mjallen/nix-config
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

cleanup

Browse Source
This commit is contained in:
mjallen18
2024-10-12 21:59:15 -05:00
parent 1ab2c8a492
commit c850e5174f
17 changed files with 89 additions and 380 deletions
Download Patch File Download Diff File Expand all files Collapse all files

183
flake.lock generated
View File

@@ -75,11 +75,11 @@
"rust-overlay": "rust-overlay"
},
"locked": {
"lastModified": 1728591802,
"narHash": "sha256-/HefSuC9DgRAVfiZ64+E32L5WHu9mpqrcnnZA9em2iY=",
"lastModified": 1728783352,
"narHash": "sha256-9U5sXyy5i8N2iL6dROw8vAAhbbBAVWmKuNbEZj6CzSQ=",
"owner": "lilyinstarlight",
"repo": "nixos-cosmic",
"rev": "7a40bf82de534822d22503e195f2b71715277ad6",
"rev": "f545d4fc6c01afb04b9108f59d16160dcfa0a971",
"type": "github"
},
"original": {
@@ -180,22 +180,6 @@
}
},
"flake-compat_4": {
"flake": false,
"locked": {
"lastModified": 1696426674,
"narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=",
"owner": "edolstra",
"repo": "flake-compat",
"rev": "0f9255e01c2351cc7d116c072cb317785dd33b33",
"type": "github"
},
"original": {
"owner": "edolstra",
"repo": "flake-compat",
"type": "github"
}
},
"flake-compat_5": {
"locked": {
"lastModified": 1688025799,
"narHash": "sha256-ktpB4dRtnksm9F5WawoIkEneh1nrEvuxb5lJFt1iOyw=",
@@ -302,49 +286,7 @@
"type": "github"
}
},
"git-hooks": {
"inputs": {
"flake-compat": "flake-compat_3",
"gitignore": "gitignore",
"nixpkgs": "nixpkgs_3",
"nixpkgs-stable": "nixpkgs-stable_2"
},
"locked": {
"lastModified": 1728580416,
"narHash": "sha256-nKttjKg6lE7O5S+wlBOkXsUGdOgVxZ8SWaCOyodW5so=",
"owner": "cachix",
"repo": "git-hooks.nix",
"rev": "4ebefcac44b5116cf5741be858245db769ddedd1",
"type": "github"
},
"original": {
"owner": "cachix",
"repo": "git-hooks.nix",
"type": "github"
}
},
"gitignore": {
"inputs": {
"nixpkgs": [
"git-hooks",
"nixpkgs"
]
},
"locked": {
"lastModified": 1709087332,
"narHash": "sha256-HG2cCnktfHsKV0s4XW83gU3F57gaTljL9KNSuG6bnQs=",
"owner": "hercules-ci",
"repo": "gitignore.nix",
"rev": "637db329424fd7e46cf4185293b9cc8c88c95394",
"type": "github"
},
"original": {
"owner": "hercules-ci",
"repo": "gitignore.nix",
"type": "github"
}
},
"gitignore_2": {
"inputs": {
"nixpkgs": [
"lanzaboote",
@@ -394,11 +336,11 @@
]
},
"locked": {
"lastModified": 1728588172,
"narHash": "sha256-wCLcOMOyiFHa4MfAT1SR8jj47GcmCXiR93kgFs38bVY=",
"lastModified": 1728726232,
"narHash": "sha256-8ZWr1HpciQsrFjvPMvZl0W+b0dilZOqXPoKa2Ux36bc=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "8bb5d53c5847d9a9b2ad1bda49f9aa9df0de282a",
"rev": "d57112db877f07387ce7104b5ac346ede556d2d7",
"type": "github"
},
"original": {
@@ -447,7 +389,7 @@
"lanzaboote": {
"inputs": {
"crane": "crane",
"flake-compat": "flake-compat_4",
"flake-compat": "flake-compat_3",
"flake-parts": "flake-parts_2",
"flake-utils": "flake-utils_2",
"nixpkgs": [
@@ -499,14 +441,14 @@
},
"nix-darwin": {
"inputs": {
"nixpkgs": "nixpkgs_4"
"nixpkgs": "nixpkgs_3"
},
"locked": {
"lastModified": 1728385805,
"narHash": "sha256-mUd38b0vhB7yzgAjNOaFz7VY9xIVzlbn3P2wjGBcVV0=",
"lastModified": 1728769175,
"narHash": "sha256-KtE4F2wTzIpE6fI9diD5dDkUgGAt7IG80TnFqkCD8Ws=",
"owner": "LnL7",
"repo": "nix-darwin",
"rev": "48b50b3b137be5cfb9f4d006835ce7c3fe558ccc",
"rev": "fd0e3ed30b75ddf7f3d94829d80a078b413b6244",
"type": "github"
},
"original": {
@@ -562,8 +504,8 @@
},
"nixos-apple-silicon": {
"inputs": {
"flake-compat": "flake-compat_5",
"nixpkgs": "nixpkgs_5",
"flake-compat": "flake-compat_4",
"nixpkgs": "nixpkgs_4",
"rust-overlay": "rust-overlay_3"
},
"locked": {
@@ -582,11 +524,11 @@
},
"nixos-hardware": {
"locked": {
"lastModified": 1728269138,
"narHash": "sha256-oKxDImsOvgUZMY4NwXVyUc/c1HiU2qInX+b5BU0yXls=",
"lastModified": 1728729581,
"narHash": "sha256-oazkQ/z7r43YkDLLQdMg8oIB3CwWNb+2ZrYOxtLEWTQ=",
"owner": "NixOS",
"repo": "nixos-hardware",
"rev": "ecfcd787f373f43307d764762e139a7cdeb9c22b",
"rev": "a8dd1b21995964b115b1e3ec639dd6ce24ab9806",
"type": "github"
},
"original": {
@@ -626,11 +568,11 @@
},
"nixpkgs-stable": {
"locked": {
"lastModified": 1728328465,
"narHash": "sha256-a0a0M1TmXMK34y3M0cugsmpJ4FJPT/xsblhpiiX1CXo=",
"lastModified": 1728627514,
"narHash": "sha256-r+SF9AnHrTg+bk6YszoKfV9lgyw+yaFUQe0dOjI0Z2o=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "1bfbbbe5bbf888d675397c66bfdb275d0b99361c",
"rev": "c505ebf777526041d792a49d5f6dd4095ea391a7",
"type": "github"
},
"original": {
@@ -641,22 +583,6 @@
}
},
"nixpkgs-stable_2": {
"locked": {
"lastModified": 1720386169,
"narHash": "sha256-NGKVY4PjzwAa4upkGtAMz1npHGoRzWotlSnVlqI40mo=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "194846768975b7ad2c4988bdb82572c00222c0d7",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-24.05",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs-stable_3": {
"locked": {
"lastModified": 1710695816,
"narHash": "sha256-3Eh7fhEID17pv9ZxrPwCLfqXnYP006RKzSs0JptsN84=",
@@ -672,23 +598,7 @@
"type": "github"
}
},
"nixpkgs-stable_4": {
"locked": {
"lastModified": 1728500571,
"narHash": "sha256-dOymOQ3AfNI4Z337yEwHGohrVQb4yPODCW9MDUyAc4w=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "d51c28603def282a24fa034bcb007e2bcb5b5dd0",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-24.05",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs-stable_5": {
"nixpkgs-stable_3": {
"locked": {
"lastModified": 1728156290,
"narHash": "sha256-uogSvuAp+1BYtdu6UWuObjHqSbBohpyARXDWqgI12Ss=",
@@ -720,22 +630,6 @@
"type": "github"
}
},
"nixpkgs-unstable-small": {
"locked": {
"lastModified": 1728534991,
"narHash": "sha256-wLUZyvtOOowAz0kTrU2MoC4nXWniFaVezGyzuEt5HPc=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "6b955bdbb9efe4a5c047746323951fe1bdf8d01b",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-unstable-small",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_2": {
"locked": {
"lastModified": 1728492678,
@@ -753,22 +647,6 @@
}
},
"nixpkgs_3": {
"locked": {
"lastModified": 1719082008,
"narHash": "sha256-jHJSUH619zBQ6WdC21fFAlDxHErKVDJ5fpN0Hgx4sjs=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "9693852a2070b398ee123a329e68f0dab5526681",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixpkgs-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_4": {
"locked": {
"lastModified": 1718149104,
"narHash": "sha256-Ds1QpobBX2yoUDx9ZruqVGJ/uQPgcXoYuobBguyKEh8=",
@@ -782,7 +660,7 @@
"type": "indirect"
}
},
"nixpkgs_5": {
"nixpkgs_4": {
"locked": {
"lastModified": 1725103162,
"narHash": "sha256-Ym04C5+qovuQDYL/rKWSR+WESseQBbNAe5DsXNx5trY=",
@@ -798,7 +676,7 @@
"type": "github"
}
},
"nixpkgs_6": {
"nixpkgs_5": {
"locked": {
"lastModified": 1728093190,
"narHash": "sha256-CAZF2NRuHmqTtRTNAruWpHA43Gg2UvuCNEIzabP0l6M=",
@@ -851,12 +729,12 @@
"lanzaboote",
"flake-compat"
],
"gitignore": "gitignore_2",
"gitignore": "gitignore",
"nixpkgs": [
"lanzaboote",
"nixpkgs"
],
"nixpkgs-stable": "nixpkgs-stable_3"
"nixpkgs-stable": "nixpkgs-stable_2"
},
"locked": {
"lastModified": 1717664902,
@@ -877,16 +755,13 @@
"authentik-nix": "authentik-nix",
"chaotic": "chaotic",
"cosmic": "cosmic",
"git-hooks": "git-hooks",
"home-manager": "home-manager_2",
"impermanence": "impermanence",
"lanzaboote": "lanzaboote",
"nix-darwin": "nix-darwin",
"nixos-apple-silicon": "nixos-apple-silicon",
"nixos-hardware": "nixos-hardware",
"nixpkgs-stable": "nixpkgs-stable_4",
"nixpkgs-unstable": "nixpkgs-unstable",
"nixpkgs-unstable-small": "nixpkgs-unstable-small",
"sops-nix": "sops-nix"
}
},
@@ -915,11 +790,11 @@
]
},
"locked": {
"lastModified": 1728461096,
"narHash": "sha256-cd0cXB85B3kGpm+iumP9xCnqFErspXL9Z/2X59kQ6c4=",
"lastModified": 1728700003,
"narHash": "sha256-Ox1pvEHxLK6lAdaKQW21Zvk65SPDag+cD8YA444R/og=",
"owner": "oxalica",
"repo": "rust-overlay",
"rev": "e310b9bd71fa6c6a9fec0a8cf5af43ce798a0ad6",
"rev": "fc1e58ebabe0cef4442eedea07556ff0c9eafcfe",
"type": "github"
},
"original": {
@@ -971,8 +846,8 @@
},
"sops-nix": {
"inputs": {
"nixpkgs": "nixpkgs_6",
"nixpkgs-stable": "nixpkgs-stable_5"
"nixpkgs": "nixpkgs_5",
"nixpkgs-stable": "nixpkgs-stable_3"
},
"locked": {
"lastModified": 1728345710,

34
flake.nix
View File

@@ -6,10 +6,10 @@
nixpkgs-unstable.url = "github:NixOS/nixpkgs/nixos-unstable";
# nixpkgs-unstable-small
nixpkgs-unstable-small.url = "github:NixOS/nixpkgs/nixos-unstable-small";
# nixpkgs-unstable-small.url = "github:NixOS/nixpkgs/nixos-unstable-small";
# nixpgs
nixpkgs-stable.url = "github:NixOS/nixpkgs/nixos-24.05";
# nixpkgs-stable.url = "github:NixOS/nixpkgs/nixos-24.05";
# Authentik
authentik-nix.url = "github:nix-community/authentik-nix";
@@ -48,16 +48,14 @@
url = "github:lilyinstarlight/nixos-cosmic";
inputs.nixpkgs.follows = "nixpkgs-unstable";
};
git-hooks.url = "github:cachix/git-hooks.nix";
};
outputs =
{
self,
nixpkgs-unstable,
nixpkgs-unstable-small,
nixpkgs-stable,
# nixpkgs-unstable-small,
# nixpkgs-stable,
chaotic,
lanzaboote,
impermanence,
@@ -68,16 +66,9 @@
cosmic,
authentik-nix,
sops-nix,
git-hooks,
}@inputs:
let
inherit (self) outputs;
supportedSystems = [
"x86_64-linux"
"aarch64-linux"
"aarch64-darwin"
];
forAllSystems = nixpkgs-unstable.lib.genAttrs supportedSystems;
in
{
overlays = import ./overlays { inherit inputs; };
@@ -139,7 +130,6 @@
nixos-hardware.nixosModules.common-pc
nixos-hardware.nixosModules.common-cpu-amd
nixos-hardware.nixosModules.common-hidpi
# nixos-hardware.nixosModules.common-gpu-nvidia
];
};
@@ -195,21 +185,5 @@
# Set Git commit hash for darwin-version.
system.configurationRevision = self.rev or self.dirtyRev or null;
# checks = forAllSystems (system: {
# pre-commit-check = git-hooks.lib.${system}.run {
# src = ./.;
# hooks = {
# nixpkgs-fmt.enable = true;
# };
# };
# });
# devShells = forAllSystems (system: {
# default = nixpkgs-unstable.legacyPackages.${system}.mkShell {
# inherit (self.checks.${system}.pre-commit-check) shellHook;
# buildInputs = self.checks.${system}.pre-commit-check.enabledPackages;
# };
# });
};
}

8
hosts/default.nix
View File

@@ -11,8 +11,8 @@ in
# Enable nix flakes and nix-command tools
nix = {
settings = {
warn-dirty = false;
experimental-features = [
warn-dirty = lib.mkForce false;
experimental-features = lib.mkForce [
"nix-command"
"flakes"
];
@@ -20,7 +20,7 @@ in
# Garbage collect automatically every week
gc.automatic = lib.mkDefault true;
gc.options = "--delete-older-than 30d";
gc.options = lib.mkDefault "--delete-older-than 30d";
optimise.automatic = lib.mkDefault true;
};
@@ -38,7 +38,7 @@ in
enableAllFirmware = lib.mkForce true;
# Disable pulse audio in favor of pipewire
pulseaudio.enable = false;
pulseaudio.enable = lib.mkDefault false;
};
# Services configs

2
hosts/desktop/configuration.nix
View File

@@ -223,8 +223,6 @@ in
wineWowPackages.waylandFull
];
sessionVariables = lib.mkDefault { STEAM_FORCE_DESKTOPUI_SCALING = "1"; };
etc."lact/config.yaml".text = ''
daemon:
log_level: info

2
hosts/desktop/home.nix
View File

@@ -16,7 +16,7 @@ let
s = "status";
st = "status";
b = "branch";
# p = "pull --rebase";
p = "pull --rebase";
pu = "push";
};
in

4
hosts/desktop/hyprland/home.nix
View File

@@ -15,8 +15,8 @@ let
themeVariants = [ gtkThemeAccent ];
tweaks = [ gtkThemeVariant ];
};
iconThemeColor = "dark"; # "" "light" "dark"
iconThemeVariant = ""; # "" "purple" "pink" "red" "orange" "yellow" "green" "teal" "grey"
# iconThemeColor = "dark"; # "" "light" "dark"
# iconThemeVariant = ""; # "" "purple" "pink" "red" "orange" "yellow" "green" "teal" "grey"
iconThemeScheme = "nord"; # "" "nord" "dracula" "gruvbox" "everforest" "catppuccin"
iconTheme = "Colloid-Nord";
iconThemePkg = pkgs.colloid-icon-theme.override {

1
hosts/nas/configuration.nix
View File

@@ -173,6 +173,7 @@ in
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPTBMydhOc6SnOdB5WrEd7X07DrboAtagCUgXiOJjLov matt@matt-nixos"
];
packages = with pkgs; [
cachix
fastfetch
git
parted

10
hosts/nas/filesystems.nix
View File

@@ -105,6 +105,16 @@ in
options = [ "subvol=timemachine" ] ++ defaultOptions;
};
fileSystems."/run/mount/ssd" = {
device = "/dev/mapper/ssd1";
fsType = "btrfs";
};
fileSystems."/run/mount/main" = {
device = "/dev/mapper/hdd1";
fsType = "btrfs";
};
# fileSystems."/media/nas/junk/nextcloud-backup" = {
# device = "/dev/disk/by-uuid/11948951106919390044";
# fsType = "btrfs";

2
hosts/nas/home.nix
View File

@@ -42,7 +42,7 @@
s = "status";
st = "status";
b = "branch";
# p = "pull --rebase";
p = "pull --rebase";
pu = "push";
};
};

7
hosts/nas/impermanence.nix
View File

@@ -1,4 +1,4 @@
{ ... }@args:
{ ... }:
{
# Set up impernance configuration for things like bluetooth
# In this configuration with /etc and /var/log being persistent, only directories outside of that need to be done here. See hardware configuration for all mountpoints.
@@ -34,4 +34,9 @@
"/etc/machine-id"
];
};
security.sudo.extraConfig = ''
# rollback results in sudo lectures after each reboot
Defaults lecture = never
'';
}

70
hosts/nas/networking.nix
View File

@@ -2,25 +2,19 @@
let
hostname = "jallen-nas";
ipAddress = "10.0.1.18";
ipAddress2 = "10.0.1.19";
gateway = "10.0.1.1";
allowedPorts = [
2342
3493
61208
9090
9000
# config.services.tailscale.port
# 22
];
in
{
# Networking configs wlp7s0
# Networking configs
networking = {
hostName = hostname;
useNetworkd = true;
hostId = "4b501480";
# Enable Network Manager
# Disable Network Manager
networkmanager.enable = false;
interfaces = {
@@ -33,25 +27,23 @@ in
}
];
};
# br0 = {
# useDHCP = false;
# ipv4.addresses = [
# {
# address = ipAddress;
# prefixLength = 24;
# }
# ];
# };
wlp6s0 = {
useDHCP = true;
ipv4.addresses = [
{
address = ipAddress2;
prefixLength = 24;
}
];
};
};
# bridges = {
# br0 = {
# interfaces = [ "wlp6s0" ];
# };
# };
defaultGateway = {
interface = "wlp7s0";
address = gateway;
metric = 1;
};
defaultGateway.address = gateway;
nameservers = [ gateway ];
wireless = {
@@ -60,42 +52,32 @@ in
secretsFile = config.sops.secrets."wifi".path;
allowAuxiliaryImperativeNetworks = true;
interfaces = [
"wlp6s0"
"wlp7s0"
];
networks = {
"Joey's Jungle 6G" = {
# pskRaw = "ext:PSK";
# priority = 1000;
# pskRaw = "ext:PSK";
priority = 1000;
psk = "kR8v&3Qd";
extraConfig = ''
key_mgmt=SAE
ieee80211w=2
'';
};
# "Joey's Jungle 5G" = {
# pskRaw = "ext:PSK";
# priority = 1;
# };
"Joey's Jungle 5G" = {
pskRaw = "ext:PSK";
priority = -100;
};
};
};
firewall = {
enable = true;
allowPing = true;
extraCommands = "iptables -t raw -A OUTPUT -p udp -m udp --dport 137 -j CT --helper netbios-ns"; # TODO is this needed?
allowedTCPPorts = allowedPorts;
allowedUDPPorts = allowedPorts;
# always allow traffic from your Tailscale network
trustedInterfaces = [ "tailscale0" ];
};
# nat = {
# enable = true;
# internalInterfaces = ["ve-+"];
# externalInterface = "wlp9s0";
# # Lazy IPv6 connectivity for the container
# enableIPv6 = true;
# };
};
}

22
modules/services/caddy/default.nix
View File

@@ -1,22 +0,0 @@
{ ... }:
let
collaboraPort = "9980";
nextcloudPort = "9981";
jellyfinPort = "";
in
{
services.caddy = {
enable = true;
enableReload = true;
email = "jalle008@proton.me";
user = "nix-apps";
group = "jallen-nas";
dataDir = "/media/ssd/nix-app-data/caddy";
virtualHosts."hass.mjallen.dev".extraConfig = ''
reverse_proxy http://10.0.1.183:8126
'';
};
}

97
modules/services/fail2ban/default.nix
View File

@@ -1,97 +0,0 @@
{ pkgs, ... }:
{
services.fail2ban = {
enable = true;
# Ban IP after 5 failures
maxretry = 5;
ignoreIP = [
# Whitelist subnet
"10.0.1.0/24"
# "8.8.8.8" # whitelist a specific IP
# "nixos.wiki" # resolve the IP via DNS
];
bantime = "24h"; # Ban IPs for one day on the first ban
bantime-increment = {
enable = true; # Enable increment of bantime after each violation
formula = "ban.Time * math.exp(float(ban.Count+1)*banFactor)/math.exp(1*banFactor)";
multipliers = "1 2 4 8 16 32 64";
maxtime = "168h"; # Do not ban for more than 1 week
overalljails = true; # Calculate the bantime based on all the violations
};
jails = {
apache-nohome-iptables.settings = {
# Block an IP address if it accesses a non-existent
# home directory more than 5 times in 10 minutes,
# since that indicates that it's scanning.
filter = "apache-nohome";
action = ''iptables-multiport[name=HTTP, port="http,https"]'';
logpath = "/var/log/httpd/error_log*";
backend = "auto";
findtime = 600;
bantime = 600;
maxretry = 5;
};
ngnix-url-probe.settings = {
enabled = true;
filter = "nginx-url-probe";
logpath = "/var/log/nginx/access.log";
action = ''%(action_)s[blocktype=DROP]
ntfy'';
backend = "auto"; # Do not forget to specify this if your jail uses a log file
maxretry = 5;
findtime = 600;
};
nginx-http-auth.settings = {
enabled = true;
filter = "nginx-http-auth";
port = "http,https";
logpath = "/var/log/httpd/error_log*";
};
nginx-badbots.settings = {
enabled = true;
filter = "nginx-badbots";
port = "http,https";
logpath = "/var/log/nginx/access.log";
maxretry = 2;
};
nginx-botsearch.settings = {
enabled = true;
filter = "nginx-botsearch";
port = "http,https";
logpath = "/var/log/nginx/access.log";
};
nginx-deny.settings = {
enabled = true;
filter = "nginx-deny";
port = "http,https";
logpath = "/var/log/nginx/access.log";
};
nginx-unauthorized.settings = {
enabled = true;
filter = "nginx-unauthorized";
port = "http,https";
logpath = "/var/log/nginx/access.log";
};
};
};
environment.etc = {
# Define an action that will trigger a Ntfy push notification upon the issue of every new ban
# "fail2ban/action.d/ntfy.local".text = pkgs.lib.mkDefault (pkgs.lib.mkAfter ''
# [Definition]
# norestored = true # Needed to avoid receiving a new notification after every restart
# actionban = curl -H "Title: <ip> has been banned" -d "<name> jail has banned <ip> from accessing $(hostname) after <failures> attempts of hacking the system." https://ntfy.sh/Fail2banNotifications
# '');
# Defines a filter that detects URL probing by reading the Nginx access log
"fail2ban/filter.d/nginx-url-probe.local".text = pkgs.lib.mkDefault (pkgs.lib.mkAfter ''
[Definition]
failregex = ^<HOST>.*(GET /(wp-|admin|boaform|phpmyadmin|\.env|\.git)|\.(dll|so|cfm|asp)|(\?|&)(=PHPB8B5F2A0-3C92-11d3-A3A9-4C7B08C10000|=PHPE9568F36-D428-11d2-A769-00AA001ACF42|=PHPE9568F35-D428-11d2-A769-00AA001ACF42|=PHPE9568F34-D428-11d2-A769-00AA001ACF42)|\\x[0-9a-zA-Z]{2})
'');
};
}

5
share/amd/default.nix
View File

@@ -63,6 +63,9 @@ in
};
# Configure environment
environment.systemPackages = mkIf cfg.lact.enable [ pkgs.lact ];
environment = {
systemPackages = mkIf cfg.lact.enable [ pkgs.lact ];
sessionVariables = lib.mkDefault { STEAM_FORCE_DESKTOPUI_SCALING = "1"; };
};
};
}

2
share/impermanence/default.nix
View File

@@ -1,4 +1,4 @@
{ ... }@args:
{ ... }:
{
# Set up impernance configuration for things like bluetooth
# In this configuration with /etc and /var/log being persistent, only directories outside of that need to be done here. See hardware configuration for all mountpoints.

19
share/known-hosts.nix
View File

@@ -1,19 +0,0 @@
{
...
}:
{
programs.ssh.knownHosts = {
jallen-mac = {
hostNames = [ "mattjallen@MacBook-Pro.local" ];
publicKey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCw9zq8DLGByI5v2gAn95hKNyOsm3g61a2buxu2BBMFysQJgmZPCCLUqRJKhSM5Vm/JOgsAmdpRBRZQoHD+6S844CJHb4v4VIbjkyQgYCuM7Rst2IOZ5QybvsA2/D0nwytZ+HXQqDj2AagUYDbz0gyyIHkDQ5YGBMkvkWz/h1Vci6aoBM7VihEDM4KlWoTVuPeASGM8r5IZ2FS83Djbqo4ov6AYvLMrKB9Z7hmFgH6R3LE0gxOkzbGVXtSuvJyrjvgytoT22UhATjjxSQ9D+YJXXkQoB3lUdg8OoIquUPjMZpl4mR8ffvseWPfcvD1XlD5t+TOHFqKpESO547tlOBYhdpew+NSgAXpamCU6oyV8tDCywLQu2ucxHRn78u6WXzWHkDtffdhzmk6TZaPhWqVHuTGjR4higBgGqUfSaKOMszt+FDRZAr3HtuQ2+zJ8bowK9fW5OqilTtK2HtQqroD9ApegDNbqOz6kGy5IycSXvqPURy/M4lxZxbtBPuemcJs=";
};
jallen-pc-windows = {
hostNames = [ "mattl@Jallen-PC" ];
publicKey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDZ2PYPjZddOzR8OJj16G88KcUhCDLkvrEmpUQP0wKHDUuA27HQQ2ORo66asadwGHY3k1VDZ1ei9l9H++SIIeKOaaUr5yZdktvj4POUNtbd9ZhcS7sZU7BSF+NMDM+h3tImh6z0S7mWvRQOUv3ZM+ZER+5xTWJVG1OOJEpb1drxJk6Qz0wbZKSR7TPNFBLLXlVy7hkNYf07RtDyhCCxNB3hJfa8c+oztnWumwDhDQWLqiUXWIU2QH6iRLGl/WYnujtNvVVaV/Hn3JJkS6MM9dnV3cpoIO0+J7+WfsN9rZ0wXt5yY3GhiGXwmcO5eYVli8lHlLWtK7aYSETyry6CBsLbojzOQO5rSqhpwfF2njAAFAQU0UjLc8PahisIuFKCwHH4iyXXOagiv5K1Mc/0Ak+WhhMPee6vV2p7NTyNpXRvouDbWy5cSRH31WgQ9fK5mIGe5v8nGGqtEhUubUkiOgP+H3UbT2V/nTv/TFKdJcKw+WmizvTrxBmaMjWALlkYl+s=";
};
jallen-pc-nixos = {
hostNames = [ "matt@matt-nixos" ];
publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPTBMydhOc6SnOdB5WrEd7X07DrboAtagCUgXiOJjLov";
};
};
}

1
share/nvidia/default.nix
View File

@@ -1,6 +1,5 @@
{
lib,
pkgs,
config,
...
}: