Working build for Khanda

flake.lock

@@ -233,10 +233,11 @@
     "nix-secrets": {
       "flake": false,
       "locked": {
-        "dirtyRev": "2d4a2ed35119a4d17b06cc5e378d72ec7f1926b3-dirty",
-        "dirtyShortRev": "2d4a2ed-dirty",
         "lastModified": 1718889003,
-        "narHash": "sha256-lXuHgFvK+QxBQd4LM8XMeFwp6QUgGVC9ccaY+q+piWY=",
+        "narHash": "sha256-VROhiB20ZgngCPVcYy1ZRmLZm3DmFbEjVjQPP55AMQc=",
+        "ref": "refs/heads/main",
+        "rev": "2d4a2ed35119a4d17b06cc5e378d72ec7f1926b3",
+        "revCount": 46,
         "type": "git",
         "url": "file:./nix-secrets"
       },

hosts/Dimaga/default.nix

@@ -31,6 +31,14 @@
     };
   };
 
+  aux.system.services.autoUpgrade = {
+    enable = true;
+    configDir = config.secrets.nixConfigFolder;
+    onCalendar = "daily";
+    user = config.users.users.aires.name;
+    push = false;
+  };
+
   # Configure the virtual machine created by nixos-rebuild build-vm
   virtualisation.vmVariant.virtualisation = {
     memorySize = 2048;

hosts/Haven/default.nix

@@ -24,6 +24,7 @@ in
 
   aux.system = {
     apps.tmux.enable = true;
+    packages = [ start-haven ];
     services = {
       acme = {
         enable = true;
@@ -64,7 +65,13 @@ in
         enable = true;
         home = "${services-root}/airsonic-advanced";
       };
-      autoUpgrade.pushUpdates = true;
+      autoUpgrade = {
+        enable = false;
+        pushUpdates = true;
+        configDir = config.secrets.nixConfigFolder;
+        onCalendar = "daily";
+        user = config.users.users.aires.name;
+      };
       boinc.enable = true;
       cache = {
         enable = false; # Disable for now
@@ -141,9 +148,6 @@ in
 
   # TODO: VPN (Check out Wireguard)
 
-  # Add Haven's startup script
-  environment.systemPackages = [ start-haven ];
-
   # Allow Haven to be a build target for other architectures (mainly ARM64)
   boot.binfmt.emulatedSystems = [ "aarch64-linux" ];
 }

hosts/Khanda/default.nix

@@ -24,11 +24,11 @@ in
     # Enable to allow unfree (e.g. closed source) packages.
     # Some settings may override this (e.g. enabling Nvidia GPU support).
     # https://nixos.org/manual/nixpkgs/stable/#sec-allow-unfree
-    allowUnfree = false;
+    allowUnfree = true;
 
     # Enable Secure Boot support.
     # IMPORTANT: Read the README before enabling this option!
-    bootloader.secureboot.enable = false;
+    bootloader.secureboot.enable = true;
 
     # Change the default text editor. Options are "emacs", "nano", or "vim".
     editor = "nano";
@@ -47,17 +47,16 @@ in
       ];
     };
 
-    # Additional system packages to install.
-    packages = [ ];
-
     # Change how long old generations are kept for.
-    retentionPeriod = "30d";
+    retentionPeriod = "14d";
 
     # Enable GPU support.
     gpu.intel.enable = true;
 
     ui.desktops.gnome.enable = true;
 
+    services.autoUpgrade.enable = false;
+
     users.aires = {
       enable = true;
       services = {

hosts/Khanda/default.old.nix

@@ -1,51 +0,0 @@
-{ pkgs, lib, ... }:
-{
-  imports = [ ./hardware-configuration.nix ];
-
-  system.stateVersion = "24.05";
-  system.autoUpgrade.enable = lib.mkForce false;
-
-  aux.system = {
-    role = "workstation";
-    apps = {
-      development.enable = true;
-      media.enable = true;
-      office.enable = true;
-      recording.enable = true;
-      social.enable = true;
-      writing = {
-        enable = true;
-        languagetool.enable = false;
-      };
-    };
-    ui = {
-      flatpak.enable = true;
-      gnome.enable = true;
-    };
-    users.aires = {
-      enable = true;
-      services = {
-        syncthing = {
-          enable = true;
-          autostart = true;
-          enableTray = false;
-        };
-      };
-    };
-  };
-
-  # Build remotely
-  nix.distributedBuilds = true;
-
-  # Enable thermal control
-  services.thermald.enable = true;
-
-  # Limit the number of cores Nix can use
-  nix.settings.cores = 10;
-
-  # Configure the virtual machine created by nixos-rebuild build-vm
-  virtualisation.vmVariant.virtualisation = {
-    memorySize = 2048;
-    cores = 2;
-  };
-}

hosts/Shura/default.nix

@@ -29,7 +29,6 @@ in
   system.stateVersion = "24.05";
 
   aux.system = {
-    role = "workstation";
     apps = {
       development.enable = true;
       dj.enable = true;
@@ -40,12 +39,19 @@ in
       social.enable = true;
       writing = {
         enable = true;
-        ngrams.enable = false;
+        languagetool.enable = true;
       };
     };
+    packages = with pkgs; [boinc];
+    services.autoUpgrade = {
+      enable = true;
+      configDir = config.secrets.nixConfigFolder;
+      onCalendar = "daily";
+      user = config.users.users.aires.name;
+    };
     ui = {
       flatpak.enable = true;
-      gnome.enable = true;
+      desktops.gnome.enable = true;
     };
     users = {
       aires = {
@@ -65,9 +71,6 @@ in
     };
   };
 
-  # Install additional packages
-  environment.systemPackages = [ pkgs.boinc ];
-
   # Enable virtual machine manager
   programs.virt-manager.enable = true;
 

modules/common.nix

@@ -0,0 +1,40 @@
+# Modules common to all systems
+{ pkgs, config, ... }:
+
+{
+  config = {
+    # Install ZSH for all users
+    programs.zsh.enable = true;
+    users.defaultUserShell = pkgs.zsh;
+
+    aux.system = {
+      packages = with pkgs; [
+        fastfetch # Show a neat system statistics screen when opening a terminal
+        nh # Nix Helper: https://github.com/viperML/nh
+      ];
+    };
+
+    programs = {
+      # Enable NH, an alternative nixos-rebuild frontend.
+      nh = {
+        enable = true;
+        flake = "${config.secrets.nixConfigFolder}";
+
+        # Alternative garbage collection system to nix.gc.automatic
+        clean = {
+          enable = true;
+          dates = "daily";
+          extraArgs = "--keep-since 7d --keep 10"; # Keep the last 10 entries
+        };
+      };
+      # Do some additional Nano configuration
+      nano.nanorc = ''
+        set linenumbers
+        set tabsize 4
+        set softwrap
+        set autoindent
+        set indicator
+      '';
+    };
+  };
+}

modules/services/msmtp.nix

@@ -14,7 +14,7 @@ with lib;
     programs.msmtp = {
       enable = true;
       accounts.default = {
-        aux.system = config.secrets.services.msmtp.host;
+        host = config.secrets.services.msmtp.host;
         user = config.secrets.services.msmtp.user;
         password = config.secrets.services.msmtp.password;
         auth = true;

modules/system/gpu/amd.nix

@@ -20,10 +20,10 @@ in
       videoDrivers = [ "amdgpu" ];
     };
 
-    hardware.opengl = {
+    hardware.graphics = {
       extraPackages = [ pkgs.amdvlk ];
       # 32-bit application compatibility
-      driSupport32Bit = true;
+      enable32Bit = true;
       extraPackages32 = with pkgs; [ driversi686Linux.amdvlk ];
     };
   };

modules/system/gpu/intel.nix

@@ -19,7 +19,7 @@ in
 
     environment.variables.VDPAU_DRIVER = "va_gl";
 
-    hardware.opengl.extraPackages = with pkgs; [
+    hardware.graphics.extraPackages = with pkgs; [
       (
         if (lib.versionOlder (lib.versions.majorMinor lib.version) "23.11") then
           vaapiIntel
@@ -30,7 +30,7 @@ in
       intel-media-driver
     ];
 
-    hardware.opengl.extraPackages32 = with pkgs.driversi686Linux; [
+    hardware.graphics.extraPackages32 = with pkgs.driversi686Linux; [
       (
         if (lib.versionOlder (lib.versions.majorMinor lib.version) "23.11") then
           vaapiIntel

modules/system/programs.nix

@@ -1,35 +0,0 @@
-# Set up program defaults
-{ config, ... }:
-{
-  # Set up base apps
-  programs = {
-    direnv.enable = true;
-
-    nano = {
-      enable = true;
-      syntaxHighlight = true;
-      nanorc = ''
-        set linenumbers
-        set tabsize 4
-        set softwrap
-        set autoindent
-        set indicator
-      '';
-    };
-
-    nh = {
-      enable = true;
-      flake = "${config.secrets.nixConfigFolder}";
-
-      # Alternative garbage collection system to nix.gc.automatic
-      clean = {
-        enable = true;
-        dates = "daily";
-        extraArgs = "--keep-since 7d --keep 10"; # Keep the last 10 entries
-      };
-    };
-
-    # Support for standard, dynamically-linked executables
-    nix-ld.enable = true;
-  };
-}

modules/system/shell.nix

@@ -1,10 +0,0 @@
-{ pkgs, ... }:
-
-{
-  # Install ZSH for all users
-  programs.zsh.enable = true;
-  users.defaultUserShell = pkgs.zsh;
-
-  # Show a neat system statistics screen when opening a terminal
-  environment.systemPackages = with pkgs; [ fastfetch ];
-}

modules/system/system.nix

@@ -21,25 +21,16 @@ in
     # Set up the environment
     environment = {
       # Install base packages
-      systemPackages = with pkgs; [
+      systemPackages =
+        config.aux.system.packages
+        ++ (with pkgs; [
           bash
           dconf # Needed to fix an issue with Home-manager. See https://github.com/nix-community/home-manager/issues/3113
           direnv
           git
           home-manager
-        nano
           p7zip
-        fastfetch
+        ]);
-        nh # Nix Helper: https://github.com/viperML/nh
-      ];
-    };
-
-    # Configure automatic updates for all hosts
-    aux.system.services.autoUpgrade = {
-      enable = true;
-      configDir = config.secrets.nixConfigFolder;
-      onCalendar = "daily";
-      user = config.users.users.aires.name;
     };
 
     services = {

modules/ui/desktops/common.nix

@@ -68,12 +68,12 @@ in
         # Enable the X11 windowing system.
         enable = true;
 
-        # Enable touchpad support (enabled by default in most desktop managers, buuuut just in case).
-        libinput.enable = true;
-
         # Configure keymap in X11
         xkb = config.aux.system.ui.desktops.xkb;
       };
+
+      # Enable touchpad support (enabled by default in most desktop managers, buuuut just in case).
+      libinput.enable = true;
     };
 
     # Support for AppImage files