diff --git a/config/globals.nix b/config/globals.nix deleted file mode 100644 index 7c64ec5..0000000 --- a/config/globals.nix +++ /dev/null @@ -1,46 +0,0 @@ -{ - domain = "porzh.me"; - admin = { - email = "dun0z@porzh.me"; - name = "DuN0z"; - }; - - smtp = { - host = "smtp.protonmail.ch"; - port = 587 ; - user = "contact@porzh.me"; - }; - - network = { - gateway = "192.168.50.1"; - pennsardin = { - ip = "192.168.50.12"; - }; - terre-neuvas = { - ip = "192.168.50.11"; - }; - }; - - services = { - forgejo = { - home = "/var/lib/forgejo"; - url = "govel.porzh.me"; - user = "git"; - port = 3000; - }; - goaccess = { - home = "/var/lib/www/goaccess"; - url = "koum.porzh.me"; - }; - levr = { - home = "/var/lib/services/levr"; - build = "/var/lib/www/levr"; - url = "levr.porzh.me"; - user = "levr"; - }; - wikijs = { - url = "notes.porzh.me"; - port = 3002 ; - }; - }; -} diff --git a/devshell.nix b/devshell.nix deleted file mode 100644 index ef9e633..0000000 --- a/devshell.nix +++ /dev/null @@ -1,15 +0,0 @@ -{pkgs}: -pkgs.mkShell { - buildInputs = with pkgs; [ - alejandra # formatteur nix officiel (rapide) - statix # linting pour repérer mauvaises pratiques - deadnix # détecte le code mort / imports inutiles - ]; - - shellHook = '' - echo "Tools dispo :" - echo " alejandra . # formate tout ton Nix" - echo " statix check # lint" - echo " deadnix . # cherche le code mort" - ''; -} diff --git a/disko/pennsardin.nix b/disko/pennsardin.nix deleted file mode 100644 index 3f1e614..0000000 --- a/disko/pennsardin.nix +++ /dev/null @@ -1,185 +0,0 @@ -{ ... }: { - disko.devices = { - disk.main = { - type = "disk"; - device = "/dev/nvme0n1"; - content = { - type = "gpt"; - partitions = { - boot = { - size = "512MiB"; - type = "EF00"; - content = { - type = "filesystem"; - format = "vfat"; - mountpoint = "/boot/efi"; - mountOptions = [ "umask=0077" "noauto" ]; - }; - }; - - rescue = { - size = "8GiB"; - type = "8300"; - content = { - type = "filesystem"; - format = "ext4"; - mountpoint = "/rescue"; - mountOptions = [ "nofail" "noauto" "nosuid" "nodev" "noexec" ]; - }; - }; - - root = { - size = "100%"; - type = "8e00"; # LVM partition - content = { - type = "lvm_pv"; - vg = "vg-main"; - }; - }; - }; - }; - }; - - lvm_vg."vg-main" = { - type = "lvm_vg"; - lvs = { - # -- Système principal -- - lv-root = { - size = "100G"; - content = { - type = "btrfs"; - mountpoint = "/"; - mountOptions = [ "compress=zstd:3" "noatime" "space_cache=v2" "discard=async" ]; - }; - }; - - lv-home = { - size = "100G"; - content = { - type = "btrfs"; - extraArgs = [ "-f" ]; - mountpoint = "/home"; - mountOptions = [ - "compress=zstd:3" - "noatime" - "nodev" - "nosuid" - "space_cache=v2" - "discard=async" - ]; - subvolumes = { - "@homebin" = { - mountpoint = "/home/dunoz/bin"; - mountOptions = [ - "compress=zstd:3" - "noatime" - "nodev" - "nosuid" - "space_cache=v2" - "discard=async" - "subvol=@homebin" - ]; - }; - }; - }; - }; - - lv-nix = { - size = "80G"; - content = { - type = "btrfs"; - mountpoint = "/nix"; - mountOptions = [ "compress=zstd:3" "noatime" "space_cache=v2" "discard=async" ]; - }; - }; - - lv-var = { - size = "50G"; - content = { - type = "btrfs"; - mountpoint = "/var"; - mountOptions = [ "compress=zstd:3" "noatime" "nodev" "nosuid" "space_cache=v2" "discard=async" ]; - }; - }; - - # -- Données & builds (no COW) -- - lv-work = { - size = "100G"; - content = { - type = "btrfs"; - mountpoint = "/home/dunoz/Work"; - mountOptions = [ "nodatacow" "noatime" "nodev" "space_cache=v2" "discard=async" ]; - }; - }; - - lv-games = { - size = "200G"; - content = { - type = "btrfs"; - mountpoint = "/home/dunoz/.local/share/Steam"; - mountOptions = [ "nodatacow" "noatime" "nodev" "space_cache=v2" "discard=async" ]; - }; - }; - - lv-qemu = { - size = "200G"; - content = { - type = "btrfs"; - mountpoint = "/var/lib/libvirt/images"; - mountOptions = [ "nodatacow" "noatime" "nodev" "nosuid" "space_cache=v2" "discard=async" ]; - }; - }; - - lv-container = { - size = "20G"; - content = { - type = "btrfs"; - mountpoint = "/var/lib/machines"; - mountOptions = [ "nodatacow" "noatime" "nodev" "nosuid" "space_cache=v2" "discard=async" ]; - }; - }; - }; - }; - - filesystem.raid = { - type = "filesystem"; - device = "/dev/md0"; - format = "btrfs"; - mountpoint = "/srv/raid"; - mountOptions = [ "compress=zstd:3" "noatime" "nofail" "noexec" "nodev" "nosuid" "space_cache=v2" "discard=async" ]; - }; - - bindmounts = { - docs = { - device = "/srv/raid/home-data/Documents"; - mountpoint = "/home/dunoz/Documents"; - options = [ "bind" "nofail" "nosuid" "nodev" "noexec" ]; - }; - images = { - device = "/srv/raid/home-data/Images"; - mountpoint = "/home/dunoz/Images"; - options = [ "bind" "nofail" "nosuid" "nodev" "noexec" ]; - }; - music = { - device = "/srv/raid/home-data/Musique"; - mountpoint = "/home/dunoz/Musique"; - options = [ "bind" "nofail" "nosuid" "nodev" "noexec" ]; - }; - downloads = { - device = "/srv/raid/home-data/Téléchargements"; - mountpoint = "/home/dunoz/Téléchargements"; - options = [ "bind" "nofail" "nosuid" "nodev" "noexec" ]; - }; - videos = { - device = "/srv/raid/home-data/Vidéos"; - mountpoint = "/home/dunoz/Vidéos"; - options = [ "bind" "nofail" "nosuid" "nodev" "noexec" ]; - }; - config = { - device = "/srv/raid/home-data/nixos-config"; - mountpoint = "/home/dunoz/nixos-config"; - options = [ "bind" "nofail" "nosuid" "nodev" ]; - }; - }; - }; -} diff --git a/flake.lock b/flake.lock deleted file mode 100644 index e353458..0000000 --- a/flake.lock +++ /dev/null @@ -1,273 +0,0 @@ -{ - "nodes": { - "agenix": { - "inputs": { - "darwin": "darwin", - "home-manager": "home-manager", - "nixpkgs": "nixpkgs", - "systems": "systems" - }, - "locked": { - "lastModified": 1762618334, - "narHash": "sha256-wyT7Pl6tMFbFrs8Lk/TlEs81N6L+VSybPfiIgzU8lbQ=", - "owner": "ryantm", - "repo": "agenix", - "rev": "fcdea223397448d35d9b31f798479227e80183f6", - "type": "github" - }, - "original": { - "owner": "ryantm", - "repo": "agenix", - "type": "github" - } - }, - "darwin": { - "inputs": { - "nixpkgs": [ - "agenix", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1744478979, - "narHash": "sha256-dyN+teG9G82G+m+PX/aSAagkC+vUv0SgUw3XkPhQodQ=", - "owner": "lnl7", - "repo": "nix-darwin", - "rev": "43975d782b418ebf4969e9ccba82466728c2851b", - "type": "github" - }, - "original": { - "owner": "lnl7", - "ref": "master", - "repo": "nix-darwin", - "type": "github" - } - }, - "flake-parts": { - "inputs": { - "nixpkgs-lib": [ - "nur", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1733312601, - "narHash": "sha256-4pDvzqnegAfRkPwO3wmwBhVi/Sye1mzps0zHWYnP88c=", - "owner": "hercules-ci", - "repo": "flake-parts", - "rev": "205b12d8b7cd4802fbcb8e8ef6a0f1408781a4f9", - "type": "github" - }, - "original": { - "owner": "hercules-ci", - "repo": "flake-parts", - "type": "github" - } - }, - "home-manager": { - "inputs": { - "nixpkgs": [ - "agenix", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1745494811, - "narHash": "sha256-YZCh2o9Ua1n9uCvrvi5pRxtuVNml8X2a03qIFfRKpFs=", - "owner": "nix-community", - "repo": "home-manager", - "rev": "abfad3d2958c9e6300a883bd443512c55dfeb1be", - "type": "github" - }, - "original": { - "owner": "nix-community", - "repo": "home-manager", - "type": "github" - } - }, - "home-manager-stable": { - "inputs": { - "nixpkgs": [ - "nixpkgs-stable" - ] - }, - "locked": { - "lastModified": 1758463745, - "narHash": "sha256-uhzsV0Q0I9j2y/rfweWeGif5AWe0MGrgZ/3TjpDYdGA=", - "owner": "nix-community", - "repo": "home-manager", - "rev": "3b955f5f0a942f9f60cdc9cacb7844335d0f21c3", - "type": "github" - }, - "original": { - "owner": "nix-community", - "ref": "release-25.05", - "repo": "home-manager", - "type": "github" - } - }, - "home-manager_2": { - "inputs": { - "nixpkgs": [ - "nixpkgs-unstable" - ] - }, - "locked": { - "lastModified": 1763963090, - "narHash": "sha256-zR7uDZdQUUC+gBOi4byefMvIZuSBeMC6GswGNsTgQlM=", - "owner": "nix-community", - "repo": "home-manager", - "rev": "7702d14879e8f0148fa168e38f3eaa2650fa0d85", - "type": "github" - }, - "original": { - "owner": "nix-community", - "repo": "home-manager", - "type": "github" - } - }, - "nixpkgs": { - "locked": { - "lastModified": 1754028485, - "narHash": "sha256-IiiXB3BDTi6UqzAZcf2S797hWEPCRZOwyNThJIYhUfk=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "59e69648d345d6e8fef86158c555730fa12af9de", - "type": "github" - }, - "original": { - "owner": "NixOS", - "ref": "nixos-25.05", - "repo": "nixpkgs", - "type": "github" - } - }, - "nixpkgs-stable": { - "locked": { - "lastModified": 1763622513, - "narHash": "sha256-1jQnuyu82FpiSxowrF/iFK6Toh9BYprfDqfs4BB+19M=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "c58bc7f5459328e4afac201c5c4feb7c818d604b", - "type": "github" - }, - "original": { - "owner": "NixOS", - "ref": "nixos-25.05", - "repo": "nixpkgs", - "type": "github" - } - }, - "nixpkgs-unstable": { - "locked": { - "lastModified": 1763835633, - "narHash": "sha256-HzxeGVID5MChuCPESuC0dlQL1/scDKu+MmzoVBJxulM=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "050e09e091117c3d7328c7b2b7b577492c43c134", - "type": "github" - }, - "original": { - "owner": "NixOS", - "ref": "nixos-unstable", - "repo": "nixpkgs", - "type": "github" - } - }, - "nixpkgs_2": { - "locked": { - "lastModified": 1763835633, - "narHash": "sha256-HzxeGVID5MChuCPESuC0dlQL1/scDKu+MmzoVBJxulM=", - "owner": "nixos", - "repo": "nixpkgs", - "rev": "050e09e091117c3d7328c7b2b7b577492c43c134", - "type": "github" - }, - "original": { - "owner": "nixos", - "ref": "nixos-unstable", - "repo": "nixpkgs", - "type": "github" - } - }, - "nixpkgs_3": { - "locked": { - "lastModified": 1763806073, - "narHash": "sha256-FHsEKDvfWpzdADWj99z7vBk4D716Ujdyveo5+A048aI=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "878e468e02bfabeda08c79250f7ad583037f2227", - "type": "github" - }, - "original": { - "id": "nixpkgs", - "type": "indirect" - } - }, - "nur": { - "inputs": { - "flake-parts": "flake-parts", - "nixpkgs": "nixpkgs_2" - }, - "locked": { - "lastModified": 1763983952, - "narHash": "sha256-nSWNqQezb6bhu5eYxF+lqzXj8h/sVD2C/CMV/JXK7Bw=", - "owner": "nix-community", - "repo": "NUR", - "rev": "3f55dad0778bfaa302e87d87326ec02e7100ff98", - "type": "github" - }, - "original": { - "owner": "nix-community", - "repo": "NUR", - "type": "github" - } - }, - "nvim-config": { - "inputs": { - "nixpkgs": "nixpkgs_3" - }, - "locked": { - "lastModified": 1761113802, - "narHash": "sha256-HuP5TTFNzrxuro6UeA8+++BCV9x9rLhQ0bW5lbU3fTM=", - "ref": "refs/heads/master", - "rev": "154c606ecbc9069df8289e81b46025a6f9820867", - "revCount": 5, - "type": "git", - "url": "https://govel.porzh.me/DuN0z/neovim-config.git" - }, - "original": { - "type": "git", - "url": "https://govel.porzh.me/DuN0z/neovim-config.git" - } - }, - "root": { - "inputs": { - "agenix": "agenix", - "home-manager": "home-manager_2", - "home-manager-stable": "home-manager-stable", - "nixpkgs-stable": "nixpkgs-stable", - "nixpkgs-unstable": "nixpkgs-unstable", - "nur": "nur", - "nvim-config": "nvim-config" - } - }, - "systems": { - "locked": { - "lastModified": 1681028828, - "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", - "owner": "nix-systems", - "repo": "default", - "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", - "type": "github" - }, - "original": { - "owner": "nix-systems", - "repo": "default", - "type": "github" - } - } - }, - "root": "root", - "version": 7 -} diff --git a/flake.nix b/flake.nix index e81df2e..72ee031 100644 --- a/flake.nix +++ b/flake.nix @@ -1,125 +1,32 @@ { - description = "My nixos config with WM switch capacity"; + description = "Mon système NixOS flake-enabled avec Home Manager"; inputs = { - nixpkgs-stable.url = "github:NixOS/nixpkgs/nixos-25.05"; - home-manager-stable = { - url = "github:nix-community/home-manager/release-25.05"; - inputs.nixpkgs.follows = "nixpkgs-stable"; - }; - nixpkgs-unstable.url = "github:NixOS/nixpkgs/nixos-unstable"; + nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable"; home-manager = { url = "github:nix-community/home-manager"; - inputs.nixpkgs.follows = "nixpkgs-unstable"; + inputs.nixpkgs.follows = "nixpkgs"; }; - nur.url = "github:nix-community/NUR"; - agenix.url = "github:ryantm/agenix"; - nvim-config.url = "git+https://govel.porzh.me/DuN0z/neovim-config.git"; }; - outputs = { - nixpkgs-stable, - nixpkgs-unstable, - home-manager-stable, - home-manager, - nur, - agenix, - nvim-config, - ... - }: let - mkUnstablePkgsWithNur = { - system, - config ? {}, - }: - import nixpkgs-unstable { - inherit system; - overlays = [nur.overlays.default]; - inherit config; - }; - in { - nixosConfigurations = { - pennsardin = nixpkgs-unstable.lib.nixosSystem { - specialArgs = { inherit nvim-config; }; - system = "x86_64-linux"; - pkgs = mkUnstablePkgsWithNur { - system = "x86_64-linux"; - config = { - allowUnfree = true; - allowUnsupportedSystem = true; - }; + outputs = { self, nixpkgs, home-manager, ... }: + let + system = "x86_64-linux"; # Change si t’as un ordi chelou + in { + nixosConfigurations = { + pennsardin = nixpkgs.lib.nixosSystem { + inherit system; + modules = [ + ./hosts/pennsardin/configuration.nix + + home-manager.nixosModules.home-manager + { + home-manager.useUserPackages = true; + home-manager.users.lomig = import ./home/pennsardin.nix; + } + ]; }; - modules = [ - ./hosts/pennsardin/configuration.nix - home-manager.nixosModules.home-manager - { - home-manager = { - useGlobalPkgs = true ; - useUserPackages = true ; - extraSpecialArgs = {inherit nvim-config; }; - }; - } - ]; - }; - - terre-neuvas = nixpkgs-stable.lib.nixosSystem { - specialArgs = { inherit agenix; inherit nvim-config; }; - system = "x86_64-linux"; - modules = [ - ./hosts/terre-neuvas/configuration.nix - home-manager-stable.nixosModules.home-manager - { - home-manager = { - useGlobalPkgs = true ; - useUserPackages = true ; - extraSpecialArgs = {inherit nvim-config; }; - }; - } - agenix.nixosModules.default - ]; - }; - - penduick = nixpkgs-unstable.lib.nixosSystem { - specialArgs = { inherit nvim-config; }; - system = "x86_64-linux"; - pkgs = mkUnstablePkgsWithNur { - system = "x86_64-linux"; - config = { - allowUnfree = true; - allowUnsupportedSystem = true; - }; - }; - - modules = [ - ./hosts/penduick/configuration.nix - home-manager.nixosModules.home-manager - { - home-manager = { - useGlobalPkgs = true ; - useUserPackages = true ; - extraSpecialArgs = {inherit nvim-config; }; - }; - } - agenix.nixosModules.default - ]; - - }; - - forbann = nixpkgs-stable.lib.nixosSystem { - system = "x86_64-linux"; - modules = [ - ./hosts/forbann/configuration.nix - "${nixpkgs-stable}/nixos/modules/profiles/qemu-guest.nix" - ]; }; }; - - # --- DevShell (x86_64 uniquement) --- - devShells.x86_64-linux.default = import ./devshell.nix { - pkgs = import nixpkgs-stable {system = "x86_64-linux";}; - }; - - # --- Formatter (x86_64 uniquement) --- - formatter.x86_64-linux = - (import nixpkgs-stable {system = "x86_64-linux";}).alejandra; - }; } + diff --git a/hm/common/betterlockscreen.nix b/hm/common/betterlockscreen.nix deleted file mode 100644 index 7261626..0000000 --- a/hm/common/betterlockscreen.nix +++ /dev/null @@ -1,21 +0,0 @@ -{ pkgs, ... }:{ - home.packages = with pkgs; [ - xidlehook - betterlockscreen - ]; - - systemd.user.services.xidlehook = { - Unit.Description = "Idle: lock at 5min, suspend at ~8min"; - Service = { - ExecStart = '' - ${pkgs.xidlehook}/bin/xidlehook \ - --detect-sleep \ - --not-when-fullscreen \ - --timer 300 "${pkgs.betterlockscreen}/bin/betterlockscreen -l dim" "" \ - --timer 500 "systemctl suspend" "" - ''; - Restart = "always"; - }; - Install.WantedBy = ["graphical-session.target"]; - }; -} diff --git a/hm/common/browser.nix b/hm/common/browser.nix deleted file mode 100644 index 51d867e..0000000 --- a/hm/common/browser.nix +++ /dev/null @@ -1,29 +0,0 @@ -{ - pkgs, - nur, - ... -}: { - programs.firefox = { - enable = true; - languagePacks = ["fr"]; - profiles.default = { - settings = { - "intl.locale.requested" = "fr"; - "intl.accept_languages" = "fr, en-US, en"; - "layers.acceleration.disabled" = true; - "gfx.webrender.all" = false; - "privacy.trackingprotection.enabled" = true; - "privacy.resistFingerprinting" = true; - "network.cookie.cookieBehavior" = 1; - }; - extensions.packages = with pkgs.nur.repos.rycee.firefox-addons; [ - i-dont-care-about-cookies - privacy-badger - proton-pass - ublock-origin - ]; - }; - }; -} -# vim: set ts=2 sw=2 sts=2 et : - diff --git a/hm/common/git.nix b/hm/common/git.nix deleted file mode 100644 index 770d55d..0000000 --- a/hm/common/git.nix +++ /dev/null @@ -1,20 +0,0 @@ -{ lib, config, ...}: -let -globals = import ../../config/globals.nix; -nixosRelease = lib.attrByPath [ "system" "nixos" "release" ] "0.0" config; -newGit = lib.versionAtLeast nixosRelease "25.11"; -in { - programs.git = if newGit then { - enable = true; - settings.user = { - name = globals.admin.name; - email = globals.admin.email; - }; - } else { - enable = true; - userName = globals.admin.name; - userEmail = globals.admin.email; - }; -} -# vim: set ts=2 sw=2 sts=2 et : - diff --git a/hm/common/nvim.nix b/hm/common/nvim.nix deleted file mode 100644 index 64c9a1c..0000000 --- a/hm/common/nvim.nix +++ /dev/null @@ -1,32 +0,0 @@ -{ pkgs, nvim-config, ...}: { - home.packages = with pkgs; [ - ruff - pyright - gcc - marksman - lua-language-server - ]; - - programs.neovim = { - enable = true ; - viAlias = true ; - vimAlias = true; - }; - home.file.".config/nvim" = { - source = nvim-config ; - recursive = true ; - }; - programs.ruff = { - enable = true ; - settings = { - line-length = 100; - per-file-ignores = { "__init__.py" = [ "F401" ]; }; - lint = { - select = [ "E4" "E7" "E9" "F" ]; - ignore = [ ]; - }; - }; - }; -} - -# vim: set ts=2 sw=2 sts=2 et : diff --git a/hm/common/picom.nix b/hm/common/picom.nix deleted file mode 100644 index 1b215aa..0000000 --- a/hm/common/picom.nix +++ /dev/null @@ -1,51 +0,0 @@ -{ pkgs, ... }: { - home.packages = [ pkgs.picom ] ; - services.picom = { - enable = true; - backend = "glx"; # plus fluide si ta carte gère bien OpenGL - fade = true; - fadeDelta = 5; # vitesse fondu - shadow = true; - shadowOpacity = 0.5; - vSync = true; # évite le tearing - - settings = { - # Transparence - inactive-opacity = 0.80; - active-opacity = 0.9; - frame-opacity = 0.90; - inactive-opacity-override = false; - - # Coins arrondis - corner-radius = 8; - round-borders = 1; - rounded-corners-exclude = [ - "class_g = 'Polybar'" - "class_g = 'Rofi'" - ]; - - # Flou subtil - blur-method = "dual_kawase"; - blur-strength = 4; - blur-background = true; - blur-background-frame = true; - blur-background-fixed = false; - blur-background-exclude = [ - "class_g = 'Polybar'" - "class_g = 'Rofi'" - "class_g = 'Gimp'" - "window_type = 'dock'" - ]; - - # Exclusions ombres - shadow-exclude = [ - "class_g = 'Polybar'" - "class_g = 'Rofi'" - "window_type = 'dock'" - "window_type = 'desktop'" - ]; - }; - }; -} -# vim: set ts=2 sw=2 sts=2 et : - diff --git a/hm/common/polybar.nix b/hm/common/polybar.nix deleted file mode 100644 index 446d013..0000000 --- a/hm/common/polybar.nix +++ /dev/null @@ -1,38 +0,0 @@ -{ pkgs, ... }: { - services = { - polybar = { - enable = true; - script = "polybar main &"; - config = { - "bar/main" = { - width = "100%"; - height = "28"; - font-0 = "Iosevka Nerd Font:style=regular:pixelsize=12;2"; - font-1 = "Font Awesome 6 Free:style=Solid:pixelsize=10;2"; - modules-left = "bspwm"; - modules-center = "date"; - modules-right = "pulseaudio memory cpu"; - }; - "module/bspwm" = { - type = "internal/bspwm"; - label-focused = "%name%"; - label-focused-foreground = "#e6e0de"; - label-focused-padding = 2; - label-occupied = "%name%"; - label-occupied-padding = 2; - label-urgent = "%name%"; - label-urgent-background = "#e42127"; - label-urgent-foreground = "#ffffff"; - label-empty = "%name%"; - label-empty-foreground = "#645d56"; - label-empty-padding = 2; - }; - "module/date" = { - type = "internal/date"; - interval = 60; - date = "%d-%m-%Y %H:%M"; - }; - }; - }; - }; -} diff --git a/hm/common/zsh.nix b/hm/common/zsh.nix deleted file mode 100644 index 2cd45b5..0000000 --- a/hm/common/zsh.nix +++ /dev/null @@ -1,37 +0,0 @@ -_: { - programs.dircolors.enableZshIntegration = true; - programs.zsh = { - autosuggestion.enable = true; - dirHashes = { - dl = "$HOME/Téléchargements"; - nix = "$HOME/nixos-config"; - }; - enable = true; - enableCompletion = true; - history = { - append = true; - extended = true; - findNoDups = true; - ignoreAllDups = true; - ignoreSpace = true; - ignorePatterns = ["rm *" "cd *" "ls *" "df *" "du *" "fastfetch" "tree" "pwd" "upd"]; - saveNoDups = false; - }; - shellAliases = { - h = "history"; - upd = "sudo nixos-rebuild switch --flake $HOME/nixos-config#pennsardin; source ~/.zshrc"; - agenix = "nix run github:ryantm/agenix --"; - }; - shellGlobalAliases = { - G = "| grep"; - M = "| more"; - }; - syntaxHighlighting.enable = true; - - profileExtra = '' - ssh-add ~/.ssh/$(hostname) - ''; - }; -} -# vim: set ts=2 sw=2 sts=2 et : - diff --git a/hm/desktop/bspwm.nix b/hm/desktop/bspwm.nix deleted file mode 100644 index a8d371c..0000000 --- a/hm/desktop/bspwm.nix +++ /dev/null @@ -1,141 +0,0 @@ -# hm/desktop/bspwm.nix -{ - pkgs, - lib, - ... -}: { - imports = [ - ../common/betterlockscreen.nix - ../common/picom.nix - ../common/polybar.nix - ]; - home.packages = with pkgs; [ - bspwm - sxhkd - xorg.xinit - xterm - alacritty - rofi - feh - font-awesome - pywal16 - imagemagick - pulsemixer - ranger - jq - file - highlight - unzip - mpv - protonvpn-gui - ]; - - services.ssh-agent.enable = true; - - xsession = { - enable = true; - windowManager.bspwm = { - enable = true; - - startupPrograms = [ - "sxhkd -m 1" - "setxkbmap bepovim" - "xrandr --output DisplayPort-1 --rate 60 --pos 0x0" - "polybar main" - "bash ~/.fehbg" - ]; - - extraConfigEarly = '' - bspc config borderless_monocle true - bspc config gapless_monocle true - bspc config single_monocle true - bspc monitor -d I II III IV V VI - ''; - }; - }; - - services = { - sxhkd = { - enable = true; - extraOptions = ["-m" "1"]; - keybindings = { - "super + Return" = "alacritty"; - "super + c" = "bspc node -c"; - "Menu" = "rofi -show drun"; - "super + space" = "rofi -show drun"; - - "F1" = "bspc desktop -f ^1"; - "F2" = "bspc desktop -f ^2"; - "F3" = "bspc desktop -f ^3"; - "F4" = "bspc desktop -f ^4"; - "F5" = "bspc desktop -f ^5"; - "F6" = "bspc desktop -f ^6"; - - "shift + F1" = "bspc node -d ^1 --follow"; - "shift + F2" = "bspc node -d ^2 --follow"; - "shift + F3" = "bspc node -d ^3 --follow"; - "shift + F4" = "bspc node -d ^4 --follow"; - "shift + F5" = "bspc node -d ^5 --follow"; - "shift + F6" = "bspc node -d ^6 --follow"; - - "super + h" = "bspc node -f west"; - "super + j" = "bspc node -f south"; - "super + k" = "bspc node -f north"; - "super + l" = "bspc node -f east"; - - "super + shift + h" = "bspc node -s west"; - "super + shift + j" = "bspc node -s south"; - "super + shift + k" = "bspc node -s north"; - "super + shift + l" = "bspc node -s east"; - - "super + f" = "bspc node -t fullscreen"; - "super + s" = "bspc node -t floating"; - "super + shift + t" = "bspc node -t pseudo_tiled"; - "super + t" = "bspc node -t tiled"; - }; - }; - }; - - programs = { - alacritty = { - enable = true; - settings = { - general.import = ["~/.cache/wal/colors-alacritty.toml"]; - font = { - normal = { - family = lib.mkForce "Iosevka Nerd Font"; - style = "Regular"; - }; - bold = { - family = lib.mkForce "Iosevka Nerd Font"; - style = "Bold"; - }; - italic = { - family = lib.mkForce "Iosevka Nerd Font"; - style = "Italic"; - }; - size = lib.mkForce 8; - }; - }; - }; - - rtorrent = { - enable = true; - extraConfig = '' - directory = /srv/raid - port_range = 6881-6891 - max_peers = 150 - max_peers_seed = 100 - protocol.pex.set = true ; - schedule = watch_directory,5,5,load.start=~/Téléchargements/*.torrent - pieces.hash.on_completion.set = no - network.max_open_files.set = 8192 - session = /home/lomig/.cache/rtorrent/session - ''; - }; - }; - - home.activation.createRtorrentSessionDir = lib.hm.dag.entryAfter ["writeBoundary"] '' - mkdir -p ~/.cache/rtorrent/session - ''; -} diff --git a/hm/users/dunoz-desktop.nix b/hm/users/dunoz-desktop.nix deleted file mode 100644 index 6db724f..0000000 --- a/hm/users/dunoz-desktop.nix +++ /dev/null @@ -1,17 +0,0 @@ -{pkgs, ...}: { - imports = [ - ../common/browser.nix - ../common/nvim.nix - ./dunoz.nix - ]; - home = { - packages = with pkgs; [ - fastfetch - nerd-fonts.iosevka - proton-pass - smug - ]; - }; -} -# vim: set ts=2 sw=2 sts=2 et : - diff --git a/hm/users/dunoz.nix b/hm/users/dunoz.nix deleted file mode 100644 index b32120c..0000000 --- a/hm/users/dunoz.nix +++ /dev/null @@ -1,19 +0,0 @@ -{pkgs, nvim-config, ...}: { - imports = [ - ../../hm/common/git.nix - ../../hm/common/zsh.nix - ]; - home = { - username = "dunoz"; - homeDirectory = "/home/dunoz"; - packages = with pkgs; [ - bat - tree - ]; - }; - - programs.zsh.enable = true; - - home.stateVersion = "25.05"; # ou ton actuelle -} -# vim: set ts=2 sw=2 sts=2 et : diff --git a/hm/users/lomig-desktop.nix b/hm/users/lomig-desktop.nix deleted file mode 100644 index 392ce71..0000000 --- a/hm/users/lomig-desktop.nix +++ /dev/null @@ -1,19 +0,0 @@ -{pkgs, ...}: { - imports = [ - ../desktop/bspwm.nix - ../common/browser.nix - ../common/nvim.nix - ./lomig.nix - ]; - home = { - packages = with pkgs; [ - fastfetch - nerd-fonts.iosevka - obsidian - proton-pass - smug - ]; - }; -} -# vim: set ts=2 sw=2 sts=2 et : - diff --git a/hm/users/lomig.nix b/hm/users/lomig.nix deleted file mode 100644 index 965c91c..0000000 --- a/hm/users/lomig.nix +++ /dev/null @@ -1,19 +0,0 @@ -{pkgs, nvim-config, ...}: { - imports = [ - ../../hm/common/git.nix - ../../hm/common/zsh.nix - ]; - home = { - username = "lomig"; - homeDirectory = "/home/lomig"; - packages = with pkgs; [ - bat - tree - ]; - }; - - programs.zsh.enable = true; - - home.stateVersion = "25.05"; # ou ton actuelle -} -# vim: set ts=2 sw=2 sts=2 et : diff --git a/home/pennsardin.nix b/home/pennsardin.nix new file mode 100644 index 0000000..8c5c58b --- /dev/null +++ b/home/pennsardin.nix @@ -0,0 +1,10 @@ +{ config, pkgs, ... }: + +{ + home.username = "lomig"; + home.homeDirectory = "/home/lomig"; + + programs.zsh.enable = true; + home.stateVersion = "25.05"; # ou ton actuelle +} + diff --git a/hosts/forbann/configuration.nix b/hosts/forbann/configuration.nix deleted file mode 100644 index 2eb7966..0000000 --- a/hosts/forbann/configuration.nix +++ /dev/null @@ -1,70 +0,0 @@ -{pkgs, ...}: { - boot = { - kernelPackages = pkgs.linuxPackages; - initrd.supportedFilesystems = ["ext4"]; - loader.grub = { - enable = true; - device = "/dev/vda"; - }; - }; - - fileSystems = { - "/" = { - device = "/dev/vda1"; - fsType = "ext4"; - }; - "/srv" = { - device = "shared0"; - fsType = "9p"; - options = ["trans=virtio" "version=9p2000.L" "rw"]; - neededForBoot = false; - noCheck = true; - }; - }; - - networking = { - useDHCP = true; - useNetworkd = true; - hostName = "forbann"; - }; - - systemd = { - services.mountShared = { - description = "Mount 9p shared folder"; - after = ["local-fs.target" "network.target"]; - wantedBy = ["multi-user.target"]; - serviceConfig = { - Type = "oneshot"; - ExecStart = "${pkgs.util-linux}/bin/mount -t 9p -o trans=virtio,version=9p2000.L shared0 /srv"; - RemainAfterExit = true; - }; - }; - network = { - enable = true; - networks."10-eth0" = { - matchConfig.Name = "eth0"; - networkConfig = { - Address = "192.168.1.10/24"; - Gateway = "192.168.0.254"; - DNS = "192.168.0.254"; - }; - }; - }; - }; - - services = { - openssh.enable = true; - rtorrent = { - enable = true; - dataDir = "/home/vmuser/torrents"; - }; - }; - - users.users.vmuser = { - isNormalUser = true; - extraGroups = ["wheel"]; - password = "changeme"; - }; - - system.stateVersion = "25.05"; -} diff --git a/hosts/penduick/configuration.nix b/hosts/penduick/configuration.nix deleted file mode 100644 index f5ef4a2..0000000 --- a/hosts/penduick/configuration.nix +++ /dev/null @@ -1,61 +0,0 @@ -{ config, pkgs, ... }: -let - globals = import ../../config/globals.nix; -in { - imports = [ - ./hardware-configuration.nix - ../../modules/desktop/plasma.nix - ../../modules/common/nix.nix - ../../modules/common/base.nix - ../../modules/common/fonts.nix - ../../modules/common/networking.nix - ../../modules/common/plymouth.nix - ../../modules/common/audio.nix - ]; - - boot.kernelPackages = pkgs.linuxPackages_latest; - boot.loader.systemd-boot.enable = true; - boot.loader.efi.canTouchEfiVariables = true; - boot.initrd.luks.devices.cryptroot.device = "/dev/nvme0n1p3"; - - networking.hostName = "penduick"; - networking.networkmanager.enable = true; - - console.keyMap = "fr"; - - services.openssh.enable = true; - services.openssh.settings = { - PermitRootLogin = "no"; - PasswordAuthentication = true; - }; - - age.identityPaths = [ "/etc/agenix/penduick.key" "/etc/agenix/dunoz-admin.key" ]; - # age.secrets."dunoz-password-penduick".file = ../../secrets/dunoz-password-penduick.age; - users= { - # mutableUsers = false ; - users.dunoz = { - isNormalUser = true; - extraGroups = [ "wheel" "networkmanager" ]; - # passwordFile = config.age.secrets."dunoz-password-penduick".path; - shell = pkgs.zsh; - }; - }; - - home-manager = { - useGlobalPkgs = true ; - users.dunoz = import ../../hm/users/dunoz-desktop.nix ; - }; - - environment.systemPackages = with pkgs; [ - git htop wget curl - neovim - age ssh-to-age - weechat - ]; - - -# Optionnel mais utile pour SSH au démarrage -systemd.services.sshd.wantedBy = [ "multi-user.target" ]; - - system.stateVersion = "25.05"; -} diff --git a/hosts/penduick/hardware-configuration.nix b/hosts/penduick/hardware-configuration.nix deleted file mode 100644 index a473630..0000000 --- a/hosts/penduick/hardware-configuration.nix +++ /dev/null @@ -1,66 +0,0 @@ -# Do not modify this file! It was generated by ‘nixos-generate-config’ -# and may be overwritten by future invocations. Please make changes -# to /etc/nixos/configuration.nix instead. -{ config, lib, pkgs, modulesPath, ... }: - -{ - imports = - [ (modulesPath + "/installer/scan/not-detected.nix") - ]; - - boot.initrd.availableKernelModules = [ "xhci_pci" "nvme" "usb_storage" "sd_mod" ]; - boot.initrd.kernelModules = [ "dm-snapshot" ]; - boot.kernelModules = [ "kvm-intel" ]; - boot.extraModulePackages = [ ]; - - fileSystems."/" = - { device = "/dev/disk/by-uuid/233c2886-05e4-4f9f-a708-6c920c7d9e32"; - fsType = "btrfs"; - }; - - fileSystems."/home" = - { device = "/dev/disk/by-uuid/09b55bee-0134-4e96-8183-e85412fa7724"; - fsType = "btrfs"; - }; - - fileSystems."/nix" = - { device = "/dev/disk/by-uuid/4ce480f5-8212-4b28-b275-a0250c2edae1"; - fsType = "btrfs"; - }; - - fileSystems."/var" = - { device = "/dev/disk/by-uuid/f54d2ebe-f1ca-4471-a9a5-6959280984ee"; - fsType = "btrfs"; - }; - - fileSystems."/persist" = - { device = "/dev/disk/by-uuid/829b6a38-e49a-46ca-8737-b21c86c93352"; - fsType = "btrfs"; - }; - - fileSystems."/boot" = - { device = "/dev/disk/by-uuid/B68E-0AAC"; - fsType = "vfat"; - options = [ "fmask=0022" "dmask=0022" ]; - }; - - fileSystems."/rescue" = - { device = "/dev/disk/by-uuid/af3f9f20-2a6c-44e2-ad81-f07bd18ae283"; - fsType = "ext4"; - }; - - swapDevices = - [ { device = "/dev/disk/by-uuid/41fcc628-50bf-43df-9daa-0095b45fd9bd"; } - ]; - - # Enables DHCP on each ethernet and wireless interface. In case of scripted networking - # (the default) this is the recommended approach. When using systemd-networkd it's - # still possible to use this option, but it's recommended to use it in conjunction - # with explicit per-interface declarations with `networking.interfaces..useDHCP`. - networking.useDHCP = lib.mkDefault true; - # networking.interfaces.enp0s31f6.useDHCP = lib.mkDefault true; - # networking.interfaces.wlp3s0.useDHCP = lib.mkDefault true; - - nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; - hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; -} diff --git a/hosts/pennsardin/configuration.nix b/hosts/pennsardin/configuration.nix index dd1a899..d6fcec4 100644 --- a/hosts/pennsardin/configuration.nix +++ b/hosts/pennsardin/configuration.nix @@ -1,176 +1,15 @@ -{pkgs, config, ...}: -let - globals = import ../../config/globals.nix; -in { - imports = [ - ../../modules/common/nix.nix - ../../modules/hardware/bepovim.nix - ../../modules/desktop/xorg-bspwm.nix - ../../modules/common/base.nix - ../../modules/common/fonts.nix - ../../modules/common/networking.nix - ../../modules/common/plymouth.nix - ../../modules/common/audio.nix - ../../modules/common/bluetooth.nix - ../../modules/common/gaming.nix - ../../modules/common/lockscreen.nix - ../../modules/common/energy.nix - ../../modules/common/qemu.nix - ../../modules/common/smtp.nix - - ../../modules/hardware/firmware.nix - ../../modules/hardware/gpu-amd.nix - ../../modules/hardware/sensors-zenpower.nix - - ../../modules/services/printing.nix - - ../../modules/virtual/kvm-amd.nix - ../../modules/virtual/vfio.nix - ]; +{ config, pkgs, ... }: +{ networking.hostName = "pennsardin"; + time.timeZone = "Europe/Paris"; - boot.kernelPackages = pkgs.linuxPackages_latest; - boot.extraModulePackages = [ config.boot.kernelPackages.nct6687d ]; - boot.kernelModules = [ "nct6683" "k10temp" "i2c-dev" ] ; - boot.swraid.enable = true; - - environment.systemPackages = with pkgs; [ - lm_sensors - btrfs-progs - cifs-utils - evtest - git - vim - wget - curl - ripgrep - fd - pciutils - usbutils - p7zip - gdu - glances - parted - tmux - xorg.xauth - xorg.xkbcomp - xorg.xev - ]; - - services.openssh = { - enable = true; - settings = { - X11Forwarding = true; - X11DisplayOffset = 10; - X11UseLocalhost = true ; - }; - }; - - fileSystems = { - "/" = { - device = "/dev/disk/by-uuid/b1a1ae71-4277-45d5-a3d2-f49354f263d4"; - fsType = "ext4"; - }; - "/boot" = { - device = "/dev/disk/by-uuid/1DB2-7A0F"; - fsType = "vfat"; - options = ["fmask=0077" "dmask=0077"]; - }; - "/proc" = { - device = "proc"; - fsType = "proc"; - options = ["defaults" "hidepid=2"]; - neededForBoot = true; - }; - "/home/lomig/Documents" = { - device = "/srv/raid/home-data/Documents"; - options = [ "bind" ]; - }; - "/home/lomig/Images" = { - device = "/srv/raid/home-data/Images"; - options = [ "bind" ]; - }; - "/home/lomig/Musique" = { - device = "/srv/raid/home-data/Musique"; - options = [ "bind" ]; - }; - "/home/lomig/Téléchargements" = { - device = "/srv/raid/home-data/Téléchargements"; - options = [ "bind" ]; - }; - "/home/lomig/Vidéos" = { - device = "/srv/raid/home-data/Vidéos"; - options = [ "bind" ]; - }; - "/home/lomig/nixos-config" = { - device = "/srv/raid/home-data/nixos-config"; - options = [ "bind" ]; - }; - "/srv/raid" = { - device = "/dev/disk/by-uuid/85f72160-4720-463a-9dc6-7c5216733f2b"; - fsType = "btrfs"; - options = [ "defaults" "nofail" "x-systemd.device-timeout=10" ]; - }; - }; - - swapDevices = []; - - users.users.lomig = { + users.users.toto = { isNormalUser = true; - extraGroups = [ "lp" "wheel"]; + extraGroups = [ "wheel" ]; shell = pkgs.zsh; }; - home-manager = { - useGlobalPkgs = true; - users.lomig = import ../../hm/users/lomig-desktop.nix; - }; - - networking = { - useNetworkd = true; - firewall.allowedTCPPorts = [22 80 5900 5901 5902]; - interfaces = { - enp11s0 = { - useDHCP = false; - wakeOnLan.enable = true ; - }; - br0 = { - useDHCP = false; - ipv4.addresses = [ - { - address = globals.network.pennsardin.ip; - prefixLength = 24; - } - ]; - }; - }; - - defaultGateway = { - interface = "br0"; - address = globals.network.gateway; - }; - nameservers = [ globals.network.gateway "1.1.1.1"]; - bridges.br0.interfaces = ["enp11s0"]; - }; - systemd.network = { - enable = true; - netdevs."br0" = { - netdevConfig = { - Name = "br0"; - Kind = "bridge"; - }; - }; - networks."br0" = { - matchConfig.Name = "br0"; - }; - networks."enp11s0" = { - matchConfig.Name = "enp11s0"; - networkConfig.Bridge = "br0"; - }; - }; - - system.stateVersion = "25.05"; # pour éviter les hurlements inutiles + services.xserver.enable = true; } -# vim: set ts=2 sw=2 sts=2 et : diff --git a/hosts/pennsardin/hardware.nix b/hosts/pennsardin/hardware.nix deleted file mode 100644 index eed7124..0000000 --- a/hosts/pennsardin/hardware.nix +++ /dev/null @@ -1 +0,0 @@ -_: {} diff --git a/hosts/terre-neuvas/configuration.nix b/hosts/terre-neuvas/configuration.nix deleted file mode 100644 index 9fa6a92..0000000 --- a/hosts/terre-neuvas/configuration.nix +++ /dev/null @@ -1,125 +0,0 @@ -# Edit this configuration file to define what should be installed on -# your system. Help is available in the configuration.nix(5) man page -# and in the NixOS manual (accessible by running ‘nixos-help’). -{ - config, - pkgs, - ... -}: let -globals = import ../../config/globals.nix ; -in { - nix.settings.experimental-features = ["nix-command" "flakes"]; - imports = [ - # Include the results of the hardware scan. - ./hardware.nix - ../../modules/common/nix.nix - ../../modules/common/base.nix - ../../modules/common/smtp.nix - ../../modules/common/qemu.nix - - ../../modules/services/goaccess.nix - ../../modules/services/wikijs.nix - ../../modules/services/forgejo.nix - ../../modules/sites/porzh.me.nix - ../../modules/sites/levr.porzh.me.nix - - ]; - - # Bootloader. - boot.loader.systemd-boot.enable = true; - boot.loader.efi.canTouchEfiVariables = true; - - networking.hostName = "terre-neuvas"; # Define your hostname. - - # Configure keymap in X11 - services.xserver.xkb = { - layout = "fr"; - variant = "azerty"; - }; - - # Configure console keymap - console.keyMap = "fr"; - - users.users.lomig = { - isNormalUser = true; - extraGroups = ["lp" "wheel" "docker"]; - shell = pkgs.zsh; - }; - - home-manager = { - useGlobalPkgs = true; - users.lomig = import ../../hm/users/lomig.nix; - }; - - nixpkgs.config.allowUnfree = true; - - environment.systemPackages = with pkgs; [ - neovim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default. - git - - btrfs-progs - cifs-utils - lm_sensors - wakeonlan - wget - curl - ripgrep - fd - pciutils - usbutils - p7zip - gdu - glances - tmux - - ]; - - services.openssh = { - enable = true; - settings = { - PasswordAuthentication = false; - PubkeyAuthentication = true; - }; - }; - - networking = { - useNetworkd = true; - firewall.allowedTCPPorts = [22 80 5900 5901 5902]; - firewall.enable = true ; - interfaces.eno1.useDHCP = false; - interfaces.br0 = { - useDHCP = false; - ipv4.addresses = [ - { - address = globals.network.terre-neuvas.ip; - prefixLength = 24; - } - ]; - }; - defaultGateway = { - interface = "br0"; - address = globals.network.gateway; - }; - nameservers = [ globals.network.gateway "1.1.1.1"]; - bridges.br0.interfaces = ["eno1"]; - }; - systemd.network = { - enable = true; - netdevs."br0" = { - netdevConfig = { - Name = "br0"; - Kind = "bridge"; - }; - }; - networks."br0" = { - matchConfig.Name = "br0"; - }; - networks."eno1" = { - matchConfig.Name = "eno1"; - networkConfig.Bridge = "br0"; - }; - }; - - - system.stateVersion = "25.05"; # Did you read the comment? -} diff --git a/hosts/terre-neuvas/hardware.nix b/hosts/terre-neuvas/hardware.nix deleted file mode 100644 index 16831e6..0000000 --- a/hosts/terre-neuvas/hardware.nix +++ /dev/null @@ -1,43 +0,0 @@ -# Do not modify this file! It was generated by ‘nixos-generate-config’ -# and may be overwritten by future invocations. Please make changes -# to /etc/nixos/configuration.nix instead. -{ - config, - lib, - modulesPath, - ... -}: { - imports = [ - (modulesPath + "/installer/scan/not-detected.nix") - ]; - - boot = { - initrd.availableKernelModules = ["xhci_pci" "ahci" "usb_storage" "usbhid" "sd_mod"]; - initrd.kernelModules = []; - kernelModules = lib.mkAfter ["kvm-intel" "tun"]; - extraModulePackages = []; - }; - - fileSystems = { - "/" = { - device = "/dev/disk/by-uuid/f37e4afb-1ee2-4f70-a93c-398461405181"; - fsType = "ext4"; - }; - "/boot" = { - device = "/dev/disk/by-uuid/111D-E5E8"; - fsType = "vfat"; - options = ["fmask=0077" "dmask=0077"]; - }; - "/srv" = { - device = "/dev/disk/by-uuid/2ef442a9-0eab-4dc5-b17c-076e18a54873"; - fsType = "btrfs"; - }; - }; - - swapDevices = [ - {device = "/dev/disk/by-uuid/c3a69154-ead9-4fcc-a9b1-3b741a42ee97";} - ]; - - nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; - hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; -} diff --git a/modules/common/audio.nix b/modules/common/audio.nix deleted file mode 100644 index a46f40d..0000000 --- a/modules/common/audio.nix +++ /dev/null @@ -1,10 +0,0 @@ -_: { - services.pulseaudio.enable = false; - security.rtkit.enable = true; - services.pipewire = { - enable = true; - alsa.enable = true; - alsa.support32Bit = true; - pulse.enable = true; - }; -} diff --git a/modules/common/base.nix b/modules/common/base.nix deleted file mode 100644 index cb723fc..0000000 --- a/modules/common/base.nix +++ /dev/null @@ -1,27 +0,0 @@ -{lib, ...}: { - time.timeZone = "Europe/Paris"; - - i18n.defaultLocale = "fr_FR.UTF-8"; - i18n.extraLocaleSettings = { - LC_ADDRESS = "fr_FR.UTF-8"; - LC_IDENTIFICATION = "fr_FR.UTF-8"; - LC_MEASUREMENT = "fr_FR.UTF-8"; - LC_MONETARY = "fr_FR.UTF-8"; - LC_NAME = "fr_FR.UTF-8"; - LC_NUMERIC = "fr_FR.UTF-8"; - LC_PAPER = "fr_FR.UTF-8"; - LC_TELEPHONE = "fr_FR.UTF-8"; - LC_TIME = "fr_FR.UTF-8"; - }; - - # journald & coredump - systemd.coredump.enable = false; - services.journald.extraConfig = '' - SystemMaxUse=200M - RuntimeMaxUse=100M - ''; - - boot.tmp.cleanOnBoot = true; - environment.defaultPackages = lib.mkForce []; - programs.zsh.enable = true; # shell dispo au niveau système -} diff --git a/modules/common/bluetooth.nix b/modules/common/bluetooth.nix deleted file mode 100644 index e1d1446..0000000 --- a/modules/common/bluetooth.nix +++ /dev/null @@ -1,4 +0,0 @@ -_: { - hardware.bluetooth.enable = true; - services.blueman.enable = true; -} diff --git a/modules/common/energy.nix b/modules/common/energy.nix deleted file mode 100644 index eed44d0..0000000 --- a/modules/common/energy.nix +++ /dev/null @@ -1,42 +0,0 @@ -{ config, pkgs, ... }: { - services.logind.settings.Login = { - IdleAction = "suspend"; - IdleActionSec = "5min"; - HandleLidSwitch = "suspend"; - HandleLidSwitchDocked = "ignore"; - }; - - systemd.services.ssh-suspend-inhibitor = { - description = "Prevent suspend when SSH sessions are active"; - wantedBy = [ "multi-user.target" ]; - - serviceConfig = { - Type = "simple"; - Restart = "always"; - ExecStart = pkgs.writeShellScript "ssh-inhibitor" '' - while true; do - # Vérifie s'il y a des sessions SSH actives - if ${pkgs.procps}/bin/pgrep -x sshd >/dev/null && \ - [ $(${pkgs.procps}/bin/pgrep -P $(${pkgs.procps}/bin/pgrep -x sshd) | wc -l) -gt 0 ]; then - # Il y a des sessions SSH, on crée un inhibitor s'il n'existe pas - if [ ! -f /tmp/ssh-inhibitor.lock ]; then - ${pkgs.systemd}/bin/systemd-inhibit --what=idle:sleep \ - --who="SSH Session" \ - --why="SSH session active" \ - --mode=block \ - sleep infinity & - echo $! > /tmp/ssh-inhibitor.lock - fi - else - # Pas de sessions SSH, on retire l'inhibitor - if [ -f /tmp/ssh-inhibitor.lock ]; then - kill $(cat /tmp/ssh-inhibitor.lock) 2>/dev/null || true - rm /tmp/ssh-inhibitor.lock - fi - fi - sleep 10 - done - ''; - }; - }; -} diff --git a/modules/common/fonts.nix b/modules/common/fonts.nix deleted file mode 100644 index 7db1fe9..0000000 --- a/modules/common/fonts.nix +++ /dev/null @@ -1,5 +0,0 @@ -{pkgs, ...}: { - fonts.packages = with pkgs; [ - dejavu_fonts - ]; -} diff --git a/modules/common/gaming.nix b/modules/common/gaming.nix deleted file mode 100644 index 58da8c1..0000000 --- a/modules/common/gaming.nix +++ /dev/null @@ -1,4 +0,0 @@ -_: { - programs.steam.enable = true; - hardware.xpadneo.enable = true; -} diff --git a/modules/common/lockscreen.nix b/modules/common/lockscreen.nix deleted file mode 100644 index 846fca1..0000000 --- a/modules/common/lockscreen.nix +++ /dev/null @@ -1,8 +0,0 @@ -_: { - environment.etc."pam.d/i3lock".text = '' - auth include login - account include login - password include login - session include login - ''; -} diff --git a/modules/common/networking.nix b/modules/common/networking.nix deleted file mode 100644 index 98478b6..0000000 --- a/modules/common/networking.nix +++ /dev/null @@ -1,6 +0,0 @@ -_: { - networking = { - nameservers = ["1.1.1.1" "8.8.8.8"]; - firewall.enable = true; - }; -} diff --git a/modules/common/nix.nix b/modules/common/nix.nix deleted file mode 100644 index 13de898..0000000 --- a/modules/common/nix.nix +++ /dev/null @@ -1,17 +0,0 @@ -{config, ...}: { - nix.settings = { - auto-optimise-store = true; - experimental-features = ["nix-command" "flakes"]; - }; - - nix.gc = { - automatic = true ; - dates = "daily" ; - options = "--delete-older-than 7d" ; - }; - - nixpkgs.config = { - # allowUnfree = true; - # allowUnsupportedSystem = true; - }; -} diff --git a/modules/common/plymouth.nix b/modules/common/plymouth.nix deleted file mode 100644 index dfb5097..0000000 --- a/modules/common/plymouth.nix +++ /dev/null @@ -1,36 +0,0 @@ -{ - lib, - pkgs, - ... -}: { - boot = { - plymouth.enable = true; - plymouth.theme = "spinner"; - consoleLogLevel = 3; - initrd.verbose = false; - - # Ajouts "quiet/splash" propres (sans auto-référence) - kernelParams = lib.mkAfter [ - "mem_sleep_default=deep" - "quiet" - "splash" - "boot.shell_on_fail" - "udev.log_priority=3" - "rd.systemd.show_status=auto" - ]; - - loader = { - timeout = 5; - systemd-boot.enable = true; - systemd-boot.consoleMode = "max"; - efi = { - canTouchEfiVariables = true; - efiSysMountPoint = "/boot"; - }; - }; - }; - - environment.systemPackages = with pkgs; [ - nixos-bgrt-plymouth - ]; -} diff --git a/modules/common/qemu.nix b/modules/common/qemu.nix deleted file mode 100644 index c86e61c..0000000 --- a/modules/common/qemu.nix +++ /dev/null @@ -1,55 +0,0 @@ -{ - lib, - pkgs, - config, - ... -}: { - boot.kernelModules = lib.mkAfter ["tun"]; - environment.systemPackages = with pkgs; [ - qemu - qemu_kvm - tunctl - virtiofsd - ]; - - services = { - udev.extraRules = '' - SUBSYSTEM=="vfio", GROUP="kvm", MODE="0660" - KERNEL=="tun", GROUP="kvm", MODE="0660" - ''; - spice-vdagentd.enable = true; - resolved.enable = true; - }; - - virtualisation.libvirtd = { - enable = true; - qemu = - if lib.versionOlder config.system.nixos.release "25.11" - then { - ovmf.enable = true; - ovmf.packages = [pkgs.OVMFFull.fd]; - runAsRoot = false; - swtpm.enable = true; - } - else { - runAsRoot = false; - swtpm.enable = true; - }; - }; - - users.users.lomig.extraGroups = ["libvirtd" "kvm" "input"]; - - environment.etc."qemu/bridge.conf".text = '' - allow br0 - ''; - - security.wrappers.qemu-bridge-helper = lib.mkForce { - source = "${pkgs.qemu}/libexec/qemu-bridge-helper"; - owner = "root"; - group = "kvm"; - setuid = true; - permissions = "u+rwx,g+rx,o+rx"; - }; -} -# vim: set ts=2 sw=2 sts=2 et : - diff --git a/modules/common/smtp.nix b/modules/common/smtp.nix deleted file mode 100644 index d185e82..0000000 --- a/modules/common/smtp.nix +++ /dev/null @@ -1,29 +0,0 @@ -{ config, pkgs, lib, ... }: -let -globals = import ../../config/globals.nix; -in { - programs.msmtp = { - enable = true; - - accounts.default = { - host = globals.smtp.host; - port = globals.smtp.port; - auth = true; - tls = true; - tls_starttls = true; - user = globals.smtp.user; - passwordeval = "cat /run/secrets/proton_pass"; - from = globals.smtp.user; - }; - }; - - environment.systemPackages = [ pkgs.msmtp ]; - -# On place le lien symbolique dans /etc/alternatives, qui est modifiable - systemd.tmpfiles.rules = [ - "L+ /etc/alternatives/sendmail - - - - ${pkgs.msmtp}/bin/msmtp" - "L+ /usr/sbin/sendmail - - - - ${pkgs.msmtp}/bin/msmtp" - ]; - - environment.pathsToLink = [ "/etc/alternatives" "/usr/sbin" ]; -} diff --git a/modules/desktop/gnome.nix b/modules/desktop/gnome.nix deleted file mode 100644 index a1e65d5..0000000 --- a/modules/desktop/gnome.nix +++ /dev/null @@ -1,18 +0,0 @@ -{lib, ...}: { - services = { - displayManager = { - gdm.enable = true; - sddm.enable = lib.mkForce false; - }; - desktopManager = { - gnome.enable = true; - plasma6.enable = lib.mkForce false; - }; - xserver = { - windowManager.bspwm.enable = lib.mkForce false; - displayManager.lightdm.enable = lib.mkForce false; - }; - }; -} -# vim: set ts=2 sw=2 sts=2 et : - diff --git a/modules/desktop/plasma.nix b/modules/desktop/plasma.nix deleted file mode 100644 index 50214bb..0000000 --- a/modules/desktop/plasma.nix +++ /dev/null @@ -1,18 +0,0 @@ -{lib, ...}: { - services = { - displayManager = { - gdm.enable = lib.mkForce false; - sddm.enable = true; - }; - desktopManager = { - gnome.enable = lib.mkForce false; - plasma6.enable = true; - }; - xserver = { - windowManager.bspwm.enable = lib.mkForce false; - displayManager.lightdm.enable = lib.mkForce false; - }; - }; -} -# vim: set ts=2 sw=2 sts=2 et : - diff --git a/modules/desktop/xorg-bspwm.nix b/modules/desktop/xorg-bspwm.nix deleted file mode 100644 index 8d3a1b0..0000000 --- a/modules/desktop/xorg-bspwm.nix +++ /dev/null @@ -1,21 +0,0 @@ -{lib, ...}: { - services = { - xserver = { - enable = true; - displayManager = { - lightdm.enable = true; - }; - windowManager.bspwm.enable = true; - }; - displayManager = { - gdm.enable = lib.mkForce false; - sddm.enable = lib.mkForce false; - }; - desktopManager = { - gnome.enable = lib.mkForce false; - plasma6.enable = lib.mkForce false; - }; - }; -} -# vim: set ts=2 sw=2 sts=2 et : - diff --git a/modules/hardware/bepovim.nix b/modules/hardware/bepovim.nix deleted file mode 100644 index 9b44328..0000000 --- a/modules/hardware/bepovim.nix +++ /dev/null @@ -1,100 +0,0 @@ -_: { - services.xserver.xkb = { - layout = "bepovim"; - variant = "basic"; - options = "lv3:ralt_switch"; - extraLayouts.bepovim = { - description = "Clavier Bepovim – 4 niveaux"; - languages = ["fr"]; - symbolsFile = builtins.toFile "bepovim.xkb" '' - xkb_symbols "basic" { - name[Group1] = "Bepovim"; - - key { [ Escape ] }; - key { [ dollar, numbersign ] }; - key { [ less, 1, guillemotleft ] }; - key { [ greater, 2, guillemotright ] }; - key { [ parenleft, 3, bracketleft ] }; - key { [ parenright, 4, bracketright ] }; - key { [ at, 5, braceleft ] }; - key { [ plus, 6, braceright ] }; - key { [ minus, 7, asciitilde ] }; - key { [ asterisk, 8 ] }; - key { [ slash, 9, backslash ] }; - key { [ quotedbl, 0, percent ] }; - key { [ equal, ampersand ] }; - key { [ BackSpace ] }; - key { [ Tab, ISO_Left_Tab ] }; - - key { [ b, B ] }; - key { [ eacute, Eacute ] }; - key { [ p, P ] }; - key { [ o, O ] }; - key { [ r, R ] }; - key { [ dead_circumflex, grave ] }; - key { [ v, V ] }; - key { [ s, S ] }; - key { [ t, T ] }; - key { [ d, D ] }; - key { [ egrave, Egrave ] }; - key { [ ccedilla, Ccedilla ] }; - - key { [ Return ] }; - key { [ c, C ] }; - key { [ a, A ] }; - key { [ u, U ] }; - key { [ i, I ] }; - key { [ e, E, EuroSign ] }; - key { [ period, question ] }; - key { [ n, N ] }; - key { [ h, H, Left ] }; - key { [ j, J, Down ] }; - key { [ k, K, Up ] }; - key { [ l, L, Right ] }; - key { [ m, M ] }; - - key { [ Shift_L ] }; - key { [ q, Q ] }; - key { [ w, W ] }; - key { [ agrave, Agrave ] }; - key { [ f, F ] }; - key { [ colon, bar ] }; - key { [ comma, semicolon ] }; - key { [ apostrophe, exclam ] }; - key { [ x, X ] }; - key { [ g, G ] }; - key { [ z, Z ] }; - key { [ y, Y ] }; - - key { [ Up ] }; - key { [ Left ] }; - key { [ Down ] }; - key { [ Right ] }; - - key { [ Control_L ] }; - key { [ Alt_L ] }; - key { [ space, underscore, nobreakspace, U202F ] }; - key { [ ISO_Level3_Shift ] }; - - key { [ F1, F1 ] }; - key { [ F2, F2 ] }; - key { [ F3, F3 ] }; - key { [ F4, F4 ] }; - key { [ F5, F5 ] }; - key { [ F6, F6 ] }; - key { [ F7, F7 ] }; - key { [ F8, F8 ]}; - key { [ F9, F9 ] }; - key { [ F10, F10 ] }; - key { [ F11, F11 ] }; - }; - ''; - }; - }; - console = { - useXkbConfig = true; - font = "Lat2-Terminus16"; - }; -} -# vim: set ts=2 sw=2 sts=2 et : - diff --git a/modules/hardware/firmware.nix b/modules/hardware/firmware.nix deleted file mode 100644 index 3c6df9a..0000000 --- a/modules/hardware/firmware.nix +++ /dev/null @@ -1,12 +0,0 @@ -{ - lib, - pkgs, - ... -}: { - hardware = { - cpu.amd.updateMicrocode = lib.mkDefault true; - firmware = [pkgs.linux-firmware]; - firmwareCompression = "zstd"; - enableRedistributableFirmware = true; - }; -} diff --git a/modules/hardware/gpu-amd.nix b/modules/hardware/gpu-amd.nix deleted file mode 100644 index dc65bfc..0000000 --- a/modules/hardware/gpu-amd.nix +++ /dev/null @@ -1,46 +0,0 @@ -{ - lib, - pkgs, - ... -}: { - boot = { - initrd.kernelModules = lib.mkAfter ["amdgpu"]; - kernelModules = lib.mkAfter ["amdgpu"]; - }; - - # Pilotes + options AMDGPU - services.xserver = { - enable = true; - videoDrivers = lib.mkDefault ["amdgpu"]; - }; - - hardware.graphics = { - enable = true; - enable32Bit = true; - extraPackages = with pkgs; [ - mesa - libva - libva-utils - libvdpau - libva-vdpau-driver - libvdpau-va-gl - vulkan-tools - vulkan-loader - vulkan-validation-layers - ]; - }; - - environment.variables = { - LIBVA_DRIVER_NAME = "radeonsi"; - VDPAU_DRIVER = "va_gl"; - }; - - # Désactive héritage radeon pour cartes anciennes - boot.kernelParams = lib.mkAfter [ - "amdgpu.si_support=0" - "amdgpu.cik_support=0" - "radeon.si_support=0" - "radeon.cik_support=0" - ]; - -} diff --git a/modules/hardware/sensors-zenpower.nix b/modules/hardware/sensors-zenpower.nix deleted file mode 100644 index 97a155d..0000000 --- a/modules/hardware/sensors-zenpower.nix +++ /dev/null @@ -1,12 +0,0 @@ -{ - config, - lib, - ... -}: { - boot.kernelModules = lib.mkAfter ["zenpower"]; - boot.extraModulePackages = [config.boot.kernelPackages.zenpower]; - hardware.sensor.iio.enable = lib.mkDefault true; - services.hardware.bolt.enable = lib.mkDefault false; -} -# vim: set ts=2 sw=2 sts=2 et : - diff --git a/modules/services/forgejo.nix b/modules/services/forgejo.nix deleted file mode 100644 index 0cee315..0000000 --- a/modules/services/forgejo.nix +++ /dev/null @@ -1,52 +0,0 @@ -{pkgs, ...}: -let - globals = import ../../config/globals.nix; -in { - # --- Utilisateur dédié --- - users.users.${globals.services.forgejo.user} = { - isSystemUser = true; - home = globals.services.forgejo.home; - shell = pkgs.bash; - group = globals.services.forgejo.user; - }; - users.groups.${globals.services.forgejo.user} = {}; - - # --- Forgejo --- - services = { - forgejo = { - enable = true; - user = globals.services.forgejo.user; - group = globals.services.forgejo.user; - database = { - type = "sqlite3"; - path = "${globals.services.forgejo.home}/data/gitea.db"; - }; - settings = { - server = { - DOMAIN = globals.services.forgejo.url ; - ROOT_URL = "https://${globals.services.forgejo.url}/"; - SSH_DOMAIN = globals.services.forgejo.url; - HTTP_PORT = globals.services.forgejo.port; - START_SSH_SERVER = false; - }; - service = { - DISABLE_REGISTRATION = true; - REGISTER_EMAIL_CONFIRM = false; - }; - repository = { - DEFAULT_BRANCH = "master"; - }; - }; - }; - openssh.enable = true; - caddy = { - enable = true; - virtualHosts.${globals.services.forgejo.url} = { - extraConfig = '' - reverse_proxy localhost:${toString globals.services.forgejo.port} - ''; - }; - }; - }; - networking.firewall.allowedTCPPorts = [80 443 22 ]; -} diff --git a/modules/services/goaccess.nix b/modules/services/goaccess.nix deleted file mode 100644 index b403917..0000000 --- a/modules/services/goaccess.nix +++ /dev/null @@ -1,83 +0,0 @@ -{pkgs, config, ...}: -let - globals = import ../../config/globals.nix ; -in { - age.secrets.goaccess-password = { - file = ../../secrets/goaccess-password.age; - owner = "caddy"; - group = "caddy"; - mode = "0400"; - }; - - environment.systemPackages = with pkgs; [ - goaccess - ]; - - environment.etc."local/bin/generate-goaccess.sh".text = '' - #!/bin/sh - set -eu - - RAW_LOG="/var/log/caddy/access-${globals.services.levr.url}.log" - CLEAN_LOG="/tmp/goaccess-clean.log" - REPORT="${globals.services.goaccess.home}/index.html" - - ${pkgs.gnugrep}/bin/grep -v '192.168.' "$RAW_LOG" > "$CLEAN_LOG" - ${pkgs.goaccess}/bin/goaccess "$CLEAN_LOG" --log-format=CADDY -o "$REPORT"; - ''; - environment.etc."local/bin/generate-goaccess.sh".mode = "0755"; - - systemd.services.goaccess-report = { - description = "Generate GoAccess HTML report"; - serviceConfig = { - ExecStart = "/etc/local/bin/generate-goaccess.sh"; - }; - }; - - systemd.timers.goaccess-report = { - description = "Hourly GoAccess report generation"; - wantedBy = ["timers.target"]; - timerConfig = { - OnCalendar = "hourly"; - Persistent = true; - }; - }; - - systemd.services."goaccess-auth-sync" = { - description = "Sync goaccess password for Caddy"; - wantedBy = [ "caddy.service" ]; - before = [ "caddy.service" ]; - serviceConfig = { - Type = "oneshot"; - ExecStart = pkgs.writeScript "sync-goaccess-auth" '' - #!${pkgs.bash}/bin/bash - mkdir -p /etc/caddy/extra - cp /run/agenix/goaccess-password /etc/caddy/extra/goaccess-auth.conf - chown caddy:caddy /etc/caddy/extra/goaccess-auth.conf - chmod 400 /etc/caddy/extra/goaccess-auth.conf - ''; - }; - }; - - services.caddy = { - virtualHosts = { - "${globals.services.goaccess.url}" = { - extraConfig = '' - root * ${globals.services.goaccess.home} - - basic_auth /* { - import /etc/caddy/extra/goaccess-auth.conf - } - - file_server browse - try_files {path} {path}/ /index.html - ''; - - }; - }; - }; - - systemd.tmpfiles.rules = [ - "d ${globals.services.goaccess.home} 0755 root root -" - "d /etc/caddy/extra 0750 caddy caddy -" - ]; -} diff --git a/modules/services/printing.nix b/modules/services/printing.nix deleted file mode 100644 index 9228648..0000000 --- a/modules/services/printing.nix +++ /dev/null @@ -1,3 +0,0 @@ -_: { - services.printing.enable = true; -} diff --git a/modules/services/wikijs.nix b/modules/services/wikijs.nix deleted file mode 100644 index 8da2a7e..0000000 --- a/modules/services/wikijs.nix +++ /dev/null @@ -1,33 +0,0 @@ -{ pkgs, ... }: -let - globals = import ../../config/globals.nix ; -in { - systemd.services.wiki-js = { - requires = [ "postgresql.service" ]; - after = [ "postgresql.service" ]; - }; - services.wiki-js = { - enable = true; - settings = { - db = { - db = "wiki-js"; - host = "/run/postgresql"; - type = "postgres"; - user = "wiki-js"; - }; - port = 3002 ; - }; - }; - services.postgresql = { - enable = true; - ensureDatabases = [ "wiki-js" ]; - ensureUsers = [{ - name = "wiki-js"; - ensureDBOwnership = true; - }]; - }; - - services.caddy.virtualHosts.${globals.services.wikijs.url}.extraConfig = '' - reverse_proxy localhost:${toString globals.services.wikijs.port} - ''; -} diff --git a/modules/sites/levr.porzh.me.nix b/modules/sites/levr.porzh.me.nix deleted file mode 100644 index 7215cd7..0000000 --- a/modules/sites/levr.porzh.me.nix +++ /dev/null @@ -1,80 +0,0 @@ -{ pkgs, lib, ...}: -let - globals = import ../../config/globals.nix ; -in { - environment.systemPackages = with pkgs; [ - hugo - ]; - systemd.services.hugo-build = { - description = "Auto build du blog hugo"; - serviceConfig = { - Type = "oneshot"; - WorkingDirectory = globals.services.levr.home ; - ExecStart = ''${pkgs.hugo}/bin/hugo --minify build -d ${globals.services.levr.build}''; - User = "levr"; - }; - }; - systemd.timers.hugo-build = { - description = "Timer pour rebuild du blog"; - wantedBy = [ "timers.target" ]; - timerConfig = { - OnCalendar = "01:10" ; - Persistent = true ; - }; - }; - systemd.services.blog-sync = { - description = "Synchronisation du dépôt Hugo"; - serviceConfig = { - Type = "oneshot"; - WorkingDirectory = globals.services.levr.home; - ExecStart = "${pkgs.git}/bin/git pull --rebase origin master"; - User = "levr"; - }; - environment = { - PATH = lib.mkForce "${pkgs.openssh}/bin"; - }; - }; - systemd.timers.blog-sync = { - wantedBy = [ "timers.target" ]; - timerConfig = { - OnCalendar = "01:00"; - Persistent = true; - }; - }; - services.caddy = { - enable = true; - virtualHosts = { - "${globals.services.levr.url}" = { - extraConfig = '' - @http { - protocol http - } - redir @http https://{host}{uri} permanent - root * ${globals.services.levr.build} - file_server - - log { - output file /var/log/caddy/access-${globals.services.levr.url}.log - } - ''; - }; - }; - }; - users = { - users = { - "${globals.services.levr.user}" = { - isSystemUser = true ; - group = globals.services.levr.user ; - home = globals.services.levr.home ; - createHome = true ; - description = "User for hugo-blog builds and deployments"; - }; - }; - groups.${globals.services.levr.user} = {}; - }; - - systemd.tmpfiles.rules = [ - "d ${globals.services.levr.home} 0755 levr levr -" - "d ${globals.services.levr.build} 0755 levr levr -" - ]; -} diff --git a/modules/sites/porzh.me.nix b/modules/sites/porzh.me.nix deleted file mode 100644 index 5491bb3..0000000 --- a/modules/sites/porzh.me.nix +++ /dev/null @@ -1,26 +0,0 @@ -{pkgs, ...}: let - globals = import ../../config/globals.nix ; - porzhSite = pkgs.stdenv.mkDerivation { - pname = "porzh-site"; - version = "1.0"; - src = ./porzh.me; # le dossier avec ton index.html, image, etc. - - installPhase = '' - mkdir -p $out - cp -r * $out/ - ''; - }; -in { - services.caddy = { - enable = true; - virtualHosts = { - "${globals.domain}" = { - serverAliases = [ "www.${globals.domain}" ]; - extraConfig = '' - root * ${porzhSite} - file_server - ''; - }; - }; - }; -} diff --git a/modules/sites/porzh.me/ancre.png b/modules/sites/porzh.me/ancre.png deleted file mode 100644 index 18e9e4c..0000000 Binary files a/modules/sites/porzh.me/ancre.png and /dev/null differ diff --git a/modules/sites/porzh.me/index.html b/modules/sites/porzh.me/index.html deleted file mode 100644 index 1b899be..0000000 --- a/modules/sites/porzh.me/index.html +++ /dev/null @@ -1,51 +0,0 @@ - - - - - Porzh.me - - - - - - - Ancre -

porzh.me

-

Ma porzh stag

- - Fièrement auto-hébergé et indépendant - - - diff --git a/modules/virtual/aarch64/AAVMF_CODE.fd b/modules/virtual/aarch64/AAVMF_CODE.fd deleted file mode 100644 index 54192f7..0000000 Binary files a/modules/virtual/aarch64/AAVMF_CODE.fd and /dev/null differ diff --git a/modules/virtual/aarch64/AAVMF_VARS.fd b/modules/virtual/aarch64/AAVMF_VARS.fd deleted file mode 100644 index daeef2a..0000000 Binary files a/modules/virtual/aarch64/AAVMF_VARS.fd and /dev/null differ diff --git a/modules/virtual/kvm-amd.nix b/modules/virtual/kvm-amd.nix deleted file mode 100644 index 42b2818..0000000 --- a/modules/virtual/kvm-amd.nix +++ /dev/null @@ -1,3 +0,0 @@ -{lib, ...}: { - boot.kernelModules = lib.mkAfter ["kvm-amd"]; -} diff --git a/modules/virtual/truenas.nix b/modules/virtual/truenas.nix deleted file mode 100644 index 6df43bb..0000000 --- a/modules/virtual/truenas.nix +++ /dev/null @@ -1,78 +0,0 @@ -{pkgs, ...}: { - boot = { - initrd.kernelModules = ["vfio_pci" "vfio" "vfio_iommu_type1"]; - extraModprobeConfig = '' - options vfio-pci ids=1022:43f6 - ''; - kernelParams = [ - "amd_iommu=on" - "iommu=pt" - ]; - }; - users.users.lomig.extraGroups = ["disk"]; - security.pam.loginLimits = [ - { - domain = "lomig"; - type = "soft"; - item = "memlock"; - value = "infinity"; - } - { - domain = "lomig"; - type = "hard"; - item = "memlock"; - value = "infinity"; - } - ]; - boot.kernel.sysctl."vm.nr_hugepages" = 1024; - fileSystems."/dev/hugepages" = { - device = "hugetlbfs"; - fsType = "hugetlbfs"; - }; - - # services.udev.extraRules = '' - # SUBSYSTEM=="block", ENV{ID_SERIAL}=="wwn-0x50000c500b0179482", GROUP="disk", MODE="0660" - # SUBSYSTEM=="block", ENV{ID_SERIAL}=="wwn-0x50000c500cc529430", GROUP="disk", MODE="0660" - # SUBSYSTEM=="block", ENV{ID_SERIAL}=="wwn-0x50000c500cc53994a", GROUP="disk", MODE="0660" - # SUBSYSTEM=="block", ENV{ID_SERIAL}=="wwn-0x50000c500cc5551d4", GROUP="disk", MODE="0660" - # SUBSYSTEM=="vfio", GROUP="kvm", MODE="0660" - # ''; - - systemd.services.truenas-vm = { - wantedBy = ["multi-user.target"]; - after = ["network-online.target"]; - wants = ["network-online.target"]; - serviceConfig = { - RuntimeDirectory = "truenas"; - ExecStartPre = "/run/current-system/sw/bin/rm -f /run/truenas/qmp.sock"; - ExecStart = '' - /run/current-system/sw/bin/qemu-system-x86_64 -enable-kvm -m 4096 -smp 2 \ - -drive file=/home/lomig/vm/truenas.qcow2,if=none,format=qcow2,id=os \ - -device vfio-pci,host=0e:00.0 \ - -netdev bridge,br=br0,id=n1,helper=/run/wrappers/bin/qemu-bridge-helper \ - -device virtio-net-pci,netdev=n1,mac=52:54:00:00:01:02 \ - -device virtio-blk-pci,drive=os,bootindex=0 \ - -qmp unix:/run/truenas.qmp,server,nowait -display none - ''; - ExecStop = '' - echo '{"execute":"system_powerdown"}' | socat - UNIX-CONNECT:/run/truenas.qmp || true ; sleep 5 - ''; - Restart = "on-failure"; - RestartSec = 3; - StartLimitIntervalSec = 60; - StartLimitBurst = 5; - }; - }; - - systemd.services.resume-truenas-vm = { - description = "Restart Truenas VM after resume"; - wantedBy = ["sleep.target"]; - after = ["sleep.target"]; - serviceConfig = { - Type = "oneshot"; - ExecStart = "${pkgs.systemd}/bin/systemctl try-restart truenas-vm.service"; - }; - }; -} -# vim: set ts=2 sw=2 sts=2 et : - diff --git a/modules/virtual/vfio.nix b/modules/virtual/vfio.nix deleted file mode 100644 index a268d31..0000000 --- a/modules/virtual/vfio.nix +++ /dev/null @@ -1,19 +0,0 @@ -{lib, ...}: { - # Ajoute dans l’initrd sans auto-référencer l’option - boot = { - initrd.kernelModules = lib.mkAfter [ - "vfio_pci" - "vfio" - "vfio_iommu_type1" - ]; - - # Ajoute les params IOMMU proprement - kernelParams = lib.mkAfter [ - "amd_iommu=on" - "iommu=pt" - ]; - - # Valeur par défaut (sans référencer config.*) - kernel.sysctl."vm.nr_hugepages" = lib.mkDefault 1024; - }; -} diff --git a/scripts/imports.sh b/scripts/imports.sh deleted file mode 100755 index 101e153..0000000 --- a/scripts/imports.sh +++ /dev/null @@ -1,15 +0,0 @@ -#!/usr/bin/env bash - -find $HOME/nixos-config -name "*.nix" | while read -r file; do - imports=$(awk ' - /imports[[:space:]]*=/ {flag=1} - flag {print} - /\]/ && flag {flag=0} - ' "$file" | grep -vE 'imports[[:space:]]*=' | grep -v '\[' | grep -v '\]' | sed 's/^[[:space:]]*//; s/[[:space:]]*$//') - - if [[ -n "$imports" ]]; then - echo "$file imports:" - echo "$imports" | sed 's/^/ |--- /' - echo - fi -done diff --git a/secrets/agenix/pennsardin.pub b/secrets/agenix/pennsardin.pub deleted file mode 100644 index e16be5e..0000000 --- a/secrets/agenix/pennsardin.pub +++ /dev/null @@ -1 +0,0 @@ -ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICZto2/k9ZiYzWxWM6sfZLq/fIUVDc3BwPb+00dOahkk root@pennsardin diff --git a/secrets/dunoz-password-penduick.age b/secrets/dunoz-password-penduick.age deleted file mode 100644 index 69cddd9..0000000 --- a/secrets/dunoz-password-penduick.age +++ /dev/null @@ -1,7 +0,0 @@ -age-encryption.org/v1 --> X25519 t5/4zFfNo5Hq/EacMKriedzv9je2ThBpq/WLegedg2A -sq35AzCE5HVTgqi0cNOcbW5C50sLeCAw4SIR6fbMg2M --> X25519 yHHx+6CF7VEf331RchlwC9povVUwZBTq9cgAfo3gqjQ -RUsB7tMZRJYGy5Ggw+pnaNPOEiFYwAJn+gquCcNUnQo ---- jJVkAQ9fNSwyrWiyvIVzuTuJuudhL3zv29PI5pdKDz4 -ш.f=5IWiNPlSwwM* \ No newline at end of file diff --git a/secrets/goaccess-password.age b/secrets/goaccess-password.age deleted file mode 100644 index 20d710c..0000000 Binary files a/secrets/goaccess-password.age and /dev/null differ diff --git a/secrets/secrets.nix b/secrets/secrets.nix deleted file mode 100644 index bc436c2..0000000 --- a/secrets/secrets.nix +++ /dev/null @@ -1,11 +0,0 @@ -let - serveur = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPRVxB7usThGHf8cuSPE4sjdqSaPNlwWAZPEo1wUgHz6 root@terre-neuvas"; - admin = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAxranFaz3jRfvYE2M6FvRUWjzviIWjWd1mucgKeuSK2 lomig@nixos"; - penduick = "age1rnyey8shjxyaq43dzlnhtfkcm3ra4hy3ygh6c46w4xmr7fe9fe3s00nh2r"; - dunoz = "age1ppu60aw0v5wxhrc0gyqmgrukh2a5uaxwqxxmuy0w3fv4tnt02ycqrrgmue"; -in -{ - "goaccess-password.age".publicKeys = [ serveur admin ]; - "dunoz-password-penduick.age".publicKeys = [ penduick dunoz ]; -} -