more progress

flake.nix

@@ -321,6 +321,10 @@
           ];
         };
 
+      x86_64-linux-hosts = (import ./hosts-by-platform nixpkgs).x86_64-linux-hosts;
+      aarch64-linux-hosts = (import ./hosts-by-platform nixpkgs).aarch64-linux-hosts;
+      aarch64-darwin-hosts = (import ./hosts-by-platform nixpkgs).aarch64-darwin-hosts;
+
     in
     rec {
 
@@ -330,8 +334,8 @@
       # Create nixosConfigurations using the different pkgs for each system
       # What to do with home config?
 
-      nixosModules = (import ./hosts nixpkgs).nixos-hosts;
+      nixosModules = x86_64-linux-hosts // aarch64-linux-hosts;
-      darwinModules = (import ./hosts nixpkgs).darwin-hosts;
+      darwinModules = aarch64-darwin-hosts;
 
       # Contains my full system builds, including home-manager
       # nixos-rebuild switch --flake .#tempest
@@ -342,14 +346,14 @@
             pkgs = pkgsBySystem.x86_64-linux;
             modules = [ module ];
           }
-        ) nixosModules)
+        ) x86_64-linux-hosts)
         // (builtins.mapAttrs (
           name: module:
           buildNixos {
             pkgs = pkgsBySystem.aarch64-linux;
             modules = [ module ];
           }
-        ) nixosModules);
+        ) aarch64-linux-hosts);
       # builtins.mapAttrs buildNixos {
       #   pkgs = pkgsBySystem.x86_64-linux;
       #   modules = import ./hosts/x86_64-linux;
@@ -367,7 +371,7 @@
           pkgs = pkgsBySystem.aarch64-darwin;
           modules = [ module ];
         }
-      ) darwinModules;
+      ) aarch64-darwin-hosts;
       # darwinConfigurations = builtins.mapAttrs buildDarwin {
       #   pkgs = pkgsBySystem.aarch64-darwin;
       #   modules = import ./hosts/darwin;

hosts-by-platform/aarch64-darwin/lookingglass/default.nix

@@ -0,0 +1,39 @@
+# The Looking Glass
+# System configuration for my work Macbook
+
+rec {
+  networking.hostName = "NYCM-NMASUR2";
+  networking.computerName = "NYCM-NMASUR2";
+
+  nmasur.settings = {
+    username = "Noah.Masur";
+    fullName = "Noah Masur";
+  };
+
+  nmasur.profiles = {
+    base.enable = true;
+    work.enable = true;
+    extra.enable = true;
+    gaming.enable = true;
+  };
+
+  home-manager.users."Noah.Masur" = {
+    nmasur.settings = {
+      username = nmasur.settings.username;
+      fullName = nmasur.settings.fullName;
+    };
+    nmasur.profiles = {
+      common.enable = true;
+      darwin-base.enable = true;
+      power-user.enable = true;
+      work.enable = true;
+      experimental.enable = true;
+    };
+    nmasur.presets.programs.git = {
+      name = "Noah-Masur_1701";
+      email = "${nmasur.settings.username}@take2games.com";
+    };
+  };
+
+  identityFile = "/Users/${nmasur.settings.username}/.ssh/id_ed25519";
+}

hosts-by-platform/aarch64-linux/default.nix

@@ -0,0 +1,22 @@
+# Return a list of all NixOS hosts
+
+{ nixpkgs, ... }:
+
+let
+  inherit (nixpkgs) lib;
+in
+
+lib.pipe (lib.filesystem.listFilesRecursive ./.) [
+  # Get only files ending in default.nix
+  (builtins.filter (name: lib.hasSuffix "default.nix" name))
+  # Remove this file
+  (builtins.filter (name: name != ./default.nix))
+  # Import each host function
+  map
+  (file: {
+    name = builtins.baseNameOf (builtins.dirOf file);
+    value = import file;
+  })
+  # Convert to an attrset of hostname -> host function
+  (builtins.listToAttrs)
+]

hosts-by-platform/aarch64-linux/flame/default.nix

@@ -0,0 +1,75 @@
+# The Flame
+# System configuration for an Oracle free server
+
+# How to install:
+# https://blog.korfuri.fr/posts/2022/08/nixos-on-an-oracle-free-tier-ampere-machine/
+# These days, probably use nixos-anywhere instead.
+
+rec {
+  networking.hostName = "flame";
+
+  nmasur.settings = {
+    username = "noah";
+    fullName = "Noah Masur";
+    # hostnames =
+    #   let
+    #     baseName = "masu.rs";
+    #   in
+    #   {
+    #     budget = "money.${baseName}";
+    #     git = "git.${baseName}";
+    #     influxdb = "influxdb.${baseName}";
+    #     irc = "irc.${baseName}";
+    #     metrics = "metrics.${baseName}";
+    #     minecraft = "minecraft.${baseName}";
+    #     n8n = "n8n.${baseName}";
+    #     notifications = "ntfy.${baseName}";
+    #     prometheus = "prom.${baseName}";
+    #     secrets = "vault.${baseName}";
+    #     status = "status.${baseName}";
+    #   };
+  };
+
+  nmasur.profiles = {
+    base.enable = true;
+    server.enable = true;
+    communications.enable = true;
+  };
+
+  home-manager.users."noah" = {
+    nmasur.settings = {
+      username = nmasur.settings.username;
+      fullName = nmasur.settings.fullName;
+    };
+    nmasur.profiles = {
+      common.enable = true;
+      linux-base.enable = true;
+    };
+    home.stateVersion = "23.05";
+  };
+
+  system.stateVersion = "23.05";
+  # File systems must be declared in order to boot
+
+  # This is the root filesystem containing NixOS
+  # I forgot to set a clean label for it
+  fileSystems."/" = {
+    device = "/dev/disk/by-uuid/e1b6bd50-306d-429a-9f45-78f57bc597c3";
+    fsType = "ext4";
+  };
+
+  # This is the boot filesystem for systemd-boot
+  fileSystems."/boot" = {
+    device = "/dev/disk/by-uuid/D5CA-237A";
+    fsType = "vfat";
+  };
+
+  # Allows private remote access over the internet
+  nmasur.presets.services.cloudflared = {
+    tunnel = {
+      id = "bd250ee1-ed2e-42d2-b627-039f1eb5a4d2";
+      credentialsFile = ../../../private/cloudflared-flame.age;
+      ca = "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBK/6oyVqjFGX3Uvrc3VS8J9sphxzAnRzKC85xgkHfYgR3TK6qBGXzHrknEj21xeZrr3G2y1UsGzphWJd9ZfIcdA= open-ssh-ca@cloudflareaccess.org";
+    };
+  };
+}

hosts-by-platform/default.nix

@@ -0,0 +1,44 @@
+# Return a list of all hosts
+
+nixpkgs:
+
+let
+  inherit (nixpkgs) lib;
+in
+
+{
+  # darwin-hosts = import ./darwin;
+  aarch64-darwin-hosts = lib.pipe (lib.filesystem.listFilesRecursive ./aarch64-darwin) [
+    # Get only files ending in default.nix
+    (builtins.filter (name: lib.hasSuffix "default.nix" name))
+    # Import each host function
+    (map (file: {
+      name = builtins.baseNameOf (builtins.dirOf file);
+      value = import file;
+    }))
+    # Convert to an attrset of hostname -> host function
+    (builtins.listToAttrs)
+  ];
+  aarch64-linux-hosts = lib.pipe (lib.filesystem.listFilesRecursive ./aarch64-linux) [
+    # Get only files ending in default.nix
+    (builtins.filter (name: lib.hasSuffix "default.nix" name))
+    # Import each host function
+    (map (file: {
+      name = builtins.baseNameOf (builtins.dirOf file);
+      value = import file;
+    }))
+    # Convert to an attrset of hostname -> host function
+    (builtins.listToAttrs)
+  ];
+  x86_64-linux-hosts = lib.pipe (lib.filesystem.listFilesRecursive ./x86_64-linux) [
+    # Get only files ending in default.nix
+    (builtins.filter (name: lib.hasSuffix "default.nix" name))
+    # Import each host function
+    (map (file: {
+      name = builtins.baseNameOf (builtins.dirOf file);
+      value = import file;
+    }))
+    # Convert to an attrset of hostname -> host function
+    (builtins.listToAttrs)
+  ];
+}

hosts-by-platform/x86_64-linux/default.nix

@@ -0,0 +1,22 @@
+# Return a list of all NixOS hosts
+
+{ nixpkgs, ... }:
+
+let
+  inherit (nixpkgs) lib;
+in
+
+lib.pipe (lib.filesystem.listFilesRecursive ./.) [
+  # Get only files ending in default.nix
+  (builtins.filter (name: lib.hasSuffix "default.nix" name))
+  # Remove this file
+  (builtins.filter (name: name != ./default.nix))
+  # Import each host function
+  map
+  (file: {
+    name = builtins.baseNameOf (builtins.dirOf file);
+    value = import file;
+  })
+  # Convert to an attrset of hostname -> host function
+  (builtins.listToAttrs)
+]

hosts-by-platform/x86_64-linux/swan/default.nix

@@ -0,0 +1,92 @@
+# The Swan
+# System configuration for my home NAS server
+
+rec {
+  networking.hostName = "swan";
+
+  nmasur.settings = {
+    username = "noah";
+    fullName = "Noah Masur";
+    # hostnames =
+    #   let
+    #     baseName = "masu.rs";
+    #   in
+    #   {
+    #     audiobooks = "read.${baseName}";
+    #     books = "books.${baseName}";
+    #     content = "cloud.${baseName}";
+    #     download = "download.${baseName}";
+    #     files = "files.${baseName}";
+    #     paperless = "paper.${baseName}";
+    #     photos = "photos.${baseName}";
+    #     prometheus = "prom.${baseName}";
+    #     stream = "stream.${baseName}";
+    #   };
+  };
+
+  nmasur.profiles = {
+    base.enable = true;
+    server.enable = true;
+    home.enable = true;
+    nas.enable = true;
+  };
+
+  home-manager.users."noah" = {
+    nmasur.settings = {
+      username = nmasur.settings.username;
+      fullName = nmasur.settings.fullName;
+    };
+    nmasur.profiles = {
+      common.enable = true;
+      linux-base.enable = true;
+    };
+    home.stateVersion = "23.05";
+  };
+
+  # Not sure what's necessary but too afraid to remove anything
+  boot.initrd.availableKernelModules = [
+    "xhci_pci"
+    "ahci"
+    "nvme"
+    "usb_storage"
+    "sd_mod"
+  ];
+
+  # Required for transcoding
+  boot.initrd.kernelModules = [ "amdgpu" ];
+  boot.kernelParams = [
+    "radeon.si_support=0"
+    "amdgpu.si_support=1"
+    "radeon.cik_support=0"
+    "amdgpu.cik_support=1"
+    "amdgpu.dc=1"
+  ];
+
+  # Required binary blobs to boot on this machine
+  hardware.enableRedistributableFirmware = true;
+
+  # Prioritize efficiency over performance
+  powerManagement.cpuFreqGovernor = "powersave";
+
+  # Allow firmware updates
+  hardware.cpu.intel.updateMicrocode = true;
+
+  # ZFS
+  # Generated with: head -c 8 /etc/machine-id
+  networking.hostId = "600279f4"; # Random ID required for ZFS
+
+  # Sets root ext4 filesystem instead of declaring it manually
+  disko = {
+    enableConfig = true;
+    devices = (import ../../disks/root.nix { disk = "/dev/nvme0n1"; });
+  };
+
+  # Allows private remote access over the internet
+  nmasur.presets.services.cloudflared = {
+    tunnel = {
+      id = "646754ac-2149-4a58-b51a-e1d0a1f3ade2";
+      credentialsFile = ../../private/cloudflared-swan.age;
+      ca = "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBCHF/UMtJqPFrf6f6GRY0ZFnkCW7b6sYgUTjTtNfRj1RdmNic1NoJZql7y6BrqQinZvy7nsr1UFDNWoHn6ah3tg= open-ssh-ca@cloudflareaccess.org";
+    };
+  };
+}

hosts-by-platform/x86_64-linux/tempest/default.nix

@@ -0,0 +1,117 @@
+# The Tempest
+# System configuration for my desktop
+
+rec {
+  # Hardware
+  networking.hostName = "tempest";
+
+  nmasur.settings = {
+    username = "noah";
+    fullName = "Noah Masur";
+    # hostnames =
+    #   let
+    #     baseName = "masu.rs";
+    #   in
+    #   {
+    #     prometheus = "prom.${baseName}";
+    #   };
+  };
+
+  nmasur.profiles = {
+    base.enable = true;
+    home.enable = true;
+    gui.enable = true;
+    gaming.enable = true;
+  };
+
+  home-manager.users."noah" = {
+    nmasur.settings = {
+      username = nmasur.settings.username;
+      fullName = nmasur.settings.fullName;
+    };
+    nmasur.profiles = {
+      common.enable = true;
+      linux-base.enable = true;
+      linux-gui.enable = true;
+      linux-gaming.enable = true;
+      power-user.enable = true;
+      developer.enable = true;
+      experimental.enable = true;
+    };
+    nmasur.presets.services.mbsync = {
+      user = nmasur.settings.username;
+      server = "noahmasur.com";
+    };
+    home.stateVersion = "23.05";
+  };
+
+  system.stateVersion = "23.05";
+  # Not sure what's necessary but too afraid to remove anything
+  boot.initrd.availableKernelModules = [
+    "nvme"
+    "xhci_pci"
+    "ahci"
+    "usb_storage"
+    "usbhid"
+    "sd_mod"
+  ];
+
+  # Graphics and VMs
+  boot.initrd.kernelModules = [ "amdgpu" ];
+  boot.kernelModules = [ "kvm-amd" ];
+  services.xserver.videoDrivers = [ "amdgpu" ];
+
+  # Required binary blobs to boot on this machine
+  hardware.enableRedistributableFirmware = true;
+
+  # Prioritize performance over efficiency
+  powerManagement.cpuFreqGovernor = "performance";
+
+  # Allow firmware updates
+  hardware.cpu.amd.updateMicrocode = true;
+
+  # Helps reduce GPU fan noise under idle loads
+  hardware.fancontrol.enable = true;
+  hardware.fancontrol.config = ''
+    # Configuration file generated by pwmconfig, changes will be lost
+    INTERVAL=10
+    DEVPATH=hwmon0=devices/pci0000:00/0000:00:03.1/0000:06:00.0/0000:07:00.0/0000:08:00.0
+    DEVNAME=hwmon0=amdgpu
+    FCTEMPS=hwmon0/pwm1=hwmon0/temp1_input
+    FCFANS= hwmon0/pwm1=hwmon0/fan1_input
+    MINTEMP=hwmon0/pwm1=50
+    MAXTEMP=hwmon0/pwm1=70
+    MINSTART=hwmon0/pwm1=100
+    MINSTOP=hwmon0/pwm1=10
+    MINPWM=hwmon0/pwm1=10
+    MAXPWM=hwmon0/pwm1=240
+  '';
+
+  # File systems must be declared in order to boot
+
+  # This is the root filesystem containing NixOS
+  fileSystems."/" = {
+    device = "/dev/disk/by-label/nixos";
+    fsType = "ext4";
+  };
+
+  # This is the boot filesystem for Grub
+  fileSystems."/boot" = {
+    device = "/dev/disk/by-label/boot";
+    fsType = "vfat";
+  };
+
+  # Allows private remote access over the internet
+  nmasur.presets.services.cloudflared = {
+    tunnel = {
+      id = "ac133a82-31fb-480c-942a-cdbcd4c58173";
+      credentialsFile = ../../../private/cloudflared-tempest.age;
+      ca = "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBPY6C0HmdFCaxYtJxFr3qV4/1X4Q8KrYQ1hlme3u1hJXK+xW+lc9Y9glWHrhiTKilB7carYTB80US0O47gI5yU4= open-ssh-ca@cloudflareaccess.org";
+    };
+  };
+
+  # Allows requests to force machine to wake up
+  # This network interface might change, needs to be set specifically for each machine.
+  # Or set usePredictableInterfaceNames = false
+  networking.interfaces.enp5s0.wakeOnLan.enable = true;
+}

platforms/home-manager/modules/nmasur/presets/programs/_1password.nix

@@ -25,8 +25,9 @@ in
     ] ++ (if pkgs.stdenv.isLinux then [ pkgs._1password-gui ] else [ ]);
 
     # Firefox extension
-    programs.firefox.profiles.default.extensions =
+    programs.firefox.profiles.default.extensions = [
-      pkgs.nur.repos.rycee.firefox-addons.onepassword-password-manager;
+      pkgs.nur.repos.rycee.firefox-addons.onepassword-password-manager
+    ];
   };
 
   # # https://1password.community/discussion/135462/firefox-extension-does-not-connect-to-linux-app

platforms/home-manager/modules/nmasur/presets/programs/aerc.nix

@@ -196,7 +196,7 @@ in
 
     xdg.desktopEntries.aerc = lib.mkIf (pkgs.stdenv.isLinux) {
       name = "aerc";
-      exec = "${config.terminalLaunchCommand} aerc %u";
+      exec = "${lib.getExe config.nmasur.presets.services.i3.terminal} aerc %u";
     };
     xsession.windowManager.i3.config.keybindings = lib.mkIf pkgs.stdenv.isLinux {
       "${config.xsession.windowManager.i3.config.modifier}+Shift+e" = "exec ${
@@ -205,7 +205,7 @@ in
           pkgs.writeShellScript "focus-mail.sh" ''
             count=$(ps aux | grep -c aerc)
             if [ "$count" -eq 1 ]; then
-                i3-msg "exec --no-startup-id ${config.terminal} start --class aerc -- aerc"
+                i3-msg "exec --no-startup-id ${lib.getExe config.nmasur.presets.services.i3.terminal} start --class aerc -- aerc"
                 sleep 0.25
             fi
             i3-msg "[class=aerc] focus"

platforms/home-manager/modules/nmasur/presets/programs/nixpkgs.nix

@@ -60,21 +60,21 @@ in
           body = # fish
             ''
               git -C ${config.nmasur.presets.programs.dotfiles.path} add --intent-to-add --all
-              echo "doas nixos-rebuild switch --flake ${config.nmasur.presets.programs.dotfiles.path}#${config.networking.hostName}"
+              echo "doas nixos-rebuild switch --flake ${config.nmasur.presets.programs.dotfiles.path}"
             '';
         };
         rebuild-nixos-offline = lib.mkIf config.nmasur.presets.programs.dotfiles.enable {
           body = # fish
             ''
               git -C ${config.nmasur.presets.programs.dotfiles.path} add --intent-to-add --all
-              echo "doas nixos-rebuild switch --option substitute false --flake ${config.nmasur.presets.programs.dotfiles.path}#${config.networking.hostName}"
+              echo "doas nixos-rebuild switch --option substitute false --flake ${config.nmasur.presets.programs.dotfiles.path}"
             '';
         };
         rebuild-home = lib.mkIf config.nmasur.presets.programs.dotfiles.enable {
           body = # fish
             ''
               git -C ${config.nmasur.presets.programs.dotfiles.path} add --intent-to-add --all
-              echo "${lib.getExe pkgs.home-manager} switch --flake ${config.nmasur.presets.programs.dotfiles.path}#${config.networking.hostName}";
+              echo "${lib.getExe pkgs.home-manager} switch --flake ${config.nmasur.presets.programs.dotfiles.path}";
             '';
         };
       };

platforms/home-manager/modules/nmasur/presets/services/i3.nix

@@ -184,34 +184,42 @@ in
             # Launchers
             "${modifier}+Return" =
               "exec --no-startup-id ${lib.getExe cfg.terminal}; workspace ${ws2}; layout tabbed";
-            "${modifier}+space" =
+            "${modifier}+space" = lib.mkIf (
-              lib.mkIf cfg.commands.launcher != null "exec --no-startup-id ${cfg.commands.launcher}";
+              cfg.commands.launcher != null
-            "${modifier}+Shift+s" =
+            ) "exec --no-startup-id ${cfg.commands.launcher}";
-              lib.mkIf cfg.commands.systemdSearch != null "exec --no-startup-id ${cfg.commands.systemdSearch}";
+            "${modifier}+Shift+s" = lib.mkIf (
-            "${modifier}+Shift+a" =
+              cfg.commands.systemdSearch != null
-              lib.mkIf cfg.commands.audioSwitch != null "exec --no-startup-id ${cfg.commands.audioSwitch}";
+            ) "exec --no-startup-id ${cfg.commands.systemdSearch}";
-            "Mod1+Tab" =
+            "${modifier}+Shift+a" = lib.mkIf (
-              lib.mkIf cfg.commands.applicationSwitch
+              cfg.commands.audioSwitch != null
-              != null "exec --no-startup-id ${cfg.commands.applicationSwitch}";
+            ) "exec --no-startup-id ${cfg.commands.audioSwitch}";
-            "${modifier}+Shift+period" =
+            "Mod1+Tab" = lib.mkIf (
-              lib.mkIf cfg.commands.power != null "exec --no-startup-id ${cfg.commands.power}";
+              cfg.commands.applicationSwitch != null
-            "${modifier}+Shift+m" =
+            ) "exec --no-startup-id ${cfg.commands.applicationSwitch}";
-              lib.mkIf cfg.commands.brightness != null "exec --no-startup-id ${cfg.commands.brightness}";
+            "${modifier}+Shift+period" = lib.mkIf (
-            "${modifier}+c" =
+              cfg.commands.power != null
-              lib.mkIf cfg.commands.calculator != null "exec --no-startup-id ${cfg.commands.calculator}";
+            ) "exec --no-startup-id ${cfg.commands.power}";
+            "${modifier}+Shift+m" = lib.mkIf (
+              cfg.commands.brightness != null
+            ) "exec --no-startup-id ${cfg.commands.brightness}";
+            "${modifier}+c" = lib.mkIf (
+              cfg.commands.calculator != null
+            ) "exec --no-startup-id ${cfg.commands.calculator}";
             "${modifier}+Shift+c" = "reload";
             "${modifier}+Shift+r" = "restart";
             "${modifier}+Shift+q" =
               ''exec "i3-nagbar -t warning -m 'You pressed the exit shortcut. Do you really want to exit i3? This will end your X session.' -B 'Yes, exit i3' 'i3-msg exit'"'';
-            "${modifier}+Shift+x" = lib.mkIf cfg.commands.lockScreen != null "exec ${cfg.commands.lockScreen}";
+            "${modifier}+Shift+x" = lib.mkIf (
+              cfg.commands.lockScreen != null
+            ) "exec ${cfg.commands.lockScreen}";
             "${modifier}+Mod1+h" =
-              "exec --no-startup-id ${lib.getExe cfg.terminal} -e sh -c '${pkgs.home-manager}/bin/home-manager switch --flake ${config.nmasur.presets.programs.dotfiles.path}#${config.networking.hostName} || read'";
+              "exec --no-startup-id ${lib.getExe cfg.terminal} -e sh -c '${pkgs.home-manager}/bin/home-manager switch --flake ${config.nmasur.presets.programs.dotfiles.path} || read'";
             "${modifier}+Mod1+r" =
-              "exec --no-startup-id ${lib.getExe cfg.terminal} -e sh -c 'doas nixos-rebuild switch --flake ${config.nmasur.presets.programs.dotfiles.path}#${config.networking.hostName} || read'";
+              "exec --no-startup-id ${lib.getExe cfg.terminal} -e sh -c 'doas nixos-rebuild switch --flake ${config.nmasur.presets.programs.dotfiles.path} || read'";
 
             # Window options
             "${modifier}+q" = "kill";
-            "${modifier}+b" = lib.mkIf cfg.commands.toggleBar "exec ${cfg.commands.toggleBar}";
+            "${modifier}+b" = lib.mkIf (cfg.commands.toggleBar != null) "exec ${cfg.commands.toggleBar}";
             "${modifier}+f" = "fullscreen toggle";
             "${modifier}+h" = "focus left";
             "${modifier}+j" = "focus down";

platforms/nixos/modules/nmasur/profiles/base.nix

@@ -57,5 +57,7 @@ in
 
     };
 
+    allowUnfreePackages = config.home-manager.users.${username}.allowUnfreePackages;
+
   };
 }