diff --git a/flake.nix b/flake.nix index 20fae74..98ed683 100755 --- a/flake.nix +++ b/flake.nix @@ -110,6 +110,18 @@ inputs.nur.modules.nixos.default inputs.sops-nix.nixosModules.sops ]; + phobos = inputs.self.lib.mkLinuxSystem [ + ./systems/phobos + ./profiles/user0 + config.nixosModules.phobos + config.nixosModules.core + config.nixosModules.mantle + config.nixosModules.crust + inputs.home-manager.nixosModules.home-manager + inputs.lix-module.nixosModules.default + inputs.nur.modules.nixos.default + inputs.sops-nix.nixosModules.sops + ]; charon = inputs.self.lib.mkLinuxSystem [ ./systems/charon ./profiles/user1 diff --git a/modules/config/devices/config/phobos.nix b/modules/config/devices/config/phobos.nix new file mode 100644 index 0000000..95468a3 --- /dev/null +++ b/modules/config/devices/config/phobos.nix @@ -0,0 +1,20 @@ +{ devicesFunctions }: +let + inherit (devicesFunctions) + ownerWriteOthersReadMask + phobosIP + ; +in +{ + label = "Phobos"; + name = "phobos"; + sync = { + address0 = phobosIP; + }; + ip = { + address0 = phobosIP; + }; + boot = { + options = ownerWriteOthersReadMask; + }; +} diff --git a/modules/config/devices/default.nix b/modules/config/devices/default.nix index b1bdf85..78640ad 100755 --- a/modules/config/devices/default.nix +++ b/modules/config/devices/default.nix @@ -41,6 +41,7 @@ let deimosIP = "192.168.50.142"; marsIP = "192.168.50.196"; phoneIP = "192.168.50.243"; + phobosIP = "192.168.50.180"; synologyIP = "192.168.50.209"; venusIP = "192.168.58.104"; brotherIP = "192.168.50.195"; diff --git a/modules/home/default.nix b/modules/home/default.nix index 17dd1dc..d601e8f 100755 --- a/modules/home/default.nix +++ b/modules/home/default.nix @@ -12,6 +12,7 @@ in venus deimos ceres + phobos ; inherit (config.people) user0 @@ -237,6 +238,35 @@ in ; }; }; + "${phobos.name}-${user0}" = { + imports = builtins.attrValues { + inherit (modules) + cli + floorp + tor + ghostty + zed + feishin + obsidian + libreOffice + okular + imageViewing + mpv + vesktop + element + signal + bitwarden + emote + flameshot + gnomeCalculator + systemMonitor + usbImager + virtManager + theming + espanso + ; + }; + }; "${charon.name}-${user1}" = { imports = builtins.attrValues { inherit (modules) diff --git a/modules/home/gui/apps/browsers/floorp/config/bookmarks/config/academic.nix b/modules/home/gui/apps/browsers/floorp/config/bookmarks/config/academic.nix index d7ab060..199f62d 100755 --- a/modules/home/gui/apps/browsers/floorp/config/bookmarks/config/academic.nix +++ b/modules/home/gui/apps/browsers/floorp/config/bookmarks/config/academic.nix @@ -14,6 +14,19 @@ ]; keyword = "Pub"; } + { + name = "Cochrane"; + url = "https://www.cochranelibrary.com/"; + tags = [ + "cochrane" + "collaboration" + "library" + "science" + "research" + "academic" + ]; + keyword = "Coch"; + } { name = "Sci-Hub"; url = "https://sci-hub.ee"; @@ -43,12 +56,24 @@ name = "Zotero Bibliography"; url = "https://zbib.org"; tags = [ - "votero" + "zotero" "bibliography" "bib" "zbib" ]; keyword = "Bib"; } + { + name = "Zotero Library"; + url = "https://www.zotero.org/uprootnutrition/library"; + tags = [ + "zotero" + "library" + "science" + "research" + "academic" + ]; + keyword = "Zot"; + } ]; } diff --git a/modules/nixos/default.nix b/modules/nixos/default.nix index bdfe113..2863b29 100755 --- a/modules/nixos/default.nix +++ b/modules/nixos/default.nix @@ -45,6 +45,17 @@ in }; }; + phobos = { + imports = builtins.attrValues { + inherit (modules) + plasma + sddm + xserver + wireGuard + ; + }; + }; + charon = { imports = builtins.attrValues { inherit (modules) diff --git a/systems/phobos/config/boot.nix b/systems/phobos/config/boot.nix new file mode 100755 index 0000000..6f25045 --- /dev/null +++ b/systems/phobos/config/boot.nix @@ -0,0 +1,43 @@ +{ + pkgs, + config, + ... +}: +{ + boot = { + extraModulePackages = [ + config.boot.kernelPackages.v4l2loopback.out + ]; + supportedFilesystems = [ + "ntfs" + ]; + initrd = { + availableKernelModules = [ + "nvme" + "ahci" + "xhci_pci" + "usb_storage" + "usbhid" + "sd_mod" + ]; + kernelModules = [ + ]; + }; + + kernelModules = [ + "kvm-amd" + "vfio-pci" + "v4l2loopback" + ]; + + kernelPackages = pkgs.linuxPackages_latest; + + loader = { + efi = { + canTouchEfiVariables = true; + efiSysMountPoint = "/boot"; + }; + systemd-boot.enable = true; + }; + }; +} diff --git a/systems/phobos/config/filesystem.nix b/systems/phobos/config/filesystem.nix new file mode 100755 index 0000000..084517a --- /dev/null +++ b/systems/phobos/config/filesystem.nix @@ -0,0 +1,38 @@ +{ + flake, + config, + ... +}: +let + inherit (flake.config.people) + user0 + user1 + ; + inherit (flake.config.machines.devices) + phobos + ; +in +{ + fileSystems = { + "/" = { + device = "/dev/disk/by-uuid/c9a82c93-1da4-4cd1-a1fa-26483271a2bb"; + fsType = "ext4"; + }; + "/boot" = { + device = "/dev/disk/by-uuid/71CA-765A"; + fsType = "vfat"; + options = phobos.boot.options; + }; + }; + + swapDevices = [ + { device = "/dev/disk/by-uuid/74007bf1-6e2f-425e-99fa-d35990f4ea37"; } + ]; + + systemd.tmpfiles.rules = [ + "Z ${config.home-manager.users.${user0}.home.homeDirectory} 0755 ${user0} users -" + "Z ${config.home-manager.users.${user1}.home.homeDirectory} 0755 ${user1} users -" + ]; + + services.udisks2.enable = true; +} diff --git a/systems/phobos/config/graphics.nix b/systems/phobos/config/graphics.nix new file mode 100755 index 0000000..b67a5df --- /dev/null +++ b/systems/phobos/config/graphics.nix @@ -0,0 +1,24 @@ +{ pkgs, ... }: +{ + hardware = { + graphics = { + enable = true; + extraPackages = builtins.attrValues { + inherit (pkgs) + amdvlk + ; + inherit (pkgs.rocmPackages.clr) + icd + ; + }; + extraPackages32 = builtins.attrValues { + inherit (pkgs.driversi686Linux) + amdvlk + ; + }; + }; + }; + boot.initrd.kernelModules = [ + "amdgpu" + ]; +} diff --git a/systems/phobos/config/hardware.nix b/systems/phobos/config/hardware.nix new file mode 100755 index 0000000..60e08be --- /dev/null +++ b/systems/phobos/config/hardware.nix @@ -0,0 +1,15 @@ +{ + config, + lib, + pkgs, + ... +}: +{ + hardware = { + firmware = [ + pkgs.rtl8761b-firmware + ]; + enableAllFirmware = true; + cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; + }; +} diff --git a/systems/phobos/config/networking.nix b/systems/phobos/config/networking.nix new file mode 100755 index 0000000..a7b9f23 --- /dev/null +++ b/systems/phobos/config/networking.nix @@ -0,0 +1,37 @@ +{ + lib, + flake, + ... +}: +let + inherit (flake.config.machines.devices) + phobos + ; +in +{ + networking = { + hostName = phobos.name; + networkmanager.enable = true; + nftables.enable = true; + useDHCP = lib.mkDefault true; + firewall = { + enable = true; + allowedTCPPorts = [ + 22 # SSH + 55771 + ]; + }; + }; + services = { + avahi = { + enable = true; + openFirewall = true; + nssmdns4 = true; + }; + sshd.enable = true; + openssh = { + enable = true; + settings.PasswordAuthentication = false; + }; + }; +} diff --git a/systems/phobos/config/sops.nix b/systems/phobos/config/sops.nix new file mode 100755 index 0000000..90298ee --- /dev/null +++ b/systems/phobos/config/sops.nix @@ -0,0 +1,16 @@ +{ + sops = { + secrets = { + "network/synology" = { + path = "/var/lib/secrets/synology"; + owner = "root"; + mode = "600"; + }; + "network/server" = { + path = "/var/lib/secrets/server"; + owner = "root"; + mode = "600"; + }; + }; + }; +} diff --git a/systems/phobos/default.nix b/systems/phobos/default.nix new file mode 100755 index 0000000..a3744f2 --- /dev/null +++ b/systems/phobos/default.nix @@ -0,0 +1,17 @@ +{ lib, ... }: +let + configPath = ./config; + + deimosImports = + let + files = builtins.attrNames (builtins.readDir configPath); + in + map (name: configPath + "/${name}") ( + builtins.filter (name: builtins.match ".*\\.nix$" name != null) files + ); +in +{ + imports = deimosImports; + nixpkgs.hostPlatform = lib.mkForce "x86_64-linux"; + system.stateVersion = lib.mkForce "24.05"; +}