Move marauder configs into hosts directory

hosts/marauder/backup.nix

@@ -0,0 +1,42 @@
+{ pkgs, config, ... }: {
+  systemd.services = {
+    notify-backup-b2-failed = {
+      description = "Notify on failed backup to B2";
+      serviceConfig = {
+        Type = "oneshot";
+        User = "nettika";
+      };
+      environment = {
+        DBUS_SESSION_BUS_ADDRESS = "unix:path=/run/user/1000/bus";
+      };
+      path = [ pkgs.libnotify ];
+      script = ''
+        notify-send -u critical "Backup to B2 failed" "$(journalctl -u restic-backups-b2 -n 5 -o cat)"'';
+    };
+    restic-backups-b2 = { onFailure = [ "notify-backup-b2-failed.service" ]; };
+  };
+
+  age.secrets = {
+    restic-env.file = ./secrets/restic-env.age;
+    restic-password.file = ./secrets/restic-password.age;
+  };
+
+  services.restic.backups = {
+    b2 = {
+      initialize = true;
+      environmentFile = config.age.secrets.restic-env.path;
+      passwordFile = config.age.secrets.restic-password.path;
+      repository = "b2:marauder-backup";
+      paths = let home = config.users.users.nettika.home;
+      in [
+        "${home}/Artwork"
+        "${home}/Documents"
+        "${home}/Music"
+        "${home}/Pictures"
+        "${home}/Projects"
+        "${home}/Videos"
+      ];
+      pruneOpts = [ "--keep-daily 7" "--keep-weekly 5" "--keep-monthly 12" ];
+    };
+  };
+}

hosts/marauder/default.nix

@@ -0,0 +1,215 @@
+{ pkgs, phps, agenix, ... }:
+let
+  fortune = pkgs.writeShellScript "cgi" ''
+    echo "Content-type: text/html"
+    echo ""
+    ${pkgs.fortune}/bin/fortune
+  '';
+  ffcheck = pkgs.writeShellScriptBin "ffcheck" ''
+    ${pkgs.ffmpeg}/bin/ffmpeg -v error -stats -hide_banner -i "$1" -c copy -f null -
+  '';
+in {
+  imports = [ ./backup.nix ];
+
+  nixpkgs.config.allowUnfree = true;
+
+  nix.settings.experimental-features = [ "nix-command" "flakes" ];
+
+  nix.gc = {
+    automatic = true;
+    dates = "weekly";
+    options = "--delete-older-than 30d";
+  };
+
+  environment.variables.VISUAL = "code --wait";
+
+  age.identityPaths = [ "/home/nettika/.ssh/id_ed25519" ];
+
+  networking = {
+    hostName = "marauder";
+    firewall.enable = false;
+  };
+
+  fileSystems = {
+    "/" = {
+      device = "/dev/disk/by-uuid/648c6539-892c-40d7-8b07-23fe760df02a";
+      fsType = "ext4";
+    };
+    "/boot" = {
+      device = "/dev/disk/by-uuid/1D62-C30E";
+      fsType = "vfat";
+      options = [ "fmask=0022" "dmask=0022" ];
+    };
+  };
+
+  boot = {
+    loader = {
+      systemd-boot.enable = true;
+      efi.canTouchEfiVariables = true;
+    };
+    initrd = {
+      systemd.enable = true;
+      availableKernelModules =
+        [ "nvme" "xhci_pci" "usbhid" "usb_storage" "sd_mod" ];
+    };
+    kernelModules = [ "kvm-amd" ];
+    kernelParams = [ "amd_pstate=active" ];
+  };
+
+  hardware = {
+    enableRedistributableFirmware = true;
+    cpu.amd.updateMicrocode = true;
+    graphics = {
+      enable = true;
+      enable32Bit = true;
+      extraPackages = [ pkgs.vaapiVdpau ];
+    };
+    nvidia = {
+      open = true;
+      prime = {
+        offload = {
+          enable = true;
+          enableOffloadCmd = true;
+        };
+        amdgpuBusId = "PCI:05:00:0";
+        nvidiaBusId = "PCI:01:00:0";
+      };
+    };
+  };
+
+  environment.systemPackages = with pkgs; [
+    # Chat clients
+    discord
+    slack
+    element-desktop
+    telegram-desktop
+    signal-desktop
+
+    # Browsers
+    firefox
+    filezilla
+
+    # Creative
+    inkscape
+    gimp
+    krita
+    openscad-unstable
+    bambu-studio
+
+    # Multimedia
+    vlc
+    ffmpeg
+    ffcheck
+    aonsoku
+
+    # Code Editors
+    vscode
+    arduino-ide
+
+    # Dev Tools
+    nixd
+    nixfmt-classic
+    nixpkgs-fmt
+    pyenv
+    rustup
+    electron
+
+    # Languages
+    gcc
+    kotlin
+    nodejs
+    php
+
+    # Command line
+    htop
+    jq
+
+    # Misc
+    obsidian
+    intiface-central
+    prismlauncher
+    blender
+    mullvad-vpn
+    qbittorrent
+    system-config-printer
+    agenix.packages.x86_64-linux.default
+  ];
+
+  programs.steam = {
+    enable = true;
+    remotePlay.openFirewall = true;
+    dedicatedServer.openFirewall = true;
+  };
+
+  programs.direnv.enable = true;
+
+  programs.ssh.extraConfig = ''
+    Host quasar
+      HostName consortium.chat
+      IdentityFile ~/.ssh/LightsailDefaultKey-us-west-2.pem
+
+    Host monolith
+      HostName 10.243.210.154
+  '';
+
+  services.mysql = {
+    enable = true;
+    package = pkgs.mariadb;
+  };
+
+  services.httpd = {
+    enable = true;
+    enablePHP = true;
+    phpPackage = phps.packages.x86_64-linux.php80;
+    extraConfig = ''
+      ScriptAlias /fortune ${fortune}/bin/fortune
+    '';
+    virtualHosts."localhost" = {
+      documentRoot = "/var/www";
+      locations."/".index = "index.html index.php";
+    };
+  };
+
+  programs.nix-ld.enable = true;
+
+  services.xserver = {
+    enable = true;
+    videoDrivers = [ "nvidia" ];
+    desktopManager = {
+      cinnamon.enable = true;
+      xterm.enable = false;
+    };
+  };
+
+  services.printing.enable = true;
+
+  services.avahi = {
+    enable = true;
+    nssmdns4 = true;
+    openFirewall = true;
+  };
+
+  services.displayManager.defaultSession = "cinnamon";
+
+  services.power-profiles-daemon.enable = false;
+
+  services.tlp.enable = true;
+
+  services.fstrim.enable = true;
+
+  services.zerotierone = {
+    enable = true;
+    joinNetworks = [ "8056c2e21c0b1a53" ];
+  };
+
+  services.mullvad-vpn = {
+    enable = true;
+    package = pkgs.mullvad-vpn; # Include GUI
+  };
+
+  promptSymbol = "💜";
+
+  time.timeZone = "America/Los_Angeles";
+
+  system.stateVersion = "24.05";
+}

hosts/marauder/secrets/restic-env.age

@@ -0,0 +1,5 @@
+age-encryption.org/v1
+-> ssh-ed25519 f+PJrQ qccE2xAzfBZ3DCRQtQDgwS1UzjlZx44oUrYjcDfMfDk
+I2l6xRJsdQLYB2cMo0Kfi6mVyhZsuSPFG574P8pl12Y
+--- WoBlo7fqYRkiBYPoLpa3wHB8ZPCVy32a4aL5UswCHJc
+L£æΚÈ[¤Nî<#Õ]ˆ
Ÿ<>üBÄ}–×fË%P„ôxK±Û¨þkI½©”<§V<C2A7>Ÿ…¶YÄ5#å±ð÷û”qE³4’­®¶l—ËøF¾“8ukȨ<C388>ûÂ%À´U53yìû"<22>g\ªZæÙC®õW¥²g­z