Preparing for lepatus install

2023-07-17 16:50:07 +02:00 · 2023-07-17 16:50:07 +02:00 · 9aa1107324
parent da56401123
commit 9aa1107324
23 changed files with 176 additions and 29 deletions
--- a/common/themes/default.nix
+++ b/common/themes/default.nix
@ -8,7 +8,7 @@ let
    };

    catppuccin-latte = {
-      image = ./wallpapers/auto/catppuccin-latte-city.png;
+      image = ./wallpapers/eye.png;
      base16Scheme = "${inputs.catppuccin-base16}/base16/latte.yaml";
      polarity = "light";
    };
--- a/dotfiles/neovim/README.md
+++ b/dotfiles/neovim/README.md
@ -76,6 +76,7 @@ The `<leader>f` namespace contains keybinds which search for a specific filetype
 | \<leader>ft | Typescript Files         |                        |
 | \<leader>fl | Latex Files              |                        |
 | \<leader>fp | Purescript Files         |                        |
+| \<leader>fn | Nix Files                |                        |

 ### Cmp

--- a/dotfiles/neovim/lua/my/plugins/telescope.lua
+++ b/dotfiles/neovim/lua/my/plugins/telescope.lua
@ -29,6 +29,7 @@ local keybinds = {
  { "<C-P>", "find_files", "Find files" },
  { "<Leader>ft", find_files_by_extension("tex"), "[F]ind [t]ex files" },
  { "<Leader>fl", find_files_by_extension("lua"), "[F]ind [l]ua files" },
+  { "<Leader>fn", find_files_by_extension("nix"), "[F]ind [n]ix files" },
  {
    "<Leader>fp",
    find_files_by_extension("purs"),
--- a/home/features/cli/default.nix
+++ b/home/features/cli/default.nix
@ -31,5 +31,6 @@
    unrar # For extracting shit from rars
    tokei # Useless but fun line of code counter (sloc alternative)
    bottom # System monitor
+    tldr # Example based cli docs
  ];
 }
--- a/home/features/cli/gpg.nix
+++ b/home/features/cli/gpg.nix
--- a/home/features/persistence.nix
+++ b/home/features/persistence.nix
@ -95,9 +95,9 @@
  # {{{ Wine
  satellite.persistence.at.state.apps.Wine.directories = [ ".wine" ];
  # }}}
-  # {{{ Syncthing
-  satellite.persistence.at.state.apps.Syncthing.directories = [
-    "${config.xdg.configHome}/syncthing" # Syncthing config data
-  ];
-  # }}}
+  # # {{{ Syncthing
+  # satellite.persistence.at.state.apps.Syncthing.directories = [
+  #   "${config.xdg.configHome}/syncthing" # Syncthing config data
+  # ];
+  # # }}}
 }
--- a/home/features/wayland/hyprland/hyprland.conf
+++ b/home/features/wayland/hyprland/hyprland.conf
@ -33,7 +33,7 @@ gestures {
 }

 # Execute apps at launch
-exec-once = wezterm & firefox & discocss & spotify & Obsidian
+exec-once = wezterm & firefox & discocss & spotify & obsidian

 # {{{ Window rules
 # {{{ Automatically move stuff to workspaces
--- a/home/features/wayland/wlsunset.nix
+++ b/home/features/wayland/wlsunset.nix
@ -16,6 +16,7 @@ in
 {
  services.wlsunset = {
    enable = true;
+    systemdTarget = "hyprland-session.target";

    # Random Netherlands coordinates
    latitude = "53.2";
--- a/home/lapetus.nix
+++ b/home/lapetus.nix
@ -0,0 +1,26 @@
+{ pkgs, inputs, ... }: {
+  imports = [ ./global ];
+
+  # Arbitrary extra packages
+  home.packages = [
+    # Clis
+    inputs.agenix.packages.${pkgs.system}.agenix # Secret encryption
+  ];
+
+  satellite = {
+    # Set up my custom imperanence wrapper
+    persistence = {
+      enable = true;
+
+      # Actual data/media (eg: projects, images, videos, etc)
+      at.data.path = "/persist/data";
+      at.data.prefixDirectories = false;
+
+      # App state I want to keep
+      at.state.path = "/persist/state";
+
+      # App state which I should be able to delete at any point
+      at.cache.path = "/persist/local/cache";
+    };
+  };
+}
--- a/hosts/nixos/common/global/default.nix
+++ b/hosts/nixos/common/global/default.nix
@ -1,5 +1,5 @@
 # Configuration pieces included on all (nixos) hosts
-{ inputs, outputs, lib, ... }:
+{ inputs, outputs, ... }:
 let
  imports = [
    inputs.hyprland.nixosModules.default
@ -9,6 +9,7 @@ let
    inputs.impermanence.nixosModule
    inputs.slambda.nixosModule

+    ./persistence.nix
    ./nix.nix
    ./openssh.nix
    ./fish.nix
--- a/hosts/nixos/common/global/locale.nix
+++ b/hosts/nixos/common/global/locale.nix
@ -1,4 +1,4 @@
-{ pkgs, ... }: {
+{
  i18n.defaultLocale = "en_US.UTF-8";
-  time.timeZone = "Europe/Amsterdam";
+  time.timeZone = "Europe/Bucharest";
 }
--- a/hosts/nixos/common/global/openssh.nix
+++ b/hosts/nixos/common/global/openssh.nix
@ -14,7 +14,6 @@ in
  services.openssh = {
    enable = true;

-
    settings = {
      # Forbid root login through SSH.
      PermitRootLogin = "no";
--- a/hosts/nixos/common/global/persistence.nix
+++ b/hosts/nixos/common/global/persistence.nix
@ -0,0 +1,5 @@
+{
+  environment.persistence."/persist/state".files = [
+    "/etc/machine-id"
+  ];
+}
--- a/hosts/nixos/common/global/wireless/default.nix
+++ b/hosts/nixos/common/global/wireless/default.nix
@ -1,4 +1,4 @@
-{ config, lib, ... }: {
+{ config, ... }: {
  # Wireless secrets stored through agenix
  age.secrets.wireless.file = ./wifi_passwords.age;

@ -10,10 +10,10 @@
    # Declarative
    environmentFile = config.age.secrets.wireless.path;
    networks = {
-      "Neptune".psk = "@PHONE_HOTSPOT_PASS@";
+      "Neptune".psk = "@ENCELADUS_HOTSPOT_PASS@";
      "Familia-Matei".psk = "@TG_HOME_PASS@";
      "Familia-Matei-PRO".psk = "@TG_HOME_PASS@";
-      "Sailhorse".psk = "@NL_SAILHORSE_PASS@";
+      "Sailhorse".psk = "@NL_PLACE_0_PASS@";

      "FOSDEM-Dualstack" = { };

--- a/hosts/nixos/common/global/wireless/wifi_passwords.age
+++ b/hosts/nixos/common/global/wireless/wifi_passwords.age
@ -1,10 +1,10 @@
 age-encryption.org/v1
-> ssh-ed25519 UUF9JQ lWy89GkBQq7b8BMhNqcYiLQydJN3NOtEAraD6w7a4BU
-yaxGbbU7zClnF2/11nvknkh360rYZBtjcUSuGbraUKI
-> ssh-ed25519 qgVaDQ 7uDDtpluRUrXPoGtj45pt89hIZDsZ6THuTSh8YlGu3M
-8iGv/qIMGE9oVMJAWoFDBnsXZaoYzNwxzV0YVZpEnxE
-> ^`YEpz-grease G9[ h<e mQ
-znM8qmjWKPPTkI2jttyV2lmdD/6RikleQA1WK3BqISaiQ0gBEy9kmAzjyzlPFVrW
-9nXh2nFeCAr7R2UHMupBHJ1Meo72ufwrAZYMcLxB
--- nPUDLG8xI0qIoFkwDVNa2DKf2/BSdVRKmUjfTo0R1Es
-ø¾E$¡\oõ.,ƒ˜lÁöï”hilÎZVÃ3ÔØõ´ÕŸ8K™WªÿkÅãU<C3A3>2HjN@‚2½	«#Œƒêeç_$NþØF'Pæ§mŠdA¨ô‚Ð6Å6Ð¯ª¥MÈ÷Ü›ÞN…ëXû›h<E280BA>©.á¹¸9®ýG_ŸØÂ·¼y4
ùòy
+-> ssh-ed25519 UUF9JQ DSej3R3rllWa8hJPGoMZcEIMNb5Fdr2kj3QT2VP4Slg
+eq6+W/naFadnfA6iuZ4mLeJA8mIATenivmSPvM0IOdk
+-> ssh-ed25519 qgVaDQ iXTnXO2YIarah7rk8p2585tdpei6s+xMyr3iZAlmAj0
+M7cBqZZrxnImgcXp6saeBLMPnw3ogmVIOn/NMhRI97Y
+-> TED-grease z ;"0 [2 G5M
+u7n1btlGnv/Qz0jJ
+--- eu72XdP32dvM2PHwBp2a8Z5qbN8XuIQpOlWE7VVWN6c
+nÝ‘ŔrŞ =|Ú(<28>Ei„5ň
+ĂňS=-n#†ş<E280A0>7\Ůř‹Ť<E280B9>+ó¶`Ľ‡×.3Ő<>†˘|IüB~Ç2Ő§vi ÷™QĆP_¸¤4ÇĽ,l6ůqSždľÍ»[>ĘkŘ0~šlrŇiě$rŘ4®8Ö>ÂđXí]âż3eÉgĘű#î–9Řeü%lS@f
--- a/hosts/nixos/common/optional/syncthing.nix
+++ b/hosts/nixos/common/optional/syncthing.nix
@ -1,14 +1,16 @@
+let
+  user = "adrielus";
+  group = "syncthing";
+in
 {
  services.syncthing = {
+    inherit user group;
    enable = true;

    openDefaultPorts = true;

-    configDir = "/home/adrielus/.config/syncthing";
+    configDir = "/persist/state/home/adrielus/Syncthing/.config/syncthing";
    dataDir = "/persist/data/syncthing";
-
-    user = "adrielus";
-    group = "syncthing";
    # guiAddress = "0.0.0.0:8384"; # TODO: put this behind nginx

    overrideDevices = true;
@ -18,6 +20,12 @@
      "enceladus" = { id = "QWOAERM-V2FNXPI-TB7NFUS-LKW7JTB-IZY4OEZ-FYDPJNP-6IKPW4Y-YREXDQM"; };
    };

+    extraOptions = {
+      options = {
+        crashReportingEnabled = false;
+      };
+    };
+
    folders = {
      "stellar-sanctum" = {
        path = "/home/adrielus/Projects/stellar-sanctum/";
--- a/hosts/nixos/common/users/adrielus.nix
+++ b/hosts/nixos/common/users/adrielus.nix
@ -12,6 +12,10 @@
      # Adds me to some default groups, and creates the home dir 
      isNormalUser = true;

+      # Not sure if this works, but it's supposed to be the password
+      # assigned when the user is first created.
+      initialPassword = "pleasechangeme";
+
      # File containing my password, managed by agenix
      passwordFile = config.age.secrets.adrielusPassword.path;

@ -25,6 +29,7 @@
        "audio" # Audio devices
        "video" # Webcam and the like
        "network" # wpa_supplicant
+        "syncthing" # syncthing!
      ];

      openssh.authorizedKeys.keyFiles =
--- a/hosts/nixos/euporie/default.nix
+++ b/hosts/nixos/euporie/default.nix
@ -4,7 +4,6 @@
    ../common/users/guest.nix

    ../common/optional/pipewire.nix
-    ../common/optional/touchpad.nix
    ../common/optional/lightdm.nix
    ../common/optional/xdg-portal.nix
    ../common/optional/hyprland.nix
--- a/hosts/nixos/lapetus/default.nix
+++ b/hosts/nixos/lapetus/default.nix
@ -0,0 +1,22 @@
+{
+  imports = [
+    ../common/global
+    ../common/users/adrielus.nix
+    ../common/optional/slambda.nix
+
+    ./hardware-configuration.nix
+    ./boot.nix
+  ];
+
+  # Set the name of this machine!
+  networking.hostName = "lapetus";
+
+  # https://nixos.wiki/wiki/FAQ/When_do_I_update_stateVersion
+  system.stateVersion = "22.11";
+
+  # Boot
+  boot.loader.grub = {
+    enable = true;
+    device = "/dev/sda";
+  };
+}
--- a/hosts/nixos/lapetus/hardware-configuration.nix
+++ b/hosts/nixos/lapetus/hardware-configuration.nix
@ -0,0 +1,2 @@
+{
+}
--- a/hosts/nixos/lapetus/id_ed25519.pub
+++ b/hosts/nixos/lapetus/id_ed25519.pub
@ -0,0 +1 @@
+ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINmdOiG0elKHvJ5yoUMd8I5qQdygvjdq45bxv65K230G tethys
--- a/hosts/nixos/lapetus/partitions.nix
+++ b/hosts/nixos/lapetus/partitions.nix
@ -0,0 +1,76 @@
+{ disks ? [ "/dev/vdb" "/dev/vdc" ], ... }: {
+  disko.devices = {
+    # {{{ Disks
+    disk = {
+      vdb = {
+        type = "disk";
+        device = builtins.elemAt disks 0;
+        content = {
+          type = "table";
+          format = "gpt";
+          partitions = [
+            {
+              name = "ESP";
+              start = "1MiB";
+              end = "100MiB";
+              bootable = true;
+              content = {
+                type = "filesystem";
+                format = "vfat";
+                mountpoint = "/boot";
+                mountOptions = [
+                  "defaults"
+                ];
+              };
+            }
+            {
+              start = "100MiB";
+              end = "100%";
+              name = "primary";
+              content = {
+                type = "zfs";
+                pool = "zroot";
+              };
+            }
+          ];
+        };
+      };
+    };
+    # }}}
+    # {{{ zpools
+    zpool = {
+      zroot = {
+        type = "zpool";
+        postCreateHook = ''
+          zfs snapshot zroot@blank
+          zfs set keylocation="prompt" "zroot";
+        '';
+        rootFsOptions = {
+          compression = "lz4";
+          "com.sun:auto-snapshot" = "false";
+          encryption = "aes-256-gcm";
+          keyformat = "passphrase";
+          keylocation = "file:///tmp/secret.key";
+        };
+
+        # {{{ Datasets
+        datasets = {
+          "root/persist/data" = {
+            mountpoint = "/persist/data";
+            options."com.sun:auto-snapshot" = "true";
+          };
+          "root/persist/state" = {
+            mountpoint = "/persist/state";
+            options."com.sun:auto-snapshot" = "true";
+          };
+          "root/local/nix" = { mountpoint = "/nix"; };
+          "root/local/cache" = {
+            mountpoint = "/persist/local/cache";
+          };
+        };
+        # }}}
+      };
+    };
+  };
+  # }}}
+}
--- a/hosts/nixos/tethys/default.nix
+++ b/hosts/nixos/tethys/default.nix
@ -4,7 +4,6 @@
    ../common/users/adrielus.nix

    ../common/optional/pipewire.nix
-    ../common/optional/touchpad.nix
    ../common/optional/xserver.nix
    ../common/optional/lightdm.nix
    ../common/optional/steam.nix
				`@ -0,0 +1 @@`
				`ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINmdOiG0elKHvJ5yoUMd8I5qQdygvjdq45bxv65K230G tethys`