diff --git a/flake.nix b/flake.nix index a66890c..d800099 100644 --- a/flake.nix +++ b/flake.nix @@ -114,18 +114,6 @@ ./hosts/muos/configuration.nix ]; }; - ksiOS = nixpkgs.lib.nixosSystem { - specialArgs = { - inherit inputs; - inherit nix-colors; - }; - modules = [ - disko.nixosModules.disko - inputs.mailserver.nixosModules.default - inputs.home-manager.nixosModules.default - ./hosts/ksios/configuration.nix - ]; - }; }; nixosModules = { automapaper = ./modules/automapaper; diff --git a/hosts/ksios/configuration.nix b/hosts/ksios/configuration.nix deleted file mode 100644 index dd9a8a7..0000000 --- a/hosts/ksios/configuration.nix +++ /dev/null @@ -1,211 +0,0 @@ -# Edit this configuration file to define what should be installed on -# your system. Help is available in the configuration.nix(5) man page, on -# https://search.nixos.org/options and in the NixOS manual (`nixos-help`). - -{ modulesPath, pkgs, inputs, lib, nix-colors, ... }: -{ - imports = - [ - # Include the results of the hardware scan. - ./hardware-configuration.nix - ./disk-config.nix - inputs.home-manager.nixosModules.default - (modulesPath + "/installer/scan/not-detected.nix") - (modulesPath + "/profiles/qemu-guest.nix") - - ../../common - ]; - - # LOVE me some blob - hardware.enableRedistributableFirmware = true; - hardware.enableAllFirmware = true; - - networking = { - hostName = "ksiOS"; # Define your hostname. - networkmanager.enable = true; # Easiest to use and most distros use this by default. - }; - - # Set your time zone. - time.timeZone = "Europe/Amsterdam"; - - # Configure network proxy if necessary - # networking.proxy.default = "http://user:password@proxy:port/"; - # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain"; - - - # Define a user account. Don't forget to set a password with ‘passwd’. - users.defaultUserShell = pkgs.zsh; - users.users = { - noa = { - isNormalUser = true; - extraGroups = [ "networkmanager" "wheel" "docker" "libvirt" ]; - openssh.authorizedKeys.keys = [ - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDmUSRs2akTTWtiaCcB5PNaLFJlwZmvD8YEZp2R4SQ56gj1xddZ0QP8XQIqRd6cmkaGzS9QzNpo03mlaOUTItFarp+OJh7oe9DcqpLR7+30mdLJgmYC6SOm/Upm9jZbl+YVuRbCWUXJ8pgKeJ+GseiKUx/3nPFPJ17Z7xV1GwPBVDxE4F3TVF/JFn6NYE0NF0I35lYUT8JOrmr7r2+VYBt9Pbqta7G6afTl4ETX/pDDiEHQAsf5dUvF/FdAUp50DMVqC81xPlx/ajMzI4thssA8CkUDZdns7WhWSvDuyCz6bRZhnBqJ0oM9clhljhVq7eAScAEH4mM0XEexlE5NUmGqLZJT7NZIX+SRhxtKMTZBY3y6w6cxgNMo8lAhp0d1mlSmBEB1cvlCr38ZtcAyYA1m3vHwnJ4vsbCxxGZeTyLY+mZC4dFcSSyc+P3DtxBle7q6F/Qc9K53I454YsUVHTzD/K1A6r75/6igQBKEoGScVQX5qFLFWOu0k1hOEV3mT3jzP48l5iEz6whdO0EKbHJT3vvM+vj3zLzJ9YeSTDbxTE0AhMNt17yICB/vX1Fi/SwlwjYgUQnwiKbqkOaT5ZTxcqcv3x0EyTdq43J1TEWcAKUW7nlcQ9rwJnwg6MfUKE/cawwPUqGp8WTbavX4/IX/k+jQsuI9XvZ9Y96ilLhTRw== openpgp:0xD85CD295" - ]; - hashedPassword = "$6$rounds=512400$g/s4dcRttXi4ux6c$Z6pKnhJXcWxv0TBSMtvJu5.piETdUBSgBVN7oDPKiQV.lbTYz1r.0XQLwMYxzcvaaX0DL6Iw/SEUTiC2M50wC/"; - }; - }; - - # Allow unfree packages - nixpkgs.config.allowUnfree = true; - - # List packages installed in system profile. To search, run: - # $ nix search wget - environment = { - systemPackages = with pkgs; [ - sddm - git - zsh - ]; - }; - - programs.zsh.enable = true; - - home-manager = { - extraSpecialArgs = { - inherit inputs; - inherit nix-colors; - }; - users = { - "noa" = import ./home.nix; - "root" = import ./root.nix; - }; - }; - - systemd.timers."update-from-flake" = { - wantedBy = [ "timers.target" ]; - timerConfig = { - OnCalendar = "daily"; - Persistent = true; - }; - }; - - systemd.services."update-from-flake" = { - path = with pkgs; [ - nixos-rebuild - ]; - script = ''nixos-rebuild switch --flake github:itepastra/nixconf''; - serviceConfig = { - Type = "oneshot"; - User = "root"; - }; - wants = [ - "network-online.target" - ]; - after = [ - "network-online.target" - ]; - }; - - services = { - openssh = { - enable = true; - settings.PasswordAuthentication = false; - settings.KbdInteractiveAuthentication = false; - }; - nginx = { - enable = true; - package = pkgs.nginx.override { - modules = [ pkgs.nginxModules.brotli ]; - }; - - - recommendedOptimisation = true; - recommendedProxySettings = true; - recommendedTlsSettings = true; - recommendedBrotliSettings = true; - sslCiphers = "AES256+EECDH:AES256+EDH:!aNULL"; - - virtualHosts = { - "mail.itepastra.nl" = { - forceSSL = true; - enableACME = true; - }; - }; - }; - roundcube = { - enable = true; - hostName = "mail.itepastra.nl"; - extraConfig = '' - # starttls needed for authentication, so the fqdn required to match - # the certificate - $config['smtp_server'] = "tls://mail.itepastra.nl"; - $config['smtp_user'] = "%u"; - $config['smtp_pass'] = "%p"; - ''; - }; - postfix = { - relayHost = "mail.voorwaarts.nl"; - relayPort = 587; - }; - }; - - mailserver = { - enable = true; - fqdn = "mail.itepastra.nl"; - domains = [ "itepastra.nl" ]; - debug = true; - hierarchySeparator = "/"; - - - loginAccounts = { - "noa@itepastra.nl" = { - hashedPasswordFile = "/etc/passwords/noa@itepastra.nl"; - aliases = [ "@itepastra.nl" ]; - }; - }; - - certificateScheme = "acme"; - acmeCertificateName = "mail.itepastra.nl"; - }; - - security.acme = { - acceptTerms = true; - defaults.email = "noa@voorwaarts.nl"; - certs = { - "mail.itepastra.nl".extraDomainNames = [ ]; - }; - }; - - # Open ports in the firewall. - networking.firewall.allowedTCPPorts = [ - 22 # ssh - 80 # http - 443 # https - - 587 - 25 - ]; - networking.firewall.allowedUDPPorts = [ - 22 # ssh - 80 # http - 443 # https - ]; - # Or disable the firewall altogether. - # networking.firewall.enable = false; - - # Copy the NixOS configuration file and link it from the resulting system - # (/run/current-system/configuration.nix). This is useful in case you - # accidentally delete configuration.nix. - # system.copySystemConfiguration = true; - - # This option defines the first version of NixOS you have installed on this particular machine, - # and is used to maintain compatibility with application data (e.g. databases) created on older NixOS versions. - # - # Most users should NEVER change this value after the initial install, for any reason, - # even if you've upgraded your system to a new NixOS release. - # - # This value does NOT affect the Nixpkgs version your packages and OS are pulled from, - # so changing it will NOT upgrade your system - see https://nixos.org/manual/nixos/stable/#sec-upgrading for how - # to actually do that. - # - # This value being lower than the current NixOS release does NOT mean your system is - # out of date, out of support, or vulnerable. - # - # Do NOT change this value unless you have manually inspected all the changes it would make to your configuration, - # and migrated your data accordingly. - # - # For more information, see `man configuration.nix` or https://nixos.org/manual/nixos/stable/options#opt-system.stateVersion . - system.stateVersion = "24.05"; # Did you read the comment? - -} diff --git a/hosts/ksios/disk-config.nix b/hosts/ksios/disk-config.nix deleted file mode 100644 index 1276778..0000000 --- a/hosts/ksios/disk-config.nix +++ /dev/null @@ -1,36 +0,0 @@ -# Example to create a bios compatible gpt partition -{ lib, ... }: -{ - disko.devices = { - disk.nixos = { - device = lib.mkDefault "/dev/xvda"; - type = "disk"; - content = { - type = "gpt"; - partitions = { - esp = { - name = "ESP"; - size = "500M"; - type = "EF00"; - content = { - type = "filesystem"; - format = "vfat"; - mountpoint = "/boot"; - }; - }; - root = { - size = "100%"; - content = { - type = "filesystem"; - format = "ext4"; - mountpoint = "/"; - mountOptions = [ - "defaults" - ]; - }; - }; - }; - }; - }; - }; -} diff --git a/hosts/ksios/hardware-configuration.nix b/hosts/ksios/hardware-configuration.nix deleted file mode 100644 index dca24c8..0000000 --- a/hosts/ksios/hardware-configuration.nix +++ /dev/null @@ -1,25 +0,0 @@ -# Do not modify this file! It was generated by ‘nixos-generate-config’ -# and may be overwritten by future invocations. Please make changes -# to /etc/nixos/configuration.nix instead. -{ config, lib, pkgs, modulesPath, ... }: - -{ - imports = - [ - (modulesPath + "/installer/scan/not-detected.nix") - ]; - - boot.initrd.availableKernelModules = [ ]; - boot.initrd.kernelModules = [ ]; - boot.kernelModules = [ ]; - boot.extraModulePackages = [ ]; - - # Enables DHCP on each ethernet and wireless interface. In case of scripted networking - # (the default) this is the recommended approach. When using systemd-networkd it's - # still possible to use this option, but it's recommended to use it in conjunction - # with explicit per-interface declarations with `networking.interfaces..useDHCP`. - networking.useDHCP = lib.mkDefault true; - # networking.interfaces.enp42s0.useDHCP = lib.mkDefault true; - - nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; -} diff --git a/hosts/ksios/home.nix b/hosts/ksios/home.nix deleted file mode 100644 index 661820e..0000000 --- a/hosts/ksios/home.nix +++ /dev/null @@ -1,96 +0,0 @@ -{ config, pkgs, mineflake, inputs, ... }: - -{ - imports = - [ - ../../modules/applications - ../../common/nvim/nvim.nix - ]; - # Home Manager needs a bit of information about you and the paths it should - # manage. - home.username = "noa"; - home.homeDirectory = "/home/noa"; - - # This value determines the Home Manager release that your configuration is - # compatible with. This helps avoid breakage when a new Home Manager release - # introduces backwards incompatible changes. - # - # You should not change this value, even if you update Home Manager. If you do - # want to update the value, then make sure to first check the Home Manager - # release notes. - home.stateVersion = "23.11"; # Please read the comment before changing. - - nixpkgs.config.allowUnfree = true; - - # The home.packages option allows you to install Nix packages into your - # environment. - home.packages = with pkgs; [ - file - unzip - zip - - dig - mtr - - btop - lsd - - lm_sensors - ]; - - modules = { - apps.git = { - enable = true; - name = "Noa Aarts"; - email = "noa@voorwaarts.nl"; - }; - apps.zsh.enable = true; - }; - - # Home Manager is pretty good at managing dotfiles. The primary way to manage - # plain files is through 'home.file'. - home.file = { - # # Building this configuration will create a copy of 'dotfiles/screenrc' in - # # the Nix store. Activating the configuration will then make '~/.screenrc' a - # # symlink to the Nix store copy. - # ".screenrc".source = dotfiles/screenrc; - - # # You can also set the file content immediately. - # ".gradle/gradle.properties".text = '' - # org.gradle.console=verbose - # org.gradle.daemon.idletimeout=3600000 - # ''; - }; - - # Home Manager can also manage your environment variables through - # 'home.sessionVariables'. If you don't want to manage your shell through Home - # Manager then you have to manually source 'hm-session-vars.sh' located at - # either - # - # ~/.nix-profile/etc/profile.d/hm-session-vars.sh - # - # or - # - # ~/.local/state/nix/profiles/profile/etc/profile.d/hm-session-vars.sh - # - # or - # - # /etc/profiles/per-user/noa/etc/profile.d/hm-session-vars.sh - # - - home.sessionVariables = { - EDITOR = "nvim"; - }; - - xdg = { - enable = true; - }; - - xdg.userDirs = { - enable = true; - createDirectories = true; - }; - - # Let Home Manager install and manage itself. - programs.home-manager.enable = true; -} diff --git a/hosts/ksios/root.nix b/hosts/ksios/root.nix deleted file mode 100644 index adc2a43..0000000 --- a/hosts/ksios/root.nix +++ /dev/null @@ -1,77 +0,0 @@ -{ config, pkgs, inputs, ... }: - -{ - imports = - [ - ../../common/nvim/nvim.nix - ]; - # Home Manager needs a bit of information about you and the paths it should - # manage. - home.username = "root"; - home.homeDirectory = "/root"; - - # This value determines the Home Manager release that your configuration is - # compatible with. This helps avoid breakage when a new Home Manager release - # introduces backwards incompatible changes. - # - # You should not change this value, even if you update Home Manager. If you do - # want to update the value, then make sure to first check the Home Manager - # release notes. - home.stateVersion = "23.11"; # Please read the comment before changing. - - nixpkgs.config.allowUnfree = true; - - # The home.packages option allows you to install Nix packages into your - # environment. - home.packages = with pkgs; [ - file - unzip - zip - - dig - mtr - - lsd - ]; - - - # Home Manager is pretty good at managing dotfiles. The primary way to manage - # plain files is through 'home.file'. - home.file = { - # # Building this configuration will create a copy of 'dotfiles/screenrc' in - # # the Nix store. Activating the configuration will then make '~/.screenrc' a - # # symlink to the Nix store copy. - # ".screenrc".source = dotfiles/screenrc; - - # # You can also set the file content immediately. - # ".gradle/gradle.properties".text = '' - # org.gradle.console=verbose - # org.gradle.daemon.idletimeout=3600000 - # ''; - }; - - # Home Manager can also manage your environment variables through - # 'home.sessionVariables'. If you don't want to manage your shell through Home - # Manager then you have to manually source 'hm-session-vars.sh' located at - # either - # - # ~/.nix-profile/etc/profile.d/hm-session-vars.sh - # - # or - # - # ~/.local/state/nix/profiles/profile/etc/profile.d/hm-session-vars.sh - # - # or - # - # /etc/profiles/per-user/noa/etc/profile.d/hm-session-vars.sh - # - home.sessionVariables = { - EDITOR = "nvim"; - }; - - xdg.userDirs.enable = true; - xdg.userDirs.createDirectories = true; - - # Let Home Manager install and manage itself. - programs.home-manager.enable = true; -}