From 65174b4b5c05bb143e6681a4cbcd0a95f04987e2 Mon Sep 17 00:00:00 2001 From: Caroline Larimore Date: Thu, 18 Jul 2024 23:39:42 -0700 Subject: Begin modularization! --- configuration.nix | 134 --------------------------- flake.lock | 94 ++++++++++++++++++- flake.nix | 35 ++++--- hardware-configuration.nix | 51 ---------- home.nix | 130 -------------------------- home/default.nix | 1 + hosts/c-pc/configuration.nix | 139 ++++++++++++++++++++++++++++ hosts/c-pc/hardware-configuration.nix | 51 ++++++++++ hosts/c-pc/home.nix | 130 ++++++++++++++++++++++++++ hosts/c-pc/networking.nix | 27 ++++++ hosts/copenhagen/configuration.nix | 99 ++++++++++++++++++++ hosts/copenhagen/hardware-configuration.nix | 46 +++++++++ roles/default.nix | 9 ++ roles/desktop/default.nix | 61 ++++++++++++ roles/desktop/input.nix | 31 +++++++ roles/desktop/xserver.nix | 28 ++++++ roles/minecraft/default.nix | 29 ++++++ roles/minecraft/servers/default.nix | 7 ++ roles/minecraft/servers/test.nix | 67 ++++++++++++++ roles/web/default.nix | 9 ++ roles/web/proxy/default.nix | 28 ++++++ roles/web/stargazers/default.nix | 37 ++++++++ roles/web/test/default.nix | 37 ++++++++ system/default.nix | 11 --- system/fonts.nix | 24 ----- system/keyboard.nix | 34 ------- system/networking.nix | 27 ------ system/pipewire.nix | 13 --- system/xserver.nix | 37 -------- 29 files changed, 949 insertions(+), 477 deletions(-) delete mode 100644 configuration.nix delete mode 100644 hardware-configuration.nix delete mode 100644 home.nix create mode 100644 hosts/c-pc/configuration.nix create mode 100644 hosts/c-pc/hardware-configuration.nix create mode 100644 hosts/c-pc/home.nix create mode 100644 hosts/c-pc/networking.nix create mode 100644 hosts/copenhagen/configuration.nix create mode 100644 hosts/copenhagen/hardware-configuration.nix create mode 100644 roles/default.nix create mode 100644 roles/desktop/default.nix create mode 100644 roles/desktop/input.nix create mode 100644 roles/desktop/xserver.nix create mode 100644 roles/minecraft/default.nix create mode 100644 roles/minecraft/servers/default.nix create mode 100644 roles/minecraft/servers/test.nix create mode 100644 roles/web/default.nix create mode 100644 roles/web/proxy/default.nix create mode 100644 roles/web/stargazers/default.nix create mode 100644 roles/web/test/default.nix delete mode 100644 system/default.nix delete mode 100644 system/fonts.nix delete mode 100644 system/keyboard.nix delete mode 100644 system/networking.nix delete mode 100644 system/pipewire.nix delete mode 100644 system/xserver.nix diff --git a/configuration.nix b/configuration.nix deleted file mode 100644 index 9a29307..0000000 --- a/configuration.nix +++ /dev/null @@ -1,134 +0,0 @@ -{ config, lib, pkgs, inputs, ... }: - -{ - imports = [ - ./hardware-configuration.nix - ./system - ]; - - nix.settings.experimental-features = [ "nix-command" "flakes" ]; - - fileSystems."/persist".neededForBoot = true; - environment.persistence."/persist/system" = { - hideMounts = true; - directories = [ - "/etc/nixos" - "/var/log" - "/var/lib/nixos" - "/var/lib/systemd/coredump" - #"/var/lib/bluetooth" - ]; - files = [ - "/etc/machine-id" - ]; - }; - - programs.fuse.userAllowOther = true; - home-manager = { - extraSpecialArgs = { inherit inputs; }; - users = { - "c" = import ./home.nix; - }; - }; - - environment = { - localBinInPath = true; - - interactiveShellInit = '' - alias ssh="kitty +kitten ssh" - - alias lsa="ls -lAsh" - alias c="codium ." - alias p="nix-shell -p" - - mkcd() { - mkdir -p "$1" - cd "$1" - } - ''; - - variables = { - EDITOR = "${pkgs.vim}/bin/vim"; - }; - }; - - time.timeZone = "America/Los_Angeles"; - - users.users = { - root.hashedPasswordFile = "/persist/secrets/passwords/root"; - - "c" = { - isNormalUser = true; - hashedPasswordFile = "/persist/secrets/passwords/c"; - extraGroups = [ "wheel" ]; - }; - }; - - nixpkgs.config.allowUnfreePredicate = pkg: builtins.elem (lib.getName pkg) [ - "steam" - "steam-original" - "steam-run" - ]; - - environment.systemPackages = with pkgs; [ - (writeShellScriptBin "rb" "sudo nixos-rebuild switch --flake /etc/nixos#default") - (writeShellScriptBin "rbf" "sudo nixos-rebuild switch --flake path:/etc/nixos#default") - (writeShellScriptBin "toys" "nix-shell -p cmatrix asciiquarium pipes cowsay figlet neofetch") - - git - vim - wget - firefox - wineWowPackages.stable - winetricks - - pulseaudio - playerctl - - ffmpeg - jellyfin - - killall - - go - jdk21 - - lutris - libGL - ]; - - programs = { - steam.enable = true; - - gnupg.agent = { - enable = true; - enableSSHSupport = true; - }; - - dconf.enable = true; - }; - - services = { - pcscd.enable = true; - printing.enable = true; - }; - - # This option defines the first version of NixOS you have installed on this particular machine, - # and is used to maintain compatibility with application data (e.g. databases) created on older NixOS versions. - # - # Most users should NEVER change this value after the initial install, for any reason, - # even if you've upgraded your system to a new NixOS release. - # - # This value does NOT affect the Nixpkgs version your packages and OS are pulled from, - # so changing it will NOT upgrade your system. - # - # This value being lower than the current NixOS release does NOT mean your system is - # out of date, out of support, or vulnerable. - # - # Do NOT change this value unless you have manually inspected all the changes it would make to your configuration, - # and migrated your data accordingly. - # - # For more information, see `man configuration.nix` or https://nixos.org/manual/nixos/stable/options#opt-system.stateVersion . - system.stateVersion = "23.11"; # Did you read the comment? 🤨 -} - diff --git a/flake.lock b/flake.lock index ef2610b..a83f0cf 100644 --- a/flake.lock +++ b/flake.lock @@ -1,5 +1,39 @@ { "nodes": { + "flake-compat": { + "flake": false, + "locked": { + "lastModified": 1673956053, + "narHash": "sha256-4gtG9iQuiKITOjNQQeQIpoIB6b16fm+504Ch3sNKLd8=", + "owner": "edolstra", + "repo": "flake-compat", + "rev": "35bb57c0c8d8b62bbfd284272c928ceb64ddbde9", + "type": "github" + }, + "original": { + "owner": "edolstra", + "repo": "flake-compat", + "type": "github" + } + }, + "flake-utils": { + "inputs": { + "systems": "systems" + }, + "locked": { + "lastModified": 1681202837, + "narHash": "sha256-H+Rh19JDwRtpVPAWp64F+rlEtxUWBAQW28eAi3SRSzg=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "cfacdce06f30d2b68473a46042957675eebb3401", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, "home-manager": { "inputs": { "nixpkgs": [ @@ -35,13 +69,49 @@ "type": "github" } }, + "nix-minecraft": { + "inputs": { + "flake-compat": "flake-compat", + "flake-utils": "flake-utils", + "nixpkgs": "nixpkgs" + }, + "locked": { + "lastModified": 1721343928, + "narHash": "sha256-Ly3BzMJs1raGQAtheNRZH/PcNcjfu18G1AJ8dkyymWI=", + "owner": "CartConnoisseur", + "repo": "nix-minecraft", + "rev": "40aa0fa24f1d0e57ade2d68512a915779a1fe201", + "type": "github" + }, + "original": { + "owner": "CartConnoisseur", + "repo": "nix-minecraft", + "type": "github" + } + }, "nixpkgs": { "locked": { - "lastModified": 1720957393, - "narHash": "sha256-oedh2RwpjEa+TNxhg5Je9Ch6d3W1NKi7DbRO1ziHemA=", + "lastModified": 1715266358, + "narHash": "sha256-doPgfj+7FFe9rfzWo1siAV2mVCasW+Bh8I1cToAXEE4=", "owner": "nixos", "repo": "nixpkgs", - "rev": "693bc46d169f5af9c992095736e82c3488bf7dbb", + "rev": "f1010e0469db743d14519a1efd37e23f8513d714", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_2": { + "locked": { + "lastModified": 1721138476, + "narHash": "sha256-+W5eZOhhemLQxelojLxETfbFbc19NWawsXBlapYpqIA=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "ad0b5eed1b6031efaed382844806550c3dcb4206", "type": "github" }, "original": { @@ -55,7 +125,23 @@ "inputs": { "home-manager": "home-manager", "impermanence": "impermanence", - "nixpkgs": "nixpkgs" + "nix-minecraft": "nix-minecraft", + "nixpkgs": "nixpkgs_2" + } + }, + "systems": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" } } }, diff --git a/flake.nix b/flake.nix index 38bdf53..00480f9 100644 --- a/flake.nix +++ b/flake.nix @@ -4,26 +4,37 @@ inputs = { nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable"; - impermanence = { - url = "github:nix-community/impermanence"; - }; - home-manager = { url = "github:nix-community/home-manager"; inputs.nixpkgs.follows = "nixpkgs"; }; + + impermanence.url = "github:nix-community/impermanence"; + + nix-minecraft.url = "github:CartConnoisseur/nix-minecraft"; }; outputs = {nixpkgs, ...} @ inputs: { - nixosConfigurations.default = nixpkgs.lib.nixosSystem { - specialArgs = {inherit inputs;}; - modules = [ - ./configuration.nix - - inputs.home-manager.nixosModules.default - inputs.impermanence.nixosModules.impermanence - ]; + nixosConfigurations = { + default = nixpkgs.lib.nixosSystem { + specialArgs = { inherit inputs; }; + modules = [ + ./hosts/c-pc/configuration.nix + inputs.home-manager.nixosModules.default + inputs.impermanence.nixosModules.impermanence + inputs.nix-minecraft.nixosModules.minecraft-servers + ]; + }; + + copenhagen = nixpkgs.lib.nixosSystem { + specialArgs = { inherit inputs; }; + modules = [ + ./hosts/copenhagen/configuration.nix + inputs.home-manager.nixosModules.default + inputs.nix-minecraft.nixosModules.minecraft-servers + ]; + }; }; }; } diff --git a/hardware-configuration.nix b/hardware-configuration.nix deleted file mode 100644 index c268ff8..0000000 --- a/hardware-configuration.nix +++ /dev/null @@ -1,51 +0,0 @@ -{ config, lib, pkgs, modulesPath, ... }: - -{ - imports = [ - (modulesPath + "/installer/scan/not-detected.nix") - ]; - - boot = { - loader.grub = { - enable = true; - - zfsSupport = true; - efiSupport = true; - efiInstallAsRemovable = true; - mirroredBoots = [ - { devices = [ "nodev" ]; path = "/boot"; } - ]; - }; - - initrd = { - availableKernelModules = [ "xhci_pci" "ahci" "usb_storage" "usbhid" "sd_mod" ]; - kernelModules = [ "amdgpu" ]; - - postDeviceCommands = lib.mkAfter '' - zfs rollback -r zpool/root@blank && zfs rollback -r zpool/home@blank - ''; - }; - - kernelModules = [ "kvm-amd" ]; - extraModulePackages = [ ]; - - supportedFilesystems = [ "ntfs" ]; - }; - - fileSystems = { - "/" = { fsType = "zfs"; device = "zpool/root"; }; - "/home" = { fsType = "zfs"; device = "zpool/home"; }; - "/persist" = { fsType = "zfs"; device = "zpool/persist"; }; - "/nix" = { fsType = "zfs"; device = "zpool/nix"; }; - - "/boot" = { fsType = "vfat"; device = "/dev/disk/by-uuid/12CE-A600"; }; - - "/mnt/4tb" = { fsType = "ext4"; device = "/dev/disk/by-label/4tb"; }; - "/mnt/ssd" = { fsType = "ext4"; device = "/dev/disk/by-label/ssd-256"; }; - }; - - swapDevices = [ ]; - - nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; - hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; -} diff --git a/home.nix b/home.nix deleted file mode 100644 index 66392f2..0000000 --- a/home.nix +++ /dev/null @@ -1,130 +0,0 @@ -{ lib, pkgs, inputs, config, ...}: - -{ - imports = [ - inputs.impermanence.nixosModules.home-manager.impermanence - - ./home - ]; - - # theme.nix is an untracked symlink to a theme under ./themes/ - # This lets me switch out my theme without making changes in git - theme = import ./theme.nix; - - home.stateVersion = "23.11"; - - home.persistence."/persist/home" = { - directories = [ - "Downloads" - "Documents" - "Pictures" - "Videos" - "Music" - "Games" - "Persist" - - "code" - - ".gnupg" - ".ssh" - - ".local/bin" - ".local/share/applications" - - ".mozilla" - ".wine" - - ".irssi" - ".config/discord" - ".config/Vencord" - ".config/vesktop" - - ".config/Obsidian" - - ".config/cmus" - - ".config/fcitx" - ".config/fcitx5" - - { - directory = ".local/share/Steam"; - method = "symlink"; - } - - ".config/qBittorrent" - ".local/share/qBittorrent" - ".cache/qBittorrent" - - ".config/jellyfin" - ".local/share/jellyfin" - ".cache/jellyfin" - - ".local/share/Anki2" - ".local/share/lutris" - ".local/share/PrismLauncher" - - ".config/nicotine" - ".local/share/nicotine" - ]; - files = [ - ".Xresources" - ]; - allowOther = true; - }; - - programs = { - feh.enable = true; - btop.enable = true; - tmux.enable = true; - - zoxide.enable = true; - }; - - nixpkgs.config.allowUnfreePredicate = pkg: builtins.elem (lib.getName pkg) [ - "discord" - "obsidian" - ]; - - home.packages = with pkgs; [ - (writeShellScriptBin "switch-theme" '' - #!/usr/bin/env bash - - cd /etc/nixos - - rm theme.nix - ln -s ./themes/$1.nix theme.nix - - sudo nixos-rebuild switch --flake /etc/nixos#default - - i3-msg restart - '') - - pfetch - - kdePackages.breeze - - irssi - - qbittorrent - nicotine-plus - jellyfin-media-player - mkvtoolnix - - gimp - - anki-bin - - obsidian - prismlauncher - - #TODO: latest update broke - # jetbrains.idea-community - - cloc - cmus - ]; - - home.file = { - ".0b".source = config.lib.file.mkOutOfStoreSymlink "${config.home.homeDirectory}/.local/share/PrismLauncher/instances/0b/.minecraft"; - }; -} diff --git a/home/default.nix b/home/default.nix index a7eceb9..385e750 100644 --- a/home/default.nix +++ b/home/default.nix @@ -1,5 +1,6 @@ { ... }: +#TODO: properly migrate to a module/role { imports = [ ./discord.nix diff --git a/hosts/c-pc/configuration.nix b/hosts/c-pc/configuration.nix new file mode 100644 index 0000000..73797ea --- /dev/null +++ b/hosts/c-pc/configuration.nix @@ -0,0 +1,139 @@ +{ config, lib, pkgs, inputs, ... }: + +{ + imports = [ + ./hardware-configuration.nix + ./networking.nix + ../../roles + ]; + + nix.settings.experimental-features = [ "nix-command" "flakes" ]; + + fileSystems."/persist".neededForBoot = true; + environment.persistence."/persist/system" = { + hideMounts = true; + directories = [ + "/etc/nixos" + "/var/log" + "/var/lib/nixos" + "/var/lib/systemd/coredump" + #"/var/lib/bluetooth" + ]; + files = [ + "/etc/machine-id" + ]; + }; + + programs.fuse.userAllowOther = true; + home-manager = { + extraSpecialArgs = { inherit inputs; }; + users = { + "c" = import ./home.nix; + }; + }; + + environment = { + localBinInPath = true; + + interactiveShellInit = '' + alias kitty-ssh="kitty +kitten ssh" + + alias lsa="ls -lAsh" + alias c="codium ." + alias p="nix-shell -p" + + mkcd() { + mkdir -p "$1" + cd "$1" + } + ''; + + variables = { + EDITOR = "${pkgs.vim}/bin/vim"; + }; + }; + + time.timeZone = "America/Los_Angeles"; + + users.users = { + root.hashedPasswordFile = "/persist/secrets/passwords/root"; + + "c" = { + isNormalUser = true; + hashedPasswordFile = "/persist/secrets/passwords/c"; + extraGroups = [ "wheel" ]; + }; + }; + + nixpkgs.config.allowUnfreePredicate = pkg: builtins.elem (lib.getName pkg) [ + "steam" + "steam-original" + "steam-run" + ]; + + roles = { + desktop.enable = true; + }; + + programs = { + steam.enable = true; + + gnupg.agent = { + enable = true; + enableSSHSupport = true; + }; + + dconf.enable = true; + }; + + services = { + pcscd.enable = true; + printing.enable = true; + }; + + environment.systemPackages = with pkgs; [ + (writeShellScriptBin "rb" "sudo nixos-rebuild switch --flake /etc/nixos#default") + (writeShellScriptBin "rbf" "sudo nixos-rebuild switch --flake path:/etc/nixos#default") + (writeShellScriptBin "toys" "nix-shell -p cmatrix asciiquarium pipes cowsay figlet neofetch") + + git + vim + wget + firefox + wineWowPackages.stable + winetricks + + pulseaudio + playerctl + + ffmpeg + jellyfin + + killall + + go + jdk21 + + lutris + libGL + ]; + + # This option defines the first version of NixOS you have installed on this particular machine, + # and is used to maintain compatibility with application data (e.g. databases) created on older NixOS versions. + # + # Most users should NEVER change this value after the initial install, for any reason, + # even if you've upgraded your system to a new NixOS release. + # + # This value does NOT affect the Nixpkgs version your packages and OS are pulled from, + # so changing it will NOT upgrade your system. + # + # This value being lower than the current NixOS release does NOT mean your system is + # out of date, out of support, or vulnerable. + # + # Do NOT change this value unless you have manually inspected all the changes it would make to your configuration, + # and migrated your data accordingly. + # + # For more information, see `man configuration.nix` or https://nixos.org/manual/nixos/stable/options#opt-system.stateVersion . + system.stateVersion = "23.11"; # Did you read the comment? 🤨 +} + diff --git a/hosts/c-pc/hardware-configuration.nix b/hosts/c-pc/hardware-configuration.nix new file mode 100644 index 0000000..c268ff8 --- /dev/null +++ b/hosts/c-pc/hardware-configuration.nix @@ -0,0 +1,51 @@ +{ config, lib, pkgs, modulesPath, ... }: + +{ + imports = [ + (modulesPath + "/installer/scan/not-detected.nix") + ]; + + boot = { + loader.grub = { + enable = true; + + zfsSupport = true; + efiSupport = true; + efiInstallAsRemovable = true; + mirroredBoots = [ + { devices = [ "nodev" ]; path = "/boot"; } + ]; + }; + + initrd = { + availableKernelModules = [ "xhci_pci" "ahci" "usb_storage" "usbhid" "sd_mod" ]; + kernelModules = [ "amdgpu" ]; + + postDeviceCommands = lib.mkAfter '' + zfs rollback -r zpool/root@blank && zfs rollback -r zpool/home@blank + ''; + }; + + kernelModules = [ "kvm-amd" ]; + extraModulePackages = [ ]; + + supportedFilesystems = [ "ntfs" ]; + }; + + fileSystems = { + "/" = { fsType = "zfs"; device = "zpool/root"; }; + "/home" = { fsType = "zfs"; device = "zpool/home"; }; + "/persist" = { fsType = "zfs"; device = "zpool/persist"; }; + "/nix" = { fsType = "zfs"; device = "zpool/nix"; }; + + "/boot" = { fsType = "vfat"; device = "/dev/disk/by-uuid/12CE-A600"; }; + + "/mnt/4tb" = { fsType = "ext4"; device = "/dev/disk/by-label/4tb"; }; + "/mnt/ssd" = { fsType = "ext4"; device = "/dev/disk/by-label/ssd-256"; }; + }; + + swapDevices = [ ]; + + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; + hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; +} diff --git a/hosts/c-pc/home.nix b/hosts/c-pc/home.nix new file mode 100644 index 0000000..9ee1988 --- /dev/null +++ b/hosts/c-pc/home.nix @@ -0,0 +1,130 @@ +{ lib, pkgs, inputs, config, ...}: + +{ + imports = [ + inputs.impermanence.nixosModules.home-manager.impermanence + + ../../home + ]; + + # theme.nix is an untracked symlink to a theme under ./themes/ + # This lets me switch out my theme without making changes in git + theme = import ../../theme.nix; + + home.stateVersion = "23.11"; + + home.persistence."/persist/home" = { + directories = [ + "Downloads" + "Documents" + "Pictures" + "Videos" + "Music" + "Games" + "Persist" + + "code" + + ".gnupg" + ".ssh" + + ".local/bin" + ".local/share/applications" + + ".mozilla" + ".wine" + + ".irssi" + ".config/discord" + ".config/Vencord" + ".config/vesktop" + + ".config/Obsidian" + + ".config/cmus" + + ".config/fcitx" + ".config/fcitx5" + + { + directory = ".local/share/Steam"; + method = "symlink"; + } + + ".config/qBittorrent" + ".local/share/qBittorrent" + ".cache/qBittorrent" + + ".config/jellyfin" + ".local/share/jellyfin" + ".cache/jellyfin" + + ".local/share/Anki2" + ".local/share/lutris" + ".local/share/PrismLauncher" + + ".config/nicotine" + ".local/share/nicotine" + ]; + files = [ + ".Xresources" + ]; + allowOther = true; + }; + + programs = { + feh.enable = true; + btop.enable = true; + tmux.enable = true; + + zoxide.enable = true; + }; + + nixpkgs.config.allowUnfreePredicate = pkg: builtins.elem (lib.getName pkg) [ + "discord" + "obsidian" + ]; + + home.packages = with pkgs; [ + (writeShellScriptBin "switch-theme" '' + #!/usr/bin/env bash + + cd /etc/nixos + + rm theme.nix + ln -s ./themes/$1.nix theme.nix + + sudo nixos-rebuild switch --flake /etc/nixos#default + + i3-msg restart + '') + + pfetch + + kdePackages.breeze + + irssi + + qbittorrent + nicotine-plus + jellyfin-media-player + mkvtoolnix + + gimp + + anki-bin + + obsidian + prismlauncher + + #TODO: latest update broke + # jetbrains.idea-community + + cloc + cmus + ]; + + home.file = { + ".0b".source = config.lib.file.mkOutOfStoreSymlink "${config.home.homeDirectory}/.local/share/PrismLauncher/instances/0b/.minecraft"; + }; +} diff --git a/hosts/c-pc/networking.nix b/hosts/c-pc/networking.nix new file mode 100644 index 0000000..31632c1 --- /dev/null +++ b/hosts/c-pc/networking.nix @@ -0,0 +1,27 @@ +{ ... }: + +{ + networking = { + hostName = "c-pc"; + hostId = "23ce94ff"; + + useDHCP = true; + + wireless = { + enable = true; + + environmentFile = "/persist/secrets/wireless.env"; + networks = { + "The Dwyers".psk = "@PSK@"; + }; + }; + + firewall = { + enable = false; + + allowedTCPPorts = [ 8096 50000 ]; + allowedUDPPorts = [ ]; + }; + }; +} + diff --git a/hosts/copenhagen/configuration.nix b/hosts/copenhagen/configuration.nix new file mode 100644 index 0000000..21a2e98 --- /dev/null +++ b/hosts/copenhagen/configuration.nix @@ -0,0 +1,99 @@ +{ config, lib, pkgs, inputs, ... }: + +{ + imports = [ + ./hardware-configuration.nix + ../../roles + ]; + + nix.settings.experimental-features = [ "nix-command" "flakes" ]; + + networking.hostName = "copenhagen"; + time.timeZone = "America/Los_Angeles"; + + # home-manager = { + # extraSpecialArgs = { inherit inputs; }; + # users = { + # "c" = import ./home.nix; + # }; + # }; + + environment = { + localBinInPath = true; + + interactiveShellInit = '' + alias lsa="ls -lAsh" + alias c="codium ." + alias p="nix-shell -p" + + mkcd() { + mkdir -p "$1" + cd "$1" + } + ''; + + variables = { + EDITOR = "${pkgs.vim}/bin/vim"; + }; + }; + + users.users = { + root.password = "password"; + + "c" = { + isNormalUser = true; + password = "password"; + extraGroups = [ "wheel" "minecraft" ]; + }; + }; + + environment.systemPackages = with pkgs; [ + (writeShellScriptBin "rb" "sudo nixos-rebuild switch --flake /etc/nixos#copenhagen") + (writeShellScriptBin "rbf" "sudo nixos-rebuild switch --flake path:/etc/nixos#copenhagen") + + git + vim + wget + killall + ffmpeg + ]; + + roles = { + minecraft = { + enable = true; + servers = { + test = { + enable = true; + port = 25566; + }; + }; + }; + web = { + proxy.enable = true; + stargazers.enable = true; + test.enable = true; + }; + }; + + # services = { + # pcscd.enable = true; + # }; + + # This option defines the first version of NixOS you have installed on this particular machine, + # and is used to maintain compatibility with application data (e.g. databases) created on older NixOS versions. + # + # Most users should NEVER change this value after the initial install, for any reason, + # even if you've upgraded your system to a new NixOS release. + # + # This value does NOT affect the Nixpkgs version your packages and OS are pulled from, + # so changing it will NOT upgrade your system. + # + # This value being lower than the current NixOS release does NOT mean your system is + # out of date, out of support, or vulnerable. + # + # Do NOT change this value unless you have manually inspected all the changes it would make to your configuration, + # and migrated your data accordingly. + # + # For more information, see `man configuration.nix` or https://nixos.org/manual/nixos/stable/options#opt-system.stateVersion . + system.stateVersion = "23.11"; # Did you read the comment? 🤨 +} \ No newline at end of file diff --git a/hosts/copenhagen/hardware-configuration.nix b/hosts/copenhagen/hardware-configuration.nix new file mode 100644 index 0000000..be9ad1c --- /dev/null +++ b/hosts/copenhagen/hardware-configuration.nix @@ -0,0 +1,46 @@ +{ config, lib, pkgs, modulesPath, ... }: + +{ + imports = [ + (modulesPath + "/installer/scan/not-detected.nix") + ]; + + # boot = { + # loader.grub = { + # enable = true; + + # efiSupport = true; + # efiInstallAsRemovable = true; + # mirroredBoots = [ + # { devices = [ "nodev" ]; path = "/boot"; } + # ]; + # }; + + # initrd = { + # availableKernelModules = [ "xhci_pci" "ahci" "usb_storage" "usbhid" "sd_mod" ]; + # kernelModules = [ ]; + # }; + + # kernelModules = [ "kvm-amd" ]; + # extraModulePackages = [ ]; + + # supportedFilesystems = [ "ntfs" ]; + # }; + + # fileSystems = { + # "/" = { fsType = "zfs"; device = "zpool/root"; }; + # "/home" = { fsType = "zfs"; device = "zpool/home"; }; + # "/persist" = { fsType = "zfs"; device = "zpool/persist"; }; + # "/nix" = { fsType = "zfs"; device = "zpool/nix"; }; + + # "/boot" = { fsType = "vfat"; device = "/dev/disk/by-uuid/12CE-A600"; }; + + # "/mnt/4tb" = { fsType = "ext4"; device = "/dev/disk/by-label/4tb"; }; + # "/mnt/ssd" = { fsType = "ext4"; device = "/dev/disk/by-label/ssd-256"; }; + # }; + + # swapDevices = [ ]; + + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; + # hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; +} diff --git a/roles/default.nix b/roles/default.nix new file mode 100644 index 0000000..420eaeb --- /dev/null +++ b/roles/default.nix @@ -0,0 +1,9 @@ +{ ... }: + +{ + imports = [ + ./desktop + ./minecraft + ./web + ]; +} diff --git a/roles/desktop/default.nix b/roles/desktop/default.nix new file mode 100644 index 0000000..c2fae92 --- /dev/null +++ b/roles/desktop/default.nix @@ -0,0 +1,61 @@ +{ config, pkgs, lib, ... }: +with lib; + +let cfg = config.roles.desktop; in { + imports = [ + ./input.nix + ./xserver.nix + ]; + + options.roles.desktop = { + enable = mkEnableOption "desktop"; + }; + + config = mkIf cfg.enable { + security.rtkit.enable = true; + + i18n.inputMethod.enable = true; + + services = { + displayManager.enable = true; + + xserver = { + enable = true; + displayManager.lightdm.enable = true; + windowManager.i3.enable = true; + }; + + keyd.enable = true; + + pipewire = { + enable = true; + + pulse.enable = true; + alsa.enable = true; + alsa.support32Bit = true; + #jack.enable = true; + }; + }; + + fonts = { + packages = with pkgs; [ + nerdfonts + noto-fonts + noto-fonts-cjk + noto-fonts-cjk-sans + noto-fonts-cjk-serif + noto-fonts-emoji + + minecraftia + ]; + + fontconfig = { + defaultFonts = { + monospace = [ "CaskaydiaMono Nerd Font" ]; + sansSerif = [ "DejaVu Sans" "Noto Sans CJK JP" "Noto Sans" ]; + serif = [ "DejaVu Serif" "Noto Serif CJK JP" "Noto Serif" ]; + }; + }; + }; + }; +} diff --git a/roles/desktop/input.nix b/roles/desktop/input.nix new file mode 100644 index 0000000..20e9da8 --- /dev/null +++ b/roles/desktop/input.nix @@ -0,0 +1,31 @@ +{ pkgs, ... }: + +{ + services.keyd = { + keyboards."*".settings = { + main = { + # Swap alt and meta keys. + # I prefer (physical) alt as my WM modifier key because it + # is easier to reach. This can collide with some programs + # shortcuts if they inlcude alt. Swapping alt and meta fixes + # this by making my WM mod key (software) meta, freeing up alt. + + leftalt = "leftmeta"; + leftmeta = "leftalt"; + + rightalt = "rightmeta"; + rightmeta = "rightalt"; + }; + }; + }; + + i18n.inputMethod = { + type = "fcitx5"; + fcitx5.addons = with pkgs; [ fcitx5-mozc ]; + }; + + environment.variables = { + # Required for fcitx5 support in kitty + GLFW_IM_MODULE = "ibus"; + }; +} diff --git a/roles/desktop/xserver.nix b/roles/desktop/xserver.nix new file mode 100644 index 0000000..461de83 --- /dev/null +++ b/roles/desktop/xserver.nix @@ -0,0 +1,28 @@ +{ pkgs, ... }: + +{ + services.displayManager = { + defaultSession = "none+i3"; + }; + + services.xserver = { + videoDrivers = [ "amdgpu" ]; + + displayManager = { + setupCommands = '' + if ${pkgs.xorg.xrandr}/bin/xrandr --query | grep 2560x1080; then + ${pkgs.xorg.xrandr}/bin/xrandr --output DVI-D-0 --mode 1920x1080 --rate 60 --pos 0x0 + ${pkgs.xorg.xrandr}/bin/xrandr --output DisplayPort-2 --mode 2560x1080 --rate 60 --pos 1920x0 --primary + ${pkgs.xorg.xrandr}/bin/xrandr --output HDMI-A-0 --mode 1920x1080 --rate 75 --pos 4480x0 + elif ${pkgs.xorg.xrandr}/bin/xrandr --query | grep 2560x1440; then + ${pkgs.xorg.xrandr}/bin/xrandr --output DVI-D-0 --mode 1920x1080 --rate 60 --pos 0x360 + ${pkgs.xorg.xrandr}/bin/xrandr --output DisplayPort-2 --mode 2560x1440 --rate 165 --pos 1920x0 --primary + ${pkgs.xorg.xrandr}/bin/xrandr --output DisplayPort-1 --mode 1920x1200 --rate 60 --pos 4480x0 + fi + ''; + }; + + xkb.layout = "us"; +# xkb.options = "eurosign:e,caps:escape"; + }; +} diff --git a/roles/minecraft/default.nix b/roles/minecraft/default.nix new file mode 100644 index 0000000..1af96d8 --- /dev/null +++ b/roles/minecraft/default.nix @@ -0,0 +1,29 @@ +{ config, pkgs, lib, inputs, ... }: +with lib; + +let cfg = config.roles.minecraft; in { + imports = [ + ./servers + ]; + + options.roles.minecraft = { + enable = mkEnableOption "minecraft server role"; + }; + + config = mkIf cfg.enable { + nixpkgs = { + overlays = [ inputs.nix-minecraft.overlay ]; + config.allowUnfreePredicate = pkg: builtins.elem (lib.getName pkg) [ + "minecraft-server" + ]; + }; + + programs.tmux.enable = true; + + services.minecraft-servers = { + enable = true; + eula = true; + openFirewall = true; + }; + }; +} diff --git a/roles/minecraft/servers/default.nix b/roles/minecraft/servers/default.nix new file mode 100644 index 0000000..33ad532 --- /dev/null +++ b/roles/minecraft/servers/default.nix @@ -0,0 +1,7 @@ +{ ... }: + +{ + imports = [ + ./test.nix + ]; +} diff --git a/roles/minecraft/servers/test.nix b/roles/minecraft/servers/test.nix new file mode 100644 index 0000000..cba264d --- /dev/null +++ b/roles/minecraft/servers/test.nix @@ -0,0 +1,67 @@ +{ config, pkgs, lib, ... }: +with lib; + +let cfg = config.roles.minecraft.servers.test; in { + options.roles.minecraft.servers.test = { + enable = mkEnableOption "test server role"; + + port = mkOption { + type = types.port; + default = 25565; + description = "server port"; + }; + + start = mkOption { + type = types.bool; + default = false; + description = "autostart"; + }; + }; + + config = mkIf cfg.enable { + services.minecraft-servers.servers.test = { + enable = true; + openFirewall = true; + autoStart = cfg.start; + + package = pkgs.fabricServers.fabric-1_21; + + whitelist = { + "Townscaper" = "57697615-5b5b-4730-bdaf-5f74ff3ab20d"; + "grippysockjail" = "9448c89d-34eb-4e2c-a231-8112eb1a9e4a"; + }; + + operators = { + "Townscaper" = { + uuid = "57697615-5b5b-4730-bdaf-5f74ff3ab20d"; + level = 4; + bypassesPlayerLimit = true; + }; + "grippysockjail" = "9448c89d-34eb-4e2c-a231-8112eb1a9e4a"; + }; + + serverProperties = { + gamemode = 1; + max-players = 1; + motd = ":3"; + port = cfg.port; + }; + + symlinks.mods = pkgs.linkFarmFromDrvs "mods" (builtins.attrValues { + fabric = pkgs.fetchurl { + url = "https://cdn.modrinth.com/data/P7dR8mSH/versions/vMQdA5QJ/fabric-api-0.100.7%2B1.21.jar"; + sha256 = "sha256-grNmYgSekBaTztR1SLbqZCOC6+QNUDLe4hp105qfibA="; + }; + noChatReports = pkgs.fetchurl { + url = "https://cdn.modrinth.com/data/qQyHxfxd/versions/riMhCAII/NoChatReports-FABRIC-1.21-v2.8.0.jar"; + sha256 = "sha256-jskscOeK3ri2dt3mvWLPVmzddwPqBHJ8Ps+VfZ6l9os="; + }; + }); + }; + }; +} + + + + + diff --git a/roles/web/default.nix b/roles/web/default.nix new file mode 100644 index 0000000..bbcc246 --- /dev/null +++ b/roles/web/default.nix @@ -0,0 +1,9 @@ +{ ... }: + +{ + imports = [ + ./proxy + ./stargazers + ./test + ]; +} diff --git a/roles/web/proxy/default.nix b/roles/web/proxy/default.nix new file mode 100644 index 0000000..879ef12 --- /dev/null +++ b/roles/web/proxy/default.nix @@ -0,0 +1,28 @@ +{ config, pkgs, lib, inputs, ... }: +with lib; + +let cfg = config.roles.web.proxy; in { + options.roles.web.proxy = { + enable = mkEnableOption "nginx reverse proxy"; + }; + + config = mkIf cfg.enable { + networking.firewall.allowedTCPPorts = [ 80 ]; + + services.nginx = { + enable = true; + virtualHosts = { + "localhost".locations = { + "/test" = { + recommendedProxySettings = true; + proxyPass = "http://192.168.0.2/"; + }; + "/stargazers" = { + recommendedProxySettings = true; + proxyPass = "http://192.168.0.3/"; + }; + }; + }; + }; + }; +} diff --git a/roles/web/stargazers/default.nix b/roles/web/stargazers/default.nix new file mode 100644 index 0000000..78b37d3 --- /dev/null +++ b/roles/web/stargazers/default.nix @@ -0,0 +1,37 @@ +{ config, pkgs, lib, inputs, ... }: +with lib; + +let cfg = config.roles.web.stargazers; in { + options.roles.web.stargazers = { + enable = mkEnableOption "stargazers webserver"; + }; + + config = mkIf cfg.enable { + containers.web-stargazers = { + autoStart = true; + + privateNetwork = true; + hostAddress = "192.168.0.1"; + localAddress = "192.168.0.3"; + + bindMounts = { + "/srv/web/stargazers" = { + hostPath = "/srv/web/stargazers"; + isReadOnly = true; + }; + }; + + config = { ... }: { + system.stateVersion = "23.11"; + networking.firewall.allowedTCPPorts = [ 80 ]; + + services.nginx = { + enable = true; + virtualHosts = { + "192.168.0.3".root = "/srv/web/stargazers"; + }; + }; + }; + }; + }; +} diff --git a/roles/web/test/default.nix b/roles/web/test/default.nix new file mode 100644 index 0000000..04bc1a7 --- /dev/null +++ b/roles/web/test/default.nix @@ -0,0 +1,37 @@ +{ config, pkgs, lib, inputs, ... }: +with lib; + +let cfg = config.roles.web.test; in { + options.roles.web.test = { + enable = mkEnableOption "test webserver"; + }; + + config = mkIf cfg.enable { + containers.web-test = { + autoStart = true; + + privateNetwork = true; + hostAddress = "192.168.0.1"; + localAddress = "192.168.0.2"; + + bindMounts = { + "/srv/web/test" = { + hostPath = "/srv/web/test"; + isReadOnly = true; + }; + }; + + config = { ... }: { + system.stateVersion = "23.11"; + networking.firewall.allowedTCPPorts = [ 80 ]; + + services.nginx = { + enable = true; + virtualHosts = { + "192.168.0.2".root = "/srv/web/test"; + }; + }; + }; + }; + }; +} diff --git a/system/default.nix b/system/default.nix deleted file mode 100644 index 6178ae8..0000000 --- a/system/default.nix +++ /dev/null @@ -1,11 +0,0 @@ -{ ... }: - -{ - imports = [ - ./fonts.nix - ./keyboard.nix - ./networking.nix - ./pipewire.nix - ./xserver.nix - ]; -} diff --git a/system/fonts.nix b/system/fonts.nix deleted file mode 100644 index d582448..0000000 --- a/system/fonts.nix +++ /dev/null @@ -1,24 +0,0 @@ -{ pkgs, ... }: - -{ - fonts = { - packages = with pkgs; [ - nerdfonts - noto-fonts - noto-fonts-cjk - noto-fonts-cjk-sans - noto-fonts-cjk-serif - noto-fonts-emoji - - minecraftia - ]; - - fontconfig = { - defaultFonts = { - monospace = [ "CaskaydiaMono Nerd Font" ]; - sansSerif = [ "DejaVu Sans" "Noto Sans CJK JP" "Noto Sans" ]; - serif = [ "DejaVu Serif" "Noto Serif CJK JP" "Noto Serif" ]; - }; - }; - }; -} diff --git a/system/keyboard.nix b/system/keyboard.nix deleted file mode 100644 index 1a3de2f..0000000 --- a/system/keyboard.nix +++ /dev/null @@ -1,34 +0,0 @@ -{ pkgs, ... }: - -{ - services.keyd = { - enable = true; - - keyboards."*".settings = { - main = { - # Swap alt and meta keys. - # I prefer (physical) alt as my WM modifier key because it - # is easier to reach. This can collide with some programs - # shortcuts if they inlcude alt. Swapping alt and meta fixes - # this by making my WM mod key (software) meta, freeing up alt. - - leftalt = "leftmeta"; - leftmeta = "leftalt"; - - rightalt = "rightmeta"; - rightmeta = "rightalt"; - }; - }; - }; - - i18n.inputMethod = { - enable = true; - type = "fcitx5"; - fcitx5.addons = with pkgs; [ fcitx5-mozc ]; - }; - - environment.variables = { - # Required for fcitx5 support in kitty - GLFW_IM_MODULE = "ibus"; - }; -} diff --git a/system/networking.nix b/system/networking.nix deleted file mode 100644 index 31632c1..0000000 --- a/system/networking.nix +++ /dev/null @@ -1,27 +0,0 @@ -{ ... }: - -{ - networking = { - hostName = "c-pc"; - hostId = "23ce94ff"; - - useDHCP = true; - - wireless = { - enable = true; - - environmentFile = "/persist/secrets/wireless.env"; - networks = { - "The Dwyers".psk = "@PSK@"; - }; - }; - - firewall = { - enable = false; - - allowedTCPPorts = [ 8096 50000 ]; - allowedUDPPorts = [ ]; - }; - }; -} - diff --git a/system/pipewire.nix b/system/pipewire.nix deleted file mode 100644 index 0dfb230..0000000 --- a/system/pipewire.nix +++ /dev/null @@ -1,13 +0,0 @@ -{ ... }: - -{ - security.rtkit.enable = true; - services.pipewire = { - enable = true; - - pulse.enable = true; - alsa.enable = true; - alsa.support32Bit = true; - #jack.enable = true; - }; -} diff --git a/system/xserver.nix b/system/xserver.nix deleted file mode 100644 index 38eaf21..0000000 --- a/system/xserver.nix +++ /dev/null @@ -1,37 +0,0 @@ -{ pkgs, ... }: - -{ - services.displayManager = { - enable = true; - defaultSession = "none+i3"; - }; - - services.xserver = { - enable = true; - - videoDrivers = [ "amdgpu" ]; - - displayManager = { - lightdm.enable = true; - - setupCommands = '' - if ${pkgs.xorg.xrandr}/bin/xrandr --query | grep 2560x1080; then - ${pkgs.xorg.xrandr}/bin/xrandr --output DVI-D-0 --mode 1920x1080 --rate 60 --pos 0x0 - ${pkgs.xorg.xrandr}/bin/xrandr --output DisplayPort-2 --mode 2560x1080 --rate 60 --pos 1920x0 --primary - ${pkgs.xorg.xrandr}/bin/xrandr --output HDMI-A-0 --mode 1920x1080 --rate 75 --pos 4480x0 - elif ${pkgs.xorg.xrandr}/bin/xrandr --query | grep 2560x1440; then - ${pkgs.xorg.xrandr}/bin/xrandr --output DVI-D-0 --mode 1920x1080 --rate 60 --pos 0x360 - ${pkgs.xorg.xrandr}/bin/xrandr --output DisplayPort-2 --mode 2560x1440 --rate 165 --pos 1920x0 --primary - ${pkgs.xorg.xrandr}/bin/xrandr --output DisplayPort-1 --mode 1920x1200 --rate 60 --pos 4480x0 - fi - ''; - }; - - windowManager.i3 = { - enable = true; - }; - - xkb.layout = "us"; -# xkb.options = "eurosign:e,caps:escape"; - }; -} -- cgit v1.2.3