Compare commits
44 commits
master
...
minisforum
| Author | SHA1 | Date | |
|---|---|---|---|
|
af60ed662d | ||
|
|
7703711231 | ||
|
|
5a4f935c4d | ||
|
|
d130518eef | ||
|
|
d2c778e682 | ||
|
|
36594edaf8 | ||
|
|
aa221f9784 | ||
|
|
6155da46b7 | ||
|
|
abbfb4b9c0 | ||
|
|
7c2cda7f1a | ||
|
|
0f4ca9a417 | ||
|
|
1cc0df9ccd | ||
|
|
c5cd80f35f | ||
|
|
ee4addb603 | ||
|
|
a29b1d6a46 | ||
|
|
961e429b77 | ||
|
|
f2ff134e55 | ||
|
|
c793b9acc9 | ||
|
|
ea3402f290 | ||
|
|
ccbef38241 | ||
|
|
9ddfac70fb | ||
|
|
355f25d79d | ||
|
|
34a6593975 | ||
|
|
3f11481725 | ||
|
|
d438f9fe1a | ||
|
|
63877ed43e | ||
|
|
4526bd519d | ||
|
|
4dd12775d9 | ||
|
|
44d0b0b230 | ||
|
|
3decc0adb5 | ||
|
|
88f6fe64be | ||
|
|
ad0e1019e8 | ||
|
|
8aeee9b94d | ||
|
|
339471d761 | ||
|
|
31240b2bca | ||
|
|
146240ca09 | ||
|
|
1ec422b498 | ||
|
|
0d3ae9c856 | ||
|
|
33698a500c | ||
|
|
97ee433a2b | ||
|
|
384ae0249e | ||
|
|
a3804153f5 | ||
|
|
26239e04b3 | ||
|
|
0e963b550f |
11 changed files with 360 additions and 72 deletions
58
flake.lock
58
flake.lock
|
|
@ -7,32 +7,48 @@
|
|||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1726989464,
|
||||
"narHash": "sha256-Vl+WVTJwutXkimwGprnEtXc/s/s8sMuXzqXaspIGlwM=",
|
||||
"lastModified": 1739757849,
|
||||
"narHash": "sha256-Gs076ot1YuAAsYVcyidLKUMIc4ooOaRGO0PqTY7sBzA=",
|
||||
"owner": "nix-community",
|
||||
"repo": "home-manager",
|
||||
"rev": "2f23fa308a7c067e52dfcc30a0758f47043ec176",
|
||||
"rev": "9d3d080aec2a35e05a15cedd281c2384767c2cfe",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "nix-community",
|
||||
"ref": "release-24.05",
|
||||
"ref": "release-24.11",
|
||||
"repo": "home-manager",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"nixos-hardware": {
|
||||
"locked": {
|
||||
"lastModified": 1736441705,
|
||||
"narHash": "sha256-OL7leZ6KBhcDF3nEKe4aZVfIm6xQpb1Kb+mxySIP93o=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixos-hardware",
|
||||
"rev": "8870dcaff63dfc6647fb10648b827e9d40b0a337",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "NixOS",
|
||||
"ref": "master",
|
||||
"repo": "nixos-hardware",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"nixpkgs": {
|
||||
"locked": {
|
||||
"lastModified": 1728328465,
|
||||
"narHash": "sha256-a0a0M1TmXMK34y3M0cugsmpJ4FJPT/xsblhpiiX1CXo=",
|
||||
"lastModified": 1740865531,
|
||||
"narHash": "sha256-h00vGIh/jxcGl8aWdfnVRD74KuLpyY3mZgMFMy7iKIc=",
|
||||
"owner": "nixos",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "1bfbbbe5bbf888d675397c66bfdb275d0b99361c",
|
||||
"rev": "5ef6c425980847c78a80d759abc476e941a9bf42",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "nixos",
|
||||
"ref": "nixos-24.05",
|
||||
"ref": "nixos-24.11",
|
||||
"repo": "nixpkgs",
|
||||
"type": "github"
|
||||
}
|
||||
|
|
@ -40,17 +56,19 @@
|
|||
"root": {
|
||||
"inputs": {
|
||||
"home-manager": "home-manager",
|
||||
"nixos-hardware": "nixos-hardware",
|
||||
"nixpkgs": "nixpkgs",
|
||||
"unstable": "unstable"
|
||||
"unstable": "unstable",
|
||||
"update": "update"
|
||||
}
|
||||
},
|
||||
"unstable": {
|
||||
"locked": {
|
||||
"lastModified": 1728241625,
|
||||
"narHash": "sha256-yumd4fBc/hi8a9QgA9IT8vlQuLZ2oqhkJXHPKxH/tRw=",
|
||||
"lastModified": 1755186698,
|
||||
"narHash": "sha256-wNO3+Ks2jZJ4nTHMuks+cxAiVBGNuEBXsT29Bz6HASo=",
|
||||
"owner": "nixos",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "c31898adf5a8ed202ce5bea9f347b1c6871f32d1",
|
||||
"rev": "fbcf476f790d8a217c3eab4e12033dc4a0f6d23c",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
|
@ -59,6 +77,22 @@
|
|||
"repo": "nixpkgs",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"update": {
|
||||
"locked": {
|
||||
"lastModified": 1751274312,
|
||||
"narHash": "sha256-/bVBlRpECLVzjV19t5KMdMFWSwKLtb5RyXdjz3LJT+g=",
|
||||
"owner": "nixos",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "50ab793786d9de88ee30ec4e4c24fb4236fc2674",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "nixos",
|
||||
"ref": "nixos-24.11",
|
||||
"repo": "nixpkgs",
|
||||
"type": "github"
|
||||
}
|
||||
}
|
||||
},
|
||||
"root": "root",
|
||||
|
|
|
|||
32
flake.nix
32
flake.nix
|
|
@ -2,26 +2,48 @@
|
|||
description = "NixOS configuration";
|
||||
|
||||
inputs = {
|
||||
nixpkgs.url = "github:nixos/nixpkgs/nixos-24.05";
|
||||
nixpkgs.url = "github:nixos/nixpkgs/nixos-24.11";
|
||||
update.url = "github:nixos/nixpkgs/nixos-24.11";
|
||||
unstable.url = "github:nixos/nixpkgs/nixos-unstable";
|
||||
nixos-hardware.url = "github:NixOS/nixos-hardware/master";
|
||||
home-manager = {
|
||||
url = "github:nix-community/home-manager/release-24.05";
|
||||
url = "github:nix-community/home-manager/release-24.11";
|
||||
inputs.nixpkgs.follows = "nixpkgs";
|
||||
};
|
||||
};
|
||||
|
||||
outputs = inputs@{ nixpkgs, home-manager, unstable, ... }:
|
||||
outputs = { nixpkgs, home-manager, unstable, update, nixos-hardware, ... }:
|
||||
let
|
||||
system = "x86_64-linux";
|
||||
pkgs = nixpkgs.legacyPackages.${system};
|
||||
unstablePkgs = unstable.legacyPackages.${system};
|
||||
updatePkgs = import update { inherit system; config.allowUnfree = true; };
|
||||
in {
|
||||
nixosConfigurations = {
|
||||
sandy = nixpkgs.lib.nixosSystem {
|
||||
system = "x86_64-linux";
|
||||
specialArgs = { inherit unstablePkgs ; };
|
||||
specialArgs = { inherit unstablePkgs updatePkgs nixos-hardware; };
|
||||
modules = [
|
||||
./configuration.nix
|
||||
./hosts/sandy/configuration.nix
|
||||
home-manager.nixosModules.home-manager
|
||||
{
|
||||
home-manager = {
|
||||
useGlobalPkgs = true;
|
||||
useUserPackages = true;
|
||||
users.nshields = import ./home.nix;
|
||||
extraSpecialArgs = {
|
||||
inherit unstablePkgs;
|
||||
};
|
||||
};
|
||||
}
|
||||
];
|
||||
};
|
||||
|
||||
axl = nixpkgs.lib.nixosSystem {
|
||||
system = "x86_64-linux";
|
||||
specialArgs = { inherit unstablePkgs updatePkgs nixos-hardware; };
|
||||
modules = [
|
||||
./hosts/axl/configuration.nix
|
||||
home-manager.nixosModules.home-manager
|
||||
{
|
||||
home-manager = {
|
||||
|
|
|
|||
2
home.nix
2
home.nix
|
|
@ -1,7 +1,7 @@
|
|||
{ config, pkgs, unstablePkgs, ... }: {
|
||||
targets.genericLinux.enable = true;
|
||||
home = {
|
||||
stateVersion = "23.11";
|
||||
stateVersion = "24.11";
|
||||
file = {
|
||||
".local/bin" = { source = ./scripts; };
|
||||
};
|
||||
|
|
|
|||
73
hosts/axl/configuration.nix
Normal file
73
hosts/axl/configuration.nix
Normal file
|
|
@ -0,0 +1,73 @@
|
|||
{ config, pkgs, updatePkgs, unstablePkgs, nixos-hardware, ... }:
|
||||
let
|
||||
keys = import ../../ssh-keys.nix;
|
||||
in
|
||||
{
|
||||
imports = [
|
||||
../common/configuration.nix
|
||||
../common/vnc.nix
|
||||
./hardware-configuration.nix
|
||||
];
|
||||
|
||||
networking = {
|
||||
hostId = "7be305c3";
|
||||
hostName = "axl";
|
||||
networkmanager.enable = true;
|
||||
};
|
||||
|
||||
programs.nm-applet.enable = true;
|
||||
|
||||
users.users.nshields = {
|
||||
isNormalUser = true;
|
||||
shell = pkgs.zsh;
|
||||
description = "Nikolai Shields";
|
||||
extraGroups = [ "lp" "docker" "networkmanager" "wheel" "podman" ];
|
||||
openssh.authorizedKeys.keys = keys.nshields;
|
||||
};
|
||||
|
||||
users.users.benson = {
|
||||
isNormalUser = true;
|
||||
shell = pkgs.bash;
|
||||
description = "Benson Chu";
|
||||
extraGroups = [ "wheel" ];
|
||||
openssh.authorizedKeys.keys = keys.benson;
|
||||
};
|
||||
|
||||
# users.users.hodgson = {
|
||||
# isNormalUser = true;
|
||||
# shell = pkgs.zsh;
|
||||
# description = "[Ralph] Peter Hodgson";
|
||||
# extraGroups = [ "lp" "wheel" ];
|
||||
# openssh.authorizedKeys.keys = keys.hodgson;
|
||||
# };
|
||||
|
||||
users.users.peter = {
|
||||
isNormalUser = true;
|
||||
shell = pkgs.zsh;
|
||||
description = "Peter Hodgson";
|
||||
extraGroups = [ "lp" "wheel" "input" ];
|
||||
openssh.authorizedKeys.keys = keys.hodgson;
|
||||
};
|
||||
|
||||
users.users.zander = {
|
||||
isNormalUser = true;
|
||||
shell = pkgs.bash;
|
||||
description = "Alexander Thannhauser";
|
||||
extraGroups = [ "lp" "wheel" "input" ];
|
||||
openssh.authorizedKeys.keys = keys.zander;
|
||||
};
|
||||
|
||||
system.autoUpgrade = {
|
||||
enable = true;
|
||||
flake = "/home/benson/peter-nixos";
|
||||
flags = [
|
||||
"--update-input"
|
||||
"unstable"
|
||||
"-L" # print build logs
|
||||
];
|
||||
dates = "02:00";
|
||||
randomizedDelaySec = "45min";
|
||||
};
|
||||
|
||||
system.stateVersion = "24.11"; # Did you read the comment?
|
||||
}
|
||||
59
hosts/axl/hardware-configuration.nix
Normal file
59
hosts/axl/hardware-configuration.nix
Normal file
|
|
@ -0,0 +1,59 @@
|
|||
# Do not modify this file! It was generated by ‘nixos-generate-config’
|
||||
# and may be overwritten by future invocations. Please make changes
|
||||
# to /etc/nixos/configuration.nix instead.
|
||||
{ config, lib, pkgs, modulesPath, ... }:
|
||||
|
||||
{
|
||||
imports =
|
||||
[ (modulesPath + "/installer/scan/not-detected.nix")
|
||||
];
|
||||
|
||||
boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "thunderbolt" "usbhid" "usb_storage" "sd_mod" "sr_mod" ];
|
||||
boot.initrd.kernelModules = [ ];
|
||||
boot.kernelModules = [ "kvm-amd" ];
|
||||
boot.extraModulePackages = [ ];
|
||||
|
||||
fileSystems."/" =
|
||||
{ device = "zpool/root";
|
||||
fsType = "zfs";
|
||||
options = [ "zfsutil" ];
|
||||
};
|
||||
|
||||
fileSystems."/nix" =
|
||||
{ device = "zpool/nix";
|
||||
fsType = "zfs";
|
||||
options = [ "zfsutil" ];
|
||||
};
|
||||
|
||||
fileSystems."/var" =
|
||||
{ device = "zpool/var";
|
||||
fsType = "zfs";
|
||||
options = [ "zfsutil" ];
|
||||
};
|
||||
|
||||
fileSystems."/home/peter" =
|
||||
{ device = "zpool/home/peter";
|
||||
fsType = "zfs";
|
||||
options = [ "zfsutil" ];
|
||||
};
|
||||
|
||||
fileSystems."/boot" =
|
||||
{ device = "/dev/disk/by-uuid/2882-CD45";
|
||||
fsType = "vfat";
|
||||
};
|
||||
|
||||
swapDevices =
|
||||
[ { device = "/dev/disk/by-uuid/6469740d-a7fb-4f97-8e96-fb3469a54b64"; }
|
||||
];
|
||||
|
||||
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
|
||||
# (the default) this is the recommended approach. When using systemd-networkd it's
|
||||
# still possible to use this option, but it's recommended to use it in conjunction
|
||||
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
|
||||
networking.useDHCP = lib.mkDefault true;
|
||||
# networking.interfaces.eno1.useDHCP = lib.mkDefault true;
|
||||
# networking.interfaces.wlp5s0.useDHCP = lib.mkDefault true;
|
||||
|
||||
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
|
||||
hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
|
||||
}
|
||||
|
|
@ -1,18 +1,8 @@
|
|||
{ config, pkgs, unstablePkgs, ... }:
|
||||
let
|
||||
keys = import ./ssh-keys.nix;
|
||||
in
|
||||
{ config, pkgs, updatePkgs, unstablePkgs, nixos-hardware, ... }:
|
||||
{
|
||||
imports = [
|
||||
./hardware-configuration.nix
|
||||
];
|
||||
|
||||
networking = {
|
||||
hostId = "7be305c3";
|
||||
hostName = "sandy";
|
||||
networkmanager.enable = true;
|
||||
};
|
||||
|
||||
boot.loader = {
|
||||
systemd-boot.enable = true;
|
||||
efi.canTouchEfiVariables = true;
|
||||
|
|
@ -38,7 +28,7 @@ in
|
|||
nixpkgs.config.allowUnfree = true;
|
||||
|
||||
nix = {
|
||||
package = pkgs.nixFlakes;
|
||||
package = pkgs.nixVersions.stable;
|
||||
extraOptions = ''
|
||||
experimental-features = nix-command flakes
|
||||
'';
|
||||
|
|
@ -47,8 +37,14 @@ in
|
|||
programs.zsh.enable = true;
|
||||
|
||||
services = {
|
||||
openssh.enable = true;
|
||||
openssh = {
|
||||
enable = true;
|
||||
settings = {
|
||||
X11Forwarding = true;
|
||||
};
|
||||
};
|
||||
tailscale.enable = true;
|
||||
# zfs set com.sun:auto-snapshot=true DATASET
|
||||
zfs.autoSnapshot.enable = true;
|
||||
hardware.bolt.enable = true;
|
||||
nscd.enable = true;
|
||||
|
|
@ -71,13 +67,20 @@ in
|
|||
enable = true;
|
||||
displayManager.lightdm.enable = true;
|
||||
displayManager.startx.enable = true;
|
||||
desktopManager.plasma5.enable = true;
|
||||
# desktopManager.plasma5.enable = true;
|
||||
desktopManager.mate.enable = true;
|
||||
displayManager.defaultSession = "plasmawayland";
|
||||
displayManager.autoLogin.enable = true;
|
||||
displayManager.autoLogin.user = "hodgson";
|
||||
xkb = {
|
||||
layout = "us";
|
||||
xkbVariant = "";
|
||||
variant = "";
|
||||
};
|
||||
};
|
||||
|
||||
displayManager = {
|
||||
defaultSession = "mate";
|
||||
autoLogin = {
|
||||
enable = true;
|
||||
user = "peter";
|
||||
};
|
||||
};
|
||||
|
||||
# emacs = {
|
||||
|
|
@ -88,7 +91,7 @@ in
|
|||
|
||||
avahi = {
|
||||
enable = true;
|
||||
nssmdns = true;
|
||||
nssmdns4 = true;
|
||||
openFirewall = true;
|
||||
publish = {
|
||||
enable = true;
|
||||
|
|
@ -108,9 +111,10 @@ in
|
|||
gutenprint
|
||||
];
|
||||
};
|
||||
|
||||
fwupd.enable = true;
|
||||
};
|
||||
|
||||
sound.enable = true;
|
||||
hardware = {
|
||||
pulseaudio.enable = false;
|
||||
printers = {
|
||||
|
|
@ -132,33 +136,10 @@ in
|
|||
sudo.wheelNeedsPassword = false;
|
||||
};
|
||||
|
||||
users.users.nshields = {
|
||||
isNormalUser = true;
|
||||
shell = pkgs.zsh;
|
||||
description = "Nikolai Shields";
|
||||
extraGroups = [ "lp" "docker" "networkmanager" "wheel" "podman" ];
|
||||
openssh.authorizedKeys.keys = keys.nshields;
|
||||
};
|
||||
|
||||
users.users.benson = {
|
||||
isNormalUser = true;
|
||||
shell = pkgs.zsh;
|
||||
description = "Benson Chu";
|
||||
extraGroups = [ "wheel" ];
|
||||
openssh.authorizedKeys.keys = keys.benson;
|
||||
};
|
||||
|
||||
users.users.hodgson = {
|
||||
isNormalUser = true;
|
||||
shell = pkgs.zsh;
|
||||
description = "Peter Hodgson";
|
||||
extraGroups = [ "lp" "wheel" ];
|
||||
openssh.authorizedKeys.keys = keys.hodgson;
|
||||
};
|
||||
|
||||
environment.systemPackages = with pkgs; [
|
||||
gnome.gnome-tweaks
|
||||
gnome.networkmanager-openconnect
|
||||
# why are these here anyway?
|
||||
# gnome.gnome-tweaks
|
||||
# gnome.networkmanager-openconnect
|
||||
nss
|
||||
htop
|
||||
sssd
|
||||
|
|
@ -168,7 +149,7 @@ in
|
|||
glibc
|
||||
glib
|
||||
openconnect
|
||||
libsForQt5.plasma-thunderbolt
|
||||
# libsForQt5.plasma-thunderbolt
|
||||
|
||||
# essential
|
||||
git
|
||||
|
|
@ -177,6 +158,9 @@ in
|
|||
tmux
|
||||
unstablePkgs.signal-desktop
|
||||
gcc
|
||||
tree
|
||||
file
|
||||
bind
|
||||
|
||||
# emacs dependencies
|
||||
ispell
|
||||
|
|
@ -186,10 +170,12 @@ in
|
|||
libtool
|
||||
|
||||
# browsers
|
||||
google-chrome
|
||||
firefox
|
||||
updatePkgs.google-chrome
|
||||
updatePkgs.firefox
|
||||
lynx
|
||||
chromium
|
||||
updatePkgs.chromium
|
||||
unstablePkgs.zoom-us
|
||||
audacity
|
||||
|
||||
# networking
|
||||
curl
|
||||
|
|
@ -200,11 +186,12 @@ in
|
|||
# Other
|
||||
racket
|
||||
ruby
|
||||
vlc
|
||||
(python311.withPackages (pythonPackages: with pythonPackages; [
|
||||
urwid
|
||||
]))
|
||||
|
||||
(pkgs.callPackage ./mfcl2690dw/default.nix { })
|
||||
(pkgs.callPackage ../../mfcl2690dw/default.nix { })
|
||||
|
||||
tigervnc
|
||||
];
|
||||
|
|
@ -216,6 +203,4 @@ in
|
|||
networking.hosts = {
|
||||
"10.0.0.142" = ["BRWBCF4D445BCC3.local"];
|
||||
};
|
||||
|
||||
system.stateVersion = "23.11"; # Did you read the comment?
|
||||
}
|
||||
11
hosts/common/vnc.nix
Normal file
11
hosts/common/vnc.nix
Normal file
|
|
@ -0,0 +1,11 @@
|
|||
{ config, pkgs, ... }:
|
||||
{
|
||||
networking.firewall = {
|
||||
enable = true;
|
||||
allowedTCPPorts = [ 5900 ];
|
||||
};
|
||||
|
||||
environment.shellAliases = {
|
||||
startvnc = "x0vncserver -PasswordFile=$HOME/.vnc/passwd -rfbport=5900 -AcceptSetDesktopSize=0";
|
||||
};
|
||||
}
|
||||
61
hosts/sandy/configuration.nix
Normal file
61
hosts/sandy/configuration.nix
Normal file
|
|
@ -0,0 +1,61 @@
|
|||
{ config, pkgs, updatePkgs, unstablePkgs, nixos-hardware, ... }:
|
||||
let
|
||||
keys = import ../../ssh-keys.nix;
|
||||
in
|
||||
{
|
||||
imports = [
|
||||
../common/configuration.nix
|
||||
./hardware-configuration.nix
|
||||
nixos-hardware.nixosModules.framework-11th-gen-intel
|
||||
];
|
||||
|
||||
boot.kernelPackages = pkgs.linuxPackages_6_12;
|
||||
|
||||
networking = {
|
||||
hostId = "7be305c3";
|
||||
hostName = "sandy";
|
||||
networkmanager.enable = true;
|
||||
};
|
||||
|
||||
users.users.nshields = {
|
||||
isNormalUser = true;
|
||||
shell = pkgs.zsh;
|
||||
description = "Nikolai Shields";
|
||||
extraGroups = [ "lp" "docker" "networkmanager" "wheel" "podman" ];
|
||||
openssh.authorizedKeys.keys = keys.nshields;
|
||||
};
|
||||
|
||||
users.users.benson = {
|
||||
isNormalUser = true;
|
||||
shell = pkgs.bash;
|
||||
description = "Benson Chu";
|
||||
extraGroups = [ "wheel" ];
|
||||
openssh.authorizedKeys.keys = keys.benson;
|
||||
};
|
||||
|
||||
users.users.hodgson = {
|
||||
isNormalUser = true;
|
||||
shell = pkgs.zsh;
|
||||
description = "[Ralph] Peter Hodgson";
|
||||
extraGroups = [ "lp" "wheel" ];
|
||||
openssh.authorizedKeys.keys = keys.hodgson;
|
||||
};
|
||||
|
||||
users.users.peter = {
|
||||
isNormalUser = true;
|
||||
shell = pkgs.zsh;
|
||||
description = "Peter Hodgson";
|
||||
extraGroups = [ "lp" "wheel" "input" ];
|
||||
openssh.authorizedKeys.keys = keys.hodgson;
|
||||
};
|
||||
|
||||
users.users.zander = {
|
||||
isNormalUser = true;
|
||||
shell = pkgs.bash;
|
||||
description = "Alexander Thannhauser";
|
||||
extraGroups = [ "lp" "wheel" "input" ];
|
||||
openssh.authorizedKeys.keys = keys.zander;
|
||||
};
|
||||
|
||||
system.stateVersion = "24.11"; # Did you read the comment?
|
||||
}
|
||||
|
|
@ -26,4 +26,8 @@
|
|||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKtQOHXIfltnEVMxgHlxgUNB/o6Bey6vdMWtwSfo+U4q"
|
||||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIG90xfsjQSCH/nKyXlBujpJshZHb9yWzqDH8fLKKl9T2"
|
||||
];
|
||||
|
||||
zander = [
|
||||
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDG5Ktw21eX+iWQh0WcU3BUDO7RFwmKCqv39vhC4DdRKfRqCpG8nsv6xPJv9cnPauYLHYmlaJImf6ugejHtD4GrLjhFp2RD8U85TxbqZIKs2bMgqxCb+APeY9QVv0osw8YSoM6NjbgJbzAf9Va3h7ONYJU/Q0qEFip6bIQtDti26/iTi5EgoLWXIkgNL4QRxneC3JZ7Nh6vRNxfv8rXxGl50hgKLNg7eqw+INebk2+Pt0zifnJsgsKPmtiJwKih1+rGnHokk46I7ap/YiZJJiVIbEiGJCHd++qCnu+nsmkJw8TCw73xSkceC8hvtlAvi65+IQ+CLMZCQFz+99Lkq2+/Oe08xVdq9EZCeyL4baIUDpZSS5si7vFWDCIeFQpzSAGrpJzxCNie2ZO1K9lU1687OpcmkCrpmK9V9GxCJWc6LEDnk2Oz8BErFU5GzYsZQcnQ0jjYF5ZiFYXsuepziXtb05995qUSjBC8xgxCW98xMiimNuNelmpuatzI1csIPNU= zander@computer"
|
||||
];
|
||||
}
|
||||
|
|
|
|||
39
sunshine.nix
Normal file
39
sunshine.nix
Normal file
|
|
@ -0,0 +1,39 @@
|
|||
{ config, pkgs, updatePkgs, unstablePkgs, ... }:
|
||||
{
|
||||
systemd.user.services.sunshine = {
|
||||
description = "Sunshine self-hosted game stream host for Moonlight";
|
||||
wantedBy = ["graphical-session.target"];
|
||||
partOf = ["graphical-session.target"];
|
||||
startLimitBurst = 5;
|
||||
startLimitIntervalSec = 500;
|
||||
serviceConfig = {
|
||||
ExecStart = "${config.security.wrapperDir}/sunshine";
|
||||
Restart = "on-failure";
|
||||
RestartSec = "5s";
|
||||
};
|
||||
};
|
||||
|
||||
environment.systemPackages = with pkgs; [
|
||||
pkgs.sunshine
|
||||
pkgs.moonlight-qt
|
||||
];
|
||||
|
||||
security.wrappers.sunshine = {
|
||||
owner = "root";
|
||||
group = "root";
|
||||
capabilities = "cap_sys_admin+p";
|
||||
source = "${pkgs.sunshine}/bin/sunshine";
|
||||
};
|
||||
|
||||
services.avahi.publish.enable = true;
|
||||
services.avahi.publish.userServices = true;
|
||||
|
||||
networking.firewall = {
|
||||
enable = true;
|
||||
allowedTCPPorts = [ 47984 47989 47990 48010 ];
|
||||
allowedUDPPortRanges = [
|
||||
{ from = 47998; to = 48010; }
|
||||
#{ from = 8000; to = 8010; }
|
||||
];
|
||||
};
|
||||
}
|
||||
Loading…
Reference in a new issue