diff --git a/config/hosts/boline/configuration.nix b/config/hosts/boline/configuration.nix new file mode 100644 index 00000000..2ab8b74d --- /dev/null +++ b/config/hosts/boline/configuration.nix @@ -0,0 +1,29 @@ +{ config, pkgs, ... }: + +{ + imports = [ + ./hardware-configuration.nix + #./wireguard.nix + ]; + + #meta.deploy.profiles = []; + meta.deploy.ssh.host = "boline.kittywit.ch"; + + boot.loader.grub.enable = true; + boot.loader.grub.version = 2; + boot.loader.grub.device = "/dev/vda"; + + networking.hostId = "0417b551"; + networking.hostName = "boline"; + + networking.useDHCP = false; + networking.interfaces.ens3.ipv4.addresses = [ { + address = "104.244.73.10"; + prefixLength = 24; + }]; + networking.defaultGateway = "104.244.73.1"; + networking.nameservers = [ "1.1.1.1" ]; + + system.stateVersion = "20.09"; +} + diff --git a/config/hosts/boline/hardware-configuration.nix b/config/hosts/boline/hardware-configuration.nix new file mode 100644 index 00000000..7d775527 --- /dev/null +++ b/config/hosts/boline/hardware-configuration.nix @@ -0,0 +1,22 @@ +{ config, lib, pkgs, modulesPath, ... }: + +{ + imports = + [ (modulesPath + "/profiles/qemu-guest.nix") + ]; + + boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "virtio_pci" "sr_mod" "virtio_blk" ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ "kvm-amd" ]; + boot.extraModulePackages = [ ]; + + fileSystems."/" = + { device = "/dev/disk/by-uuid/e0a9f76a-5eed-4dd3-a5a6-a93006f7d526"; + fsType = "ext4"; + }; + + swapDevices = + [ { device = "/dev/disk/by-uuid/cf122d6d-eca9-44f5-b655-85aaf5b2e6af"; } + ]; + +} \ No newline at end of file diff --git a/config/hosts/boline/wireguard.nix b/config/hosts/boline/wireguard.nix new file mode 100644 index 00000000..4f2cd32b --- /dev/null +++ b/config/hosts/boline/wireguard.nix @@ -0,0 +1,35 @@ +{ config, pkgs, ... }: + +{ + networking.nat.enable = true; + networking.nat.externalInterface = "ens3"; + networking.nat.internalInterfaces = [ "wg0" ]; + + networking.firewall = { + allowedUDPPorts = [ 51820 ]; + }; + + networking.wireguard.interfaces = { + wg0 = { + ips = [ "10.100.0.1/24" ]; + + listenPort = 51820; + + postSetup = '' + ${pkgs.iptables}/bin/iptables -t nat -A POSTROUTING -s 10.100.0.0/24 -o eth0 -j MASQUERADE + ''; + postShutdown = '' + ${pkgs.iptables}/bin/iptables -t nat -D POSTROUTING -s 10.100.0.0/24 -o eth0 -j MASQUERADE + ''; + + privateKeyFile = "/var/secrets/wireguard-private"; + + peers = [ + { + publicKey = "{client public key}"; + allowedIPs = [ "10.100.0.2/32" ]; + } + ]; + }; + }; +} \ No newline at end of file diff --git a/config/hosts/samhain/configuration.nix b/config/hosts/samhain/configuration.nix index a4e15c32..0760f3f4 100644 --- a/config/hosts/samhain/configuration.nix +++ b/config/hosts/samhain/configuration.nix @@ -92,7 +92,7 @@ description = "Scream - Audio forwarding from the VM."; serviceConfig = { ExecStart = - "${pkgs.nur.repos.arc.packages.scream-arc}/bin/scream -i virbr0 -o alsa"; + "${pkgs.nur.repos.arc.packages.scream-arc}/bin/scream -i virbr0 -o pulse"; Restart = "always"; }; }; diff --git a/config/profiles/common/default.nix b/config/profiles/common/default.nix index 2c59809f..1035b37c 100644 --- a/config/profiles/common/default.nix +++ b/config/profiles/common/default.nix @@ -25,8 +25,11 @@ in { nix.gc.automatic = lib.mkDefault true; nix.gc.options = lib.mkDefault "--delete-older-than 1w"; nix.trustedUsers = [ "root" "@wheel" ]; - environment.variables.EDITOR = "kak"; - + environment.variables = { + EDITOR = "kak"; + TERMINFO_DIRS = "${pkgs.kitty.terminfo.outPath}/share/terminfo"; + }; + services.openssh.enable = true; services.openssh.ports = lib.mkDefault [ 62954 ]; services.openssh.passwordAuthentication = false; @@ -49,12 +52,12 @@ in { htop ripgrep git + kitty.terminfo mprime wget rsync pv progress - ffmpeg-full bc zstd file diff --git a/config/profiles/common/pbb.nix b/config/profiles/common/pbb.nix deleted file mode 100644 index f0ebb9fc..00000000 --- a/config/profiles/common/pbb.nix +++ /dev/null @@ -1,10 +0,0 @@ -let - pbbNixfiles = fetchGit { - url = "https://git.petabyte.dev/petabyteboy/nixfiles"; - rev = "4b0275db7842fda45dcc007d87b6274c4e63382b"; - }; -in { - imports = [ "${pbbNixfiles}/modules" ]; - nixpkgs.overlays = - [ (self: super: import "${pbbNixfiles}/pkgs" { nixpkgs = super.path; }) ]; -} diff --git a/config/profiles/desktop/default.nix b/config/profiles/desktop/default.nix index 0d4dc501..dcd1d5fc 100644 --- a/config/profiles/desktop/default.nix +++ b/config/profiles/desktop/default.nix @@ -24,6 +24,7 @@ in { pkgs.avidemux pkgs.gnome3.networkmanagerapplet pkgs.vlc + pkgs.ffmpeg-full unstable.syncplay unstable.youtube-dl unstable.google-chrome diff --git a/config/users/kat/default.nix b/config/users/kat/default.nix index 2fa1bd2a..cd5acf70 100644 --- a/config/users/kat/default.nix +++ b/config/users/kat/default.nix @@ -60,6 +60,7 @@ "litha" = { hostname = "192.168.1.240"; } // kat; "yule" = { hostname = "192.168.1.92"; } // kat; "mabon" = { hostname = "192.168.1.218"; } // kat; + "boline" = { hostname = "boline.kittywit.ch"; } // kat; }; }; diff --git a/pkgs/default.nix b/pkgs/default.nix index de16518e..c3490da4 100644 --- a/pkgs/default.nix +++ b/pkgs/default.nix @@ -10,6 +10,10 @@ let dino = callPackage "${sources.qyliss-nixlib}/overlays/patches/dino" { inherit (pkgs) dino; }; + + discord = pkgs.discord.override { + nss = pkgs.nss_latest; + }; linuxPackagesFor = kernel: (pkgs.linuxPackagesFor kernel).extend (_: ksuper: {