From 9aa1107324eb69a0cef79a3cfe120375f404063a Mon Sep 17 00:00:00 2001 From: Matei Adriel Date: Mon, 17 Jul 2023 16:50:07 +0200 Subject: [PATCH] Preparing for lepatus install --- common/themes/default.nix | 2 +- dotfiles/neovim/README.md | 1 + dotfiles/neovim/lua/my/plugins/telescope.lua | 1 + home/features/cli/default.nix | 1 + home/features/cli/gpg.nix | 0 home/features/persistence.nix | 10 +-- home/features/wayland/hyprland/hyprland.conf | 2 +- home/features/wayland/wlsunset.nix | 1 + home/lapetus.nix | 26 +++++++ hosts/nixos/common/global/default.nix | 3 +- hosts/nixos/common/global/locale.nix | 4 +- hosts/nixos/common/global/openssh.nix | 1 - hosts/nixos/common/global/persistence.nix | 5 ++ .../nixos/common/global/wireless/default.nix | 6 +- .../common/global/wireless/wifi_passwords.age | 18 ++--- hosts/nixos/common/optional/syncthing.nix | 16 +++- hosts/nixos/common/users/adrielus.nix | 5 ++ hosts/nixos/euporie/default.nix | 1 - hosts/nixos/lapetus/default.nix | 22 ++++++ .../nixos/lapetus/hardware-configuration.nix | 2 + hosts/nixos/lapetus/id_ed25519.pub | 1 + hosts/nixos/lapetus/partitions.nix | 76 +++++++++++++++++++ hosts/nixos/tethys/default.nix | 1 - 23 files changed, 176 insertions(+), 29 deletions(-) create mode 100644 home/features/cli/gpg.nix create mode 100644 home/lapetus.nix create mode 100644 hosts/nixos/common/global/persistence.nix create mode 100644 hosts/nixos/lapetus/default.nix create mode 100644 hosts/nixos/lapetus/hardware-configuration.nix create mode 100644 hosts/nixos/lapetus/id_ed25519.pub create mode 100644 hosts/nixos/lapetus/partitions.nix diff --git a/common/themes/default.nix b/common/themes/default.nix index 8b6916c..d0a3622 100644 --- a/common/themes/default.nix +++ b/common/themes/default.nix @@ -8,7 +8,7 @@ let }; catppuccin-latte = { - image = ./wallpapers/auto/catppuccin-latte-city.png; + image = ./wallpapers/eye.png; base16Scheme = "${inputs.catppuccin-base16}/base16/latte.yaml"; polarity = "light"; }; diff --git a/dotfiles/neovim/README.md b/dotfiles/neovim/README.md index 3f42ea4..a9c1b30 100644 --- a/dotfiles/neovim/README.md +++ b/dotfiles/neovim/README.md @@ -76,6 +76,7 @@ The `f` namespace contains keybinds which search for a specific filetype | \ft | Typescript Files | | | \fl | Latex Files | | | \fp | Purescript Files | | +| \fn | Nix Files | | ### Cmp diff --git a/dotfiles/neovim/lua/my/plugins/telescope.lua b/dotfiles/neovim/lua/my/plugins/telescope.lua index 1f526ca..cba6c60 100644 --- a/dotfiles/neovim/lua/my/plugins/telescope.lua +++ b/dotfiles/neovim/lua/my/plugins/telescope.lua @@ -29,6 +29,7 @@ local keybinds = { { "", "find_files", "Find files" }, { "ft", find_files_by_extension("tex"), "[F]ind [t]ex files" }, { "fl", find_files_by_extension("lua"), "[F]ind [l]ua files" }, + { "fn", find_files_by_extension("nix"), "[F]ind [n]ix files" }, { "fp", find_files_by_extension("purs"), diff --git a/home/features/cli/default.nix b/home/features/cli/default.nix index af5e5df..d653e40 100644 --- a/home/features/cli/default.nix +++ b/home/features/cli/default.nix @@ -31,5 +31,6 @@ unrar # For extracting shit from rars tokei # Useless but fun line of code counter (sloc alternative) bottom # System monitor + tldr # Example based cli docs ]; } diff --git a/home/features/cli/gpg.nix b/home/features/cli/gpg.nix new file mode 100644 index 0000000..e69de29 diff --git a/home/features/persistence.nix b/home/features/persistence.nix index 7610be7..9fd2a7a 100644 --- a/home/features/persistence.nix +++ b/home/features/persistence.nix @@ -95,9 +95,9 @@ # {{{ Wine satellite.persistence.at.state.apps.Wine.directories = [ ".wine" ]; # }}} - # {{{ Syncthing - satellite.persistence.at.state.apps.Syncthing.directories = [ - "${config.xdg.configHome}/syncthing" # Syncthing config data - ]; - # }}} + # # {{{ Syncthing + # satellite.persistence.at.state.apps.Syncthing.directories = [ + # "${config.xdg.configHome}/syncthing" # Syncthing config data + # ]; + # # }}} } diff --git a/home/features/wayland/hyprland/hyprland.conf b/home/features/wayland/hyprland/hyprland.conf index 2e7c020..8f39ca3 100644 --- a/home/features/wayland/hyprland/hyprland.conf +++ b/home/features/wayland/hyprland/hyprland.conf @@ -33,7 +33,7 @@ gestures { } # Execute apps at launch -exec-once = wezterm & firefox & discocss & spotify & Obsidian +exec-once = wezterm & firefox & discocss & spotify & obsidian # {{{ Window rules # {{{ Automatically move stuff to workspaces diff --git a/home/features/wayland/wlsunset.nix b/home/features/wayland/wlsunset.nix index a8853a7..0644403 100644 --- a/home/features/wayland/wlsunset.nix +++ b/home/features/wayland/wlsunset.nix @@ -16,6 +16,7 @@ in { services.wlsunset = { enable = true; + systemdTarget = "hyprland-session.target"; # Random Netherlands coordinates latitude = "53.2"; diff --git a/home/lapetus.nix b/home/lapetus.nix new file mode 100644 index 0000000..c9e1bb9 --- /dev/null +++ b/home/lapetus.nix @@ -0,0 +1,26 @@ +{ pkgs, inputs, ... }: { + imports = [ ./global ]; + + # Arbitrary extra packages + home.packages = [ + # Clis + inputs.agenix.packages.${pkgs.system}.agenix # Secret encryption + ]; + + satellite = { + # Set up my custom imperanence wrapper + persistence = { + enable = true; + + # Actual data/media (eg: projects, images, videos, etc) + at.data.path = "/persist/data"; + at.data.prefixDirectories = false; + + # App state I want to keep + at.state.path = "/persist/state"; + + # App state which I should be able to delete at any point + at.cache.path = "/persist/local/cache"; + }; + }; +} diff --git a/hosts/nixos/common/global/default.nix b/hosts/nixos/common/global/default.nix index d82d933..af163e6 100644 --- a/hosts/nixos/common/global/default.nix +++ b/hosts/nixos/common/global/default.nix @@ -1,5 +1,5 @@ # Configuration pieces included on all (nixos) hosts -{ inputs, outputs, lib, ... }: +{ inputs, outputs, ... }: let imports = [ inputs.hyprland.nixosModules.default @@ -9,6 +9,7 @@ let inputs.impermanence.nixosModule inputs.slambda.nixosModule + ./persistence.nix ./nix.nix ./openssh.nix ./fish.nix diff --git a/hosts/nixos/common/global/locale.nix b/hosts/nixos/common/global/locale.nix index 494d209..7cadd0e 100644 --- a/hosts/nixos/common/global/locale.nix +++ b/hosts/nixos/common/global/locale.nix @@ -1,4 +1,4 @@ -{ pkgs, ... }: { +{ i18n.defaultLocale = "en_US.UTF-8"; - time.timeZone = "Europe/Amsterdam"; + time.timeZone = "Europe/Bucharest"; } diff --git a/hosts/nixos/common/global/openssh.nix b/hosts/nixos/common/global/openssh.nix index 4ca5e2b..57a96a0 100644 --- a/hosts/nixos/common/global/openssh.nix +++ b/hosts/nixos/common/global/openssh.nix @@ -14,7 +14,6 @@ in services.openssh = { enable = true; - settings = { # Forbid root login through SSH. PermitRootLogin = "no"; diff --git a/hosts/nixos/common/global/persistence.nix b/hosts/nixos/common/global/persistence.nix new file mode 100644 index 0000000..638199d --- /dev/null +++ b/hosts/nixos/common/global/persistence.nix @@ -0,0 +1,5 @@ +{ + environment.persistence."/persist/state".files = [ + "/etc/machine-id" + ]; +} diff --git a/hosts/nixos/common/global/wireless/default.nix b/hosts/nixos/common/global/wireless/default.nix index 7bceb23..f4f2c45 100644 --- a/hosts/nixos/common/global/wireless/default.nix +++ b/hosts/nixos/common/global/wireless/default.nix @@ -1,4 +1,4 @@ -{ config, lib, ... }: { +{ config, ... }: { # Wireless secrets stored through agenix age.secrets.wireless.file = ./wifi_passwords.age; @@ -10,10 +10,10 @@ # Declarative environmentFile = config.age.secrets.wireless.path; networks = { - "Neptune".psk = "@PHONE_HOTSPOT_PASS@"; + "Neptune".psk = "@ENCELADUS_HOTSPOT_PASS@"; "Familia-Matei".psk = "@TG_HOME_PASS@"; "Familia-Matei-PRO".psk = "@TG_HOME_PASS@"; - "Sailhorse".psk = "@NL_SAILHORSE_PASS@"; + "Sailhorse".psk = "@NL_PLACE_0_PASS@"; "FOSDEM-Dualstack" = { }; diff --git a/hosts/nixos/common/global/wireless/wifi_passwords.age b/hosts/nixos/common/global/wireless/wifi_passwords.age index e85985d..7567621 100644 --- a/hosts/nixos/common/global/wireless/wifi_passwords.age +++ b/hosts/nixos/common/global/wireless/wifi_passwords.age @@ -1,10 +1,10 @@ age-encryption.org/v1 --> ssh-ed25519 UUF9JQ lWy89GkBQq7b8BMhNqcYiLQydJN3NOtEAraD6w7a4BU -yaxGbbU7zClnF2/11nvknkh360rYZBtjcUSuGbraUKI --> ssh-ed25519 qgVaDQ 7uDDtpluRUrXPoGtj45pt89hIZDsZ6THuTSh8YlGu3M -8iGv/qIMGE9oVMJAWoFDBnsXZaoYzNwxzV0YVZpEnxE --> ^`YEpz-grease G9[ h ssh-ed25519 UUF9JQ DSej3R3rllWa8hJPGoMZcEIMNb5Fdr2kj3QT2VP4Slg +eq6+W/naFadnfA6iuZ4mLeJA8mIATenivmSPvM0IOdk +-> ssh-ed25519 qgVaDQ iXTnXO2YIarah7rk8p2585tdpei6s+xMyr3iZAlmAj0 +M7cBqZZrxnImgcXp6saeBLMPnw3ogmVIOn/NMhRI97Y +-> TED-grease z ;"0 [2 G5M +u7n1btlGnv/Qz0jJ +--- eu72XdP32dvM2PHwBp2a8Z5qbN8XuIQpOlWE7VVWN6c +nݑr=|(Ei5 +S=-n#7\+` .3 ՘|IB~2էvi QP_4Ǽ,l6qSdͻ[>k0~lri$r48>X]3eg#9e%lS@f \ No newline at end of file diff --git a/hosts/nixos/common/optional/syncthing.nix b/hosts/nixos/common/optional/syncthing.nix index 8f801ae..d2c409a 100644 --- a/hosts/nixos/common/optional/syncthing.nix +++ b/hosts/nixos/common/optional/syncthing.nix @@ -1,14 +1,16 @@ +let + user = "adrielus"; + group = "syncthing"; +in { services.syncthing = { + inherit user group; enable = true; openDefaultPorts = true; - configDir = "/home/adrielus/.config/syncthing"; + configDir = "/persist/state/home/adrielus/Syncthing/.config/syncthing"; dataDir = "/persist/data/syncthing"; - - user = "adrielus"; - group = "syncthing"; # guiAddress = "0.0.0.0:8384"; # TODO: put this behind nginx overrideDevices = true; @@ -18,6 +20,12 @@ "enceladus" = { id = "QWOAERM-V2FNXPI-TB7NFUS-LKW7JTB-IZY4OEZ-FYDPJNP-6IKPW4Y-YREXDQM"; }; }; + extraOptions = { + options = { + crashReportingEnabled = false; + }; + }; + folders = { "stellar-sanctum" = { path = "/home/adrielus/Projects/stellar-sanctum/"; diff --git a/hosts/nixos/common/users/adrielus.nix b/hosts/nixos/common/users/adrielus.nix index 53378f4..5c8fec6 100644 --- a/hosts/nixos/common/users/adrielus.nix +++ b/hosts/nixos/common/users/adrielus.nix @@ -12,6 +12,10 @@ # Adds me to some default groups, and creates the home dir isNormalUser = true; + # Not sure if this works, but it's supposed to be the password + # assigned when the user is first created. + initialPassword = "pleasechangeme"; + # File containing my password, managed by agenix passwordFile = config.age.secrets.adrielusPassword.path; @@ -25,6 +29,7 @@ "audio" # Audio devices "video" # Webcam and the like "network" # wpa_supplicant + "syncthing" # syncthing! ]; openssh.authorizedKeys.keyFiles = diff --git a/hosts/nixos/euporie/default.nix b/hosts/nixos/euporie/default.nix index ade46d4..9a205be 100644 --- a/hosts/nixos/euporie/default.nix +++ b/hosts/nixos/euporie/default.nix @@ -4,7 +4,6 @@ ../common/users/guest.nix ../common/optional/pipewire.nix - ../common/optional/touchpad.nix ../common/optional/lightdm.nix ../common/optional/xdg-portal.nix ../common/optional/hyprland.nix diff --git a/hosts/nixos/lapetus/default.nix b/hosts/nixos/lapetus/default.nix new file mode 100644 index 0000000..20cf223 --- /dev/null +++ b/hosts/nixos/lapetus/default.nix @@ -0,0 +1,22 @@ +{ + imports = [ + ../common/global + ../common/users/adrielus.nix + ../common/optional/slambda.nix + + ./hardware-configuration.nix + ./boot.nix + ]; + + # Set the name of this machine! + networking.hostName = "lapetus"; + + # https://nixos.wiki/wiki/FAQ/When_do_I_update_stateVersion + system.stateVersion = "22.11"; + + # Boot + boot.loader.grub = { + enable = true; + device = "/dev/sda"; + }; +} diff --git a/hosts/nixos/lapetus/hardware-configuration.nix b/hosts/nixos/lapetus/hardware-configuration.nix new file mode 100644 index 0000000..2c63c08 --- /dev/null +++ b/hosts/nixos/lapetus/hardware-configuration.nix @@ -0,0 +1,2 @@ +{ +} diff --git a/hosts/nixos/lapetus/id_ed25519.pub b/hosts/nixos/lapetus/id_ed25519.pub new file mode 100644 index 0000000..fcb8d99 --- /dev/null +++ b/hosts/nixos/lapetus/id_ed25519.pub @@ -0,0 +1 @@ +ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINmdOiG0elKHvJ5yoUMd8I5qQdygvjdq45bxv65K230G tethys diff --git a/hosts/nixos/lapetus/partitions.nix b/hosts/nixos/lapetus/partitions.nix new file mode 100644 index 0000000..0fe087d --- /dev/null +++ b/hosts/nixos/lapetus/partitions.nix @@ -0,0 +1,76 @@ +{ disks ? [ "/dev/vdb" "/dev/vdc" ], ... }: { + disko.devices = { + # {{{ Disks + disk = { + vdb = { + type = "disk"; + device = builtins.elemAt disks 0; + content = { + type = "table"; + format = "gpt"; + partitions = [ + { + name = "ESP"; + start = "1MiB"; + end = "100MiB"; + bootable = true; + content = { + type = "filesystem"; + format = "vfat"; + mountpoint = "/boot"; + mountOptions = [ + "defaults" + ]; + }; + } + { + start = "100MiB"; + end = "100%"; + name = "primary"; + content = { + type = "zfs"; + pool = "zroot"; + }; + } + ]; + }; + }; + }; + # }}} + # {{{ zpools + zpool = { + zroot = { + type = "zpool"; + postCreateHook = '' + zfs snapshot zroot@blank + zfs set keylocation="prompt" "zroot"; + ''; + rootFsOptions = { + compression = "lz4"; + "com.sun:auto-snapshot" = "false"; + encryption = "aes-256-gcm"; + keyformat = "passphrase"; + keylocation = "file:///tmp/secret.key"; + }; + + # {{{ Datasets + datasets = { + "root/persist/data" = { + mountpoint = "/persist/data"; + options."com.sun:auto-snapshot" = "true"; + }; + "root/persist/state" = { + mountpoint = "/persist/state"; + options."com.sun:auto-snapshot" = "true"; + }; + "root/local/nix" = { mountpoint = "/nix"; }; + "root/local/cache" = { + mountpoint = "/persist/local/cache"; + }; + }; + # }}} + }; + }; + }; + # }}} +} diff --git a/hosts/nixos/tethys/default.nix b/hosts/nixos/tethys/default.nix index a8e31e2..d9c49ab 100644 --- a/hosts/nixos/tethys/default.nix +++ b/hosts/nixos/tethys/default.nix @@ -4,7 +4,6 @@ ../common/users/adrielus.nix ../common/optional/pipewire.nix - ../common/optional/touchpad.nix ../common/optional/xserver.nix ../common/optional/lightdm.nix ../common/optional/steam.nix