bertof/nix-dotfiles
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Nix fmt rfc style (more or less)

Browse source
This commit is contained in:
Filippo Berto 2024-08-13 12:22:23 +02:00
parent e7496c447a
commit 515f098644
No known key found for this signature in database
GPG key ID: FE98AE5EC52B1056
146 changed files with 2607 additions and 906 deletions
Download patch file Download diff file Expand all files Collapse all files

94
instances/baldur/configuration.nix
View file

@ -7,9 +7,16 @@
boot = {
growPartition = true;
kernelParams = [ "console=ttyS0" "panic=1" "boot.panic_on_fail" ];
kernelParams = [
"console=ttyS0"
"panic=1"
"boot.panic_on_fail"
];
initrd.kernelModules = [ "virtio_scsi" ];
kernelModules = [ "virtio_pci" "virtio_net" ];
kernelModules = [
"virtio_pci"
"virtio_net"
];
loader = {
grub.device = "/dev/sda";
timeout = 0;
@ -24,13 +31,20 @@
environment = {
pathsToLink = [ "/share/zsh" ];
systemPackages = [ pkgs.helix pkgs.zellij pkgs.kitty.terminfo ];
systemPackages = [
pkgs.helix
pkgs.zellij
pkgs.kitty.terminfo
];
};
i18n.defaultLocale = "it_IT.UTF-8";
programs = {
gnupg.agent = { enable = true; enableSSHSupport = true; };
gnupg.agent = {
enable = true;
enableSSHSupport = true;
};
zsh.enable = true;
};
@ -65,29 +79,40 @@
recommendedTlsSettings = true;
virtualHosts =
let
ssl = { enableACME = true; forceSSL = true; };
ssl = {
enableACME = true;
forceSSL = true;
};
in
{
"me.bertof.net" = ssl // {
locations."/".extraConfig =
"rewrite ^/(.*)$ https://homes.di.unimi.it/berto/$1 redirect ;";
locations."/".extraConfig = "rewrite ^/(.*)$ https://homes.di.unimi.it/berto/$1 redirect ;";
};
"home-assistant.bertof.net" = ssl // {
locations."/" = { proxyPass = "http://loki.tsn:8123/"; proxyWebsockets = true; };
locations."/" = {
proxyPass = "http://loki.tsn:8123/";
proxyWebsockets = true;
};
extraConfig = ''
proxy_pass_header Authorization;
proxy_buffering off;
'';
};
"s3.bertof.net" = ssl // {
locations."/" = { proxyPass = "http://heimdall.tsn:9000/"; proxyWebsockets = true; };
locations."/" = {
proxyPass = "http://heimdall.tsn:9000/";
proxyWebsockets = true;
};
extraConfig = ''
proxy_pass_header Authorization;
proxy_buffering off;
'';
};
"hass.bertof.net" = ssl // {
locations."/" = { proxyPass = "http://heimdall.tsn:8123/"; proxyWebsockets = true; };
locations."/" = {
proxyPass = "http://heimdall.tsn:8123/";
proxyWebsockets = true;
};
extraConfig = ''
proxy_pass_header Authorization;
proxy_buffering off;
@ -120,14 +145,37 @@
'';
};
};
"radarr.bertof.net" = ssl // { locations."/" = { proxyPass = "http://heimdall.tsn:7878/"; proxyWebsockets = true; }; };
"sonarr.bertof.net" = ssl // { locations."/" = { proxyPass = "http://heimdall.tsn:8989/"; proxyWebsockets = true; }; };
"lidarr.bertof.net" = ssl // { locations."/" = { proxyPass = "http://heimdall.tsn:8686/"; proxyWebsockets = true; }; };
"radarr.bertof.net" = ssl // {
locations."/" = {
proxyPass = "http://heimdall.tsn:7878/";
proxyWebsockets = true;
};
};
"sonarr.bertof.net" = ssl // {
locations."/" = {
proxyPass = "http://heimdall.tsn:8989/";
proxyWebsockets = true;
};
};
"lidarr.bertof.net" = ssl // {
locations."/" = {
proxyPass = "http://heimdall.tsn:8686/";
proxyWebsockets = true;
};
};
# "ombi.bertof.net" = ssl // { locations."/" = { proxyPass = "http://heimdall.tsn:5000/"; proxyWebsockets = true; }; };
"jellyfin.bertof.net" = ssl // { locations."/" = { proxyPass = "http://heimdall.tsn:8096/"; proxyWebsockets = true; }; };
"jellyfin.bertof.net" = ssl // {
locations."/" = {
proxyPass = "http://heimdall.tsn:8096/";
proxyWebsockets = true;
};
};
};
};
openssh = { enable = true; openFirewall = true; };
openssh = {
enable = true;
openFirewall = true;
};
# wgautomesh = {
# enable = true;
# settings = {
@ -136,7 +184,10 @@
# };
};
security.acme = { acceptTerms = true; defaults.email = "filippo.berto95@gmail.com"; };
security.acme = {
acceptTerms = true;
defaults.email = "filippo.berto95@gmail.com";
};
users.users.bertof = {
isNormalUser = true;
@ -174,8 +225,15 @@
firewall = {
enable = true;
allowPing = true;
allowedTCPPorts = [ 80 443 53 ];
allowedUDPPorts = [ 53 51820 ];
allowedTCPPorts = [
80
443
53
];
allowedUDPPorts = [
53
51820
];
# interfaces.ens3.allowedTCPPorts = [ 52123 53 ];
# interfaces.ens3.allowedUDPPorts = [ 53 ];
# extraCommands = ''iptables -t raw -A OUTPUT -p udp -m udp --dport 137 -j CT --helper netbios-ns'';

13
instances/baldur/hardware-configuration.nix
View file

@ -5,7 +5,13 @@
boot = {
initrd = {
availableKernelModules = [ "ata_piix" "uhci_hcd" "virtio_pci" "virtio_scsi" "sd_mod" ];
availableKernelModules = [
"ata_piix"
"uhci_hcd"
"virtio_pci"
"virtio_scsi"
"sd_mod"
];
kernelModules = [ ];
};
@ -19,6 +25,9 @@
};
swapDevices = [
{ device = "/swapfile"; size = 1024 * 1; }
{
device = "/swapfile";
size = 1024 * 1;
}
];
}

9
instances/baldur/hm.nix
View file

@ -1,9 +1,14 @@
{ pkgs, ... }: {
{ pkgs, ... }:
{
home = {
language.base = "it_IT.UTF-8";
keyboard = {
layout = "it";
options = [ "terminate:ctrl_alt_bksp" "compose:rctrl" "grp:menu_toggle" ];
options = [
"terminate:ctrl_alt_bksp"
"compose:rctrl"
"grp:menu_toggle"
];
};
packages = builtins.attrValues { inherit (pkgs) nix-prefetch-scripts; };
};

8
instances/baldur/hm_tiziano.nix
View file

@ -1,9 +1,13 @@
{ ... }: {
{ ... }:
{
home = {
language.base = "it_IT.UTF-8";
keyboard = {
layout = "it";
options = [ "terminate:ctrl_alt_bksp" "compose:rctrl" ];
options = [
"terminate:ctrl_alt_bksp"
"compose:rctrl"
];
};
};

100
instances/freya/configuration.nix
View file

@ -1,14 +1,24 @@
{ pkgs, lib, config, ... }:
{ pkgs
, lib
, config
, ...
}:
let
hosts = import ../../hosts.nix;
in
{
age.secrets = {
ntfy-freya = { file = ../../secrets/ntfy-freya.age; owner = "bertof"; };
ntfy-freya = {
file = ../../secrets/ntfy-freya.age;
owner = "bertof";
};
};
console = { font = "Lat2-Terminus16"; keyMap = "it"; };
console = {
font = "Lat2-Terminus16";
keyMap = "it";
};
environment = {
pathsToLink = [ "/share/zsh" ];
@ -20,7 +30,10 @@ in
enable = true;
# package = pkgs.bluezFull;
};
opengl = { enable = true; driSupport = true; };
opengl = {
enable = true;
driSupport = true;
};
raspberry-pi."4" = {
# audio.enable = true; # AUDIO
fkms-3d.enable = true; # GPU
@ -52,7 +65,10 @@ in
programs = {
dconf.enable = true;
gnupg.agent = { enable = true; enableSSHSupport = true; };
gnupg.agent = {
enable = true;
enableSSHSupport = true;
};
zsh.enable = true;
};
@ -77,14 +93,24 @@ in
blueman.enable = true;
dbus.packages = [ pkgs.dconf ];
gnome.gnome-keyring.enable = true;
openssh = { enable = true; openFirewall = true; };
openssh = {
enable = true;
openFirewall = true;
};
# xserver = {
# enable = true;
# desktopManager.retroarch = { enable = true; package = pkgs.retroarchFull; };
# };
fail2ban = { enable = true; bantime-increment.enable = true; };
plex = { enable = true; openFirewall = true; group = "users"; };
fail2ban = {
enable = true;
bantime-increment.enable = true;
};
plex = {
enable = true;
openFirewall = true;
group = "users";
};
# jellyfin = { enable = true; openFirewall = true; group = "users"; };
home-assistant = {
@ -246,11 +272,13 @@ in
# "!secret famiglia_t_chat_id"
# ];
# }];
tts = [{
platform = "google_translate";
language = "it";
# tld = "it";
}];
tts = [
{
platform = "google_translate";
language = "it";
# tld = "it";
}
];
};
configDir = "/var/lib/hass";
configWritable = true;
@ -336,12 +364,18 @@ in
prometheus = {
enable = true;
exporters = {
node = { enable = true; enabledCollectors = [ "systemd" ]; };
node = {
enable = true;
enabledCollectors = [ "systemd" ];
};
process = {
enable = true;
settings.process_names = [
# Remove nix store path from process name
{ name = "{{.Matches.Wrapped}} {{ .Matches.Args }}"; cmdline = [ "^/nix/store[^ ]*/(?P<Wrapped>[^ /]*) (?P<Args>.*)" ]; }
{
name = "{{.Matches.Wrapped}} {{ .Matches.Args }}";
cmdline = [ "^/nix/store[^ ]*/(?P<Wrapped>[^ /]*) (?P<Args>.*)" ];
}
];
};
systemd.enable = true;
@ -352,15 +386,21 @@ in
scrapeConfigs = [
{
job_name = "node";
static_configs = [{ targets = [ "localhost:${toString config.services.prometheus.exporters.node.port}" ]; }];
static_configs = [
{ targets = [ "localhost:${toString config.services.prometheus.exporters.node.port}" ]; }
];
}
{
job_name = "process";
static_configs = [{ targets = [ "localhost:${toString config.services.prometheus.exporters.process.port}" ]; }];
static_configs = [
{ targets = [ "localhost:${toString config.services.prometheus.exporters.process.port}" ]; }
];
}
{
job_name = "systemd";
static_configs = [{ targets = [ "localhost:${toString config.services.prometheus.exporters.systemd.port}" ]; }];
static_configs = [
{ targets = [ "localhost:${toString config.services.prometheus.exporters.systemd.port}" ]; }
];
}
];
retentionTime = "15d";
@ -368,16 +408,30 @@ in
snapper.configs =
let
common = { TIMELINE_CREATE = true; TIMELINE_CLEANUP = true; };
common = {
TIMELINE_CREATE = true;
TIMELINE_CLEANUP = true;
};
in
{
bertof = lib.recursiveUpdate common { SUBVOLUME = "/mnt/raid/bertof/"; ALLOW_USERS = [ "bertof" ]; };
tiziano = lib.recursiveUpdate common { SUBVOLUME = "/mnt/raid/tiziano/"; ALLOW_USERS = [ "tiziano" ]; };
condiviso = lib.recursiveUpdate common { SUBVOLUME = "/mnt/raid/condiviso"; ALLOW_USERS = [ "bertof" "tiziano" ]; };
bertof = lib.recursiveUpdate common {
SUBVOLUME = "/mnt/raid/bertof/";
ALLOW_USERS = [ "bertof" ];
};
tiziano = lib.recursiveUpdate common {
SUBVOLUME = "/mnt/raid/tiziano/";
ALLOW_USERS = [ "tiziano" ];
};
condiviso = lib.recursiveUpdate common {
SUBVOLUME = "/mnt/raid/condiviso";
ALLOW_USERS = [
"bertof"
"tiziano"
];
};
};
};
time.timeZone = "Europe/Rome";
users.users = {

15
instances/freya/hardware-configuration.nix
View file

@ -1,13 +1,15 @@
{ lib, modulesPath, ... }:
{
imports = [
(modulesPath + "/installer/scan/not-detected.nix")
];
imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
boot = {
extraModulePackages = [ ];
initrd = {
availableKernelModules = [ "xhci_pci" "uas" "usb_storage" ];
availableKernelModules = [
"xhci_pci"
"uas"
"usb_storage"
];
kernelModules = [ ];
};
kernelModules = [ ];
@ -26,7 +28,10 @@
};
swapDevices = [
{ device = "/swapfile"; size = 1024 * 4; }
{
device = "/swapfile";
size = 1024 * 4;
}
];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking

15
instances/freya/hm.nix
View file

@ -1,13 +1,22 @@
{ pkgs, ... }: {
{ pkgs, ... }:
{
home = {
language.base = "it_IT.UTF-8";
keyboard = {
layout = "it";
options = [ "terminate:ctrl_alt_bksp" "compose:rctrl" ];
options = [
"terminate:ctrl_alt_bksp"
"compose:rctrl"
];
};
packages = builtins.attrValues {
inherit (pkgs)
cava gallery-dl procps wireguard-tools httpie;
cava
gallery-dl
procps
wireguard-tools
httpie
;
};
};

124
instances/heimdall/configuration.nix
View file

@ -1,4 +1,8 @@
{ pkgs, lib, config, ... }:
{ pkgs
, lib
, config
, ...
}:
let
hosts = import ../../hosts.nix;
in
@ -12,7 +16,10 @@ in
efi.canTouchEfiVariables = true;
};
console = { font = "Lat2-Terminus16"; keyMap = "it"; };
console = {
font = "Lat2-Terminus16";
keyMap = "it";
};
environment = {
pathsToLink = [ "/share/zsh" ];
@ -24,7 +31,10 @@ in
enable = true;
# package = pkgs.bluezFull;
};
opengl = { enable = true; driSupport = true; };
opengl = {
enable = true;
driSupport = true;
};
};
i18n.defaultLocale = "it_IT.UTF-8";
@ -52,7 +62,10 @@ in
programs = {
dconf.enable = true;
gnupg.agent = { enable = true; enableSSHSupport = true; };
gnupg.agent = {
enable = true;
enableSSHSupport = true;
};
zsh.enable = true;
};
@ -61,7 +74,14 @@ in
'';
services = {
grafana = { enable = true; settings.server = { http_addr = "0.0.0.0"; domain = "bertof.net"; root_url = "https://grafana.bertof.net/"; }; };
grafana = {
enable = true;
settings.server = {
http_addr = "0.0.0.0";
domain = "bertof.net";
root_url = "https://grafana.bertof.net/";
};
};
# avahi = {
# enable = true;
@ -79,15 +99,29 @@ in
# blueman.enable = true;
# dbus.packages = [ pkgs.dconf ];
# gnome.gnome-keyring.enable = true;
openssh = { enable = true; openFirewall = true; };
openssh = {
enable = true;
openFirewall = true;
};
# # xserver = {
# # enable = true;
# # desktopManager.retroarch = { enable = true; package = pkgs.retroarchFull; };
# # };
#
fail2ban = { enable = true; bantime-increment.enable = true; };
plex = { enable = true; openFirewall = true; group = "users"; };
jellyfin = { enable = true; openFirewall = true; group = "users"; };
fail2ban = {
enable = true;
bantime-increment.enable = true;
};
plex = {
enable = true;
openFirewall = true;
group = "users";
};
jellyfin = {
enable = true;
openFirewall = true;
group = "users";
};
#
home-assistant = {
enable = true;
@ -248,11 +282,13 @@ in
# "!secret famiglia_t_chat_id"
# ];
# }];
tts = [{
platform = "google_translate";
language = "it";
# tld = "it";
}];
tts = [
{
platform = "google_translate";
language = "it";
# tld = "it";
}
];
};
configDir = "/var/lib/hass";
configWritable = true;
@ -338,37 +374,74 @@ in
prometheus = {
enable = true;
exporters = {
node = { enable = true; enabledCollectors = [ "systemd" ]; };
node = {
enable = true;
enabledCollectors = [ "systemd" ];
};
process = {
enable = true;
settings.process_names = [
# Remove nix store path from process name
{ name = "{{.Matches.Wrapped}} {{ .Matches.Args }}"; cmdline = [ "^/nix/store[^ ]*/(?P<Wrapped>[^ /]*) (?P<Args>.*)" ]; }
{
name = "{{.Matches.Wrapped}} {{ .Matches.Args }}";
cmdline = [ "^/nix/store[^ ]*/(?P<Wrapped>[^ /]*) (?P<Args>.*)" ];
}
];
};
systemd.enable = true;
};
globalConfig = { scrape_interval = "10s"; };
globalConfig = {
scrape_interval = "10s";
};
scrapeConfigs = [
{ job_name = "node"; static_configs = [{ targets = [ "localhost:${toString config.services.prometheus.exporters.node.port}" ]; }]; }
{ job_name = "process"; static_configs = [{ targets = [ "localhost:${toString config.services.prometheus.exporters.process.port}" ]; }]; }
{ job_name = "systemd"; static_configs = [{ targets = [ "localhost:${toString config.services.prometheus.exporters.systemd.port}" ]; }]; }
{
job_name = "node";
static_configs = [
{ targets = [ "localhost:${toString config.services.prometheus.exporters.node.port}" ]; }
];
}
{
job_name = "process";
static_configs = [
{ targets = [ "localhost:${toString config.services.prometheus.exporters.process.port}" ]; }
];
}
{
job_name = "systemd";
static_configs = [
{ targets = [ "localhost:${toString config.services.prometheus.exporters.systemd.port}" ]; }
];
}
];
retentionTime = "15d";
};
snapper.configs =
let
common = { TIMELINE_CREATE = true; TIMELINE_CLEANUP = true; };
common = {
TIMELINE_CREATE = true;
TIMELINE_CLEANUP = true;
};
in
{
bertof = lib.recursiveUpdate common { SUBVOLUME = "/mnt/raid/bertof/"; ALLOW_USERS = [ "bertof" ]; };
tiziano = lib.recursiveUpdate common { SUBVOLUME = "/mnt/raid/tiziano/"; ALLOW_USERS = [ "tiziano" ]; };
condiviso = lib.recursiveUpdate common { SUBVOLUME = "/mnt/raid/condiviso"; ALLOW_USERS = [ "bertof" "tiziano" ]; };
bertof = lib.recursiveUpdate common {
SUBVOLUME = "/mnt/raid/bertof/";
ALLOW_USERS = [ "bertof" ];
};
tiziano = lib.recursiveUpdate common {
SUBVOLUME = "/mnt/raid/tiziano/";
ALLOW_USERS = [ "tiziano" ];
};
condiviso = lib.recursiveUpdate common {
SUBVOLUME = "/mnt/raid/condiviso";
ALLOW_USERS = [
"bertof"
"tiziano"
];
};
};
};
time.timeZone = "Europe/Rome";
users.users = {
@ -393,4 +466,3 @@ in
system.stateVersion = "24.05";
}

22
instances/heimdall/hardware-configuration.nix
View file

@ -1,14 +1,26 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, modulesPath, ... }:
{ config
, lib
, modulesPath
, ...
}:
{
imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
boot = {
initrd = {
availableKernelModules = [ "xhci_pci" "ahci" "ehci_pci" "nvme" "usb_storage" "usbhid" "sd_mod" ];
availableKernelModules = [
"xhci_pci"
"ahci"
"ehci_pci"
"nvme"
"usb_storage"
"usbhid"
"sd_mod"
];
kernelModules = [ ];
};
kernelModules = [ "kvm-amd" ];
@ -29,7 +41,10 @@
"/boot" = {
device = "/dev/disk/by-uuid/7F42-D513";
fsType = "vfat";
options = [ "fmask=0022" "dmask=0022" ];
options = [
"fmask=0022"
"dmask=0022"
];
};
};
@ -47,4 +62,3 @@
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
}

16
instances/heimdall/hm.nix
View file

@ -1,13 +1,22 @@
{ pkgs, ... }: {
{ pkgs, ... }:
{
home = {
language.base = "it_IT.UTF-8";
keyboard = {
layout = "it";
options = [ "terminate:ctrl_alt_bksp" "compose:rctrl" ];
options = [
"terminate:ctrl_alt_bksp"
"compose:rctrl"
];
};
packages = builtins.attrValues {
inherit (pkgs)
cava gallery-dl procps wireguard-tools httpie;
cava
gallery-dl
procps
wireguard-tools
httpie
;
};
};
@ -22,4 +31,3 @@
home.stateVersion = "22.11";
}

146
instances/loki/configuration.nix
View file

@ -5,16 +5,28 @@ in
{
age.secrets = {
ntfy-loki = { file = ../../secrets/ntfy-loki.age; owner = "bertof"; };
ntfy-loki = {
file = ../../secrets/ntfy-loki.age;
owner = "bertof";
};
};
boot = {
binfmt.emulatedSystems = [ "armv7l-linux" "aarch64-linux" ];
binfmt.emulatedSystems = [
"armv7l-linux"
"aarch64-linux"
];
# kernelPackages = pkgs.linuxPackages_latest;
loader = { systemd-boot.enable = true; efi.canTouchEfiVariables = true; };
loader = {
systemd-boot.enable = true;
efi.canTouchEfiVariables = true;
};
};
console = { font = "Lat2-Terminus16"; keyMap = "it"; };
console = {
font = "Lat2-Terminus16";
keyMap = "it";
};
environment = {
pathsToLink = [ "/share/zsh" ];
@ -36,7 +48,12 @@ in
opengl = {
enable = true;
extraPackages = builtins.attrValues {
inherit (pkgs) intel-media-driver libvdpau-va-gl vaapiIntel vaapiVdpau;
inherit (pkgs)
intel-media-driver
libvdpau-va-gl
vaapiIntel
vaapiVdpau
;
};
};
@ -81,16 +98,29 @@ in
};
# bazarr = { enable = true; openFirewall = true; group = "users"; };
blueman.enable = true;
dbus = { packages = [ pkgs.dconf ]; implementation = "broker"; };
esphome = { enable = true; openFirewall = true; };
dbus = {
packages = [ pkgs.dconf ];
implementation = "broker";
};
esphome = {
enable = true;
openFirewall = true;
};
# fail2ban = { enable = true; bantime-increment.enable = true; };
gnome.gnome-keyring.enable = true;
gvfs.enable = true;
# jackett = { enable = true; openFirewall = true; group = "users"; };
jellyfin = { enable = true; openFirewall = true; group = "users"; };
jellyfin = {
enable = true;
openFirewall = true;
group = "users";
};
logind.lidSwitch = "ignore";
# node-red = { enable = true; openFirewall = true; withNpmAndGcc = true; };
openssh = { enable = true; openFirewall = true; };
openssh = {
enable = true;
openFirewall = true;
};
# plex = { enable = true; openFirewall = true; group = "users"; };
power-profiles-daemon.enable = true;
# prowlarr = { enable = true; openFirewall = true; };
@ -201,7 +231,11 @@ in
};
tiziano = {
isNormalUser = true;
extraGroups = [ "audio" "input" "video" ];
extraGroups = [
"audio"
"input"
"video"
];
openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMExwtJFk6HjySrTZwJH67SOHC3hlL28NO4oe2GXsv6k"
];
@ -241,8 +275,7 @@ in
138 # SYNCTHING
3702 # SAMBA-WSDD
];
extraCommands =
"iptables -t raw -A OUTPUT -p udp -m udp --dport 137 -j CT --helper netbios-ns";
extraCommands = "iptables -t raw -A OUTPUT -p udp -m udp --dport 137 -j CT --helper netbios-ns";
};
virtualisation = {
@ -306,9 +339,21 @@ in
assist_pipeline = { };
# bluetooth = { };
camera = [
{ platform = "local_file"; file_path = "/tmp/doods_camera_camera_cancello.jpg"; name = "File DOODS2 Camera cancello"; }
{ platform = "local_file"; file_path = "/tmp/doods_camera_camera_vialetto.jpg"; name = "File DOODS2 Camera vialetto"; }
{ platform = "local_file"; file_path = "/tmp/doods_camera_camera_garage.jpg"; name = "File DOODS2 Camera garage"; }
{
platform = "local_file";
file_path = "/tmp/doods_camera_camera_cancello.jpg";
name = "File DOODS2 Camera cancello";
}
{
platform = "local_file";
file_path = "/tmp/doods_camera_camera_vialetto.jpg";
name = "File DOODS2 Camera vialetto";
}
{
platform = "local_file";
file_path = "/tmp/doods_camera_camera_garage.jpg";
name = "File DOODS2 Camera garage";
}
];
cloud = { };
config = { };
@ -322,14 +367,30 @@ in
url = "http://localhost:8080";
detector = "default";
source = [
{ entity_id = "camera.camera_camera_cancello"; name = "DOODS2 Camera cancello"; }
{ entity_id = "camera.camera_camera_vialetto"; name = "DOODS2 Camera vialetto"; }
{ entity_id = "camera.camera_camera_garage"; name = "DOODS2 Camera garage"; }
{
entity_id = "camera.camera_camera_cancello";
name = "DOODS2 Camera cancello";
}
{
entity_id = "camera.camera_camera_vialetto";
name = "DOODS2 Camera vialetto";
}
{
entity_id = "camera.camera_camera_garage";
name = "DOODS2 Camera garage";
}
];
confidence = 60;
file_out = "/tmp/doods_{{ camera_entity.split('.')[1] }}.jpg";
scan_interval = 5;
labels = [ "bicycle" "car" "cat" "dog" "person" "truck" ];
labels = [
"bicycle"
"car"
"cat"
"dog"
"person"
"truck"
];
}
];
# esphome = { };
@ -384,11 +445,13 @@ in
# "!secret famiglia_t_chat_id"
# ];
# }];
tts = [{
platform = "google_translate";
language = "it";
# tld = "it";
}];
tts = [
{
platform = "google_translate";
language = "it";
# tld = "it";
}
];
};
configDir = "/var/lib/hass";
configWritable = true;
@ -473,21 +536,44 @@ in
services.prometheus = {
enable = true;
exporters = {
node = { enable = true; enabledCollectors = [ "systemd" ]; };
node = {
enable = true;
enabledCollectors = [ "systemd" ];
};
process = {
enable = true;
settings.process_names = [
# Remove nix store path from process name
{ name = "{{.Matches.Wrapped}} {{ .Matches.Args }}"; cmdline = [ "^/nix/store[^ ]*/(?P<Wrapped>[^ /]*) (?P<Args>.*)" ]; }
{
name = "{{.Matches.Wrapped}} {{ .Matches.Args }}";
cmdline = [ "^/nix/store[^ ]*/(?P<Wrapped>[^ /]*) (?P<Args>.*)" ];
}
];
};
systemd.enable = true;
};
globalConfig = { scrape_interval = "10s"; };
globalConfig = {
scrape_interval = "10s";
};
scrapeConfigs = [
{ job_name = "node"; static_configs = [{ targets = [ "localhost:${toString config.services.prometheus.exporters.node.port}" ]; }]; }
{ job_name = "process"; static_configs = [{ targets = [ "localhost:${toString config.services.prometheus.exporters.process.port}" ]; }]; }
{ job_name = "systemd"; static_configs = [{ targets = [ "localhost:${toString config.services.prometheus.exporters.systemd.port}" ]; }]; }
{
job_name = "node";
static_configs = [
{ targets = [ "localhost:${toString config.services.prometheus.exporters.node.port}" ]; }
];
}
{
job_name = "process";
static_configs = [
{ targets = [ "localhost:${toString config.services.prometheus.exporters.process.port}" ]; }
];
}
{
job_name = "systemd";
static_configs = [
{ targets = [ "localhost:${toString config.services.prometheus.exporters.systemd.port}" ]; }
];
}
];
retentionTime = "15d";
};

26
instances/loki/hardware-configuration.nix
View file

@ -1,14 +1,26 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, modulesPath, ... }:
{ config
, lib
, modulesPath
, ...
}:
{
imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
boot = {
initrd = {
availableKernelModules = [ "xhci_pci" "ehci_pci" "ahci" "uas" "usb_storage" "sd_mod" "rtsx_pci_sdmmc" ];
availableKernelModules = [
"xhci_pci"
"ehci_pci"
"ahci"
"uas"
"usb_storage"
"sd_mod"
"rtsx_pci_sdmmc"
];
kernelModules = [ ];
};
kernelModules = [ "kvm-intel" ];
@ -46,10 +58,12 @@
# };
};
swapDevices = [{
device = "/swapfile";
size = 1024 * 4;
}];
swapDevices = [
{
device = "/swapfile";
size = 1024 * 4;
}
];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's

5
instances/loki/hm.nix
View file

@ -3,7 +3,10 @@
language.base = "it_IT.UTF-8";
keyboard = {
layout = "it";
options = [ "terminate:ctrl_alt_bksp" "compose:rctrl" ];
options = [
"terminate:ctrl_alt_bksp"
"compose:rctrl"
];
};
};

5
instances/loki/hm_tiziano.nix
View file

@ -3,7 +3,10 @@
language.base = "it_IT.UTF-8";
keyboard = {
layout = "it";
options = [ "terminate:ctrl_alt_bksp" "compose:rctrl" ];
options = [
"terminate:ctrl_alt_bksp"
"compose:rctrl"
];
};
};

107
instances/odin/common_configuration.nix
View file

@ -1,13 +1,18 @@
{ config, pkgs, lib, ... }:
{ config
, pkgs
, lib
, ...
}:
{
age.secrets = {
ntfy-odin = { file = ../../secrets/ntfy-odin.age; owner = "bertof"; };
ntfy-odin = {
file = ../../secrets/ntfy-odin.age;
owner = "bertof";
};
odin_wg_priv.file = ../../secrets/odin_wg_priv.age;
};
# Use the systemd-boot EFI boot loader.
boot = {
# kernelPackages = pkgs.linuxPackages_latest;
@ -15,11 +20,20 @@
# kernelPackages = pkgs.linuxPackages_6_8;
kernelParams = [ "acpi_osi=Linux-Dell-Video" ];
initrd.checkJournalingFS = true; # Use same ACPI identifier as Dell Ubuntu
loader = { systemd-boot = { enable = true; editor = false; }; efi.canTouchEfiVariables = true; };
loader = {
systemd-boot = {
enable = true;
editor = false;
};
efi.canTouchEfiVariables = true;
};
extraModulePackages = with config.boot.kernelPackages; [ v4l2loopback ];
# Cross-build arm
binfmt.emulatedSystems = [ "armv7l-linux" "aarch64-linux" ];
binfmt.emulatedSystems = [
"armv7l-linux"
"aarch64-linux"
];
};
hardware = {
@ -33,15 +47,22 @@
driSupport = true;
driSupport32Bit = true;
extraPackages = builtins.attrValues {
inherit (pkgs) intel-media-driver vaapiIntel vaapiVdpau libvdpau-va-gl;
inherit (pkgs)
intel-media-driver
vaapiIntel
vaapiVdpau
libvdpau-va-gl
;
};
};
# Tablet
opentabletdriver = { enable = true; daemon.enable = true; };
opentabletdriver = {
enable = true;
daemon.enable = true;
};
};
networking = {
hostName = "odin";
networkmanager.enable = true;
@ -113,7 +134,10 @@
options = "eurosign:e,terminate:ctrl_alt_bksp,compose:rctrl,grp:menu_toggle";
};
displayManager.gdm = { enable = true; autoSuspend = false; };
displayManager.gdm = {
enable = true;
autoSuspend = false;
};
# displayManager.sddm = {
# enable = true;
# autoNumlock = true;
@ -121,7 +145,10 @@
# "${pkgs.sddm-theme-clairvoyance}/usr/share/sddm/themes/clairvoyance";
# };
};
displayManager = { enable = true; defaultSession = "hyprland"; };
displayManager = {
enable = true;
defaultSession = "hyprland";
};
libinput.enable = true;
keybase.enable = true;
@ -130,7 +157,10 @@
enable = true;
pulse.enable = true;
jack.enable = true;
alsa = { enable = true; support32Bit = true; };
alsa = {
enable = true;
support32Bit = true;
};
# media-session.enable = true;
};
@ -145,7 +175,10 @@
};
# Disable auto handling of power button
logind = { powerKey = "ignore"; lidSwitch = "hibernate"; };
logind = {
powerKey = "ignore";
lidSwitch = "hibernate";
};
};
# Set your time zone.
@ -160,22 +193,43 @@
environment = {
pathsToLink = [ "/share/zsh" ];
sessionVariables.LD_LIBRARY_PATH = lib.mkForce
"${config.services.pipewire.package.jack}/lib"; # Temporary fix for WebKitGTK
systemPackages = builtins.attrValues { inherit (pkgs) tmux helix vim git ntfs3g; };
sessionVariables.LD_LIBRARY_PATH = lib.mkForce "${config.services.pipewire.package.jack}/lib"; # Temporary fix for WebKitGTK
systemPackages = builtins.attrValues {
inherit (pkgs)
tmux
helix
vim
git
ntfs3g
;
};
};
# Define a user account. Don't forget to set a password with passwd.
users.users.bertof = {
isNormalUser = true;
extraGroups = [ "audio" "input" "docker" "flashrom" "libvirtd" "network" "networkmanager" "usb" "video" "wheel" ];
extraGroups = [
"audio"
"input"
"docker"
"flashrom"
"libvirtd"
"network"
"networkmanager"
"usb"
"video"
"wheel"
];
shell = pkgs.zsh;
};
programs = {
dconf.enable = true;
flashrom.enable = true;
gnupg.agent = { enable = true; enableSSHSupport = true; };
gnupg.agent = {
enable = true;
enableSSHSupport = true;
};
steam = {
enable = true;
package = pkgs.steam.override {
@ -267,7 +321,10 @@
power-profiles-daemon.enable = true;
fprintd = {
enable = true;
tod = { enable = true; driver = pkgs.libfprint-2-tod1-goodix; };
tod = {
enable = true;
driver = pkgs.libfprint-2-tod1-goodix;
};
};
};
@ -286,7 +343,6 @@
# updater.enable = true;
# };
# services.teamviewer.enable = true;
# Virtualisation
@ -294,12 +350,14 @@
# vswitch.enable = true;
# docker.enable = true;
kvmgt.enable = true;
libvirtd = { enable = true; qemu.swtpm.enable = true; };
libvirtd = {
enable = true;
qemu.swtpm.enable = true;
};
podman.enable = true;
# virtualbox.host.enable = true;
};
security.sudo.extraConfig = ''
Defaults pwfeedback
'';
@ -308,9 +366,7 @@
nixpkgs.config = {
allowUnfree = true;
packageOverrides = pkgs: {
steam = pkgs.steam.override { extraPkgs = pkgs: [ pkgs.icu ]; };
};
packageOverrides = pkgs: { steam = pkgs.steam.override { extraPkgs = pkgs: [ pkgs.icu ]; }; };
};
zramSwap.enable = true;
@ -323,4 +379,3 @@
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
system.stateVersion = "22.11"; # Did you read the comment?
}

5
instances/odin/configuration-intel.nix
View file

@ -5,7 +5,10 @@
{
boot = {
initrd.kernelModules = [ "i915" ];
blacklistedKernelModules = [ "nouveau" "nvidia" ];
blacklistedKernelModules = [
"nouveau"
"nvidia"
];
};
# This runs only Intel and nvidia does not drain power.

11
instances/odin/configuration-nvidia.nix
View file

@ -1,9 +1,16 @@
# Edit this configuration file to define what should be installed on
# your system. Help is available in the configuration.nix(5) man page
# and in the NixOS manual (accessible by running nixos-help).
{ pkgs, lib, config, ... }: {
{ pkgs
, lib
, config
, ...
}:
{
boot = { initrd.kernelModules = [ "i915" ]; };
boot = {
initrd.kernelModules = [ "i915" ];
};
hardware.nvidia = {
# modesetting.enable = true;

80
instances/odin/hardware-configuration.nix
View file

@ -1,14 +1,23 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, modulesPath, ... }:
{ config
, lib
, modulesPath
, ...
}:
{
imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
boot = {
initrd = {
availableKernelModules = [ "xhci_pci" "ahci" "nvme" "sd_mod" ];
availableKernelModules = [
"xhci_pci"
"ahci"
"nvme"
"sd_mod"
];
kernelModules = [ ];
};
kernelModules = [ "kvm-intel" ];
@ -19,52 +28,92 @@
"/" = {
device = "/dev/disk/by-uuid/c6e3d4df-4861-48a5-8107-d6fd1addad8c";
fsType = "btrfs";
options = [ "space_cache=v2" "subvol=@root" "x-gvfs-hide" ];
options = [
"space_cache=v2"
"subvol=@root"
"x-gvfs-hide"
];
};
"/nix" = {
device = "/dev/disk/by-uuid/c6e3d4df-4861-48a5-8107-d6fd1addad8c";
fsType = "btrfs";
options = [ "space_cache=v2" "subvol=@nix" "x-gvfs-hide" ];
options = [
"space_cache=v2"
"subvol=@nix"
"x-gvfs-hide"
];
};
"/home/bertof" = {
device = "/dev/disk/by-uuid/c6e3d4df-4861-48a5-8107-d6fd1addad8c";
fsType = "btrfs";
options = [ "space_cache=v2" "subvol=@bertof/@home" "x-gvfs-hide" ];
options = [
"space_cache=v2"
"subvol=@bertof/@home"
"x-gvfs-hide"
];
};
"/home/bertof/Giochi/SSD" = {
device = "/dev/disk/by-uuid/c6e3d4df-4861-48a5-8107-d6fd1addad8c";
fsType = "btrfs";
options = [ "space_cache=v2" "subvol=@bertof/@games" "x-gvfs-hide" ];
options = [
"space_cache=v2"
"subvol=@bertof/@games"
"x-gvfs-hide"
];
};
"/home/bertof/Video" = {
device = "/dev/disk/by-uuid/c6e3d4df-4861-48a5-8107-d6fd1addad8c";
fsType = "btrfs";
options = [ "space_cache=v2" "subvol=@bertof/@videos" "x-gvfs-hide" ];
options = [
"space_cache=v2"
"subvol=@bertof/@videos"
"x-gvfs-hide"
];
};
"/home/bertof/Musica" = {
device = "/dev/disk/by-uuid/c6e3d4df-4861-48a5-8107-d6fd1addad8c";
fsType = "btrfs";
options = [ "space_cache=v2" "subvol=@bertof/@music" "x-gvfs-hide" ];
options = [
"space_cache=v2"
"subvol=@bertof/@music"
"x-gvfs-hide"
];
};
"/home/bertof/Immagini" = {
device = "/dev/disk/by-uuid/c6e3d4df-4861-48a5-8107-d6fd1addad8c";
fsType = "btrfs";
options = [ "space_cache=v2" "subvol=@bertof/@images" "x-gvfs-hide" ];
options = [
"space_cache=v2"
"subvol=@bertof/@images"
"x-gvfs-hide"
];
};
"/home/bertof/Scaricati" = {
device = "/dev/disk/by-uuid/c6e3d4df-4861-48a5-8107-d6fd1addad8c";
fsType = "btrfs";
options = [ "space_cache=v2" "subvol=@bertof/@downloads" "x-gvfs-hide" ];
options = [
"space_cache=v2"
"subvol=@bertof/@downloads"
"x-gvfs-hide"
];
};
"/home/bertof/Documenti" = {
device = "/dev/disk/by-uuid/c6e3d4df-4861-48a5-8107-d6fd1addad8c";
fsType = "btrfs";
options = [ "space_cache=v2" "subvol=@bertof/@documents" "x-gvfs-hide" ];
options = [
"space_cache=v2"
"subvol=@bertof/@documents"
"x-gvfs-hide"
];
};
"/home/bertof/Documenti/Git" = {
device = "/dev/disk/by-uuid/c6e3d4df-4861-48a5-8107-d6fd1addad8c";
fsType = "btrfs";
options = [ "space_cache=v2" "subvol=@bertof/@git" "x-gvfs-hide" ];
options = [
"space_cache=v2"
"subvol=@bertof/@git"
"x-gvfs-hide"
];
};
"/boot" = {
device = "/dev/disk/by-uuid/82DB-3444";
@ -72,9 +121,7 @@
};
};
swapDevices = [
{ device = "/dev/disk/by-uuid/5f3cf424-2bd8-4352-a778-1bb067cb5700"; }
];
swapDevices = [{ device = "/dev/disk/by-uuid/5f3cf424-2bd8-4352-a778-1bb067cb5700"; }];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
@ -90,6 +137,5 @@
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
hardware.cpu.intel.updateMicrocode =
lib.mkDefault config.hardware.enableRedistributableFirmware;
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
}

13
instances/odin/hm.nix
View file

@ -1,10 +1,15 @@
{ pkgs, ... }: {
{ pkgs, ... }:
{
home = {
language.base = "it_IT.UTF-8";
keyboard = {
layout = "it,us,us";
variant = ",,colemak";
options = [ "terminate:ctrl_alt_bksp" "compose:rctrl" "grp:menu_toggle" ];
options = [
"terminate:ctrl_alt_bksp"
"compose:rctrl"
"grp:menu_toggle"
];
};
packages = builtins.attrValues {
inherit (pkgs)
@ -62,7 +67,9 @@
};
};
services = { gnome-keyring.enable = true; };
services = {
gnome-keyring.enable = true;
};
xsession = {
enable = true;

103
instances/thor/configuration.nix
View file

@ -1,14 +1,26 @@
{ lib, config, pkgs, ... }:
{ lib
, config
, pkgs
, ...
}:
{
age.secrets = {
thor_wg_priv = { file = ../../secrets/thor_wg_priv.age; };
ntfy-thor = { file = ../../secrets/ntfy-thor.age; owner = "bertof"; };
thor_wg_priv = {
file = ../../secrets/thor_wg_priv.age;
};
ntfy-thor = {
file = ../../secrets/ntfy-thor.age;
owner = "bertof";
};
};
boot = {
kernelModules = [ "hid-nintendo" ];
binfmt.emulatedSystems = [ "armv7l-linux" "aarch64-linux" ];
binfmt.emulatedSystems = [
"armv7l-linux"
"aarch64-linux"
];
# kernelPackages = pkgs.linuxPackages_latest;
# kernelPackages = pkgs.linuxPackages_6_1;
extraModulePackages = with config.boot.kernelPackages; [ v4l2loopback ];
@ -42,7 +54,14 @@
environment = {
pathsToLink = [ "/share/zsh" ];
systemPackages = builtins.attrValues { inherit (pkgs) git helix tmux vim; };
systemPackages = builtins.attrValues {
inherit (pkgs)
git
helix
tmux
vim
;
};
};
hardware = {
@ -61,7 +80,6 @@
};
};
opengl.enable = true;
bluetooth = {
enable = true;
@ -69,7 +87,10 @@
};
enableRedistributableFirmware = true;
pulseaudio.enable = false;
opentabletdriver = { enable = true; daemon.enable = true; };
opentabletdriver = {
enable = true;
daemon.enable = true;
};
};
i18n.defaultLocale = "it_IT.UTF-8";
@ -100,15 +121,24 @@
wg-quick.interfaces = {
wg0 = {
autostart = false;
address = [ "10.0.0.4/24" "fdc9:281f:04d7:9ee9::4/64" ];
dns = [ "10.0.0.1" "fdc9:281f:04d7:9ee9::1" ];
address = [
"10.0.0.4/24"
"fdc9:281f:04d7:9ee9::4/64"
];
dns = [
"10.0.0.1"
"fdc9:281f:04d7:9ee9::1"
];
privateKeyFile = config.age.secrets.thor_wg_priv.path;
peers = [
{
# baldur
# allowedIPs = [ "10.0.0.3/32" "fdc9:281f:04d7:9ee9::3/128" ];
allowedIPs = [ "0.0.0.0/0" "::/0" ];
allowedIPs = [
"0.0.0.0/0"
"::/0"
];
endpoint = "baldur.bertof.net:51820";
presharedKeyFile = config.age.secrets.wg_psk.path;
publicKey = "K57ikgFSR1O0CXWBxfQEu7uxSOsp3ePj/NMRets5pVc=";
@ -117,19 +147,28 @@
# odin
publicKey = "LDBhvzeYmHJ0z5ch+N559GWjT3It1gZvGR/9WtCfURw=";
presharedKeyFile = config.age.secrets.wg_psk.path;
allowedIPs = [ "10.0.0.2/24" "fdc9:281f:04d7:9ee9::2/128" ];
allowedIPs = [
"10.0.0.2/24"
"fdc9:281f:04d7:9ee9::2/128"
];
}
{
# oppo
publicKey = "OBk6bHKuIYLwD7cwjmAuMn57jXqbDwCL52jhQxiHnnA=";
presharedKeyFile = config.age.secrets.wg_psk.path;
allowedIPs = [ "10.0.0.3/24" "fdc9:281f:04d7:9ee9::3/128" ];
allowedIPs = [
"10.0.0.3/24"
"fdc9:281f:04d7:9ee9::3/128"
];
}
{
# thor
publicKey = "rpwR6n4IE96VZAmQDBufsWE/a9G7d8fpkvY1OwsbOhk=";
presharedKeyFile = config.age.secrets.wg_psk.path;
allowedIPs = [ "10.0.0.4/24" "fdc9:281f:04d7:9ee9::4/128" ];
allowedIPs = [
"10.0.0.4/24"
"fdc9:281f:04d7:9ee9::4/128"
];
}
];
};
@ -159,7 +198,10 @@
# daemon.enable = true;
# updater.enable = true;
# };
dbus = { packages = [ pkgs.dconf ]; implementation = "broker"; };
dbus = {
packages = [ pkgs.dconf ];
implementation = "broker";
};
gnome.gnome-keyring.enable = true;
gvfs = {
enable = true;
@ -168,10 +210,16 @@
# joycond.enable = true;
keybase.enable = true;
onedrive.enable = true;
openssh = { enable = true; openFirewall = true; };
openssh = {
enable = true;
openFirewall = true;
};
pipewire = {
enable = true;
alsa = { enable = true; support32Bit = true; };
alsa = {
enable = true;
support32Bit = true;
};
jack.enable = true;
pulse.enable = true;
# media-session.enable = true;
@ -206,17 +254,22 @@
xserver = {
enable = true;
desktopManager.gnome.enable = true;
displayManager.gdm = { enable = true; autoSuspend = false; };
displayManager.gdm = {
enable = true;
autoSuspend = false;
};
# windowManager.bspwm = { enable = true; };
videoDrivers = [ "nvidia" ];
xkb = {
layout = "us,it";
options = "eurosign:e,terminate:ctrl_alt_bksp,compose:rctrl,grp:menu_toggle";
};
xrandrHeads = [{
primary = true;
output = "DP-2";
}];
xrandrHeads = [
{
primary = true;
output = "DP-2";
}
];
};
# gnome.gnome-remote-desktop.enable = true;
};
@ -226,7 +279,9 @@
security = {
tpm2.enable = true;
rtkit.enable = true;
pam.services = { autounlock_gnome_keyring.enableGnomeKeyring = true; };
pam.services = {
autounlock_gnome_keyring.enableGnomeKeyring = true;
};
sudo.extraConfig = ''
Defaults pwfeedback
'';
@ -261,9 +316,7 @@
nixpkgs.config = {
allowUnfree = true;
packageOverrides = pkgs: {
steam = pkgs.steam.override { extraPkgs = pkgs: [ pkgs.icu ]; };
};
packageOverrides = pkgs: { steam = pkgs.steam.override { extraPkgs = pkgs: [ pkgs.icu ]; }; };
# cudaSupport = true;
};

38
instances/thor/hardware-configuration.nix
View file

@ -9,7 +9,14 @@
boot = {
extraModulePackages = [ ];
initrd = {
availableKernelModules = [ "nvme" "xhci_pci" "ahci" "usb_storage" "usbhid" "sd_mod" ];
availableKernelModules = [
"nvme"
"xhci_pci"
"ahci"
"usb_storage"
"usbhid"
"sd_mod"
];
kernelModules = [ "dm-snapshot" ];
};
kernelModules = [ "kvm-amd" ];
@ -19,7 +26,13 @@
"/" = {
device = "/dev/disk/by-uuid/6c06428e-c296-4ef1-8429-62bafb860126";
fsType = "btrfs";
options = [ "subvol=@root" "x-gvfs-hide" "space_cache=v2" "discard" "compress-force=zstd:1" ];
options = [
"subvol=@root"
"x-gvfs-hide"
"space_cache=v2"
"discard"
"compress-force=zstd:1"
];
};
"/boot" = {
device = "/dev/disk/by-uuid/B9D2-255C";
@ -28,17 +41,32 @@
"/home/bertof" = {
device = "/dev/disk/by-uuid/6c06428e-c296-4ef1-8429-62bafb860126";
fsType = "btrfs";
options = [ "subvol=@home_bertof" "x-gvfs-hide" "space_cache=v2" "discard" "compress-force=zstd:1" ];
options = [
"subvol=@home_bertof"
"x-gvfs-hide"
"space_cache=v2"
"discard"
"compress-force=zstd:1"
];
};
"/nix" = {
device = "/dev/disk/by-uuid/6c06428e-c296-4ef1-8429-62bafb860126";
fsType = "btrfs";
options = [ "subvol=@nix" "x-gvfs-hide" "space_cache=v2" "discard" "compress-force=zstd:1" ];
options = [
"subvol=@nix"
"x-gvfs-hide"
"space_cache=v2"
"discard"
"compress-force=zstd:1"
];
};
};
swapDevices = [
{ device = "/dev/disk/by-uuid/dee188e4-4ff8-417c-9419-b7f00ecb9989"; }
{ device = "/swapfile"; size = 1024 * 32; }
{
device = "/swapfile";
size = 1024 * 32;
}
];
}

17
instances/thor/hm.nix
View file

@ -1,10 +1,15 @@
{ pkgs, ... }: {
{ pkgs, ... }:
{
home = {
language.base = "it_IT.UTF-8";
keyboard = {
layout = "us,it";
variant = ",colemak,";
options = [ "terminate:ctrl_alt_bksp" "compose:rctrl" "grp:menu_toggle" ];
options = [
"terminate:ctrl_alt_bksp"
"compose:rctrl"
"grp:menu_toggle"
];
};
packages = builtins.attrValues {
inherit (pkgs)
@ -58,13 +63,13 @@
# seahorse
totem
;
inherit (pkgs.unstable_pkgs)
heroic
;
inherit (pkgs.unstable_pkgs) heroic;
};
};
services = { gnome-keyring.enable = true; };
services = {
gnome-keyring.enable = true;
};
imports = [
../../modules/hm/__basic.nix