1
0
Fork 0

Template integration final touches

This commit is contained in:
Aires 2024-06-24 14:01:51 -04:00
parent 44af742046
commit 502407e3c1
7 changed files with 51 additions and 72 deletions

View file

@ -1,32 +0,0 @@
on: [push]
jobs:
# Source: https://github.com/isabelroses/dotfiles/tree/main/.github/workflows
update-lockfile:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Install Nix
uses: DeterminateSystems/nix-installer-action@main
with:
logger: pretty
# - name: Update Lockfile
# uses: DeterminateSystems/update-flake-lock@main
# id: update
# with:
# pr-title: "chore(deps): flake inputs"
# commit-msg: "chore(deps): flake inputs"
# token: ${{ secrets.GITHUB_TOKEN }}
# build:
# runs-on: nix
# steps:
# - run: nix-env -iA nixpkgs.nodejs_20
# - uses: actions/checkout@v4
# - run: nix --experimental-features 'nix-command flakes' flake update
# - run: nixos-rebuild --experimental-features 'nix-command flakes' build --flake .#Haven
# - run: nixos-rebuild --experimental-features 'nix-command flakes' build --flake .#Khanda

View file

@ -12,7 +12,6 @@
boot = { boot = {
supportedFilesystems = [ "btrfs" ]; supportedFilesystems = [ "btrfs" ];
kernelModules = [ "kvm-amd" ]; kernelModules = [ "kvm-amd" ];
extraModulePackages = [ ];
initrd = { initrd = {
supportedFilesystems = [ "btrfs" ]; supportedFilesystems = [ "btrfs" ];

View file

@ -26,37 +26,53 @@ in
# https://nixos.org/manual/nixpkgs/stable/#sec-allow-unfree # https://nixos.org/manual/nixpkgs/stable/#sec-allow-unfree
allowUnfree = true; allowUnfree = true;
apps = {
development.enable = true;
media.enable = true;
office.enable = true;
recording.enable = true;
social.enable = true;
writing = {
enable = true;
languagetool.enable = false;
};
};
# Enable Secure Boot support. # Enable Secure Boot support.
# IMPORTANT: Read the README before enabling this option! bootloader = {
bootloader.secureboot.enable = true; enable = true;
secureboot.enable = true;
tpm2.enable = true;
};
# Change the default text editor. Options are "emacs", "nano", or "vim". # Change the default text editor. Options are "emacs", "nano", or "vim".
editor = "nano"; editor = "nano";
ui.flatpak = { # Enable GPU support.
# Enable Flatpak support. gpu.intel.enable = true;
enable = true;
# Define Flatpak packages to install.
packages = [
"com.github.tchx84.Flatseal"
"com.github.wwmm.easyeffects"
"md.obsidian.Obsidian"
"net.waterfox.waterfox"
"org.keepassxc.KeePassXC"
];
};
# Change how long old generations are kept for. # Change how long old generations are kept for.
retentionPeriod = "14d"; retentionPeriod = "14d";
# Enable GPU support.
gpu.intel.enable = true;
ui.desktops.gnome.enable = true;
services.autoUpgrade.enable = false; services.autoUpgrade.enable = false;
ui = {
desktops.gnome.enable = true;
flatpak = {
# Enable Flatpak support.
enable = true;
# Define Flatpak packages to install.
packages = [
"com.github.tchx84.Flatseal"
"com.github.wwmm.easyeffects"
"md.obsidian.Obsidian"
"net.waterfox.waterfox"
"org.keepassxc.KeePassXC"
];
};
};
users.aires = { users.aires = {
enable = true; enable = true;
services = { services = {

View file

@ -12,28 +12,30 @@
aux.system = { aux.system = {
apps.tmux.enable = true; apps.tmux.enable = true;
users.aires.enable = true; boot = {
boot.enable = false;
services.ssh = {
enable = true; enable = true;
ports = [ config.secrets.hosts.haven.ssh.port ]; secureboot.enable = false;
}; };
}; packages = with pkgs; [
nix.distributedBuilds = true;
networking.hostName = "Pihole";
time.timeZone = "America/New_York";
environment.systemPackages = with pkgs; [
libraspberrypi libraspberrypi
raspberrypifw raspberrypifw
raspberrypi-eeprom raspberrypi-eeprom
linuxKernel.kernels.linux_rpi4 linuxKernel.kernels.linux_rpi4
]; ];
services.ssh = {
enable = true;
ports = [ config.secrets.hosts.haven.ssh.port ];
};
users.aires.enable = true;
};
nix.distributedBuilds = true;
time.timeZone = "America/New_York";
# Connect to the network automagically # Connect to the network automagically
networking = { networking = {
hostName = "Pihole";
networkmanager.enable = lib.mkForce false; networkmanager.enable = lib.mkForce false;
wireless.networks = { wireless.networks = {
"${config.secrets.networking.networks.home.SSID}" = { "${config.secrets.networking.networks.home.SSID}" = {

View file

@ -44,6 +44,7 @@ in
}; };
gpu.amd.enable = true; gpu.amd.enable = true;
packages = with pkgs; [ boinc ]; packages = with pkgs; [ boinc ];
retentionPeriod = "7d";
services.autoUpgrade = { services.autoUpgrade = {
enable = true; enable = true;
configDir = config.secrets.nixConfigFolder; configDir = config.secrets.nixConfigFolder;

View file

@ -16,12 +16,6 @@
# Hardware defaults detected by nixos-generate-configuration # Hardware defaults detected by nixos-generate-configuration
initrd = { initrd = {
# SystemD in the initrd is required for TPM auto-unlocking.
# See https://discourse.nixos.org/t/full-disk-encryption-tpm2/29454/2
# If the LUKS volume is recently created, run this command to bind it to the TPM:
# sudo systemd-cryptenroll --tpm2-device=auto --tpm2-pcrs=0+7 /dev/<device>
systemd.enable = true;
availableKernelModules = [ availableKernelModules = [
"nvme" "nvme"
"xhci_pci" "xhci_pci"

View file

@ -16,7 +16,6 @@ let
# Search all files and folders within and below the current directory. # Search all files and folders within and below the current directory.
# Filters out directories that belong to home-manager, and don't end with .nix or are this file. # Filters out directories that belong to home-manager, and don't end with .nix or are this file.
# Also, make the strings absolute
validFiles = validFiles =
dir: dir:
map (file: ./. + "/${file}") ( map (file: ./. + "/${file}") (