1
0
Fork 0

Template integration final touches

This commit is contained in:
Aires 2024-06-24 14:01:51 -04:00
parent 44af742046
commit 502407e3c1
7 changed files with 51 additions and 72 deletions

View file

@ -1,32 +0,0 @@
on: [push]
jobs:
# Source: https://github.com/isabelroses/dotfiles/tree/main/.github/workflows
update-lockfile:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Install Nix
uses: DeterminateSystems/nix-installer-action@main
with:
logger: pretty
# - name: Update Lockfile
# uses: DeterminateSystems/update-flake-lock@main
# id: update
# with:
# pr-title: "chore(deps): flake inputs"
# commit-msg: "chore(deps): flake inputs"
# token: ${{ secrets.GITHUB_TOKEN }}
# build:
# runs-on: nix
# steps:
# - run: nix-env -iA nixpkgs.nodejs_20
# - uses: actions/checkout@v4
# - run: nix --experimental-features 'nix-command flakes' flake update
# - run: nixos-rebuild --experimental-features 'nix-command flakes' build --flake .#Haven
# - run: nixos-rebuild --experimental-features 'nix-command flakes' build --flake .#Khanda

View file

@ -12,7 +12,6 @@
boot = {
supportedFilesystems = [ "btrfs" ];
kernelModules = [ "kvm-amd" ];
extraModulePackages = [ ];
initrd = {
supportedFilesystems = [ "btrfs" ];

View file

@ -26,14 +26,39 @@ in
# https://nixos.org/manual/nixpkgs/stable/#sec-allow-unfree
allowUnfree = true;
apps = {
development.enable = true;
media.enable = true;
office.enable = true;
recording.enable = true;
social.enable = true;
writing = {
enable = true;
languagetool.enable = false;
};
};
# Enable Secure Boot support.
# IMPORTANT: Read the README before enabling this option!
bootloader.secureboot.enable = true;
bootloader = {
enable = true;
secureboot.enable = true;
tpm2.enable = true;
};
# Change the default text editor. Options are "emacs", "nano", or "vim".
editor = "nano";
ui.flatpak = {
# Enable GPU support.
gpu.intel.enable = true;
# Change how long old generations are kept for.
retentionPeriod = "14d";
services.autoUpgrade.enable = false;
ui = {
desktops.gnome.enable = true;
flatpak = {
# Enable Flatpak support.
enable = true;
@ -46,16 +71,7 @@ in
"org.keepassxc.KeePassXC"
];
};
# Change how long old generations are kept for.
retentionPeriod = "14d";
# Enable GPU support.
gpu.intel.enable = true;
ui.desktops.gnome.enable = true;
services.autoUpgrade.enable = false;
};
users.aires = {
enable = true;

View file

@ -12,28 +12,30 @@
aux.system = {
apps.tmux.enable = true;
users.aires.enable = true;
boot.enable = false;
services.ssh = {
boot = {
enable = true;
ports = [ config.secrets.hosts.haven.ssh.port ];
secureboot.enable = false;
};
};
nix.distributedBuilds = true;
networking.hostName = "Pihole";
time.timeZone = "America/New_York";
environment.systemPackages = with pkgs; [
packages = with pkgs; [
libraspberrypi
raspberrypifw
raspberrypi-eeprom
linuxKernel.kernels.linux_rpi4
];
services.ssh = {
enable = true;
ports = [ config.secrets.hosts.haven.ssh.port ];
};
users.aires.enable = true;
};
nix.distributedBuilds = true;
time.timeZone = "America/New_York";
# Connect to the network automagically
networking = {
hostName = "Pihole";
networkmanager.enable = lib.mkForce false;
wireless.networks = {
"${config.secrets.networking.networks.home.SSID}" = {

View file

@ -44,6 +44,7 @@ in
};
gpu.amd.enable = true;
packages = with pkgs; [ boinc ];
retentionPeriod = "7d";
services.autoUpgrade = {
enable = true;
configDir = config.secrets.nixConfigFolder;

View file

@ -16,12 +16,6 @@
# Hardware defaults detected by nixos-generate-configuration
initrd = {
# SystemD in the initrd is required for TPM auto-unlocking.
# See https://discourse.nixos.org/t/full-disk-encryption-tpm2/29454/2
# If the LUKS volume is recently created, run this command to bind it to the TPM:
# sudo systemd-cryptenroll --tpm2-device=auto --tpm2-pcrs=0+7 /dev/<device>
systemd.enable = true;
availableKernelModules = [
"nvme"
"xhci_pci"

View file

@ -16,7 +16,6 @@ let
# Search all files and folders within and below the current directory.
# Filters out directories that belong to home-manager, and don't end with .nix or are this file.
# Also, make the strings absolute
validFiles =
dir:
map (file: ./. + "/${file}") (