From 2a532d264ca114aff533c81ff2a4f01d94badaaf Mon Sep 17 00:00:00 2001 From: elythh Date: Sat, 31 Aug 2024 01:17:46 +0200 Subject: [PATCH] wip --- .../x86_64-linux/gwen@aurelionite/default.nix | 100 +++++++++++++++ .../programs/terminal/shell/zsh/default.nix | 1 + .../terminal/social/slack-term/default.nix | 8 +- .../programs/terminal/tools/go/default.nix | 31 ----- .../nixos/displaymanager/regreet/default.nix | 81 ------------ modules/shared/nix/default.nix | 1 + secrets/gwen/secrets.yaml | 5 +- systems/x86_64-linux/aurelionite/default.nix | 121 ++++++++++++++++++ systems/x86_64-linux/aurelionite/hardware.nix | 45 +++++++ .../x86_64-linux/aurelionite/networking.nix | 36 ++++++ systems/x86_64-linux/grovetender/default.nix | 6 - 11 files changed, 311 insertions(+), 124 deletions(-) create mode 100644 homes/x86_64-linux/gwen@aurelionite/default.nix delete mode 100644 modules/home/programs/terminal/tools/go/default.nix delete mode 100644 modules/nixos/displaymanager/regreet/default.nix create mode 100644 systems/x86_64-linux/aurelionite/default.nix create mode 100644 systems/x86_64-linux/aurelionite/hardware.nix create mode 100644 systems/x86_64-linux/aurelionite/networking.nix diff --git a/homes/x86_64-linux/gwen@aurelionite/default.nix b/homes/x86_64-linux/gwen@aurelionite/default.nix new file mode 100644 index 00000000..0f2fd1b3 --- /dev/null +++ b/homes/x86_64-linux/gwen@aurelionite/default.nix @@ -0,0 +1,100 @@ +{ + config, + lib, + namespace, + ... +}: +let + inherit (lib.${namespace}) enabled; +in +{ + elyth = { + user = { + enable = true; + inherit (config.snowfallorg.user) name; + }; + + programs = { + graphical = { + apps = { + thunderbird = enabled; + zathura = enabled; + }; + + bars = { + waybar = { + fullSizeOutputs = [ + "eDP-1" + "HDMI-A-1" + ]; + condensedOutputs = [ "DP-3" ]; + }; + }; + + browsers = { + firefox = { + gpuAcceleration = true; + hardwareDecoding = true; + }; + }; + + wms = { + hyprland = { + enable = true; + }; + }; + }; + + terminal = { + tools = { + git = { + enable = true; + }; + + run-as-service = enabled; + ssh = enabled; + }; + }; + }; + + services = { + hyprpaper = enabled; + + rnnoise = enabled; + + sops = { + enable = true; + defaultSopsFile = lib.snowfall.fs.get-file "secrets/gwen/secrets.yaml"; + sshKeyPaths = [ "${config.home.homeDirectory}/.ssh/id_ed25519" ]; + }; + }; + + system = { + xdg = enabled; + }; + + theme = enabled; + + suites = { + business = enabled; + common = enabled; + desktop = enabled; + + development = { + enable = true; + + dockerEnable = false; + kubernetesEnable = true; + nixEnable = true; + }; + + music = enabled; + networking = enabled; + photo = enabled; + social = enabled; + video = enabled; + }; + }; + + home.stateVersion = "24.05"; +} diff --git a/modules/home/programs/terminal/shell/zsh/default.nix b/modules/home/programs/terminal/shell/zsh/default.nix index a1981fd6..6621d468 100644 --- a/modules/home/programs/terminal/shell/zsh/default.nix +++ b/modules/home/programs/terminal/shell/zsh/default.nix @@ -20,6 +20,7 @@ in dotDir = ".config/zsh"; envExtra = '' export PATH=~/.local/bin:~/.local/share/nvim/mason/bin:$PATH + export EDITOR=nvim ''; initExtra = '' source ~/.config/zsh/env.zsh diff --git a/modules/home/programs/terminal/social/slack-term/default.nix b/modules/home/programs/terminal/social/slack-term/default.nix index f80d09fd..8ab2f3f2 100644 --- a/modules/home/programs/terminal/social/slack-term/default.nix +++ b/modules/home/programs/terminal/social/slack-term/default.nix @@ -20,10 +20,10 @@ in home.packages = [ pkgs.slack-term ]; sops.secrets = { - # slack-term = { - # sopsFile = lib.snowfall.fs.get-file "secrets/gwen/secrets.yaml"; - # path = "${config.home.homeDirectory}/.config/slack-term/config"; - # }; + slack-term = { + sopsFile = lib.snowfall.fs.get-file "secrets/gwen/secrets.yaml"; + path = "${config.home.homeDirectory}/.config/slack-term/config"; + }; }; }; } diff --git a/modules/home/programs/terminal/tools/go/default.nix b/modules/home/programs/terminal/tools/go/default.nix deleted file mode 100644 index 4b3db7b1..00000000 --- a/modules/home/programs/terminal/tools/go/default.nix +++ /dev/null @@ -1,31 +0,0 @@ -{ - config, - lib, - pkgs, - namespace, - ... -}: -let - inherit (lib) mkIf; - inherit (lib.${namespace}) mkBoolOpt; - - cfg = config.${namespace}.programs.terminal.tools.go; -in -{ - options.${namespace}.programs.terminal.tools.go = { - enable = mkBoolOpt false "Whether or not to enable Go support."; - }; - - config = mkIf cfg.enable { - home = { - packages = with pkgs; [ - go - gopls - ]; - - sessionVariables = { - GOPATH = "$HOME/work/go"; - }; - }; - }; -} diff --git a/modules/nixos/displaymanager/regreet/default.nix b/modules/nixos/displaymanager/regreet/default.nix deleted file mode 100644 index 555c8caa..00000000 --- a/modules/nixos/displaymanager/regreet/default.nix +++ /dev/null @@ -1,81 +0,0 @@ -{ - config, - inputs, - lib, - pkgs, - system, - namespace, - ... -}: -let - inherit (lib) - types - mkIf - getExe - getExe' - ; - inherit (lib.${namespace}) mkBoolOpt mkOpt; - inherit (inputs) hyprland; - - cfg = config.${namespace}.display-managers.regreet; - - greetdHyprlandConfig = pkgs.writeText "greetd-hyprland-config" '' - ${cfg.hyprlandOutput} - - animations { - enabled=false - first_launch_animation=false - } - - bind=SUPER, RETURN, exec, ${getExe pkgs.wezterm} - bind=SUPER_SHIFT, RETURN, exec, ${getExe pkgs.nwg-hello} - bind=SUPER_CTRL_SHIFT, RETURN, exec, ${getExe pkgs.greetd.regreet} - - exec-once = ${pkgs.dbus}/bin/dbus-update-activation-environment --systemd DISPLAY WAYLAND_DISPLAY XDG_CURRENT_DESKTOP HYPRLAND_INSTANCE_SIGNATURE - - exec-once = ${getExe pkgs.greetd.regreet} -l debug && ${ - getExe' hyprland.packages.${system}.hyprland-unwrapped "hyprctl" - } exit - ''; -in -{ - options.${namespace}.display-managers.regreet = with types; { - enable = mkBoolOpt false "Whether or not to enable greetd."; - hyprlandOutput = mkOpt lines "" "Hyprlands Outputs config."; - }; - - config = mkIf cfg.enable { - programs.regreet = { - enable = true; - - settings = { - background = { - path = pkgs.${namespace}.wallpapers.flatppuccin_macchiato; - fit = "Cover"; - }; - - GTK = { - application_prefer_dark_theme = true; - font_name = "${config.${namespace}.system.fonts.default} * 12"; - }; - }; - }; - - services.greetd = { - settings = { - default_session = { - command = "${ - getExe hyprland.packages.${system}.hyprland-unwrapped - } --config ${greetdHyprlandConfig} > /tmp/hyprland-log-out.txt 2>&1"; - }; - }; - - restart = false; - }; - - security.pam.services.greetd = { - enableGnomeKeyring = true; - gnupg.enable = true; - }; - }; -} diff --git a/modules/shared/nix/default.nix b/modules/shared/nix/default.nix index 662b789e..4f4edbd5 100644 --- a/modules/shared/nix/default.nix +++ b/modules/shared/nix/default.nix @@ -36,6 +36,7 @@ in }; environment = { + variables.FLAKE = "/home/gwen/Documents/dots/elythh/flake"; etc = with inputs; { # set channels (backwards compatibility) "nix/flake-channels/system".source = self; diff --git a/secrets/gwen/secrets.yaml b/secrets/gwen/secrets.yaml index f88e46ba..44eda75d 100644 --- a/secrets/gwen/secrets.yaml +++ b/secrets/gwen/secrets.yaml @@ -6,6 +6,7 @@ kubernetes: ENC[AES256_GCM,data:/ipEEaoK5+tkXq4tPdjMalUb5Vl6CuPGtmYG07/yY/6V38px twitch-tui: ENC[AES256_GCM,data:PsnkSmlbA70HW3ckaVHb8sokC78ALK6X/hfCbfM9qlg75XqDj6mIWEBegL1dyJIYEHOFe3FoKEnOVCMqqLZLQ4ppRfAKo6VuU3LZt7Jhpvc1srMK5QjnGJOI3QOHMSZUTSfYuieCqxSXWhbQ5iKKVvOlGbzBSSD2w3+uQlHSHr/OLX62ywU0LXzPB7YK5re1k/JHE6GaugZ0laXbv2DwCBAQRHi9vyAh7z7lQmzVBnCODCtqlPXf9H/emWoGsj1PMLDFPJoGW5QrcMXGoLOM5WKiAXzy5JHUHWBqapmpoQ0TGp1arhSUab6BYeHDtvmtutTlJenSpG+C/lZlQObwpq4WeLMN3T6Xbot7p8Bx0XvZeEbfW4U45unNVlrRqSoFc0F6OgLJwD5id25OaEkQq/eSG0BfqcdrPoXlxPEm+450Pd42RC7tIsZY2+lOmYKu/WYWo1iAOz2U46HX3dGq6vryYlAGUQuRh93aSsN01FAynz2yjRWoTNAyXMZEAn1252oB+PRfGN0+j965U0FZmg39OxC8syYavKXLtBxfK8hxBooS4d+mdhatm1SkoZKDKqGCB5IeIwnBwQyE+g5Z+CxuICV+ZFzlhm1PhOhwJJKraz3CmnN9WeMRoYPntFy50BQigVJhhFcDWKbuGSPbpo6jTJ5BUNZe5IQh3OdckbW23vBNJsnCldUEeXnL6yvExNrMsLYSNx4iBbMEVAJKRs5TQxd/Ojn+C3fF79TkaLTuI83BdWd3ssL+ksTr2ZnIBfSfrFr4Io2f8KoaUu3e3TMFZyVqXUtB+KtXLWAbE2qkXrZnb3Qxo4gTNJlxJ3KCgn5LVNlZU0RBPZHYdbVcyCVNFtUvX8s4d2YY0Y5e/NYIYCOOyEF6TsO6sipm1NAiN5mA6jzVgeSEz370FTWd8iTbnURDa9Ul6LecCKGG+oEGnkgwuGamFZigvhwr3LTZI6gR9vIYDFkExU4JRC4u8N1b9cku2IV07tBa2nR27jdlnsDy0py2DZw8WBULtI8TO7oZNSHKgbTX3dyT3Mj5RiPC7SpiVzrwvI8AM99QXuF/6EADwYsN1C0FBitRIL78I/x+dp2O8RaGOAq2IUDSl8i0KK3Ut6UcyER0iF4OG6k6X0Y+UAjD4oeq/AJyDIWfkc6q8+Un1+dBGeqGtpiv8HySGIgD2cwlRi8=,iv:HeeGYl8FlBDpCohD+1yNOG384PnoP0NGsHTJLGNicRQ=,tag:3PMEhzR+cDJsymeNAvMwaw==,type:str] rbw: ENC[AES256_GCM,data:tGViXbyT8abFY/ylPyBZL/uVSET7I205h+tLsk6pOucz3YCzWj7Lkl8uQyan7IBFEjtXZyKBVQmCG7CANspCtiYN18SzbxnFjaco5O1uC0W4XCEMdzdMiuiO1GmoOKmwbGoklDAKNeYQOJPcdViBCywtpGK/5eRJV5g8vKLVPhBWfISg6L+LBvbAUVMoovqnfnNAjieEFFysQeJJ85RE6VqpXsD5ns6e9/3E9OgI/1sJPY55jxgTqZMfgSAnCzqXfN+qPl/qKWxfx/CeeBEPg5OwKU5y2YVp,iv:PqmgQP6etH8A0lZB9l2tvQiq8SCIO1JGnf/vAYWQkdE=,tag:WA0rXymuUe4ix3PCFyyhBg==,type:str] ANTHROPIC_API_KEY: ENC[AES256_GCM,data:S7vPc2t65ig0pwKkPSCzRbYGhSAKyG3rh7Up/237brJ3C+h6bmg0zdl32IDrJ71IOYgtbd4sltYVf5xv4oLtvO95a2F4sg9tkOK8sNFmBGaVvJW/ioH1EyKhGJAzBg+4grXd591dlwcfiNLD,iv:6Zfvw50luNekYRPAfiKm3vORZJPNopHwx7F6UwdjEKM=,tag:YyEh3S9D0cifGC09PUhS4Q==,type:str] +slack-term: ENC[AES256_GCM,data:Mle7+kt2g2mY8jp7SLsTlXKXnKLGZNiyS73D4Q7xZYt7/f8vlpcYEf//MQJe5VVL6JRRP+MI5praH6bIU+dGOLFgOo9Vby7Zdpz1YAuBp9Njrcgo/USHDmKzVOiYBcWmHY3t4ftgEBcOp4jWfZnQQ85RiGnd/h6YsUR+ZS4RK1jXlQ==,iv:j9xus+4TKCFJvms7pXs8hH6OdJ66ARuup6SFO1dj+DY=,tag:jvgaTVHRyZImd/xNPWrPBQ==,type:str] sops: kms: [] gcp_kms: [] @@ -21,8 +22,8 @@ sops: WldURGJYTG0ybFg0YXlpbzY5WU14M2sKWW7TM1p5OUiIOXBiYg5T1U9nuOdRA/q0 NKjB6Ky7OwKRnCvYWTe5kx/+R/psHtRSEgtJ1YZA8esZ0f/jhFBNfg== -----END AGE ENCRYPTED FILE----- - lastmodified: "2024-08-30T18:00:40Z" - mac: ENC[AES256_GCM,data:KWnZxpzUsNVoUibzFoiTT0oxAMRXmFjO3JPAoqQ462x0dKFBVjRh8axWueTxQvzFBhb2jAbIXfUn+6+K5ZjJqld/zQbdy1W/uOXO//ZjUnL7/Uqoi5VhbLom7BmE1sCgM8DeghaVdsPK229dNRWHLWmqDs6I45Ynn+efnCWtnvo=,iv:p19l+RjrmoaJMAsNpOhBP527qV5V6B6oIoZN73C/PXU=,tag:pUY/vk/cs0HiEmyzX1UO+A==,type:str] + lastmodified: "2024-08-30T23:08:59Z" + mac: ENC[AES256_GCM,data:CAFcQjegN1eZmeK94La6obNsk5j3yc14diK9XZztlHkG6yMiapjFR4VtL06UGkHPgEBZafrrUHxXwZlA/7uPPUvABbvkXxdxYvrYagogVH8/yD0LqkFmSLqDxiCP2aLRtdYbSGZx6b4vxcuZEgOB4ECMHpELtBjtf9MGOFSUS4Q=,iv:6VhidQmwhKWNlzgbfwMipVJjVK6bE0SHnSHu/Al7LS0=,tag:DX0NZ6sPElGeSfnSxTwmTA==,type:str] pgp: [] unencrypted_suffix: _unencrypted version: 3.9.0 diff --git a/systems/x86_64-linux/aurelionite/default.nix b/systems/x86_64-linux/aurelionite/default.nix new file mode 100644 index 00000000..5819f19e --- /dev/null +++ b/systems/x86_64-linux/aurelionite/default.nix @@ -0,0 +1,121 @@ +{ + config, + lib, + namespace, + ... +}: +let + inherit (lib.${namespace}) enabled; +in +{ + imports = [ + ./hardware.nix + ]; + elyth = { + nix = enabled; + + archetypes = { + personal = enabled; + workstation = enabled; + }; + + hardware = { + audio = { + enable = true; + }; + bluetooth = enabled; + cpu.amd = enabled; + opengl = enabled; + }; + + programs = { + graphical = { + addons = { + noisetorch = { + enable = false; + threshold = 95; + device = "alsa_input.usb-Blue_Microphones_Yeti_Stereo_Microphone_LT_191128065321F39907D0_111000-00.analog-stereo"; + deviceUnit = "sys-devices-pci0000:00-0000:00:01.2-0000:02:00.0-0000:03:08.0-0000:08:00.3-usb3-3\x2d2-3\x2d2.1-3\x2d2.1.4-3\x2d2.1.4.3-3\x2d2.1.4.3:1.0-sound-card3-controlC3.device"; + }; + }; + + wms = { + hyprland = { + enable = true; + }; + }; + }; + }; + + services = { + power = enabled; + + openssh = { + enable = true; + + authorizedKeys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIP8Uvx1a/dkacYXKXDikaFL6kfRk+kSj6n7Pwm9t6+HP" + ]; + + # TODO: make part of ssh config proper + extraConfig = '' + Host server + User ${config.${namespace}.user.name} + Hostname elyth.local + ''; + }; + }; + + security = { + # doas = enabled; + keyring = enabled; + sudo-rs = enabled; + }; + + suites = { + development = { + enable = true; + dockerEnable = true; + kubernetesEnable = true; + nixEnable = true; + }; + }; + + system = { + boot = { + enable = true; + silentBoot = true; + }; + + fonts = enabled; + locale = enabled; + networking = { + enable = true; + optimizeTcp = true; + }; + time = enabled; + }; + + theme = { + qt = enabled; + gtk = enabled; + }; + }; + + nix.settings = { + cores = 24; + max-jobs = 24; + }; + + services = { + displayManager.defaultSession = "hyprland"; + }; + + # This value determines the NixOS release from which the default + # settings for stateful data, like file locations and database versions + # on your system were taken. It‘s perfectly fine and recommended to leave + # this value at the release version of the first install of this system. + # Before changing this value read the documentation for this option + # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). + system.stateVersion = "24.05"; # Did you read the comment? +} diff --git a/systems/x86_64-linux/aurelionite/hardware.nix b/systems/x86_64-linux/aurelionite/hardware.nix new file mode 100644 index 00000000..57b09a9e --- /dev/null +++ b/systems/x86_64-linux/aurelionite/hardware.nix @@ -0,0 +1,45 @@ +{ + config, + lib, + modulesPath, + ... +}: +{ + imports = [ (modulesPath + "/installer/scan/not-detected.nix") ]; + + boot = { + initrd.availableKernelModules = [ + "xhci_pci" + "nvme" + "usb_storage" + "sd_mod" + ]; + initrd.kernelModules = [ ]; + kernelModules = [ "kvm-intel" ]; + extraModulePackages = [ ]; + }; + + fileSystems."/" = { + device = "/dev/disk/by-uuid/a419de40-cbcb-4fe2-abfd-73be6e0bac9c"; + fsType = "ext4"; + }; + + boot.initrd.luks.devices."luks-1b505b00-fc36-4eec-bdc8-0ccf2ce42fdc".device = "/dev/disk/by-uuid/1b505b00-fc36-4eec-bdc8-0ccf2ce42fdc"; + + fileSystems."/boot" = { + device = "/dev/disk/by-uuid/F713-438C"; + fsType = "vfat"; + }; + + swapDevices = [ ]; + + # Enables DHCP on each ethernet and wireless interface. In case of scripted networking + # (the default) this is the recommended approach. When using systemd-networkd it's + # still possible to use this option, but it's recommended to use it in conjunction + # with explicit per-interface declarations with `networking.interfaces..useDHCP`. + networking.useDHCP = lib.mkDefault true; + # networking.interfaces.wlp108s0.useDHCP = lib.mkDefault true; + + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; + hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; +} diff --git a/systems/x86_64-linux/aurelionite/networking.nix b/systems/x86_64-linux/aurelionite/networking.nix new file mode 100644 index 00000000..49c1a9e9 --- /dev/null +++ b/systems/x86_64-linux/aurelionite/networking.nix @@ -0,0 +1,36 @@ +_: { + networking = { + networkmanager = { + ensureProfiles = { + profiles = { + dib = { + ipv4 = { + dns-search = "~doitbestcorp.com"; + method = "auto"; + }; + }; + }; + }; + }; + }; + + systemd = { + network.networks = { + # wired interfaces e.g. ethernet + "30-network-defaults-wired" = { + matchConfig.Name = "en* | eth* | usb*"; + networkConfig = { + # Address = "192.168.1.3/24"; + # Gateway = "192.168.1.1"; + DHCP = "ipv4"; + MulticastDNS = true; + # IPv6AcceptRA = true; + # IPForward = "yes"; + # IPMasquerade = "no"; + }; + }; + }; + + services."systemd-networkd".environment.SYSTEMD_LOG_LEVEL = "debug"; + }; +} diff --git a/systems/x86_64-linux/grovetender/default.nix b/systems/x86_64-linux/grovetender/default.nix index 69d0e020..9ccf48d2 100644 --- a/systems/x86_64-linux/grovetender/default.nix +++ b/systems/x86_64-linux/grovetender/default.nix @@ -19,12 +19,6 @@ in workstation = enabled; }; - display-managers = { - regreet = { - hyprlandOutput = builtins.readFile ./hyprlandOutput; - }; - }; - hardware = { audio = { enable = true;