From 5d101ab2661f4a58e5364c73aadd2a400cf228c4 Mon Sep 17 00:00:00 2001 From: danny Date: Thu, 18 Sep 2025 10:20:29 +0800 Subject: [PATCH] new device --- .sops.yaml | 6 + flake.nix | 17 ++ home/presets/basic.nix | 1 - home/user/desktops.nix | 12 -- home/user/hypr/bind.nix | 2 +- system/dev/dn-pre7780/default.nix | 4 +- system/dev/dn-server/services.nix | 6 + system/dev/generic/disk.nix | 2 +- system/dev/skydrive-lap/boot.nix | 14 ++ system/dev/skydrive-lap/default.nix | 151 ++++++++++++++++++ system/dev/skydrive-lap/disk.nix | 34 ++++ .../skydrive-lap/hardware-configuration.nix | 26 +++ system/dev/skydrive-lap/secret.yaml | 26 +++ system/dev/skydrive-lap/sops-conf.nix | 8 + 14 files changed, 292 insertions(+), 17 deletions(-) delete mode 100644 home/user/desktops.nix create mode 100644 system/dev/skydrive-lap/boot.nix create mode 100644 system/dev/skydrive-lap/default.nix create mode 100644 system/dev/skydrive-lap/disk.nix create mode 100644 system/dev/skydrive-lap/hardware-configuration.nix create mode 100644 system/dev/skydrive-lap/secret.yaml create mode 100644 system/dev/skydrive-lap/sops-conf.nix diff --git a/.sops.yaml b/.sops.yaml index a439994..1ba9252 100644 --- a/.sops.yaml +++ b/.sops.yaml @@ -2,6 +2,7 @@ keys: - &dn_server age1z6f643a6vqm7cqh6fna5dhmxfkgwxgqy8kg9s0vf9uxhaswtngtspmqsjw - &dn_pre7780 age1uvsvf5ljaezh5wze32p685kfentyle0l2mvysc67yvgct2h4850qqph9lv - &dn_lap age17rjcght2y5p4ryr76ysnxpy2wff62sml7pyc5udcts48985j05vqpwdfq2 + - &skydrive_lap age1ar5h06qv72pduau043r04kschwcq0x0lm33wqvxzdh9grmp3cq3sy0ngnz creation_rules: - path_regex: system/dev/dn-server/secret.yaml @@ -17,3 +18,8 @@ creation_rules: key_groups: - age: - *dn_lap + - path_regex: system/dev/skydrive-lap/secret.yaml + key_groups: + - age: + - *skydrive_lap + - *dn_pre7780 diff --git a/flake.nix b/flake.nix index 11710e4..682ccb8 100644 --- a/flake.nix +++ b/flake.nix @@ -262,6 +262,23 @@ (import ./pkgs/overlays/dovecot.nix) ]; }; + + # Skydrive + skydrive-lap = { + hostname = "skydrive-lap"; + username = "skydrive"; + domain = "sky.dn"; + extra-modules = [ + inputs.nix-minecraft.nixosModules.minecraft-servers + inputs.nix-tmodloader.nixosModules.tmodloader + inputs.disko.nixosModules.disko + ./system/dev/skydrive-lap + ]; + overlays = [ + inputs.nix-minecraft.overlay + inputs.nix-tmodloader.overlay + ]; + }; }; in { diff --git a/home/presets/basic.nix b/home/presets/basic.nix index ca535e3..714529d 100644 --- a/home/presets/basic.nix +++ b/home/presets/basic.nix @@ -3,7 +3,6 @@ imports = [ ../user/internationalisation.nix ../user/config.nix - ../user/desktops.nix ../user/direnv.nix ../user/environment.nix ../user/gtk.nix diff --git a/home/user/desktops.nix b/home/user/desktops.nix deleted file mode 100644 index 34f0c06..0000000 --- a/home/user/desktops.nix +++ /dev/null @@ -1,12 +0,0 @@ -{ - lib, - pkgs, - ... -}: -{ - home.activation = { - updateIconCache = lib.hm.dag.entryAfter [ "linkGeneration" ] '' - $DRY_RUN_CMD ${pkgs.gtk3}/bin/gtk-update-icon-cache -t -f ~/.local/share/icons/hicolor - ''; - }; -} diff --git a/home/user/hypr/bind.nix b/home/user/hypr/bind.nix index 2a8ac18..1bf4664 100644 --- a/home/user/hypr/bind.nix +++ b/home/user/hypr/bind.nix @@ -60,7 +60,7 @@ in ''${mainMod}, n, tagwindow, ${notransTag}'' # Bitwarden Selector - (optionalString config.programs.rbw.enable ''CTRL ${mainMod}, P, exec, ${rbwSelector}'') + ''CTRL ${mainMod}, P, exec, ${rbwSelector}'' # Screenshot ''${mainMod} SHIFT, s, exec, hyprshot -m region ${clipboardOnly}'' diff --git a/system/dev/dn-pre7780/default.nix b/system/dev/dn-pre7780/default.nix index e2403ac..2dc8aea 100644 --- a/system/dev/dn-pre7780/default.nix +++ b/system/dev/dn-pre7780/default.nix @@ -148,7 +148,7 @@ in settings = [ # monitor 1 { - output = "DP-3"; + output = "DP-6"; height = 48; modules-left = [ "custom/os" @@ -175,7 +175,7 @@ in } # monitor 2 { - output = "DP-2"; + output = "DP-5"; height = 54; modules-left = [ "clock" diff --git a/system/dev/dn-server/services.nix b/system/dev/dn-server/services.nix index 7cdd095..f39705f 100644 --- a/system/dev/dn-server/services.nix +++ b/system/dev/dn-server/services.nix @@ -138,6 +138,12 @@ let publicKey = "ERLMpSbSIYRN5HoKmvsk2852/aAvzjvMV7tOs0oupxI="; allowedIPs = [ "10.0.0.145/32" ]; } + { + # Skydrive + dns = "skydrive-mesh"; + publicKey = "MK6UX8WadSbDXI3919F5EarYlZHjFNbHwYJH8Ub/YXk="; + allowedIPs = [ "10.0.0.146/32" ]; + } ]; in { diff --git a/system/dev/generic/disk.nix b/system/dev/generic/disk.nix index 3edad88..e9ec804 100644 --- a/system/dev/generic/disk.nix +++ b/system/dev/generic/disk.nix @@ -3,7 +3,7 @@ disko.devices = { disk = { main = { - device = "/dev/sda"; + device = "/dev/nvme1n1"; type = "disk"; content = { type = "gpt"; diff --git a/system/dev/skydrive-lap/boot.nix b/system/dev/skydrive-lap/boot.nix new file mode 100644 index 0000000..3e91d8c --- /dev/null +++ b/system/dev/skydrive-lap/boot.nix @@ -0,0 +1,14 @@ +{ pkgs, ... }: + +{ + boot.kernelPackages = pkgs.linuxPackages_latest; + boot.loader.systemd-boot.enable = true; + + # Enable F keys in some wireless keyboard (Ex. neo65) + boot.extraModprobeConfig = '' + options hid_apple fnmode=2 + ''; + + boot.initrd.systemd.enable = true; + boot.initrd.kernelModules = [ "i915" ]; +} diff --git a/system/dev/skydrive-lap/default.nix b/system/dev/skydrive-lap/default.nix new file mode 100644 index 0000000..dcf92e4 --- /dev/null +++ b/system/dev/skydrive-lap/default.nix @@ -0,0 +1,151 @@ +{ + username, + config, + lib, + pkgs, + ... +}: +let + inherit (lib) optionalString; + geVersion = "10-15"; + faceIcon = pkgs.fetchurl { + url = "https://instagram.ftpe7-1.fna.fbcdn.net/v/t51.2885-19/424428026_677208484625994_7040235245478168411_n.jpg?efg=eyJ2ZW5jb2RlX3RhZyI6InByb2ZpbGVfcGljLmRqYW5nby4xMDA4LmMyIn0&_nc_ht=instagram.ftpe7-1.fna.fbcdn.net&_nc_cat=106&_nc_oc=Q6cZ2QE3VBo0agfb2uRkv76VZxrXrKy3ZqOgrbVuuGMU_OUraKQBrsxhJCQdBRCwxri_CkI&_nc_ohc=p8gNQ2JIMw8Q7kNvwHo_GSn&_nc_gid=gdlrYsCRM-aXXlo0UnZp9Q&edm=ALGbJPMBAAAA&ccb=7-5&oh=00_AfYdDCxoYilhrom6hx55-j-HgfN-XbizFuIjg52Ci14P8Q&oe=68D0471D&_nc_sid=7d3ac5"; + hash = "sha256-qea72vVrZJ3DPH0h4i8TORXZjQZMyQnOlM7xi/0Enw0="; + }; + + memeSelector = pkgs.callPackage ../../../home/scripts/memeSelector.nix { + url = "https://nextcloud.net.dn/public.php/dav/files/pygHoPB5LxDZbeY/"; + }; + + monitors = [ + "desc:AU Optronics 0x82ED" + "desc:AOC 24B30HM2 27ZQ4HA00101" + ]; +in +{ + imports = [ + ./hardware-configuration.nix + ../../modules/presets/basic.nix + + # Nvidia GPU Driver + (import ../../modules/nvidia.nix { + nvidia-mode = "offload"; + intel-bus-id = "PCI:0:2:0"; + nvidia-bus-id = "PCI:1:0:0"; + }) + + ./boot.nix # Extra Boot Options + ./disk.nix + ./sops-conf.nix + ../../modules/gaming.nix + ../../modules/wine.nix + ../../modules/localsend.nix + (import ../../modules/airplay.nix { hostname = config.networking.hostName; }) + # (import ../../modules/virtualization.nix { inherit username; }) + ../../modules/wireguard.nix + ]; + + home-manager = { + users."${username}" = { + imports = [ + ../../../home/presets/basic.nix + + { + home.file.".face" = { + source = lib.mkForce faceIcon; + }; + } + + # Hyprland + (import ../../../home/user/hyprland.nix { inherit monitors; }) + { + wayland.windowManager.hyprland = { + settings = { + input = { + kb_options = lib.mkForce [ ]; + }; + + bind = [ + "$mainMod ctrl, M, exec, ${memeSelector}/bin/memeSelector" + ]; + }; + }; + } + + (import ../../../home/user/waybar.nix { + settings = [ + # monitor 1 + { + output = "eDP-1"; + modules-left = [ + "custom/os" + "hyprland/workspaces" + "clock" + "custom/cava" + "mpris" + ]; + modules-right = [ + "wlr/taskbar" + (optionalString config.programs.gamemode.enable "custom/gamemode") + "custom/airplay" + "custom/wallRand" + "custom/wireguard" + "custom/recording" + "idle_inhibitor" + "network" + "cpu" + "memory" + "pulseaudio" + "custom/swaync" + ]; + } + { + output = "HDMI-A-2"; + modules-left = [ + "clock" + "mpris" + ]; + modules-right = [ + "wlr/taskbar" + "temperature" + "cpu" + "memory" + "pulseaudio" + ]; + } + ]; + }) + ]; + + home.file = { + # Proton GE + ".steam/root/compatibilitytools.d/GE-Proton${geVersion}" = { + source = fetchTarball { + url = "https://github.com/GloriousEggroll/proton-ge-custom/releases/download/GE-Proton${geVersion}/GE-Proton${geVersion}.tar.gz"; + sha256 = "sha256:0iv7vak4a42b5m772gqr6wnarswib6dmybfcdjn3snvwxcb6hbsm"; + }; + }; + ".steam/root/compatibilitytools.d/CachyOS-Proton10-0_v3" = { + source = fetchTarball { + url = "https://github.com/CachyOS/proton-cachyos/releases/download/cachyos-10.0-20250714-slr/proton-cachyos-10.0-20250714-slr-x86_64_v3.tar.xz"; + sha256 = "sha256:0hp22hkfv3f1p75im3xpif0pmixkq2i3hq3dhllzr2r7l1qx16iz"; + }; + }; + }; + }; + }; + + environment.systemPackages = map lib.lowPrio [ + pkgs.curl + pkgs.gitMinimal + memeSelector + ]; + + users.users.root.openssh.authorizedKeys.keys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJSAOufpee7f8D8ONIIGU3qsN+8+DGO7BfZnEOTYqtQ5 danny@pre7780.dn" + ]; + + users.users."${username}".openssh.authorizedKeys.keys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJSAOufpee7f8D8ONIIGU3qsN+8+DGO7BfZnEOTYqtQ5 danny@pre7780.dn" + ]; +} diff --git a/system/dev/skydrive-lap/disk.nix b/system/dev/skydrive-lap/disk.nix new file mode 100644 index 0000000..e9ec804 --- /dev/null +++ b/system/dev/skydrive-lap/disk.nix @@ -0,0 +1,34 @@ +{ lib, ... }: +{ + disko.devices = { + disk = { + main = { + device = "/dev/nvme1n1"; + type = "disk"; + content = { + type = "gpt"; + partitions = { + ESP = { + type = "EF00"; + size = "500M"; + content = { + type = "filesystem"; + format = "vfat"; + mountpoint = "/boot"; + mountOptions = [ "umask=0077" ]; + }; + }; + root = { + size = "100%"; + content = { + type = "filesystem"; + format = "ext4"; + mountpoint = "/"; + }; + }; + }; + }; + }; + }; + }; +} diff --git a/system/dev/skydrive-lap/hardware-configuration.nix b/system/dev/skydrive-lap/hardware-configuration.nix new file mode 100644 index 0000000..0555636 --- /dev/null +++ b/system/dev/skydrive-lap/hardware-configuration.nix @@ -0,0 +1,26 @@ +# Do not modify this file! It was generated by ‘nixos-generate-config’ +# and may be overwritten by future invocations. Please make changes +# to /etc/nixos/configuration.nix instead. +{ config, lib, pkgs, modulesPath, ... }: + +{ + imports = + [ (modulesPath + "/installer/scan/not-detected.nix") + ]; + + boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "nvme" "usbhid" ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ "kvm-intel" ]; + boot.extraModulePackages = [ ]; + + # Enables DHCP on each ethernet and wireless interface. In case of scripted networking + # (the default) this is the recommended approach. When using systemd-networkd it's + # still possible to use this option, but it's recommended to use it in conjunction + # with explicit per-interface declarations with `networking.interfaces..useDHCP`. + networking.useDHCP = lib.mkDefault true; + # networking.interfaces.enp8s0.useDHCP = lib.mkDefault true; + # networking.interfaces.wg0.useDHCP = lib.mkDefault true; + + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; + hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; +} diff --git a/system/dev/skydrive-lap/secret.yaml b/system/dev/skydrive-lap/secret.yaml new file mode 100644 index 0000000..addd622 --- /dev/null +++ b/system/dev/skydrive-lap/secret.yaml @@ -0,0 +1,26 @@ +wireguard: + conf: ENC[AES256_GCM,data:ldBpfxIMARPsMyjwv6S3PxgprtprM8r2seYLUdjzQqQiXql4XzbuAkL1+JEXz9lZYfaFx/TdB6MhM8V/C24xAWUsYKPzK4AEanWfBQ4c9Qb1LlzNPm/nDy+4+X9GlmInd8oPPPj73BTgxIG26Wgi/gNsDBsZdZI/hD0Mz6s66y9QHYM1zM43RnlcqV/U9Hp0Q1Oxu5ljbvdt1K5Biuy/SnhRAVS0Qc3bwAnOX68ltZeF6k8J1/kNFBfSurBNJDktLxobAGBb9N6Aaq0q0l7VBB61GBglr3z+a8UiidPtWvqyVJAcWU+3v4uIeeMD3hMx216ypmVMpw5dPN33VrKW,iv:eZawtC2H+xcK1Ssr34ud31wHh/dOSlC6ntSd3OzKG1E=,tag:wwZsFfAbscEfpVvK0z7TzA==,type:str] +sops: + age: + - recipient: age1ar5h06qv72pduau043r04kschwcq0x0lm33wqvxzdh9grmp3cq3sy0ngnz + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA3VWdySE43U3hMWXdJMnNn + RHMxZVJkalhNUXhpQU14Q2dsNnNiS1E0WlQ4CnJTOGVidFBSV1E2UTBnSFV1c2Q4 + TTBGMTkzV3lZWnhFV3B6MWNLWm40TmsKLS0tIFk3NElyRTFuc01PdmFQODFDY1JQ + ZldzcDAyUVlKRENYQnQ0OGNEZklpaUEKP3MVkXUQWVHqXjKA3hnBEL1fZRNib8wm + tIXqSrK9c4fzAlHxrCefrbQCag04etmdkZXPGfQ0nl+okyi1AvrVXg== + -----END AGE ENCRYPTED FILE----- + - recipient: age1uvsvf5ljaezh5wze32p685kfentyle0l2mvysc67yvgct2h4850qqph9lv + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBqcTNFNENoNVpteTdjTy9x + emdqMENuS25mbHhCZC80dTRBcjFlYzhHM0N3CmpUWlBnRmRvRmg1Y3F0alkyU0U0 + NE5JdUlKTFAxaVJpa0ZLT0JxQTduTzQKLS0tIEp0TjEyYWVlelg1WklJd3AxZnhW + SFlTZ1BoanoyRTB2ZkJWSHRpcnZwZDQKZ+KF6Jh3zRPr+bDmpeVqdo0qW7vnyFtv + V5K8QYFEq9ZEz2u2DEZtyzBYBtTvF3TZz+DL63NHGH7vUVU4cpzxYg== + -----END AGE ENCRYPTED FILE----- + lastmodified: "2025-09-17T14:41:59Z" + mac: ENC[AES256_GCM,data:EozsnOxOJIydSKoMaoa1vcZBgmbWLHCnN73nSdhwaaVz5aW8YZi5rvVH0XwSLC/ZUolfSDYEe1RMhtM1pzfme9Ji5vu3OKHfUL65rp3fXgUzd6gfSoSyE5w+WIYREENkvM+bjUJUnhJYnSYqrugSjM9GBxVQRqWyYLFNB0Do/dM=,iv:EXKejICx3fLn8QLJlrCknm6e+BK5STo1Qsk/AiZZXVc=,tag:XPx1VaFxL04AfTVKviA/xQ==,type:str] + unencrypted_suffix: _unencrypted + version: 3.10.2 diff --git a/system/dev/skydrive-lap/sops-conf.nix b/system/dev/skydrive-lap/sops-conf.nix new file mode 100644 index 0000000..c19aedd --- /dev/null +++ b/system/dev/skydrive-lap/sops-conf.nix @@ -0,0 +1,8 @@ +{ config, lib, ... }: +{ + sops = { + secrets = { + "wireguard/conf" = { }; + }; + }; +}