diff --git a/.forgejo/workflows/update.yaml b/.forgejo/workflows/update.yaml deleted file mode 100644 index b30ab13..0000000 --- a/.forgejo/workflows/update.yaml +++ /dev/null @@ -1,32 +0,0 @@ -on: [push] - -jobs: - # Source: https://github.com/isabelroses/dotfiles/tree/main/.github/workflows - update-lockfile: - runs-on: ubuntu-latest - - steps: - - name: Checkout - uses: actions/checkout@v4 - - - name: Install Nix - uses: DeterminateSystems/nix-installer-action@main - with: - logger: pretty - -# - name: Update Lockfile -# uses: DeterminateSystems/update-flake-lock@main -# id: update -# with: -# pr-title: "chore(deps): flake inputs" -# commit-msg: "chore(deps): flake inputs" -# token: ${{ secrets.GITHUB_TOKEN }} - -# build: -# runs-on: nix -# steps: -# - run: nix-env -iA nixpkgs.nodejs_20 -# - uses: actions/checkout@v4 -# - run: nix --experimental-features 'nix-command flakes' flake update -# - run: nixos-rebuild --experimental-features 'nix-command flakes' build --flake .#Haven -# - run: nixos-rebuild --experimental-features 'nix-command flakes' build --flake .#Khanda diff --git a/hosts/Haven/hardware-configuration.nix b/hosts/Haven/hardware-configuration.nix index f086177..1b9ee9c 100644 --- a/hosts/Haven/hardware-configuration.nix +++ b/hosts/Haven/hardware-configuration.nix @@ -12,7 +12,6 @@ boot = { supportedFilesystems = [ "btrfs" ]; kernelModules = [ "kvm-amd" ]; - extraModulePackages = [ ]; initrd = { supportedFilesystems = [ "btrfs" ]; diff --git a/hosts/Khanda/default.nix b/hosts/Khanda/default.nix index 589dbfa..4f097fb 100644 --- a/hosts/Khanda/default.nix +++ b/hosts/Khanda/default.nix @@ -26,37 +26,53 @@ in # https://nixos.org/manual/nixpkgs/stable/#sec-allow-unfree allowUnfree = true; + apps = { + development.enable = true; + media.enable = true; + office.enable = true; + recording.enable = true; + social.enable = true; + writing = { + enable = true; + languagetool.enable = false; + }; + }; + # Enable Secure Boot support. - # IMPORTANT: Read the README before enabling this option! - bootloader.secureboot.enable = true; + bootloader = { + enable = true; + secureboot.enable = true; + tpm2.enable = true; + }; # Change the default text editor. Options are "emacs", "nano", or "vim". editor = "nano"; - ui.flatpak = { - # Enable Flatpak support. - enable = true; - - # Define Flatpak packages to install. - packages = [ - "com.github.tchx84.Flatseal" - "com.github.wwmm.easyeffects" - "md.obsidian.Obsidian" - "net.waterfox.waterfox" - "org.keepassxc.KeePassXC" - ]; - }; + # Enable GPU support. + gpu.intel.enable = true; # Change how long old generations are kept for. retentionPeriod = "14d"; - # Enable GPU support. - gpu.intel.enable = true; - - ui.desktops.gnome.enable = true; - services.autoUpgrade.enable = false; + ui = { + desktops.gnome.enable = true; + flatpak = { + # Enable Flatpak support. + enable = true; + + # Define Flatpak packages to install. + packages = [ + "com.github.tchx84.Flatseal" + "com.github.wwmm.easyeffects" + "md.obsidian.Obsidian" + "net.waterfox.waterfox" + "org.keepassxc.KeePassXC" + ]; + }; + }; + users.aires = { enable = true; services = { diff --git a/hosts/Pihole/default.nix b/hosts/Pihole/default.nix index d2c400a..e732b24 100644 --- a/hosts/Pihole/default.nix +++ b/hosts/Pihole/default.nix @@ -12,28 +12,30 @@ aux.system = { apps.tmux.enable = true; - users.aires.enable = true; - boot.enable = false; - services.ssh = { + boot = { enable = true; - ports = [ config.secrets.hosts.haven.ssh.port ]; + secureboot.enable = false; }; - }; - - nix.distributedBuilds = true; - - networking.hostName = "Pihole"; - time.timeZone = "America/New_York"; - - environment.systemPackages = with pkgs; [ + packages = with pkgs; [ libraspberrypi raspberrypifw raspberrypi-eeprom linuxKernel.kernels.linux_rpi4 ]; + services.ssh = { + enable = true; + ports = [ config.secrets.hosts.haven.ssh.port ]; + }; + users.aires.enable = true; + }; + + nix.distributedBuilds = true; + + time.timeZone = "America/New_York"; # Connect to the network automagically networking = { + hostName = "Pihole"; networkmanager.enable = lib.mkForce false; wireless.networks = { "${config.secrets.networking.networks.home.SSID}" = { diff --git a/hosts/Shura/default.nix b/hosts/Shura/default.nix index b576827..d66982b 100644 --- a/hosts/Shura/default.nix +++ b/hosts/Shura/default.nix @@ -44,6 +44,7 @@ in }; gpu.amd.enable = true; packages = with pkgs; [ boinc ]; + retentionPeriod = "7d"; services.autoUpgrade = { enable = true; configDir = config.secrets.nixConfigFolder; diff --git a/hosts/Shura/hardware-configuration.nix b/hosts/Shura/hardware-configuration.nix index 9fbe508..c9db44f 100644 --- a/hosts/Shura/hardware-configuration.nix +++ b/hosts/Shura/hardware-configuration.nix @@ -16,12 +16,6 @@ # Hardware defaults detected by nixos-generate-configuration initrd = { - # SystemD in the initrd is required for TPM auto-unlocking. - # See https://discourse.nixos.org/t/full-disk-encryption-tpm2/29454/2 - # If the LUKS volume is recently created, run this command to bind it to the TPM: - # sudo systemd-cryptenroll --tpm2-device=auto --tpm2-pcrs=0+7 /dev/ - systemd.enable = true; - availableKernelModules = [ "nvme" "xhci_pci" diff --git a/modules/autoimport.nix b/modules/autoimport.nix index 471674b..848bce7 100644 --- a/modules/autoimport.nix +++ b/modules/autoimport.nix @@ -16,7 +16,6 @@ let # Search all files and folders within and below the current directory. # Filters out directories that belong to home-manager, and don't end with .nix or are this file. - # Also, make the strings absolute validFiles = dir: map (file: ./. + "/${file}") (