Major update to handle multiple systems

2025-10-18 17:44:06 +05:30 · 2025-02-12 14:12:11 -06:00 · 2025-02-12 14:12:11 -06:00 · cd1d2d866b
commit cd1d2d866b
parent 0453901d17
34 changed files with 2040 additions and 456 deletions
--- a/hosts/ori/README.org
+++ b/hosts/ori/README.org
@ -0,0 +1,3 @@
+#+title: Just chillin'
+
+This is my profile for a personal computer. It is functionally identical to my [[../work]] profile, but includes extra things like games and social apps!
--- a/hosts/ori/configuration.nix
+++ b/hosts/ori/configuration.nix
@ -0,0 +1,50 @@
+{ config, lib, pkgs, ... }:
+
+{
+  config = {
+    systemSettings = {
+      # users
+      users = [ "emmet" ];
+      adminUsers = [ "emmet" ];
+
+      # hardware
+      cachy.enable = true;
+      cachy.variant = "server";
+
+      virtualization = {
+        docker.enable = true;
+      };
+
+      # dotfiles
+      dotfilesDir = "/etc/nixos";
+
+      # security
+      security = {
+        automount.enable = false;
+        blocklist.enable = true;
+        doas.enable = true;
+        firejail.enable = false; # TODO setup firejail profiles
+        firewall.enable = true;
+        gpg.enable = true;
+        sshd.enable = true;
+      };
+
+    };
+
+    user.users.emmet.openssh.authorizedKeys.keys = [
+      "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDaeejVJwUVrIZSo1isbu+gkQ7+8ftCgCsczy3OclkEVWHyRTqlG6yp74hr3j8ZNsOhov7c2Q6RqC8oy669hlxi/y9BsvtlI7sBr94oAKFOmkCS4RiK72ngJjBvI0vbk89wQQjmAd3r8B7ZcedpNOC8CkHu8SebKdYPRIUvAbPc3fTEt7DsJkazAepZCB8LEhUp57FAqQ/Ezlt3X/1uwNq5S0EbE9Zm+nUpEfSqR9apY2neKWLyGiCxpK3dzyNOuulCxvtVz+ie2sTk/6SxM+qWEoVVxhdwyxPihEjgC0EvtG0S5mVh5JmcjRkJOzzBHJuw+6r8yWn/AxGdIsoJ4rKNxH1XH1iLHgCraOLOUjUNlmejTcQPu6o92a79fdz2gCHT/BuIjfCW7MErAC3YSmF45TSur/kiWCBaTqYo06pgbQ3w1vKg7fievQlQzsutmg47RvJp6fb74yxuOdVg39cShQu/l8r6zqm21JAeUaaIp4P/0MrAIMOOVUhbK0QgsNElO4yn0ZKH8wGIF8xORh7ikxUIAyq8C41gjJiO2sAFJc3M8DhduQU3X0lHB7U0Qyu+8ZXn05+zdFPXJ73LKc7DCcLkppRXJsdHLSDEFdWqFnV7o08B4qZkPMT4pmvhwhY0Pf1fwavOqxuTstzw18gUGyQzl0foQi0Qrmdazsp2Qw== emmet@snowfire"
+    ];
+
+    environment.systemPackages = with pkgs; [
+      rclone
+      rdiff-backup
+      rsnapshot
+      cryptsetup
+      gocryptfs
+      attic-client
+    ];
+
+    programs.fuse.userAllowOther = true;
+  };
+  
+}
--- a/hosts/ori/default.nix
+++ b/hosts/ori/default.nix
@ -0,0 +1,14 @@
+{ config, lib, pkgs, ... }:
+
+{
+  imports = [
+    ./configuration.nix
+    ./hardware-configuration.nix
+  ];
+
+  config = {
+    home-manager.users = builtins.listToAttrs
+      (map (user: { name = user; value = 
+                      ({ imports = [ ./home.nix ../../modules/user ]; });}) config.systemSettings.users);
+    };
+}
--- a/hosts/ori/hardware-configuration.nix
+++ b/hosts/ori/hardware-configuration.nix
@ -0,0 +1,69 @@
+# Do not modify this file!  It was generated by ‘nixos-generate-config’
+# and may be overwritten by future invocations.  Please make changes
+# to /etc/nixos/configuration.nix instead.
+{ config, lib, pkgs, modulesPath, inputs, ... }:
+
+{
+  imports =
+    [ (modulesPath + "/installer/scan/not-detected.nix")
+    ];
+
+  services.fstrim.enable = true;
+  boot.initrd.availableKernelModules = [ "xhci_pci" "ehci_pci" "ahci" "ums_realtek" "sd_mod" "sr_mod" ];
+  boot.initrd.kernelModules = [ ];
+  boot.kernelModules = [ "kvm-intel" ];
+  boot.extraModulePackages = [ ];
+
+  fileSystems."/" =
+    { device = "/dev/disk/by-uuid/ea03d496-2769-485d-b5cb-de0b58cb698c";
+      fsType = "btrfs";
+      options = [ "subvol=@" ];
+    };
+
+  fileSystems."/boot" =
+    { device = "/dev/disk/by-uuid/4F5E-11FB";
+      fsType = "vfat";
+    };
+
+  swapDevices = [ ];
+
+  services.btrfs.autoScrub = {
+    enable = true;
+    interval = "weekly";
+  };
+
+  # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
+  # (the default) this is the recommended approach. When using systemd-networkd it's
+  # still possible to use this option, but it's recommended to use it in conjunction
+  # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
+  networking.useDHCP = lib.mkDefault true;
+  # networking.interfaces.br-df7898ffaebc.useDHCP = lib.mkDefault true;
+  # networking.interfaces.br-e6c4f9058f19.useDHCP = lib.mkDefault true;
+  # networking.interfaces.docker0.useDHCP = lib.mkDefault true;
+  # networking.interfaces.eno1.useDHCP = lib.mkDefault true;
+  # networking.interfaces.veth00e4385.useDHCP = lib.mkDefault true;
+  # networking.interfaces.veth0814d46.useDHCP = lib.mkDefault true;
+  # networking.interfaces.veth329e18d.useDHCP = lib.mkDefault true;
+  # networking.interfaces.veth54f044d.useDHCP = lib.mkDefault true;
+  # networking.interfaces.veth71ad87e.useDHCP = lib.mkDefault true;
+  # networking.interfaces.veth8a14ed4.useDHCP = lib.mkDefault true;
+  # networking.interfaces.veth906e2ca.useDHCP = lib.mkDefault true;
+  # networking.interfaces.veth95a2121.useDHCP = lib.mkDefault true;
+  # networking.interfaces.veth96c8b25.useDHCP = lib.mkDefault true;
+  # networking.interfaces.veth97cb8cc.useDHCP = lib.mkDefault true;
+  # networking.interfaces.veth9f4b444.useDHCP = lib.mkDefault true;
+  # networking.interfaces.vethb88cfbb.useDHCP = lib.mkDefault true;
+  # networking.interfaces.vethc1707ca.useDHCP = lib.mkDefault true;
+  # networking.interfaces.vethec441e8.useDHCP = lib.mkDefault true;
+  # networking.interfaces.vethed69a4e.useDHCP = lib.mkDefault true;
+  # networking.interfaces.vethf0728b9.useDHCP = lib.mkDefault true;
+
+  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
+  hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
+
+  # Enable OpenGL
+  hardware.opengl = {
+    enable = true;
+  };
+
+}
--- a/hosts/ori/home.nix
+++ b/hosts/ori/home.nix
@ -0,0 +1,20 @@
+{ config, lib, pkgs, ... }:
+
+{
+  config = {
+
+    userSettings = {
+      # setup
+      shell = {
+        enable = true;
+        apps.enable = true;
+      };
+      xdg.enable = true;
+
+      # programs
+      ranger.enable = true;
+      git.enable = true;
+    };
+
+  };
+}