diff --git a/README.md b/README.md index ad43840..83e1b99 100644 --- a/README.md +++ b/README.md @@ -1,2 +1,2 @@ -# NixOS configuration for Skipper, Rico1 and Rico2 +# NixOS Configuration diff --git a/flake.nix b/flake.nix index e00632b..aaf8fa9 100644 --- a/flake.nix +++ b/flake.nix @@ -27,10 +27,6 @@ }; }; - nixos-hardware = { - url = "github:NixOS/nixos-hardware"; - }; - nixvim = { url = "github:nix-community/nixvim"; inputs = { @@ -54,7 +50,6 @@ , home-manager , impermanence , lanzaboote - , nixos-hardware , nixvim , flake_env , @@ -103,24 +98,6 @@ } ]; }; - Rico0 = nixpkgs.lib.nixosSystem rec { - system = "aarch64-linux"; - pkgs = import nixpkgs { - inherit system; - config = nixpkgs-config; - }; - specialArgs = inputs // { inherit secrets; }; - modules = [ - { - system.configurationRevision = nixpkgs.lib.mkIf (self ? rev) self.rev; - } - - nixos-hardware.nixosModules.raspberry-pi-4 - - ./common - ./hosts/rico0 - ]; - }; }; } // flake-utils.lib.eachDefaultSystem ( diff --git a/hosts/rico0/containers/default.nix b/hosts/rico0/containers/default.nix deleted file mode 100644 index a3af319..0000000 --- a/hosts/rico0/containers/default.nix +++ /dev/null @@ -1,7 +0,0 @@ -_: { - imports = [ ./pihole.nix ]; - - virtualisation.oci-containers = { - backend = "podman"; - }; -} diff --git a/hosts/rico0/containers/pihole.nix b/hosts/rico0/containers/pihole.nix deleted file mode 100644 index 7ade828..0000000 --- a/hosts/rico0/containers/pihole.nix +++ /dev/null @@ -1,26 +0,0 @@ -_: { - services.caddy.virtualHosts."http://pihole.local.adtya.xyz" = { - extraConfig = '' - reverse_proxy 127.0.0.1:3000 - ''; - }; - virtualisation.oci-containers.containers = { - pihole = { - image = "pihole/pihole:latest"; - hostname = "heimdall"; - environmentFiles = [ - "/var/lib/pihole/.env" - ]; - volumes = [ - "/var/lib/pihole/etc/pihole:/etc/pihole/" - "/var/lib/pihole/etc/dnsmasq.d:/etc/dnsmasq.d/" - ]; - ports = [ - "53:53/tcp" - "53:53/udp" - "67:67/udp" - "3000:80/tcp" - ]; - }; - }; -} diff --git a/hosts/rico0/default.nix b/hosts/rico0/default.nix deleted file mode 100644 index 8b5fb6a..0000000 --- a/hosts/rico0/default.nix +++ /dev/null @@ -1,30 +0,0 @@ -{ ... }: { - imports = [ - ./hardware - ./programs - ./services - ./containers - ./network.nix - ./security.nix - ]; - - i18n = { - defaultLocale = "en_US.UTF-8"; - extraLocaleSettings = { - LC_ADDRESS = "en_US.UTF-8"; - LC_IDENTIFICATION = "en_US.UTF-8"; - LC_MEASUREMENT = "en_US.UTF-8"; - LC_MONETARY = "en_US.UTF-8"; - LC_NAME = "en_US.UTF-8"; - LC_NUMERIC = "en_US.UTF-8"; - LC_PAPER = "en_US.UTF-8"; - LC_TELEPHONE = "en_US.UTF-8"; - LC_TIME = "en_US.UTF-8"; - LC_ALL = "en_US.UTF-8"; - }; - supportedLocales = [ "en_US.UTF-8/UTF-8" ]; - }; - - time.timeZone = "Asia/Kolkata"; - system.stateVersion = "23.11"; -} diff --git a/hosts/rico0/hardware/default.nix b/hosts/rico0/hardware/default.nix deleted file mode 100644 index 5b5ebe2..0000000 --- a/hosts/rico0/hardware/default.nix +++ /dev/null @@ -1,222 +0,0 @@ -{ lib, ... }: { - imports = [ ./filesystem.nix ./kernel.nix ]; - - hardware = { - raspberry-pi."4".apply-overlays-dtmerge.enable = lib.mkDefault true; - deviceTree = { - filter = "bcm2711-rpi-4*.dtb"; - overlays = [ - # Combined equivalent to: - # * https://github.com/raspberrypi/linux/blob/rpi-6.1.y/arch/arm/boot/dts/overlays/rpi-poe-overlay.dts - # * https://github.com/raspberrypi/linux/blob/rpi-6.1.y/arch/arm/boot/dts/overlays/rpi-poe-plus-overlay.dts - { - name = "rpi-poe-plus-overlay"; - dtsText = '' - /* - * Overlay for the Raspberry Pi POE HAT. - */ - /dts-v1/; - /plugin/; - - / { - compatible = "brcm,bcm2711"; - - fragment@0 { - target-path = "/"; - __overlay__ { - fan: pwm-fan { - compatible = "pwm-fan"; - cooling-levels = <0 1 10 100 255>; - #cooling-cells = <2>; - pwms = <&fwpwm 0 80000>; - }; - }; - }; - - fragment@1 { - target = <&cpu_thermal>; - __overlay__ { - polling-delay = <2000>; /* milliseconds */ - }; - }; - - fragment@2 { - target = <&thermal_trips>; - __overlay__ { - trip0: trip0 { - temperature = <55000>; - hysteresis = <2000>; - type = "active"; - }; - trip1: trip1 { - temperature = <58000>; - hysteresis = <2000>; - type = "active"; - }; - trip2: trip2 { - temperature = <61000>; - hysteresis = <2000>; - type = "active"; - }; - trip3: trip3 { - temperature = <64000>; - hysteresis = <5000>; - type = "active"; - }; - }; - }; - - fragment@3 { - target = <&cooling_maps>; - __overlay__ { - map0 { - trip = <&trip0>; - cooling-device = <&fan 0 1>; - }; - map1 { - trip = <&trip1>; - cooling-device = <&fan 1 2>; - }; - map2 { - trip = <&trip2>; - cooling-device = <&fan 2 3>; - }; - map3 { - trip = <&trip3>; - cooling-device = <&fan 3 4>; - }; - }; - }; - - fragment@4 { - target-path = "/__overrides__"; - params: __overlay__ { - poe_fan_temp0 = <&trip0>,"temperature:0"; - poe_fan_temp0_hyst = <&trip0>,"hysteresis:0"; - poe_fan_temp1 = <&trip1>,"temperature:0"; - poe_fan_temp1_hyst = <&trip1>,"hysteresis:0"; - poe_fan_temp2 = <&trip2>,"temperature:0"; - poe_fan_temp2_hyst = <&trip2>,"hysteresis:0"; - poe_fan_temp3 = <&trip3>,"temperature:0"; - poe_fan_temp3_hyst = <&trip3>,"hysteresis:0"; - poe_fan_i2c = <&fwpwm>,"status=disabled", - <&poe_mfd>,"status=okay", - <&fan>,"pwms:0=",<&poe_mfd_pwm>; - }; - }; - - fragment@5 { - target = <&firmware>; - __overlay__ { - fwpwm: pwm { - compatible = "raspberrypi,firmware-poe-pwm"; - #pwm-cells = <2>; - }; - }; - }; - - fragment@6 { - target = <&i2c0>; - i2c_bus: __overlay__ { - #address-cells = <1>; - #size-cells = <0>; - - poe_mfd: poe@51 { - compatible = "raspberrypi,poe-core"; - reg = <0x51>; - status = "disabled"; - - poe_mfd_pwm: poe_pwm@f0 { - compatible = "raspberrypi,poe-pwm"; - reg = <0xf0>; - status = "okay"; - #pwm-cells = <2>; - }; - }; - }; - }; - - fragment@7 { - target = <&i2c0if>; - __dormant__ { - status = "okay"; - }; - }; - - fragment@8 { - target = <&i2c0mux>; - __dormant__ { - status = "okay"; - }; - }; - - __overrides__ { - poe_fan_temp0 = <&trip0>,"temperature:0"; - poe_fan_temp0_hyst = <&trip0>,"hysteresis:0"; - poe_fan_temp1 = <&trip1>,"temperature:0"; - poe_fan_temp1_hyst = <&trip1>,"hysteresis:0"; - poe_fan_temp2 = <&trip2>,"temperature:0"; - poe_fan_temp2_hyst = <&trip2>,"hysteresis:0"; - poe_fan_temp3 = <&trip3>,"temperature:0"; - poe_fan_temp3_hyst = <&trip3>,"hysteresis:0"; - i2c = <0>, "+5+6", - <&fwpwm>,"status=disabled", - <&i2c_bus>,"status=okay", - <&poe_mfd>,"status=okay", - <&fan>,"pwms:0=",<&poe_mfd_pwm>; - }; - }; - - // SPDX-License-Identifier: (GPL-2.0 OR MIT) - // Overlay for the Raspberry Pi PoE+ HAT. - - / { - compatible = "brcm,bcm2711"; - - fragment@10 { - target-path = "/"; - __overlay__ { - rpi_poe_power_supply: rpi-poe-power-supply { - compatible = "raspberrypi,rpi-poe-power-supply"; - firmware = <&firmware>; - status = "okay"; - }; - }; - }; - fragment@11 { - target = <&poe_mfd>; - __overlay__ { - rpi-poe-power-supply@f2 { - compatible = "raspberrypi,rpi-poe-power-supply"; - reg = <0xf2>; - status = "okay"; - }; - }; - }; - - __overrides__ { - i2c = <0>, "+5+6", - <&fwpwm>,"status=disabled", - <&rpi_poe_power_supply>,"status=disabled", - <&i2c_bus>,"status=okay", - <&poe_mfd>,"status=okay", - <&fan>,"pwms:0=",<&poe_mfd_pwm>; - }; - }; - - &fan { - cooling-levels = <0 32 64 128 255>; - }; - - ¶ms { - poe_fan_i2c = <&fwpwm>,"status=disabled", - <&rpi_poe_power_supply>,"status=disabled", - <&poe_mfd>,"status=okay", - <&fan>,"pwms:0=",<&poe_mfd_pwm>; - }; - ''; - } - ]; - }; - }; -} diff --git a/hosts/rico0/hardware/filesystem.nix b/hosts/rico0/hardware/filesystem.nix deleted file mode 100644 index 8cc3afb..0000000 --- a/hosts/rico0/hardware/filesystem.nix +++ /dev/null @@ -1,11 +0,0 @@ -_: { - fileSystems."/" = { - device = "/dev/disk/by-partlabel/NIXOS_ROOT"; - fsType = "btrfs"; - options = [ "noatime" "compress=zstd" ]; - }; - fileSystems."/boot" = { - device = "/dev/disk/by-partlabel/ESP"; - fsType = "vfat"; - }; -} diff --git a/hosts/rico0/hardware/kernel.nix b/hosts/rico0/hardware/kernel.nix deleted file mode 100644 index 6247463..0000000 --- a/hosts/rico0/hardware/kernel.nix +++ /dev/null @@ -1,5 +0,0 @@ -{ lib -, ... -}: { - powerManagement.cpuFreqGovernor = lib.mkDefault "performance"; -} diff --git a/hosts/rico0/network.nix b/hosts/rico0/network.nix deleted file mode 100644 index 72a10ac..0000000 --- a/hosts/rico0/network.nix +++ /dev/null @@ -1,18 +0,0 @@ -{ lib, ... }: { - networking = { - hostName = "Rico0"; - - networkmanager = { - enable = true; - dhcp = "dhcpcd"; - appendNameservers = [ - "2620:fe::fe" - "9.9.9.9" - "2620:fe::9" - "149.112.112.112" - ]; - }; - - useDHCP = lib.mkDefault false; - }; -} diff --git a/hosts/rico0/programs/default.nix b/hosts/rico0/programs/default.nix deleted file mode 100644 index dfffea1..0000000 --- a/hosts/rico0/programs/default.nix +++ /dev/null @@ -1,13 +0,0 @@ -{ pkgs, ... }: { - imports = [ - ./neovim.nix - ./starship.nix - ./zsh.nix - ]; - - programs.git.enable = true; - - environment.systemPackages = with pkgs; [ - git-crypt - ]; -} diff --git a/hosts/rico0/programs/neovim.nix b/hosts/rico0/programs/neovim.nix deleted file mode 100644 index a70af6e..0000000 --- a/hosts/rico0/programs/neovim.nix +++ /dev/null @@ -1,8 +0,0 @@ -_: { - programs.neovim = { - enable = true; - defaultEditor = true; - viAlias = true; - vimAlias = true; - }; -} diff --git a/hosts/rico0/programs/starship.nix b/hosts/rico0/programs/starship.nix deleted file mode 100644 index 3de1b05..0000000 --- a/hosts/rico0/programs/starship.nix +++ /dev/null @@ -1,8 +0,0 @@ -_: { - programs.starship = { - enable = true; - settings = { - add_newline = false; - }; - }; -} diff --git a/hosts/rico0/programs/zsh.nix b/hosts/rico0/programs/zsh.nix deleted file mode 100644 index 53468ac..0000000 --- a/hosts/rico0/programs/zsh.nix +++ /dev/null @@ -1,10 +0,0 @@ -_: { - programs = { - zsh = { - enable = true; - autosuggestions.enable = true; - syntaxHighlighting.enable = true; - }; - }; - environment.pathsToLink = [ "/share/zsh" ]; -} diff --git a/hosts/rico0/security.nix b/hosts/rico0/security.nix deleted file mode 100644 index 9cca61a..0000000 --- a/hosts/rico0/security.nix +++ /dev/null @@ -1,15 +0,0 @@ -_: { - security = { - apparmor = { - enable = true; - enableCache = true; - }; - audit.enable = true; - auditd.enable = true; - sudo = { - wheelNeedsPassword = false; - }; - polkit.enable = true; - rtkit.enable = true; - }; -} diff --git a/hosts/rico0/services/btrfs.nix b/hosts/rico0/services/btrfs.nix deleted file mode 100644 index 63754d4..0000000 --- a/hosts/rico0/services/btrfs.nix +++ /dev/null @@ -1,6 +0,0 @@ -_: { - services.btrfs.autoScrub = { - enable = true; - interval = "weekly"; - }; -} diff --git a/hosts/rico0/services/caddy.nix b/hosts/rico0/services/caddy.nix deleted file mode 100644 index d6a01d3..0000000 --- a/hosts/rico0/services/caddy.nix +++ /dev/null @@ -1,9 +0,0 @@ -{ config -, secrets -, ... -}: { - services.caddy = { - enable = true; - inherit (secrets.caddy_config) email; - }; -} diff --git a/hosts/rico0/services/default.nix b/hosts/rico0/services/default.nix deleted file mode 100644 index 1c2ad5f..0000000 --- a/hosts/rico0/services/default.nix +++ /dev/null @@ -1,9 +0,0 @@ -_: { - imports = [ - ./btrfs.nix - ./caddy.nix - ./frpc.nix - ./ssh.nix - ]; - -} diff --git a/hosts/rico0/services/frpc.nix b/hosts/rico0/services/frpc.nix deleted file mode 100644 index 9aaf0c8..0000000 --- a/hosts/rico0/services/frpc.nix +++ /dev/null @@ -1,19 +0,0 @@ -{ secrets, ... }: { - services.frp = { - enable = true; - role = "client"; - settings = { - "common" = { - inherit (secrets.frp_config) server_addr token; - server_port = 7000; - authentication_method = "token"; - }; - - "ssh.rico0" = { - type = "tcp"; - local_port = 22; - remote_port = 6000; - }; - }; - }; -} diff --git a/hosts/rico0/services/ssh.nix b/hosts/rico0/services/ssh.nix deleted file mode 100644 index dc87d2f..0000000 --- a/hosts/rico0/services/ssh.nix +++ /dev/null @@ -1,9 +0,0 @@ -_: { - services.openssh = { - enable = true; - settings = { - PermitRootLogin = "no"; - PasswordAuthentication = false; - }; - }; -}