From 6cdd7640cba09f27c8bb8f94df5885d559ea41f8 Mon Sep 17 00:00:00 2001 From: Andrei Jiroh Halili Date: Wed, 8 Jan 2025 22:11:59 +0800 Subject: [PATCH] Forgot to commit my stuff btw --- .config/nixos/flake.lock | 18 +- .config/nixos/flake.nix | 24 +- .../hosts/stellapent-cier/configuration.nix | 18 +- .../hosts/stellapent-cier/users/gildedguy.nix | 211 +----------------- .../nixos/shared/{ => desktop}/bluetooth.nix | 0 .../nixos/shared/{ => desktop}/firewall.nix | 14 +- .../nixos/shared/{ => desktop}/kde-plasma.nix | 0 .config/nixos/shared/home-manager/main.nix | 193 ++++++++++++++++ .config/nixos/shared/meta-configs.nix | 60 ++++- .config/nixos/shared/server/firewall.nix | 22 ++ .config/nixos/shared/{ => server}/ssh.nix | 0 .../nixos/shared/{ => server}/tailscale.nix | 0 .config/nixos/shared/ssh-keys.nix | 12 + .config/nixos/shared/systemd.nix | 19 ++ .../extensions.nix} | 0 15 files changed, 343 insertions(+), 248 deletions(-) rename .config/nixos/shared/{ => desktop}/bluetooth.nix (100%) rename .config/nixos/shared/{ => desktop}/firewall.nix (56%) rename .config/nixos/shared/{ => desktop}/kde-plasma.nix (100%) create mode 100644 .config/nixos/shared/home-manager/main.nix create mode 100644 .config/nixos/shared/server/firewall.nix rename .config/nixos/shared/{ => server}/ssh.nix (100%) rename .config/nixos/shared/{ => server}/tailscale.nix (100%) create mode 100644 .config/nixos/shared/ssh-keys.nix create mode 100644 .config/nixos/shared/systemd.nix rename .config/nixos/shared/{vscode-extensions.nix => vscode/extensions.nix} (100%) diff --git a/.config/nixos/flake.lock b/.config/nixos/flake.lock index fe16474..36b6066 100644 --- a/.config/nixos/flake.lock +++ b/.config/nixos/flake.lock @@ -162,11 +162,11 @@ "nixpkgs": "nixpkgs_4" }, "locked": { - "lastModified": 1735381016, - "narHash": "sha256-CyCZFhMUkuYbSD6bxB/r43EdmDE7hYeZZPTCv0GudO4=", + "lastModified": 1735735907, + "narHash": "sha256-/AOGn9qJMjrZQyWYbObHTKmWDUP0q9+0TAXOJnq6ik0=", "owner": "nix-community", "repo": "home-manager", - "rev": "10e99c43cdf4a0713b4e81d90691d22c6a58bdf2", + "rev": "59a4c43e9ba6db24698c112720a58a334117de83", "type": "github" }, "original": { @@ -328,11 +328,11 @@ }, "nixpkgs_4": { "locked": { - "lastModified": 1734649271, - "narHash": "sha256-4EVBRhOjMDuGtMaofAIqzJbg4Ql7Ai0PSeuVZTHjyKQ=", + "lastModified": 1735471104, + "narHash": "sha256-0q9NGQySwDQc7RhAV2ukfnu7Gxa5/ybJ2ANT8DQrQrs=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "d70bd19e0a38ad4790d3913bf08fcbfc9eeca507", + "rev": "88195a94f390381c6afcdaa933c2f6ff93959cb4", "type": "github" }, "original": { @@ -344,11 +344,11 @@ }, "nixpkgs_5": { "locked": { - "lastModified": 1735291276, - "narHash": "sha256-NYVcA06+blsLG6wpAbSPTCyLvxD/92Hy4vlY9WxFI1M=", + "lastModified": 1735471104, + "narHash": "sha256-0q9NGQySwDQc7RhAV2ukfnu7Gxa5/ybJ2ANT8DQrQrs=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "634fd46801442d760e09493a794c4f15db2d0cbb", + "rev": "88195a94f390381c6afcdaa933c2f6ff93959cb4", "type": "github" }, "original": { diff --git a/.config/nixos/flake.nix b/.config/nixos/flake.nix index dff810c..a9f5e47 100644 --- a/.config/nixos/flake.nix +++ b/.config/nixos/flake.nix @@ -3,21 +3,11 @@ # try to be in-sync with the nix-channels inputs = { - nixpkgs = { - url = "github:NixOS/nixpkgs/nixos-unstable"; - }; - home-manager = { - url = "github:nix-community/home-manager/master"; - }; - nixos-hardware = { - url = "github:NixOS/nixos-hardware/master"; - }; - determinate = { - url = "https://flakehub.com/f/DeterminateSystems/determinate/0.1"; - }; - vscode-server = { - url = "github:nix-community/nixos-vscode-server"; - }; + nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable"; + home-manager.url = "github:nix-community/home-manager/master"; + nixos-hardware.url = "github:NixOS/nixos-hardware/master"; + determinate.url = "https://flakehub.com/f/DeterminateSystems/determinate/0.1"; + vscode-server.url = "github:nix-community/nixos-vscode-server"; }; outputs = { @@ -32,10 +22,12 @@ stellapent-cier = nixpkgs.lib.nixosSystem { system = "x86_64-linux"; modules = [ + ./hosts/stellapent-cier/configuration.nix + + # load Determinate Nix and the rest determinate.nixosModules.default vscode-server.nixosModules.default home-manager.nixosModules.home-manager - ./hosts/stellapent-cier/configuration.nix ]; }; }; diff --git a/.config/nixos/hosts/stellapent-cier/configuration.nix b/.config/nixos/hosts/stellapent-cier/configuration.nix index fbe08aa..6364a0f 100644 --- a/.config/nixos/hosts/stellapent-cier/configuration.nix +++ b/.config/nixos/hosts/stellapent-cier/configuration.nix @@ -9,13 +9,14 @@ [ ./hardware-configuration.nix ../../shared/meta-configs.nix + ../../shared/systemd.nix ../../shared/networking.nix - ../../shared/firewall.nix - ../../shared/tailscale.nix - ../../shared/ssh.nix ../../shared/locale.nix - ../../shared/kde-plasma.nix - ../../shared/bluetooth.nix + ../../shared/server/tailscale.nix + ../../shared/server/ssh.nix + ../../shared/desktop/kde-plasma.nix + ../../shared/desktop/bluetooth.nix + ../../shared/desktop/firewall.nix ]; # Bootloader. @@ -94,7 +95,8 @@ # home-manager specifics home-manager.useUserPackages = true; home-manager.useGlobalPkgs = true; - home-manager.users.gildedguy = (import ./users/gildedguy.nix); + home-manager.users.gildedguy = import ./users/gildedguy.nix; + #programs.home-manager.enable = true; # allow home-manager to manage itself # Install firefox. programs.firefox.enable = true; @@ -109,11 +111,15 @@ btop htop google-chrome + direnv + cachix ]; # Some programs need SUID wrappers, can be configured further or are # started in user sessions. programs.mtr.enable = true; + + # enable gpg-agent with SSH support programs.gnupg.agent = { enable = true; enableSSHSupport = true; diff --git a/.config/nixos/hosts/stellapent-cier/users/gildedguy.nix b/.config/nixos/hosts/stellapent-cier/users/gildedguy.nix index d82556f..dd06827 100644 --- a/.config/nixos/hosts/stellapent-cier/users/gildedguy.nix +++ b/.config/nixos/hosts/stellapent-cier/users/gildedguy.nix @@ -1,211 +1,12 @@ { config, pkgs, lib, ... }: -let - vscExts = (import ../../../shared/vscode-extensions.nix) { - pkgs = pkgs; - lib = lib; - }; - #extList = lib.attrsets.mapAttrsToList (name: value: value) vscExts; -in -with pkgs; { - # https://fnordig.de/til/nix/home-manager-allow-unfree.html - nixpkgs = { - config = { - allowUnfree = true; - # https://github.com/nix-community/home-manager/issues/2942 - allowUnfreePredicate = (_: true); - }; - }; - - # Home Manager needs a bit of information about you and the paths it should - # manage. Also don't ask how we got here on the roleplaying part. - home.username = "gildedguy"; - home.homeDirectory = "/home/gildedguy"; - - # This value determines the Home Manager release that your configuration is - # compatible with. This helps avoid breakage when a new Home Manager release - # introduces backwards incompatible changes. - # - # You should not change this value, even if you update Home Manager. If you do - # want to update the value, then make sure to first check the Home Manager - # release notes. - home.stateVersion = "24.11"; # Please read the comment before changing. - - # The home.packages option allows you to install Nix packages into your - # environment. - home.packages = with pkgs; [ - # # Adds the 'hello' command to your environment. It prints a friendly - # # "Hello, world!" when run. - # pkgs.hello - - # # It is sometimes useful to fine-tune packages, for example, by applying - # # overrides. You can do that directly here, just don't forget the - # # parentheses. Maybe you want to install Nerd Fonts with a limited number of - # # fonts? - # (pkgs.nerdfonts.override { fonts = [ "FantasqueSansMono" ]; }) - - # # You can also create simple shell scripts directly inside your - # # configuration. For example, this adds a command 'my-hello' to your - # # environment: - # (pkgs.writeShellScriptBin "my-hello" '' - # echo "Hello, ${config.home.username}!" - # '') - - ## devtools ## - # https://httpie.io - httpie - # https://devenv.sh - devenv - # https://cli.github.com - gh - # bet we'll going to have a field day since Copilot is now available for free - # (this is seperate from the gh copilot extension for those asking) - # context: https://github.blog/news-insights/product-news/github-copilot-in-vscode-free/ - github-copilot-cli - # markdownlint - markdownlint-cli - # https://doppler.com - doppler - - ## programming languages - deno - nodejs_22 - python313 - pipx - pipenv - - ## language servers ## - # nix language server - https://github.com/oxalica/nil - nil - # https://github.com/alesbrelih/gitlab-ci-ls - gitlab-ci-ls + imports = [ + ../../../shared/home-manager/main.nix ]; - home.sessionPath = [ - "$HOME/bin" - ]; - - # Home Manager is pretty good at managing dotfiles. The primary way to manage - # plain files is through 'home.file'. - home.file = { - # # Building this configuration will create a copy of 'dotfiles/screenrc' in - # # the Nix store. Activating the configuration will then make '~/.screenrc' a - # # symlink to the Nix store copy. - # ".screenrc".source = dotfiles/screenrc; - - # # You can also set the file content immediately. - # ".gradle/gradle.properties".text = '' - # org.gradle.console=verbose - # org.gradle.daemon.idletimeout=3600000 - # ''; + config = { + home.username = "gildedguy"; + home.homeDirectory = "/home/gildedguy"; }; - - # Home Manager can also manage your environment variables through - # 'home.sessionVariables'. These will be explicitly sourced when using a - # shell provided by Home Manager. If you don't want to manage your shell - # through Home Manager then you have to manually source 'hm-session-vars.sh' - # located at either - # - # ~/.nix-profile/etc/profile.d/hm-session-vars.sh - # - # or - # - # ~/.local/state/nix/profiles/profile/etc/profile.d/hm-session-vars.sh - # - # or - # - # /etc/profiles/per-user/gildedguy/etc/profile.d/hm-session-vars.sh - # - home.sessionVariables = { - EDITOR = "nano"; - NIXOS_ALLOW_UNFREE = "1"; # for impure builds - GIT_EDITOR = "code --wait"; - VISUAL = "code --wait"; - DOCKER_BUILDKIT = "1"; - }; - - # Let Home Manager install and manage itself. - programs.home-manager.enable = true; - - # let me cook with the configs, starting with git - programs.git = { - enable = true; - package = pkgs.gitAndTools.gitFull; - lfs = { - enable = true; - }; - userName = "Andrei Jiroh Halili"; - userEmail = "ajhalili2006@andreijiroh.dev"; - aliases = { - signoff = "commit --signoff"; - amend = "commit -a --amend"; - remotes = "remote -v"; - root = "rev-parse --show-toplevel"; - unstage = "restore --staged"; - stats = "status"; - }; - extraConfig = { - format = { - signOff = true; - }; - init = { - defaultBranch = "main"; - }; - - # https://groups.google.com/g/binary-transparency/c/f-BI4o8HZW0 - transfer = { - fsckobjects = true; - }; - fetch = { - fsckobjects = true; - }; - receive = { - fsckobjects = true; - }; - push = { - autoSetupRemote = true; - }; - - - }; - }; - - programs.vscode = { - enable = true; - package = pkgs.vscode; - enableExtensionUpdateCheck = true; - mutableExtensionsDir = true; - # userSettings = { - # "nix.enableLanguageServer" = true; - # "nix.serverPath" = "nil"; - # "window.customTitleBarVisibility" = "auto"; - # "window.titleBarStyle" = "custom"; - # "window.menuBarVisibility" = "classic"; - # "redhat.telemetry.enabled" = true; - # "github.copilot.editor.enableAutoCompletions" = false; - # "github.copilot.chat.followUps" = "always"; - # "github.copilot.chat.terminalChatLocation" = "terminal"; - # "git.confirmSync" = false; - # "microsoft-authentication.implementation" = "msal"; - # "workbench.colorTheme" = "GitHub Dark Colorblind (Beta)"; - # "workbench.iconTheme" = "material-icon-theme"; - # "workbench.productIconTheme" = "material-product-icons"; - # }; - # Note that not all extensions are available over gh:NixOS/nixpkgs repo, but - # we'll work on that soon. - extensions = with vscExts; [ - pkief.material-icon-theme - pkief.material-product-icons - github.github-vscode-theme - wakatime.vscode-wakatime - doppler.doppler-vscode - eamodio.gitlens - vivaxy.vscode-conventional-commits - denoland.vscode-deno - jnoortheen.nix-ide - #redhat.vscode-yaml - unifiedjs.vscode-mdx - ]; - }; -} +} \ No newline at end of file diff --git a/.config/nixos/shared/bluetooth.nix b/.config/nixos/shared/desktop/bluetooth.nix similarity index 100% rename from .config/nixos/shared/bluetooth.nix rename to .config/nixos/shared/desktop/bluetooth.nix diff --git a/.config/nixos/shared/firewall.nix b/.config/nixos/shared/desktop/firewall.nix similarity index 56% rename from .config/nixos/shared/firewall.nix rename to .config/nixos/shared/desktop/firewall.nix index 607723d..f1ba0bb 100644 --- a/.config/nixos/shared/firewall.nix +++ b/.config/nixos/shared/desktop/firewall.nix @@ -3,25 +3,23 @@ { # Open ports in the firewall. networking.firewall.allowedTCPPortRanges = [ - { from = 1714; to = 1764; } + { from = 1714; to = 1764; } # used by KDE Connect + { from = 3000; to = 3999; } + { from = 8000; to = 8999; } ]; networking.firewall.allowedUDPPortRanges = [ - { from = 1714; to = 1764; } + { from = 1714; to = 1764; } # used by KDE Connect + { from = 3000; to = 3999; } + { from = 8000; to = 8999; } ]; networking.firewall.allowedTCPPorts = [ 22 80 443 - 3000 - 8000 ]; networking.firewall.allowedUDPPorts = [ 22 80 443 - 3000 - 8000 ]; - # Or disable the firewall altogether. - # networking.firewall.enable = false; } \ No newline at end of file diff --git a/.config/nixos/shared/kde-plasma.nix b/.config/nixos/shared/desktop/kde-plasma.nix similarity index 100% rename from .config/nixos/shared/kde-plasma.nix rename to .config/nixos/shared/desktop/kde-plasma.nix diff --git a/.config/nixos/shared/home-manager/main.nix b/.config/nixos/shared/home-manager/main.nix new file mode 100644 index 0000000..9f07534 --- /dev/null +++ b/.config/nixos/shared/home-manager/main.nix @@ -0,0 +1,193 @@ +# This is the meta configuration for my dotfiles with home-manager, except +# some home.{username,userDirectory} configs to ensure portability between +# hosts + +{ config, pkgs, lib, ... }: + +{ + # https://fnordig.de/til/nix/home-manager-allow-unfree.html + nixpkgs = { + config = { + allowUnfree = true; + # https://github.com/nix-community/home-manager/issues/2942 + allowUnfreePredicate = (_: true); + }; + }; + + # This value determines the Home Manager release that your configuration is + # compatible with. This helps avoid breakage when a new Home Manager release + # introduces backwards incompatible changes. + # + # You should not change this value, even if you update Home Manager. If you do + # want to update the value, then make sure to first check the Home Manager + # release notes. + home.stateVersion = "24.11"; # Please read the comment before changing. + + # The home.packages option allows you to install Nix packages into your + # environment. + home.packages = with pkgs; [ + # # Adds the 'hello' command to your environment. It prints a friendly + # # "Hello, world!" when run. + # pkgs.hello + + # # It is sometimes useful to fine-tune packages, for example, by applying + # # overrides. You can do that directly here, just don't forget the + # # parentheses. Maybe you want to install Nerd Fonts with a limited number of + # # fonts? + # (pkgs.nerdfonts.override { fonts = [ "FantasqueSansMono" ]; }) + + # # You can also create simple shell scripts directly inside your + # # configuration. For example, this adds a command 'my-hello' to your + # # environment: + # (pkgs.writeShellScriptBin "my-hello" '' + # echo "Hello, ${config.home.username}!" + # '') + + ## devtools ## + # https://httpie.io + httpie + # https://devenv.sh + devenv + # https://cli.github.com + gh + # bet we'll going to have a field day since Copilot is now available for free + # (this is seperate from the gh copilot extension for those asking) + # context: https://github.blog/news-insights/product-news/github-copilot-in-vscode-free/ + github-copilot-cli + # markdownlint + markdownlint-cli + # https://doppler.com + doppler + direnv + shellcheck + hadolint + + ## programming languages + deno + nodejs_22 + python313 + pipx + pipenv + + ## language servers ## + # nix language server - https://github.com/oxalica/nil + nil + # https://github.com/alesbrelih/gitlab-ci-ls + gitlab-ci-ls + ]; + + home.sessionPath = [ + "${config.home.homeDirectory}/bin" + ]; + + # Home Manager is pretty good at managing dotfiles. The primary way to manage + # plain files is through 'home.file'. + home.file = { + # # Building this configuration will create a copy of 'dotfiles/screenrc' in + # # the Nix store. Activating the configuration will then make '~/.screenrc' a + # # symlink to the Nix store copy. + # ".screenrc".source = dotfiles/screenrc; + + # # You can also set the file content immediately. + # ".gradle/gradle.properties".text = '' + # org.gradle.console=verbose + # org.gradle.daemon.idletimeout=3600000 + # ''; + }; + + # Home Manager can also manage your environment variables through + # 'home.sessionVariables'. These will be explicitly sourced when using a + # shell provided by Home Manager. If you don't want to manage your shell + # through Home Manager then you have to manually source 'hm-session-vars.sh' + # located at either + # + # ~/.nix-profile/etc/profile.d/hm-session-vars.sh + # + # or + # + # ~/.local/state/nix/profiles/profile/etc/profile.d/hm-session-vars.sh + # + # or + # + # /etc/profiles/per-user/gildedguy/etc/profile.d/hm-session-vars.sh + # + home.sessionVariables = { + EDITOR = "nano"; + NIXOS_ALLOW_UNFREE = "1"; # for impure builds + GIT_EDITOR = "code --wait"; + VISUAL = "code --wait"; + DOCKER_BUILDKIT = "1"; + }; + + # Let Home Manager install and manage itself. + programs.home-manager.enable = true; + + # let me cook with the configs, starting with git + programs.git = { + enable = true; + package = pkgs.gitAndTools.gitFull; + lfs = { + enable = true; + }; + userName = "Andrei Jiroh Halili"; + userEmail = "ajhalili2006@andreijiroh.dev"; + aliases = { + signoff = "commit --signoff"; + amend = "commit -a --amend"; + remotes = "remote -v"; + root = "rev-parse --show-toplevel"; + unstage = "restore --staged"; + stats = "status"; + }; + extraConfig = { + format = { + signOff = true; + }; + init = { + defaultBranch = "main"; + }; + + # https://groups.google.com/g/binary-transparency/c/f-BI4o8HZW0 + transfer = { + fsckobjects = true; + }; + fetch = { + fsckobjects = true; + }; + receive = { + fsckobjects = true; + }; + push = { + autoSetupRemote = true; + }; + + + }; + }; + + programs.vscode = { + enable = true; + package = pkgs.vscode; + enableExtensionUpdateCheck = true; + mutableExtensionsDir = true; + # userSettings = { + # "nix.enableLanguageServer" = true; + # "nix.serverPath" = "nil"; + # "window.customTitleBarVisibility" = "auto"; + # "window.titleBarStyle" = "custom"; + # "window.menuBarVisibility" = "classic"; + # "redhat.telemetry.enabled" = true; + # "github.copilot.editor.enableAutoCompletions" = false; + # "github.copilot.chat.followUps" = "always"; + # "github.copilot.chat.terminalChatLocation" = "terminal"; + # "git.confirmSync" = false; + # "microsoft-authentication.implementation" = "msal"; + # "workbench.colorTheme" = "GitHub Dark Colorblind (Beta)"; + # "workbench.iconTheme" = "material-icon-theme"; + # "workbench.productIconTheme" = "material-product-icons"; + # }; + # We're importing what's generated from nix4vscode here as a workaround + # for now. + #extensions = lib.attrsets.mapAttrsToList (_: v: v) vscExts; + }; +} diff --git a/.config/nixos/shared/meta-configs.nix b/.config/nixos/shared/meta-configs.nix index e6b633f..f78082d 100644 --- a/.config/nixos/shared/meta-configs.nix +++ b/.config/nixos/shared/meta-configs.nix @@ -1,4 +1,5 @@ -# This is the meta config file for nixpkgs and nix cli +# This is the meta config file for nixpkgs and nix cli itself, including +# trusted keys for cachnix caches { config, pkgs, lib, ... }: @@ -13,6 +14,57 @@ }; }; - # Enable the Flakes feature and the accompanying new nix command-line tool - nix.settings.experimental-features = [ "nix-command" "flakes" ]; -} \ No newline at end of file + nix = { + settings = { + # See https://nix.dev/manual/nix/latest/development/experimental-features + # for latest supported feature flags. + experimental-features = [ + "nix-command" + "flakes" + "ca-derivations" + "cgroups" + "impure-derivations" + "git-hashing" + "fetch-tree" + "fetch-closure" + "local-overlay-store" + "mounted-ssh-store" + # "verified-fetches" + ]; + + trusted-users = [ + "root" + "gildedguy" + "ajhalili2006" + ]; + + # just sync with trusted-users, but w/o root + allowed-users = [ + "gildedguy" + "ajhalili2006" + ]; + + trusted-public-keys = [ + # devenv.sh + "devenv.cachix.org-1:w1cLUi8dv3hnoSPGAuibQv+f9TZLr6cv/Hm9XgU50cw=" + + # my caches for nixos and nixpkgs related builds (including devenvs) + "ajhalili2006-nixos-builds.cachix.org-1:fA8HXvGR1i792D+CxL2iW/TQzUcyoW7zPUmC9Q4mQLg=" + + # the main cache itself + "andreijiroh-dev.cachix.org-1:7Jd0STdBOLiNu5fiA+AKwcMqQD2PA1j9zLDGyDkuyBo=" + + # recaptime.dev cache + "recaptime-dev.cachix.org-1:b0UBO1zONf6ceTIoR06AKhgid4ZOl5kxB/gOIdZ9J6g=" + ]; + + # also list them all too + trusted-substituters = [ + "https://devenv.cachix.org" + "https://andreijiroh-dev.cachix.org" + "https://ajhalili2006-nixos-builds.cachix.org" + "https://recaptime-dev.cachix.org" + ]; + }; + }; +} diff --git a/.config/nixos/shared/server/firewall.nix b/.config/nixos/shared/server/firewall.nix new file mode 100644 index 0000000..8ad9f46 --- /dev/null +++ b/.config/nixos/shared/server/firewall.nix @@ -0,0 +1,22 @@ +{ config, pkgs, lib, ... }: + +{ + networking.firewall.allowedTCPPortRanges = [ + { from = 3000; to = 3999; } + { from = 8000; to = 8999; } + ]; + networking.firewall.allowedUDPPortRanges = [ + { from = 3000; to = 3999; } + { from = 8000; to = 8999; } + ]; + networking.firewall.allowedTCPPorts = [ + 22 + 80 + 443 + ]; + networking.firewall.allowedUDPPorts = [ + 22 + 80 + 443 + ]; +} \ No newline at end of file diff --git a/.config/nixos/shared/ssh.nix b/.config/nixos/shared/server/ssh.nix similarity index 100% rename from .config/nixos/shared/ssh.nix rename to .config/nixos/shared/server/ssh.nix diff --git a/.config/nixos/shared/tailscale.nix b/.config/nixos/shared/server/tailscale.nix similarity index 100% rename from .config/nixos/shared/tailscale.nix rename to .config/nixos/shared/server/tailscale.nix diff --git a/.config/nixos/shared/ssh-keys.nix b/.config/nixos/shared/ssh-keys.nix new file mode 100644 index 0000000..21d5ca6 --- /dev/null +++ b/.config/nixos/shared/ssh-keys.nix @@ -0,0 +1,12 @@ +{ + personal = { + y2022 = ""; + }; + rp_ssh_keys = { + gildedguy = ""; + }; + + recaptime-dev = { + tbd = ""; + }; +} \ No newline at end of file diff --git a/.config/nixos/shared/systemd.nix b/.config/nixos/shared/systemd.nix new file mode 100644 index 0000000..7e334d8 --- /dev/null +++ b/.config/nixos/shared/systemd.nix @@ -0,0 +1,19 @@ +{ ... }: + +{ + services.timesyncd = { + enable = true; + servers = [ + # https://pubfiles.pagasa.dost.gov.ph/tamss/oras/time_synchronization_for_windows_7_and_8.pdf + "ntp.pagasa.dost.gov.ph" + # https://www.cloudflare.com/time/ + "time.cloudflare.com" + ]; + fallbackServers = [ + "0.asia.pool.ntp.org" + "1.asia.pool.ntp.org" + "2.asia.pool.ntp.org" + "3.asia.pool.ntp.org" + ]; + }; +} \ No newline at end of file diff --git a/.config/nixos/shared/vscode-extensions.nix b/.config/nixos/shared/vscode/extensions.nix similarity index 100% rename from .config/nixos/shared/vscode-extensions.nix rename to .config/nixos/shared/vscode/extensions.nix