ShatteredMINT/NixosConfig
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: ShatteredMINT:main
Branches Tags
ShatteredMINT:main
..
compare: ShatteredMINT:ec0811d65e17960773c7a003638a13cd2d7896dd
Branches Tags
ShatteredMINT:main

1 Commits
main ... ec0811d65e

Author SHA1 Message Date
ShatteredMINT
ec0811d65e add options to allow backing up to specific machine 2024-12-12 22:24:39 +01:00
12 changed files with 56 additions and 268 deletions
Expand all files Collapse all files

14
backup-target.nix
View File

@@ -5,23 +5,11 @@
users.users.backup = { users.users.backup = {
isNormalUser = true; isNormalUser = true;
openssh.authorizedKeys.keys = [ openssh.authorizedKeys.keys = [
''command="${pkgs.rrsync}/bin/rrsync /mnt/backup",restrict ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIF1e7hxxQD7pVKMquEuiBrLNFfx9ZRAOU1SGky4iXacD'' ''command="${pkgs.rrsync}/bin/rrsync /mnt/backup/",restrict sh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIF1e7hxxQD7pVKMquEuiBrLNFfx9ZRAOU1SGky4iXacD Ithuriel@openmediavault''
#''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIF1e7hxxQD7pVKMquEuiBrLNFfx9ZRAOU1SGky4iXacD Ithuriel@openmediavault''
]; ];
packages = [ packages = [
pkgs.rsync pkgs.rsync
pkgs.rrsync
]; ];
}; };
fileSystems."/mnt/backup" =
{
#depends = [ "/" ];
device = "BACKUP/backup";
fsType = "zfs";
options = [ "nofail" ];
};
networking.firewall.allowedTCPPorts = [ 22 ];
} }

45
configuration.nix
View File

@@ -21,6 +21,26 @@
}; };
# leftover from the original config # leftover from the original config
boot.loader.efi.canTouchEfiVariables = true; boot.loader.efi.canTouchEfiVariables = true;
# mount network shares
fileSystems."/mnt/nas/private" = {
device = "dashboard.omv:/ShatteredMINT";
fsType = "nfs";
options = [ "x-systemd.automount" "noauto" ];
};
fileSystems."/mnt/nas/shared" = {
device = "dashboard.omv:/default-nas";
fsType = "nfs";
options = [ "x-systemd.automount" "noauto" ];
};
networking.hostName = "nix-desk"; # Define your hostname.
networking.networkmanager.enable = true; # Easiest to use and most distros use this by default.
# required for ZFS
networking.hostId = "00000001";
# Set your time zone. # Set your time zone.
time.timeZone = "Europe/Berlin"; time.timeZone = "Europe/Berlin";
@@ -48,12 +68,11 @@
fonts = { fonts = {
packages = with pkgs; [ packages = with pkgs; [
# nerdfonts nerdfonts
# TODO after 25.05 # TODO after 25.05
# change to only install explicit fonts # change to only install explicit fonts
nerd-fonts.jetbrains-mono # nerd-fonts.jetbrains-mono
# does not exist
# nerd-fonts.jetbrains # nerd-fonts.jetbrains
]; ];
@@ -75,6 +94,9 @@
# Enable touchpad support (enabled default in most desktopManager). # Enable touchpad support (enabled default in most desktopManager).
# services.libinput.enable = true; # services.libinput.enable = true;
# enable flatpak
services.flatpak.enable = true;
# List packages installed in system profile. To search, run: # List packages installed in system profile. To search, run:
# $ nix search wget # $ nix search wget
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
@@ -83,6 +105,10 @@
htop htop
]; ];
# allow specific users to affect system configuration
users.groups.nixos-admins = {};
users.users.root.extraGroups = [ "nixos-admins" ];
# Some programs need SUID wrappers, can be configured further or are # Some programs need SUID wrappers, can be configured further or are
# started in user sessions. # started in user sessions.
# programs.mtr.enable = true; # programs.mtr.enable = true;
@@ -94,18 +120,7 @@
# List services that you want to enable: # List services that you want to enable:
# Enable the OpenSSH daemon. # Enable the OpenSSH daemon.
services.openssh = { # services.openssh.enable = true;
enable = true;
ports = [ 22 ];
settings = {
PasswordAuthentication = true;
KbdInteractiveAuthentication = false;
# AllowUsers = [ "backup" ];
# UseDns = true;
X11Forwarding = false;
PermitRootLogin = "no";
};
};
# Open ports in the firewall. # Open ports in the firewall.
# networking.firewall.allowedTCPPorts = [ ... ]; # networking.firewall.allowedTCPPorts = [ ... ];

70
devices/conv.nix
View File

@@ -1,70 +0,0 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
imports =
[ (modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "usb_storage" "sd_mod" "rtsx_pci_sdmmc" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-amd" ];
boot.extraModulePackages = [ ];
fileSystems."/" =
{ device = "NIX_CONV_POOL/root";
fsType = "zfs";
};
fileSystems."/nix" =
{ device = "NIX_CONV_POOL/nix";
fsType = "zfs";
};
fileSystems."/var" =
{ device = "NIX_CONV_POOL/var";
fsType = "zfs";
};
fileSystems."/home" =
{ device = "NIX_CONV_POOL/home";
fsType = "zfs";
};
fileSystems."/boot" =
{ device = "/dev/disk/by-uuid/334B-15CD";
fsType = "vfat";
options = [ "fmask=0022" "dmask=0022" ];
};
swapDevices =
[ { device = "/dev/disk/by-uuid/b3e53298-fdcf-41c5-b80b-6f1ef1dceeae"; }
];
networking.hostName = "nix-conv"; # Define your hostname.
networking.hostId = "00000002";
# Pick only one of the below networking options.
# networking.wireless.enable = true; # Enables wireless support via wpa_supplicant.
networking.networkmanager.enable = true; # Easiest to use and most distros use this by default.
# BLUETOOTH
hardware.bluetooth = {
enable = true;
powerOnBoot = true;
settings.General.Experimental = true;
};
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true;
# networking.interfaces.enp4s0f3u1u4u1.useDHCP = lib.mkDefault true;
# networking.interfaces.wlp2s0.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
}

61
devices/nas.nix
View File

@@ -1,61 +0,0 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
imports =
[ (modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "usb_storage" "sd_mod" "rtsx_pci_sdmmc" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ ];
boot.extraModulePackages = [ ];
fileSystems."/" =
{ device = "NIX_CONV_POOL/root";
fsType = "zfs";
};
fileSystems."/nix" =
{ device = "NIX_CONV_POOL/nix";
fsType = "zfs";
};
fileSystems."/var" =
{ device = "NIX_CONV_POOL/var";
fsType = "zfs";
};
fileSystems."/home" =
{ device = "NIX_CONV_POOL/home";
fsType = "zfs";
};
fileSystems."/boot" =
{ device = "/dev/disk/by-uuid/334B-15CD";
fsType = "vfat";
options = [ "fmask=0022" "dmask=0022" ];
};
#swapDevices =
# [ { device = "/dev/disk/by-uuid/b3e53298-fdcf-41c5-b80b-6f1ef1dceeae"; }
# ];
networking.hostName = "nix-nas"; # Define your hostname.
networking.hostId = "00000003";
# Pick only one of the below networking options.
# networking.wireless.enable = true; # Enables wireless support via wpa_supplicant.
networking.networkmanager.enable = true; # Easiest to use and most distros use this by default.
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true;
# networking.interfaces.enp4s0f3u1u4u1.useDHCP = lib.mkDefault true;
# networking.interfaces.wlp2s0.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "aarch64-linux";
}

15
flake.lock generated
View File

@@ -7,31 +7,32 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1759573136, "lastModified": 1733572789,
"narHash": "sha256-ILSPD0Dm8p0w0fCVzOx98ZH8yFDrR75GmwmH3fS2VnE=", "narHash": "sha256-zjO6m5BqxXIyjrnUziAzk4+T4VleqjstNudSqWcpsHI=",
"owner": "nix-community", "owner": "nix-community",
"repo": "home-manager", "repo": "home-manager",
"rev": "5f06ceafc6c9b773a776b9195c3f47bbe1defa43", "rev": "c7ffc9727d115e433fd884a62dc164b587ff651d",
"type": "github" "type": "github"
}, },
"original": { "original": {
"owner": "nix-community", "owner": "nix-community",
"ref": "release-24.11",
"repo": "home-manager", "repo": "home-manager",
"type": "github" "type": "github"
} }
}, },
"nixpkgs": { "nixpkgs": {
"locked": { "locked": {
"lastModified": 1759381078, "lastModified": 1733808091,
"narHash": "sha256-gTrEEp5gEspIcCOx9PD8kMaF1iEmfBcTbO0Jag2QhQs=", "narHash": "sha256-KWwINTQelKOoQgrXftxoqxmKFZb9pLVfnRvK270nkVk=",
"owner": "NixOs", "owner": "NixOs",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "7df7ff7d8e00218376575f0acdcc5d66741351ee", "rev": "a0f3e10d94359665dba45b71b4227b0aeb851f8e",
"type": "github" "type": "github"
}, },
"original": { "original": {
"owner": "NixOs", "owner": "NixOs",
"ref": "nixos-unstable", "ref": "nixos-24.11",
"repo": "nixpkgs", "repo": "nixpkgs",
"type": "github" "type": "github"
} }

39
flake.nix
View File

@@ -2,9 +2,9 @@
description = "Flake to handle all my infrastructure"; description = "Flake to handle all my infrastructure";
inputs = { inputs = {
nixpkgs.url = "github:NixOs/nixpkgs/nixos-unstable"; nixpkgs.url = "github:NixOs/nixpkgs/nixos-24.11";
home-manager = { home-manager = {
url = "github:nix-community/home-manager"; url = "github:nix-community/home-manager/release-24.11";
# follow defined nixpkgs to prevent version mismatch # follow defined nixpkgs to prevent version mismatch
inputs.nixpkgs.follows = "nixpkgs"; inputs.nixpkgs.follows = "nixpkgs";
@@ -20,42 +20,11 @@
system = "x86_64-linux"; system = "x86_64-linux";
specialArgs = inputs; specialArgs = inputs;
modules = [ modules = [
./devices/desk.nix ./hardware/desk.nix
./hardware/nvidia.nix
./configuration.nix ./configuration.nix
./nvidia.nix
./plasma.nix ./plasma.nix
./network-shares.nix
./backup-target.nix
./users/shatteredmint.nix
./qemu-bridges.nix
];
};
nix-conv = lib.nixosSystem {
system = "x86_64-linux";
specialArgs = inputs;
modules = [
./devices/conv.nix
./configuration.nix
./plasma.nix
./users/shatteredmint.nix
./network-shares.nix
];
};
nix-nas = lib.nixosSystem {
system = "aarch64-linux";
specialArgs = inputs;
modules = [
./devices/nas.nix
./configuration.nix
./users/shatteredmint.nix ./users/shatteredmint.nix
]; ];

9
devices/desk.nix → hardware/desk.nix
View File

@@ -11,7 +11,7 @@
boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "ahci" "usbhid" "usb_storage" "sd_mod" "sr_mod" ]; boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "ahci" "usbhid" "usb_storage" "sd_mod" "sr_mod" ];
boot.initrd.kernelModules = [ ]; boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-amd" "sg" ]; boot.kernelModules = [ "kvm-amd" ];
boot.extraModulePackages = [ ]; boot.extraModulePackages = [ ];
fileSystems."/" = fileSystems."/" =
@@ -48,14 +48,9 @@
# (the default) this is the recommended approach. When using systemd-networkd it's # (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction # still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`. # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
# networking.useDHCP = lib.mkDefault true; networking.useDHCP = lib.mkDefault true;
# networking.interfaces.enp4s0.useDHCP = lib.mkDefault true; # networking.interfaces.enp4s0.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
networking.hostName = "nix-desk"; # Define your hostname.
networking.networkmanager.enable = true; # Easiest to use and most distros use this by default.
# required for ZFS
networking.hostId = "00000001";
} }

17
network-shares.nix
View File

@@ -1,17 +0,0 @@
{ config, lib, pkgs, ... }:
{
# mount network shares
fileSystems."/mnt/nas/private" = {
device = "dashboard.omv:/ShatteredMINT";
fsType = "nfs";
options = [ "x-systemd.automount" "noauto" ];
};
fileSystems."/mnt/nas/shared" = {
device = "dashboard.omv:/default-nas";
fsType = "nfs";
options = [ "x-systemd.automount" "noauto" ];
};
}

2
hardware/nvidia.nix → nvidia.nix
View File

@@ -19,6 +19,6 @@
nvidiaSettings = true; nvidiaSettings = true;
# set specific version # set specific version
package = config.boot.kernelPackages.nvidiaPackages.latest; package = config.boot.kernelPackages.nvidiaPackages.stable;
}; };
} }

3
plasma.nix
View File

@@ -12,8 +12,7 @@
pkgs.kdePackages.elisa pkgs.kdePackages.elisa
]; ];
# enable flatpak
services.flatpak.enable = true;
# Enable sound. # Enable sound.
services.pipewire = { services.pipewire = {

18
qemu-bridges.nix
View File

@@ -1,18 +0,0 @@
{ config, libs, pkgs, ... }:
{
networking.bridges.virtbr0.interfaces = [
"enp4s0"
];
boot.kernel.sysctl."net.ipv4.ip_forward" = 1;
networking.interfaces.virtbr0 = {
useDHCP = true;
};
virtualisation.libvirtd = {
enable = true;
allowedBridges = [ "virtbr0" ];
};
}

19
users/shatteredmint.nix
View File

@@ -6,11 +6,8 @@
users.users.shatteredmint = { users.users.shatteredmint = {
isNormalUser = true; isNormalUser = true;
extraGroups = [ "wheel" "nixos-admins" "cdrom" ]; extraGroups = [ "wheel" "nixos-admins" ];
shell = pkgs.zsh; shell = pkgs.zsh;
openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKT9u43WNMlu3gnu5z9Twt1vkdNdpf6REfEK/OT4qxjK shatteredmint"
];
}; };
@@ -33,7 +30,7 @@
ignoreAllDups = true; ignoreAllDups = true;
}; };
initContent = '' initExtra = ''
bindkey '^?' backward-delete-char bindkey '^?' backward-delete-char
bindkey '\e[3~' delete-char bindkey '\e[3~' delete-char
autoload -Uz vcs_info autoload -Uz vcs_info
@@ -51,30 +48,20 @@
userName = "ShatteredMINT"; userName = "ShatteredMINT";
extraConfig = { extraConfig = {
init.defaultBranch = "main"; init.defaultBranch = "main";
pull.rebase = true;
}; };
}; };
programs.neovim = {
enable = true;
extraPackages = with pkgs; [
wl-clipboard
];
};
home.packages = with pkgs; [ home.packages = with pkgs; [
thunderbird thunderbird
firefox firefox
lazygit lazygit
veracrypt veracrypt
keepassxc keepassxc
kdePackages.yakuake yakuake
cargo cargo
zig zig
clang clang
nil nil
wl-clipboard
makemkv
]; ];
home.sessionPath = [ home.sessionPath = [