wayne/system
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Activity

Compare commits

base: wayne:18d7e1cf09912b294efd1d108754a18dab8bbaf8
Branches Tags
wayne:main
..
compare: wayne:49f8b66489c8e3ca8a42e7a88bb10cd9bc4bb8af
Branches Tags
wayne:main

No commits in common. "18d7e1cf09912b294efd1d108754a18dab8bbaf8" and "49f8b66489c8e3ca8a42e7a88bb10cd9bc4bb8af" have entirely different histories.
18d7e1cf09 ... 49f8b66489

15 changed files with 35 additions and 179 deletions
Show Stats Expand all files Collapse all files

30
configuration.nix
View File

@ -1,23 +1,13 @@
# NixOS's declarative configuration calculates which software packages need to be installed and then soft-links the storage paths of these packages in the Nix Store to /run/current-system, and by modifying environment variables like PATH # NixOS's declarative configuration calculates which software packages need to be installed and then soft-links the storage paths of these packages in the Nix Store to /run/current-system, and by modifying environment variables like PATH
{ { lib, config, pkgs, zen-browser, hyprland, inputs, agenix, pkgs-unstable, ... }:
lib,
config,
pkgs,
zen-browser,
hyprland,
inputs,
agenix,
pkgs-unstable,
pia,
...
}:
let let
unstable = import <nixpkgs> { unstable = import <nixpkgs> {
overlays = pkgs.overlays; overlays = pkgs.overlays;
}; };
in in
{ {
imports = [ imports =
[
./environment.nix ./environment.nix
./hardware-configuration.nix ./hardware-configuration.nix
@ -31,7 +21,6 @@ in
./modules/nix.nix ./modules/nix.nix
# ./modules/qt.nix # ./modules/qt.nix
./modules/security.nix ./modules/security.nix
./modules/tailscale.nix
./modules/users.nix ./modules/users.nix
./modules/wm.nix ./modules/wm.nix
./modules/xdg.nix ./modules/xdg.nix
@ -147,15 +136,11 @@ in
#media-session.enable = true; #media-session.enable = true;
# wireplumber.enable = true; # wireplumber.enable = true;
}; };
# hardware.openrgb = { hardware.openrgb = {
# enable = false;
# package = pkgs.openrgb-with-all-plugins;
# motherboard = "intel";
# server.port = 6742;
# };
pia = {
enable = true; enable = true;
authUserPassFile = config.age.secrets.pia.path; package = pkgs.openrgb-with-all-plugins;
motherboard = "intel";
server.port = 6742;
}; };
}; };
@ -199,7 +184,6 @@ in
i2c-tools i2c-tools
android-udev-rules android-udev-rules
tailscale
logiops logiops
]; ];

55
flake.lock generated
View File

@ -127,24 +127,6 @@
"type": "github" "type": "github"
} }
}, },
"flake-utils_2": {
"inputs": {
"systems": "systems_3"
},
"locked": {
"lastModified": 1726560853,
"narHash": "sha256-X6rJYSESBVr3hBoH0WbKE5KvhPU5bloyZ2L4K60/fPQ=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "c1dfcf08411b08f6b8615f7d8971a2bfa81d5e8a",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"fromYaml": { "fromYaml": {
"flake": false, "flake": false,
"locked": { "locked": {
@ -350,27 +332,6 @@
"type": "github" "type": "github"
} }
}, },
"pia": {
"inputs": {
"flake-utils": "flake-utils_2",
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1730809692,
"narHash": "sha256-L2nzuQOK36xYcY6hQ3+waIFd0lWGlz7YTBnUCgV5Ox4=",
"owner": "Fuwn",
"repo": "pia.nix",
"rev": "445e82bd030080fb250f83805a7cc2feeea174c9",
"type": "github"
},
"original": {
"owner": "Fuwn",
"repo": "pia.nix",
"type": "github"
}
},
"root": { "root": {
"inputs": { "inputs": {
"agenix": "agenix", "agenix": "agenix",
@ -384,7 +345,6 @@
"nix-colors": "nix-colors", "nix-colors": "nix-colors",
"nixpkgs": "nixpkgs_3", "nixpkgs": "nixpkgs_3",
"nixpkgs-unstable": "nixpkgs-unstable", "nixpkgs-unstable": "nixpkgs-unstable",
"pia": "pia",
"tt-schemes": "tt-schemes", "tt-schemes": "tt-schemes",
"zen-browser": "zen-browser" "zen-browser": "zen-browser"
} }
@ -419,21 +379,6 @@
"type": "github" "type": "github"
} }
}, },
"systems_3": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
},
"tt-schemes": { "tt-schemes": {
"flake": false, "flake": false,
"locked": { "locked": {

7
flake.nix
View File

@ -45,9 +45,6 @@
# inputs.nixpkgs.follows = "nixpkgs"; # inputs.nixpkgs.follows = "nixpkgs";
# }; # };
agenix.url = "github:ryantm/agenix"; agenix.url = "github:ryantm/agenix";
# PIA
pia.url = "github:Fuwn/pia.nix";
pia.inputs.nixpkgs.follows = "nixpkgs";
musnix.url = "github:musnix/musnix"; musnix.url = "github:musnix/musnix";
}; };
@ -66,7 +63,6 @@
agenix, agenix,
# nix-ld, # nix-ld,
musnix, musnix,
pia,
... ...
} @ inputs: } @ inputs:
let let
@ -105,12 +101,11 @@
nixosConfigurations = { nixosConfigurations = {
launchpad = nixpkgs.lib.nixosSystem { launchpad = nixpkgs.lib.nixosSystem {
specialArgs = {inherit inputs outputs systemSettings userSettings lib agenix pia ;}; specialArgs = {inherit inputs outputs systemSettings userSettings lib agenix ;};
modules = [ modules = [
# kmonad.nixosModules.default # kmonad.nixosModules.default
musnix.nixosModules.musnix musnix.nixosModules.musnix
agenix.nixosModules.default agenix.nixosModules.default
pia.nixosModules."x86_64-linux".default
./configuration.nix ./configuration.nix
# nix-ld.nixosModules.nix-ld # nix-ld.nixosModules.nix-ld

1
hardware-configuration.nix
View File

@ -22,7 +22,6 @@
boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "nvme" "usbhid" "usb_storage" "sd_mod" ]; boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "nvme" "usbhid" "usb_storage" "sd_mod" ];
boot.initrd.kernelModules = [ "i2c-dev" "i2c-piix4" ]; boot.initrd.kernelModules = [ "i2c-dev" "i2c-piix4" ];
boot.kernel.sysctl."net.ipv4.ip_forward" = 1; # Added for Tailscale
boot.kernel.sysctl."net.ipv6.conf.enp4s0.disable_ipv6" = true; boot.kernel.sysctl."net.ipv6.conf.enp4s0.disable_ipv6" = true;
boot.kernel.sysctl."net.ipv6.conf.wlp5s0.disable_ipv6" = true; boot.kernel.sysctl."net.ipv6.conf.wlp5s0.disable_ipv6" = true;
boot.kernel.sysctl."net.ipv6.conf.br0.disable_ipv6" = true; boot.kernel.sysctl."net.ipv6.conf.br0.disable_ipv6" = true;

14
hm/home.nix
View File

@ -1,18 +1,6 @@
# Last stable generation 359 10/13/24 # Last stable generation 359 10/13/24
# home-manager works by soft-linking the software packages configured by the user to /etc/profiles/per-user/your-username and modifying environment variables like PATH to point to this path, thus installing user software packages. # home-manager works by soft-linking the software packages configured by the user to /etc/profiles/per-user/your-username and modifying environment variables like PATH to point to this path, thus installing user software packages.
{ { inputs, outputs, lib, config, pkgs, systemSettings, userSettings, zen-browser, hyprland, nix-colors, ... }:
inputs,
outputs,
lib,
config,
pkgs,
systemSettings,
userSettings,
zen-browser,
hyprland,
nix-colors,
...
}:
let let
system = "x86_64-linux"; system = "x86_64-linux";

2
hm/pkgs/gramming-packages.nix
View File

@ -7,7 +7,7 @@ with pkgs;
# ]; # ];
# }) # })
# IDE's # IDE's
sublime3 sublime-merge vscode # vscode.languages.web vscode.languages.python vscode.languages.nix vscode.languages.bash sublime3 vscode # vscode.languages.web vscode.languages.python vscode.languages.nix vscode.languages.bash
typora obsidian obsidian-export # vimPlugins.obsidian-nvim typora obsidian obsidian-export # vimPlugins.obsidian-nvim
# Lunarvim Dependencies # Lunarvim Dependencies
gnumake42 nodejs_22 cargo ripgrep cmake gnumake42 nodejs_22 cargo ripgrep cmake

2
hm/pkgs/inet-packages.nix
View File

@ -26,5 +26,5 @@ with pkgs;
remmina remmina
mapscii mapscii
# tidal-dl tidal-dl
] ]

17
modules/containers.nix
View File

@ -402,12 +402,6 @@
localAddress = "192.168.12.76/24"; localAddress = "192.168.12.76/24";
hostBridge = "br0"; hostBridge = "br0";
autoStart = false; autoStart = false;
allowedDevices = [
{
modifier = "rw";
node = "/dev/net/tun";
}
];
bindMounts = { bindMounts = {
"/var/www" = { "/var/www" = {
hostPath = "/home/wayne/dev/whd/live"; hostPath = "/home/wayne/dev/whd/live";
@ -424,7 +418,7 @@
{ {
networking.firewall = { networking.firewall = {
enable = true; enable = true;
allowedTCPPorts = [ 22 80 443 1025 3000 3001 41641 8025 8080 2222 3306 ]; allowedTCPPorts = [ 22 80 443 1025 3000 3001 8025 8080 2222 3306 ];
}; };
networking = { networking = {
enableIPv6 = false; enableIPv6 = false;
@ -451,15 +445,6 @@
}; };
}; };
services.tailscale = {
enable = true;
package = pkgs.tailscale;
interfaceName = "tailscale0";
openFirewall = true;
port = 41641;
useRoutingFeatures = "server";
};
services.openssh = { services.openssh = {
enable = true; enable = true;
ports = [ 22 ]; ports = [ 22 ];

3
modules/network.nix
View File

@ -64,8 +64,7 @@
extraCommands = '' extraCommands = ''
iptables -t raw -A OUTPUT -p udp -m udp --dport 137 -j CT --helper netbios-ns iptables -t raw -A OUTPUT -p udp -m udp --dport 137 -j CT --helper netbios-ns
''; '';
trustedInterfaces = [ "br0" "tailscale0" ]; trustedInterfaces = [ "br0" ];
checkReversePath = "loose"; # Added for Tailscale
}; };
bridges = { bridges = {
br0 = { br0 = {

5
modules/security.nix
View File

@ -70,11 +70,11 @@
%wheel ALL=(ALL) NOPASSWD: ${pkgs.input-remapper}/bin/input-remapper-service %wheel ALL=(ALL) NOPASSWD: ${pkgs.input-remapper}/bin/input-remapper-service
%wheel ALL=(ALL) NOPASSWD: ${pkgs.input-remapper}/bin/input-remapper-control %wheel ALL=(ALL) NOPASSWD: ${pkgs.input-remapper}/bin/input-remapper-control
%wheel ALL=(ALL) NOPASSWD: /run/wrappers/bin/systemctl restart display-manager %wheel ALL=(ALL) NOPASSWD: /run/wrappers/bin/systemctl restart display-manager
''; '';
}; };
age = { age = {
identityPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
secrets = { secrets = {
nextcloud = { nextcloud = {
file = ../secrets/nextcloud.age; file = ../secrets/nextcloud.age;
@ -85,9 +85,6 @@
onlyoffice = { onlyoffice = {
file = ../secrets/onlyoffice-jwt.age; file = ../secrets/onlyoffice-jwt.age;
}; };
pia = {
file = ../secrets/pia.age;
};
}; };
}; };
} }

15
modules/tailscale.nix
View File

@ -1,15 +0,0 @@
{ pkgs, ... }:
{
services.tailscale = {
enable = true;
package = pkgs.tailscale;
interfaceName = "tailscale0";
openFirewall = true;
port = 41641;
useRoutingFeatures = "both";
extraSetFlags = [
"--advertise-routes=192.168.12.0/24"
];
};
}

4
pkgs/wm/hyprland/hyprland.nix
View File

@ -244,10 +244,10 @@
# "${config.home.homeDirectory}/.config/hypr/scripts/start-in-tray.sh" # "${config.home.homeDirectory}/.config/hypr/scripts/start-in-tray.sh"
"${config.home.homeDirectory}/.config/hypr/scripts/start-keybase-gui.sh" "${config.home.homeDirectory}/.config/hypr/scripts/start-keybase-gui.sh"
"[workspace 4 silent] remmina -c rdp://wayne@xeon.local" # "[workspace 4 silent] remmina -c rdp://wayne@xeon.local"
"[workspace 7 silent] sublime3" "[workspace 7 silent] sublime3"
"[workspace 9 silent] keepassxc" "[workspace 9 silentl] keepassxc"
"[workspace 9 silent] /home/wayne/.nix-profile/bin/nextcloud --background" "[workspace 9 silent] /home/wayne/.nix-profile/bin/nextcloud --background"
"[workspace 9 silent] /nix/store/104jb5a21d1d338zkl1f07si6brsmrk2-keybase-gui-6.2.4/bin/keybase-gui %u &" "[workspace 9 silent] /nix/store/104jb5a21d1d338zkl1f07si6brsmrk2-keybase-gui-6.2.4/bin/keybase-gui %u &"

3
secrets/.gitmodules vendored
View File

@ -1,3 +0,0 @@
[submodule "secrets"]
path = secrets
url = ../secrets.git

17
secrets/pia.age
View File

@ -1,17 +0,0 @@
age-encryption.org/v1
-> ssh-rsa 28puQg
JGtoK7DucZvBPjewFHiFnOKOTjIaSOGfRJybUD14VcHRk0uiSfXidkp/Gf/wf3KJ
narocC7/qcVIdHWiMe+TbNcE/Kcly3BUpW7w7QFIxJ3+X49TttE4/VcTp5QJ2nbV
Wm5q+Kd9IG2B2Bt/8BmQCiwOkoo+ps3mub4xY2yBmuPo8kvZhMdnwEx2NLQy9CiC
JOtd77ZpmsETuBOodu/4eAIxqfS+qooZVUkc/mzywOgCjMU94YLrwGxt1iwdTXMX
xEtm9rd3W2Sjj7ksh6G+rFarg5NODSMc/7LIoiQui6w9ytRsu3FukS8dhYe92Yep
rw+2Jmz5FHLiVdfh9ZTzEOGVojGlHVJpthZPWUGHsWH1+p9FXbPCYThGVSzWZh/2
vj6/5C/xpN3yzVoQtVqu/svrSH8Ls9cBJpo2yqopS85nzwjnA/ypkHrXQ4QUaZQg
upzsNc7EAaY91CIBGxyattGODJ+bRuehVgo/xpb+W9fwFVkvP6wm3UiTJwFsKwE6
pdusUwqzyhcvhm8lGj5H0JW5jvEd+UjpVBHc1+DC2vLeqwuUzo/Ya5qNTBrNwdKT
nkXyyiXuTdRJ5lkcM9xjY0vikNN348dURVIB1Ub+iTG85Pg4IdBgR2S5s01L/b4n
c0vOvWf3jcx/SkZoKgiYjiWYoIXVRrAlcVnwXJ09h+8
-> ssh-ed25519 rxYdLA jMpoBVQ9mBa2Rtyx9EeEGHYKlXYlmTAw0uR+5Jbclyc
xibncpFqofpBcebRdwALgdjJlUIO4dY7kJYXMB2P9xc
--- eM2ZXQ4YYbeGThU1RChJ1Qmn2NwknMc7jOqd264rHGI
*OÁ¨„CEŽñBò÷èŠú°U`c2iþ«<8“ HëÛÑW<>Á|^¥b'2Nµ.Ý–

1
secrets/secrets.nix
View File

@ -11,5 +11,4 @@ in
"nextcloud.age".publicKeys = [ nextcloud wayne launchpad ]; "nextcloud.age".publicKeys = [ nextcloud wayne launchpad ];
"onlyoffice-jwt.age".publicKeys = [ onlyoffice wayne launchpad ]; "onlyoffice-jwt.age".publicKeys = [ onlyoffice wayne launchpad ];
"whayes.age".publicKeys = [ wayne launchpad ]; "whayes.age".publicKeys = [ wayne launchpad ];
"pia.age".publicKeys = [ wayne launchpad ];
} }