3 files changed, 170 insertions, 203 deletions
diff --git a/hosts/mantis/configuration.nix b/hosts/mantis/configuration.nix
index 8f71964..acc2a49 100644
--- a/hosts/mantis/configuration.nix
+++ b/hosts/mantis/configuration.nix
@@ -1,222 +1,105 @@
-# Edit this configuration file to define what should be installed on
-# your system. Help is available in the configuration.nix(5) man page, on
 # https://search.nixos.org/options and in the NixOS manual (`nixos-help`).
-{ config, lib, pkgs, self, ... }:
+{ config, lib, pkgs, ... }:
 {
  imports =
-    [
+    [ # Include the results of the hardware scan.
-      # Include the results of the hardware scan.
      ./hardware-configuration.nix
    ];
-  nixpkgs.overlays = with self.overlays; [
-    flaresolverr
-  ];
  # Use the systemd-boot EFI boot loader.
  boot.loader.systemd-boot.enable = true;
  boot.loader.efi.canTouchEfiVariables = true;
  networking.hostName = "mantis"; # Define your hostname.
-  networking.wireless.iwd.enable = true; # Enables wireless support via wpa_supplicant.
+  # Pick only one of the below networking options.
-  networking.firewall.allowedTCPPorts = [ 80 443 ];
+  # networking.wireless.enable = true;  # Enables wireless support via wpa_supplicant.
+  # networking.networkmanager.enable = true;  # Easiest to use and most distros use this by default.
+  # Set your time zone.
  time.timeZone = "Europe/London";
-  i18n.defaultLocale = "en_US.UTF-8";
-  nixpkgs.config.packageOverrides = pkgs: {
+  # Configure network proxy if necessary
-    vaapiIntel = pkgs.vaapiIntel.override { enableHybridCodec = true; };
+  # networking.proxy.default = "http://user:password@proxy:port/";
-  };
+  # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain";
+  # Select internationalisation properties.
+  # i18n.defaultLocale = "en_US.UTF-8";
+  # console = {
+  #   font = "Lat2-Terminus16";
+  #   keyMap = "us";
+  #   useXkbConfig = true; # use xkb.options in tty.
+  # };
+  # Enable the X11 windowing system.
+  services.xserver.enable = true;
+  # Enable the GNOME Desktop Environment.
+  services.xserver.displayManager.gdm.enable = true;
+  services.xserver.desktopManager.gnome.enable = true;
+  
+  # Configure keymap in X11
+  # services.xserver.xkb.layout = "us";
+  # services.xserver.xkb.options = "eurosign:e,caps:escape";
+  # Enable CUPS to print documents.
+  # services.printing.enable = true;
  # Enable sound.
-  sound.enable = true;
+  # hardware.pulseaudio.enable = true;
-  hardware.pulseaudio.enable = true;
+  # OR
-  hardware.opengl = {
+  # services.pipewire = {
-    enable = true;
+  #   enable = true;
-    extraPackages = with pkgs; [
+  #   pulse.enable = true;
-      intel-media-driver
+  # };
-      vaapiIntel
-      vaapiVdpau
+  # Enable touchpad support (enabled default in most desktopManager).
-      libvdpau-va-gl
+  services.xserver.libinput.enable = true;
-      intel-compute-runtime # OpenCL filter support (hardware tonemapping and subtitle burn-in)
+  services.tailscale.enable = true;
-    ];
-  };
  # Define a user account. Don't forget to set a password with ‘passwd’.
  users.users.op = {
    isNormalUser = true;
-    extraGroups = [ "wheel" "tty" ];
+    extraGroups = [ "wheel" ]; # Enable ‘sudo’ for the user.
-    packages = with pkgs; [ ];
+    packages = with pkgs; [
-    home = "/home/op";
+      qutebrowser
-    openssh.authorizedKeys.keys = [
+      tree
-      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILzFK/zY2ZaAftBfFPO+IJAgyD45pe0fXrpF81p8aNIl np@myrtle"
    ];
+    createHome = true;
+    home = "/home/op";
  };
-  users.groups."torrent".members = [
-    "op"
-    "sonarr"
-    "radarr"
-    "bazarr"
-    "jackett"
-    "lidarr"
-    "jellyfin"
-    "transmission"
-  ];
+  # List packages installed in system profile. To search, run:
+  # $ nix search wget
  environment.systemPackages = with pkgs; [
-    vim
+    vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default.
    wget
-    pkgs.jellyfin
+    git
-    pkgs.jellyfin-web
-    pkgs.jellyfin-ffmpeg
-    pkgs.htop
-    pkgs.ripgrep
-    pkgs.git
  ];
-  services.openssh.enable = true;
+  # Some programs need SUID wrappers, can be configured further or are
-  services.nginx.enable = true;
+  # started in user sessions.
-  services.tailscale.enable = true;
+  # programs.mtr.enable = true;
+  # programs.gnupg.agent = {
-  services.jellyfin = {
+  #   enable = true;
-    enable = true;
+  #   enableSSHSupport = true;
-    openFirewall = true;
+  # };
-    group = "torrent";
-  };
-  services.nginx.virtualHosts."stream.mantis" = {
-    listen = [{ port = 80; addr = "0.0.0.0"; }];
-    locations."/" = {
-      proxyPass = "http://127.0.0.1:8096";
-      proxyWebsockets = true;
-    };
-  };
-  services.navidrome = {
-    enable = true;
-    openFirewall = true;
-    settings = {
-      MusicFolder = "/servarr/lidarr/";
-      DataFolder = "/etc/navidrome/data";
-      CacheFolder = "/etc/navidrome/cache";
-      Address = "0.0.0.0";
-      Port = 4533;
-      AuthRequestLimit = 0;
-      EnableTranscodingConfig = true;
-    };
-  };
-  services.nginx.virtualHosts."music.mantis" = {
-    listen = [{ port = 80; addr = "0.0.0.0"; }];
-    locations."/" = {
-      proxyPass = "http://127.0.0.1:4533";
-      proxyWebsockets = true;
-    };
-  };
-  services.transmission = {
-    enable = true;
-    openFirewall = true;
-    openRPCPort = true;
-    group = "torrent";
-    settings = {
-      download-dir = "/torrents";
-      incomplete-dir = "/.incomplete";
-      rpc-bind-address = "0.0.0.0";
-      rpc-whitelist = "127.0.0.1,10.0.0.1,192.168.*.*,100.64.*.*";
-    };
-  };
-  services.nginx.virtualHosts."torrent.mantis" = {
-    listen = [{ port = 80; addr = "0.0.0.0"; }];
-    locations."/" = {
-      proxyPass = "http://127.0.0.1:9091";
-    };
-  };
-  services.sonarr = {
-    enable = true;
-    openFirewall = true;
-    group = "torrent";
-  };
-  services.nginx.virtualHosts."sonarr.mantis" = {
-    listen = [{ port = 80; addr = "0.0.0.0"; }];
-    locations."/" = {
-      proxyPass = "http://127.0.0.1:8989";
-    };
-  };
-  services.radarr = {
-    enable = true;
-    openFirewall = true;
-    group = "torrent";
-  };
-  services.nginx.virtualHosts."radarr.mantis" = {
-    listen = [{ port = 80; addr = "0.0.0.0"; }];
-    locations."/" = {
-      proxyPass = "http://127.0.0.1:7878";
-    };
-  };
-  services.bazarr = {
-    enable = true;
-    openFirewall = true;
-    group = "torrent";
-  };
-  services.nginx.virtualHosts."bazarr.mantis" = {
-    listen = [{ port = 80; addr = "0.0.0.0"; }];
-    locations."/" = {
-      proxyPass = "http://127.0.0.1:6767";
-    };
-  };
-  services.jackett = {
-    enable = true;
-    openFirewall = true;
-    group = "torrent";
-  };
-  services.nginx.virtualHosts."jackett.mantis" = {
-    listen = [{ port = 80; addr = "0.0.0.0"; }];
-    locations."/" = {
-      proxyPass = "http://127.0.0.1:9117";
-    };
-  };
-  services.lidarr = {
-    enable = true;
-    openFirewall = true;
-    group = "torrent";
-  };
-  services.nginx.virtualHosts."lidarr.mantis" = {
-    listen = [{ port = 80; addr = "0.0.0.0"; }];
-    locations."/" = {
-      proxyPass = "http://127.0.0.1:8686";
-    };
-  };
-  services.flaresolverr.enable = true;
-  services.radicale = {
-    enable = true;
-    settings = {
-      server.hosts = [ "0.0.0.0:5232" ];
-      auth = {
-        type = "htpasswd";
-        htpasswd_filename = "/etc/radicale/users";
-        htpasswd_encryption = "bcrypt";
-      };
-    };
-  };
-  services.nginx.virtualHosts."radicale.mantis" = {
-    listen = [{ port = 80; addr = "0.0.0.0"; }];
-    locations."/" = {
-      proxyPass = "http://127.0.0.1:5232";
-    };
-  };
+  # List services that you want to enable:
+  # Enable the OpenSSH daemon.
+  services.openssh.enable = true;
  nix.settings.experimental-features = [ "nix-command" "flakes" ];
+  # Open ports in the firewall.
+  # networking.firewall.allowedTCPPorts = [ ... ];
+  # networking.firewall.allowedUDPPorts = [ ... ];
+  # Or disable the firewall altogether.
+  # networking.firewall.enable = false;
  # Copy the NixOS configuration file and link it from the resulting system
  # (/run/current-system/configuration.nix). This is useful in case you
  # accidentally delete configuration.nix.
@@ -229,7 +112,8 @@
  # even if you've upgraded your system to a new NixOS release.
  #
  # This value does NOT affect the Nixpkgs version your packages and OS are pulled from,
-  # so changing it will NOT upgrade your system.
+  # so changing it will NOT upgrade your system - see https://nixos.org/manual/nixos/stable/#sec-upgrading for how
+  # to actually do that.
  #
  # This value being lower than the current NixOS release does NOT mean your system is
  # out of date, out of support, or vulnerable.
@@ -238,7 +122,7 @@
  # and migrated your data accordingly.
  #
  # For more information, see `man configuration.nix` or https://nixos.org/manual/nixos/stable/options#opt-system.stateVersion .
-  system.stateVersion = "23.11"; # Did you read the comment?
+  system.stateVersion = "24.05"; # Did you read the comment?
 }
diff --git a/hosts/mantis/hardware-configuration.nix b/hosts/mantis/hardware-configuration.nix
index 6afcb08..3f04a4a 100644
--- a/hosts/mantis/hardware-configuration.nix
+++ b/hosts/mantis/hardware-configuration.nix
@@ -5,35 +5,28 @@
 {
  imports =
-    [
+    [ (modulesPath + "/installer/scan/not-detected.nix")
-      (modulesPath + "/installer/scan/not-detected.nix")
    ];
-  boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "usbhid" "usb_storage" "sd_mod" ];
+  boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "nvme" "usbhid" "usb_storage" "sd_mod" ];
  boot.initrd.kernelModules = [ ];
  boot.kernelModules = [ "kvm-intel" ];
  boot.extraModulePackages = [ ];
  fileSystems."/" =
-    {
+    { device = "/dev/disk/by-uuid/efd94de4-c3fa-4a3b-98f9-66ccfb8479b9";
-      device = "/dev/disk/by-uuid/e3eda8a2-b5fe-4458-988c-48579a7cc6c6";
-      fsType = "ext4";
-    };
-  fileSystems."/servarr" =
-    {
-      device = "/dev/sdb";
      fsType = "ext4";
    };
  fileSystems."/boot" =
-    {
+    { device = "/dev/disk/by-uuid/5BBB-E6FE";
-      device = "/dev/disk/by-uuid/A170-EC57";
      fsType = "vfat";
+      options = [ "fmask=0022" "dmask=0022" ];
    };
  swapDevices =
-    [{ device = "/dev/disk/by-uuid/61cb6a91-b916-40b9-b231-c04378629d90"; }];
+    [ { device = "/dev/disk/by-uuid/65faea2e-c2ce-4ec2-8aca-e09e5073676b"; }
+    ];
  # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
  # (the default) this is the recommended approach. When using systemd-networkd it's
@@ -41,7 +34,6 @@
  # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
  networking.useDHCP = lib.mkDefault true;
  # networking.interfaces.enp2s0.useDHCP = lib.mkDefault true;
-  # networking.interfaces.wlp3s0.useDHCP = lib.mkDefault true;
  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
  hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
diff --git a/hosts/mantis/home.nix b/hosts/mantis/home.nix
new file mode 100644
index 0000000..84a365f
--- /dev/null
+++ b/hosts/mantis/home.nix
@@ -0,0 +1,91 @@
+{ config
+, pkgs
+, theme
+, self
+, ...
+}:
+{
+  imports = [
+    ../../programs
+    ../../services
+    ../../x
+    # ./mail.nix
+  ];
+  home.stateVersion = "22.11";
+  home.username = "op";
+  home.homeDirectory = "/home/op";
+  home.extraOutputsToInstall = [ "man" ];
+  home.packages = with pkgs; [
+    # essentials
+    vim
+    weechat
+    firefox
+    qutebrowser
+    unzip
+    tmux
+    xclip
+    ripgrep
+    miniserve
+    pfetch
+    st
+    cmus
+    tree
+    w3m
+    noto-fonts-emoji
+    fd
+    du-dust
+    jq
+    libnotify
+    inotify-tools
+    pavucontrol
+    bc
+    killall
+    wget
+    curl
+    imagemagick
+    ffmpeg-full
+    mpv
+    slop
+    maim
+    arandr
+    # monitoring
+    stress
+    powertop
+    # input
+    xinput_calibrator
+    libinput
+    nixpkgs-fmt
+  ] ++ (import ../../scripts { inherit pkgs; });
+  xdg = {
+    userDirs = {
+      enable = true;
+      desktop = "\$HOME/desktop";
+      documents = "\$HOME/docs";
+      download = "\$HOME/dloads";
+      music = "\$HOME/music";
+      pictures = "\$HOME/pics";
+      videos = "\$HOME/vids";
+    };
+  };
+  xsession = {
+    enable = true;
+    windowManager.command = "2bwm";
+    initExtra = ''
+      ${pkgs.hsetroot}/bin/hsetroot -solid "${theme.base00}"
+      xrdb -load $HOME/.Xresources
+    '';
+  };
+}

diff --git a/hosts/mantis/configuration.nix b/hosts/mantis/configuration.nix index 8f71964..acc2a49 100644 --- a/hosts/mantis/configuration.nix +++ b/hosts/mantis/configuration.nix
@@ -1,222 +1,105 @@
1	# Edit this configuration file to define what should be installed on
2	# your system. Help is available in the configuration.nix(5) man page, on
3	# https://search.nixos.org/options and in the NixOS manual (`nixos-help`).	1	# https://search.nixos.org/options and in the NixOS manual (`nixos-help`).
4		2
5	{ config, lib, pkgs, self, ... }:	3	{ config, lib, pkgs, ... }:
6		4
7	{	5	{
8	imports =	6	imports =
9	[	7	[ # Include the results of the hardware scan.
10	# Include the results of the hardware scan.
11	./hardware-configuration.nix	8	./hardware-configuration.nix
12	];	9	];
13		10
14	nixpkgs.overlays = with self.overlays; [
15	flaresolverr
16	];
17
18	# Use the systemd-boot EFI boot loader.	11	# Use the systemd-boot EFI boot loader.
19	boot.loader.systemd-boot.enable = true;	12	boot.loader.systemd-boot.enable = true;
20	boot.loader.efi.canTouchEfiVariables = true;	13	boot.loader.efi.canTouchEfiVariables = true;
21		14
22	networking.hostName = "mantis"; # Define your hostname.	15	networking.hostName = "mantis"; # Define your hostname.
23	networking.wireless.iwd.enable = true; # Enables wireless support via wpa_supplicant.	16	# Pick only one of the below networking options.
24	networking.firewall.allowedTCPPorts = [ 80 443 ];	17	# networking.wireless.enable = true; # Enables wireless support via wpa_supplicant.
		18	# networking.networkmanager.enable = true; # Easiest to use and most distros use this by default.
25		19
		20	# Set your time zone.
26	time.timeZone = "Europe/London";	21	time.timeZone = "Europe/London";
27	i18n.defaultLocale = "en_US.UTF-8";
28		22
29	nixpkgs.config.packageOverrides = pkgs: {	23	# Configure network proxy if necessary
30	vaapiIntel = pkgs.vaapiIntel.override { enableHybridCodec = true; };	24	# networking.proxy.default = "http://user:password@proxy:port/";
31	};	25	# networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain";
		26
		27	# Select internationalisation properties.
		28	# i18n.defaultLocale = "en_US.UTF-8";
		29	# console = {
		30	# font = "Lat2-Terminus16";
		31	# keyMap = "us";
		32	# useXkbConfig = true; # use xkb.options in tty.
		33	# };
		34
		35	# Enable the X11 windowing system.
		36	services.xserver.enable = true;
		37
		38
		39	# Enable the GNOME Desktop Environment.
		40	services.xserver.displayManager.gdm.enable = true;
		41	services.xserver.desktopManager.gnome.enable = true;
		42
		43
		44	# Configure keymap in X11
		45	# services.xserver.xkb.layout = "us";
		46	# services.xserver.xkb.options = "eurosign:e,caps:escape";
		47
		48	# Enable CUPS to print documents.
		49	# services.printing.enable = true;
32		50
33	# Enable sound.	51	# Enable sound.
34	sound.enable = true;	52	# hardware.pulseaudio.enable = true;
35	hardware.pulseaudio.enable = true;	53	# OR
36	hardware.opengl = {	54	# services.pipewire = {
37	enable = true;	55	# enable = true;
38	extraPackages = with pkgs; [	56	# pulse.enable = true;
39	intel-media-driver	57	# };
40	vaapiIntel	58
41	vaapiVdpau	59	# Enable touchpad support (enabled default in most desktopManager).
42	libvdpau-va-gl	60	services.xserver.libinput.enable = true;
43	intel-compute-runtime # OpenCL filter support (hardware tonemapping and subtitle burn-in)	61	services.tailscale.enable = true;
44	];
45	};
46		62
47	# Define a user account. Don't forget to set a password with ‘passwd’.	63	# Define a user account. Don't forget to set a password with ‘passwd’.
48	users.users.op = {	64	users.users.op = {
49	isNormalUser = true;	65	isNormalUser = true;
50	extraGroups = [ "wheel" "tty" ];	66	extraGroups = [ "wheel" ]; # Enable ‘sudo’ for the user.
51	packages = with pkgs; [ ];	67	packages = with pkgs; [
52	home = "/home/op";	68	qutebrowser
53	openssh.authorizedKeys.keys = [	69	tree
54	"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILzFK/zY2ZaAftBfFPO+IJAgyD45pe0fXrpF81p8aNIl np@myrtle"
55	];	70	];
		71	createHome = true;
		72	home = "/home/op";
56	};	73	};
57	users.groups."torrent".members = [
58	"op"
59	"sonarr"
60	"radarr"
61	"bazarr"
62	"jackett"
63	"lidarr"
64	"jellyfin"
65	"transmission"
66	];
67		74
		75	# List packages installed in system profile. To search, run:
		76	# $ nix search wget
68	environment.systemPackages = with pkgs; [	77	environment.systemPackages = with pkgs; [
69	vim	78	vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default.
70	wget	79	wget
71	pkgs.jellyfin	80	git
72	pkgs.jellyfin-web
73	pkgs.jellyfin-ffmpeg
74
75	pkgs.htop
76	pkgs.ripgrep
77	pkgs.git
78	];	81	];
79		82
80	services.openssh.enable = true;	83	# Some programs need SUID wrappers, can be configured further or are
81	services.nginx.enable = true;	84	# started in user sessions.
82	services.tailscale.enable = true;	85	# programs.mtr.enable = true;
83		86	# programs.gnupg.agent = {
84	services.jellyfin = {	87	# enable = true;
85	enable = true;	88	# enableSSHSupport = true;
86	openFirewall = true;	89	# };
87	group = "torrent";
88	};
89	services.nginx.virtualHosts."stream.mantis" = {
90	listen = [{ port = 80; addr = "0.0.0.0"; }];
91	locations."/" = {
92	proxyPass = "http://127.0.0.1:8096";
93	proxyWebsockets = true;
94	};
95	};
96
97	services.navidrome = {
98	enable = true;
99	openFirewall = true;
100	settings = {
101	MusicFolder = "/servarr/lidarr/";
102	DataFolder = "/etc/navidrome/data";
103	CacheFolder = "/etc/navidrome/cache";
104	Address = "0.0.0.0";
105	Port = 4533;
106	AuthRequestLimit = 0;
107	EnableTranscodingConfig = true;
108	};
109	};
110	services.nginx.virtualHosts."music.mantis" = {
111	listen = [{ port = 80; addr = "0.0.0.0"; }];
112	locations."/" = {
113	proxyPass = "http://127.0.0.1:4533";
114	proxyWebsockets = true;
115	};
116	};
117
118	services.transmission = {
119	enable = true;
120	openFirewall = true;
121	openRPCPort = true;
122	group = "torrent";
123	settings = {
124	download-dir = "/torrents";
125	incomplete-dir = "/.incomplete";
126	rpc-bind-address = "0.0.0.0";
127	rpc-whitelist = "127.0.0.1,10.0.0.1,192.168..,100.64..";
128	};
129	};
130	services.nginx.virtualHosts."torrent.mantis" = {
131	listen = [{ port = 80; addr = "0.0.0.0"; }];
132	locations."/" = {
133	proxyPass = "http://127.0.0.1:9091";
134	};
135	};
136
137	services.sonarr = {
138	enable = true;
139	openFirewall = true;
140	group = "torrent";
141	};
142	services.nginx.virtualHosts."sonarr.mantis" = {
143	listen = [{ port = 80; addr = "0.0.0.0"; }];
144	locations."/" = {
145	proxyPass = "http://127.0.0.1:8989";
146	};
147	};
148
149	services.radarr = {
150	enable = true;
151	openFirewall = true;
152	group = "torrent";
153	};
154	services.nginx.virtualHosts."radarr.mantis" = {
155	listen = [{ port = 80; addr = "0.0.0.0"; }];
156	locations."/" = {
157	proxyPass = "http://127.0.0.1:7878";
158	};
159	};
160
161	services.bazarr = {
162	enable = true;
163	openFirewall = true;
164	group = "torrent";
165	};
166	services.nginx.virtualHosts."bazarr.mantis" = {
167	listen = [{ port = 80; addr = "0.0.0.0"; }];
168	locations."/" = {
169	proxyPass = "http://127.0.0.1:6767";
170	};
171	};
172
173	services.jackett = {
174	enable = true;
175	openFirewall = true;
176	group = "torrent";
177	};
178	services.nginx.virtualHosts."jackett.mantis" = {
179	listen = [{ port = 80; addr = "0.0.0.0"; }];
180	locations."/" = {
181	proxyPass = "http://127.0.0.1:9117";
182	};
183	};
184
185	services.lidarr = {
186	enable = true;
187	openFirewall = true;
188	group = "torrent";
189	};
190	services.nginx.virtualHosts."lidarr.mantis" = {
191	listen = [{ port = 80; addr = "0.0.0.0"; }];
192	locations."/" = {
193	proxyPass = "http://127.0.0.1:8686";
194	};
195	};
196
197	services.flaresolverr.enable = true;
198
199	services.radicale = {
200	enable = true;
201	settings = {
202	server.hosts = [ "0.0.0.0:5232" ];
203	auth = {
204	type = "htpasswd";
205	htpasswd_filename = "/etc/radicale/users";
206	htpasswd_encryption = "bcrypt";
207	};
208	};
209	};
210	services.nginx.virtualHosts."radicale.mantis" = {
211	listen = [{ port = 80; addr = "0.0.0.0"; }];
212	locations."/" = {
213	proxyPass = "http://127.0.0.1:5232";
214	};
215	};
216		90
		91	# List services that you want to enable:
217		92
		93	# Enable the OpenSSH daemon.
		94	services.openssh.enable = true;
218	nix.settings.experimental-features = [ "nix-command" "flakes" ];	95	nix.settings.experimental-features = [ "nix-command" "flakes" ];
219		96
		97	# Open ports in the firewall.
		98	# networking.firewall.allowedTCPPorts = [ ... ];
		99	# networking.firewall.allowedUDPPorts = [ ... ];
		100	# Or disable the firewall altogether.
		101	# networking.firewall.enable = false;
		102
220	# Copy the NixOS configuration file and link it from the resulting system	103	# Copy the NixOS configuration file and link it from the resulting system
221	# (/run/current-system/configuration.nix). This is useful in case you	104	# (/run/current-system/configuration.nix). This is useful in case you
222	# accidentally delete configuration.nix.	105	# accidentally delete configuration.nix.
@@ -229,7 +112,8 @@
229	# even if you've upgraded your system to a new NixOS release.	112	# even if you've upgraded your system to a new NixOS release.
230	#	113	#
231	# This value does NOT affect the Nixpkgs version your packages and OS are pulled from,	114	# This value does NOT affect the Nixpkgs version your packages and OS are pulled from,
232	# so changing it will NOT upgrade your system.	115	# so changing it will NOT upgrade your system - see https://nixos.org/manual/nixos/stable/#sec-upgrading for how
		116	# to actually do that.
233	#	117	#
234	# This value being lower than the current NixOS release does NOT mean your system is	118	# This value being lower than the current NixOS release does NOT mean your system is
235	# out of date, out of support, or vulnerable.	119	# out of date, out of support, or vulnerable.
@@ -238,7 +122,7 @@
238	# and migrated your data accordingly.	122	# and migrated your data accordingly.
239	#	123	#
240	# For more information, see `man configuration.nix` or https://nixos.org/manual/nixos/stable/options#opt-system.stateVersion .	124	# For more information, see `man configuration.nix` or https://nixos.org/manual/nixos/stable/options#opt-system.stateVersion .
241	system.stateVersion = "23.11"; # Did you read the comment?	125	system.stateVersion = "24.05"; # Did you read the comment?
242		126
243	}	127	}
244		128


diff --git a/hosts/mantis/hardware-configuration.nix b/hosts/mantis/hardware-configuration.nix index 6afcb08..3f04a4a 100644 --- a/hosts/mantis/hardware-configuration.nix +++ b/hosts/mantis/hardware-configuration.nix
@@ -5,35 +5,28 @@
5		5
6	{	6	{
7	imports =	7	imports =
8	[	8	[ (modulesPath + "/installer/scan/not-detected.nix")
9	(modulesPath + "/installer/scan/not-detected.nix")
10	];	9	];
11		10
12	boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "usbhid" "usb_storage" "sd_mod" ];	11	boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "nvme" "usbhid" "usb_storage" "sd_mod" ];
13	boot.initrd.kernelModules = [ ];	12	boot.initrd.kernelModules = [ ];
14	boot.kernelModules = [ "kvm-intel" ];	13	boot.kernelModules = [ "kvm-intel" ];
15	boot.extraModulePackages = [ ];	14	boot.extraModulePackages = [ ];
16		15
17	fileSystems."/" =	16	fileSystems."/" =
18	{	17	{ device = "/dev/disk/by-uuid/efd94de4-c3fa-4a3b-98f9-66ccfb8479b9";
19	device = "/dev/disk/by-uuid/e3eda8a2-b5fe-4458-988c-48579a7cc6c6";
20	fsType = "ext4";
21	};
22
23	fileSystems."/servarr" =
24	{
25	device = "/dev/sdb";
26	fsType = "ext4";	18	fsType = "ext4";
27	};	19	};
28		20
29	fileSystems."/boot" =	21	fileSystems."/boot" =
30	{	22	{ device = "/dev/disk/by-uuid/5BBB-E6FE";
31	device = "/dev/disk/by-uuid/A170-EC57";
32	fsType = "vfat";	23	fsType = "vfat";
		24	options = [ "fmask=0022" "dmask=0022" ];
33	};	25	};
34		26
35	swapDevices =	27	swapDevices =
36	[{ device = "/dev/disk/by-uuid/61cb6a91-b916-40b9-b231-c04378629d90"; }];	28	[ { device = "/dev/disk/by-uuid/65faea2e-c2ce-4ec2-8aca-e09e5073676b"; }
		29	];
37		30
38	# Enables DHCP on each ethernet and wireless interface. In case of scripted networking	31	# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
39	# (the default) this is the recommended approach. When using systemd-networkd it's	32	# (the default) this is the recommended approach. When using systemd-networkd it's
@@ -41,7 +34,6 @@
41	# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.	34	# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
42	networking.useDHCP = lib.mkDefault true;	35	networking.useDHCP = lib.mkDefault true;
43	# networking.interfaces.enp2s0.useDHCP = lib.mkDefault true;	36	# networking.interfaces.enp2s0.useDHCP = lib.mkDefault true;
44	# networking.interfaces.wlp3s0.useDHCP = lib.mkDefault true;
45		37
46	nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";	38	nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
47	hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;	39	hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;


diff --git a/hosts/mantis/home.nix b/hosts/mantis/home.nix new file mode 100644 index 0000000..84a365f --- /dev/null +++ b/hosts/mantis/home.nix
@@ -0,0 +1,91 @@
		1	{ config
		2	, pkgs
		3	, theme
		4	, self
		5	, ...
		6	}:
		7
		8	{
		9
		10	imports = [
		11	../../programs
		12	../../services
		13	../../x
		14	# ./mail.nix
		15	];
		16
		17	home.stateVersion = "22.11";
		18	home.username = "op";
		19	home.homeDirectory = "/home/op";
		20	home.extraOutputsToInstall = [ "man" ];
		21	home.packages = with pkgs; [
		22
		23	# essentials
		24	vim
		25	weechat
		26	firefox
		27	qutebrowser
		28	unzip
		29	tmux
		30	xclip
		31	ripgrep
		32	miniserve
		33	pfetch
		34	st
		35	cmus
		36	tree
		37	w3m
		38	noto-fonts-emoji
		39	fd
		40	du-dust
		41	jq
		42	libnotify
		43	inotify-tools
		44	pavucontrol
		45	bc
		46	killall
		47
		48	wget
		49	curl
		50
		51	imagemagick
		52	ffmpeg-full
		53	mpv
		54	slop
		55	maim
		56	arandr
		57
		58	# monitoring
		59	stress
		60	powertop
		61
		62	# input
		63	xinput_calibrator
		64	libinput
		65
		66	nixpkgs-fmt
		67
		68	] ++ (import ../../scripts { inherit pkgs; });
		69
		70	xdg = {
		71	userDirs = {
		72	enable = true;
		73	desktop = "\$HOME/desktop";
		74	documents = "\$HOME/docs";
		75	download = "\$HOME/dloads";
		76	music = "\$HOME/music";
		77	pictures = "\$HOME/pics";
		78	videos = "\$HOME/vids";
		79	};
		80	};
		81
		82	xsession = {
		83	enable = true;
		84	windowManager.command = "2bwm";
		85	initExtra = ''
		86	${pkgs.hsetroot}/bin/hsetroot -solid "${theme.base00}"
		87	xrdb -load $HOME/.Xresources
		88	'';
		89	};
		90
		91	}