diff --git a/flake.lock b/flake.lock index daac08e..53dbd5d 100644 --- a/flake.lock +++ b/flake.lock @@ -70,11 +70,11 @@ "nixpkgs-stable": "nixpkgs-stable" }, "locked": { - "lastModified": 1744423916, - "narHash": "sha256-udD/WucHNNKwkYLrlorAaf/kHIBHjgqnMyf8vf8i6Ug=", + "lastModified": 1744449247, + "narHash": "sha256-F3iPj8nXoIkLRuBWN6TqqvO6TaHHyUUkT1ZNGYQU0jQ=", "owner": "nix-community", "repo": "emacs-overlay", - "rev": "97d803e417dbf766b2ada1b7f971d6b45961d0a3", + "rev": "ff148db04653261fa37c10816b293e43efac3cfb", "type": "github" }, "original": { @@ -519,11 +519,11 @@ "systems": "systems_2" }, "locked": { - "lastModified": 1744270614, - "narHash": "sha256-pW+kMJWqqxyJjOmmdMRWmGg1E6P6dHc+4F3u4yfMfS4=", + "lastModified": 1744458473, + "narHash": "sha256-Z+MiLf2OdJ7DUf4Hx11KtlJFa5ZvMsi3Ymfs6gxPVtQ=", "owner": "hyprwm", "repo": "hyprlock", - "rev": "71d35aa75f32ba2006e1116bc1fc53a59093bfc3", + "rev": "d9532962274602c2134e0a3240673a4add39ced6", "type": "github" }, "original": { @@ -1562,11 +1562,11 @@ "rust-overlay": "rust-overlay_3" }, "locked": { - "lastModified": 1744348981, - "narHash": "sha256-R/mQ2xG32eqmOpQlghK/rJkkngdN44SL+CoHfDPVIPY=", + "lastModified": 1744451963, + "narHash": "sha256-WCl0rIeud8mC8SLiO1yrxNcZXTI7S40c70nmpD9ca20=", "owner": "sxyazi", "repo": "yazi", - "rev": "bef481057a736f6fdf9c99e0b9043220c9475d68", + "rev": "af92b92da81addab089e0f490f79f09a6f63857f", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index 549e1b3..5074c28 100644 --- a/flake.nix +++ b/flake.nix @@ -196,6 +196,20 @@ } ]; }; + + services-nixos = nixpkgs.lib.nixosSystem { + system = sys; + modules = [ + inputs.sops-nix.nixosModules.sops + ./hosts/emenel-services/configuration.nix + + { + home-manager = baseHomeModules // { + users.emenel = import ./homes/emenel-services/default.nix; + }; + } + ]; + }; }; }; } diff --git a/homes/emenel-services/default.nix b/homes/emenel-services/default.nix new file mode 100644 index 0000000..a6139e2 --- /dev/null +++ b/homes/emenel-services/default.nix @@ -0,0 +1,52 @@ +{ nix-config, config, pkgs, ... }: +{ + + imports = with nix-config.homeModules; [ + shell-conf # shell, shell utils, cli tools, libs, tui's + git-conf + ]; + + home = { + packages = with pkgs; [ + btop + ]; + + username = "emenel"; + homeDirectory = "/home/emenel"; + + sessionVariables = { + NH_FLAKE = "\${HOME}/nixos-config"; + }; + + sessionPath = [ + "/home/emenel/.local/bin" + "/home/emenel/.local/share" + "/home/emenel/.nix-profile/lib" + "/etc/profiles/per-user/emenel/bin/" + "/home/emenel/.local/state/nix/profiles/home-manager/home-path/bin/" + ]; + + stateVersion = "25.05"; + }; + + sops = { + age.keyFile = "/home/media/.config/sops/age/keys.txt"; # must have no password! + defaultSopsFile = ../emenel/secrets.yaml; + }; + + programs = { + home-manager.enable = true; + password-store.enable = true; + }; + + systemd.user = { + enable = true; + startServices = "sd-switch"; # auto reload services when home is rebuilt + }; + + #custom script executables + home.file.".local/bin" = { + source = ../emenel/dotfiles/dot_local/bin; + recursive = true; + }; +} diff --git a/hosts/emenel-services/configuration.nix b/hosts/emenel-services/configuration.nix new file mode 100644 index 0000000..54f1286 --- /dev/null +++ b/hosts/emenel-services/configuration.nix @@ -0,0 +1,49 @@ +{ config, lib, pkgs, ... }:{ + + imports = [ + ./hardware-configuration.nix + ./networking.nix # generated at runtime by nixos-infect + + ]; + + boot.tmp.cleanOnBoot = true; + zramSwap.enable = true; + networking.hostName = "services-nixos"; + networking.domain = ""; + services.openssh.enable = true; + users.users.root.openssh.authorizedKeys.keys = [''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGbzcaEyzlGJkDL8EMcVmrAWRlyYtilTjpIR2VGxkMHo'' ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFvtBCUQEi7r6mXdaULEaMMvGH1IWZBX9tXpjbIECar2'' ]; + + users.users.emenel = { + openssh.authorizedKeys.keys = [''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGbzcaEyzlGJkDL8EMcVmrAWRlyYtilTjpIR2VGxkMHo'' ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFvtBCUQEi7r6mXdaULEaMMvGH1IWZBX9tXpjbIECar2'' ]; + + isNormalUser = true; + description = "emenel"; + extraGroups = [ + "networkmanager" + "network" + "wheel" + "uinput" + "uucp" + "dialout" + "input" + "audio" + "video" + "libvirtd" + "nvidia" + "cups" + "openrazer" + "plugdev" + "i2c-dev" + "scanner" + "lp" + ]; + packages = with pkgs; [ + git + ]; + }; + + + + system.stateVersion = "23.11"; + +} diff --git a/hosts/emenel-services/hardware-configuration.nix b/hosts/emenel-services/hardware-configuration.nix new file mode 100644 index 0000000..b1aacee --- /dev/null +++ b/hosts/emenel-services/hardware-configuration.nix @@ -0,0 +1,9 @@ +{ modulesPath, ... }: +{ + imports = [ (modulesPath + "/profiles/qemu-guest.nix") ]; + boot.loader.grub.device = "/dev/sda"; + boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "xen_blkfront" "vmw_pvscsi" ]; + boot.initrd.kernelModules = [ "nvme" ]; + fileSystems."/" = { device = "/dev/sda1"; fsType = "ext4"; }; + +} diff --git a/hosts/emenel-services/networking.nix b/hosts/emenel-services/networking.nix new file mode 100644 index 0000000..12844f8 --- /dev/null +++ b/hosts/emenel-services/networking.nix @@ -0,0 +1,33 @@ +{ lib, ... }: { + # This file was populated at runtime with the networking + # details gathered from the active system. + networking = { + hostName = "services-nixos"; + nameservers = [ "8.8.8.8" ]; + defaultGateway = "172.31.1.1"; + defaultGateway6 = { + address = "fe80::1"; + interface = "eth0"; + }; + dhcpcd.enable = false; + usePredictableInterfaceNames = lib.mkForce false; + interfaces = { + eth0 = { + ipv4.addresses = [ + { address="157.180.47.84"; prefixLength=32; } + ]; + ipv6.addresses = [ + { address="2a01:4f9:c012:93f::1"; prefixLength=64; } +{ address="fe80::9400:4ff:fe37:15e3"; prefixLength=64; } + ]; + ipv4.routes = [ { address = "172.31.1.1"; prefixLength = 32; } ]; + ipv6.routes = [ { address = "fe80::1"; prefixLength = 128; } ]; + }; + + }; + }; + services.udev.extraRules = '' + ATTR{address}=="96:00:04:37:15:e3", NAME="eth0" + + ''; +}