mlaga97
/
mlaga97-nixos
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Lots of refactoring

This commit is contained in:
Lauren Lagarde 2025-03-09 22:53:51 -05:00
parent 2f65f8fcba
commit 70e37a959e
46 changed files with 635 additions and 400 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

54
disko/libvirt/uefi-luks-lvm-ext4.nix Normal file
View File

@ -0,0 +1,54 @@
{ ... }: {
disko.devices = {
disk = {
vda = {
type = "disk";
device = "/dev/vda";
content = {
type = "gpt";
partitions = {
boot = {
size = "1G";
type = "EF00";
content = {
type = "filesystem";
format = "vfat";
mountpoint = "/boot";
mountOptions = [ "umask=0077" ];
};
};
luks = {
size = "100%";
content = {
type = "luks";
name = "crypted";
content = {
type = "lvm_pv";
vg = "pool";
};
};
};
};
};
};
};
lvm_vg = {
pool = {
type = "lvm_vg";
lvs = {
root = {
size = "100%FREE";
content = {
type = "filesystem";
format = "ext4";
mountpoint = "/";
mountOptions = [
"defaults"
];
};
};
};
};
};
};
}

50
disko/libvirt/uefi-lvm-ext4.nix Normal file
View File

@ -0,0 +1,50 @@
{ ... }: {
disko.devices = {
disk = {
vda = {
type = "disk";
device = "/dev/vda";
content = {
type = "gpt";
partitions = {
boot = {
size = "1G";
type = "EF00";
content = {
type = "filesystem";
format = "vfat";
mountpoint = "/boot";
mountOptions = [ "umask=0077" ];
};
};
primary = {
size = "100%";
content = {
type = "lvm_pv";
vg = "pool";
};
};
};
};
};
};
lvm_vg = {
pool = {
type = "lvm_vg";
lvs = {
root = {
size = "100%FREE";
content = {
type = "filesystem";
format = "ext4";
mountpoint = "/";
mountOptions = [
"defaults"
];
};
};
};
};
};
};
}

54
disko/nvme/uefi-luks-lvm-ext4.nix Normal file
View File

@ -0,0 +1,54 @@
{ ... }: {
disko.devices = {
disk = {
nvme0n1 = {
type = "disk";
device = "/dev/nvme0n1";
content = {
type = "gpt";
partitions = {
boot = {
size = "1G";
type = "EF00";
content = {
type = "filesystem";
format = "vfat";
mountpoint = "/boot";
mountOptions = [ "umask=0077" ];
};
};
luks = {
size = "100%";
content = {
type = "luks";
name = "crypted";
content = {
type = "lvm_pv";
vg = "pool";
};
};
};
};
};
};
};
lvm_vg = {
pool = {
type = "lvm_vg";
lvs = {
root = {
size = "100%FREE";
content = {
type = "filesystem";
format = "ext4";
mountpoint = "/";
mountOptions = [
"defaults"
];
};
};
};
};
};
};
}

39
features/base.nix
View File

@ -2,44 +2,11 @@
users.mutableUsers = false; users.mutableUsers = false;
nixpkgs.config.allowUnfree = true; nixpkgs.config.allowUnfree = true;
services.smartd.enable = true; networking.wireless.enable = false; # For some reason this is needed all of the time
boot.supportedFilesystems = [ "zfs" "ntfs" ]; boot.supportedFilesystems = [ "ntfs" ];
boot.binfmt.emulatedSystems = [ "aarch64-linux" ];
nix.settings.experimental-features = [ "nix-command" "flakes" ];
nix.channel.enable = false;
# TODO: ????
networking.wireless.enable = false;
# Basic Services # Basic Services
services.smartd.enable = true;
services.uptimed.enable = true; services.uptimed.enable = true;
services.openssh.enable = true;
services.openssh.settings.PermitRootLogin = "no";
# Basic Utilities
environment.systemPackages = with pkgs; [
# Basic Utilities
bc pv killall unzip unrar-wrapper unar
# System Monitoring / TUI QoL Tools
btop iotop tmux byobu
# Security / Cryptography
ssss gnupg pwgen qrencode diceware
# Applications
vim_configurable
# asdf
git ffmpeg restic rclone nixos-generators
# samba libvirt tinc_pre
# File Systems
nfs-utils cifs-utils exfatprogs
];
} }

3
features/docker.nix
View File

@ -1,3 +0,0 @@
{ ... }: {
virtualisation.docker.enable = true;
}

4
features/embedded.nix
View File

@ -1,4 +1,4 @@
{ pkgs, unstable, ... }: { { pkgs, pkgs-unstable, ... }: {
nixpkgs.config.allowUnfree = true; nixpkgs.config.allowUnfree = true;
nixpkgs.config.segger-jlink.acceptLicense = true; nixpkgs.config.segger-jlink.acceptLicense = true;
@ -6,7 +6,7 @@
nixpkgs.config.permittedInsecurePackages = [ "segger-jlink-qt4-796s" ]; nixpkgs.config.permittedInsecurePackages = [ "segger-jlink-qt4-796s" ];
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
unstable.platformio # https://github.com/NixOS/nixpkgs/commit/0ba947ba44fc17c7cc94be2374dbfb939900cecd pkgs-unstable.platformio # https://github.com/NixOS/nixpkgs/commit/0ba947ba44fc17c7cc94be2374dbfb939900cecd
segger-jlink segger-jlink
arduino-ide arduino-ide

8
features/factorio.nix
View File

@ -1,13 +1,13 @@
{ pkgs, ... }: { { pkgs, unstable, ... }: {
environment.systemPackages = with pkgs; [ environment.systemPackages = with unstable; [
(factorio.override { (factorio.override {
username = ""; username = "";
token = ""; token = "";
releaseType = "alpha"; releaseType = "alpha";
version = "1.1.107"; version = "2.0.32";
# nix-prefetch-url "file:///run/media/lauren_lagarde/Lauren%20USB/Applications/factorio/factorio_alpha_x64_1.1.107.tar.xz" --name factorio_alpha_x64-1.1.107.tar.xz # nix-prefetch-url file:///$(pwd | sed 's| |%20|')/factorio_alpha_x64-2.0.32.tar.xz --name factorio_alpha_x64-2.0.32.tar.xz
}) })
]; ];
} }

0
features/intelgpu.nix → features/gpu/intel.nix
View File

0
features/nvidia.nix → features/gpu/nvidia.nix
View File

2
features/gui-apps.nix Normal file
View File

@ -0,0 +1,2 @@
{ pkgs, lib, unstable, ... }: {
}

0
features/printing.nix → features/hardware/printing.nix
View File

0
features/rtl-sdr.nix → features/hardware/rtl-sdr.nix
View File

0
features/yubikey.nix → features/hardware/yubikey.nix
View File

64
features/headless.nix
View File

@ -1,67 +1,3 @@
{ config, lib, pkgs, callPackage, ... }: { { config, lib, pkgs, callPackage, ... }: {
##############################################################################
##############################################################################
##############################################################################
# Packages
environment.systemPackages = with pkgs; [
# Basic Utilities
bc pv killall unzip unrar-wrapper unar
# System Monitoring / TUI QoL Tools
btop iotop tmux byobu
# Backup Tools
restic rclone
# Networking Utilities
dig tinc_pre traceroute wireguard-tools iperf3
# Security / Cryptography
(pass.withExtensions (ext: with ext; [ pass-otp pass-update ]))
ssss gnupg pwgen qrencode diceware
# NixOS Helpers
nixos-generators nix-index nix-search-cli
# Applications
vim_configurable
# File Systems
nfs-utils cifs-utils exfatprogs
# Multimedia Utilities
ffmpeg imagemagick
# Services
podman-compose
units usbutils pciutils
];
##############################################################################
##############################################################################
##############################################################################
# Services
# TODO: Split this out further
services.uptimed.enable = true; services.uptimed.enable = true;
services.openssh = {
enable = true;
settings = {
PermitRootLogin = lib.mkForce "no";
PasswordAuthentication = false;
};
};
# TODO: Attempt to use podman
virtualisation.docker.enable = true;
virtualisation.containers.enable = true;
virtualisation.podman = {
enable = true;
dockerCompat = false;
defaultNetwork.settings.dns_enabled = true;
};
} }

0
features/i3.nix → features/i3_old.nix
View File

18
features/i3wm.nix Normal file
View File

@ -0,0 +1,18 @@
{ pkgs, ... }: {
services.xserver = {
enable = true;
desktopManager = {
xterm.enable = false;
gnome.enable = true;
};
windowManager = {
i3.enable = true;
};
displayManager.lightdm.enable = true;
};
services.displayManager.defaultSession = "none+i3";
}

29
features/initrd-ssh.nix Normal file
View File

@ -0,0 +1,29 @@
# ssh-keygen -t ed25519 -N "" -f ./ssh_host_ed25519_key
{ ... }: {
boot.initrd = {
systemd = {
enable = true;
users.root.shell = "/bin/systemd-tty-ask-password-agent";
network = {
enable = true;
networks."10-enp1s0" = {
matchConfig.Name = "enp1s0";
networkConfig.DHCP = "yes";
};
};
};
network = {
enable = true;
ssh = {
enable = true;
port = 2222;
hostKeys = [ "/root/secrets/initrd/ssh_host_ed25519_key" ];
authorizedKeys = [
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCl881A1gvgCx+4ECrmJnO2QCTiqjaOLfAegKAAkvWNFKL0rDfsj8tZULUcyn87HYsRrdmqCOQ62GOjQyK803azq7QTxwY4vjczkJxico4LnIToTobcz+JkgF6Rf/h74bs9dHk4ZU853FRBz3wi/14rI10Iwckt37B1ayJacpELuzFobKYip2FjiL1vNH3tiAFR131z+YBByvNX+uJYEhpsI0xry9zbsSUWUq5/YFpmjezblzYRokfsReYiKJeQBeROSeRC/xFBSnikECSylNI4sw5VIpGXFIxL5xhss+s+3dnb+LFQ+zInOYxkVRydYc/In9Wz6Tu7v07K8bjvE7nQwHenoGtRW590Xu0rJApS+k8Cu16sCO2QFj/aI+gCrhU0ymM0aicr0hFAME6Y7j9HcR6PxYxnXZjI7cfqhO5TG8jot25SPzJcvH3EV5oPKtAkw9XA+8+nAI9czFlUgHnuMJAqw1IGOD3qozwqZ5yn1+kG7FZJRpvaPc5pK2HtqaAKJmnRuVaWcFuNALh86gr7Qn8IEp8Q+YyKmDqrMZ4KLJUMnVqn4y0HVS1eB5nVujaJZUGJWA4q3og0FE/2kH74WEp2ZtuJAoEPcgfZ6Ns7BmmXIZU7qu4kQoQ73b3mn6hCi5xlQ/sClzwHYkRPo4tST64ED/UIRPCYe1byNUWSww== lauren@lagarde.dev"
];
};
};
};
}

0
features/br0.nix → features/networking/networkd-br0.nix
View File

9
features/openssh-server.nix Normal file
View File

@ -0,0 +1,9 @@
{ lib, ... }: {
services.openssh = {
enable = true;
settings = {
PermitRootLogin = lib.mkForce "no";
PasswordAuthentication = false;
};
};
}

4
features/systemd-boot.nix Normal file
View File

@ -0,0 +1,4 @@
{ ... }: {
boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true;
}

31
features/tui-apps.nix Normal file
View File

@ -0,0 +1,31 @@
{ pkgs, ... }: {
environment.systemPackages = with pkgs; [
# Basic Utilities
bc pv killall unzip unrar-wrapper unar units
# System Monitoring / TUI QoL Tools
btop iotop tmux byobu
# Security / Cryptography
(pass.withExtensions (ext: with ext; [ pass-otp pass-update ]))
ssss gnupg pwgen qrencode diceware
# Applications
vim_configurable
# File Management
git ffmpeg restic rclone imagemagick
# File Systems
nfs-utils cifs-utils exfatprogs
# Networking Utilities
dig tinc_pre traceroute wireguard-tools iperf3
# NixOS Helpers
nixos-generators nix-index nix-search-cli
# Hardware Utilities
usbutils pciutils
];
}

11
features/virtualization/docker.nix Normal file
View File

@ -0,0 +1,11 @@
{ ... }: {
virtualisation.docker.enable = true;
virtualisation.containers.enable = true;
# Enable podman, but don't default to it
virtualisation.podman = {
enable = true;
dockerCompat = false;
defaultNetwork.settings.dns_enabled = true;
};
}

0
features/dockge.nix → features/virtualization/dockge.nix
View File

6
features/virtualization/libvirt-guest-uefi.nix Normal file
View File

@ -0,0 +1,6 @@
{ ... }: {
boot.initrd = {
kernelModules = [ "virtio_net" "e1000" ];
availableKernelModules = [ "ahci" "xhci_pci" "virtio_pci" "sr_mod" "virtio_blk" ];
};
}

0
features/libvirt.nix → features/virtualization/libvirt-host.nix
View File

0
features/persistent_docker.nix → features/virtualization/persistent_docker.nix
View File

0
features/virtualbox.nix → features/virtualization/virtualbox-host.nix
View File

86
flake.lock
View File

@ -73,6 +73,28 @@
"type": "github" "type": "github"
} }
}, },
"home-manager_2": {
"inputs": {
"nixpkgs": [
"ll-home-manager",
"nixpkgs"
]
},
"locked": {
"lastModified": 1739757849,
"narHash": "sha256-Gs076ot1YuAAsYVcyidLKUMIc4ooOaRGO0PqTY7sBzA=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "9d3d080aec2a35e05a15cedd281c2384767c2cfe",
"type": "github"
},
"original": {
"owner": "nix-community",
"ref": "release-24.11",
"repo": "home-manager",
"type": "github"
}
},
"lix": { "lix": {
"flake": false, "flake": false,
"locked": { "locked": {
@ -108,6 +130,23 @@
"url": "https://git.lix.systems/lix-project/nixos-module/archive/2.91.1-2.tar.gz" "url": "https://git.lix.systems/lix-project/nixos-module/archive/2.91.1-2.tar.gz"
} }
}, },
"ll-home-manager": {
"inputs": {
"home-manager": "home-manager_2",
"nixpkgs": "nixpkgs_2",
"nixpkgs-unstable": "nixpkgs-unstable"
},
"locked": {
"lastModified": 1,
"narHash": "sha256-tEq3iB8LaBpgig/fDrM9uvcMkoyKj8nghUAcqa1vxe8=",
"path": "/nix/store/yhhsnncsi6azid2vaa7zkh9s7l3hlw0l-source/users/lauren_lagarde/home-manager",
"type": "path"
},
"original": {
"path": "/nix/store/yhhsnncsi6azid2vaa7zkh9s7l3hlw0l-source/users/lauren_lagarde/home-manager",
"type": "path"
}
},
"nixlib": { "nixlib": {
"locked": { "locked": {
"lastModified": 1711241261, "lastModified": 1711241261,
@ -163,11 +202,27 @@
}, },
"nixpkgs-unstable": { "nixpkgs-unstable": {
"locked": { "locked": {
"lastModified": 1723175592, "lastModified": 1741379970,
"narHash": "sha256-M0xJ3FbDUc4fRZ84dPGx5VvgFsOzds77KiBMW/mMTnI=", "narHash": "sha256-Wh7esNh7G24qYleLvgOSY/7HlDUzWaL/n4qzlBePpiw=",
"owner": "nixos", "owner": "nixos",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "5e0ca22929f3342b19569b21b2f3462f053e497b", "rev": "36fd87baa9083f34f7f5027900b62ee6d09b1f2f",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs-unstable_2": {
"locked": {
"lastModified": 1741246872,
"narHash": "sha256-Q6pMP4a9ed636qilcYX8XUguvKl/0/LGXhHcRI91p0U=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "10069ef4cf863633f57238f179a0297de84bd8d3",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -178,6 +233,22 @@
} }
}, },
"nixpkgs_2": { "nixpkgs_2": {
"locked": {
"lastModified": 1741332913,
"narHash": "sha256-ri1e8ZliWS3Jnp9yqpKApHaOo7KBN33W8ECAKA4teAQ=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "20755fa05115c84be00b04690630cb38f0a203ad",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-24.11",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_3": {
"locked": { "locked": {
"lastModified": 1735531152, "lastModified": 1735531152,
"narHash": "sha256-As8I+ebItDKtboWgDXYZSIjGlKeqiLBvjxsQHUmAf1Q=", "narHash": "sha256-As8I+ebItDKtboWgDXYZSIjGlKeqiLBvjxsQHUmAf1Q=",
@ -193,7 +264,7 @@
"type": "github" "type": "github"
} }
}, },
"nixpkgs_3": { "nixpkgs_4": {
"locked": { "locked": {
"lastModified": 1, "lastModified": 1,
"narHash": "sha256-QJFvxzBCZHVjWApIe4KaxC3gRd5d1QgDT3xJNetMwVE=", "narHash": "sha256-QJFvxzBCZHVjWApIe4KaxC3gRd5d1QgDT3xJNetMwVE=",
@ -210,9 +281,10 @@
"disko": "disko", "disko": "disko",
"home-manager": "home-manager", "home-manager": "home-manager",
"lix-module": "lix-module", "lix-module": "lix-module",
"ll-home-manager": "ll-home-manager",
"nixos-generators": "nixos-generators", "nixos-generators": "nixos-generators",
"nixpkgs": "nixpkgs_2", "nixpkgs": "nixpkgs_3",
"nixpkgs-unstable": "nixpkgs-unstable", "nixpkgs-unstable": "nixpkgs-unstable_2",
"waveforms": "waveforms" "waveforms": "waveforms"
} }
}, },
@ -233,7 +305,7 @@
}, },
"waveforms": { "waveforms": {
"inputs": { "inputs": {
"nixpkgs": "nixpkgs_3" "nixpkgs": "nixpkgs_4"
}, },
"locked": { "locked": {
"lastModified": 1722915115, "lastModified": 1722915115,

151
flake.nix
View File

@ -30,18 +30,23 @@
nixpkgs.url = "github:NixOS/nixpkgs/nixos-24.11"; nixpkgs.url = "github:NixOS/nixpkgs/nixos-24.11";
nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable"; nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable";
home-manager.url = "github:nix-community/home-manager/release-24.11"; # Lix over Nix
home-manager.inputs.nixpkgs.follows = "nixpkgs";
nixos-generators.url = "github:nix-community/nixos-generators/7c60ba4bc8d6aa2ba3e5b0f6ceb9fc07bc261565";
nixos-generators.inputs.nixpkgs.follows = "nixpkgs";
lix-module.url = "https://git.lix.systems/lix-project/nixos-module/archive/2.91.1-2.tar.gz"; lix-module.url = "https://git.lix.systems/lix-project/nixos-module/archive/2.91.1-2.tar.gz";
lix-module.inputs.nixpkgs.follows = "nixpkgs"; lix-module.inputs.nixpkgs.follows = "nixpkgs";
# Installers
disko.url = "github:nix-community/disko/v1.11.0";
nixos-generators.url = "github:nix-community/nixos-generators/7c60ba4bc8d6aa2ba3e5b0f6ceb9fc07bc261565";
nixos-generators.inputs.nixpkgs.follows = "nixpkgs";
# Home Manager
home-manager.url = "github:nix-community/home-manager/release-24.11";
home-manager.inputs.nixpkgs.follows = "nixpkgs";
ll-home-manager.url = "./users/lauren_lagarde/home-manager/";
# Extras # Extras
waveforms.url = "github:liff/waveforms-flake"; waveforms.url = "github:liff/waveforms-flake";
disko.url = "github:nix-community/disko/v1.11.0";
}; };
outputs = { self, nixpkgs, nixpkgs-unstable, home-manager, nixos-generators, disko, waveforms, lix-module, ... }@inputs: let outputs = { self, nixpkgs, nixpkgs-unstable, home-manager, nixos-generators, disko, waveforms, lix-module, ... }@inputs: let
@ -50,7 +55,8 @@
locale = "en_US.UTF-8"; locale = "en_US.UTF-8";
stateVersion = "24.11"; stateVersion = "24.11";
unstable = nixpkgs-unstable.legacyPackages.${system}; pkgs = import nixpkgs { inherit system; };
pkgs-unstable = import nixpkgs-unstable { inherit system; };
iso_modules = [ iso_modules = [
"${nixpkgs}/nixos/modules/installer/cd-dvd/iso-image.nix" "${nixpkgs}/nixos/modules/installer/cd-dvd/iso-image.nix"
@ -76,6 +82,7 @@
time.timeZone = timezone; time.timeZone = timezone;
system.stateVersion = stateVersion; system.stateVersion = stateVersion;
} }
lix-module.nixosModules.default lix-module.nixosModules.default
home-manager.nixosModules.home-manager home-manager.nixosModules.home-manager
waveforms.nixosModule waveforms.nixosModule
@ -83,34 +90,17 @@
]; ];
in { in {
nixosConfigurations = { nixosConfigurations = {
ll-nixos-headless = nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
modules = iso_modules ++ [
{ networking.hostName = "ll-nixos-headless"; }
./systems/ll-nixos-headless.nix
] ++ inherited_modules;
specialArgs = { unstable = unstable; };
};
ll-nixos = nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
modules = iso_modules ++ [
{ networking.hostName = "ll-nixos"; }
./systems/ll-nixos-full.nix
] ++ inherited_modules;
specialArgs = { unstable = unstable; };
};
ll-latitude-e5591 = nixpkgs.lib.nixosSystem { ll-latitude-e5591 = nixpkgs.lib.nixosSystem {
system = "x86_64-linux"; system = "x86_64-linux";
modules = iso_modules ++ [ modules = [
{ {
networking.hostName = "ll-latitude-e5591"; networking.hostName = "ll-latitude-e5591";
networking.hostId = "f55542ee"; networking.hostId = "f55542ee";
} }
./systems/ll-latitude-e5591.nix ./systems/ll-latitude-e5591.nix
./disko/nvme/uefi-luks-lvm-ext4.nix
] ++ inherited_modules; ] ++ inherited_modules;
specialArgs = { unstable = unstable; }; specialArgs = { inherit inputs pkgs-unstable; };
}; };
ll-nixos-headless-pi = nixpkgs.lib.nixosSystem { ll-nixos-headless-pi = nixpkgs.lib.nixosSystem {
@ -136,7 +126,22 @@
} }
./systems/ll-nixos-headless.nix ./systems/ll-nixos-headless.nix
] ++ inherited_modules; ] ++ inherited_modules;
specialArgs = { unstable = unstable; }; specialArgs = { inherit inputs pkgs-unstable; };
};
ll-nixos-base = nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
modules = iso_modules ++ [
{
networking.hostName = "ll-nixos-base";
home-manager.users."lauren_lagarde" = { config, ... }: {
imports = inputs.ll-home-manager.homeManagerModules."lauren_lagarde@ll-latitude-e5591";
};
}
./systems/ll-nixos-base.nix
] ++ inherited_modules;
specialArgs = { inherit inputs pkgs-unstable; };
}; };
# Real Systems # Real Systems
@ -159,6 +164,17 @@
./systems/vm-docker-base.nix ./systems/vm-docker-base.nix
] ++ inherited_modules; ] ++ inherited_modules;
}; };
vm-docker-luks-test = nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
modules = [
{
networking.hostName = "vm-docker-luks-test";
networking.hostId = "1b5432b7";
}
./systems/vm-docker-luks.nix
] ++ inherited_modules;
};
}; };
packages.aarch64-linux = { packages.aarch64-linux = {
@ -169,7 +185,7 @@
{ networking.hostName = "ll-nixos-headless-pi"; } { networking.hostName = "ll-nixos-headless-pi"; }
./systems/ll-nixos-headless.nix ./systems/ll-nixos-headless.nix
] ++ inherited_modules; ] ++ inherited_modules;
specialArgs = { unstable = unstable; }; specialArgs = { inherit inputs pkgs-unstable; };
}; };
token-pi-sdcard = nixos-generators.nixosGenerate { token-pi-sdcard = nixos-generators.nixosGenerate {
@ -179,7 +195,7 @@
{ networking.hostName = "token-pi"; } { networking.hostName = "token-pi"; }
./systems/ll-nixos-headless.nix ./systems/ll-nixos-headless.nix
] ++ inherited_modules; ] ++ inherited_modules;
specialArgs = { unstable = unstable; }; specialArgs = { inherit inputs pkgs-unstable; };
}; };
}; };
@ -190,54 +206,49 @@
########################################################################## ##########################################################################
# Personal Live Disks # Personal Live Disks
ll-nixos-headless-iso = nixos-generators.nixosGenerate { # TODO: ll-nixos-headless-iso = nixos-generators.nixosGenerate {};
system = "x86_64-linux";
modules = iso_modules ++ [
{ networking.hostName = "ll-nixos-headless"; }
./systems/ll-nixos-headless.nix
] ++ inherited_modules;
format = "install-iso";
specialArgs = { unstable = unstable; };
};
ll-nixos-base-iso = nixos-generators.nixosGenerate { ll-nixos-base-iso = nixos-generators.nixosGenerate {
system = "x86_64-linux"; system = "x86_64-linux";
modules = iso_modules ++ [ modules = iso_modules ++ [
{ networking.hostName = "ll-nixos-base"; } {
networking.hostName = "ll-nixos";
home-manager.users."lauren_lagarde" = { config, ... }: {
imports = inputs.ll-home-manager.homeManagerModules."lauren_lagarde@ll-latitude-e5591";
};
}
./systems/ll-nixos-base.nix ./systems/ll-nixos-base.nix
] ++ inherited_modules; ] ++ inherited_modules;
specialArgs = {
inherit inputs pkgs-unstable;
};
format = "install-iso"; format = "install-iso";
specialArgs = { unstable = unstable; };
}; };
ll-nixos-full-iso = nixos-generators.nixosGenerate { ll-nixos-full-iso = nixos-generators.nixosGenerate {
system = "x86_64-linux"; system = "x86_64-linux";
modules = iso_modules ++ [ modules = iso_modules ++ [
{ networking.hostName = "ll-nixos"; } {
networking.hostName = "ll-nixos";
home-manager.users."lauren_lagarde" = { config, ... }: {
imports = inputs.ll-home-manager.homeManagerModules."lauren_lagarde@ll-latitude-e5591";
};
}
./systems/ll-nixos-full.nix ./systems/ll-nixos-full.nix
] ++ inherited_modules; ] ++ inherited_modules;
specialArgs = {
inherit inputs pkgs-unstable;
};
format = "install-iso"; format = "install-iso";
specialArgs = { unstable = unstable; };
}; };
ll-latitude-e5591-iso = nixos-generators.nixosGenerate { ll-nixos-xmrig-worker-iso = nixos-generators.nixosGenerate {
system = "x86_64-linux"; system = "x86_64-linux";
modules = iso_modules ++ [ modules = iso_modules ++ [
{ networking.hostName = "ll-latitude-e5591"; } { networking.hostName = "ll-nixos-xmrig-worker"; }
./systems/ll-latitude-e5591.nix ./systems/ll-nixos-xmrig-worker.nix
] ++ inherited_modules; ] ++ inherited_modules;
format = "install-iso"; format = "install-iso";
specialArgs = { unstable = unstable; };
};
ll-xmrig-worker-iso = nixos-generators.nixosGenerate {
system = "x86_64-linux";
modules = iso_modules ++ [
{ networking.hostName = "ll-xmrig-worker"; }
./systems/ll-xmrig-worker.nix
] ++ inherited_modules;
format = "install-iso";
specialArgs = { unstable = unstable; };
}; };
########################################################################## ##########################################################################
@ -245,34 +256,14 @@
########################################################################## ##########################################################################
# Systems # Systems
ll-nixos-factorio-iso = nixos-generators.nixosGenerate {
system = "x86_64-linux";
modules = iso_modules ++ [
{ networking.hostName = "ll-nixos-factorio"; }
./systems/ll-nixos-factorio.nix
] ++ inherited_modules;
format = "install-iso";
specialArgs = { unstable = unstable; };
};
vm-docker-dhcp-iso = nixos-generators.nixosGenerate {
system = "x86_64-linux";
modules = iso_modules ++ [
{ networking.hostName = ""; }
./systems/vm-docker-dhcp.nix
] ++ inherited_modules;
format = "install-iso";
specialArgs = { unstable = unstable; };
};
living-room-nixos-iso = nixos-generators.nixosGenerate { living-room-nixos-iso = nixos-generators.nixosGenerate {
system = "x86_64-linux"; system = "x86_64-linux";
modules = iso_modules ++ [ modules = iso_modules ++ [
{ networking.hostName = "living-room-nixos-iso"; } { networking.hostName = "living-room-nixos-iso"; }
./systems/ll-nixos-full.nix ./systems/living-room-nixos.nix
] ++ inherited_modules; ] ++ inherited_modules;
format = "install-iso"; format = "install-iso";
specialArgs = { unstable = unstable; }; specialArgs = { inherit inputs pkgs-unstable; };
}; };
default = self.packages.x86_64-linux.ll-nixos-full-iso; default = self.packages.x86_64-linux.ll-nixos-full-iso;

BIN
secrets.tar.zst.gpg
View File

Binary file not shown.

52
systems/ll-latitude-e5591.nix
View File

@ -1,7 +1,41 @@
# sudo nix run 'github:nix-community/disko/latest#disko-install' -- --flake .#$TARGET_HOSTNAME --disk nvme0n1 /dev/nvme0n1
# tar -xvf /Parlor/Lauren/mlaga97-nixos.tar.zst; sudo nixos-rebuild switch --flake mlaga97-nixos?submodules=1#$HOSTNAME
{ config, pkgs, ... }: { { config, pkgs, ... }: {
imports = [ imports = [
./ll-nixos-full.nix # Core Features
../features/intelgpu.nix ../features/base.nix
../features/tui-apps.nix
../features/openssh-server.nix
# Core Tweaks
../tweaks/zram.nix
../tweaks/enable_flakes.nix
../tweaks/disable_nixos_user.nix
../tweaks/systemd-resolved_nonsense.nix
# Lauren Base
../users/lauren_lagarde/lauren_lagarde.nix
# i3wm
../features/i3wm.nix
../features/hardware/yubikey.nix
../tweaks/bluetooth.nix
../tweaks/intel_igpu_screen_tearing.nix
# Dotspace
../secrets/dotspace.nix
../features/stronghold-binary-cache.nix
# Additional Software
../features/embedded.nix
../features/hardware/rtl-sdr.nix
../features/hardware/printing.nix
../features/virtualization/docker.nix
../features/virtualization/libvirt-host.nix
# ll-latitude-e5591
../features/gpu/intel.nix
../features/systemd-boot.nix
]; ];
hardware.enableRedistributableFirmware = true; hardware.enableRedistributableFirmware = true;
@ -9,4 +43,18 @@
boot.kernelParams = [ boot.kernelParams = [
"i915.enable_guc=2" "i915.enable_guc=2"
]; ];
##############################################################################
##############################################################################
##############################################################################
# Tinc Stuff
# TODO: Less hacky
services.tinc.networks.mlaga97space = {
name = "ll_latitude_e5591";
ed25519PrivateKeyFile = "/root/tinc/mlaga97space_ed25519_key.priv";
chroot = false;
settings.ConnectTo = [ "fortress" "citadel" ];
};
} }

33
systems/ll-nixos-base.nix
View File

@ -1,22 +1,27 @@
{ ... }: { { pkgs, ... }: {
imports = [ imports = [
./ll-nixos-headless.nix # Core Features
../features/base.nix
../features/tui-apps.nix
../features/openssh-server.nix
# Core Tweaks
../tweaks/zram.nix
../tweaks/enable_flakes.nix
../tweaks/disable_nixos_user.nix
../tweaks/systemd-resolved_nonsense.nix
# Lauren Base
../users/lauren_lagarde/lauren_lagarde.nix
# i3wm # i3wm
../features/i3.nix ../features/i3wm.nix
../features/yubikey.nix ../features/hardware/yubikey.nix
../tweaks/bluetooth.nix ../tweaks/bluetooth.nix
../tweaks/intel_igpu_screen_tearing.nix ../tweaks/intel_igpu_screen_tearing.nix
# Lauren # Dotspace
../users/lauren_lagarde/i3.nix ../secrets/dotspace.nix
../users/lauren_lagarde/autologin.nix ../features/stronghold-binary-cache.nix
]; ];
home-manager.users.lauren_lagarde = {
imports = [
../users/lauren_lagarde/home-manager/monitor_configs.nix
../users/lauren_lagarde/home-manager/secrets/dotspace_gui.nix
];
};
} }

8
systems/ll-nixos-factorio.nix
View File

@ -1,8 +0,0 @@
{ ... }: {
imports = [
./ll-nixos-base.nix
# Additional Features
../features/factorio.nix
];
}

38
systems/ll-nixos-full.nix
View File

@ -1,11 +1,37 @@
{ ... }: { { pkgs, ... }: {
imports = [ imports = [
./ll-nixos-base.nix # Core Features
../features/base.nix
../features/tui-apps.nix
../features/openssh-server.nix
# Additional Features # Core Tweaks
../features/rtl-sdr.nix ../tweaks/zram.nix
../features/printing.nix ../tweaks/enable_flakes.nix
../tweaks/disable_nixos_user.nix
../tweaks/systemd-resolved_nonsense.nix
# Lauren Base
../users/lauren_lagarde/lauren_lagarde.nix
# i3wm
../features/i3wm.nix
../features/hardware/yubikey.nix
../tweaks/bluetooth.nix
../tweaks/intel_igpu_screen_tearing.nix
# Dotspace
../secrets/dotspace.nix
../features/stronghold-binary-cache.nix
# Additional Software
../features/embedded.nix ../features/embedded.nix
../features/virtualbox.nix ../features/hardware/rtl-sdr.nix
../features/hardware/printing.nix
../features/virtualization/docker.nix
../features/virtualization/libvirt-host.nix
# Assume Intel GPU
../features/gpu/intel.nix
]; ];
} }

28
systems/ll-nixos-headless.nix
View File

@ -1,28 +0,0 @@
{ ... }: {
imports = [
# Core
../features/base.nix
../tweaks/zram.nix
../tweaks/disable_nixos_user.nix
../tweaks/systemd-resolved_nonsense.nix
# Headless
../features/headless.nix
../tweaks/zfs.nix
# Lauren
../users/lauren_lagarde/lauren_lagarde.nix
{
home-manager.users.lauren_lagarde = {
imports = [
../users/lauren_lagarde/home-manager/lauren_lagarde.nix
];
};
}
# Dotspace
../features/stronghold-binary-cache.nix
../secrets/dotspace.nix
../users/lauren_lagarde/dotspace.nix
];
}

47
systems/ll-nixos-xmrig-worker.nix Normal file
View File

@ -0,0 +1,47 @@
{ pkgs, ... }: {
imports = [
# Core Features
../features/base.nix
../features/tui-apps.nix
../features/openssh-server.nix
# Core Tweaks
../tweaks/zram.nix
../tweaks/enable_flakes.nix
];
networking.networkmanager.enable = true;
powerManagement.cpuFreqGovernor = "performance";
environment.systemPackages = with pkgs; [
xmrig
];
# Improve xmrig performance
hardware.cpu.x86.msr.enable = true;
hardware.cpu.x86.msr.settings.allow-writes = "on";
# Helper Scripts
home-manager.users.nixos.home = {
stateVersion = "24.11";
file = {
"stronghold" = {
executable = true;
text = ''
sudo nmtui-connect Stronghold
'';
};
"mine" = {
executable = true;
text = ''
sudo xmrig --randomx-1gb-pages -o vm-docker-2.mlaga97.space:3333
'';
};
};
};
# SSH Config
users.users.nixos.openssh.authorizedKeys.keys = [
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCl881A1gvgCx+4ECrmJnO2QCTiqjaOLfAegKAAkvWNFKL0rDfsj8tZULUcyn87HYsRrdmqCOQ62GOjQyK803azq7QTxwY4vjczkJxico4LnIToTobcz+JkgF6Rf/h74bs9dHk4ZU853FRBz3wi/14rI10Iwckt37B1ayJacpELuzFobKYip2FjiL1vNH3tiAFR131z+YBByvNX+uJYEhpsI0xry9zbsSUWUq5/YFpmjezblzYRokfsReYiKJeQBeROSeRC/xFBSnikECSylNI4sw5VIpGXFIxL5xhss+s+3dnb+LFQ+zInOYxkVRydYc/In9Wz6Tu7v07K8bjvE7nQwHenoGtRW590Xu0rJApS+k8Cu16sCO2QFj/aI+gCrhU0ymM0aicr0hFAME6Y7j9HcR6PxYxnXZjI7cfqhO5TG8jot25SPzJcvH3EV5oPKtAkw9XA+8+nAI9czFlUgHnuMJAqw1IGOD3qozwqZ5yn1+kG7FZJRpvaPc5pK2HtqaAKJmnRuVaWcFuNALh86gr7Qn8IEp8Q+YyKmDqrMZ4KLJUMnVqn4y0HVS1eB5nVujaJZUGJWA4q3og0FE/2kH74WEp2ZtuJAoEPcgfZ6Ns7BmmXIZU7qu4kQoQ73b3mn6hCi5xlQ/sClzwHYkRPo4tST64ED/UIRPCYe1byNUWSww== lauren@lagarde.dev"
];
}

58
systems/ll-xmrig-worker.nix
View File

@ -1,58 +0,0 @@
{ pkgs, ... }: {
imports = [
# Core
../features/base.nix
../tweaks/zram.nix
../tweaks/disable_nixos_user.nix
../tweaks/systemd-resolved_nonsense.nix
# Headless
../features/headless.nix
# Lauren
../users/lauren_lagarde/lauren_lagarde.nix
{
home-manager.users.lauren_lagarde = {
imports = [
../users/lauren_lagarde/home-manager/lauren_lagarde.nix
];
};
}
# i3wm
../features/i3.nix
../tweaks/intel_igpu_screen_tearing.nix
# Lauren
../users/lauren_lagarde/i3.nix
../users/lauren_lagarde/autologin.nix
];
powerManagement.cpuFreqGovernor = "performance";
environment.systemPackages = with pkgs; [
xmrig
];
hardware.cpu.x86.msr = {
enable = true;
settings.allow-writes = "on";
};
home-manager.users.lauren_lagarde = {
home.file = {
"Stronghold" = {
executable = true;
text = ''
sudo nmtui-connect Stronghold
'';
};
"mine" = {
executable = true;
text = ''
sudo xmrig -o vm-docker-2.mlaga97.space:3333
'';
};
};
};
}

78
systems/vm-docker-base.nix
View File

@ -1,78 +0,0 @@
# cd; rm nixos-config; tar -xvf /Parlor/Lauren/nixos-config.tar.zst; cd nixos-config/nixos/; sudo nix run 'github:nix-community/disko/latest#disko-install' -- --flake .#TARGET_HOSTNAME --disk vda /dev/vda
{ ... }: {
imports = [
./ll-nixos-headless.nix
../features/docker.nix
../features/dockge.nix
../tweaks/disable_firewall.nix
];
##############################################################################
##############################################################################
##############################################################################
# Bootloader / Kernel
# UEFI Boot
boot.loader.efi.canTouchEfiVariables = true;
boot.loader.systemd-boot.enable = true;
# Libvirt Guest Kernel Modules
boot.initrd.availableKernelModules = [ "ahci" "xhci_pci" "virtio_pci" "sr_mod" "virtio_blk" ];
##############################################################################
##############################################################################
##############################################################################
# Disk Layout
# https://github.com/nix-community/disko/issues/528
disko.devices = {
disk = {
vda = {
type = "disk";
device = "/dev/vda";
content = {
type = "gpt";
partitions = {
boot = {
size = "1G";
type = "EF00";
content = {
type = "filesystem";
format = "vfat";
mountpoint = "/boot";
mountOptions = [ "umask=0077" ];
};
};
primary = {
size = "100%";
content = {
type = "lvm_pv";
vg = "pool";
};
};
};
};
};
};
lvm_vg = {
pool = {
type = "lvm_vg";
lvs = {
root = {
size = "100%FREE";
content = {
type = "filesystem";
format = "ext4";
mountpoint = "/";
mountOptions = [
"defaults"
];
};
};
};
};
};
};
}

9
systems/vm-docker-dhcp.nix
View File

@ -1,9 +0,0 @@
{ ... }: {
imports = [
./ll-nixos-headless.nix
# Additional Features
../features/persistent_docker.nix
../tweaks/disable-firewall.nix
];
}

26
systems/vm-docker-host/vm-docker-host-base.nix Normal file
View File

@ -0,0 +1,26 @@
{ ... }: {
imports = [
# Core Features
../features/base.nix
../features/tui-apps.nix
../features/openssh-server.nix
# Core Tweaks
../tweaks/zram.nix
../tweaks/enable_flakes.nix
../tweaks/disable_nixos_user.nix
../tweaks/systemd-resolved_nonsense.nix
# Lauren Base
../users/lauren_lagarde/lauren_lagarde.nix
# Dotspace
../../secrets/dotspace.nix
../../features/stronghold-binary-cache.nix
# Docker Host Stuff
../../tweaks/disable_firewall.nix
../../features/virtualization/docker.nix
../../features/virtualization/dockge.nix
];
}

12
systems/vm-docker-host/vm-docker-host-luks.nix Normal file
View File

@ -0,0 +1,12 @@
# git add *; tar -cavf /Parlor/Lauren/mlaga97-nixos.tar.zst ../mlaga97-nixos
# tar -xvf /Parlor/Lauren/mlaga97-nixos.tar.zst; sudo nix run 'github:nix-community/disko/latest#disko-install' -- --extra-files ./ssh_host_ed25519_key /root/secrets/initrd/ssh_host_ed25519_key --flake mlaga97-nixos#$TARGET_HOSTNAME --disk vda /dev/vda
# tar -xvf /Parlor/Lauren/mlaga97-nixos.tar.zst; sudo nixos-rebuild switch --flake mlaga97-nixos?submodules=1#$HOSTNAME
{ ... }: {
imports = [
./vm-docker-host-base.nix
# UEFI SSH LUKS
../../features/initrd_ssh.nix
../../features/libvirt-uefi-guest.nix
];
}

3
tweaks/aarch64-crosscompile.nix Normal file
View File

@ -0,0 +1,3 @@
{ ... }: {
boot.binfmt.emulatedSystems = [ "aarch64-linux" ];
}

4
tweaks/enable_flakes.nix Normal file
View File

@ -0,0 +1,4 @@
{ ... }: {
nix.channel.enable = false;
nix.settings.experimental-features = [ "nix-command" "flakes" ];
}

7
users/lauren_lagarde/dotspace_gui.nix Normal file
View File

@ -0,0 +1,7 @@
{ pkgs, unstable, ... }: {
home-manager.users.lauren_lagarde = {
imports = [
./home-manager/secrets/dotspace_gui.nix
];
};
}

2
users/lauren_lagarde/home-manager

@ -1 +1 @@
Subproject commit 97cde8a8e73f1623a390397b060e5e4b7ffa61ba Subproject commit 110fa225d48f599a7459c207e8fdb8d0f6f36d28

7
users/lauren_lagarde/home-manager.nix Normal file
View File

@ -0,0 +1,7 @@
{ pkgs, unstable, ... }: {
home-manager.users.lauren_lagarde = {
imports = [
./home-manager/lauren_lagarde.nix
];
};
}