassistant"; } { - source_labels = ["__name__"]; + source_labels = [ "__name__" ]; regex = "go_.*"; action = "drop"; } @@ -84,11 +89,11 @@ in { { job_name = "cadvisor"; static_configs = [ - { targets = ["127.0.0.1:8081"]; } + { targets = [ "127.0.0.1:8081" ]; } ]; metric_relabel_configs = [ { - source_labels = ["__name__"]; + source_labels = [ "__name__" ]; regex = "go_.*"; action = "drop"; } @@ -105,11 +110,11 @@ in { { job_name = "nginx"; static_configs = [ - { targets = ["127.0.0.1:9113"]; } + { targets = [ "127.0.0.1:9113" ]; } ]; metric_relabel_configs = [ { - source_labels = ["__name__"]; + source_labels = [ "__name__" ]; regex = "go_.*"; action = "drop"; } @@ -128,7 +133,7 @@ in { scrape_interval = "30s"; metrics_path = "/api/prometheus"; static_configs = [ - { targets = ["192.168.22.22:8123"]; } + { targets = [ "192.168.22.22:8123" ]; } ]; bearer_token_file = config.sops.secrets.home_assistant_token.path; relabel_configs = [ @@ -145,7 +150,7 @@ in { scheme = "https"; scrape_interval = "30s"; static_configs = [ - { targets = ["utk.technicalissues.us"]; } + { targets = [ "utk.technicalissues.us" ]; } ]; basic_auth = { password_file = config.sops.secrets.uptimekuma_grafana_api_key.path; @@ -153,19 +158,19 @@ in { }; metric_relabel_configs = [ { - source_labels = ["monitor_hostname"]; + source_labels = [ "monitor_hostname" ]; regex = "^null$"; replacement = ""; target_label = "monitor_hostname"; } { - source_labels = ["monitor_port"]; + source_labels = [ "monitor_port" ]; regex = "^null$"; replacement = ""; target_label = "monitor_port"; } { - source_labels = ["monitor_url"]; + source_labels = [ "monitor_url" ]; regex = "https:\/\/"; replacement = ""; target_label = "monitor_url"; @@ -211,17 +216,16 @@ in { datasources.settings.datasources = [ { - name = "VictoriaMetrics"; - type = "victoriametrics-metrics-datasource"; + name = "VictoriaMetrics"; + type = "victoriametrics-metrics-datasource"; access = "proxy"; - url = "http://127.0.0.1:8428"; + url = "http://127.0.0.1:8428"; isDefault = true; - uid = "VictoriaMetrics"; # Set explicit UID for use in alert rules + uid = "VictoriaMetrics"; # Set explicit UID for use in alert rules } ]; }; - settings = { auth = { # Set to true to disable (hide) the login form, useful if you use OAuth @@ -229,36 +233,36 @@ in { }; "auth.generic_oauth" = { - name = "Pocket ID"; - enabled = true; + name = "Pocket ID"; + enabled = true; # Use Grafana's file reference syntax for secrets - client_id = "$__file{${config.sops.secrets.grafana_oauth_client_id.path}}"; - client_secret = "$__file{${config.sops.secrets.grafana_oauth_client_secret.path}}"; + client_id = "$__file{${config.sops.secrets.grafana_oauth_client_id.path}}"; + client_secret = "$__file{${config.sops.secrets.grafana_oauth_client_secret.path}}"; - auth_style = "AutoDetect"; - scopes = "openid email profile groups"; - auth_url = "${config.services.pocket-id.settings.APP_URL}/authorize"; - token_url = "${config.services.pocket-id.settings.APP_URL}/api/oidc/token"; - allow_sign_up = true; - auto_login = true; - name_attribute_path = "display_name"; - login_attribute_path = "preferred_username"; - email_attribute_name = "email:primary"; - email_attribute_path = "email"; - role_attribute_path = "contains(groups[*], 'grafana_super_admin') && 'GrafanaAdmin' || contains(groups[*], 'grafana_admin') && 'Admin' || contains(groups[*], 'grafana_editor') && 'Editor' || 'Viewer'"; - role_attribute_strict = false; + auth_style = "AutoDetect"; + scopes = "openid email profile groups"; + auth_url = "${config.services.pocket-id.settings.APP_URL}/authorize"; + token_url = "${config.services.pocket-id.settings.APP_URL}/api/oidc/token"; + allow_sign_up = true; + auto_login = true; + name_attribute_path = "display_name"; + login_attribute_path = "preferred_username"; + email_attribute_name = "email:primary"; + email_attribute_path = "email"; + role_attribute_path = "contains(groups[*], 'grafana_super_admin') && 'GrafanaAdmin' || contains(groups[*], 'grafana_admin') && 'Admin' || contains(groups[*], 'grafana_editor') && 'Editor' || 'Viewer'"; + role_attribute_strict = false; allow_assign_grafana_admin = true; - skip_org_role_sync = false; - use_pkce = true; - use_refresh_token = false; - tls_skip_verify_insecure = false; + skip_org_role_sync = false; + use_pkce = true; + use_refresh_token = false; + tls_skip_verify_insecure = false; }; # Database configuration - use PostgreSQL with peer authentication database = { type = "postgres"; - host = "/run/postgresql"; # Use Unix socket instead of TCP + host = "/run/postgresql"; # Use Unix socket instead of TCP name = "grafana"; user = "grafana"; # No password needed - using peer authentication via Unix socket @@ -266,10 +270,10 @@ in { # Server configuration server = { - domain = "monitoring.${home_domain}"; - http_addr = "0.0.0.0"; - http_port = 3002; - root_url = "https://monitoring.${home_domain}/grafana/"; + domain = "monitoring.${home_domain}"; + http_addr = "0.0.0.0"; + http_port = 3002; + root_url = "https://monitoring.${home_domain}/grafana/"; serve_from_sub_path = true; }; @@ -286,7 +290,7 @@ in { # ---------------------------- # Exporters (using built-in NixOS modules) # ---------------------------- - + # Node exporter - using the built-in module prometheus.exporters.node = { enable = true; @@ -332,7 +336,7 @@ in { group = "vmagent"; }; - users.groups.vmagent = {}; + users.groups.vmagent = { }; # ---------------------------- # Systemd service dependencies @@ -350,19 +354,19 @@ in { secrets = { grafana_oauth_client_id = { owner = "grafana"; - restartUnits = ["grafana.service"]; + restartUnits = [ "grafana.service" ]; }; grafana_oauth_client_secret = { owner = "grafana"; - restartUnits = ["grafana.service"]; + restartUnits = [ "grafana.service" ]; }; home_assistant_token = { owner = "vmagent"; - restartUnits = ["vmagent.service"]; + restartUnits = [ "vmagent.service" ]; }; uptimekuma_grafana_api_key = { owner = "vmagent"; - restartUnits = ["vmagent.service"]; + restartUnits = [ "vmagent.service" ]; sopsFile = ../../../shared/secrets.yaml; }; }; @@ -378,4 +382,3 @@ in { ]; }; } - diff --git a/modules/hosts/nixos/rainbow-planet/default.nix b/modules/hosts/nixos/rainbow-planet/default.nix index d0c5439..acb84bc 100644 --- a/modules/hosts/nixos/rainbow-planet/default.nix +++ b/modules/hosts/nixos/rainbow-planet/default.nix @@ -1,4 +1,11 @@ -{ inputs, config, pkgs, username, ... }: { +{ + inputs, + config, + pkgs, + username, + ... +}: +{ imports = [ ./hardware-configuration.nix ../../../shared/nixos/flatpaks.nix @@ -14,7 +21,7 @@ }; loader = { efi.canTouchEfiVariables = true; - systemd-boot= { + systemd-boot = { enable = true; consoleMode = "1"; }; @@ -108,9 +115,13 @@ boinc.enable = true; bpftune.enable = true; dbus.implementation = "broker"; - desktopManager.cosmic.enable = false; - desktopManager.cosmic.xwayland.enable = false; - desktopManager.plasma6.enable = true; + desktopManager = { + cosmic = { + enable = false; + xwayland.enable = false; + }; + plasma6.enable = true; + }; displayManager.cosmic-greeter.enable = false; displayManager.sddm = { enable = true; @@ -179,7 +190,15 @@ users.users.${username} = { isNormalUser = true; description = "Gene Liverman"; - extraGroups = [ "adbusers" "dialout" "docker" "input" "networkmanager" "podman" "wheel" ]; + extraGroups = [ + "adbusers" + "dialout" + "docker" + "input" + "networkmanager" + "podman" + "wheel" + ]; packages = with pkgs; [ tailscale-systray ]; diff --git a/modules/hosts/nixos/rainbow-planet/gnome.nix b/modules/hosts/nixos/rainbow-planet/gnome.nix index 2aa57a5..afe7c35 100644 --- a/modules/hosts/nixos/rainbow-planet/gnome.nix +++ b/modules/hosts/nixos/rainbow-planet/gnome.nix @@ -1,4 +1,5 @@ -{ pkgs, ... }: { +{ pkgs, ... }: +{ environment.systemPackages = with pkgs; [ gnome.gnome-tweaks gnome.nautilus @@ -15,7 +16,7 @@ gnome.gnome-keyring.enable = true; # Provides secret storage gvfs.enable = true; # Used by Nautilus xserver = { - enable = true; # Enable the X11 windowing system. + enable = true; # Enable the X11 windowing system. # Configure keymap in X11 xkb = { @@ -33,4 +34,3 @@ }; }; } - diff --git a/modules/hosts/nixos/rainbow-planet/hardware-configuration.nix b/modules/hosts/nixos/rainbow-planet/hardware-configuration.nix index 7a37e9f..781a9fa 100644 --- a/modules/hosts/nixos/rainbow-planet/hardware-configuration.nix +++ b/modules/hosts/nixos/rainbow-planet/hardware-configuration.nix @@ -1,36 +1,56 @@ # Do not modify this file! It was generated by ‘nixos-generate-config’ # and may be overwritten by future invocations. Please make changes # to /etc/nixos/configuration.nix instead. -{ config, lib, modulesPath, pkgs, ... }: +{ + config, + lib, + modulesPath, + ... +}: { - imports = - [ (modulesPath + "/installer/scan/not-detected.nix") - ]; - - boot.initrd.availableKernelModules = [ "xhci_pci" "nvme" "usb_storage" "sd_mod" "rtsx_pci_sdmmc" ]; - # boot.kernelPackages = pkgs.linuxPackages_zen; - boot.initrd.kernelModules = [ ]; - boot.kernelModules = [ "kvm-intel" "sg" ]; - boot.kernelParams = [ - "i915.enable_fbc=1" - "i915.enable_psr=2" + imports = [ + (modulesPath + "/installer/scan/not-detected.nix") ]; - boot.extraModulePackages = [ ]; - fileSystems."/" = - { device = "/dev/disk/by-uuid/eb9a2c7e-ae61-4d06-9464-49b98d576f7c"; + boot = { + initrd = { + availableKernelModules = [ + "xhci_pci" + "nvme" + "usb_storage" + "sd_mod" + "rtsx_pci_sdmmc" + ]; + # boot.kernelPackages = pkgs.linuxPackages_zen; + kernelModules = [ ]; + }; + kernelModules = [ + "kvm-intel" + "sg" + ]; + kernelParams = [ + "i915.enable_fbc=1" + "i915.enable_psr=2" + ]; + extraModulePackages = [ ]; + }; + + fileSystems = { + "/" = { + device = "/dev/disk/by-uuid/eb9a2c7e-ae61-4d06-9464-49b98d576f7c"; fsType = "ext4"; }; - fileSystems."/boot" = - { device = "/dev/disk/by-uuid/924D-E7A4"; + "/boot" = { + device = "/dev/disk/by-uuid/924D-E7A4"; fsType = "vfat"; }; + }; - swapDevices = - [ { device = "/dev/disk/by-uuid/166d24ca-401c-492e-845d-bb1d0d6d7d86"; } - ]; + swapDevices = [ + { device = "/dev/disk/by-uuid/166d24ca-401c-492e-845d-bb1d0d6d7d86"; } + ]; # Enables DHCP on each ethernet and wireless interface. In case of scripted networking # (the default) this is the recommended approach. When using systemd-networkd it's diff --git a/modules/hosts/nixos/rainbow-planet/home-gene.nix b/modules/hosts/nixos/rainbow-planet/home-gene.nix index 9abb351..db28e94 100644 --- a/modules/hosts/nixos/rainbow-planet/home-gene.nix +++ b/modules/hosts/nixos/rainbow-planet/home-gene.nix @@ -1,4 +1,5 @@ -{ pkgs, ... }: { +{ pkgs, ... }: +{ home.stateVersion = "23.11"; imports = [ ../../../shared/home/general/all-gui.nix @@ -10,12 +11,14 @@ ]; home.file = { - ".config/hypr/frappe.conf".source = (pkgs.fetchFromGitHub { - owner = "catppuccin"; - repo = "hyprland"; - rev = "99a88fd21fac270bd999d4a26cf0f4a4222c58be"; - hash = "sha256-07B5QmQmsUKYf38oWU3+2C6KO4JvinuTwmW1Pfk8CT8="; - } + "/themes/frappe.conf"); + ".config/hypr/frappe.conf".source = + pkgs.fetchFromGitHub { + owner = "catppuccin"; + repo = "hyprland"; + rev = "99a88fd21fac270bd999d4a26cf0f4a4222c58be"; + hash = "sha256-07B5QmQmsUKYf38oWU3+2C6KO4JvinuTwmW1Pfk8CT8="; + } + + "/themes/frappe.conf"; }; programs = { @@ -32,7 +35,7 @@ settings = { global = { frame_color = "#8CAAEE"; - separator_color= "frame"; + separator_color = "frame"; }; urgency_low = { diff --git a/modules/shared/home/general/all-gui.nix b/modules/shared/home/general/all-gui.nix index 0a5f3f1..fe6406c 100644 --- a/modules/shared/home/general/all-gui.nix +++ b/modules/shared/home/general/all-gui.nix @@ -1,4 +1,5 @@ -{ pkgs, ... }: { +{ pkgs, ... }: +{ home.packages = with pkgs; [ esptool ]; diff --git a/modules/shared/home/general/default.nix b/modules/shared/home/general/default.nix index a33fc2d..06372ab 100644 --- a/modules/shared/home/general/default.nix +++ b/modules/shared/home/general/default.nix @@ -1,62 +1,92 @@ -{ config, inputs, pkgs, ... }: let - sqlite_lib = if builtins.elem pkgs.stdenv.hostPlatform.system [ - "aarch64-darwin" - "x86_64-darwin" - ] - then "libsqlite3.dylib" - else "libsqlite3.so"; -in { - home.packages = with pkgs; [ - btop - bundix - cargo - cheat - colordiff - dogdns - dos2unix - duf - dust - fd - f2 - git-filter-repo - glab - glow - gomuks - gotop - htop - httpie - hub - inputs.nix-auth.packages.${stdenv.hostPlatform.system}.default - jq - lazydocker - lazygit - lua-language-server - minicom - mtr - nil - nix-search - nix-zsh-completions - nodejs - nurl - nvd - onefetch - powershell - pre-commit - puppet-lint - rename - ruby - subversion - tldr - tree - trippy - vimv - watch - wget - yq-go - ]; - home.sessionVariables = { - CLICLOLOR = 1; - PAGER = "less"; +{ + config, + inputs, + pkgs, + ... +}: +let + sqlite_lib = + if + builtins.elem pkgs.stdenv.hostPlatform.system [ + "aarch64-darwin" + "x86_64-darwin" + ] + then + "libsqlite3.dylib" + else + "libsqlite3.so"; +in +{ + home = { + packages = with pkgs; [ + btop + bundix + cargo + cheat + colordiff + deadnix + dogdns + dos2unix + duf + dust + fd + f2 + git-filter-repo + glab + glow + gomuks + gotop + htop + httpie + hub + inputs.nix-auth.packages.${stdenv.hostPlatform.system}.default + jq + lazydocker + lazygit + lua-language-server + minicom + mtr + nil + nix-search + nix-zsh-completions + nodejs + nurl + nvd + nixfmt-tree + onefetch + powershell + pre-commit + puppet-lint + rename + ruby + subversion + statix + tldr + tree + trippy + vimv + watch + wget + yq-go + ]; + sessionVariables = { + CLICLOLOR = 1; + PAGER = "less"; + }; + file = { + ".config/nvim/lua/config" = { + source = ../../files/nvim/lua/config; + recursive = true; + }; + ".config/nvim/lua/plugins" = { + source = ../../files/nvim/lua/plugins; + recursive = true; + }; + ".config/powershell/Microsoft.PowerShell_profile.ps1".source = + ../../files/Microsoft.PowerShell_profile.ps1; + ".config/powershell/Microsoft.VSCode_profile.ps1".source = + ../../files/Microsoft.PowerShell_profile.ps1; + }; }; programs = { atuin = { @@ -111,7 +141,7 @@ in { "*.swp" ".DS_Store" ]; - includes = [ { path = "~/.gitconfig-local"; }]; + includes = [ { path = "~/.gitconfig-local"; } ]; lfs.enable = true; package = pkgs.gitFull; settings = { @@ -159,7 +189,7 @@ in { ''; extraPackages = with pkgs; [ - gcc # needed so treesitter can do compiling + gcc # needed so treesitter can do compiling sqlite # needed by sqlite.lua used by telescope-cheat ]; plugins = [ pkgs.vimPlugins.lazy-nvim ]; # let lazy.nvim manage every other plugin @@ -171,7 +201,11 @@ in { oh-my-posh = { enable = true; enableZshIntegration = true; - settings = builtins.fromJSON (builtins.unsafeDiscardStringContext (builtins.readFile (inputs.genebean-omp-themes + "/beanbag.omp.json"))); + settings = builtins.fromJSON ( + builtins.unsafeDiscardStringContext ( + builtins.readFile (inputs.genebean-omp-themes + "/beanbag.omp.json") + ) + ); #useTheme = "amro"; #useTheme = "montys"; }; @@ -189,7 +223,7 @@ in { set -g @dracula-show-battery false set -g @dracula-show-powerline true set -g @dracula-refresh-rate 10 - ''; + ''; } ]; extraConfig = '' @@ -350,17 +384,4 @@ in { }; }; # end zsh }; # end programs - - home.file = { - ".config/nvim/lua/config" = { - source = ../../files/nvim/lua/config; - recursive = true; - }; - ".config/nvim/lua/plugins" = { - source = ../../files/nvim/lua/plugins; - recursive = true; - }; - ".config/powershell/Microsoft.PowerShell_profile.ps1".source = ../../files/Microsoft.PowerShell_profile.ps1; - ".config/powershell/Microsoft.VSCode_profile.ps1".source = ../../files/Microsoft.PowerShell_profile.ps1; - }; } diff --git a/modules/shared/home/linux/apps/hexchat.nix b/modules/shared/home/linux/apps/hexchat.nix index 6addb18..b0fbc2c 100644 --- a/modules/shared/home/linux/apps/hexchat.nix +++ b/modules/shared/home/linux/apps/hexchat.nix @@ -1,3 +1,3 @@ -{ ... }: { +{ programs.hexchat.enable = true; } diff --git a/modules/shared/home/linux/apps/pidgin.nix b/modules/shared/home/linux/apps/pidgin.nix index e6d6840..0f2c94e 100644 --- a/modules/shared/home/linux/apps/pidgin.nix +++ b/modules/shared/home/linux/apps/pidgin.nix @@ -1,3 +1,3 @@ -{ ... }: { +{ programs.pidgin.enable = true; } diff --git a/modules/shared/home/linux/apps/tilix.nix b/modules/shared/home/linux/apps/tilix.nix index b8fa94a..a70af5f 100644 --- a/modules/shared/home/linux/apps/tilix.nix +++ b/modules/shared/home/linux/apps/tilix.nix @@ -1,4 +1,6 @@ -{ lib, pkgs, ... }: with lib.hm.gvariant; { +{ lib, pkgs, ... }: +with lib.hm.gvariant; +{ dconf.settings = { "com/gexperts/Tilix/profiles/2b7c4080-0ddd-46c5-8f23-563fd3ba789d" = { @@ -10,7 +12,24 @@ font = "Hack Nerd Font Mono 12"; foreground-color = "#F8F8F2"; highlight-colors-set = false; - palette = [ "#272822" "#F92672" "#A6E22E" "#F4BF75" "#66D9EF" "#AE81FF" "#A1EFE4" "#F8F8F2" "#75715E" "#F92672" "#A6E22E" "#F4BF75" "#66D9EF" "#AE81FF" "#A1EFE4" "#F9F8F5" ]; + palette = [ + "#272822" + "#F92672" + "#A6E22E" + "#F4BF75" + "#66D9EF" + "#AE81FF" + "#A1EFE4" + "#F8F8F2" + "#75715E" + "#F92672" + "#A6E22E" + "#F4BF75" + "#66D9EF" + "#AE81FF" + "#A1EFE4" + "#F9F8F5" + ]; use-system-font = false; use-theme-colors = false; visible-name = "Default"; @@ -20,11 +39,13 @@ home.file = { ".config/tilix/schemes/Beanbag-Mathias.json".source = ../../../files/tilix/Beanbag-Mathias.json; - ".config/tilix/schemes/Catppuccin-Frappe.json".source = (pkgs.fetchFromGitHub { - owner = "catppuccin"; - repo = "tilix"; - rev = "3fd05e03419321f2f2a6aad6da733b28be1765ef"; - hash = "sha256-SI7QxQ+WBHzeuXbTye+s8pi4tDVZOV4Aa33mRYO276k="; - } + "/src/Catppuccin-Frappe.json"); + ".config/tilix/schemes/Catppuccin-Frappe.json".source = + pkgs.fetchFromGitHub { + owner = "catppuccin"; + repo = "tilix"; + rev = "3fd05e03419321f2f2a6aad6da733b28be1765ef"; + hash = "sha256-SI7QxQ+WBHzeuXbTye+s8pi4tDVZOV4Aa33mRYO276k="; + } + + "/src/Catppuccin-Frappe.json"; }; -} \ No newline at end of file +} diff --git a/modules/shared/home/linux/apps/waybar.nix b/modules/shared/home/linux/apps/waybar.nix index b48c3be..806ee21 100644 --- a/modules/shared/home/linux/apps/waybar.nix +++ b/modules/shared/home/linux/apps/waybar.nix @@ -1,17 +1,20 @@ -{ pkgs, ... }: { +{ pkgs, ... }: +{ home.file = { ".config/waybar/config".source = ../../../files/waybar/config; - ".config/waybar/frappe.css".source = (pkgs.fetchFromGitHub { - owner = "catppuccin"; - repo = "waybar"; - rev = "f74ab1eecf2dcaf22569b396eed53b2b2fbe8aff"; - hash = "sha256-WLJMA2X20E5PCPg0ZPtSop0bfmu+pLImP9t8A8V4QK8="; - } + "/themes/frappe.css"); + ".config/waybar/frappe.css".source = + pkgs.fetchFromGitHub { + owner = "catppuccin"; + repo = "waybar"; + rev = "f74ab1eecf2dcaf22569b396eed53b2b2fbe8aff"; + hash = "sha256-WLJMA2X20E5PCPg0ZPtSop0bfmu+pLImP9t8A8V4QK8="; + } + + "/themes/frappe.css"; ".config/waybar/style.css".source = ../../../files/waybar/style.css; }; - programs = { + programs = { # Using file in ../../files/waybar/ to configure waybar waybar.enable = true; }; -} \ No newline at end of file +} diff --git a/modules/shared/home/linux/apps/xfce4-terminal.nix b/modules/shared/home/linux/apps/xfce4-terminal.nix index d3e67fc..21aeebf 100644 --- a/modules/shared/home/linux/apps/xfce4-terminal.nix +++ b/modules/shared/home/linux/apps/xfce4-terminal.nix @@ -1,4 +1,4 @@ -{ ... }: { +{ home.file = { ".config/xfce4/terminal/accels.scm".source = ../../../files/xfce4/terminal/accels.scm; }; @@ -11,7 +11,8 @@ "color-background" = "#08052b"; "color-cursor" = "#ff7f7f"; "color-cursor-use-default" = false; - "color-palette" = "#000000;#e52222;#a6e32d;#fc951e;#c48dff;#fa2573;#67d9f0;#f2f2f2;#555555;#ff5555;#55ff55;#ffff55;#5555ff;#ff55ff;#55ffff;#ffffff"; + "color-palette" = + "#000000;#e52222;#a6e32d;#fc951e;#c48dff;#fa2573;#67d9f0;#f2f2f2;#555555;#ff5555;#55ff55;#ffff55;#5555ff;#ff55ff;#55ffff;#ffffff"; "font-name" = "Hack Nerd Font Mono 12"; "misc-always-show-tabs" = false; "misc-bell" = false; @@ -43,4 +44,4 @@ "title-initial" = "xfce4-terminal"; }; }; -} \ No newline at end of file +} diff --git a/modules/shared/home/linux/default.nix b/modules/shared/home/linux/default.nix index 04428b9..2cc695b 100644 --- a/modules/shared/home/linux/default.nix +++ b/modules/shared/home/linux/default.nix @@ -1,4 +1,5 @@ -{ pkgs, ... }: { +{ pkgs, ... }: +{ home.packages = with pkgs; [ fastfetch ]; diff --git a/modules/shared/nixos/flatpaks.nix b/modules/shared/nixos/flatpaks.nix index f29a1ff..418b231 100644 --- a/modules/shared/nixos/flatpaks.nix +++ b/modules/shared/nixos/flatpaks.nix @@ -1,5 +1,4 @@ - -{ ... }: { +{ services = { flatpak = { enable = true; diff --git a/modules/shared/nixos/internationalisation.nix b/modules/shared/nixos/internationalisation.nix index 5d71c99..eef867a 100644 --- a/modules/shared/nixos/internationalisation.nix +++ b/modules/shared/nixos/internationalisation.nix @@ -1,4 +1,4 @@ -{ ... }: { +{ # Select internationalisation properties. i18n = { defaultLocale = "en_US.UTF-8"; @@ -14,4 +14,4 @@ LC_TIME = "en_US.UTF-8"; }; }; -} \ No newline at end of file +} diff --git a/modules/shared/nixos/lets-encrypt.nix b/modules/shared/nixos/lets-encrypt.nix index e885306..6ab50df 100644 --- a/modules/shared/nixos/lets-encrypt.nix +++ b/modules/shared/nixos/lets-encrypt.nix @@ -1,4 +1,5 @@ -{ config, username, ... }: { +{ config, username, ... }: +{ ########################################################################## # # @@ -10,7 +11,9 @@ acceptTerms = true; defaults = { email = "lets-encrypt@technicalissues.us"; - credentialFiles = { "GANDIV5_PERSONAL_ACCESS_TOKEN_FILE" = "${config.sops.secrets.gandi_dns_pat.path}"; }; + credentialFiles = { + "GANDIV5_PERSONAL_ACCESS_TOKEN_FILE" = "${config.sops.secrets.gandi_dns_pat.path}"; + }; dnsProvider = "gandiv5"; dnsResolver = "ns1.gandi.net"; # uncomment below for testing diff --git a/modules/shared/nixos/nixroutes.nix b/modules/shared/nixos/nixroutes.nix index 0b50bdf..6ea2e0c 100644 --- a/modules/shared/nixos/nixroutes.nix +++ b/modules/shared/nixos/nixroutes.nix @@ -1,7 +1,7 @@ -{ config, lib, ... }: +{ config, ... }: let - hostName = config.networking.hostName; -in { - programs.zsh.shellAliases.nixroutes = - "cd ~/repos/dots && echo '=== Current Routes ===' && ip route show && ip -6 route show && echo '' && echo '=== New Build Routes ===' && nix eval --json '.#nixosConfigurations.${hostName}.config.systemd.network.networks.\"10-wan\".routes'"; + inherit (config.networking) hostName; +in +{ + programs.zsh.shellAliases.nixroutes = "cd ~/repos/dots && echo '=== Current Routes ===' && ip route show && ip -6 route show && echo '' && echo '=== New Build Routes ===' && nix eval --json '.#nixosConfigurations.${hostName}.config.systemd.network.networks.\"10-wan\".routes'"; } diff --git a/modules/shared/nixos/restic.nix b/modules/shared/nixos/restic.nix index 91cc256..4c0a04b 100644 --- a/modules/shared/nixos/restic.nix +++ b/modules/shared/nixos/restic.nix @@ -1,4 +1,5 @@ -{ config, pkgs, ... }: { +{ config, pkgs, ... }: +{ environment.systemPackages = with pkgs; [ restic ]; @@ -29,4 +30,3 @@ }; }; } - diff --git a/modules/shared/nixos/ripping.nix b/modules/shared/nixos/ripping.nix index 680db32..9f6b33f 100644 --- a/modules/shared/nixos/ripping.nix +++ b/modules/shared/nixos/ripping.nix @@ -1,4 +1,5 @@ -{ pkgs, ... }: { +{ pkgs, ... }: +{ # Be sure this is added if on NixOS # boot.kernelModules = [ "sg" ]; @@ -20,4 +21,3 @@ mkvtoolnix-cli ]; } - From 50fc1b6e848c42718f8d5f50c4165735b0365b18 Mon Sep 17 00:00:00 2001 From: Gene Liverman Date: Sun, 22 Mar 2026 19:02:01 -0400 Subject: [PATCH 3/3] Update readme --- README.md | 115 +++++++++++------------------------------------------- 1 file changed, 22 insertions(+), 93 deletions(-) diff --git a/README.md b/README.md index b31041b..e79b751 100644 --- a/README.md +++ b/README.md @@ -1,10 +1,9 @@ # Dots -This repo is a Nix flake that manages most of my setup on macOS and fully manages machines I have that run NixOS as their operating system. +This repo is a Nix flake that manages most of my setup on macOS and fully manages machines I have that run NixOS as their operating system. It also contains as much configruation as I can make work on other Linux distros such as Ubuntu. - [Flake structure](#flake-structure) -- [Note](#note) -- [Repo structure](#repo-structure) +- [Formatting and CI](#formatting-and-ci) - [Historical bits](#historical-bits) - [Adding a new macOS host](#adding-a-new-macos-host) - [Extras steps not done by Nix and/or Homebrew and/or mas](#extras-steps-not-done-by-nix-andor-homebrew-andor-mas) @@ -15,102 +14,32 @@ This repo is a Nix flake that manages most of my setup on macOS and fully manage - [Adding a NixOS host](#adding-a-nixos-host) - [Post-install](#post-install) - ## Flake structure -> **RESTRUCTURING IN PROGRESS**: please note, I am restructuring this to remove a lot of complexity. This first pass is done and moves home manager bits into modules that have home in the name. Things that apply to everything under a part of the tree are in a corresponding `default.nix` +- `flake.nix` defines inputs, outputs, and instantiates host configurations via `lib/` functions +- `lib/` contains helper functions: + - `mkNixosHost` - constructs NixOS system configurations + - `mkDarwinHost` - constructs nix-darwin system configurations + - `mkHomeConfig` - constructs Home Manager configurations +- `modules/` contains Nix modules organized by type: + - `modules/shared/` - shared modules imported by multiple hosts + - `modules/shared/home/general/` - Home Manager config for all GUI users + - `modules/shared/home/linux/` - Home Manager config for Linux-specific apps + - `modules/shared/nixos/` - NixOS modules (i18n, flatpaks, restic, etc.) + - `modules/hosts/` - host-specific configurations + - `modules/hosts/nixos/` - NixOS host configs and hardware configs + - `modules/hosts/darwin/` - macOS host configs + - `modules/hosts/home-manager-only/` - Home Manager-only configs -The Nix bits are driven by `flake.nix` which pulls in things under `modules/`. Both Intel and Apple Silicon macOS are suppoted, as is NixOS. The flake is structured like so: +## Formatting and CI -- description: a human readable description of this flake -- inputs: all the places things are pulled from -- outputs: - - all the outputs from the inputs - - a `let` ... `in` block that contains: - - `darwinHostConfig` which takes a set of paramters as an attribute set and pulls in all the things needed to use Nix on a macOS host - - `mkNixosHost` which takes a set of parameters as an attribute set and pulls in all the things needed to configure a NixOS host - - `linuxHomeConfig` which takes a set of paramters as an attribute set and pulls in the things I manage on non-NixOS Linux hosts - - the body of outputs that contains: - - `darwinConfigurations` contains is an attribute set that contains keys named for each macOS host set to the results of a call to `darwinHostConfig` with values for each of the required parameters - - `nixosConfigurations` contains is an attribute set that contains keys named for each NixOS host set to the results of a call to `darwinHostConfig` with values for each of the required parameters - - `homeConfigurations` contains an entry for each username set to the results of a call to `linuxHomeConfig` with values for each of the required parameters +This repo uses the following tools for code quality: -The parameters on `darwinHostConfig` & `mkNixosHost` are: +- **nixfmt** - Formats Nix files. Run `nix fmt .` to format all files. +- **deadnix** - Finds unused code in Nix files. +- **statix** - Checks Nix code for common issues and style problems. -- `system:` the system definition to use for nixpkgs -- `hostname:` the hostname of the machine being configured -- `username:` the username being configured on the host (all code currently assumes there is a single human user managed by Nix) -- `additionalModules:` any nix modules that are desired to supplement the default for the host. An example use case for this is adding in the hardware specific module from `nixos-hardware`. -- `additionalSpecialArgs:` any supplemental arguments to be passed to `specialArgs`. - -The parameters on `linxuHomeConfig` are the same as the above. - -## Note - -> All the bits below here are useful, but may be slightly outdated... I have not done a good job of keeping them updated. - -## Repo structure - -The Nix stuff is structured like so, at least for now: - -```bash -$ tree . -I legacy* -I link* --gitignore --dirsfirst -. -├── modules -│   ├── home-manager -│   │   ├── common -│   │   │   ├── linux-apps -│   │   │   │   ├── tilix.nix -│   │   │   │   ├── waybar.nix -│   │   │   │   └── xfce4-terminal.nix -│   │   │   ├── all-cli.nix -│   │   │   ├── all-darwin.nix -│   │   │   ├── all-gui.nix -│   │   │   └── all-linux.nix -│   │   ├── files -│   │   │   ├── tilix -│   │   │   │   └── Beanbag-Mathias.json -│   │   │   ├── waybar -│   │   │   │   ├── config -│   │   │   │   └── style.css -│   │   │   ├── xfce4 -│   │   │   │   └── terminal -│   │   │   │   ├── accels.scm -│   │   │   │   └── terminalrc -│   │   │   └── Microsoft.PowerShell_profile.ps1 -│   │   └── hosts -│   │   ├── Blue-Rock -│   │   │   └── gene.liverman.nix -│   │   ├── nixnuc -│   │   │   └── gene.nix -│   │   └── rainbow-planet -│   │   └── gene.nix -│   ├── hosts -│   │   ├── darwin -│   │   │   └── Blue-Rock -│   │   │   └── default.nix -│   │   └── nixos -│   │   ├── nixnuc -│   │   │   ├── default.nix -│   │   │   └── hardware-configuration.nix -│   │   └── rainbow-planet -│   │   ├── default.nix -│   │   └── hardware-configuration.nix -│   └── system -│   └── common -│   ├── linux -│   │   └── internationalisation.nix -│   ├── all-darwin.nix -│   └── all-nixos.nix -├── LICENSE -├── README.md -├── Vagrantfile -├── flake.lock -└── flake.nix - -23 directories, 29 files - -``` +Pre-commit hooks are configured in `.pre-commit-config.yaml` and run automatically before commits. CI validation is defined in `.github/workflows/validate.yml`. ## Historical bits