diff --git a/flake.lock b/flake.lock index 629814d..8330e23 100644 --- a/flake.lock +++ b/flake.lock @@ -44,16 +44,28 @@ }, "nixpkgs": { "locked": { +<<<<<<< HEAD "lastModified": 1716633019, "narHash": "sha256-xim1b5/HZYbWaZKyI7cn9TJCM6ewNVZnesRr00mXeS4=", "owner": "NixOS", "repo": "nixpkgs", "rev": "9d29cd266cebf80234c98dd0b87256b6be0af44e", +======= + "lastModified": 1689431009, + "narHash": "sha256-hPgQCRWP5q/Xc4qOIP3c2krR9nQua78+t9EDiuey5nc=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "af8279f65fe71ce5a448408034a8c06e2b4b2c66", +>>>>>>> parent of 5b47cc3 (retire toaster, refactor a bit) "type": "github" }, "original": { "owner": "NixOS", +<<<<<<< HEAD "ref": "nixos-23.11", +======= + "ref": "nixos-23.05", +>>>>>>> parent of 5b47cc3 (retire toaster, refactor a bit) "repo": "nixpkgs", "type": "github" } @@ -74,11 +86,81 @@ "type": "github" } }, +<<<<<<< HEAD +======= + "nixpkgs-stable_2": { + "locked": { + "lastModified": 1689398528, + "narHash": "sha256-qVn/doWn20axR+KvmAAGexv0A5RVzcBbd5HfNMAMeVI=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "3dc2bc15956db2ff2316af45eefd45803fc1372b", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "release-23.05", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs-unstable": { + "locked": { + "lastModified": 1689373857, + "narHash": "sha256-mtBksyvhhT98Zsm9tYHuMKuLwUKDwv+BGTl6K5nOGhY=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "dfdbcc428f365071f0ca3888f6ec8c25c3792885", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "pre-commit-hooks-nix": { + "inputs": { + "flake-compat": [ + "lanzaboote", + "flake-compat" + ], + "flake-utils": [ + "lanzaboote", + "flake-utils" + ], + "gitignore": "gitignore", + "nixpkgs": [ + "lanzaboote", + "nixpkgs" + ], + "nixpkgs-stable": "nixpkgs-stable" + }, + "locked": { + "lastModified": 1684842236, + "narHash": "sha256-rYWsIXHvNhVQ15RQlBUv67W3YnM+Pd+DuXGMvCBq2IE=", + "owner": "cachix", + "repo": "pre-commit-hooks.nix", + "rev": "61e567d6497bc9556f391faebe5e410e6623217f", + "type": "github" + }, + "original": { + "owner": "cachix", + "repo": "pre-commit-hooks.nix", + "type": "github" + } + }, +>>>>>>> parent of 5b47cc3 (retire toaster, refactor a bit) "root": { "inputs": { "flake-utils": "flake-utils", "microvm": "microvm", "nixpkgs": "nixpkgs", +<<<<<<< HEAD +======= + "nixpkgs-unstable": "nixpkgs-unstable", +>>>>>>> parent of 5b47cc3 (retire toaster, refactor a bit) "sops-nix": "sops-nix", "tmux-yank": "tmux-yank" } @@ -88,7 +170,11 @@ "nixpkgs": [ "nixpkgs" ], +<<<<<<< HEAD "nixpkgs-stable": "nixpkgs-stable" +======= + "nixpkgs-stable": "nixpkgs-stable_2" +>>>>>>> parent of 5b47cc3 (retire toaster, refactor a bit) }, "locked": { "lastModified": 1716692524, diff --git a/flake.nix b/flake.nix index b172d00..28e9025 100644 --- a/flake.nix +++ b/flake.nix @@ -1,6 +1,7 @@ { inputs = { - nixpkgs.url = "github:NixOS/nixpkgs/nixos-23.11"; + nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable"; + nixpkgs.url = "github:NixOS/nixpkgs/nixos-23.05"; flake-utils.url = "github:numtide/flake-utils"; @@ -28,6 +29,7 @@ , flake-utils , microvm , nixpkgs + , nixpkgs-unstable , sops-nix , ... }: @@ -49,6 +51,28 @@ }; nixosConfigurations = { + toaster = nixpkgs-unstable.lib.nixosSystem { + system = "x86_64-linux"; + specialArgs = { inherit inputs; }; + modules = [ + sops-nix.nixosModules.sops + lanzaboote.nixosModules.lanzaboote + + ./hosts/toaster + + ./modules/basic-tools + ./modules/binary-caches.nix + ./modules/devtools.nix + ./modules/sway.nix + ./modules/gnupg.nix + ./modules/mail + ./modules/radio.nix + ./modules/science.nix + ./modules/tlp.nix + ./modules/virtualization.nix + ]; + }; + cirrus = nixpkgs.lib.nixosSystem { system = "x86_64-linux"; specialArgs = { inherit inputs; }; diff --git a/hosts/cirrus/wireguard-server.nix b/hosts/cirrus/wireguard-server.nix index 37cdd79..74e6091 100644 --- a/hosts/cirrus/wireguard-server.nix +++ b/hosts/cirrus/wireguard-server.nix @@ -41,7 +41,7 @@ }; wireguardPeers = [ { - # toaster + # microwave wireguardPeerConfig = { PublicKey = "0zpfcNrmbsNwwbnDDX4SMl4BVTB0zuhGKixT9TJQoHc="; AllowedIPs = [ "10.66.66.10/32" ]; diff --git a/hosts/toaster/default.nix b/hosts/toaster/default.nix index cac9bad..0a2d48d 100644 --- a/hosts/toaster/default.nix +++ b/hosts/toaster/default.nix @@ -5,6 +5,8 @@ ./hardware-configuration.nix ./irc.nix ./stateful-network.nix + ./network.nix + ./network-vpns.nix ./secrets.nix ./secure-boot.nix ./zfs.nix diff --git a/modules/chromium.nix b/modules/chromium.nix index 4a0f453..f7803ab 100644 --- a/modules/chromium.nix +++ b/modules/chromium.nix @@ -5,7 +5,7 @@ chromium ]; - nixpkgs.config.chromium.commandLineArgs = "--enable-features=UseOzonePlatform --ozone-platform=wayland --force-dark-mode --ignore-gpu-blocklist --enable-gpu-rasterization --enable-zero-copy --enable-native-gpu-memory-buffers --enable-features=VaapiVideoDecoder,VaapiVideoEncoder,CanvasOopRasterization,WebUIDarkMode"; + nixpkgs.config.chromium.commandLineArgs = "--enable-features=UseOzonePlatform --ozone-platform=wayland --force-dark-mode --ignore-gpu-blocklist --enable-gpu-rasterization --enable-zero-copy --enable-features=VaapiVideoDecoder,VaapiVideoEncoder,CanvasOopRasterization,WebUIDarkMode"; programs.chromium = { enable = true; diff --git a/modules/desktop-software.nix b/modules/desktop-software.nix index 669270b..659dd0e 100644 --- a/modules/desktop-software.nix +++ b/modules/desktop-software.nix @@ -14,6 +14,5 @@ tor-browser-bundle-bin wl-clipboard yt-dlp - libreoffice ]; } diff --git a/modules/gnome.nix b/modules/gnome.nix index 6af207e..787d489 100644 --- a/modules/gnome.nix +++ b/modules/gnome.nix @@ -12,7 +12,6 @@ gnome.gnome-tweaks nextcloud-client qbittorrent - spotify ]; environment.gnome.excludePackages = with pkgs; [ @@ -72,7 +71,6 @@ programs.bash.vteIntegration = true; fonts.fonts = with pkgs; [ - (nerdfonts.override { fonts = [ "FiraCode" "DroidSansMono" ]; }) monoid font-awesome dejavu_fonts diff --git a/modules/sway.nix b/modules/sway.nix index 834b38c..f894dcb 100644 --- a/modules/sway.nix +++ b/modules/sway.nix @@ -22,7 +22,7 @@ foot qt5.qtwayland bashmount - gnome.nautilus + (xfce.thunar.override { thunarPlugins = with xfce; [ thunar-volman thunar-archive-plugin ]; }) audacity ]; diff --git a/modules/vscode.nix b/modules/vscode.nix deleted file mode 100644 index 0bc26d7..0000000 --- a/modules/vscode.nix +++ /dev/null @@ -1,22 +0,0 @@ -{ pkgs, ... }: { -environment.systemPackages = with pkgs; [ - (vscode-with-extensions.override { - vscodeExtensions = with vscode-extensions; [ - bbenoist.nix - ms-python.python - ms-vscode-remote.remote-ssh - rust-lang.rust-analyzer - vscodevim.vim - james-yu.latex-workshop - ms-toolsai.jupyter - ] ++ pkgs.vscode-utils.extensionsFromVscodeMarketplace [ - { - name = "remote-ssh-edit"; - publisher = "ms-vscode-remote"; - version = "0.86.0"; - sha256 = "sha256-JsbaoIekUo2nKCu+fNbGlh5d1Tt/QJGUuXUGP04TsDI="; - } - ]; - }) -]; -}