macronova/nixos-config
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Initialize quasar

Browse source
This commit is contained in:
Invariantspace 2024-12-09 04:12:16 +00:00
parent 60579facc7
commit 211af9bd61
15 changed files with 616 additions and 72 deletions
Download patch file Download diff file Expand all files Collapse all files

4
common/.sops.yaml
View file

@ -1,9 +1,9 @@
keys:
- &blitzar age1mc72my8whm2fm3wjg2ucvckx27dyp09urdgs9lpzqswl5pa5py8sfwszt9
- &comet age18e4ttr7k6r7j662a6pvgrvsptuhsvffq70z4westqs3gfx7804fq0ewfaa
- &macronova age1sy52xwldc7puckze2kcax7csc2nrg049y9nt2qd0ltvghckms5nq2d25ra
- &nebula age1vyq4xceveer87xt506yl59lh82dmeuagzlmnk87augfvqry7vqaq5hwy33
- &protostar age1m5jnjmed343uwpgeta4nkxjhwescsa6dfswx30e4rwm0yxcf753qr0ljkw
- &quasar age19wmymljvrhwmrhtutj5f3vm32fhyhka5k5ecjx4zs8tnclrdeyxsq43jwn
- &singularity age15cp5p76q7vhwg9v8u98dpshrmtengghmm7yn5ckfk0yz694q3g6qajywwu
creation_rules:
- path_regex: secrets.yaml$
@ -12,10 +12,10 @@ creation_rules:
- *blitzar
- *macronova
- *nebula
- *quasar
- path_regex: auths.yaml$
key_groups:
- age:
- *comet
- *macronova
- *protostar
- *singularity

39
common/auths.yaml
View file

@ -12,41 +12,32 @@ sops:
azure_kv: []
hc_vault: []
age:
- recipient: age18e4ttr7k6r7j662a6pvgrvsptuhsvffq70z4westqs3gfx7804fq0ewfaa
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBnVlNDQW5WVFppcEZJanc5
VDlZMG5xWmoyalB0bzVrRGpHOGRkcmlETVMwCis2TjA0dUMycG9UNldQenZnUDhW
S0FGWnpuZXRMUjd0V2FMeXpiVjFMNWsKLS0tIHMzaG9wUEVEVm5UM0Rob09MNFJq
eEFicGFNajFiRXF6d2xEQjc0VGVsVDAK5wj9siWRiV7FD6bO5YATpOCidEOJGjO0
fa98Sv/HNJdYXx4wR0yWgIdqVFs+2z+Q4aaOzKdySBcxJjqLAvnZlw==
-----END AGE ENCRYPTED FILE-----
- recipient: age1sy52xwldc7puckze2kcax7csc2nrg049y9nt2qd0ltvghckms5nq2d25ra
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBDRVpBb2p1dlhHNlVLKzYw
ck83MllqU2dYWEhEUVlFSGZhSEFaV284U0dnClRkUTRZbmJTN0ZrSmVBTXFtS3lh
aEhJQWJTc094aHNlT2x4M3F1SFl4ZWcKLS0tIGtWbDBURjRkbmQrT0NlVUZjbnl3
M1NRbVdqbzZ3Sy9xdlArbExSMzBKSHcKvmimpsvrNL1ogQ3jROJgD7b8dFgNCvd5
xWS2gbnTo3g+hhouHM4pko8nlT2BY3f0L4IiLfJZ0j7tWx0Kvaz/xA==
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBSanJtZDBzR0NwVXArbm0w
aFpKWnRwZ3BNN1pXUENST0pnRmlVSEVmQUVvCnpwOFZZQm9mdTM2eTcwVW9UUTB3
bzRYMGFyVDhXb3FzZmRMVDhBT3FsMWsKLS0tIE95c3hxTjRKRDYvNk82K3RUcjBt
bUViQmxOVXQrSjFNZjgxRFFFVVlFR1EKwwhkxgqtKE/sBJduXdMxOaTw2g8beGs7
4hIZLQg0ymUJA7qTBocIaka+TpByi9ikoQcNdxo61JO1L4ftiDmQAQ==
-----END AGE ENCRYPTED FILE-----
- recipient: age1m5jnjmed343uwpgeta4nkxjhwescsa6dfswx30e4rwm0yxcf753qr0ljkw
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBOTDF0ZG1tVmF6YkxBUTJD
cnIzK0Q2WFJzZzNKLzZDM2VzOS9wOEw0OWprCnR4ZlpTdFc5YjRPdklYNzlHVTZY
bVFMRWhwVGJNN0Jwd0JlMjR2cHE4RUEKLS0tIHF1R2xFMFQrYm1wbXgwN29BLzZO
OFppTU5wdGJkRTN0cDRQK2VNelJwbnMKLuNccIhf2RbNbfYR+jTUdN/RAh1fQExS
Bqm4F3/PID+gdljxHDSS7mN7VZ+884nrInE8U5TCqREe5HSnwLStfg==
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBxUlQ4cTJiT2w3cE5hSVJ3
Y1Y4RGxheWF0ZFlUcVUzZjdLcUdwOXFUQTBJCjJ1dXdpWUMwN2FZRTJ1MkdzV0Ro
YUo1UlRzajJjSXFkMitER3dpYWJyV3MKLS0tIHEvbzJRM1Jqbk8rWmdJVU5hRS9q
bzlLU1I1V1RWaGZPU3lPVGVaaE5LdEUKioyyj0IDzOPjSX+KX6ntQnfM9mVonfWt
NTEBLTChbbyrRFOzwC/G9G+bFFvA+sWpz/6sFqQUWVWuQqkE6eJlpw==
-----END AGE ENCRYPTED FILE-----
- recipient: age15cp5p76q7vhwg9v8u98dpshrmtengghmm7yn5ckfk0yz694q3g6qajywwu
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBjUndRMWFDaE1PS0lLY1N0
Nlk3bTQrR0lGV0ovUDd5cWlReEZWajdkbHhRCmJUODczdkhzNXV3YllBU2VxUmFI
bUdVUGpYcjFnYlRBMjJvRVd6bjlUMmMKLS0tIHN4cXJHeTZzTlEreTg1NWpxQ2dM
UnlUY25pOGJ2T1VoTW0yeTFEL2NNTVUKHFdlBryccJAKz26+oECG8tx/FvhZEe0E
MBRoWFu+LHaAUgaOKEBMUHZKzY7Q+TahAsdsy+VErmRkI6i/Hh10ww==
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA1enNFRlJldmpaQXhCUlli
Q21oaEVlVkl3dE9wRHI5STVyd2NFeUVJUERzCmtrTFVGbEowVm1aQVZxbmM4SnNx
NlExUWNIZ1lkZTd4WDZ2cGRLMDhJNHcKLS0tIGt4ZlR1RkdxdkdDZHpHcnBCYkpV
SEZndElYa1NOWnQ1Y3dMUG9WUS9yZE0Ku4sIsnLwt7bPeceWT/fSbJngdLdeVFiL
qYYzmQOAP/nb1KlZCQjbqxZaMq7An+Iqaat4ILD1i39hmbLAZdxIpA==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2024-09-01T06:31:43Z"
mac: ENC[AES256_GCM,data:w6s0HiUCsaVU0aYkCuIwLxW/NTP3dZbDZOS8zOAKgK4mBecs9MlBzFY6cQzM657aYvK/JibyD2L6AsjrdX9HOiN0dEFikDAaZ6OvyCoaxYawZF/aFPKR92sWzuMMvaU8g+g3F3tyhq/SR1ojHyPFztbkrfxIkm+ORl17w56Eb5E=,iv:7088zB1C/1Dt7zBJNRaTcDVJRa28dwPV43vR/yRc/mA=,tag:geuuukzQ4A8wofkK5Co4jg==,type:str]

3
common/constants.nix
View file

@ -67,7 +67,7 @@ with lib; {
publicKeys = mkOption {
type = types.listOf types.str;
default = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHPT/zRq5fffcUmjxcwG2cTr09fOa9O4rBUb6ob2CyNy macronova@blitzar"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHPT/zRq5fffcUmjxcwG2cTr09fOa9O4rBUb6ob2CyNy macronova"
];
description = ''
The public keys for SSH authentication.
@ -86,6 +86,7 @@ with lib; {
blitzar.id = "KGCBCIZ-GG6KMQ2-FLK5BWW-GLCEDML-5LCI24S-UKO5UWL-HWNCPYX-ZWWD5AQ";
nebula.id = "NJXA5XS-2PSWECD-UHBV7JH-IR2RSWY-PRUPFTZ-AHL7IN6-RXSLZKB-2FUNRQH";
protostar.id = "RQBGBAP-TI2VGMA-IO6OOAC-5KDJJKC-5NH2HNW-VAKLHMS-2YCRRQU-QKXFXQM";
quasar.id = "4IZ2RNQ-YTRM4C5-54X2MBV-ZL6Q6FO-TDETMJD-LBV3GV5-CO25QQU-2MG4PQR";
};
description = ''
The device information for syncthing

39
common/secrets.yaml
View file

@ -11,29 +11,38 @@ sops:
- recipient: age1mc72my8whm2fm3wjg2ucvckx27dyp09urdgs9lpzqswl5pa5py8sfwszt9
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBsQnQ1TkRrd1lEMG9vbDd6
R2RYMDRNNWVLUTBqNEtjL1lvMGpOSzh5ZW1jCm56VU5uWElBNm9xUUJPTDYyTGs0
dmRSMmR3RXJHc00yUENpTVROajFBMTgKLS0tIEo3SVlzcXBGdzg3aXNZaG0xbXc5
eEMyWFZ4VVByelVxNm80SkxYdExwV0UKXTtkHk7LMBy0LY4tjbcpxGHhxnwbTexe
98TKQMBQncPR7IVZDkOHmsYq20jSCWEdV6vLH2mQH6Kqq4HQCS6/sA==
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBjWUtjTGNJQ0ZiZk93T1Fv
akZtYVA0WENUaXFvYVY4U2orMklGV3ZBd21BClFHODJhTTRFVjA0eTA5R0FzbWZ1
N0JlV1VKdjFHSExGejJnbUgvNWxFRjgKLS0tIHJQcmZXSzFqQWI5Q01jTkFpaFU0
bStHZHJsUmtDNW1RV2VPYW50TkRXaU0KNWPQzLzzyZBqY9f0bP5uG56I9Z5wJodB
xsYMXkQkEUGGvMO4PADeQ4jsXYXSPsVakzpwlvJD/hYmEmoBat2yNg==
-----END AGE ENCRYPTED FILE-----
- recipient: age1sy52xwldc7puckze2kcax7csc2nrg049y9nt2qd0ltvghckms5nq2d25ra
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBRRjM2VEx1N25CK00yVGht
TzNpbi8vVXF0WmJGTldtWTFWdS9UZHNoTmp3CjZOeXpvOVE0M2kzbEdKTzlBYVFa
LzFzaFM5SmlwQytDMFhtb0ttb2N1c3MKLS0tIDgrTVJpaWdZSzlPL0Z2WE9RSno0
QmRJUlY0NTJZMnVKdUJLWk1yZFRkb1UKaubDYas4I2MGs6XauGSmev03UgF6btYB
ynok/qxNaXFL4MwuHnL5W/TnHpGAE6M7PLLEV4Kf+yaHojbLLxUw6A==
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBid3EvaGFmZGRwMGNYM2ZP
bER3azFSeUhpcWppR1FFcGFkOXorbnE4cldzCmxpY0MvVjdITm5IVXJzM0N4SEMw
cldBOHBXK2hsd2JPZCt3Y1ZQVXlwMVkKLS0tIDZ1MStnSU5yT0Z4RnhCdXQ1Mjgz
aERoRW5teHQyeXFOK0t3N243YXV1R2sKDEo7Dpb9qFjJ0sDt4UEnDrfNpmEyuKM+
NcRQB5ltwCjJcpt057ePgb2PJbhYE4jbZDh42+CTwsEOpl3Ru9lbtw==
-----END AGE ENCRYPTED FILE-----
- recipient: age1vyq4xceveer87xt506yl59lh82dmeuagzlmnk87augfvqry7vqaq5hwy33
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBpUWJLL3FxWE1mbnZsN0dU
VlBXUHZlRFlOR01WSUlmdkw1eGtpaDhlSmdBClVWRGZ5anFHWFRKcUFuNkJ3Y2lz
Kys1N29QVWozZXI5eVFSV21OSHFqRG8KLS0tIG9CYmRuUm5YQzZidTR2R1l0a05h
TG5mYWd3MnI5TlZiNXBjb0JJY3BvN0EKUd0ldQPe0/zdHjsmKEUhH7xkpO4nLfd5
fnTk1jGonJg+t+TqLLg/YYKlcNkgExWaIZ7wrd0RVKXOeC2BtM/wzQ==
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB6aXk0NG90ZXhJSEU1a2Ew
dGh5azE2VUk1dGJZN0tHYTJWcHhyMVNyY2tjCkZqYmNyU1cxbDF3dUUzaHBRak5p
angwdnN1cWlwQzV2N3lVekVaY0lzekEKLS0tIHM2S0J1T3NQTmRNcHhYM28vVVg4
c3doOWhjaHdQOWJWMXF5ZlZoemxObmsKrH/FRfoGRZouNgRsdvGB5AZma+mELIXh
+K+pSoYKlR74RdQVVIm5jaPEmMdzDvDfIkeJJ8TvEMCha6QP5uKpzQ==
-----END AGE ENCRYPTED FILE-----
- recipient: age19wmymljvrhwmrhtutj5f3vm32fhyhka5k5ecjx4zs8tnclrdeyxsq43jwn
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA1UmUrSkNEWlFwdWVyM0Jx
bm5uQXd2K2JvaHhRTzJMN012WDFzNFQxZG5JCkR2QjNqYU8vNHRWblN4aFZPVTNp
ZWR3UjRCL3YvUkpCc245eFNuMWNoR3MKLS0tIFpMRVRIOHkydTgzT3E4L2t4bmJG
dlUxMlpsK2F5MXpocnFseCtNaXZjNEkKlyWUaOZWIPg0dTCQOj7QNVYTjZkQhnm3
hfqzzOsH750xWjGl7FlWw2O9tRfbk1xSatYJLR2pPox6mny+GHZhiA==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2024-09-01T04:30:14Z"
mac: ENC[AES256_GCM,data:ct8vaGlaPj69vzRm9baA2rxbuBM+MYX3Gjtg8m1cdHtldifvrYcw+hb1b9qC/Jhn3ppqpPO/8PhqqMU9U+aUBaSRV0AdDZs63T1/591SU3NDC6rmRBtkbrGk4g4jw4/Guw9Gs8F2r6xWf91KobAoHg9HLI+PK+pOSlfl4o8PBww=,iv:iPGlDkj5mnUxdtoSMztH8BPwSID0FJQDZfc2JenQngw=,tag:1QUCclV0Cs6hsPBANupj1g==,type:str]

60
flake.lock generated
View file

@ -37,11 +37,11 @@
"nixpkgs": "nixpkgs"
},
"locked": {
"lastModified": 1732988076,
"narHash": "sha256-2uMaVAZn7fiyTUGhKgleuLYe5+EAAYB/diKxrM7g3as=",
"lastModified": 1733168902,
"narHash": "sha256-8dupm9GfK+BowGdQd7EHK5V61nneLfr9xR6sc5vtDi0=",
"owner": "nix-community",
"repo": "disko",
"rev": "2814a5224a47ca19e858e027f7e8bff74a8ea9f1",
"rev": "785c1e02c7e465375df971949b8dcbde9ec362e5",
"type": "github"
},
"original": {
@ -141,11 +141,11 @@
},
"hardware": {
"locked": {
"lastModified": 1732483221,
"narHash": "sha256-kF6rDeCshoCgmQz+7uiuPdREVFuzhIorGOoPXMalL2U=",
"lastModified": 1733481457,
"narHash": "sha256-IS3bxa4N1VMSh3/P6vhEAHQZecQ3oAlKCDvzCQSO5Is=",
"owner": "nixos",
"repo": "nixos-hardware",
"rev": "45348ad6fb8ac0e8415f6e5e96efe47dd7f39405",
"rev": "e563803af3526852b6b1d77107a81908c66a9fcf",
"type": "github"
},
"original": {
@ -159,11 +159,11 @@
"nixpkgs": "nixpkgs_2"
},
"locked": {
"lastModified": 1732884235,
"narHash": "sha256-r8j6R3nrvwbT1aUp4EPQ1KC7gm0pu9VcV1aNaB+XG6Q=",
"lastModified": 1733484277,
"narHash": "sha256-i5ay20XsvpW91N4URET/nOc0VQWOAd4c4vbqYtcH8Rc=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "819f682269f4e002884702b87e445c82840c68f2",
"rev": "d00c6f6d0ad16d598bf7e2956f52c1d9d5de3c3a",
"type": "github"
},
"original": {
@ -199,11 +199,11 @@
"nixpkgs": "nixpkgs_3"
},
"locked": {
"lastModified": 1732739177,
"narHash": "sha256-iL32+TA/8geCzcL1r3uthrH/GPvbUak5QE++WJUkaiI=",
"lastModified": 1733491721,
"narHash": "sha256-n4fTKTYXeGRngeanNDxSxbuWSRCQ6l74IwOBlqp8dcw=",
"owner": "Jovian-Experiments",
"repo": "Jovian-NixOS",
"rev": "8d7b2149e618696d5100c2683af1ffa893f02a75",
"rev": "0f415721ee427270bc078ef3a5ba2a308d47461f",
"type": "github"
},
"original": {
@ -331,11 +331,11 @@
},
"nixpkgs_2": {
"locked": {
"lastModified": 1732521221,
"narHash": "sha256-2ThgXBUXAE1oFsVATK1ZX9IjPcS4nKFOAjhPNKuiMn0=",
"lastModified": 1733212471,
"narHash": "sha256-M1+uCoV5igihRfcUKrr1riygbe73/dzNnzPsmaLCmpo=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "4633a7c72337ea8fd23a4f2ba3972865e3ec685d",
"rev": "55d15ad12a74eb7d4646254e13638ad0c4128776",
"type": "github"
},
"original": {
@ -347,11 +347,11 @@
},
"nixpkgs_3": {
"locked": {
"lastModified": 1732014248,
"narHash": "sha256-y/MEyuJ5oBWrWAic/14LaIr/u5E0wRVzyYsouYY3W6w=",
"lastModified": 1733392399,
"narHash": "sha256-kEsTJTUQfQFIJOcLYFt/RvNxIK653ZkTBIs4DG+cBns=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "23e89b7da85c3640bbc2173fe04f4bd114342367",
"rev": "d0797a04b81caeae77bcff10a9dde78bc17f5661",
"type": "github"
},
"original": {
@ -394,11 +394,11 @@
},
"nixpkgs_6": {
"locked": {
"lastModified": 1732837521,
"narHash": "sha256-jNRNr49UiuIwaarqijgdTR2qLPifxsVhlJrKzQ8XUIE=",
"lastModified": 1733581040,
"narHash": "sha256-Qn3nPMSopRQJgmvHzVqPcE3I03zJyl8cSbgnnltfFDY=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "970e93b9f82e2a0f3675757eb0bfc73297cc6370",
"rev": "22c3f2cf41a0e70184334a958e6b124fb0ce3e01",
"type": "github"
},
"original": {
@ -462,11 +462,11 @@
"nixpkgs": "nixpkgs_7"
},
"locked": {
"lastModified": 1733005589,
"narHash": "sha256-NAym0oWYwKgFuAif6Z7HacU6Su/SJNTW4wEYC5urSYU=",
"lastModified": 1733578387,
"narHash": "sha256-XkMZGeqg0GCRoSXvMcaHP7bdvWPRZxCK1sw1ASsc16E=",
"owner": "pjones",
"repo": "plasma-manager",
"rev": "88ca377ff58b5c30a2879745829842554d4b21d5",
"rev": "2a64e173f1effdcc86e25cba0601e8feedf89115",
"type": "github"
},
"original": {
@ -483,11 +483,11 @@
"nixpkgs-stable": "nixpkgs-stable"
},
"locked": {
"lastModified": 1732021966,
"narHash": "sha256-mnTbjpdqF0luOkou8ZFi2asa1N3AA2CchR/RqCNmsGE=",
"lastModified": 1733665616,
"narHash": "sha256-+XTFXYlFJBxohhMGLDpYdEnhUNdxN8dyTA8WAd+lh2A=",
"owner": "cachix",
"repo": "pre-commit-hooks.nix",
"rev": "3308484d1a443fc5bc92012435d79e80458fe43c",
"rev": "d8c02f0ffef0ef39f6063731fc539d8c71eb463a",
"type": "github"
},
"original": {
@ -516,11 +516,11 @@
"nixpkgs": "nixpkgs_9"
},
"locked": {
"lastModified": 1732575825,
"narHash": "sha256-xtt95+c7OUMoqZf4OvA/7AemiH3aVuWHQbErYQoPwFk=",
"lastModified": 1733128155,
"narHash": "sha256-m6/qwJAJYcidGMEdLqjKzRIjapK4nUfMq7rDCTmZajc=",
"owner": "Mic92",
"repo": "sops-nix",
"rev": "3433ea14fbd9e6671d0ff0dd45ed15ee4c156ffa",
"rev": "c6134b6fff6bda95a1ac872a2a9d5f32e3c37856",
"type": "github"
},
"original": {

46
linux/quasar/configuration.nix Normal file
View file

@ -0,0 +1,46 @@
# Edit this configuration file to define what should be installed on
# your system. Help is available in the configuration.nix(5) man page, on
# https://search.nixos.org/options and in the NixOS manual (`nixos-help`).
{pkgs, ...}: {
# Configure boot
boot = {
initrd.systemd.enable = true;
loader = {
efi.canTouchEfiVariables = true;
grub = let
yorha = pkgs.yorha-grub-theme;
in {
enable = true;
device = "nodev";
efiSupport = true;
splashImage = "${yorha}/background.png";
theme = yorha;
};
};
plymouth = {
enable = true;
extraConfig = "DeviceScale=1";
theme = "target_2";
themePackages = [pkgs.adi1090x-plymouth-themes];
};
};
# This option defines the first version of NixOS you have installed on this particular machine,
# and is used to maintain compatibility with application data (e.g. databases) created on older NixOS versions.
#
# Most users should NEVER change this value after the initial install, for any reason,
# even if you've upgraded your system to a new NixOS release.
#
# This value does NOT affect the Nixpkgs version your packages and OS are pulled from,
# so changing it will NOT upgrade your system - see https://nixos.org/manual/nixos/stable/#sec-upgrading for how
# to actually do that.
#
# This value being lower than the current NixOS release does NOT mean your system is
# out of date, out of support, or vulnerable.
#
# Do NOT change this value unless you have manually inspected all the changes it would make to your configuration,
# and migrated your data accordingly.
#
# For more information, see `man configuration.nix` or https://nixos.org/manual/nixos/stable/options#opt-system.stateVersion .
system.stateVersion = "24.11"; # Did you read the comment?
}

26
linux/quasar/default.nix Normal file
View file

@ -0,0 +1,26 @@
{inputs, ...}: {
imports =
[
inputs.disko.nixosModules.default
../../common
./configuration.nix
./device.nix
./disko.nix
./gui.nix
./hardware-configuration.nix
./network.nix
./syncthing.nix
./tailscale.nix
./zfs.nix
]
++ (with inputs.hardware.nixosModules; [
common-cpu-amd
common-cpu-amd-pstate
common-cpu-amd-raphael-igpu
common-cpu-amd-zenpower
common-gpu-amd
common-hidpi
common-pc
common-pc-ssd
]);
}

61
linux/quasar/device.nix Normal file
View file

@ -0,0 +1,61 @@
{
config,
pkgs,
...
}: let
userName = config.constants.userName;
in {
hardware = {
bluetooth.enable = true;
graphics = {
enable = true;
extraPackages = [
pkgs.rocmPackages.clr.icd
];
};
keyboard.qmk.enable = true;
openrazer = {
enable = true;
users = [userName];
};
};
programs = {
adb.enable = true;
kdeconnect.enable = true;
noisetorch.enable = true;
};
security.rtkit.enable = true;
services = {
automatic-timezoned.enable = true;
avahi = {
enable = true;
nssmdns4 = true;
openFirewall = true;
};
fwupd.enable = true;
hardware.openrgb.enable = true;
pipewire = {
enable = true;
alsa = {
enable = true;
support32Bit = true;
};
pulse.enable = true;
};
printing.enable = true;
udev.packages = [pkgs.via];
};
users.users.${userName}.extraGroups = ["adbusers" "cdrom"];
virtualisation = {
containers.enable = true;
podman = {
enable = true;
dockerCompat = true;
};
};
}

113
linux/quasar/disko.nix Normal file
View file

@ -0,0 +1,113 @@
{...}: {
disko.devices = {
# Partition the physical disk
disk = {
active = {
type = "disk";
device = "/dev/nvme0n1";
content = {
type = "gpt";
partitions = {
esp = {
size = "2G";
type = "ef00";
content = {
type = "filesystem";
format = "vfat";
mountpoint = "/boot";
mountOptions = ["umask=0077"];
};
};
zfs = {
size = "100%";
content = {
type = "zfs";
pool = "zactive";
};
};
};
};
};
archive = {
type = "disk";
device = "/dev/sda";
content = {
type = "gpt";
partitions.zfs = {
size = "100%";
content = {
type = "zfs";
pool = "zarchive";
};
};
};
};
};
# Declare zfs pools for this system.
zpool = let
options = {
ashift = "12";
autotrim = "on";
listsnapshots = "on";
};
rootFsOptions = {
acltype = "posix";
atime = "off";
compression = "zstd";
dnodesize = "auto";
mountpoint = "none";
normalization = "formD";
xattr = "sa";
};
in {
zactive = {
type = "zpool";
inherit options rootFsOptions;
datasets = {
# Encrypt main dataset
main = {
type = "zfs_fs";
options = {
encryption = "on";
keyformat = "passphrase";
};
};
# Create dataset for home
"main/home" = {
type = "zfs_fs";
mountpoint = "/home";
};
# Create dataset for nix store
"main/nix" = {
type = "zfs_fs";
mountpoint = "/nix";
};
# Create dataset for root
"main/root" = {
type = "zfs_fs";
mountpoint = "/";
};
# Reserve space for performance
reservation = {
type = "zfs_fs";
options.refreservation = "256G";
};
};
};
zarchive = {
type = "zpool";
inherit options rootFsOptions;
datasets = {
snapshot.type = "zfs_fs";
# Reserve space for performance
reservation = {
type = "zfs_fs";
options.refreservation = "512G";
};
};
};
};
};
}

152
linux/quasar/gui.nix Normal file
View file

@ -0,0 +1,152 @@
{
config,
pkgs,
...
}: let
userName = config.constants.userName;
in {
home-manager.users.${userName} = {
config,
pkgs,
...
}: let
xdgCfg = config.xdg;
in {
home.packages = with pkgs; [
element-desktop
feishin
jellyfin-mpv-shim
joplin-desktop
lutris
nvtopPackages.amd
picard
qbittorrent
razergenie
ryujinx
telegram-desktop
thunderbird
via
winetricks
wineWowPackages.stagingFull
];
programs = {
# git.signing = {
# key = "0x6A815D4CB1637AAC";
# signByDefault = true;
# };
gpg = {
enable = true;
homedir = "${xdgCfg.dataHome}/gnupg";
};
mpv = {
enable = true;
config = {
osd-bar = "no";
border = "no";
};
scripts = with pkgs.mpvScripts; [
mpris
thumbfast
uosc
vr-reversal
];
};
obs-studio.enable = true;
zathura = {
enable = true;
options = {
completion-bg = "#504945";
completion-fg = "#ebdbb2";
completion-group-bg = "#3c3836";
completion-group-fg = "#928374";
completion-highlight-bg = "#83a598";
completion-highlight-fg = "#504945";
default-bg = "#1d2021";
default-fg = "#ebdbb2";
highlight-active-color = "#fe8019";
highlight-color = "#fabd2f";
index-active-bg = "#83a598";
index-active-fg = "#504945";
index-bg = "#504945";
index-fg = "#ebdbb2";
inputbar-bg = "#1d2021";
inputbar-fg = "#ebdbb2";
notification-bg = "#1d2021";
notification-error-bg = "#1d2021";
notification-error-fg = "#fb4934";
notification-fg = "#b8bb26";
notification-warning-bg = "#1d2021";
notification-warning-fg = "#fabd2f";
recolor = "true";
recolor-darkcolor = "#ebdbb2";
recolor-keephue = "true";
recolor-lightcolor = "#1d2021";
render-loading = "true";
render-loading-bg = "#1d2021";
render-loading-fg = "#ebdbb2";
selection-clipboard = "clipboard";
statusbar-bg = "#504945";
statusbar-fg = "#ebdbb2";
};
};
};
services = {
easyeffects.enable = true;
gpg-agent = {
enable = true;
pinentryPackage = pkgs.pinentry-qt;
};
xsettingsd = {
enable = true;
settings = {
"Gdk/UnscaledDPI" = 98304;
"Gdk/WindowScalingFactor" = 2;
"Gtk/EnableAnimations" = 1;
"Gtk/DecorationLayout" = "icon:minimize,maximize,close";
"Net/ThemeName" = "Sweet-Ambar-Blue";
"Gtk/PrimaryButtonWarpsSlider" = 1;
"Gtk/ToolbarStyle" = 3;
"Gtk/MenuImages" = 1;
"Gtk/ButtonImages" = 1;
"Gtk/CursorThemeSize" = 96;
"Gtk/CursorThemeName" = "Sweet-cursors";
"Net/SoundThemeName" = "yorha";
"Net/IconThemeName" = "Sweet-Rainbow";
"Gtk/FontName" = "Noto Sans, 10";
};
};
};
};
i18n.inputMethod = {
enable = true;
type = "fcitx5";
fcitx5.addons = with pkgs; [fcitx5-nord fcitx5-rime];
};
programs = {
dconf.enable = true;
# TODO: Enable when it's fixed
kde-pim = {
enable = true;
merkuro = true;
};
partition-manager.enable = true;
steam.enable = true;
};
services = {
desktopManager.plasma6.enable = true;
displayManager = {
autoLogin.user = userName;
sddm = {
enable = true;
wayland.enable = true;
};
};
xserver = {
enable = true;
videoDrivers = ["amdgpu"];
};
};
}

30
linux/quasar/hardware-configuration.nix Normal file
View file

@ -0,0 +1,30 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{
config,
lib,
pkgs,
modulesPath,
...
}: {
imports = [
(modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = ["nvme" "xhci_pci" "ahci" "uas" "usbhid" "sd_mod"];
boot.initrd.kernelModules = [];
boot.kernelModules = ["kvm-amd"];
boot.extraModulePackages = [];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true;
# networking.interfaces.enp10s0.useDHCP = lib.mkDefault true;
# networking.interfaces.wlp9s0.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
}

11
linux/quasar/network.nix Normal file
View file

@ -0,0 +1,11 @@
{...}: {
networking = {
hostId = "d8999277";
networkmanager = {
enable = true;
wifi.backend = "iwd";
};
nftables.enable = true;
wireless.iwd.enable = true;
};
}

21
linux/quasar/syncthing.nix Normal file
View file

@ -0,0 +1,21 @@
{...}: {
services.syncthing = {
enable = true;
settings.folders = {
# game-data = {
# devices = ["protostar"];
# path = "~/Game/data";
# type = "sendonly";
# };
# game-save = {
# devices = ["protostar"];
# path = "~/Game/save";
# };
# music = {
# devices = ["nebula"];
# path = "~/Music";
# type = "sendonly";
# };
};
};
}

7
linux/quasar/tailscale.nix Normal file
View file

@ -0,0 +1,7 @@
{...}: {
services.tailscale = {
enable = true;
port = 62662;
useRoutingFeatures = "client";
};
}

76
linux/quasar/zfs.nix Normal file
View file

@ -0,0 +1,76 @@
{
config,
lib,
...
}: {
boot.loader.grub.zfsSupport = true;
services.zfs = {
autoScrub.enable = true;
trim.enable = true;
};
services.zrepl = {
enable = true;
settings = {
global = {
logging = [
{
type = "syslog";
level = "info";
format = "human";
}
];
};
jobs = let
listener_name = "archive";
in [
{
type = "push";
name = "snapshot";
connect = {
inherit listener_name;
type = "local";
client_identity = config.networking.hostName;
};
filesystems."zactive/main/home" = true;
send.encrypted = true;
snapshotting = {
type = "periodic";
prefix = "zrepl-";
interval = "1h";
};
pruning = {
keep_sender = [
{
type = "grid";
regex = "^zrepl-.*";
grid = lib.concatStringsSep " | " ["1x1h(keep=all)" "24x1h" "7x1d" "4x1w"];
}
];
keep_receiver = [
{
type = "grid";
regex = "^zrepl-.*";
grid = lib.concatStringsSep " | " ["1x1h(keep=all)" "30x1d" "52x1w"];
}
];
};
replication.protection = {
initial = "guarantee_resumability";
incremental = "guarantee_incremental";
};
}
{
type = "sink";
name = "archive";
serve = {
inherit listener_name;
type = "local";
};
root_fs = "zarchive";
}
];
};
};
}