feat(loona): add

chore: make iceshrimp redis the primary
feat(amy): add ipv6 config, podman, enable coredns
2024-06-28 16:09:05 +01:00 · 2024-06-28 15:36:51 +01:00 · 2024-06-22 09:24:00 +01:00
11 changed files with 215 additions and 37 deletions
--- a/common/generic-desktop.nix
+++ b/common/generic-desktop.nix
@ -22,4 +22,9 @@
  };

  programs.adb.enable = true;
+
+  fonts.packages = with pkgs; [
+    (nerdfonts.override { fonts = [ "JetBrainsMono" ]; })
+    maple-mono-NF
+  ];
 }
--- a/common/generic-uefi-zfs.nix
+++ b/common/generic-uefi-zfs.nix
@ -0,0 +1,11 @@
+{ pkgs, ... }: {
+  boot.loader.grub = {
+    enable = true;
+    zfsSupport = true;
+    efiSupport = true;
+    efiInstallAsRemovable = true;
+    mirroredBoots = [
+      { devices = [ "nodev"]; path = "/boot"; }
+    ];
+  };
+}
--- a/flake.lock
+++ b/flake.lock
@ -43,11 +43,11 @@
    "flake-compat_2": {
      "flake": false,
      "locked": {
-        "lastModified": 1673956053,
-        "narHash": "sha256-4gtG9iQuiKITOjNQQeQIpoIB6b16fm+504Ch3sNKLd8=",
+        "lastModified": 1696426674,
+        "narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=",
        "owner": "edolstra",
        "repo": "flake-compat",
-        "rev": "35bb57c0c8d8b62bbfd284272c928ceb64ddbde9",
+        "rev": "0f9255e01c2351cc7d116c072cb317785dd33b33",
        "type": "github"
      },
      "original": {
@ -91,11 +91,11 @@
        "systems": "systems"
      },
      "locked": {
-        "lastModified": 1681202837,
-        "narHash": "sha256-H+Rh19JDwRtpVPAWp64F+rlEtxUWBAQW28eAi3SRSzg=",
+        "lastModified": 1710146030,
+        "narHash": "sha256-SZ5L6eA7HJ/nmkzGG7/ISclqe6oZdOZTNoesiInkXPQ=",
        "owner": "numtide",
        "repo": "flake-utils",
-        "rev": "cfacdce06f30d2b68473a46042957675eebb3401",
+        "rev": "b1d9ab70662946ef0850d488da1c9019f3a9752a",
        "type": "github"
      },
      "original": {
@ -133,11 +133,11 @@
        ]
      },
      "locked": {
-        "lastModified": 1714043624,
-        "narHash": "sha256-Xn2r0Jv95TswvPlvamCC46wwNo8ALjRCMBJbGykdhcM=",
+        "lastModified": 1717476296,
+        "narHash": "sha256-ScHe38Tr+TxGURC17kby4mIIxOG3aJvZWXzPM79UnEk=",
        "owner": "nix-community",
        "repo": "home-manager",
-        "rev": "86853e31dc1b62c6eeed11c667e8cdd0285d4411",
+        "rev": "095ef64aa3b2ab4a4f1bf07f29997e21e3a5576a",
        "type": "github"
      },
      "original": {
@ -154,11 +154,11 @@
        ]
      },
      "locked": {
-        "lastModified": 1709764752,
-        "narHash": "sha256-+lM4J4JoJeiN8V+3WSWndPHj1pJ9Jc1UMikGbXLqCTk=",
+        "lastModified": 1719438532,
+        "narHash": "sha256-/Vmso2ZMoFE3M7d1MRsQ2K5sR8CVKnrM6t1ys9Xjpz4=",
        "owner": "nix-community",
        "repo": "home-manager",
-        "rev": "cf111d1a849ddfc38e9155be029519b0e2329615",
+        "rev": "1a4f12ae0bda877ec4099b429cf439aad897d7e9",
        "type": "github"
      },
      "original": {
@ -169,11 +169,11 @@
    },
    "nixlib": {
      "locked": {
-        "lastModified": 1709426687,
-        "narHash": "sha256-jLBZmwXf0WYHzLkmEMq33bqhX55YtT5edvluFr0RcSA=",
+        "lastModified": 1712450863,
+        "narHash": "sha256-K6IkdtMtq9xktmYPj0uaYc8NsIqHuaAoRBaMgu9Fvrw=",
        "owner": "nix-community",
        "repo": "nixpkgs.lib",
-        "rev": "7873d84a89ae6e4841528ff7f5697ddcb5bdfe6c",
+        "rev": "3c62b6a12571c9a7f65ab037173ee153d539905f",
        "type": "github"
      },
      "original": {
@ -190,11 +190,11 @@
        ]
      },
      "locked": {
-        "lastModified": 1709821158,
-        "narHash": "sha256-76L6tymnmFY3zDPBi0Mi5G6HcISHKw7xHuYYmzKrTK4=",
+        "lastModified": 1718025593,
+        "narHash": "sha256-WZ1gdKq/9u1Ns/oXuNsDm+W0salonVA0VY1amw8urJ4=",
        "owner": "nix-community",
        "repo": "nixos-generators",
-        "rev": "10e801a76fa611f8ce7937e2c9b7677888a54fa0",
+        "rev": "35c20ba421dfa5059e20e0ef2343c875372bdcf3",
        "type": "github"
      },
      "original": {
@ -205,11 +205,11 @@
    },
    "nixpkgs-stable": {
      "locked": {
-        "lastModified": 1713995372,
-        "narHash": "sha256-fFE3M0vCoiSwCX02z8VF58jXFRj9enYUSTqjyHAjrds=",
+        "lastModified": 1719234068,
+        "narHash": "sha256-1AjSIedDC/aERt24KsCUftLpVppW61S7awfjGe7bMio=",
        "owner": "NixOS",
        "repo": "nixpkgs",
-        "rev": "dd37924974b9202f8226ed5d74a252a9785aedf8",
+        "rev": "90bd1b26e23760742fdcb6152369919098f05417",
        "type": "github"
      },
      "original": {
@ -221,11 +221,11 @@
    },
    "nixpkgs-unstable": {
      "locked": {
-        "lastModified": 1709703039,
-        "narHash": "sha256-6hqgQ8OK6gsMu1VtcGKBxKQInRLHtzulDo9Z5jxHEFY=",
+        "lastModified": 1719254875,
+        "narHash": "sha256-ECni+IkwXjusHsm9Sexdtq8weAq/yUyt1TWIemXt3Ko=",
        "owner": "NixOS",
        "repo": "nixpkgs",
-        "rev": "9df3e30ce24fd28c7b3e2de0d986769db5d6225d",
+        "rev": "2893f56de08021cffd9b6b6dfc70fd9ccd51eb60",
        "type": "github"
      },
      "original": {
@ -297,11 +297,11 @@
        ]
      },
      "locked": {
-        "lastModified": 1709773506,
-        "narHash": "sha256-RK9D2rbN7usqlxogWSBA0EsKDScSF/Uyb8ATntC4juA=",
+        "lastModified": 1719365131,
+        "narHash": "sha256-oFYSrsZ4lfOCGFw/jhUJOR9IEisEG4dTruG1fUpJqzM=",
        "owner": "nix-community",
        "repo": "nix-vscode-extensions",
-        "rev": "a17ea69caec11561e73c985360fb596c25f74131",
+        "rev": "c5e0094f29d9d939dee906f468c1e5953bef5f94",
        "type": "github"
      },
      "original": {
--- a/flake.nix
+++ b/flake.nix
@ -92,6 +92,30 @@
      ];
    };

+    nixosConfigurations.loona = nixpkgs-unstable.lib.nixosSystem {
+      system = "x86_64-linux";
+      modules = [
+        overlays-module
+        ./hosts/loona/configuration.nix
+         home-manager.nixosModules.home-manager
+        {
+          home-manager.useGlobalPkgs = true;
+          home-manager.useUserPackages = true;
+          home-manager.users.ash = { ... }: {
+            imports = [
+              fsh.homeModules.fsh
+              ./home/ash
+              ./home/ash/alex.nix
+              ./home/ash/desktop.nix
+              ./home/ash/emacs.nix
+              ./home/ash/vscodium.nix
+              ./home/ash/zoom.nix
+            ];
+          };
+        }
+      ];
+    };
+
    nixosConfigurations.lea = nixpkgs-stable.lib.nixosSystem {
      system = "x86_64-linux";
      modules = [
@ -118,6 +142,9 @@
      modules = [
        overlays-module
        ./hosts/amy/configuration.nix
+        ./roles/coredns
+        ./roles/iceshrimp.nix
+        ./roles/podman.nix
        ./roles/postgres.nix
        home-manager-stable.nixosModules.home-manager
        {
--- a/home/ash/desktop.nix
+++ b/home/ash/desktop.nix
@ -1,6 +1,5 @@
 { config, pkgs, ... }: {
  home.packages = with pkgs; [
-    nerdfonts
    firefox
    fluffychat
    cachix
@ -37,7 +36,7 @@
  services.gpg-agent = {
    enable = true;
    enableFishIntegration = true;
-    pinentryFlavor = "gnome3";
+    pinentryPackage = pkgs.pinentry-qt;
    defaultCacheTtl = 31536000;
    maxCacheTtl = 31536000;
  };
--- a/hosts/alex/configuration.nix
+++ b/hosts/alex/configuration.nix
@ -38,15 +38,13 @@
    doas.u2fAuth = true;
  };

-  services.xserver = {
+  services = {
+    xserver = {
      enable = true;
-#    displayManager.gdm.enable = true;
-#    desktopManager.gnome.enable = true;
-    
+      xkb.layout = "gb";
+    };
    displayManager.sddm.enable = true;
    desktopManager.plasma6.enable = true;
-    xkb.layout = "gb";
-    # xkbVariant = "";
  };

  #environment.systemPackages = with pkgs; [
--- a/hosts/amy/configuration.nix
+++ b/hosts/amy/configuration.nix
@ -28,5 +28,18 @@
  services.openssh.enable = true;
  networking.firewall.allowedTCPPorts = [ 22 ];

+  networking = {
+    interfaces = {
+      ens18.ipv6.addresses = [{
+        address = "2a02:c202:2191:6731:0000:0000:0000:0001";
+        prefixLength = 64;
+      }];
+    };
+    defaultGateway6 = {
+      address = "fe80::1";
+      interface = "ens18";
+    };
+  };
+
  system.stateVersion = "23.11";
 }
--- a/hosts/loona/configuration.nix
+++ b/hosts/loona/configuration.nix
@ -0,0 +1,58 @@
+{ config, modulesPath, pkgs, ... }: {
+  imports = [
+    (modulesPath + "/virtualisation/qemu-vm.nix")
+    ../../common/generic.nix
+    ../../common/generic-desktop.nix
+    ../../common/generic-uefi-zfs.nix
+    ../../common/tpm.nix
+    ../../roles/podman.nix
+    ./hardware-config.nix
+  ];
+
+  networking.hostName = "loona";
+  networking.firewall.enable = false;
+
+  sound.enable = true;
+  hardware.pulseaudio.enable = false;
+  security.rtkit.enable = true;
+  services.pipewire = {
+    enable = true;
+    alsa.enable = true;
+    alsa.support32Bit = true;
+    jack.enable = true;
+    pulse.enable = true;
+  };
+
+  security.pam.services = {
+    kde.u2fAuth = true;
+    sddm.u2fAuth = true;
+    doas.u2fAuth = true;
+  };
+
+  services = {
+    xserver = {
+      enable = true;
+      xkb.layout = "gb";
+    };
+    displayManager.sddm.enable = true;
+    desktopManager.plasma6.enable = true;
+  };
+
+  services.printing = {
+    enable = true;
+    drivers = with pkgs; [
+      hplip
+    ];
+  };
+
+  hardware.bluetooth.enable = true;
+  hardware.rtl-sdr.enable = true;
+  users.users.ash.extraGroups = ["plugdev"];
+
+  programs.steam.enable = true;
+  nixpkgs.config.allowUnfree = true;
+
+  virtualisation.waydroid.enable = true;
+
+  system.stateVersion = "22.11";
+}
--- a/hosts/loona/hardware-configuration.nix
+++ b/hosts/loona/hardware-configuration.nix
@ -0,0 +1,53 @@
+# Do not modify this file!  It was generated by ‘nixos-generate-config’
+# and may be overwritten by future invocations.  Please make changes
+# to /etc/nixos/configuration.nix instead.
+{ config, lib, pkgs, modulesPath, ... }:
+
+{
+  imports =
+    [ (modulesPath + "/installer/scan/not-detected.nix")
+    ];
+
+  boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "nvme" "usb_storage" "sd_mod" ];
+  boot.initrd.kernelModules = [ ];
+  boot.kernelModules = [ "kvm-intel" ];
+  boot.extraModulePackages = [ ];
+
+  fileSystems."/" =
+    { device = "zpool/root";
+      fsType = "zfs";
+    };
+
+  fileSystems."/nix" =
+    { device = "zpool/nix";
+      fsType = "zfs";
+    };
+
+  fileSystems."/var" =
+    { device = "zpool/var";
+      fsType = "zfs";
+    };
+
+  fileSystems."/home" =
+    { device = "zpool/home";
+      fsType = "zfs";
+    };
+
+  fileSystems."/boot" =
+    { device = "/dev/disk/by-uuid/DAC4-ED88";
+      fsType = "vfat";
+    };
+
+  swapDevices = [ ];
+
+  # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
+  # (the default) this is the recommended approach. When using systemd-networkd it's
+  # still possible to use this option, but it's recommended to use it in conjunction
+  # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
+  networking.useDHCP = lib.mkDefault true;
+  # networking.interfaces.enp4s0.useDHCP = lib.mkDefault true;
+  # networking.interfaces.wlp0s20f3.useDHCP = lib.mkDefault true;
+
+  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
+  hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
+}
--- a/roles/iceshrimp.nix
+++ b/roles/iceshrimp.nix
@ -0,0 +1,10 @@
+{ config, pkgs, ... }: {
+  services.redis.servers.iceshrimp = {
+    enable = true;
+    port = 6380;
+    bind = "100.93.214.57";
+    settings.protected-mode = "no";
+  };
+
+  # TODO: move rest of iceshrimp to amy
+}
--- a/roles/podman.nix
+++ b/roles/podman.nix
@ -1,3 +1,7 @@
-{ config, pkgs, ...}: {
+{ config, pkgs, ... }: {
  virtualisation.podman.enable = true;
+  virtualisation.oci-containers.backend = "podman";
+  environment.systemPackages = with pkgs; [
+    podman-compose
+  ];
 }
Author	SHA1	Message	Date
Ashhhleyyy	bc6d9c2091	feat(loona): add	2024-06-28 16:09:05 +01:00
Ashhhleyyy	7a5f37b50a	chore: make iceshrimp redis the primary	2024-06-28 15:36:51 +01:00
Ashhhleyyy	a6d9603b83	feat(amy): add ipv6 config, podman, enable coredns	2024-06-22 09:24:00 +01:00