diff --git a/flake.lock b/flake.lock index 5390d67..dc58554 100755 --- a/flake.lock +++ b/flake.lock @@ -84,11 +84,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1748437600, - "narHash": "sha256-hYKMs3ilp09anGO7xzfGs3JqEgUqFMnZ8GMAqI6/k04=", + "lastModified": 1756217674, + "narHash": "sha256-TH1SfSP523QI7kcPiNtMAEuwZR3Jdz0MCDXPs7TS8uo=", "owner": "nixos", "repo": "nixpkgs", - "rev": "7282cb574e0607e65224d33be8241eae7cfe0979", + "rev": "4e7667a90c167f7a81d906e5a75cba4ad8bee620", "type": "github" }, "original": { @@ -98,22 +98,6 @@ "type": "github" } }, - "nixpkgs-vicuna": { - "locked": { - "lastModified": 1751274312, - "narHash": "sha256-/bVBlRpECLVzjV19t5KMdMFWSwKLtb5RyXdjz3LJT+g=", - "owner": "nixos", - "repo": "nixpkgs", - "rev": "50ab793786d9de88ee30ec4e4c24fb4236fc2674", - "type": "github" - }, - "original": { - "owner": "nixos", - "ref": "nixos-24.11", - "repo": "nixpkgs", - "type": "github" - } - }, "phps": { "inputs": { "flake-compat": "flake-compat", @@ -140,7 +124,6 @@ "inputs": { "agenix": "agenix", "nixpkgs": "nixpkgs", - "nixpkgs-vicuna": "nixpkgs-vicuna", "phps": "phps" } }, diff --git a/flake.nix b/flake.nix index b19cf93..389eca4 100755 --- a/flake.nix +++ b/flake.nix @@ -1,9 +1,8 @@ { - description = "Marauder NixOS Configuration"; + description = "NixOS Configurations"; inputs = { nixpkgs.url = "github:nixos/nixpkgs/nixos-25.05"; - nixpkgs-vicuna.url = "github:nixos/nixpkgs/nixos-24.11"; phps = { url = "github:fossar/nix-phps"; inputs.nixpkgs.follows = "nixpkgs"; @@ -14,30 +13,8 @@ }; }; - outputs = { self, nixpkgs, nixpkgs-vicuna, phps, agenix }: { - nixosModules.common = ./modules/common.nix; - nixosConfigurations = { - marauder = nixpkgs.lib.nixosSystem { - system = "x86_64-linux"; - modules = [ - ./hosts/marauder - self.nixosModules.common - agenix.nixosModules.default - { - environment.systemPackages = - [ agenix.packages.x86_64-linux.default ]; - } - ]; - specialArgs = { inherit phps; }; - }; - apogee = nixpkgs-vicuna.lib.nixosSystem { - system = "x86_64-linux"; - modules = [ - ./hosts/apogee - self.nixosModules.common - agenix.nixosModules.default - ]; - }; - }; + outputs = inputs: { + nixosModules = import ./modules; + nixosConfigurations = import ./hosts inputs; }; } diff --git a/hosts/astral/default.nix b/hosts/astral/default.nix new file mode 100644 index 0000000..e84c591 --- /dev/null +++ b/hosts/astral/default.nix @@ -0,0 +1,71 @@ +{ nixosModules, modulesPath, lib, config, pkgs, ... }: { + imports = with nixosModules; [ + "${modulesPath}/virtualisation/amazon-image.nix" + nettika + ]; + + boot.loader.grub.device = lib.mkForce "/dev/nvme0n1"; + + nix = { + gc = { + automatic = true; + dates = "weekly"; + options = "--delete-older-than 30d"; + }; + settings.trusted-users = [ "@wheel" ]; + }; + + networking = { + hostName = "astral"; + domain = "recipes.leaf.ninja"; + firewall.allowedTCPPorts = [ 80 443 ]; + networkmanager.enable = true; + }; + + users.defaultUserShell = pkgs.fish; + + security.sudo.wheelNeedsPassword = false; + + environment.variables.EDITOR = "nano"; + + services.caddy = { + enable = true; + virtualHosts = { + "${config.networking.domain}".extraConfig = '' + reverse_proxy localhost:8008 + header Strict-Transport-Security "max-age=63072000; includeSubDomains;" + ''; + }; + }; + + programs.fish.enable = true; + + programs.git = { + enable = true; + lfs.enable = true; + config = { + init.defaultBranch = "master"; + user = { + email = "git@nettika.cat"; + name = "Nettika"; + }; + credential.helper = "store"; + }; + }; + + programs.nano = { + enable = true; + nanorc = '' + set autoindent + set linenumbers + ''; + }; + + documentation.man.generateCaches = false; + + promptEmoji = "✴️"; + + time.timeZone = "America/Los_Angeles"; + + system.stateVersion = "23.05"; +} diff --git a/hosts/default.nix b/hosts/default.nix new file mode 100644 index 0000000..b17a2e7 --- /dev/null +++ b/hosts/default.nix @@ -0,0 +1,16 @@ +{ self, nixpkgs, phps, agenix, ... }: +let inherit (nixpkgs.lib) nixosSystem; +in { + marauder = nixosSystem { + system = "x86_64-linux"; + modules = [ ./marauder ]; + specialArgs = { + inherit (self) nixosModules; + inherit phps agenix; + }; + }; + astral = nixosSystem { + system = "x86_64-linux"; + modules = [ ./astral ]; + }; +} diff --git a/hosts/marauder/default.nix b/hosts/marauder/default.nix index 3d8a77a..44bfb1a 100755 --- a/hosts/marauder/default.nix +++ b/hosts/marauder/default.nix @@ -1,4 +1,4 @@ -{ pkgs, phps, ... }: +{ pkgs, nixosModules, phps, agenix, ... }: let fortune = pkgs.writeShellScript "cgi" '' echo "Content-type: text/html" @@ -9,27 +9,50 @@ let ${pkgs.ffmpeg}/bin/ffmpeg -v error -stats -hide_banner -i "$1" -c copy -f null - ''; in { - imports = [ ./backup.nix ]; + imports = [ + ./backup.nix + nixosModules.nettika + nixosModules.promptmoji + agenix.nixosModules.default + ]; + + nix = { + gc = { + automatic = true; + dates = "weekly"; + options = "--delete-older-than 30d"; + }; + settings = { + trusted-users = [ "@wheel" ]; + experimental-features = [ "nix-command" "flakes" ]; + }; + }; nixpkgs.config.allowUnfree = true; - nix.settings.experimental-features = [ "nix-command" "flakes" ]; + environment.variables.EDITOR = "nano"; - nix.gc = { - automatic = true; - dates = "weekly"; - options = "--delete-older-than 30d"; + documentation.man.generateCaches = false; + + environment.variables = { + VISUAL = "code --wait"; + PKG_CONFIG_PATH = "${pkgs.openssl.dev}/lib/pkgconfig"; }; - environment.variables.VISUAL = "code --wait"; - age.identityPaths = [ "/home/nettika/.ssh/id_ed25519" ]; networking = { hostName = "marauder"; firewall.enable = false; + networkmanager.enable = true; }; + security.sudo.wheelNeedsPassword = false; + + users.defaultUserShell = pkgs.fish; + + programs.fish.enable = true; + fileSystems = { "/" = { device = "/dev/disk/by-uuid/648c6539-892c-40d7-8b07-23fe760df02a"; @@ -95,6 +118,7 @@ in { krita openscad-unstable bambu-studio + orca-slicer # Multimedia vlc @@ -134,8 +158,32 @@ in { mullvad-vpn qbittorrent system-config-printer + openssl + pkg-config + agenix.packages.x86_64-linux.default ]; + programs.git = { + enable = true; + lfs.enable = true; + config = { + init.defaultBranch = "master"; + user = { + email = "git@nettika.cat"; + name = "Nettika"; + }; + credential.helper = "store"; + }; + }; + + programs.nano = { + enable = true; + nanorc = '' + set autoindent + set linenumbers + ''; + }; + programs.steam = { enable = true; remotePlay.openFirewall = true; diff --git a/modules/common.nix b/modules/common.nix deleted file mode 100644 index c4a9b02..0000000 --- a/modules/common.nix +++ /dev/null @@ -1,82 +0,0 @@ -{ pkgs, lib, config, ... }: { - options = { - promptSymbol = lib.mkOption { - type = lib.types.str; - description = "Prompt prefix symbol."; - }; - }; - - config = { - nix.gc = { - automatic = true; - dates = "weekly"; - options = "--delete-older-than 30d"; - }; - - users.defaultUserShell = pkgs.fish; - - users.users.nettika = { - isNormalUser = true; - extraGroups = [ "wheel" "networkmanager" ]; - openssh.authorizedKeys.keys = [ - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHopty1QG8P+OfGxQ9CV0BI1IRB/q6yITzMZaZ6Zspid nettika@marauder" - ]; - }; - - nix.settings.trusted-users = [ "@wheel" ]; - - security.sudo.wheelNeedsPassword = false; - - networking.networkmanager.enable = true; - - environment.variables.EDITOR = "nano"; - - programs.git = { - enable = true; - lfs.enable = true; - config = { - init.defaultBranch = "master"; - user = { - email = "git@nettika.cat"; - name = "Nettika"; - }; - credential.helper = "store"; - }; - }; - - programs.nano = { - enable = true; - nanorc = '' - set autoindent - set linenumbers - ''; - }; - - programs.fish = { - enable = true; - promptInit = '' - function fish_prompt - echo -n '${config.promptSymbol} ' - if fish_is_root_user - set_color red - else - set_color brgreen - end - echo -n (prompt_pwd) - set_color normal - echo -n ' > ' - end - function fish_right_prompt - set_color bryellow - echo -n (${pkgs.git}/bin/git branch --show-current 2>/dev/null) - end - ''; - shellInit = '' - set -g fish_greeting - set -g fish_prompt_pwd_full_dirs 999 - ''; - }; - - documentation.man.generateCaches = false; - }; -} diff --git a/modules/default.nix b/modules/default.nix new file mode 100644 index 0000000..f900622 --- /dev/null +++ b/modules/default.nix @@ -0,0 +1,4 @@ +{ + nettika = ./nettika.nix; + promptmoji = ./promptmoji.nix; +} diff --git a/modules/nettika.nix b/modules/nettika.nix new file mode 100644 index 0000000..9569b4a --- /dev/null +++ b/modules/nettika.nix @@ -0,0 +1,9 @@ +{ + users.users.nettika = { + isNormalUser = true; + extraGroups = [ "wheel" "networkmanager" ]; + openssh.authorizedKeys.keys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHopty1QG8P+OfGxQ9CV0BI1IRB/q6yITzMZaZ6Zspid nettika@marauder" + ]; + }; +} diff --git a/modules/promptmoji.nix b/modules/promptmoji.nix new file mode 100644 index 0000000..9f3065f --- /dev/null +++ b/modules/promptmoji.nix @@ -0,0 +1,34 @@ +{ lib, config, pkgs, ... }: { + options = { + promptSymbol = lib.mkOption { + type = lib.types.str; + description = "Prompt prefix symbol."; + }; + }; + + config = { + programs.fish = lib.mkIf config.programs.fish.enable { + promptInit = '' + function fish_prompt + echo -n '${config.promptSymbol} ' + if fish_is_root_user + set_color red + else + set_color brgreen + end + echo -n (prompt_pwd) + set_color normal + echo -n ' > ' + end + function fish_right_prompt + set_color bryellow + echo -n (${pkgs.git}/bin/git branch --show-current 2>/dev/null) + end + ''; + shellInit = '' + set -g fish_greeting + set -g fish_prompt_pwd_full_dirs 999 + ''; + }; + }; +}