diff --git a/flake.lock b/flake.lock index 63b9297..7ecf0d0 100644 --- a/flake.lock +++ b/flake.lock @@ -5,11 +5,11 @@ "fromYaml": "fromYaml" }, "locked": { - "lastModified": 1732200724, - "narHash": "sha256-+R1BH5wHhfnycySb7Sy5KbYEaTJZWm1h+LW1OtyhiTs=", + "lastModified": 1745523430, + "narHash": "sha256-EAYWV+kXbwsH+8G/8UtmcunDeKwLwSOyfcmzZUkWE/c=", "owner": "SenchoPens", "repo": "base16.nix", - "rev": "153d52373b0fb2d343592871009a286ec8837aec", + "rev": "58bfe2553d937d8af0564f79d5b950afbef69717", "type": "github" }, "original": { @@ -83,6 +83,26 @@ "type": "github" } }, + "disko": { + "inputs": { + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1747274630, + "narHash": "sha256-87RJwXbfOHyzTB9LYagAQ6vOZhszCvd8Gvudu+gf3qo=", + "owner": "nix-community", + "repo": "disko", + "rev": "ec7c109a4f794fce09aad87239eab7f66540b888", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "disko", + "type": "github" + } + }, "firefox-gnome-theme": { "flake": false, "locked": { @@ -102,11 +122,11 @@ "flake-compat": { "flake": false, "locked": { - "lastModified": 1717312683, - "narHash": "sha256-FrlieJH50AuvagamEvWMIE6D2OAnERuDboFDYAED/dE=", + "lastModified": 1746162366, + "narHash": "sha256-5SSSZ/oQkwfcAz/o/6TlejlVGqeK08wyREBQ5qFFPhM=", "owner": "nix-community", "repo": "flake-compat", - "rev": "38fd3954cf65ce6faf3d0d45cd26059e059f07ea", + "rev": "0f158086a2ecdbb138cd0429410e44994f1b7e4b", "type": "github" }, "original": { @@ -240,11 +260,11 @@ ] }, "locked": { - "lastModified": 1745557122, - "narHash": "sha256-eqSo9ugzsqhFgaDFYUZj943nurlX4L6f+AW0skJ4W+M=", + "lastModified": 1747331121, + "narHash": "sha256-3MmiUN/jOHBHQUnjqzg6qKArc17j2OS6jisEppDY4g8=", "owner": "nix-community", "repo": "home-manager", - "rev": "dd26f75fb4ec1c731d4b1396eaf4439ce40a91c1", + "rev": "1eec32f0efe3b830927989767a9e6ece0d82d608", "type": "github" }, "original": { @@ -303,11 +323,11 @@ "rust-overlay": "rust-overlay" }, "locked": { - "lastModified": 1745752145, - "narHash": "sha256-SRvolJBy9oRUdfik/xtcsguQtcDHrkzq1yf5NbsLBhY=", + "lastModified": 1747402241, + "narHash": "sha256-s52bryrvkofiNuiBcUdmOoTfu7KSjQsmCl7CR+KsPz4=", "owner": "lilyinstarlight", "repo": "nixos-cosmic", - "rev": "0ba6c63681ae317d122a5e76bc2bf556737a53d0", + "rev": "02b683c2635a03fc610a87a15f2326f03e39214d", "type": "github" }, "original": { @@ -318,11 +338,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1745503349, - "narHash": "sha256-bUGjvaPVsOfQeTz9/rLTNLDyqbzhl0CQtJJlhFPhIYw=", + "lastModified": 1747129300, + "narHash": "sha256-L3clA5YGeYCF47ghsI7Tcex+DnaaN/BbQ4dR2wzoiKg=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "f7bee55a5e551bd8e7b5b82c9bc559bc50d868d1", + "rev": "e81fd167b33121269149c57806599045fd33eeed", "type": "github" }, "original": { @@ -334,11 +354,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1745526057, - "narHash": "sha256-ITSpPDwvLBZBnPRS2bUcHY3gZSwis/uTe255QgMtTLA=", + "lastModified": 1747179050, + "narHash": "sha256-qhFMmDkeJX9KJwr5H32f1r7Prs7XbQWtO0h3V0a0rFY=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "f771eb401a46846c1aebd20552521b233dd7e18b", + "rev": "adaa24fbf46737f3f1b5497bf64bae750f82942e", "type": "github" }, "original": { @@ -365,11 +385,11 @@ }, "nixpkgs-stable": { "locked": { - "lastModified": 1745487689, - "narHash": "sha256-FQoi3R0NjQeBAsEOo49b5tbDPcJSMWc3QhhaIi9eddw=", + "lastModified": 1747209494, + "narHash": "sha256-fLise+ys+bpyjuUUkbwqo5W/UyIELvRz9lPBPoB0fbM=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "5630cf13cceac06cefe9fc607e8dfa8fb342dde3", + "rev": "5d736263df906c5da72ab0f372427814de2f52f8", "type": "github" }, "original": { @@ -381,11 +401,11 @@ }, "nixpkgs-unstable": { "locked": { - "lastModified": 1745526057, - "narHash": "sha256-ITSpPDwvLBZBnPRS2bUcHY3gZSwis/uTe255QgMtTLA=", + "lastModified": 1747327360, + "narHash": "sha256-LSmTbiq/nqZR9B2t4MRnWG7cb0KVNU70dB7RT4+wYK4=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "f771eb401a46846c1aebd20552521b233dd7e18b", + "rev": "e06158e58f3adee28b139e9c2bcfcc41f8625b46", "type": "github" }, "original": { @@ -428,6 +448,7 @@ }, "root": { "inputs": { + "disko": "disko", "home-manager": "home-manager", "nix-colors": "nix-colors", "nixos-cosmic": "nixos-cosmic", @@ -449,11 +470,11 @@ ] }, "locked": { - "lastModified": 1745721366, - "narHash": "sha256-dm93104HXjKWzkrr7yAPtxpbllOSzrwFFruc+rKQHSg=", + "lastModified": 1747363019, + "narHash": "sha256-N4dwkRBmpOosa4gfFkFf/LTD8oOcNkAyvZ07JvRDEf0=", "owner": "oxalica", "repo": "rust-overlay", - "rev": "621131c9e281d1047bf8937547ed77e97c464aba", + "rev": "0e624f2b1972a34be1a9b35290ed18ea4b419b6f", "type": "github" }, "original": { @@ -467,11 +488,11 @@ "nixpkgs": "nixpkgs_2" }, "locked": { - "lastModified": 1745310711, - "narHash": "sha256-ePyTpKEJTgX0gvgNQWd7tQYQ3glIkbqcW778RpHlqgA=", + "lastModified": 1746485181, + "narHash": "sha256-PxrrSFLaC7YuItShxmYbMgSuFFuwxBB+qsl9BZUnRvg=", "owner": "Mic92", "repo": "sops-nix", - "rev": "5e3e92b16d6fdf9923425a8d4df7496b2434f39c", + "rev": "e93ee1d900ad264d65e9701a5c6f895683433386", "type": "github" }, "original": { @@ -499,11 +520,11 @@ "tinted-tmux": "tinted-tmux" }, "locked": { - "lastModified": 1745750068, - "narHash": "sha256-LbbioU14KbJpXE0DKcPJaW6W2lB8ayHE4YddupfvU+c=", + "lastModified": 1746143246, + "narHash": "sha256-O8rZjqJUIkUva66XTOZy0wcgfBP2eaxU9+Xt7ZHtfhI=", "owner": "danth", "repo": "stylix", - "rev": "ed3f7d9ecbf2c95cc4fe633f648cb776385efd86", + "rev": "20ace60f9cb5e179cb2256abaee505780df8e804", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index 5e0f789..fd39b55 100644 --- a/flake.nix +++ b/flake.nix @@ -1,5 +1,5 @@ { - description = "Nixos configuration for Xeovalyte"; + description = "Nixos configuration for Timo"; inputs = { nixpkgs.url = "nixpkgs/nixos-24.11"; @@ -24,9 +24,12 @@ }; sops-nix.url = "github:Mic92/sops-nix"; + + disko.url = "github:nix-community/disko"; + disko.inputs.nixpkgs.follows = "nixpkgs"; }; - outputs = inputs@{ self, nixpkgs, nixpkgs-unstable, home-manager, nix-colors, stylix, nixos-cosmic, sops-nix, ... }: + outputs = inputs@{ self, nixpkgs, nixpkgs-unstable, home-manager, nix-colors, stylix, nixos-cosmic, sops-nix, disko, ... }: let system = "x86_64-linux"; overlay-unstable = final: prev: { @@ -38,6 +41,19 @@ in { nixosConfigurations = { + # nixos-anywhere --flake .#p-th-rpi-01 --generate-hardware-config nixos-generate-config ./hosts/p-th-rpi-01/hardware-configuration.nix + p-th-rpi-01 = nixpkgs.lib.nixosSystem { + system = "x86_64-linux"; + specialArgs = { inherit inputs; }; + modules = [ + ({ config, pkgs, ... }: { nixpkgs.overlays = [ overlay-unstable ]; }) + + disko.nixosModules.disko + inputs.nixos-hardware.nixosModules.raspberry-pi-4 + + ./hosts/p-th-rpi-01 ]; + }; + ti-clt-lpt01 = nixpkgs.lib.nixosSystem { system = "x86_64-linux"; specialArgs = { inherit inputs; }; diff --git a/hosts/ch-clt-dsk01/home.nix b/hosts/ch-clt-dsk01/home.nix index ca6ef97..43d607e 100644 --- a/hosts/ch-clt-dsk01/home.nix +++ b/hosts/ch-clt-dsk01/home.nix @@ -41,6 +41,7 @@ prismlauncher unstable.signal-desktop unstable.vesktop + unstable.webcord unstable.prusa-slicer blender diff --git a/hosts/p-th-rpi-01/default.nix b/hosts/p-th-rpi-01/default.nix new file mode 100644 index 0000000..1648f16 --- /dev/null +++ b/hosts/p-th-rpi-01/default.nix @@ -0,0 +1,94 @@ +{ ... }: + +let + hostname = "p-th-rpi-01"; + username = "deploy"; + authorizedKeys = [ + "" + ]; +in +{ + imports = [ + ./hardware-configuration.nix + ./disko.nix + + # Import modules + ../../modules/system/default.nix + ]; + + settings = { + display-manager = "none"; + desktop-environments = { + cosmic.enable = false; + hyprland.enable = false; + gnome.enable = false; + }; + applications = { + common.enable = true; + steam.enable = false; + thunar.enable = false; + }; + services = { + docker.enable = false; + podman.enable = true; + quickemu.enable = false; + sunshine.enable = false; + garbage-collection.enable = true; + incus.enable = false; + ssh.enable = true; + }; + hardware = { + fprint.enable = false; + printing.enable = false; + bluetooth.enable = false; + firewall.enable = true; + locale.enable = true; + nvidia.enable = false; + }; + }; + + nix.settings = { + experimental-features = [ "nix-command" "flakes" ]; + + substituters = [ + "https://nix-community.cachix.org" + "https://cosmic.cachix.org/" + ]; + + trusted-public-keys = [ + "cosmic.cachix.org-1:Dya9IyXD4xdBehWjrkPv6rtxpmMdRel02smYzA85dPE=" + ]; + }; + + boot.loader.grub = { + efiSupport = true; + efiInstallAsRemovable = true; + }; + + services.openssh.enable = true; + users.users.root.openssh.authorizedKeys.keys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIM/FIQBczDV/niK3a2/2kK8BMH/8qBipSdp73C+HKR0e xeovalyte@ti-clt-dsk01" + ]; + + networking.hostName = hostname; # Define your hostname. + + networking.firewall = { + enable = true; + allowedTCPPorts = [ 1080 1443 1053 ]; + allowedUDPPorts = [ 1080 1443 1053 ]; + }; + + networking.hosts = { + "127.0.0.1" = [ "tbmrs.nl" ]; + }; + + users.users.${username} = { + isNormalUser = true; + extraGroups = [ "networkmanager" "wheel" "dialout" ]; + linger = true; + }; + + nix.settings.trusted-users = [ "root" "${username}" ]; + + system.stateVersion = "24.05"; +} diff --git a/hosts/p-th-rpi-01/disko.nix b/hosts/p-th-rpi-01/disko.nix new file mode 100644 index 0000000..3c0f1f6 --- /dev/null +++ b/hosts/p-th-rpi-01/disko.nix @@ -0,0 +1,54 @@ +{ + disko.devices = { + disk.disk1 = { + device = lib.mkDefault "/dev/mmcblk0"; + type = "disk"; + content = { + type = "gpt"; + partitions = { + boot = { + name = "boot"; + size = "1M"; + type = "EF02"; + }; + esp = { + name = "ESP"; + size = "500M"; + type = "EF00"; + content = { + type = "filesystem"; + format = "vfat"; + mountpoint = "/boot"; + }; + }; + root = { + name = "root"; + size = "100%"; + content = { + type = "lvm_pv"; + vg = "pool"; + }; + }; + }; + }; + }; + lvm_vg = { + pool = { + type = "lvm_vg"; + lvs = { + root = { + size = "100%FREE"; + content = { + type = "filesystem"; + format = "ext4"; + mountpoint = "/"; + mountOptions = [ + "defaults" + ]; + }; + }; + }; + }; + }; + }; +} diff --git a/hosts/p-th-rpi-01/hardware-configuration.nix b/hosts/p-th-rpi-01/hardware-configuration.nix new file mode 100644 index 0000000..a40df93 --- /dev/null +++ b/hosts/p-th-rpi-01/hardware-configuration.nix @@ -0,0 +1 @@ +throw "Have you forgotten to run nixos-anywhere with `--generate-hardware-config nixos-generate-config ./hardware-configuration.nix`?" diff --git a/hosts/p-th-rpi-01/home.nix b/hosts/p-th-rpi-01/home.nix new file mode 100644 index 0000000..f6e82f8 --- /dev/null +++ b/hosts/p-th-rpi-01/home.nix @@ -0,0 +1,72 @@ +{ pkgs, ... }: + +{ + imports = [ + # Modules + ../../modules/home/default.nix + ]; + + config = { + home = { + username = "deploy"; + homeDirectory = "/home/deploy"; + }; + + settings = { + applications.common.enable = false; + applications.alacritty.enable = false; + applications.devenv.enable = false; + applications.firefox.enable = false; + applications.git.enable = false; + applications.helix.enable = true; + applications.zsh.enable = true; + applications.ssh.enable = true; + applications.thunderbird.enable = false; + applications.yazi.enable = true; + applications.zellij.enable = true; + applications.wezterm.enable = false; + + services.nextcloud-sync.enable = false; + services.podman.enable = true; + services.sops.enable = true; + + theming.fonts.enable = false; + theming.stylix.enable = false; + theming.stylix.wallpaper = "wallpaper-2.png"; + theming.stylix.theme = "da-one-ocean"; + + desktop-environments.hyprland.enable = false; + + containers = { + network.enable = true; + + nginx.enable = true; + caddy.enable = true; + kanidm.enable = true; + forgejo.enable = true; + immich.enable = true; + homepage.enable = true; + uptime-kuma.enable = true; + pingvin-share.enable = true; + vaultwarden.enable = true; + paperless-ngx.enable = true; + beszel.enable = true; + storage.enable = true; + homeassistant.enable = true; + karakeep.enable = true; + vikunja.enable = true; + stalwart.enable = true; + }; + }; + + home.packages = with pkgs; [ + unstable.helix + lazygit + ]; + + # Enable home-manager + programs.home-manager.enable = true; + + home.stateVersion = "24.05"; + }; +} diff --git a/hosts/ti-clt-dsk01/home.nix b/hosts/ti-clt-dsk01/home.nix index ccfbb7f..fa8b3d7 100644 --- a/hosts/ti-clt-dsk01/home.nix +++ b/hosts/ti-clt-dsk01/home.nix @@ -48,6 +48,7 @@ home.packages = with pkgs; [ unstable.prismlauncher unstable.vesktop + unstable.webcord unstable.rnote unstable.inkscape unstable.gimp diff --git a/hosts/ti-clt-lpt01/home.nix b/hosts/ti-clt-lpt01/home.nix index 04ed996..d6d9d11 100644 --- a/hosts/ti-clt-lpt01/home.nix +++ b/hosts/ti-clt-lpt01/home.nix @@ -53,6 +53,7 @@ unstable.prusa-slicer signal-desktop unstable.vesktop + unstable.webcord blender unstable.freecad-wayland loupe