Bulk commit

2024-10-21 15:09:02 -05:00
11 changed files with 72 additions and 360 deletions
--- a/hosts/common/configuration.nix
+++ b/hosts/common/configuration.nix
@ -1,8 +1,18 @@
-{ config, pkgs, updatePkgs, unstablePkgs, nixos-hardware, ... }:
+{ config, pkgs, unstablePkgs, ... }:
+let
+  keys = import ./ssh-keys.nix;
+in
 {
  imports = [
+    ./hardware-configuration.nix
  ];

+  networking = {
+    hostId = "7be305c3";
+    hostName = "sandy";
+    networkmanager.enable = true;
+  };
+
  boot.loader = {
    systemd-boot.enable = true;
    efi.canTouchEfiVariables = true;
@ -28,7 +38,7 @@
  nixpkgs.config.allowUnfree = true;

  nix = {
-    package = pkgs.nixVersions.stable;
+    package = pkgs.nixFlakes;
    extraOptions = ''
      experimental-features = nix-command flakes
    '';
@ -37,14 +47,8 @@
  programs.zsh.enable = true;

  services = {
-    openssh = {
-      enable = true;
-      settings = {
-        X11Forwarding = true;
-      };
-    };
+    openssh.enable = true;
    tailscale.enable = true;
-    # zfs set com.sun:auto-snapshot=true DATASET
    zfs.autoSnapshot.enable = true;
    hardware.bolt.enable = true;
    nscd.enable = true;
@ -67,20 +71,13 @@
      enable = true;
      displayManager.lightdm.enable = true;
      displayManager.startx.enable = true;
-      # desktopManager.plasma5.enable = true;
+      desktopManager.plasma5.enable = true;
      desktopManager.mate.enable = true;
-      xkb = {
-        layout = "us";
-        variant = "";
-      };
-    };
-
-    displayManager = {
-      defaultSession = "mate";
-      autoLogin = {
-        enable = true;
-        user = "peter";
-      };
+      displayManager.defaultSession = "plasmawayland";
+      displayManager.autoLogin.enable = true;
+      displayManager.autoLogin.user = "hodgson";
+      layout = "us";
+      xkbVariant = "";
    };

    # emacs = {
@ -91,7 +88,7 @@

    avahi = {
      enable = true;
-      nssmdns4 = true;
+      nssmdns = true;
      openFirewall = true;
      publish = {
        enable = true;
@ -111,10 +108,9 @@
        gutenprint
      ];
    };
-
-    fwupd.enable = true;
  };

+  sound.enable = true;
  hardware = {
    pulseaudio.enable = false;
    printers = {
@ -136,10 +132,33 @@
    sudo.wheelNeedsPassword = false;
  };

+  users.users.nshields = {
+    isNormalUser = true;
+    shell = pkgs.zsh;
+    description = "Nikolai Shields";
+    extraGroups = [ "lp" "docker" "networkmanager" "wheel" "podman" ];
+    openssh.authorizedKeys.keys = keys.nshields;
+  };
+
+  users.users.benson = {
+    isNormalUser = true;
+    shell = pkgs.zsh;
+    description = "Benson Chu";
+    extraGroups = [ "wheel" ];
+    openssh.authorizedKeys.keys = keys.benson;
+  };
+
+  users.users.hodgson = {
+    isNormalUser = true;
+    shell = pkgs.zsh;
+    description = "Peter Hodgson";
+    extraGroups = [ "lp" "wheel" ];
+    openssh.authorizedKeys.keys = keys.hodgson;
+  };
+
  environment.systemPackages = with pkgs; [
-    # why are these here anyway?
-    # gnome.gnome-tweaks
-    # gnome.networkmanager-openconnect
+    gnome.gnome-tweaks
+    gnome.networkmanager-openconnect
    nss
    htop
    sssd
@ -149,7 +168,7 @@
    glibc
    glib
    openconnect
-    # libsForQt5.plasma-thunderbolt
+    libsForQt5.plasma-thunderbolt

    # essential
    git
@ -158,9 +177,6 @@
    tmux
    unstablePkgs.signal-desktop
    gcc
-    tree
-    file
-    bind

    # emacs dependencies
    ispell
@ -170,12 +186,10 @@
    libtool

    # browsers
-    updatePkgs.google-chrome
-    updatePkgs.firefox
+    google-chrome
+    firefox
    lynx
-    updatePkgs.chromium
-    unstablePkgs.zoom-us
-    audacity
+    chromium

    # networking
    curl
@ -186,12 +200,11 @@
    # Other
    racket
    ruby
-    vlc
    (python311.withPackages (pythonPackages: with pythonPackages; [
      urwid
    ]))

-    (pkgs.callPackage ../../mfcl2690dw/default.nix { })
+    (pkgs.callPackage ./mfcl2690dw/default.nix { })

    tigervnc
  ];
@ -203,4 +216,6 @@
  networking.hosts = {
    "10.0.0.142" = ["BRWBCF4D445BCC3.local"];
  };
+
+  system.stateVersion = "23.11"; # Did you read the comment?
 }
--- a/flake.lock
+++ b/flake.lock
@ -7,48 +7,32 @@
        ]
      },
      "locked": {
-        "lastModified": 1739757849,
-        "narHash": "sha256-Gs076ot1YuAAsYVcyidLKUMIc4ooOaRGO0PqTY7sBzA=",
+        "lastModified": 1726989464,
+        "narHash": "sha256-Vl+WVTJwutXkimwGprnEtXc/s/s8sMuXzqXaspIGlwM=",
        "owner": "nix-community",
        "repo": "home-manager",
-        "rev": "9d3d080aec2a35e05a15cedd281c2384767c2cfe",
+        "rev": "2f23fa308a7c067e52dfcc30a0758f47043ec176",
        "type": "github"
      },
      "original": {
        "owner": "nix-community",
-        "ref": "release-24.11",
+        "ref": "release-24.05",
        "repo": "home-manager",
        "type": "github"
      }
    },
-    "nixos-hardware": {
-      "locked": {
-        "lastModified": 1736441705,
-        "narHash": "sha256-OL7leZ6KBhcDF3nEKe4aZVfIm6xQpb1Kb+mxySIP93o=",
-        "owner": "NixOS",
-        "repo": "nixos-hardware",
-        "rev": "8870dcaff63dfc6647fb10648b827e9d40b0a337",
-        "type": "github"
-      },
-      "original": {
-        "owner": "NixOS",
-        "ref": "master",
-        "repo": "nixos-hardware",
-        "type": "github"
-      }
-    },
    "nixpkgs": {
      "locked": {
-        "lastModified": 1740865531,
-        "narHash": "sha256-h00vGIh/jxcGl8aWdfnVRD74KuLpyY3mZgMFMy7iKIc=",
+        "lastModified": 1728328465,
+        "narHash": "sha256-a0a0M1TmXMK34y3M0cugsmpJ4FJPT/xsblhpiiX1CXo=",
        "owner": "nixos",
        "repo": "nixpkgs",
-        "rev": "5ef6c425980847c78a80d759abc476e941a9bf42",
+        "rev": "1bfbbbe5bbf888d675397c66bfdb275d0b99361c",
        "type": "github"
      },
      "original": {
        "owner": "nixos",
-        "ref": "nixos-24.11",
+        "ref": "nixos-24.05",
        "repo": "nixpkgs",
        "type": "github"
      }
@ -56,19 +40,17 @@
    "root": {
      "inputs": {
        "home-manager": "home-manager",
-        "nixos-hardware": "nixos-hardware",
        "nixpkgs": "nixpkgs",
-        "unstable": "unstable",
-        "update": "update"
+        "unstable": "unstable"
      }
    },
    "unstable": {
      "locked": {
-        "lastModified": 1755186698,
-        "narHash": "sha256-wNO3+Ks2jZJ4nTHMuks+cxAiVBGNuEBXsT29Bz6HASo=",
+        "lastModified": 1728241625,
+        "narHash": "sha256-yumd4fBc/hi8a9QgA9IT8vlQuLZ2oqhkJXHPKxH/tRw=",
        "owner": "nixos",
        "repo": "nixpkgs",
-        "rev": "fbcf476f790d8a217c3eab4e12033dc4a0f6d23c",
+        "rev": "c31898adf5a8ed202ce5bea9f347b1c6871f32d1",
        "type": "github"
      },
      "original": {
@ -77,22 +59,6 @@
        "repo": "nixpkgs",
        "type": "github"
      }
-    },
-    "update": {
-      "locked": {
-        "lastModified": 1751274312,
-        "narHash": "sha256-/bVBlRpECLVzjV19t5KMdMFWSwKLtb5RyXdjz3LJT+g=",
-        "owner": "nixos",
-        "repo": "nixpkgs",
-        "rev": "50ab793786d9de88ee30ec4e4c24fb4236fc2674",
-        "type": "github"
-      },
-      "original": {
-        "owner": "nixos",
-        "ref": "nixos-24.11",
-        "repo": "nixpkgs",
-        "type": "github"
-      }
    }
  },
  "root": "root",
--- a/flake.nix
+++ b/flake.nix
@ -2,48 +2,26 @@
  description = "NixOS configuration";

  inputs = {
-    nixpkgs.url = "github:nixos/nixpkgs/nixos-24.11";
-    update.url = "github:nixos/nixpkgs/nixos-24.11";
+    nixpkgs.url = "github:nixos/nixpkgs/nixos-24.05";
    unstable.url = "github:nixos/nixpkgs/nixos-unstable";
-    nixos-hardware.url = "github:NixOS/nixos-hardware/master";
    home-manager = {
-      url = "github:nix-community/home-manager/release-24.11";
+      url = "github:nix-community/home-manager/release-24.05";
      inputs.nixpkgs.follows = "nixpkgs";
    };
  };

-  outputs = { nixpkgs, home-manager, unstable, update, nixos-hardware, ... }:
+  outputs = inputs@{ nixpkgs, home-manager, unstable, ... }:
    let
      system = "x86_64-linux";
      pkgs = nixpkgs.legacyPackages.${system};
      unstablePkgs = unstable.legacyPackages.${system};
-      updatePkgs = import update { inherit system; config.allowUnfree = true; };
    in {
      nixosConfigurations = {
        sandy = nixpkgs.lib.nixosSystem {
          system = "x86_64-linux";
-          specialArgs = { inherit unstablePkgs updatePkgs nixos-hardware; };
+          specialArgs = { inherit unstablePkgs ; };
          modules = [
-            ./hosts/sandy/configuration.nix
-            home-manager.nixosModules.home-manager
-            {
-              home-manager = {
-                useGlobalPkgs = true;
-                useUserPackages = true;
-                users.nshields = import ./home.nix;
-                extraSpecialArgs = {
-                  inherit unstablePkgs;
-                };
-              };
-            }
-          ];
-        };
-
-        axl = nixpkgs.lib.nixosSystem {
-          system = "x86_64-linux";
-          specialArgs = { inherit unstablePkgs updatePkgs nixos-hardware; };
-          modules = [
-            ./hosts/axl/configuration.nix
+            ./configuration.nix
            home-manager.nixosModules.home-manager
            {
              home-manager = {
--- a/hosts/sandy/hardware-configuration.nix
+++ b/hosts/sandy/hardware-configuration.nix
--- a/home.nix
+++ b/home.nix
@ -1,7 +1,7 @@
 { config, pkgs, unstablePkgs, ... }: {
  targets.genericLinux.enable = true;
  home = {
-    stateVersion = "24.11";
+    stateVersion = "23.11";
    file = {
      ".local/bin" = { source = ./scripts; };
    };
--- a/hosts/axl/configuration.nix
+++ b/hosts/axl/configuration.nix
@ -1,73 +0,0 @@
-{ config, pkgs, updatePkgs, unstablePkgs, nixos-hardware, ... }:
-let
-  keys = import ../../ssh-keys.nix;
-in
-{
-  imports = [
-    ../common/configuration.nix
-    ../common/vnc.nix
-    ./hardware-configuration.nix
-  ];
-
-  networking = {
-    hostId = "7be305c3";
-    hostName = "axl";
-    networkmanager.enable = true;
-  };
-
-  programs.nm-applet.enable = true;
-
-  users.users.nshields = {
-    isNormalUser = true;
-    shell = pkgs.zsh;
-    description = "Nikolai Shields";
-    extraGroups = [ "lp" "docker" "networkmanager" "wheel" "podman" ];
-    openssh.authorizedKeys.keys = keys.nshields;
-  };
-
-  users.users.benson = {
-    isNormalUser = true;
-    shell = pkgs.bash;
-    description = "Benson Chu";
-    extraGroups = [ "wheel" ];
-    openssh.authorizedKeys.keys = keys.benson;
-  };
-
-  # users.users.hodgson = {
-  #   isNormalUser = true;
-  #   shell = pkgs.zsh;
-  #   description = "[Ralph] Peter Hodgson";
-  #   extraGroups = [ "lp" "wheel" ];
-  #   openssh.authorizedKeys.keys = keys.hodgson;
-  # };
-
-  users.users.peter = {
-    isNormalUser = true;
-    shell = pkgs.zsh;
-    description = "Peter Hodgson";
-    extraGroups = [ "lp" "wheel" "input" ];
-    openssh.authorizedKeys.keys = keys.hodgson;
-  };
-
-  users.users.zander = {
-    isNormalUser = true;
-    shell = pkgs.bash;
-    description = "Alexander Thannhauser";
-    extraGroups = [ "lp" "wheel" "input" ];
-    openssh.authorizedKeys.keys = keys.zander;
-  };
-
-  system.autoUpgrade = {
-    enable = true;
-    flake = "/home/benson/peter-nixos";
-    flags = [
-      "--update-input"
-      "unstable"
-      "-L" # print build logs
-    ];
-    dates = "02:00";
-    randomizedDelaySec = "45min";
-  };
-
-  system.stateVersion = "24.11"; # Did you read the comment?
-}
--- a/hosts/axl/hardware-configuration.nix
+++ b/hosts/axl/hardware-configuration.nix
@ -1,59 +0,0 @@
-# Do not modify this file!  It was generated by ‘nixos-generate-config’
-# and may be overwritten by future invocations.  Please make changes
-# to /etc/nixos/configuration.nix instead.
-{ config, lib, pkgs, modulesPath, ... }:
-
-{
-  imports =
-    [ (modulesPath + "/installer/scan/not-detected.nix")
-    ];
-
-  boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "thunderbolt" "usbhid" "usb_storage" "sd_mod" "sr_mod" ];
-  boot.initrd.kernelModules = [ ];
-  boot.kernelModules = [ "kvm-amd" ];
-  boot.extraModulePackages = [ ];
-
-  fileSystems."/" =
-    { device = "zpool/root";
-      fsType = "zfs";
-      options = [ "zfsutil" ];
-    };
-
-  fileSystems."/nix" =
-    { device = "zpool/nix";
-      fsType = "zfs";
-      options = [ "zfsutil" ];
-    };
-
-  fileSystems."/var" =
-    { device = "zpool/var";
-      fsType = "zfs";
-      options = [ "zfsutil" ];
-    };
-
-  fileSystems."/home/peter" =
-    { device = "zpool/home/peter";
-      fsType = "zfs";
-      options = [ "zfsutil" ];
-    };
-
-  fileSystems."/boot" =
-    { device = "/dev/disk/by-uuid/2882-CD45";
-      fsType = "vfat";
-    };
-
-  swapDevices =
-    [ { device = "/dev/disk/by-uuid/6469740d-a7fb-4f97-8e96-fb3469a54b64"; }
-    ];
-
-  # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
-  # (the default) this is the recommended approach. When using systemd-networkd it's
-  # still possible to use this option, but it's recommended to use it in conjunction
-  # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
-  networking.useDHCP = lib.mkDefault true;
-  # networking.interfaces.eno1.useDHCP = lib.mkDefault true;
-  # networking.interfaces.wlp5s0.useDHCP = lib.mkDefault true;
-
-  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
-  hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
-}
--- a/hosts/common/vnc.nix
+++ b/hosts/common/vnc.nix
@ -1,11 +0,0 @@
-{ config, pkgs, ... }:
-{
-  networking.firewall = {
-    enable = true;
-    allowedTCPPorts = [ 5900 ];
-  };
-
-  environment.shellAliases = {
-    startvnc = "x0vncserver -PasswordFile=$HOME/.vnc/passwd -rfbport=5900 -AcceptSetDesktopSize=0";
-  };
-}
--- a/hosts/sandy/configuration.nix
+++ b/hosts/sandy/configuration.nix
@ -1,61 +0,0 @@
-{ config, pkgs, updatePkgs, unstablePkgs, nixos-hardware, ... }:
-let
-  keys = import ../../ssh-keys.nix;
-in
-{
-  imports = [
-    ../common/configuration.nix
-    ./hardware-configuration.nix
-    nixos-hardware.nixosModules.framework-11th-gen-intel
-  ];
-
-  boot.kernelPackages = pkgs.linuxPackages_6_12;
-
-  networking = {
-    hostId = "7be305c3";
-    hostName = "sandy";
-    networkmanager.enable = true;
-  };
-
-  users.users.nshields = {
-    isNormalUser = true;
-    shell = pkgs.zsh;
-    description = "Nikolai Shields";
-    extraGroups = [ "lp" "docker" "networkmanager" "wheel" "podman" ];
-    openssh.authorizedKeys.keys = keys.nshields;
-  };
-
-  users.users.benson = {
-    isNormalUser = true;
-    shell = pkgs.bash;
-    description = "Benson Chu";
-    extraGroups = [ "wheel" ];
-    openssh.authorizedKeys.keys = keys.benson;
-  };
-
-  users.users.hodgson = {
-    isNormalUser = true;
-    shell = pkgs.zsh;
-    description = "[Ralph] Peter Hodgson";
-    extraGroups = [ "lp" "wheel" ];
-    openssh.authorizedKeys.keys = keys.hodgson;
-  };
-
-  users.users.peter = {
-    isNormalUser = true;
-    shell = pkgs.zsh;
-    description = "Peter Hodgson";
-    extraGroups = [ "lp" "wheel" "input" ];
-    openssh.authorizedKeys.keys = keys.hodgson;
-  };
-
-  users.users.zander = {
-    isNormalUser = true;
-    shell = pkgs.bash;
-    description = "Alexander Thannhauser";
-    extraGroups = [ "lp" "wheel" "input" ];
-    openssh.authorizedKeys.keys = keys.zander;
-  };
-
-  system.stateVersion = "24.11"; # Did you read the comment?
-}
--- a/ssh-keys.nix
+++ b/ssh-keys.nix
@ -26,8 +26,4 @@
      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKtQOHXIfltnEVMxgHlxgUNB/o6Bey6vdMWtwSfo+U4q"
      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIG90xfsjQSCH/nKyXlBujpJshZHb9yWzqDH8fLKKl9T2"
  ];
-
-  zander = [
-    "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDG5Ktw21eX+iWQh0WcU3BUDO7RFwmKCqv39vhC4DdRKfRqCpG8nsv6xPJv9cnPauYLHYmlaJImf6ugejHtD4GrLjhFp2RD8U85TxbqZIKs2bMgqxCb+APeY9QVv0osw8YSoM6NjbgJbzAf9Va3h7ONYJU/Q0qEFip6bIQtDti26/iTi5EgoLWXIkgNL4QRxneC3JZ7Nh6vRNxfv8rXxGl50hgKLNg7eqw+INebk2+Pt0zifnJsgsKPmtiJwKih1+rGnHokk46I7ap/YiZJJiVIbEiGJCHd++qCnu+nsmkJw8TCw73xSkceC8hvtlAvi65+IQ+CLMZCQFz+99Lkq2+/Oe08xVdq9EZCeyL4baIUDpZSS5si7vFWDCIeFQpzSAGrpJzxCNie2ZO1K9lU1687OpcmkCrpmK9V9GxCJWc6LEDnk2Oz8BErFU5GzYsZQcnQ0jjYF5ZiFYXsuepziXtb05995qUSjBC8xgxCW98xMiimNuNelmpuatzI1csIPNU= zander@computer"
-  ];
 }
--- a/sunshine.nix
+++ b/sunshine.nix
@ -1,39 +0,0 @@
-{ config, pkgs, updatePkgs, unstablePkgs, ... }:
-{
-  systemd.user.services.sunshine = {
-    description = "Sunshine self-hosted game stream host for Moonlight";
-    wantedBy = ["graphical-session.target"];
-    partOf   = ["graphical-session.target"];
-    startLimitBurst = 5;
-    startLimitIntervalSec = 500;
-    serviceConfig = {
-      ExecStart = "${config.security.wrapperDir}/sunshine";
-      Restart = "on-failure";
-      RestartSec = "5s";
-    };
-  };
-
-  environment.systemPackages = with pkgs; [
-    pkgs.sunshine
-    pkgs.moonlight-qt
-  ];
-
-  security.wrappers.sunshine = {
-    owner = "root";
-    group = "root";
-    capabilities = "cap_sys_admin+p";
-    source = "${pkgs.sunshine}/bin/sunshine";
-  };
-
-  services.avahi.publish.enable = true;
-  services.avahi.publish.userServices = true;
-
-  networking.firewall = {
-    enable = true;
-    allowedTCPPorts = [ 47984 47989 47990 48010 ];
-    allowedUDPPortRanges = [
-      { from = 47998; to = 48010; }
-      #{ from = 8000; to = 8010; }
-    ];
-  };
-}