diff --git a/lib/luj.nix b/lib/luj.nix index bdb5ab1..8fe814c 100644 --- a/lib/luj.nix +++ b/lib/luj.nix @@ -1,28 +1,37 @@ -inputs: lib: with lib; let +inputs: lib: +with lib; +let modules = [ { options.machines = mkOption { description = "My machines"; - type = with types; attrsOf (submodule ({ name, ... }: { - freeformType = attrs; - options = { - hostname = mkOption { - description = "The machine's hostname"; - type = str; - default = name; - readOnly = true; - }; - sshPort = mkOption { - description = "The port for the ssh server of the machine"; - type = int; - default = 45; - }; - sshUser = mkOption { - description = "The user for ssh connection to the machine"; - default = "julien"; - }; - }; - })); + type = + with types; + attrsOf ( + submodule ( + { name, ... }: + { + freeformType = attrs; + options = { + hostname = mkOption { + description = "The machine's hostname"; + type = str; + default = name; + readOnly = true; + }; + sshPort = mkOption { + description = "The port for the ssh server of the machine"; + type = int; + default = 45; + }; + sshUser = mkOption { + description = "The user for ssh connection to the machine"; + default = "julien"; + }; + }; + } + ) + ); default = { }; }; @@ -39,8 +48,14 @@ inputs: lib: with lib; let arch = "x86_64-linux"; nixpkgs_version = inputs.nixpkgs; hm_version = inputs.home-manager; - ipv4 = { public = "212.129.40.11"; vpn = "100.100.45.12"; }; - ipv6 = { public = "2a01:e0a:5f9:9681:5880:c9ff:fe9f:3dfb"; vpn = "fd7a:115c:a1e0::c"; }; + ipv4 = { + public = "212.129.40.11"; + vpn = "100.100.45.12"; + }; + ipv6 = { + public = "2a01:e0a:5f9:9681:5880:c9ff:fe9f:3dfb"; + vpn = "fd7a:115c:a1e0::c"; + }; }; x2100 = { inherit tld; @@ -57,8 +72,8 @@ inputs: lib: with lib; let enigma = { inherit tld; arch = "aarch64-linux"; - nixpkgs_version = inputs.nixpkgs_patched; - hm_version = inputs.home-manager-unstable; + nixpkgs_version = inputs.nixpkgs; + hm_version = inputs.home-manager; ipv4.vpn = "100.100.45.21"; }; lambda = { @@ -66,8 +81,14 @@ inputs: lib: with lib; let arch = "aarch64-linux"; nixpkgs_version = inputs.nixpkgs; hm_version = inputs.home-manager; - ipv4 = { public = "141.145.197.219"; vpn = "100.100.45.13"; }; - ipv6 = { public = "2603:c027:c001:89aa:aad9:34b3:f3c9:924f"; vpn = "fd7a:115c:a1e0::d"; }; + ipv4 = { + public = "141.145.197.219"; + vpn = "100.100.45.13"; + }; + ipv6 = { + public = "2603:c027:c001:89aa:aad9:34b3:f3c9:924f"; + vpn = "fd7a:115c:a1e0::d"; + }; }; tower = { @@ -75,9 +96,15 @@ inputs: lib: with lib; let arch = "x86_64-linux"; nixpkgs_version = inputs.nixpkgs; hm_version = inputs.home-manager; - ipv4 = { public = "82.67.34.230"; local = "192.168.0.103"; vpn = "100.100.45.9"; }; - ipv6 = { public = "2a01:e0a:de4:a0e1:8ec7:b5d2:f663:a67a"; vpn = "fd7a:115c:a1e0::9"; }; - + ipv4 = { + public = "82.67.34.230"; + local = "192.168.0.103"; + vpn = "100.100.45.9"; + }; + ipv6 = { + public = "2a01:e0a:de4:a0e1:8ec7:b5d2:f663:a67a"; + vpn = "fd7a:115c:a1e0::9"; + }; }; gustave = { @@ -87,82 +114,140 @@ inputs: lib: with lib; let hm_version = inputs.home-manager; }; - core-security = { inherit tld; arch = "x86_64-linux"; nixpkgs_version = inputs.nixpkgs; hm_version = inputs.home-manager; - ipv4 = { public = "82.67.34.230"; local = "192.168.0.175"; vpn = "100.100.45.14"; }; - ipv6 = { public = "2a01:e0a:de4:a0e1:40f0:8cff:fe31:3e94"; vpn = "fd7a:115c:a1e0::e"; }; - + ipv4 = { + public = "82.67.34.230"; + local = "192.168.0.175"; + vpn = "100.100.45.14"; + }; + ipv6 = { + public = "2a01:e0a:de4:a0e1:40f0:8cff:fe31:3e94"; + vpn = "fd7a:115c:a1e0::e"; + }; }; - core-data = - { - inherit tld; - arch = "x86_64-linux"; - nixpkgs_version = inputs.nixpkgs; - hm_version = inputs.home-manager; - ipv4 = { public = "82.67.34.230"; local = "192.168.0.66"; }; - ipv6 = { public = "2a01:e0a:de4:a0e1:be24:11ff:fe09:638d"; }; + core-data = { + inherit tld; + arch = "x86_64-linux"; + nixpkgs_version = inputs.nixpkgs; + hm_version = inputs.home-manager; + ipv4 = { + public = "82.67.34.230"; + local = "192.168.0.66"; }; + ipv6 = { + public = "2a01:e0a:de4:a0e1:be24:11ff:fe09:638d"; + }; + }; nuage = { inherit tld; subdomains = [ "nuage.malka.family" ]; - ipv4 = { public = "82.67.34.230"; local = "192.168.0.101"; }; - ipv6 = { public = "2a01:e0a:de4:a0e1:95c9:b2e2:e999:1a45"; }; + ipv4 = { + public = "82.67.34.230"; + local = "192.168.0.101"; + }; + ipv6 = { + public = "2a01:e0a:de4:a0e1:95c9:b2e2:e999:1a45"; + }; }; doma-backups = { inherit tld; subdomains = [ "doma-backups.julienmalka.me" ]; - ipv4 = { public = "82.67.34.230"; local = "192.168.0.250"; }; - ipv6 = { public = "2a01:e0a:de4:a0e1:6b86:c2c:2141:6702"; }; + ipv4 = { + public = "82.67.34.230"; + local = "192.168.0.250"; + }; + ipv6 = { + public = "2a01:e0a:de4:a0e1:6b86:c2c:2141:6702"; + }; }; doma-zulip = { inherit tld; subdomains = [ "zulip.julienmalka.me" ]; - ipv4 = { public = "82.67.34.230"; local = "192.168.0.187"; }; - ipv6 = { public = "2a01:e0a:de4:a0e1:6830:ddff:fe52:a444"; }; + ipv4 = { + public = "82.67.34.230"; + local = "192.168.0.187"; + }; + ipv6 = { + public = "2a01:e0a:de4:a0e1:6830:ddff:fe52:a444"; + }; }; pve1 = { inherit tld; - ipv4 = { public = "82.67.34.230"; local = "192.168.1.1"; vpn = "100.100.45.3"; }; - ipv6 = { public = "2a01:e0a:de4:a0e1:d250:99ff:fefa:b62"; vpn = "fd7a:115c:a1e0::3"; }; + ipv4 = { + public = "82.67.34.230"; + local = "192.168.1.1"; + vpn = "100.100.45.3"; + }; + ipv6 = { + public = "2a01:e0a:de4:a0e1:d250:99ff:fefa:b62"; + vpn = "fd7a:115c:a1e0::3"; + }; sshPort = 22; sshUser = "root"; }; pve2 = { inherit tld; - ipv4 = { public = "82.67.34.230"; local = "192.168.1.2"; vpn = "100.100.45.15"; }; - ipv6 = { public = "2a01:e0a:de4:a0e1:aaa1:59ff:fec7:1d6"; vpn = "fd7a:115c:a1e0::f"; }; + ipv4 = { + public = "82.67.34.230"; + local = "192.168.1.2"; + vpn = "100.100.45.15"; + }; + ipv6 = { + public = "2a01:e0a:de4:a0e1:aaa1:59ff:fec7:1d6"; + vpn = "fd7a:115c:a1e0::f"; + }; sshPort = 22; sshUser = "root"; - }; pve3 = { inherit tld; - ipv4 = { public = "82.67.34.230"; local = "192.168.1.3"; vpn = "100.100.45.16"; }; - ipv6 = { public = "2a01:e0a:de4:a0e1:aaa1:59ff:fec1:aa10"; vpn = "fd7a:115c:a1e0::10"; }; + ipv4 = { + public = "82.67.34.230"; + local = "192.168.1.3"; + vpn = "100.100.45.16"; + }; + ipv6 = { + public = "2a01:e0a:de4:a0e1:aaa1:59ff:fec1:aa10"; + vpn = "fd7a:115c:a1e0::10"; + }; sshPort = 22; sshUser = "root"; }; pve4 = { inherit tld; - ipv4 = { public = "82.67.34.230"; local = "192.168.1.4"; vpn = "100.100.45.17"; }; - ipv6 = { public = "2a01:e0a:de4:a0e1:d250:99ff:fefa:b76"; vpn = "fd7a:115c:a1e0::11"; }; + ipv4 = { + public = "82.67.34.230"; + local = "192.168.1.4"; + vpn = "100.100.45.17"; + }; + ipv6 = { + public = "2a01:e0a:de4:a0e1:d250:99ff:fefa:b76"; + vpn = "fd7a:115c:a1e0::11"; + }; sshPort = 22; sshUser = "root"; }; saves-paris = { inherit tld; subdomains = [ "saves-paris.luj" ]; - ipv4 = { public = "82.67.34.230"; local = "192.168.4.5"; vpn = "100.100.45.4"; }; - ipv6 = { public = "2a01:e0a:de4:a0e1:3af3:abff:fe6a:1f54"; vpn = "fd7a:115c:a1e0::4"; }; + ipv4 = { + public = "82.67.34.230"; + local = "192.168.4.5"; + vpn = "100.100.45.4"; + }; + ipv6 = { + public = "2a01:e0a:de4:a0e1:3af3:abff:fe6a:1f54"; + vpn = "fd7a:115c:a1e0::4"; + }; sshPort = 22; sshUser = "root"; }; @@ -170,16 +255,18 @@ inputs: lib: with lib; let saves-lyon = { inherit tld; subdomains = [ "saves-lyon.luj" ]; - ipv4 = { vpn = "100.100.45.20"; }; - ipv6 = { vpn = "fd7a:115c:a1e0::14"; }; + ipv4 = { + vpn = "100.100.45.20"; + }; + ipv6 = { + vpn = "fd7a:115c:a1e0::14"; + }; sshPort = 22; sshUser = "root"; }; - }; }; } ]; in (evalModules { inherit modules; }).config - diff --git a/machines/enigma/default.nix b/machines/enigma/default.nix index a542ab4..8dd2970 100644 --- a/machines/enigma/default.nix +++ b/machines/enigma/default.nix @@ -1,11 +1,10 @@ -{ config, pkgs, lib, ... }: +{ config, pkgs, ... }: { - imports = - [ - ./hardware.nix - ./home-julien.nix - ]; + imports = [ + ./hardware.nix + ./home-julien.nix + ]; networking.hostName = "enigma"; boot.loader.systemd-boot.enable = true; @@ -19,16 +18,17 @@ networking.networkmanager.dns = "systemd-resolved"; services.resolved.enable = true; - security.pam.loginLimits = [{ - domain = "*"; - type = "-"; - item = "nofile"; - value = "262144"; - }]; + security.pam.loginLimits = [ + { + domain = "*"; + type = "-"; + item = "nofile"; + value = "262144"; + } + ]; security.pam.services.swaylock = { }; - services.xserver = { enable = true; layout = "fr"; @@ -68,28 +68,24 @@ # https://github.com/NVIDIA/open-gpu-kernel-modules#compatible-gpus # Only available from driver 515.43.04+ # Do not disable this unless your GPU is unsupported or if you have a good reason to. - open = true; + open = false; # Enable the Nvidia settings menu, # accessible via `nvidia-settings`. nvidiaSettings = true; - # Optionally, you may need to select the appropriate driver version for your specific GPU. package = config.boot.kernelPackages.nvidiaPackages.stable; }; - - boot.initrd.kernelModules = [ "nvidia" ]; boot.extraModulePackages = [ config.boot.kernelPackages.nvidia_x11 ]; programs.xwayland.enable = true; - programs.hyprland = - { - enable = true; - package = pkgs.unstable.hyprland; - portalPackage = pkgs.unstable.xdg-desktop-portal-hyprland; - }; + programs.hyprland = { + enable = true; + package = pkgs.unstable.hyprland; + portalPackage = pkgs.unstable.xdg-desktop-portal-hyprland; + }; time.timeZone = "Europe/Paris"; @@ -111,7 +107,6 @@ security.polkit.enable = true; nix = { - package = lib.mkForce pkgs.nix; distributedBuilds = true; buildMachines = [ { @@ -119,7 +114,12 @@ maxJobs = 100; systems = [ "x86_64-linux" ]; sshUser = "root"; - supportedFeatures = [ "kvm" "nixos-test" "benchmark" "big-parallel" ]; + supportedFeatures = [ + "kvm" + "nixos-test" + "benchmark" + "big-parallel" + ]; sshKey = "/home/julien/.ssh/id_ed25519"; speedFactor = 2; } @@ -149,19 +149,13 @@ programs.adb.enable = true; - - environment.variables.WLR_NO_HARDWARE_CURSORS = "1"; services.printing.enable = true; services.avahi.enable = true; - services.avahi.nssmdns4 = true; + services.avahi.nssmdns = true; # for a WiFi printer services.avahi.openFirewall = true; system.stateVersion = "23.05"; - } - - -