evan/nix
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: evan:master
Branches Tags
evan:master evan:snowfall
..
compare: evan:snowfall
Branches Tags
evan:master evan:snowfall

8 Commits
master ... snowfall

Author SHA1 Message Date
Evan Reichard
559ef8c17d remove ff sponsored 2025-04-19 21:12:13 -04:00
Evan Reichard
036f162264 fix sops 2025-04-19 21:08:21 -04:00
Evan Reichard
00070837c2 fix bindings 2025-04-19 20:37:58 -04:00
Evan Reichard
e84f6e7cb4 again 2025-04-19 20:35:52 -04:00
Evan Reichard
914f8e8d30 more 2025-04-19 20:35:22 -04:00
Evan Reichard
fb1b69153b thinkpad conf 2025-04-19 20:09:49 -04:00
Evan Reichard
cf82afea4b utility 2025-04-10 20:01:05 -04:00
Evan Reichard
4d04f2600f snowfall migration 2025-04-10 17:40:56 -04:00
71 changed files with 494 additions and 1833 deletions
Expand all files Collapse all files

7
.sops.yaml
View File

@@ -3,8 +3,6 @@ keys:
- &admin_reichard age1sac93wpnjcv62s7583jv6a4yspndh6k0r25g3qx3k7gq748uvafst6nz4w - &admin_reichard age1sac93wpnjcv62s7583jv6a4yspndh6k0r25g3qx3k7gq748uvafst6nz4w
# lin-va-mbp-personal@evanreichard - SSH Derived # lin-va-mbp-personal@evanreichard - SSH Derived
- &user_lin-va-mbp-personal age17ayje4uv2mhwehhp9jr3u9l0ds07396kt7ef40sufx89vm7cgfjq6d5d4y - &user_lin-va-mbp-personal age17ayje4uv2mhwehhp9jr3u9l0ds07396kt7ef40sufx89vm7cgfjq6d5d4y
# mac-va-mbp-personal@evanreichard - SSH Derived
- &user_mac-va-mbp-personal age1dccte7xtwswgef089nd80dutp96xnezx5lrqnneh9cusegsnda8sj3dj6c
creation_rules: creation_rules:
- path_regex: secrets/[^/]+\.(yaml|json|env|ini)$ - path_regex: secrets/[^/]+\.(yaml|json|env|ini)$
key_groups: key_groups:
@@ -15,8 +13,3 @@ creation_rules:
- age: - age:
- *admin_reichard - *admin_reichard
- *user_lin-va-mbp-personal - *user_lin-va-mbp-personal
- path_regex: secrets/mac-va-mbp-personal/evanreichard/[^/]+\.(yaml|json|env|ini)$
key_groups:
- age:
- *admin_reichard
- *user_mac-va-mbp-personal

98
README.md
View File

@@ -2,79 +2,65 @@
This repository contains the configuration for multiple machines, as well as my home / IDE config (home-manager). This repository contains the configuration for multiple machines, as well as my home / IDE config (home-manager).
```bash ### NixOS
# Install NixOS
./bootstrap.sh install --name lin-va-nix-builder
# Remote Image Build (NixOS Builder)
./bootstrap.sh image --name lin-va-rke2 --remote
# Home Manager Install
home-manager switch --flake .#evanreichard@mac-va-mbp-personal
# Update Flake
nix flake update
```
## Manual
```bash ```bash
# Install NixOS
sudo nixos-rebuild switch --flake .#lin-va-mbp-personal sudo nixos-rebuild switch --flake .#lin-va-mbp-personal
# Install NixOS (Remote)
nix run github:nix-community/nixos-anywhere -- --flake .#lin-cloud-kube1 --target-host \<USER\>@\<IP\>
# Build Image
nix build .#vmwareConfigurations.lin-va-rke2
``` ```
## Nix Darwin ### NixOS Generators
```bash ```bash
# Install Nix Without Determinate nix build .#vmwareConfigurations.rke2-node
curl --proto '=https' --tlsv1.2 -sSf -L https://install.determinate.systems/nix | sh -s -- install
# Switch Nix Darwin
sudo nix run nix-darwin#darwin-rebuild -- switch --flake .#mac-va-mbp-personal
sudo darwin-rebuild switch --flake .#mac-va-mbp-personal
``` ```
## Clean Garbage ### Home Manager
NOTE: This will remove previous generations
```bash ```bash
sudo nix-collect-garbage --delete-old home-manager switch --flake .#evanreichard@MBP-Personal
nix-collect-garbage --delete-old
``` ```
## Home Manager ### NixOS Hosts
#### Copy Config
```bash ```bash
# Update System Channels rsync -av --exclude='.git' . root@HOST:/etc/nixos
sudo nix-channel --add https://nixos.org/channels/nixpkgs-25.05-darwin nixpkgs
sudo nix-channel --update
# Update Home Manager
nix-channel --add https://github.com/nix-community/home-manager/archive/release-25.05.tar.gz home-manager
nix-channel --update
# Link Repo
ln -s /Users/evanreichard/Development/git/personal/nix/home-manager ~/.config/home-manager
# Build Home Manager
home-manager switch
``` ```
### OS Update #### Partition Drives
`/etc/bashrc` may get overridden. To properly load Nix, prepend the following:
```bash ```bash
# Nix # Validate Disk
if [ -e '/nix/var/nix/profiles/default/etc/profile.d/nix-daemon.sh' ]; then ls -l /dev/disk/by-id
. '/nix/var/nix/profiles/default/etc/profile.d/nix-daemon.sh'
fi # Partition Disk
# End Nix # WARNING: This will destroy all data on the disk(s)
sudo nix \
--experimental-features "nix-command flakes" \
run github:nix-community/disko -- \
--mode disko \
--flake /etc/nixos#HOST_CONFIG
```
#### Install NixOS
```bash
# Install
sudo nixos-install --flake /etc/nixos#HOST_CONFIG
# Reboot
sudo reboot
```
#### Copy Config Back to Host
```bash
rsync -av --exclude='.git' . root@HOST:/etc/nixos
```
#### Rebuild NixOS
```bash
sudo nixos-rebuild switch
``` ```

44
bootstrap.sh
View File

@@ -31,13 +31,13 @@ function cmd_image() {
# Validate Config Exists # Validate Config Exists
if ! nix eval --json --impure \ if ! nix eval --json --impure \
".#vmwareConfigurations" \ ".#qcowConfigurations" \
--apply "s: builtins.hasAttr \"$name\" s" 2>/dev/null | grep -q "true"; then --apply "s: builtins.hasAttr \"$name\" s" 2>/dev/null | grep -q "true"; then
echo "Error: NixOS Generator Config '$name' not found" echo "Error: NixOS Generator Config '$name' not found"
exit 1 exit 1
fi fi
build_args=(".#vmwareConfigurations.$name") build_args=(".#qcowConfigurations.$name")
if [ "$remote" = true ]; then if [ "$remote" = true ]; then
build_args+=("-j0") build_args+=("-j0")
fi fi
@@ -51,9 +51,8 @@ function cmd_image() {
} }
function cmd_install() { function cmd_install() {
local usage="Usage: $0 install --name <system-name> [--remote <user@remote-host>]" local usage="Usage: $0 install --name <system-name>"
local name="" local name=""
local remote=""
while [[ $# -gt 0 ]]; do while [[ $# -gt 0 ]]; do
case "$1" in case "$1" in
@@ -61,10 +60,6 @@ function cmd_install() {
name="$2" name="$2"
shift 2 shift 2
;; ;;
--remote)
remote="$2"
shift 2
;;
*) *)
echo "$usage" echo "$usage"
exit 1 exit 1
@@ -92,18 +87,6 @@ function cmd_install() {
exit 1 exit 1
fi fi
# Remote or Local
if [ -n "$remote" ]; then
cmd_install_remote "$name" "$remote"
else
cmd_install_local "$name" "$disk_id"
fi
}
function cmd_install_local(){
local name="$1"
local disk_id="$2"
# Validate Disk Exists # Validate Disk Exists
if [ ! -e "$disk_id" ]; then if [ ! -e "$disk_id" ]; then
echo "Error: Disk $disk_id not found on system" echo "Error: Disk $disk_id not found on system"
@@ -150,27 +133,6 @@ function cmd_install_local(){
sudo reboot sudo reboot
} }
function cmd_install_remote(){
local name="$1"
local remote="$2"
# Prompt Install
read -p "This will completely wipe and install NixOS on $remote with configuration $name. Continue? (y/n) " -n 1 -r
echo
if [[ ! $REPLY =~ ^[Yy]$ ]]; then
echo "Operation Cancelled"
exit 1
fi
# Install NixOS
echo "Installing $name to remote host: $remote"
if ! nix run github:nix-community/nixos-anywhere -- --flake ".#$name" --target-host "$remote"; then
echo "Error: Remote NixOS installation failed"
exit 1
fi
echo "Successfully installed $name to remote host: $remote"
}
case "$1" in case "$1" in
image) image)
shift shift

181
flake.lock generated
View File

@@ -6,54 +6,33 @@
"nixpkgs": [ "nixpkgs": [
"nixpkgs" "nixpkgs"
], ],
"treefmt-nix": "treefmt-nix" "rust-overlay": "rust-overlay"
}, },
"locked": { "locked": {
"lastModified": 1755115705, "lastModified": 1738646032,
"narHash": "sha256-CjWlI6c1pWu+X5Qz8B6K1httNpA4eDNxf/Ozfm6Mvlw=", "narHash": "sha256-57BdBE9anNpIpf48EiTVLGxg4mOQ04XjHCEP0gLTsFA=",
"owner": "tpwrules", "owner": "tpwrules",
"repo": "nixos-apple-silicon", "repo": "nixos-apple-silicon",
"rev": "78b5825968dc784dae2fe71b1c76f364efe107ae", "rev": "e77031211944723a38bebc043e48847c36e43668",
"type": "github" "type": "github"
}, },
"original": { "original": {
"owner": "tpwrules", "owner": "tpwrules",
"ref": "release-25.05", "ref": "releasep2-2024-12-25",
"repo": "nixos-apple-silicon", "repo": "nixos-apple-silicon",
"type": "github" "type": "github"
} }
}, },
"darwin": {
"inputs": {
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1759509947,
"narHash": "sha256-4XifSIHfpJKcCf5bZZRhj8C4aCpjNBaE3kXr02s4rHU=",
"owner": "nix-darwin",
"repo": "nix-darwin",
"rev": "000eadb231812ad6ea6aebd7526974aaf4e79355",
"type": "github"
},
"original": {
"owner": "nix-darwin",
"ref": "nix-darwin-25.05",
"repo": "nix-darwin",
"type": "github"
}
},
"disko": { "disko": {
"inputs": { "inputs": {
"nixpkgs": "nixpkgs" "nixpkgs": "nixpkgs"
}, },
"locked": { "locked": {
"lastModified": 1762276996, "lastModified": 1743598667,
"narHash": "sha256-TtcPgPmp2f0FAnc+DMEw4ardEgv1SGNR3/WFGH0N19M=", "narHash": "sha256-ViE7NoFWytYO2uJONTAX35eGsvTYXNHjWALeHAg8OQY=",
"owner": "nix-community", "owner": "nix-community",
"repo": "disko", "repo": "disko",
"rev": "af087d076d3860760b3323f6b583f4d828c1ac17", "rev": "329d3d7e8bc63dd30c39e14e6076db590a6eabe6",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -64,17 +43,18 @@
}, },
"firefox-addons": { "firefox-addons": {
"inputs": { "inputs": {
"flake-utils": "flake-utils",
"nixpkgs": [ "nixpkgs": [
"nixpkgs" "nixpkgs"
] ]
}, },
"locked": { "locked": {
"dir": "pkgs/firefox-addons", "dir": "pkgs/firefox-addons",
"lastModified": 1762747412, "lastModified": 1743861198,
"narHash": "sha256-E9E30aYXUvRrsBG03cDnQnjGpFgfoct55BuPpAGzfEE=", "narHash": "sha256-PzbPHoSI5U1juWd01Spf3ST7ylR9mQ84v5p7NksBplY=",
"owner": "rycee", "owner": "rycee",
"repo": "nur-expressions", "repo": "nur-expressions",
"rev": "09deac38ec607361200ed0d88e77b50b00426f0f", "rev": "7408ed5bbc9009741094f4dd4cc1abec79e79e7e",
"type": "gitlab" "type": "gitlab"
}, },
"original": { "original": {
@@ -86,11 +66,11 @@
}, },
"flake-compat": { "flake-compat": {
"locked": { "locked": {
"lastModified": 1746162366, "lastModified": 1688025799,
"narHash": "sha256-5SSSZ/oQkwfcAz/o/6TlejlVGqeK08wyREBQ5qFFPhM=", "narHash": "sha256-ktpB4dRtnksm9F5WawoIkEneh1nrEvuxb5lJFt1iOyw=",
"owner": "nix-community", "owner": "nix-community",
"repo": "flake-compat", "repo": "flake-compat",
"rev": "0f158086a2ecdbb138cd0429410e44994f1b7e4b", "rev": "8bf105319d44f6b9f0d764efa4fdef9f1cc9ba1c",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -116,6 +96,40 @@
} }
}, },
"flake-utils": { "flake-utils": {
"locked": {
"lastModified": 1629284811,
"narHash": "sha256-JHgasjPR0/J1J3DRm4KxM4zTyAj4IOJY8vIl75v/kPI=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "c5d161cc0af116a2e17f54316f0bf43f0819785c",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"flake-utils-plus": {
"inputs": {
"flake-utils": "flake-utils_2"
},
"locked": {
"lastModified": 1715533576,
"narHash": "sha256-fT4ppWeCJ0uR300EH3i7kmgRZnAVxrH+XtK09jQWihk=",
"owner": "gytis-ivaskevicius",
"repo": "flake-utils-plus",
"rev": "3542fe9126dc492e53ddd252bb0260fe035f2c0f",
"type": "github"
},
"original": {
"owner": "gytis-ivaskevicius",
"repo": "flake-utils-plus",
"rev": "3542fe9126dc492e53ddd252bb0260fe035f2c0f",
"type": "github"
}
},
"flake-utils_2": {
"inputs": { "inputs": {
"systems": "systems" "systems": "systems"
}, },
@@ -133,25 +147,6 @@
"type": "github" "type": "github"
} }
}, },
"flake-utils-plus": {
"inputs": {
"flake-utils": "flake-utils"
},
"locked": {
"lastModified": 1715533576,
"narHash": "sha256-fT4ppWeCJ0uR300EH3i7kmgRZnAVxrH+XtK09jQWihk=",
"owner": "gytis-ivaskevicius",
"repo": "flake-utils-plus",
"rev": "3542fe9126dc492e53ddd252bb0260fe035f2c0f",
"type": "github"
},
"original": {
"owner": "gytis-ivaskevicius",
"repo": "flake-utils-plus",
"rev": "3542fe9126dc492e53ddd252bb0260fe035f2c0f",
"type": "github"
}
},
"home-manager": { "home-manager": {
"inputs": { "inputs": {
"nixpkgs": [ "nixpkgs": [
@@ -159,16 +154,16 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1758463745, "lastModified": 1743808813,
"narHash": "sha256-uhzsV0Q0I9j2y/rfweWeGif5AWe0MGrgZ/3TjpDYdGA=", "narHash": "sha256-2lDQBOmlz9ggPxcS7/GvcVdzXMIiT+PpMao6FbLJSr0=",
"owner": "nix-community", "owner": "nix-community",
"repo": "home-manager", "repo": "home-manager",
"rev": "3b955f5f0a942f9f60cdc9cacb7844335d0f21c3", "rev": "a9f8b3db211b4609ddd83683f9db89796c7f6ac6",
"type": "github" "type": "github"
}, },
"original": { "original": {
"owner": "nix-community", "owner": "nix-community",
"ref": "release-25.05", "ref": "release-24.11",
"repo": "home-manager", "repo": "home-manager",
"type": "github" "type": "github"
} }
@@ -196,11 +191,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1751903740, "lastModified": 1742568034,
"narHash": "sha256-PeSkNMvkpEvts+9DjFiop1iT2JuBpyknmBUs0Un0a4I=", "narHash": "sha256-QaMEhcnscfF2MqB7flZr+sLJMMYZPnvqO4NYf9B4G38=",
"owner": "nix-community", "owner": "nix-community",
"repo": "nixos-generators", "repo": "nixos-generators",
"rev": "032decf9db65efed428afd2fa39d80f7089085eb", "rev": "42ee229088490e3777ed7d1162cb9e9d8c3dbb11",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -211,11 +206,11 @@
}, },
"nixpkgs": { "nixpkgs": {
"locked": { "locked": {
"lastModified": 1752596105, "lastModified": 1743259260,
"narHash": "sha256-lFNVsu/mHLq3q11MuGkMhUUoSXEdQjCHvpReaGP1S2k=", "narHash": "sha256-ArWLUgRm1tKHiqlhnymyVqi5kLNCK5ghvm06mfCl4QY=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "dab3a6e781554f965bde3def0aa2fda4eb8f1708", "rev": "eb0e0f21f15c559d2ac7633dc81d079d1caf5f5f",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -227,11 +222,11 @@
}, },
"nixpkgs-unstable": { "nixpkgs-unstable": {
"locked": { "locked": {
"lastModified": 1762596750, "lastModified": 1744098102,
"narHash": "sha256-rXXuz51Bq7DHBlfIjN7jO8Bu3du5TV+3DSADBX7/9YQ=", "narHash": "sha256-tzCdyIJj9AjysC3OuKA+tMD/kDEDAF9mICPDU7ix0JA=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "b6a8526db03f735b89dd5ff348f53f752e7ddc8e", "rev": "c8cd81426f45942bb2906d5ed2fe21d2f19d95b7",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -243,16 +238,16 @@
}, },
"nixpkgs_2": { "nixpkgs_2": {
"locked": { "locked": {
"lastModified": 1762756533, "lastModified": 1743813633,
"narHash": "sha256-HiRDeUOD1VLklHeOmaKDzf+8Hb7vSWPVFcWwaTrpm+U=", "narHash": "sha256-BgkBz4NpV6Kg8XF7cmHDHRVGZYnKbvG0Y4p+jElwxaM=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "c2448301fb856e351aab33e64c33a3fc8bcf637d", "rev": "7819a0d29d1dd2bc331bec4b327f0776359b1fa6",
"type": "github" "type": "github"
}, },
"original": { "original": {
"owner": "NixOS", "owner": "NixOS",
"ref": "nixos-25.05", "ref": "nixos-24.11",
"repo": "nixpkgs", "repo": "nixpkgs",
"type": "github" "type": "github"
} }
@@ -260,7 +255,6 @@
"root": { "root": {
"inputs": { "inputs": {
"apple-silicon": "apple-silicon", "apple-silicon": "apple-silicon",
"darwin": "darwin",
"disko": "disko", "disko": "disko",
"firefox-addons": "firefox-addons", "firefox-addons": "firefox-addons",
"home-manager": "home-manager", "home-manager": "home-manager",
@@ -271,6 +265,22 @@
"sops-nix": "sops-nix" "sops-nix": "sops-nix"
} }
}, },
"rust-overlay": {
"flake": false,
"locked": {
"lastModified": 1686795910,
"narHash": "sha256-jDa40qRZ0GRQtP9EMZdf+uCbvzuLnJglTUI2JoHfWDc=",
"owner": "oxalica",
"repo": "rust-overlay",
"rev": "5c2b97c0a9bc5217fc3dfb1555aae0fb756d99f9",
"type": "github"
},
"original": {
"owner": "oxalica",
"repo": "rust-overlay",
"type": "github"
}
},
"snowfall-lib": { "snowfall-lib": {
"inputs": { "inputs": {
"flake-compat": "flake-compat_2", "flake-compat": "flake-compat_2",
@@ -300,11 +310,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1762659808, "lastModified": 1743910657,
"narHash": "sha256-2Kv2mANf+FRisqhpfeZ8j9firBxb23ZvEXwdcunbpGI=", "narHash": "sha256-zr2jmWeWyhCD8WmO2aWov2g0WPPuZfcJDKzMJZYGq3Y=",
"owner": "Mic92", "owner": "Mic92",
"repo": "sops-nix", "repo": "sops-nix",
"rev": "524312bc62e3f34bd9231a2f66622663d3355133", "rev": "523f58a4faff6c67f5f685bed33a7721e984c304",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -327,27 +337,6 @@
"repo": "default", "repo": "default",
"type": "github" "type": "github"
} }
},
"treefmt-nix": {
"inputs": {
"nixpkgs": [
"apple-silicon",
"nixpkgs"
]
},
"locked": {
"lastModified": 1754492133,
"narHash": "sha256-B+3g9+76KlGe34Yk9za8AF3RL+lnbHXkLiVHLjYVOAc=",
"owner": "numtide",
"repo": "treefmt-nix",
"rev": "1298185c05a56bff66383a20be0b41a307f52228",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "treefmt-nix",
"type": "github"
}
} }
}, },
"root": "root", "root": "root",

20
flake.nix
View File

@@ -2,7 +2,7 @@
description = "NixOS Hosts"; description = "NixOS Hosts";
inputs = { inputs = {
nixpkgs.url = "github:NixOS/nixpkgs/nixos-25.05"; nixpkgs.url = "github:NixOS/nixpkgs/nixos-24.11";
nixpkgs-unstable.url = "github:NixOS/nixpkgs/nixos-unstable"; nixpkgs-unstable.url = "github:NixOS/nixpkgs/nixos-unstable";
disko.url = "github:nix-community/disko"; disko.url = "github:nix-community/disko";
snowfall-lib = { snowfall-lib = {
@@ -10,11 +10,11 @@
inputs.nixpkgs.follows = "nixpkgs"; inputs.nixpkgs.follows = "nixpkgs";
}; };
home-manager = { home-manager = {
url = "github:nix-community/home-manager/release-25.05"; url = "github:nix-community/home-manager/release-24.11";
inputs.nixpkgs.follows = "nixpkgs"; inputs.nixpkgs.follows = "nixpkgs";
}; };
apple-silicon = { apple-silicon = {
url = "github:tpwrules/nixos-apple-silicon/release-25.05"; url = "github:tpwrules/nixos-apple-silicon/releasep2-2024-12-25";
inputs.nixpkgs.follows = "nixpkgs"; inputs.nixpkgs.follows = "nixpkgs";
}; };
nixos-generators = { nixos-generators = {
@@ -29,10 +29,6 @@
url = "github:Mic92/sops-nix"; url = "github:Mic92/sops-nix";
inputs.nixpkgs.follows = "nixpkgs"; inputs.nixpkgs.follows = "nixpkgs";
}; };
darwin = {
url = "github:nix-darwin/nix-darwin/nix-darwin-25.05";
inputs.nixpkgs.follows = "nixpkgs";
};
}; };
outputs = inputs: outputs = inputs:
@@ -55,12 +51,6 @@
]; ];
}; };
outputs-builder = channels: {
devShells = {
default = import ./shells/default/default.nix { pkgs = channels.nixpkgs; };
};
};
homes.modules = with inputs; [ homes.modules = with inputs; [
sops-nix.homeManagerModules.sops sops-nix.homeManagerModules.sops
]; ];
@@ -70,10 +60,6 @@
disko.nixosModules.disko disko.nixosModules.disko
sops-nix.nixosModules.sops sops-nix.nixosModules.sops
]; ];
darwin = with inputs; [
home-manager.darwinModules.home-manager
sops-nix.darwinModules.sops
];
}; };
}; };
} }

6
homes/aarch64-darwin/evanreichard@mac-va-mbp-personal/default.nix
View File

@@ -1,9 +1,9 @@
{ lib, pkgs, config, namespace, ... }: { lib, config, namespace, ... }:
let let
inherit (lib.${namespace}) enabled; inherit (lib.${namespace}) enabled;
in in
{ {
home.stateVersion = "25.05"; home.stateVersion = "24.11";
reichard = { reichard = {
user = { user = {
@@ -49,8 +49,6 @@ in
# tldr # tldr
# ]; # ];
home.packages = with pkgs; [ fastfetch ];
# SQLite Configuration # SQLite Configuration
home.file.".sqliterc".text = '' home.file.".sqliterc".text = ''
.headers on .headers on

4
homes/aarch64-darwin/evanreichard@mac-va-mbp-work/default.nix
View File

@@ -3,7 +3,7 @@ let
inherit (lib.${namespace}) enabled; inherit (lib.${namespace}) enabled;
in in
{ {
home.stateVersion = "25.05"; home.stateVersion = "24.11";
reichard = { reichard = {
user = { user = {
@@ -43,7 +43,7 @@ in
android-tools android-tools
imagemagick imagemagick
mosh mosh
python312 python311
texliveSmall # Pandoc PDF Dep texliveSmall # Pandoc PDF Dep
google-cloud-sdk google-cloud-sdk
tldr tldr

2
homes/aarch64-linux/evanreichard@lin-va-mbp-personal/default.nix
View File

@@ -3,7 +3,7 @@ let
inherit (lib.${namespace}) enabled; inherit (lib.${namespace}) enabled;
in in
{ {
home.stateVersion = "25.05"; home.stateVersion = "24.11";
reichard = { reichard = {
user = { user = {

36
homes/x86_64-linux/evanreichard@lin-va-terminal/default.nix
View File

@@ -1,36 +0,0 @@
{ lib, config, namespace, ... }:
let
inherit (lib.${namespace}) enabled;
in
{
home.stateVersion = "25.05";
reichard = {
user = {
enable = true;
inherit (config.snowfallorg.user) name;
};
services = {
ssh-agent = enabled;
};
programs = {
terminal = {
bash = enabled;
tmux = enabled;
btop = enabled;
direnv = enabled;
git = enabled;
k9s = enabled;
nvim = enabled;
};
};
};
# SQLite Configuration
home.file.".sqliterc".text = ''
.headers on
.mode column
'';
}

13
homes/x86_64-linux/evanreichard@lin-va-thinkpad/default.nix
View File

@@ -3,7 +3,7 @@ let
inherit (lib.${namespace}) enabled; inherit (lib.${namespace}) enabled;
in in
{ {
home.stateVersion = "25.05"; home.stateVersion = "24.11";
reichard = { reichard = {
user = { user = {
@@ -15,7 +15,6 @@ in
ssh-agent = enabled; ssh-agent = enabled;
fusuma = enabled; fusuma = enabled;
swww = enabled; swww = enabled;
poweralertd = enabled;
sops = { sops = {
enable = true; enable = true;
defaultSopsFile = lib.snowfall.fs.get-file "secrets/default.yaml"; defaultSopsFile = lib.snowfall.fs.get-file "secrets/default.yaml";
@@ -27,11 +26,7 @@ in
graphical = { graphical = {
wms.hyprland = enabled; wms.hyprland = enabled;
ghostty = enabled; ghostty = enabled;
strawberry = enabled;
gimp = enabled;
wireshark = enabled;
ghidra = enabled; ghidra = enabled;
remmina = enabled;
browsers.firefox = { browsers.firefox = {
enable = true; enable = true;
gpuAcceleration = true; gpuAcceleration = true;
@@ -49,9 +44,9 @@ in
}; };
}; };
home.packages = with pkgs; [ # home.packages = with pkgs; [
jellyfin-media-player # catppuccin-gtk
]; # ];
dconf = { dconf = {
settings = { settings = {

8
modules/darwin/default.nix
View File

@@ -1,8 +0,0 @@
{
config = {
home-manager = {
useGlobalPkgs = true;
useUserPackages = true;
};
};
}

103
modules/darwin/nix/default.nix
View File

@@ -1,103 +0,0 @@
{ config, lib, pkgs, inputs, namespace, host, ... }:
let
inherit (lib) types mkIf;
inherit (lib.${namespace}) mkBoolOpt mkOpt;
cfg = config.${namespace}.nix;
in
{
options.${namespace}.nix = {
enable = mkBoolOpt true "Whether or not to manage nix configuration.";
usingDeterminate = mkBoolOpt false "Whether we're using determinate nix";
package = mkOpt types.package pkgs.nixVersions.latest "Which nix package to use.";
};
config = mkIf cfg.enable {
nix =
let
mappedRegistry = lib.pipe inputs [
(lib.filterAttrs (_: lib.isType "flake"))
(lib.mapAttrs (_: flake: { inherit flake; }))
(x: x // {
nixpkgs.flake = if pkgs.stdenv.hostPlatform.isLinux then inputs.nixpkgs else inputs.nixpkgs-unstable;
})
(x: if pkgs.stdenv.hostPlatform.isDarwin then lib.removeAttrs x [ "nixpkgs-unstable" ] else x)
];
users = [
"root"
"@wheel"
"nix-builder"
"evanreichard"
];
in
{
inherit (cfg) package;
buildMachines = lib.optional (config.${namespace}.security.sops.enable && host != "nixos-builder") {
hostName = "10.0.50.130";
systems = [ "x86_64-linux" ];
sshUser = "evanreichard";
protocol = "ssh";
sshKey = config.sops.secrets.builder_ssh_key.path;
supportedFeatures = [
"benchmark"
"big-parallel"
"nixos-test"
"kvm"
];
};
checkConfig = true;
distributedBuilds = true;
optimise.automatic = !cfg.usingDeterminate;
registry = lib.mkForce mappedRegistry;
gc = {
automatic = !cfg.usingDeterminate;
options = "--delete-older-than 7d";
};
settings = {
connect-timeout = 5;
allowed-users = users;
max-jobs = "auto";
auto-optimise-store = pkgs.stdenv.hostPlatform.isLinux;
builders-use-substitutes = true;
experimental-features = [
"nix-command"
"flakes "
];
flake-registry = "/etc/nix/registry.json";
http-connections = 50;
keep-derivations = true;
keep-going = true;
keep-outputs = true;
log-lines = 50;
sandbox = true;
trusted-users = users;
warn-dirty = false;
use-xdg-base-directories = true;
substituters = [
"https://anyrun.cachix.org"
"https://cache.nixos.org"
"https://hyprland.cachix.org"
"https://nix-community.cachix.org"
"https://nixpkgs-unfree.cachix.org"
"https://nixpkgs-wayland.cachix.org"
"https://numtide.cachix.org"
];
trusted-public-keys = [
"anyrun.cachix.org-1:pqBobmOjI7nKlsUMV25u9QHa9btJK65/C8vnO3p346s="
"cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY="
"hyprland.cachix.org-1:a7pgxzMz7+chwVL3/pzj6jIBMioiJM7ypFP8PwtkuGc="
"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
"nixpkgs-unfree.cachix.org-1:hqvoInulhbV4nJ9yJOEr+4wxhDV4xq2d1DK7S6Nj6rs="
"nixpkgs-wayland.cachix.org-1:3lwxaILxMRkVhehr5StQprHdEo4IrE8sRho9R9HOLYA="
"numtide.cachix.org-1:2ps1kLBUWjxIneOy1Ik6cQjb41X0iXVXeHigGmycPPE="
];
};
};
};
}

31
modules/darwin/security/sops/default.nix
View File

@@ -1,31 +0,0 @@
{ config, lib, namespace, ... }:
let
inherit (lib.${namespace}) mkOpt;
cfg = config.${namespace}.security.sops;
in
{
options.${namespace}.security.sops = {
enable = lib.mkEnableOption "sops";
defaultSopsFile = mkOpt lib.types.path null "Default sops file.";
sshKeyPaths = mkOpt (with lib.types; listOf path) [
"/etc/ssh/ssh_host_ed25519_key"
] "SSH Key paths to use.";
};
config = lib.mkIf cfg.enable {
sops = {
inherit (cfg) defaultSopsFile;
age = {
inherit (cfg) sshKeyPaths;
keyFile = "${config.users.users.${config.${namespace}.user.name}.home}/.config/sops/age/keys.txt";
};
};
sops.secrets.builder_ssh_key = {
sopsFile = lib.snowfall.fs.get-file "secrets/default.yaml";
};
};
}

20
modules/darwin/services/openssh/default.nix
View File

@@ -1,20 +0,0 @@
{ config, namespace, lib, ... }:
let
inherit (lib.${namespace}) mkOpt;
cfg = config.${namespace}.security.sops;
in
{
options.${namespace}.services.openssh = with lib.types; {
enable = lib.mkEnableOption "OpenSSH support";
authorizedKeys = mkOpt (listOf str) [ ] "The public keys to apply.";
extraConfig = mkOpt str "" "Extra configuration to apply.";
port = mkOpt port 2222 "The port to listen on (in addition to 22).";
};
config = lib.mkIf cfg.enable {
services.openssh = {
enable = true;
};
};
}

23
modules/darwin/user/default.nix
View File

@@ -1,23 +0,0 @@
{ config, lib, namespace, pkgs, ... }:
let
inherit (lib) types mkIf;
inherit (lib.${namespace}) mkOpt;
cfg = config.${namespace}.user;
in
{
options.${namespace}.user = with types; {
name = mkOpt str "evanreichard" "The name to use for the user account.";
email = mkOpt str "evan@reichard.io" "The email of the user.";
fullName = mkOpt str "Evan Reichard" "The full name of the user.";
uid = mkOpt (types.nullOr types.int) 501 "The uid for the user account.";
};
config = {
users.users.${cfg.name} = {
uid = mkIf (cfg.uid != null) cfg.uid;
shell = pkgs.bashInteractive;
home = "/Users/${cfg.name}";
};
};
}

8
modules/home/programs/graphical/browsers/firefox/default.nix
View File

@@ -38,12 +38,6 @@ in
ExtensionRecommendations = false; ExtensionRecommendations = false;
SkipOnboarding = true; SkipOnboarding = true;
}; };
GenerativeAI = {
Chatbot = false;
LinkPreviews = false;
TabGroups = false;
Locked = false;
};
ExtensionSettings = { ExtensionSettings = {
# Block All # Block All
# "*".installation_mode = "blocked"; # "*".installation_mode = "blocked";
@@ -59,7 +53,7 @@ in
settings = mkOpt attrs { } "Settings to apply to the profile."; settings = mkOpt attrs { } "Settings to apply to the profile.";
extensions.packages = mkOpt (with lib.types; listOf package) extensions = mkOpt (with lib.types; listOf package)
(with pkgs.firefox-addons; [ (with pkgs.firefox-addons; [
bitwarden bitwarden
darkreader darkreader

0
modules/home/programs/terminal/bash/config/fastfetch.jsonc → modules/home/programs/graphical/ghostty/config/fastfetch.jsonc
View File

56
modules/home/programs/graphical/ghostty/default.nix
View File

@@ -10,14 +10,62 @@ in
}; };
config = mkIf cfg.enable { config = mkIf cfg.enable {
# Enable Bash programs.bash = {
${namespace}.programs.terminal.bash.enable = true; enable = true;
shellAliases = {
grep = "grep --color";
ssh = "TERM=xterm-256color ssh";
flush_dns = "sudo dscacheutil -flushcache; sudo killall -HUP mDNSResponder";
};
profileExtra = ''
SHELL="$BASH"
PATH=~/.bin:$PATH
bind "set show-mode-in-prompt on"
# Pending Darwin @ https://github.com/NixOS/nixpkgs/pull/369788 set -o vi || true
home.packages = with pkgs; optionals isLinux [ VISUAL=vim
EDITOR="$VISUAL"
fastfetch
eval "$(thefuck --alias)"
'';
};
programs.powerline-go = {
enable = true;
settings = {
git-mode = "compact";
theme = "gruvbox";
};
modules = [
"host"
"cwd"
"git"
"docker"
"venv"
];
};
programs.readline = {
enable = true;
extraConfig = ''
# Approximate VIM Dracula Colors
set vi-ins-mode-string \1\e[01;38;5;23;48;5;231m\2 I \1\e[38;5;231;48;5;238m\2\1\e[0m\2
set vi-cmd-mode-string \1\e[01;38;5;22;48;5;148m\2 C \1\e[38;5;148;48;5;238m\2\1\e[0m\2
'';
};
home.packages = with pkgs; [
thefuck
fastfetch
bashInteractive
(nerdfonts.override { fonts = [ "Meslo" ]; })
] ++ optionals isLinux [
# Pending Darwin @ https://github.com/NixOS/nixpkgs/pull/369788
ghostty ghostty
]; ];
home.file.".config/fastfetch/config.jsonc".text = builtins.readFile ./config/fastfetch.jsonc;
home.file.".config/ghostty/config".text = home.file.".config/ghostty/config".text =
let let
bashPath = "${pkgs.bashInteractive}/bin/bash"; bashPath = "${pkgs.bashInteractive}/bin/bash";

17
modules/home/programs/graphical/gimp/default.nix
View File

@@ -1,17 +0,0 @@
{ pkgs, lib, config, namespace, ... }:
let
inherit (lib) mkIf mkEnableOption;
cfg = config.${namespace}.programs.graphical.gimp;
in
{
options.${namespace}.programs.graphical.gimp = {
enable = mkEnableOption "GIMP";
};
config = mkIf cfg.enable {
home.packages = with pkgs; [
gimp-with-plugins
];
};
}

17
modules/home/programs/graphical/remmina/default.nix
View File

@@ -1,17 +0,0 @@
{ pkgs, lib, config, namespace, ... }:
let
inherit (lib) mkIf mkEnableOption;
cfg = config.${namespace}.programs.graphical.remmina;
in
{
options.${namespace}.programs.graphical.remmina = {
enable = mkEnableOption "Remmina";
};
config = mkIf cfg.enable {
home.packages = with pkgs; [
remmina
];
};
}

17
modules/home/programs/graphical/strawberry/default.nix
View File

@@ -1,17 +0,0 @@
{ pkgs, lib, config, namespace, ... }:
let
inherit (lib) mkIf mkEnableOption;
cfg = config.${namespace}.programs.graphical.strawberry;
in
{
options.${namespace}.programs.graphical.strawberry = {
enable = mkEnableOption "Enable Strawberry";
};
config = mkIf cfg.enable {
home.packages = with pkgs; [
strawberry
libgpod
];
};
}

17
modules/home/programs/graphical/wireshark/default.nix
View File

@@ -1,17 +0,0 @@
{ pkgs, lib, config, namespace, ... }:
let
inherit (lib) mkIf mkEnableOption;
cfg = config.${namespace}.programs.graphical.wireshark;
in
{
options.${namespace}.programs.graphical.wireshark = {
enable = mkEnableOption "Wireshark";
};
config = mkIf cfg.enable {
home.packages = with pkgs; [
wireshark
];
};
}

4
modules/home/programs/graphical/wms/hyprland/default.nix
View File

@@ -39,8 +39,8 @@ in
"$mainMod, Q, killactive" "$mainMod, Q, killactive"
"$mainMod, M, exit" "$mainMod, M, exit"
"$mainMod, V, togglefloating" "$mainMod, V, togglefloating"
"$mainMod, P, pin" "$mainMod, P, pseudo" # dwindle
"$mainMod, J, togglesplit" "$mainMod, J, togglesplit" # dwindle
"$mainMod, S, togglespecialworkspace, magic" "$mainMod, S, togglespecialworkspace, magic"
"$mainMod SHIFT, S, movetoworkspace, special:magic" "$mainMod SHIFT, S, movetoworkspace, special:magic"

3
modules/home/programs/terminal/aws/default.nix
View File

@@ -10,9 +10,8 @@ in
config = mkIf cfg.enable { config = mkIf cfg.enable {
home.packages = with pkgs; [ home.packages = with pkgs; [
aws-sso-util
awscli2
cw cw
awscli2
ssm-session-manager-plugin ssm-session-manager-plugin
]; ];
}; };

3
modules/home/programs/terminal/bash/config/.gitignore vendored
View File

@@ -1,3 +0,0 @@
_scratch
.direnv
.envrc

69
modules/home/programs/terminal/bash/default.nix
View File

@@ -1,69 +0,0 @@
{ pkgs, lib, config, namespace, ... }:
let
inherit (lib) mkIf optionalAttrs;
inherit (pkgs.stdenv) isLinux;
cfg = config.${namespace}.programs.terminal.bash;
in
{
options.${namespace}.programs.terminal.bash = {
enable = lib.mkEnableOption "bash";
};
config = mkIf cfg.enable {
programs.bash = {
enable = true;
shellAliases = {
grep = "grep --color";
ssh = "TERM=xterm-256color ssh";
} // optionalAttrs isLinux {
sync-watch = "watch -d grep -e Dirty: -e Writeback: /proc/meminfo";
};
profileExtra = ''
export COLORTERM=truecolor
SHELL="$BASH"
PATH=~/.bin:$PATH
bind "set show-mode-in-prompt on"
set -o vi || true
VISUAL=vim
EDITOR="$VISUAL"
fastfetch
eval "$(thefuck --alias)"
'';
};
programs.powerline-go = {
enable = true;
settings = {
git-mode = "compact";
theme = "gruvbox";
};
modules = [
"host"
"cwd"
"git"
"docker"
"venv"
];
};
programs.readline = {
enable = true;
extraConfig = ''
# Approximate VIM Dracula Colors
set vi-ins-mode-string \1\e[01;38;5;23;48;5;231m\2 I \1\e[38;5;231;48;5;238m\2\1\e[0m\2
set vi-cmd-mode-string \1\e[01;38;5;22;48;5;148m\2 C \1\e[38;5;148;48;5;238m\2\1\e[0m\2
'';
};
home.packages = with pkgs; [
thefuck
fastfetch
bashInteractive
nerd-fonts.meslo-lg
];
home.file.".config/fastfetch/config.jsonc".text = builtins.readFile ./config/fastfetch.jsonc;
};
}

1
modules/home/programs/terminal/nvim/config/lua/avante-config.lua
View File

@@ -1 +0,0 @@
require("avante").setup()

5
modules/home/programs/terminal/nvim/config/lua/base.lua
View File

@@ -5,9 +5,6 @@
-- vim.cmd('colorscheme melange') -- vim.cmd('colorscheme melange')
vim.cmd("colorscheme catppuccin-mocha") vim.cmd("colorscheme catppuccin-mocha")
-- Set User Shell
vim.o.shell = "/usr/bin/env bash"
-- Set Leader -- Set Leader
vim.keymap.set("n", "<Space>", "<Nop>", { silent = true }) vim.keymap.set("n", "<Space>", "<Nop>", { silent = true })
vim.g.mapleader = " " vim.g.mapleader = " "
@@ -23,7 +20,7 @@ vim.g.loaded_netrwPlugin = 1
vim.opt.termguicolors = true vim.opt.termguicolors = true
-- Synchronize with system clipboard -- Synchronize with system clipboard
vim.opt.clipboard:append("unnamedplus") vim.opt.clipboard = "unnamed"
-- Always show the signcolumn -- Always show the signcolumn
vim.opt.signcolumn = "yes" vim.opt.signcolumn = "yes"

2
modules/home/programs/terminal/nvim/config/lua/git-ref.lua
View File

@@ -1,4 +1,4 @@
local function get_git_info() function get_git_info()
local abs_path = vim.fn.expand("%:p") local abs_path = vim.fn.expand("%:p")
local git_root = vim.fn.systemlist( local git_root = vim.fn.systemlist(
"git -C " .. vim.fn.escape(vim.fn.fnamemodify(abs_path, ":h"), " ") .. " rev-parse --show-toplevel" "git -C " .. vim.fn.escape(vim.fn.fnamemodify(abs_path, ":h"), " ") .. " rev-parse --show-toplevel"

30
modules/home/programs/terminal/nvim/config/lua/git-signs.lua
View File

@@ -1,18 +1,16 @@
require("gitsigns").setup({ require('gitsigns').setup {
current_line_blame = true, on_attach = function(bufnr)
current_line_blame_opts = { delay = 0 }, local gitsigns = require('gitsigns')
on_attach = function(bufnr)
local gitsigns = require("gitsigns")
local function map(mode, l, r, opts) local function map(mode, l, r, opts)
opts = opts or {} opts = opts or {}
opts.buffer = bufnr opts.buffer = bufnr
vim.keymap.set(mode, l, r, opts) vim.keymap.set(mode, l, r, opts)
end end
map("n", "<leader>gb", gitsigns.toggle_current_line_blame) map('n', '<leader>gb', gitsigns.toggle_current_line_blame)
map("n", "<leader>gB", function() map('n', '<leader>gB', function()
gitsigns.blame_line({ full = true }) gitsigns.blame_line {full = true}
end) end)
end, end
}) }

6
modules/home/programs/terminal/nvim/config/lua/init.lua
View File

@@ -1,25 +1,23 @@
require("base") require("base")
require("aerial-config") require("aerial-config")
require("autopairs-config") require("autopairs-config")
require("avante-config")
require("cmp-config") require("cmp-config")
require("comment-config") require("comment-config")
require("dap-config") require("dap-config")
require("diffview-config") require("diffview-config")
require("git-ref") require("git-ref")
require("git-signs") require("git-signs")
require("leap-config")
require("llm") require("llm")
require("leap-config")
require("lsp-config") require("lsp-config")
require("lsp-lines-config") require("lsp-lines-config")
require("lualine-config") require("lualine-config")
require("neotree-config") require("neotree-config")
require("noice-config") require("noice-config")
require("numb-config") require("numb-config")
require("octo-config")
require("silicon-config") require("silicon-config")
require("telescope-config") require("telescope-config")
require("toggleterm-config") require("toggleterm-config")
require("ts-config") require("ts-config")
require("weird-chars")
require("which-key-config") require("which-key-config")
require("weird-chars")

2
modules/home/programs/terminal/nvim/config/lua/llm.lua
View File

@@ -1,6 +1,6 @@
-- Configure LLama LLM -- Configure LLama LLM
vim.g.llama_config = { vim.g.llama_config = {
endpoint = "http://10.0.50.120:8012/infill", endpoint = "http://10.0.50.120:8080/infill",
api_key = "", api_key = "",
n_prefix = 256, n_prefix = 256,
n_suffix = 64, n_suffix = 64,

56
modules/home/programs/terminal/nvim/config/lua/lsp-config.lua
View File

@@ -23,7 +23,7 @@ local nvim_lsp = require("lspconfig")
local on_attach = function(client, bufnr) local on_attach = function(client, bufnr)
local bufopts = { noremap = true, silent = true, buffer = bufnr } local bufopts = { noremap = true, silent = true, buffer = bufnr }
if client:supports_method("textDocument/formatting") then if client.supports_method("textDocument/formatting") then
vim.api.nvim_clear_autocmds({ group = augroup, buffer = bufnr }) vim.api.nvim_clear_autocmds({ group = augroup, buffer = bufnr })
vim.api.nvim_create_autocmd("BufWritePre", { vim.api.nvim_create_autocmd("BufWritePre", {
group = augroup, group = augroup,
@@ -80,7 +80,6 @@ nvim_lsp.pyright.setup({
on_attach = on_attach, on_attach = on_attach,
flags = lsp_flags, flags = lsp_flags,
capabilities = capabilities, capabilities = capabilities,
filetypes = { "starlark", "python" },
}) })
-- HTML LSP Configuration -- HTML LSP Configuration
@@ -123,16 +122,6 @@ nvim_lsp.svelte.setup({
cmd = { nix_vars.sveltels, "--stdio" }, cmd = { nix_vars.sveltels, "--stdio" },
}) })
-- C LSP Configuration
nvim_lsp.clangd.setup({
-- Explicitly exclude proto files
filetypes = { "c", "cpp", "objc", "objcpp", "cuda" },
on_attach = on_attach,
flags = lsp_flags,
capabilities = capabilities,
cmd = { nix_vars.clangd },
})
-- Lua LSP Configuration -- Lua LSP Configuration
nvim_lsp.lua_ls.setup({ nvim_lsp.lua_ls.setup({
on_attach = on_attach_no_formatting, on_attach = on_attach_no_formatting,
@@ -155,19 +144,6 @@ nvim_lsp.nil_ls.setup({
capabilities = capabilities, capabilities = capabilities,
}) })
-- Omnisharp LSP Configuration
nvim_lsp.omnisharp.setup({
on_attach = on_attach,
flags = lsp_flags,
capabilities = capabilities,
enable_roslyn_analyzers = true,
enable_import_completion = true,
organize_imports_on_format = true,
enable_decompilation_support = true,
filetypes = { "cs", "vb", "csproj", "sln", "slnx", "props", "csx", "targets", "tproj", "slngen", "fproj" },
cmd = { nix_vars.omnisharp, "--languageserver", "--hostPID", tostring(vim.fn.getpid()) },
})
-- Go LSP Configuration -- Go LSP Configuration
nvim_lsp.gopls.setup({ nvim_lsp.gopls.setup({
on_attach = function(client, bufnr) on_attach = function(client, bufnr)
@@ -207,9 +183,9 @@ nvim_lsp.golangci_lint_ls.setup({
}) })
------------------------------------------------------ ------------------------------------------------------
--------------------- None-LS LSP -------------------- --------------------- Null-LS LSP --------------------
------------------------------------------------------ ------------------------------------------------------
local none_ls = require("null-ls") local null_ls = require("null-ls")
local eslintFiles = { local eslintFiles = {
".eslintrc", ".eslintrc",
@@ -226,33 +202,29 @@ local eslintFiles = {
"eslint.config.cts", "eslint.config.cts",
} }
local has_eslint_in_parents = function(fname) has_eslint_in_parents = function(fname)
local root_file = nvim_lsp.util.insert_package_json(eslintFiles, "eslintConfig", fname) root_file = nvim_lsp.util.insert_package_json(eslintFiles, "eslintConfig", fname)
return nvim_lsp.util.root_pattern(unpack(root_file))(fname) return nvim_lsp.util.root_pattern(unpack(root_file))(fname)
end end
none_ls.setup({ null_ls.setup({
sources = { sources = {
-- Prettier Formatting -- Prettier Formatting
none_ls.builtins.formatting.prettier, null_ls.builtins.formatting.prettier,
none_ls.builtins.formatting.prettier.with({ filetypes = { "template" } }), null_ls.builtins.formatting.prettier.with({ filetypes = { "template" } }),
require("none-ls.diagnostics.eslint_d").with({ require("none-ls.diagnostics.eslint_d").with({
condition = function(utils) condition = function(utils)
return has_eslint_in_parents(vim.fn.getcwd()) return has_eslint_in_parents(vim.fn.getcwd())
end, end,
}), }),
none_ls.builtins.completion.spell, null_ls.builtins.completion.spell,
none_ls.builtins.formatting.nixpkgs_fmt, null_ls.builtins.formatting.nixpkgs_fmt,
none_ls.builtins.formatting.stylua, null_ls.builtins.formatting.stylua,
none_ls.builtins.diagnostics.sqlfluff, null_ls.builtins.diagnostics.sqlfluff,
none_ls.builtins.formatting.sqlfluff, null_ls.builtins.formatting.sqlfluff,
require("none-ls.formatting.autopep8").with({
filetypes = { "starlark", "python" },
extra_args = { "--max-line-length", "100" },
}),
}, },
on_attach = function(client, bufnr) on_attach = function(client, bufnr)
if client:supports_method("textDocument/formatting") then if client.supports_method("textDocument/formatting") then
vim.api.nvim_clear_autocmds({ group = augroup, buffer = bufnr }) vim.api.nvim_clear_autocmds({ group = augroup, buffer = bufnr })
vim.api.nvim_create_autocmd("BufWritePre", { vim.api.nvim_create_autocmd("BufWritePre", {
group = augroup, group = augroup,

5
modules/home/programs/terminal/nvim/config/lua/lsp-lines-config.lua
View File

@@ -1,5 +1,2 @@
require("lsp_lines").setup() require("lsp_lines").setup()
vim.diagnostic.config({ vim.diagnostic.config({virtual_text = false})
virtual_text = false,
virtual_lines = true,
})

63
modules/home/programs/terminal/nvim/config/lua/lualine-config.lua
View File

@@ -3,28 +3,23 @@ local cached_pr_status = ""
-- Read process output -- Read process output
local function read_output(err, data) local function read_output(err, data)
if err then if err then return end
return if not data then return end
end cached_pr_status = data
if not data then
return
end
cached_pr_status = data
end end
-- Spawn process -- Spawn process
local function execute_command() local function execute_command()
local stdout = vim.loop.new_pipe(false) local stdout = vim.loop.new_pipe(false)
local spawn_opts = { local spawn_opts = {
detached = true, detached = true,
stdio = { nil, stdout, nil }, stdio = {nil, stdout, nil},
args = { "-c", "gh pr checks | awk -F'\t' '{ print $2 }'" }, args = {"-c", "gh pr checks | awk -F'\t' '{ print $2 }'"}
} }
vim.loop.spawn("bash", spawn_opts, function() vim.loop.spawn("bash", spawn_opts,
stdout:read_start(read_output) function() stdout:read_start(read_output) end)
end)
end end
-- Spawn & schedule process -- Spawn & schedule process
@@ -33,26 +28,22 @@ vim.fn.timer_start(300000, execute_command)
-- Return status from cache -- Return status from cache
function pr_status() function pr_status()
--    --   
--     --    
-- --
-- PENDING COLOR - #d29922 -- PENDING COLOR - #d29922
-- PASS COLOR - #3fb950 -- PASS COLOR - #3fb950
-- FAIL COLOR - #f85149 -- FAIL COLOR - #f85149
return cached_pr_status return cached_pr_status:gsub("\n", ""):gsub("fail", ""):gsub("pass",
:gsub("\n", "") "")
:gsub("fail", " ") :gsub("pending", " "):gsub("skipping", ""):sub(1, -2)
:gsub("pass", "")
:gsub("pending", "")
:gsub("skipping", "")
:sub(1, -2)
end end
require("lualine").setup({ require('lualine').setup({
options = { options = {
theme = "catppuccin", theme = "gruvbox_dark"
-- theme = "nord" -- theme = "nord"
-- theme = "OceanicNext", -- theme = "OceanicNext",
}, },
sections = { lualine_c = { { pr_status } } }, sections = {lualine_c = {{pr_status}}}
}) })

30
modules/home/programs/terminal/nvim/config/lua/octo-config.lua
View File

@@ -1,30 +0,0 @@
require("octo").setup()
vim.keymap.set("n", "<leader>rs", "<cmd>Octo review start<cr>")
vim.keymap.set("n", "<leader>rd", "<cmd>Octo review discard<cr>")
vim.keymap.set("n", "<leader>rr", "<cmd>Octo review resume<cr>")
vim.keymap.set("n", "<leader>re", "<cmd>Octo review submit<cr>")
vim.keymap.set("n", "<leader>rca", "<cmd>Octo review comments<cr>")
vim.keymap.set("n", "<leader>rcs", "<cmd>Octo comment suggest<cr>")
vim.keymap.set("n", "<leader>rcc", "<cmd>Octo comment add<cr>")
vim.keymap.set("n", "<leader>rcr", "<cmd>Octo comment reply<cr>")
vim.keymap.set("n", "<leader>pd", "<cmd>Octo pr diff<cr>")
vim.keymap.set("n", "<leader>pc", "<cmd>Octo pr changes<cr>")
-- vim.api.nvim_create_autocmd("FileType", {
-- pattern = "octo",
-- callback = function()
-- vim.keymap.set("n", "<leader>rs", "<cmd>Octo review start<cr>", { buffer = true })
-- vim.keymap.set("n", "<leader>rd", "<cmd>Octo review discard<cr>", { buffer = true })
-- vim.keymap.set("n", "<leader>rr", "<cmd>Octo review resume<cr>", { buffer = true })
-- vim.keymap.set("n", "<leader>re", "<cmd>Octo review submit<cr>", { buffer = true })
-- vim.keymap.set("n", "<leader>rca", "<cmd>Octo review comments<cr>", { buffer = true })
-- vim.keymap.set("n", "<leader>rcs", "<cmd>Octo comment suggest<cr>", { buffer = true })
-- vim.keymap.set("n", "<leader>rcc", "<cmd>Octo comment add<cr>", { buffer = true })
-- vim.keymap.set("n", "<leader>rcr", "<cmd>Octo comment reply<cr>", { buffer = true })
--
-- vim.keymap.set("n", "<leader>pd", "<cmd>Octo pr diff<cr>", { buffer = true })
-- vim.keymap.set("n", "<leader>pc", "<cmd>Octo pr changes<cr>", { buffer = true })
-- end,
-- })

37
modules/home/programs/terminal/nvim/config/lua/telescope-config.lua
View File

@@ -1,23 +1,20 @@
require("telescope").setup({ require('telescope').setup {
extensions = { extensions = {
fzf = { fzf = {
fuzzy = true, fuzzy = true,
override_generic_sorter = true, override_generic_sorter = true,
override_file_sorter = true, override_file_sorter = true,
case_mode = "smart_case", case_mode = "smart_case"
}, }
}, }
}) }
require("telescope").load_extension("fzf") require('telescope').load_extension('fzf')
require("telescope").load_extension("ui-select") require("telescope").load_extension("ui-select")
require("telescope").load_extension("undo")
local builtin = require("telescope.builtin") local builtin = require('telescope.builtin')
vim.keymap.set("n", "<leader>ff", builtin.find_files) vim.keymap.set('n', '<leader>ff', builtin.find_files, {})
vim.keymap.set("n", "<leader>fg", builtin.live_grep) vim.keymap.set('n', '<leader>fg', builtin.live_grep, {})
vim.keymap.set("n", "<leader>fb", builtin.buffers) vim.keymap.set('n', '<leader>fb', builtin.buffers, {})
vim.keymap.set("n", "<leader>fh", builtin.help_tags) vim.keymap.set('n', '<leader>fh', builtin.help_tags, {})
vim.keymap.set("n", "<leader>fj", builtin.jumplist) vim.keymap.set('n', '<leader>fj', builtin.jumplist, {})
vim.keymap.set("n", "<leader>fu", "<cmd>Telescope undo<cr>")
vim.keymap.set("n", "<leader>fp", "<cmd>Octo pr list<cr>")

7
modules/home/programs/terminal/nvim/config/lua/ts-config.lua
View File

@@ -1,4 +1,3 @@
require("nvim-treesitter.configs").setup({ require'nvim-treesitter.configs'.setup {
highlight = { enable = true, additional_vim_regex_highlighting = false }, highlight = {enable = true, additional_vim_regex_highlighting = false}
}) }
vim.treesitter.language.register("markdown", "octo")

1
modules/home/programs/terminal/nvim/config/lua/which-key-config.lua
View File

@@ -16,7 +16,6 @@ wk.add({
{ "<leader>fg", "<cmd>Telescope live_grep<cr>", desc = "Live Grep" }, { "<leader>fg", "<cmd>Telescope live_grep<cr>", desc = "Live Grep" },
{ "<leader>fh", "<cmd>Telescope help_tags<cr>", desc = "Help Tags" }, { "<leader>fh", "<cmd>Telescope help_tags<cr>", desc = "Help Tags" },
{ "<leader>fj", "<cmd>Telescope jumplist<cr>", desc = "Jump List" }, { "<leader>fj", "<cmd>Telescope jumplist<cr>", desc = "Jump List" },
{ "<leader>fp", "<cmd>Octo pr list<cr>", desc = "PR List" },
{ "<leader>g", group = "DiffView" }, { "<leader>g", group = "DiffView" },
{ "<leader>gB", desc = "Git Blame Full" }, { "<leader>gB", desc = "Git Blame Full" },
{ "<leader>gH", "<cmd>DiffviewFileHistory --range=origin..HEAD<cr>", desc = "Diff History - Main" }, { "<leader>gH", "<cmd>DiffviewFileHistory --range=origin..HEAD<cr>", desc = "Diff History - Main" },

48
modules/home/programs/terminal/nvim/default.nix
View File

@@ -34,7 +34,6 @@ in
# ------------------- # -------------------
# ----- Helpers ----- # ----- Helpers -----
# ------------------- # -------------------
avante-nvim # Avante
aerial-nvim # Code Outline aerial-nvim # Code Outline
comment-nvim # Code Comments comment-nvim # Code Comments
diffview-nvim # Diff View diffview-nvim # Diff View
@@ -48,11 +47,9 @@ in
telescope-fzf-native-nvim # Faster Telescope telescope-fzf-native-nvim # Faster Telescope
telescope-nvim # Fuzzy Finder telescope-nvim # Fuzzy Finder
telescope-ui-select-nvim # UI telescope-ui-select-nvim # UI
telescope-undo-nvim # Undo Tree
toggleterm-nvim # Terminal Helper toggleterm-nvim # Terminal Helper
vim-nix # Nix Helpers vim-nix # Nix Helpers
which-key-nvim # Shortcut Helper which-key-nvim # Shortcut Helper
octo-nvim # Git Octo
# ------------------ # ------------------
# --- Theme / UI --- # --- Theme / UI ---
@@ -84,14 +81,13 @@ in
( (
pkgs.vimUtils.buildVimPlugin { pkgs.vimUtils.buildVimPlugin {
pname = "none-ls-extras.nvim"; pname = "none-ls-extras.nvim";
version = "2025-10-28"; version = "2024-06-11";
src = pkgs.fetchFromGitHub { src = pkgs.fetchFromGitHub {
owner = "nvimtools"; owner = "nvimtools";
repo = "none-ls-extras.nvim"; repo = "none-ls-extras.nvim";
rev = "402c6b5c29f0ab57fac924b863709f37f55dc298"; rev = "336e84b9e43c0effb735b08798ffac382920053b";
sha256 = "sha256-4s/xQNWNA4dgb5gZR4Xqn6zDDWrSJNtmHOmmjmYnN/8="; sha256 = "sha256-UtU4oWSRTKdEoMz3w8Pk95sROuo3LEwxSDAm169wxwk=";
}; };
doCheck = false;
meta.homepage = "https://github.com/nvimtools/none-ls-extras.nvim/"; meta.homepage = "https://github.com/nvimtools/none-ls-extras.nvim/";
} }
) )
@@ -102,15 +98,31 @@ in
( (
pkgs.vimUtils.buildVimPlugin { pkgs.vimUtils.buildVimPlugin {
pname = "silicon.lua"; pname = "silicon.lua";
version = "2025-10-28"; version = "2022-12-03";
src = pkgs.fetchFromGitHub { src = pkgs.fetchFromGitHub {
owner = "0oAstro"; owner = "mhanberg";
repo = "silicon.lua"; repo = "silicon.lua";
rev = "54682647a7c1c773dc4c9ab2bc309114a3b9e96f"; rev = "5ca462bee0a39b058786bc7fbeb5d16ea49f3a23";
sha256 = "sha256-lM7ALmYHGN5SKftfD7YBPh1gGKORbS6EMXS/ZQXDMSI="; sha256 = "0vlp645d5mmii513v72jca931miyrhkvhwb9bfzhix1199zx7vi2";
}; };
doCheck = false; meta.homepage = "https://github.com/mhanberg/silicon.lua/";
meta.homepage = "https://github.com/0oAstro/silicon.lua"; }
)
# -------------------
# ------- LLM -------
# -------------------
(
pkgs.vimUtils.buildVimPlugin {
pname = "llm.nvim";
version = "2024-05-25";
src = pkgs.fetchFromGitHub {
owner = "David-Kunz";
repo = "gen.nvim";
rev = "bd19cf584b5b82123de977b44105e855e61e5f39";
sha256 = "sha256-0AEB6im8Jz5foYzmL6KEGSAYo48g1bkFpjlCSWT6JeE=";
};
meta.homepage = "https://github.com/David-Kunz/gen.nvim/";
} }
) )
@@ -120,16 +132,17 @@ in
( (
pkgs.vimUtils.buildVimPlugin { pkgs.vimUtils.buildVimPlugin {
pname = "llama.vim"; pname = "llama.vim";
version = "2025-10-28"; version = "2025-01-23";
src = pkgs.fetchFromGitHub { src = pkgs.fetchFromGitHub {
owner = "ggml-org"; owner = "ggml-org";
repo = "llama.vim"; repo = "llama.vim";
rev = "ade8966eff57dcbe4a359dd26fb1ea97378ea03c"; rev = "143fe910b8d47a054ed464c38d8b7c17d5354468";
sha256 = "sha256-uPqOZLWKVMimhc9eG7yM5OmhJy3mTRgKsiqKhstWs4Y="; sha256 = "sha256-PW0HKzhSxcZiWzpDOuy98rl/X0o2nE7tMjZjwwh0qLE=";
}; };
meta.homepage = "https://github.com/ggml-org/llama.vim/"; meta.homepage = "https://github.com/ggml-org/llama.vim/";
} }
) )
]; ];
extraPackages = with pkgs; [ extraPackages = with pkgs; [
@@ -152,7 +165,6 @@ in
nodePackages.vscode-langservers-extracted nodePackages.vscode-langservers-extracted
pyright pyright
eslint_d eslint_d
python312Packages.autopep8
# Formatters # Formatters
luaformatter luaformatter
@@ -184,8 +196,6 @@ in
tsls = "${pkgs.nodePackages.typescript-language-server}/bin/typescript-language-server", tsls = "${pkgs.nodePackages.typescript-language-server}/bin/typescript-language-server",
golintls = "${pkgs.golangci-lint-langserver}/bin/golangci-lint-langserver", golintls = "${pkgs.golangci-lint-langserver}/bin/golangci-lint-langserver",
vscls = "${pkgs.nodePackages.vscode-langservers-extracted}", vscls = "${pkgs.nodePackages.vscode-langservers-extracted}",
clangd = "${pkgs.clang-tools}/bin/clangd",
omnisharp = "${pkgs.omnisharp-roslyn}/bin/OmniSharp",
} }
return nix_vars return nix_vars
''; '';

62
modules/home/programs/terminal/tmux/default.nix
View File

@@ -1,62 +0,0 @@
{ lib, pkgs, config, namespace, ... }:
let
inherit (lib) mkIf;
cfg = config.${namespace}.programs.terminal.tmux;
in
{
options.${namespace}.programs.terminal.tmux = {
enable = lib.mkEnableOption "tmux";
};
config = mkIf cfg.enable {
programs.tmux = {
enable = true;
clock24 = true;
plugins = with pkgs.tmuxPlugins; [
{
plugin = catppuccin;
extraConfig = ''
set -g @catppuccin_flavor "mocha"
set -g @catppuccin_status_background "none"
# Style & Separators
set -g @catppuccin_window_status_style "basic"
set -g @catppuccin_status_left_separator ""
set -g @catppuccin_status_middle_separator ""
set -g @catppuccin_status_right_separator ""
# Window Titles
set -g @catppuccin_window_text " #W"
set -g @catppuccin_window_current_text " #W"
'';
}
cpu
yank
];
extraConfig = ''
# Misc Settings
set -g status-position top
set -g mouse on
setw -g mode-keys vi
set -ag terminal-overrides ",xterm-256color:Tc:Ms=\\E]52;c%p1%.0s;%p2%s\\7"
# Start Index 1
set -g base-index 1
setw -g pane-base-index 1
set -g renumber-windows on
# Maintain Directory
bind '"' split-window -c "#{pane_current_path}"
bind % split-window -h -c "#{pane_current_path}"
bind c new-window -c "#{pane_current_path}"
# Theme
set -g status-left ""
set -g status-right ""
set -ag status-right "#{E:@catppuccin_status_host}"
'';
};
};
}

17
modules/home/services/poweralertd/default.nix
View File

@@ -1,17 +0,0 @@
{ config, lib, namespace, ... }:
let
inherit (lib) mkIf;
cfg = config.${namespace}.services.poweralertd;
in
{
options.${namespace}.services.poweralertd = {
enable = lib.mkEnableOption "poweralertd";
};
config = mkIf cfg.enable {
services.poweralertd = {
enable = true;
};
};
}

8
modules/home/services/sops/default.nix
View File

@@ -28,6 +28,14 @@ in
keyFile = "${config.home.homeDirectory}/.config/sops/age/keys.txt"; keyFile = "${config.home.homeDirectory}/.config/sops/age/keys.txt";
sshKeyPaths = [ "${config.home.homeDirectory}/.ssh/id_ed25519" ] ++ cfg.sshKeyPaths; sshKeyPaths = [ "${config.home.homeDirectory}/.ssh/id_ed25519" ] ++ cfg.sshKeyPaths;
}; };
# TODO
# secrets = {
# nix = {
# sopsFile = lib.snowfall.fs.get-file "secrets/default.yaml";
# path = "${config.home.homeDirectory}/.config/nix/nix.conf";
# };
# };
}; };
}; };
} }

15
modules/nixos/hardware/battery/upower/default.nix
View File

@@ -1,15 +0,0 @@
{ config, lib, namespace, ... }:
let
inherit (lib) mkIf;
cfg = config.${namespace}.hardware.battery.upower;
in
{
options.${namespace}.hardware.battery.upower = {
enable = lib.mkEnableOption "enable upower";
};
config = mkIf cfg.enable {
services.upower.enable = true;
};
}

11
modules/nixos/hardware/opengl/default.nix
View File

@@ -14,8 +14,6 @@ in
}; };
config = mkIf cfg.enable { config = mkIf cfg.enable {
services.xserver.videoDrivers = mkIf cfg.enableNvidia [ "nvidia" ];
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
libva-utils libva-utils
vdpauinfo vdpauinfo
@@ -25,15 +23,6 @@ in
intel-gpu-tools intel-gpu-tools
]; ];
# Enable Nvidia Hardware
hardware.nvidia = mkIf cfg.enableNvidia {
package = config.boot.kernelPackages.nvidiaPackages.stable;
modesetting.enable = true;
powerManagement.enable = true;
open = false;
nvidiaSettings = true;
};
# Add Intel Arc / Nvidia Drivers # Add Intel Arc / Nvidia Drivers
hardware.enableRedistributableFirmware = mkIf cfg.enableIntel (mkForce true); hardware.enableRedistributableFirmware = mkIf cfg.enableIntel (mkForce true);
hardware.graphics = { hardware.graphics = {

6
modules/nixos/programs/graphical/wms/hyprland/default.nix
View File

@@ -1,4 +1,4 @@
{ config, pkgs, lib, namespace, ... }: { config, lib, namespace, ... }:
let let
inherit (lib) mkIf; inherit (lib) mkIf;
@@ -17,10 +17,6 @@ in
}; };
}; };
environment.systemPackages = with pkgs; [
wl-clipboard
];
reichard = { reichard = {
display-managers = { display-managers = {
sddm = { sddm = {

51
modules/nixos/services/headscale/default.nix
View File

@@ -1,51 +0,0 @@
{ config, lib, namespace, ... }:
let
inherit (lib) mkIf mkEnableOption;
cfg = config.${namespace}.services.headscale;
inherit (lib.${namespace}) mkBoolOpt;
in
{
options.${namespace}.services.headscale = {
enable = mkEnableOption "enable headscale service";
openFirewall = mkBoolOpt false "Open firewall";
};
options.services.headscale.settings.dns.nameservers.split = lib.mkOption {
type = lib.types.attrsOf (lib.types.listOf lib.types.str);
default = { };
description = ''
Split DNS configuration mapping domains to specific nameservers.
Each key is a domain suffix, and the value is a list of nameservers
to use for that domain.
'';
example = {
"internal.company.com" = [ "10.0.0.1" "10.0.0.2" ];
"dev.local" = [ "192.168.1.1" ];
};
};
config = mkIf cfg.enable {
services.headscale = {
enable = true;
address = "0.0.0.0";
settings = {
server_url = "https://headscale.reichard.io";
dns = {
base_domain = "reichard.dev";
nameservers = {
global = [
"9.9.9.9"
];
split = {
"va.reichard.io" = [ "10.0.20.20" ];
};
};
};
};
};
networking.firewall = mkIf cfg.openFirewall {
allowedTCPPorts = [ 8080 ];
};
};
}

108
modules/nixos/services/llama-cpp/default.nix
View File

@@ -1,108 +0,0 @@
{ config, pkgs, lib, namespace, ... }:
let
inherit (lib) types mkIf mkEnableOption;
inherit (lib.${namespace}) mkOpt;
cfg = config.${namespace}.services.llama-cpp;
modelDir = "/models";
availableModels = {
"qwen2.5-coder-7b-q8_0.gguf" = {
url = "https://huggingface.co/ggml-org/Qwen2.5-Coder-7B-Q8_0-GGUF/resolve/main/qwen2.5-coder-7b-q8_0.gguf?download=true";
flag = "--fim-qwen-7b-default";
};
"qwen2.5-coder-3b-q8_0.gguf" = {
url = "https://huggingface.co/ggml-org/Qwen2.5-Coder-3B-Q8_0-GGUF/resolve/main/qwen2.5-coder-3b-q8_0.gguf?download=true";
flag = "--fim-qwen-3b-default";
};
};
in
{
options.${namespace}.services.llama-cpp = with types; {
enable = mkEnableOption "llama-cpp support";
modelName = mkOpt str "qwen2.5-coder-3b-q8_0.gguf" "model to use";
};
config =
let
modelPath = "${modelDir}/${cfg.modelName}";
in
mkIf cfg.enable {
assertions = [
{
assertion = availableModels ? ${cfg.modelName};
message = "Invalid model '${cfg.modelName}'. Available models: ${lib.concatStringsSep ", " (lib.attrNames availableModels)}";
}
];
systemd.services = {
# LLama Download Model
download-model = {
description = "Download Model";
wantedBy = [ "multi-user.target" ];
before = [ "llama-cpp.service" ];
path = [ pkgs.curl pkgs.coreutils ];
serviceConfig = {
Type = "oneshot";
RemainAfterExit = true;
User = "root";
Group = "root";
};
script =
let
modelURL = availableModels.${cfg.modelName}.url;
in
''
set -euo pipefail
if [ ! -f "${modelPath}" ]; then
mkdir -p "${modelDir}"
# Add -f flag to follow redirects and -L for location
# Add --fail flag to exit with error on HTTP errors
# Add -C - to resume interrupted downloads
curl -f -L -C - \
-H "Accept: application/octet-stream" \
--retry 3 \
--retry-delay 5 \
--max-time 1800 \
"${modelURL}" \
-o "${modelPath}.tmp" && \
mv "${modelPath}.tmp" "${modelPath}"
fi
'';
};
# Setup LLama API Service
llama-cpp = {
after = [ "download-model.service" ];
requires = [ "download-model.service" ];
};
};
services.llama-cpp = {
enable = true;
host = "0.0.0.0";
port = 8012;
openFirewall = true;
model = "${modelPath}";
package = (pkgs.llama-cpp.override {
cudaSupport = true;
}).overrideAttrs (oldAttrs: {
cmakeFlags = oldAttrs.cmakeFlags ++ [
"-DGGML_CUDA_ENABLE_UNIFIED_MEMORY=1"
"-DCMAKE_CUDA_ARCHITECTURES=61" # GTX-1070
# Disable CPU Instructions - Intel(R) Core(TM) i5-3570K CPU @ 3.40GHz
"-DLLAMA_FMA=OFF"
"-DLLAMA_AVX2=OFF"
"-DLLAMA_AVX512=OFF"
"-DGGML_FMA=OFF"
"-DGGML_AVX2=OFF"
"-DGGML_AVX512=OFF"
];
});
extraFlags = [ availableModels.${cfg.modelName}.flag ];
};
};
}

18
modules/nixos/services/mosh/default.nix
View File

@@ -1,18 +0,0 @@
{ config, lib, namespace, ... }:
let
inherit (lib) mkIf;
cfg = config.${namespace}.services.mosh;
in
{
options.${namespace}.services.mosh = {
enable = lib.mkEnableOption "mosh support";
};
config = mkIf cfg.enable {
programs.mosh = {
enable = true;
openFirewall = true;
};
};
}

6
modules/nixos/services/openssh/default.nix
View File

@@ -12,14 +12,8 @@ let
authorizedKeys = [ authorizedKeys = [
# evanreichard@lin-va-mbp-personal # evanreichard@lin-va-mbp-personal
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILJJoyXQOv9cAjGUHrUcvsW7vY9W0PmuPMQSI9AMZvNY" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILJJoyXQOv9cAjGUHrUcvsW7vY9W0PmuPMQSI9AMZvNY"
# evanreichard@mac-va-mbp-personal
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMWj6rd6uDtHj/gGozgIEgxho/vBKebgN5Kce/N6vQWV"
# evanreichard@lin-va-thinkpad # evanreichard@lin-va-thinkpad
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAq5JQr/6WJMIHhR434nK95FrDmf2ApW2Ahd2+cBKwDz" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAq5JQr/6WJMIHhR434nK95FrDmf2ApW2Ahd2+cBKwDz"
# evanreichard@mobile
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIARTNbl4lgQsp7SJEng7vprL0+ChC9e6iR7o/PiC4Jme"
# evanreichard@lin-va-terminal
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIM5e6Cty+7rX5BjIEHBTU6GnzfOxPJiHpSqin/BnsypO"
]; ];
in in
{ {

14
modules/nixos/services/rke2/default.nix
View File

@@ -9,7 +9,7 @@ in
options.${namespace}.services.rke2 = with types; { options.${namespace}.services.rke2 = with types; {
enable = lib.mkEnableOption "Enable RKE2"; enable = lib.mkEnableOption "Enable RKE2";
disable = mkOpt (listOf str) [ ] "Disable services"; disable = mkOpt (listOf str) [ ] "Disable services";
openFirewall = mkBoolOpt false "Open firewall"; openFirewall = mkBoolOpt true "Open firewall";
}; };
config = mkIf cfg.enable { config = mkIf cfg.enable {
@@ -18,10 +18,6 @@ in
disable = cfg.disable; disable = cfg.disable;
}; };
# NOTE: Tailscale & K8s Calico conflict due to FWMask. You need to update the DaemonSet Env with:
# - name: FELIX_IPTABLESMARKMASK
# value: "0xff00ff00"
networking.firewall.allowedTCPPorts = mkIf cfg.openFirewall [ networking.firewall.allowedTCPPorts = mkIf cfg.openFirewall [
# RKE2 Ports - https://docs.rke2.io/install/requirements#networking # RKE2 Ports - https://docs.rke2.io/install/requirements#networking
6443 # Kubernetes API 6443 # Kubernetes API
@@ -36,6 +32,8 @@ in
7946 # memberlist 7946 # memberlist
]; ];
environment.systemPackages = with pkgs; [ nfs-utils ];
networking.firewall.allowedUDPPorts = mkIf cfg.openFirewall [ networking.firewall.allowedUDPPorts = mkIf cfg.openFirewall [
# RKE2 Ports - https://docs.rke2.io/install/requirements#networking # RKE2 Ports - https://docs.rke2.io/install/requirements#networking
8472 # Canal CNI with VXLAN 8472 # Canal CNI with VXLAN
@@ -51,11 +49,5 @@ in
after = [ "cloud-final.service" ]; after = [ "cloud-final.service" ];
requires = [ "cloud-final.service" ]; requires = [ "cloud-final.service" ];
}; };
environment.systemPackages = with pkgs; [
k9s
kubectl
nfs-utils
];
}; };
} }

32
modules/nixos/services/rtl-tcp/default.nix
View File

@@ -1,32 +0,0 @@
{ config, pkgs, lib, namespace, ... }:
let
inherit (lib) mkIf mkEnableOption;
inherit (lib.${namespace}) mkBoolOpt;
cfg = config.${namespace}.services.rtl-tcp;
in
{
options.${namespace}.services.rtl-tcp = {
enable = mkEnableOption "RTL-TCP support";
openFirewall = mkBoolOpt true "Open firewall";
};
config = mkIf cfg.enable {
hardware.rtl-sdr.enable = true;
networking.firewall.allowedTCPPorts = mkIf cfg.openFirewall [ 1234 ];
# RTL-SDR TCP Server Service
systemd.services.rtl-tcp = {
description = "RTL-SDR TCP Server";
after = [ "network.target" ];
wantedBy = [ "multi-user.target" ];
serviceConfig = {
ExecStart = "${pkgs.rtl-sdr}/bin/rtl_tcp -a 0.0.0.0 -f 1090000000 -s 2400000";
Restart = "on-failure";
RestartSec = "10s";
User = "root";
Group = "root";
};
};
};
}

20
modules/nixos/services/sunshine/default.nix
View File

@@ -1,20 +0,0 @@
{ config, lib, namespace, ... }:
let
inherit (lib) mkIf mkEnableOption;
inherit (lib.${namespace}) mkBoolOpt;
cfg = config.${namespace}.services.sunshine;
in
{
options.${namespace}.services.sunshine = {
enable = mkEnableOption "enable sunshine service";
openFirewall = mkBoolOpt true "open firewall";
};
config = mkIf cfg.enable {
services.sunshine = {
enable = true;
openFirewall = cfg.openFirewall;
};
};
}

27
modules/nixos/services/tailscale/default.nix
View File

@@ -1,27 +0,0 @@
{ config, lib, namespace, ... }:
let
inherit (lib) mkIf mkEnableOption;
cfg = config.${namespace}.services.tailscale;
in
{
options.${namespace}.services.tailscale = {
enable = mkEnableOption "enable tailscale service";
enableRouting = mkEnableOption "enable tailscale routing";
};
config = mkIf cfg.enable {
services.tailscale = {
enable = true;
useRoutingFeatures = if cfg.enableRouting then "server" else "client";
};
boot.kernel.sysctl = mkIf cfg.enableRouting {
"net.ipv4.ip_forward" = 1;
"net.ipv6.conf.all.forwarding" = 1;
};
# NOTE: Tailscale & K8s Calico conflict due to FWMask. You need to update the DaemonSet Env with:
# - name: FELIX_IPTABLESMARKMASK
# value: "0xff00ff00"
};
}

21
modules/nixos/system/boot/default.nix
View File

@@ -1,29 +1,18 @@
{ config, lib, namespace, ... }: { config, lib, namespace, ... }:
let let
inherit (lib) mkIf mkDefault; inherit (lib) mkIf mkDefault;
inherit (lib.${namespace}) mkBoolOpt;
cfg = config.${namespace}.system.boot; cfg = config.${namespace}.system.boot;
in in
{ {
options.${namespace}.system.boot = { options.${namespace}.system.boot = {
enable = lib.mkEnableOption "Enable Boot"; enable = lib.mkEnableOption "Enable Boot";
enableGrub = mkBoolOpt true "Enable GRUB"; xenGuest = lib.mkEnableOption "Enable Xen Guest";
enableSystemd = mkBoolOpt false "Enable systemd";
xenGuest = lib.mkEnableOption "Xen guest support";
showNotch = lib.mkEnableOption "Show macOS Notch"; showNotch = lib.mkEnableOption "Show macOS Notch";
silentBoot = lib.mkEnableOption "Silent Boot"; silentBoot = lib.mkEnableOption "Silent Boot";
}; };
config = mkIf cfg.enable { config = mkIf cfg.enable {
assertions = [
{
assertion = !(cfg.enableGrub && cfg.enableSystemd);
message = "Cannot enable both GRUB and systemd-boot";
}
];
services.xe-guest-utilities.enable = mkIf cfg.xenGuest true; services.xe-guest-utilities.enable = mkIf cfg.xenGuest true;
boot = { boot = {
@@ -44,18 +33,12 @@ in
canTouchEfiVariables = false; canTouchEfiVariables = false;
}; };
systemd-boot = mkIf cfg.enableSystemd { systemd-boot = {
enable = true; enable = true;
configurationLimit = 20; configurationLimit = 20;
editor = false; editor = false;
}; };
grub = mkIf cfg.enableGrub {
enable = true;
efiSupport = true;
efiInstallAsRemovable = true;
};
timeout = mkDefault 1; timeout = mkDefault 1;
}; };

44
modules/nixos/system/disk/default.nix
View File

@@ -20,19 +20,22 @@ in
content = { content = {
type = "gpt"; type = "gpt";
partitions = { partitions = {
bios-boot = {
name = "bios-boot";
size = "1M";
type = "EF02";
};
boot = { boot = {
name = "boot"; size = "512M";
size = "500M";
type = "EF00"; type = "EF00";
content = { content = {
type = "filesystem"; type = "filesystem";
format = "vfat"; format = "vfat";
mountpoint = "/boot"; mountpoint = "/boot";
mountOptions = [ "umask=0077" ];
};
};
root = {
size = "100%";
content = {
type = "filesystem";
format = "ext4";
mountpoint = "/";
}; };
}; };
swap = { swap = {
@@ -43,33 +46,6 @@ in
resumeDevice = true; resumeDevice = true;
}; };
}; };
root = {
name = "root";
size = "100%";
content = {
type = "lvm_pv";
vg = "pool";
};
};
};
};
};
};
lvm_vg = {
pool = {
type = "lvm_vg";
lvs = {
root = {
size = "100%FREE";
content = {
type = "filesystem";
format = "ext4";
mountpoint = "/";
mountOptions = [
"defaults"
];
};
}; };
}; };
}; };

59
modules/nixos/virtualisation/libvirtd/default.nix
View File

@@ -1,59 +0,0 @@
{ config, lib, pkgs, namespace, ... }:
let
inherit (lib) mkIf;
inherit (lib.${namespace}) mkBoolOpt;
cfg = config.${namespace}.virtualisation.libvirtd;
in
{
options.${namespace}.virtualisation.libvirtd = {
enable = lib.mkEnableOption "enable libvirtd";
withVirtManager = mkBoolOpt false "add virt-manager";
enableIntelIOMMU = mkBoolOpt false "enable Intel IOMMU for better device passthrough";
enableAMDIOMMU = mkBoolOpt false "enable AMD IOMMU for better device passthrough";
};
config = mkIf cfg.enable {
environment.systemPackages = with pkgs; [
win-virtio
virtiofsd
libvirt
qemu_kvm
] ++ lib.optionals cfg.withVirtManager [
virt-manager
virt-viewer
spice-gtk
];
reichard = {
user = {
extraGroups = [
"libvirtd"
];
};
};
virtualisation = {
libvirtd = {
enable = true;
qemu = {
package = pkgs.qemu_kvm;
runAsRoot = false;
swtpm.enable = true;
ovmf = {
enable = true;
packages = [ pkgs.OVMFFull.fd ];
};
};
};
spiceUSBRedirection.enable = true;
};
boot.kernelParams = lib.optionals cfg.enableIntelIOMMU [
"intel_iommu=on"
] ++ lib.optionals cfg.enableAMDIOMMU [
"amd_iommu=on"
];
};
}

26
secrets/mac-va-mbp-personal/evanreichard/default.yaml
View File

@@ -1,26 +0,0 @@
builder_ssh_key: ENC[AES256_GCM,data:1cYuaFJke/8GyqxPKp2zH/uARvW6Bqx6AsB16U8f3WkDpnxO6kym19MpDyQUBEjJ9Bj3RiBkSSL96jBv4YZfq+1cN8D6E14faKoYF5FZy5o1C+aTl+4L9zbrQIl/QDFh42qcJ6cYsOSjbEJv8kvZQBV7l+LNo8ZX07f76Kld3boouJJMMZWa9oaZgEifTxN4yDOPXTXNjCO3blGnsm+V3FPkba+EUASL9WH6+XLU2oW1Bc/sydOTiKGRJcs5eyqYvKi3evtxUUyqgdPVtUHNTsh6/B5kDLWFavfEfchPHT0LHIuqGJwGBglTp/NJThAoo5vNFAFIAUw9QWlY4alHhsi2L5g49r3s6i+3fGeyGCTP61uffY9HgF7nOdkTVMsRXacKh9fwgdsZAepcU+kJ3LJSdOaa4hUtCsZpFHUe4jA0kTHI1/V+7ak+iw92gNZTLKsCjIOzWFvEBVSXLctPdxQ8ezvF9ekvw5mkAwO7QYonlrQ3MUY/8b1DDOdjmfSwEyrLruew2KajFhm8/NM/2BOwcO/y+DbX2MSe5x0sx4HN79E=,iv:V25Tc7bOxc4wl5lf6gZOstN1InaCb3sfpCHMl65iwn8=,tag:mBFZcX2G3vpAOMw7V12d6w==,type:str]
rke2_kubeconfig: ENC[AES256_GCM,data:oTOBktUE71QNJXqy8l5hhYKF3mSQlLxXE7rjsctyJi4nIk4bhKACGdYkB8B37Ws9QHm5h9tAn9J/ehbWyBwsOFQIhX7S0kov8/HPlatbY3aJ+PiHO5GWRkJjbq+GZrJgdGeOCSRlA5C4lOy9cYbCqbsgfp42cNxOPhOQUyqFNCmsWJvBiJDuQX3Sqk2QoDtfTayho/v5IiJ9Xjms6m1ng98uXmANHK2wFAv4IZ2+7j14jy5RRKylTtjooJxTalSzdODV4wufHOLqFRCeGs9U4A/SEbRWacssdTWOp/wkaumruEpbuRaX33EwFzAxnawD0T/PBA1w9MfrXoz7bYaQ8S0fpWQHTr7xj79yrlJslBvTp/SzC+7LlpdsOtJr/2LpbzwFowMFPOGg0XJUWlkevIIObBuEYyAnlytxlys+2UNx+szOuUsUDTdZlEtTyJT+Xp8WjFlXkHsi66s+rDxDvUcMG6oLy3IYiYA4D7Q65aDgiy87kDmdfItf5koEEpHU2wV20EtAP2mRZ8UNYnDHd3ZV1L2gLXHGMA/sa0Tn0l4fhfr+6K0niQ9RaZxrVfqyChCw4bSCyZZFajZXcEDXsQB5UKsnMmZ3p5ZtRe/mqKydAz/xQc8mZPYFWwXN3uWgOWLRraRib0thg/PQzsbGNrKxoqc0sY3JbUSBcyhtz2x7b0Sj+g8ibtySmSEM1DrcYFdLG/QHbg8MaSOIIlZDDan2SJ0vAd432hI9BBIxj3L0EOfVBkbzEdtuuW7SSCG650X2u4Rd0Kkjc7HoB6pafJTWx2QZ/CMKIZFiHfMJ1zRyxco7SwZzsTRZ1Y0W7qgnssKpqtRNwCfRTdDM/6aZ1HorNP2NombuyGmfvD/EZSt4xxsOZIgioqfghbcsTCFZQPUvfBSZvJ5KBXS8qacBmsUxMLRMyzSbq0mM/S9Rz8oUxN587K7pLTNNiwFsQ9mXlGgh//rzhdAfzQZF/uuMrjqYgxt3iOAT3Nd34RbZ8YK31SRf6lFy7b+hafS1FFVUnW8jnC57eo2wNpHFBNA1y60dokx9P1dzZUVVYK5iCK+QFkUweD9WSo0al09E3By2pQxZ1OS9UOcTxFbpP/WakD57/tkOvmGIirqrexVecDcODelGXhCVeXb8zJQDz2PdXz3M4G0zIV2JcgJDjJy91Rx56vxRQv0/mvPfjexm9gQcTWOpIeUOBGRCfMXMh0g0AANHxDheRa9WzYQ10uDE3DsyMT53+FGW73PyPBk5MzRY/RQXjTEVbhO/e8Km7KOuhRxpohcLHCugEFMqjsW/c5b6GU24s3n69XPxMWtdtMmnf1FaGGufuOXyYd2s1vQqi+542x41HYnXiT6OQwsFttnlbwfrosl9qgSSgsfwXNv7qHQUBDg1KczwlPBZ3cMA/rQUqHL2N4vEp00JoJFjBTbWrin2FCOBafQmpKPv9j/nqiJROr3I93bSaodk0rFOUDWV3Sp/YepeuYb6wY+lMgysg4jDuJxEYQytFfNI2SBd7g4Xh6vBW/GS1/JdaHhh/Ub5/Cqa0Pxl5fBjV1HQIaM8mXi+V90zRVqzKm9vl9wXjXzAk8QvWRiW5ruP3IsMl5myL1KBuFIgZNPkbv8Nap3XDgmO2IvM6gWI3LHW81cgS6dDcsuC2C9zr291MAlYQiaotqQ33u0ga/y8DTXB3mcLTPLpkWWRY+Cc+qVAuD3LwCvd2StUhxUNwDbwVaxtuSk+uWMx1PCPPwHDVB3sm93wbnKrvj0TMHdkh0im+KzSplaMAsCgKJj1YO3Yhjg+E9CwIaYEDKcCE8FNqioSzzaXABQgpa4zUWkWC+D4iD/kSS3Z+BgB0VCytB705SMbmHmAlWnNayFgQLx3xo/TkgF51jEghj2w2gPyTM8gLqq8kvpXnDx95nhfStRu3KZCuCZKadrv0V5mSCCSzw0STDKZjfwYHHMWOnf41UDG7M9+vWHdtZdnJjLvw8gIqmLl0fkw75jFXYXQaNj4vh6MNSp7ABA8wY5Ala/EckHjx9R88czgyvHTLfVOiFgIiOLvldSYmDlaMcyPTVH7JSTiSoZ7aUwNROQE0/C9GyvZH8MGN9Iy6YQAUQYf5jjesoe3dPJf66GmeCKKlAcO1aK91XXow+pWrYJBZilhXJgPNTKltP2ObDLeJ/30KYF7Gee9GvtJaKzBGjYFZZz9nj8ixIBymS+M7N65U8Sw+/37qCnkSDe6VgkMoXXijaPgfToR4yb6FdZOqRlvynbyC+lSO44l2S1CkKbUxrqzZX2pQ6iB1eJdaHmIBYawVg7tJOO3snPXYMiMAgmojrH1BUUpbQRRvG4BTrUOES4N+2etytiZ7N4GEDzshosVaf9NeFBWRGC58siec/BtKwo7HGcsc0zDvcq8MFJ6rEUDbuZuWn3+CvxC9fi4+CzDP3j3K9lOUiXJ6vxv+1eImFMVgQUiV4g2M/JMTv6+Ix8U9dHoaNVjQlnL1NZRo92C/T2WRx42V97hJOe81CXqRLY8mW30MXat7KK+n92bNsWTKZrNsKnzVb+i1YwMAiwG1bw0OCcmfVojozZ4wjUNkFJI2K0v0CCvwVIl9yUKMkCvo+I1m2ZInOXRme2HK82YFg6JxitlQvovdlUndN1Lo4PhaxbW3BNwJSn81FxJ4yh+d34eawZlsQ4l+er2CyWrXSOvQnK1F8UwDB5xgPb8TBj5FD4IZM+op2LPQiaPQZ7bShzpN20W413lBvauirbD8EaZqt2QExmDnYHs1EMcj10bvu7IyKwZTlBqOa/LpyUH/imY4DTB0aYHby+xnLX7760S0sJfKuJ7omQ4QBgz+NSZ/aFfPicugkPsCZI0lS9WCcczvHgbFRzB6YQ5uJEoK5o5SdVTpYWUBvuLbJ6IOKNKWxlBcrsj4aPm+AAsxRc9cHPbrCns6y01K2wCYCL5nzK7jnneQiR4edtfnwMlUoo3c6/vzwiof4EVVrN29QxVsIA/9yqk375mKlI/l7/eOf083Kbad215wvZ+0U7cgI0oaaVvapj3Ni3e3Es8XUIQCua5HRE6d4M6A7P+Ye1Wkt+8oTpKJzd9Hn/ITwCYVssdpMSwF2ARHgmTtq+sacvkR9gojG/LAJMUwA48Sc4M5rn+5vTCRTvuKXDFphLSUwNzqd58YENC/HJjZS8+co+BN7AaafrybfA0QQrXkY7f+elsAFmNfho+taMpkfQZCmmgfoHPVPYR0pxkV1czCymm5lTjgkC7e4ydngcyJSrUzrXrWREkEcEdXoSRt1/JHABKRbvRuTbuUlah1xS1pvffosnA7KJL+aTLErkWwww3WUPMRrvmhVlWZqHGqE8lCRyMUPny7li3I2IB+aHFXepYwZSMMQPIOIiE19Oz7MsaIrMknqfTtdc58McEPGUPKiVO8x+nfRQPY45jFF60XtiK+yemYDicUGMSkWdtVLXgDCD+KAJz5YzBl5YbnPD9L1X9pB8P0vEpnKC6X+GGiaPflVGiNAKRTUyVv8CJ+Yh+KEfJw8og/P6d/7dSKheBeAdaliigZ9qG8xfyY0jE++xedaxIcOBObBu6j70j+Tpp5bUPN25FyVR2GqG4xz5YbuhnrRjhA6lAh0nppPlP+Oz/j9pPvPaDGESLZ/WM6MWru7R8DrHePBtulRvhvwUsmrjosPXuCNGU4sd1MFh6kNyyJH3W1quy3IopUij0Amu40mmd8XEzsN2nmT2Eh3NCd/r/2yj/t+xwxNcQZ+bfxeMFOiEfX5RU2paKNrRIDUEbgR1rS8A3PEUPTxwTP10IuY+IMToCSgZkVIq7UjXg0Bx9QdwvXcN74ADwkD0Un5+jLf4mo43QacwnBLpm24XqDzO09vKOzA9XU5fdC6AJ4mqAJ5J/XU8bC1RWiSCul6NekoJAPVgMlpWTPCAdSrWeYoE0d7lVkl+g+nEIS4sb,iv:mC5XSWReVzjwheF1IzCzp34JRvL/vJipyaKhptkH+cU=,tag:SDoNiaWaPKzruj+HPv5jbw==,type:str]
sops:
age:
- recipient: age1sac93wpnjcv62s7583jv6a4yspndh6k0r25g3qx3k7gq748uvafst6nz4w
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBuVWFObG51K2lTYlZidXBU
aW55RnpkVDExbVBkNDl4NkV3MFNkNThjbWdZCklhWkVSaWpPSE1VY09iWGlPVE9Q
bW1SY05jK3BwcDIwSHdMZjJHdWQyQkkKLS0tIHZYS2c2U2xtQ1QxajlKeWpmNXZW
bmdpcTl2NjRWM3F3Q2RHbk1rTEFvZEkKWag1nmqFZMRjwFtIo6oqs+9UI/Mer5bK
Ax7P7uwoZdiMN2g84W1pNTjj6GktFn3jrBaE+MxY6NUBr02apkRYZw==
-----END AGE ENCRYPTED FILE-----
- recipient: age1dccte7xtwswgef089nd80dutp96xnezx5lrqnneh9cusegsnda8sj3dj6c
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB5cURST1FTbVk4RGZTaitF
MEt3Z2U0a004Zmo0VG1BN29DUnBLNGxPMEJFCkcyL1JrMkZsSTM5WCtZSldSeGZw
SmdpV3AxRDJyVW1WMXBuclhBSDkvTXcKLS0tIDZsU2pBbEFHNkdqWW1CZW1hdVN3
eW9OdlJmS21IVDNVNk9OMjZBT21PUTAK+lpsdEp2uvg8nFWu/hPtK0+Ahi5J//5d
NB6JJ7lwRWKy2NppFf9sy20Y1Z0Z5Ui40nbnURRzYgtsqbKBveUDcA==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2025-07-29T23:30:28Z"
mac: ENC[AES256_GCM,data:x3dnanNbIX0fippbbFqOSR9ptZGdAwWuyn7hf3z6i43rk8Nk9p9EVqmE4/Guz2QY2tG/cph/5/nwX4UCO4ixAdB7pAWZa6lI1JdFzMBfW1IGeXOLyprDt6xdFnCVXjy64HgNWiVOPUS4+olxNZ0LPmCof7odqn+Axj+icFK3N34=,iv:OyFac4TxnKXwJ0l7LcJTqVyl11gIpw8fvEAEQTrEBc0=,tag:zMOGwIwAZmel+4EIqy9/tQ==,type:str]
unencrypted_suffix: _unencrypted
version: 3.10.2

29
shells/default/default.nix
View File

@@ -1,29 +0,0 @@
{ pkgs, ... }:
let
sync-repo = pkgs.writeShellScriptBin "sync-repo" ''
if [ -z "$1" ]; then
echo "Usage: sync-repo <ip-address>"
echo "Example: sync-repo 23.29.118.42"
exit 1
fi
rsync -av \
--exclude='.git' \
--exclude='.direnv' \
--exclude='_scratch' \
. evanreichard@$1:/etc/nixos
'';
in
pkgs.mkShell {
name = "reichard-dev";
buildInputs = with pkgs; [
rsync
sync-repo
];
shellHook = ''
echo "Use: sync-repo <ip-address> to sync repository"
'';
}

21
systems/aarch64-darwin/mac-va-mbp-personal/default.nix
View File

@@ -1,21 +0,0 @@
{ lib, ... }:
{
system.stateVersion = 6;
nix.enable = false;
# System Config
reichard = {
nix = {
enable = true;
usingDeterminate = true;
};
security = {
sops = {
enable = true;
sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
defaultSopsFile = lib.snowfall.fs.get-file "secrets/mac-va-mbp-personal/default.yaml";
};
};
};
}

62
systems/aarch64-linux/lin-o1-headscale/default.nix
View File

@@ -1,62 +0,0 @@
{ namespace, config, pkgs, lib, modulesPath, ... }:
let
inherit (lib.${namespace}) enabled;
cfg = config.${namespace}.user;
in
{
imports = [
(modulesPath + "/profiles/qemu-guest.nix")
];
system.stateVersion = "25.05";
time.timeZone = "UTC";
boot.loader.grub = {
efiSupport = true;
efiInstallAsRemovable = true;
};
reichard = {
nix = enabled;
system = {
disk = {
enable = true;
diskPath = "/dev/sda";
};
networking = enabled;
};
services = {
openssh = enabled;
headscale = {
enable = true;
openFirewall = true;
};
tailscale = {
enable = true;
enableRouting = true;
};
};
};
users.users.${cfg.name} = {
openssh = {
authorizedKeys.keys = [
# evanreichard@lin-va-mbp-personal
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILJJoyXQOv9cAjGUHrUcvsW7vY9W0PmuPMQSI9AMZvNY"
# evanreichard@mac-va-mbp-personal
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMWj6rd6uDtHj/gGozgIEgxho/vBKebgN5Kce/N6vQWV"
# evanreichard@lin-va-thinkpad
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAq5JQr/6WJMIHhR434nK95FrDmf2ApW2Ahd2+cBKwDz"
];
};
};
environment.systemPackages = with pkgs; [
btop
tmux
vim
];
}

60
systems/aarch64-linux/lin-o1-node/default.nix
View File

@@ -1,60 +0,0 @@
{ namespace, config, pkgs, lib, modulesPath, ... }:
let
inherit (lib.${namespace}) enabled;
cfg = config.${namespace}.user;
in
{
imports = [
(modulesPath + "/profiles/qemu-guest.nix")
];
system.stateVersion = "25.05";
time.timeZone = "UTC";
boot.loader.grub = {
efiSupport = true;
efiInstallAsRemovable = true;
};
reichard = {
nix = enabled;
system = {
disk = {
enable = true;
diskPath = "/dev/sda";
};
networking = {
enable = true;
};
};
services = {
openssh = enabled;
tailscale = {
enable = true;
enableRouting = true;
};
};
};
users.users.${cfg.name} = {
openssh = {
authorizedKeys.keys = [
# evanreichard@lin-va-mbp-personal
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILJJoyXQOv9cAjGUHrUcvsW7vY9W0PmuPMQSI9AMZvNY"
# evanreichard@mac-va-mbp-personal
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMWj6rd6uDtHj/gGozgIEgxho/vBKebgN5Kce/N6vQWV"
# evanreichard@lin-va-thinkpad
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAq5JQr/6WJMIHhR434nK95FrDmf2ApW2Ahd2+cBKwDz"
];
};
};
environment.systemPackages = with pkgs; [
btop
tmux
vim
];
}

2
systems/aarch64-linux/lin-va-mbp-personal/default.nix
View File

@@ -7,7 +7,7 @@ in
./hardware-configuration.nix ./hardware-configuration.nix
]; ];
system.stateVersion = "25.05"; system.stateVersion = "24.11";
time.timeZone = "America/New_York"; time.timeZone = "America/New_York";
# System Config # System Config

60
systems/x86_64-linux/lin-o1-x86-node/default.nix
View File

@@ -1,60 +0,0 @@
{ namespace, config, pkgs, lib, modulesPath, ... }:
let
inherit (lib.${namespace}) enabled;
cfg = config.${namespace}.user;
in
{
imports = [
(modulesPath + "/profiles/qemu-guest.nix")
];
system.stateVersion = "25.05";
time.timeZone = "UTC";
boot.loader.grub = {
efiSupport = true;
efiInstallAsRemovable = true;
};
reichard = {
nix = enabled;
system = {
disk = {
enable = true;
diskPath = "/dev/sda";
};
networking = {
enable = true;
};
};
services = {
openssh = enabled;
tailscale = {
enable = true;
enableRouting = true;
};
};
};
users.users.${cfg.name} = {
openssh = {
authorizedKeys.keys = [
# evanreichard@lin-va-mbp-personal
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILJJoyXQOv9cAjGUHrUcvsW7vY9W0PmuPMQSI9AMZvNY"
# evanreichard@mac-va-mbp-personal
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMWj6rd6uDtHj/gGozgIEgxho/vBKebgN5Kce/N6vQWV"
# evanreichard@lin-va-thinkpad
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAq5JQr/6WJMIHhR434nK95FrDmf2ApW2Ahd2+cBKwDz"
];
};
};
environment.systemPackages = with pkgs; [
btop
tmux
vim
];
}

65
systems/x86_64-linux/lin-ovh-kube1/default.nix
View File

@@ -1,65 +0,0 @@
{ namespace, config, pkgs, lib, modulesPath, ... }:
let
inherit (lib.${namespace}) enabled;
cfg = config.${namespace}.user;
in
{
imports = [
(modulesPath + "/profiles/qemu-guest.nix")
];
system.stateVersion = "25.05";
time.timeZone = "UTC";
networking.firewall.allowedTCPPorts = [ 443 ];
boot.loader.grub = {
efiSupport = true;
efiInstallAsRemovable = true;
};
reichard = {
nix = enabled;
system = {
disk = {
enable = true;
diskPath = "/dev/sda";
};
networking = enabled;
};
services = {
openssh = enabled;
tailscale = {
enable = true;
enableRouting = true;
};
rke2 = {
enable = true;
openFirewall = false;
disable = [ "rke2-ingress-nginx" ];
};
};
};
users.users.${cfg.name} = {
openssh = {
authorizedKeys.keys = [
# evanreichard@lin-va-mbp-personal
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILJJoyXQOv9cAjGUHrUcvsW7vY9W0PmuPMQSI9AMZvNY"
# evanreichard@mac-va-mbp-personal
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMWj6rd6uDtHj/gGozgIEgxho/vBKebgN5Kce/N6vQWV"
# evanreichard@lin-va-thinkpad
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAq5JQr/6WJMIHhR434nK95FrDmf2ApW2Ahd2+cBKwDz"
];
};
};
environment.systemPackages = with pkgs; [
btop
tmux
vim
];
}

73
systems/x86_64-linux/lin-ssd-kube1/default.nix
View File

@@ -1,73 +0,0 @@
{ namespace, config, pkgs, lib, modulesPath, ... }:
let
inherit (lib.${namespace}) enabled;
cfg = config.${namespace}.user;
in
{
imports = [
(modulesPath + "/profiles/qemu-guest.nix")
];
system.stateVersion = "25.05";
time.timeZone = "UTC";
networking.firewall.allowedTCPPorts = [ 443 ];
boot.loader.grub = {
efiSupport = true;
efiInstallAsRemovable = true;
};
reichard = {
nix = enabled;
system = {
disk = {
enable = true;
diskPath = "/dev/sda";
};
networking = {
enable = true;
useStatic = {
interface = "enp3s0";
address = "23.29.118.42";
defaultGateway = "23.29.118.1";
nameservers = [ "1.1.1.1" ];
};
};
};
services = {
openssh = enabled;
tailscale = {
enable = true;
enableRouting = true;
};
rke2 = {
enable = true;
openFirewall = false;
disable = [ "rke2-ingress-nginx" ];
};
};
};
# users.users.${cfg.name} = {
# openssh = {
# authorizedKeys.keys = [
# # evanreichard@lin-va-mbp-personal
# "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILJJoyXQOv9cAjGUHrUcvsW7vY9W0PmuPMQSI9AMZvNY"
# # evanreichard@mac-va-mbp-personal
# "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMWj6rd6uDtHj/gGozgIEgxho/vBKebgN5Kce/N6vQWV"
# # evanreichard@lin-va-thinkpad
# "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAq5JQr/6WJMIHhR434nK95FrDmf2ApW2Ahd2+cBKwDz"
# ];
# };
# };
environment.systemPackages = with pkgs; [
btop
tmux
vim
];
}

6
systems/x86_64-linux/lin-va-nix-builder/default.nix
View File

@@ -4,7 +4,7 @@ let
in in
{ {
time.timeZone = "America/New_York"; time.timeZone = "America/New_York";
system.stateVersion = "25.05"; system.stateVersion = "24.11";
reichard = { reichard = {
system = { system = {
@@ -33,8 +33,6 @@ in
authorizedKeys = [ authorizedKeys = [
# evanreichard@lin-va-mbp-personal # evanreichard@lin-va-mbp-personal
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILJJoyXQOv9cAjGUHrUcvsW7vY9W0PmuPMQSI9AMZvNY" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILJJoyXQOv9cAjGUHrUcvsW7vY9W0PmuPMQSI9AMZvNY"
# evanreichard@mac-va-mbp-personal
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMWj6rd6uDtHj/gGozgIEgxho/vBKebgN5Kce/N6vQWV"
# evanreichard@lin-va-thinkpad # evanreichard@lin-va-thinkpad
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAq5JQr/6WJMIHhR434nK95FrDmf2ApW2Ahd2+cBKwDz" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAq5JQr/6WJMIHhR434nK95FrDmf2ApW2Ahd2+cBKwDz"
# NixOS Builder # NixOS Builder
@@ -49,8 +47,6 @@ in
authorizedKeys.keys = [ authorizedKeys.keys = [
# evanreichard@lin-va-mbp-personal # evanreichard@lin-va-mbp-personal
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILJJoyXQOv9cAjGUHrUcvsW7vY9W0PmuPMQSI9AMZvNY" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILJJoyXQOv9cAjGUHrUcvsW7vY9W0PmuPMQSI9AMZvNY"
# evanreichard@mac-va-mbp-personal
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMWj6rd6uDtHj/gGozgIEgxho/vBKebgN5Kce/N6vQWV"
# evanreichard@lin-va-thinkpad # evanreichard@lin-va-thinkpad
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAq5JQr/6WJMIHhR434nK95FrDmf2ApW2Ahd2+cBKwDz" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAq5JQr/6WJMIHhR434nK95FrDmf2ApW2Ahd2+cBKwDz"
# NixOS Builder # NixOS Builder

207
systems/x86_64-linux/lin-va-office/default.nix
View File

@@ -1,70 +1,175 @@
{ namespace, pkgs, config, lib, ... }: { config, pkgs, ... }:
let
inherit (lib.${namespace}) enabled;
cfg = config.${namespace}.user;
in
{
system.stateVersion = "25.05";
time.timeZone = "America/New_York";
let
cuda-llama = (pkgs.llama-cpp.override {
cudaSupport = true;
}).overrideAttrs (oldAttrs: {
cmakeFlags = oldAttrs.cmakeFlags ++ [
"-DGGML_CUDA_ENABLE_UNIFIED_MEMORY=1"
# Disable CPU Instructions - Intel(R) Core(TM) i5-3570K CPU @ 3.40GHz
"-DLLAMA_FMA=OFF"
"-DLLAMA_AVX2=OFF"
"-DLLAMA_AVX512=OFF"
"-DGGML_FMA=OFF"
"-DGGML_AVX2=OFF"
"-DGGML_AVX512=OFF"
];
});
# Define Model Vars
modelDir = "/models";
# 7B
# modelName = "qwen2.5-coder-7b-q8_0.gguf";
# modelUrl = "https://huggingface.co/ggml-org/Qwen2.5-Coder-7B-Q8_0-GGUF/resolve/main/${modelName}?download=true";
# 3B
modelName = "qwen2.5-coder-3b-q8_0.gguf";
modelUrl = "https://huggingface.co/ggml-org/Qwen2.5-Coder-3B-Q8_0-GGUF/resolve/main/${modelName}?download=true";
modelPath = "${modelDir}/${modelName}";
in
{
# Allow Nvidia & CUDA
nixpkgs.config.allowUnfree = true; nixpkgs.config.allowUnfree = true;
# System Config # Enable Graphics
reichard = { hardware.graphics = {
nix = enabled; enable = true;
enable32Bit = true;
extraPackages = [ pkgs.cudatoolkit ];
};
system = { # Load Nvidia Driver Module
boot = { services.xserver.videoDrivers = [ "nvidia" ];
enable = true;
silentBoot = true; # Nvidia Package Configuration
}; hardware.nvidia = {
disk = { package = config.boot.kernelPackages.nvidiaPackages.stable;
enable = true; modesetting.enable = true;
diskPath = "/dev/sda"; powerManagement.enable = true;
}; open = false;
networking = { nvidiaSettings = true;
enable = true; };
useStatic = {
interface = "enp5s0"; # Networking Configuration
address = "10.0.50.120"; networking.firewall = {
defaultGateway = "10.0.50.254"; enable = true;
nameservers = [ "10.0.20.20" ]; allowedTCPPorts = [
}; 1234 # RTL-TCP
8080 # LLama API
];
};
# RTL-SDR
hardware.rtl-sdr.enable = true;
systemd.services = {
# LLama Download Model
download-model = {
description = "Download Model";
wantedBy = [ "multi-user.target" ];
before = [ "llama-cpp.service" ];
path = [ pkgs.curl pkgs.coreutils ];
serviceConfig = {
Type = "oneshot";
RemainAfterExit = true;
User = "root";
Group = "root";
}; };
script = ''
set -euo pipefail
if [ ! -f "${modelPath}" ]; then
mkdir -p "${modelDir}"
# Add -f flag to follow redirects and -L for location
# Add --fail flag to exit with error on HTTP errors
# Add -C - to resume interrupted downloads
curl -f -L -C - \
-H "Accept: application/octet-stream" \
--retry 3 \
--retry-delay 5 \
--max-time 1800 \
"${modelUrl}" \
-o "${modelPath}.tmp" && \
mv "${modelPath}.tmp" "${modelPath}"
fi
'';
}; };
hardware = { # RTL-SDR TCP Server Service
opengl = { rtl-tcp = {
enable = true; description = "RTL-SDR TCP Server";
enableNvidia = true; after = [ "network.target" ];
}; wantedBy = [ "multi-user.target" ];
};
services = { serviceConfig = {
openssh = enabled; ExecStart = "${pkgs.rtl-sdr}/bin/rtl_tcp -a 0.0.0.0 -f 1090000000 -s 2400000";
llama-cpp = enabled; Restart = "on-failure";
rtl-tcp = enabled; RestartSec = "10s";
User = "root";
Group = "root";
};
}; };
}; };
users.users.${cfg.name} = { # Setup LLama API Service
openssh = { systemd.services.llama-cpp = {
authorizedKeys.keys = [ after = [ "download-model.service" ];
# evanreichard@lin-va-mbp-personal requires = [ "download-model.service" ];
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILJJoyXQOv9cAjGUHrUcvsW7vY9W0PmuPMQSI9AMZvNY" };
# evanreichard@mac-va-mbp-personal
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMWj6rd6uDtHj/gGozgIEgxho/vBKebgN5Kce/N6vQWV" # Enable LLama API
# evanreichard@lin-va-thinkpad services.llama-cpp = {
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAq5JQr/6WJMIHhR434nK95FrDmf2ApW2Ahd2+cBKwDz" enable = true;
]; host = "0.0.0.0";
}; package = cuda-llama;
model = modelPath;
port = 8080;
openFirewall = true;
# 7B
# extraFlags = [
# "-ngl"
# "99"
# "-fa"
# "-ub"
# "512"
# "-b"
# "512"
# "-dt"
# "0.1"
# "--ctx-size"
# "4096"
# "--cache-reuse"
# "256"
# ];
# 3B
extraFlags = [
"-ngl"
"99"
"-fa"
"-ub"
"1024"
"-b"
"1024"
"--ctx-size"
"0"
"--cache-reuse"
"256"
];
}; };
# System Packages # System Packages
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
btop htop
git nvtopPackages.full
rtl-sdr
tmux tmux
vim vim
wget
]; ];
} }

48
systems/x86_64-linux/lin-va-terminal/default.nix
View File

@@ -1,48 +0,0 @@
{ namespace, lib, ... }:
let
inherit (lib.${namespace}) enabled;
in
{
system.stateVersion = "25.05";
time.timeZone = "America/New_York";
boot.supportedFilesystems = [ "nfs" ];
reichard = {
nix = enabled;
system = {
boot = {
enable = true;
enableGrub = false;
enableSystemd = true;
xenGuest = true;
};
disk = {
enable = true;
diskPath = "/dev/xvda";
};
networking = {
enable = true;
useStatic = {
interface = "enX0";
address = "10.0.50.30";
defaultGateway = "10.0.50.254";
nameservers = [ "10.0.20.20" ];
};
};
};
services = {
avahi = enabled;
mosh = enabled;
openssh = enabled;
tailscale = enabled;
};
virtualisation = {
podman = enabled;
};
};
}

46
systems/x86_64-linux/lin-va-thinkpad/default.nix
View File

@@ -1,30 +1,11 @@
{ namespace, pkgs, lib, ... }: { namespace, lib, ... }:
let let
inherit (lib.${namespace}) enabled; inherit (lib.${namespace}) enabled;
in in
{ {
system.stateVersion = "25.05"; system.stateVersion = "24.11";
time.timeZone = "America/New_York"; time.timeZone = "America/New_York";
hardware.enableRedistributableFirmware = true;
boot = {
supportedFilesystems = [ "nfs" ];
kernelParams = [
# Mask GPE03 (EC wakeup events) to allow hibernation without spurious CPU wakeups
"acpi_mask_gpe=0x03"
];
};
hardware = {
enableRedistributableFirmware = true;
bluetooth.enable = true;
amdgpu.initrd.enable = lib.mkDefault true;
};
services = {
xserver.videoDrivers = [ "modesetting" ];
fwupd.enable = true;
};
# System Config # System Config
reichard = { reichard = {
@@ -33,8 +14,6 @@ in
system = { system = {
boot = { boot = {
enable = true; enable = true;
enableGrub = false;
enableSystemd = true;
silentBoot = true; silentBoot = true;
}; };
disk = { disk = {
@@ -49,24 +28,15 @@ in
hardware = { hardware = {
opengl = enabled; opengl = enabled;
battery = {
upower = enabled;
};
}; };
services = { services = {
tailscale = enabled;
avahi = enabled; avahi = enabled;
ydotool = enabled; ydotool = enabled;
}; };
virtualisation = { virtualisation = {
podman = enabled; podman = enabled;
libvirtd = {
enable = true;
withVirtManager = true;
enableAMDIOMMU = true;
};
}; };
programs = { programs = {
@@ -82,14 +52,4 @@ in
}; };
}; };
}; };
# Additional System Packages
environment.systemPackages = with pkgs; [
dool
jq
mosh
rclone
sqlite-interactive
unzip
];
} }

3
systems/x86_64-vmware/lin-va-rke2/default.nix → systems/x86_64-qcow/lin-va-rke2/default.nix
View File

@@ -9,7 +9,7 @@ in
config = { config = {
# Basic System # Basic System
system.stateVersion = "25.05"; system.stateVersion = "24.11";
time.timeZone = "UTC"; time.timeZone = "UTC";
reichard = { reichard = {
@@ -33,7 +33,6 @@ in
cloud-init = enabled; cloud-init = enabled;
rke2 = { rke2 = {
enable = true; enable = true;
openFirewall = true;
disable = [ "rke2-ingress-nginx" ]; disable = [ "rke2-ingress-nginx" ];
}; };
openiscsi = { openiscsi = {