mjallen/nix-config
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

idk moving stuff

Browse Source
This commit is contained in:
mjallen18
2025-05-09 15:18:30 -05:00
parent 4c29bea94d
commit b6137d4543
4 changed files with 49 additions and 94 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
hosts/default.nix
View File

@@ -145,6 +145,11 @@ in
enableSSHSupport = lib.mkDefault true;
};
command-not-found.enable = lib.mkForce false;
nix-index = {
enable = true;
enableBashIntegration = false;
enableZshIntegration = true;
};
};
environment.systemPackages = with pkgs; [

96
hosts/pi5/configuration.nix
View File

@@ -5,12 +5,7 @@
{ config, lib, pkgs, ... }:
let
user = "matt";
password = "$y$j9T$EkPXmsmIMFFZ.WRrBYCxS1$P0kwo6e4.WM5DsqUcEqWC3MrZp5KfCjxffraMFZWu06";
SSID = "Joey's Jungle 5G";
wifiSecrets = "kR8v&3Qd"; #config.sops.secrets."wifi".path;
interface = "wlan0";
timezone = "America/Chicago";
hostname = "pi5";
password = config.sops.secrets."jallen-nas/admin_password".path;
kernelBundle = pkgs.linuxAndFirmware.v6_6_31;
in
{
@@ -22,40 +17,21 @@ in
./sops.nix
../default.nix
];
networking.networkmanager.enable = true;
programs.zsh.enable = true;
# Enable nix flakes and nix-command tools
nix = {
settings = {
substituters = [
# "https://cache.mjallen.dev"
"https://nixos-raspberrypi.cachix.org"
"https://nix-community.cachix.org"
"https://cache.nixos.org/"
];
trusted-public-keys = [
# "cache.mjallen.dev-1:IzFmKCd8/gggI6lcCXsW65qQwiCLGFFN9t9s2iw7Lvc="
"nixos-raspberrypi.cachix.org-1:4iMO9LXa8BqhU+Rpg6LQKiGa2lsNh/j2oiYLNOQ5sPI="
"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
];
warn-dirty = lib.mkForce false;
experimental-features = lib.mkForce [
"nix-command"
"flakes"
];
trusted-users = lib.mkDefault [
"root"
"@wheel"
user
];
};
};
# Configure nixpkgs
nixpkgs = {
# Enable non free
config.allowUnfree = lib.mkForce true;
overlays = lib.mkAfter [
(self: super: {
# This is used in (modulesPath + "/hardware/all-firmware.nix") when at least
@@ -76,29 +52,6 @@ in
cfg.bootloader
config.boot.kernelPackages.kernel.version
];
# Hardware configs
hardware = {
# Bluetooth
bluetooth.enable = lib.mkDefault true;
# Enable all firmware
enableAllFirmware = lib.mkForce true;
};
services.xserver = {
enable = false;
desktopManager = {
budgie.enable = false;
};
displayManager = {
lightdm.enable = false;
};
};
# Set your time zone.
time.timeZone = timezone;
systemd.services.btattach = {
before = [ "bluetooth.service" ];
@@ -110,61 +63,20 @@ in
};
environment.systemPackages = with pkgs; [
btop
sops
vscode
vim
git
libraspberrypi
raspberrypi-eeprom
raspberrypifw
raspberrypiWirelessFirmware
raspberrypi-armstubs
htop
git
vim
];
services.openssh.enable = true;
programs.command-not-found.enable = lib.mkForce false;
programs.nix-index = {
enable = true;
enableBashIntegration = false;
enableZshIntegration = true;
};
security = {
rtkit.enable = lib.mkDefault true;
# configure sudo
sudo.enable = lib.mkDefault false;
sudo-rs = {
enable = lib.mkDefault true;
extraRules = [
{
commands = [
{
command = "${pkgs.systemd}/bin/systemctl suspend";
options = [ "NOPASSWD" ];
}
{
command = "${pkgs.systemd}/bin/reboot";
options = [ "NOPASSWD" ];
}
{
command = "${pkgs.systemd}/bin/poweroff";
options = [ "NOPASSWD" ];
}
];
groups = [ "wheel" ];
}
];
};
};
users = {
mutableUsers = false;
users."${user}" = {
isNormalUser = true;
initialHashedPassword = password;
hashedPasswordFile = password;
extraGroups = [
"wheel"
"docker"

17
hosts/pi5/home.nix
View File

@@ -4,9 +4,10 @@ let
ll = "ls -alh";
update-boot = "sudo nixos-rebuild boot --max-jobs 10 --build-host admin@10.0.1.18";
update-switch = "sudo nixos-rebuild switch --max-jobs 10 --build-host admin@10.0.1.18";
update-flake = "sudo nix flake update ~/nix-config";
update-flake = "nix flake update desktop-nixpkgs desktop-chaotic desktop-home-manager desktop-impermanence desktop-lanzaboote desktop-nixos-hardware desktop-sops-nix desktop-steam-rom-manager --flake /etc/nixos";
update-nas = "nixos-rebuild switch --use-remote-sudo --target-host admin@10.0.1.18 --build-host admin@10.0.1.18 --flake ~/nix-config#jallen-nas";
nas-ssh = "kitten ssh admin@10.0.1.18";
ducks = "du -cksh * | sort -hr | head -n 15";
};
gitAliases = {
@@ -21,7 +22,6 @@ let
};
in
{
home.username = "matt";
home.homeDirectory = "/home/matt";
home.stateVersion = "23.11";
@@ -89,4 +89,17 @@ in
aliases = gitAliases;
};
};
home.packages = with pkgs; [
age
btop
fastfetch
firefox
home-manager
lm_sensors
mission-center
sops
tree
vscode
];
}

25
hosts/pi5/sops.nix
View File

@@ -1,4 +1,7 @@
{ ... }:
let
user = "matt";
in
{
sops = {
defaultSopsFile = ../../secrets/secrets.yaml;
@@ -6,6 +9,28 @@
secrets = {
"wifi" = { };
"desktop/matt_password" = {
neededForUsers = true;
mode = "0600";
owner = config.users.users."${user}".name;
group = config.users.users."${user}".group;
};
# ------------------------------
# SSH keys
# ------------------------------
"ssh-keys-public/pi5" = {
mode = "0644";
owner = config.users.users."${user}".name;
group = config.users.users."${user}".group;
restartUnits = [ "sshd.service" ];
};
"ssh-keys-private/pi5" = {
mode = "0600";
owner = config.users.users."${user}".name;
group = config.users.users."${user}".group;
restartUnits = [ "sshd.service" ];
};
};
};
}