diff --git a/flake.nix b/flake.nix index 83087ac..6386ed9 100644 --- a/flake.nix +++ b/flake.nix @@ -321,6 +321,10 @@ ]; }; + x86_64-linux-hosts = (import ./hosts-by-platform nixpkgs).x86_64-linux-hosts; + aarch64-linux-hosts = (import ./hosts-by-platform nixpkgs).aarch64-linux-hosts; + aarch64-darwin-hosts = (import ./hosts-by-platform nixpkgs).aarch64-darwin-hosts; + in rec { @@ -330,8 +334,8 @@ # Create nixosConfigurations using the different pkgs for each system # What to do with home config? - nixosModules = (import ./hosts nixpkgs).nixos-hosts; - darwinModules = (import ./hosts nixpkgs).darwin-hosts; + nixosModules = x86_64-linux-hosts // aarch64-linux-hosts; + darwinModules = aarch64-darwin-hosts; # Contains my full system builds, including home-manager # nixos-rebuild switch --flake .#tempest @@ -342,14 +346,14 @@ pkgs = pkgsBySystem.x86_64-linux; modules = [ module ]; } - ) nixosModules) + ) x86_64-linux-hosts) // (builtins.mapAttrs ( name: module: buildNixos { pkgs = pkgsBySystem.aarch64-linux; modules = [ module ]; } - ) nixosModules); + ) aarch64-linux-hosts); # builtins.mapAttrs buildNixos { # pkgs = pkgsBySystem.x86_64-linux; # modules = import ./hosts/x86_64-linux; @@ -367,7 +371,7 @@ pkgs = pkgsBySystem.aarch64-darwin; modules = [ module ]; } - ) darwinModules; + ) aarch64-darwin-hosts; # darwinConfigurations = builtins.mapAttrs buildDarwin { # pkgs = pkgsBySystem.aarch64-darwin; # modules = import ./hosts/darwin; diff --git a/hosts-by-platform/aarch64-darwin/lookingglass/default.nix b/hosts-by-platform/aarch64-darwin/lookingglass/default.nix new file mode 100644 index 0000000..e3259ff --- /dev/null +++ b/hosts-by-platform/aarch64-darwin/lookingglass/default.nix @@ -0,0 +1,39 @@ +# The Looking Glass +# System configuration for my work Macbook + +rec { + networking.hostName = "NYCM-NMASUR2"; + networking.computerName = "NYCM-NMASUR2"; + + nmasur.settings = { + username = "Noah.Masur"; + fullName = "Noah Masur"; + }; + + nmasur.profiles = { + base.enable = true; + work.enable = true; + extra.enable = true; + gaming.enable = true; + }; + + home-manager.users."Noah.Masur" = { + nmasur.settings = { + username = nmasur.settings.username; + fullName = nmasur.settings.fullName; + }; + nmasur.profiles = { + common.enable = true; + darwin-base.enable = true; + power-user.enable = true; + work.enable = true; + experimental.enable = true; + }; + nmasur.presets.programs.git = { + name = "Noah-Masur_1701"; + email = "${nmasur.settings.username}@take2games.com"; + }; + }; + + identityFile = "/Users/${nmasur.settings.username}/.ssh/id_ed25519"; +} diff --git a/hosts-by-platform/aarch64-linux/default.nix b/hosts-by-platform/aarch64-linux/default.nix new file mode 100644 index 0000000..0d927f6 --- /dev/null +++ b/hosts-by-platform/aarch64-linux/default.nix @@ -0,0 +1,22 @@ +# Return a list of all NixOS hosts + +{ nixpkgs, ... }: + +let + inherit (nixpkgs) lib; +in + +lib.pipe (lib.filesystem.listFilesRecursive ./.) [ + # Get only files ending in default.nix + (builtins.filter (name: lib.hasSuffix "default.nix" name)) + # Remove this file + (builtins.filter (name: name != ./default.nix)) + # Import each host function + map + (file: { + name = builtins.baseNameOf (builtins.dirOf file); + value = import file; + }) + # Convert to an attrset of hostname -> host function + (builtins.listToAttrs) +] diff --git a/hosts-by-platform/aarch64-linux/flame/default.nix b/hosts-by-platform/aarch64-linux/flame/default.nix new file mode 100644 index 0000000..e4a4627 --- /dev/null +++ b/hosts-by-platform/aarch64-linux/flame/default.nix @@ -0,0 +1,75 @@ +# The Flame +# System configuration for an Oracle free server + +# How to install: +# https://blog.korfuri.fr/posts/2022/08/nixos-on-an-oracle-free-tier-ampere-machine/ +# These days, probably use nixos-anywhere instead. + +rec { + networking.hostName = "flame"; + + nmasur.settings = { + username = "noah"; + fullName = "Noah Masur"; + # hostnames = + # let + # baseName = "masu.rs"; + # in + # { + # budget = "money.${baseName}"; + # git = "git.${baseName}"; + # influxdb = "influxdb.${baseName}"; + # irc = "irc.${baseName}"; + # metrics = "metrics.${baseName}"; + # minecraft = "minecraft.${baseName}"; + # n8n = "n8n.${baseName}"; + # notifications = "ntfy.${baseName}"; + # prometheus = "prom.${baseName}"; + # secrets = "vault.${baseName}"; + # status = "status.${baseName}"; + # }; + }; + + nmasur.profiles = { + base.enable = true; + server.enable = true; + communications.enable = true; + }; + + home-manager.users."noah" = { + nmasur.settings = { + username = nmasur.settings.username; + fullName = nmasur.settings.fullName; + }; + nmasur.profiles = { + common.enable = true; + linux-base.enable = true; + }; + home.stateVersion = "23.05"; + }; + + system.stateVersion = "23.05"; + # File systems must be declared in order to boot + + # This is the root filesystem containing NixOS + # I forgot to set a clean label for it + fileSystems."/" = { + device = "/dev/disk/by-uuid/e1b6bd50-306d-429a-9f45-78f57bc597c3"; + fsType = "ext4"; + }; + + # This is the boot filesystem for systemd-boot + fileSystems."/boot" = { + device = "/dev/disk/by-uuid/D5CA-237A"; + fsType = "vfat"; + }; + + # Allows private remote access over the internet + nmasur.presets.services.cloudflared = { + tunnel = { + id = "bd250ee1-ed2e-42d2-b627-039f1eb5a4d2"; + credentialsFile = ../../../private/cloudflared-flame.age; + ca = "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBK/6oyVqjFGX3Uvrc3VS8J9sphxzAnRzKC85xgkHfYgR3TK6qBGXzHrknEj21xeZrr3G2y1UsGzphWJd9ZfIcdA= open-ssh-ca@cloudflareaccess.org"; + }; + }; +} diff --git a/hosts-by-platform/default.nix b/hosts-by-platform/default.nix new file mode 100644 index 0000000..d87a176 --- /dev/null +++ b/hosts-by-platform/default.nix @@ -0,0 +1,44 @@ +# Return a list of all hosts + +nixpkgs: + +let + inherit (nixpkgs) lib; +in + +{ + # darwin-hosts = import ./darwin; + aarch64-darwin-hosts = lib.pipe (lib.filesystem.listFilesRecursive ./aarch64-darwin) [ + # Get only files ending in default.nix + (builtins.filter (name: lib.hasSuffix "default.nix" name)) + # Import each host function + (map (file: { + name = builtins.baseNameOf (builtins.dirOf file); + value = import file; + })) + # Convert to an attrset of hostname -> host function + (builtins.listToAttrs) + ]; + aarch64-linux-hosts = lib.pipe (lib.filesystem.listFilesRecursive ./aarch64-linux) [ + # Get only files ending in default.nix + (builtins.filter (name: lib.hasSuffix "default.nix" name)) + # Import each host function + (map (file: { + name = builtins.baseNameOf (builtins.dirOf file); + value = import file; + })) + # Convert to an attrset of hostname -> host function + (builtins.listToAttrs) + ]; + x86_64-linux-hosts = lib.pipe (lib.filesystem.listFilesRecursive ./x86_64-linux) [ + # Get only files ending in default.nix + (builtins.filter (name: lib.hasSuffix "default.nix" name)) + # Import each host function + (map (file: { + name = builtins.baseNameOf (builtins.dirOf file); + value = import file; + })) + # Convert to an attrset of hostname -> host function + (builtins.listToAttrs) + ]; +} diff --git a/hosts-by-platform/x86_64-linux/default.nix b/hosts-by-platform/x86_64-linux/default.nix new file mode 100644 index 0000000..0d927f6 --- /dev/null +++ b/hosts-by-platform/x86_64-linux/default.nix @@ -0,0 +1,22 @@ +# Return a list of all NixOS hosts + +{ nixpkgs, ... }: + +let + inherit (nixpkgs) lib; +in + +lib.pipe (lib.filesystem.listFilesRecursive ./.) [ + # Get only files ending in default.nix + (builtins.filter (name: lib.hasSuffix "default.nix" name)) + # Remove this file + (builtins.filter (name: name != ./default.nix)) + # Import each host function + map + (file: { + name = builtins.baseNameOf (builtins.dirOf file); + value = import file; + }) + # Convert to an attrset of hostname -> host function + (builtins.listToAttrs) +] diff --git a/hosts-by-platform/x86_64-linux/swan/default.nix b/hosts-by-platform/x86_64-linux/swan/default.nix new file mode 100644 index 0000000..8029bd2 --- /dev/null +++ b/hosts-by-platform/x86_64-linux/swan/default.nix @@ -0,0 +1,92 @@ +# The Swan +# System configuration for my home NAS server + +rec { + networking.hostName = "swan"; + + nmasur.settings = { + username = "noah"; + fullName = "Noah Masur"; + # hostnames = + # let + # baseName = "masu.rs"; + # in + # { + # audiobooks = "read.${baseName}"; + # books = "books.${baseName}"; + # content = "cloud.${baseName}"; + # download = "download.${baseName}"; + # files = "files.${baseName}"; + # paperless = "paper.${baseName}"; + # photos = "photos.${baseName}"; + # prometheus = "prom.${baseName}"; + # stream = "stream.${baseName}"; + # }; + }; + + nmasur.profiles = { + base.enable = true; + server.enable = true; + home.enable = true; + nas.enable = true; + }; + + home-manager.users."noah" = { + nmasur.settings = { + username = nmasur.settings.username; + fullName = nmasur.settings.fullName; + }; + nmasur.profiles = { + common.enable = true; + linux-base.enable = true; + }; + home.stateVersion = "23.05"; + }; + + # Not sure what's necessary but too afraid to remove anything + boot.initrd.availableKernelModules = [ + "xhci_pci" + "ahci" + "nvme" + "usb_storage" + "sd_mod" + ]; + + # Required for transcoding + boot.initrd.kernelModules = [ "amdgpu" ]; + boot.kernelParams = [ + "radeon.si_support=0" + "amdgpu.si_support=1" + "radeon.cik_support=0" + "amdgpu.cik_support=1" + "amdgpu.dc=1" + ]; + + # Required binary blobs to boot on this machine + hardware.enableRedistributableFirmware = true; + + # Prioritize efficiency over performance + powerManagement.cpuFreqGovernor = "powersave"; + + # Allow firmware updates + hardware.cpu.intel.updateMicrocode = true; + + # ZFS + # Generated with: head -c 8 /etc/machine-id + networking.hostId = "600279f4"; # Random ID required for ZFS + + # Sets root ext4 filesystem instead of declaring it manually + disko = { + enableConfig = true; + devices = (import ../../disks/root.nix { disk = "/dev/nvme0n1"; }); + }; + + # Allows private remote access over the internet + nmasur.presets.services.cloudflared = { + tunnel = { + id = "646754ac-2149-4a58-b51a-e1d0a1f3ade2"; + credentialsFile = ../../private/cloudflared-swan.age; + ca = "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBCHF/UMtJqPFrf6f6GRY0ZFnkCW7b6sYgUTjTtNfRj1RdmNic1NoJZql7y6BrqQinZvy7nsr1UFDNWoHn6ah3tg= open-ssh-ca@cloudflareaccess.org"; + }; + }; +} diff --git a/hosts-by-platform/x86_64-linux/tempest/default.nix b/hosts-by-platform/x86_64-linux/tempest/default.nix new file mode 100644 index 0000000..9120294 --- /dev/null +++ b/hosts-by-platform/x86_64-linux/tempest/default.nix @@ -0,0 +1,117 @@ +# The Tempest +# System configuration for my desktop + +rec { + # Hardware + networking.hostName = "tempest"; + + nmasur.settings = { + username = "noah"; + fullName = "Noah Masur"; + # hostnames = + # let + # baseName = "masu.rs"; + # in + # { + # prometheus = "prom.${baseName}"; + # }; + }; + + nmasur.profiles = { + base.enable = true; + home.enable = true; + gui.enable = true; + gaming.enable = true; + }; + + home-manager.users."noah" = { + nmasur.settings = { + username = nmasur.settings.username; + fullName = nmasur.settings.fullName; + }; + nmasur.profiles = { + common.enable = true; + linux-base.enable = true; + linux-gui.enable = true; + linux-gaming.enable = true; + power-user.enable = true; + developer.enable = true; + experimental.enable = true; + }; + nmasur.presets.services.mbsync = { + user = nmasur.settings.username; + server = "noahmasur.com"; + }; + home.stateVersion = "23.05"; + }; + + system.stateVersion = "23.05"; + # Not sure what's necessary but too afraid to remove anything + boot.initrd.availableKernelModules = [ + "nvme" + "xhci_pci" + "ahci" + "usb_storage" + "usbhid" + "sd_mod" + ]; + + # Graphics and VMs + boot.initrd.kernelModules = [ "amdgpu" ]; + boot.kernelModules = [ "kvm-amd" ]; + services.xserver.videoDrivers = [ "amdgpu" ]; + + # Required binary blobs to boot on this machine + hardware.enableRedistributableFirmware = true; + + # Prioritize performance over efficiency + powerManagement.cpuFreqGovernor = "performance"; + + # Allow firmware updates + hardware.cpu.amd.updateMicrocode = true; + + # Helps reduce GPU fan noise under idle loads + hardware.fancontrol.enable = true; + hardware.fancontrol.config = '' + # Configuration file generated by pwmconfig, changes will be lost + INTERVAL=10 + DEVPATH=hwmon0=devices/pci0000:00/0000:00:03.1/0000:06:00.0/0000:07:00.0/0000:08:00.0 + DEVNAME=hwmon0=amdgpu + FCTEMPS=hwmon0/pwm1=hwmon0/temp1_input + FCFANS= hwmon0/pwm1=hwmon0/fan1_input + MINTEMP=hwmon0/pwm1=50 + MAXTEMP=hwmon0/pwm1=70 + MINSTART=hwmon0/pwm1=100 + MINSTOP=hwmon0/pwm1=10 + MINPWM=hwmon0/pwm1=10 + MAXPWM=hwmon0/pwm1=240 + ''; + + # File systems must be declared in order to boot + + # This is the root filesystem containing NixOS + fileSystems."/" = { + device = "/dev/disk/by-label/nixos"; + fsType = "ext4"; + }; + + # This is the boot filesystem for Grub + fileSystems."/boot" = { + device = "/dev/disk/by-label/boot"; + fsType = "vfat"; + }; + + # Allows private remote access over the internet + nmasur.presets.services.cloudflared = { + tunnel = { + id = "ac133a82-31fb-480c-942a-cdbcd4c58173"; + credentialsFile = ../../../private/cloudflared-tempest.age; + ca = "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBPY6C0HmdFCaxYtJxFr3qV4/1X4Q8KrYQ1hlme3u1hJXK+xW+lc9Y9glWHrhiTKilB7carYTB80US0O47gI5yU4= open-ssh-ca@cloudflareaccess.org"; + }; + }; + + # Allows requests to force machine to wake up + # This network interface might change, needs to be set specifically for each machine. + # Or set usePredictableInterfaceNames = false + networking.interfaces.enp5s0.wakeOnLan.enable = true; +} diff --git a/platforms/home-manager/modules/nmasur/presets/programs/_1password.nix b/platforms/home-manager/modules/nmasur/presets/programs/_1password.nix index 72ce826..e04f7da 100644 --- a/platforms/home-manager/modules/nmasur/presets/programs/_1password.nix +++ b/platforms/home-manager/modules/nmasur/presets/programs/_1password.nix @@ -25,8 +25,9 @@ in ] ++ (if pkgs.stdenv.isLinux then [ pkgs._1password-gui ] else [ ]); # Firefox extension - programs.firefox.profiles.default.extensions = - pkgs.nur.repos.rycee.firefox-addons.onepassword-password-manager; + programs.firefox.profiles.default.extensions = [ + pkgs.nur.repos.rycee.firefox-addons.onepassword-password-manager + ]; }; # # https://1password.community/discussion/135462/firefox-extension-does-not-connect-to-linux-app diff --git a/platforms/home-manager/modules/nmasur/presets/services/i3.nix b/platforms/home-manager/modules/nmasur/presets/services/i3.nix index f5bfec2..3be9b5b 100644 --- a/platforms/home-manager/modules/nmasur/presets/services/i3.nix +++ b/platforms/home-manager/modules/nmasur/presets/services/i3.nix @@ -190,9 +190,9 @@ in lib.mkIf cfg.commands.systemdSearch != null "exec --no-startup-id ${cfg.commands.systemdSearch}"; "${modifier}+Shift+a" = lib.mkIf cfg.commands.audioSwitch != null "exec --no-startup-id ${cfg.commands.audioSwitch}"; - "Mod1+Tab" = - lib.mkIf cfg.commands.applicationSwitch - != null "exec --no-startup-id ${cfg.commands.applicationSwitch}"; + "Mod1+Tab" = lib.mkIf ( + cfg.commands.applicationSwitch != null + ) "exec --no-startup-id ${cfg.commands.applicationSwitch}"; "${modifier}+Shift+period" = lib.mkIf cfg.commands.power != null "exec --no-startup-id ${cfg.commands.power}"; "${modifier}+Shift+m" =