diff --git a/flake.lock b/flake.lock index 86f0968..79e4155 100644 --- a/flake.lock +++ b/flake.lock @@ -1,26 +1,5 @@ { "nodes": { - "agenix": { - "inputs": { - "darwin": "darwin", - "home-manager": "home-manager", - "nixpkgs": "nixpkgs", - "systems": "systems" - }, - "locked": { - "lastModified": 1770165109, - "narHash": "sha256-9VnK6Oqai65puVJ4WYtCTvlJeXxMzAp/69HhQuTdl/I=", - "owner": "ryantm", - "repo": "agenix", - "rev": "b027ee29d959fda4b60b57566d64c98a202e0feb", - "type": "github" - }, - "original": { - "owner": "ryantm", - "repo": "agenix", - "type": "github" - } - }, "base16": { "inputs": { "fromYaml": "fromYaml" @@ -105,48 +84,6 @@ "type": "github" } }, - "darwin": { - "inputs": { - "nixpkgs": [ - "agenix", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1744478979, - "narHash": "sha256-dyN+teG9G82G+m+PX/aSAagkC+vUv0SgUw3XkPhQodQ=", - "owner": "lnl7", - "repo": "nix-darwin", - "rev": "43975d782b418ebf4969e9ccba82466728c2851b", - "type": "github" - }, - "original": { - "owner": "lnl7", - "ref": "master", - "repo": "nix-darwin", - "type": "github" - } - }, - "deploy-rs": { - "inputs": { - "flake-compat": "flake-compat", - "nixpkgs": "nixpkgs_2", - "utils": "utils" - }, - "locked": { - "lastModified": 1770019181, - "narHash": "sha256-hwsYgDnby50JNVpTRYlF3UR/Rrpt01OrxVuryF40CFY=", - "owner": "serokell", - "repo": "deploy-rs", - "rev": "77c906c0ba56aabdbc72041bf9111b565cdd6171", - "type": "github" - }, - "original": { - "owner": "serokell", - "repo": "deploy-rs", - "type": "github" - } - }, "disko": { "inputs": { "nixpkgs": [ @@ -183,22 +120,6 @@ "type": "github" } }, - "flake-compat": { - "flake": false, - "locked": { - "lastModified": 1733328505, - "narHash": "sha256-NeCCThCEP3eCl2l/+27kNNK7QrwZB1IJCrXfrbv5oqU=", - "owner": "edolstra", - "repo": "flake-compat", - "rev": "ff81ac966bb2cae68946d5ed5fc4994f96d0ffec", - "type": "github" - }, - "original": { - "owner": "edolstra", - "repo": "flake-compat", - "type": "github" - } - }, "flake-parts": { "inputs": { "nixpkgs-lib": "nixpkgs-lib_2" @@ -272,27 +193,6 @@ } }, "home-manager": { - "inputs": { - "nixpkgs": [ - "agenix", - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1745494811, - "narHash": "sha256-YZCh2o9Ua1n9uCvrvi5pRxtuVNml8X2a03qIFfRKpFs=", - "owner": "nix-community", - "repo": "home-manager", - "rev": "abfad3d2958c9e6300a883bd443512c55dfeb1be", - "type": "github" - }, - "original": { - "owner": "nix-community", - "repo": "home-manager", - "type": "github" - } - }, - "home-manager_2": { "inputs": { "nixpkgs": [ "nixpkgs" @@ -312,7 +212,7 @@ "type": "github" } }, - "home-manager_3": { + "home-manager_2": { "inputs": { "nixpkgs": [ "zen-browser", @@ -391,16 +291,16 @@ }, "nixpkgs": { "locked": { - "lastModified": 1754028485, - "narHash": "sha256-IiiXB3BDTi6UqzAZcf2S797hWEPCRZOwyNThJIYhUfk=", + "lastModified": 1776548001, + "narHash": "sha256-ZSK0NL4a1BwVbbTBoSnWgbJy9HeZFXLYQizjb2DPF24=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "59e69648d345d6e8fef86158c555730fa12af9de", + "rev": "b12141ef619e0a9c1c84dc8c684040326f27cdcc", "type": "github" }, "original": { "owner": "NixOS", - "ref": "nixos-25.05", + "ref": "nixos-unstable", "repo": "nixpkgs", "type": "github" } @@ -436,38 +336,6 @@ } }, "nixpkgs_2": { - "locked": { - "lastModified": 1743014863, - "narHash": "sha256-jAIUqsiN2r3hCuHji80U7NNEafpIMBXiwKlSrjWMlpg=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "bd3bac8bfb542dbde7ffffb6987a1a1f9d41699f", - "type": "github" - }, - "original": { - "owner": "NixOS", - "ref": "nixpkgs-unstable", - "repo": "nixpkgs", - "type": "github" - } - }, - "nixpkgs_3": { - "locked": { - "lastModified": 1776548001, - "narHash": "sha256-ZSK0NL4a1BwVbbTBoSnWgbJy9HeZFXLYQizjb2DPF24=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "b12141ef619e0a9c1c84dc8c684040326f27cdcc", - "type": "github" - }, - "original": { - "owner": "NixOS", - "ref": "nixos-unstable", - "repo": "nixpkgs", - "type": "github" - } - }, - "nixpkgs_4": { "locked": { "lastModified": 1776169885, "narHash": "sha256-Gk2T0tDDDAs319hp/ak+bAIUG5bPMvnNEjPV8CS86Fg=", @@ -480,22 +348,6 @@ "url": "https://channels.nixos.org/nixos-unstable/nixexprs.tar.xz" } }, - "nixpkgs_5": { - "locked": { - "lastModified": 1776877367, - "narHash": "sha256-EHq1/OX139R1RvBzOJ0aMRT3xnWyqtHBRUBuO1gFzjI=", - "owner": "nixos", - "repo": "nixpkgs", - "rev": "0726a0ecb6d4e08f6adced58726b95db924cef57", - "type": "github" - }, - "original": { - "owner": "nixos", - "ref": "nixos-unstable", - "repo": "nixpkgs", - "type": "github" - } - }, "noctalia": { "inputs": { "nixpkgs": [ @@ -523,7 +375,7 @@ "noctalia", "nixpkgs" ], - "systems": "systems_3", + "systems": "systems", "treefmt-nix": "treefmt-nix" }, "locked": { @@ -587,25 +439,22 @@ }, "root": { "inputs": { - "agenix": "agenix", - "deploy-rs": "deploy-rs", "disko": "disko", - "home-manager": "home-manager_2", + "home-manager": "home-manager", "nix-colors": "nix-colors", "nixos-vfio": "nixos-vfio", - "nixpkgs": "nixpkgs_3", + "nixpkgs": "nixpkgs", "noctalia": "noctalia", "quickshell": "quickshell", "spicetify-nix": "spicetify-nix", "stylix": "stylix", - "xray-3x-ui": "xray-3x-ui", "zen-browser": "zen-browser" } }, "spicetify-nix": { "inputs": { - "nixpkgs": "nixpkgs_4", - "systems": "systems_4" + "nixpkgs": "nixpkgs_2", + "systems": "systems_2" }, "locked": { "lastModified": 1776894239, @@ -634,7 +483,7 @@ "nixpkgs" ], "nur": "nur", - "systems": "systems_5", + "systems": "systems_3", "tinted-kitty": "tinted-kitty", "tinted-schemes": "tinted-schemes", "tinted-tmux": "tinted-tmux", @@ -656,16 +505,16 @@ }, "systems": { "locked": { - "lastModified": 1681028828, - "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "lastModified": 1689347949, + "narHash": "sha256-12tWmuL2zgBgZkdoB6qXZsgJEH9LR3oUgpaQq2RbI80=", "owner": "nix-systems", - "repo": "default", - "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "repo": "default-linux", + "rev": "31732fcf5e8fea42e59c2488ad31a0e651500f68", "type": "github" }, "original": { "owner": "nix-systems", - "repo": "default", + "repo": "default-linux", "type": "github" } }, @@ -685,36 +534,6 @@ } }, "systems_3": { - "locked": { - "lastModified": 1689347949, - "narHash": "sha256-12tWmuL2zgBgZkdoB6qXZsgJEH9LR3oUgpaQq2RbI80=", - "owner": "nix-systems", - "repo": "default-linux", - "rev": "31732fcf5e8fea42e59c2488ad31a0e651500f68", - "type": "github" - }, - "original": { - "owner": "nix-systems", - "repo": "default-linux", - "type": "github" - } - }, - "systems_4": { - "locked": { - "lastModified": 1681028828, - "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", - "owner": "nix-systems", - "repo": "default", - "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", - "type": "github" - }, - "original": { - "owner": "nix-systems", - "repo": "default", - "type": "github" - } - }, - "systems_5": { "locked": { "lastModified": 1681028828, "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", @@ -815,45 +634,9 @@ "type": "github" } }, - "utils": { - "inputs": { - "systems": "systems_2" - }, - "locked": { - "lastModified": 1731533236, - "narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=", - "owner": "numtide", - "repo": "flake-utils", - "rev": "11707dc2f618dd54ca8739b309ec4fc024de578b", - "type": "github" - }, - "original": { - "owner": "numtide", - "repo": "flake-utils", - "type": "github" - } - }, - "xray-3x-ui": { - "inputs": { - "nixpkgs": "nixpkgs_5" - }, - "locked": { - "lastModified": 1761047979, - "narHash": "sha256-A7gDkM/xAX1R8FGmryZpcIsLsdcrnmJ5bpN8rmFoH9o=", - "owner": "sunmeplz", - "repo": "xray-3x-ui", - "rev": "a01a56f38813a2e86d2612556f3a672cb11c3681", - "type": "github" - }, - "original": { - "owner": "sunmeplz", - "repo": "xray-3x-ui", - "type": "github" - } - }, "zen-browser": { "inputs": { - "home-manager": "home-manager_3", + "home-manager": "home-manager_2", "nixpkgs": [ "nixpkgs" ] diff --git a/flake.nix b/flake.nix index 85fe2f4..dacbdf3 100644 --- a/flake.nix +++ b/flake.nix @@ -4,15 +4,11 @@ inputs = { nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable"; spicetify-nix.url = "github:Gerg-L/spicetify-nix"; - xray-3x-ui.url = "github:sunmeplz/xray-3x-ui"; + home-manager = { url = "github:nix-community/home-manager"; inputs.nixpkgs.follows = "nixpkgs"; }; - agenix = { - url = "github:ryantm/agenix"; - }; - deploy-rs.url = "github:serokell/deploy-rs"; quickshell = { url = "github:outfoxxed/quickshell"; inputs.nixpkgs.follows = "nixpkgs"; @@ -49,9 +45,6 @@ nix-colors, stylix, disko, - agenix, - xray-3x-ui, - deploy-rs, ... } @ inputs: let system = "x86_64-linux"; @@ -131,24 +124,5 @@ } ]; }; - nixosConfigurations.kittykat = nixpkgs.lib.nixosSystem { - inherit system; - specialArgs = {inherit inputs;}; - modules = [ - ./hosts/kittykat/configuration.nix - xray-3x-ui.nixosModules.default - agenix.nixosModules.default - inputs.disko.nixosModules.disko - ]; - }; - deploy.nodes.kittykat = { - hostname = "kittykat"; - profiles.system = { - sshUser = "root"; - user = "root"; - path = deploy-rs.lib.x86_64-linux.activate.nixos self.nixosConfigurations.kittykat; - }; - }; - checks = builtins.mapAttrs (system: deployLib: deployLib.deployChecks self.deploy) deploy-rs.lib; }; } diff --git a/hosts/kittykat/configuration.nix b/hosts/kittykat/configuration.nix deleted file mode 100644 index 48c7f25..0000000 --- a/hosts/kittykat/configuration.nix +++ /dev/null @@ -1,30 +0,0 @@ -{ - config, - lib, - pkgs, - ... -}: { - imports = [ - ./hardware-configuration.nix - ./disko.nix - ../../modules/nixos/networking/ssh.nix - ../../modules/nixos/users/tulg.nix - ./traefik.nix - ]; - - networking.hostName = "kittykat"; - environment.systemPackages = with pkgs; [ - nano - fastfetch - kitty - ]; - services.xray-3x-ui = { - enable = true; - port = 2053; - openFirewall = true; - }; - - nixpkgs.config.allowUnfree = true; - nix.settings.experimental-features = ["nix-command" "flakes"]; - system.stateVersion = "25.05"; -} diff --git a/hosts/kittykat/disko.nix b/hosts/kittykat/disko.nix deleted file mode 100644 index d439fcc..0000000 --- a/hosts/kittykat/disko.nix +++ /dev/null @@ -1,37 +0,0 @@ -{ - disko.devices = { - disk = { - main = { - type = "disk"; - device = "/dev/sda"; - content = { - type = "gpt"; - partitions = { - boot = { - size = "1M"; - type = "EF02"; - priority = 1; - }; - ESP = { - size = "512M"; - type = "EF00"; - content = { - type = "filesystem"; - format = "vfat"; - mountpoint = "/boot"; - }; - }; - root = { - size = "100%"; - content = { - type = "filesystem"; - format = "ext4"; - mountpoint = "/"; - }; - }; - }; - }; - }; - }; - }; -} diff --git a/hosts/kittykat/hardware-configuration.nix b/hosts/kittykat/hardware-configuration.nix deleted file mode 100644 index 7db19c8..0000000 --- a/hosts/kittykat/hardware-configuration.nix +++ /dev/null @@ -1,17 +0,0 @@ -{ - config, - lib, - pkgs, - modulesPath, - ... -}: { - imports = [ - (modulesPath + "/profiles/qemu-guest.nix") - ]; - boot.loader.grub = { - enable = true; - efiSupport = true; - }; - networking.useDHCP = lib.mkDefault true; - nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; -} diff --git a/hosts/kittykat/traefik.nix b/hosts/kittykat/traefik.nix deleted file mode 100644 index e6abfb4..0000000 --- a/hosts/kittykat/traefik.nix +++ /dev/null @@ -1,66 +0,0 @@ -{config, ...}: { - networking.firewall = { - enable = true; - allowedTCPPorts = [80 443]; - }; - - services.traefik = { - enable = true; - - staticConfigOptions = { - entryPoints = { - web = { - address = ":80"; - http.redirections.entrypoint = { - to = "websecure"; - scheme = "https"; - }; - }; - - websecure = { - address = ":443"; - http.tls.certResolver = "letsencrypt"; - }; - }; - - log = { - level = "INFO"; - filePath = "${config.services.traefik.dataDir}/traefik.log"; - format = "json"; - }; - - certificatesResolvers.letsencrypt.acme = { - email = "tulg@protonmail.ch"; - storage = "${config.services.traefik.dataDir}/acme.json"; - httpChallenge.entryPoint = "web"; - }; - - api.dashboard = true; - }; - - dynamicConfigOptions = { - http = { - routers = { - xray = { - rule = "Host(`v2.kittykat.poggerer.xyz`)"; - entryPoints = ["websecure"]; - service = "xray"; - tls = { - certResolver = "letsencrypt"; - }; - }; - }; - - services = { - xray = { - loadBalancer = { - servers = [ - {url = "http://127.0.0.1:2053";} - ]; - }; - }; - }; - }; - }; - }; -} diff --git a/modules/nixos/networking/ssh.nix b/modules/nixos/networking/ssh.nix index c3a130c..93942c0 100644 --- a/modules/nixos/networking/ssh.nix +++ b/modules/nixos/networking/ssh.nix @@ -7,7 +7,9 @@ ]; services.openssh = { enable = true; - settings.PermitRootLogin = "prohibit-password"; - allowSFTP = true; + settings = { + PasswordAuthentication = true; + PermitRootLogin = "yes"; + }; }; } diff --git a/modules/nixos/services.nix b/modules/nixos/services.nix index 3476e20..81d93a9 100644 --- a/modules/nixos/services.nix +++ b/modules/nixos/services.nix @@ -34,7 +34,7 @@ enable = true; package = pkgs.mullvad-vpn; }; - services.v2raya.enable = true; + programs.thunar.plugins = with pkgs; [ thunar-archive-plugin thunar-volman diff --git a/modules/nixos/users/tulg.nix b/modules/nixos/users/tulg.nix index a680273..f069ccc 100644 --- a/modules/nixos/users/tulg.nix +++ b/modules/nixos/users/tulg.nix @@ -2,9 +2,6 @@ users.users.tulg = { isNormalUser = true; description = "Tulga"; - openssh.authorizedKeys.keys = [ - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDIefprdYz4gFgBqGlrkycWcTYxFttQHRjDQmREtQTiGyqK1gQiB4z4Cbiayt7Emq224sbaobQPlNSyhlBCSo/Wf0bmZMz8NwNdwhFSkDnyD6LPaHg8fv9FXnWW0wBMl4oSD2wfGbMQBrecjgHXfJ64UiHyyhDllDDtWGgoY75wwfWHzX/NiGaEi0LHCQ8dsgp7H+BhssTkJPZbv6BJcA34yfb6dISjvW2S/QGKMwgYr9ArfGLUTWPbj+EbL7Bf9VsTFe9nP+FnYqEu4+oBIbY2heXWA+FCi0zxmMY4oYJxT5cJi1nffVOxboKLm4kIT93gv1WdcDiQDVdy5sJ1q0gJyiRt1HfJW4l8jn36VJ0FvdGmRliOTzSfeER0gbIsOcxeArHRV3ff/CoSocnSs0To5vFKgjlGwhdE8sJsqILgZnIoKwVvOXuDOz/RhbdBPpVsG7upk7bLJtLv9P5h0h/gUIWA1iktaYBSDL0UofjSrfNhZH6M0P+soIuooanSlVGivTlASw1pd+gjvebbc9ksvGZVqPQT0XegIvZkwfu8moERZUqv/xhNcyWTEGfFKoeHt5ub8Ac0LOe9Ak6N+p8xDjTdkmUgte5J/CNL1JL3JA/iqocAo+VvmIbPatbrOwUNcROOS3WeFg8MfNrbDyYCVNbZWAyM6wwfLB2fIUB2jw== tulg@highcommand" # content of authorized_keys file - ]; extraGroups = [ "networkmanager" "wheel" @@ -12,7 +9,4 @@ "kvm" ]; }; - users.users."root".openssh.authorizedKeys.keys = [ - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDIefprdYz4gFgBqGlrkycWcTYxFttQHRjDQmREtQTiGyqK1gQiB4z4Cbiayt7Emq224sbaobQPlNSyhlBCSo/Wf0bmZMz8NwNdwhFSkDnyD6LPaHg8fv9FXnWW0wBMl4oSD2wfGbMQBrecjgHXfJ64UiHyyhDllDDtWGgoY75wwfWHzX/NiGaEi0LHCQ8dsgp7H+BhssTkJPZbv6BJcA34yfb6dISjvW2S/QGKMwgYr9ArfGLUTWPbj+EbL7Bf9VsTFe9nP+FnYqEu4+oBIbY2heXWA+FCi0zxmMY4oYJxT5cJi1nffVOxboKLm4kIT93gv1WdcDiQDVdy5sJ1q0gJyiRt1HfJW4l8jn36VJ0FvdGmRliOTzSfeER0gbIsOcxeArHRV3ff/CoSocnSs0To5vFKgjlGwhdE8sJsqILgZnIoKwVvOXuDOz/RhbdBPpVsG7upk7bLJtLv9P5h0h/gUIWA1iktaYBSDL0UofjSrfNhZH6M0P+soIuooanSlVGivTlASw1pd+gjvebbc9ksvGZVqPQT0XegIvZkwfu8moERZUqv/xhNcyWTEGfFKoeHt5ub8Ac0LOe9Ak6N+p8xDjTdkmUgte5J/CNL1JL3JA/iqocAo+VvmIbPatbrOwUNcROOS3WeFg8MfNrbDyYCVNbZWAyM6wwfLB2fIUB2jw== tulg@highcommand" # content of authorized_keys file - ]; }