From 90c54353d4f301a51ceae7591d11d5edd3dc880f Mon Sep 17 00:00:00 2001 From: Austin Horstman Date: Sun, 8 Dec 2024 15:44:27 -0600 Subject: [PATCH] WIP --- .../x86_64-linux/bruddy@bruddynix/default.nix | 102 ++++++++++++++++++ modules/nixos/services/openssh/default.nix | 4 +- systems/x86_64-linux/bruddynix/default.nix | 6 +- systems/x86_64-linux/bruddynix/disks.nix | 4 +- systems/x86_64-linux/bruddynix/hardware.nix | 6 +- 5 files changed, 114 insertions(+), 8 deletions(-) create mode 100644 homes/x86_64-linux/bruddy@bruddynix/default.nix diff --git a/homes/x86_64-linux/bruddy@bruddynix/default.nix b/homes/x86_64-linux/bruddy@bruddynix/default.nix new file mode 100644 index 000000000..a57b8a1eb --- /dev/null +++ b/homes/x86_64-linux/bruddy@bruddynix/default.nix @@ -0,0 +1,102 @@ +{ + config, + lib, + namespace, + ... +}: +let + inherit (lib.${namespace}) enabled disabled; +in +{ + khanelinix = { + user = { + enable = true; + # inherit (config.snowfallorg.user) name; + name = "bruddy"; + }; + + programs = { + graphical = { + browsers = { + firefox = { + gpuAcceleration = true; + hardwareDecoding = true; + settings = { + # "dom.ipc.processCount.webIsolated" = 9; + # "dom.maxHardwareConcurrency" = 16; + "media.av1.enabled" = false; + # "media.ffvpx.enabled" = false; + # "media.hardware-video-decoding.force-enabled" = true; + "media.hardwaremediakeys.enabled" = true; + }; + }; + }; + }; + + terminal = { + media = { + ncmpcpp = disabled; + }; + tools = { + git = { + enable = true; + }; + + run-as-service = enabled; + + ssh = { + enable = true; + + authorizedKeys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEpfTVxQKmkAYOrsnroZoTk0LewcBIC4OjlsoJY6QbB0" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINBG8l3jQ2EPLU+BlgtaQZpr4xr97n2buTLAZTxKHSsD" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIM7UBwfd7+K0mdkAIb2TE6RzMu6L4wZnG/anuoYqJMPB" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJAZIwy7nkz8CZYR/ZTSNr+7lRBW2AYy1jw06b44zaID" + ]; + }; + }; + }; + }; + + services = { + mpd = { + musicDirectory = "nfs://austinserver.local/mnt/user/data/media/music"; + }; + + # sops = { + # enable = true; + # defaultSopsFile = lib.snowfall.fs.get-file "secrets/khanelinix/khaneliman/default.yaml"; + # sshKeyPaths = [ "${config.home.homeDirectory}/.ssh/id_ed25519" ]; + # }; + }; + + system = { + xdg = enabled; + }; + + suites = { + art = enabled; + business = enabled; + common = enabled; + desktop = enabled; + + development = { + enable = true; + + gameEnable = true; + nixEnable = true; + }; + + emulation = enabled; + games = enabled; + music = enabled; + networking = enabled; + photo = enabled; + video = enabled; + }; + + theme.catppuccin = enabled; + }; + + home.stateVersion = "24.11"; +} diff --git a/modules/nixos/services/openssh/default.nix b/modules/nixos/services/openssh/default.nix index ea574ed80..07b7764fa 100644 --- a/modules/nixos/services/openssh/default.nix +++ b/modules/nixos/services/openssh/default.nix @@ -92,9 +92,9 @@ in ]; settings = { - AuthenticationMethods = "publickey"; + # AuthenticationMethods = "publickey"; ChallengeResponseAuthentication = "no"; - PasswordAuthentication = false; + PasswordAuthentication = true; PermitRootLogin = if format == "install-iso" then "yes" else "no"; PubkeyAuthentication = "yes"; StreamLocalBindUnlink = "yes"; diff --git a/systems/x86_64-linux/bruddynix/default.nix b/systems/x86_64-linux/bruddynix/default.nix index dac5a15be..97b125998 100644 --- a/systems/x86_64-linux/bruddynix/default.nix +++ b/systems/x86_64-linux/bruddynix/default.nix @@ -68,6 +68,8 @@ in "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINBG8l3jQ2EPLU+BlgtaQZpr4xr97n2buTLAZTxKHSsD" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIM7UBwfd7+K0mdkAIb2TE6RzMu6L4wZnG/anuoYqJMPB" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJAZIwy7nkz8CZYR/ZTSNr+7lRBW2AYy1jw06b44zaID" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFuMXeT21L3wnxnuzl0rKuE5+8inPSi8ca/Y3ll4s9pC" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKEilFPAgSUwW3N7PTvdTqjaV2MD3cY2oZGKdaS7ndKB" ]; # TODO: make part of ssh config proper @@ -93,7 +95,7 @@ in system = { boot = { enable = true; - secureBoot = true; + # secureBoot = true; plymouth = true; silentBoot = true; }; @@ -107,6 +109,8 @@ in realtime = enabled; time = enabled; }; + + user.name = "bruddy"; }; nix.settings = { diff --git a/systems/x86_64-linux/bruddynix/disks.nix b/systems/x86_64-linux/bruddynix/disks.nix index dd8353111..97cd13365 100644 --- a/systems/x86_64-linux/bruddynix/disks.nix +++ b/systems/x86_64-linux/bruddynix/disks.nix @@ -6,7 +6,7 @@ content = { type = "gpt"; partitions = { - ESP = { + EFI = { size = "1G"; type = "EF00"; content = { @@ -16,7 +16,7 @@ mountOptions = [ "umask=0077" ]; extraArgs = [ "-n" - "ESP" + "EFI" ]; }; }; diff --git a/systems/x86_64-linux/bruddynix/hardware.nix b/systems/x86_64-linux/bruddynix/hardware.nix index 55be8f921..e52ab389c 100644 --- a/systems/x86_64-linux/bruddynix/hardware.nix +++ b/systems/x86_64-linux/bruddynix/hardware.nix @@ -33,7 +33,7 @@ # }; # # "/boot" = { - # device = "/dev/disk/by-label/ESP"; + # device = "/dev/disk/by-label/EFI"; # fsType = "vfat"; # options = [ # "fmask=0077" @@ -41,9 +41,9 @@ # ]; # }; # }; - + # # swapDevices = [ { device = "/dev/disk/by-label/swap"; } ]; - + # hardware = { enableRedistributableFirmware = true; };