adding rp host

2025-08-16 10:04:19 +02:00
parent b6baf2be86
commit 918215f25b
10 changed files with 472 additions and 47 deletions
--- a/flake.lock
+++ b/flake.lock
@@ -123,11 +123,11 @@
        "rust-overlay": "rust-overlay"
      },
      "locked": {
-        "lastModified": 1755169038,
+        "lastModified": 1755261355,
-        "narHash": "sha256-lIAE8ou7ukvoOE0nZ2lNcl/n8mnj6m2cGsx9U7Xhew4=",
+        "narHash": "sha256-RQVhOuwfLSB64CMv8GMfBFZ2PXmIVleZeZskItqgD5o=",
        "owner": "chaotic-cx",
        "repo": "nyx",
-        "rev": "5efc0389eaca14046e1ee2068bcba6fe64cf6e2e",
+        "rev": "766a57635e5afd201c5d918087e5f9c9f63bfed1",
        "type": "github"
      },
      "original": {
@@ -182,11 +182,11 @@
        "rust-analyzer-src": "rust-analyzer-src"
      },
      "locked": {
-        "lastModified": 1755153894,
+        "lastModified": 1755240331,
-        "narHash": "sha256-DEKeIg3MQy5GMFiFRUzcx1hGGBN2ypUPTo0jrMAdmH4=",
+        "narHash": "sha256-wEtw76+R/TOHEIjYOnxADC91G6s422HGruAngbjzsDw=",
        "owner": "nix-community",
        "repo": "fenix",
-        "rev": "f6874c6e512bc69d881d979a45379b988b80a338",
+        "rev": "3f076d4502001c64877099093318b2dbd8b062a1",
        "type": "github"
      },
      "original": {
@@ -463,11 +463,11 @@
        "rust-overlay": "rust-overlay_2"
      },
      "locked": {
-        "lastModified": 1755025942,
+        "lastModified": 1755269578,
-        "narHash": "sha256-eKVn1PYxBsVVd6gs1IIuBQhTZmb5UNBgbC9+qBNT9cw=",
+        "narHash": "sha256-KiVR83GhEdKrBQm5JqAOSLbWsH8q4sN+acoLZziZCCM=",
        "owner": "helix-editor",
        "repo": "helix",
-        "rev": "001efa801e28cd19147d9369890133c2d631842a",
+        "rev": "a4a2b50a50971bc43952f5f75d19a56689793a6a",
        "type": "github"
      },
      "original": {
@@ -483,11 +483,11 @@
        ]
      },
      "locked": {
-        "lastModified": 1755121891,
+        "lastModified": 1755229570,
-        "narHash": "sha256-UtYkukiGnPRJ5rpd4W/wFVrLMh8fqtNkqHTPgHEtrqU=",
+        "narHash": "sha256-soZegto0xXzG2zYlu/zjknDHv0Z7tRS5EQs+Z/VRTBg=",
        "owner": "nix-community",
        "repo": "home-manager",
-        "rev": "279ca5addcdcfa31ac852b3ecb39fc372684f426",
+        "rev": "11626a4383b458f8dc5ea3237eaa04e8ab1912f3",
        "type": "github"
      },
      "original": {
@@ -676,11 +676,11 @@
        "xdph": "xdph"
      },
      "locked": {
-        "lastModified": 1755184403,
+        "lastModified": 1755277479,
-        "narHash": "sha256-VI+ZPD/uIFjzYW8IcyvBgvwyDIvUe4/xh/kOHTbITX8=",
+        "narHash": "sha256-LrXtv1RIEds93j+OiSEvYFVX4fcGk2vrEzva19oxvco=",
        "owner": "hyprwm",
        "repo": "hyprland",
-        "rev": "60d769a89908c29e19100059985db15a7b6bab6a",
+        "rev": "edc473e8b0c14e768445422080af9978d132bff6",
        "type": "github"
      },
      "original": {
@@ -1143,11 +1143,11 @@
        ]
      },
      "locked": {
-        "lastModified": 1755136941,
+        "lastModified": 1755223400,
-        "narHash": "sha256-tb7d+oBwD6ZBPzAhV/eXQs42YaZuzoNczRSPD3ubuoE=",
+        "narHash": "sha256-iUAvYWdu91xO2xBmxXmAMymKvxxs1orbbUDhaubyp24=",
        "owner": "fufexan",
        "repo": "nix-gaming",
-        "rev": "09708adbb33a6dbdb9c270131280284ad9e3be9c",
+        "rev": "97bf2750a74b02dbfc1131d99862c9ddd842a48d",
        "type": "github"
      },
      "original": {
@@ -1212,11 +1212,11 @@
    },
    "nixpkgs_10": {
      "locked": {
-        "lastModified": 1755027561,
+        "lastModified": 1755186698,
-        "narHash": "sha256-IVft239Bc8p8Dtvf7UAACMG5P3ZV+3/aO28gXpGtMXI=",
+        "narHash": "sha256-wNO3+Ks2jZJ4nTHMuks+cxAiVBGNuEBXsT29Bz6HASo=",
        "owner": "NixOS",
        "repo": "nixpkgs",
-        "rev": "005433b926e16227259a1843015b5b2b7f7d1fc3",
+        "rev": "fbcf476f790d8a217c3eab4e12033dc4a0f6d23c",
        "type": "github"
      },
      "original": {
@@ -1276,11 +1276,11 @@
    },
    "nixpkgs_4": {
      "locked": {
-        "lastModified": 1755027561,
+        "lastModified": 1755186698,
-        "narHash": "sha256-IVft239Bc8p8Dtvf7UAACMG5P3ZV+3/aO28gXpGtMXI=",
+        "narHash": "sha256-wNO3+Ks2jZJ4nTHMuks+cxAiVBGNuEBXsT29Bz6HASo=",
        "owner": "NixOS",
        "repo": "nixpkgs",
-        "rev": "005433b926e16227259a1843015b5b2b7f7d1fc3",
+        "rev": "fbcf476f790d8a217c3eab4e12033dc4a0f6d23c",
        "type": "github"
      },
      "original": {
@@ -1379,11 +1379,11 @@
        "systems": "systems_4"
      },
      "locked": {
-        "lastModified": 1755115677,
+        "lastModified": 1755252692,
        "narHash": "sha256-98Ad2F5w1xW94KymQiBohNBYpFqMa0K28v9S1SzyTY8=",
        "owner": "notashelf",
        "repo": "nvf",
-        "rev": "c5dc7192496a1fad38134e54f8b4fca8ac51a9fe",
+        "rev": "b6490efbe0b28b3bca727ecd4846fc8006352822",
        "type": "github"
      },
      "original": {
--- a/flake.nix
+++ b/flake.nix
@@ -3,7 +3,7 @@
  outputs = inputs:
    inputs.flake-parts.lib.mkFlake {inherit inputs;} {
-      systems = ["x86_64-linux"];
+      systems = ["x86_64-linux" "aarch64-linux"];
      imports = [
        ./users
--- a/hosts/default.nix
+++ b/hosts/default.nix
@@ -74,6 +74,23 @@
        inputs.agenix.nixosModules.default
      ];
    };
    ziggy = nixosSystem {
      inherit specialArgs;
      modules = [
        ./ziggy
        "${self}/nix"
        {
          home-manager = {
            users.cnst.imports = homeImports."cnst@ziggy";
            extraSpecialArgs = specialArgs;
          };
        }
        self.nixosModules.nixos
        self.nixosModules.settings
        self.nixosModules.server
        inputs.agenix.nixosModules.default
      ];
    };
    toothpc = nixosSystem {
      inherit specialArgs;
      modules = [
--- a/hosts/kima/modules.nix
+++ b/hosts/kima/modules.nix
@@ -28,21 +28,6 @@
      };
      network = {
        enable = true;
        # extraHosts = ''
        #   192.168.88.14 sobotka
        #   192.168.88.14 cnst.dev
        #   192.168.88.14 lidarr.cnst.dev
        #   192.168.88.14 radarr.cnst.dev
        #   192.168.88.14 sonarr.cnst.dev
        #   192.168.88.14 prowlarr.cnst.dev
        #   192.168.88.14 bazarr.cnst.dev
        #   192.168.88.14 qbt.cnst.dev
        #   192.168.88.14 jellyseerr.cnst.dev
        #   192.168.88.14 jellyfin.cnst.dev
        #   192.168.88.14 uptime.cnst.dev
        #   192.168.88.14 pihole.cnst.dev
        #   192.168.88.14 slskd.cnst.dev
        # '';
        interfaces = {
          "eno1" = {
            allowedTCPPorts = [22 80 443];
--- a/hosts/ziggy/default.nix
+++ b/hosts/ziggy/default.nix
@@ -0,0 +1,69 @@
 {
  lib,
  config,
  pkgs,
  ...
 }: let
  ifTheyExist = groups: builtins.filter (group: builtins.hasAttr group config.users.groups) groups;
 in {
  users.users.cnst = {
    isNormalUser = true;
    shell = pkgs.fish;
    extraGroups = ifTheyExist [
      "wheel"
      "networkmanager"
      "audio"
      "video"
      "git"
      "mysql"
      "docker"
      "libvirtd"
      "qemu-libvirtd"
      "kvm"
      "network"
      "gamemode"
      "adbusers"
      "rtkit"
      "users"
      "plocate"
      "fuse"
      "fail2ban"
      "vaultwarden"
      "qbittorrent"
      "lidarr"
      "prowlarr"
      "bazarr"
      "sonarr"
      "radarr"
      "media"
      "share"
    ];
  };
  imports = [
    ./hardware-configuration.nix
    ./modules.nix
    ./settings.nix
    ./server.nix
  ];
  boot.initrd.luks.devices."luks-47b35d4b-467a-4637-a5f9-45177da62897".device = "/dev/disk/by-uuid/47b35d4b-467a-4637-a5f9-45177da62897";
  networking = {
    hostName = "ziggy";
  };
  powerManagement.enable = false;
  swapDevices = [
    {
      device = "/var/lib/swapfile";
      size = 8 * 1024;
    }
  ];
  environment.variables.NH_FLAKE = "/home/cnst/.nix-config";
  #   # https://nixos.wiki/wiki/FAQ/When_do_I_update_stateVersion
  system.stateVersion = lib.mkDefault "25.05";
 }
--- a/hosts/ziggy/hardware-configuration.nix
+++ b/hosts/ziggy/hardware-configuration.nix
@@ -0,0 +1,48 @@
 # Do not modify this file!  It was generated by ‘nixos-generate-config’
 # and may be overwritten by future invocations.  Please make changes
 # to /etc/nixos/configuration.nix instead.
 {
  config,
  lib,
  pkgs,
  modulesPath,
  ...
 }: {
  imports = [
    (modulesPath + "/installer/scan/not-detected.nix")
  ];
  boot.initrd.availableKernelModules = ["nvme" "xhci_pci" "ahci" "usbhid" "usb_storage" "sd_mod"];
  boot.initrd.kernelModules = ["amdgpu"];
  boot.kernelModules = [];
  boot.extraModulePackages = [];
  fileSystems."/" = {
    device = "/dev/disk/by-uuid/a0a3595f-e61c-475c-8f4e-bfbb05582c20";
    fsType = "ext4";
  };
  boot.initrd.luks.devices."luks-4f289fde-55ed-4b05-a6ee-d396db2a887b".device = "/dev/disk/by-uuid/4f289fde-55ed-4b05-a6ee-d396db2a887b";
  fileSystems."/boot" = {
    device = "/dev/disk/by-uuid/E03E-5458";
    fsType = "vfat";
    options = ["fmask=0077" "dmask=0077"];
  };
  swapDevices = [
    {device = "/dev/disk/by-uuid/704e09db-c7dd-462b-9560-47bbf845905d";}
  ];
  # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
  # (the default) this is the recommended approach. When using systemd-networkd it's
  # still possible to use this option, but it's recommended to use it in conjunction
  # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
  networking.useDHCP = lib.mkDefault true;
  # networking.interfaces.enp5s0.useDHCP = lib.mkDefault true;
  # networking.interfaces.enp6s0.useDHCP = lib.mkDefault true;
  # networking.interfaces.wlp4s0.useDHCP = lib.mkDefault true;
  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
  hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
 }
--- a/hosts/ziggy/modules.nix
+++ b/hosts/ziggy/modules.nix
@@ -0,0 +1,227 @@
 {
  nixos = {
    boot = {
      kernel = {
        variant = "latest";
        hardware = [];
        extraKernelParams = [];
      };
      loader = {
        default = {
          enable = true;
        };
        lanzaboote = {
          enable = false;
        };
      };
    };
    hardware = {
      bluetooth = {
        enable = false;
      };
      graphics = {
        enable = false;
        vendors = [];
      };
      logitech = {
        enable = false;
      };
      network = {
        enable = true;
        interfaces = {
          "enp6s0" = {
            allowedTCPPorts = [22 80 443 8090];
            allowedUDPPorts = [58846 6881];
          };
        };
      };
    };
    programs = {
      android = {
        enable = false;
      };
      beekeeper = {
        enable = false;
      };
      blender = {
        enable = false;
        hip = {
          enable = false;
        };
      };
      corectrl = {
        enable = false;
      };
      fish = {
        enable = true;
      };
      gamemode = {
        enable = false;
        optimizeGpu = {
          enable = false;
        };
      };
      gamescope = {
        enable = false;
      };
      gimp = {
        enable = false;
      };
      gnome = {
        enable = false;
      };
      hyprland = {
        enable = false;
      };
      inkscape = {
        enable = false;
      };
      lutris = {
        enable = false;
      };
      microfetch = {
        enable = true;
      };
      pkgs = {
        enable = true;
        desktop = {
          enable = false;
        };
        common = {
          enable = false;
        };
        laptop = {
          enable = false;
        };
        server = {
          enable = true;
        };
        dev = {
          enable = false;
        };
      };
      mysql-workbench = {
        enable = false;
      };
      nh = {
        enable = true;
        clean = {
          enable = true;
          extraArgs = "--keep 9 --keep-since 51d";
        };
      };
      npm = {
        enable = false;
      };
      obsidian = {
        enable = false;
      };
      steam = {
        enable = false;
      };
      thunar = {
        enable = false;
      };
      yubikey = {
        enable = false;
      };
      zsh = {
        enable = false;
      };
    };
    services = {
      agenix = {
        enable = true;
        sobotka = {
          enable = true;
        };
      };
      blueman = {
        enable = false;
      };
      dbus = {
        enable = true;
      };
      dconf = {
        enable = true;
      };
      flatpak = {
        enable = false;
      };
      fwupd = {
        enable = true;
      };
      gnome-keyring = {
        enable = false;
      };
      greetd = {
        enable = false;
        user = "cnst";
      };
      gvfs = {
        enable = false;
      };
      kanata = {
        enable = false;
      };
      locate = {
        enable = true;
      };
      mullvad = {
        enable = false;
      };
      nfs = {
        enable = false;
        server.enable = false;
        client.enable = false;
      };
      nix-ld = {
        enable = false;
      };
      openssh = {
        enable = true;
      };
      pcscd = {
        enable = false;
      };
      pipewire = {
        enable = false;
      };
      polkit = {
        enable = false;
      };
      powerd = {
        enable = false;
      };
      samba = {
        enable = false;
      };
      scx = {
        enable = false;
        scheduler = "scx_lavd";
        flags = "--performance";
      };
      udisks = {
        enable = true;
      };
      zram = {
        enable = true;
      };
    };
    system = {
      fonts = {
        enable = false;
      };
      locale = {
        enable = true;
        defaultLocale = "en_US.UTF-8";
        extraLocale = "sv_SE.UTF-8";
        timeZone = "Europe/Stockholm";
      };
      xdg = {
        enable = false;
        xdgOpenUsePortal = true;
      };
    };
  };
 }
--- a/hosts/ziggy/server.nix
+++ b/hosts/ziggy/server.nix
@@ -0,0 +1,65 @@
 {config, ...}: {
  server = {
    enable = true;
    email = "adam@cnst.dev";
    domain = "cnix.dev";
    user = "share";
    group = "share";
    uid = 974;
    gid = 973;
    unbound = {
      enable = true;
    };
    caddy = {
      enable = true;
    };
    homepage-dashboard = {
      enable = false;
    };
    bazarr = {
      enable = false;
    };
    prowlarr = {
      enable = false;
    };
    lidarr = {
      enable = false;
    };
    sonarr = {
      enable = false;
    };
    radarr = {
      enable = false;
    };
    jellyseerr = {
      enable = false;
    };
    jellyfin = {
      enable = false;
    };
    uptime-kuma = {
      enable = false;
    };
    vaultwarden = {
      enable = false;
    };
    fail2ban = {
      enable = false;
    };
    podman = {
      enable = true;
      qbittorrent = {
        enable = false;
        port = 8080;
      };
      slskd = {
        enable = false;
      };
      pihole = {
        enable = true;
        port = 8053;
      };
    };
  };
 }
--- a/hosts/ziggy/settings.nix
+++ b/hosts/ziggy/settings.nix
@@ -0,0 +1,9 @@
 {
  settings = {
    accounts = {
      username = "cnst";
      mail = "adam@cnst.dev";
      sshUser = "ziggy";
    };
  };
 }
--- a/users/default.nix
+++ b/users/default.nix
@@ -22,11 +22,16 @@
      ++ [
        ./cnst
      ];
-    "cnst@sobotka" =
+    # "cnst@sobotka" =
-      sharedImports
+    #   sharedImports
-      ++ [
+    #   ++ [
-        ./cnst
+    #     ./cnst
-      ];
+    #   ];
    # "cnst@ziggy" =
    #   sharedImports
    #   ++ [
    #     ./cnst
    #   ];
    "toothpick@toothpc" =
      sharedImports
      ++ [