temp

systems/aarch64-linux/pi5/default.nix

@@ -30,9 +30,25 @@
     };
     network = {
       hostName = "pi5";
+      ipv4 = {
+        method = "manual";
+        address = "10.0.1.2/24";
+        gateway = "10.0.1.1";
+        dns = "1.1.1.1";
+        interface = "end0";
+      };
       firewall = {
         enable = true;
         allowPing = true;
+        allowedTCPPorts = [ 53 ];
+        allowedUDPPorts = [ 53 ];
+      };
+      networkmanager = {
+        profiles = {
+          "static-end0" = {
+            type = "ethernet";
+          };
+        };
       };
     };
   };

systems/x86_64-linux/steamdeck/configuration.nix

@@ -1,65 +0,0 @@
-# Edit this configuration file to define what should be installed on
-# your system. Help is available in the configuration.nix(5) man page, on
-# https://search.nixos.org/options and in the NixOS manual (`nixos-help`).
-
-{
-  config,
-  lib,
-  pkgs,
-  ...
-}:
-{
-  # Define a user account. Don't forget to set a password with ‘passwd’.
-  users.users = {
-    deck = {
-      hashedPasswordFile = lib.mkForce config.sops.secrets."steamdeck/deck-password".path;
-      openssh.authorizedKeys.keys = [
-        # macBook
-        "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCw9zq8DLGByI5v2gAn95hKNyOsm3g61a2buxu2BBMFysQJgmZPCCLUqRJKhSM5Vm/JOgsAmdpRBRZQoHD+6S844CJHb4v4VIbjkyQgYCuM7Rst2IOZ5QybvsA2/D0nwytZ+HXQqDj2AagUYDbz0gyyIHkDQ5YGBMkvkWz/h1Vci6aoBM7VihEDM4KlWoTVuPeASGM8r5IZ2FS83Djbqo4ov6AYvLMrKB9Z7hmFgH6R3LE0gxOkzbGVXtSuvJyrjvgytoT22UhATjjxSQ9D+YJXXkQoB3lUdg8OoIquUPjMZpl4mR8ffvseWPfcvD1XlD5t+TOHFqKpESO547tlOBYhdpew+NSgAXpamCU6oyV8tDCywLQu2ucxHRn78u6WXzWHkDtffdhzmk6TZaPhWqVHuTGjR4higBgGqUfSaKOMszt+FDRZAr3HtuQ2+zJ8bowK9fW5OqilTtK2HtQqroD9ApegDNbqOz6kGy5IycSXvqPURy/M4lxZxbtBPuemcJs= mattjallen@MacBook-Pro.local"
-        # desktop windows
-        "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDZ2PYPjZddOzR8OJj16G88KcUhCDLkvrEmpUQP0wKHDUuA27HQQ2ORo66asadwGHY3k1VDZ1ei9l9H++SIIeKOaaUr5yZdktvj4POUNtbd9ZhcS7sZU7BSF+NMDM+h3tImh6z0S7mWvRQOUv3ZM+ZER+5xTWJVG1OOJEpb1drxJk6Qz0wbZKSR7TPNFBLLXlVy7hkNYf07RtDyhCCxNB3hJfa8c+oztnWumwDhDQWLqiUXWIU2QH6iRLGl/WYnujtNvVVaV/Hn3JJkS6MM9dnV3cpoIO0+J7+WfsN9rZ0wXt5yY3GhiGXwmcO5eYVli8lHlLWtK7aYSETyry6CBsLbojzOQO5rSqhpwfF2njAAFAQU0UjLc8PahisIuFKCwHH4iyXXOagiv5K1Mc/0Ak+WhhMPee6vV2p7NTyNpXRvouDbWy5cSRH31WgQ9fK5mIGe5v8nGGqtEhUubUkiOgP+H3UbT2V/nTv/TFKdJcKw+WmizvTrxBmaMjWALlkYl+s= mattl@Jallen-PC"
-        # desktop nixos
-        "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPTBMydhOc6SnOdB5WrEd7X07DrboAtagCUgXiOJjLov matt@matt-nixos"
-      ];
-    };
-  };
-
-  programs.coolercontrol.enable = true;
-
-  services = {
-    btrfs = {
-      autoScrub.enable = lib.mkDefault true;
-      autoScrub.fileSystems = lib.mkDefault [
-        "/nix"
-        "/root"
-        "/etc"
-        "/var/log"
-        "/home"
-      ];
-    };
-  };
-
-  chaotic.mesa-git.enable = false;
-
-  services.displayManager.gdm.enable = lib.mkForce false;
-
-  # List packages installed in system profile. To search, run:
-  # $ nix search wget
-  environment = {
-    systemPackages = with pkgs; [
-      fuse
-      jq
-      newt
-      sbctl
-      steam-run
-      udisks2
-      zenity
-    ];
-
-    variables = {
-      STEAM_FORCE_DESKTOPUI_SCALING = "1.0";
-      GDK_SCALE = "1";
-      LSFG_DLL_PATH = "/home/deck/.steam/steam/steamapps/common/Lossless Scaling/Lossless.dll";
-    };
-  };
-}

systems/x86_64-linux/steamdeck/default.nix

@@ -1,22 +1,12 @@
-# Snowfall Lib provides a customized `lib` instance with access to your flake's library
 {
-  # as well as the libraries available from your flake's inputs.
-  # An instance of `pkgs` with your overlays and packages applied is also available.
-  # You also have access to your flake's inputs.
-
-  # Additional metadata is provided by Snowfall Lib.
-  namespace, # The namespace used for your flake, defaulting to "internal" if not set. # The system architecture for this host (eg. `x86_64-linux`). # The Snowfall Lib target for this system (eg. `x86_64-iso`). # A normalized name for the system target (eg. `iso`). # A boolean to determine whether this system is a virtual target using nixos-generators. # An attribute map of your defined hosts.
-
-  # All other arguments come from the system system.
+  lib,
+  namespace,
   ...
 }:
 {
   imports = [
     ./boot.nix
-    ./configuration.nix
     ./jovian.nix
-    # ./networking.nix - moved to modules/nixos/network
-    ./sops.nix
   ];
 
   ${namespace} = {
@@ -31,4 +21,14 @@
       hostName = "steamdeck";
     };
   };
+
+  environment = {
+    variables = {
+      STEAM_FORCE_DESKTOPUI_SCALING = "1.0";
+      GDK_SCALE = "1";
+      LSFG_DLL_PATH = "/home/deck/.steam/steam/steamapps/common/Lossless Scaling/Lossless.dll";
+    };
+  };
+
+  services.displayManager.gdm.enable = lib.mkForce false;
 }

systems/x86_64-linux/steamdeck/networking.nix

@@ -1,44 +0,0 @@
-{ config, lib, ... }:
-let
-  hostname = "steamdeck";
-  wifiSsid = "Joey's Jungle 5G";
-in
-{
-  networking = {
-    hostName = lib.mkForce hostname;
-    networkmanager = {
-      enable = true;
-      wifi.powersave = lib.mkDefault false;
-      settings.connectivity.uri = lib.mkDefault "http://nmcheck.gnome.org/check_network_status.txt";
-      ensureProfiles = {
-        environmentFiles = [
-          config.sops.secrets.wifi.path
-        ];
-
-        profiles = {
-          wifiSsid = {
-            connection = {
-              id = wifiSsid;
-              type = "wifi";
-            };
-            ipv4 = {
-              method = "auto";
-            };
-            ipv6 = {
-              addr-gen-mode = "stable-privacy";
-              method = "auto";
-            };
-            wifi = {
-              mode = "infrastructure";
-              ssid = wifiSsid;
-            };
-            wifi-security = {
-              key-mgmt = "sae";
-              psk = "$PSK";
-            };
-          };
-        };
-      };
-    };
-  };
-}

systems/x86_64-linux/steamdeck/sops.nix

@@ -1,116 +0,0 @@
-{
-  config,
-  lib,
-  namespace,
-  ...
-}:
-let
-  user = config.${namespace}.user.name;
-in
-{
-  # Permission modes are in octal representation (same as chmod),
-  # the digits represent: user|group|others
-  # 7 - full (rwx)
-  # 6 - read and write (rw-)
-  # 5 - read and execute (r-x)
-  # 4 - read only (r--)
-  # 3 - write and execute (-wx)
-  # 2 - write only (-w-)
-  # 1 - execute only (--x)
-  # 0 - none (---)
-  # Either a user id or group name representation of the secret owner
-  # It is recommended to get the user name from `config.users.users.<?name>.name` to avoid misconfiguration
-  # Either the group id or group name representation of the secret group
-  # It is recommended to get the group name from `config.users.users.<?name>.group` to avoid misconfiguration
-  sops = {
-    defaultSopsFile = lib.mkForce (lib.snowfall.fs.get-file "secrets/steamdeck-secrets.yaml");
-    age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
-
-    # ------------------------------
-    # Secrets
-    # ------------------------------
-    secrets = {
-      "steamdeck/deck-password" = {
-        neededForUsers = true;
-        mode = "0600";
-        owner = config.users.users."${user}".name;
-        group = config.users.users."${user}".group;
-      };
-
-      "wifi" = {
-        sopsFile = (lib.snowfall.fs.get-file "secrets/secrets.yaml");
-      };
-
-      # ------------------------------
-      # SSH keys
-      # ------------------------------
-      # "ssh-keys-public/desktop-nixos" = {
-      #   mode = "0644";
-      #   owner = config.users.users."${user}".name;
-      #   group = config.users.users."${user}".group;
-      #   restartUnits = [ "sshd.service" ];
-      # };
-      # "ssh-keys-private/desktop-nixos" = {
-      #   mode = "0600";
-      #   owner = config.users.users."${user}".name;
-      #   group = config.users.users."${user}".group;
-      #   restartUnits = [ "sshd.service" ];
-      # };
-      # "ssh-keys-public/desktop-nixos-root" = {
-      #   path = "/root/.ssh/id_ed25519.pub";
-      #   mode = "0600";
-      #   restartUnits = [ "sshd.service" ];
-      # };
-      # "ssh-keys-private/desktop-nixos-root" = {
-      #   path = "/root/.ssh/id_ed25519";
-      #   mode = "0600";
-      #   restartUnits = [ "sshd.service" ];
-      # };
-
-      # ------------------------------
-      # Secureboot keys
-      # ------------------------------
-      "secureboot/GUID" = {
-        sopsFile = (lib.snowfall.fs.get-file "secrets/secrets.yaml");
-        #        path = "/etc/secureboot/GUID";
-        mode = "0600";
-      };
-      "secureboot/keys/db-key" = {
-        sopsFile = (lib.snowfall.fs.get-file "secrets/secrets.yaml");
-        #        path = "/etc/secureboot/keys/db/db.key";
-        mode = "0600";
-      };
-      "secureboot/keys/db-pem" = {
-        sopsFile = (lib.snowfall.fs.get-file "secrets/secrets.yaml");
-        #        path = "/etc/secureboot/keys/db/db.pem";
-        mode = "0600";
-      };
-      "secureboot/keys/KEK-key" = {
-        sopsFile = (lib.snowfall.fs.get-file "secrets/secrets.yaml");
-        #        path = "/etc/secureboot/keys/KEK/KEK.key";
-        mode = "0600";
-      };
-      "secureboot/keys/KEK-pem" = {
-        sopsFile = (lib.snowfall.fs.get-file "secrets/secrets.yaml");
-        #        path = "/etc/secureboot/keys/KEK/KEK.pem";
-        mode = "0600";
-      };
-      "secureboot/keys/PK-key" = {
-        sopsFile = (lib.snowfall.fs.get-file "secrets/secrets.yaml");
-        #        path = "/etc/secureboot/keys/PK/PK.key";
-        mode = "0600";
-      };
-      "secureboot/keys/PK-pem" = {
-        sopsFile = (lib.snowfall.fs.get-file "secrets/secrets.yaml");
-        #        path = "/etc/secureboot/keys/PK/PK.pem";
-        mode = "0600";
-      };
-    };
-
-    # ------------------------------
-    # Templates
-    # ------------------------------
-    templates = {
-    };
-  };
-}