more fixes

2025-02-25 23:32:04 +00:00 · 2025-02-24 22:47:32 -05:00 · 2025-02-24 22:47:32 -05:00 · a4bebe653c
commit a4bebe653c
parent e7366f9510
10 changed files with 426 additions and 10 deletions
--- a/flake.nix
+++ b/flake.nix
@ -321,6 +321,10 @@
          ];
        };

+      x86_64-linux-hosts = (import ./hosts-by-platform nixpkgs).x86_64-linux-hosts;
+      aarch64-linux-hosts = (import ./hosts-by-platform nixpkgs).aarch64-linux-hosts;
+      aarch64-darwin-hosts = (import ./hosts-by-platform nixpkgs).aarch64-darwin-hosts;
+
    in
    rec {

@ -330,8 +334,8 @@
      # Create nixosConfigurations using the different pkgs for each system
      # What to do with home config?

-      nixosModules = (import ./hosts nixpkgs).nixos-hosts;
-      darwinModules = (import ./hosts nixpkgs).darwin-hosts;
+      nixosModules = x86_64-linux-hosts // aarch64-linux-hosts;
+      darwinModules = aarch64-darwin-hosts;

      # Contains my full system builds, including home-manager
      # nixos-rebuild switch --flake .#tempest
@ -342,14 +346,14 @@
            pkgs = pkgsBySystem.x86_64-linux;
            modules = [ module ];
          }
-        ) nixosModules)
+        ) x86_64-linux-hosts)
        // (builtins.mapAttrs (
          name: module:
          buildNixos {
            pkgs = pkgsBySystem.aarch64-linux;
            modules = [ module ];
          }
-        ) nixosModules);
+        ) aarch64-linux-hosts);
      # builtins.mapAttrs buildNixos {
      #   pkgs = pkgsBySystem.x86_64-linux;
      #   modules = import ./hosts/x86_64-linux;
@ -367,7 +371,7 @@
          pkgs = pkgsBySystem.aarch64-darwin;
          modules = [ module ];
        }
-      ) darwinModules;
+      ) aarch64-darwin-hosts;
      # darwinConfigurations = builtins.mapAttrs buildDarwin {
      #   pkgs = pkgsBySystem.aarch64-darwin;
      #   modules = import ./hosts/darwin;
--- a/hosts-by-platform/aarch64-darwin/lookingglass/default.nix
+++ b/hosts-by-platform/aarch64-darwin/lookingglass/default.nix
@ -0,0 +1,39 @@
+# The Looking Glass
+# System configuration for my work Macbook
+
+rec {
+  networking.hostName = "NYCM-NMASUR2";
+  networking.computerName = "NYCM-NMASUR2";
+
+  nmasur.settings = {
+    username = "Noah.Masur";
+    fullName = "Noah Masur";
+  };
+
+  nmasur.profiles = {
+    base.enable = true;
+    work.enable = true;
+    extra.enable = true;
+    gaming.enable = true;
+  };
+
+  home-manager.users."Noah.Masur" = {
+    nmasur.settings = {
+      username = nmasur.settings.username;
+      fullName = nmasur.settings.fullName;
+    };
+    nmasur.profiles = {
+      common.enable = true;
+      darwin-base.enable = true;
+      power-user.enable = true;
+      work.enable = true;
+      experimental.enable = true;
+    };
+    nmasur.presets.programs.git = {
+      name = "Noah-Masur_1701";
+      email = "${nmasur.settings.username}@take2games.com";
+    };
+  };
+
+  identityFile = "/Users/${nmasur.settings.username}/.ssh/id_ed25519";
+}
--- a/hosts-by-platform/aarch64-linux/default.nix
+++ b/hosts-by-platform/aarch64-linux/default.nix
@ -0,0 +1,22 @@
+# Return a list of all NixOS hosts
+
+{ nixpkgs, ... }:
+
+let
+  inherit (nixpkgs) lib;
+in
+
+lib.pipe (lib.filesystem.listFilesRecursive ./.) [
+  # Get only files ending in default.nix
+  (builtins.filter (name: lib.hasSuffix "default.nix" name))
+  # Remove this file
+  (builtins.filter (name: name != ./default.nix))
+  # Import each host function
+  map
+  (file: {
+    name = builtins.baseNameOf (builtins.dirOf file);
+    value = import file;
+  })
+  # Convert to an attrset of hostname -> host function
+  (builtins.listToAttrs)
+]
--- a/hosts-by-platform/aarch64-linux/flame/default.nix
+++ b/hosts-by-platform/aarch64-linux/flame/default.nix
@ -0,0 +1,75 @@
+# The Flame
+# System configuration for an Oracle free server
+
+# How to install:
+# https://blog.korfuri.fr/posts/2022/08/nixos-on-an-oracle-free-tier-ampere-machine/
+# These days, probably use nixos-anywhere instead.
+
+rec {
+  networking.hostName = "flame";
+
+  nmasur.settings = {
+    username = "noah";
+    fullName = "Noah Masur";
+    # hostnames =
+    #   let
+    #     baseName = "masu.rs";
+    #   in
+    #   {
+    #     budget = "money.${baseName}";
+    #     git = "git.${baseName}";
+    #     influxdb = "influxdb.${baseName}";
+    #     irc = "irc.${baseName}";
+    #     metrics = "metrics.${baseName}";
+    #     minecraft = "minecraft.${baseName}";
+    #     n8n = "n8n.${baseName}";
+    #     notifications = "ntfy.${baseName}";
+    #     prometheus = "prom.${baseName}";
+    #     secrets = "vault.${baseName}";
+    #     status = "status.${baseName}";
+    #   };
+  };
+
+  nmasur.profiles = {
+    base.enable = true;
+    server.enable = true;
+    communications.enable = true;
+  };
+
+  home-manager.users."noah" = {
+    nmasur.settings = {
+      username = nmasur.settings.username;
+      fullName = nmasur.settings.fullName;
+    };
+    nmasur.profiles = {
+      common.enable = true;
+      linux-base.enable = true;
+    };
+    home.stateVersion = "23.05";
+  };
+
+  system.stateVersion = "23.05";
+  # File systems must be declared in order to boot
+
+  # This is the root filesystem containing NixOS
+  # I forgot to set a clean label for it
+  fileSystems."/" = {
+    device = "/dev/disk/by-uuid/e1b6bd50-306d-429a-9f45-78f57bc597c3";
+    fsType = "ext4";
+  };
+
+  # This is the boot filesystem for systemd-boot
+  fileSystems."/boot" = {
+    device = "/dev/disk/by-uuid/D5CA-237A";
+    fsType = "vfat";
+  };
+
+  # Allows private remote access over the internet
+  nmasur.presets.services.cloudflared = {
+    tunnel = {
+      id = "bd250ee1-ed2e-42d2-b627-039f1eb5a4d2";
+      credentialsFile = ../../../private/cloudflared-flame.age;
+      ca = "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBK/6oyVqjFGX3Uvrc3VS8J9sphxzAnRzKC85xgkHfYgR3TK6qBGXzHrknEj21xeZrr3G2y1UsGzphWJd9ZfIcdA= open-ssh-ca@cloudflareaccess.org";
+    };
+  };
+}
--- a/hosts-by-platform/default.nix
+++ b/hosts-by-platform/default.nix
@ -0,0 +1,44 @@
+# Return a list of all hosts
+
+nixpkgs:
+
+let
+  inherit (nixpkgs) lib;
+in
+
+{
+  # darwin-hosts = import ./darwin;
+  aarch64-darwin-hosts = lib.pipe (lib.filesystem.listFilesRecursive ./aarch64-darwin) [
+    # Get only files ending in default.nix
+    (builtins.filter (name: lib.hasSuffix "default.nix" name))
+    # Import each host function
+    (map (file: {
+      name = builtins.baseNameOf (builtins.dirOf file);
+      value = import file;
+    }))
+    # Convert to an attrset of hostname -> host function
+    (builtins.listToAttrs)
+  ];
+  aarch64-linux-hosts = lib.pipe (lib.filesystem.listFilesRecursive ./aarch64-linux) [
+    # Get only files ending in default.nix
+    (builtins.filter (name: lib.hasSuffix "default.nix" name))
+    # Import each host function
+    (map (file: {
+      name = builtins.baseNameOf (builtins.dirOf file);
+      value = import file;
+    }))
+    # Convert to an attrset of hostname -> host function
+    (builtins.listToAttrs)
+  ];
+  x86_64-linux-hosts = lib.pipe (lib.filesystem.listFilesRecursive ./x86_64-linux) [
+    # Get only files ending in default.nix
+    (builtins.filter (name: lib.hasSuffix "default.nix" name))
+    # Import each host function
+    (map (file: {
+      name = builtins.baseNameOf (builtins.dirOf file);
+      value = import file;
+    }))
+    # Convert to an attrset of hostname -> host function
+    (builtins.listToAttrs)
+  ];
+}
--- a/hosts-by-platform/x86_64-linux/default.nix
+++ b/hosts-by-platform/x86_64-linux/default.nix
@ -0,0 +1,22 @@
+# Return a list of all NixOS hosts
+
+{ nixpkgs, ... }:
+
+let
+  inherit (nixpkgs) lib;
+in
+
+lib.pipe (lib.filesystem.listFilesRecursive ./.) [
+  # Get only files ending in default.nix
+  (builtins.filter (name: lib.hasSuffix "default.nix" name))
+  # Remove this file
+  (builtins.filter (name: name != ./default.nix))
+  # Import each host function
+  map
+  (file: {
+    name = builtins.baseNameOf (builtins.dirOf file);
+    value = import file;
+  })
+  # Convert to an attrset of hostname -> host function
+  (builtins.listToAttrs)
+]
--- a/hosts-by-platform/x86_64-linux/swan/default.nix
+++ b/hosts-by-platform/x86_64-linux/swan/default.nix
@ -0,0 +1,92 @@
+# The Swan
+# System configuration for my home NAS server
+
+rec {
+  networking.hostName = "swan";
+
+  nmasur.settings = {
+    username = "noah";
+    fullName = "Noah Masur";
+    # hostnames =
+    #   let
+    #     baseName = "masu.rs";
+    #   in
+    #   {
+    #     audiobooks = "read.${baseName}";
+    #     books = "books.${baseName}";
+    #     content = "cloud.${baseName}";
+    #     download = "download.${baseName}";
+    #     files = "files.${baseName}";
+    #     paperless = "paper.${baseName}";
+    #     photos = "photos.${baseName}";
+    #     prometheus = "prom.${baseName}";
+    #     stream = "stream.${baseName}";
+    #   };
+  };
+
+  nmasur.profiles = {
+    base.enable = true;
+    server.enable = true;
+    home.enable = true;
+    nas.enable = true;
+  };
+
+  home-manager.users."noah" = {
+    nmasur.settings = {
+      username = nmasur.settings.username;
+      fullName = nmasur.settings.fullName;
+    };
+    nmasur.profiles = {
+      common.enable = true;
+      linux-base.enable = true;
+    };
+    home.stateVersion = "23.05";
+  };
+
+  # Not sure what's necessary but too afraid to remove anything
+  boot.initrd.availableKernelModules = [
+    "xhci_pci"
+    "ahci"
+    "nvme"
+    "usb_storage"
+    "sd_mod"
+  ];
+
+  # Required for transcoding
+  boot.initrd.kernelModules = [ "amdgpu" ];
+  boot.kernelParams = [
+    "radeon.si_support=0"
+    "amdgpu.si_support=1"
+    "radeon.cik_support=0"
+    "amdgpu.cik_support=1"
+    "amdgpu.dc=1"
+  ];
+
+  # Required binary blobs to boot on this machine
+  hardware.enableRedistributableFirmware = true;
+
+  # Prioritize efficiency over performance
+  powerManagement.cpuFreqGovernor = "powersave";
+
+  # Allow firmware updates
+  hardware.cpu.intel.updateMicrocode = true;
+
+  # ZFS
+  # Generated with: head -c 8 /etc/machine-id
+  networking.hostId = "600279f4"; # Random ID required for ZFS
+
+  # Sets root ext4 filesystem instead of declaring it manually
+  disko = {
+    enableConfig = true;
+    devices = (import ../../disks/root.nix { disk = "/dev/nvme0n1"; });
+  };
+
+  # Allows private remote access over the internet
+  nmasur.presets.services.cloudflared = {
+    tunnel = {
+      id = "646754ac-2149-4a58-b51a-e1d0a1f3ade2";
+      credentialsFile = ../../private/cloudflared-swan.age;
+      ca = "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBCHF/UMtJqPFrf6f6GRY0ZFnkCW7b6sYgUTjTtNfRj1RdmNic1NoJZql7y6BrqQinZvy7nsr1UFDNWoHn6ah3tg= open-ssh-ca@cloudflareaccess.org";
+    };
+  };
+}
--- a/hosts-by-platform/x86_64-linux/tempest/default.nix
+++ b/hosts-by-platform/x86_64-linux/tempest/default.nix
@ -0,0 +1,117 @@
+# The Tempest
+# System configuration for my desktop
+
+rec {
+  # Hardware
+  networking.hostName = "tempest";
+
+  nmasur.settings = {
+    username = "noah";
+    fullName = "Noah Masur";
+    # hostnames =
+    #   let
+    #     baseName = "masu.rs";
+    #   in
+    #   {
+    #     prometheus = "prom.${baseName}";
+    #   };
+  };
+
+  nmasur.profiles = {
+    base.enable = true;
+    home.enable = true;
+    gui.enable = true;
+    gaming.enable = true;
+  };
+
+  home-manager.users."noah" = {
+    nmasur.settings = {
+      username = nmasur.settings.username;
+      fullName = nmasur.settings.fullName;
+    };
+    nmasur.profiles = {
+      common.enable = true;
+      linux-base.enable = true;
+      linux-gui.enable = true;
+      linux-gaming.enable = true;
+      power-user.enable = true;
+      developer.enable = true;
+      experimental.enable = true;
+    };
+    nmasur.presets.services.mbsync = {
+      user = nmasur.settings.username;
+      server = "noahmasur.com";
+    };
+    home.stateVersion = "23.05";
+  };
+
+  system.stateVersion = "23.05";
+  # Not sure what's necessary but too afraid to remove anything
+  boot.initrd.availableKernelModules = [
+    "nvme"
+    "xhci_pci"
+    "ahci"
+    "usb_storage"
+    "usbhid"
+    "sd_mod"
+  ];
+
+  # Graphics and VMs
+  boot.initrd.kernelModules = [ "amdgpu" ];
+  boot.kernelModules = [ "kvm-amd" ];
+  services.xserver.videoDrivers = [ "amdgpu" ];
+
+  # Required binary blobs to boot on this machine
+  hardware.enableRedistributableFirmware = true;
+
+  # Prioritize performance over efficiency
+  powerManagement.cpuFreqGovernor = "performance";
+
+  # Allow firmware updates
+  hardware.cpu.amd.updateMicrocode = true;
+
+  # Helps reduce GPU fan noise under idle loads
+  hardware.fancontrol.enable = true;
+  hardware.fancontrol.config = ''
+    # Configuration file generated by pwmconfig, changes will be lost
+    INTERVAL=10
+    DEVPATH=hwmon0=devices/pci0000:00/0000:00:03.1/0000:06:00.0/0000:07:00.0/0000:08:00.0
+    DEVNAME=hwmon0=amdgpu
+    FCTEMPS=hwmon0/pwm1=hwmon0/temp1_input
+    FCFANS= hwmon0/pwm1=hwmon0/fan1_input
+    MINTEMP=hwmon0/pwm1=50
+    MAXTEMP=hwmon0/pwm1=70
+    MINSTART=hwmon0/pwm1=100
+    MINSTOP=hwmon0/pwm1=10
+    MINPWM=hwmon0/pwm1=10
+    MAXPWM=hwmon0/pwm1=240
+  '';
+
+  # File systems must be declared in order to boot
+
+  # This is the root filesystem containing NixOS
+  fileSystems."/" = {
+    device = "/dev/disk/by-label/nixos";
+    fsType = "ext4";
+  };
+
+  # This is the boot filesystem for Grub
+  fileSystems."/boot" = {
+    device = "/dev/disk/by-label/boot";
+    fsType = "vfat";
+  };
+
+  # Allows private remote access over the internet
+  nmasur.presets.services.cloudflared = {
+    tunnel = {
+      id = "ac133a82-31fb-480c-942a-cdbcd4c58173";
+      credentialsFile = ../../../private/cloudflared-tempest.age;
+      ca = "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBPY6C0HmdFCaxYtJxFr3qV4/1X4Q8KrYQ1hlme3u1hJXK+xW+lc9Y9glWHrhiTKilB7carYTB80US0O47gI5yU4= open-ssh-ca@cloudflareaccess.org";
+    };
+  };
+
+  # Allows requests to force machine to wake up
+  # This network interface might change, needs to be set specifically for each machine.
+  # Or set usePredictableInterfaceNames = false
+  networking.interfaces.enp5s0.wakeOnLan.enable = true;
+}
--- a/platforms/home-manager/modules/nmasur/presets/programs/_1password.nix
+++ b/platforms/home-manager/modules/nmasur/presets/programs/_1password.nix
@ -25,8 +25,9 @@ in
    ] ++ (if pkgs.stdenv.isLinux then [ pkgs._1password-gui ] else [ ]);

    # Firefox extension
-    programs.firefox.profiles.default.extensions =
-      pkgs.nur.repos.rycee.firefox-addons.onepassword-password-manager;
+    programs.firefox.profiles.default.extensions = [
+      pkgs.nur.repos.rycee.firefox-addons.onepassword-password-manager
+    ];
  };

  # # https://1password.community/discussion/135462/firefox-extension-does-not-connect-to-linux-app
--- a/platforms/home-manager/modules/nmasur/presets/services/i3.nix
+++ b/platforms/home-manager/modules/nmasur/presets/services/i3.nix
@ -190,9 +190,9 @@ in
              lib.mkIf cfg.commands.systemdSearch != null "exec --no-startup-id ${cfg.commands.systemdSearch}";
            "${modifier}+Shift+a" =
              lib.mkIf cfg.commands.audioSwitch != null "exec --no-startup-id ${cfg.commands.audioSwitch}";
-            "Mod1+Tab" =
-              lib.mkIf cfg.commands.applicationSwitch
-              != null "exec --no-startup-id ${cfg.commands.applicationSwitch}";
+            "Mod1+Tab" = lib.mkIf (
+              cfg.commands.applicationSwitch != null
+            ) "exec --no-startup-id ${cfg.commands.applicationSwitch}";
            "${modifier}+Shift+period" =
              lib.mkIf cfg.commands.power != null "exec --no-startup-id ${cfg.commands.power}";
            "${modifier}+Shift+m" =