diff --git a/flake.lock b/flake.lock index f96ffa4..0808251 100644 --- a/flake.lock +++ b/flake.lock @@ -893,11 +893,11 @@ "mysecrets": { "flake": false, "locked": { - "lastModified": 1746627807, - "narHash": "sha256-INMl9/jVAZXtkDzQCl/x5bDJeBUZ/GcjJQ0eEvBwpvQ=", + "lastModified": 1748354061, + "narHash": "sha256-2m/sZ+AskdRBQzQfiw7kjDFrBHeHIdyKW/pM7uMmSy4=", "ref": "refs/heads/main", - "rev": "63eda92f2a5c3be31ed28beeadecd756bab576f5", - "revCount": 23, + "rev": "7c65ced56404f49a8d69a051fac04e8789edb97c", + "revCount": 24, "type": "git", "url": "ssh://gitea@gitea.linerds.us/unexplrd/nix-secrets" }, diff --git a/hosts/morphius/configuration.nix b/hosts/morphius/configuration.nix new file mode 100644 index 0000000..95d602b --- /dev/null +++ b/hosts/morphius/configuration.nix @@ -0,0 +1,49 @@ +{ + inputs, + pkgs, + ... +}: { + imports = with inputs; [ + self.nixosModules.desktop + self.nixosModules.system + self.nixosModules.config + ./disko + ./hardware + ./misc + ]; + + networking = { + networkmanager.enable = true; + # hostId = "31150fae"; + hostName = "morphius"; + }; + + boot.loader.systemd-boot.enable = true; + environment.memoryAllocator.provider = "mimalloc"; + system.stateVersion = "25.11"; + time.timeZone = "Europe/Kyiv"; + + desktop.plasma.enable = true; + # services.greetd.settings.initial_session = { + # user = "user"; + # command = "${pkgs.niri}/bin/niri-session"; + # }; + + module = { + config = { + # laptop.homeRowMods = true; + powerSave = true; + useIwd = true; + vaapi = "intel-media-driver"; + }; + stylix = { + enable = true; + theme = "rose-pine-moon"; + }; + }; + + locale.ukrainian.enable = true; + opentabletdriver.enable = false; + qmk-vial.enable = true; + virtual.libvirt.enable = true; +} diff --git a/hosts/morphius/disko/default.nix b/hosts/morphius/disko/default.nix new file mode 100644 index 0000000..aa8982a --- /dev/null +++ b/hosts/morphius/disko/default.nix @@ -0,0 +1,14 @@ +{inputs, ...}: let + disk = "/dev/nvme0n1"; +in { + imports = with inputs; [ + disko.nixosModules.disko + ]; + disko.devices.nodev = { + "/tmp" = { + fsType = "tmpfs"; + mountOptions = ["rw" "nosuid" "nodev"]; + }; + }; + disko.devices.disk.main = import ./disk-main.nix {inherit disk;}; +} diff --git a/hosts/morphius/disko/disk-main.nix b/hosts/morphius/disko/disk-main.nix new file mode 100644 index 0000000..bb72895 --- /dev/null +++ b/hosts/morphius/disko/disk-main.nix @@ -0,0 +1,70 @@ +{disk, ...}: { + type = "disk"; + device = disk; + content = { + type = "gpt"; + partitions = { + ESP = { + size = "1G"; + type = "EF00"; + content = { + type = "filesystem"; + format = "vfat"; + mountpoint = "/boot"; + mountOptions = [ + "umask=0077" + "fmask=0022" + "dmask=0022" + "noexec" + "nosuid" + "nodev" + ]; + }; + }; + luks = { + size = "100%"; + content = { + type = "luks"; + name = "luks-main"; + initrdUnlock = true; + settings.allowDiscards = true; + content = { + type = "btrfs"; + extraArgs = ["-f"]; + subvolumes = { + "@nixos-root" = { + mountpoint = "/"; + mountOptions = [ + "compress=zstd" + "noatime" + "noexec" + ]; + }; + "@home" = { + mountpoint = "/home"; + mountOptions = [ + "compress=zstd" + "noatime" + ]; + }; + "@storage" = { + mountpoint = "/storage"; + mountOptions = [ + "compress=zstd" + "noatime" + ]; + }; + "@nix" = { + mountpoint = "/nix"; + mountOptions = [ + "compress-force=zstd" + "noatime" + ]; + }; + }; + }; + }; + }; + }; + }; +} diff --git a/hosts/morphius/hardware/default.nix b/hosts/morphius/hardware/default.nix new file mode 100644 index 0000000..40f8d46 --- /dev/null +++ b/hosts/morphius/hardware/default.nix @@ -0,0 +1,11 @@ +{ + imports = [ + # ./laptop + ]; + services = { + logind = { + lidSwitch = "ignore"; + powerKey = "suspend"; + }; + }; +} diff --git a/hosts/morphius/hardware/laptop/default.nix b/hosts/morphius/hardware/laptop/default.nix new file mode 100644 index 0000000..86ed9a8 --- /dev/null +++ b/hosts/morphius/hardware/laptop/default.nix @@ -0,0 +1,5 @@ +{ + imports = [ + ./keyboard-fix.nix + ]; +} diff --git a/hosts/morphius/hardware/laptop/keyboard-fix.nix b/hosts/morphius/hardware/laptop/keyboard-fix.nix new file mode 100644 index 0000000..d8119fd --- /dev/null +++ b/hosts/morphius/hardware/laptop/keyboard-fix.nix @@ -0,0 +1,21 @@ +{ + services = { + udev.extraHwdb = '' + evdev:input:b0011v0001p0001eAB83* + KEYBOARD_KEY_d5=sysrq + KEYBOARD_KEY_d4=leftmeta + KEYBOARD_KEY_95=brightnessdown + KEYBOARD_KEY_91=brightnessup + ''; + keyd = { + enable = true; + keyboards.default = { + ids = ["0001:0001"]; + settings.main = { + camera = "brightnessdown"; + prog1 = "brightnessup"; + }; + }; + }; + }; +} diff --git a/hosts/morphius/misc/default.nix b/hosts/morphius/misc/default.nix new file mode 100644 index 0000000..cc8d3bd --- /dev/null +++ b/hosts/morphius/misc/default.nix @@ -0,0 +1,5 @@ +{ + imports = [ + ./distributed-build.nix + ]; +} diff --git a/hosts/morphius/misc/distributed-build.nix b/hosts/morphius/misc/distributed-build.nix new file mode 100644 index 0000000..b093581 --- /dev/null +++ b/hosts/morphius/misc/distributed-build.nix @@ -0,0 +1,30 @@ +{ + config, + inputs, + ... +}: let + inherit (builtins) readFile; + inherit (config.networking) hostName; + inherit (config.sops) secrets; + inherit (inputs) mysecrets; + pubHost = readFile "${mysecrets}/ssh/ssh_host_ed25519_dunamis.base64"; +in { + nix = { + distributedBuilds = true; + buildMachines = [ + { + hostName = "dunamis"; + publicHostKey = pubHost; + sshKey = secrets."ssh-${hostName}-user".path; + sshUser = "nix-ssh"; + supportedFeatures = [ + "benchmark" + "big-parallel" + "kvm" + "nixos-test" + ]; + system = "x86_64-linux"; + } + ]; + }; +} diff --git a/hosts/morphius/users/user/home-configuration.nix b/hosts/morphius/users/user/home-configuration.nix new file mode 100644 index 0000000..93ccd24 --- /dev/null +++ b/hosts/morphius/users/user/home-configuration.nix @@ -0,0 +1,7 @@ +{ + imports = [ + ../../../dunamis/users/user/common.nix + ../../../dunamis/users/user/programs.nix + ../../../dunamis/users/user/flatpak.nix + ]; +}