diff --git a/flake.lock b/flake.lock index f238b5d..76d571b 100644 --- a/flake.lock +++ b/flake.lock @@ -145,35 +145,12 @@ "type": "github" } }, - "chaotic": { - "inputs": { - "flake-schemas": "flake-schemas", - "home-manager": "home-manager", - "jovian": "jovian", - "nixpkgs": "nixpkgs_2", - "rust-overlay": "rust-overlay" - }, - "locked": { - "lastModified": 1764847736, - "narHash": "sha256-FMYnfCH2TMNnTJvbc/mraZpRszIL7nc5YI6w/pWNyNs=", - "owner": "chaotic-cx", - "repo": "nyx", - "rev": "e3f8349d60d5daf58951b9ccd089fecb79ea5443", - "type": "github" - }, - "original": { - "owner": "chaotic-cx", - "ref": "nyxpkgs-unstable", - "repo": "nyx", - "type": "github" - } - }, "cosmic": { "inputs": { "flake-compat": "flake-compat_2", - "nixpkgs": "nixpkgs_3", + "nixpkgs": "nixpkgs_2", "nixpkgs-stable": "nixpkgs-stable", - "rust-overlay": "rust-overlay_2" + "rust-overlay": "rust-overlay" }, "locked": { "lastModified": 1751591814, @@ -206,7 +183,7 @@ }, "darwin": { "inputs": { - "nixpkgs": "nixpkgs_4" + "nixpkgs": "nixpkgs_3" }, "locked": { "lastModified": 1765065051, @@ -229,11 +206,11 @@ ] }, "locked": { - "lastModified": 1764627417, - "narHash": "sha256-D6xc3Rl8Ab6wucJWdvjNsGYGSxNjQHzRc2EZ6eeQ6l4=", + "lastModified": 1765270797, + "narHash": "sha256-qw9iaIIz8D+lwsTO28VOaZBAJG97jH4+ci2pe7ZJR6Q=", "owner": "nix-community", "repo": "disko", - "rev": "5a88a6eceb8fd732b983e72b732f6f4b8269bef3", + "rev": "8e68aa819d6a9964c8ac45172e68b943b597c52a", "type": "github" }, "original": { @@ -412,20 +389,6 @@ "type": "github" } }, - "flake-schemas": { - "locked": { - "lastModified": 1721999734, - "narHash": "sha256-G5CxYeJVm4lcEtaO87LKzOsVnWeTcHGKbKxNamNWgOw=", - "rev": "0a5c42297d870156d9c57d8f99e476b738dcd982", - "revCount": 75, - "type": "tarball", - "url": "https://api.flakehub.com/f/pinned/DeterminateSystems/flake-schemas/0.1.5/0190ef2f-61e0-794b-ba14-e82f225e55e6/source.tar.gz" - }, - "original": { - "type": "tarball", - "url": "https://flakehub.com/f/DeterminateSystems/flake-schemas/%3D0.1.5.tar.gz" - } - }, "flake-utils": { "inputs": { "systems": [ @@ -583,16 +546,15 @@ "home-manager": { "inputs": { "nixpkgs": [ - "chaotic", "nixpkgs" ] }, "locked": { - "lastModified": 1764788330, - "narHash": "sha256-hE/gXK+Z0j654T0tsW+KcndRqsgZXe8HyWchjBJgQpw=", + "lastModified": 1765217760, + "narHash": "sha256-BVVyAodLcAD8KOtR3yCStBHSE0WAH/xQWH9f0qsxbmk=", "owner": "nix-community", "repo": "home-manager", - "rev": "fca4cba863e76c26cfe48e5903c2ff4bac2b2d5d", + "rev": "e5b1f87841810fc24772bf4389f9793702000c9b", "type": "github" }, "original": { @@ -603,27 +565,7 @@ }, "home-manager_2": { "inputs": { - "nixpkgs": [ - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1764998300, - "narHash": "sha256-fZatn/KLfHLDXnF0wy7JxXqGaZmGDTVufT4o/AOlj44=", - "owner": "nix-community", - "repo": "home-manager", - "rev": "27a6182347ccae90a88231ae0dc5dfa7d15815bb", - "type": "github" - }, - "original": { - "owner": "nix-community", - "repo": "home-manager", - "type": "github" - } - }, - "home-manager_3": { - "inputs": { - "nixpkgs": "nixpkgs_7" + "nixpkgs": "nixpkgs_6" }, "locked": { "lastModified": 1760295538, @@ -641,11 +583,11 @@ "homebrew-cask": { "flake": false, "locked": { - "lastModified": 1765152933, - "narHash": "sha256-IimyE9h4zuVjMRv35LLswzSdsNgylxuzhx0QJqK8kVk=", + "lastModified": 1765297105, + "narHash": "sha256-HVs2M54Ub8q6D6trZxMebsIy9i0p3bO9NNXkVgNQWZc=", "owner": "homebrew", "repo": "homebrew-cask", - "rev": "b5d81655599ed455523e3563b2c9956c4d62c5e9", + "rev": "ba766f7b16449a85d22430f19e7e6f1686adf00d", "type": "github" }, "original": { @@ -657,11 +599,11 @@ "homebrew-core": { "flake": false, "locked": { - "lastModified": 1765152981, - "narHash": "sha256-FXjW0k4fh4KAKfbpjrd0vJrTdYERX2QAwzbhA7DW77w=", + "lastModified": 1765293452, + "narHash": "sha256-jovN9+BmWLG5rY6syIIoufBA9r4lKL562jrcM2EL0H0=", "owner": "homebrew", "repo": "homebrew-core", - "rev": "389a677470e6367861ad3e69ec48e86c42e21702", + "rev": "5276dd98991cb4e55e766786dd5490e95ed4c935", "type": "github" }, "original": { @@ -688,36 +630,14 @@ "jovian": { "inputs": { "nix-github-actions": "nix-github-actions", - "nixpkgs": [ - "chaotic", - "nixpkgs" - ] + "nixpkgs": "nixpkgs_4" }, "locked": { - "lastModified": 1764746434, - "narHash": "sha256-6ymFuw+Z1C90ezf8H0BP3c2JFZhJYwMq31px2StwWHU=", + "lastModified": 1765270480, + "narHash": "sha256-RUknLx2grxAphg1h9e4CiEAsZli2FV3U4zkFKGh0n7A=", "owner": "Jovian-Experiments", "repo": "Jovian-NixOS", - "rev": "b4c0b604148adacf119b89824ed26df8926ce42c", - "type": "github" - }, - "original": { - "owner": "Jovian-Experiments", - "repo": "Jovian-NixOS", - "type": "github" - } - }, - "jovian_2": { - "inputs": { - "nix-github-actions": "nix-github-actions_2", - "nixpkgs": "nixpkgs_5" - }, - "locked": { - "lastModified": 1764922999, - "narHash": "sha256-LSvUxKm6S6ZAd/otQSkAHd3+8KJhi8OwGJGSe0K//B8=", - "owner": "Jovian-Experiments", - "repo": "Jovian-NixOS", - "rev": "9b9ead1b5591b68f4048e7205ba1397bc85ce6c4", + "rev": "491926ed7cc85a2b9a6a85ee8d3c9e932c49d14d", "type": "github" }, "original": { @@ -731,9 +651,9 @@ "crane": "crane", "flake-compat": "flake-compat_3", "flake-parts": "flake-parts_2", - "nixpkgs": "nixpkgs_6", + "nixpkgs": "nixpkgs_5", "pre-commit-hooks-nix": "pre-commit-hooks-nix", - "rust-overlay": "rust-overlay_3" + "rust-overlay": "rust-overlay_2" }, "locked": { "lastModified": 1762205063, @@ -797,29 +717,6 @@ } }, "nix-github-actions": { - "inputs": { - "nixpkgs": [ - "chaotic", - "jovian", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1729697500, - "narHash": "sha256-VFTWrbzDlZyFHHb1AlKRiD/qqCJIripXKiCSFS8fAOY=", - "owner": "zhaofengli", - "repo": "nix-github-actions", - "rev": "e418aeb728b6aa5ca8c5c71974e7159c2df1d8cf", - "type": "github" - }, - "original": { - "owner": "zhaofengli", - "ref": "matrix-name", - "repo": "nix-github-actions", - "type": "github" - } - }, - "nix-github-actions_2": { "inputs": { "nixpkgs": [ "jovian", @@ -866,11 +763,11 @@ ] }, "locked": { - "lastModified": 1765080594, - "narHash": "sha256-5t3d655GqLblE+p5xN5ntkeRfZBesN7vehOWcRcU88M=", + "lastModified": 1765267181, + "narHash": "sha256-d3NBA9zEtBu2JFMnTBqWj7Tmi7R5OikoU2ycrdhQEws=", "owner": "nix-community", "repo": "nix-index-database", - "rev": "4194c582d0a3f440382ee00b729ea5cc5ef59754", + "rev": "82befcf7dc77c909b0f2a09f5da910ec95c5b78f", "type": "github" }, "original": { @@ -881,8 +778,8 @@ }, "nix-plist-manager": { "inputs": { - "home-manager": "home-manager_3", - "nixpkgs": "nixpkgs_8" + "home-manager": "home-manager_2", + "nixpkgs": "nixpkgs_7" }, "locked": { "lastModified": 1761409019, @@ -921,14 +818,14 @@ }, "nix-vscode-extensions": { "inputs": { - "nixpkgs": "nixpkgs_9" + "nixpkgs": "nixpkgs_8" }, "locked": { - "lastModified": 1765073356, - "narHash": "sha256-XWC5svVWK73kTMxWYUcta+aNIMn8P46mW+8+b9gJc0c=", + "lastModified": 1765245651, + "narHash": "sha256-/+ahII8MXi59KnRmzz+OgPXScr2Oyygin/XJWP7GvdU=", "owner": "nix-community", "repo": "nix-vscode-extensions", - "rev": "e8539a8f806b568a1075cd69f60089eba6e17ea6", + "rev": "32a0d010099f0b982498b11cc04d5335b0fc1556", "type": "github" }, "original": { @@ -940,7 +837,7 @@ "nixai": { "inputs": { "flake-utils": "flake-utils_2", - "nixpkgs": "nixpkgs_10" + "nixpkgs": "nixpkgs_9" }, "locked": { "lastModified": 1755942173, @@ -971,10 +868,25 @@ "type": "github" } }, + "nixlib_2": { + "locked": { + "lastModified": 1736643958, + "narHash": "sha256-tmpqTSWVRJVhpvfSN9KXBvKEXplrwKnSZNAoNPf/S/s=", + "owner": "nix-community", + "repo": "nixpkgs.lib", + "rev": "1418bc28a52126761c02dd3d89b2d8ca0f521181", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "nixpkgs.lib", + "type": "github" + } + }, "nixos-apple-silicon": { "inputs": { "flake-compat": "flake-compat_4", - "nixpkgs": "nixpkgs_11" + "nixpkgs": "nixpkgs_10" }, "locked": { "lastModified": 1764852467, @@ -1012,6 +924,27 @@ "type": "github" } }, + "nixos-generators_2": { + "inputs": { + "nixlib": "nixlib_2", + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1764234087, + "narHash": "sha256-NHF7QWa0ZPT8hsJrvijREW3+nifmF2rTXgS2v0tpcEA=", + "owner": "nix-community", + "repo": "nixos-generators", + "rev": "032a1878682fafe829edfcf5fdfad635a2efe748", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "nixos-generators", + "type": "github" + } + }, "nixos-hardware": { "locked": { "lastModified": 1764440730, @@ -1141,22 +1074,6 @@ } }, "nixpkgs_10": { - "locked": { - "lastModified": 1751271578, - "narHash": "sha256-P/SQmKDu06x8yv7i0s8bvnnuJYkxVGBWLWHaU+tt4YY=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "3016b4b15d13f3089db8a41ef937b13a9e33a8df", - "type": "github" - }, - "original": { - "owner": "NixOS", - "ref": "nixos-unstable", - "repo": "nixpkgs", - "type": "github" - } - }, - "nixpkgs_11": { "locked": { "lastModified": 1762977756, "narHash": "sha256-4PqRErxfe+2toFJFgcRKZ0UI9NSIOJa+7RXVtBhy4KE=", @@ -1172,23 +1089,23 @@ "type": "github" } }, - "nixpkgs_12": { + "nixpkgs_11": { "locked": { - "lastModified": 1764950072, - "narHash": "sha256-BmPWzogsG2GsXZtlT+MTcAWeDK5hkbGRZTeZNW42fwA=", + "lastModified": 1765270179, + "narHash": "sha256-g2a4MhRKu4ymR4xwo+I+auTknXt/+j37Lnf0Mvfl1rE=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "f61125a668a320878494449750330ca58b78c557", + "rev": "677fbe97984e7af3175b6c121f3c39ee5c8d62c9", "type": "github" }, "original": { "owner": "NixOS", - "ref": "nixos-unstable", + "ref": "nixos-unstable-small", "repo": "nixpkgs", "type": "github" } }, - "nixpkgs_13": { + "nixpkgs_12": { "locked": { "lastModified": 1764947035, "narHash": "sha256-EYHSjVM4Ox4lvCXUMiKKs2vETUSL5mx+J2FfutM7T9w=", @@ -1205,22 +1122,6 @@ } }, "nixpkgs_2": { - "locked": { - "lastModified": 1764667669, - "narHash": "sha256-7WUCZfmqLAssbDqwg9cUDAXrSoXN79eEEq17qhTNM/Y=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "418468ac9527e799809c900eda37cbff999199b6", - "type": "github" - }, - "original": { - "owner": "NixOS", - "ref": "nixos-unstable", - "repo": "nixpkgs", - "type": "github" - } - }, - "nixpkgs_3": { "locked": { "lastModified": 1751011381, "narHash": "sha256-krGXKxvkBhnrSC/kGBmg5MyupUUT5R6IBCLEzx9jhMM=", @@ -1236,7 +1137,7 @@ "type": "github" } }, - "nixpkgs_4": { + "nixpkgs_3": { "locked": { "lastModified": 1747728033, "narHash": "sha256-NnXFQu7g4LnvPIPfJmBuZF7LFy/fey2g2+LCzjQhTUk=", @@ -1252,7 +1153,7 @@ "type": "github" } }, - "nixpkgs_5": { + "nixpkgs_4": { "locked": { "lastModified": 1763966396, "narHash": "sha256-6eeL1YPcY1MV3DDStIDIdy/zZCDKgHdkCmsrLJFiZf0=", @@ -1268,7 +1169,7 @@ "type": "github" } }, - "nixpkgs_6": { + "nixpkgs_5": { "locked": { "lastModified": 1754243818, "narHash": "sha256-sEPw2W01UPf0xNGnMGNZIaE1XHkk7O+lLLetYEXVZHk=", @@ -1284,7 +1185,7 @@ "type": "github" } }, - "nixpkgs_7": { + "nixpkgs_6": { "locked": { "lastModified": 1759831965, "narHash": "sha256-vgPm2xjOmKdZ0xKA6yLXPJpjOtQPHfaZDRtH+47XEBo=", @@ -1300,7 +1201,7 @@ "type": "github" } }, - "nixpkgs_8": { + "nixpkgs_7": { "locked": { "lastModified": 1757068644, "narHash": "sha256-NOrUtIhTkIIumj1E/Rsv1J37Yi3xGStISEo8tZm3KW4=", @@ -1316,7 +1217,7 @@ "type": "github" } }, - "nixpkgs_9": { + "nixpkgs_8": { "locked": { "lastModified": 1759770925, "narHash": "sha256-CZwkCtzTNclqlhuwDsVtGoRumTpqCUK0xSnFIMgd8ls=", @@ -1332,6 +1233,22 @@ "type": "github" } }, + "nixpkgs_9": { + "locked": { + "lastModified": 1751271578, + "narHash": "sha256-P/SQmKDu06x8yv7i0s8bvnnuJYkxVGBWLWHaU+tt4YY=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "3016b4b15d13f3089db8a41ef937b13a9e33a8df", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, "nur": { "inputs": { "flake-parts": [ @@ -1458,15 +1375,14 @@ "root": { "inputs": { "authentik-nix": "authentik-nix", - "chaotic": "chaotic", "cosmic": "cosmic", "darwin": "darwin", "disko": "disko", - "home-manager": "home-manager_2", + "home-manager": "home-manager", "homebrew-cask": "homebrew-cask", "homebrew-core": "homebrew-core", "impermanence": "impermanence", - "jovian": "jovian_2", + "jovian": "jovian", "lanzaboote": "lanzaboote", "lsfg-vk": "lsfg-vk", "nix-homebrew": "nix-homebrew", @@ -1476,9 +1392,10 @@ "nix-vscode-extensions": "nix-vscode-extensions", "nixai": "nixai", "nixos-apple-silicon": "nixos-apple-silicon", + "nixos-generators": "nixos-generators_2", "nixos-hardware": "nixos-hardware", "nixos-raspberrypi": "nixos-raspberrypi", - "nixpkgs": "nixpkgs_12", + "nixpkgs": "nixpkgs_11", "nixpkgs-stable": "nixpkgs-stable_2", "pre-commit-hooks-nix": "pre-commit-hooks-nix_2", "snowfall-lib": "snowfall-lib", @@ -1489,27 +1406,6 @@ } }, "rust-overlay": { - "inputs": { - "nixpkgs": [ - "chaotic", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1764729618, - "narHash": "sha256-z4RA80HCWv2los1KD346c+PwNPzMl79qgl7bCVgz8X0=", - "owner": "oxalica", - "repo": "rust-overlay", - "rev": "52764074a85145d5001bf0aa30cb71936e9ad5b8", - "type": "github" - }, - "original": { - "owner": "oxalica", - "repo": "rust-overlay", - "type": "github" - } - }, - "rust-overlay_2": { "inputs": { "nixpkgs": [ "cosmic", @@ -1530,7 +1426,7 @@ "type": "github" } }, - "rust-overlay_3": { + "rust-overlay_2": { "inputs": { "nixpkgs": [ "lanzaboote", @@ -1574,14 +1470,14 @@ }, "sops-nix": { "inputs": { - "nixpkgs": "nixpkgs_13" + "nixpkgs": "nixpkgs_12" }, "locked": { - "lastModified": 1765079830, - "narHash": "sha256-i9GMbBLkeZ7MVvy7+aAuErXkBkdRylHofrAjtpUPKt8=", + "lastModified": 1765231718, + "narHash": "sha256-qdBzo6puTgG4G2RHG0PkADg22ZnQo1JmSVFRxrD4QM4=", "owner": "Mic92", "repo": "sops-nix", - "rev": "aeb517262102f13683d7a191c7e496b34df8d24c", + "rev": "7fd1416aba1865eddcdec5bb11339b7222c2363e", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index a84152a..c9acb97 100644 --- a/flake.nix +++ b/flake.nix @@ -1,6 +1,6 @@ { inputs = { - nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable"; + nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable-small"; nixpkgs-stable.url = "github:NixOS/nixpkgs/nixos-25.11"; # The name "snowfall-lib" is required due to how Snowfall Lib processes your @@ -10,13 +10,16 @@ inputs.nixpkgs.follows = "nixpkgs"; }; - chaotic.url = "github:chaotic-cx/nyx/nyxpkgs-unstable"; - home-manager = { url = "github:nix-community/home-manager"; inputs.nixpkgs.follows = "nixpkgs"; }; + nixos-generators = { + url = "github:nix-community/nixos-generators"; + inputs.nixpkgs.follows = "nixpkgs"; + }; + impermanence.url = "github:nix-community/impermanence"; lanzaboote.url = "github:nix-community/lanzaboote/v0.4.3"; @@ -121,7 +124,6 @@ # common modules modules.nixos = with inputs; [ authentik-nix.nixosModules.default - chaotic.nixosModules.default disko.nixosModules.disko impermanence.nixosModules.impermanence lanzaboote.nixosModules.lanzaboote diff --git a/modules/home/programs/code/default.nix b/modules/home/programs/code/default.nix index 634279a..b488bc5 100644 --- a/modules/home/programs/code/default.nix +++ b/modules/home/programs/code/default.nix @@ -154,8 +154,8 @@ in }; }; direnv = { - enable = false; - nix-direnv.enable = false; + enable = true; + nix-direnv.enable = true; enableZshIntegration = true; }; }; diff --git a/modules/nixos/nix/default.nix b/modules/nixos/nix/default.nix index 60d629e..949466a 100644 --- a/modules/nixos/nix/default.nix +++ b/modules/nixos/nix/default.nix @@ -9,6 +9,7 @@ enable = true; packageNames = [ "ffmpeg" + "ffmpeg-full" "ffmpeg-headless-rpi" "gjs" "gst-plugins-bad" @@ -21,9 +22,11 @@ "opencv" "pipewire" "qemu" + # qemu.pname "raspberrypi-utils" "sdl" "sdl2" + "torch" "uv" "webkitgtk" # "yubioath-flutter" @@ -33,7 +36,7 @@ # nixpkgs.overlays = [ # (self: super: { - # "yubioath-flutter" = super."yubioath-flutter".override { stdenv = super.ccacheStdenv; }; + # "jellyfin-ffmpeg" = super."jellyfin-ffmpeg".override { stdenv = super.ccacheStdenv; }; # }) # ]; diff --git a/modules/nixos/security/common/default.nix b/modules/nixos/security/common/default.nix index 98c5556..2e4e775 100644 --- a/modules/nixos/security/common/default.nix +++ b/modules/nixos/security/common/default.nix @@ -12,9 +12,9 @@ in }; # configure sudo - sudo.enable = lib.mkDefault false; + sudo.enable = lib.mkForce false; sudo-rs = { - enable = lib.mkDefault true; + enable = lib.mkForce true; extraRules = [ { commands = [ diff --git a/packages/python/python-nanokvm/default.nix b/packages/python/python-nanokvm/default.nix index e48ed52..57bb1fb 100644 --- a/packages/python/python-nanokvm/default.nix +++ b/packages/python/python-nanokvm/default.nix @@ -20,6 +20,7 @@ python3Packages.buildPythonPackage rec { aiohttp cryptography yarl + paramiko pillow pydantic ]; diff --git a/packages/python/python-roborock/default.nix b/packages/python/python-roborock/default.nix index 9561f29..a6b2f22 100644 --- a/packages/python/python-roborock/default.nix +++ b/packages/python/python-roborock/default.nix @@ -8,7 +8,7 @@ python3Packages.buildPythonPackage rec { pname = "python-roborock"; - version = "3.10.2"; + version = "3.10.10"; pyproject = true; disabled = python3Packages.pythonOlder "3.11"; @@ -17,7 +17,7 @@ python3Packages.buildPythonPackage rec { owner = "humbertogontijo"; repo = "python-roborock"; tag = "v${version}"; - hash = "sha256-iDypFBZe9hCoHdZjgDT56M8SgBiUomCIttMrFdhsN/k="; + hash = "sha256-FBm/Gt45VRquZ4Y/0upyNjcJ/XJiYnFFCtoIa0Qhz4U="; }; pythonRelaxDeps = [ "pycryptodome" ]; diff --git a/systems/x86_64-install-iso/graphical/default.nix b/systems/x86_64-install-iso/graphical/default.nix new file mode 100644 index 0000000..71ce3c1 --- /dev/null +++ b/systems/x86_64-install-iso/graphical/default.nix @@ -0,0 +1,69 @@ +{ + pkgs, + namespace, + ... +}: +{ + ${namespace} = { + # ################################################### + # # Boot # # + # ################################################### + + bootloader.lanzaboote.enable = true; + + # ################################################### + # # Hardware # # + # ################################################### + + hardware.disko = { + enable = true; + filesystem = "btrfs"; + }; + + # ################################################### + # # Impermanence # # + # ################################################### + + impermanence = { + enable = true; + }; + + # ################################################### + # # Network # # + # ################################################### + + network = { + hostName = "nuc-nixos"; + firewall = { + enable = true; + allowPing = true; + }; + }; + + # ################################################### + # # Security # # + # ################################################### + + security.tpm.enable = true; + + # ################################################### + # # Services # # + # ################################################### + + # ################################################### + # # User # # + # ################################################### + + user = { + name = "admin"; + linger = true; + }; + }; + + # ################################################### + # # Boot # # + # ################################################### + + boot.kernelPackages = pkgs.linuxPackages_latest; + +} diff --git a/systems/x86_64-install-iso/minimal/default.nix b/systems/x86_64-install-iso/minimal/default.nix new file mode 100644 index 0000000..81a9202 --- /dev/null +++ b/systems/x86_64-install-iso/minimal/default.nix @@ -0,0 +1,73 @@ +{ + lib, + pkgs, + namespace, + ... +}: +{ + ${namespace} = { + # ################################################### + # # Boot # # + # ################################################### + + bootloader.lanzaboote.enable = true; + + # ################################################### + # # Hardware # # + # ################################################### + + hardware.disko = { + enable = true; + filesystem = "btrfs"; + }; + + # ################################################### + # # Impermanence # # + # ################################################### + + impermanence = { + enable = true; + }; + + # ################################################### + # # Network # # + # ################################################### + + network = { + hostName = "nuc-nixos"; + firewall = { + enable = true; + allowPing = true; + }; + }; + + # ################################################### + # # Security # # + # ################################################### + + security.tpm.enable = true; + + # ################################################### + # # Services # # + # ################################################### + + # ################################################### + # # User # # + # ################################################### + + user = { + name = "admin"; + linger = true; + }; + }; + + # ################################################### + # # Boot # # + # ################################################### + + boot = { + kernelPackages = lib.mkForce pkgs.linuxPackages_latest; + supportedFilesystems.zfs = false; + }; + +} diff --git a/systems/x86_64-linux/matt-nixos/boot.nix b/systems/x86_64-linux/matt-nixos/boot.nix index 8c1581b..fa0c069 100755 --- a/systems/x86_64-linux/matt-nixos/boot.nix +++ b/systems/x86_64-linux/matt-nixos/boot.nix @@ -1,6 +1,6 @@ { config, pkgs, ... }: let - kernel = pkgs.linuxPackages_cachyos; + kernel = pkgs.linuxPackages_latest; pkgsVersion = pkgs; # .unstable; in { diff --git a/systems/x86_64-linux/steamdeck/boot.nix b/systems/x86_64-linux/steamdeck/boot.nix index 6ce3b37..f6e134e 100755 --- a/systems/x86_64-linux/steamdeck/boot.nix +++ b/systems/x86_64-linux/steamdeck/boot.nix @@ -1,6 +1,6 @@ { pkgs, ... }: let - kernel = pkgs.linuxPackages_cachyos; + kernel = pkgs.linuxPackages_latest; in { # Configure bootloader with lanzaboot and secureboot