diff --git a/flake.lock b/flake.lock index 6c650e2..a70468b 100644 --- a/flake.lock +++ b/flake.lock @@ -10,11 +10,11 @@ ] }, "locked": { - "lastModified": 1759705705, - "narHash": "sha256-ckBnfbxbT7VU7ay0c5jkstAZHrC4xDpEHgnQo99OdEw=", + "lastModified": 1760482308, + "narHash": "sha256-/N7svQ+TCTXEw/C9UPKi+l1Uft7b38eH9zpaOi4Guh0=", "owner": "9001", "repo": "copyparty", - "rev": "20ac117c3272da50ce125795d831ac55f29e766d", + "rev": "f55d8341f1de89bdea025a13f33e179090f46a4d", "type": "github" }, "original": { @@ -109,11 +109,11 @@ ] }, "locked": { - "lastModified": 1759853171, - "narHash": "sha256-uqbhyXtqMbYIiMqVqUhNdSuh9AEEkiasoK3mIPIVRhk=", + "lastModified": 1760500983, + "narHash": "sha256-zfY4F4CpeUjTGgecIJZ+M7vFpwLc0Gm9epM/iMQd4w8=", "owner": "nix-community", "repo": "home-manager", - "rev": "1a09eb84fa9e33748432a5253102d01251f72d6d", + "rev": "c53e65ec92f38d30e3c14f8d628ab55d462947aa", "type": "github" }, "original": { @@ -156,11 +156,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1759582739, - "narHash": "sha256-spZegilADH0q5OngM86u6NmXxduCNv5eX9vCiUPhOYc=", + "lastModified": 1760106635, + "narHash": "sha256-2GoxVaKWTHBxRoeUYSjv0AfSOx4qw5CWSFz2b+VolKU=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "3441b5242af7577230a78ffb03542add264179ab", + "rev": "9ed85f8afebf2b7478f25db0a98d0e782c0ed903", "type": "github" }, "original": { @@ -180,11 +180,11 @@ ] }, "locked": { - "lastModified": 1759833546, - "narHash": "sha256-rOfkgIiiZNPUbf61OqEym60wXEODeDG8XH+gV/SUoUc=", + "lastModified": 1760536587, + "narHash": "sha256-wfWqt+igns/VazjPLkyb4Z/wpn4v+XIjUeI3xY/1ENg=", "owner": "nix-community", "repo": "NixOS-WSL", - "rev": "7c0c0f4c3a51761434f18209fa9499b8579ff730", + "rev": "f98ee1de1fa36eca63c67b600f5d617e184e82ea", "type": "github" }, "original": { @@ -196,11 +196,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1759831965, - "narHash": "sha256-vgPm2xjOmKdZ0xKA6yLXPJpjOtQPHfaZDRtH+47XEBo=", + "lastModified": 1760284886, + "narHash": "sha256-TK9Kr0BYBQ/1P5kAsnNQhmWWKgmZXwUQr4ZMjCzWf2c=", "owner": "nixos", "repo": "nixpkgs", - "rev": "c9b6fb798541223bbb396d287d16f43520250518", + "rev": "cf3f5c4def3c7b5f1fc012b3d839575dbe552d43", "type": "github" }, "original": { @@ -255,11 +255,11 @@ ] }, "locked": { - "lastModified": 1759635238, - "narHash": "sha256-UvzKi02LMFP74csFfwLPAZ0mrE7k6EiYaKecplyX9Qk=", + "lastModified": 1760393368, + "narHash": "sha256-8mN3kqyqa2PKY0wwZ2UmMEYMcxvNTwLaOrrDsw6Qi4E=", "owner": "mic92", "repo": "sops-nix", - "rev": "6e5a38e08a2c31ae687504196a230ae00ea95133", + "rev": "ab8d56e85b8be14cff9d93735951e30c3e86a437", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index 491e9b9..aa37b40 100644 --- a/flake.nix +++ b/flake.nix @@ -127,6 +127,10 @@ hostname = "altostratus"; profiles.system.path = deploy-rs.lib.x86_64-linux.activate.nixos self.nixosConfigurations.altostratus; }; + harmatan = { + hostname = "harmatan"; + profiles.system.path = deploy-rs.lib.x86_64-linux.activate.nixos self.nixosConfigurations.harmatan; + }; }; sshUser = "root"; }; diff --git a/hosts/harmatan/default.nix b/hosts/harmatan/default.nix index e93414e..f1e5c97 100644 --- a/hosts/harmatan/default.nix +++ b/hosts/harmatan/default.nix @@ -14,13 +14,15 @@ inputs.nixpkgs.lib.nixosSystem { ./hardware-config.nix ../../configs/nixos/common.nix ../../configs/nixos/sshd.nix - # TODO - #../../configs/nixos/secrets.nix + ../../configs/nixos/interactive-networking.nix + ../../configs/nixos/secrets.nix ../../configs/nixos/tailscale.nix ../../configs/nixos/printing.nix ../../configs/nixos/syncthing.nix ../../configs/nixos/touchpad.nix ../../configs/nixos/i3 + ../../roles/nixos/gaming.nix + ../../roles/nixos/power-saving.nix ({ config, pkgs, @@ -36,10 +38,9 @@ inputs.nixpkgs.lib.nixosSystem { networking.hostName = "harmatan"; networking.hostId = "7a42af26"; - # TODO - # home-manager.sharedModules = [ - # inputs.sops-nix.homeManagerModules.sops - # ]; + home-manager.sharedModules = [ + inputs.sops-nix.homeManagerModules.sops + ]; home-manager.users.${config.host.details.user} = { inputs, osConfig, @@ -59,19 +60,17 @@ inputs.nixpkgs.lib.nixosSystem { ../../roles/home-manager/terminal.nix ../../roles/home-manager/music.nix ../../configs/home-manager/common.nix - # TODO - # ../../configs/home-manager/secrets.nix - ../configs/home-manager/email.nix - ../configs/home-manager/tiny-irc.nix + ../../configs/home-manager/secrets.nix + ../../configs/home-manager/email.nix + ../../configs/home-manager/tiny-irc.nix ]; - # TODO - # sops = lib.mkIf (inputs ? nix-secrets) { - # secrets = { - # gmail-password.sopsFile = "${inputs.nix-secrets}/workstations.yaml"; - # irc-cert.sopsFile = "${inputs.nix-secrets}/workstations.yaml"; - # }; - # }; + sops = lib.mkIf (inputs ? nix-secrets) { + secrets = { + gmail-password.sopsFile = "${inputs.nix-secrets}/workstations.yaml"; + irc-cert.sopsFile = "${inputs.nix-secrets}/workstations.yaml"; + }; + }; }; # Bootloader. diff --git a/hosts/harmatan/disk-config.nix b/hosts/harmatan/disk-config.nix index 88e174b..65a25e9 100644 --- a/hosts/harmatan/disk-config.nix +++ b/hosts/harmatan/disk-config.nix @@ -22,7 +22,7 @@ content = { type = "luks"; name = "crypted"; - passwordFile = "/tmp/secret.key"; + passwordFile = "/tmp/disk.key"; content = { type = "btrfs"; extraArgs = ["-L" "nixos" "-f"]; @@ -51,7 +51,7 @@ "/swap" = { mountpoint = "/.swapvol"; swap.swapfile.size = "16G"; - priority = 0; + swap.swapfile.priority = 0; }; }; }; diff --git a/hosts/harmatan/hardware-config.nix b/hosts/harmatan/hardware-config.nix index 459ce36..1952ae6 100644 --- a/hosts/harmatan/hardware-config.nix +++ b/hosts/harmatan/hardware-config.nix @@ -1,5 +1,5 @@ {config, ...}: { - config.hardware.enableRedistributableFirmware = true; + hardware.enableRedistributableFirmware = true; boot.initrd.availableKernelModules = ["nvme" "xhci_pci" "usbhid" "sdhci_pci"]; boot.initrd.kernelModules = []; diff --git a/roles/nixos/embedded-dev.nix b/roles/nixos/embedded-dev.nix index 34de710..40bfe59 100644 --- a/roles/nixos/embedded-dev.nix +++ b/roles/nixos/embedded-dev.nix @@ -14,6 +14,8 @@ ]; }; + users.users.${config.host.details.user}.extraGroups = [ "dialout" ]; + programs.nix-ld = { enable = true; libraries = with pkgs; [