diff --git a/README.org b/README.org index ec568c1..362d0f6 100644 --- a/README.org +++ b/README.org @@ -110,6 +110,12 @@ Both include the home-manager module. Primarily I chose that route so that I cou } ]; }; + dalinar = lib.nixosSystem { + inherit system; + modules = [ + ./system/dalinar/configuration.nix + ]; + }; }; }; } @@ -235,7 +241,7 @@ services.samba = { #+end_src Now lets turn on docker and podman. I create a lot of containers for my job. -#+NAME: podman +#+NAME: containers #+begin_src nix virtualisation.podman.enable = true; virtualisation.docker.enable = true; @@ -243,17 +249,15 @@ virtualisation.docker.enable = true; *** Packages Here are a list of packages that I like to have on all machines. -#+NAME: general-packages + +These first base packages are used on all systems. From laptops, to desktops, and even servers. +#+NAME: base-packages #+begin_src nix vim wget killall +git tmux -discover -# kde-rounded-corners -lightly-qt -pinentry -pinentry-qt dutree unzip unrar @@ -262,13 +266,39 @@ zip gzip usbutils binutils +podman-compose +exa +yt-dlp +bat +rsync +jq +ripgrep +fd +ffmpeg-full +libheif +trash-cli +htop +btop +bc +sysstat +procs +pandoc +samba +#+end_src + +These are just for general graphical machines. Laptops, and desktops. +#+NAME: general-packages +#+begin_src nix +discover +# kde-rounded-corners +lightly-qt +pinentry +pinentry-qt hunspell caffeine-ng hunspellDicts.en_US -git transmission openssh -samba ark ifuse dash @@ -283,40 +313,27 @@ libimobiledevice sddm-kcm ydotool bottles -podman-compose -exa imv feh mpv -yt-dlp rofi-emoji nerdfonts latte-dock -bat -jq alacritty libsForQt5.bismuth libnotify rofi-wayland -ripgrep -fd aha glxinfo vulkan-tools wayland-utils # mkchromecast plocate -bc -sysstat -procs -pandoc papirus-icon-theme phinger-cursors plasma-hud kde-cli-tools gzip -htop -btop qrencode brave scribus @@ -348,7 +365,6 @@ lxappearance spotdl kdenlive rubberband -ffmpeg-full texlive.combined.scheme-full wlroots picom-next @@ -364,8 +380,6 @@ OVMFFull element-desktop-wayland scrcpy python -trash-cli -libheif airshipper # hyprland @@ -496,7 +510,7 @@ Notice how I am including all of my software here. It may be a big file, but hav networking.useDHCP = false; networking.interfaces.wlp170s0.useDHCP = true; - <> + <> # Select internationalisation properties. i18n.defaultLocale = "en_US.UTF-8"; @@ -589,6 +603,7 @@ Notice how I am including all of my software here. It may be a big file, but hav # List packages installed in system profile. To search, run: # $ nix search wget environment.systemPackages = with pkgs; [ + <> <> neofetch afetch @@ -728,7 +743,7 @@ Kaladin is my desktop machine. A powerhouse for the most part with a recent i7 a networking.interfaces.enp0s31f6.useDHCP = true; networking.interfaces.wlp7s0.useDHCP = true; - <> + <> # Select internationalisation properties. i18n.defaultLocale = "en_US.UTF-8"; @@ -811,6 +826,7 @@ Kaladin is my desktop machine. A powerhouse for the most part with a recent i7 a # List packages installed in system profile. To search, run: # $ nix search wget environment.systemPackages = with pkgs; [ + <> <> blender neofetch @@ -926,6 +942,225 @@ And here is it's hardware config. Kaladin is still not fullly setup, so I'll be working on that more and more as time goes. + +** Dalinar +Dalinar is my home server. It's built with an old laptop at the moment, but the way everything is orchestrated is to protect from screw ups. + +*** Configuration +Dalinar's config is of course server oriented. + +#+begin_src nix +{ config, pkgs, ... }: + +{ + imports = + [ # Include the results of the hardware scan. + ./hardware-configuration.nix + ]; + + nix = { + extraOptions = "experimental-features = nix-command flakes"; + package = pkgs.nixFlakes; + }; + + nixpkgs.config.allowUnFree = true; + + # Use the systemd-boot EFI boot loader. + boot.loader.systemd-boot.enable = true; + boot.loader.efi.canTouchEfiVariables = true; + + networking.hostName = "dalinar"; # Define your hostname. + # Pick only one of the below networking options. + # networking.wireless.enable = true; # Enables wireless support via wpa_supplicant. + networking.networkmanager.enable = true; # Easiest to use and most distros use this by default. + + # Set your time zone. + time.timeZone = "America/Chicago"; + + # Configure network proxy if necessary + # networking.proxy.default = "http://user:password@proxy:port/"; + # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain"; + + # Select internationalisation properties. + i18n.defaultLocale = "en_US.UTF-8"; + + # Enable the X11 windowing system. + # services.xserver.enable = true; + + # Configure keymap in X11 + # services.xserver.layout = "us"; + # services.xserver.xkbOptions = { + # "eurosign:e"; + # "caps:escape" # map caps to escape. + # }; + + # Enable CUPS to print documents. + # services.printing.enable = true; + + # Enable sound. + # sound.enable = true; + # hardware.pulseaudio.enable = true; + + hardware.opengl = { + enable = true; + extraPackages = with pkgs; [ + intel-media-driver + vaapiIntel + vaapiVdpau + libvdpau-va-gl + ]; + }; + + programs.fish.enable = true; + + # Enable touchpad support (enabled default in most desktopManager). + # services.xserver.libinput.enable = true; + + # Define a user account. Don't forget to set a password with ‘passwd’. + users.users.chris = { + isNormalUser = true; + extraGroups = [ "wheel" ]; # Enable ‘sudo’ for the user. + }; + + # List packages installed in system profile. To search, run: + # $ nix search wget + environment.systemPackages = with pkgs; [ + <> + ]; + + <> + + # Some programs need SUID wrappers, can be configured further or are + # started in user sessions. + # programs.mtr.enable = true; + # programs.gnupg.agent = { + # enable = true; + # enableSSHSupport = true; + # }; + + # List services that you want to enable: + + # Enable the OpenSSH daemon. + services.openssh.enable = true; + services.fstrim.enable = true; + services.logind = { + lidSwitch = "ignore"; + lidSwitchExternalPower = "ignore"; + }; + + # DDCLIENT + services.ddclient = { + enable = true; + domains = [ + "nc.cochrun.xyz" + "home.cochrun.xyz" + "mail.cochrun.xyz" + "jelly.cochrun.xyz" + ]; + passwordFile = "/etc/nixos/ddclientp"; + protocol = "namecheap"; + use = "web, web=dynamicdns.park-your-domain.com/getip"; + server = "dynamicdns.park-your-domain.com"; + username = "cochrun.xyz"; + }; + + # CADDY + services.caddy = { + enable = true; + virtualHosts = { + "home.cochrun.xyz".extraConfig = '' + reverse_proxy localhost:8123 + ''; + }; + virtualHosts = { + "livingseedco.shop".extraConfig = '' + reverse_proxy localhost:8282 + ''; + }; + virtualHosts = { + "nc.cochrun.xyz".extraConfig = '' + reverse_proxy localhost:8080 + encode gzip + redir /.well-known/carddav /remote.php/carddav 301 + redir /.well-known/caldav /remote.php/caldav 301 + header Strict-Transport-Security "max-age=15768000; includeSubDomains; reload;" + ''; + }; + }; + + + + # Open ports in the firewall. + # networking.firewall.allowedTCPPorts = [ ... ]; + # networking.firewall.allowedUDPPorts = [ ... ]; + # Or disable the firewall altogether. + networking.firewall.enable = false; + + # Copy the NixOS configuration file and link it from the resulting system + # (/run/current-system/configuration.nix). This is useful in case you + # accidentally delete configuration.nix. + # system.copySystemConfiguration = true; + + # This value determines the NixOS release from which the default + # settings for stateful data, like file locations and database versions + # on your system were taken. It‘s perfectly fine and recommended to leave + # this value at the release version of the first install of this system. + # Before changing this value read the documentation for this option + # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). + system.stateVersion = "22.05"; # Did you read the comment? + +} +#+end_src + +*** Hardware Configuration +Dalinar's hardware +#+begin_src nix +# Do not modify this file! It was generated by ‘nixos-generate-config’ +# and may be overwritten by future invocations. Please make changes +# to /etc/nixos/configuration.nix instead. +{ config, lib, pkgs, modulesPath, ... }: + +{ + imports = + [ (modulesPath + "/installer/scan/not-detected.nix") + ]; + + boot.initrd.availableKernelModules = [ "xhci_pci" "ehci_pci" "ahci" "usb_storage" "sd_mod" "sr_mod" "rtsx_usb_sdmmc" ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ "kvm-intel" ]; + boot.extraModulePackages = [ ]; + + fileSystems."/" = + { device = "/dev/disk/by-uuid/103a24d5-ffb5-4f7c-ab68-48e0b766b3ac"; + fsType = "btrfs"; + options = [ "subvol=@" "noatime" "nodiratime" "compress=zstd" ]; + }; + + fileSystems."/boot" = + { device = "/dev/disk/by-uuid/55C5-7725"; + fsType = "vfat"; + }; + + fileSystems."/storage" = + { device = "/dev/disk/by-uuid/f1804953-14e5-42db-a974-1e18f16d884c"; + fsType = "btrfs"; + options = [ "noatime" "nodiratime" "compress=zstd" ]; + }; + + swapDevices = [ ]; + + # Enables DHCP on each ethernet and wireless interface. In case of scripted networking + # (the default) this is the recommended approach. When using systemd-networkd it's + # still possible to use this option, but it's recommended to use it in conjunction + # with explicit per-interface declarations with `networking.interfaces..useDHCP`. + networking.useDHCP = lib.mkDefault true; + # networking.interfaces.enp2s0.useDHCP = lib.mkDefault true; + # networking.interfaces.wlp3s0.useDHCP = lib.mkDefault true; + + hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; +} +#+end_src + ** Home I also use home-manager for managing dotfiles. This means that everything is contained in this folder and then tangled out to their respective places when rebuilding the system.