diff --git a/.gitignore b/.gitignore index 55281ec..410621b 100644 --- a/.gitignore +++ b/.gitignore @@ -1,4 +1,2 @@ .direnv/ -.devenv/ - .pre-commit-config.yaml diff --git a/README.md b/README.md index 7d3f85d..31b4b46 100644 --- a/README.md +++ b/README.md @@ -7,7 +7,6 @@ This is my cobbled together NixOS configuration. There are many like it, but thi - common: Sane defaults that make sense to use for every host. - modules: Regular NixOS modules. - profiles: Higher-level NixOS modules that conform to different roles that a host may have. -- packages: Packages that I couldn't fit anywhere else. - secrets: Agenix secrets. - hosts: Hosts exposed in `nixosConfigurations`. - pubkeys.nix: Nix expression with all my SSH public keys, used for OpenSSH, Agenix and Restic. @@ -21,7 +20,7 @@ This is my cobbled together NixOS configuration. There are many like it, but thi ## Installation ```bash -nix run git+https://codeberg.org/helvetica/puter.git#disk /path/to/disk +nix run git+https://codeberg.org/helvetica/zap.git /path/to/disk # TODO: Configure additional disks mkdir -p /mnt/etc/ssh cat > /mnt/etc/ssh/ssh_host_ed25519_key diff --git a/common/hardware.nix b/common/hardware.nix index a62f709..c351994 100644 --- a/common/hardware.nix +++ b/common/hardware.nix @@ -1,3 +1,12 @@ { services.fwupd.enable = true; + + hardware = { + bluetooth.enable = true; + steam-hardware.enable = true; + xone.enable = true; + xpadneo.enable = true; + gcadapter.enable = true; + enableAllFirmware = true; + }; } diff --git a/common/xdg.nix b/common/xdg.nix new file mode 100644 index 0000000..a5a81d9 --- /dev/null +++ b/common/xdg.nix @@ -0,0 +1,3 @@ +{ + xdg.portal.xdgOpenUsePortal = true; +} diff --git a/flake.lock b/flake.lock index 9a70038..b72943e 100644 --- a/flake.lock +++ b/flake.lock @@ -8,11 +8,11 @@ "systems": "systems" }, "locked": { - "lastModified": 1747575206, - "narHash": "sha256-NwmAFuDUO/PFcgaGGr4j3ozG9Pe5hZ/ogitWhY+D81k=", + "lastModified": 1750173260, + "narHash": "sha256-9P1FziAwl5+3edkfFcr5HeGtQUtrSdk/MksX39GieoA=", "owner": "ryantm", "repo": "agenix", - "rev": "4835b1dc898959d8547a871ef484930675cb47f1", + "rev": "531beac616433bac6f9e2a19feb8e99a22a66baf", "type": "github" }, "original": { @@ -107,6 +107,22 @@ } }, "flake-compat_4": { + "flake": false, + "locked": { + "lastModified": 1696426674, + "narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=", + "owner": "edolstra", + "repo": "flake-compat", + "rev": "0f9255e01c2351cc7d116c072cb317785dd33b33", + "type": "github" + }, + "original": { + "owner": "edolstra", + "repo": "flake-compat", + "type": "github" + } + }, + "flake-compat_5": { "flake": false, "locked": { "lastModified": 1733328505, @@ -122,7 +138,7 @@ "type": "github" } }, - "flake-compat_5": { + "flake-compat_6": { "flake": false, "locked": { "lastModified": 1746162366, @@ -138,16 +154,32 @@ "type": "github" } }, + "flake-compat_7": { + "flake": false, + "locked": { + "lastModified": 1696426674, + "narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=", + "owner": "edolstra", + "repo": "flake-compat", + "rev": "0f9255e01c2351cc7d116c072cb317785dd33b33", + "type": "github" + }, + "original": { + "owner": "edolstra", + "repo": "flake-compat", + "type": "github" + } + }, "flake-parts": { "inputs": { "nixpkgs-lib": "nixpkgs-lib" }, "locked": { - "lastModified": 1748821116, - "narHash": "sha256-F82+gS044J1APL0n4hH50GYdPRv/5JWm34oCJYmVKdE=", + "lastModified": 1751413152, + "narHash": "sha256-Tyw1RjYEsp5scoigs1384gIg6e0GoBVjms4aXFfRssQ=", "owner": "hercules-ci", "repo": "flake-parts", - "rev": "49f0870db23e8c1ca0b5259734a02cd9e1e371a1", + "rev": "77826244401ea9de6e3bac47c2db46005e1f30b5", "type": "github" }, "original": { @@ -179,11 +211,11 @@ "nixpkgs-lib": "nixpkgs-lib_3" }, "locked": { - "lastModified": 1743550720, - "narHash": "sha256-hIshGgKZCgWh6AYJpJmRgFdR3WUbkY04o82X05xqQiY=", + "lastModified": 1749398372, + "narHash": "sha256-tYBdgS56eXYaWVW3fsnPQ/nFlgWi/Z2Ymhyu21zVM98=", "owner": "hercules-ci", "repo": "flake-parts", - "rev": "c621e8422220273271f52058f618c94e405bb0f5", + "rev": "9305fe4e5c2a6fcf5ba6a3ff155720fbe4076569", "type": "github" }, "original": { @@ -254,11 +286,29 @@ "nixpkgs-lib": "nixpkgs-lib_6" }, "locked": { - "lastModified": 1743550720, - "narHash": "sha256-hIshGgKZCgWh6AYJpJmRgFdR3WUbkY04o82X05xqQiY=", + "lastModified": 1749398372, + "narHash": "sha256-tYBdgS56eXYaWVW3fsnPQ/nFlgWi/Z2Ymhyu21zVM98=", "owner": "hercules-ci", "repo": "flake-parts", - "rev": "c621e8422220273271f52058f618c94e405bb0f5", + "rev": "9305fe4e5c2a6fcf5ba6a3ff155720fbe4076569", + "type": "github" + }, + "original": { + "owner": "hercules-ci", + "repo": "flake-parts", + "type": "github" + } + }, + "flake-parts_8": { + "inputs": { + "nixpkgs-lib": "nixpkgs-lib_7" + }, + "locked": { + "lastModified": 1749398372, + "narHash": "sha256-tYBdgS56eXYaWVW3fsnPQ/nFlgWi/Z2Ymhyu21zVM98=", + "owner": "hercules-ci", + "repo": "flake-parts", + "rev": "9305fe4e5c2a6fcf5ba6a3ff155720fbe4076569", "type": "github" }, "original": { @@ -335,6 +385,28 @@ } }, "gitignore_3": { + "inputs": { + "nixpkgs": [ + "hxwrap", + "hooks", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1709087332, + "narHash": "sha256-HG2cCnktfHsKV0s4XW83gU3F57gaTljL9KNSuG6bnQs=", + "owner": "hercules-ci", + "repo": "gitignore.nix", + "rev": "637db329424fd7e46cf4185293b9cc8c88c95394", + "type": "github" + }, + "original": { + "owner": "hercules-ci", + "repo": "gitignore.nix", + "type": "github" + } + }, + "gitignore_4": { "inputs": { "nixpkgs": [ "lanzaboote", @@ -356,13 +428,35 @@ "type": "github" } }, + "gitignore_5": { + "inputs": { + "nixpkgs": [ + "xenumenu", + "hooks", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1709087332, + "narHash": "sha256-HG2cCnktfHsKV0s4XW83gU3F57gaTljL9KNSuG6bnQs=", + "owner": "hercules-ci", + "repo": "gitignore.nix", + "rev": "637db329424fd7e46cf4185293b9cc8c88c95394", + "type": "github" + }, + "original": { + "owner": "hercules-ci", + "repo": "gitignore.nix", + "type": "github" + } + }, "hardware": { "locked": { - "lastModified": 1748942041, - "narHash": "sha256-HEu2gTct7nY0tAPRgBtqYepallryBKR1U8B4v2zEEqA=", + "lastModified": 1751432711, + "narHash": "sha256-136MeWtckSHTN9Z2WRNRdZ8oRP3vyx3L8UxeBYE+J9w=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "fc7c4714125cfaa19b048e8aaf86b9c53e04d853", + "rev": "497ae1357f1ac97f1aea31a4cb74ad0d534ef41f", "type": "github" }, "original": { @@ -424,11 +518,57 @@ ] }, "locked": { - "lastModified": 1747372754, - "narHash": "sha256-2Y53NGIX2vxfie1rOW0Qb86vjRZ7ngizoo+bnXU9D9k=", + "lastModified": 1750779888, + "narHash": "sha256-wibppH3g/E2lxU43ZQHC5yA/7kIKLGxVEnsnVK1BtRg=", "owner": "cachix", "repo": "git-hooks.nix", - "rev": "80479b6ec16fefd9c1db3ea13aeb038c60530f46", + "rev": "16ec914f6fb6f599ce988427d9d94efddf25fe6d", + "type": "github" + }, + "original": { + "owner": "cachix", + "repo": "git-hooks.nix", + "type": "github" + } + }, + "hooks_3": { + "inputs": { + "flake-compat": "flake-compat_3", + "gitignore": "gitignore_3", + "nixpkgs": [ + "hxwrap", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1749636823, + "narHash": "sha256-WUaIlOlPLyPgz9be7fqWJA5iG6rHcGRtLERSCfUDne4=", + "owner": "cachix", + "repo": "git-hooks.nix", + "rev": "623c56286de5a3193aa38891a6991b28f9bab056", + "type": "github" + }, + "original": { + "owner": "cachix", + "repo": "git-hooks.nix", + "type": "github" + } + }, + "hooks_4": { + "inputs": { + "flake-compat": "flake-compat_7", + "gitignore": "gitignore_5", + "nixpkgs": [ + "xenumenu", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1749636823, + "narHash": "sha256-WUaIlOlPLyPgz9be7fqWJA5iG6rHcGRtLERSCfUDne4=", + "owner": "cachix", + "repo": "git-hooks.nix", + "rev": "623c56286de5a3193aa38891a6991b28f9bab056", "type": "github" }, "original": { @@ -440,14 +580,16 @@ "hxwrap": { "inputs": { "flake-parts": "flake-parts_3", - "nixpkgs": "nixpkgs_3" + "hooks": "hooks_3", + "nixpkgs": "nixpkgs_3", + "treefmt": "treefmt_2" }, "locked": { - "lastModified": 1745088587, - "narHash": "sha256-85AYHWayJVq/dxgk/S4RH7u6w59Akyr1fVttR8KBh8g=", + "lastModified": 1749852670, + "narHash": "sha256-MveNAj05dpNfOiK9uK6el6eWNG7r1SlMq45uZWgt20k=", "ref": "refs/heads/main", - "rev": "8fa5d5d550add7bf6cfd0a619dfac0e8a03b2bae", - "revCount": 21, + "rev": "1564605890b844183c2a9be9d3d7e71a0d12e367", + "revCount": 23, "type": "git", "url": "https://codeberg.org/helvetica/hxwrap.git" }, @@ -459,7 +601,7 @@ "lanzaboote": { "inputs": { "crane": "crane", - "flake-compat": "flake-compat_3", + "flake-compat": "flake-compat_4", "flake-parts": "flake-parts_4", "nixpkgs": [ "nixpkgs" @@ -508,11 +650,11 @@ "phps": "phps" }, "locked": { - "lastModified": 1746369841, - "narHash": "sha256-/k3MQPXdsXJ0FDEsT1YvBG9ugRXk1nuE9MCb1wAMGQc=", + "lastModified": 1751398370, + "narHash": "sha256-7TSTVtdZz2nhO5Gn/U3pjvENvQAKJWFJ799EWtx/O/s=", "ref": "refs/heads/main", - "rev": "dbe35541ef6923f411685434cc535d0854b55b6a", - "revCount": 5, + "rev": "18cc2db6cc507ff0123a7e7fc6936f9ea52dbc66", + "revCount": 7, "type": "git", "url": "https://codeberg.org/helvetica/myphps.git" }, @@ -527,11 +669,11 @@ "nixpkgs": "nixpkgs_7" }, "locked": { - "lastModified": 1747493683, - "narHash": "sha256-SEszNrbvTzxjFM7apKnL8LaarvDAzcuuQXj8r+ikJdk=", + "lastModified": 1751397212, + "narHash": "sha256-G9pjUEsde8bJl7TbTqTW2dADhI3FXLfb3Cvq8S1WTdo=", "ref": "refs/heads/main", - "rev": "a61825fc51a2b52cebd01ce58910707383e08b02", - "revCount": 2, + "rev": "a41850db1bb1d4f31a828cecf9387601b3f208c8", + "revCount": 3, "type": "git", "url": "https://codeberg.org/helvetica/nini.git" }, @@ -547,11 +689,11 @@ ] }, "locked": { - "lastModified": 1748751003, - "narHash": "sha256-i4GZdKAK97S0ZMU3w4fqgEJr0cVywzqjugt2qZPrScs=", + "lastModified": 1751170039, + "narHash": "sha256-3EKpUmyGmHYA/RuhZjINTZPU+OFWko0eDwazUOW64nw=", "owner": "nix-community", "repo": "nix-index-database", - "rev": "2860bee699248d828c2ed9097a1cd82c2f991b43", + "rev": "9c932ae632d6b5150515e5749b198c175d8565db", "type": "github" }, "original": { @@ -562,17 +704,17 @@ }, "nixos-cosmic": { "inputs": { - "flake-compat": "flake-compat_5", + "flake-compat": "flake-compat_6", "nixpkgs": "nixpkgs_8", "nixpkgs-stable": "nixpkgs-stable_2", "rust-overlay": "rust-overlay_2" }, "locked": { - "lastModified": 1748948933, - "narHash": "sha256-Lc3YwAK/h+BdXWuiKV+dflWbYD3yObkrN/wugr8w+70=", + "lastModified": 1751281697, + "narHash": "sha256-abHhTXGEGYhCKOc9vQbqHFG7dxwJ6AudIy1h4MUsjm0=", "owner": "lilyinstarlight", "repo": "nixos-cosmic", - "rev": "a24e3123dab28fcc9b3e7b48f40e6e7ba12a6958", + "rev": "78b86e37713a1111d9e37c62b242d60be3013bd1", "type": "github" }, "original": { @@ -599,11 +741,11 @@ }, "nixpkgs-lib": { "locked": { - "lastModified": 1748740939, - "narHash": "sha256-rQaysilft1aVMwF14xIdGS3sj1yHlI6oKQNBRTF40cc=", + "lastModified": 1751159883, + "narHash": "sha256-urW/Ylk9FIfvXfliA1ywh75yszAbiTEVgpPeinFyVZo=", "owner": "nix-community", "repo": "nixpkgs.lib", - "rev": "656a64127e9d791a334452c6b6606d17539476e2", + "rev": "14a40a1d7fb9afa4739275ac642ed7301a9ba1ab", "type": "github" }, "original": { @@ -629,11 +771,11 @@ }, "nixpkgs-lib_3": { "locked": { - "lastModified": 1743296961, - "narHash": "sha256-b1EdN3cULCqtorQ4QeWgLMrd5ZGOjLSLemfa00heasc=", + "lastModified": 1748740939, + "narHash": "sha256-rQaysilft1aVMwF14xIdGS3sj1yHlI6oKQNBRTF40cc=", "owner": "nix-community", "repo": "nixpkgs.lib", - "rev": "e4822aea2a6d1cdd36653c134cacfd64c97ff4fa", + "rev": "656a64127e9d791a334452c6b6606d17539476e2", "type": "github" }, "original": { @@ -674,11 +816,26 @@ }, "nixpkgs-lib_6": { "locked": { - "lastModified": 1743296961, - "narHash": "sha256-b1EdN3cULCqtorQ4QeWgLMrd5ZGOjLSLemfa00heasc=", + "lastModified": 1748740939, + "narHash": "sha256-rQaysilft1aVMwF14xIdGS3sj1yHlI6oKQNBRTF40cc=", "owner": "nix-community", "repo": "nixpkgs.lib", - "rev": "e4822aea2a6d1cdd36653c134cacfd64c97ff4fa", + "rev": "656a64127e9d791a334452c6b6606d17539476e2", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "nixpkgs.lib", + "type": "github" + } + }, + "nixpkgs-lib_7": { + "locked": { + "lastModified": 1748740939, + "narHash": "sha256-rQaysilft1aVMwF14xIdGS3sj1yHlI6oKQNBRTF40cc=", + "owner": "nix-community", + "repo": "nixpkgs.lib", + "rev": "656a64127e9d791a334452c6b6606d17539476e2", "type": "github" }, "original": { @@ -705,11 +862,11 @@ }, "nixpkgs-stable_2": { "locked": { - "lastModified": 1748810746, - "narHash": "sha256-1na8blYvU1F6HLwx/aFjrhUqpqZ0SCsnqqW9n2vXvok=", + "lastModified": 1751048012, + "narHash": "sha256-MYbotu4UjWpTsq01wglhN5xDRfZYLFtNk7SBY0BcjkU=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "78d9f40fd6941a1543ffc3ed358e19c69961d3c1", + "rev": "a684c58d46ebbede49f280b653b9e56100aa3877", "type": "github" }, "original": { @@ -737,11 +894,11 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1744932701, - "narHash": "sha256-fusHbZCyv126cyArUwwKrLdCkgVAIaa/fQJYFlCEqiU=", + "lastModified": 1749285348, + "narHash": "sha256-frdhQvPbmDYaScPFiCnfdh3B/Vh81Uuoo0w5TkWmmjU=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "b024ced1aac25639f8ca8fdfc2f8c4fbd66c48ef", + "rev": "3e3afe5174c561dee0df6f2c2b2236990146329f", "type": "github" }, "original": { @@ -801,11 +958,11 @@ }, "nixpkgs_7": { "locked": { - "lastModified": 1743964447, - "narHash": "sha256-nEo1t3Q0F+0jQ36HJfbJtiRU4OI+/0jX/iITURKe3EE=", + "lastModified": 1751271578, + "narHash": "sha256-P/SQmKDu06x8yv7i0s8bvnnuJYkxVGBWLWHaU+tt4YY=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "063dece00c5a77e4a0ea24e5e5a5bd75232806f8", + "rev": "3016b4b15d13f3089db8a41ef937b13a9e33a8df", "type": "github" }, "original": { @@ -817,11 +974,27 @@ }, "nixpkgs_8": { "locked": { - "lastModified": 1748693115, - "narHash": "sha256-StSrWhklmDuXT93yc3GrTlb0cKSS0agTAxMGjLKAsY8=", + "lastModified": 1751011381, + "narHash": "sha256-krGXKxvkBhnrSC/kGBmg5MyupUUT5R6IBCLEzx9jhMM=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "910796cabe436259a29a72e8d3f5e180fc6dfacc", + "rev": "30e2e2857ba47844aa71991daa6ed1fc678bcbb7", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_9": { + "locked": { + "lastModified": 1750365781, + "narHash": "sha256-XE/lFNhz5lsriMm/yjXkvSZz5DfvKJLUjsS6pP8EC50=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "08f22084e6085d19bcfb4be30d1ca76ecb96fe54", "type": "github" }, "original": { @@ -833,7 +1006,7 @@ }, "phps": { "inputs": { - "flake-compat": "flake-compat_4", + "flake-compat": "flake-compat_5", "nixpkgs": "nixpkgs_6", "utils": "utils" }, @@ -857,7 +1030,7 @@ "lanzaboote", "flake-compat" ], - "gitignore": "gitignore_3", + "gitignore": "gitignore_4", "nixpkgs": [ "lanzaboote", "nixpkgs" @@ -946,7 +1119,8 @@ "nixos-cosmic", "nixpkgs" ], - "treefmt": "treefmt_2" + "treefmt": "treefmt_3", + "xenumenu": "xenumenu" } }, "rust-overlay": { @@ -978,11 +1152,11 @@ ] }, "locked": { - "lastModified": 1748918260, - "narHash": "sha256-KhXNXQ5IDLvwwYfJ0pXDjwIuisZ2qM6F7fcXjIGZy/4=", + "lastModified": 1751251399, + "narHash": "sha256-y+viCuy/eKKpkX1K2gDvXIJI/yzvy6zA3HObapz9XZ0=", "owner": "oxalica", "repo": "rust-overlay", - "rev": "c9736155bc1eb7c7cf3a925920850e61c07ab22a", + "rev": "b22d5ee8c60ed1291521f2dde48784edd6bf695b", "type": "github" }, "original": { @@ -1045,15 +1219,57 @@ "treefmt_2": { "inputs": { "nixpkgs": [ + "hxwrap", "nixpkgs" ] }, "locked": { - "lastModified": 1748243702, - "narHash": "sha256-9YzfeN8CB6SzNPyPm2XjRRqSixDopTapaRsnTpXUEY8=", + "lastModified": 1749194973, + "narHash": "sha256-eEy8cuS0mZ2j/r/FE0/LYBSBcIs/MKOIVakwHVuqTfk=", "owner": "numtide", "repo": "treefmt-nix", - "rev": "1f3f7b784643d488ba4bf315638b2b0a4c5fb007", + "rev": "a05be418a1af1198ca0f63facb13c985db4cb3c5", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "treefmt-nix", + "type": "github" + } + }, + "treefmt_3": { + "inputs": { + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1750931469, + "narHash": "sha256-0IEdQB1nS+uViQw4k3VGUXntjkDp7aAlqcxdewb/hAc=", + "owner": "numtide", + "repo": "treefmt-nix", + "rev": "ac8e6f32e11e9c7f153823abc3ab007f2a65d3e1", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "treefmt-nix", + "type": "github" + } + }, + "treefmt_4": { + "inputs": { + "nixpkgs": [ + "xenumenu", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1749194973, + "narHash": "sha256-eEy8cuS0mZ2j/r/FE0/LYBSBcIs/MKOIVakwHVuqTfk=", + "owner": "numtide", + "repo": "treefmt-nix", + "rev": "a05be418a1af1198ca0f63facb13c985db4cb3c5", "type": "github" }, "original": { @@ -1104,6 +1320,27 @@ "repo": "uv2nix", "type": "github" } + }, + "xenumenu": { + "inputs": { + "flake-parts": "flake-parts_8", + "hooks": "hooks_4", + "nixpkgs": "nixpkgs_9", + "treefmt": "treefmt_4" + }, + "locked": { + "lastModified": 1750544859, + "narHash": "sha256-OnSfoCCC6fYjAUdmZLwg3sRfgotO7bj55dUGV1BAKyY=", + "ref": "refs/heads/main", + "rev": "97ddcea8f30ecad4825f77260fa4e40e952262d1", + "revCount": 1, + "type": "git", + "url": "https://codeberg.org/helvetica/xenumenu.git" + }, + "original": { + "type": "git", + "url": "https://codeberg.org/helvetica/xenumenu.git" + } } }, "root": "root", diff --git a/flake.nix b/flake.nix index 23271ff..c9627a1 100644 --- a/flake.nix +++ b/flake.nix @@ -26,6 +26,7 @@ myphps.url = "git+https://codeberg.org/helvetica/myphps.git"; forgesync.url = "git+https://codeberg.org/helvetica/forgesync.git"; nini.url = "git+https://codeberg.org/helvetica/nini.git"; + xenumenu.url = "git+https://codeberg.org/helvetica/xenumenu.git"; lanzaboote = { url = "github:nix-community/lanzaboote/v0.4.2"; inputs.nixpkgs.follows = "nixpkgs"; diff --git a/hosts/abacus/headscale.nix b/hosts/abacus/headscale.nix index 4009020..ef08b0f 100644 --- a/hosts/abacus/headscale.nix +++ b/hosts/abacus/headscale.nix @@ -9,7 +9,15 @@ in port = 8010; settings = { server_url = "https://${virtualHostName}"; - dns.base_domain = "tailnet.helveticanonstandard.net"; + dns = { + base_domain = "tailnet.helveticanonstandard.net"; + nameservers.global = [ + "1.1.1.1" + "1.0.0.1" + "2606:4700:4700::1111" + "2606:4700:4700::1001" + ]; + }; logtail.enabled = false; }; }; diff --git a/hosts/glacier/profiles.nix b/hosts/glacier/profiles.nix index b2f1fd3..1caf3d3 100644 --- a/hosts/glacier/profiles.nix +++ b/hosts/glacier/profiles.nix @@ -1,6 +1,8 @@ { profiles = { desktop.enable = true; + dynamic.enable = true; + headful.enable = true; emulation.enable = true; gaming.enable = true; piracy.enable = true; diff --git a/hosts/insomniac/README.md b/hosts/insomniac/README.md new file mode 100644 index 0000000..37baf7f --- /dev/null +++ b/hosts/insomniac/README.md @@ -0,0 +1,8 @@ +shell script that loops a launcher +basically + +while true; do +fuzzel with retroarch steam quit +if quit; then exit; fi +else run command (waiting) +done diff --git a/hosts/insomniac/cage.nix b/hosts/insomniac/cage.nix new file mode 100644 index 0000000..076c85f --- /dev/null +++ b/hosts/insomniac/cage.nix @@ -0,0 +1,47 @@ +{ + lib, + inputs, + pkgs, + ... +}: +let + spec = { + entries = [ + { + displayName = "RetroArch"; + program = "retroarch"; + } + { + displayName = "Steam"; + program = "steam"; + args = [ + "-tenfoot" + ]; + } + ]; + }; + + specFormat = pkgs.formats.json { }; + + launcher = pkgs.writeShellApplication { + name = "launcher"; + runtimeInputs = [ + inputs.xenumenu.packages.${pkgs.system}.default + ]; + text = '' + while true; do + xenumenu --rowcols 3 --exit ${specFormat.generate "spec.json" spec} + done + ''; + }; +in +{ + services.cage = { + enable = true; + program = lib.getExe launcher; + user = "insomniac"; + environment = { + WLR_LIBINPUT_NO_DEVICES = "1"; + }; + }; +} diff --git a/hosts/insomniac/profiles.nix b/hosts/insomniac/profiles.nix index b2f1fd3..36ae810 100644 --- a/hosts/insomniac/profiles.nix +++ b/hosts/insomniac/profiles.nix @@ -1,9 +1,7 @@ { profiles = { desktop.enable = true; - emulation.enable = true; - gaming.enable = true; - piracy.enable = true; - productivity.enable = true; + headful.enable = true; + dynamic.enable = true; }; } diff --git a/hosts/insomniac/retroarch.nix b/hosts/insomniac/retroarch.nix new file mode 100644 index 0000000..8f06295 --- /dev/null +++ b/hosts/insomniac/retroarch.nix @@ -0,0 +1,13 @@ +{ pkgs, ... }: +{ + environment.systemPackages = + let + retroarch = pkgs.retroarch.withCores (cores: [ + cores.parallel-n64 + cores.dolphin + ]); + in + [ + retroarch + ]; +} diff --git a/hosts/insomniac/steam.nix b/hosts/insomniac/steam.nix new file mode 100644 index 0000000..d39f536 --- /dev/null +++ b/hosts/insomniac/steam.nix @@ -0,0 +1,11 @@ +{ + programs.steam = { + enable = true; + extest.enable = true; + protontricks.enable = true; + dedicatedServer.openFirewall = true; + remotePlay.openFirewall = true; + localNetworkGameTransfers.openFirewall = true; + gamescopeSession.enable = true; # TODO + }; +} diff --git a/hosts/insomniac/freetube.nix b/hosts/work/mattermost.nix similarity index 67% rename from hosts/insomniac/freetube.nix rename to hosts/work/mattermost.nix index b24fd0d..9706837 100644 --- a/hosts/insomniac/freetube.nix +++ b/hosts/work/mattermost.nix @@ -1,6 +1,6 @@ { pkgs, ... }: { environment.systemPackages = [ - pkgs.freetube + pkgs.mattermost-desktop ]; } diff --git a/hosts/work/networking.nix b/hosts/work/networking.nix new file mode 100644 index 0000000..3ada38d --- /dev/null +++ b/hosts/work/networking.nix @@ -0,0 +1,3 @@ +{ + networking.networkmanager.enableStrongSwan = true; +} diff --git a/hosts/work/profiles.nix b/hosts/work/profiles.nix index c901b18..130f555 100644 --- a/hosts/work/profiles.nix +++ b/hosts/work/profiles.nix @@ -1,6 +1,8 @@ { profiles = { desktop.enable = true; + dynamic.enable = true; + headful.enable = true; productivity.enable = true; }; } diff --git a/hosts/work/tools.nix b/hosts/work/tools.nix index 2dca47b..db6c616 100644 --- a/hosts/work/tools.nix +++ b/hosts/work/tools.nix @@ -7,5 +7,7 @@ pkgs.jq pkgs.mariadb pkgs.openssl + pkgs.kubectl + pkgs.awscli2 ]; } diff --git a/modules/gcadapter.nix b/modules/gcadapter.nix index 3d3bba8..1c8c123 100644 --- a/modules/gcadapter.nix +++ b/modules/gcadapter.nix @@ -1,6 +1,7 @@ { config, lib, + pkgs, ... }: let @@ -10,9 +11,9 @@ in options.hardware.gcadapter.enable = lib.mkEnableOption "GameCube Adapter support"; config = lib.mkIf cfg.enable { - services.udev.extraRules = '' - ATTRS{idVendor}=="057e", ATTRS{idProduct}=="0337", MODE="666", SUBSYSTEM=="usb", ENV{DEVTYPE}=="usb_device" TAG+="uaccess" - ''; + services.udev.packages = [ + pkgs.dolphin-emu + ]; boot = { extraModulePackages = [ diff --git a/packages/disk/disk b/packages/disk/disk deleted file mode 100755 index 9b74435..0000000 --- a/packages/disk/disk +++ /dev/null @@ -1,196 +0,0 @@ -#!/usr/bin/env bash - -set -o errexit -set -o nounset -set -o pipefail - -progname="$0" - -warn() { - local line - for line in "$@"; do - echo "$progname: $line" 1>&2 - done -} - -error() { - warn "$@" - - exit 1 -} - -skip() { - if (($# < 1)); then - error 'name of value to be skipped is required' - fi - - if (($# > 1)); then - error 'too many arguments' - fi - - local skip=$1 - - for s in "${skips[@]}"; do - if [[ $s == "$skip" ]]; then - return 1 - fi - done - - return 0 -} - -args=$( - getopt \ - --options r:b:l:c:m:B:M:v \ - --longoptions root:,boot-label:,main-label:,cryptmain-label:,mapping:,boot-options:,main-options:,verbose \ - --name "$progname" \ - -- "$@" -) - -eval set -- "$args" - -root=/mnt -bootlbl=BOOT -mainlbl=main -cryptmainlbl=cryptmain -mapping=main -bootflags=() -mainflags=() -fatflags=() -ext4flags=() -skips=() -while true; do - case "$1" in - -r | --root) - root=$2 - shift 2 - ;; - -b | --boot-label) - skips+=(bootlbl) - bootlbl=${2^^} - shift 2 - ;; - -l | --main-label) - skips+=(mainlbl) - mainlbl=$2 - shift 2 - ;; - -c | --cryptmain-label) - skips+=(cryptmainlbl) - cryptmainlbl=$2 - shift 2 - ;; - -m | --mapping) - skips+=(mapping) - mapping=$2 - shift 2 - ;; - -B | --boot-options) - bootflags+=(--options "$2") - shift 2 - ;; - -M | --main-options) - mainflags+=(--options "$2") - shift 2 - ;; - -v | --verbose) - fatflags+=(-v) - ext4flags+=(-v) - shift - ;; - --) - shift - break - ;; - esac -done - -if (($# < 1)); then - error 'an argument specifying the block device is required' -fi - -if (($# > 1)); then - error 'too many arguments' -fi - -blkdev=$1 - -sfdisk --label gpt --quiet -- "$blkdev" </dev/null - -while true; do - read -rep 'Do you want your main partition to be encrypted? [y/N] ' input - case "$input" in - [Yy]*) - while true; do - read -rsp 'Enter password: ' password - warn '' - read -rsp 'Re-enter password: ' repassword - warn '' - if [[ $password == "$repassword" ]]; then - break - fi - done - - if ! skip cryptmainlbl; then - read -rep "Which label should the main LUKS partition have? [$cryptmainlbl] " input - if [[ -n $input ]]; then - cryptmainlbl=$input - fi - fi - - cryptsetup luksFormat --batch-mode --label "$cryptmainlbl" -- "$mainblkdev" <<<"$password" - - if ! skip mapping; then - read -rep "Which name should the main LUKS mapping have? [$mapping] " input - if [[ -n $input ]]; then - mapping=$input - fi - fi - - cryptsetup open -- "$mainblkdev" "$mapping" <<<"$password" - - mainfs=/dev/mapper/$mapping - break - ;; - '' | [Nn]*) - mainfs=$mainblkdev - break - ;; - *) warn 'Please answer with yes or no' ;; - esac -done - -if ! skip mainlbl; then - read -rep "Which label should the main file system have? [$mainlbl] " input - if [[ -n $input ]]; then - mainlbl=$input - fi -fi - -mkfs.ext4 -qFL "$mainlbl" "${ext4flags[@]}" -- "$mainfs" -mkdir --parents -- "$root" -mount "${mainflags[@]}" -- "$mainfs" "$root" - -mkdir -- "$root/boot" -mount "${bootflags[@]}" -- "$bootfs" "$root/boot" diff --git a/packages/disk/package.nix b/packages/disk/package.nix deleted file mode 100644 index a8466f7..0000000 --- a/packages/disk/package.nix +++ /dev/null @@ -1,19 +0,0 @@ -{ - writeShellApplication, - util-linux, - jq, - e2fsprogs, - dosfstools, -}: -writeShellApplication { - name = "disk"; - - runtimeInputs = [ - util-linux - jq - e2fsprogs - dosfstools - ]; - - text = builtins.readFile ./disk; -} diff --git a/profiles/desktop/default.nix b/profiles/desktop/default.nix index 11e024f..2bcea45 100644 --- a/profiles/desktop/default.nix +++ b/profiles/desktop/default.nix @@ -13,6 +13,14 @@ in assertion = !config.profiles.server.enable; message = "The desktop profile is not compatible with the server profile."; } + { + assertion = config.profiles.headful.enable; + message = "The desktop profile depends on the headful profile."; + } + { + assertion = config.profiles.dynamic.enable; + message = "The desktop profile depends on the dynamic profile."; + } ]; }; } diff --git a/profiles/desktop/hardware.nix b/profiles/desktop/hardware.nix deleted file mode 100644 index 13163b5..0000000 --- a/profiles/desktop/hardware.nix +++ /dev/null @@ -1,22 +0,0 @@ -{ - config, - lib, - ... -}: -let - cfg = config.profiles.desktop; -in -{ - config = lib.mkIf cfg.enable { - hardware = { - bluetooth.enable = true; - steam-hardware.enable = true; - xone.enable = true; - xpadneo.enable = true; - opentabletdriver.enable = true; - gcadapter.enable = true; - graphics.enable = true; - enableAllFirmware = true; - }; - }; -} diff --git a/profiles/desktop/networking.nix b/profiles/desktop/networking.nix deleted file mode 100644 index bdc6911..0000000 --- a/profiles/desktop/networking.nix +++ /dev/null @@ -1,20 +0,0 @@ -{ - config, - lib, - ... -}: -let - cfg = config.profiles.desktop; -in -{ - config = lib.mkIf cfg.enable { - services.resolved.enable = true; - - networking.networkmanager = { - enable = true; - dns = "systemd-resolved"; - }; - - users.groups.networkmanager.members = config.users.normalUsers; - }; -} diff --git a/profiles/desktop/xdg.nix b/profiles/desktop/spotify.nix similarity index 61% rename from profiles/desktop/xdg.nix rename to profiles/desktop/spotify.nix index 892a8dc..fe6ef29 100644 --- a/profiles/desktop/xdg.nix +++ b/profiles/desktop/spotify.nix @@ -1,6 +1,7 @@ { config, lib, + pkgs, ... }: let @@ -8,6 +9,8 @@ let in { config = lib.mkIf cfg.enable { - xdg.portal.xdgOpenUsePortal = true; + environment.systemPackages = [ + pkgs.spotify + ]; }; } diff --git a/profiles/dynamic/default.nix b/profiles/dynamic/default.nix new file mode 100644 index 0000000..c97dc91 --- /dev/null +++ b/profiles/dynamic/default.nix @@ -0,0 +1,18 @@ +{ config, lib, ... }: +let + cfg = config.profiles.dynamic; +in +{ + options.profiles.dynamic = { + enable = lib.mkEnableOption "dynamic"; + }; + + config = lib.mkIf cfg.enable { + assertions = [ + { + assertion = !config.profiles.server.enable; + message = "The dynamic profile is not compatible with the server profile."; + } + ]; + }; +} diff --git a/profiles/desktop/location.nix b/profiles/dynamic/location.nix similarity index 77% rename from profiles/desktop/location.nix rename to profiles/dynamic/location.nix index fffcb56..508ee6f 100644 --- a/profiles/desktop/location.nix +++ b/profiles/dynamic/location.nix @@ -4,7 +4,7 @@ ... }: let - cfg = config.profiles.desktop; + cfg = config.profiles.dynamic; in { config = lib.mkIf cfg.enable { diff --git a/profiles/dynamic/networking.nix b/profiles/dynamic/networking.nix new file mode 100644 index 0000000..607153c --- /dev/null +++ b/profiles/dynamic/networking.nix @@ -0,0 +1,15 @@ +{ + config, + lib, + ... +}: +let + cfg = config.profiles.dynamic; +in +{ + config = lib.mkIf cfg.enable { + networking.networkmanager.enable = true; + + users.groups.networkmanager.members = config.users.normalUsers; + }; +} diff --git a/profiles/desktop/clipboard.nix b/profiles/headful/clipboard.nix similarity index 100% rename from profiles/desktop/clipboard.nix rename to profiles/headful/clipboard.nix diff --git a/profiles/headful/default.nix b/profiles/headful/default.nix new file mode 100644 index 0000000..b57a2b9 --- /dev/null +++ b/profiles/headful/default.nix @@ -0,0 +1,18 @@ +{ config, lib, ... }: +let + cfg = config.profiles.headful; +in +{ + options.profiles.headful = { + enable = lib.mkEnableOption "headful"; + }; + + config = lib.mkIf cfg.enable { + assertions = [ + { + assertion = !config.profiles.server.enable; + message = "The headful profile is not compatible with the server profile."; + } + ]; + }; +} diff --git a/profiles/desktop/fonts.nix b/profiles/headful/fonts.nix similarity index 96% rename from profiles/desktop/fonts.nix rename to profiles/headful/fonts.nix index 2a528be..1ca0466 100644 --- a/profiles/desktop/fonts.nix +++ b/profiles/headful/fonts.nix @@ -5,7 +5,7 @@ ... }: let - cfg = config.profiles.desktop; + cfg = config.profiles.headful; in { config = lib.mkIf cfg.enable { diff --git a/profiles/desktop/pipewire.nix b/profiles/headful/pipewire.nix similarity index 89% rename from profiles/desktop/pipewire.nix rename to profiles/headful/pipewire.nix index 7e6986f..b9605ff 100644 --- a/profiles/desktop/pipewire.nix +++ b/profiles/headful/pipewire.nix @@ -4,7 +4,7 @@ ... }: let - cfg = config.profiles.desktop; + cfg = config.profiles.headful; in { config = lib.mkIf cfg.enable { diff --git a/profiles/desktop/wayland.nix b/profiles/headful/wayland.nix similarity index 67% rename from profiles/desktop/wayland.nix rename to profiles/headful/wayland.nix index e76d7fc..28fb060 100644 --- a/profiles/desktop/wayland.nix +++ b/profiles/headful/wayland.nix @@ -4,13 +4,13 @@ ... }: let - cfg = config.profiles.desktop; + cfg = config.profiles.headful; in { config = lib.mkIf cfg.enable { environment.sessionVariables = { NIXOS_OZONE_WL = "1"; - SDL_VIDEODRIVER = "wayland"; + SDL_VIDEODRIVER = "wayland,x11"; }; }; } diff --git a/secrets/secrets.nix b/secrets/secrets.nix index 2251d3e..5567544 100644 --- a/secrets/secrets.nix +++ b/secrets/secrets.nix @@ -21,4 +21,5 @@ in "secure-boot/abacus.tar.age".publicKeys = (builtins.attrValues users) ++ [ hosts.abacus ]; "secure-boot/flamingo.tar.age".publicKeys = (builtins.attrValues users) ++ [ hosts.flamingo ]; "secure-boot/vessel.tar.age".publicKeys = (builtins.attrValues users) ++ [ hosts.vessel ]; + "secure-boot/work.tar.age".publicKeys = (builtins.attrValues users) ++ [ hosts.work ]; } diff --git a/secrets/secure-boot/work.tar.age b/secrets/secure-boot/work.tar.age new file mode 100644 index 0000000..b76af37 Binary files /dev/null and b/secrets/secure-boot/work.tar.age differ