diff --git a/flake.nix b/flake.nix index 1eb0aff..dc7c450 100755 --- a/flake.nix +++ b/flake.nix @@ -55,6 +55,12 @@ ]; }; + outputs-builder = channels: { + devShells = { + default = import ./shells/default/default.nix { pkgs = channels.nixpkgs; }; + }; + }; + homes.modules = with inputs; [ sops-nix.homeManagerModules.sops ]; diff --git a/homes/x86_64-linux/evanreichard@lin-va-terminal/default.nix b/homes/x86_64-linux/evanreichard@lin-va-terminal/default.nix new file mode 100755 index 0000000..2a7c7f5 --- /dev/null +++ b/homes/x86_64-linux/evanreichard@lin-va-terminal/default.nix @@ -0,0 +1,65 @@ +{ pkgs, lib, config, namespace, ... }: +let + inherit (lib.${namespace}) enabled; +in +{ + home.stateVersion = "25.05"; + + reichard = { + user = { + enable = true; + inherit (config.snowfallorg.user) name; + }; + + services = { + ssh-agent = enabled; + fusuma = enabled; + swww = enabled; + }; + + programs = { + graphical = { + wms.hyprland = enabled; + ghostty = enabled; + ghidra = enabled; + browsers.firefox = { + enable = true; + gpuAcceleration = true; + hardwareDecoding = true; + }; + }; + + terminal = { + btop = enabled; + direnv = enabled; + git = enabled; + k9s = enabled; + nvim = enabled; + }; + }; + }; + + dconf = { + settings = { + "org/gnome/desktop/interface" = { + color-scheme = "prefer-dark"; + cursor-theme = "catppuccin-macchiato-mauve-cursors"; + cursor-size = 24; + }; + }; + }; + + + home.pointerCursor = { + gtk.enable = true; + name = "catppuccin-macchiato-mauve-cursors"; + package = pkgs.catppuccin-cursors.macchiatoMauve; + size = 24; + }; + + # SQLite Configuration + home.file.".sqliterc".text = '' + .headers on + .mode column + ''; +} diff --git a/modules/nixos/services/headscale/default.nix b/modules/nixos/services/headscale/default.nix index a4ff22e..ed3a3e9 100644 --- a/modules/nixos/services/headscale/default.nix +++ b/modules/nixos/services/headscale/default.nix @@ -32,8 +32,13 @@ in server_url = "https://headscale.reichard.io"; dns = { base_domain = "reichard.dev"; - nameservers.split = { - "va.reichard.io" = [ "10.0.20.20" ]; + nameservers = { + global = [ + "9.9.9.9" + ]; + split = { + "va.reichard.io" = [ "10.0.20.20" ]; + }; }; }; }; diff --git a/modules/nixos/services/openssh/default.nix b/modules/nixos/services/openssh/default.nix index 625e725..c0dca50 100644 --- a/modules/nixos/services/openssh/default.nix +++ b/modules/nixos/services/openssh/default.nix @@ -16,6 +16,8 @@ let "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMWj6rd6uDtHj/gGozgIEgxho/vBKebgN5Kce/N6vQWV" # evanreichard@lin-va-thinkpad "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAq5JQr/6WJMIHhR434nK95FrDmf2ApW2Ahd2+cBKwDz" + # evanreichard@mobile + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIARTNbl4lgQsp7SJEng7vprL0+ChC9e6iR7o/PiC4Jme" ]; in { diff --git a/shells/default/default.nix b/shells/default/default.nix new file mode 100644 index 0000000..0d899fd --- /dev/null +++ b/shells/default/default.nix @@ -0,0 +1,29 @@ +{ pkgs, ... }: + +let + sync-repo = pkgs.writeShellScriptBin "sync-repo" '' + if [ -z "$1" ]; then + echo "Usage: sync-repo " + echo "Example: sync-repo 23.29.118.42" + exit 1 + fi + + rsync -av \ + --exclude='.git' \ + --exclude='.direnv' \ + --exclude='_scratch' \ + . evanreichard@$1:/etc/nixos + ''; +in +pkgs.mkShell { + name = "reichard-dev"; + + buildInputs = with pkgs; [ + rsync + sync-repo + ]; + + shellHook = '' + echo "Use: sync-repo to sync repository" + ''; +} diff --git a/systems/aarch64-linux/lin-o1-headscale/default.nix b/systems/aarch64-linux/lin-o1-headscale/default.nix index 6fc0552..60ceaf0 100755 --- a/systems/aarch64-linux/lin-o1-headscale/default.nix +++ b/systems/aarch64-linux/lin-o1-headscale/default.nix @@ -25,9 +25,7 @@ in enable = true; diskPath = "/dev/sda"; }; - networking = { - enable = true; - }; + networking = enabled; }; services = { diff --git a/systems/aarch64-linux/lin-o1-node2/default.nix b/systems/aarch64-linux/lin-o1-node/default.nix similarity index 100% rename from systems/aarch64-linux/lin-o1-node2/default.nix rename to systems/aarch64-linux/lin-o1-node/default.nix diff --git a/systems/x86_64-linux/lin-o1-x86-node/default.nix b/systems/x86_64-linux/lin-o1-x86-node/default.nix new file mode 100755 index 0000000..af0a400 --- /dev/null +++ b/systems/x86_64-linux/lin-o1-x86-node/default.nix @@ -0,0 +1,60 @@ +{ namespace, config, pkgs, lib, modulesPath, ... }: +let + inherit (lib.${namespace}) enabled; + + cfg = config.${namespace}.user; +in +{ + imports = [ + (modulesPath + "/profiles/qemu-guest.nix") + ]; + + system.stateVersion = "25.05"; + time.timeZone = "UTC"; + + boot.loader.grub = { + efiSupport = true; + efiInstallAsRemovable = true; + }; + + reichard = { + nix = enabled; + + system = { + disk = { + enable = true; + diskPath = "/dev/sda"; + }; + networking = { + enable = true; + }; + }; + + services = { + openssh = enabled; + tailscale = { + enable = true; + enableRouting = true; + }; + }; + }; + + users.users.${cfg.name} = { + openssh = { + authorizedKeys.keys = [ + # evanreichard@lin-va-mbp-personal + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILJJoyXQOv9cAjGUHrUcvsW7vY9W0PmuPMQSI9AMZvNY" + # evanreichard@mac-va-mbp-personal + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMWj6rd6uDtHj/gGozgIEgxho/vBKebgN5Kce/N6vQWV" + # evanreichard@lin-va-thinkpad + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAq5JQr/6WJMIHhR434nK95FrDmf2ApW2Ahd2+cBKwDz" + ]; + }; + }; + + environment.systemPackages = with pkgs; [ + btop + tmux + vim + ]; +} diff --git a/systems/x86_64-linux/lin-cloud-kube1/default.nix b/systems/x86_64-linux/lin-ovh-kube1/default.nix similarity index 85% rename from systems/x86_64-linux/lin-cloud-kube1/default.nix rename to systems/x86_64-linux/lin-ovh-kube1/default.nix index 36674a5..647e2cf 100755 --- a/systems/x86_64-linux/lin-cloud-kube1/default.nix +++ b/systems/x86_64-linux/lin-ovh-kube1/default.nix @@ -27,15 +27,7 @@ in enable = true; diskPath = "/dev/sda"; }; - networking = { - enable = true; - useStatic = { - interface = "enp3s0"; - address = "23.29.118.42"; - defaultGateway = "23.29.118.1"; - nameservers = [ "1.1.1.1" ]; - }; - }; + networking = enabled; }; services = { diff --git a/systems/x86_64-linux/lin-ssd-kube1/default.nix b/systems/x86_64-linux/lin-ssd-kube1/default.nix new file mode 100755 index 0000000..d5ff227 --- /dev/null +++ b/systems/x86_64-linux/lin-ssd-kube1/default.nix @@ -0,0 +1,73 @@ +{ namespace, config, pkgs, lib, modulesPath, ... }: +let + inherit (lib.${namespace}) enabled; + + cfg = config.${namespace}.user; +in +{ + imports = [ + (modulesPath + "/profiles/qemu-guest.nix") + ]; + + system.stateVersion = "25.05"; + time.timeZone = "UTC"; + + networking.firewall.allowedTCPPorts = [ 443 ]; + + boot.loader.grub = { + efiSupport = true; + efiInstallAsRemovable = true; + }; + + reichard = { + nix = enabled; + + system = { + disk = { + enable = true; + diskPath = "/dev/sda"; + }; + networking = { + enable = true; + useStatic = { + interface = "enp3s0"; + address = "23.29.118.42"; + defaultGateway = "23.29.118.1"; + nameservers = [ "1.1.1.1" ]; + }; + }; + }; + + services = { + openssh = enabled; + tailscale = { + enable = true; + enableRouting = true; + }; + rke2 = { + enable = true; + openFirewall = false; + disable = [ "rke2-ingress-nginx" ]; + }; + }; + }; + + # users.users.${cfg.name} = { + # openssh = { + # authorizedKeys.keys = [ + # # evanreichard@lin-va-mbp-personal + # "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILJJoyXQOv9cAjGUHrUcvsW7vY9W0PmuPMQSI9AMZvNY" + # # evanreichard@mac-va-mbp-personal + # "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMWj6rd6uDtHj/gGozgIEgxho/vBKebgN5Kce/N6vQWV" + # # evanreichard@lin-va-thinkpad + # "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAq5JQr/6WJMIHhR434nK95FrDmf2ApW2Ahd2+cBKwDz" + # ]; + # }; + # }; + + environment.systemPackages = with pkgs; [ + btop + tmux + vim + ]; +} diff --git a/systems/x86_64-linux/lin-va-terminal/default.nix b/systems/x86_64-linux/lin-va-terminal/default.nix new file mode 100755 index 0000000..1e528d1 --- /dev/null +++ b/systems/x86_64-linux/lin-va-terminal/default.nix @@ -0,0 +1,57 @@ +{ namespace, lib, ... }: +let + inherit (lib.${namespace}) enabled; +in +{ + system.stateVersion = "25.05"; + time.timeZone = "America/New_York"; + + reichard = { + nix = enabled; + + system = { + boot = { + enable = true; + xenGuest = true; + }; + + disk = { + enable = true; + diskPath = "/dev/xvda"; + }; + + networking = { + enable = true; + useStatic = { + interface = "enX0"; + address = "10.0.50.240"; + defaultGateway = "10.0.50.254"; + nameservers = [ "10.0.50.254" ]; + }; + }; + }; + + hardware = { + opengl = { + enable = true; + enable32Bit = true; + enableIntel = true; + }; + }; + + services = { + avahi = enabled; + ydotool = enabled; + }; + + virtualisation = { + podman = enabled; + }; + + programs = { + graphical = { + wms.hyprland = enabled; + }; + }; + }; +}