lilith/nixos
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

merge conflict

Browse source
This commit is contained in:
Lilith 2025-03-18 18:18:29 +01:00
commit a32cde45c1
Signed by: lilith
GPG key ID: 8712A0F317C37175
24 changed files with 976 additions and 177 deletions
Download patch file Download diff file Expand all files Collapse all files

3
system/core/default.nix
View file

@ -1,4 +1,4 @@
{ zen-browser, ...}: {
{...}: {
imports = [
./audio.nix
./bluetooth.nix
@ -15,6 +15,5 @@
./syncthing.nix
./users.nix
./zsh.nix
# zen-browser.nixosModules.zen-browser
];
}

30
system/core/nix.nix
View file

@ -1,4 +1,5 @@
{ lib, ...}: {
{ ... }:
{
nix = {
gc = {
automatic = true;
@ -8,12 +9,25 @@
settings = {
keep-outputs = true;
auto-optimise-store = true;
experimental-features = ["nix-command" "flakes"];
trusted-users = ["root" "@wheel"];
};
};
experimental-features = [
"nix-command"
"flakes"
];
trusted-users = [
"root"
"@wheel"
];
# nixpkgs.config.allowUnfreePredicate = (pkg: builtins.elem (lib.getName pkg) [
# "steam"
# ]);
builders-use-substitutes = true;
};
distributedBuilds = true;
buildMachines = [
{
hostName = "lilith-server-builder";
system = "x86_64-linux";
protocol = "ssh-ng";
}
];
};
}

24
system/core/persistence.nix
View file

@ -1,5 +1,12 @@
{impermanence, conf, lib, config, ...}: {
imports = [impermanence.nixosModule];
{
impermanence,
conf,
lib,
config,
...
}:
{
imports = [ impermanence.nixosModule ];
environment.persistence."/persist/data" = {
hideMounts = true;
@ -7,20 +14,20 @@
"/etc/NetworkManager/system-connections"
"/var/lib/bluetooth"
];
files = [];
files = [ ];
users.lilith = {
directories = [
".config/syncthing"
".config/sops"
".config/keepassxc"
".config/obsidian"
".config/vesktop"
".gnupg"
".ssh"
".thunderbird"
".mozilla"
".zen"
"nixos"
"sync"
@ -31,7 +38,7 @@
".local/share/lutris"
".local/share/games"
];
files = [];
files = [ ];
};
};
@ -45,9 +52,7 @@
"/var/lib/systemd/timers"
"/var/log"
];
files = [
"/etc/machine-id"
];
files = [ "/etc/machine-id" ];
users.lilith = {
directories = [
@ -55,9 +60,8 @@
".cache/keepassxc"
".cargo"
".local/state/wireplumber"
"tmp"
];
files = [];
files = [ ];
};
};
}

22
system/core/ssh.nix
View file

@ -1,11 +1,27 @@
{...}: {
networking.firewall.allowedTCPPorts = [22];
{ ... }:
{
networking.firewall.allowedTCPPorts = [ 22 ];
sops.secrets."ssh/nixremote/private" = {
sopsFile = ../../secrets/default.yaml;
path = "/root/.ssh/nixremote";
};
services.openssh = {
enable = true;
ports = [22];
ports = [ 22 ];
settings = {
PermitRootLogin = "no";
PasswordAuthentication = false;
};
};
programs.ssh = {
extraConfig = ''
Host lilith-server-builder
HostName 2a01:4f9:4a:1ecb::2
User nixremote
IdentityFile /root/.ssh/nixremote
'';
};
}

51
system/core/syncthing.nix
View file

@ -1,6 +1,8 @@
{ config, sops, ...}: let
host = config.networking.hostName;
in {
{ config, ... }:
let
host = config.networking.hostName;
in
{
sops.secrets."syncthing/key.pem" = {
sopsFile = ../../hosts/${host}/secrets/default.yaml;
@ -19,25 +21,44 @@
overrideDevices = true;
overrideFolders = true;
settings = {
key = config.sops.secrets."syncthing/key.pem".path;
cert = config.sops.secrets."syncthing/cert.pem".path;
key = config.sops.secrets."syncthing/key.pem".path;
cert = config.sops.secrets."syncthing/cert.pem".path;
settings = {
devices = {
"phone" = {id = "C2CKYRP-72UNJRX-MUPZIUY-CCHQYGF-6T4NA6B-MO7AEZB-RSN5EAG-CN2JCAF";};
"nixserver" = {id = "DW6GTZ3-3JPAHLO-UEB3LBL-AWOX3BT-QPI7ODT-OZ6Q4YR-K3KK22C-5RY3XQZ";};
"lilith-pc" = {id = "37HHP4Q-NNQRQPQ-MVSIHAX-BK2A3GL-O6K4WXA-Y7ZQ5GZ-BY4UTFH-LG4HYAY";};
"lilith-pad" = {id = "GQJA6WA-G5YZZSN-4OOQMVE-JPIR22N-VFHPY4O-XMRG37D-DALH4R2-7DCTMQK";};
"lilith-old" = {id = "MSUZJ6K-4CIFE5D-ILO6FE4-SPRPTZI-VEWZQ7F-ECARCCF-2VLVMDQ-2HQUAAS";};
"lilith-phone" = {
id = "N3VHPZJ-DARZYPM-TIBLRAZ-KN6QWYJ-VU6FP2N-INYVJZ3-ZSUD63P-NSXLIQ6";
};
"lilith-lab" = {
id = "DW6GTZ3-3JPAHLO-UEB3LBL-AWOX3BT-QPI7ODT-OZ6Q4YR-K3KK22C-5RY3XQZ";
};
"lilith-pc" = {
id = "37HHP4Q-NNQRQPQ-MVSIHAX-BK2A3GL-O6K4WXA-Y7ZQ5GZ-BY4UTFH-LG4HYAY";
};
"lilith-pad" = {
id = "GQJA6WA-G5YZZSN-4OOQMVE-JPIR22N-VFHPY4O-XMRG37D-DALH4R2-7DCTMQK";
};
};
folders = {
"rdcj2-mfyb4" = {
"sync" = {
id = "rdcj2-mfyb4";
path = "/home/lilith/sync";
devices = ["phone" "nixserver" "lilith-pad" "lilith-pc" "lilith-old"];
devices = [
"lilith-phone"
"lilith-lab"
"lilith-pad"
"lilith-pc"
];
};
"sdpfs-2beqd" = {
"keepass" = {
id = "sdpfs-2beqd";
path = "/home/lilith/.keepass";
devices = ["phone" "nixserver" "lilith-pad" "lilith-pc" "lilith-old"];
devices = [
"lilith-phone"
"lilith-lab"
"lilith-pad"
"lilith-pc"
];
};
};
};

1
system/default.nix
View file

@ -3,5 +3,4 @@
./core
./optional
];
# system.stateVersion = "24.11";
}

14
system/optional/desktop.nix
View file

@ -1,15 +1,23 @@
{ config, lib, ...}: {
{
config,
lib,
pkgs,
hyprland,
...
}:
{
options.desktop.enable = lib.mkEnableOption "Enable Wayland compositor with hyprland login";
config = lib.mkIf config.desktop.enable {
hardware.graphics.enable = true;
security.polkit.enable = true;
security.pam.services.hyprlock = {};
security.pam.services.hyprlock = { };
services.dbus.enable = true;
programs.hyprland.enable = true;
programs.hyprland.package = hyprland.packages.${pkgs.system}.hyprland;
services.greetd = {
enable = true;

27
system/optional/stylix.nix
View file

@ -1,4 +1,11 @@
{pkgs, stylix, config, lib, ...}: {
{
pkgs,
stylix,
config,
lib,
...
}:
{
imports = [ stylix.nixosModules.stylix ];
options.auto_styling.enable = lib.mkEnableOption "Enable Stylix";
@ -16,6 +23,16 @@
};
fonts = {
serif = {
package = pkgs.dejavu_fonts;
name = "DejaVu Serif";
};
sansSerif = {
package = pkgs.dejavu_fonts;
name = "DejaVu Sans";
};
monospace = {
package = pkgs.nerd-fonts.jetbrains-mono;
name = "JetBrainsMono Nerd Font";
@ -26,12 +43,18 @@
name = "Twemoji";
};
sizes = { applications = 14; desktop = 12; popups = 12; terminal = 14; };
sizes = {
applications = 14;
desktop = 12;
popups = 12;
terminal = 14;
};
};
cursor = {
package = pkgs.rose-pine-cursor;
name = "Rosé Pine";
size = 10;
};
};
};