more renaming + some new software

2024-10-26 13:14:03 +02:00 · 2024-10-26 13:14:03 +02:00 · 02738e65ab
commit 02738e65ab
parent d94b4723d4
27 changed files with 42 additions and 16 deletions
--- a/hosts/nixdesk/default.nix
+++ b/hosts/nixdesk/default.nix
@ -1,35 +0,0 @@
-{lib, ...}: {
-  imports = [
-    ./hardware.nix
-    ./hibernate-boot.nix
-    ./testing.nix
-    ./samba-mount.nix
-  ];
-
-  networking.hostName = "nixdesk";
-
-  #swapDevices = lib.singleton {
-  #  device = "/dev/disk/by-uuid/1dcce4ab-71da-4928-83d5-62b20fd0fddf";
-  #};
-
-  #boot.resumeDevice = "/dev/disk/by-uuid/1dcce4ab-71da-4928-83d5-62b20fd0fddf";
-
-  #boot.kernelParams = [
-  #  "resume=UUID=1dcce4ab-71da-4928-83d5-62b20fd0fddf"
-  #  "resume_offset=3841492992" # fdisk -l
-  #];
-
-  nixpkgs.config = {
-    rocmSupport = true;
-    allowUnfreePredicate = pkg:
-      builtins.elem (lib.getName pkg) [
-        "steam"
-        "steam-original"
-        "apple_cursor" # bwuh this is NOT unfree!!
-      ];
-  };
-
-  networking.interfaces.eno1.wakeOnLan.enable = true;
-
-  system.stateVersion = "23.11";
-}
--- a/hosts/nixdesk/hardware.nix
+++ b/hosts/nixdesk/hardware.nix
@ -1,95 +0,0 @@
-{
-  inputs,
-  config,
-  pkgs,
-  lib,
-  ...
-}: {
-  imports = [
-    inputs.hardware.nixosModules.common-cpu-amd
-    inputs.hardware.nixosModules.common-gpu-amd
-    inputs.hardware.nixosModules.common-pc-ssd
-    inputs.hardware.nixosModules.gigabyte-b550
-  ];
-
-  boot = {
-    kernelPackages = pkgs.linuxPackages_latest;
-    initrd = {
-      availableKernelModules = [
-        "nvme"
-        "xhci_pci"
-        "ahci"
-        "usb_storage"
-        "usbhid"
-        "sd_mod"
-      ];
-      kernelModules = ["amdgpu"];
-    };
-    kernelModules = ["kvm-amd"];
-    extraModulePackages = with config.boot.kernelPackages; [
-      rtl88xxau-aircrack # usb wifi card
-    ];
-    loader = {
-      timeout = 10;
-      systemd-boot = {
-        enable = true;
-        consoleMode = "max";
-        configurationLimit = 120;
-        editor = false;
-      };
-      efi = {
-        canTouchEfiVariables = true;
-        efiSysMountPoint = "/boot";
-      };
-    };
-  };
-
-  fileSystems = {
-    "/" = {
-      device = "/dev/disk/by-uuid/d87276c0-ef9c-422e-b2de-effc1b47c654";
-      fsType = "btrfs";
-      options = ["subvol=root" "compress=zstd"];
-    };
-    "/home" = {
-      device = "/dev/disk/by-uuid/d87276c0-ef9c-422e-b2de-effc1b47c654";
-      fsType = "btrfs";
-      options = ["subvol=home" "compress=zstd"];
-    };
-    "/nix" = {
-      device = "/dev/disk/by-uuid/d87276c0-ef9c-422e-b2de-effc1b47c654";
-      fsType = "btrfs";
-      options = ["subvol=nix" "compress=zstd" "noatime"];
-    };
-    "/.swapvol" = {
-      device = "/dev/disk/by-uuid/d87276c0-ef9c-422e-b2de-effc1b47c654";
-      fsType = "btrfs";
-      options = ["subvol=swap" "noatime"];
-    };
-    "/boot" = {
-      device = "/dev/disk/by-uuid/588B-CB97";
-      fsType = "vfat";
-    };
-  };
-
-  boot.resumeDevice = "/dev/disk/by-uuid/d87276c0-ef9c-422e-b2de-effc1b47c654";
-  # btrfs inspect-internal map-swapfile -r /.swapvol/swapfile
-  boot.kernelParams = ["resume_offset=76293376"];
-
-  swapDevices = lib.singleton {
-    device = "/.swapvol/swapfile";
-  };
-
-  hardware.enableRedistributableFirmware = true;
-
-  services.xserver.videoDrivers = [
-    "amdgpu"
-    #"nvidia"
-  ];
-  #hardware.nvidia = {
-  #  modesetting.enable = true;
-  #  package = config.boot.kernelPackages.nvidiaPackages.stable;
-  #};
-
-  nixpkgs.hostPlatform.system = "x86_64-linux";
-  hardware.cpu.amd.updateMicrocode = true;
-}
--- a/hosts/nixdesk/hibernate-boot.nix
+++ b/hosts/nixdesk/hibernate-boot.nix
@ -1,28 +0,0 @@
-{pkgs, ...}: {
-  # hibernate and reboot to firmware
-  # this allows me to save linux state and boot into another os (such as windows)
-  # make sure not to mount any filesystems from the other os or you risk losing data
-  environment.systemPackages = [
-    (pkgs.writeShellScriptBin "hib-boot" ''
-      set -e
-
-      if [ ! -v 1 ]; then
-        echo "no argument provided"
-        echo "please provide the id for the os you want to boot"
-        echo "these are the valid id's:"
-        echo ""
-        ${pkgs.efibootmgr}/bin/efibootmgr
-        exit
-      fi
-
-      if [ ! -w /sys/power/disk -o ! -w /sys/power/state ]; then
-        echo "you lack permission to write to /sys/power/{disk,state}, are you not running this script as root?"
-        exit
-      fi
-
-      ${pkgs.efibootmgr}/bin/efibootmgr -n "$1" >/dev/null
-      echo reboot >/sys/power/disk
-      echo disk >/sys/power/state
-    '')
-  ];
-}
--- a/hosts/nixdesk/jellyfin.nix
+++ b/hosts/nixdesk/jellyfin.nix
@ -1,94 +0,0 @@
-{config, ...}: {
-  security.acme = {
-    acceptTerms = true;
-    defaults = {
-      email = "xunuwu@gmail.com";
-      reloadServices = ["podman-caddy.service"];
-    };
-    certs = {
-      "xun.cam" = {
-        dnsProvider = "cloudflare";
-        credentialFiles = {
-          CF_DNS_API_TOKEN_FILE = config.sops.secrets.cloudflare.path;
-        };
-        extraDomainNames = ["jellyfin.desktop.xun.cam"];
-      };
-    };
-  };
-
-  virtualisation.podman = {
-    enable = true;
-    autoPrune.enable = true;
-    dockerSocket.enable = true;
-  };
-
-  systemd.tmpfiles.rules = [
-    "d /media/config/caddy/data 0750 root root -"
-    "d /media/config/caddy/config 0750 root root -"
-    "d /media/config/jellyfin/config 0750 root root -"
-    "d /media/config/jellyfin/cache 0750 root root -"
-    "d /media/library 0750 root root -"
-  ];
-
-  virtualisation.oci-containers = {
-    backend = "podman";
-
-    containers = {
-      gluetun = {
-        image = "qmcgaw/gluetun:v3";
-        volumes = [
-          "${config.sops.secrets.wireguard.path}:/gluetun/wireguard/wg0.conf"
-        ];
-        ports = [
-          ## This bypasses the firewall
-          ## use 127.0.0.1:XXXX:XXXX if you only want it to be accessible locally
-          "8096:8096" # jellyfin local network
-          "60926:60926" # jellyfin
-        ];
-
-        environment = {
-          VPN_SERVICE_PROVIDER = "airvpn";
-          VPN_TYPE = "wireguard";
-          SERVER_COUNTRIES = "Netherlands";
-          FIREWALL_VPN_INPUT_PORTS = "60926";
-        };
-
-        extraOptions = [
-          "--cap-add=NET_ADMIN"
-          "--device=/dev/net/tun:/dev/net/tun"
-        ];
-      };
-      jellyfin = {
-        image = "jellyfin/jellyfin";
-        volumes = [
-          "/media/config/jellyfin/config:/config"
-          "/media/config/jellyfin/cache:/cache"
-          "/media/library:/library"
-        ];
-        dependsOn = ["gluetun"];
-        extraOptions = [
-          "--network=container:gluetun"
-          "--device=/dev/dri:/dev/dri"
-        ];
-      };
-      caddy = {
-        image = "caddy";
-        volumes = [
-          "${builtins.toFile "Caddyfile" ''
-            https://jellyfin.desktop.xun.cam:60926 {
-              tls /etc/ssl/certs/xun.cam/cert.pem /etc/ssl/certs/xun.cam/key.pem
-              reverse_proxy localhost:8096
-            }
-          ''}:/etc/caddy/Caddyfile"
-          "/var/lib/acme/xun.cam:/etc/ssl/certs/xun.cam"
-          "/media/config/caddy/data:/data"
-          "/media/config/caddy/config:/config"
-        ];
-        dependsOn = ["gluetun"];
-        extraOptions = [
-          "--network=container:gluetun"
-        ];
-      };
-    };
-  };
-}
--- a/hosts/nixdesk/samba-mount.nix
+++ b/hosts/nixdesk/samba-mount.nix
@ -1,36 +0,0 @@
-{config, ...}: {
-  systemd.mounts = [
-    {
-      description = "smb hopper transmission download directory";
-      what = "//192.168.50.97/transmission"; # hopper local ip
-      where = "/server/transmission";
-      type = "cifs";
-      options = builtins.readFile ./smbcreds;
-    }
-    {
-      description = "smb hopper vault";
-      what = "//192.168.50.97/vault"; # hopper local ip
-      where = "/server/vault";
-      type = "cifs";
-      options = "uid=xun,gid=users," + (builtins.readFile ./smbcreds);
-    }
-  ];
-  systemd.automounts = [
-    {
-      requires = ["network-online.target"];
-      where = "/server/transmission";
-      wantedBy = ["multi-user.target"];
-      automountConfig = {
-        TimeoutIdleSec = "10min";
-      };
-    }
-    {
-      requires = ["network-online.target"];
-      where = "/server/vault";
-      wantedBy = ["multi-user.target"];
-      automountConfig = {
-        TimeoutIdleSec = "10min";
-      };
-    }
-  ];
-}
--- a/hosts/nixdesk/smbcreds
+++ b/hosts/nixdesk/smbcreds
@ -1,10 +0,0 @@
-age-encryption.org/v1
-> ssh-ed25519 Uot/1Q zOPmK3Ael5Ss1gclWT0Q/YLbtus/1Ef5QgSYP96MdjQ
-Ut0OfpCHqMlWrkU298WDWXLseerYiwv8hAAf70nSgfo
-> mQ1Ds-grease V=M 7*
-ZsOetI30y2vLGlwWP84sVSQzbrtA4m+yRrCc316MzHWPyuEJYnVzw7Eygayg8c26
-t+1VDhMHLhFpImAIXni2GsZNAxGnUw5VaRybmpHRt1Bri8k7ZENosX/7T6/kViO8
-BW8
--- 0MsxoH3ENvyga/ICHX3448MZ9q7GJecTg5eOLPe2D2A
-ÍfÈh_±¿ÌïÉ¿m>rc¢
ˆ®§Ó¡JxûÕ×ƒ÷E^-ø‰‘˜¹`·!+Ñëu¡Tu{¢õsoh"‚ð¤EŒ<45>%ÍÏ¼ÿ §Ð—!	_>)ûšÒ¤†¡.™ÅÁ'Â¼]U}íèšƒeB·éÈ7³L£¢¹;ñ£9h`
-˜+8›<38>6Š‰#ÄÀ}4âR»”/Oåî‘S¶“ð—÷€ÌÝüœ„ZÅ(<28>‰åBË®Z<16>·Ð9
‡
--- a/hosts/nixdesk/testing.nix
+++ b/hosts/nixdesk/testing.nix
@ -1,17 +0,0 @@
-{self, ...}: {
-  imports = [
-    self.nixosModules.xun
-  ];
-  xun.gaming = let
-    enabled = {enable = true;};
-  in {
-    enable = true;
-    steam = enabled;
-    gamescope = enabled;
-    gamemode = enabled;
-    sunshine = {
-      enable = true;
-      openFirewall = true;
-    };
-  };
-}