diff --git a/nixosConfigurations/default.nix b/nixosConfigurations/default.nix index 0f3bc48..c2c1bb3 100755 --- a/nixosConfigurations/default.nix +++ b/nixosConfigurations/default.nix @@ -1,9 +1,10 @@ +{...}@flakeContext: { nixosConfigurations = { - atoridu = import ./devices/mini-pc.nix flakeContext; # atoridu - lamet = import ./devices/mini-laptop.nix flakeContext; # lamet - otreca = import ./devices/vds.nix flakeContext; # vds - sapphira = import ./devices/server.nix flakeContext; # sapphira - wsl = import ./devices/wsl.nix flakeContext; # wsl + atoridu = import ./hosts/mini-pc.nix flakeContext; # atoridu + lamet = import ./hosts/mini-laptop.nix flakeContext; # lamet + otreca = import ./hosts/vds.nix flakeContext; # vds + sapphira = import ./hosts/server.nix flakeContext; # sapphira + wsl = import ./hosts/wsl.nix flakeContext; # wsl }; } diff --git a/nixosConfigurations/hosts/disko/server.nix b/nixosConfigurations/hosts/disko/server.nix new file mode 100755 index 0000000..c5928ac --- /dev/null +++ b/nixosConfigurations/hosts/disko/server.nix @@ -0,0 +1,38 @@ +{ + disko.devices = { + disk = { + main = { + device = "/dev/mmcblk0"; + type = "disk"; + content = { + type = "gpt"; + partitions = { + ESP = { + type = "EF00"; + size = "512M"; + content = { + type = "filesystem"; + format = "vfat"; + mountpoint = "/boot"; + }; + }; + swap = { + size = "2G"; + content = { + type = "swap"; + }; + }; + root = { + size = "100%"; + content = { + type = "filesystem"; + format = "ext4"; + mountpoint = "/"; + }; + }; + }; + }; + }; + }; + }; +} diff --git a/nixosConfigurations/hosts/disko/vds.nix b/nixosConfigurations/hosts/disko/vds.nix new file mode 100755 index 0000000..7ce8e7c --- /dev/null +++ b/nixosConfigurations/hosts/disko/vds.nix @@ -0,0 +1,43 @@ +{ + disko.devices = { + disk = { + main = { + device = "/dev/vda"; + type = "disk"; + content = { + type = "gpt"; + partitions = { + boot = { + type = "EF02"; + size = "1M"; + }; + # ESP = { + # size = "500M"; + # type = "EF00"; + # content = { + # type = "filesystem"; + # format = "vfat"; + # mountpoint = "/boot"; + # mountOptions = [ "umask=0077" ]; + # }; + # }; + root = { + size = "100%"; + content = { + type = "filesystem"; + format = "ext4"; + mountpoint = "/"; + }; + }; + swap = { + size = "256M"; + content = { + type = "swap"; + }; + }; + }; + }; + }; + }; + }; +} diff --git a/nixosConfigurations/hosts/hardware/laptop.nix b/nixosConfigurations/hosts/hardware/laptop.nix new file mode 100755 index 0000000..601a4d9 --- /dev/null +++ b/nixosConfigurations/hosts/hardware/laptop.nix @@ -0,0 +1,59 @@ +{ + config, + lib, + pkgs, + modulesPath, + ... +}: + +{ + imports = [ + (modulesPath + "/installer/scan/not-detected.nix") + ]; + + boot = { + initrd = { + availableKernelModules = [ + "nvme" + "xhci_pci" + "usbhid" + "usb_storage" + "uas" + "sd_mod" + ]; + kernelModules = [ ]; + }; + kernelModules = [ "kvm-amd" ]; + extraModulePackages = [ ]; + }; + + fileSystems = { + "/" = { + device = "/dev/disk/by-uuid/5938c796-6ff5-49d9-a3a6-022b4c32beeb"; + fsType = "ext4"; + }; + "/boot" = { + device = "/dev/disk/by-uuid/61BF-3342"; + fsType = "vfat"; + options = [ + "fmask=0077" + "dmask=0077" + ]; + }; + }; + + swapDevices = [ + { device = "/dev/disk/by-uuid/d89bccd2-0672-4855-9d87-40e2688cdec4"; } + ]; + + # Enables DHCP on each ethernet and wireless interface. In case of scripted networking + # (the default) this is the recommended approach. When using systemd-networkd it's + # still possible to use this option, but it's recommended to use it in conjunction + # with explicit per-interface declarations with `networking.interfaces..useDHCP`. + networking.useDHCP = lib.mkDefault true; + # networking.interfaces.enp2s0.useDHCP = lib.mkDefault true; + # networking.interfaces.tailscale0.useDHCP = lib.mkDefault true; + # networking.interfaces.wlp3s0.useDHCP = lib.mkDefault true; + + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; +} diff --git a/nixosConfigurations/hosts/hardware/logitech.nix b/nixosConfigurations/hosts/hardware/logitech.nix new file mode 100755 index 0000000..4ec69a4 --- /dev/null +++ b/nixosConfigurations/hosts/hardware/logitech.nix @@ -0,0 +1,14 @@ +{ + config, + ... +}: +{ + hardware = { + logitech = { + wireless = { + enable = true; + enableGraphical = true; + }; + }; + }; +} diff --git a/nixosConfigurations/hosts/hardware/mini-pc.nix b/nixosConfigurations/hosts/hardware/mini-pc.nix new file mode 100755 index 0000000..c463c35 --- /dev/null +++ b/nixosConfigurations/hosts/hardware/mini-pc.nix @@ -0,0 +1,89 @@ +# Do not modify this file! It was generated by ‘nixos-generate-config’ +# and may be overwritten by future invocations. Please make changes +# to /etc/nixos/configuration.nix instead. +{ + config, + lib, + pkgs, + modulesPath, + ... +}: + +{ + nixpkgs.config.permittedInsecurePackages = [ + "libsoup-2.74.3" # temp + ]; + # nix.settings.extra-sandbox-paths = [ + # "/dev/kfd" + # "/sys/devices/virtual/kfd" + # "/dev/dri/renderD128" + # ]; + + imports = [ + (modulesPath + "/installer/scan/not-detected.nix") + ]; + + boot = { + initrd.availableKernelModules = [ + "nvme" + "xhci_pci" + "thunderbolt" + "usb_storage" + "uas" + "usbhid" + "sd_mod" + ]; + kernelModules = [ + "kvm-amd" + "amdgpu" + ]; + extraModulePackages = [ ]; + }; + + hardware = { + amdgpu = { + opencl.enable = true; + amdvlk = { + enable = true; + }; + }; + graphics.extraPackages = with pkgs; [ + mesa + amf + ]; + }; + # systemd.tmpfiles.rules = [ + # "L+ /opt/rocm/hip - - - - ${pkgs.rocmPackages.clr}" + # ]; + + fileSystems = { + "/" = { + device = "/dev/disk/by-uuid/5938c796-6ff5-49d9-a3a6-022b4c32beeb"; + fsType = "ext4"; + }; + "/boot" = { + device = "/dev/disk/by-uuid/61BF-3342"; + fsType = "vfat"; + options = [ + "fmask=0077" + "dmask=0077" + ]; + }; + }; + + swapDevices = [ + { device = "/dev/disk/by-uuid/d89bccd2-0672-4855-9d87-40e2688cdec4"; } + ]; + + # Enables DHCP on each ethernet and wireless interface. In case of scripted networking + # (the default) this is the recommended approach. When using systemd-networkd it's + # still possible to use this option, but it's recommended to use it in conjunction + # with explicit per-interface declarations with `networking.interfaces..useDHCP`. + networking.useDHCP = lib.mkDefault true; + # networking.interfaces.eno1.useDHCP = lib.mkDefault true; + # networking.interfaces.enp100s0.useDHCP = lib.mkDefault true; + # networking.interfaces.wlp98s0.useDHCP = lib.mkDefault true; + + #nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; + hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; +} diff --git a/nixosConfigurations/hosts/hardware/server.nix b/nixosConfigurations/hosts/hardware/server.nix new file mode 100755 index 0000000..669b605 --- /dev/null +++ b/nixosConfigurations/hosts/hardware/server.nix @@ -0,0 +1,78 @@ +{ + config, + lib, + pkgs, + modulesPath, + ... +}: +{ + imports = [ + (modulesPath + "/installer/scan/not-detected.nix") + ]; + boot = { + initrd = { + availableKernelModules = [ + "ahci" + "xhci_pci" + "usbhid" + "usb_storage" + "sd_mod" + "sdhci_pci" + ]; + }; + kernel = { + sysctl = { + "fs.inotify.max_user_watches" = "204800"; + }; + }; + kernelModules = [ + "kvm-intel" + "coretemp" + ]; + }; + + fileSystems = { + "/" = { + device = "/dev/disk/by-partlabel/disk-main-root"; + fsType = "ext4"; + }; + "/boot" = { + device = "/dev/disk/by-partlabel/disk-main-ESP"; + fsType = "vfat"; + options = [ + "fmask=0022" + "dmask=0022" + ]; + }; + }; + + # fileSystems."/" = + # { device = "/dev/disk/by-uuid/8acccc34-edc6-4934-886c-ef4b778ca24a"; + # fsType = "ext4"; + # }; + # + # fileSystems."/boot" = + # { device = "/dev/disk/by-uuid/DDF2-C940"; + # fsType = "vfat"; + # options = [ "fmask=0022" "dmask=0022" ]; + # }; + # + # fileSystems."/home/otreca/External" = + # { device = "/dev/disk/by-uuid/37e53ebc-5343-a94d-9fe2-0ca39e13a8de"; + # fsType = "ext4"; + # }; + + swapDevices = [ ]; + + # Enables DHCP on each ethernet and wireless interface. In case of scripted networking + # (the default) this is the recommended approach. When using systemd-networkd it's + # still possible to use this option, but it's recommended to use it in conjunction + # with explicit per-interface declarations with `networking.interfaces..useDHCP`. + networking.useDHCP = lib.mkDefault true; + # networking.interfaces.eno1.useDHCP = lib.mkDefault true; + # networking.interfaces.tailscale0.useDHCP = lib.mkDefault true; + # networking.interfaces.wlp3s0.useDHCP = lib.mkDefault true; + + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; + hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; +} diff --git a/nixosConfigurations/hosts/hardware/vds.nix b/nixosConfigurations/hosts/hardware/vds.nix new file mode 100755 index 0000000..3db54b3 --- /dev/null +++ b/nixosConfigurations/hosts/hardware/vds.nix @@ -0,0 +1,43 @@ +{ + config, + lib, + pkgs, + modulesPath, + ... +}: +{ + imports = [ + (modulesPath + "/installer/scan/not-detected.nix") + ]; + + fileSystems = { + "/" = { + device = lib.mkForce "/dev/disk/by-partlabel/disk-main-root"; # "/dev/disk/by-partlabel/disk-main-root"; + fsType = "ext4"; + }; + # "/boot" = { + # device = lib.mkForce "/dev/disk/by-partlabel/disk-main-ESP"; + # fsType = "vfat"; + # options = [ + # "fmask=0022" + # "dmask=0022" + # ]; + # }; + }; + + # swapDevices = [ + # { device = "/dev/disk/by-partlabel/disk-main-swap"; } + # ]; + + # Enables DHCP on each ethernet and wireless interface. In case of scripted networking + # (the default) this is the recommended approach. When using systemd-networkd it's + # still possible to use this option, but it's recommended to use it in conjunction + # with explicit per-interface declarations with `networking.interfaces..useDHCP`. + networking.useDHCP = lib.mkDefault true; + # networking.interfaces.eno1.useDHCP = lib.mkDefault true; + # networking.interfaces.tailscale0.useDHCP = lib.mkDefault true; + # networking.interfaces.wlp3s0.useDHCP = lib.mkDefault true; + + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; + hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; +} diff --git a/nixosConfigurations/hosts/laptop.nix b/nixosConfigurations/hosts/laptop.nix new file mode 100755 index 0000000..63297f7 --- /dev/null +++ b/nixosConfigurations/hosts/laptop.nix @@ -0,0 +1,197 @@ +{ + inputs, + ... +}@flakeContext: +let + nixosModule = + { + config, + lib, + pkgs, + ... + }: + { + xlib.device = { + type = "primary"; + }; + + imports = + with inputs; + [ + ./hardware/laptop.nix + ./hardware/logitech.nix + self.nixosModules.default + #nixos-hardware.nixosModules.asus-fa506ic + + self.nixosModules.software.wine + self.nixosModules.software.beets + self.nixosModules.desktop + sops-nix.nixosModules.sops + ] + ++ builtins.attrValues inputs.self.nixosModules.extra.self; + + home-manager = { + extraSpecialArgs = { + xlib = config.xlib; + }; + }; + + fileSystems = { + "${config.xlib.dirs.therima-drive}" = { + device = "/dev/disk/by-uuid/C0A2DDEFA2DDEA44"; + fsType = "ntfs3"; + options = [ + "defaults" + "uid=1000" + "gid=1000" + "fmask=0007" + "dmask=0007" + "nofail" + #"x-systemd.device-timeout=0" + ]; + }; + "${config.xlib.dirs.vetymae-drive}" = { + device = "/dev/disk/by-uuid/6E04EA7F04EA49A3"; + fsType = "ntfs3"; + options = [ + "defaults" + "uid=1000" + "gid=1000" + "fmask=0007" + "dmask=0007" + "nofail" + #"x-systemd.device-timeout=0" + ]; + }; + "/mnt/beets/music" = { + device = "/home/${config.xlib.device.username}/Music"; # "${config.xlib.dirs.vetymae-drive}/Users/User/Music" + options = [ + "bind" + #"uid=1000" + #"gid=1000" + "fmask=0077" + "dmask=0077" + "nofail" + #"x-systemd.device-timeout=0" + ]; + }; + }; + + boot = { + kernelPackages = lib.mkDefault pkgs.linuxPackages_xanmod_stable; + kernelParams = [ "usbcore.autosuspend=-1" ]; + loader = { + systemd-boot.enable = lib.mkDefault true; + efi.canTouchEfiVariables = lib.mkDefault true; + }; + }; + + hardware = { + bluetooth.enable = true; + # nvidia = { + # open = true; + # dynamicBoost.enable = true; + # nvidiaSettings = true; + # powerManagement = { + # enable = false; + # finegrained = false; # maybe comment this out idk what it does + # }; + # #package = config.boot.kernelPackages.nvidiaPackages.stable; + # nvidiaPersistenced = true; + # modesetting.enable = true; + # prime = { + # offload = { + # enable = true; + # enableOffloadCmd = true; + # }; + # sync.enable = false; + # amdgpuBusId = "PCI:6:0:0"; + # nvidiaBusId = "PCI:1:0:0"; + # }; + # }; + }; + + # networking.firewall.allowedTCPPorts = [ ... ]; + # networking.firewall.allowedUDPPorts = [ ... ]; + networking = { + hostName = "${config.xlib.device.hostname}"; + networkmanager.enable = true; + firewall.enable = false; + }; + + i18n = { + extraLocaleSettings = { + LC_ADDRESS = "ru_RU.UTF-8"; + LC_IDENTIFICATION = "ru_RU.UTF-8"; + LC_MEASUREMENT = "ru_RU.UTF-8"; + LC_MONETARY = "ru_RU.UTF-8"; + LC_NAME = "ru_RU.UTF-8"; + LC_NUMERIC = "ru_RU.UTF-8"; + LC_PAPER = "ru_RU.UTF-8"; + LC_TELEPHONE = "ru_RU.UTF-8"; + LC_TIME = "ru_RU.UTF-8"; + }; + }; + + services = { + xserver = { + videoDrivers = [ + "amdgpu" + "nvidia" + ]; + }; + syncthing = { + enable = true; + systemService = true; + configDir = "${config.xlib.dirs.user-storage}/Syncthing/${config.system.name}"; + dataDir = "${config.xlib.dirs.user-home}"; + group = "users"; + user = "${config.xlib.device.username}"; + }; + pipewire = { + enable = lib.mkDefault true; + systemWide = true; + alsa.enable = false; + alsa.support32Bit = true; + pulse.enable = true; + jack.enable = true; + extraConfig.pipewire = { + "99-default.conf" = { + "context.properties" = { + "default.clock.rate" = 96000; + "default.clock.allowed-rates" = [ + 44100 + 48000 + 96000 + ]; + "default.clock.quantum" = 1024; + "default.clock.min-quantum" = 256; + "default.clock.max-quantum" = 2048; + }; + }; + }; + }; + thermald.enable = true; + earlyoom.enable = true; + preload.enable = true; + }; + nixpkgs.config.pulseaudio = true; + + #services.power-profiles-daemon.enable = false; + + security = { + rtkit.enable = true; + }; + + system.stateVersion = "25.11"; + }; +in +inputs.nixpkgs.lib.nixosSystem { + modules = [ + nixosModule + ]; + system = "x86_64-linux"; + specialArgs = { + deviceType = "primary"; + }; +} diff --git a/nixosConfigurations/hosts/mini-laptop.nix b/nixosConfigurations/hosts/mini-laptop.nix new file mode 100755 index 0000000..e7069b4 --- /dev/null +++ b/nixosConfigurations/hosts/mini-laptop.nix @@ -0,0 +1,43 @@ +{ + inputs, + ... +}@flakeContext: +let + nixosModule = + { + config, + lib, + pkgs, + ... + }: + { + xlib.device = { + type = "primary"; + hostname = "lamet"; + }; + + imports = with inputs; [ + self.homeConfigurations.default.nixosModule + self.nixosModules.default + + nixos-hardware.nixosModules.chuwi-minibook-x + ]; + + home-manager = { + extraSpecialArgs = { + xlib = config.xlib; + }; + }; + + hardware.intel-gpu-tools.enable = true; + }; +in +inputs.nixpkgs.lib.nixosSystem { + modules = with inputs; [ + nixosModule + ]; + system = "x86_64-linux"; + specialArgs = { + deviceType = "primary"; + }; +} diff --git a/nixosConfigurations/hosts/mini-pc.nix b/nixosConfigurations/hosts/mini-pc.nix new file mode 100755 index 0000000..fc1ca82 --- /dev/null +++ b/nixosConfigurations/hosts/mini-pc.nix @@ -0,0 +1,185 @@ +{ + inputs, + ... +}@flakeContext: +let + nixosModule = + { + config, + lib, + pkgs, + ... + }: + { + device = { + type = "primary"; + hostname = "atoridu"; + }; + + imports = with inputs; [ + ./hardware/mini-pc.nix + ./hardware/logitech.nix + self.nixosModules.default + self.homeConfigurations.default.nixosModule + + sops-nix.nixosModules.sops + self.nixosModules.server.open-webui + self.nixosModules.software.wine + self.nixosModules.software.beets + #self.nixosModules.extra.self.fingerprint + self.nixosModules.desktop + # self.homeConfigurations.main.nixosModule + # self.homeConfigurations.root.nixosModule + ]; + + home-manager = { + extraSpecialArgs = { + xlib = config.xlib; + }; + }; + + sops = { + defaultSopsFile = ./secrets/example.yaml; + age.keyFile = "/var/lib/sops-nix/key.txt"; + }; + + fileSystems = { + "${config.xlib.dirs.therima-drive}" = { + device = "/dev/disk/by-uuid/C0A2DDEFA2DDEA44"; + fsType = "ntfs3"; + options = [ + "defaults" + "uid=1000" + "gid=1000" + "fmask=0007" + "dmask=0007" + "nofail" + #"x-systemd.device-timeout=0" + ]; + }; + "${config.xlib.dirs.vetymae-drive}" = { + device = "/dev/disk/by-uuid/38D63C6ED63C2E8E"; + fsType = "ntfs3"; + options = [ + "defaults" + "uid=1000" + "gid=1000" + "fmask=0007" + "dmask=0007" + "nofail" + #"x-systemd.device-timeout=0" + ]; + }; + "/mnt/beets/music" = { + device = "/home/${config.xlib.device.username}/Music"; # "${config.xlib.dirs.vetymae-drive}/Users/User/Music" + options = [ + "bind" + #"uid=1000" + #"gid=1000" + "fmask=0077" + "dmask=0077" + "nofail" + #"x-systemd.device-timeout=0" + ]; + }; + }; + + boot = { + kernelPackages = lib.mkDefault pkgs.linuxPackages_xanmod_latest; + #kernelParams = [ "usbcore.autosuspend=-1" ]; + loader = { + systemd-boot.enable = lib.mkDefault true; + efi.canTouchEfiVariables = lib.mkDefault true; + }; + }; + + hardware = { + bluetooth.enable = true; + graphics.extraPackages = with pkgs; [ + amdvlk + ]; + }; + + # networking.firewall.allowedTCPPorts = [ ... ]; + # networking.firewall.allowedUDPPorts = [ ... ]; + networking = { + hostName = "${config.xlib.device.hostname}"; + networkmanager.enable = true; + firewall.enable = false; + }; + + i18n = { + extraLocaleSettings = { + LC_ADDRESS = "ru_RU.UTF-8"; + LC_IDENTIFICATION = "ru_RU.UTF-8"; + LC_MEASUREMENT = "ru_RU.UTF-8"; + LC_MONETARY = "ru_RU.UTF-8"; + LC_NAME = "ru_RU.UTF-8"; + LC_NUMERIC = "ru_RU.UTF-8"; + LC_PAPER = "ru_RU.UTF-8"; + LC_TELEPHONE = "ru_RU.UTF-8"; + LC_TIME = "ru_RU.UTF-8"; + }; + }; + + services = { + #logrotate.checkConfig = false; + #power-profiles-daemon.enable = false; + xserver = { + videoDrivers = [ + "amdgpu" + ]; + }; + syncthing = { + enable = true; + systemService = true; + configDir = "${config.xlib.dirs.user-storage}/Syncthing/${config.system.name}"; + dataDir = "${config.xlib.dirs.user-home}"; + group = "users"; + user = "${config.xlib.device.username}"; + }; + pipewire = { + enable = lib.mkDefault true; + systemWide = true; + alsa.enable = false; + alsa.support32Bit = true; + pulse.enable = true; + jack.enable = true; + extraConfig.pipewire = { + "99-default.conf" = { + "context.properties" = { + "default.clock.rate" = 96000; + "default.clock.allowed-rates" = [ + 44100 + 48000 + 96000 + ]; + "default.clock.quantum" = 1024; + "default.clock.min-quantum" = 256; + "default.clock.max-quantum" = 2048; + }; + }; + }; + }; + thermald.enable = true; + earlyoom.enable = true; + preload.enable = true; + }; + nixpkgs.config.pulseaudio = true; + + security = { + rtkit.enable = true; + }; + + system.stateVersion = "25.11"; + }; +in +inputs.nixpkgs.lib.nixosSystem { + modules = [ + nixosModule + ]; + system = "x86_64-linux"; + specialArgs = { + deviceType = "primary"; + }; +} diff --git a/nixosConfigurations/hosts/server.nix b/nixosConfigurations/hosts/server.nix new file mode 100755 index 0000000..aca1fba --- /dev/null +++ b/nixosConfigurations/hosts/server.nix @@ -0,0 +1,230 @@ +{ inputs, ... }@flakeContext: +let + nixosModule = + { + config, + lib, + pkgs, + ... + }: + { + xlib.device = { + type = "server"; + hostname = "sapphira"; + }; + + imports = with inputs; [ + ./hardware/server.nix + + self.nixosModules.server.immich + self.nixosModules.server.nextcloud + self.nixosModules.server.nginx + self.nixosModules.software.beets + ]; + + home-manager = { + extraSpecialArgs = { + xlib = config.xlib; + }; + }; + + boot = { + kernelPackages = pkgs.linuxPackages_xanmod_stable; + hardwareScan = true; + loader = { + systemd-boot.enable = lib.mkDefault true; + efi.canTouchEfiVariables = lib.mkDefault true; + }; + }; + + hardware = { + bluetooth.enable = true; + }; + + # swapDevices = [ + # { device = "/dev/disk/by-partlabel/disk-main-swap"; } + # ]; + + users = { + users = { + "${config.xlib.device.username}" = { + openssh.authorizedKeys.keys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKduJia+unaQQdN6X5syaHvnpIutO+yZwvfiCP4qKQ/P root@sapphira" + ]; + }; + }; + }; + + fileSystems = { + # External drive + "${config.xlib.dirs.server-home}" = { + device = "/dev/disk/by-uuid/37e53ebc-5343-a94d-9fe2-0ca39e13a8de"; + fsType = "ext4"; + options = [ + #"nofail" + "x-systemd.device-timeout=0" + ]; + }; + # Archive drive + "/mnt/archive" = { + device = "/dev/disk/by-label/archive"; + fsType = "exfat"; + options = [ + "nofail" + "x-systemd.device-timeout=0" + "uid=1000" + "gid=1000" + ]; + }; + # beets + "/mnt/beets/music" = { + device = "${config.xlib.dirs.server-home}/Music"; + options = [ + "bind" + "uid=1000" + "gid=1000" + "fmask=0007" + "dmask=0007" + "nofail" + "x-systemd.device-timeout=0" + ]; + }; + }; + + services = { + power-profiles-daemon.enable = lib.mkForce false; + earlyoom.enable = true; + preload.enable = true; + auto-cpufreq.enable = false; + throttled.enable = true; + journald = { + extraConfig = '' + SystemMaxUse=512M + ''; + }; + samba = { + enable = true; + settings = { + global = { + "invalid users" = [ ]; + "passwd program" = "/run/wrappers/bin/passwd %u"; + security = "user"; + }; + nixos = { + "path" = "/etc/nixos"; + "browseable" = "yes"; + "read only" = "no"; + "valid users" = "${config.xlib.device.username}"; + "guest ok" = "no"; + "writable" = "yes"; + "create mask" = 755; + "directory mask" = 755; + "force user" = "${config.xlib.device.username}"; + "force group" = "users"; + }; + root = { + "path" = "/"; + "browseable" = "yes"; + "read only" = "no"; + "valid users" = "${config.xlib.device.username}"; + "guest ok" = "no"; + "writable" = "yes"; + #"create mask" = 0644; + #"directory mask" = 0644; + "force user" = "root"; + "force group" = "root"; + }; + "${config.xlib.device.username}" = { + "path" = "${config.xlib.dirs.server-home}"; + "browseable" = "yes"; + "read only" = "no"; + "valid users" = "${config.xlib.device.username}"; + "guest ok" = "no"; + "writable" = "yes"; + "create mask" = 700; + "directory mask" = 700; + "force user" = "${config.xlib.device.username}"; + "force group" = "users"; + }; + }; + }; + calibre-web = { + enable = true; + group = "users"; + user = "${config.xlib.device.username}"; + options = { + calibreLibrary = "${config.xlib.dirs.calibre-library}"; + enableBookUploading = true; + enableKepubify = false; + }; + listen.ip = "0.0.0.0"; + listen.port = 8083; + openFirewall = true; + }; + openssh = { + enable = true; + allowSFTP = true; + hostKeys = [ + { + path = "/etc/ssh/id_ed25519"; + type = "ed25519"; + } + ]; + settings = { + PasswordAuthentication = false; + PermitRootLogin = "yes"; + UsePAM = true; + }; + }; + transmission = { + enable = false; + credentialsFile = "${config.xlib.dirs.server-home}/server/transmission/settings.json"; + openRPCPort = true; + package = pkgs.transmission_4; + user = "${config.xlib.device.username}"; + group = "users"; + settings = { + download-dir = "${config.xlib.dirs.server-home}/Downloads"; + incomplete-dir = "${config.xlib.dirs.server-home}/Downloads/Temp"; + incomplete-dir-enabled = true; + rpc-bind-address = "0.0.0.0"; + rpc-port = 9091; + rpc-whitelist-enabled = false; + umask = 0; + }; + }; + syncthing = { + enable = true; + systemService = true; + guiAddress = "0.0.0.0:8384"; + configDir = "${config.xlib.dirs.storage}/Syncthing/${config.xlib.device.hostname}"; + dataDir = "${config.xlib.dirs.server-home}"; + group = "users"; + user = "${config.xlib.device.username}"; + }; + }; + + networking = { + hostName = "${config.xlib.device.hostname}"; + networkmanager.enable = true; + firewall.enable = false; + }; + + system = { + stateVersion = "25.05"; + }; + }; +in +inputs.nixpkgs.lib.nixosSystem { + modules = with inputs; [ + nixosModule + + self.nixosModules.default + self.homeConfigurations.default.nixosModule + sops-nix.nixosModules.sops + ]; + system = "x86_64-linux"; + specialArgs = { + deviceType = "server"; + }; +} diff --git a/nixosConfigurations/hosts/vds.nix b/nixosConfigurations/hosts/vds.nix new file mode 100755 index 0000000..9ec37df --- /dev/null +++ b/nixosConfigurations/hosts/vds.nix @@ -0,0 +1,163 @@ +{ inputs, ... }@flakeContext: +let + nixosModule = + { + config, + lib, + modulesPath, + pkgs, + ... + }: + { + xlib.device = { + type = "vds"; + hostname = "otreca"; + }; + + imports = + with inputs; + [ + (modulesPath + "/installer/scan/not-detected.nix") + (modulesPath + "/profiles/qemu-guest.nix") + + ./disko/vds.nix + ./hardware/vds.nix + disko.nixosModules.disko + + self.nixosModules.default + self.homeConfigurations.default.nixosModule + ] + ++ builtins.attrValues inputs.self.nixosModules.vds; + + home-manager = { + extraSpecialArgs = { + xlib = config.xlib; + }; + }; + + boot = { + kernelPackages = pkgs.linuxPackages_xanmod_stable; + hardwareScan = true; + loader = { + grub = { + enable = true; + device = "nodev"; + useOSProber = false; + efiSupport = false; + }; + systemd-boot.enable = lib.mkDefault false; + }; + }; + + users = { + users = { + root = { + openssh.authorizedKeys.keys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKduJia+unaQQdN6X5syaHvnpIutO+yZwvfiCP4qKQ/P" + ]; + }; + "${config.xlib.device.username}" = { + openssh.authorizedKeys.keys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKduJia+unaQQdN6X5syaHvnpIutO+yZwvfiCP4qKQ/P" + ]; + }; + }; + }; + + services = { + earlyoom.enable = true; + preload.enable = true; + journald = { + extraConfig = '' + SystemMaxUse=512M + ''; + }; + samba = { + enable = true; + openFirewall = true; + settings = { + global = { + "invalid users" = [ ]; + "passwd program" = "/run/wrappers/bin/passwd %u"; + security = "user"; + }; + nixos = { + "path" = "/etc/nixos"; + "browseable" = "yes"; + "read only" = "no"; + "valid users" = "${config.xlib.device.username}"; + "guest ok" = "no"; + "writable" = "yes"; + "create mask" = 755; + "directory mask" = 755; + "force user" = "${config.xlib.device.username}"; + "force group" = "users"; + }; + root = { + "path" = "/"; + "browseable" = "yes"; + "read only" = "no"; + "valid users" = "${config.xlib.device.username}"; + "guest ok" = "no"; + "writable" = "yes"; + #"create mask" = 0644; + #"directory mask" = 0644; + "force user" = "root"; + "force group" = "root"; + }; + "${config.xlib.device.username}" = { + "path" = "/home/${config.xlib.device.username}"; + "browseable" = "yes"; + "read only" = "no"; + "valid users" = "${config.xlib.device.username}"; + "guest ok" = "no"; + "writable" = "yes"; + "create mask" = 700; + "directory mask" = 700; + "force user" = "${config.xlib.device.username}"; + "force group" = "users"; + }; + }; + }; + openssh = { + enable = true; + allowSFTP = true; + openFirewall = true; + hostKeys = [ + { + path = "/etc/ssh/id_ed25519"; + type = "ed25519"; + } + ]; + settings = { + PasswordAuthentication = false; + PermitRootLogin = "yes"; + UsePAM = true; + }; + }; + tailscale = { + enable = true; + openFirewall = true; + }; + }; + + networking = { + hostName = "${config.xlib.device.hostname}"; + networkmanager.enable = true; + firewall.enable = true; + }; + + system = { + stateVersion = "25.05"; + }; + }; +in +inputs.nixpkgs.lib.nixosSystem { + modules = with inputs; [ + nixosModule + ]; + system = "x86_64-linux"; + specialArgs = { + deviceType = "vds"; + }; +} diff --git a/nixosConfigurations/hosts/wsl.nix b/nixosConfigurations/hosts/wsl.nix new file mode 100755 index 0000000..e96d4e2 --- /dev/null +++ b/nixosConfigurations/hosts/wsl.nix @@ -0,0 +1,85 @@ +{ inputs, ... }@flakeContext: +let + nixosModule = + { + config, + lib, + pkgs, + modulesPath, + ... + }: + { + xlib.device = { + type = "wsl"; + hostname = "wsl"; + }; + + imports = with inputs; [ + # Hardware + nixos-wsl.nixosModules.default + + # Base + self.homeConfigurations.default.nixosModule + self.nixosModules.default + + # Custom + self.nixosModules.software.beets + self.nixosModules.server.open-webui + ]; + + home-manager = { + extraSpecialArgs = { + xlib = config.xlib; + }; + }; + + fileSystems = { + # beets + "/mnt/beets/music" = { + device = "${config.xlib.dirs.wsl-home}/Music"; + options = [ + "bind" + "uid=1000" + "gid=1000" + "fmask=0007" + "dmask=0007" + "nofail" + "x-systemd.device-timeout=0" + ]; + }; + }; + + #zramSwap.enable = true; + services = { + journald = { + extraConfig = '' + SystemMaxUse=512M + ''; + }; + earlyoom.enable = true; + }; + + networking = { + firewall.enable = false; + hostName = config.xlib.device.hostname; + }; + + wsl = { + enable = true; + startMenuLaunchers = true; + #useWindowsDriver = true; + defaultUser = config.xlib.device.username; + }; + + system.stateVersion = "24.11"; + }; +in +inputs.nixpkgs.lib.nixosSystem { + modules = [ + nixosModule + ]; + system = "x86_64-linux"; + specialArgs = { + deviceType = "wsl"; + }; +}