diff --git a/flake.nix b/flake.nix index 9037679..7664fee 100644 --- a/flake.nix +++ b/flake.nix @@ -31,7 +31,7 @@ let mkNixos = modules: nixpkgs.lib.nixosSystem { inherit modules; - specialArgs = { inherit nixpkgs unstable hardware lanzaboote mailserver minecraft; }; + specialArgs = { inherit nixpkgs unstable hardware lanzaboote agenix mailserver minecraft; }; }; mkHome = modules: pkgs: home-manager.lib.homeManagerConfiguration { @@ -51,7 +51,6 @@ "jimbo@firefly" = mkHome [ ./hosts/firefly/home ] nixpkgs.legacyPackages.x86_64-linux; "jimbo@cyberspark" = mkHome [ ./hosts/cyberspark/home ] nixpkgs.legacyPackages.x86_64-linux; "jimbo@shuttleworth" = mkHome [ ./hosts/shuttleworth/home ] nixpkgs.legacyPackages.aarch64-linux; - "jimbo@guest" = mkHome [ ./hosts/guest/home ] nixpkgs.legacyPackages.x86_64-linux; }; }; } diff --git a/hosts/cyberspark/id_ed25519.pub b/hosts/cyberspark/id_ed25519.pub new file mode 100644 index 0000000..1c06662 --- /dev/null +++ b/hosts/cyberspark/id_ed25519.pub @@ -0,0 +1 @@ +ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIKC8Uqxb09V3msBgDv6lD/nETMYr/X0OgtpDo8ldcMK diff --git a/hosts/cyberspark/system/default.nix b/hosts/cyberspark/system/default.nix index d3e5778..30ce1f6 100644 --- a/hosts/cyberspark/system/default.nix +++ b/hosts/cyberspark/system/default.nix @@ -3,6 +3,7 @@ imports = [ ./hardware + # Apps and programs ../../../modules/system ../../../modules/system/accounts ../../../modules/system/devices/filesystems @@ -15,9 +16,11 @@ ../../../modules/system/services/common ../../../modules/system/services/server + # Misc ../../../overlays ../../../variables + # Imports mailserver.nixosModule ]; diff --git a/hosts/firefly/home/default.nix b/hosts/firefly/home/default.nix index e0982e3..ae119d8 100644 --- a/hosts/firefly/home/default.nix +++ b/hosts/firefly/home/default.nix @@ -12,8 +12,10 @@ ../../../modules/home/utils # Misc - nur.nixosModules.nur ../../../overlays ../../../variables + + # Imports + nur.nixosModules.nur ]; } diff --git a/hosts/firefly/id_ed25519.pub b/hosts/firefly/id_ed25519.pub new file mode 100644 index 0000000..e36a85d --- /dev/null +++ b/hosts/firefly/id_ed25519.pub @@ -0,0 +1 @@ +ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIC2lMkUd+BbXITE5LTg94hEzmA6UKsIIbaf5YOjGoLzl diff --git a/hosts/firefly/system/default.nix b/hosts/firefly/system/default.nix index 5e601b6..aefb376 100644 --- a/hosts/firefly/system/default.nix +++ b/hosts/firefly/system/default.nix @@ -1,4 +1,4 @@ -{ lanzaboote, ... }: +{ agenix, lanzaboote, ... }: { imports = [ ./hardware @@ -13,11 +13,14 @@ ../../../variables # Devices and hardware - lanzaboote.nixosModules.lanzaboote ../../../modules/system/devices ../../../modules/system/devices/boot/lanzaboote ../../../modules/system/devices/video/nvidia ../../../modules/system/devices/networking/firewall/pc + + # Imports + agenix.nixosModules.default + lanzaboote.nixosModules.lanzaboote ]; networking.hostName = "firefly"; diff --git a/hosts/firefly/system/hardware/default.nix b/hosts/firefly/system/hardware/default.nix index 434c77d..9c3b823 100644 --- a/hosts/firefly/system/hardware/default.nix +++ b/hosts/firefly/system/hardware/default.nix @@ -24,7 +24,7 @@ in { ]; boot = { - kernelPackages = pkgs.unstable.linuxPackages_latest; + kernelPackages = pkgs.unstable.linuxPackages_zen; blacklistedKernelModules = [ "pcspkr" ]; diff --git a/hosts/shuttleworth/id_ed25519.pub b/hosts/shuttleworth/id_ed25519.pub new file mode 100644 index 0000000..3d0e0ec --- /dev/null +++ b/hosts/shuttleworth/id_ed25519.pub @@ -0,0 +1 @@ +ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIK+L723mCLy9/9UAXwkY3+06Oq22dOj+lDnA0lMLbrsR diff --git a/modules/system/accounts/users/jimbo/default.nix b/modules/system/accounts/users/jimbo/default.nix index 68e448a..c1f5ae9 100644 --- a/modules/system/accounts/users/jimbo/default.nix +++ b/modules/system/accounts/users/jimbo/default.nix @@ -5,7 +5,13 @@ description = "Jimbo"; hashedPassword = config.secrets.jimboAccPass; isNormalUser = true; - openssh.authorizedKeys.keys = config.secrets.jimKeys; + openssh.authorizedKeys.keys = [ + (builtins.readFile ../../../../../hosts/firefly/id_ed25519.pub) + (builtins.readFile ../../../../../hosts/cyberspark/id_ed25519.pub) + (builtins.readFile ../../../../../hosts/shuttleworth/id_ed25519.pub) + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJahAoF74BY6GCTsFkt1ADKaraFgJJozW1Y1aBTLK0j9 pixel9" + ]; + extraGroups = [ "wheel" "audio" diff --git a/modules/system/desktop/sway/greetd/default.nix b/modules/system/desktop/sway/greetd/default.nix index a1a56e1..85a18a4 100644 --- a/modules/system/desktop/sway/greetd/default.nix +++ b/modules/system/desktop/sway/greetd/default.nix @@ -2,7 +2,24 @@ { services = { # Configure greetd for "auto" login (single user only) - greetd = { + greetd = let + startSway = pkgs.writeScript "startsway" '' + if lspci -k | grep "Kernel driver in use: nvidia" &> /dev/null; then + export LIBVA_DRIVER_NAME=nvidia + export GBM_BACKEND=nvidia-drm + export __GLX_VENDOR_LIBRARY_NAME=nvidia + export WLR_NO_HARDWARE_CURSORS=1 + else + : + fi + + export WLR_RENDERER=vulkan + export XDG_CURRENT_DESKTOP=sway + export QT_QPA_PLATFORM="wayland;xcb" + + sway --unsupported-gpu + ''; + in { enable = true; restart = true; settings = { @@ -11,22 +28,7 @@ switch = true; }; default_session = { - command = '' - if lspci -k | grep "Kernel driver in use: nvidia" &> /dev/null; then - export LIBVA_DRIVER_NAME=nvidia - export GBM_BACKEND=nvidia-drm - export __GLX_VENDOR_LIBRARY_NAME=nvidia - export WLR_NO_HARDWARE_CURSORS=1 - else - : - fi - - export WLR_RENDERER=vulkan - export XDG_CURRENT_DESKTOP=sway - export QT_QPA_PLATFORM="wayland;xcb" - - sway --unsupported-gpu - ''; + command = "${startSway}"; user = "jimbo"; }; }; diff --git a/modules/system/devices/video/nvidia/default.nix b/modules/system/devices/video/nvidia/default.nix index b50af2d..03ceb16 100644 --- a/modules/system/devices/video/nvidia/default.nix +++ b/modules/system/devices/video/nvidia/default.nix @@ -4,7 +4,7 @@ hardware.nvidia = { modesetting.enable = true; nvidiaSettings = false; - package = config.boot.kernelPackages.nvidiaPackages.beta; + package = config.boot.kernelPackages.nvidiaPackages.latest; open = false; }; } diff --git a/modules/system/services/server/minecraft/default.nix b/modules/system/services/server/minecraft/default.nix index fb7912d..6bb2b93 100644 --- a/modules/system/services/server/minecraft/default.nix +++ b/modules/system/services/server/minecraft/default.nix @@ -10,8 +10,6 @@ ./servers/uberbeta ]; - nixpkgs.overlays = [ minecraft.overlay ]; - services.minecraft-servers = { enable = true; eula = true; diff --git a/overlays/default.nix b/overlays/default.nix index 425a195..0b7a7fa 100644 --- a/overlays/default.nix +++ b/overlays/default.nix @@ -1,8 +1,9 @@ -{ unstable, ... }: +{ unstable, minecraft, ... }: { nixpkgs.overlays = [ (import ./unstable { inherit unstable; }) (final: _prev: import ./packages { pkgs = final; }) (import ./mpv) + minecraft.overlay ]; } diff --git a/variables/secrets/default.nix b/variables/secrets/default.nix index b79ffeb..38b50a7 100644 Binary files a/variables/secrets/default.nix and b/variables/secrets/default.nix differ