From 26662e1419fb2ad357018146e27a123e5f1a7ee1 Mon Sep 17 00:00:00 2001 From: "Wyatt J. Miller" Date: Tue, 17 Feb 2026 18:24:34 -0500 Subject: [PATCH] wip: yshtola build in progress --- flake.nix | 25 +++++ modules/machine/yshtola/configuration.nix | 93 +++++++++++++++++++ modules/machine/yshtola/default.nix | 6 ++ .../yshtola/hardware-configuration.nix | 0 4 files changed, 124 insertions(+) create mode 100644 modules/machine/yshtola/configuration.nix create mode 100644 modules/machine/yshtola/default.nix create mode 100644 modules/machine/yshtola/hardware-configuration.nix diff --git a/flake.nix b/flake.nix index 45f93d3..2a55f9e 100644 --- a/flake.nix +++ b/flake.nix @@ -162,6 +162,31 @@ # ]; }; + nixosConfigurations."yshtola" = nixpkgs.lib.nixosSystem { + system = "x86_64-linux"; + specialArgs = { + inherit userName userEmail; + hostname = "yshtola"; + role = "server"; + }; + modules = [ + myOverlays + ./modules/common + ./modules/machine/yshtola + + home-manager.nixosModules.home-manager + { + home-manager.useGlobalPkgs = true; + home-manager.useUserPackages = true; + home-manager.extraSpecialArgs = extraSpecialArgs // { isNixOS = true; role = "server"; }; + home-manager.backupFileExtension = "bak"; + home-manager.users.${userName}.imports = [ + ./home + ]; + } + ]; + }; + # generic non-NixOS Linux machine homeConfigurations."generic" = let hostname = builtins.getEnv "HOSTNAME"; diff --git a/modules/machine/yshtola/configuration.nix b/modules/machine/yshtola/configuration.nix new file mode 100644 index 0000000..97c6488 --- /dev/null +++ b/modules/machine/yshtola/configuration.nix @@ -0,0 +1,93 @@ + +{ + pkgs, + userName, + ... +}: { + imports = [ + ../../pwrMgmt + ../../networking/core.nix + ../../networking/dns.nix + ../../virtualization/podman.nix + ]; + + # Enable flakes for NixOS + nix.settings.experimental-features = ["nix-command" "flakes"]; + + # Custom kernel/boot stuff + boot.kernelPackages = pkgs.linuxPackages_latest; + boot.loader.systemd-boot.enable = true; # TODO: check on this + boot.loader.efi.canTouchEfiVariables = true; + + # Set your timezone + time.timeZone = "America/Detroit"; + + # Enable OpenSSH + services.openssh.enable = true; + + # Enable keyring + services.gnome.gnome-keyring.enable = true; + + # Enable GnuPG + programs.gnupg.agent = { + enable = true; + enableSSHSupport = true; + }; + + # Enable SUID wrappers (some programs need them) + programs.mtr.enable = true; + + # Enable Polkit + security.polkit.enable = true; + + # Power management (see ../../pwrMgmt/default.nix) + pwrMgmt = { + enable = true; + cpuFreqGovernor = "performance"; + powertop.enable = false; + }; + + # Podman module (see ../../virtualization/podman.nix) + # podman = { + # enable = true; + # extraPackages = with pkgs; [ + # docker-credential-helpers + # toolbox + # cosign + # crane + # podman-tui + # podman-desktop + # ]; + # }; + + # Core networking module (see ../../networking/core.nix) + network = { + firewall.enable = true; + networkManager.enable = true; + }; + + # Add username to groups "wheel" and "video" - more may be added here later + users.users.${userName}.extraGroups = ["wheel" "video" "network"]; + + # fail2ban + services.fail2ban = { + + }; + + # Matrix server + services.matrix-tuwunel = { + + }; + + # LiveKit (MatrixRTC) + services.livekit = { + + }; + + # TURN/STUN server + services.coturn = { + + }; + + system.stateVersion = "25.11"; +} diff --git a/modules/machine/yshtola/default.nix b/modules/machine/yshtola/default.nix new file mode 100644 index 0000000..3c4d411 --- /dev/null +++ b/modules/machine/yshtola/default.nix @@ -0,0 +1,6 @@ +{ ... }: { + imports = [ + ./configuration.nix + ./hardware-configuration.nix + ]; +} diff --git a/modules/machine/yshtola/hardware-configuration.nix b/modules/machine/yshtola/hardware-configuration.nix new file mode 100644 index 0000000..e69de29