diff --git a/README.md b/README.md index 31e83a5..9d918b2 100644 --- a/README.md +++ b/README.md @@ -9,7 +9,7 @@ A full set of configuration files managed via NixOS. This project follows the ge ### Note on secrets management -Secrets are stored in a separate repo called `nix-secrets`, which is included here as a submodule. It gets pulled into the main config via `hosts/common/default.nix`. This is a poor man's secret management solution, but y'know what, it works. These "secrets" will be readable to users on the system with access to the `/nix/store/`, but for single-user systems, it's fine. +Secrets are stored in a separate repo called `nix-secrets`, which is included here as a flake input. This is a poor man's secret management solution, but y'know what, it works. These "secrets" will be readable to users on the system with access to the `/nix/store/`, but for single-user systems, it's fine. Initialize the submodule with: @@ -111,7 +111,7 @@ To add a new host: 1. Create a new folder in `hosts/`. 2. Copy `hosts/configuration.nix.template` into this folder and name it `default.nix`. 3. Run `nixos-hardware-configuration` on the host and copy its `hardware-configuration.nix` file here. You might also want to check the `configuration.nix` generated by this command to see if there's anything you should import into your host's `default.nix`. -4. Configure `/hosts/default.nix` however you'd like. +4. Configure `/hosts//default.nix` however you'd like. 5. Add the new host to `flake.nix`. 5. Run `nix flake update` and `nixos-rebuild boot --flake .#`. @@ -121,11 +121,10 @@ To add a new host: This config uses two systems: Flakes, and Home-manager. -- Flakes are the entrypoint, via `flake.nix`. This is where you include Flake modules and define Flake-specific options. -- Home-manager configs live in the `users/` folders. Each user gets its own `home-manager.nix` file too. -- Modules are stored in `modules`. All of these files are automatically imported; you simply enable the ones you want to use, and disable the ones you don't. For example, to install Flatpak, set `host.ui.flatpak.enable = true;`. +- Flakes are the entrypoint, via `flake.nix`. This is where Flake inputs and Flake-specific options get defined. +- Home-manager configs live in the `users/` folders. +- Modules are stored in `modules`. All of these files are automatically imported (except home-manager modules); you simply enable the ones you want to use, and disable the ones you don't. For example, to install Flatpak, set `host.ui.flatpak.enable = true;`. - After adding a new module, make sure to `git add` it. - - Modules are automatically imported - see `autoimport.nix`. ### Features @@ -133,13 +132,13 @@ This Nix config features: - Flakes - Home Manager -- AMD, Intel, and Raspberry Pi hardware configurations +- AMD, Intel, and Raspberry Pi (ARM64) hardware configurations - Workstation and server base system configurations - GNOME desktop environment with KDE integrations - Boot splash screens via Plymouth - Secure Boot and TPM - Disk encryption via LUKS -- Custom packages and systemd services (Duplicacy Web) +- Custom packages and systemd services - Flatpaks - Default ZSH shell using Oh My ZSH - Secrets (in a janky hacky kinda way) diff --git a/flake.lock b/flake.lock index 24c90c8..b87b1f9 100644 --- a/flake.lock +++ b/flake.lock @@ -159,7 +159,6 @@ }, "original": { "owner": "nix-community", - "ref": "master", "repo": "home-manager", "type": "github" } @@ -218,11 +217,11 @@ ] }, "locked": { - "lastModified": 1715885250, - "narHash": "sha256-IUFYAl3158Ig5vySnRBHoPReb2/S97bjodCo6FhzJv4=", + "lastModified": 1716506851, + "narHash": "sha256-fzY708SyfHwLOFrg5ZU0fXW9mNdvRvqz64jg97vvpJM=", "ref": "refs/heads/main", - "rev": "53d713eb486f21d653af3ef3528e9a19ecfc45e5", - "revCount": 81, + "rev": "18fa4a89e208cb8e881f5f71c75bbd4c1c2fd37d", + "revCount": 83, "type": "git", "url": "https://git.lix.systems/lix-project/nixos-module" }, @@ -250,11 +249,11 @@ "nix-secrets": { "flake": false, "locked": { - "lastModified": 1716476738, - "narHash": "sha256-xeGy/omF4PykBsyzc7SfEd28/nyNNlvuLAk4FxCqvZM=", + "lastModified": 1716494193, + "narHash": "sha256-N/23Gj51yL/mi+ReaJYGvRbP0Gw0BwZGho6fs1ZKB5s=", "ref": "refs/heads/main", - "rev": "6c75cdf7bafb4ccb6ae6580f10a9c44313b5dc9a", - "revCount": 36, + "rev": "dff720d59e1ea51d35dbd1acd9dd1ccdbb26fddc", + "revCount": 37, "type": "git", "url": "file:///home/aires/Development/nix-configuration/nix-secrets" }, @@ -265,16 +264,16 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1716214200, - "narHash": "sha256-ivQlBlSxC1mrBepFc3CeqUqFcsoQelpgxseA7YYtyAw=", + "lastModified": 1716511749, + "narHash": "sha256-SIW5ra4BfUI8KfXS3j+UifZwRXY/0MRrUfy+CLRQVZ4=", "owner": "8bitbuddhist", "repo": "nixos-hardware", - "rev": "704f05a3c8f8beb1d08837f43670c44946faad66", + "rev": "85cc8776261d7ff350ba2520f6ca856917c474c1", "type": "github" }, "original": { "owner": "8bitbuddhist", - "ref": "surface-pro-9-disable-psr", + "ref": "lenovo-16ARHA7-remove-speaker-fix", "repo": "nixos-hardware", "type": "github" } diff --git a/flake.nix b/flake.nix index 1330880..d38c173 100644 --- a/flake.nix +++ b/flake.nix @@ -25,11 +25,11 @@ nix-flatpak.url = "github:gmodena/nix-flatpak/v0.4.1"; # Hardware configurations - nixos-hardware.url = "github:8bitbuddhist/nixos-hardware/surface-pro-9-disable-psr"; + nixos-hardware.url = "github:8bitbuddhist/nixos-hardware/lenovo-16ARHA7-remove-speaker-fix"; # Home-manager home-manager = { - url = "github:nix-community/home-manager/master"; + url = "github:nix-community/home-manager"; inputs.nixpkgs.follows = "nixpkgs"; # Use system packages list where available }; diff --git a/hosts/Dimaga/default.nix b/hosts/Dimaga/default.nix index e7085bf..b48a0a7 100644 --- a/hosts/Dimaga/default.nix +++ b/hosts/Dimaga/default.nix @@ -8,7 +8,6 @@ role = "workstation"; apps = { development.enable = true; - kdeconnect.enable = true; media.enable = true; office.enable = true; writing.enable = true; diff --git a/hosts/Haven/default.nix b/hosts/Haven/default.nix index f8d7b9d..5e079b2 100644 --- a/hosts/Haven/default.nix +++ b/hosts/Haven/default.nix @@ -8,9 +8,14 @@ let start-haven = pkgs.writeShellScriptBin "start-haven" (builtins.readFile ./start-haven.sh); - subdomains = map (subdomain: subdomain + ".${config.secrets.networking.primaryDomain}") [ - "code" - "music" + # subdomains = map (subdomain: subdomain + ".${config.secrets.networking.primaryDomain}") [ + # "code" + # "music" + # ]; + + subdomains = [ + config.secrets.services.airsonic.url + config.secrets.services.forgejo.url ]; in { @@ -21,7 +26,6 @@ in host = { role = "server"; - apps.development.kubernetes.enable = true; services = { acme = { enable = true; diff --git a/hosts/Khanda/default.nix b/hosts/Khanda/default.nix index fbdb46a..f4e84cd 100644 --- a/hosts/Khanda/default.nix +++ b/hosts/Khanda/default.nix @@ -9,7 +9,6 @@ role = "workstation"; apps = { development.enable = true; - kdeconnect.enable = true; media.enable = true; office.enable = true; recording.enable = true; diff --git a/hosts/Shura/default.nix b/hosts/Shura/default.nix index f60f1f0..a7b20a3 100644 --- a/hosts/Shura/default.nix +++ b/hosts/Shura/default.nix @@ -28,13 +28,9 @@ in host = { role = "workstation"; apps = { - development = { - enable = true; - kubernetes.enable = true; - }; + development.enable = true; dj.enable = true; gaming.enable = true; - kdeconnect.enable = false; media.enable = true; office.enable = true; recording.enable = true; diff --git a/modules/services/airsonic.nix b/modules/services/airsonic.nix index b1a9029..8d5490c 100644 --- a/modules/services/airsonic.nix +++ b/modules/services/airsonic.nix @@ -46,7 +46,7 @@ in "-Dserver.use-forward-headers=true" "-Xmx4G" # Increase Java heap size to 4GB ]; - } // lib.optionalAttrs (cfg.home != null) { home = cfg.home; }; + } // lib.optionalAttrs (cfg.home != "") { home = cfg.home; }; }; systemd.services = { diff --git a/nix-secrets b/nix-secrets index 6c75cdf..dff720d 160000 --- a/nix-secrets +++ b/nix-secrets @@ -1 +1 @@ -Subproject commit 6c75cdf7bafb4ccb6ae6580f10a9c44313b5dc9a +Subproject commit dff720d59e1ea51d35dbd1acd9dd1ccdbb26fddc