diff --git a/flake.nix b/flake.nix
index 7d5fba5..2a04e87 100755
--- a/flake.nix
+++ b/flake.nix
@@ -119,6 +119,34 @@
};
};
+ Rory-portable = nixpkgs.lib.nixosSystem {
+ system = "x86_64-linux";
+ modules = [
+ ./host/Rory-portable/configuration.nix
+ ./hardware-configuration.nix
+ home-manager.nixosModules.home-manager
+ ({...}: {
+ nix = {
+ registry.nixpkgs.flake = nixpkgs;
+ nixPath = [
+ "nixpkgs=${nixpkgs.outPath}"
+ ];
+ };
+ })
+ # ... add this line to the rest of your configuration modules
+ #nix-ld.nixosModules.nix-ld
+
+ # The module in this repository defines a new module under (programs.nix-ld.dev) instead of (programs.nix-ld)
+ # to not collide with the nixpkgs version.
+ #{ programs.nix-ld.dev.enable = true; }
+ ];
+ specialArgs = {
+ inherit home-manager;
+ inherit (inputs) mtxclientSrc;
+ inherit (inputs) nhekoSrc;
+ };
+ };
+
#STABLE
RoryNix = nixpkgs-RoryNix.lib.nixosSystem {
system = "i686-linux";
diff --git a/host/Rory-desktop/configuration.nix b/host/Rory-desktop/configuration.nix
index 9f8da16..42176d0 100644
--- a/host/Rory-desktop/configuration.nix
+++ b/host/Rory-desktop/configuration.nix
@@ -141,6 +141,7 @@
};
environment.systemPackages = with pkgs; [
+ libreoffice
qt6.qtwayland
gnome-console
diff --git a/host/Rory-nginx/services/nginx/nginx.nix b/host/Rory-nginx/services/nginx/nginx.nix
index 91340c7..2e2d671 100755
--- a/host/Rory-nginx/services/nginx/nginx.nix
+++ b/host/Rory-nginx/services/nginx/nginx.nix
@@ -1,6 +1,16 @@
{ config, pkgs, lib, ... }:
-
-{
+let
+ serveDir = config : {
+ enableACME = if config ? ssl then config.ssl else true;
+ addSSL = if config ? ssl then config.ssl else true;
+ root = if config ? path then config.path else builtins.throw "path is required";
+ locations = {
+ "/" = {
+ index = "index.html";
+ };
+ };
+ };
+in {
services = {
nginx = {
enable = true;
diff --git a/host/Rory-portable/configuration.nix b/host/Rory-portable/configuration.nix
new file mode 100644
index 0000000..579a655
--- /dev/null
+++ b/host/Rory-portable/configuration.nix
@@ -0,0 +1,277 @@
+{ config, pkgs, lib, nhekoSrc, mtxclientSrc, ... }:
+
+{
+ imports =
+ [
+ # base imports
+ ../../modules/base-client.nix
+ ../../modules/packages/vim.nix
+# ../../modules/environments/home.nix
+ #../../modules/software-templates/profilers.nix
+ #./postgres.nix
+ #./nginx.nix
+
+ # hardware-specific imports
+ #./optional/hardware-specific/amd.nix
+
+ #./printing.nix
+ ./ollama.nix
+ ];
+
+ boot = {
+ kernelPackages = pkgs.linuxPackages_latest;
+ loader = {
+ grub = {
+ enable = true;
+ device = "nodev"; # nodev for EFI only
+ # EFI
+ efiSupport = true;
+ efiInstallAsRemovable = true;
+ };
+ };
+ #readOnlyNixStore = false;
+ };
+
+ services.udev.extraRules = ''
+ #SUBSYSTEM=="usb", ATTR{idVendor}=="18d1", MODE="0664", GROUP="users"
+ # SDP protocol
+ KERNEL=="hidraw*", ATTRS{idVendor}=="1fc9", MODE="0666"
+ ACTION=="add", SUBSYSTEM=="usb", ATTR{idVendor}=="1fc9", MODE="0666"
+ ACTION=="add", SUBSYSTEM=="usb", ATTR{idVendor}=="0d28", MODE="0666"
+ # Flashloader
+ KERNEL=="hidraw*", ATTRS{idVendor}=="15a2", MODE="0666"
+ # Controller
+ KERNEL=="hidraw*", SUBSYSTEM=="hidraw", ATTRS{idVendor}=="18d1", MODE="0666"
+ SUBSYSTEMS=="usb", ATTRS{idVendor}=="18d1", ATTRS{idProduct}=="9400", MODE="0660", TAG+="uaccess"
+ '';
+
+ networking = {
+ hostName = "Rory-portable";
+ networkmanager.enable = true;
+ wireless.enable = false;
+ firewall = {
+ enable = false;
+ # allowedTCPPorts = [ ... ];
+ # allowedUDPPorts = [ ... ];
+ };
+
+ #interfaces.enp34s0.ipv4.addresses = [ {
+ # address = "192.168.0.3";
+ # prefixLength = 24;
+ #} ];
+#
+ #defaultGateway = "192.168.0.1";
+ # useDHCP = true;
+ };
+
+ time.timeZone = "Europe/Brussels";
+ i18n.defaultLocale = "en_US.UTF-8";
+
+ services = {
+ xserver = {
+ enable = true;
+ updateDbusEnvironment = true;
+ #videoDrivers = ["amdgpu"]; #"nvidia"
+ #desktopManager.gnome.enable = true;
+ libinput.enable = true;
+ layout = "us";
+ windowManager.i3.enable = true;
+ windowManager.i3.extraSessionCommands = ''
+ # output from arandr:
+ #xrandr --output DP-1 --mode 1920x1080 --pos 3840x1080 --rotate normal --output HDMI-1 --mode 3840x2160 --pos 0x0 --rotate normal --output HDMI-2 --off --output DP-2 --off
+ #xrandr --output HDMI-1 --mode 3840x2160 --pos 0x0 --rotate normal --primary --output DP-1 --mode 1920x1080 --pos 3840x1080 --rotate normal --output HDMI-2 --off --output DP-2 --off
+ ${pkgs.polybarFull}/bin/polybar &
+ ${pkgs.dunst}/bin/dunst &
+ ${pkgs.feh}/bin/feh --no-fehbg --bg-fill ${../../modules/users/Rory/wallpaper.webp}
+ '';
+ };
+ picom.enable = true;
+ picom.vSync = false;
+ picom.backend = "glx";
+
+ openssh = {
+ enable = true;
+ extraConfig = ''
+ MaxAuthTries 32
+ '';
+ };
+ pipewire = {
+ enable = true;
+ audio.enable = true;
+ pulse.enable = true;
+ wireplumber.enable = true;
+ jack.enable = true;
+ alsa.enable = true;
+ };
+ };
+
+ sound.enable = true;
+
+ users.users = {
+ Rory = {
+ isNormalUser = true;
+ extraGroups = [ "wheel" ];
+ packages = with pkgs; [
+ #gimp-with-plugins
+
+ #xterm
+ #gnomeExtensions.vitals
+ #gnomeExtensions.runcat
+ ];
+ initialPassword = "password";
+ };
+ };
+
+ environment.systemPackages = with pkgs; [
+ libreoffice
+ qt6.qtwayland
+
+ gnome-console
+ feh
+ easyeffects
+ kitty
+ youtube-music
+
+ # - IDEs
+ #jetbrains-toolbox
+ jetbrains.rider
+ #jetbrains.webstorm
+ #jetbrains.clion
+ github-copilot-intellij-agent
+
+
+ dbeaver-bin
+ #insomnia
+ vscode
+
+ # - Utilities
+ inkscape-with-extensions
+ gimp #-with-plugins
+
+ # - Languages
+ #dotnet-sdk_7
+ #dotnet-sdk_8
+ (callPackage ../../modules/packages/dotnet-pack.nix { inherit pkgs; })
+
+ #games
+ osu-lazer-bin
+ #steam
+ steam-run
+
+ # extra packages
+ dmenu
+
+ cinnamon.nemo
+ gnome.file-roller
+ firefox-bin
+ ungoogled-chromium #needed for Rider in order to debug WASM
+
+ peek
+
+ unrar-wrapper
+
+ #(schildichat-desktop.override { electron = electron; })
+ (callPackage ../../modules/packages/nheko-git.nix { inherit nhekoSrc; inherit mtxclientSrc; voipSupport = false; })
+ #(callPackage ../../modules/packages/mc/server/modpack/curseforge/techopolis-2/5.4.nix { })
+
+ #vesktop
+ virt-viewer
+
+ # (dwarf-fortress-packages.dwarf-fortress-full.override { enableStoneSense = true; enableFPS = true; theme = dwarf-fortress-packages.themes.spacefox; })
+ ];
+
+ programs.steam.enable = true;
+ programs.steam.gamescopeSession.enable = true;
+
+ #environment.gnome.excludePackages = [
+ # pkgs.orca
+ # pkgs.gnome-tour
+ # pkgs.gnome-user-docs
+ #];
+ xdg = {
+ portal = {
+
+ enable = true;
+ extraPortals = with pkgs; [
+ #xdg-desktop-portal-gtk
+ xdg-desktop-portal-xapp
+ (callPackage ../../modules/packages/xdg-desktop-portal-gtk.nix { })
+ ];
+ config = {
+ common = {
+ default = [ "gtk" ];
+ };
+ };
+ xdgOpenUsePortal = true;
+ gtkUsePortal = true;
+
+ };
+ #sounds.enable = true;
+ #mime.enable = true;
+ #menus.enable = true;
+ #icons.enable = true;
+ #autostart.enable = true;
+ };
+ fonts = {
+ fonts = with pkgs; [
+ (nerdfonts.override { fonts = [ "JetBrainsMono" ]; })
+ noto-fonts-monochrome-emoji
+ ];
+ fontconfig.defaultFonts.monospace = with pkgs; [
+ "JetBrainsMonoNL Nerd Font,JetBrainsMonoNL NF:style=Regular"
+ ];
+ fontconfig.defaultFonts.sansSerif = with pkgs; [
+ "JetBrainsMonoNL Nerd Font,JetBrainsMonoNL NF:style=Regular"
+ ];
+ fontconfig.defaultFonts.serif = with pkgs; [
+ "JetBrainsMonoNL Nerd Font,JetBrainsMonoNL NF:style=Regular"
+ ];
+ fontconfig.defaultFonts.emoji = with pkgs; [
+ "freefont"
+ ];
+ enableDefaultPackages = lib.mkForce false;
+ enableGhostscriptFonts = lib.mkForce false;
+ };
+ nix = {
+ settings = {
+ experimental-features = [ "nix-command" "flakes" ];
+ auto-optimise-store = true;
+ };
+ };
+ nixpkgs = {
+ config = {
+ allowUnfree = true;
+ permittedInsecurePackages = [
+ "electron-25.9.0"
+ ];
+ };
+
+ };
+ security = {
+ polkit.enable = true;
+ sudo.wheelNeedsPassword = false;
+ };
+
+ hardware = {
+ pulseaudio.enable = false;
+ };
+ programs.dconf.enable = true;
+ environment.etc."resolv.conf".text = ''
+ nameserver 8.8.8.8
+ nameserver 8.4.4.8
+ nameserver 1.1.1.1
+ nameserver 1.0.0.1
+ '';
+
+ #networking.wireguard.interfaces = {
+ # wg-KP-Ran = {
+
+ #};
+ # };
+
+ virtualisation.libvirtd.enable = true;
+ programs.virt-manager.enable = true;
+
+ system.stateVersion = "22.11"; # DO NOT EDIT!
+}
+
diff --git a/host/Rory-portable/mariadb.nix b/host/Rory-portable/mariadb.nix
new file mode 100644
index 0000000..3ebbb0b
--- /dev/null
+++ b/host/Rory-portable/mariadb.nix
@@ -0,0 +1,10 @@
+{ config, pkgs, lib, ... }:
+
+{
+ services.mysql = {
+ enable = true;
+ package = pkgs.mariadb;
+ };
+
+}
+
diff --git a/host/Rory-portable/nginx.nix b/host/Rory-portable/nginx.nix
new file mode 100644
index 0000000..fc2adca
--- /dev/null
+++ b/host/Rory-portable/nginx.nix
@@ -0,0 +1,39 @@
+{ config, pkgs, lib, ... }:
+
+{
+ services = {
+ nginx = {
+ enable = true;
+ #package = pkgs.nginxQuic;
+ recommendedProxySettings = true;
+ #recommendedTlsSettings = true;
+ recommendedZstdSettings = true;
+ recommendedGzipSettings = true;
+ recommendedBrotliSettings = true;
+ recommendedOptimisation = true;
+ #defaultMimeTypes = ../../../../modules/packages/nginx/mime.types;
+ appendConfig = ''
+ worker_processes 16;
+ '';
+ eventsConfig = ''
+ #use kqueue;
+ worker_connections 512;
+ '';
+ appendHttpConfig = ''
+ #sendfile on;
+ disable_symlinks off;
+ '';
+ additionalModules = with pkgs.nginxModules; [
+ moreheaders
+ ];
+ virtualHosts = {
+ "discord.localhost" = import ./nginx/discord.localhost.nix { inherit pkgs; };
+
+ };
+ };
+ };
+ systemd.services.nginx.serviceConfig = {
+ LimitNOFILE=5000000;
+ };
+
+}
diff --git a/host/Rory-portable/nginx/discord.localhost.nix b/host/Rory-portable/nginx/discord.localhost.nix
new file mode 100755
index 0000000..149d2b1
--- /dev/null
+++ b/host/Rory-portable/nginx/discord.localhost.nix
@@ -0,0 +1,37 @@
+{ pkgs, ... }:
+
+{
+ root = "/www/discord";
+ addSSL = true;
+ enableACME = false;
+
+ # We don't care about certificates around here...
+ sslCertificate = "${pkgs.path}/nixos/tests/common/acme/server/acme.test.cert.pem";
+ sslCertificateKey = "${pkgs.path}/nixos/tests/common/acme/server/acme.test.key.pem";
+
+
+ extraConfig = ''
+ autoindex on;
+ more_set_headers 'Access-Control-Allow-Origin: *';
+ more_set_headers 'Access-Control-Allow-Methods: GET, POST, OPTIONS';
+ more_set_headers 'Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range';
+ more_set_headers 'Access-Control-Expose-Headers: Content-Length,Content-Range';
+ more_set_headers 'Access-Control-Allow-Credentials: true';
+ '';
+
+ locations = {
+ "/" = {
+ index = "index.html";
+ extraConfig = ''
+ more_set_headers 'Access-Control-Allow-Origin: *';
+ more_set_headers 'Access-Control-Allow-Methods: *';
+ more_set_headers 'Access-Control-Allow-Headers: *';
+ more_set_headers 'Access-Control-Expose-Headers: *';
+ more_set_headers 'Access-Control-Max-Age' 1728000;
+
+ # default to /index.html if file not found
+ try_files $uri $uri/ /index.html;
+ '';
+ };
+ };
+}
diff --git a/host/Rory-portable/ollama.nix b/host/Rory-portable/ollama.nix
new file mode 100755
index 0000000..15b347b
--- /dev/null
+++ b/host/Rory-portable/ollama.nix
@@ -0,0 +1,17 @@
+{ config, pkgs, lib, ... }:
+
+{
+ services.ollama = {
+ enable = true;
+ home = "/data/ollama/home";
+ models = "/data/ollama/home/models";
+ environmentVariables = {
+ OLLAMA_LLM_LIBRARY = "cpu_avx2";
+ };
+ writablePaths = [ "/data/ollama/home" ];
+ #listenAddress = "0.0.0.0:11434";
+ host = "0.0.0.0";
+ port = 11434;
+ sandbox = false;
+ };
+}
diff --git a/host/Rory-portable/optional/hardware-specific/amd.nix b/host/Rory-portable/optional/hardware-specific/amd.nix
new file mode 100644
index 0000000..d44766a
--- /dev/null
+++ b/host/Rory-portable/optional/hardware-specific/amd.nix
@@ -0,0 +1,44 @@
+{ config, pkgs, lib, nhekoSrc, mtxclientSrc, ... }:
+
+{
+ imports =
+ [ ];
+
+boot.initrd.kernelModules = [ "amdgpu" ];
+
+ services = {
+ xserver = {
+ windowManager.i3.extraSessionCommands = ''
+ xrandr --output HDMI-1 --mode 3840x2160 --pos 0x0 --rotate normal --primary --output DP-1 --mode 1920x1080 --pos 3840x1080 --rotate normal --output HDMI-2 --off --output DP-2 --off
+ '';
+ wacom.enable = true;
+ };
+ picom.backend = "glx";
+ };
+
+ environment.systemPackages = with pkgs; [
+ rocmPackages.rocm-smi # useful to have
+ ];
+
+ hardware = {
+ opengl = {
+ enable = true;
+ driSupport = true;
+ driSupport32Bit = true;
+ extraPackages = with pkgs; [
+ rocmPackages.clr.icd
+ amdvlk
+ ];
+ extraPackages32 = with pkgs; [
+ driversi686Linux.amdvlk
+ ];
+ };
+ };
+
+ systemd.tmpfiles.rules = [
+ "L+ /opt/rocm/hip - - - - ${pkgs.rocmPackages.clr}"
+ ];
+
+ system.stateVersion = "22.11"; # DO NOT EDIT!
+}
+
diff --git a/host/Rory-portable/optional/hardware-specific/nvidia.nix b/host/Rory-portable/optional/hardware-specific/nvidia.nix
new file mode 100644
index 0000000..7278d84
--- /dev/null
+++ b/host/Rory-portable/optional/hardware-specific/nvidia.nix
@@ -0,0 +1,40 @@
+{ config, pkgs, lib, nhekoSrc, mtxclientSrc, ... }:
+
+{
+ imports =
+ [
+
+ ];
+
+
+ services = {
+ xserver = {
+ videoDrivers = ["nvidia"];
+ #windowManager.i3.extraSessionCommands = ''
+ # todo: restore
+ #'';
+ };
+ picom.backend = "glx";
+ };
+
+ hardware = {
+ opengl = {
+ enable = true;
+ driSupport = true;
+ driSupport32Bit = true;
+ };
+
+ nvidia = {
+ modesetting.enable = true;
+ powerManagement.enable = false;
+ powerManagement.finegrained = false;
+ open = true;
+ nvidiaSettings = true;
+ nvidiaPersistenced = true;
+ package = config.boot.kernelPackages.nvidiaPackages.stable;
+ };
+ };
+
+ system.stateVersion = "22.11"; # DO NOT EDIT!
+}
+
diff --git a/host/Rory-portable/postgres.nix b/host/Rory-portable/postgres.nix
new file mode 100755
index 0000000..e1e4432
--- /dev/null
+++ b/host/Rory-portable/postgres.nix
@@ -0,0 +1,34 @@
+{ config, pkgs, lib, ... }:
+
+{
+ #systemd.tmpfiles.rules = [ "d /mnt/postgres/data 0750 postgres postgres" ];
+
+ services.postgresql = {
+ enable = true;
+ package = pkgs.postgresql_16;
+ enableTCPIP = true;
+ authentication = pkgs.lib.mkOverride 10 ''
+ # TYPE, DATABASE, USER, ADDRESS, METHOD
+ local all all trust
+ host all all 127.0.0.1/32 trust
+ host all all ::1/128 trust
+ host discordbots discordbots 192.168.1.2/32 trust
+ host matrix-synapse-rory-gay matrix-synapse-rory-gay 192.168.1.5/32 trust
+ host all all 0.0.0.0/0 md5
+ '';
+ # initialScript = pkgs.writeText "backend-initScript" ''
+ # CREATE ROLE nixcloud WITH LOGIN PASSWORD 'nixcloud' CREATEDB;
+ # CREATE DATABASE nixcloud;
+ # GRANT ALL PRIVILEGES ON DATABASE nixcloud TO nixcloud;
+ # '';
+ #dataDir = "/mnt/postgres/data";
+ settings = {
+ "max_connections" = "100";
+ "shared_buffers" = "128MB";
+ "max_wal_size" = "1GB";
+ "min_wal_size" = "80MB";
+ };
+ };
+
+}
+
diff --git a/host/Rory-portable/printing.nix b/host/Rory-portable/printing.nix
new file mode 100644
index 0000000..fd33aaa
--- /dev/null
+++ b/host/Rory-portable/printing.nix
@@ -0,0 +1,51 @@
+{ config, pkgs, lib, ... }:
+
+{
+ imports = [ ];
+
+ users.users = {
+ Rory = {
+ extraGroups = [ "lp" "scanner" ];
+ };
+ };
+
+ environment.systemPackages = with pkgs; [
+ xsane
+ gnome.simple-scan
+ ];
+
+ hardware = {
+ sane.enable = true;
+ sane.extraBackends = [ pkgs.hplipWithPlugin pkgs.sane-airscan ];
+ };
+
+ programs.system-config-printer.enable = true;
+
+ services = {
+ gvfs.enable = true;
+ saned.enable = true;
+ system-config-printer.enable = true;
+ ipp-usb.enable = true;
+ printing = {
+ enable = true;
+ browsing = true;
+ drivers = with pkgs; [ hplip ];
+ };
+ avahi = {
+ enable = true;
+ nssmdns = true;
+ reflector = true;
+ publish = {
+ workstation = true;
+ userServices = true;
+ hinfo = true;
+ enable = true;
+ domain = true;
+ addresses = true;
+ };
+ };
+ };
+
+ system.stateVersion = "22.11"; # DO NOT EDIT!
+}
+
|
