Merge branch 'new' of ssh://git.0x76.dev:42/v/infrastructure into new

common/desktop/home.nix

@@ -36,7 +36,6 @@ in
     foliate # epub reader
     gcc
     gimp
-    inputs.attic.packages.${pkgs.system}.attic
     comma
     discord
     jetbrains.rust-rover
@@ -70,7 +69,10 @@ in
 
     chromium = {
       enable = true;
-      package = pkgs.ungoogled-chromium;
+      extensions = [
+        { id = "cjpalhdlnbpafiamejdnhcphjbkeiagm"; } # ublock origin
+        { id = "nngceckbapebfimnlniiiahkandclblb"; } # bitwarden
+      ];
     };
 
     direnv = {

common/hm-modules/nvim/default.nix

@@ -219,10 +219,6 @@ with lib;
               folder = "daily";
             };
             workspaces = [
-              {
-                name = "uni";
-                path = "~/cloud/Documents/CESE/notes";
-              }
               {
                 name = "notes";
                 path = "~/cloud/Notes";
@@ -282,7 +278,7 @@ with lib;
         };
         # surround.enable = true;
         fugitive.enable = true;
-        gitgutter.enable = true;
+        # gitgutter.enable = true;
 
         lualine = {
           enable = true;

hosts/olympus/bastion/containers/default.nix

@@ -3,7 +3,6 @@ let
   hostAddress = "10.42.99.1";
   hostAddress6 = "fc00::1";
 in {
-  # TODO: Loop over subdirs, create nixos container for each
   networking.nat = {
     enable = true;
     internalInterfaces = [ "ve-+" ];
@@ -24,7 +23,7 @@ in {
     dns = {
       autoStart = true;
       inherit hostAddress hostAddress6;
-      localAddress = "10.42.99.1";
+      localAddress = "10.42.99.2";
       localAddress6 = "fc00::2";
 
       specialArgs = { inherit inputs; };
@@ -32,11 +31,11 @@ in {
       config = {pkgs, ...}: {
         imports = [
           ./common.nix
+          # ./dns.nix
           inputs.home-manager.nixosModules.home-manager
           inputs.gnome-autounlock-keyring.nixosModules.default
           inputs.catppuccin.nixosModules.catppuccin
         ];
-
       };
     };
   };

hosts/olympus/bastion/containers/dns.nix

@@ -0,0 +1,7 @@
+{ ... }: {
+   services.v.dns = {
+    enable = true;
+    openFirewall = true;
+    mode = "server";
+  };
+}

hosts/olympus/eevee/home/default.nix

@@ -4,6 +4,5 @@
   };
 
   home.packages = with pkgs; [
-    zoom-us
   ];
 }

hosts/thalassa/aoife/hardware.nix

@@ -40,7 +40,6 @@
     # Video Driver
     xserver = {
       dpi = 280;
-      xkb.options = "caps:swapescape";
     };
 
     # SSD Trim

hosts/thalassa/aoife/home/default.nix

@@ -7,7 +7,7 @@
 
   # Custom dconf settings
   dconf.settings."org/gnome/desktop/input-sources" = {
-    xkb-options = [ "caps:swapescape" ];
+    # xkb-options = [ "caps:swapescape" ];
   };
 
   programs.zsh.envExtra = ''

nixos/hosts/olympus/bastion/configuration.nix

@@ -1,38 +0,0 @@
-# Edit this configuration file to define what should be installed on
-# your system.  Help is available in the configuration.nix(5) man page
-# and in the NixOS manual (accessible by running ‘nixos-help’).
-
-{ pkgs, inputs, ... }: {
-  imports = [
-    # Include the results of the hardware scan.
-    ./hardware-configuration.nix
-    ./containers
-    # ./vms.nix
-  ];
-
-  programs.nix-ld.enable = true;
-
-  # Use the GRUB 2 boot loader.
-  boot.loader.grub.enable = true;
-  boot.loader.grub.device = "/dev/sda";
-
-  # This value determines the NixOS release from which the default
-  # settings for stateful data, like file locations and database versions
-  # on your system were taken. It‘s perfectly fine and recommended to leave
-  # this value at the release version of the first install of this system.
-  # Before changing this value read the documentation for this option
-  # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
-  system.stateVersion = "22.11"; # Did you read the comment?
-
-  virtualisation.podman.enable = true;
-
-  # Additional packages
-  environment.systemPackages = with pkgs; [ vault ];
-
-  networking.useNetworkd = true;
-
-  programs.gnupg.agent = {
-    enable = true;
-    pinentryFlavor = "curses";
-  };
-}

nixos/hosts/olympus/bastion/containers/common.nix

@@ -1,6 +0,0 @@
-# common container config
-{ lib, ... }: {
-  # Workaround for bug https://github.com/NixOS/nixpkgs/issues/162686
-  networking.useHostResolvConf = lib.mkForce false;
-  services.resolved.enable = true;
-}

nixos/hosts/olympus/bastion/containers/default.nix

@@ -1,26 +0,0 @@
-{ config, lib, ... }:
-let
-  hostAddress = "10.42.99.1";
-  hostAddress6 = "fc00::1";
-in {
-  # TODO: Loop over subdirs, create nixos container for each
-  networking.nat = {
-    enable = true;
-    internalInterfaces = [ "ve-+" ];
-    externalInterface = "ens18";
-    # Lazy IPv6 connectivity for the container
-    enableIPv6 = true;
-
-    forwardPorts = [
-
-    ];
-  };
-
-  # Containers network is
-  # * 10.42.99.0/24
-  # * fc00:x
-
-  containers = {
-
-  };
-}

nixos/hosts/olympus/bastion/hardware-configuration.nix

@@ -1,25 +0,0 @@
-# Do not modify this file!  It was generated by ‘nixos-generate-config’
-# and may be overwritten by future invocations.  Please make changes
-# to /etc/nixos/configuration.nix instead.
-{ modulesPath, ... }:
-
-{
-  imports = [ (modulesPath + "/profiles/qemu-guest.nix") ];
-  boot = {
-
-    initrd.availableKernelModules =
-      [ "ata_piix" "uhci_hcd" "virtio_pci" "virtio_scsi" "sd_mod" "sr_mod" ];
-    initrd.kernelModules = [ ];
-    kernelModules = [ ];
-    extraModulePackages = [ ];
-  };
-
-  fileSystems."/" = {
-    device = "/dev/disk/by-uuid/e8427097-8545-4924-b033-2659fcf9adca";
-    fsType = "ext4";
-  };
-
-  swapDevices =
-    [{ device = "/dev/disk/by-uuid/63d90b92-cdde-4795-a3ab-9566ae88f43d"; }];
-
-}

nixos/hosts/olympus/bastion/vms.nix

@@ -1,32 +0,0 @@
-{ config, pkgs, inputs, ... }: {
-  imports = [
-    inputs.microvm.nixosModules.host
-  ];
-
-  microvm.vms = {
-    test-vm = {
-      inherit pkgs;
-
-      # (Optional) A set of special arguments to be passed to the MicroVM's NixOS modules.
-      #specialArgs = {};
-
-      # The configuration for the MicroVM.
-      # Multiple definitions will be merged as expected.
-      config = {
-        # It is highly recommended to share the host's nix-store
-        # with the VMs to prevent building huge images.
-        microvm.hypervisor = "crosvm";
-        microvm.shares = [{
-          source = "/nix/store";
-          mountPoint = "/nix/.ro-store";
-          tag = "ro-store";
-          proto = "virtiofs";
-        }];
-
-        # Any other configuration for your MicroVM
-        # [...]
-      };
-
-    };
-  };
-}

nixos/hosts/olympus/dhcp/configuration.nix

@@ -41,8 +41,6 @@ in
     controlSocketPaths = [ "/tmp/kea-dhcp4.socket" ];
   };
 
-  # To make sure the control socket is accesible
-
   services.kea.dhcp4 = {
     enable = true;
     settings = {
@@ -57,7 +55,6 @@ in
         socket-type = "unix";
         socket-name = "/tmp/kea-dhcp4.socket";
       };
-      # failed to initialize Kea server: configuration error using file '/etc/kea/dhcp4-server.conf': cannot create socket lockfile, /run/kea/kea-dhcp4.socket.lock, : No such file or directory
 
       lease-database = {
         name = "/var/lib/kea/dhcp4.leases";

nixos/hosts/olympus/eevee/configuration.nix

@@ -1,53 +0,0 @@
-# Edit this configuration file to define what should be installed on
-# your system.  Help is available in the configuration.nix(5) man page
-# and in the NixOS manual (accessible by running ‘nixos-help’).
-
-{ pkgs, ... }: {
-  imports = [ ./hardware-configuration.nix ./hardware.nix ];
-
-  # Bootloader.
-  boot = {
-    kernelPackages = pkgs.linuxPackages_latest;
-    initrd = {
-      kernelModules = [ "nvidia" "nvidia_modeset" "nvidia_uvm" "nvidia_drm" ];
-    };
-    loader.systemd-boot.configurationLimit = 5;
-  };
-
-  fileSystems."/".options = [ "compress=zstd" ];
-
-  # Set your time zone.
-  time.timeZone = "Europe/Amsterdam";
-
-  # Select internationalisation properties.
-  i18n.defaultLocale = "en_GB.UTF-8";
-  i18n.extraLocaleSettings = {
-    LC_ADDRESS = "nl_NL.UTF-8";
-    LC_IDENTIFICATION = "nl_NL.UTF-8";
-    LC_MEASUREMENT = "nl_NL.UTF-8";
-    LC_MONETARY = "nl_NL.UTF-8";
-    LC_NAME = "nl_NL.UTF-8";
-    LC_NUMERIC = "nl_NL.UTF-8";
-    LC_PAPER = "nl_NL.UTF-8";
-    LC_TELEPHONE = "nl_NL.UTF-8";
-    LC_TIME = "nl_NL.UTF-8";
-  };
-
-  # Enable CUPS to print documents.
-  services.printing.enable = true;
-
-  environment.systemPackages = with pkgs; [ wireguard-tools ];
-
-  environment.sessionVariables.NIXOS_OZONE_WL = "1";
-
-  home-manager = {
-    users.vivian = import ./home;
-  };
-  # This value determines the NixOS release from which the default
-  # settings for stateful data, like file locations and database versions
-  # on your system were taken. It‘s perfectly fine and recommended to leave
-  # this value at the release version of the first install of this system.
-  # Before changing this value read the documentation for this option
-  # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
-  system.stateVersion = "23.05"; # Did you read the comment?
-}

nixos/hosts/olympus/eevee/hardware-configuration.nix

@@ -1,42 +0,0 @@
-# Do not modify this file!  It was generated by ‘nixos-generate-config’
-# and may be overwritten by future invocations.  Please make changes
-# to /etc/nixos/configuration.nix instead.
-{ config, lib, modulesPath, ... }:
-
-{
-  imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
-  boot = {
-
-    initrd.availableKernelModules =
-      [ "xhci_pci" "ahci" "nvme" "usbhid" "usb_storage" "sd_mod" ];
-    initrd.kernelModules = [ ];
-    kernelModules = [ "kvm-intel" ];
-    extraModulePackages = [ ];
-  };
-
-  fileSystems."/" = {
-    device = "/dev/disk/by-uuid/947a98af-9a4e-4811-a2ca-9aa00b319e9c";
-    fsType = "btrfs";
-    options = [ "subvol=@" ];
-  };
-
-  fileSystems."/boot/efi" = {
-    device = "/dev/disk/by-uuid/D883-F146";
-    fsType = "vfat";
-  };
-
-  swapDevices =
-    [{ device = "/dev/disk/by-uuid/a99402e1-6f2a-4c4b-b69f-aae2fd13ffc0"; }];
-
-  # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
-  # (the default) this is the recommended approach. When using systemd-networkd it's
-  # still possible to use this option, but it's recommended to use it in conjunction
-  # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
-  networking.useDHCP = lib.mkDefault true;
-  # networking.interfaces.enp0s31f6.useDHCP = lib.mkDefault true;
-
-  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
-  powerManagement.cpuFreqGovernor = lib.mkDefault "powersave";
-  hardware.cpu.intel.updateMicrocode =
-    lib.mkDefault config.hardware.enableRedistributableFirmware;
-}

nixos/hosts/olympus/eevee/hardware.nix

@@ -1,48 +0,0 @@
-{ pkgs, ... }: {
-  hardware = {
-    enableAllFirmware = true;
-    nvidia = {
-      # package = config.boot.kernelPackages.nvidiaPackages.stable;
-
-      # Open drivers cause gdm to crash
-      # open = true;
-
-      # nvidia-drm.modeset=1
-      modesetting.enable = true;
-      powerManagement.enable = false;
-    };
-
-    # Hardware acceleration
-    opengl = {
-      enable = true;
-
-      # Vulkan
-      driSupport = true;
-      driSupport32Bit = true;
-    };
-
-    logitech.wireless = {
-      enable = true;
-      enableGraphical = true;
-    };
-  };
-  services = {
-
-    hardware.bolt.enable = true;
-
-    xserver.videoDrivers = [ "nvidia" ];
-
-    # udev
-    udev.packages = with pkgs; [
-      android-udev-rules
-      logitech-udev-rules
-      wooting-udev-rules
-    ];
-
-    # SSD Trim
-    fstrim.enable = true;
-  };
-
-  # FS
-  fileSystems."/".options = [ "compress=zstd" ];
-}

nixos/hosts/olympus/eevee/home/.gitignore

@@ -1 +0,0 @@
-*dconf_dump*

nixos/hosts/olympus/eevee/home/default.nix

@@ -1,9 +0,0 @@
-{ pkgs, ... }: {
-  dconf.settings."org/gnome/desktop/peripherals/mouse" = {
-    accel-profile = "flat";
-  };
-
-  home.packages = with pkgs; [
-    zoom-us
-  ];
-}

nixos/hosts/olympus/nginx/configuration.nix

@@ -172,7 +172,6 @@ in {
   };
   security = {
     acme = {
-
       defaults.email = "vivian@0x76.dev";
       acceptTerms = true;
       preliminarySelfsigned = true;