Daholli/nixos-config
1
0
Fork 0
Code Issues 5 Pull requests Actions Packages Releases Activity

Compare commits

base: Daholli:0bbbe9a293557efcb006496ccf42cabc95cf0d73
Branches Tags
Daholli:main
...
compare: Daholli:e9a1b42e61a985417aa26957ce2efd7cc9803cde
Branches Tags
Daholli:main

8 commits
0bbbe9a293 ... e9a1b42e61

Author SHA1 Message Date
Christoph Hollizeck e9a1b42e61
nixberry: add hostplatform 2025-01-27 13:39:45 +01:00
Christoph Hollizeck cac6c46d78
rp5: add ethernet 2025-01-27 13:39:44 +01:00
Christoph Hollizeck e8f5f51407
adguardhome: increase statistic retention time 2025-01-27 13:39:43 +01:00
Christoph Hollizeck 56d5196f56
rp5: move things in separate configs, to be reused 2025-01-27 13:39:38 +01:00
Christoph Hollizeck 06c1065ee9
chore: cleanup config, change kernel and nvidia drivers to it build properly again 2025-01-26 16:09:22 +01:00
Christoph Hollizeck 27d69ef5e9
chore: update flake 2025-01-26 16:08:09 +01:00
Christoph Hollizeck d3bf14d5bd
helix: update default ignore list 2025-01-26 16:07:53 +01:00
Christoph Hollizeck 863ba37194
1password: setup agent declaratively and allow forwarding 2025-01-26 16:07:12 +01:00
12 changed files with 255 additions and 200 deletions
Show stats Expand all files Collapse all files

262
flake.lock
View file

@ -134,11 +134,11 @@
"rust-analyzer-src": "rust-analyzer-src"
},
"locked": {
"lastModified": 1737700483,
"narHash": "sha256-1778bR4GDDc51/iZQvcshGLZ4JU87zCzqei8Hn7vU1A=",
"lastModified": 1737873155,
"narHash": "sha256-6g9lSb6Vq/NnXdqKSSzQ09Wd2kK/mWIvv3ZrVhLYUOg=",
"owner": "nix-community",
"repo": "fenix",
"rev": "bab2a2840bc2d5ae7c6a133602185edbe4ca7daa",
"rev": "11391594600c119f02b3ee864decca1d6767f1b6",
"type": "github"
},
"original": {
@ -335,7 +335,7 @@
},
"flake-utils_3": {
"inputs": {
"systems": "systems_6"
"systems": "systems_5"
},
"locked": {
"lastModified": 1694529238,
@ -399,11 +399,11 @@
"rust-overlay": "rust-overlay"
},
"locked": {
"lastModified": 1737677675,
"narHash": "sha256-a6VO9JFCif+4ipdszBcQO772QLmBtj9Ai5iAgi/4+/U=",
"lastModified": 1737868873,
"narHash": "sha256-kZe1ME1ZI4tDw4+mFxlet8dxGdp5GN67Y167fqSqcbs=",
"owner": "helix-editor",
"repo": "helix",
"rev": "a63a2ad281b5f651effd29efa4e34f504507d0da",
"rev": "aac0ce5fd13df7f275b6523da58dec1ec054a8c8",
"type": "github"
},
"original": {
@ -419,11 +419,11 @@
]
},
"locked": {
"lastModified": 1737704314,
"narHash": "sha256-zta8jvOQ2wRCZmiwFEnS5iCulWAh8e+fLUlQxrgOBjM=",
"lastModified": 1737762889,
"narHash": "sha256-5HGG09bh/Yx0JA8wtBMAzt0HMCL1bYZ93x4IqzVExio=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "a0428685572b134f6594e7d7f5db5e1febbab2d7",
"rev": "daf04c5950b676f47a794300657f1d3d14c1a120",
"type": "github"
},
"original": {
@ -548,19 +548,19 @@
"hyprland-protocols": "hyprland-protocols",
"hyprland-qtutils": "hyprland-qtutils",
"hyprlang": "hyprlang_2",
"hyprutils": "hyprutils",
"hyprutils": "hyprutils_2",
"hyprwayland-scanner": "hyprwayland-scanner",
"nixpkgs": "nixpkgs_3",
"nixpkgs": "nixpkgs_2",
"pre-commit-hooks": "pre-commit-hooks",
"systems": "systems_3",
"systems": "systems_2",
"xdph": "xdph"
},
"locked": {
"lastModified": 1737679787,
"narHash": "sha256-fW7Mvd5/SYZbPry3fh/llFH8QfIb7ZbXTJGQpLvS04c=",
"lastModified": 1737896452,
"narHash": "sha256-ODynzEy3QDWH+ubUsNC1eAhHj8U84c7Hew7k12cAJEI=",
"owner": "hyprwm",
"repo": "Hyprland",
"rev": "4a1b960cbedb3e2893eeadecdf2b4a7314634306",
"rev": "4abf9155ee67ee09116948b1d9efef58c08697d9",
"type": "github"
},
"original": {
@ -669,11 +669,11 @@
]
},
"locked": {
"lastModified": 1737634810,
"narHash": "sha256-ZIJ03DeisbQuDaADSgmbgyocjecaozK4yGTa0/9bOr0=",
"lastModified": 1737811848,
"narHash": "sha256-WZ7LeiKHk5Y94MU5gHIWn0r8asWxYOvie4LqfCjVIZU=",
"owner": "hyprwm",
"repo": "hyprland-qtutils",
"rev": "a9852dbf5a1ec77cf617543728144c1362709e46",
"rev": "9c0831ff98856c0f312fcb8b57553fbe3dd34d5b",
"type": "github"
},
"original": {
@ -684,13 +684,19 @@
},
"hyprlang": {
"inputs": {
"hyprutils": [
"hyprutils": "hyprutils",
"nixpkgs": [
"hyprland",
"hyprland-qtutils",
"hyprutils"
"hyprland-qt-support",
"nixpkgs"
],
"nixpkgs": "nixpkgs_2",
"systems": "systems_2"
"systems": [
"hyprland",
"hyprland-qtutils",
"hyprland-qt-support",
"systems"
]
},
"locked": {
"lastModified": 1737634606,
@ -768,17 +774,17 @@
"inputs": {
"hyprgraphics": "hyprgraphics_2",
"hyprlang": "hyprlang_3",
"hyprutils": "hyprutils_2",
"hyprutils": "hyprutils_3",
"hyprwayland-scanner": "hyprwayland-scanner_2",
"nixpkgs": "nixpkgs_4",
"systems": "systems_4"
"nixpkgs": "nixpkgs_3",
"systems": "systems_3"
},
"locked": {
"lastModified": 1737635493,
"narHash": "sha256-4hUhIyLyxNjRc7cuGDojEGHvAgtoP4/82qOpENTEAfs=",
"lastModified": 1737837801,
"narHash": "sha256-i7nKSo/FGU5Sjq2xM+UFahZHqqrjZn5WUekOZFsjO2w=",
"owner": "hyprwm",
"repo": "hyprlock",
"rev": "742eb98c6a7082eb7bbaa609502f19f8b2035592",
"rev": "e77bc92b99e06ee66ccd684afbfe3a743af1f01d",
"type": "github"
},
"original": {
@ -790,14 +796,14 @@
"hyprpanel": {
"inputs": {
"ags": "ags",
"nixpkgs": "nixpkgs_5"
"nixpkgs": "nixpkgs_4"
},
"locked": {
"lastModified": 1737350675,
"narHash": "sha256-Zy2PidkAOYDvnFgZO+QFDYywQAPtA/xi7SuZLVd+ZyM=",
"lastModified": 1737793455,
"narHash": "sha256-sVy0QU4fpZsUWj5B8t6jUNZHzVLC22+HYqcFG9pKPik=",
"owner": "Jas-SinghFSU",
"repo": "HyprPanel",
"rev": "562eb64e12047cb3a4ef5db2e9df19f9a726ae7c",
"rev": "74065af3d2aa576e8b183d720033c3eece3deb70",
"type": "github"
},
"original": {
@ -810,10 +816,16 @@
"inputs": {
"nixpkgs": [
"hyprland",
"hyprland-qtutils",
"hyprland-qt-support",
"hyprlang",
"nixpkgs"
],
"systems": [
"hyprland",
"hyprland-qtutils",
"hyprland-qt-support",
"hyprlang",
"systems"
]
},
@ -832,6 +844,31 @@
}
},
"hyprutils_2": {
"inputs": {
"nixpkgs": [
"hyprland",
"nixpkgs"
],
"systems": [
"hyprland",
"systems"
]
},
"locked": {
"lastModified": 1737725508,
"narHash": "sha256-jGmcPc6y/prg/4A8KGYqJ27nSPaProCMiFadaxNAKvA=",
"owner": "hyprwm",
"repo": "hyprutils",
"rev": "fb0c2d1de3d1ef7396d19c18ac09e12bd956929e",
"type": "github"
},
"original": {
"owner": "hyprwm",
"repo": "hyprutils",
"type": "github"
}
},
"hyprutils_3": {
"inputs": {
"nixpkgs": [
"hyprlock",
@ -943,15 +980,15 @@
"nix-gaming": {
"inputs": {
"flake-parts": "flake-parts",
"nixpkgs": "nixpkgs_6",
"nixpkgs": "nixpkgs_5",
"umu": "umu"
},
"locked": {
"lastModified": 1737596278,
"narHash": "sha256-OEdGZ6TTHXGB791VvhErq4Nro54NQzzDAO0G0WfK2kw=",
"lastModified": 1737855374,
"narHash": "sha256-RRGX2C+c+GaR3YMiYm6l/Tp5N/KZtYpiTplUrBwH/og=",
"owner": "fufexan",
"repo": "nix-gaming",
"rev": "10f37dc9be5d79fec72b46b670ece4783a83a13a",
"rev": "4845fe94cda365c7550d9fd1ef899d45df0bc18a",
"type": "github"
},
"original": {
@ -982,11 +1019,11 @@
},
"nixos-hardware": {
"locked": {
"lastModified": 1737590910,
"narHash": "sha256-qM/y6Dtpu9Wmf5HqeZajQdn+cS0aljdYQQQnrvx+LJE=",
"lastModified": 1737751639,
"narHash": "sha256-ZEbOJ9iT72iwqXsiEMbEa8wWjyFvRA9Ugx8utmYbpz4=",
"owner": "nixos",
"repo": "nixos-hardware",
"rev": "9368027715d8dde4b84c79c374948b5306fdd2db",
"rev": "dfad538f751a5aa5d4436d9781ab27a6128ec9d4",
"type": "github"
},
"original": {
@ -1077,11 +1114,11 @@
},
"nixpkgs-master": {
"locked": {
"lastModified": 1737718686,
"narHash": "sha256-UP9jw+MUINLBMcC09hr9xf+05jsRnTOvLRyOKis8giI=",
"lastModified": 1737897534,
"narHash": "sha256-0CbrdmdFH1hMHyKUIfMXAMmqF78wfnbvL0VMTXyz8VY=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "defe5870670e9fe4d0a8a04e0e58ec60c7745bb1",
"rev": "cf577e430899f96e0214a9d83f8f6905922611dd",
"type": "github"
},
"original": {
@ -1093,27 +1130,11 @@
},
"nixpkgs-unstable": {
"locked": {
"lastModified": 1737632463,
"narHash": "sha256-38J9QfeGSej341ouwzqf77WIHAScihAKCt8PQJ+NH28=",
"lastModified": 1737746512,
"narHash": "sha256-nU6AezEX4EuahTO1YopzueAXfjFfmCHylYEFCagduHU=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "0aa475546ed21629c4f5bbf90e38c846a99ec9e9",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_10": {
"locked": {
"lastModified": 1735471104,
"narHash": "sha256-0q9NGQySwDQc7RhAV2ukfnu7Gxa5/ybJ2ANT8DQrQrs=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "88195a94f390381c6afcdaa933c2f6ff93959cb4",
"rev": "825479c345a7f806485b7f00dbe3abb50641b083",
"type": "github"
},
"original": {
@ -1125,11 +1146,11 @@
},
"nixpkgs_2": {
"locked": {
"lastModified": 1737469691,
"narHash": "sha256-nmKOgAU48S41dTPIXAq0AHZSehWUn6ZPrUKijHAMmIk=",
"lastModified": 1737632463,
"narHash": "sha256-38J9QfeGSej341ouwzqf77WIHAScihAKCt8PQJ+NH28=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "9e4d5190a9482a1fb9d18adf0bdb83c6e506eaab",
"rev": "0aa475546ed21629c4f5bbf90e38c846a99ec9e9",
"type": "github"
},
"original": {
@ -1156,22 +1177,6 @@
}
},
"nixpkgs_4": {
"locked": {
"lastModified": 1737469691,
"narHash": "sha256-nmKOgAU48S41dTPIXAq0AHZSehWUn6ZPrUKijHAMmIk=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "9e4d5190a9482a1fb9d18adf0bdb83c6e506eaab",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_5": {
"locked": {
"lastModified": 1736344531,
"narHash": "sha256-8YVQ9ZbSfuUk2bUf2KRj60NRraLPKPS0Q4QFTbc+c2c=",
@ -1187,13 +1192,13 @@
"type": "github"
}
},
"nixpkgs_6": {
"nixpkgs_5": {
"locked": {
"lastModified": 1737003892,
"narHash": "sha256-RCzJE9wKByLCXmRBp+z8LK9EgdW+K+W/DXnJS4S/NVo=",
"lastModified": 1737717945,
"narHash": "sha256-ET91TMkab3PmOZnqiJQYOtSGvSTvGeHoegAv4zcTefM=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "ae06b9c2d83cb5c8b12d7d0e32692e93d1379713",
"rev": "ecd26a469ac56357fd333946a99086e992452b6a",
"type": "github"
},
"original": {
@ -1203,13 +1208,13 @@
"type": "github"
}
},
"nixpkgs_7": {
"nixpkgs_6": {
"locked": {
"lastModified": 1737632463,
"narHash": "sha256-38J9QfeGSej341ouwzqf77WIHAScihAKCt8PQJ+NH28=",
"lastModified": 1737746512,
"narHash": "sha256-nU6AezEX4EuahTO1YopzueAXfjFfmCHylYEFCagduHU=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "0aa475546ed21629c4f5bbf90e38c846a99ec9e9",
"rev": "825479c345a7f806485b7f00dbe3abb50641b083",
"type": "github"
},
"original": {
@ -1219,7 +1224,7 @@
"type": "github"
}
},
"nixpkgs_8": {
"nixpkgs_7": {
"locked": {
"lastModified": 1717602782,
"narHash": "sha256-pL9jeus5QpX5R+9rsp3hhZ+uplVHscNJh8n8VpqscM0=",
@ -1234,7 +1239,7 @@
"type": "indirect"
}
},
"nixpkgs_9": {
"nixpkgs_8": {
"locked": {
"lastModified": 1731763621,
"narHash": "sha256-ddcX4lQL0X05AYkrkV2LMFgGdRvgap7Ho8kgon3iWZk=",
@ -1250,6 +1255,22 @@
"type": "github"
}
},
"nixpkgs_9": {
"locked": {
"lastModified": 1735471104,
"narHash": "sha256-0q9NGQySwDQc7RhAV2ukfnu7Gxa5/ybJ2ANT8DQrQrs=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "88195a94f390381c6afcdaa933c2f6ff93959cb4",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"pre-commit-hooks": {
"inputs": {
"flake-compat": "flake-compat",
@ -1319,7 +1340,7 @@
"nix-ld": "nix-ld",
"nixos-hardware": "nixos-hardware",
"nixos-wsl": "nixos-wsl",
"nixpkgs": "nixpkgs_7",
"nixpkgs": "nixpkgs_6",
"nixpkgs-latest-factorio": "nixpkgs-latest-factorio",
"nixpkgs-master": "nixpkgs-master",
"nixpkgs-unstable": "nixpkgs-unstable",
@ -1385,11 +1406,11 @@
"rpi-linux-6_10_12-src": {
"flake": false,
"locked": {
"lastModified": 1728305462,
"narHash": "sha256-LtvNmGD1D5YYv+C9xxxddAeHw69o3OX/H9M7F663L74=",
"lastModified": 1728980267,
"narHash": "sha256-jCmFC40n6fP0YaTTn3pWz9sz1GxXuXw6cUTlXssCb9I=",
"owner": "raspberrypi",
"repo": "linux",
"rev": "26ee50d56618c2d98100b1bc672fd201aed4d00f",
"rev": "6e23f4f785081a7c68e94a8e38a49074097299f9",
"type": "github"
},
"original": {
@ -1402,11 +1423,11 @@
"rpi-linux-6_6_67-src": {
"flake": false,
"locked": {
"lastModified": 1734790986,
"narHash": "sha256-q9swM2TmmuzbUuQnbLZk5PseKWD7/SNPwtth6bpGIqE=",
"lastModified": 1737738344,
"narHash": "sha256-kj16wXihASnuFg6z45U3tT1AjDDklYpCJVb/s5YkcSo=",
"owner": "raspberrypi",
"repo": "linux",
"rev": "811ff707533bcd67cdcd368bbd46223082009b12",
"rev": "6d16e47ca139ba64c5daedf06e72f2774adbdc48",
"type": "github"
},
"original": {
@ -1453,11 +1474,11 @@
"rust-analyzer-src": {
"flake": false,
"locked": {
"lastModified": 1737634189,
"narHash": "sha256-AG5G9KDsl0Ngby9EfWvlemma7WWG0KCADTIccPJuzUE=",
"lastModified": 1737831834,
"narHash": "sha256-Nd8Qd8kWrJSAaPD/VGVm98ntCIJ4d9ZkfDSySWM0bbU=",
"owner": "rust-lang",
"repo": "rust-analyzer",
"rev": "84d44d0a574630aa8500ed62b6c01ccd3fae2473",
"rev": "90bf50c0112db1494233401b6c0f895fb3210ddd",
"type": "github"
},
"original": {
@ -1492,7 +1513,7 @@
"inputs": {
"blobs": "blobs",
"flake-compat": "flake-compat_3",
"nixpkgs": "nixpkgs_8",
"nixpkgs": "nixpkgs_7",
"nixpkgs-24_05": "nixpkgs-24_05",
"utils": "utils"
},
@ -1581,7 +1602,7 @@
},
"sops-nix": {
"inputs": {
"nixpkgs": "nixpkgs_9"
"nixpkgs": "nixpkgs_8"
},
"locked": {
"lastModified": 1737411508,
@ -1643,21 +1664,6 @@
}
},
"systems_4": {
"locked": {
"lastModified": 1689347949,
"narHash": "sha256-12tWmuL2zgBgZkdoB6qXZsgJEH9LR3oUgpaQq2RbI80=",
"owner": "nix-systems",
"repo": "default-linux",
"rev": "31732fcf5e8fea42e59c2488ad31a0e651500f68",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default-linux",
"type": "github"
}
},
"systems_5": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
@ -1672,7 +1678,7 @@
"type": "github"
}
},
"systems_6": {
"systems_5": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
@ -1709,11 +1715,11 @@
},
"locked": {
"dir": "packaging/nix",
"lastModified": 1737484151,
"narHash": "sha256-pONHsVIyIHbjyv51JQW3Nv9JeuqiVEuINyH+HnN4f8Q=",
"lastModified": 1737834175,
"narHash": "sha256-uHTE0PWZ9A/uLCAlx36z3pdDfIEdu5Jsnt4bJW4KYLY=",
"ref": "refs/heads/main",
"rev": "0cac244cc89ee69bf33ad60a3953cfde188ee8a6",
"revCount": 907,
"rev": "4d1860eefd79d6c04e964774155dbe13be65121a",
"revCount": 911,
"submodules": true,
"type": "git",
"url": "https://github.com/Open-Wine-Components/umu-launcher/"
@ -1727,7 +1733,7 @@
},
"utils": {
"inputs": {
"systems": "systems_5"
"systems": "systems_4"
},
"locked": {
"lastModified": 1709126324,
@ -1786,14 +1792,14 @@
},
"zen-browser": {
"inputs": {
"nixpkgs": "nixpkgs_10"
"nixpkgs": "nixpkgs_9"
},
"locked": {
"lastModified": 1737688749,
"narHash": "sha256-c67wGumgDSYe6T6OJOKP15H2ODxItUXXekQqDSPjEa0=",
"lastModified": 1737869730,
"narHash": "sha256-4u/VS7fiqAtnEnm2z7DSNzNyM7sUB+nq3aGKcKBwodg=",
"owner": "0xc000022070",
"repo": "zen-browser-flake",
"rev": "44a3c15f50dba8073feca64ec500daa44d9f366d",
"rev": "39c4c603ee641aed350dce31562ad6dd6f0044d8",
"type": "github"
},
"original": {

6
modules/nixos/apps/_1password/default.nix
View file

@ -25,5 +25,11 @@ in
polkitPolicyOwners = [ config.${namespace}.user.name ];
};
};
${namespace}.home.file.".ssh/config".text = ''
Host *
ForwardAgent yes
IdentityAgent ~/.1password/agent.sock
'';
};
}

3
modules/nixos/apps/cli-apps/helix/default.nix
View file

@ -36,9 +36,10 @@ in
${namespace} = {
home.extraOptions = {
home.file.".config/helix/ignore".text = ''
# unignore in file picker and global search
.idea/
!**/appsettings.json
.direnv/
.devenv/
'';
catppuccin.helix.enable = true;

2
modules/nixos/apps/discord/default.nix
View file

@ -18,7 +18,7 @@ in
config = mkIf cfg.enable {
environment.systemPackages = with pkgs; [
vesktop
discord
];
};
}

2
modules/nixos/desktop/hyprland/default.nix
View file

@ -172,7 +172,7 @@ in
"systemctl --user start hyprpolkitagent"
"[workspace 2 silent] steam --disable-gpu-compositing" # nvidia pls let me have nice things
"[workspace 8 silent] vesktop"
"[workspace 8 silent] discord"
"[workspace 9 silent] 1password"
"[workspace 1 silent] zen"

29
modules/nixos/services/openssh/default.nix Normal file
View file

@ -0,0 +1,29 @@
{
lib,
config,
namespace,
...
}:
let
cfg = config.${namespace}.services.openssh;
inherit (lib) mkIf mkEnableOption;
in
{
options.${namespace}.services.openssh = {
enable = mkEnableOption "Enable SSH";
};
config = mkIf cfg.enable {
services.openssh = {
enable = true;
settings = {
PasswordAuthentication = false;
KbdInteractiveAuthentication = false;
};
};
services.fail2ban = {
enable = true;
};
};
}

48
modules/nixos/services/remotebuild/default.nix Normal file
View file

@ -0,0 +1,48 @@
{
lib,
config,
namespace,
...
}:
let
cfg = config.${namespace}.services.remotebuild;
inherit (lib) mkIf mkEnableOption;
in
{
options.${namespace}.services.remotebuild = {
enable = mkEnableOption "Enable remotebuild";
};
config = mkIf cfg.enable {
users.users.remotebuild = {
isNormalUser = true;
createHome = false;
group = "remotebuild";
openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJYZjG+XPNoVHVdCel5MK4mwvtoFCqDY1WMI1yoU71Rd root@yggdrasil"
];
};
users.groups.remotebuild = { };
nix = {
nrBuildUsers = 64;
settings = {
trusted-users = [ "remotebuild" ];
min-free = 10 * 1024 * 1024;
max-free = 200 * 1024 * 1024;
max-jobs = "auto";
cores = 0;
};
};
systemd.services.nix-daemon.serviceConfig = {
MemoryAccounting = true;
MemoryMax = "90%";
OOMScoreAdjust = 500;
};
};
}

2
modules/nixos/system/boot/default.nix
View file

@ -17,7 +17,7 @@ in
config = mkIf cfg.enable {
boot = {
kernelPackages = pkgs.linuxPackages_latest;
kernelPackages = pkgs.linuxPackages_6_12;
loader = {
systemd-boot.enable = true;
efi.canTouchEfiVariables = true;

2
modules/nixos/system/hardware/gpu/nvidia/default.nix
View file

@ -28,7 +28,7 @@ in
powerManagement.enable = true;
open = false;
nvidiaSettings = true;
package = config.boot.kernelPackages.nvidiaPackages.beta; # stable, beta
package = config.boot.kernelPackages.nvidiaPackages.latest; # stable, beta
};
services.xserver.videoDrivers = [ "nvidia" ];

3
overlays/pyfa/default.nix
View file

@ -1,3 +0,0 @@
{ channels, ... }:
final: prev: { inherit (channels.nixpkgs-pyfa) pyfa; }

69
systems/aarch64-linux/nixberry/default.nix
View file

@ -4,6 +4,7 @@
lib,
modulesPath,
namespace,
pkgs,
...
}:
@ -16,52 +17,19 @@ in
{
imports = with inputs.nixos-hardware.nixosModules; [
(modulesPath + "/installer/scan/not-detected.nix")
raspberry-pi-5
];
security.sudo.wheelNeedsPassword = false;
users.users.remotebuild = {
isNormalUser = true;
createHome = false;
group = "remotebuild";
openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJYZjG+XPNoVHVdCel5MK4mwvtoFCqDY1WMI1yoU71Rd root@yggdrasil"
];
};
users.groups.remotebuild = { };
nixpkgs.hostPlatform = {
system = "aarch64-linux";
};
nix = {
nrBuildUsers = 64;
settings = {
trusted-users = [ "remotebuild" ];
min-free = 10 * 1024 * 1024;
max-free = 200 * 1024 * 1024;
max-jobs = "auto";
cores = 0;
};
};
systemd.services.nix-daemon.serviceConfig = {
MemoryAccounting = true;
MemoryMax = "90%";
OOMScoreAdjust = 500;
};
services.tailscale = {
enable = true;
useRoutingFeatures = "server";
};
networking = {
interfaces.wlan0 = {
interfaces.end0 = {
ipv4.addresses = [
{
address = ipAddress;
@ -70,6 +38,15 @@ in
];
useDHCP = true;
};
interfaces.wlan0 = {
ipv4.addresses = [
{
address = "192.168.178.3";
prefixLength = 24;
}
];
useDHCP = true;
};
defaultGateway = {
address = "192.168.178.1";
interface = "wlan0";
@ -83,9 +60,7 @@ in
};
};
};
};
networking.firewall = {
firewall = {
allowedTCPPorts = [
53
80
@ -94,6 +69,7 @@ in
53
];
};
};
services.adguardhome = {
enable = true;
@ -135,6 +111,10 @@ in
"https://adguardteam.github.io/HostlistsRegistry/assets/filter_47.txt"
];
statistics = {
enabled = true;
interval = "8760h";
};
};
};
@ -165,17 +145,16 @@ in
};
};
services.openssh = {
enable = true;
settings = {
PasswordAuthentication = false;
KbdInteractiveAuthentication = false;
};
};
${namespace} = {
submodules.basics = enabled;
services = {
openssh = enabled;
remotebuild = enabled;
};
apps.cli-apps.helix.pkg = pkgs.helix;
system = {
# cachemiss for webkit gtk
hardware.networking.enable = mkForce false;

13
systems/x86_64-linux/loptland/default.nix
View file

@ -39,18 +39,6 @@ in
};
};
services.openssh = {
enable = true;
settings = {
PasswordAuthentication = false;
KbdInteractiveAuthentication = false;
};
};
services.fail2ban = {
enable = true;
};
services.nginx = {
enable = true;
recommendedProxySettings = true;
@ -199,6 +187,7 @@ in
enable = true;
inherit sopsFile;
};
openssh = enabled;
};
security = {