diff --git a/.github/workflows/flakehub.yml b/.github/workflows/flakehub.yml index 37adcfde..1c62a7bb 100644 --- a/.github/workflows/flakehub.yml +++ b/.github/workflows/flakehub.yml @@ -2,7 +2,7 @@ name: "flakehub" on: push: branches: - - "master" + - master jobs: flakehub-publish: runs-on: "ubuntu-latest" diff --git a/.github/workflows/nix-build.yml b/.github/workflows/nix-build.yml index c5468b50..08e0dd7d 100644 --- a/.github/workflows/nix-build.yml +++ b/.github/workflows/nix-build.yml @@ -2,7 +2,7 @@ name: "nix-build" on: push: paths-ignore: - - '*.md' + - '**/*.md' - '.github/**' - '_img/**' workflow_dispatch: diff --git a/.github/workflows/nix-check.yml b/.github/workflows/nix-check.yml index 72ac89b7..7401e9f1 100644 --- a/.github/workflows/nix-check.yml +++ b/.github/workflows/nix-check.yml @@ -2,7 +2,7 @@ name: "nix-check" on: push: paths-ignore: - - '*.md' + - '**/*.md' - '.github/**' - '_img/**' workflow_dispatch: diff --git a/LICENSE.md b/LICENSE.md index 175443ce..768c642e 100644 --- a/LICENSE.md +++ b/LICENSE.md @@ -1,8 +1,7 @@ -GNU General Public License -========================== +# GNU General Public License -_Version 3, 29 June 2007_ -_Copyright © 2007 Free Software Foundation, Inc. <>_ +_Version 3, 29 June 2007_\ +_Copyright © 2007 Free Software Foundation, Inc. \<>_ Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. @@ -193,20 +192,20 @@ You may convey a work based on the Program, or the modifications to produce it f the Program, in the form of source code under the terms of section 4, provided that you also meet all of these conditions: -* **a)** The work must carry prominent notices stating that you modified it, and giving a -relevant date. -* **b)** The work must carry prominent notices stating that it is released under this -License and any conditions added under section 7. This requirement modifies the -requirement in section 4 to “keep intact all notices”. -* **c)** You must license the entire work, as a whole, under this License to anyone who -comes into possession of a copy. This License will therefore apply, along with any -applicable section 7 additional terms, to the whole of the work, and all its parts, -regardless of how they are packaged. This License gives no permission to license the -work in any other way, but it does not invalidate such permission if you have -separately received it. -* **d)** If the work has interactive user interfaces, each must display Appropriate Legal -Notices; however, if the Program has interactive interfaces that do not display -Appropriate Legal Notices, your work need not make them do so. +- **a)** The work must carry prominent notices stating that you modified it, and giving a + relevant date. +- **b)** The work must carry prominent notices stating that it is released under this + License and any conditions added under section 7. This requirement modifies the + requirement in section 4 to “keep intact all notices”. +- **c)** You must license the entire work, as a whole, under this License to anyone who + comes into possession of a copy. This License will therefore apply, along with any + applicable section 7 additional terms, to the whole of the work, and all its parts, + regardless of how they are packaged. This License gives no permission to license the + work in any other way, but it does not invalidate such permission if you have + separately received it. +- **d)** If the work has interactive user interfaces, each must display Appropriate Legal + Notices; however, if the Program has interactive interfaces that do not display + Appropriate Legal Notices, your work need not make them do so. A compilation of a covered work with other separate and independent works, which are not by their nature extensions of the covered work, and which are not combined with @@ -222,35 +221,35 @@ You may convey a covered work in object code form under the terms of sections 4 5, provided that you also convey the machine-readable Corresponding Source under the terms of this License, in one of these ways: -* **a)** Convey the object code in, or embodied in, a physical product (including a -physical distribution medium), accompanied by the Corresponding Source fixed on a -durable physical medium customarily used for software interchange. -* **b)** Convey the object code in, or embodied in, a physical product (including a -physical distribution medium), accompanied by a written offer, valid for at least -three years and valid for as long as you offer spare parts or customer support for -that product model, to give anyone who possesses the object code either **(1)** a copy of -the Corresponding Source for all the software in the product that is covered by this -License, on a durable physical medium customarily used for software interchange, for -a price no more than your reasonable cost of physically performing this conveying of -source, or **(2)** access to copy the Corresponding Source from a network server at no -charge. -* **c)** Convey individual copies of the object code with a copy of the written offer to -provide the Corresponding Source. This alternative is allowed only occasionally and -noncommercially, and only if you received the object code with such an offer, in -accord with subsection 6b. -* **d)** Convey the object code by offering access from a designated place (gratis or for -a charge), and offer equivalent access to the Corresponding Source in the same way -through the same place at no further charge. You need not require recipients to copy -the Corresponding Source along with the object code. If the place to copy the object -code is a network server, the Corresponding Source may be on a different server -(operated by you or a third party) that supports equivalent copying facilities, -provided you maintain clear directions next to the object code saying where to find -the Corresponding Source. Regardless of what server hosts the Corresponding Source, -you remain obligated to ensure that it is available for as long as needed to satisfy -these requirements. -* **e)** Convey the object code using peer-to-peer transmission, provided you inform -other peers where the object code and Corresponding Source of the work are being -offered to the general public at no charge under subsection 6d. +- **a)** Convey the object code in, or embodied in, a physical product (including a + physical distribution medium), accompanied by the Corresponding Source fixed on a + durable physical medium customarily used for software interchange. +- **b)** Convey the object code in, or embodied in, a physical product (including a + physical distribution medium), accompanied by a written offer, valid for at least + three years and valid for as long as you offer spare parts or customer support for + that product model, to give anyone who possesses the object code either **(1)** a copy of + the Corresponding Source for all the software in the product that is covered by this + License, on a durable physical medium customarily used for software interchange, for + a price no more than your reasonable cost of physically performing this conveying of + source, or **(2)** access to copy the Corresponding Source from a network server at no + charge. +- **c)** Convey individual copies of the object code with a copy of the written offer to + provide the Corresponding Source. This alternative is allowed only occasionally and + noncommercially, and only if you received the object code with such an offer, in + accord with subsection 6b. +- **d)** Convey the object code by offering access from a designated place (gratis or for + a charge), and offer equivalent access to the Corresponding Source in the same way + through the same place at no further charge. You need not require recipients to copy + the Corresponding Source along with the object code. If the place to copy the object + code is a network server, the Corresponding Source may be on a different server + (operated by you or a third party) that supports equivalent copying facilities, + provided you maintain clear directions next to the object code saying where to find + the Corresponding Source. Regardless of what server hosts the Corresponding Source, + you remain obligated to ensure that it is available for as long as needed to satisfy + these requirements. +- **e)** Convey the object code using peer-to-peer transmission, provided you inform + other peers where the object code and Corresponding Source of the work are being + offered to the general public at no charge under subsection 6d. A separable portion of the object code, whose source code is excluded from the Corresponding Source as a System Library, need not be included in conveying the @@ -316,22 +315,22 @@ Notwithstanding any other provision of this License, for material you add to a covered work, you may (if authorized by the copyright holders of that material) supplement the terms of this License with terms: -* **a)** Disclaiming warranty or limiting liability differently from the terms of -sections 15 and 16 of this License; or -* **b)** Requiring preservation of specified reasonable legal notices or author -attributions in that material or in the Appropriate Legal Notices displayed by works -containing it; or -* **c)** Prohibiting misrepresentation of the origin of that material, or requiring that -modified versions of such material be marked in reasonable ways as different from the -original version; or -* **d)** Limiting the use for publicity purposes of names of licensors or authors of the -material; or -* **e)** Declining to grant rights under trademark law for use of some trade names, -trademarks, or service marks; or -* **f)** Requiring indemnification of licensors and authors of that material by anyone -who conveys the material (or modified versions of it) with contractual assumptions of -liability to the recipient, for any liability that these contractual assumptions -directly impose on those licensors and authors. +- **a)** Disclaiming warranty or limiting liability differently from the terms of + sections 15 and 16 of this License; or +- **b)** Requiring preservation of specified reasonable legal notices or author + attributions in that material or in the Appropriate Legal Notices displayed by works + containing it; or +- **c)** Prohibiting misrepresentation of the origin of that material, or requiring that + modified versions of such material be marked in reasonable ways as different from the + original version; or +- **d)** Limiting the use for publicity purposes of names of licensors or authors of the + material; or +- **e)** Declining to grant rights under trademark law for use of some trade names, + trademarks, or service marks; or +- **f)** Requiring indemnification of licensors and authors of that material by anyone + who conveys the material (or modified versions of it) with contractual assumptions of + liability to the recipient, for any liability that these contractual assumptions + directly impose on those licensors and authors. All other non-permissive additional terms are considered “further restrictions” within the meaning of section 10. If the Program as you received @@ -552,31 +551,35 @@ to the start of each source file to most effectively state the exclusion of warr and each file should have at least the “copyright” line and a pointer to where the full notice is found. - - Copyright (C) +``` + +Copyright (C) - This program is free software: you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation, either version 3 of the License, or - (at your option) any later version. +This program is free software: you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation, either version 3 of the License, or +(at your option) any later version. - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. +This program is distributed in the hope that it will be useful, +but WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +GNU General Public License for more details. - You should have received a copy of the GNU General Public License - along with this program. If not, see . +You should have received a copy of the GNU General Public License +along with this program. If not, see . +``` Also add information on how to contact you by electronic and paper mail. If the program does terminal interaction, make it output a short notice like this when it starts in an interactive mode: - Copyright (C) - This program comes with ABSOLUTELY NO WARRANTY; for details type 'show w'. - This is free software, and you are welcome to redistribute it - under certain conditions; type 'show c' for details. +``` + Copyright (C) +This program comes with ABSOLUTELY NO WARRANTY; for details type 'show w'. +This is free software, and you are welcome to redistribute it +under certain conditions; type 'show c' for details. +``` The hypothetical commands `show w` and `show c` should show the appropriate parts of the General Public License. Of course, your program's commands might be different; @@ -585,11 +588,11 @@ for a GUI interface, you would use an “about box”. You should also get your employer (if you work as a programmer) or school, if any, to sign a “copyright disclaimer” for the program, if necessary. For more information on this, and how to apply and follow the GNU GPL, see -<>. +\<>. The GNU General Public License does not permit incorporating your program into proprietary programs. If your program is a subroutine library, you may consider it more useful to permit linking proprietary applications with the library. If this is what you want to do, use the GNU Lesser General Public License instead of this License. But first, please read -<>. +\<>. diff --git a/README.md b/README.md index 97a27178..41f22286 100644 --- a/README.md +++ b/README.md @@ -1,20 +1,25 @@ ![](./_img/hyprland.png) ## Overview + My comprehensive NixOS flake for managing my laptop, desktop, and home lab environments. ## Features + - **Hyprland** Dynamic tiling Wayland compositor and window manager. - **Home Lab Services:** Media, file sharing, and more. - **Reverse Proxy:** Efficient traffic routing for my home lab services. - **Modular Configuration:** Reasonably adaptable for different hardware and use cases. ## Inputs + This flake takes a variety of inputs, first and foremost my other flakes: + - [nixhw](https://github.com/alyraffauf/nixhw): opinionated set of generic (AMD, Intel, Laptop, SSD) and specific (Framework 13, Yoga 9i, Thinkpad T440p) hardware configuration modules for NixOS. - [raffauflabs](https://github.com/alyraffauf/raffauflabs): everything (containers, services, nginx, etc) that makes my [home lab](https://raffauflabs.com) a home lab. As well as upstream third-party projects that I use for various tasks: + - [agenix](https://github.com/ryantm/agenix): secrets storage and orchestration. - [disko](https://github.com/nix-community/disko): declarative partitions and disk configuration. - [home-manager](https://github.com/nix-community/home-manager): declarative dotfile and user package management. @@ -33,10 +38,13 @@ As well as upstream third-party projects that I use for various tasks: In addition, this flake outputs NixOS configuration and home-manager configurations for all of my hosts and users, respectively. ## Deploying to NixOS + Each hardware configuration is host-specific. If you fork this repository, add a host configuration for your own hardware. Secrets are encrypted with [agenix](https://github.com/ryantm/agenix) and will not be available without the private decryption keys. ### Enabling Flakes + While widely used and considered stable, [flakes](https://wiki.nixos.org/wiki/Flakes) are still considered experimental. To enable Flakes, add the following lines to your `configuration.nix` and rebuild. + ```nix nix.settings.experimental-features = [ "nix-command" "flakes" ]; ``` @@ -44,14 +52,19 @@ nix.settings.experimental-features = [ "nix-command" "flakes" ]; Alternatively, pass `--experimental-features "nix-command flakes"` to `nix` to temporarily use flakes. ### Building Flake + In order to deploy this Flake on your host, run the following command: + ```console sudo nixos-rebuild boot --flake github:alyraffauf/nixcfg#$HOSTNAME ``` + Substitute `$HOSTNAME` for whichever hostname you have chosen. Reboot to apply the flake's configuration for the chosen host. ### Installing from Live USB + If you want to install NixOS from this flake, run the following commands, ideally from a NixOS live environment, providing the hostname associated with a NixOS configuration specified in `flake.nix` when prompted. + ```console sudo nix --experimental-features "nix-command flakes" run github:alyraffauf/nixcfg ``` diff --git a/hosts/common/README.md b/hosts/common/README.md new file mode 100644 index 00000000..a4f30fba --- /dev/null +++ b/hosts/common/README.md @@ -0,0 +1,5 @@ +# common + +## Overview + +Common modules for my nix hosts that aren't better expressed as options & flake outputs. diff --git a/hosts/fallarbor/README.md b/hosts/fallarbor/README.md new file mode 100644 index 00000000..8f5fba49 --- /dev/null +++ b/hosts/fallarbor/README.md @@ -0,0 +1,29 @@ +# fallarbor + +## Overview + +Framework Laptop 13 with 11th Gen Intel processor. My husband's primary computer, mainly used for productivity. + +## Todo + +- \[ \] add encryption with LUKS. + +## Specs + +| Model | Framework Laptop 13 | +|---------|---------------------------| +| Display | 13.5" 2256x1504 60Hz | +| CPU | Intel Core i5-1135G7 | +| RAM | 16GB (8GBx2) DDR4-3200Mhz | +| GPU | Intel Iris Xe Graphics | +| Disks | 512GB M.2 PCIe 3.0 | + +## Filesystems + +### / + +Btrfs volume, not encrypted. + +## Display + +First-gen glossy Framework Laptop 13 screen. Typically used at 1.566667 scaling with Hyprland (1.6 causes strange blurryness). diff --git a/hosts/lavaridge/README.md b/hosts/lavaridge/README.md new file mode 100644 index 00000000..02110527 --- /dev/null +++ b/hosts/lavaridge/README.md @@ -0,0 +1,29 @@ +# lavaridge + +## Overview + +Framework Laptop 13 with AMD 7000 series mainboard. My primary machine used for work, productivity, development work, media, you name it. + +## Todo + +- \[ \] upgrade to [2.8k 120Hz Framework screen](https://frame.work/products/display-kit?v=FRANJF0001). + +## Specs + +| Model | Framework Laptop 13 | +|---------|---------------------------| +| Display | 13.5" 2256x1504 60Hz | +| CPU | AMD Ryzen 7640U | +| RAM | 32GB 16GBx2) DDR5-5600Mhz | +| GPU | AMD Radeon 760M | +| Disks | 1TB Sk hynix P41 | + +## Filesystems + +### / + +Encrypted LUKS btrfs volume. + +## Display + +First-gen glossy Framework Laptop 13 screen. Typically used at 1.566667 scaling with Hyprland (1.6 causes strange blurryness). diff --git a/hosts/mauville/README.md b/hosts/mauville/README.md new file mode 100644 index 00000000..0a94e2a4 --- /dev/null +++ b/hosts/mauville/README.md @@ -0,0 +1,55 @@ +# mauville + +## Overview + +Home lab/server built in a mini-ITX case from NZXT. Also used for gaming, but bottlenecked by the CPU. Home lab services are largely configured [upstream](https://github.com/alyraffauf/raffauflabs). + +## Todo + +- \[ \] upgrade CPU. +- \[ \] upgrade RAM to 32GB. +- \[ \] add second 2TB SSD in btrfs pool. + +## Specs + +| Model | Custom Mini-ITX Desktop | +|---------|---------------------------| +| Display | LG 34" 3440x1440 160Hz VA | +| CPU | AMD Ryzen 5 2600 | +| RAM | 16GB (8GBx2) DDR4-3200Mhz | +| GPU | AMD Radeon Rx 6700 | +| Disks | 1TB M.2 PCIe 3.0 | +| | 2TB SATA SSD | +| | 2TB SATA HDD | + +## Filesystems + +### / + +Encrypted LUKS btrfs volume. Can be unlocked remotely from initrd with authorized SSH keys. + +### /mnt/Media + +Main btrfs media storage volume for torrents, tv shows, movies, and other things served by audiobookshelf, navidrome, and plex. + +Served over samba to my LAN as 'Media'. + +### /mnt/Archive + +Archival btrfs volume. Not used for anything important, just spillover for things not backed up to Backblaze. + +Served over samba to my LAN as 'Archive'. + +## Display + +34" LG 34WP65C-B curved 3440 x 1440 160Hz ultrawide. Typically used at 1.25x scaling. + +## Services + +| Service | Description | Domain | +|----------------|-----------------------------------|----------------------------------| +| Audiobookshelf | Podcasts & audiobooks. | https://podcasts.raffauflabs.com | +| Forĝejo | Git & DevOps. | https://git.raffauflabs.com | +| Navidrome | SubSonic-compatible music server. | https://music.raffauflabs.com | +| Plex | Music, TV, and Movie streaming. | https://plex.raffauflabs.com | +| Transmission | BitTorrent. | Tailnet/LAN | diff --git a/hosts/petalburg/README.md b/hosts/petalburg/README.md new file mode 100644 index 00000000..4d416f87 --- /dev/null +++ b/hosts/petalburg/README.md @@ -0,0 +1,25 @@ +# petalburg + +## Overview + +Lenovo Yoga 9i 2023. Secondary convertible mainly used for media, light dev work, and anything that might use a stylus or touch screen. + +## Specs + +| Model | Lenovo Yoga 9i Gen 8 | +|---------|----------------------------------------| +| Display | 14" 2880x1800 90hz OLED | +| CPU | Intel Core i7-1360P | +| RAM | 16GB (8GBx2) LPDDR5-5200Mhz (soldered) | +| GPU | Intel Iris Xe Graphics | +| Disks | 512GB M.2 PCIe 4.0 | + +## Filesystems + +### / + +Encrypted LUKS btrfs volume. + +## Display + +Scales perfectly at 2x. diff --git a/hosts/rustboro/README.md b/hosts/rustboro/README.md new file mode 100644 index 00000000..f3b7100d --- /dev/null +++ b/hosts/rustboro/README.md @@ -0,0 +1,25 @@ +# rustboro + +## Overview + +Thinkpad T440p. Older workhorse, not used very much these days but often used for testing or as a backup. + +## Specs + +| Model | ThinkPad T440p | +|---------|----------------------------| +| Display | 14" 1920x1080 60hz | +| CPU | Intel Core i5-4210M | +| RAM | 16GB (8GBx2) DDR3L-1600Mhz | +| GPU | Intel HD Graphics 4600 | +| Disks | 512GB SATA SSD | + +## Filesystems + +### / + +Encrypted LUKS btrfs volume. + +## Display + +Aftermarket LG 1080p panel. Unscaled, but I crank up the fonts to 14pt.