From 573c9e3757e0e34b80da8e638f3b6aa16a693eed Mon Sep 17 00:00:00 2001 From: tulg Date: Sat, 25 Apr 2026 18:11:11 +0300 Subject: [PATCH] kittykat --- flake.lock | 124 +++++++++++++++++++--- flake.nix | 13 +++ hosts/kittykat/configuration.nix | 43 ++++++++ hosts/kittykat/disko.nix | 37 +++++++ hosts/kittykat/hardware-configuration.nix | 14 +++ modules/nixos/services.nix | 2 +- 6 files changed, 218 insertions(+), 15 deletions(-) create mode 100644 hosts/kittykat/configuration.nix create mode 100644 hosts/kittykat/disko.nix create mode 100644 hosts/kittykat/hardware-configuration.nix diff --git a/flake.lock b/flake.lock index 79e4155..b44ad2f 100644 --- a/flake.lock +++ b/flake.lock @@ -1,5 +1,26 @@ { "nodes": { + "agenix": { + "inputs": { + "darwin": "darwin", + "home-manager": "home-manager", + "nixpkgs": "nixpkgs", + "systems": "systems" + }, + "locked": { + "lastModified": 1770165109, + "narHash": "sha256-9VnK6Oqai65puVJ4WYtCTvlJeXxMzAp/69HhQuTdl/I=", + "owner": "ryantm", + "repo": "agenix", + "rev": "b027ee29d959fda4b60b57566d64c98a202e0feb", + "type": "github" + }, + "original": { + "owner": "ryantm", + "repo": "agenix", + "type": "github" + } + }, "base16": { "inputs": { "fromYaml": "fromYaml" @@ -84,6 +105,28 @@ "type": "github" } }, + "darwin": { + "inputs": { + "nixpkgs": [ + "agenix", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1744478979, + "narHash": "sha256-dyN+teG9G82G+m+PX/aSAagkC+vUv0SgUw3XkPhQodQ=", + "owner": "lnl7", + "repo": "nix-darwin", + "rev": "43975d782b418ebf4969e9ccba82466728c2851b", + "type": "github" + }, + "original": { + "owner": "lnl7", + "ref": "master", + "repo": "nix-darwin", + "type": "github" + } + }, "disko": { "inputs": { "nixpkgs": [ @@ -193,6 +236,27 @@ } }, "home-manager": { + "inputs": { + "nixpkgs": [ + "agenix", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1745494811, + "narHash": "sha256-YZCh2o9Ua1n9uCvrvi5pRxtuVNml8X2a03qIFfRKpFs=", + "owner": "nix-community", + "repo": "home-manager", + "rev": "abfad3d2958c9e6300a883bd443512c55dfeb1be", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "home-manager", + "type": "github" + } + }, + "home-manager_2": { "inputs": { "nixpkgs": [ "nixpkgs" @@ -212,7 +276,7 @@ "type": "github" } }, - "home-manager_2": { + "home-manager_3": { "inputs": { "nixpkgs": [ "zen-browser", @@ -291,16 +355,16 @@ }, "nixpkgs": { "locked": { - "lastModified": 1776548001, - "narHash": "sha256-ZSK0NL4a1BwVbbTBoSnWgbJy9HeZFXLYQizjb2DPF24=", + "lastModified": 1754028485, + "narHash": "sha256-IiiXB3BDTi6UqzAZcf2S797hWEPCRZOwyNThJIYhUfk=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "b12141ef619e0a9c1c84dc8c684040326f27cdcc", + "rev": "59e69648d345d6e8fef86158c555730fa12af9de", "type": "github" }, "original": { "owner": "NixOS", - "ref": "nixos-unstable", + "ref": "nixos-25.05", "repo": "nixpkgs", "type": "github" } @@ -336,6 +400,22 @@ } }, "nixpkgs_2": { + "locked": { + "lastModified": 1776548001, + "narHash": "sha256-ZSK0NL4a1BwVbbTBoSnWgbJy9HeZFXLYQizjb2DPF24=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "b12141ef619e0a9c1c84dc8c684040326f27cdcc", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_3": { "locked": { "lastModified": 1776169885, "narHash": "sha256-Gk2T0tDDDAs319hp/ak+bAIUG5bPMvnNEjPV8CS86Fg=", @@ -375,7 +455,7 @@ "noctalia", "nixpkgs" ], - "systems": "systems", + "systems": "systems_2", "treefmt-nix": "treefmt-nix" }, "locked": { @@ -439,11 +519,12 @@ }, "root": { "inputs": { + "agenix": "agenix", "disko": "disko", - "home-manager": "home-manager", + "home-manager": "home-manager_2", "nix-colors": "nix-colors", "nixos-vfio": "nixos-vfio", - "nixpkgs": "nixpkgs", + "nixpkgs": "nixpkgs_2", "noctalia": "noctalia", "quickshell": "quickshell", "spicetify-nix": "spicetify-nix", @@ -453,8 +534,8 @@ }, "spicetify-nix": { "inputs": { - "nixpkgs": "nixpkgs_2", - "systems": "systems_2" + "nixpkgs": "nixpkgs_3", + "systems": "systems_3" }, "locked": { "lastModified": 1776894239, @@ -483,7 +564,7 @@ "nixpkgs" ], "nur": "nur", - "systems": "systems_3", + "systems": "systems_4", "tinted-kitty": "tinted-kitty", "tinted-schemes": "tinted-schemes", "tinted-tmux": "tinted-tmux", @@ -504,6 +585,21 @@ } }, "systems": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + }, + "systems_2": { "locked": { "lastModified": 1689347949, "narHash": "sha256-12tWmuL2zgBgZkdoB6qXZsgJEH9LR3oUgpaQq2RbI80=", @@ -518,7 +614,7 @@ "type": "github" } }, - "systems_2": { + "systems_3": { "locked": { "lastModified": 1681028828, "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", @@ -533,7 +629,7 @@ "type": "github" } }, - "systems_3": { + "systems_4": { "locked": { "lastModified": 1681028828, "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", @@ -636,7 +732,7 @@ }, "zen-browser": { "inputs": { - "home-manager": "home-manager_2", + "home-manager": "home-manager_3", "nixpkgs": [ "nixpkgs" ] diff --git a/flake.nix b/flake.nix index dacbdf3..96b269b 100644 --- a/flake.nix +++ b/flake.nix @@ -9,6 +9,9 @@ url = "github:nix-community/home-manager"; inputs.nixpkgs.follows = "nixpkgs"; }; + agenix = { + url = "github:ryantm/agenix"; + }; quickshell = { url = "github:outfoxxed/quickshell"; inputs.nixpkgs.follows = "nixpkgs"; @@ -45,6 +48,7 @@ nix-colors, stylix, disko, + agenix, ... } @ inputs: let system = "x86_64-linux"; @@ -123,6 +127,15 @@ }; } ]; + nixosConfigurations.kittykat = nixpkgs.lib.nixosSystem { + inherit system; + specialArgs = {inherit inputs;}; + modules = [ + ./hosts/kittykat/configuration.nix + agenix.nixosModules.default + inputs.disko.nixosModules.disko + ]; + }; }; }; } diff --git a/hosts/kittykat/configuration.nix b/hosts/kittykat/configuration.nix new file mode 100644 index 0000000..914038f --- /dev/null +++ b/hosts/kittykat/configuration.nix @@ -0,0 +1,43 @@ +{ + config, + lib, + pkgs, + ... +}: { + imports = [ + ./hardware-configuration.nix + ./disko-config.nix + ]; + + boot.loader.grub.enable = true; + + services.openssh.enable = { + enable = true + settings.PermitRootLogin = "no"; + + }; + + users.users.tulg = { + isNormalUser = true; + description = "Tulga"; + extraGroups = [ + "networkmanager" + "wheel" + "libvirtd" + "kvm" + ]; + }; + users.users."root".openssh.authorizedKeys.keys = [ + "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDIefprdYz4gFgBqGlrkycWcTYxFttQHRjDQmREtQTiGyqK1gQiB4z4Cbiayt7Emq224sbaobQPlNSyhlBCSo/Wf0bmZMz8NwNdwhFSkDnyD6LPaHg8fv9FXnWW0wBMl4oSD2wfGbMQBrecjgHXfJ64UiHyyhDllDDtWGgoY75wwfWHzX/NiGaEi0LHCQ8dsgp7H+BhssTkJPZbv6BJcA34yfb6dISjvW2S/QGKMwgYr9ArfGLUTWPbj+EbL7Bf9VsTFe9nP+FnYqEu4+oBIbY2heXWA+FCi0zxmMY4oYJxT5cJi1nffVOxboKLm4kIT93gv1WdcDiQDVdy5sJ1q0gJyiRt1HfJW4l8jn36VJ0FvdGmRliOTzSfeER0gbIsOcxeArHRV3ff/CoSocnSs0To5vFKgjlGwhdE8sJsqILgZnIoKwVvOXuDOz/RhbdBPpVsG7upk7bLJtLv9P5h0h/gUIWA1iktaYBSDL0UofjSrfNhZH6M0P+soIuooanSlVGivTlASw1pd+gjvebbc9ksvGZVqPQT0XegIvZkwfu8moERZUqv/xhNcyWTEGfFKoeHt5ub8Ac0LOe9Ak6N+p8xDjTdkmUgte5J/CNL1JL3JA/iqocAo+VvmIbPatbrOwUNcROOS3WeFg8MfNrbDyYCVNbZWAyM6wwfLB2fIUB2jw== tulg@highcommand" # content of authorized_keys file + ]; + users.users."tulg".openssh.authorizedKeys.keys = [ + "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDIefprdYz4gFgBqGlrkycWcTYxFttQHRjDQmREtQTiGyqK1gQiB4z4Cbiayt7Emq224sbaobQPlNSyhlBCSo/Wf0bmZMz8NwNdwhFSkDnyD6LPaHg8fv9FXnWW0wBMl4oSD2wfGbMQBrecjgHXfJ64UiHyyhDllDDtWGgoY75wwfWHzX/NiGaEi0LHCQ8dsgp7H+BhssTkJPZbv6BJcA34yfb6dISjvW2S/QGKMwgYr9ArfGLUTWPbj+EbL7Bf9VsTFe9nP+FnYqEu4+oBIbY2heXWA+FCi0zxmMY4oYJxT5cJi1nffVOxboKLm4kIT93gv1WdcDiQDVdy5sJ1q0gJyiRt1HfJW4l8jn36VJ0FvdGmRliOTzSfeER0gbIsOcxeArHRV3ff/CoSocnSs0To5vFKgjlGwhdE8sJsqILgZnIoKwVvOXuDOz/RhbdBPpVsG7upk7bLJtLv9P5h0h/gUIWA1iktaYBSDL0UofjSrfNhZH6M0P+soIuooanSlVGivTlASw1pd+gjvebbc9ksvGZVqPQT0XegIvZkwfu8moERZUqv/xhNcyWTEGfFKoeHt5ub8Ac0LOe9Ak6N+p8xDjTdkmUgte5J/CNL1JL3JA/iqocAo+VvmIbPatbrOwUNcROOS3WeFg8MfNrbDyYCVNbZWAyM6wwfLB2fIUB2jw== tulg@highcommand" # content of authorized_keys file + ]; + + programs.neovim = { + enable = true; + defaultEditor = true; + }; + + system.stateVersion = "25.05"; +} diff --git a/hosts/kittykat/disko.nix b/hosts/kittykat/disko.nix new file mode 100644 index 0000000..d439fcc --- /dev/null +++ b/hosts/kittykat/disko.nix @@ -0,0 +1,37 @@ +{ + disko.devices = { + disk = { + main = { + type = "disk"; + device = "/dev/sda"; + content = { + type = "gpt"; + partitions = { + boot = { + size = "1M"; + type = "EF02"; + priority = 1; + }; + ESP = { + size = "512M"; + type = "EF00"; + content = { + type = "filesystem"; + format = "vfat"; + mountpoint = "/boot"; + }; + }; + root = { + size = "100%"; + content = { + type = "filesystem"; + format = "ext4"; + mountpoint = "/"; + }; + }; + }; + }; + }; + }; + }; +} diff --git a/hosts/kittykat/hardware-configuration.nix b/hosts/kittykat/hardware-configuration.nix new file mode 100644 index 0000000..3ec318f --- /dev/null +++ b/hosts/kittykat/hardware-configuration.nix @@ -0,0 +1,14 @@ +{ + config, + lib, + pkgs, + modulesPath, + ... +}: { + imports = [ + (modulesPath + "/profiles/qemu-guest.nix") + ]; + + networking.useDHCP = lib.mkDefault true; + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; +} diff --git a/modules/nixos/services.nix b/modules/nixos/services.nix index 81d93a9..3476e20 100644 --- a/modules/nixos/services.nix +++ b/modules/nixos/services.nix @@ -34,7 +34,7 @@ enable = true; package = pkgs.mullvad-vpn; }; - + services.v2raya.enable = true; programs.thunar.plugins = with pkgs; [ thunar-archive-plugin thunar-volman