many changes I don't remember...
This commit is contained in:
parent
20d938a506
commit
0f3a016a3d
19 changed files with 525 additions and 204 deletions
|
|
@ -5,8 +5,8 @@
|
|||
...
|
||||
}: let
|
||||
home-manager = builtins.fetchTarball {
|
||||
url = "https://github.com/nix-community/home-manager/archive/master.tar.gz";
|
||||
sha256 = "19w63qccz78v0spx03911z98w1bvlxvd07hb0ma14a4vdzi4ninj";
|
||||
url = "https://github.com/nix-community/home-manager/archive/release-24.11.tar.gz";
|
||||
sha256 = "0c07xj74vsj37d3a8f98i9rhhhr99ckwlp45n40f0qkmigm3pk8s";
|
||||
};
|
||||
in {
|
||||
# TODO:
|
||||
|
|
@ -15,11 +15,18 @@ in {
|
|||
|
||||
imports = [
|
||||
./hardware-configuration.nix
|
||||
(import "${home-manager}/nixos")
|
||||
#../../flakes/wishlist/wishlist.nix
|
||||
#../modules/server/nginx.nix
|
||||
#../modules/server/ssh.nix
|
||||
#../modules/server/fail2ban.nix
|
||||
];
|
||||
|
||||
# override wishlist with the new cool one!
|
||||
#pkgs.config.packageOverrides = {
|
||||
# wishlist = inputs.wishlist.packages.x86_64-linux.wishlist;
|
||||
#};
|
||||
|
||||
nix.settings = {
|
||||
# make wheel group trusted users allows my "ae" user
|
||||
# to import packages not signed by a trusted key
|
||||
|
|
@ -44,7 +51,8 @@ in {
|
|||
targetHost = "imbored.dev";
|
||||
targetUser = "ae";
|
||||
targetPort = 22;
|
||||
sshOptions = ["-i ~/.ssh/id_hyrule"];
|
||||
# the following line is unnecessary if using an ssh agent
|
||||
#sshOptions = ["-i /home/me/.ssh/id_hyrule"];
|
||||
#keys = {
|
||||
# "imbored.dev" = {
|
||||
# # text, keyCommand, or keyFile must be set
|
||||
|
|
@ -72,6 +80,9 @@ in {
|
|||
22 # sshd
|
||||
80 # nginx
|
||||
443 # nginx
|
||||
2222 # wishlist
|
||||
2035 # debug (for my job)
|
||||
5000 # debug (for my job)
|
||||
];
|
||||
};
|
||||
};
|
||||
|
|
@ -86,13 +97,27 @@ in {
|
|||
# primary user
|
||||
ae = {
|
||||
isNormalUser = true;
|
||||
extraGroups = ["wheel" "networkmanager"];
|
||||
extraGroups = ["wheel" "networkmanager" "docker"];
|
||||
shell = pkgs.bash;
|
||||
home = "/home/ae"; # TEMP: remove and replace with home-manager
|
||||
packages = with pkgs; [
|
||||
];
|
||||
};
|
||||
|
||||
subspace = let
|
||||
# override
|
||||
wishlistBash =
|
||||
pkgs.bash.override {
|
||||
};
|
||||
in {
|
||||
isNormalUser = true;
|
||||
shell = pkgs.bash;
|
||||
home = "/home/subspace";
|
||||
packages = with pkgs; [
|
||||
wishlist
|
||||
];
|
||||
};
|
||||
|
||||
# user for friends to ssh into
|
||||
friends = {
|
||||
isNormalUser = true;
|
||||
|
|
@ -104,6 +129,16 @@ in {
|
|||
};
|
||||
};
|
||||
|
||||
virtualisation.docker.enable = true;
|
||||
|
||||
home-manager = {
|
||||
users = {
|
||||
ae = import ../../homes/ae;
|
||||
subspace = import ../../homes/subspace;
|
||||
};
|
||||
sharedModules = [];
|
||||
};
|
||||
|
||||
services = {
|
||||
# simple nginx instance to host static construction page
|
||||
nginx = {
|
||||
|
|
@ -127,18 +162,21 @@ in {
|
|||
};
|
||||
};
|
||||
|
||||
# quick and dirty way temporary way accessing my server
|
||||
openssh = {
|
||||
enable = true;
|
||||
ports = [22];
|
||||
settings = {
|
||||
PasswordAuthentication = true;
|
||||
PermitRootLogin = "no";
|
||||
AllowUsers = ["ae"]; # allow all users by default
|
||||
AllowUsers = ["ae" "subspace"]; # allow all users by default
|
||||
UseDns = true;
|
||||
X11Forwarding = false;
|
||||
};
|
||||
};
|
||||
|
||||
#wishlist = {
|
||||
# enable = true;
|
||||
#};
|
||||
};
|
||||
# accept Lets Encrypt's security policy (for nginx)
|
||||
security.acme = {
|
||||
|
|
@ -146,16 +184,11 @@ in {
|
|||
defaults.email = "eclarkboman@gmail.com";
|
||||
};
|
||||
|
||||
#home-manager = {
|
||||
# users = {
|
||||
# dev = import ../../homes/dev;
|
||||
# friends = import ../../homes/friends;
|
||||
# };
|
||||
#};
|
||||
|
||||
environment.systemPackages = with pkgs; [
|
||||
vim
|
||||
helix
|
||||
|
||||
#wishlist
|
||||
];
|
||||
|
||||
programs = {
|
||||
|
|
@ -172,5 +205,17 @@ in {
|
|||
};
|
||||
};
|
||||
|
||||
#systemd.services.wishlist = {
|
||||
# description = "Single entrypoint for multiple SSH endpoints";
|
||||
# wantedBy = ["multi-user.target"];
|
||||
#
|
||||
# serviceConfig = {
|
||||
# DynamicUser = "yes";
|
||||
# ExecStart = "${pkgs.wishlist}/bin/wishlist serve --config /home/$USER/.ssh/config";
|
||||
# Restart = "always";
|
||||
# RestartSec = "2s";
|
||||
# };
|
||||
#};
|
||||
|
||||
system.stateVersion = "24.11"; # DO NOT MODIFY
|
||||
}
|
||||
|
|
|
|||
|
|
@ -4,13 +4,9 @@
|
|||
lib,
|
||||
...
|
||||
}: let
|
||||
#home-manager = builtins.fetchTarball {
|
||||
# url = "https://github.com/nix-community/home-manager/archive/release-24.05.tar.gz";
|
||||
# sha256 = "00wp0s9b5nm5rsbwpc1wzfrkyxxmqjwsc1kcibjdbfkh69arcpsn";
|
||||
#};
|
||||
home-manager = builtins.fetchTarball {
|
||||
url = "https://github.com/nix-community/home-manager/archive/master.tar.gz";
|
||||
sha256 = "19w63qccz78v0spx03911z98w1bvlxvd07hb0ma14a4vdzi4ninj";
|
||||
url = "https://github.com/nix-community/home-manager/archive/release-24.11.tar.gz";
|
||||
sha256 = "15k41il0mvmwyv6jns4z8k6khhmb22jk5gpcqs1paym3l01g6abn";
|
||||
};
|
||||
in {
|
||||
imports = [
|
||||
|
|
|
|||
|
|
@ -2,11 +2,12 @@
|
|||
pkgs,
|
||||
inputs,
|
||||
lib,
|
||||
wishlist,
|
||||
...
|
||||
}: let
|
||||
home-manager = builtins.fetchTarball {
|
||||
url = "https://github.com/nix-community/home-manager/archive/master.tar.gz";
|
||||
sha256 = "1jxrzlgc0xzad5hrjixab4brhir1hyf6cvq0zhgb7z9x06kaydin"; #"0kg9iaixqygpncw7avgh1grwyjgnfc9i7k9pk8hc4xrvr8jv2l3c";
|
||||
url = "https://github.com/nix-community/home-manager/archive/release-24.11.tar.gz";
|
||||
sha256 = "1dga3vsd60v9mfyhwgbil13mrchw5crbpgh4zjw9fghv1vyk89vq";
|
||||
};
|
||||
in {
|
||||
imports = [
|
||||
|
|
@ -32,7 +33,7 @@ in {
|
|||
boot.loader = {
|
||||
efi = {
|
||||
canTouchEfiVariables = true;
|
||||
efiSysMountPoint = "/boot"; #/boot/efi
|
||||
efiSysMountPoint = "/boot/efi"; #/boot/efi
|
||||
};
|
||||
grub = {
|
||||
efiSupport = true;
|
||||
|
|
@ -109,9 +110,11 @@ in {
|
|||
# just me fr (personal account)
|
||||
me = {
|
||||
isNormalUser = true;
|
||||
extraGroups = ["wheel"];
|
||||
extraGroups = ["wheel" "docker"];
|
||||
shell = pkgs.bash; #pkgs.fish
|
||||
packages = let
|
||||
# TODO: can I just do this: https://nix.dev/manual/nix/2.18/command-ref/new-cli/nix3-flake#url-like-syntax
|
||||
# instead to use colmena's flake.nix by specifying a rev hash in the flake input?
|
||||
colmena-src = pkgs.fetchFromGitHub {
|
||||
owner = "zhaofengli";
|
||||
repo = "colmena";
|
||||
|
|
@ -130,6 +133,9 @@ in {
|
|||
gnome-software
|
||||
|
||||
colmena-new
|
||||
|
||||
gitkraken
|
||||
keyguard # bitwarden client app
|
||||
];
|
||||
};
|
||||
|
||||
|
|
@ -167,13 +173,17 @@ in {
|
|||
wl-clipboard # clipboard for wayland
|
||||
hyprpicker
|
||||
|
||||
(callPackage ../sddm-theme-corners.nix {}).sddm-theme-corners
|
||||
#(callPackage ../sddm-theme-corners.nix {}).sddm-theme-corners
|
||||
# dependencies for my sddm theme:
|
||||
pkgs.libsForQt5.qt5.qtgraphicaleffects
|
||||
|
||||
python311 # I use 3.11 since it's in a pretty stable state now
|
||||
poetry # python dependency management and packaging
|
||||
|
||||
nixd # lsp for nix
|
||||
|
||||
neofetch # TODO: remove (installed to debug something)
|
||||
|
||||
# fish plugins
|
||||
grc # colorise command outputs
|
||||
|
||||
|
|
@ -184,11 +194,17 @@ in {
|
|||
tldr
|
||||
#btop
|
||||
|
||||
tesseract # for my work with Agribit
|
||||
|
||||
# TODO: remove this and host my nix flake on github instead
|
||||
#wishlist
|
||||
|
||||
# Pretty necessary
|
||||
git
|
||||
brightnessctl
|
||||
acpi
|
||||
vim
|
||||
nix-prefetch-git
|
||||
|
||||
# Unix Commands
|
||||
wget
|
||||
|
|
@ -216,8 +232,9 @@ in {
|
|||
programs = {
|
||||
hyprland = {
|
||||
enable = true;
|
||||
package = inputs.hyprland.packages.${pkgs.stdenv.hostPlatform.system}.hyprland;
|
||||
portalPackage = inputs.hyprland.packages.${pkgs.stdenv.hostPlatform.system}.xdg-desktop-portal-hyprland;
|
||||
# TODO: uncomment, I did this when hyprland wasn't working
|
||||
#package = inputs.hyprland.packages.${pkgs.stdenv.hostPlatform.system}.hyprland;
|
||||
#portalPackage = inputs.hyprland.packages.${pkgs.stdenv.hostPlatform.system}.xdg-desktop-portal-hyprland;
|
||||
|
||||
xwayland.enable = true;
|
||||
};
|
||||
|
|
@ -305,13 +322,15 @@ in {
|
|||
"flakes"
|
||||
];
|
||||
|
||||
virtualisation.docker.enable = true;
|
||||
|
||||
# Some programs need SUID wrappers, can be configured further or are
|
||||
# started in user sessions.
|
||||
# programs.mtr.enable = true;
|
||||
# programs.gnupg.agent = {
|
||||
# enable = true;
|
||||
# enableSSHSupport = true;
|
||||
# };
|
||||
#programs.gnupg.agent = {
|
||||
# enable = true;
|
||||
# enableSSHSupport = true;
|
||||
#};
|
||||
|
||||
# Enable the OpenSSH daemon.
|
||||
# services.openssh.enable = true;
|
||||
|
|
|
|||
|
|
@ -22,7 +22,7 @@
|
|||
fsType = "ext4";
|
||||
};
|
||||
|
||||
fileSystems."/boot" = {
|
||||
fileSystems."/boot/efi" = {
|
||||
device = "/dev/disk/by-uuid/7046-177A";
|
||||
fsType = "vfat";
|
||||
options = ["fmask=0077" "dmask=0077"];
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue