Reorganize hosts and modules
This commit is contained in:
58
hosts/marauder/backup.nix
Executable file
58
hosts/marauder/backup.nix
Executable file
@@ -0,0 +1,58 @@
|
||||
{ pkgs, config, secrets, ... }:
|
||||
{
|
||||
environment.systemPackages = with pkgs; [
|
||||
restic
|
||||
libnotify
|
||||
backblaze-b2
|
||||
];
|
||||
|
||||
systemd.services = {
|
||||
notify-backup-b2-failed = {
|
||||
description = "Notify on failed backup to B2";
|
||||
serviceConfig = {
|
||||
Type = "oneshot";
|
||||
User = "nettika";
|
||||
};
|
||||
environment = {
|
||||
DBUS_SESSION_BUS_ADDRESS = "unix:path=/run/user/1000/bus";
|
||||
};
|
||||
path = [ pkgs.libnotify ];
|
||||
script = "notify-send -u critical \"Backup to B2 failed\" \"$(journalctl -u restic-backups-b2 -n 5 -o cat)\"";
|
||||
};
|
||||
restic-backups-b2 = {
|
||||
onFailure = ["notify-backup-b2-failed.service"];
|
||||
};
|
||||
};
|
||||
|
||||
environment.etc = {
|
||||
"restic-env".text = ''
|
||||
export B2_ACCOUNT_ID="${secrets.b2.accountId}"
|
||||
export B2_ACCOUNT_KEY="${secrets.b2.accountKey}"
|
||||
'';
|
||||
"restic-password".text = secrets.restic.password;
|
||||
};
|
||||
|
||||
services.restic.backups = {
|
||||
b2 = {
|
||||
initialize = true;
|
||||
environmentFile = "/etc/restic-env";
|
||||
repository = "b2:marauder-backup";
|
||||
passwordFile = "/etc/restic-password";
|
||||
paths = [
|
||||
"${config.users.users.nettika.home}/Desktop"
|
||||
"${config.users.users.nettika.home}/Documents"
|
||||
"${config.users.users.nettika.home}/Music"
|
||||
"${config.users.users.nettika.home}/Pictures"
|
||||
"${config.users.users.nettika.home}/Projects"
|
||||
"${config.users.users.nettika.home}/Public"
|
||||
"${config.users.users.nettika.home}/Templates"
|
||||
"${config.users.users.nettika.home}/Videos"
|
||||
];
|
||||
pruneOpts = [
|
||||
"--keep-daily 7"
|
||||
"--keep-weekly 5"
|
||||
"--keep-monthly 12"
|
||||
];
|
||||
};
|
||||
};
|
||||
}
|
139
hosts/marauder/default.nix
Executable file
139
hosts/marauder/default.nix
Executable file
@@ -0,0 +1,139 @@
|
||||
{ self, pkgs, inputs, secrets, ... }:
|
||||
{
|
||||
imports = [
|
||||
self.nixosModules.common
|
||||
./backup.nix
|
||||
];
|
||||
|
||||
networking.hostName = "marauder";
|
||||
|
||||
fileSystems = {
|
||||
"/" = {
|
||||
device = "/dev/disk/by-uuid/648c6539-892c-40d7-8b07-23fe760df02a";
|
||||
fsType = "ext4";
|
||||
};
|
||||
"/boot" = {
|
||||
device = "/dev/disk/by-uuid/1D62-C30E";
|
||||
fsType = "vfat";
|
||||
options = [ "fmask=0022" "dmask=0022" ];
|
||||
};
|
||||
};
|
||||
|
||||
boot = {
|
||||
loader = {
|
||||
systemd-boot.enable = true;
|
||||
efi.canTouchEfiVariables = true;
|
||||
};
|
||||
initrd = {
|
||||
systemd.enable = true;
|
||||
availableKernelModules = [
|
||||
"nvme"
|
||||
"xhci_pci"
|
||||
"usbhid"
|
||||
"usb_storage"
|
||||
"sd_mod"
|
||||
];
|
||||
};
|
||||
kernelModules = ["kvm-amd"];
|
||||
kernelParams = [ "amd_pstate=active" ];
|
||||
};
|
||||
|
||||
hardware = {
|
||||
enableRedistributableFirmware = true;
|
||||
cpu.amd.updateMicrocode = true;
|
||||
opengl = {
|
||||
enable = true;
|
||||
driSupport32Bit = true;
|
||||
extraPackages = [pkgs.vaapiVdpau];
|
||||
};
|
||||
nvidia.prime = {
|
||||
offload = {
|
||||
enable = true;
|
||||
enableOffloadCmd = true;
|
||||
};
|
||||
amdgpuBusId = "PCI:05:00:0";
|
||||
nvidiaBusId = "PCI:01:00:0";
|
||||
};
|
||||
};
|
||||
|
||||
users.users = {
|
||||
nettika = {
|
||||
isNormalUser = true;
|
||||
extraGroups = [ "wheel" "networkmanager" ];
|
||||
};
|
||||
};
|
||||
|
||||
environment.systemPackages = with pkgs; [
|
||||
# Chat clients
|
||||
discord
|
||||
element-desktop
|
||||
telegram-desktop
|
||||
|
||||
# Browsers
|
||||
firefox
|
||||
|
||||
# Coding
|
||||
vscode
|
||||
|
||||
# Art and 3D
|
||||
inkscape
|
||||
openscad-unstable
|
||||
bambu-studio
|
||||
|
||||
# Multimedia
|
||||
vlc
|
||||
|
||||
# Productivity
|
||||
obsidian
|
||||
];
|
||||
|
||||
programs.bash = {
|
||||
promptInit = ''
|
||||
PS1="\[\e]0;\u@\h: \w\a\]" # window title
|
||||
PS1+="\n"
|
||||
PS1+="\$(printf \"%*s\" \$((\$COLUMNS + 9)) \"\[\e[1;33m\]\$(git branch --show-current 2>/dev/null)\")" # git branch
|
||||
PS1+="\[\e[1G\]" # move cursor to beginning of line
|
||||
PS1+="💜" # prompt symbol
|
||||
PS1+="\[\033[1;$((UID ? 32 : 31))m\]" # prompt color
|
||||
PS1+="[\u@\h:\w]\\$"
|
||||
PS1+="\[\033[0m\] " # reset color
|
||||
'';
|
||||
};
|
||||
|
||||
programs.steam = {
|
||||
enable = true;
|
||||
remotePlay.openFirewall = true;
|
||||
dedicatedServer.openFirewall = true;
|
||||
};
|
||||
|
||||
services.xserver = {
|
||||
enable = true;
|
||||
videoDrivers = ["nvidia"];
|
||||
desktopManager = {
|
||||
cinnamon.enable = true;
|
||||
xterm.enable = false;
|
||||
};
|
||||
};
|
||||
|
||||
services.displayManager = {
|
||||
defaultSession = "cinnamon";
|
||||
};
|
||||
|
||||
services.tlp = {
|
||||
enable = true;
|
||||
};
|
||||
|
||||
services.fstrim = {
|
||||
enable = true;
|
||||
};
|
||||
|
||||
services.zerotierone = {
|
||||
enable = true;
|
||||
joinNetworks = secrets.zerotier.networks;
|
||||
};
|
||||
|
||||
time.timeZone = "America/Los_Angeles";
|
||||
|
||||
system.stateVersion = "24.05";
|
||||
}
|
||||
|
62
hosts/monolith/default.nix
Executable file
62
hosts/monolith/default.nix
Executable file
@@ -0,0 +1,62 @@
|
||||
{ self, pkgs, secrets, ... }: {
|
||||
imports = [ self.nixosModules.common ];
|
||||
|
||||
networking = {
|
||||
hostName = "monolith";
|
||||
hostId = "44551c32";
|
||||
networkmanager.enable = true;
|
||||
};
|
||||
|
||||
fileSystems = {
|
||||
"/" = {
|
||||
device = "/dev/disk/by-uuid/0c335248-f2b4-4a33-86f0-e96cfac82866";
|
||||
fsType = "ext4";
|
||||
};
|
||||
"/boot" = {
|
||||
device = "/dev/disk/by-uuid/D945-7F54";
|
||||
fsType = "vfat";
|
||||
options = [ "fmask=0022" "dmask=0022" ];
|
||||
};
|
||||
"/library" = {
|
||||
device = "library";
|
||||
fsType = "zfs";
|
||||
};
|
||||
};
|
||||
|
||||
boot = {
|
||||
loader = {
|
||||
systemd-boot.enable = true;
|
||||
efi.canTouchEfiVariables = true;
|
||||
};
|
||||
initrd.availableKernelModules = [ "xhci_pci" "ahci" "usbhid" "usb_storage" "sd_mod" ];
|
||||
kernelModules = [ "kvm-amd" ];
|
||||
supportedFilesystems = [ "zfs" ];
|
||||
};
|
||||
|
||||
users.users = {
|
||||
nettika = {
|
||||
isNormalUser = true;
|
||||
extraGroups = [ "wheel" "networkmanager" ];
|
||||
openssh.authorizedKeys.keys = [
|
||||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHopty1QG8P+OfGxQ9CV0BI1IRB/q6yITzMZaZ6Zspid nettika@marauder"
|
||||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIM8s5w9uAFMguVbbAamI7pKysgeLTwULXAVn5F0UDVl2 nettika@pixeltablet"
|
||||
];
|
||||
};
|
||||
};
|
||||
|
||||
services.openssh = {
|
||||
enable = true;
|
||||
settings.PasswordAuthentication = false;
|
||||
};
|
||||
|
||||
services.zerotierone = {
|
||||
enable = true;
|
||||
joinNetworks = secrets.zerotier.networks;
|
||||
};
|
||||
|
||||
security.sudo.wheelNeedsPassword = false;
|
||||
|
||||
time.timeZone = "America/Los_Angeles";
|
||||
|
||||
system.stateVersion = "24.05";
|
||||
}
|
Reference in New Issue
Block a user