WIP

2024-07-23 20:46:41 -07:00
12 changed files with 80 additions and 1851 deletions
--- a/flake.lock
+++ b/flake.lock
--- a/flake.nix
+++ b/flake.nix
@@ -3,37 +3,28 @@

  inputs = {
    nixpkgs.url = "github:nixos/nixpkgs/nixos-24.05";
-    shelvacu.url = "git+https://git.uninsane.org/shelvacu/nix-stuff";
  };

  outputs = { self, nixpkgs, ... }@inputs:
-    let
-      secrets = builtins.fromJSON (builtins.readFile ./secrets.json);
-    in
-    {
-      nixosModules = {
-        common = import ./modules/common.nix;
-        prompt = import ./modules/prompt.nix;
-        server = import ./modules/server.nix;
-        zerotier = import ./modules/zerotier.nix;
-      };
+  let
+    secrets = builtins.fromJSON (builtins.readFile ./secrets.json);
+  in {
+    nixosModules = {
+      common = import ./modules/common.nix;
+      server = import ./modules/server.nix;
+    };

-      nixosConfigurations = {
-        marauder = nixpkgs.lib.nixosSystem {
-          system = "x86_64-linux";
-          modules = [ ./hosts/marauder ];
-          specialArgs = { inherit self inputs secrets; };
-        };
-        monolith = nixpkgs.lib.nixosSystem {
-          system = "x86_64-linux";
-          modules = [ ./hosts/monolith ];
-          specialArgs = { inherit self inputs secrets; };
-        };
-        quasar = nixpkgs.lib.nixosSystem {
-          system = "x86_64-linux";
-          modules = [ ./hosts/quasar ];
-          specialArgs = { inherit self inputs secrets; };
-        };
+    nixosConfigurations = {
+      marauder = nixpkgs.lib.nixosSystem {
+        system = "x86_64-linux";
+        modules = [ ./hosts/marauder ];
+        specialArgs = { inherit self inputs secrets; };
+      };
+      monolith = nixpkgs.lib.nixosSystem {
+        system = "x86_64-linux";
+        modules = [ ./hosts/monolith ];
+        specialArgs = { inherit self inputs secrets; };
      };
    };
+  };
 }
--- a/hosts/marauder/backup.nix
+++ b/hosts/marauder/backup.nix
@@ -20,7 +20,7 @@
      script = "notify-send -u critical \"Backup to B2 failed\" \"$(journalctl -u restic-backups-b2 -n 5 -o cat)\"";
    };
    restic-backups-b2 = {
-      onFailure = [ "notify-backup-b2-failed.service" ];
+      onFailure = ["notify-backup-b2-failed.service"];
    };
  };

@@ -39,9 +39,14 @@
      repository = "b2:marauder-backup";
      passwordFile = "/etc/restic-password";
      paths = [
+        "${config.users.users.nettika.home}/Desktop"
        "${config.users.users.nettika.home}/Documents"
-        "${config.users.users.nettika.home}/Artwork"
+        "${config.users.users.nettika.home}/Music"
+        "${config.users.users.nettika.home}/Pictures"
        "${config.users.users.nettika.home}/Projects"
+        "${config.users.users.nettika.home}/Public"
+        "${config.users.users.nettika.home}/Templates"
+        "${config.users.users.nettika.home}/Videos"
      ];
      pruneOpts = [
        "--keep-daily 7"
--- a/hosts/marauder/default.nix
+++ b/hosts/marauder/default.nix
@@ -1,12 +1,8 @@
-{ self, pkgs, inputs, ... }:
+{ self, pkgs, inputs, secrets, ... }:
 {
  imports = [
    self.nixosModules.common
-    self.nixosModules.prompt
-    self.nixosModules.zerotier
    ./backup.nix
-    ./dev.nix
-    ./printing.nix
  ];

  networking.hostName = "marauder";
@@ -38,7 +34,7 @@
        "sd_mod"
      ];
    };
-    kernelModules = [ "kvm-amd" ];
+    kernelModules = ["kvm-amd"];
    kernelParams = [ "amd_pstate=active" ];
  };

@@ -48,7 +44,7 @@
    opengl = {
      enable = true;
      driSupport32Bit = true;
-      extraPackages = [ pkgs.vaapiVdpau ];
+      extraPackages = [pkgs.vaapiVdpau];
    };
    nvidia.prime = {
      offload = {
@@ -60,35 +56,41 @@
    };
  };

-  environment = {
-    systemPackages = [
-      inputs.shelvacu.packages.x86_64-linux.sm64coopdx
-    ] ++ (with pkgs; [
-      # Chat clients
-      discord
-      slack
-      element-desktop
-      telegram-desktop
+  environment.systemPackages = with pkgs; [
+    # Chat clients
+    discord
+    element-desktop
+    telegram-desktop

-      # Browsers
-      firefox
-      filezilla
+    # Browsers
+    firefox

-      # Art and 3D
-      inkscape
-      gimp
-      krita
-      openscad-unstable
-      bambu-studio
+    # Coding
+    vscode

-      # Multimedia
-      vlc
-      ffmpeg
-      (callPackage ./ffcheck.nix { })
+    # Art and 3D
+    inkscape
+    openscad-unstable
+    bambu-studio

-      # Productivity
-      obsidian
-    ]);
+    # Multimedia
+    vlc
+
+    # Productivity
+    obsidian
+  ];
+
+  programs.bash = {
+    promptInit = ''
+      PS1="\[\e]0;\u@\h: \w\a\]" # window title
+      PS1+="\n"
+      PS1+="\$(printf \"%*s\" \$((\$COLUMNS + 9)) \"\[\e[1;33m\]\$(git branch --show-current 2>/dev/null)\")" # git branch
+      PS1+="\[\e[1G\]" # move cursor to beginning of line
+      PS1+="💜" # prompt symbol
+      PS1+="\[\033[1;$((UID ? 32 : 31))m\]" # prompt color
+      PS1+="[\u@\h:\w]\\$"
+      PS1+="\[\033[0m\] " # reset color
+    '';
  };

  programs.steam = {
@@ -97,10 +99,10 @@
    dedicatedServer.openFirewall = true;
  };

-  services.xserver = {
+  services.xserver = {  
    enable = true;
-    videoDrivers = [ "nvidia" ];
-    desktopManager = {
+    videoDrivers = ["nvidia"];   
+    desktopManager = {  
      cinnamon.enable = true;
      xterm.enable = false;
    };
@@ -118,14 +120,8 @@
    enable = true;
  };

-  services.mullvad-vpn = {
-    enable = true;
-    package = pkgs.mullvad-vpn; # Include GUI
-  };
-
-  promptEmoji = "💜";
-
  time.timeZone = "America/Los_Angeles";

  system.stateVersion = "24.05";
 }
+
--- a/hosts/marauder/dev.nix
+++ b/hosts/marauder/dev.nix
@@ -1,20 +0,0 @@
-{ pkgs, ... }:
-{
-  environment.variables = {
-    VISUAL = "code --wait";
-  };
-
-  environment.systemPackages = with pkgs; [
-    vscode
-    kotlin
-    rustup
-    pyenv
-    gcc
-    nixd
-    nixpkgs-fmt
-  ];
-
-  programs.direnv = {
-    enable = true;
-  };
-}
--- a/hosts/marauder/ffcheck.nix
+++ b/hosts/marauder/ffcheck.nix
@@ -1,3 +0,0 @@
-{ writeShellScriptBin, ffmpeg }: writeShellScriptBin "ffcheck" ''
-  ${ffmpeg}/bin/ffmpeg -v error -stats -hide_banner -i "$1" -c copy -f null -
-''
--- a/hosts/marauder/printing.nix
+++ b/hosts/marauder/printing.nix
@@ -1,12 +0,0 @@
-{ ... }:
-{
-  services.printing = {
-    enable = true;
-  };
-
-  services.avahi = {
-    enable = true;
-    nssmdns4 = true;
-    openFirewall = true;
-  };
-}
--- a/hosts/monolith/default.nix
+++ b/hosts/monolith/default.nix
@@ -1,16 +1,15 @@
-{ self, ... }:
+{ self, pkgs, secrets, ... }:
 {
  imports = [
    self.nixosModules.common
-    self.nixosModules.prompt
    self.nixosModules.server
-    self.nixosModules.zerotier
    ./dns.nix
  ];

  networking = {
    hostName = "monolith";
    hostId = "44551c32";
+    firewall.allowedTCPPorts = [ 80 ];
  };

  fileSystems = {
@@ -39,7 +38,11 @@
    supportedFilesystems = [ "zfs" ];
  };

-  promptEmoji = "🏰";
+  services.static-web-server = {
+    enable = true;
+    listen = "[::]:80";
+    root = "/srv/www";
+  };

  time.timeZone = "America/Los_Angeles";

--- a/hosts/quasar/default.nix
+++ b/hosts/quasar/default.nix
@@ -1,47 +0,0 @@
-{ self, config, modulesPath, ... }:
-{
-  imports = [
-    "${modulesPath}/virtualisation/amazon-image.nix"
-    self.nixosModules.common
-    self.nixosModules.prompt
-    self.nixosModules.server
-  ];
-
-  networking = {
-    hostName = "quasar";
-    domain = "consortium.chat";
-    firewall.allowedTCPPorts = [ 80 443 ];
-  };
-
-  services.postgresql = {
-    enable = true;
-  };
-
-  services.caddy = {
-    enable = true;
-    virtualHosts = {
-      "${config.networking.domain}".extraConfig = ''
-        reverse_proxy localhost:8008
-        header Strict-Transport-Security "max-age=63072000; includeSubDomains;"
-      '';
-      "matrix.${config.networking.domain}".extraConfig = ''
-        reverse_proxy /_matrix/* localhost:8008
-        reverse_proxy /_synapse/client/* localhost:8008
-      '';
-    };
-  };
-
-  services.matrix-synapse = {
-    enable = true;
-    settings = {
-      server_name = config.networking.domain;
-      serve_server_wellknown = true;
-    };
-  };
-
-  promptEmoji = "🌟";
-
-  time.timeZone = "America/Los_Angeles";
-
-  system.stateVersion = "24.05";
-}
--- a/modules/common.nix
+++ b/modules/common.nix
@@ -1,11 +1,9 @@
-{ pkgs, ... }:
+{ pkgs, secrets, ... }:
 {
  nixpkgs.config.allowUnfree = true;

  nix.settings = {
    experimental-features = [ "nix-command" "flakes" ];
-    substituters = [ "https://nixcache.shelvacu.com" ];
-    trusted-public-keys = [ "nixcache.shelvacu.com:73u5ZGBpPRoVZfgNJQKYYBt9K9Io/jPwgUfuOLsJbsM=" ];
    trusted-users = [ "@wheel" ];
  };

@@ -16,10 +14,6 @@

  security.sudo.wheelNeedsPassword = false;

-  environment.variables = {
-    EDITOR = "nano";
-  };
-
  programs.git = {
    enable = true;
    lfs.enable = true;
@@ -41,6 +35,11 @@
    '';
  };

+  services.zerotierone = {
+    enable = true;
+    joinNetworks = secrets.zerotier.networks;
+  };
+
  environment.systemPackages = with pkgs; [
    git-crypt
    jq
--- a/modules/prompt.nix
+++ b/modules/prompt.nix
@@ -1,10 +0,0 @@
-{ lib, config, ... }:
-{
-  options.promptEmoji = lib.mkOption {
-    type = lib.types.str;
-  };
-
-  config.programs.bash.promptInit = ''
-    PS1="\[\e]0;\u@\h: \w\a\]\n${config.promptEmoji} \[\033[1;$((UID ? 32 : 31))m\]\w \\$\[\033[0m\] "
-  '';
-}
--- a/modules/zerotier.nix
+++ b/modules/zerotier.nix
@@ -1,7 +0,0 @@
-{ secrets, ... }:
-{
-  services.zerotierone = {
-    enable = true;
-    joinNetworks = secrets.zerotier.networks;
-  };
-}