diff --git a/TODO.md b/TODO.md index 023c781..52635fc 100644 --- a/TODO.md +++ b/TODO.md @@ -1,9 +1,10 @@ - [ ] Update the README.md - [ ] switch ssh keys to ECC (fuck RSA) -- [ ] forgejo not post-quantum (fix that) -- [X] migrate forge.dobutterfliescry.net -> tearforge.net -- [X] rename forgejo user to git +- [ ] migrate forge.dobutterfliescry.net -> tearforge.net +- [ ] rename forgejo user to git - [ ] setup my own VPN -- [ ] connect matcha to my VPN +- [ ] connect match to my VPN - [ ] use matcha to build stuff instead of using my laptop + +- [ ] make `ceru` do local and remote deployments diff --git a/colors.rasi b/colors.rasi deleted file mode 100644 index a36f6aa..0000000 --- a/colors.rasi +++ /dev/null @@ -1,20 +0,0 @@ -* { - background: rgba(51,37,65,0.9); - foreground: rgba(198,186,227,0.9); - color00: rgba(78,66,70,0.9); - color01: rgba(111,91,159,0.9); - color02: rgba(120,98,164,0.9); - color03: rgba(131,128,181,0.9); - color04: rgba(154,127,183,0.9); - color05: rgba(157,129,185,0.9); - color06: rgba(123,153,183,0.9); - color07: rgba(165,148,207,0.9); - color08: rgba(115,103,145,0.9); - color09: rgba(129,102,193,0.9); - color10: rgba(140,112,199,0.9); - color11: rgba(145,141,218,0.9); - color12: rgba(170,126,217,0.9); - color13: rgba(174,130,220,0.9); - color14: rgba(135,181,228,0.9); - color15: rgba(165,148,207,0.9); -} diff --git a/flake.lock b/flake.lock index c2f4558..26fea2d 100644 --- a/flake.lock +++ b/flake.lock @@ -3,6 +3,7 @@ "cerulean": { "inputs": { "deploy-rs": "deploy-rs", + "home-manager": "home-manager", "microvm": "microvm", "nixpkgs": [ "nixpkgs" @@ -15,14 +16,17 @@ ] }, "locked": { - "lastModified": 1771650297, - "narHash": "sha256-7A952ZrngNdgSJWPLvKdVyGCXn1WtuBUMG4JoRTSCso=", - "path": "/home/me/cry/mk/cerulean", - "type": "path" + "lastModified": 1771194110, + "narHash": "sha256-x6rijGWmPL5FTpkr+8vpcKKCOT33QHEV8bP6ibEAXFE=", + "owner": "cry128", + "repo": "Cerulean", + "rev": "d527937829dec0f410f126a2f85e374cb99a2fbb", + "type": "github" }, "original": { - "path": "/home/me/cry/mk/cerulean", - "type": "path" + "owner": "cry128", + "repo": "Cerulean", + "type": "github" } }, "deploy-rs": { @@ -61,17 +65,17 @@ ] }, "locked": { - "lastModified": 1771281537, - "narHash": "sha256-mSFKM4DEvg1mMk3WaE4VQHOEg4UUxfqqfYUnIxeQeQE=", + "lastModified": 1770947070, + "narHash": "sha256-g/l/iUET/M+nSrXlwYF2e0KeKqgGpjy3qhwQY4tG62A=", "ref": "refs/heads/main", - "rev": "3678fe95787bb660c4e9ff9933c5d03693a07a76", - "revCount": 122, + "rev": "4fc28bfb4f95071d34184c7ba3153eaff87eba41", + "revCount": 121, "type": "git", - "url": "https://tearforge.net/cry/site" + "url": "https://forge.dobutterfliescry.net/cry/site" }, "original": { "type": "git", - "url": "https://tearforge.net/cry/site" + "url": "https://forge.dobutterfliescry.net/cry/site" } }, "flake-compat": { @@ -165,6 +169,28 @@ } }, "home-manager": { + "inputs": { + "nixpkgs": [ + "cerulean", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1770260404, + "narHash": "sha256-3iVX1+7YUIt23hBx1WZsUllhbmP2EnXrV8tCRbLxHc8=", + "owner": "nix-community", + "repo": "home-manager", + "rev": "0d782ee42c86b196acff08acfbf41bb7d13eed5b", + "type": "github" + }, + "original": { + "owner": "nix-community", + "ref": "release-25.11", + "repo": "home-manager", + "type": "github" + } + }, + "home-manager_2": { "inputs": { "nixpkgs": [ "nixpkgs" @@ -194,11 +220,11 @@ "spectrum": "spectrum" }, "locked": { - "lastModified": 1771365290, - "narHash": "sha256-1XJOslVyF7yzf6yd/yl1VjGLywsbtwmQh3X1LuJcLI4=", + "lastModified": 1770310890, + "narHash": "sha256-lyWAs4XKg3kLYaf4gm5qc5WJrDkYy3/qeV5G733fJww=", "owner": "microvm-nix", "repo": "microvm.nix", - "rev": "789c90b164b55b4379e7a94af8b9c01489024c18", + "rev": "68c9f9c6ca91841f04f726a298c385411b7bfcd5", "type": "github" }, "original": { @@ -278,11 +304,11 @@ ] }, "locked": { - "lastModified": 1771375681, - "narHash": "sha256-qDDw0ruBZ1kt63j4uVP5Xrd1OxGKIYrSFnig0z6ozSw=", + "lastModified": 1770943752, + "narHash": "sha256-3vWAy2BCP5liaCEKmeqeVWbTCF/JnukgMOg8qf8mCcg=", "owner": "FlameFlag", "repo": "nixcord", - "rev": "d030dbb48ab020092681a39c878c1d48a553ffc1", + "rev": "aa1626057e57eca3686fbc1c3e2ddfde884c6b2a", "type": "github" }, "original": { @@ -293,11 +319,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1771208521, - "narHash": "sha256-X01Q3DgSpjeBpapoGA4rzKOn25qdKxbPnxHeMLNoHTU=", + "lastModified": 1770770419, + "narHash": "sha256-iKZMkr6Cm9JzWlRYW/VPoL0A9jVKtZYiU4zSrVeetIs=", "owner": "nixos", "repo": "nixpkgs", - "rev": "fa56d7d6de78f5a7f997b0ea2bc6efd5868ad9e8", + "rev": "6c5e707c6b5339359a9a9e215c5e66d6d802fd7a", "type": "github" }, "original": { @@ -324,11 +350,11 @@ }, "nixpkgs-unstable": { "locked": { - "lastModified": 1771008912, - "narHash": "sha256-gf2AmWVTs8lEq7z/3ZAsgnZDhWIckkb+ZnAo5RzSxJg=", + "lastModified": 1770841267, + "narHash": "sha256-9xejG0KoqsoKEGp2kVbXRlEYtFFcDTHjidiuX8hGO44=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "a82ccc39b39b621151d6732718e3e250109076fa", + "rev": "ec7c70d12ce2fc37cb92aff673dcdca89d187bae", "type": "github" }, "original": { @@ -363,15 +389,15 @@ "locked": { "lastModified": 1770975056, "narHash": "sha256-ZXTz/P3zUbbM6lNXzt91u8EwfNqhXpYMu8+wvFZqQHE=", - "ref": "refs/heads/main", + "owner": "cry128", + "repo": "nt", "rev": "f42dcdd49a7921a7f433512e83d5f93696632412", - "revCount": 205, - "type": "git", - "url": "https://tearforge.net/cry/nt" + "type": "github" }, "original": { - "type": "git", - "url": "https://tearforge.net/cry/nt" + "owner": "cry128", + "repo": "nt", + "type": "github" } }, "root": { @@ -379,7 +405,7 @@ "cerulean": "cerulean", "dobutterfliescry-net": "dobutterfliescry-net", "grub2-themes": "grub2-themes", - "home-manager": "home-manager", + "home-manager": "home-manager_2", "nix-flatpak": "nix-flatpak", "nixcord": "nixcord", "nixpkgs": "nixpkgs", diff --git a/flake.nix b/flake.nix index 2b50529..2e7b315 100644 --- a/flake.nix +++ b/flake.nix @@ -12,15 +12,16 @@ inputs.nixpkgs.follows = "nixpkgs"; }; - nt.url = "git+https://tearforge.net/cry/nt"; + nt.url = "github:cry128/nt"; + # nt.url = "/home/me/cry/mk/nt"; cerulean = { - # url = "git+https://tearforge.net/cry/cerulean"; - url = "/home/me/cry/mk/cerulean"; + url = "github:cry128/Cerulean"; + # url = "/home/me/cry/mk/Cerulean"; inputs = { - nt.follows = "nt"; systems.follows = "systems"; nixpkgs.follows = "nixpkgs"; + nt.follows = "nt"; }; }; @@ -36,7 +37,7 @@ }; dobutterfliescry-net = { - url = "git+https://tearforge.net/cry/site"; + url = "git+https://forge.dobutterfliescry.net/cry/site"; inputs = { nixpkgs.follows = "nixpkgs"; nixpkgs-unstable.follows = "nixpkgs-unstable"; @@ -49,8 +50,6 @@ extra-experimental-features = "pipe-operators"; }; - outputs = inputs: let - inherit (inputs.cerulean) snow; - in - snow.flake inputs ./.; + outputs = inputs: + import ./snow.nix inputs; } diff --git a/groups/all/default.nix b/groups/all/default.nix index fac958f..a636196 100644 --- a/groups/all/default.nix +++ b/groups/all/default.nix @@ -9,16 +9,13 @@ # NOTE: mkDefault is 1000 and mkForce is 50 # NOTE: so this is like a second mkDefault - security.sudo.wheelNeedsPassword = true; + security.sudo.wheelNeedsPassword = lib.mkDefault true; networking = { networkmanager.enable = true; nftables.enable = true; - firewall = { - enable = lib.mkDefault true; - allowPing = lib.mkDefault true; - }; + firewall.enable = lib.mkDefault true; # Use CloudFlare's WARP+ 1.1.1.1 DNS service nameservers = [ @@ -31,7 +28,6 @@ enable = true; clean.enable = true; clean.extraArgs = "--keep-since 7d --keep 3"; - # TODO: move nh config to be home-manager flake = "/home/me/flake"; # sets NH_OS_FLAKE variable for you }; diff --git a/groups/cryde/default.nix b/groups/cryde/default.nix index 7e09671..02c1be0 100644 --- a/groups/cryde/default.nix +++ b/groups/cryde/default.nix @@ -1,20 +1,16 @@ { - inputs, pkgs, upkgs, config, ... }: { - imports = with inputs; [ + imports = [ ./programs.nix ../../hosts/modules/bashistrans.nix ../../hosts/modules/wm/hyprland.nix ../../hosts/modules/steam.nix ../../hosts/modules/obsidian.nix - - grub2-themes.nixosModules.default - nix-flatpak.nixosModules.nix-flatpak ]; boot.loader.grub2-theme = { diff --git a/groups/cryos/default.nix b/groups/cryos/default.nix index 60e3cf3..82699d6 100644 --- a/groups/cryos/default.nix +++ b/groups/cryos/default.nix @@ -7,6 +7,22 @@ ./programs.nix ]; + nixpkgs.config.allowUnfreePredicate = let + whitelist = with pkgs; + map lib.getName [ + discord + steam + steamcmd + steam-unwrapped + + winbox + + obsidian + gitkraken + ]; + in + pkg: builtins.elem (lib.getName pkg) whitelist; + boot.loader = { efi = { canTouchEfiVariables = true; diff --git a/groups/cryos/programs.nix b/groups/cryos/programs.nix index c915036..3e58545 100644 --- a/groups/cryos/programs.nix +++ b/groups/cryos/programs.nix @@ -111,12 +111,11 @@ libargon2 ]; - # services.pcscd.enable = true; - # programs = { - # gnupg.agent = { - # enable = true; - # pinentryPackage = pkgs.pinentry-curses; - # enableSSHSupport = true; - # }; - # }; + programs = { + gnupg.agent = { + enable = true; + pinentryPackage = pkgs.pinentry-curses; + enableSSHSupport = true; + }; + }; } diff --git a/groups/server/default.nix b/groups/server/default.nix index 1f97310..32fe569 100644 --- a/groups/server/default.nix +++ b/groups/server/default.nix @@ -1,15 +1,8 @@ -{ - pkgs, - lib, - ... -}: { - networking = { - firewall = { - allowedTCPPorts = [ - 42069 # ssh - ]; - }; - nftables.enable = true; +{lib, ...}: { + networking.firewall = { + allowedTCPPorts = [ + 42069 # ssh + ]; }; security = { @@ -49,7 +42,6 @@ services.fail2ban = { enable = true; - ignoreIP = ["192.168.0.0/16"]; maxretry = 5; bantime = "10m"; # 10 minute ban bantime-increment = { @@ -70,15 +62,10 @@ extraGroups = ["wheel"]; openssh.authorizedKeys.keys = lib.mkDefault [ (throw '' - You goofy goober :3 Hosts in the `server` group must set `users.users.cry.openssh.authorizedKeys.keys = [ ... ]`. '') ]; }; }; }; - - environment.systemPackages = with pkgs; [ - unixtools.netstat - ]; } diff --git a/homes/cry/default.nix b/homes/ae/default.nix similarity index 100% rename from homes/cry/default.nix rename to homes/ae/default.nix diff --git a/homes/me/default.nix b/homes/me/default.nix index 73a4074..169219f 100755 --- a/homes/me/default.nix +++ b/homes/me/default.nix @@ -118,31 +118,25 @@ hostname = "dobutterfliescry.net"; user = "cry"; port = 42069; - identityFile = "~/keys/butterfly"; + identityFile = "~/.ssh/id_butterfly"; setEnv = { - TERM = "xterm-256color"; + TERM = "linux"; }; }; - hyrule = { + clocktown = { hostname = "hyrule.dobutterfliescry.net"; user = "cry"; port = 42069; - identityFile = "~/keys/hyrule"; + identityFile = "~/.ssh/id_hyrule"; setEnv = { - TERM = "xterm-256color"; + TERM = "linux"; }; }; - matcha = { - hostname = "192.168.88.250"; - user = "emile"; - port = 22; - identityFile = "~/keys/matcha"; - }; youcue = { hostname = "moss.labs.eait.uq.edu.au"; user = "s4740056"; port = 22; - identityFile = "~/keys/other/youcue"; + identityFile = "~/.ssh/id_youcue"; setEnv = { TERM = "xterm-256color"; }; diff --git a/homes/modules/fish.nix b/homes/modules/fish.nix index 77a2324..69d82f3 100755 --- a/homes/modules/fish.nix +++ b/homes/modules/fish.nix @@ -37,10 +37,6 @@ "The god of the stars rejects your offering. The ritual can only be performed at night." "You should have just died..." "Supreme Witch, Calamitas has killed every player!" - - "A broken heart beats in fractals" # Key Fairy - - "Remember our promise" # Signalis ] |> map (x: "\"${x}\"") |> builtins.concatStringsSep " "; diff --git a/hosts/butterfly/default.nix b/hosts/butterfly/default.nix index feeff1f..83ff46d 100755 --- a/hosts/butterfly/default.nix +++ b/hosts/butterfly/default.nix @@ -1,6 +1,6 @@ {...}: { imports = [ - ./hardware.nix + ./hardware-configuration.nix ./services ]; @@ -16,16 +16,16 @@ firewall = { allowedTCPPorts = [ - 22 # forgejo ssh 80 # nginx # 143 # IMAP4 443 # nginx # 587 # SMTPS - 2222 # TEMP: forgejo ssh + 2222 # forgejo ssh + 2035 # debug (for my job) # 3000 (INTERNAL) forgejo # 3306 (INTERNAL) forgejo sqlite3 database + 5000 # debug (for my job) # 8222 (INTERNAL) vaultwarden - 42069 # ssh 45000 # minecaft server ]; allowedUDPPorts = [ @@ -57,18 +57,6 @@ # }; }; - services.pixiecore = { - enable = false; - - port = 1234; - statusPort = 1234; - openFirewall = true; - listen = "0.0.0.0"; - - quick = "xyz"; - mode = "boot"; - }; - users.users.cry = { openssh.authorizedKeys.keys = [ "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCsUZY45rgezi+8iROdcR5vPeacJ2fbMjlDijfUrH9hRX2FzCsg/4e3aFKhi2seZMmyTfbstxmDrrH8paUS5TibFgLFBGNngaF3CTjg85i5pm25Hr4IVo31oziBnTWaG6j3buYKtz5e1qSPzXywinJR+5+FCUJU7Fxa+EWTZcOX4wYgArSj4q73rZmvk5N0X44Mudt4nvpD2chvxygsdTzD6ph92qCuaJ/AbfmOoC7b/xvOaOVydUfgDLpHi9VZbd3akvvKxRfW6ZklldgXEzPXKMuastN0mwcBxvIb5G1Vkj8jtSVtKPc5psZ9/NWA5l38xH4qZ6z7eib6thtEMdtcKmTZEEWDADjqTea5Gj61c1n18cr6f3Tff+0bn/cxsl4Y0esi+aDeuCXYiIYNmeKBx0ttDNIxpk4J5Fdh6Xs+AZif5lnJErtu8TPy2aC0bc9wehTjMyvilTHfyerOD1ZJXhN2XwRVDGN7t7leAJZISJlPjqTDcw3Vfvzte/5JqS+FR+hbpG4uz2ix8kUa20u5YF2oSdGl8+zsdozVsdQm10Iv9WSXBV7t4m+oyodgtfzydBpmXq7aBXudCiEKw+7TC7F+1a4YFrVrCNXKFgKUpd1MiVLl7DIbzm5U9MD2BB3Fy7BPCzr3tW6/ExOhhpBWY+HnzVGQfkNr7dRcqfipKw== ae@dobutterfliescry.net" diff --git a/hosts/butterfly/hardware.nix b/hosts/butterfly/hardware-configuration.nix similarity index 100% rename from hosts/butterfly/hardware.nix rename to hosts/butterfly/hardware-configuration.nix diff --git a/hosts/butterfly/services/default.nix b/hosts/butterfly/services/default.nix index b7d96af..d6f75e1 100644 --- a/hosts/butterfly/services/default.nix +++ b/hosts/butterfly/services/default.nix @@ -1,7 +1,5 @@ {...}: { imports = [ ./nginx.nix - ./forgejo.nix - ./vaultwarden.nix ]; } diff --git a/hosts/butterfly/services/forgejo.nix b/hosts/butterfly/services/forgejo.nix index d1dec7e..d5d680d 100644 --- a/hosts/butterfly/services/forgejo.nix +++ b/hosts/butterfly/services/forgejo.nix @@ -1,39 +1,10 @@ -{ - config, - lib, - ... -}: let - cfg = config.services.forgejo; -in { - # REF: https://github.com/NixOS/nixpkgs/blob/nixos-25.11/nixos/modules/services/misc/forgejo.nix - # REF: forgejo doesn't create the user/group by default if its name isn't "forgejo" - users.users = lib.mkIf (cfg.user != "forgejo") { - ${cfg.user} = { - home = cfg.stateDir; - useDefaultShell = true; - group = cfg.group; - isSystemUser = true; - }; - }; - users.groups = lib.mkIf (cfg.group != "forgejo") { - ${cfg.group} = {}; - }; - +{...}: { # more options here: https://mynixos.com/nixpkgs/options/services.forgejo # TODO: set a favicon https://forgejo.org/docs/next/contributor/customization/#changing-the-logo # (might need me to override settings in the nixpkg) # TODO: create a custom theme for forgejo (modify the source files most likely) services.forgejo = { enable = true; - - # XXX: WARNING: XXX: WARNING: XXX: TODO: set user="git" and settings.server.SSH_PORT=22 - # XXX: WARNING: XXX: WARNING: XXX: TODO: (currently both cause errors) - # XXX: WARNING: XXX: WARNING: XXX: TODO: THE USER FAILS I THINK CAUSE THE DIRECTORY DOESNT CHANGE THE USER PERMISSIONS - - user = "git"; # user forgejo runs as - # group = "forgejo"; # group forgejo runs as - # stateDir = "/var/lib/forgejo"; - # enable support for Git Large File Storage lfs.enable = true; database = { @@ -46,9 +17,9 @@ in { settings = { server = { # ENABLE_ACME = true; - # ACME_EMAIL = "them@dobutterfliescry.net"; - DOMAIN = "tearforge.net"; - ROOT_URL = "https://tearforge.net"; + # ACME_EMAIL = "eclarkboman@gmail.com"; # change this to "me@imbored.dev" + DOMAIN = "dobutterfliescry.net"; # should this be "imbored.dev"? + ROOT_URL = "https://forge.dobutterfliescry.net"; # full public URL of the Forgejo server # address and port to listen on HTTP_ADDR = "127.0.0.1"; HTTP_PORT = 3000; @@ -69,7 +40,7 @@ in { DEFAULT_PRIVATE = "private"; # last, private, public # repo/org created on push to non-existent ENABLE_PUSH_CREATE_USER = true; - ENABLE_PUSH_CREATE_ORG = true; + ENABLE_PUSH_CREATE_ORG = false; DEFAULT_PUSH_CREATE_PRIVATE = true; MAX_CREATION_LIMIT = -1; }; @@ -96,7 +67,7 @@ in { "ui.meta" = { AUTHOR = "Emile Clark-Boman - emileclarkb"; DESCRIPTION = "This is my personal self-hosted git forge, where I keep and maintain personal projects! PS do butterflies cry when they're sad?"; - KEYWORDS = "emile,clark,boman,clarkboman,emileclarkb,git,forge,forgejo,self-hosted,dobutterfliescry,butterfly,butterflies,cry,tearforge"; + KEYWORDS = "emile,clark,boman,clarkboman,emileclarkb,git,forge,forgejo,self-hosted,dobutterfliescry,butterfly,butterflies"; }; markdown = { @@ -148,11 +119,12 @@ in { # email.incoming = { ... }; # optional + # TODO: fill this in once my mail server is configured mailer = { ENABLED = false; - SMTP_ADDR = "mail.tearforge.net"; - FROM = "noreply@tearforge.net"; - USER = "noreply@tearforge.net"; + SMTP_ADDR = "mail.dobutterfliescry.net"; + FROM = "iforgor@dobutterfliescry.net"; + USER = "iforgor@dobutterfliescry.net"; }; log = { diff --git a/hosts/butterfly/services/nginx.nix b/hosts/butterfly/services/nginx.nix index 9d5bc08..5dcb5c6 100644 --- a/hosts/butterfly/services/nginx.nix +++ b/hosts/butterfly/services/nginx.nix @@ -43,15 +43,16 @@ locations."/".proxyPass = "${localhost}:8222"; } // std; - "tearforge.net" = - { - forceSSL = true; - extraConfig = '' - client_max_body_size 512M; - ''; - locations."/".proxyPass = "${localhost}:3000"; - } - // std; + # "tearforge.net" = + # { + # forceSSL = true; + # extraConfig = '' + # client_max_body_size 512M; + # ''; + # locations."/".proxyPass = "${localhost}:3000"; + # } + # // std; + # "tearforge.net" = forge; }; }; } diff --git a/hosts/hyrule/default.nix b/hosts/hyrule/default.nix index 0adb056..9690354 100755 --- a/hosts/hyrule/default.nix +++ b/hosts/hyrule/default.nix @@ -1,6 +1,6 @@ {...}: { imports = [ - ./hardware.nix + ./hardware-configuration.nix ]; # super duper minimum grub2 config diff --git a/hosts/hyrule/hardware.nix b/hosts/hyrule/hardware-configuration.nix similarity index 100% rename from hosts/hyrule/hardware.nix rename to hosts/hyrule/hardware-configuration.nix diff --git a/hosts/lolcathost/default.nix b/hosts/lolcathost/default.nix index e3a1309..b0d87f8 100755 --- a/hosts/lolcathost/default.nix +++ b/hosts/lolcathost/default.nix @@ -1,6 +1,6 @@ {...}: { imports = [ - ./hardware.nix + ./hardware-configuration.nix ]; networking.hostName = "lolcathost"; diff --git a/hosts/lolcathost/hardware.nix b/hosts/lolcathost/hardware-configuration.nix similarity index 100% rename from hosts/lolcathost/hardware.nix rename to hosts/lolcathost/hardware-configuration.nix diff --git a/hosts/matcha/default.nix b/hosts/matcha/default.nix deleted file mode 100644 index 4d5d322..0000000 --- a/hosts/matcha/default.nix +++ /dev/null @@ -1,26 +0,0 @@ -{...}: { - imports = [ - ./hardware.nix - ./state.nix - ]; - - boot.loader = { - efi = { - canTouchEfiVariables = true; - efiSysMountPoint = "/boot/efi"; - }; - grub = { - efiSupport = true; - device = "nodev"; - }; - }; - - networking.hostName = "matcha"; - - users.users.cry = { - openssh.authorizedKeys.keys = [ - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDYwbPjW26fHivB+UpxRArY7nFI09VLAD9xxOiPk/u+YPAOVR8SYTpsHj3L8kI3ENRtt3PRJb97ZfLpPaAJ0LJiZv4qzisDjbfck12FxSDseQlF2JaJZ4wrJ9llcqJbRLKd5wV4KotrDm8Ct2JSBFOdTBQBGJqtNrLOcAtDqVmDPXsWyONINegtcYHumTbJcQU1ksCABdjW5R1dhJesOuMOM8EvrUtDyftvD7sgnBlXTzybP9c1AphUuBMSR5yEz/cDl+iPtQq7tgB+iepCCuNMGQu1wZFPBCMrZtMoxq6gzmZ4oV+W6tfmGEbtdkY+ix+2j960Zngcw7Gj+aYyMY2TyVJuJmIvlzfcrlsbr1TH35Y/5oYhJA+X6aFpgomUsurJ6/QdI1wQ+ceUCnZEeg/8z+WNaq/Bp2hPzT9Y7SPWolpaotDhh9wiuyVqn5VQqwL2lELfvZM4Lu8l6vRPDeMZTemI1nc5jg3aVpJqZTPqFVcCWrWXfdCFwnfy/SdU0JAprCzVvoqkwDHsJwkxY/NcxlNGNha+8oYZgSH1CZhEp3Z7CDJCTDd5PxxCQHs90ENCWFsoGQIV01dAgwD63460En9q2kGr6gO2aRewMD5Vr8AzeGV87vsR3ARpPQVzEWLX08B076Idjwrz8aebdRYBEg7WCxRe5UVI1i/V8j/zQw== emile@deadlyserver.com" - "ecdsa-sha2-nistp521 AAAAE2VjZHNhLXNoYTItbmlzdHA1MjEAAAAIbmlzdHA1MjEAAACFBAGEvtRs3C4hjSuvVm2lukqOvObCz5gVlFthcvpGHAqlBgZo47CNJM78WoviEQWceqtu9ZzJdRJ7qEK9ZGvTM0XTSgExkOs6YdS3J7M3i3YS1vcj9KVPinLhiE90aED/319pbYKFrRs/lRzl8XLeaPNqenNMNJBqeary8+r5u9JC6zYCeQ== me@lolcathost" - ]; - }; -} diff --git a/hosts/matcha/hardware.nix b/hosts/matcha/hardware.nix deleted file mode 100644 index aadc3d1..0000000 --- a/hosts/matcha/hardware.nix +++ /dev/null @@ -1,33 +0,0 @@ -# Do not modify this file! It was generated by ‘nixos-generate-config’ -# and may be overwritten by future invocations. Please make changes -# to /etc/nixos/configuration.nix instead. -{ config, lib, pkgs, modulesPath, ... }: - -{ - imports = - [ (modulesPath + "/installer/scan/not-detected.nix") - ]; - - boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "nvme" "usb_storage" "usbhid" "sd_mod" ]; - boot.initrd.kernelModules = [ ]; - boot.kernelModules = [ "kvm-intel" ]; - boot.extraModulePackages = [ ]; - - fileSystems."/" = - { device = "/dev/disk/by-uuid/d54a5644-744b-4b2a-8c4b-c12836498724"; - fsType = "ext4"; - }; - - fileSystems."/boot/efi" = - { device = "/dev/disk/by-uuid/12CE-A600"; - fsType = "vfat"; - options = [ "fmask=0077" "dmask=0077" ]; - }; - - swapDevices = - [ { device = "/dev/disk/by-uuid/9513ded6-662e-42f7-926e-64d198c2ae7c"; } - ]; - - nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; - hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; -} diff --git a/hosts/matcha/state.nix b/hosts/matcha/state.nix deleted file mode 100644 index f6f238f..0000000 --- a/hosts/matcha/state.nix +++ /dev/null @@ -1,20 +0,0 @@ -{...}: { - # This option defines the first version of NixOS you have installed on this particular machine, - # and is used to maintain compatibility with application data (e.g. databases) created on older NixOS versions. - # - # Most users should NEVER change this value after the initial install, for any reason, - # even if you've upgraded your system to a new NixOS release. - # - # This value does NOT affect the Nixpkgs version your packages and OS are pulled from, - # so changing it will NOT upgrade your system - see https://nixos.org/manual/nixos/stable/#sec-upgrading for how - # to actually do that. - # - # This value being lower than the current NixOS release does NOT mean your system is - # out of date, out of support, or vulnerable. - # - # Do NOT change this value unless you have manually inspected all the changes it would make to your configuration, - # and migrated your data accordingly. - # - # For more information, see `man configuration.nix` or https://nixos.org/manual/nixos/stable/options#opt-system.stateVersion . - system.stateVersion = "25.11"; # Did you read the comment? -} diff --git a/hosts/myputer/default.nix b/hosts/myputer/default.nix index 28e7e05..1b397d4 100755 --- a/hosts/myputer/default.nix +++ b/hosts/myputer/default.nix @@ -5,7 +5,7 @@ ... }: { imports = [ - ./hardware.nix + ./hardware-configuration.nix ]; networking = { diff --git a/hosts/myputer/hardware.nix b/hosts/myputer/hardware-configuration.nix similarity index 100% rename from hosts/myputer/hardware.nix rename to hosts/myputer/hardware-configuration.nix diff --git a/nixpkgs.nix b/nixpkgs.nix index fcd5db4..816800f 100644 --- a/nixpkgs.nix +++ b/nixpkgs.nix @@ -4,11 +4,15 @@ system, ... } @ args: { - nixpkgs.channels = { - default = { + nixpkgs.channels.default = rec { + default = pkgs; + # nixpkgs (stable branch) + pkgs = { + inherit system; + source = inputs.nixpkgs; overlays = [ inputs.dobutterfliescry-net.overlays.default - (import ./overlays args) + (import ./overlays/default.nix args) ]; config = { # allowUnfree = false; @@ -25,37 +29,13 @@ ]; }; }; - - # nixpkgs (stable branch) - # pkgs = { - # inherit system; - # source = inputs.nixpkgs; - # overlays = [ - # inputs.dobutterfliescry-net.overlays.default - # (import ./overlays args) - # ]; - # config = { - # # allowUnfree = false; - # allowBroken = false; - # allowUnfreePredicate = pkg: - # builtins.elem (lib.getName pkg) [ - # "discord" - # "steam" - # "steamcmd" - # "steam-unwrapped" - - # "obsidian" - # "gitkraken" - # ]; - # }; - # }; # nixpkgs-unstable upkgs = { inherit system; source = inputs.nixpkgs-unstable; overlays = [ inputs.dobutterfliescry-net.overlays.default - (import ./overlays args) + (import ./overlays/default.nix args) ]; config = { allowUnfree = false; diff --git a/overlays/default.nix b/overlays/default.nix index ac0af8a..d18a23d 100644 --- a/overlays/default.nix +++ b/overlays/default.nix @@ -1,4 +1,4 @@ -{...}: ( +{inputs, ...}: ( self: super: { angry-oxide = import ../packages/angryoxide { pkgs = super; diff --git a/snow.nix b/snow.nix index 7b2e878..4d3b575 100644 --- a/snow.nix +++ b/snow.nix @@ -1,8 +1,7 @@ -{inputs, ...} @ args: { - nodes = { - base = inputs.nixpkgs; - args = {inherit inputs;}; - homeManager = inputs.home-manager; +{cerulean, ...} @ inputs: +cerulean.mkNexus ./. (self: { + nexus = { + specialArgs = {inherit inputs;}; groups = { # wait.. that's too cold... @@ -14,31 +13,36 @@ server = {}; }; - nodes = { + nodes = let + inherit + (self.nexus) + groups + ; + in { # my laptop <3 :3 lolcathost = { system = "x86_64-linux"; - groups = groups: [groups.cryos.cryde]; - # modules = with inputs; [ - # grub2-themes.nixosModules.default - # nix-flatpak.nixosModules.nix-flatpak - # ]; + groups = [groups.cryos.cryde]; + extraModules = with inputs; [ + grub2-themes.nixosModules.default + nix-flatpak.nixosModules.nix-flatpak + ]; }; # i be on my puter frfr myputer = { system = "x86_64-linux"; - groups = groups: [groups.cryos.cryde]; - # modules = with inputs; [ - # grub2-themes.nixosModules.default - # nix-flatpak.nixosModules.nix-flatpak - # ]; + groups = [groups.cryos.cryde]; + extraModules = with inputs; [ + grub2-themes.nixosModules.default + nix-flatpak.nixosModules.nix-flatpak + ]; }; # courtesy of aurora <3 butterfly = { system = "x86_64-linux"; - groups = groups: [groups.server]; + groups = [groups.server]; deploy.ssh = { host = "dobutterfliescry.net"; user = "cry"; @@ -49,7 +53,7 @@ # pls dont sue me im broke hyrule = { system = "x86_64-linux"; - groups = groups: [groups.server]; + groups = [groups.server]; deploy.ssh = { host = "hyrule.dobutterfliescry.net"; user = "cry"; @@ -57,17 +61,11 @@ }; # call me a statistician the way she spreads in my sheets - matcha = { - system = "x86_64-linux"; - groups = groups: [groups.server]; - deploy = { - remoteBuild = true; - ssh = { - host = "192.168.88.250"; # <- DEBUG: TEMP: TODO: switch to `matcha.dobutterfliescry.net` - user = "emile"; - }; - }; - }; + # matcha = { + # system = "x86_64-linux"; + # groups = [groups.server]; + # deploy.ssh.host = "bedroom.dobutterfliescry.net"; + # }; }; }; -} +})