diff options
| -rw-r--r-- | flake/default.nix | 2 | ||||
| -rw-r--r-- | flake/packages/default.nix | 9 | ||||
| -rw-r--r-- | home-manager/wms/river/default.nix | 4 | ||||
| -rw-r--r-- | hosts/apzu/hardware/default.nix | 1 | ||||
| -rw-r--r-- | hosts/isimud/default.nix | 22 | ||||
| -rw-r--r-- | hosts/isimud/hardware/default.nix | 7 | ||||
| -rw-r--r-- | hosts/isimud/networking.nix | 5 | ||||
| -rw-r--r-- | hosts/tiamat/default.nix | 3 | ||||
| -rw-r--r-- | hosts/tiamat/hardware/default.nix | 1 | ||||
| -rw-r--r-- | secrets/nheko/conf.isimud | 47 | ||||
| -rw-r--r-- | secrets/secrets.nix | 3 | ||||
| -rw-r--r-- | system/disks/default.nix | 3 | ||||
| -rw-r--r-- | system/services/steam/default.nix | 2 |
13 files changed, 85 insertions, 24 deletions
diff --git a/flake/default.nix b/flake/default.nix index 2935bb51..9c6e2033 100644 --- a/flake/default.nix +++ b/flake/default.nix @@ -123,7 +123,7 @@ in { ; }; packages."${system}" = import ./packages { - inherit nixos-generators defaultSpecialArgs pkgs sysLib; + inherit nixos-generators defaultSpecialArgs defaultModules pkgs sysLib; inherit (pkgs) lib; }; diff --git a/flake/packages/default.nix b/flake/packages/default.nix index 80efcc05..4ab68775 100644 --- a/flake/packages/default.nix +++ b/flake/packages/default.nix @@ -1,6 +1,7 @@ { nixos-generators, defaultSpecialArgs, + defaultModules, pkgs, sysLib, ... @@ -19,9 +20,11 @@ in gpg-iso = nixos-generators.nixosGenerate { system = "x86_64-linux"; specialArgs = defaultSpecialArgs; - modules = [ - ../../hosts/isimud - ]; + modules = + [ + ../../hosts/isimud + ] + ++ defaultModules; format = "iso"; }; } diff --git a/home-manager/wms/river/default.nix b/home-manager/wms/river/default.nix index 38b60ab8..43a47b1a 100644 --- a/home-manager/wms/river/default.nix +++ b/home-manager/wms/river/default.nix @@ -13,7 +13,7 @@ err_fail riverctl keyboard-layout 'us' err_fail river_init_lesser ~/.config/river/res/moonlander.ron '' - else if hostName == "lahmu" || hostName == "apzu" || hostName == "mammun" + else if hostName == "lahmu" || hostName == "apzu" || hostName == "mammun" || hostName == "isimud" then '' err_fail riverctl keyboard-layout 'dvorak' err_fail river_init_lesser ~/.config/river/res/keys.ron @@ -30,7 +30,7 @@ err_fail wlr-randr --output DP-1 --scale 1.5 --pos 0,0 err_fail gammastep & '' - else if hostName == "apzu" || hostName == "mammun" + else if hostName == "apzu" || hostName == "mammun" || hostName == "isimud" then '' err_fail gammastep & '' diff --git a/hosts/apzu/hardware/default.nix b/hosts/apzu/hardware/default.nix index 137b2d02..a208c94c 100644 --- a/hosts/apzu/hardware/default.nix +++ b/hosts/apzu/hardware/default.nix @@ -8,6 +8,7 @@ nixpkgs.hostPlatform = "x86_64-linux"; soispha.disks = { + enable = true; disk = "/dev/disk/by-id/nvme-INTEL_SSDPEKNU512GZH_PHKA1481032A512A_1"; ssd = true; swap = { diff --git a/hosts/isimud/default.nix b/hosts/isimud/default.nix index 8c5387ef..ec4e623c 100644 --- a/hosts/isimud/default.nix +++ b/hosts/isimud/default.nix @@ -2,18 +2,20 @@ imports = [ ./hardware ./networking.nix + ../../system ]; - console = { - keyMap = "dvorak"; - }; - - # enable gnome - services.xserver = { - enable = true; - layout = "dvorak"; - displayManager.gdm.enable = true; - desktopManager.gnome.enable = true; + soispha = { + locale = { + enable = true; + keyMap = "dvorak"; + }; + fs.backup = { + enable = false; + }; + users = { + hashedPassword = "$y$jFT$YvneNBxEtbrysV2OMG0X30$eKHdzZxJkjD3pXuGOuqbnTaeym5.4ik6kxhE.rJxs3."; + }; }; system.stateVersion = "23.05"; diff --git a/hosts/isimud/hardware/default.nix b/hosts/isimud/hardware/default.nix index da4ded8d..f55365b3 100644 --- a/hosts/isimud/hardware/default.nix +++ b/hosts/isimud/hardware/default.nix @@ -13,9 +13,12 @@ nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; + soispha.disks = { + enable = false; + }; + boot = { kernelModules = []; - kernelPackages = pkgs.linuxPackages_6_1; # use this kernel, as it's supported by zfs - zfs.enableUnstable = true; # Default zfs is "broken" (to nixos) on the newest kernel + kernelPackages = lib.mkDefault pkgs.linuxPackages_6_1; # use this kernel, as it's supported by zfs }; } diff --git a/hosts/isimud/networking.nix b/hosts/isimud/networking.nix index 3dfd7e84..58c84ee5 100644 --- a/hosts/isimud/networking.nix +++ b/hosts/isimud/networking.nix @@ -1,7 +1,4 @@ -{ - lib, - ... -}: { +{lib, ...}: { # Disable networking networking.useDHCP = lib.mkForce false; networking.interfaces = lib.mkForce {}; diff --git a/hosts/tiamat/default.nix b/hosts/tiamat/default.nix index 73c04606..3aa291c2 100644 --- a/hosts/tiamat/default.nix +++ b/hosts/tiamat/default.nix @@ -7,6 +7,9 @@ ]; soispha = { + services.steam = { + enable = true; + }; locale = { enable = true; keyMap = "us"; diff --git a/hosts/tiamat/hardware/default.nix b/hosts/tiamat/hardware/default.nix index dd0dd7d9..95a3ce43 100644 --- a/hosts/tiamat/hardware/default.nix +++ b/hosts/tiamat/hardware/default.nix @@ -8,6 +8,7 @@ nixpkgs.hostPlatform = "x86_64-linux"; soispha.disks = { + enable = true; disk = "/dev/disk/by-id/nvme-CT1000P5SSD8_21032C857568"; ssd = true; swap = { diff --git a/secrets/nheko/conf.isimud b/secrets/nheko/conf.isimud new file mode 100644 index 00000000..ef6c52b6 --- /dev/null +++ b/secrets/nheko/conf.isimud @@ -0,0 +1,47 @@ +-----BEGIN AGE ENCRYPTED FILE----- +YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAwa0Fvb0p0aU5yRGFCSm5h +d1lNSWc3aWl1NS9FcXpsalVVVGpuZGNRMnlrClVBM2R3aXpSa3pjZFpQbEV0Njcv +QUkySlJRNkV3THBjYUt3RWY3ZWRtaTgKLT4gc3NoLWVkMjU1MTkgN0hmRlV3IHda +dUU2WEwxdjNIZ0R2Wi9rbFQyb1l1TlFBZUJMWlFuMXZNSWZaZFIza2MKVGwyOExv +cW5GK0JsOFVRLzloaVUyQjhvYzR5QnNIc1RTaStISXdnT003ZwotPiBjejctZ3Jl +YXNlIFR9UFRJZyAwTjpdfCBrXlc4TXVnCmlHWTBMOUhPWU4vTzV1ZWFZVTVzTTRC +aitrNHJMQlBrMm85bWhBU29ONHpvSnkvSEFzcnZOTk5Ma1FNM20yVDUKMGF0M25C +UzR5RDdrN3cKLS0tIFNUQk1jU05lSStkQXdYMkttYjY2UVczMi9xZkhZYkdIQWw1 +RkpIOTBvWncKIACBrSaYzKJ84Kjpj57B/WC2vjIvvDAfy3TF1gVEWFOUgYkCpO52 +4sjWpd3JVpdLzsJczS7Ty0HZYBlmz3Qtejf7x6b4xftJSari5WUK6loGtmGKbgJW +lk2LZonpTsnyyALFavanlQKkv1isR9jqWxRe0KZu76zbX/QTUVfHyjV+4m6kleUI +ZJj1mLUKxYdJn2aGyTr4kwTfbLYR8/xxJYGqPUmCrFrLhsr7qy/yBXvPyIfJ+sd/ +ab2/Qz2U8wE8d0JRiwoguFaRTbrIKBzliF84CrbDznJtLQjn02zbc78lzn4n/7MV +3VArXkqw1pICkbrfLl1+own3Mw6ge73tDnSunzgJWBKSOFOrs/b/J1uMMjoiTGWi +THy8+asIFw/zZTmrUnlfmm0gE20nm/HYTJ+428nGrMwdh++LqgocxqX+CNcNTT56 +QhXwR3JuliST8jptRaFo8fzoJUImclSj+o3X2/KORm4fS8u67lcDA6KB/lw6WOie +UE09CVsrkR4X7ACe5Y7PYr0fWYNh1PrYxIabYttQq3aus5SunfkrCX+/+xtbMNsm +FX0TxMintrp3UV4eWEZzsHNz18PaXtyZTFCF4sTmnxjfP7TelZRTHNh/LbKLFrqL +kna9ChqIUiHIEYbugkZsSWUICWMbEGBWQxD4CT6DfGuve4vOgw5FWtqdvHz43f0j +9Agjvab5H+fBvDJTbJiHOFn681Wl219hR4z1plM1eVu+59JIFECVeEePoDrjGy9n +K50HUNs5Vq0p8RFus2BbjTuECmggkzd0P7mZb34bVo6K/89lCny21WeGyhwim8Hr +KKBmpm+hCh7gikBKXP0tnpmt4A5sPg30+YxePgaKCNtUjLLnN4moEGzzAsks1qsJ +GYvzSZv7AmTfyww2cjVm9ZSrlo4EHL5dMPEVBHpy6pcSV6WotkZiDklYPD4g0ZO2 +wgbLU5/YDhve9FOKoP7Y4wocP18O6ffjiPVeCg9XDUmoKq5Y/Ea1d317q973G2hf +YxUD8z9I8+fGlfqmgIjJZx8/0wTFlrCxI1oam6xPDmbSjrdVI+nr/2lfNqy/VOYN +SQMr/Po7DcAwB5SS4ItxYXKYo9FAFyoHAljYhV156l7dveqehZDKaqBzBF+pCefQ +BfiwvYg3by/R9jtMdh6MwfMeF1Z0siJdrPouIKmsuITLexuj85GkzPzSPDa69H2s +iInDepGDX2YvH2BUsUi8QPwoxRXROFwDqaIpA/aaPf224YN7D46TzU+a2HQzlpmV +xWqh/pBEwKdTpbgtdoG9GLrETDD5/2FV9FiQXxQgvV8934nlOAvdwHEJqGMlNIT2 +mlNhZyx49lOfx8BFP+NXb2adUY49Aahkdx4/uB6fN0H/RyNh39R74DCbjvIQUxRV +OUKyWZ2a2wSbZbA6tNmB5sXYtfCUOZLfE8mUwJgUSVrEccQ7UlSlEy9+gZDiHjS+ +OYnTBdRdG2AjPy3mBAdfqooTdzQwT5HNnFskg7Q3wnWRf230yZ6Qr2lBOyBgtnm1 +Hj8fI9VrACfAtYMIWUarBAnnoWHB1pHfoZOui6Zr4jtqlH7lgOAUFx/b60g4SsSF +jAJnRCFyUYbTv53GefabjkDg3WkCiyxrNhr7gS7oONa1qHai/1TQeWPCe9zj9kaR +nMRZQKI1/wmK8szhH7sA+tShtM3ktqkNlIWXuwId3OJ8ne2vcES92NRfyUI8qY39 +atndXRUg47+2MubBZhP1pnLEdxpvdOQVgDIzoNx3mu0mWkSi2K3Dy/Y4mZGVaee/ +K98cPo3S42eKEulsN/iyTWD1nJpaDNp4fWDCDMSK8dy7vSWYcT3htzzR3a4WIlLk +PV3/7l99y/HLjlJmqUwRri1hydRdC74Lk3FSV6gc6snn54WnaLUCVOpCIgHefNVr +zYmUR+4I6zioxp9540zrD8YvrK8YSSs47PtbpDYI8E9O4L7+uy7gujwJtSupZVRc +BP48+5NddK3gpQt4BagYj6CO/vENwDmUiA+kUM9WdQbnV/lmeNPdqm2VjVbxNObZ +5xHlXODOOCVg+LSpFybFT+3A2MNA/jRKGID5Kai0a9c7jY/XIrUdIaCpyVylj2dX +4JDC6AsRb1VXu7FaqhLhOabZZzW+o8m94ZjayWA2BT3IMf5Kd6eq+v9zh5RPlvtu +vcoLBTEsLPZeAyERpaTto431yRqzSKMvDQ6nwpXbdIcHLIvbp+utRoaqtel2JGO4 +PBz21qEI/ACc6sDhyUHHLz+MybEQilTSrBJ+jYSohFfm0DEpG8cThgm6mMSDUMEM +6ehgKHIYdlMa7YIBcIpJBsl8Xs6If2+FA7cbeh6xqbw= +-----END AGE ENCRYPTED FILE----- diff --git a/secrets/secrets.nix b/secrets/secrets.nix index 82f4bdcb..36757546 100644 --- a/secrets/secrets.nix +++ b/secrets/secrets.nix @@ -7,6 +7,9 @@ in { "nheko/conf.tiamat".publicKeys = [soispha tiamat]; "nheko/conf.apzu".publicKeys = [soispha apzu]; + # only here to satisfy the nix evaluation + "nheko/conf.isimud".publicKeys = [soispha]; + "serverphone/ca.key".publicKeys = [soispha tiamat apzu]; "serverphone/server.key".publicKeys = [soispha tiamat apzu]; } diff --git a/system/disks/default.nix b/system/disks/default.nix index 56260c7a..56fb550d 100644 --- a/system/disks/default.nix +++ b/system/disks/default.nix @@ -12,6 +12,7 @@ ]; in { options.soispha.disks = { + enable = lib.mkEnableOption "disk setup with disko"; disk = lib.mkOption { type = lib.types.path; example = lib.literalExpression "/dev/disk/by-uuid/0442cb6d-f13a-4635-b487-fa76189774c5"; @@ -37,7 +38,7 @@ in { }; }; - config = { + config = lib.mkIf cfg.enable { systemd = lib.recursiveUpdate (import ./hibernate.nix {inherit pkgs;}) (import ./fstrim.nix {inherit pkgs lib cfg;}); disko.devices = { diff --git a/system/services/steam/default.nix b/system/services/steam/default.nix index 53a7d214..d5eede9e 100644 --- a/system/services/steam/default.nix +++ b/system/services/steam/default.nix @@ -7,7 +7,7 @@ in { options.soispha.services.steam = { enable = lib.mkOption { - default = true; + default = false; description = lib.mdDoc "Enable Steam"; }; }; |