diff --git a/.envrc b/.envrc index 8392d15..3550a30 100644 --- a/.envrc +++ b/.envrc @@ -1 +1 @@ -use flake \ No newline at end of file +use flake diff --git a/.github/workflows/pre-commit.yaml b/.github/workflows/pre-commit.yaml new file mode 100644 index 0000000..2b11178 --- /dev/null +++ b/.github/workflows/pre-commit.yaml @@ -0,0 +1,14 @@ +name: pre-commit + +on: + pull_request: + push: + branches: [main] + +jobs: + pre-commit: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v3 + - uses: actions/setup-python@v3 + - uses: pre-commit/action@v3.0.1 diff --git a/.gitignore b/.gitignore index c00cfc0..8c85474 100644 --- a/.gitignore +++ b/.gitignore @@ -6,8 +6,14 @@ docs/nvim/tags # direnv .direnv -# Devenv -.devenv* -devenv.local.nix +# Private keys +hosts/*/ssh_host_rsa_key +hosts/*/ssh_host_ed25519_key -.pre-commit-config.yaml +# demo user +users/demo/age-key.txt +hosts/demovm/secrets.tmp +hosts/demovm/ssh_host_rsa_key.pub +hosts/demovm/ssh_host_ed25519_key.pub +disk-demo.raw +result diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml new file mode 100644 index 0000000..22c77e5 --- /dev/null +++ b/.pre-commit-config.yaml @@ -0,0 +1,58 @@ +repos: + - repo: 'https://github.com/pre-commit/pre-commit-hooks' + rev: v4.5.0 + hooks: + - id: check-added-large-files + - id: check-executables-have-shebangs + - id: check-json + - id: check-merge-conflict + - id: check-yaml + - id: detect-aws-credentials + args: [--allow-missing-credentials] + - id: detect-private-key + - id: end-of-file-fixer + - id: no-commit-to-branch + args: ['--branch', 'main'] + - id: trailing-whitespace + - repo: local + hooks: + - id: nixpkgs-fmt + name: nixpkgs-fmt + description: Format nix code with nixpkgs-fmt. + language: system + entry: nixpkgs-fmt + files: \.nix$ + stages: + - commit + - id: docupdate + name: docupdate + description: Update documentation. + language: system + entry: just doc-update + stages: + - commit + files: ^README\.md$ + - id: check-secrets + name: check-test-age-public-key + description: Check test age public key + language: python + entry: ./.pre-commit-scripts/check-public-test-age-key.py + stages: + - commit + files: secrets\.yml$ + - id: deno-fmt + name: deno-fmt + description: Format deno code with deno fmt. + language: system + entry: deno fmt + stages: + - commit + files: \.ts$ + - id: deno-lint + name: deno-lint + description: Lint deno code with deno lint. + language: system + entry: deno lint + stages: + - commit + files: \.ts$ diff --git a/.pre-commit-scripts/check-public-test-age-key.py b/.pre-commit-scripts/check-public-test-age-key.py new file mode 100755 index 0000000..c8be9c8 --- /dev/null +++ b/.pre-commit-scripts/check-public-test-age-key.py @@ -0,0 +1,51 @@ +#!/usr/bin/env python3 + +from __future__ import annotations + +import sys +import re + +# Check if the age key only used on hosts/vm-test folder + +import argparse +from typing import Sequence + +# read text file and convert to array +with open(".sops.yaml") as f: + SOPSLINES = f.readlines() + + SOPSLINES = [line for line in SOPSLINES if "&demo" in line or "&demovm" in line] + +# Extract age key from SOPSLINES Array +AGEKEYS = re.findall(r"age[a-z0-9]+", "".join(SOPSLINES)) + +# Convert to bytes +AGEKEYS = [str.encode(line) for line in AGEKEYS] + +IGNORE = ["hosts/demovm/secrets.yml" "users/demo/secrets.yml"] + + +def main(argv: Sequence[str] | None = None) -> int: + parser = argparse.ArgumentParser() + parser.add_argument("filenames", nargs="*", help="Filenames to check") + args = parser.parse_args(argv) + + age_key_files = [] + + # Check if the age key is found in the file + for filename in args.filenames: + with open(filename, "rb") as f: + content = f.read() + if any(agekey in content for agekey in AGEKEYS) and filename in IGNORE: + age_key_files.append(filename) + + if age_key_files: + for age_key_file in age_key_files: + print(f"Age key found in a file other than the demo file: {age_key_file}") + return 1 + else: + return 0 + + +if __name__ == "__main__": + raise SystemExit(main()) diff --git a/.pre-commit-scripts/updatedoc.ts b/.pre-commit-scripts/updatedoc.ts new file mode 100755 index 0000000..dc4181f --- /dev/null +++ b/.pre-commit-scripts/updatedoc.ts @@ -0,0 +1,42 @@ +#!/usr/bin/env -S deno run --allow-sys --allow-read --allow-env --allow-net --allow-run --allow-write + +function replaceCode(tag: string, content: string, replace: string): string { + const regex = new RegExp(`.*/${tag} -->`, "sm"); + return content.replace( + regex, + `\n\n\`\`\`text\n${replace}\`\`\`\n\n`, + ); +} + +/////////////////////////////////////////////////////////////////////////////// +// Read README.md +/////////////////////////////////////////////////////////////////////////////// + +const doc = await Deno.readTextFile("README.md"); + +/////////////////////////////////////////////////////////////////////////////// +// Execute commands +/////////////////////////////////////////////////////////////////////////////// + +// List commands +const cmdcommands = new Deno.Command("just", {}); +let { stdout } = await cmdcommands.output(); +const outputcommands = new TextDecoder().decode(stdout); + +// List packages +const cmdpackages = new Deno.Command("just", { args: ["packages"] }); +({ stdout } = await cmdpackages.output()); +const outputpackages = new TextDecoder().decode(stdout); + +/////////////////////////////////////////////////////////////////////////////// +// Replace tags +/////////////////////////////////////////////////////////////////////////////// + +let result = replaceCode("COMMANDS", doc, outputcommands); +result = replaceCode("PACKAGES", result, outputpackages); + +/////////////////////////////////////////////////////////////////////////////// +// Update READLE.md +/////////////////////////////////////////////////////////////////////////////// + +await Deno.writeTextFile("README.md", result); diff --git a/.sops.yaml b/.sops.yaml index c0e85e1..f912fd2 100644 --- a/.sops.yaml +++ b/.sops.yaml @@ -2,14 +2,17 @@ keys: # Users - &users: # nix-shell -p age --run 'age-keygen' - &badele age15js628ku59g94njn0vup20r4xx34guesgsj5dqsken5hma2zqg2szjed66 + - &demo age1x703g2zquc2uv5lzz79rvj3m9g868wft6lp8g5sp9qsnaa3ld5esas4nqk # Hosts - - &hosts: # inv ssh-init-host-key - - &rpi40 age152ud7upe5xylsvf7kkfpdz6x99r6hcmkam8gwntfdv0px70f0u0sqzc8qe + - &hosts: # just nixos-init-host + - &rpi40 age152ud7upe5xylsvf7kkfpdz6x99r6hcmkam8gwntfdv0px70f0u0sqzc8qe - &sadhome age1qfarvkm9ejyfu785vmawj5vve3uffsh7r78pef4ec3njl9vfgs2sx3524g - &sam age1x363tjjzx6j77j3m4zynkjgyj38qcyf4wah5mc8mtjt5yt6zvgxqr3z7px - &bootstore age1ejza6f2xzycq7jj2eu8fyg5vjdctljttm67mfteyd4k7wzvdyc8s7sc8jh - &badxps age1w9v05mvydywp39cq8tmgxjh8yc2w86qpp9aa4zt9ukf0qq8n5y4s5tkn7z - &b4d14 age1r7d0v4nudrv9wy7rvh784lnmzspm24uja6c6hrhhwjy7qf4e5d5q04gf3x + - &srvhoma age1jldv57mqz6ahwcm62efelumv22ngyvxjff8736shx9kycu9z7a4q7a3xdl + - &demovm age1j9szuan8nt709ewa5f6vlkhde0zg2kmlfccqarfu74dhg2a5h3jsrhxg2g creation_rules: - path_regex: users/badele/secrets.yml$ @@ -29,6 +32,7 @@ creation_rules: - *sadhome - *sam - *b4d14 + - *srvhoma - path_regex: hosts/rpi40/secrets.yml$ key_groups: @@ -65,3 +69,22 @@ creation_rules: - age: - *badele - *b4d14 + + - path_regex: hosts/srvhoma/secrets.yml$ + key_groups: + - age: + - *badele + - *srvhoma + + # Tempory test credential before encryption + - path_regex: hosts/demovm/secrets.tmp$ + key_groups: + - age: + - *demo + - *demovm + + - path_regex: hosts/demovm/secrets.yml$ + key_groups: + - age: + - *demo + - *demovm diff --git a/README.md b/README.md index 14f0742..63541b9 100644 --- a/README.md +++ b/README.md @@ -1,5 +1,33 @@ # nix-homelab + + +- [nix-homelab](#nix-homelab) + - [Features](#features) + - [Roles](#roles) + - [User programs](#user-programs) + - [TUI floating panel configuration](#tui-floating-panel-configuration) + - [Documentation](#documentation) + - [Hosts](#hosts) + - [Network](#network) + - [Structure](#structure) + - [Usage](#usage) + - [Demo](#demo) + - [Installation](#installation) + - [Update](#update) + - [Re-use the demo](#re-use-the-demo) + - [Secrets initialisation (AGE & SOPS)](#secrets-initialisation-age-sops) + - [Homelab initialisation](#homelab-initialisation) + - [NixOS installation & update](#nixos-installation-update) + - [Update from you local computer/laptop](#update-from-you-local-computerlaptop) + - [Update roles or multiple hosts](#update-roles-or-multiple-hosts) + - [Commands](#commands) +- [A big thanks ❤️](#a-big-thanks-️) + + + +## Features + This homelab entirelly managed by [NixOS](https://nixos.org/) All the configuration is stored on `homelab.json` file, you can do: @@ -14,11 +42,11 @@ This documentation is generated from `homelab.json` file content -## Roles +### Roles The main roles used in this home lab -This list generated with `inv docs.all-pages` command +This list generated with `just doc-update` command [comment]: (>>ROLES) @@ -46,7 +74,7 @@ This list generated with `inv docs.all-pages` command ntp - rpi40, bootstore + rpi40, bootstore, srvhoma Network Time Protocol @@ -117,7 +145,7 @@ This list generated with `inv docs.all-pages` command [comment]: (<](./nix/home-manager/features/term/base.nix) | Navi | [interactive cheatsheet tool](https://github.com/badele/vide) | | [](https://github.com/badele/vide) | Neovim | [**VIDE** (badele's customized nix neovim](https://github.com/badele/vide) | -## TUI floating panel configuration +### TUI floating panel configuration | [](./docs/floating_bluetooth.png) | [](./docs/floating_disk.png) | | -------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------- | @@ -140,11 +168,13 @@ This list generated with `inv docs.all-pages` command | [](./docs/floating_process.png) | | | [Process](./docs/floating_process.gif) (`pulsemixer`) | | -## Hosts +## Documentation + +### Hosts List of hosts composing the home lab -This list generated with `inv docs.all-pages` command +This list generated with `just doc-update` command [comment]: (>>HOSTS) @@ -163,47 +193,32 @@ This list generated with `inv docs.all-pages` command router-living (192.168.254.254) MikroTik - Livingroom home mikrotik router + Livingroom mikrotik router - - router-bedroom (192.168.254.253) + + router-ladbedroom (192.168.254.253) MikroTik - Bedroom home mikrotik router + Bedroom mikrotik router router-homeoffice (192.168.254.252) MikroTik - Office home mikrotik router - - - sam (192.168.0.18) - NixOS - Samsung N110 Latop + Office mikrotik router - - latino (192.168.254.200) + + sadhome (192.168.254.200) NixOS - Dell Latitude E5540 Latop + Stephanie's laptop - + rpi40 (192.168.254.101) NixOS - The Raspberry PI 4 storage server + The RPI 4 server - + bootstore (192.168.254.100) NixOS - HP Proliant Microserver N40L storage server - - - badwork (192.168.254.189) - Nix - A work thinkpad - - - badwork-eth (192.168.254.102) - Nix - A ethernet work thinkpad + HP Microserver N40L server badphone (192.168.254.194) @@ -240,25 +255,40 @@ This list generated with `inv docs.all-pages` command GoogleMini Google Mini room C - + + b4d14 (192.168.254.124) + NixOS + Dell XPS 9560 Latop + + badxps (192.168.254.114) NixOS Dell XPS 9570 Latop + + + badxps-eth (192.168.254.179) + NixOS + Dell XPS 9570 Latop bridge-hue (192.168.254.191) Bridge Philips Hue bridge - - sadhome (192.168.254.185) - ArchLinux - Stephanie's laptop + + srvhoma (192.168.254.116) + NixOS + First NUC homelab server + + + vm-test (127.0.0.1) + NixOS + qemu VM (SSH on port 2222) [comment]: (< Boot Manager => UEFI QEMU HardDisk` + +![reboot](docs/reboot.png) + +#### Update + +You can update from your remote desktop or directly from your recent installed +desktop + +- From remote + - `just demo-qemu-nixos-update` + +- From your fresh installation + - `ssh root@localhost -p 2222` (`demopass` password) + - `ghq clone https://github.com/badele/nix-homelab.git` + - `cd ghq/github.com/badele/nix-homelab` + - `just nixos-update` + +#### Re-use the demo -# Remote installation -inv nixos.[build|test|deploy] --hostnames ,,... -inv home.[build|test|deploy] --username --hostnames ,,... +```bash +just demo-start ``` -## Update roles or multiple hosts +### Secrets initialisation (AGE & SOPS) + +Your `pass` (passwordstore) configuration must be correctly configured. + +In order to be able to encrypt your credentials, you first need initialize an +`age` key. It is this key that will subsequently have to be added in the +`.sops.yaml` file + +- `age-keygen | pass insert -m nix-homelab/users/your_username` +- `pass show nix-homelab/users/your_username | grep AGE-SECRET-KEY >> ~/.config/sops/age/keys.txt` ``` -# Simulate deployment(build) -inv role.build --role -inv nixos.build --hosts , +### NixOS installation & update + +See [Commons installation](docs//installation.md) -# Install -inv role.deploy --role -inv nixos.deploy --hosts , +#### Update from you local computer/laptop + +- From your fresh installation + - `ghq clone https://github.com/badele/nix-homelab.git` + - `cd ghq/github.com/badele/nix-homelab` + - `just nixos-update` ``` ## Commands Home lab commands list -This list generated with `inv docs.all-pages` command - -[comment]: (>>COMMANDS) - -``` -Available tasks: - - docs.all-pages generate all homelab documentation - docs.host-pages generate all homelab hosts page - docs.main-page generate main homelab page - docs.scan-all-hosts Retrieve all hosts system infromations - home.build Test to server - home.deploy Deploy to server - init.disk-format Format disks with zfs - init.disk-mount Mount disks from the installer - init.domain-cert Init domain certificate - init.nix-serve Init nix binary cache server nix- - serve private & public key - init.nixos-generate-config Generate hardware configuration for the host - init.nixos-install install nixos - init.ssh-init-host-key Init ssh host key from nixos installation - nixos.boot rebuild boot to server - nixos.build Test to server - nixos.deploy Deploy to server - nixos.test Test to server - role.build Build for all hosts contains the role - role.deploy Deploy for all hosts contains the role - role.test Test for all hosts contains the role +This list generated with `just doc-update` command + + + +```text +Available recipes: + help Help it showed if just is called without arguments + precommit-install Setup pre-commit + precommit-update Update pre-commit + precommit-check precommit check + doc-update FAKEFILENAME Update documentation + lint Lint the project + debug-repl Repl the project + flake-metadata Show flake metadata + flake-update Update the flake + flake-check Check the nix homelab configuration + passwd-generate Generate random password + secret-update FILE Update secrets SOPS + nixos-init-host host Init nixos host if not exists + nixos-install hostname targetip port="22" Install new to : system wide + nixos-garbage Nixos clean build cache and garbage unused derivations + nixos-build hostname="" options="" Nixos build local host + demo-nixos-install hostname targetip port="22" Install new to : system wide + nixos-update hostname="" options="" Update NixOS on local host + nixos-remote-deploy hostname targetip Deploy NixOS on remote host + home-build Home build for local user + home-deploy Home deploy local user + iso-build Build NixOS ISO image + demo-init-credentials passwd="demopass" Init demo credentials + demo-start Start NixOS demo from ISO image + demo-qemu-nixos-install Test NixOS installation deployment on qemu virutal machine + demo-qemu-nixos-update Test NixOS update deployment on qemu virutal machine + demo-stop Stop demo vm test + demo-clean Clean demo vm test + packages Show installed packages ``` -[comment]: (< # A big thanks ❤️ diff --git a/docs/acme.md b/docs/acme.md index 2d4e6ec..a26da47 100644 --- a/docs/acme.md +++ b/docs/acme.md @@ -18,4 +18,4 @@ The trick for private https services is to use ACME in DNS mode and then add the Therefore, you must perform a `nixos.deploy` on the client machines. -TODO: Disable local `nixos.deploy` and move it to coredns server (the coredns is allready configured) \ No newline at end of file +TODO: Disable local `nixos.deploy` and move it to coredns server (the coredns is allready configured) diff --git a/docs/gpg.md b/docs/gpg.md index 7bf3eb5..7204819 100644 --- a/docs/gpg.md +++ b/docs/gpg.md @@ -3,7 +3,7 @@ ## debugging GPG commit error -### gpg failed to sign the data +### gpg failed to sign the data Generally you @@ -21,7 +21,7 @@ gpg: signing failed: Unusable secret key With below command, you can verify if you can sign the text ```shell -echo "test" | gpg --clearsign +echo "test" | gpg --clearsign ``` Verify if the GPG ID is same of your private GPG key diff --git a/docs/hosts/b4d14.md b/docs/hosts/b4d14.md index 735c753..f32baa9 100644 --- a/docs/hosts/b4d14.md +++ b/docs/hosts/b4d14.md @@ -27,121 +27,121 @@ See the [Dell XPS 15-9530](https://github.com/NixOS/nixos-hardware/tree/master/d |22|tcp|ssh|OpenSSH|protocol 2.0| - + ### Config RAM : 33 Go Go DISK : 953.87 GiB Go KERNEL : 6.1.52 ``` - + ### Topologie ![hardware topology](https://raw.githubusercontent.com/badele/nix-homelab/master/docs/hosts/b4d14/topologie.svg) - - + + ### Hardwares ``` -System: Kernel: 6.1.52 x86_64 bits: 64 compiler: gcc v: 12.3.0 - parameters: initrd=~efi~nixos~y9ixzsdy84czpp52lx8wqsw6hdb6hk32-initrd-linux-6.1.52-initrd.efi - init=/nix/store/vsp1r6j8kl3gavjkcrllxva7v55d0znx-nixos-system-b4d14-23.11.20230911.3a2786e/init - acpi_rev_override i915.enable_fbc=1 i915.enable_psr=2 nohibernate loglevel=4 - Console: N/A DM: LightDM 1.32.0 Distro: NixOS 23.11 (Tapir) -Machine: Type: Laptop System: Dell product: XPS 15 9530 v: N/A serial: Chassis: - type: 10 serial: - Mobo: Dell model: 01WV13 v: A00 serial: UEFI: Dell v: 1.9.0 date: 11/13/2023 -Battery: ID-1: BAT0 charge: 82.7 Wh (100.0%) condition: 82.7/84.3 Wh (98.2%) volts: 12.9 - min: 11.4 model: BYD DELL M59JH3B type: Li-poly serial: status: Not charging - cycles: 2 -Memory: RAM: total: 31.04 GiB used: 3.03 GiB (9.7%) - Array-1: capacity: 64 GiB slots: 2 EC: None max-module-size: 32 GiB note: est. - Device-1: DIMM A size: 16 GiB speed: 4800 MT/s type: DDR5 detail: synchronous - bus-width: 64 bits total: 64 bits manufacturer: 80AD000080AD part-no: HMCG78AEBSA095N - serial: - Device-2: DIMM B size: 16 GiB speed: 4800 MT/s type: DDR5 detail: synchronous - bus-width: 64 bits total: 64 bits manufacturer: 80AD000080AD part-no: HMCG78AEBSA095N - serial: -PCI Slots: Slot: 0 type: x16 PCI Express x16 PCI-Express 0 status: In Use length: Long - Slot: 1 type: x1 PCI Express PCI-Express 1 status: Available length: Long - Slot: 2 type: x1 PCI Express PCI-Express 2 status: Available length: Long - Slot: 3 type: x1 PCI Express PCI-Express 3 status: Available length: Long - Slot: 4 type: x1 PCI Express PCI-Express 4 status: Available length: Long - Slot: 5 type: x1 PCI Express PCI-Express 5 status: Available length: Long - Slot: 6 type: x1 PCI Express PCI-Express 6 status: Available length: Long -CPU: Info: 10-Core model: 13th Gen Intel Core i7-13700H socket: U3E1 bits: 64 type: MT MCP - arch: N/A family: 6 model-id: BA (186) stepping: 2 microcode: 4119 cache: L1: 1.2 MiB - L2: 24 MiB L3: 48 MiB - flags: avx avx2 lm nx pae sse sse2 sse3 sse4_1 sse4_2 ssse3 vmx bogomips: 116736 - Speed: 2900 MHz min/max: 400/4800 MHz base/boost: 4653/5000 volts: 1.2 V - ext-clock: 100 MHz Core speeds (MHz): 1: 2900 2: 2900 3: 648 4: 2900 5: 2900 6: 2900 - 7: 2900 8: 2900 9: 2900 10: 2900 11: 2900 12: 2900 13: 2900 14: 2900 15: 2900 16: 2900 - 17: 1563 18: 2900 19: 2900 20: 2900 - Vulnerabilities: Type: gather_data_sampling status: Not affected - Type: itlb_multihit status: Not affected - Type: l1tf status: Not affected - Type: mds status: Not affected - Type: meltdown status: Not affected - Type: mmio_stale_data status: Not affected - Type: retbleed status: Not affected - Type: spec_rstack_overflow status: Not affected - Type: spec_store_bypass mitigation: Speculative Store Bypass disabled via prctl - Type: spectre_v1 mitigation: usercopy/swapgs barriers and __user pointer sanitization - Type: spectre_v2 - mitigation: Enhanced IBRS, IBPB: conditional, RSB filling, PBRSB-eIBRS: SW sequence - Type: srbds status: Not affected - Type: tsx_async_abort status: Not affected -Graphics: Device-1: Intel Raptor Lake-P [Iris Xe Graphics] vendor: Dell driver: i915 v: kernel - bus-ID: 00:02.0 chip-ID: 8086:a7a0 class-ID: 0300 - Device-2: Microdia Integrated_Webcam_HD type: USB driver: uvcvideo bus-ID: 1-6:3 - chip-ID: 0c45:6748 class-ID: fe01 serial: - Display: server: X.org 1.21.1.8 driver: loaded: i915 note: n/a (using device driver) - tty: N/A - Message: Advanced graphics data unavailable in console for root. -Audio: Device-1: Intel vendor: Dell driver: sof-audio-pci-intel-tgl - alternate: snd_hda_intel,snd_sof_pci_intel_tgl bus-ID: 00:1f.3 chip-ID: 8086:51ca - class-ID: 0401 - Sound Server-1: ALSA v: k6.1.52 running: yes - Sound Server-2: PulseAudio v: 16.1 running: yes -Network: Device-1: Intel driver: iwlwifi v: kernel port: 4000 bus-ID: 00:14.3 chip-ID: 8086:51f1 - class-ID: 0280 - IF: wlp0s20f3 state: up mac: - IP v4: type: dynamic noprefixroute scope: global broadcast: - IP v6: type: noprefixroute scope: link - IF-ID-1: docker0 state: down mac: - IP v4: scope: global broadcast: - WAN IP: -Bluetooth: Device-1: Intel type: USB driver: btusb v: 0.8 bus-ID: 1-10:4 chip-ID: 8087:0033 - class-ID: e001 - Report: hciconfig ID: hci0 rfk-id: 1 state: up address: - Info: acl-mtu: 1021:4 sco-mtu: 96:6 link-policy: rswitch sniff - link-mode: peripheral accept service-classes: rendering, capturing, audio, telephony -RAID: Device-1: zroot type: zfs status: ONLINE level: linear size: 944 GiB free: 922 GiB - allocated: 22.2 GiB - Components: Online: N/A -Drives: Local Storage: total: raw: 953.87 GiB usable: 1.85 TiB used: 22.42 GiB (1.2%) - ID-1: /dev/nvme0n1 maj-min: 259:0 vendor: SK Hynix model: PC801 NVMe 1TB - size: 953.87 GiB block-size: physical: 512 B logical: 512 B speed: 63.2 Gb/s lanes: 4 - rotation: SSD serial: rev: 51003141 temp: 36 ° (309 K) C scheme: GPT - SMART: yes health: PASSED on: 50 hrs cycles: 67 read-units: 1,272,621 [651 GB] - written-units: 1,541,324 [789 GB] -Partition: ID-1: / raw-size: N/A size: 893.54 GiB used: 1.02 GiB (0.1%) fs: zfs - logical: zroot/private/root - ID-2: /boot raw-size: 1024 MiB size: 1022 MiB (99.80%) used: 199.6 MiB (19.5%) fs: vfat - block-size: 512 B dev: /dev/nvme0n1p1 maj-min: 259:1 -Swap: Kernel: swappiness: 60 (default) cache-pressure: 100 (default) - ID-1: swap-1 type: partition size: 8 GiB used: 0 KiB (0.0%) priority: -2 - dev: /dev/nvme0n1p2 maj-min: 259:2 -Sensors: System Temperatures: cpu: 33.0 C mobo: N/A - Fan Speeds (RPM): N/A -Info: Processes: 380 Uptime: 1h 27m wakeups: 509 Init: systemd v: 253 - target: graphical.target tool: systemctl Compilers: gcc: 12.3.0 Packages: 892 - nix-default: 46 nix-sys: 800 lib: 177 nix-usr: 46 lib: 8 Client: Sudo v: 1.9.14p3 +System: Kernel: 6.1.52 x86_64 bits: 64 compiler: gcc v: 12.3.0 + parameters: initrd=~efi~nixos~y9ixzsdy84czpp52lx8wqsw6hdb6hk32-initrd-linux-6.1.52-initrd.efi + init=/nix/store/vsp1r6j8kl3gavjkcrllxva7v55d0znx-nixos-system-b4d14-23.11.20230911.3a2786e/init + acpi_rev_override i915.enable_fbc=1 i915.enable_psr=2 nohibernate loglevel=4 + Console: N/A DM: LightDM 1.32.0 Distro: NixOS 23.11 (Tapir) +Machine: Type: Laptop System: Dell product: XPS 15 9530 v: N/A serial: Chassis: + type: 10 serial: + Mobo: Dell model: 01WV13 v: A00 serial: UEFI: Dell v: 1.9.0 date: 11/13/2023 +Battery: ID-1: BAT0 charge: 82.7 Wh (100.0%) condition: 82.7/84.3 Wh (98.2%) volts: 12.9 + min: 11.4 model: BYD DELL M59JH3B type: Li-poly serial: status: Not charging + cycles: 2 +Memory: RAM: total: 31.04 GiB used: 3.03 GiB (9.7%) + Array-1: capacity: 64 GiB slots: 2 EC: None max-module-size: 32 GiB note: est. + Device-1: DIMM A size: 16 GiB speed: 4800 MT/s type: DDR5 detail: synchronous + bus-width: 64 bits total: 64 bits manufacturer: 80AD000080AD part-no: HMCG78AEBSA095N + serial: + Device-2: DIMM B size: 16 GiB speed: 4800 MT/s type: DDR5 detail: synchronous + bus-width: 64 bits total: 64 bits manufacturer: 80AD000080AD part-no: HMCG78AEBSA095N + serial: +PCI Slots: Slot: 0 type: x16 PCI Express x16 PCI-Express 0 status: In Use length: Long + Slot: 1 type: x1 PCI Express PCI-Express 1 status: Available length: Long + Slot: 2 type: x1 PCI Express PCI-Express 2 status: Available length: Long + Slot: 3 type: x1 PCI Express PCI-Express 3 status: Available length: Long + Slot: 4 type: x1 PCI Express PCI-Express 4 status: Available length: Long + Slot: 5 type: x1 PCI Express PCI-Express 5 status: Available length: Long + Slot: 6 type: x1 PCI Express PCI-Express 6 status: Available length: Long +CPU: Info: 10-Core model: 13th Gen Intel Core i7-13700H socket: U3E1 bits: 64 type: MT MCP + arch: N/A family: 6 model-id: BA (186) stepping: 2 microcode: 4119 cache: L1: 1.2 MiB + L2: 24 MiB L3: 48 MiB + flags: avx avx2 lm nx pae sse sse2 sse3 sse4_1 sse4_2 ssse3 vmx bogomips: 116736 + Speed: 2900 MHz min/max: 400/4800 MHz base/boost: 4653/5000 volts: 1.2 V + ext-clock: 100 MHz Core speeds (MHz): 1: 2900 2: 2900 3: 648 4: 2900 5: 2900 6: 2900 + 7: 2900 8: 2900 9: 2900 10: 2900 11: 2900 12: 2900 13: 2900 14: 2900 15: 2900 16: 2900 + 17: 1563 18: 2900 19: 2900 20: 2900 + Vulnerabilities: Type: gather_data_sampling status: Not affected + Type: itlb_multihit status: Not affected + Type: l1tf status: Not affected + Type: mds status: Not affected + Type: meltdown status: Not affected + Type: mmio_stale_data status: Not affected + Type: retbleed status: Not affected + Type: spec_rstack_overflow status: Not affected + Type: spec_store_bypass mitigation: Speculative Store Bypass disabled via prctl + Type: spectre_v1 mitigation: usercopy/swapgs barriers and __user pointer sanitization + Type: spectre_v2 + mitigation: Enhanced IBRS, IBPB: conditional, RSB filling, PBRSB-eIBRS: SW sequence + Type: srbds status: Not affected + Type: tsx_async_abort status: Not affected +Graphics: Device-1: Intel Raptor Lake-P [Iris Xe Graphics] vendor: Dell driver: i915 v: kernel + bus-ID: 00:02.0 chip-ID: 8086:a7a0 class-ID: 0300 + Device-2: Microdia Integrated_Webcam_HD type: USB driver: uvcvideo bus-ID: 1-6:3 + chip-ID: 0c45:6748 class-ID: fe01 serial: + Display: server: X.org 1.21.1.8 driver: loaded: i915 note: n/a (using device driver) + tty: N/A + Message: Advanced graphics data unavailable in console for root. +Audio: Device-1: Intel vendor: Dell driver: sof-audio-pci-intel-tgl + alternate: snd_hda_intel,snd_sof_pci_intel_tgl bus-ID: 00:1f.3 chip-ID: 8086:51ca + class-ID: 0401 + Sound Server-1: ALSA v: k6.1.52 running: yes + Sound Server-2: PulseAudio v: 16.1 running: yes +Network: Device-1: Intel driver: iwlwifi v: kernel port: 4000 bus-ID: 00:14.3 chip-ID: 8086:51f1 + class-ID: 0280 + IF: wlp0s20f3 state: up mac: + IP v4: type: dynamic noprefixroute scope: global broadcast: + IP v6: type: noprefixroute scope: link + IF-ID-1: docker0 state: down mac: + IP v4: scope: global broadcast: + WAN IP: +Bluetooth: Device-1: Intel type: USB driver: btusb v: 0.8 bus-ID: 1-10:4 chip-ID: 8087:0033 + class-ID: e001 + Report: hciconfig ID: hci0 rfk-id: 1 state: up address: + Info: acl-mtu: 1021:4 sco-mtu: 96:6 link-policy: rswitch sniff + link-mode: peripheral accept service-classes: rendering, capturing, audio, telephony +RAID: Device-1: zroot type: zfs status: ONLINE level: linear size: 944 GiB free: 922 GiB + allocated: 22.2 GiB + Components: Online: N/A +Drives: Local Storage: total: raw: 953.87 GiB usable: 1.85 TiB used: 22.42 GiB (1.2%) + ID-1: /dev/nvme0n1 maj-min: 259:0 vendor: SK Hynix model: PC801 NVMe 1TB + size: 953.87 GiB block-size: physical: 512 B logical: 512 B speed: 63.2 Gb/s lanes: 4 + rotation: SSD serial: rev: 51003141 temp: 36 ° (309 K) C scheme: GPT + SMART: yes health: PASSED on: 50 hrs cycles: 67 read-units: 1,272,621 [651 GB] + written-units: 1,541,324 [789 GB] +Partition: ID-1: / raw-size: N/A size: 893.54 GiB used: 1.02 GiB (0.1%) fs: zfs + logical: zroot/private/root + ID-2: /boot raw-size: 1024 MiB size: 1022 MiB (99.80%) used: 199.6 MiB (19.5%) fs: vfat + block-size: 512 B dev: /dev/nvme0n1p1 maj-min: 259:1 +Swap: Kernel: swappiness: 60 (default) cache-pressure: 100 (default) + ID-1: swap-1 type: partition size: 8 GiB used: 0 KiB (0.0%) priority: -2 + dev: /dev/nvme0n1p2 maj-min: 259:2 +Sensors: System Temperatures: cpu: 33.0 C mobo: N/A + Fan Speeds (RPM): N/A +Info: Processes: 380 Uptime: 1h 27m wakeups: 509 Init: systemd v: 253 + target: graphical.target tool: systemctl Compilers: gcc: 12.3.0 Packages: 892 + nix-default: 46 nix-sys: 800 lib: 177 nix-usr: 46 lib: 8 Client: Sudo v: 1.9.14p3 inxi: 3.3.04 ``` - + [comment]: (< Chassis: - type: 10 serial: - Mobo: Dell model: 01WV13 v: A00 serial: UEFI: Dell v: 1.9.0 date: 11/13/2023 -Battery: ID-1: BAT0 charge: 82.7 Wh (100.0%) condition: 82.7/84.3 Wh (98.2%) volts: 12.9 - min: 11.4 model: BYD DELL M59JH3B type: Li-poly serial: status: Not charging - cycles: 2 -Memory: RAM: total: 31.04 GiB used: 3.03 GiB (9.7%) - Array-1: capacity: 64 GiB slots: 2 EC: None max-module-size: 32 GiB note: est. - Device-1: DIMM A size: 16 GiB speed: 4800 MT/s type: DDR5 detail: synchronous - bus-width: 64 bits total: 64 bits manufacturer: 80AD000080AD part-no: HMCG78AEBSA095N - serial: - Device-2: DIMM B size: 16 GiB speed: 4800 MT/s type: DDR5 detail: synchronous - bus-width: 64 bits total: 64 bits manufacturer: 80AD000080AD part-no: HMCG78AEBSA095N - serial: -PCI Slots: Slot: 0 type: x16 PCI Express x16 PCI-Express 0 status: In Use length: Long - Slot: 1 type: x1 PCI Express PCI-Express 1 status: Available length: Long - Slot: 2 type: x1 PCI Express PCI-Express 2 status: Available length: Long - Slot: 3 type: x1 PCI Express PCI-Express 3 status: Available length: Long - Slot: 4 type: x1 PCI Express PCI-Express 4 status: Available length: Long - Slot: 5 type: x1 PCI Express PCI-Express 5 status: Available length: Long - Slot: 6 type: x1 PCI Express PCI-Express 6 status: Available length: Long -CPU: Info: 10-Core model: 13th Gen Intel Core i7-13700H socket: U3E1 bits: 64 type: MT MCP - arch: N/A family: 6 model-id: BA (186) stepping: 2 microcode: 4119 cache: L1: 1.2 MiB - L2: 24 MiB L3: 48 MiB - flags: avx avx2 lm nx pae sse sse2 sse3 sse4_1 sse4_2 ssse3 vmx bogomips: 116736 - Speed: 2900 MHz min/max: 400/4800 MHz base/boost: 4653/5000 volts: 1.2 V - ext-clock: 100 MHz Core speeds (MHz): 1: 2900 2: 2900 3: 648 4: 2900 5: 2900 6: 2900 - 7: 2900 8: 2900 9: 2900 10: 2900 11: 2900 12: 2900 13: 2900 14: 2900 15: 2900 16: 2900 - 17: 1563 18: 2900 19: 2900 20: 2900 - Vulnerabilities: Type: gather_data_sampling status: Not affected - Type: itlb_multihit status: Not affected - Type: l1tf status: Not affected - Type: mds status: Not affected - Type: meltdown status: Not affected - Type: mmio_stale_data status: Not affected - Type: retbleed status: Not affected - Type: spec_rstack_overflow status: Not affected - Type: spec_store_bypass mitigation: Speculative Store Bypass disabled via prctl - Type: spectre_v1 mitigation: usercopy/swapgs barriers and __user pointer sanitization - Type: spectre_v2 - mitigation: Enhanced IBRS, IBPB: conditional, RSB filling, PBRSB-eIBRS: SW sequence - Type: srbds status: Not affected - Type: tsx_async_abort status: Not affected -Graphics: Device-1: Intel Raptor Lake-P [Iris Xe Graphics] vendor: Dell driver: i915 v: kernel - bus-ID: 00:02.0 chip-ID: 8086:a7a0 class-ID: 0300 - Device-2: Microdia Integrated_Webcam_HD type: USB driver: uvcvideo bus-ID: 1-6:3 - chip-ID: 0c45:6748 class-ID: fe01 serial: - Display: server: X.org 1.21.1.8 driver: loaded: i915 note: n/a (using device driver) - tty: N/A - Message: Advanced graphics data unavailable in console for root. -Audio: Device-1: Intel vendor: Dell driver: sof-audio-pci-intel-tgl - alternate: snd_hda_intel,snd_sof_pci_intel_tgl bus-ID: 00:1f.3 chip-ID: 8086:51ca - class-ID: 0401 - Sound Server-1: ALSA v: k6.1.52 running: yes - Sound Server-2: PulseAudio v: 16.1 running: yes -Network: Device-1: Intel driver: iwlwifi v: kernel port: 4000 bus-ID: 00:14.3 chip-ID: 8086:51f1 - class-ID: 0280 - IF: wlp0s20f3 state: up mac: - IP v4: type: dynamic noprefixroute scope: global broadcast: - IP v6: type: noprefixroute scope: link - IF-ID-1: docker0 state: down mac: - IP v4: scope: global broadcast: - WAN IP: -Bluetooth: Device-1: Intel type: USB driver: btusb v: 0.8 bus-ID: 1-10:4 chip-ID: 8087:0033 - class-ID: e001 - Report: hciconfig ID: hci0 rfk-id: 1 state: up address: - Info: acl-mtu: 1021:4 sco-mtu: 96:6 link-policy: rswitch sniff - link-mode: peripheral accept service-classes: rendering, capturing, audio, telephony -RAID: Device-1: zroot type: zfs status: ONLINE level: linear size: 944 GiB free: 922 GiB - allocated: 22.2 GiB - Components: Online: N/A -Drives: Local Storage: total: raw: 953.87 GiB usable: 1.85 TiB used: 22.42 GiB (1.2%) - ID-1: /dev/nvme0n1 maj-min: 259:0 vendor: SK Hynix model: PC801 NVMe 1TB - size: 953.87 GiB block-size: physical: 512 B logical: 512 B speed: 63.2 Gb/s lanes: 4 - rotation: SSD serial: rev: 51003141 temp: 36 ° (309 K) C scheme: GPT - SMART: yes health: PASSED on: 50 hrs cycles: 67 read-units: 1,272,621 [651 GB] - written-units: 1,541,324 [789 GB] -Partition: ID-1: / raw-size: N/A size: 893.54 GiB used: 1.02 GiB (0.1%) fs: zfs - logical: zroot/private/root - ID-2: /boot raw-size: 1024 MiB size: 1022 MiB (99.80%) used: 199.6 MiB (19.5%) fs: vfat - block-size: 512 B dev: /dev/nvme0n1p1 maj-min: 259:1 -Swap: Kernel: swappiness: 60 (default) cache-pressure: 100 (default) - ID-1: swap-1 type: partition size: 8 GiB used: 0 KiB (0.0%) priority: -2 - dev: /dev/nvme0n1p2 maj-min: 259:2 -Sensors: System Temperatures: cpu: 33.0 C mobo: N/A - Fan Speeds (RPM): N/A -Info: Processes: 380 Uptime: 1h 27m wakeups: 509 Init: systemd v: 253 - target: graphical.target tool: systemctl Compilers: gcc: 12.3.0 Packages: 892 - nix-default: 46 nix-sys: 800 lib: 177 nix-usr: 46 lib: 8 Client: Sudo v: 1.9.14p3 - inxi: 3.3.04 +System: Kernel: 6.1.52 x86_64 bits: 64 compiler: gcc v: 12.3.0 + parameters: initrd=\efi\nixos\y9ixzsdy84czpp52lx8wqsw6hdb6hk32-initrd-linux-6.1.52-initrd.efi + init=/nix/store/vsp1r6j8kl3gavjkcrllxva7v55d0znx-nixos-system-b4d14-23.11.20230911.3a2786e/init + acpi_rev_override i915.enable_fbc=1 i915.enable_psr=2 nohibernate loglevel=4 + Console: N/A DM: LightDM 1.32.0 Distro: NixOS 23.11 (Tapir) +Machine: Type: Laptop System: Dell product: XPS 15 9530 v: N/A serial: Chassis: + type: 10 serial: + Mobo: Dell model: 01WV13 v: A00 serial: UEFI: Dell v: 1.9.0 date: 11/13/2023 +Battery: ID-1: BAT0 charge: 82.7 Wh (100.0%) condition: 82.7/84.3 Wh (98.2%) volts: 12.9 + min: 11.4 model: BYD DELL M59JH3B type: Li-poly serial: status: Not charging + cycles: 2 +Memory: RAM: total: 31.04 GiB used: 3.03 GiB (9.7%) + Array-1: capacity: 64 GiB slots: 2 EC: None max-module-size: 32 GiB note: est. + Device-1: DIMM A size: 16 GiB speed: 4800 MT/s type: DDR5 detail: synchronous + bus-width: 64 bits total: 64 bits manufacturer: 80AD000080AD part-no: HMCG78AEBSA095N + serial: + Device-2: DIMM B size: 16 GiB speed: 4800 MT/s type: DDR5 detail: synchronous + bus-width: 64 bits total: 64 bits manufacturer: 80AD000080AD part-no: HMCG78AEBSA095N + serial: +PCI Slots: Slot: 0 type: x16 PCI Express x16 PCI-Express 0 status: In Use length: Long + Slot: 1 type: x1 PCI Express PCI-Express 1 status: Available length: Long + Slot: 2 type: x1 PCI Express PCI-Express 2 status: Available length: Long + Slot: 3 type: x1 PCI Express PCI-Express 3 status: Available length: Long + Slot: 4 type: x1 PCI Express PCI-Express 4 status: Available length: Long + Slot: 5 type: x1 PCI Express PCI-Express 5 status: Available length: Long + Slot: 6 type: x1 PCI Express PCI-Express 6 status: Available length: Long +CPU: Info: 10-Core model: 13th Gen Intel Core i7-13700H socket: U3E1 bits: 64 type: MT MCP + arch: N/A family: 6 model-id: BA (186) stepping: 2 microcode: 4119 cache: L1: 1.2 MiB + L2: 24 MiB L3: 48 MiB + flags: avx avx2 lm nx pae sse sse2 sse3 sse4_1 sse4_2 ssse3 vmx bogomips: 116736 + Speed: 2900 MHz min/max: 400/4800 MHz base/boost: 4653/5000 volts: 1.2 V + ext-clock: 100 MHz Core speeds (MHz): 1: 2900 2: 2900 3: 648 4: 2900 5: 2900 6: 2900 + 7: 2900 8: 2900 9: 2900 10: 2900 11: 2900 12: 2900 13: 2900 14: 2900 15: 2900 16: 2900 + 17: 1563 18: 2900 19: 2900 20: 2900 + Vulnerabilities: Type: gather_data_sampling status: Not affected + Type: itlb_multihit status: Not affected + Type: l1tf status: Not affected + Type: mds status: Not affected + Type: meltdown status: Not affected + Type: mmio_stale_data status: Not affected + Type: retbleed status: Not affected + Type: spec_rstack_overflow status: Not affected + Type: spec_store_bypass mitigation: Speculative Store Bypass disabled via prctl + Type: spectre_v1 mitigation: usercopy/swapgs barriers and __user pointer sanitization + Type: spectre_v2 + mitigation: Enhanced IBRS, IBPB: conditional, RSB filling, PBRSB-eIBRS: SW sequence + Type: srbds status: Not affected + Type: tsx_async_abort status: Not affected +Graphics: Device-1: Intel Raptor Lake-P [Iris Xe Graphics] vendor: Dell driver: i915 v: kernel + bus-ID: 00:02.0 chip-ID: 8086:a7a0 class-ID: 0300 + Device-2: Microdia Integrated_Webcam_HD type: USB driver: uvcvideo bus-ID: 1-6:3 + chip-ID: 0c45:6748 class-ID: fe01 serial: + Display: server: X.org 1.21.1.8 driver: loaded: i915 note: n/a (using device driver) + tty: N/A + Message: Advanced graphics data unavailable in console for root. +Audio: Device-1: Intel vendor: Dell driver: sof-audio-pci-intel-tgl + alternate: snd_hda_intel,snd_sof_pci_intel_tgl bus-ID: 00:1f.3 chip-ID: 8086:51ca + class-ID: 0401 + Sound Server-1: ALSA v: k6.1.52 running: yes + Sound Server-2: PulseAudio v: 16.1 running: yes +Network: Device-1: Intel driver: iwlwifi v: kernel port: 4000 bus-ID: 00:14.3 chip-ID: 8086:51f1 + class-ID: 0280 + IF: wlp0s20f3 state: up mac: + IP v4: type: dynamic noprefixroute scope: global broadcast: + IP v6: type: noprefixroute scope: link + IF-ID-1: docker0 state: down mac: + IP v4: scope: global broadcast: + WAN IP: +Bluetooth: Device-1: Intel type: USB driver: btusb v: 0.8 bus-ID: 1-10:4 chip-ID: 8087:0033 + class-ID: e001 + Report: hciconfig ID: hci0 rfk-id: 1 state: up address: + Info: acl-mtu: 1021:4 sco-mtu: 96:6 link-policy: rswitch sniff + link-mode: peripheral accept service-classes: rendering, capturing, audio, telephony +RAID: Device-1: zroot type: zfs status: ONLINE level: linear size: 944 GiB free: 922 GiB + allocated: 22.2 GiB + Components: Online: N/A +Drives: Local Storage: total: raw: 953.87 GiB usable: 1.85 TiB used: 22.42 GiB (1.2%) + ID-1: /dev/nvme0n1 maj-min: 259:0 vendor: SK Hynix model: PC801 NVMe 1TB + size: 953.87 GiB block-size: physical: 512 B logical: 512 B speed: 63.2 Gb/s lanes: 4 + rotation: SSD serial: rev: 51003141 temp: 36 ° (309 K) C scheme: GPT + SMART: yes health: PASSED on: 50 hrs cycles: 67 read-units: 1,272,621 [651 GB] + written-units: 1,541,324 [789 GB] +Partition: ID-1: / raw-size: N/A size: 893.54 GiB used: 1.02 GiB (0.1%) fs: zfs + logical: zroot/private/root + ID-2: /boot raw-size: 1024 MiB size: 1022 MiB (99.80%) used: 199.6 MiB (19.5%) fs: vfat + block-size: 512 B dev: /dev/nvme0n1p1 maj-min: 259:1 +Swap: Kernel: swappiness: 60 (default) cache-pressure: 100 (default) + ID-1: swap-1 type: partition size: 8 GiB used: 0 KiB (0.0%) priority: -2 + dev: /dev/nvme0n1p2 maj-min: 259:2 +Sensors: System Temperatures: cpu: 33.0 C mobo: N/A + Fan Speeds (RPM): N/A +Info: Processes: 380 Uptime: 1h 27m wakeups: 509 Init: systemd v: 253 + target: graphical.target tool: systemctl Compilers: gcc: 12.3.0 Packages: 892 + nix-default: 46 nix-sys: 800 lib: 177 nix-usr: 46 lib: 8 Client: Sudo v: 1.9.14p3 + inxi: 3.3.04 diff --git a/docs/hosts/b4d14/nix.txt b/docs/hosts/b4d14/nix.txt index 720e305..83978d3 100644 --- a/docs/hosts/b4d14/nix.txt +++ b/docs/hosts/b4d14/nix.txt @@ -4,4 +4,3 @@ - sandbox: `yes` - version: `nix-env (Nix) 2.17.0` - nixpkgs: `/nix/store/zb2695k9v4hmjdki97p0yhd4mys270fs-source` - diff --git a/docs/hosts/b4d14/scan.json b/docs/hosts/b4d14/scan.json index 29e71dc..ef1e9f9 100644 --- a/docs/hosts/b4d14/scan.json +++ b/docs/hosts/b4d14/scan.json @@ -8,4 +8,4 @@ "@extrainfo": "protocol 2.0" } } -] \ No newline at end of file +] diff --git a/docs/hosts/b4d14/summaries.json b/docs/hosts/b4d14/summaries.json index a1d0325..eb22e6a 100644 --- a/docs/hosts/b4d14/summaries.json +++ b/docs/hosts/b4d14/summaries.json @@ -9,4 +9,4 @@ "bits": "64", "bogomips": 0 } -} \ No newline at end of file +} diff --git a/docs/hosts/badhome/hardwares.txt b/docs/hosts/badhome/hardwares.txt index ff94012..5b7f2e5 100644 --- a/docs/hosts/badhome/hardwares.txt +++ b/docs/hosts/badhome/hardwares.txt @@ -1,92 +1,92 @@ -System: Kernel: 6.0.17 x86_64 bits: 64 compiler: gcc v: 11.3.0 - parameters: initrd=\efi\nixos\9r5a9briz9xy0q7k3cfxl960qmxxb08j-initrd-linux-6.0.17-initrd.efi - init=/nix/store/dzly5bnnnl5nlb50aky296bdmp2z373z-nixos-system-badhome-23.05.20230105.a518c77/init - nohibernate loglevel=4 - Console: N/A DM: LightDM Distro: NixOS 23.05 (Stoat) -Machine: Type: Laptop System: Dell product: XPS 15 9570 v: N/A serial: Chassis: - type: 10 serial: - Mobo: Dell model: 02MJVY v: A00 serial: UEFI: Dell v: 1.2.2 date: 06/07/2018 -Memory: RAM: total: 15.28 GiB used: 2.13 GiB (14.0%) - Array-1: capacity: 32 GiB slots: 2 EC: None max-module-size: 16 GiB note: est. - Device-1: DIMM A size: 8 GiB speed: 2667 MT/s type: DDR4 detail: synchronous - bus-width: 64 bits total: 64 bits manufacturer: 80AD000080AD part-no: HMA81GS6AFR8N-VK - serial: - Device-2: DIMM B size: 8 GiB speed: 2667 MT/s type: DDR4 detail: synchronous - bus-width: 64 bits total: 64 bits manufacturer: 80AD000080AD part-no: HMA81GS6AFR8N-VK - serial: -PCI Slots: Slot: 0 type: x16 PCI Express J6B2 status: In Use length: Long - Slot: 1 type: x1 PCI Express J6B1 status: Available length: Short - Slot: 2 type: x1 PCI Express J6D1 status: Available length: Short - Slot: 3 type: x1 PCI Express J7B1 status: Available length: Short - Slot: 4 type: x1 PCI Express J8B4 status: In Use length: Short - Slot: 5 type: x1 PCI Express J8D1 status: Available length: Short - Slot: 6 type: x1 PCI Express J8D2 status: Available length: Short - Slot: 7 type: 32-bit PCI J8B3 status: Available length: Short -CPU: Info: 6-Core model: Intel Core i7-8750H socket: U3E1 bits: 64 type: MT MCP - arch: Kaby Lake note: check family: 6 model-id: 9E (158) stepping: A (10) microcode: F0 - cache: L2: 9 MiB - flags: avx avx2 lm nx pae sse sse2 sse3 sse4_1 sse4_2 ssse3 vmx bogomips: 52799 - Speed: 2200 MHz min/max: 800/4100 MHz base/boost: 2300/8300 volts: 0.9 V - ext-clock: 100 MHz Core speeds (MHz): 1: 1405 2: 2200 3: 2200 4: 2200 5: 2200 6: 2200 - 7: 2106 8: 2200 9: 1455 10: 2200 11: 2200 12: 2200 - Vulnerabilities: Type: itlb_multihit status: KVM: VMX disabled - Type: l1tf mitigation: PTE Inversion; VMX: conditional cache flushes, SMT vulnerable - Type: mds mitigation: Clear CPU buffers; SMT vulnerable - Type: meltdown mitigation: PTI - Type: mmio_stale_data mitigation: Clear CPU buffers; SMT vulnerable - Type: retbleed mitigation: IBRS - Type: spec_store_bypass mitigation: Speculative Store Bypass disabled via prctl - Type: spectre_v1 mitigation: usercopy/swapgs barriers and __user pointer sanitization - Type: spectre_v2 - mitigation: IBRS, IBPB: conditional, RSB filling, PBRSB-eIBRS: Not affected - Type: srbds mitigation: Microcode - Type: tsx_async_abort status: Not affected -Graphics: Device-1: Intel CoffeeLake-H GT2 [UHD Graphics 630] vendor: Dell driver: i915 v: kernel - bus-ID: 00:02.0 chip-ID: 8086:3e9b class-ID: 0300 - Device-2: NVIDIA GP107M [GeForce GTX 1050 Ti Mobile] vendor: Dell driver: N/A - alternate: nvidiafb, nouveau bus-ID: 01:00.0 chip-ID: 10de:1c8c class-ID: 0302 - Device-3: Microdia Integrated_Webcam_HD type: USB driver: uvcvideo bus-ID: 1-12:4 - chip-ID: 0c45:671d class-ID: 0e02 - Display: server: X.org 1.20.14 driver: loaded: N/A tty: N/A - Message: Advanced graphics data unavailable in console for root. -Audio: Device-1: Intel Cannon Lake PCH cAVS vendor: Dell driver: snd_hda_intel v: kernel - alternate: snd_soc_skl,snd_sof_pci_intel_cnl bus-ID: 00:1f.3 chip-ID: 8086:a348 - class-ID: 0403 - Sound Server-1: ALSA v: k6.0.17 running: yes -Network: Device-1: Qualcomm Atheros QCA6174 802.11ac Wireless Network Adapter - vendor: Rivet Networks Killer Wireless-n/a/ac 1535 driver: ath10k_pci v: kernel - port: 3000 bus-ID: 3b:00.0 chip-ID: 168c:003e class-ID: 0280 - IF: wlp59s0 state: up mac: - IP v4: type: dynamic noprefixroute scope: global broadcast: - IP v6: type: noprefixroute scope: link - WAN IP: -Bluetooth: Device-1: Qualcomm Atheros QCA61x4 Bluetooth 4.0 type: USB driver: btusb v: 0.8 - bus-ID: 1-4:2 chip-ID: 0cf3:e300 class-ID: e001 - Report: rfkill ID: hci0 rfk-id: 0 state: down bt-service: not found rfk-block: - hardware: no software: no address: see --recommends -RAID: Device-1: zroot type: zfs status: ONLINE level: linear size: 464 GiB free: 459 GiB - allocated: 5.41 GiB - Components: Online: N/A -Drives: Local Storage: total: raw: 942.7 GiB usable: 1.37 TiB used: 5.48 GiB (0.4%) - ID-1: /dev/nvme0n1 maj-min: 259:0 vendor: Toshiba model: KXG50ZNV512G NVMe 512GB - size: 476.94 GiB block-size: physical: 512 B logical: 512 B speed: 31.6 Gb/s lanes: 4 - rotation: SSD serial: rev: AADA4105 temp: 31 Celsius C scheme: GPT - SMART: yes health: PASSED on: 1y 87d 19h cycles: 1,665 read-units: 15,570,354 [7.97 TB] - written-units: 38,380,319 [19.6 TB] - ID-2: /dev/sda maj-min: 8:0 type: USB vendor: Western Digital model: WD5000BPVT-00HXZT3 - family: Scorpio Blue Serial ATA (AF) size: 465.76 GiB block-size: physical: 4096 B - logical: 512 B sata: 2.6 speed: 3.0 Gb/s rotation: 5400 rpm serial: - rev: 01.01A01 temp: 35 C scheme: MBR - SMART: yes state: enabled health: PASSED on: 9d 20h cycles: 1018 -Partition: ID-1: / raw-size: N/A size: 444.27 GiB used: 17.1 MiB (0.0%) fs: zfs - logical: zroot/private/root - ID-2: /boot raw-size: 1024 MiB size: 1022 MiB (99.80%) used: 111.3 MiB (10.9%) fs: vfat - block-size: 512 B dev: /dev/nvme0n1p1 maj-min: 259:1 -Swap: Kernel: swappiness: 60 (default) cache-pressure: 100 (default) - ID-1: swap-1 type: partition size: 8 GiB used: 0 KiB (0.0%) priority: -2 - dev: /dev/nvme0n1p2 maj-min: 259:2 -Sensors: System Temperatures: cpu: 54.0 C mobo: 33.0 C sodimm: SODIMM C - Fan Speeds (RPM): cpu: 2493 -Info: Processes: 282 Uptime: 2h 19m wakeups: 1699 Init: systemd v: 252 - target: graphical.target tool: systemctl Compilers: gcc: 11.3.0 Packages: - nix-default: 0 nix-sys: 656 lib: 152 nix-usr: 0 Client: Sudo v: 1.9.12p1 inxi: 3.3.04 +System: Kernel: 6.0.17 x86_64 bits: 64 compiler: gcc v: 11.3.0 + parameters: initrd=\efi\nixos\9r5a9briz9xy0q7k3cfxl960qmxxb08j-initrd-linux-6.0.17-initrd.efi + init=/nix/store/dzly5bnnnl5nlb50aky296bdmp2z373z-nixos-system-badhome-23.05.20230105.a518c77/init + nohibernate loglevel=4 + Console: N/A DM: LightDM Distro: NixOS 23.05 (Stoat) +Machine: Type: Laptop System: Dell product: XPS 15 9570 v: N/A serial: Chassis: + type: 10 serial: + Mobo: Dell model: 02MJVY v: A00 serial: UEFI: Dell v: 1.2.2 date: 06/07/2018 +Memory: RAM: total: 15.28 GiB used: 2.13 GiB (14.0%) + Array-1: capacity: 32 GiB slots: 2 EC: None max-module-size: 16 GiB note: est. + Device-1: DIMM A size: 8 GiB speed: 2667 MT/s type: DDR4 detail: synchronous + bus-width: 64 bits total: 64 bits manufacturer: 80AD000080AD part-no: HMA81GS6AFR8N-VK + serial: + Device-2: DIMM B size: 8 GiB speed: 2667 MT/s type: DDR4 detail: synchronous + bus-width: 64 bits total: 64 bits manufacturer: 80AD000080AD part-no: HMA81GS6AFR8N-VK + serial: +PCI Slots: Slot: 0 type: x16 PCI Express J6B2 status: In Use length: Long + Slot: 1 type: x1 PCI Express J6B1 status: Available length: Short + Slot: 2 type: x1 PCI Express J6D1 status: Available length: Short + Slot: 3 type: x1 PCI Express J7B1 status: Available length: Short + Slot: 4 type: x1 PCI Express J8B4 status: In Use length: Short + Slot: 5 type: x1 PCI Express J8D1 status: Available length: Short + Slot: 6 type: x1 PCI Express J8D2 status: Available length: Short + Slot: 7 type: 32-bit PCI J8B3 status: Available length: Short +CPU: Info: 6-Core model: Intel Core i7-8750H socket: U3E1 bits: 64 type: MT MCP + arch: Kaby Lake note: check family: 6 model-id: 9E (158) stepping: A (10) microcode: F0 + cache: L2: 9 MiB + flags: avx avx2 lm nx pae sse sse2 sse3 sse4_1 sse4_2 ssse3 vmx bogomips: 52799 + Speed: 2200 MHz min/max: 800/4100 MHz base/boost: 2300/8300 volts: 0.9 V + ext-clock: 100 MHz Core speeds (MHz): 1: 1405 2: 2200 3: 2200 4: 2200 5: 2200 6: 2200 + 7: 2106 8: 2200 9: 1455 10: 2200 11: 2200 12: 2200 + Vulnerabilities: Type: itlb_multihit status: KVM: VMX disabled + Type: l1tf mitigation: PTE Inversion; VMX: conditional cache flushes, SMT vulnerable + Type: mds mitigation: Clear CPU buffers; SMT vulnerable + Type: meltdown mitigation: PTI + Type: mmio_stale_data mitigation: Clear CPU buffers; SMT vulnerable + Type: retbleed mitigation: IBRS + Type: spec_store_bypass mitigation: Speculative Store Bypass disabled via prctl + Type: spectre_v1 mitigation: usercopy/swapgs barriers and __user pointer sanitization + Type: spectre_v2 + mitigation: IBRS, IBPB: conditional, RSB filling, PBRSB-eIBRS: Not affected + Type: srbds mitigation: Microcode + Type: tsx_async_abort status: Not affected +Graphics: Device-1: Intel CoffeeLake-H GT2 [UHD Graphics 630] vendor: Dell driver: i915 v: kernel + bus-ID: 00:02.0 chip-ID: 8086:3e9b class-ID: 0300 + Device-2: NVIDIA GP107M [GeForce GTX 1050 Ti Mobile] vendor: Dell driver: N/A + alternate: nvidiafb, nouveau bus-ID: 01:00.0 chip-ID: 10de:1c8c class-ID: 0302 + Device-3: Microdia Integrated_Webcam_HD type: USB driver: uvcvideo bus-ID: 1-12:4 + chip-ID: 0c45:671d class-ID: 0e02 + Display: server: X.org 1.20.14 driver: loaded: N/A tty: N/A + Message: Advanced graphics data unavailable in console for root. +Audio: Device-1: Intel Cannon Lake PCH cAVS vendor: Dell driver: snd_hda_intel v: kernel + alternate: snd_soc_skl,snd_sof_pci_intel_cnl bus-ID: 00:1f.3 chip-ID: 8086:a348 + class-ID: 0403 + Sound Server-1: ALSA v: k6.0.17 running: yes +Network: Device-1: Qualcomm Atheros QCA6174 802.11ac Wireless Network Adapter + vendor: Rivet Networks Killer Wireless-n/a/ac 1535 driver: ath10k_pci v: kernel + port: 3000 bus-ID: 3b:00.0 chip-ID: 168c:003e class-ID: 0280 + IF: wlp59s0 state: up mac: + IP v4: type: dynamic noprefixroute scope: global broadcast: + IP v6: type: noprefixroute scope: link + WAN IP: +Bluetooth: Device-1: Qualcomm Atheros QCA61x4 Bluetooth 4.0 type: USB driver: btusb v: 0.8 + bus-ID: 1-4:2 chip-ID: 0cf3:e300 class-ID: e001 + Report: rfkill ID: hci0 rfk-id: 0 state: down bt-service: not found rfk-block: + hardware: no software: no address: see --recommends +RAID: Device-1: zroot type: zfs status: ONLINE level: linear size: 464 GiB free: 459 GiB + allocated: 5.41 GiB + Components: Online: N/A +Drives: Local Storage: total: raw: 942.7 GiB usable: 1.37 TiB used: 5.48 GiB (0.4%) + ID-1: /dev/nvme0n1 maj-min: 259:0 vendor: Toshiba model: KXG50ZNV512G NVMe 512GB + size: 476.94 GiB block-size: physical: 512 B logical: 512 B speed: 31.6 Gb/s lanes: 4 + rotation: SSD serial: rev: AADA4105 temp: 31 Celsius C scheme: GPT + SMART: yes health: PASSED on: 1y 87d 19h cycles: 1,665 read-units: 15,570,354 [7.97 TB] + written-units: 38,380,319 [19.6 TB] + ID-2: /dev/sda maj-min: 8:0 type: USB vendor: Western Digital model: WD5000BPVT-00HXZT3 + family: Scorpio Blue Serial ATA (AF) size: 465.76 GiB block-size: physical: 4096 B + logical: 512 B sata: 2.6 speed: 3.0 Gb/s rotation: 5400 rpm serial: + rev: 01.01A01 temp: 35 C scheme: MBR + SMART: yes state: enabled health: PASSED on: 9d 20h cycles: 1018 +Partition: ID-1: / raw-size: N/A size: 444.27 GiB used: 17.1 MiB (0.0%) fs: zfs + logical: zroot/private/root + ID-2: /boot raw-size: 1024 MiB size: 1022 MiB (99.80%) used: 111.3 MiB (10.9%) fs: vfat + block-size: 512 B dev: /dev/nvme0n1p1 maj-min: 259:1 +Swap: Kernel: swappiness: 60 (default) cache-pressure: 100 (default) + ID-1: swap-1 type: partition size: 8 GiB used: 0 KiB (0.0%) priority: -2 + dev: /dev/nvme0n1p2 maj-min: 259:2 +Sensors: System Temperatures: cpu: 54.0 C mobo: 33.0 C sodimm: SODIMM C + Fan Speeds (RPM): cpu: 2493 +Info: Processes: 282 Uptime: 2h 19m wakeups: 1699 Init: systemd v: 252 + target: graphical.target tool: systemctl Compilers: gcc: 11.3.0 Packages: + nix-default: 0 nix-sys: 656 lib: 152 nix-usr: 0 Client: Sudo v: 1.9.12p1 inxi: 3.3.04 diff --git a/docs/hosts/badhome/nix.txt b/docs/hosts/badhome/nix.txt index b6973db..f16d3fb 100644 --- a/docs/hosts/badhome/nix.txt +++ b/docs/hosts/badhome/nix.txt @@ -4,4 +4,3 @@ - sandbox: `yes` - version: `nix-env (Nix) 2.12.0` - nixpkgs: `/nix/store/as4rk0fwhkycnh5gzjbfhk21hkrkcs5c-bkxnsyy1bdr7rl2ll5icc10crspwqqxj-source` - diff --git a/docs/hosts/badhome/scan.json b/docs/hosts/badhome/scan.json index 29e71dc..ef1e9f9 100644 --- a/docs/hosts/badhome/scan.json +++ b/docs/hosts/badhome/scan.json @@ -8,4 +8,4 @@ "@extrainfo": "protocol 2.0" } } -] \ No newline at end of file +] diff --git a/docs/hosts/badphone.md b/docs/hosts/badphone.md index 6ba3ad9..47e125a 100644 --- a/docs/hosts/badphone.md +++ b/docs/hosts/badphone.md @@ -7,4 +7,4 @@ This page generated with `inv docs.all-pages` -[comment]: (< - Chassis: type: 10 serial: - Mobo: LENOVO model: 20UDCTO1WW v: SDK0J40700 WIN serial: UEFI: LENOVO - v: R1BET72W(1.41 ) date: 06/27/2022 -Battery: ID-1: BAT0 charge: 50.3 Wh (97.7%) condition: 51.5/50.5 Wh (101.9%) volts: 12.5 - min: 11.6 model: LGC 5B10W139 type: Li-poly serial: status: Discharging - cycles: 168 -Memory: RAM: total: 30.59 GiB used: 1.23 GiB (4.0%) - Array-1: capacity: 64 GiB slots: 2 EC: None max-module-size: 32 GiB note: est. - Device-1: DIMM 0 size: 16 GiB speed: 3200 MT/s type: DDR4 - detail: synchronous unbuffered (unregistered) bus-width: 64 bits total: 64 bits - manufacturer: Samsung part-no: M471A2G44AM0-CWE serial: N/A - Device-2: DIMM 0 size: 16 GiB speed: 3200 MT/s type: DDR4 - detail: synchronous unbuffered (unregistered) bus-width: 64 bits total: 64 bits - manufacturer: Hynix part-no: HMA82GS6DJR8N-XN serial: -PCI Slots: Slot: 1 type: x1 PCI Express x1 PCI-E x1 (J3600) status: Available length: Short - Slot: 2 type: x1 PCI Express x1 PCI-E x8 (J3605) status: Available length: Short - Slot: 3 type: x1 PCI Express x1 M.2 PCI-E Connector (J3700) status: Available - length: Short - Slot: 4 type: x1 PCI Express x1 M.2 WWAN Connector (J3702) status: Available - length: Long - Slot: 5 type: x1 PCI Express x1 M.2 WLAN/BT Connector (J3703) status: Available - length: Long - Slot: 6 type: x1 PCI Express x1 PCIE SD_Card (J4000) status: Available length: Long -CPU: Info: 6-Core model: AMD Ryzen 5 PRO 4650U with Radeon Graphics socket: FP6 bits: 64 - type: MT MCP arch: Zen 2 family: 17 (23) model-id: 60 (96) stepping: 1 - microcode: 8600106 cache: L1: 384 KiB L2: 3 MiB L3: 8 MiB - flags: avx avx2 lm nx pae sse sse2 sse3 sse4_1 sse4_2 sse4a ssse3 svm bogomips: 50321 - Speed: 2100 MHz min/max: 1400/2100 MHz base/boost: 2100/4000 boost: enabled - volts: 1.2 V ext-clock: 100 MHz Core speeds (MHz): 1: 1397 2: 1397 3: 1400 4: 1397 - 5: 1397 6: 1397 7: 1397 8: 1379 9: 1397 10: 1400 11: 1397 12: 1397 - Vulnerabilities: Type: itlb_multihit status: Not affected - Type: l1tf status: Not affected - Type: mds status: Not affected - Type: meltdown status: Not affected - Type: mmio_stale_data status: Not affected - Type: retbleed mitigation: untrained return thunk; SMT enabled with STIBP protection - Type: spec_store_bypass mitigation: Speculative Store Bypass disabled via prctl - Type: spectre_v1 mitigation: usercopy/swapgs barriers and __user pointer sanitization - Type: spectre_v2 mitigation: Retpolines, IBPB: conditional, STIBP: always-on, RSB - filling, PBRSB-eIBRS: Not affected - Type: srbds status: Not affected - Type: tsx_async_abort status: Not affected -Graphics: Device-1: AMD Renoir vendor: Lenovo driver: amdgpu v: kernel bus-ID: 07:00.0 - chip-ID: 1002:1636 class-ID: 0300 - Device-2: IMC Networks Integrated Camera type: USB driver: uvcvideo bus-ID: 2-2:2 - chip-ID: 13d3:5415 class-ID: 0e02 - Display: server: X.org 1.21.1.4 compositor: picom v: git-7e568 driver: - loaded: modesetting unloaded: vesa alternate: ati,fbdev tty: N/A - Message: Advanced graphics data unavailable in console for root. -Audio: Device-1: AMD Renoir Radeon High Definition Audio vendor: Lenovo driver: snd_hda_intel - v: kernel bus-ID: 07:00.1 chip-ID: 1002:1637 class-ID: 0403 - Device-2: AMD ACP/ACP3X/ACP6x Audio Coprocessor vendor: Lenovo driver: snd_rn_pci_acp3x - v: kernel - alternate: snd_pci_acp3x,snd_pci_acp5x,snd_pci_acp6x,snd_acp_pci,snd_sof_amd_renoir - bus-ID: 07:00.5 chip-ID: 1022:15e2 class-ID: 0480 - Device-3: AMD Family 17h/19h HD Audio vendor: Lenovo driver: snd_hda_intel v: kernel - bus-ID: 07:00.6 chip-ID: 1022:15e3 class-ID: 0403 - Sound Server-1: ALSA v: k5.19.13-arch1-1 running: yes - Sound Server-2: sndio v: N/A running: no - Sound Server-3: JACK v: 1.9.21 running: no - Sound Server-4: PulseAudio v: 16.1 running: yes - Sound Server-5: PipeWire v: 0.3.59 running: no -Network: Device-1: Realtek RTL8111/8168/8411 PCI Express Gigabit Ethernet vendor: Lenovo - driver: r8169 v: kernel port: 3400 bus-ID: 02:00.0 chip-ID: 10ec:8168 class-ID: 0200 - IF: enp2s0f0 state: down mac: - Device-2: Intel Wi-Fi 6 AX200 driver: iwlwifi v: kernel port: 3000 bus-ID: 03:00.0 - chip-ID: 8086:2723 class-ID: 0280 - IF: wlp3s0 state: up mac: - IP v4: type: dynamic noprefixroute scope: global broadcast: - Device-3: Realtek RTL8111/8168/8411 PCI Express Gigabit Ethernet vendor: Lenovo - driver: r8169 v: kernel port: 2000 bus-ID: 05:00.0 chip-ID: 10ec:8168 class-ID: 0200 - IF: enp5s0 state: down mac: - IF-ID-1: docker0 state: up speed: 10000 Mbps duplex: unknown mac: - IP v4: scope: global broadcast: - IP v6: scope: link - IF-ID-2: tailscale0 state: unknown speed: -1 duplex: full mac: N/A - IP v4: scope: global - IP v6: scope: global - IP v6: virtual: stable-privacy scope: link - IF-ID-3: veth19a2615 state: up speed: 10000 Mbps duplex: full mac: - IF-ID-4: veth611e2ce state: up speed: 10000 Mbps duplex: full mac: - WAN IP: -Bluetooth: Device-1: Intel AX200 Bluetooth type: USB driver: btusb v: 0.8 bus-ID: 6-4:2 - chip-ID: 8087:0029 class-ID: e001 - Report: rfkill ID: hci0 rfk-id: 2 state: down bt-service: disabled rfk-block: - hardware: no software: no address: see --recommends -Drives: Local Storage: total: 953.87 GiB used: 535.26 GiB (56.1%) - ID-1: /dev/nvme0n1 maj-min: 259:0 vendor: SK Hynix model: HFS001TD9TNI-L2B0B - size: 953.87 GiB block-size: physical: 512 B logical: 512 B speed: 31.6 Gb/s lanes: 4 - rotation: SSD serial: rev: 11720C10 temp: 24 Celsius C scheme: GPT - SMART: yes health: PASSED on: 336d 14h cycles: 787 read-units: 14,657,733 [7.50 TB] - written-units: 66,879,589 [34.2 TB] -Partition: ID-1: / raw-size: 953.36 GiB size: 953.36 GiB (100.00%) used: 535.24 GiB (56.1%) - fs: btrfs block-size: 4096 B dev: /dev/dm-0 maj-min: 254:0 mapped: archroot - ID-2: /boot/efi raw-size: 512 MiB size: 511 MiB (99.80%) used: 17.5 MiB (3.4%) fs: vfat - block-size: 512 B dev: /dev/nvme0n1p1 maj-min: 259:1 - ID-3: /home raw-size: 953.36 GiB size: 953.36 GiB (100.00%) used: 535.24 GiB (56.1%) - fs: btrfs block-size: 4096 B dev: /dev/dm-0 maj-min: 254:0 mapped: archroot - ID-4: /var raw-size: 953.36 GiB size: 953.36 GiB (100.00%) used: 535.24 GiB (56.1%) - fs: btrfs block-size: 4096 B dev: /dev/dm-0 maj-min: 254:0 mapped: archroot -Swap: Alert: No swap data was found. -Sensors: System Temperatures: cpu: 28.0 C mobo: 0 C gpu: amdgpu temp: 27.0 C - Fan Speeds (RPM): fan-1: 0 fan-2: 0 -Info: Processes: 337 Uptime: N/A wakeups: 4 Init: systemd v: 251 tool: systemctl Compilers: - gcc: 12.2.0 clang: 14.0.6 Packages: 1464 nix-default: 46 nix-sys: 0 nix-usr: 46 lib: 9 +System: Kernel: 5.19.13-arch1-1 x86_64 bits: 64 compiler: gcc v: 12.2.0 + parameters: BOOT_IMAGE=/@/boot/vmlinuz-linux + root=UUID=c60d23ea-1602-4e39-adef-f21de83544d1 rw rootflags=subvol=@ + cryptdevice=UUID=0d7bb4e8-30b5-433f-abd3-8fe131771b25:archroot + Console: N/A DM: LightDM 1.32.0 Distro: Arch Linux +Machine: Type: Laptop System: LENOVO product: 20UDCTO1WW v: ThinkPad T14 Gen 1 serial: + Chassis: type: 10 serial: + Mobo: LENOVO model: 20UDCTO1WW v: SDK0J40700 WIN serial: UEFI: LENOVO + v: R1BET72W(1.41 ) date: 06/27/2022 +Battery: ID-1: BAT0 charge: 50.3 Wh (97.7%) condition: 51.5/50.5 Wh (101.9%) volts: 12.5 + min: 11.6 model: LGC 5B10W139 type: Li-poly serial: status: Discharging + cycles: 168 +Memory: RAM: total: 30.59 GiB used: 1.23 GiB (4.0%) + Array-1: capacity: 64 GiB slots: 2 EC: None max-module-size: 32 GiB note: est. + Device-1: DIMM 0 size: 16 GiB speed: 3200 MT/s type: DDR4 + detail: synchronous unbuffered (unregistered) bus-width: 64 bits total: 64 bits + manufacturer: Samsung part-no: M471A2G44AM0-CWE serial: N/A + Device-2: DIMM 0 size: 16 GiB speed: 3200 MT/s type: DDR4 + detail: synchronous unbuffered (unregistered) bus-width: 64 bits total: 64 bits + manufacturer: Hynix part-no: HMA82GS6DJR8N-XN serial: +PCI Slots: Slot: 1 type: x1 PCI Express x1 PCI-E x1 (J3600) status: Available length: Short + Slot: 2 type: x1 PCI Express x1 PCI-E x8 (J3605) status: Available length: Short + Slot: 3 type: x1 PCI Express x1 M.2 PCI-E Connector (J3700) status: Available + length: Short + Slot: 4 type: x1 PCI Express x1 M.2 WWAN Connector (J3702) status: Available + length: Long + Slot: 5 type: x1 PCI Express x1 M.2 WLAN/BT Connector (J3703) status: Available + length: Long + Slot: 6 type: x1 PCI Express x1 PCIE SD_Card (J4000) status: Available length: Long +CPU: Info: 6-Core model: AMD Ryzen 5 PRO 4650U with Radeon Graphics socket: FP6 bits: 64 + type: MT MCP arch: Zen 2 family: 17 (23) model-id: 60 (96) stepping: 1 + microcode: 8600106 cache: L1: 384 KiB L2: 3 MiB L3: 8 MiB + flags: avx avx2 lm nx pae sse sse2 sse3 sse4_1 sse4_2 sse4a ssse3 svm bogomips: 50321 + Speed: 2100 MHz min/max: 1400/2100 MHz base/boost: 2100/4000 boost: enabled + volts: 1.2 V ext-clock: 100 MHz Core speeds (MHz): 1: 1397 2: 1397 3: 1400 4: 1397 + 5: 1397 6: 1397 7: 1397 8: 1379 9: 1397 10: 1400 11: 1397 12: 1397 + Vulnerabilities: Type: itlb_multihit status: Not affected + Type: l1tf status: Not affected + Type: mds status: Not affected + Type: meltdown status: Not affected + Type: mmio_stale_data status: Not affected + Type: retbleed mitigation: untrained return thunk; SMT enabled with STIBP protection + Type: spec_store_bypass mitigation: Speculative Store Bypass disabled via prctl + Type: spectre_v1 mitigation: usercopy/swapgs barriers and __user pointer sanitization + Type: spectre_v2 mitigation: Retpolines, IBPB: conditional, STIBP: always-on, RSB + filling, PBRSB-eIBRS: Not affected + Type: srbds status: Not affected + Type: tsx_async_abort status: Not affected +Graphics: Device-1: AMD Renoir vendor: Lenovo driver: amdgpu v: kernel bus-ID: 07:00.0 + chip-ID: 1002:1636 class-ID: 0300 + Device-2: IMC Networks Integrated Camera type: USB driver: uvcvideo bus-ID: 2-2:2 + chip-ID: 13d3:5415 class-ID: 0e02 + Display: server: X.org 1.21.1.4 compositor: picom v: git-7e568 driver: + loaded: modesetting unloaded: vesa alternate: ati,fbdev tty: N/A + Message: Advanced graphics data unavailable in console for root. +Audio: Device-1: AMD Renoir Radeon High Definition Audio vendor: Lenovo driver: snd_hda_intel + v: kernel bus-ID: 07:00.1 chip-ID: 1002:1637 class-ID: 0403 + Device-2: AMD ACP/ACP3X/ACP6x Audio Coprocessor vendor: Lenovo driver: snd_rn_pci_acp3x + v: kernel + alternate: snd_pci_acp3x,snd_pci_acp5x,snd_pci_acp6x,snd_acp_pci,snd_sof_amd_renoir + bus-ID: 07:00.5 chip-ID: 1022:15e2 class-ID: 0480 + Device-3: AMD Family 17h/19h HD Audio vendor: Lenovo driver: snd_hda_intel v: kernel + bus-ID: 07:00.6 chip-ID: 1022:15e3 class-ID: 0403 + Sound Server-1: ALSA v: k5.19.13-arch1-1 running: yes + Sound Server-2: sndio v: N/A running: no + Sound Server-3: JACK v: 1.9.21 running: no + Sound Server-4: PulseAudio v: 16.1 running: yes + Sound Server-5: PipeWire v: 0.3.59 running: no +Network: Device-1: Realtek RTL8111/8168/8411 PCI Express Gigabit Ethernet vendor: Lenovo + driver: r8169 v: kernel port: 3400 bus-ID: 02:00.0 chip-ID: 10ec:8168 class-ID: 0200 + IF: enp2s0f0 state: down mac: + Device-2: Intel Wi-Fi 6 AX200 driver: iwlwifi v: kernel port: 3000 bus-ID: 03:00.0 + chip-ID: 8086:2723 class-ID: 0280 + IF: wlp3s0 state: up mac: + IP v4: type: dynamic noprefixroute scope: global broadcast: + Device-3: Realtek RTL8111/8168/8411 PCI Express Gigabit Ethernet vendor: Lenovo + driver: r8169 v: kernel port: 2000 bus-ID: 05:00.0 chip-ID: 10ec:8168 class-ID: 0200 + IF: enp5s0 state: down mac: + IF-ID-1: docker0 state: up speed: 10000 Mbps duplex: unknown mac: + IP v4: scope: global broadcast: + IP v6: scope: link + IF-ID-2: tailscale0 state: unknown speed: -1 duplex: full mac: N/A + IP v4: scope: global + IP v6: scope: global + IP v6: virtual: stable-privacy scope: link + IF-ID-3: veth19a2615 state: up speed: 10000 Mbps duplex: full mac: + IF-ID-4: veth611e2ce state: up speed: 10000 Mbps duplex: full mac: + WAN IP: +Bluetooth: Device-1: Intel AX200 Bluetooth type: USB driver: btusb v: 0.8 bus-ID: 6-4:2 + chip-ID: 8087:0029 class-ID: e001 + Report: rfkill ID: hci0 rfk-id: 2 state: down bt-service: disabled rfk-block: + hardware: no software: no address: see --recommends +Drives: Local Storage: total: 953.87 GiB used: 535.26 GiB (56.1%) + ID-1: /dev/nvme0n1 maj-min: 259:0 vendor: SK Hynix model: HFS001TD9TNI-L2B0B + size: 953.87 GiB block-size: physical: 512 B logical: 512 B speed: 31.6 Gb/s lanes: 4 + rotation: SSD serial: rev: 11720C10 temp: 24 Celsius C scheme: GPT + SMART: yes health: PASSED on: 336d 14h cycles: 787 read-units: 14,657,733 [7.50 TB] + written-units: 66,879,589 [34.2 TB] +Partition: ID-1: / raw-size: 953.36 GiB size: 953.36 GiB (100.00%) used: 535.24 GiB (56.1%) + fs: btrfs block-size: 4096 B dev: /dev/dm-0 maj-min: 254:0 mapped: archroot + ID-2: /boot/efi raw-size: 512 MiB size: 511 MiB (99.80%) used: 17.5 MiB (3.4%) fs: vfat + block-size: 512 B dev: /dev/nvme0n1p1 maj-min: 259:1 + ID-3: /home raw-size: 953.36 GiB size: 953.36 GiB (100.00%) used: 535.24 GiB (56.1%) + fs: btrfs block-size: 4096 B dev: /dev/dm-0 maj-min: 254:0 mapped: archroot + ID-4: /var raw-size: 953.36 GiB size: 953.36 GiB (100.00%) used: 535.24 GiB (56.1%) + fs: btrfs block-size: 4096 B dev: /dev/dm-0 maj-min: 254:0 mapped: archroot +Swap: Alert: No swap data was found. +Sensors: System Temperatures: cpu: 28.0 C mobo: 0 C gpu: amdgpu temp: 27.0 C + Fan Speeds (RPM): fan-1: 0 fan-2: 0 +Info: Processes: 337 Uptime: N/A wakeups: 4 Init: systemd v: 251 tool: systemctl Compilers: + gcc: 12.2.0 clang: 14.0.6 Packages: 1464 nix-default: 46 nix-sys: 0 nix-usr: 46 lib: 9 pacman: 1372 lib: 273 Client: Sudo v: 1.9.11p3 inxi: 3.3.04 ``` - -[comment]: (< - Chassis: type: 10 serial: - Mobo: LENOVO model: 20UDCTO1WW v: SDK0J40700 WIN serial: UEFI: LENOVO - v: R1BET72W(1.41 ) date: 06/27/2022 -Battery: ID-1: BAT0 charge: 50.3 Wh (97.7%) condition: 51.5/50.5 Wh (101.9%) volts: 12.5 - min: 11.6 model: LGC 5B10W139 type: Li-poly serial: status: Discharging - cycles: 168 -Memory: RAM: total: 30.59 GiB used: 1.23 GiB (4.0%) - Array-1: capacity: 64 GiB slots: 2 EC: None max-module-size: 32 GiB note: est. - Device-1: DIMM 0 size: 16 GiB speed: 3200 MT/s type: DDR4 - detail: synchronous unbuffered (unregistered) bus-width: 64 bits total: 64 bits - manufacturer: Samsung part-no: M471A2G44AM0-CWE serial: N/A - Device-2: DIMM 0 size: 16 GiB speed: 3200 MT/s type: DDR4 - detail: synchronous unbuffered (unregistered) bus-width: 64 bits total: 64 bits - manufacturer: Hynix part-no: HMA82GS6DJR8N-XN serial: -PCI Slots: Slot: 1 type: x1 PCI Express x1 PCI-E x1 (J3600) status: Available length: Short - Slot: 2 type: x1 PCI Express x1 PCI-E x8 (J3605) status: Available length: Short - Slot: 3 type: x1 PCI Express x1 M.2 PCI-E Connector (J3700) status: Available - length: Short - Slot: 4 type: x1 PCI Express x1 M.2 WWAN Connector (J3702) status: Available - length: Long - Slot: 5 type: x1 PCI Express x1 M.2 WLAN/BT Connector (J3703) status: Available - length: Long - Slot: 6 type: x1 PCI Express x1 PCIE SD_Card (J4000) status: Available length: Long -CPU: Info: 6-Core model: AMD Ryzen 5 PRO 4650U with Radeon Graphics socket: FP6 bits: 64 - type: MT MCP arch: Zen 2 family: 17 (23) model-id: 60 (96) stepping: 1 - microcode: 8600106 cache: L1: 384 KiB L2: 3 MiB L3: 8 MiB - flags: avx avx2 lm nx pae sse sse2 sse3 sse4_1 sse4_2 sse4a ssse3 svm bogomips: 50321 - Speed: 2100 MHz min/max: 1400/2100 MHz base/boost: 2100/4000 boost: enabled - volts: 1.2 V ext-clock: 100 MHz Core speeds (MHz): 1: 1397 2: 1397 3: 1400 4: 1397 - 5: 1397 6: 1397 7: 1397 8: 1379 9: 1397 10: 1400 11: 1397 12: 1397 - Vulnerabilities: Type: itlb_multihit status: Not affected - Type: l1tf status: Not affected - Type: mds status: Not affected - Type: meltdown status: Not affected - Type: mmio_stale_data status: Not affected - Type: retbleed mitigation: untrained return thunk; SMT enabled with STIBP protection - Type: spec_store_bypass mitigation: Speculative Store Bypass disabled via prctl - Type: spectre_v1 mitigation: usercopy/swapgs barriers and __user pointer sanitization - Type: spectre_v2 mitigation: Retpolines, IBPB: conditional, STIBP: always-on, RSB - filling, PBRSB-eIBRS: Not affected - Type: srbds status: Not affected - Type: tsx_async_abort status: Not affected -Graphics: Device-1: AMD Renoir vendor: Lenovo driver: amdgpu v: kernel bus-ID: 07:00.0 - chip-ID: 1002:1636 class-ID: 0300 - Device-2: IMC Networks Integrated Camera type: USB driver: uvcvideo bus-ID: 2-2:2 - chip-ID: 13d3:5415 class-ID: 0e02 - Display: server: X.org 1.21.1.4 compositor: picom v: git-7e568 driver: - loaded: modesetting unloaded: vesa alternate: ati,fbdev tty: N/A - Message: Advanced graphics data unavailable in console for root. -Audio: Device-1: AMD Renoir Radeon High Definition Audio vendor: Lenovo driver: snd_hda_intel - v: kernel bus-ID: 07:00.1 chip-ID: 1002:1637 class-ID: 0403 - Device-2: AMD ACP/ACP3X/ACP6x Audio Coprocessor vendor: Lenovo driver: snd_rn_pci_acp3x - v: kernel - alternate: snd_pci_acp3x,snd_pci_acp5x,snd_pci_acp6x,snd_acp_pci,snd_sof_amd_renoir - bus-ID: 07:00.5 chip-ID: 1022:15e2 class-ID: 0480 - Device-3: AMD Family 17h/19h HD Audio vendor: Lenovo driver: snd_hda_intel v: kernel - bus-ID: 07:00.6 chip-ID: 1022:15e3 class-ID: 0403 - Sound Server-1: ALSA v: k5.19.13-arch1-1 running: yes - Sound Server-2: sndio v: N/A running: no - Sound Server-3: JACK v: 1.9.21 running: no - Sound Server-4: PulseAudio v: 16.1 running: yes - Sound Server-5: PipeWire v: 0.3.59 running: no -Network: Device-1: Realtek RTL8111/8168/8411 PCI Express Gigabit Ethernet vendor: Lenovo - driver: r8169 v: kernel port: 3400 bus-ID: 02:00.0 chip-ID: 10ec:8168 class-ID: 0200 - IF: enp2s0f0 state: down mac: - Device-2: Intel Wi-Fi 6 AX200 driver: iwlwifi v: kernel port: 3000 bus-ID: 03:00.0 - chip-ID: 8086:2723 class-ID: 0280 - IF: wlp3s0 state: up mac: - IP v4: type: dynamic noprefixroute scope: global broadcast: - Device-3: Realtek RTL8111/8168/8411 PCI Express Gigabit Ethernet vendor: Lenovo - driver: r8169 v: kernel port: 2000 bus-ID: 05:00.0 chip-ID: 10ec:8168 class-ID: 0200 - IF: enp5s0 state: down mac: - IF-ID-1: docker0 state: up speed: 10000 Mbps duplex: unknown mac: - IP v4: scope: global broadcast: - IP v6: scope: link - IF-ID-2: tailscale0 state: unknown speed: -1 duplex: full mac: N/A - IP v4: scope: global - IP v6: scope: global - IP v6: virtual: stable-privacy scope: link - IF-ID-3: veth19a2615 state: up speed: 10000 Mbps duplex: full mac: - IF-ID-4: veth611e2ce state: up speed: 10000 Mbps duplex: full mac: - WAN IP: -Bluetooth: Device-1: Intel AX200 Bluetooth type: USB driver: btusb v: 0.8 bus-ID: 6-4:2 - chip-ID: 8087:0029 class-ID: e001 - Report: rfkill ID: hci0 rfk-id: 2 state: down bt-service: disabled rfk-block: - hardware: no software: no address: see --recommends -Drives: Local Storage: total: 953.87 GiB used: 535.26 GiB (56.1%) - ID-1: /dev/nvme0n1 maj-min: 259:0 vendor: SK Hynix model: HFS001TD9TNI-L2B0B - size: 953.87 GiB block-size: physical: 512 B logical: 512 B speed: 31.6 Gb/s lanes: 4 - rotation: SSD serial: rev: 11720C10 temp: 24 Celsius C scheme: GPT - SMART: yes health: PASSED on: 336d 14h cycles: 787 read-units: 14,657,733 [7.50 TB] - written-units: 66,879,589 [34.2 TB] -Partition: ID-1: / raw-size: 953.36 GiB size: 953.36 GiB (100.00%) used: 535.24 GiB (56.1%) - fs: btrfs block-size: 4096 B dev: /dev/dm-0 maj-min: 254:0 mapped: archroot - ID-2: /boot/efi raw-size: 512 MiB size: 511 MiB (99.80%) used: 17.5 MiB (3.4%) fs: vfat - block-size: 512 B dev: /dev/nvme0n1p1 maj-min: 259:1 - ID-3: /home raw-size: 953.36 GiB size: 953.36 GiB (100.00%) used: 535.24 GiB (56.1%) - fs: btrfs block-size: 4096 B dev: /dev/dm-0 maj-min: 254:0 mapped: archroot - ID-4: /var raw-size: 953.36 GiB size: 953.36 GiB (100.00%) used: 535.24 GiB (56.1%) - fs: btrfs block-size: 4096 B dev: /dev/dm-0 maj-min: 254:0 mapped: archroot -Swap: Alert: No swap data was found. -Sensors: System Temperatures: cpu: 28.0 C mobo: 0 C gpu: amdgpu temp: 27.0 C - Fan Speeds (RPM): fan-1: 0 fan-2: 0 -Info: Processes: 337 Uptime: N/A wakeups: 4 Init: systemd v: 251 tool: systemctl Compilers: - gcc: 12.2.0 clang: 14.0.6 Packages: 1464 nix-default: 46 nix-sys: 0 nix-usr: 46 lib: 9 - pacman: 1372 lib: 273 Client: Sudo v: 1.9.11p3 inxi: 3.3.04 +System: Kernel: 5.19.13-arch1-1 x86_64 bits: 64 compiler: gcc v: 12.2.0 + parameters: BOOT_IMAGE=/@/boot/vmlinuz-linux + root=UUID=c60d23ea-1602-4e39-adef-f21de83544d1 rw rootflags=subvol=@ + cryptdevice=UUID=0d7bb4e8-30b5-433f-abd3-8fe131771b25:archroot + Console: N/A DM: LightDM 1.32.0 Distro: Arch Linux +Machine: Type: Laptop System: LENOVO product: 20UDCTO1WW v: ThinkPad T14 Gen 1 serial: + Chassis: type: 10 serial: + Mobo: LENOVO model: 20UDCTO1WW v: SDK0J40700 WIN serial: UEFI: LENOVO + v: R1BET72W(1.41 ) date: 06/27/2022 +Battery: ID-1: BAT0 charge: 50.3 Wh (97.7%) condition: 51.5/50.5 Wh (101.9%) volts: 12.5 + min: 11.6 model: LGC 5B10W139 type: Li-poly serial: status: Discharging + cycles: 168 +Memory: RAM: total: 30.59 GiB used: 1.23 GiB (4.0%) + Array-1: capacity: 64 GiB slots: 2 EC: None max-module-size: 32 GiB note: est. + Device-1: DIMM 0 size: 16 GiB speed: 3200 MT/s type: DDR4 + detail: synchronous unbuffered (unregistered) bus-width: 64 bits total: 64 bits + manufacturer: Samsung part-no: M471A2G44AM0-CWE serial: N/A + Device-2: DIMM 0 size: 16 GiB speed: 3200 MT/s type: DDR4 + detail: synchronous unbuffered (unregistered) bus-width: 64 bits total: 64 bits + manufacturer: Hynix part-no: HMA82GS6DJR8N-XN serial: +PCI Slots: Slot: 1 type: x1 PCI Express x1 PCI-E x1 (J3600) status: Available length: Short + Slot: 2 type: x1 PCI Express x1 PCI-E x8 (J3605) status: Available length: Short + Slot: 3 type: x1 PCI Express x1 M.2 PCI-E Connector (J3700) status: Available + length: Short + Slot: 4 type: x1 PCI Express x1 M.2 WWAN Connector (J3702) status: Available + length: Long + Slot: 5 type: x1 PCI Express x1 M.2 WLAN/BT Connector (J3703) status: Available + length: Long + Slot: 6 type: x1 PCI Express x1 PCIE SD_Card (J4000) status: Available length: Long +CPU: Info: 6-Core model: AMD Ryzen 5 PRO 4650U with Radeon Graphics socket: FP6 bits: 64 + type: MT MCP arch: Zen 2 family: 17 (23) model-id: 60 (96) stepping: 1 + microcode: 8600106 cache: L1: 384 KiB L2: 3 MiB L3: 8 MiB + flags: avx avx2 lm nx pae sse sse2 sse3 sse4_1 sse4_2 sse4a ssse3 svm bogomips: 50321 + Speed: 2100 MHz min/max: 1400/2100 MHz base/boost: 2100/4000 boost: enabled + volts: 1.2 V ext-clock: 100 MHz Core speeds (MHz): 1: 1397 2: 1397 3: 1400 4: 1397 + 5: 1397 6: 1397 7: 1397 8: 1379 9: 1397 10: 1400 11: 1397 12: 1397 + Vulnerabilities: Type: itlb_multihit status: Not affected + Type: l1tf status: Not affected + Type: mds status: Not affected + Type: meltdown status: Not affected + Type: mmio_stale_data status: Not affected + Type: retbleed mitigation: untrained return thunk; SMT enabled with STIBP protection + Type: spec_store_bypass mitigation: Speculative Store Bypass disabled via prctl + Type: spectre_v1 mitigation: usercopy/swapgs barriers and __user pointer sanitization + Type: spectre_v2 mitigation: Retpolines, IBPB: conditional, STIBP: always-on, RSB + filling, PBRSB-eIBRS: Not affected + Type: srbds status: Not affected + Type: tsx_async_abort status: Not affected +Graphics: Device-1: AMD Renoir vendor: Lenovo driver: amdgpu v: kernel bus-ID: 07:00.0 + chip-ID: 1002:1636 class-ID: 0300 + Device-2: IMC Networks Integrated Camera type: USB driver: uvcvideo bus-ID: 2-2:2 + chip-ID: 13d3:5415 class-ID: 0e02 + Display: server: X.org 1.21.1.4 compositor: picom v: git-7e568 driver: + loaded: modesetting unloaded: vesa alternate: ati,fbdev tty: N/A + Message: Advanced graphics data unavailable in console for root. +Audio: Device-1: AMD Renoir Radeon High Definition Audio vendor: Lenovo driver: snd_hda_intel + v: kernel bus-ID: 07:00.1 chip-ID: 1002:1637 class-ID: 0403 + Device-2: AMD ACP/ACP3X/ACP6x Audio Coprocessor vendor: Lenovo driver: snd_rn_pci_acp3x + v: kernel + alternate: snd_pci_acp3x,snd_pci_acp5x,snd_pci_acp6x,snd_acp_pci,snd_sof_amd_renoir + bus-ID: 07:00.5 chip-ID: 1022:15e2 class-ID: 0480 + Device-3: AMD Family 17h/19h HD Audio vendor: Lenovo driver: snd_hda_intel v: kernel + bus-ID: 07:00.6 chip-ID: 1022:15e3 class-ID: 0403 + Sound Server-1: ALSA v: k5.19.13-arch1-1 running: yes + Sound Server-2: sndio v: N/A running: no + Sound Server-3: JACK v: 1.9.21 running: no + Sound Server-4: PulseAudio v: 16.1 running: yes + Sound Server-5: PipeWire v: 0.3.59 running: no +Network: Device-1: Realtek RTL8111/8168/8411 PCI Express Gigabit Ethernet vendor: Lenovo + driver: r8169 v: kernel port: 3400 bus-ID: 02:00.0 chip-ID: 10ec:8168 class-ID: 0200 + IF: enp2s0f0 state: down mac: + Device-2: Intel Wi-Fi 6 AX200 driver: iwlwifi v: kernel port: 3000 bus-ID: 03:00.0 + chip-ID: 8086:2723 class-ID: 0280 + IF: wlp3s0 state: up mac: + IP v4: type: dynamic noprefixroute scope: global broadcast: + Device-3: Realtek RTL8111/8168/8411 PCI Express Gigabit Ethernet vendor: Lenovo + driver: r8169 v: kernel port: 2000 bus-ID: 05:00.0 chip-ID: 10ec:8168 class-ID: 0200 + IF: enp5s0 state: down mac: + IF-ID-1: docker0 state: up speed: 10000 Mbps duplex: unknown mac: + IP v4: scope: global broadcast: + IP v6: scope: link + IF-ID-2: tailscale0 state: unknown speed: -1 duplex: full mac: N/A + IP v4: scope: global + IP v6: scope: global + IP v6: virtual: stable-privacy scope: link + IF-ID-3: veth19a2615 state: up speed: 10000 Mbps duplex: full mac: + IF-ID-4: veth611e2ce state: up speed: 10000 Mbps duplex: full mac: + WAN IP: +Bluetooth: Device-1: Intel AX200 Bluetooth type: USB driver: btusb v: 0.8 bus-ID: 6-4:2 + chip-ID: 8087:0029 class-ID: e001 + Report: rfkill ID: hci0 rfk-id: 2 state: down bt-service: disabled rfk-block: + hardware: no software: no address: see --recommends +Drives: Local Storage: total: 953.87 GiB used: 535.26 GiB (56.1%) + ID-1: /dev/nvme0n1 maj-min: 259:0 vendor: SK Hynix model: HFS001TD9TNI-L2B0B + size: 953.87 GiB block-size: physical: 512 B logical: 512 B speed: 31.6 Gb/s lanes: 4 + rotation: SSD serial: rev: 11720C10 temp: 24 Celsius C scheme: GPT + SMART: yes health: PASSED on: 336d 14h cycles: 787 read-units: 14,657,733 [7.50 TB] + written-units: 66,879,589 [34.2 TB] +Partition: ID-1: / raw-size: 953.36 GiB size: 953.36 GiB (100.00%) used: 535.24 GiB (56.1%) + fs: btrfs block-size: 4096 B dev: /dev/dm-0 maj-min: 254:0 mapped: archroot + ID-2: /boot/efi raw-size: 512 MiB size: 511 MiB (99.80%) used: 17.5 MiB (3.4%) fs: vfat + block-size: 512 B dev: /dev/nvme0n1p1 maj-min: 259:1 + ID-3: /home raw-size: 953.36 GiB size: 953.36 GiB (100.00%) used: 535.24 GiB (56.1%) + fs: btrfs block-size: 4096 B dev: /dev/dm-0 maj-min: 254:0 mapped: archroot + ID-4: /var raw-size: 953.36 GiB size: 953.36 GiB (100.00%) used: 535.24 GiB (56.1%) + fs: btrfs block-size: 4096 B dev: /dev/dm-0 maj-min: 254:0 mapped: archroot +Swap: Alert: No swap data was found. +Sensors: System Temperatures: cpu: 28.0 C mobo: 0 C gpu: amdgpu temp: 27.0 C + Fan Speeds (RPM): fan-1: 0 fan-2: 0 +Info: Processes: 337 Uptime: N/A wakeups: 4 Init: systemd v: 251 tool: systemctl Compilers: + gcc: 12.2.0 clang: 14.0.6 Packages: 1464 nix-default: 46 nix-sys: 0 nix-usr: 46 lib: 9 + pacman: 1372 lib: 273 Client: Sudo v: 1.9.11p3 inxi: 3.3.04 diff --git a/docs/hosts/badwork/nix.txt b/docs/hosts/badwork/nix.txt index c818f17..dd4fca4 100644 --- a/docs/hosts/badwork/nix.txt +++ b/docs/hosts/badwork/nix.txt @@ -5,4 +5,3 @@ - version: `nix-env (Nix) 2.12.0` - channels(root): `"nixpkgs"` - nixpkgs: `/root/.nix-defexpr/channels/nixpkgs` - diff --git a/docs/hosts/badwork/summaries.json b/docs/hosts/badwork/summaries.json index d02ce28..891ef92 100644 --- a/docs/hosts/badwork/summaries.json +++ b/docs/hosts/badwork/summaries.json @@ -9,4 +9,4 @@ "bits": 0, "bogomips": 4193 } -} \ No newline at end of file +} diff --git a/docs/hosts/badxps.md b/docs/hosts/badxps.md index a4ff0e1..56e759b 100644 --- a/docs/hosts/badxps.md +++ b/docs/hosts/badxps.md @@ -13,7 +13,7 @@ This page generated with `inv docs.all-pages` |22|tcp|ssh|OpenSSH|protocol 2.0| - + ### Config ```text @@ -24,116 +24,116 @@ RAM : 16 Go Go DISK : 476.94 GiB Go KERNEL : 6.1.20 ``` - + ### Topologie ![hardware topology](https://raw.githubusercontent.com/badele/nix-homelab/master/docs/hosts/badxps/topologie.svg) - - + + ### Hardwares ``` -System: Kernel: 6.1.20 x86_64 bits: 64 compiler: gcc v: 11.3.0 - parameters: initrd=~efi~nixos~apvzr1n6s8rb50k3p32a21wi1lqdm6fa-initrd-linux-6.1.20-initrd.efi - init=/nix/store/j9px2qfbcnki7rj6cw25bvm89c94rngq-nixos-system-badxps-22.11.20230320.e2c9779/init - mem_sleep_default=deep nouveau.blacklist=0 acpi_osi=! acpi_osi="Windows 2015" - acpi_backlight=vendor nohibernate loglevel=4 nvidia-drm.modeset=1 - Console: tty pts/1 DM: LightDM 1.32.0 Distro: NixOS 22.11 (Raccoon) -Machine: Type: Laptop System: Dell product: XPS 15 9570 v: N/A serial: Chassis: - type: 10 serial: - Mobo: Dell model: 02MJVY v: A00 serial: UEFI: Dell v: 1.2.2 date: 06/07/2018 -Memory: RAM: total: 15.28 GiB used: 7.43 GiB (48.6%) - Array-1: capacity: 32 GiB slots: 2 EC: None max-module-size: 16 GiB note: est. - Device-1: DIMM A size: 8 GiB speed: 2667 MT/s type: DDR4 detail: synchronous - bus-width: 64 bits total: 64 bits manufacturer: 80AD000080AD part-no: HMA81GS6AFR8N-VK - serial: - Device-2: DIMM B size: 8 GiB speed: 2667 MT/s type: DDR4 detail: synchronous - bus-width: 64 bits total: 64 bits manufacturer: 80AD000080AD part-no: HMA81GS6AFR8N-VK - serial: -PCI Slots: Slot: 0 type: x16 PCI Express J6B2 status: In Use length: Long - Slot: 1 type: x1 PCI Express J6B1 status: Available length: Short - Slot: 2 type: x1 PCI Express J6D1 status: Available length: Short - Slot: 3 type: x1 PCI Express J7B1 status: Available length: Short - Slot: 4 type: x1 PCI Express J8B4 status: In Use length: Short - Slot: 5 type: x1 PCI Express J8D1 status: Available length: Short - Slot: 6 type: x1 PCI Express J8D2 status: Available length: Short - Slot: 7 type: 32-bit PCI J8B3 status: Available length: Short -CPU: Info: 6-Core model: Intel Core i7-8750H socket: U3E1 bits: 64 type: MT MCP - arch: Kaby Lake note: check family: 6 model-id: 9E (158) stepping: A (10) microcode: F0 - cache: L2: 9 MiB - flags: avx avx2 lm nx pae sse sse2 sse3 sse4_1 sse4_2 ssse3 vmx bogomips: 52799 - Speed: 900 MHz min/max: 800/4100 MHz base/boost: 2300/8300 volts: 0.9 V - ext-clock: 100 MHz Core speeds (MHz): 1: 900 2: 900 3: 900 4: 900 5: 901 6: 900 7: 900 - 8: 2200 9: 893 10: 900 11: 900 12: 901 - Vulnerabilities: Type: itlb_multihit status: KVM: VMX disabled - Type: l1tf mitigation: PTE Inversion; VMX: conditional cache flushes, SMT vulnerable - Type: mds mitigation: Clear CPU buffers; SMT vulnerable - Type: meltdown mitigation: PTI - Type: mmio_stale_data mitigation: Clear CPU buffers; SMT vulnerable - Type: retbleed mitigation: IBRS - Type: spec_store_bypass mitigation: Speculative Store Bypass disabled via prctl - Type: spectre_v1 mitigation: usercopy/swapgs barriers and __user pointer sanitization - Type: spectre_v2 mitigation: IBRS, IBPB: conditional, STIBP: conditional, RSB filling, - PBRSB-eIBRS: Not affected - Type: srbds mitigation: Microcode - Type: tsx_async_abort status: Not affected -Graphics: Device-1: Intel CoffeeLake-H GT2 [UHD Graphics 630] vendor: Dell driver: i915 v: kernel - bus-ID: 00:02.0 chip-ID: 8086:3e9b class-ID: 0300 - Device-2: NVIDIA GP107M [GeForce GTX 1050 Ti Mobile] vendor: Dell driver: nvidia - v: 520.56.06 alternate: nvidiafb,nouveau,nvidia_drm bus-ID: 01:00.0 chip-ID: 10de:1c8c - class-ID: 0302 - Device-3: Microdia Integrated_Webcam_HD type: USB driver: uvcvideo bus-ID: 1-12:8 - chip-ID: 0c45:671d class-ID: 0e02 - Display: server: X.org 1.20.14 driver: loaded: modesetting alternate: fbdev,intel,vesa - tty: 188x46 - Message: Advanced graphics data unavailable in console for root. -Audio: Device-1: Intel Cannon Lake PCH cAVS vendor: Dell driver: snd_hda_intel v: kernel - alternate: snd_soc_skl,snd_sof_pci_intel_cnl bus-ID: 00:1f.3 chip-ID: 8086:a348 - class-ID: 0403 - Device-2: Generalplus Nor-Tec streaming mic type: USB - driver: hid-generic,snd-usb-audio,usbhid bus-ID: 1-2:3 chip-ID: 1b3f:0329 - class-ID: 0300 serial: - Sound Server-1: ALSA v: k6.1.20 running: yes - Sound Server-2: PulseAudio v: 16.1 running: yes -Network: Device-1: Qualcomm Atheros QCA6174 802.11ac Wireless Network Adapter - vendor: Rivet Networks driver: ath10k_pci v: kernel port: 3000 bus-ID: 3b:00.0 - chip-ID: 168c:003e class-ID: 0280 - IF: wlp59s0 state: up mac: - IP v4: type: dynamic noprefixroute scope: global broadcast: - IP v6: type: noprefixroute scope: link - WAN IP: -Bluetooth: Device-1: Qualcomm Atheros QCA61x4 Bluetooth 4.0 type: USB driver: btusb v: 0.8 - bus-ID: 1-4:5 chip-ID: 0cf3:e300 class-ID: e001 - Report: rfkill ID: hci0 rfk-id: 0 state: down bt-service: not found rfk-block: - hardware: no software: no address: see --recommends -RAID: Device-1: zroot type: zfs status: ONLINE level: linear size: 464 GiB free: 412 GiB - allocated: 52.2 GiB - Components: Online: N/A -Drives: Local Storage: total: raw: 476.94 GiB usable: 940.94 GiB used: 52.39 GiB (5.6%) - ID-1: /dev/nvme0n1 maj-min: 259:0 vendor: Toshiba model: KXG50ZNV512G NVMe 512GB - size: 476.94 GiB block-size: physical: 512 B logical: 512 B speed: 31.6 Gb/s lanes: 4 - rotation: SSD serial: rev: AADA4105 temp: 31 Celsius C scheme: GPT - SMART: yes health: PASSED on: 1y 106d 12h cycles: 1,737 - read-units: 16,206,246 [8.29 TB] written-units: 40,926,951 [20.9 TB] -Partition: ID-1: / raw-size: N/A size: 417.31 GiB used: 19.89 GiB (4.8%) fs: zfs - logical: zroot/private/root - ID-2: /boot raw-size: 1024 MiB size: 1022 MiB (99.80%) used: 324.1 MiB (31.7%) fs: vfat - block-size: 512 B dev: /dev/nvme0n1p1 maj-min: 259:1 -Swap: Kernel: swappiness: 60 (default) cache-pressure: 100 (default) - ID-1: swap-1 type: partition size: 8 GiB used: 0 KiB (0.0%) priority: -2 - dev: /dev/nvme0n1p2 maj-min: 259:2 -Sensors: System Temperatures: cpu: 56.0 C mobo: 34.0 C sodimm: SODIMM C - Fan Speeds (RPM): cpu: 2496 -Info: Processes: 332 Uptime: N/A wakeups: 1 Init: systemd v: 251 target: graphical.target - tool: systemctl Compilers: gcc: 11.3.0 Packages: 1387 nix-default: 277 lib: 1 +System: Kernel: 6.1.20 x86_64 bits: 64 compiler: gcc v: 11.3.0 + parameters: initrd=~efi~nixos~apvzr1n6s8rb50k3p32a21wi1lqdm6fa-initrd-linux-6.1.20-initrd.efi + init=/nix/store/j9px2qfbcnki7rj6cw25bvm89c94rngq-nixos-system-badxps-22.11.20230320.e2c9779/init + mem_sleep_default=deep nouveau.blacklist=0 acpi_osi=! acpi_osi="Windows 2015" + acpi_backlight=vendor nohibernate loglevel=4 nvidia-drm.modeset=1 + Console: tty pts/1 DM: LightDM 1.32.0 Distro: NixOS 22.11 (Raccoon) +Machine: Type: Laptop System: Dell product: XPS 15 9570 v: N/A serial: Chassis: + type: 10 serial: + Mobo: Dell model: 02MJVY v: A00 serial: UEFI: Dell v: 1.2.2 date: 06/07/2018 +Memory: RAM: total: 15.28 GiB used: 7.43 GiB (48.6%) + Array-1: capacity: 32 GiB slots: 2 EC: None max-module-size: 16 GiB note: est. + Device-1: DIMM A size: 8 GiB speed: 2667 MT/s type: DDR4 detail: synchronous + bus-width: 64 bits total: 64 bits manufacturer: 80AD000080AD part-no: HMA81GS6AFR8N-VK + serial: + Device-2: DIMM B size: 8 GiB speed: 2667 MT/s type: DDR4 detail: synchronous + bus-width: 64 bits total: 64 bits manufacturer: 80AD000080AD part-no: HMA81GS6AFR8N-VK + serial: +PCI Slots: Slot: 0 type: x16 PCI Express J6B2 status: In Use length: Long + Slot: 1 type: x1 PCI Express J6B1 status: Available length: Short + Slot: 2 type: x1 PCI Express J6D1 status: Available length: Short + Slot: 3 type: x1 PCI Express J7B1 status: Available length: Short + Slot: 4 type: x1 PCI Express J8B4 status: In Use length: Short + Slot: 5 type: x1 PCI Express J8D1 status: Available length: Short + Slot: 6 type: x1 PCI Express J8D2 status: Available length: Short + Slot: 7 type: 32-bit PCI J8B3 status: Available length: Short +CPU: Info: 6-Core model: Intel Core i7-8750H socket: U3E1 bits: 64 type: MT MCP + arch: Kaby Lake note: check family: 6 model-id: 9E (158) stepping: A (10) microcode: F0 + cache: L2: 9 MiB + flags: avx avx2 lm nx pae sse sse2 sse3 sse4_1 sse4_2 ssse3 vmx bogomips: 52799 + Speed: 900 MHz min/max: 800/4100 MHz base/boost: 2300/8300 volts: 0.9 V + ext-clock: 100 MHz Core speeds (MHz): 1: 900 2: 900 3: 900 4: 900 5: 901 6: 900 7: 900 + 8: 2200 9: 893 10: 900 11: 900 12: 901 + Vulnerabilities: Type: itlb_multihit status: KVM: VMX disabled + Type: l1tf mitigation: PTE Inversion; VMX: conditional cache flushes, SMT vulnerable + Type: mds mitigation: Clear CPU buffers; SMT vulnerable + Type: meltdown mitigation: PTI + Type: mmio_stale_data mitigation: Clear CPU buffers; SMT vulnerable + Type: retbleed mitigation: IBRS + Type: spec_store_bypass mitigation: Speculative Store Bypass disabled via prctl + Type: spectre_v1 mitigation: usercopy/swapgs barriers and __user pointer sanitization + Type: spectre_v2 mitigation: IBRS, IBPB: conditional, STIBP: conditional, RSB filling, + PBRSB-eIBRS: Not affected + Type: srbds mitigation: Microcode + Type: tsx_async_abort status: Not affected +Graphics: Device-1: Intel CoffeeLake-H GT2 [UHD Graphics 630] vendor: Dell driver: i915 v: kernel + bus-ID: 00:02.0 chip-ID: 8086:3e9b class-ID: 0300 + Device-2: NVIDIA GP107M [GeForce GTX 1050 Ti Mobile] vendor: Dell driver: nvidia + v: 520.56.06 alternate: nvidiafb,nouveau,nvidia_drm bus-ID: 01:00.0 chip-ID: 10de:1c8c + class-ID: 0302 + Device-3: Microdia Integrated_Webcam_HD type: USB driver: uvcvideo bus-ID: 1-12:8 + chip-ID: 0c45:671d class-ID: 0e02 + Display: server: X.org 1.20.14 driver: loaded: modesetting alternate: fbdev,intel,vesa + tty: 188x46 + Message: Advanced graphics data unavailable in console for root. +Audio: Device-1: Intel Cannon Lake PCH cAVS vendor: Dell driver: snd_hda_intel v: kernel + alternate: snd_soc_skl,snd_sof_pci_intel_cnl bus-ID: 00:1f.3 chip-ID: 8086:a348 + class-ID: 0403 + Device-2: Generalplus Nor-Tec streaming mic type: USB + driver: hid-generic,snd-usb-audio,usbhid bus-ID: 1-2:3 chip-ID: 1b3f:0329 + class-ID: 0300 serial: + Sound Server-1: ALSA v: k6.1.20 running: yes + Sound Server-2: PulseAudio v: 16.1 running: yes +Network: Device-1: Qualcomm Atheros QCA6174 802.11ac Wireless Network Adapter + vendor: Rivet Networks driver: ath10k_pci v: kernel port: 3000 bus-ID: 3b:00.0 + chip-ID: 168c:003e class-ID: 0280 + IF: wlp59s0 state: up mac: + IP v4: type: dynamic noprefixroute scope: global broadcast: + IP v6: type: noprefixroute scope: link + WAN IP: +Bluetooth: Device-1: Qualcomm Atheros QCA61x4 Bluetooth 4.0 type: USB driver: btusb v: 0.8 + bus-ID: 1-4:5 chip-ID: 0cf3:e300 class-ID: e001 + Report: rfkill ID: hci0 rfk-id: 0 state: down bt-service: not found rfk-block: + hardware: no software: no address: see --recommends +RAID: Device-1: zroot type: zfs status: ONLINE level: linear size: 464 GiB free: 412 GiB + allocated: 52.2 GiB + Components: Online: N/A +Drives: Local Storage: total: raw: 476.94 GiB usable: 940.94 GiB used: 52.39 GiB (5.6%) + ID-1: /dev/nvme0n1 maj-min: 259:0 vendor: Toshiba model: KXG50ZNV512G NVMe 512GB + size: 476.94 GiB block-size: physical: 512 B logical: 512 B speed: 31.6 Gb/s lanes: 4 + rotation: SSD serial: rev: AADA4105 temp: 31 Celsius C scheme: GPT + SMART: yes health: PASSED on: 1y 106d 12h cycles: 1,737 + read-units: 16,206,246 [8.29 TB] written-units: 40,926,951 [20.9 TB] +Partition: ID-1: / raw-size: N/A size: 417.31 GiB used: 19.89 GiB (4.8%) fs: zfs + logical: zroot/private/root + ID-2: /boot raw-size: 1024 MiB size: 1022 MiB (99.80%) used: 324.1 MiB (31.7%) fs: vfat + block-size: 512 B dev: /dev/nvme0n1p1 maj-min: 259:1 +Swap: Kernel: swappiness: 60 (default) cache-pressure: 100 (default) + ID-1: swap-1 type: partition size: 8 GiB used: 0 KiB (0.0%) priority: -2 + dev: /dev/nvme0n1p2 maj-min: 259:2 +Sensors: System Temperatures: cpu: 56.0 C mobo: 34.0 C sodimm: SODIMM C + Fan Speeds (RPM): cpu: 2496 +Info: Processes: 332 Uptime: N/A wakeups: 1 Init: systemd v: 251 target: graphical.target + tool: systemctl Compilers: gcc: 11.3.0 Packages: 1387 nix-default: 277 lib: 1 nix-sys: 833 lib: 214 nix-usr: 277 lib: 31 Client: Sudo v: 1.9.13p3 inxi: 3.3.04 ``` - + [comment]: (< Chassis: - type: 10 serial: - Mobo: Dell model: 02MJVY v: A00 serial: UEFI: Dell v: 1.2.2 date: 06/07/2018 -Memory: RAM: total: 15.28 GiB used: 7.43 GiB (48.6%) - Array-1: capacity: 32 GiB slots: 2 EC: None max-module-size: 16 GiB note: est. - Device-1: DIMM A size: 8 GiB speed: 2667 MT/s type: DDR4 detail: synchronous - bus-width: 64 bits total: 64 bits manufacturer: 80AD000080AD part-no: HMA81GS6AFR8N-VK - serial: - Device-2: DIMM B size: 8 GiB speed: 2667 MT/s type: DDR4 detail: synchronous - bus-width: 64 bits total: 64 bits manufacturer: 80AD000080AD part-no: HMA81GS6AFR8N-VK - serial: -PCI Slots: Slot: 0 type: x16 PCI Express J6B2 status: In Use length: Long - Slot: 1 type: x1 PCI Express J6B1 status: Available length: Short - Slot: 2 type: x1 PCI Express J6D1 status: Available length: Short - Slot: 3 type: x1 PCI Express J7B1 status: Available length: Short - Slot: 4 type: x1 PCI Express J8B4 status: In Use length: Short - Slot: 5 type: x1 PCI Express J8D1 status: Available length: Short - Slot: 6 type: x1 PCI Express J8D2 status: Available length: Short - Slot: 7 type: 32-bit PCI J8B3 status: Available length: Short -CPU: Info: 6-Core model: Intel Core i7-8750H socket: U3E1 bits: 64 type: MT MCP - arch: Kaby Lake note: check family: 6 model-id: 9E (158) stepping: A (10) microcode: F0 - cache: L2: 9 MiB - flags: avx avx2 lm nx pae sse sse2 sse3 sse4_1 sse4_2 ssse3 vmx bogomips: 52799 - Speed: 900 MHz min/max: 800/4100 MHz base/boost: 2300/8300 volts: 0.9 V - ext-clock: 100 MHz Core speeds (MHz): 1: 900 2: 900 3: 900 4: 900 5: 901 6: 900 7: 900 - 8: 2200 9: 893 10: 900 11: 900 12: 901 - Vulnerabilities: Type: itlb_multihit status: KVM: VMX disabled - Type: l1tf mitigation: PTE Inversion; VMX: conditional cache flushes, SMT vulnerable - Type: mds mitigation: Clear CPU buffers; SMT vulnerable - Type: meltdown mitigation: PTI - Type: mmio_stale_data mitigation: Clear CPU buffers; SMT vulnerable - Type: retbleed mitigation: IBRS - Type: spec_store_bypass mitigation: Speculative Store Bypass disabled via prctl - Type: spectre_v1 mitigation: usercopy/swapgs barriers and __user pointer sanitization - Type: spectre_v2 mitigation: IBRS, IBPB: conditional, STIBP: conditional, RSB filling, - PBRSB-eIBRS: Not affected - Type: srbds mitigation: Microcode - Type: tsx_async_abort status: Not affected -Graphics: Device-1: Intel CoffeeLake-H GT2 [UHD Graphics 630] vendor: Dell driver: i915 v: kernel - bus-ID: 00:02.0 chip-ID: 8086:3e9b class-ID: 0300 - Device-2: NVIDIA GP107M [GeForce GTX 1050 Ti Mobile] vendor: Dell driver: nvidia - v: 520.56.06 alternate: nvidiafb,nouveau,nvidia_drm bus-ID: 01:00.0 chip-ID: 10de:1c8c - class-ID: 0302 - Device-3: Microdia Integrated_Webcam_HD type: USB driver: uvcvideo bus-ID: 1-12:8 - chip-ID: 0c45:671d class-ID: 0e02 - Display: server: X.org 1.20.14 driver: loaded: modesetting alternate: fbdev,intel,vesa - tty: 188x46 - Message: Advanced graphics data unavailable in console for root. -Audio: Device-1: Intel Cannon Lake PCH cAVS vendor: Dell driver: snd_hda_intel v: kernel - alternate: snd_soc_skl,snd_sof_pci_intel_cnl bus-ID: 00:1f.3 chip-ID: 8086:a348 - class-ID: 0403 - Device-2: Generalplus Nor-Tec streaming mic type: USB - driver: hid-generic,snd-usb-audio,usbhid bus-ID: 1-2:3 chip-ID: 1b3f:0329 - class-ID: 0300 serial: - Sound Server-1: ALSA v: k6.1.20 running: yes - Sound Server-2: PulseAudio v: 16.1 running: yes -Network: Device-1: Qualcomm Atheros QCA6174 802.11ac Wireless Network Adapter - vendor: Rivet Networks driver: ath10k_pci v: kernel port: 3000 bus-ID: 3b:00.0 - chip-ID: 168c:003e class-ID: 0280 - IF: wlp59s0 state: up mac: - IP v4: type: dynamic noprefixroute scope: global broadcast: - IP v6: type: noprefixroute scope: link - WAN IP: -Bluetooth: Device-1: Qualcomm Atheros QCA61x4 Bluetooth 4.0 type: USB driver: btusb v: 0.8 - bus-ID: 1-4:5 chip-ID: 0cf3:e300 class-ID: e001 - Report: rfkill ID: hci0 rfk-id: 0 state: down bt-service: not found rfk-block: - hardware: no software: no address: see --recommends -RAID: Device-1: zroot type: zfs status: ONLINE level: linear size: 464 GiB free: 412 GiB - allocated: 52.2 GiB - Components: Online: N/A -Drives: Local Storage: total: raw: 476.94 GiB usable: 940.94 GiB used: 52.39 GiB (5.6%) - ID-1: /dev/nvme0n1 maj-min: 259:0 vendor: Toshiba model: KXG50ZNV512G NVMe 512GB - size: 476.94 GiB block-size: physical: 512 B logical: 512 B speed: 31.6 Gb/s lanes: 4 - rotation: SSD serial: rev: AADA4105 temp: 31 Celsius C scheme: GPT - SMART: yes health: PASSED on: 1y 106d 12h cycles: 1,737 - read-units: 16,206,246 [8.29 TB] written-units: 40,926,951 [20.9 TB] -Partition: ID-1: / raw-size: N/A size: 417.31 GiB used: 19.89 GiB (4.8%) fs: zfs - logical: zroot/private/root - ID-2: /boot raw-size: 1024 MiB size: 1022 MiB (99.80%) used: 324.1 MiB (31.7%) fs: vfat - block-size: 512 B dev: /dev/nvme0n1p1 maj-min: 259:1 -Swap: Kernel: swappiness: 60 (default) cache-pressure: 100 (default) - ID-1: swap-1 type: partition size: 8 GiB used: 0 KiB (0.0%) priority: -2 - dev: /dev/nvme0n1p2 maj-min: 259:2 -Sensors: System Temperatures: cpu: 56.0 C mobo: 34.0 C sodimm: SODIMM C - Fan Speeds (RPM): cpu: 2496 -Info: Processes: 332 Uptime: N/A wakeups: 1 Init: systemd v: 251 target: graphical.target - tool: systemctl Compilers: gcc: 11.3.0 Packages: 1387 nix-default: 277 lib: 1 - nix-sys: 833 lib: 214 nix-usr: 277 lib: 31 Client: Sudo v: 1.9.13p3 inxi: 3.3.04 +System: Kernel: 6.1.20 x86_64 bits: 64 compiler: gcc v: 11.3.0 + parameters: initrd=\efi\nixos\apvzr1n6s8rb50k3p32a21wi1lqdm6fa-initrd-linux-6.1.20-initrd.efi + init=/nix/store/j9px2qfbcnki7rj6cw25bvm89c94rngq-nixos-system-badxps-22.11.20230320.e2c9779/init + mem_sleep_default=deep nouveau.blacklist=0 acpi_osi=! acpi_osi="Windows 2015" + acpi_backlight=vendor nohibernate loglevel=4 nvidia-drm.modeset=1 + Console: tty pts/1 DM: LightDM 1.32.0 Distro: NixOS 22.11 (Raccoon) +Machine: Type: Laptop System: Dell product: XPS 15 9570 v: N/A serial: Chassis: + type: 10 serial: + Mobo: Dell model: 02MJVY v: A00 serial: UEFI: Dell v: 1.2.2 date: 06/07/2018 +Memory: RAM: total: 15.28 GiB used: 7.43 GiB (48.6%) + Array-1: capacity: 32 GiB slots: 2 EC: None max-module-size: 16 GiB note: est. + Device-1: DIMM A size: 8 GiB speed: 2667 MT/s type: DDR4 detail: synchronous + bus-width: 64 bits total: 64 bits manufacturer: 80AD000080AD part-no: HMA81GS6AFR8N-VK + serial: + Device-2: DIMM B size: 8 GiB speed: 2667 MT/s type: DDR4 detail: synchronous + bus-width: 64 bits total: 64 bits manufacturer: 80AD000080AD part-no: HMA81GS6AFR8N-VK + serial: +PCI Slots: Slot: 0 type: x16 PCI Express J6B2 status: In Use length: Long + Slot: 1 type: x1 PCI Express J6B1 status: Available length: Short + Slot: 2 type: x1 PCI Express J6D1 status: Available length: Short + Slot: 3 type: x1 PCI Express J7B1 status: Available length: Short + Slot: 4 type: x1 PCI Express J8B4 status: In Use length: Short + Slot: 5 type: x1 PCI Express J8D1 status: Available length: Short + Slot: 6 type: x1 PCI Express J8D2 status: Available length: Short + Slot: 7 type: 32-bit PCI J8B3 status: Available length: Short +CPU: Info: 6-Core model: Intel Core i7-8750H socket: U3E1 bits: 64 type: MT MCP + arch: Kaby Lake note: check family: 6 model-id: 9E (158) stepping: A (10) microcode: F0 + cache: L2: 9 MiB + flags: avx avx2 lm nx pae sse sse2 sse3 sse4_1 sse4_2 ssse3 vmx bogomips: 52799 + Speed: 900 MHz min/max: 800/4100 MHz base/boost: 2300/8300 volts: 0.9 V + ext-clock: 100 MHz Core speeds (MHz): 1: 900 2: 900 3: 900 4: 900 5: 901 6: 900 7: 900 + 8: 2200 9: 893 10: 900 11: 900 12: 901 + Vulnerabilities: Type: itlb_multihit status: KVM: VMX disabled + Type: l1tf mitigation: PTE Inversion; VMX: conditional cache flushes, SMT vulnerable + Type: mds mitigation: Clear CPU buffers; SMT vulnerable + Type: meltdown mitigation: PTI + Type: mmio_stale_data mitigation: Clear CPU buffers; SMT vulnerable + Type: retbleed mitigation: IBRS + Type: spec_store_bypass mitigation: Speculative Store Bypass disabled via prctl + Type: spectre_v1 mitigation: usercopy/swapgs barriers and __user pointer sanitization + Type: spectre_v2 mitigation: IBRS, IBPB: conditional, STIBP: conditional, RSB filling, + PBRSB-eIBRS: Not affected + Type: srbds mitigation: Microcode + Type: tsx_async_abort status: Not affected +Graphics: Device-1: Intel CoffeeLake-H GT2 [UHD Graphics 630] vendor: Dell driver: i915 v: kernel + bus-ID: 00:02.0 chip-ID: 8086:3e9b class-ID: 0300 + Device-2: NVIDIA GP107M [GeForce GTX 1050 Ti Mobile] vendor: Dell driver: nvidia + v: 520.56.06 alternate: nvidiafb,nouveau,nvidia_drm bus-ID: 01:00.0 chip-ID: 10de:1c8c + class-ID: 0302 + Device-3: Microdia Integrated_Webcam_HD type: USB driver: uvcvideo bus-ID: 1-12:8 + chip-ID: 0c45:671d class-ID: 0e02 + Display: server: X.org 1.20.14 driver: loaded: modesetting alternate: fbdev,intel,vesa + tty: 188x46 + Message: Advanced graphics data unavailable in console for root. +Audio: Device-1: Intel Cannon Lake PCH cAVS vendor: Dell driver: snd_hda_intel v: kernel + alternate: snd_soc_skl,snd_sof_pci_intel_cnl bus-ID: 00:1f.3 chip-ID: 8086:a348 + class-ID: 0403 + Device-2: Generalplus Nor-Tec streaming mic type: USB + driver: hid-generic,snd-usb-audio,usbhid bus-ID: 1-2:3 chip-ID: 1b3f:0329 + class-ID: 0300 serial: + Sound Server-1: ALSA v: k6.1.20 running: yes + Sound Server-2: PulseAudio v: 16.1 running: yes +Network: Device-1: Qualcomm Atheros QCA6174 802.11ac Wireless Network Adapter + vendor: Rivet Networks driver: ath10k_pci v: kernel port: 3000 bus-ID: 3b:00.0 + chip-ID: 168c:003e class-ID: 0280 + IF: wlp59s0 state: up mac: + IP v4: type: dynamic noprefixroute scope: global broadcast: + IP v6: type: noprefixroute scope: link + WAN IP: +Bluetooth: Device-1: Qualcomm Atheros QCA61x4 Bluetooth 4.0 type: USB driver: btusb v: 0.8 + bus-ID: 1-4:5 chip-ID: 0cf3:e300 class-ID: e001 + Report: rfkill ID: hci0 rfk-id: 0 state: down bt-service: not found rfk-block: + hardware: no software: no address: see --recommends +RAID: Device-1: zroot type: zfs status: ONLINE level: linear size: 464 GiB free: 412 GiB + allocated: 52.2 GiB + Components: Online: N/A +Drives: Local Storage: total: raw: 476.94 GiB usable: 940.94 GiB used: 52.39 GiB (5.6%) + ID-1: /dev/nvme0n1 maj-min: 259:0 vendor: Toshiba model: KXG50ZNV512G NVMe 512GB + size: 476.94 GiB block-size: physical: 512 B logical: 512 B speed: 31.6 Gb/s lanes: 4 + rotation: SSD serial: rev: AADA4105 temp: 31 Celsius C scheme: GPT + SMART: yes health: PASSED on: 1y 106d 12h cycles: 1,737 + read-units: 16,206,246 [8.29 TB] written-units: 40,926,951 [20.9 TB] +Partition: ID-1: / raw-size: N/A size: 417.31 GiB used: 19.89 GiB (4.8%) fs: zfs + logical: zroot/private/root + ID-2: /boot raw-size: 1024 MiB size: 1022 MiB (99.80%) used: 324.1 MiB (31.7%) fs: vfat + block-size: 512 B dev: /dev/nvme0n1p1 maj-min: 259:1 +Swap: Kernel: swappiness: 60 (default) cache-pressure: 100 (default) + ID-1: swap-1 type: partition size: 8 GiB used: 0 KiB (0.0%) priority: -2 + dev: /dev/nvme0n1p2 maj-min: 259:2 +Sensors: System Temperatures: cpu: 56.0 C mobo: 34.0 C sodimm: SODIMM C + Fan Speeds (RPM): cpu: 2496 +Info: Processes: 332 Uptime: N/A wakeups: 1 Init: systemd v: 251 target: graphical.target + tool: systemctl Compilers: gcc: 11.3.0 Packages: 1387 nix-default: 277 lib: 1 + nix-sys: 833 lib: 214 nix-usr: 277 lib: 31 Client: Sudo v: 1.9.13p3 inxi: 3.3.04 diff --git a/docs/hosts/badxps/nix.txt b/docs/hosts/badxps/nix.txt index d606256..c0ecc7e 100644 --- a/docs/hosts/badxps/nix.txt +++ b/docs/hosts/badxps/nix.txt @@ -4,4 +4,3 @@ - sandbox: `yes` - version: `nix-env (Nix) 2.11.1` - nixpkgs: `/nix/var/nix/profiles/per-user/root/channels/nixos` - diff --git a/docs/hosts/badxps/scan.json b/docs/hosts/badxps/scan.json index 29e71dc..ef1e9f9 100644 --- a/docs/hosts/badxps/scan.json +++ b/docs/hosts/badxps/scan.json @@ -8,4 +8,4 @@ "@extrainfo": "protocol 2.0" } } -] \ No newline at end of file +] diff --git a/docs/hosts/badxps/summaries.json b/docs/hosts/badxps/summaries.json index 1ab0c11..0dd2d74 100644 --- a/docs/hosts/badxps/summaries.json +++ b/docs/hosts/badxps/summaries.json @@ -9,4 +9,4 @@ "bits": "64", "bogomips": 4399 } -} \ No newline at end of file +} diff --git a/docs/hosts/bedroom-googlemini-A.md b/docs/hosts/bedroom-googlemini-A.md index 7cdd02a..82ffc89 100644 --- a/docs/hosts/bedroom-googlemini-A.md +++ b/docs/hosts/bedroom-googlemini-A.md @@ -17,6 +17,6 @@ This page generated with `inv docs.all-pages` |10001|tcp|scp-config||| - -[comment]: (<bootstore Open source home automation [service port 8123] - + ### Scan | Port | Proto | Service | Product | Extra info | @@ -97,7 +97,7 @@ This page generated with `inv docs.all-pages` |9100|tcp|jetdirect||| - + ### Config ```text @@ -108,103 +108,103 @@ RAM : 8 Go Go DISK : 3.64 TiB Go KERNEL : 5.15.86 ``` - + ### Topologie ![hardware topology](https://raw.githubusercontent.com/badele/nix-homelab/master/docs/hosts/bootstore/topologie.svg) - - + + ### Hardwares ``` -System: Kernel: 5.15.86 x86_64 bits: 64 compiler: gcc v: 11.3.0 - parameters: BOOT_IMAGE=(hd0,msdos1)//kernels/2dgaqj44642crwhnjyisgq93nqhf9xqh-linux-5.15.86-bzImage - init=/nix/store/v4vrhjf417pxlvi81d0dwdj8ha4bzp5b-nixos-system-bootstore-23.05.20230105.a518c77/init - nohibernate loglevel=4 - Console: N/A Distro: NixOS 23.05 (Stoat) -Machine: Type: Desktop System: HP product: ProLiant MicroServer v: N/A serial: Chassis: - type: 7 serial: N/A - Mobo: N/A model: N/A serial: N/A BIOS: HP v: O41 date: 07/29/2011 -Memory: RAM: total: 7.65 GiB used: 6.03 GiB (78.8%) - Array-1: capacity: 8 GiB slots: 2 EC: Single-bit ECC max-module-size: 4 GiB note: est. - Device-1: DIMM0 size: 4 GiB speed: 1333 MT/s type: Other detail: synchronous - bus-width: 64 bits total: 72 bits manufacturer: N/A part-no: N/A serial: N/A - Device-2: DIMM1 size: 4 GiB speed: 1333 MT/s type: Other detail: synchronous - bus-width: 64 bits total: 72 bits manufacturer: N/A part-no: N/A serial: N/A -PCI Slots: Slot: 1 type: x16 PCI Express PCIE1-J5 status: Available length: Short - Slot: 2 type: x1 PCI Express PCIE2-J6 status: Available length: Short -CPU: Info: Dual Core model: AMD Turion II Neo N40L bits: 64 type: MCP arch: K10 - family: 10 (16) model-id: 6 stepping: 3 microcode: 10000C8 cache: L1: 256 KiB L2: 2 MiB - flags: lm nx pae sse sse2 sse3 sse4a svm bogomips: 5989 - Speed: 1500 MHz min/max: 800/1500 MHz base/boost: 1500/2200 volts: 1.1 V - ext-clock: 200 MHz Core speeds (MHz): 1: 1500 2: 1500 - Vulnerabilities: Type: itlb_multihit status: Not affected - Type: l1tf status: Not affected - Type: mds status: Not affected - Type: meltdown status: Not affected - Type: mmio_stale_data status: Not affected - Type: retbleed status: Not affected - Type: spec_store_bypass status: Not affected - Type: spectre_v1 mitigation: usercopy/swapgs barriers and __user pointer sanitization - Type: spectre_v2 - mitigation: Retpolines, STIBP: disabled, RSB filling, PBRSB-eIBRS: Not affected - Type: srbds status: Not affected - Type: tsx_async_abort status: Not affected -Graphics: Device-1: AMD RS880M [Mobility Radeon HD 4225/4250] - vendor: Hewlett-Packard ProLiant MicroServer N36L driver: radeon v: kernel - bus-ID: 01:05.0 chip-ID: 1002:9712 class-ID: 0300 - Display: server: No display server data found. Headless machine? tty: N/A - Message: Advanced graphics data unavailable in console for root. -Audio: Message: No device data found. -Network: Device-1: Broadcom NetXtreme BCM5723 Gigabit Ethernet PCIe - vendor: Hewlett-Packard NC107i Server driver: tg3 v: kernel port: e000 bus-ID: 02:00.0 - chip-ID: 14e4:165b class-ID: 0200 - IF: enp2s0 state: up speed: 1000 Mbps duplex: full mac: - IP v4: scope: global - IF-ID-1: docker0 state: up speed: 10000 Mbps duplex: unknown mac: - IP v4: scope: global broadcast: - IF-ID-2: veth2f8670e state: up speed: 10000 Mbps duplex: full mac: - IF-ID-3: veth3e4c9b1 state: up speed: 10000 Mbps duplex: full mac: - IF-ID-4: veth4420c24 state: up speed: 10000 Mbps duplex: full mac: - WAN IP: -RAID: Device-1: zroot type: zfs status: ONLINE level: mirror-0 size: 1.8 TiB free: 1.77 TiB - allocated: 30.9 GiB - Components: Online: N/A -Drives: Local Storage: total: raw: 3.64 TiB usable: 5.44 TiB used: 31.02 GiB (0.6%) - ID-1: /dev/sda maj-min: 8:0 vendor: Seagate model: ST2000DM001-1ER164 - family: Barracuda 7200.14 (AF) size: 1.82 TiB block-size: physical: 4096 B - logical: 512 B sata: 3.1 speed: 3.0 Gb/s rotation: 7200 rpm serial: rev: CC25 - temp: 30 C scheme: MBR - SMART: yes state: enabled health: PASSED on: 2y 254d 3h cycles: 56 read: 67.5 TiB - written: 25.45 TiB Pre-Fail: attribute: Spin_Retry_Count value: 100 worst: 100 - threshold: 97 - ID-2: /dev/sdb maj-min: 8:16 vendor: Seagate model: ST2000DM008-2FR102 - family: BarraCuda 3.5 (SMR) size: 1.82 TiB block-size: physical: 4096 B logical: 512 B - sata: 3.1 speed: 3.0 Gb/s rotation: 7200 rpm serial: rev: 0001 temp: 32 C - scheme: MBR - SMART: yes state: enabled health: PASSED on: 126d 12h cycles: 16 read: 272.8 GiB - written: 6.13 TiB Pre-Fail: attribute: Spin_Retry_Count value: 100 worst: 100 - threshold: 97 -Partition: ID-1: / raw-size: N/A size: 1.72 TiB used: 5.18 GiB (0.3%) fs: zfs - logical: zroot/public/root - ID-2: /boot raw-size: 1024 MiB size: 1022 MiB (99.80%) used: 127.7 MiB (12.5%) fs: vfat - block-size: 512 B dev: /dev/sda1 maj-min: 8:1 -Swap: Kernel: swappiness: 60 (default) cache-pressure: 100 (default) - ID-1: swap-1 type: partition size: 8 GiB used: 18.3 MiB (0.2%) priority: -2 - dev: /dev/sdb2 maj-min: 8:18 - ID-2: swap-2 type: partition size: 8 GiB used: 0 KiB (0.0%) priority: -3 dev: /dev/sda2 - maj-min: 8:2 -Sensors: System Temperatures: cpu: 47.2 C mobo: N/A - Fan Speeds (RPM): N/A -Info: Processes: 212 - Uptime: 08:30:36 up 45 days 13:23, 0 users, load average: 1.17, 1.08, 1.00 - wakeups: 0 Init: systemd v: 253 target: multi-user.target tool: systemctl Compilers: - gcc: 11.3.0 Packages: nix-default: 0 nix-sys: 637 lib: 144 nix-usr: 0 Client: Sudo +System: Kernel: 5.15.86 x86_64 bits: 64 compiler: gcc v: 11.3.0 + parameters: BOOT_IMAGE=(hd0,msdos1)//kernels/2dgaqj44642crwhnjyisgq93nqhf9xqh-linux-5.15.86-bzImage + init=/nix/store/v4vrhjf417pxlvi81d0dwdj8ha4bzp5b-nixos-system-bootstore-23.05.20230105.a518c77/init + nohibernate loglevel=4 + Console: N/A Distro: NixOS 23.05 (Stoat) +Machine: Type: Desktop System: HP product: ProLiant MicroServer v: N/A serial: Chassis: + type: 7 serial: N/A + Mobo: N/A model: N/A serial: N/A BIOS: HP v: O41 date: 07/29/2011 +Memory: RAM: total: 7.65 GiB used: 6.03 GiB (78.8%) + Array-1: capacity: 8 GiB slots: 2 EC: Single-bit ECC max-module-size: 4 GiB note: est. + Device-1: DIMM0 size: 4 GiB speed: 1333 MT/s type: Other detail: synchronous + bus-width: 64 bits total: 72 bits manufacturer: N/A part-no: N/A serial: N/A + Device-2: DIMM1 size: 4 GiB speed: 1333 MT/s type: Other detail: synchronous + bus-width: 64 bits total: 72 bits manufacturer: N/A part-no: N/A serial: N/A +PCI Slots: Slot: 1 type: x16 PCI Express PCIE1-J5 status: Available length: Short + Slot: 2 type: x1 PCI Express PCIE2-J6 status: Available length: Short +CPU: Info: Dual Core model: AMD Turion II Neo N40L bits: 64 type: MCP arch: K10 + family: 10 (16) model-id: 6 stepping: 3 microcode: 10000C8 cache: L1: 256 KiB L2: 2 MiB + flags: lm nx pae sse sse2 sse3 sse4a svm bogomips: 5989 + Speed: 1500 MHz min/max: 800/1500 MHz base/boost: 1500/2200 volts: 1.1 V + ext-clock: 200 MHz Core speeds (MHz): 1: 1500 2: 1500 + Vulnerabilities: Type: itlb_multihit status: Not affected + Type: l1tf status: Not affected + Type: mds status: Not affected + Type: meltdown status: Not affected + Type: mmio_stale_data status: Not affected + Type: retbleed status: Not affected + Type: spec_store_bypass status: Not affected + Type: spectre_v1 mitigation: usercopy/swapgs barriers and __user pointer sanitization + Type: spectre_v2 + mitigation: Retpolines, STIBP: disabled, RSB filling, PBRSB-eIBRS: Not affected + Type: srbds status: Not affected + Type: tsx_async_abort status: Not affected +Graphics: Device-1: AMD RS880M [Mobility Radeon HD 4225/4250] + vendor: Hewlett-Packard ProLiant MicroServer N36L driver: radeon v: kernel + bus-ID: 01:05.0 chip-ID: 1002:9712 class-ID: 0300 + Display: server: No display server data found. Headless machine? tty: N/A + Message: Advanced graphics data unavailable in console for root. +Audio: Message: No device data found. +Network: Device-1: Broadcom NetXtreme BCM5723 Gigabit Ethernet PCIe + vendor: Hewlett-Packard NC107i Server driver: tg3 v: kernel port: e000 bus-ID: 02:00.0 + chip-ID: 14e4:165b class-ID: 0200 + IF: enp2s0 state: up speed: 1000 Mbps duplex: full mac: + IP v4: scope: global + IF-ID-1: docker0 state: up speed: 10000 Mbps duplex: unknown mac: + IP v4: scope: global broadcast: + IF-ID-2: veth2f8670e state: up speed: 10000 Mbps duplex: full mac: + IF-ID-3: veth3e4c9b1 state: up speed: 10000 Mbps duplex: full mac: + IF-ID-4: veth4420c24 state: up speed: 10000 Mbps duplex: full mac: + WAN IP: +RAID: Device-1: zroot type: zfs status: ONLINE level: mirror-0 size: 1.8 TiB free: 1.77 TiB + allocated: 30.9 GiB + Components: Online: N/A +Drives: Local Storage: total: raw: 3.64 TiB usable: 5.44 TiB used: 31.02 GiB (0.6%) + ID-1: /dev/sda maj-min: 8:0 vendor: Seagate model: ST2000DM001-1ER164 + family: Barracuda 7200.14 (AF) size: 1.82 TiB block-size: physical: 4096 B + logical: 512 B sata: 3.1 speed: 3.0 Gb/s rotation: 7200 rpm serial: rev: CC25 + temp: 30 C scheme: MBR + SMART: yes state: enabled health: PASSED on: 2y 254d 3h cycles: 56 read: 67.5 TiB + written: 25.45 TiB Pre-Fail: attribute: Spin_Retry_Count value: 100 worst: 100 + threshold: 97 + ID-2: /dev/sdb maj-min: 8:16 vendor: Seagate model: ST2000DM008-2FR102 + family: BarraCuda 3.5 (SMR) size: 1.82 TiB block-size: physical: 4096 B logical: 512 B + sata: 3.1 speed: 3.0 Gb/s rotation: 7200 rpm serial: rev: 0001 temp: 32 C + scheme: MBR + SMART: yes state: enabled health: PASSED on: 126d 12h cycles: 16 read: 272.8 GiB + written: 6.13 TiB Pre-Fail: attribute: Spin_Retry_Count value: 100 worst: 100 + threshold: 97 +Partition: ID-1: / raw-size: N/A size: 1.72 TiB used: 5.18 GiB (0.3%) fs: zfs + logical: zroot/public/root + ID-2: /boot raw-size: 1024 MiB size: 1022 MiB (99.80%) used: 127.7 MiB (12.5%) fs: vfat + block-size: 512 B dev: /dev/sda1 maj-min: 8:1 +Swap: Kernel: swappiness: 60 (default) cache-pressure: 100 (default) + ID-1: swap-1 type: partition size: 8 GiB used: 18.3 MiB (0.2%) priority: -2 + dev: /dev/sdb2 maj-min: 8:18 + ID-2: swap-2 type: partition size: 8 GiB used: 0 KiB (0.0%) priority: -3 dev: /dev/sda2 + maj-min: 8:2 +Sensors: System Temperatures: cpu: 47.2 C mobo: N/A + Fan Speeds (RPM): N/A +Info: Processes: 212 + Uptime: 08:30:36 up 45 days 13:23, 0 users, load average: 1.17, 1.08, 1.00 + wakeups: 0 Init: systemd v: 253 target: multi-user.target tool: systemctl Compilers: + gcc: 11.3.0 Packages: nix-default: 0 nix-sys: 637 lib: 144 nix-usr: 0 Client: Sudo v: 1.9.13p3 inxi: 3.3.04 ``` - + [comment]: (< add host and public key to features/system/nix.nix +# configure nix-server, add host and public key to features/system/nix.nix inv init-nix-serve --hosts ${TARGETIP} --hostnames ${TARGETNAME} ``` End [Commons installation](../installation.md) with **custom task** -TODO: update rpi40, bootstore nix-server documentation and remove persistent store \ No newline at end of file +TODO: update rpi40, bootstore nix-server documentation and remove persistent store diff --git a/docs/hosts/bootstore/cpu.txt b/docs/hosts/bootstore/cpu.txt index b191414..80a1148 100644 --- a/docs/hosts/bootstore/cpu.txt +++ b/docs/hosts/bootstore/cpu.txt @@ -5,7 +5,7 @@ Byte Order: Little Endian CPU(s): 2 On-line CPU(s) list: 0,1 Vendor ID: AuthenticAMD -BIOS Vendor ID: AMD +BIOS Vendor ID: AMD Model name: AMD Turion(tm) II Neo N40L Dual-Core Processor BIOS Model name: AMD Turion(tm) II Neo N40L Dual-Core Processor To Be Filled By O.E.M. CPU @ 1.5GHz BIOS CPU family: 1 diff --git a/docs/hosts/bootstore/hardwares.txt b/docs/hosts/bootstore/hardwares.txt index fede274..e021618 100644 --- a/docs/hosts/bootstore/hardwares.txt +++ b/docs/hosts/bootstore/hardwares.txt @@ -1,84 +1,84 @@ -System: Kernel: 5.15.107 x86_64 bits: 64 compiler: gcc v: 12.2.0 - parameters: BOOT_IMAGE=(hd0,msdos1)//kernels/b97ix80kmq8jjy7skqmwh8g9vdrkrc48-linux-5.15.107-bzImage - init=/nix/store/7p8kijsqfv45vnbdbhmc3fazl5cba8lp-nixos-system-bootstore-23.05.20230425.2c9ade3/init - nohibernate loglevel=4 - Console: N/A Distro: NixOS 23.11 (Tapir) -Machine: Type: Desktop System: HP product: ProLiant MicroServer v: N/A serial: Chassis: - type: 7 serial: N/A - Mobo: N/A model: N/A serial: N/A BIOS: HP v: O41 date: 07/29/2011 -Memory: RAM: total: 7.65 GiB used: 6.15 GiB (80.4%) - Array-1: capacity: 8 GiB slots: 2 EC: Single-bit ECC max-module-size: 4 GiB note: est. - Device-1: DIMM0 size: 4 GiB speed: 1333 MT/s type: Other detail: synchronous - bus-width: 64 bits total: 72 bits manufacturer: N/A part-no: N/A serial: N/A - Device-2: DIMM1 size: 4 GiB speed: 1333 MT/s type: Other detail: synchronous - bus-width: 64 bits total: 72 bits manufacturer: N/A part-no: N/A serial: N/A -PCI Slots: Slot: 1 type: x16 PCI Express PCIE1-J5 status: Available length: Short - Slot: 2 type: x1 PCI Express PCIE2-J6 status: Available length: Short -CPU: Info: Dual Core model: AMD Turion II Neo N40L bits: 64 type: MCP arch: K10 - family: 10 (16) model-id: 6 stepping: 3 microcode: 10000C8 cache: L1: 256 KiB L2: 2 MiB - flags: lm nx pae sse sse2 sse3 sse4a svm bogomips: 5989 - Speed: 1500 MHz min/max: 800/1500 MHz base/boost: 1500/2200 volts: 1.1 V - ext-clock: 200 MHz Core speeds (MHz): 1: 1500 2: 1500 - Vulnerabilities: Type: itlb_multihit status: Not affected - Type: l1tf status: Not affected - Type: mds status: Not affected - Type: meltdown status: Not affected - Type: mmio_stale_data status: Not affected - Type: retbleed status: Not affected - Type: spec_store_bypass status: Not affected - Type: spectre_v1 mitigation: usercopy/swapgs barriers and __user pointer sanitization - Type: spectre_v2 - mitigation: Retpolines, STIBP: disabled, RSB filling, PBRSB-eIBRS: Not affected - Type: srbds status: Not affected - Type: tsx_async_abort status: Not affected -Graphics: Device-1: AMD RS880M [Mobility Radeon HD 4225/4250] - vendor: Hewlett-Packard ProLiant MicroServer N36L driver: radeon v: kernel - bus-ID: 01:05.0 chip-ID: 1002:9712 class-ID: 0300 - Display: server: No display server data found. Headless machine? tty: N/A - Message: Advanced graphics data unavailable in console for root. -Audio: Message: No device data found. -Network: Device-1: Broadcom NetXtreme BCM5723 Gigabit Ethernet PCIe - vendor: Hewlett-Packard NC107i Server driver: tg3 v: kernel port: e000 bus-ID: 02:00.0 - chip-ID: 14e4:165b class-ID: 0200 - IF: enp2s0 state: up speed: 1000 Mbps duplex: full mac: - IP v4: scope: global - IF-ID-1: docker0 state: up speed: 10000 Mbps duplex: unknown mac: - IP v4: scope: global broadcast: - IF-ID-2: vethabed8a5 state: up speed: 10000 Mbps duplex: full mac: - IF-ID-3: vethd6213c1 state: up speed: 10000 Mbps duplex: full mac: - IF-ID-4: vethf203827 state: up speed: 10000 Mbps duplex: full mac: - WAN IP: -RAID: Device-1: zroot type: zfs status: ONLINE level: mirror-0 size: 1.8 TiB free: 1.76 TiB - allocated: 42 GiB - Components: Online: N/A -Drives: Local Storage: total: raw: 3.64 TiB usable: 5.44 TiB used: 42.2 GiB (0.8%) - ID-1: /dev/sda maj-min: 8:0 vendor: Seagate model: ST2000DM001-1ER164 - family: Barracuda 7200.14 (AF) size: 1.82 TiB block-size: physical: 4096 B - logical: 512 B sata: 3.1 speed: 3.0 Gb/s rotation: 7200 rpm serial: rev: CC25 - temp: 38 C scheme: MBR - SMART: yes state: enabled health: PASSED on: 3y 12d 7h cycles: 59 read: 68.15 TiB - written: 36.03 TiB Pre-Fail: attribute: Spin_Retry_Count value: 100 worst: 100 - threshold: 97 - ID-2: /dev/sdb maj-min: 8:16 vendor: Seagate model: ST2000DM008-2FR102 - family: BarraCuda 3.5 (SMR) size: 1.82 TiB block-size: physical: 4096 B logical: 512 B - sata: 3.1 speed: 3.0 Gb/s rotation: 7200 rpm serial: rev: 0001 temp: 40 C - scheme: MBR - SMART: yes state: enabled health: PASSED on: 5992h+32m+51.298s cycles: 19 - read: 938.65 GiB written: 16.7 TiB Pre-Fail: attribute: Spin_Retry_Count value: 100 - worst: 100 threshold: 97 -Partition: ID-1: / raw-size: N/A size: 1.71 TiB used: 6.97 GiB (0.4%) fs: zfs - logical: zroot/public/root - ID-2: /boot raw-size: 1024 MiB size: 1022 MiB (99.80%) used: 153.5 MiB (15.0%) fs: vfat - block-size: 512 B dev: /dev/sda1 maj-min: 8:1 -Swap: Kernel: swappiness: 60 (default) cache-pressure: 100 (default) - ID-1: swap-1 type: partition size: 8 GiB used: 952 KiB (0.0%) priority: -2 - dev: /dev/sdb2 maj-min: 8:18 - ID-2: swap-2 type: partition size: 8 GiB used: 0 KiB (0.0%) priority: -3 dev: /dev/sda2 - maj-min: 8:2 -Sensors: System Temperatures: cpu: 53.0 C mobo: N/A - Fan Speeds (RPM): N/A -Info: Processes: 221 - Uptime: 12:23:58 up 56 days 21:09, 0 users, load average: 1.58, 1.75, 1.68 - wakeups: 0 Init: systemd v: 253 target: multi-user.target tool: systemctl Compilers: - gcc: 12.3.0 Packages: nix-default: 0 nix-sys: 672 lib: 150 nix-usr: 0 Client: Sudo - v: 1.9.13p3 inxi: 3.3.04 +System: Kernel: 5.15.107 x86_64 bits: 64 compiler: gcc v: 12.2.0 + parameters: BOOT_IMAGE=(hd0,msdos1)//kernels/b97ix80kmq8jjy7skqmwh8g9vdrkrc48-linux-5.15.107-bzImage + init=/nix/store/7p8kijsqfv45vnbdbhmc3fazl5cba8lp-nixos-system-bootstore-23.05.20230425.2c9ade3/init + nohibernate loglevel=4 + Console: N/A Distro: NixOS 23.11 (Tapir) +Machine: Type: Desktop System: HP product: ProLiant MicroServer v: N/A serial: Chassis: + type: 7 serial: N/A + Mobo: N/A model: N/A serial: N/A BIOS: HP v: O41 date: 07/29/2011 +Memory: RAM: total: 7.65 GiB used: 6.15 GiB (80.4%) + Array-1: capacity: 8 GiB slots: 2 EC: Single-bit ECC max-module-size: 4 GiB note: est. + Device-1: DIMM0 size: 4 GiB speed: 1333 MT/s type: Other detail: synchronous + bus-width: 64 bits total: 72 bits manufacturer: N/A part-no: N/A serial: N/A + Device-2: DIMM1 size: 4 GiB speed: 1333 MT/s type: Other detail: synchronous + bus-width: 64 bits total: 72 bits manufacturer: N/A part-no: N/A serial: N/A +PCI Slots: Slot: 1 type: x16 PCI Express PCIE1-J5 status: Available length: Short + Slot: 2 type: x1 PCI Express PCIE2-J6 status: Available length: Short +CPU: Info: Dual Core model: AMD Turion II Neo N40L bits: 64 type: MCP arch: K10 + family: 10 (16) model-id: 6 stepping: 3 microcode: 10000C8 cache: L1: 256 KiB L2: 2 MiB + flags: lm nx pae sse sse2 sse3 sse4a svm bogomips: 5989 + Speed: 1500 MHz min/max: 800/1500 MHz base/boost: 1500/2200 volts: 1.1 V + ext-clock: 200 MHz Core speeds (MHz): 1: 1500 2: 1500 + Vulnerabilities: Type: itlb_multihit status: Not affected + Type: l1tf status: Not affected + Type: mds status: Not affected + Type: meltdown status: Not affected + Type: mmio_stale_data status: Not affected + Type: retbleed status: Not affected + Type: spec_store_bypass status: Not affected + Type: spectre_v1 mitigation: usercopy/swapgs barriers and __user pointer sanitization + Type: spectre_v2 + mitigation: Retpolines, STIBP: disabled, RSB filling, PBRSB-eIBRS: Not affected + Type: srbds status: Not affected + Type: tsx_async_abort status: Not affected +Graphics: Device-1: AMD RS880M [Mobility Radeon HD 4225/4250] + vendor: Hewlett-Packard ProLiant MicroServer N36L driver: radeon v: kernel + bus-ID: 01:05.0 chip-ID: 1002:9712 class-ID: 0300 + Display: server: No display server data found. Headless machine? tty: N/A + Message: Advanced graphics data unavailable in console for root. +Audio: Message: No device data found. +Network: Device-1: Broadcom NetXtreme BCM5723 Gigabit Ethernet PCIe + vendor: Hewlett-Packard NC107i Server driver: tg3 v: kernel port: e000 bus-ID: 02:00.0 + chip-ID: 14e4:165b class-ID: 0200 + IF: enp2s0 state: up speed: 1000 Mbps duplex: full mac: + IP v4: scope: global + IF-ID-1: docker0 state: up speed: 10000 Mbps duplex: unknown mac: + IP v4: scope: global broadcast: + IF-ID-2: vethabed8a5 state: up speed: 10000 Mbps duplex: full mac: + IF-ID-3: vethd6213c1 state: up speed: 10000 Mbps duplex: full mac: + IF-ID-4: vethf203827 state: up speed: 10000 Mbps duplex: full mac: + WAN IP: +RAID: Device-1: zroot type: zfs status: ONLINE level: mirror-0 size: 1.8 TiB free: 1.76 TiB + allocated: 42 GiB + Components: Online: N/A +Drives: Local Storage: total: raw: 3.64 TiB usable: 5.44 TiB used: 42.2 GiB (0.8%) + ID-1: /dev/sda maj-min: 8:0 vendor: Seagate model: ST2000DM001-1ER164 + family: Barracuda 7200.14 (AF) size: 1.82 TiB block-size: physical: 4096 B + logical: 512 B sata: 3.1 speed: 3.0 Gb/s rotation: 7200 rpm serial: rev: CC25 + temp: 38 C scheme: MBR + SMART: yes state: enabled health: PASSED on: 3y 12d 7h cycles: 59 read: 68.15 TiB + written: 36.03 TiB Pre-Fail: attribute: Spin_Retry_Count value: 100 worst: 100 + threshold: 97 + ID-2: /dev/sdb maj-min: 8:16 vendor: Seagate model: ST2000DM008-2FR102 + family: BarraCuda 3.5 (SMR) size: 1.82 TiB block-size: physical: 4096 B logical: 512 B + sata: 3.1 speed: 3.0 Gb/s rotation: 7200 rpm serial: rev: 0001 temp: 40 C + scheme: MBR + SMART: yes state: enabled health: PASSED on: 5992h+32m+51.298s cycles: 19 + read: 938.65 GiB written: 16.7 TiB Pre-Fail: attribute: Spin_Retry_Count value: 100 + worst: 100 threshold: 97 +Partition: ID-1: / raw-size: N/A size: 1.71 TiB used: 6.97 GiB (0.4%) fs: zfs + logical: zroot/public/root + ID-2: /boot raw-size: 1024 MiB size: 1022 MiB (99.80%) used: 153.5 MiB (15.0%) fs: vfat + block-size: 512 B dev: /dev/sda1 maj-min: 8:1 +Swap: Kernel: swappiness: 60 (default) cache-pressure: 100 (default) + ID-1: swap-1 type: partition size: 8 GiB used: 952 KiB (0.0%) priority: -2 + dev: /dev/sdb2 maj-min: 8:18 + ID-2: swap-2 type: partition size: 8 GiB used: 0 KiB (0.0%) priority: -3 dev: /dev/sda2 + maj-min: 8:2 +Sensors: System Temperatures: cpu: 53.0 C mobo: N/A + Fan Speeds (RPM): N/A +Info: Processes: 221 + Uptime: 12:23:58 up 56 days 21:09, 0 users, load average: 1.58, 1.75, 1.68 + wakeups: 0 Init: systemd v: 253 target: multi-user.target tool: systemctl Compilers: + gcc: 12.3.0 Packages: nix-default: 0 nix-sys: 672 lib: 150 nix-usr: 0 Client: Sudo + v: 1.9.13p3 inxi: 3.3.04 diff --git a/docs/hosts/bootstore/nix.txt b/docs/hosts/bootstore/nix.txt index f8574f5..4d8d809 100644 --- a/docs/hosts/bootstore/nix.txt +++ b/docs/hosts/bootstore/nix.txt @@ -4,4 +4,3 @@ - sandbox: `yes` - version: `nix-env (Nix) 2.16.1` - nixpkgs: `/nix/store/3m6cc1gnap8mq14amrzv2j1qjfzmigmd-source` - diff --git a/docs/hosts/bootstore/scan.json b/docs/hosts/bootstore/scan.json index 65abbea..eb8223e 100644 --- a/docs/hosts/bootstore/scan.json +++ b/docs/hosts/bootstore/scan.json @@ -77,4 +77,4 @@ "@name": "jetdirect" } } -] \ No newline at end of file +] diff --git a/docs/hosts/bootstore/services.json b/docs/hosts/bootstore/services.json index be45bdc..8fe127e 100644 --- a/docs/hosts/bootstore/services.json +++ b/docs/hosts/bootstore/services.json @@ -1 +1 @@ -[{"@protocol": "tcp", "@portid": "22", "service": {"@name": "ssh", "@product": "OpenSSH", "@extrainfo": "protocol 2.0"}}, {"@protocol": "tcp", "@portid": "53", "service": {"@name": "tcpwrapped"}}, {"@protocol": "tcp", "@portid": "80", "service": {"@name": "http", "@product": "nginx"}}, {"@protocol": "tcp", "@portid": "3030", "service": {"@name": "arepa-cas"}}, {"@protocol": "tcp", "@portid": "3031", "service": {"@name": "eppc"}}, {"@protocol": "tcp", "@portid": "5000", "service": {"@name": "upnp"}}] \ No newline at end of file +[{"@protocol": "tcp", "@portid": "22", "service": {"@name": "ssh", "@product": "OpenSSH", "@extrainfo": "protocol 2.0"}}, {"@protocol": "tcp", "@portid": "53", "service": {"@name": "tcpwrapped"}}, {"@protocol": "tcp", "@portid": "80", "service": {"@name": "http", "@product": "nginx"}}, {"@protocol": "tcp", "@portid": "3030", "service": {"@name": "arepa-cas"}}, {"@protocol": "tcp", "@portid": "3031", "service": {"@name": "eppc"}}, {"@protocol": "tcp", "@portid": "5000", "service": {"@name": "upnp"}}] diff --git a/docs/hosts/bootstore/summaries.json b/docs/hosts/bootstore/summaries.json index 6ef2ece..e8b3aac 100644 --- a/docs/hosts/bootstore/summaries.json +++ b/docs/hosts/bootstore/summaries.json @@ -9,4 +9,4 @@ "bits": "64", "bogomips": 2994 } -} \ No newline at end of file +} diff --git a/docs/hosts/box.md b/docs/hosts/box.md index adc7251..ed285d1 100644 --- a/docs/hosts/box.md +++ b/docs/hosts/box.md @@ -13,6 +13,6 @@ This page generated with `inv docs.all-pages` |80|tcp|tcpwrapped||| - -[comment]: (<>HOSTINFOS) -[comment]: (<rpi40 A zigbee2mqtt [service port 8080] - + ### Scan | Port | Proto | Service | Product | Extra info | @@ -52,7 +52,7 @@ This page generated with `inv docs.all-pages` |9100|tcp|jetdirect||| - + ### Config ```text @@ -63,91 +63,91 @@ RAM : 8 Go Go DISK : 495.48 GiB Go KERNEL : 5.15.74 ``` - + ### Topologie ![hardware topology](https://raw.githubusercontent.com/badele/nix-homelab/master/docs/hosts/rpi40/topologie.svg) - - + + ### Hardwares ``` -System: Kernel: 5.15.74 aarch64 bits: 64 compiler: gcc v: 9.5.0 - parameters: coherent_pool=1M 8250.nr_uarts=1 snd_bcm2835.enable_compat_alsa=0 - snd_bcm2835.enable_hdmi=1 bcm2708_fb.fbwidth=1184 bcm2708_fb.fbheight=624 - bcm2708_fb.fbswap=1 smsc95xx.macaddr=DC:A6:32:F0:05:16 vc_mem.mem_base=0x3eb00000 - vc_mem.mem_size=0x3ff00000 nohibernate loglevel=4 - init=/nix/store/l51q8xrjh5npkssi98xdg8fmxg3q0m25-nixos-system-rpi40-22.11.20230320.e2c9779/init - Console: N/A Distro: NixOS 23.05 (Stoat) -Machine: Type: ARM Device System: Raspberry Pi 4 Model B Rev 1.4 details: BCM2835 rev: d03114 - serial: -Memory: RAM: total: 7.62 GiB used: 5.87 GiB (77.1%) - RAM Report: smbios: No SMBIOS data for dmidecode to process -PCI Slots: ARM: No ARM data found for this feature. -CPU: Info: Quad Core model: N/A variant: cortex-a72 bits: 64 type: MCP arch: ARMv8 family: 8 - model-id: 0 stepping: 3 - features: Use -f option to see features bogomips: 432 - Speed: 1400 MHz min/max: 600/1500 MHz Core speeds (MHz): 1: 1400 2: 1400 3: 1400 - 4: 1400 - Vulnerabilities: Type: itlb_multihit status: Not affected - Type: l1tf status: Not affected - Type: mds status: Not affected - Type: meltdown status: Not affected - Type: mmio_stale_data status: Not affected - Type: retbleed status: Not affected - Type: spec_store_bypass status: Vulnerable - Type: spectre_v1 mitigation: __user pointer sanitization - Type: spectre_v2 status: Vulnerable - Type: srbds status: Not affected - Type: tsx_async_abort status: Not affected -Graphics: Device-1: bcm2708-fb driver: bcm2708_fb v: kernel bus-ID: N/A chip-ID: brcm:soc - class-ID: fb - Device-2: bcm2711-hdmi0 driver: N/A bus-ID: N/A chip-ID: brcm:soc class-ID: hdmi - Device-3: bcm2711-hdmi1 driver: N/A bus-ID: N/A chip-ID: brcm:soc class-ID: hdmi - Display: server: No display server data found. Headless machine? tty: N/A - Message: Advanced graphics data unavailable in console for root. -Audio: Device-1: bcm2711-hdmi0 driver: N/A bus-ID: N/A chip-ID: brcm:soc class-ID: hdmi - Device-2: bcm2711-hdmi1 driver: N/A bus-ID: N/A chip-ID: brcm:soc class-ID: hdmi -Network: Device-1: bcm2835-mmc driver: mmc_bcm2835 v: N/A port: N/A bus-ID: N/A - chip-ID: brcm:fe300000 class-ID: mmcnr - IF: wlan0 state: down mac: - Device-2: bcm2711-genet-v5 driver: bcmgenet v: N/A port: N/A bus-ID: N/A - chip-ID: brcm:fd580000 class-ID: ethernet - IF: eth0 state: up speed: 1000 Mbps duplex: full mac: - IP v4: type: dynamic noprefixroute scope: global broadcast: - IP v6: type: noprefixroute scope: link - IF-ID-1: docker0 state: down mac: - IP v4: scope: global broadcast: - WAN IP: -RAID: Device-1: zroot type: zfs status: ONLINE level: linear size: 464 GiB free: 444 GiB - allocated: 20.3 GiB - Components: Online: N/A -Drives: Local Storage: total: raw: 495.48 GiB usable: 959.48 GiB used: 17.79 GiB (1.9%) - ID-1: /dev/mmcblk0 maj-min: 179:0 vendor: SanDisk model: SL32G size: 29.72 GiB - block-size: physical: 512 B logical: 512 B rotation: SSD serial: scheme: MBR - SMART Message: Unknown smartctl error. Unable to generate data. - ID-2: /dev/sda maj-min: 8:0 type: USB vendor: Hitachi model: HTS547550A9E384 - family: HGST Travelstar 5K750 size: 465.76 GiB block-size: physical: 4096 B - logical: 512 B sata: 2.6 speed: 3.0 Gb/s rotation: 5400 rpm serial: rev: JE3O - temp: 29 C scheme: GPT - SMART: yes state: enabled health: PASSED on: 1y 233d 8h cycles: 69600 Old-Age: - g-sense error rate: 1057 Pre-Fail: reallocated sector: 100 threshold: 5 -Partition: ID-1: / raw-size: N/A size: 432.61 GiB used: 3.25 GiB (0.8%) fs: zfs - logical: zroot/private/root - ID-2: /boot raw-size: 1024 MiB size: 1022 MiB (99.80%) used: 252.7 MiB (24.7%) fs: vfat - block-size: 512 B dev: /dev/sda1 maj-min: 8:1 -Swap: Alert: No swap data was found. -Sensors: System Temperatures: cpu: 61.8 C mobo: N/A - Fan Speeds (RPM): N/A -Info: Processes: 181 - Uptime: 08:29:52 up 8 days 12:50, 0 users, load average: 0.27, 0.16, 0.18 - Init: systemd v: 253 target: multi-user.target tool: systemctl Compilers: gcc: 9.5.0 - Packages: nix-default: 0 nix-sys: 630 lib: 143 nix-usr: 0 Client: Sudo v: 1.9.13p3 +System: Kernel: 5.15.74 aarch64 bits: 64 compiler: gcc v: 9.5.0 + parameters: coherent_pool=1M 8250.nr_uarts=1 snd_bcm2835.enable_compat_alsa=0 + snd_bcm2835.enable_hdmi=1 bcm2708_fb.fbwidth=1184 bcm2708_fb.fbheight=624 + bcm2708_fb.fbswap=1 smsc95xx.macaddr=DC:A6:32:F0:05:16 vc_mem.mem_base=0x3eb00000 + vc_mem.mem_size=0x3ff00000 nohibernate loglevel=4 + init=/nix/store/l51q8xrjh5npkssi98xdg8fmxg3q0m25-nixos-system-rpi40-22.11.20230320.e2c9779/init + Console: N/A Distro: NixOS 23.05 (Stoat) +Machine: Type: ARM Device System: Raspberry Pi 4 Model B Rev 1.4 details: BCM2835 rev: d03114 + serial: +Memory: RAM: total: 7.62 GiB used: 5.87 GiB (77.1%) + RAM Report: smbios: No SMBIOS data for dmidecode to process +PCI Slots: ARM: No ARM data found for this feature. +CPU: Info: Quad Core model: N/A variant: cortex-a72 bits: 64 type: MCP arch: ARMv8 family: 8 + model-id: 0 stepping: 3 + features: Use -f option to see features bogomips: 432 + Speed: 1400 MHz min/max: 600/1500 MHz Core speeds (MHz): 1: 1400 2: 1400 3: 1400 + 4: 1400 + Vulnerabilities: Type: itlb_multihit status: Not affected + Type: l1tf status: Not affected + Type: mds status: Not affected + Type: meltdown status: Not affected + Type: mmio_stale_data status: Not affected + Type: retbleed status: Not affected + Type: spec_store_bypass status: Vulnerable + Type: spectre_v1 mitigation: __user pointer sanitization + Type: spectre_v2 status: Vulnerable + Type: srbds status: Not affected + Type: tsx_async_abort status: Not affected +Graphics: Device-1: bcm2708-fb driver: bcm2708_fb v: kernel bus-ID: N/A chip-ID: brcm:soc + class-ID: fb + Device-2: bcm2711-hdmi0 driver: N/A bus-ID: N/A chip-ID: brcm:soc class-ID: hdmi + Device-3: bcm2711-hdmi1 driver: N/A bus-ID: N/A chip-ID: brcm:soc class-ID: hdmi + Display: server: No display server data found. Headless machine? tty: N/A + Message: Advanced graphics data unavailable in console for root. +Audio: Device-1: bcm2711-hdmi0 driver: N/A bus-ID: N/A chip-ID: brcm:soc class-ID: hdmi + Device-2: bcm2711-hdmi1 driver: N/A bus-ID: N/A chip-ID: brcm:soc class-ID: hdmi +Network: Device-1: bcm2835-mmc driver: mmc_bcm2835 v: N/A port: N/A bus-ID: N/A + chip-ID: brcm:fe300000 class-ID: mmcnr + IF: wlan0 state: down mac: + Device-2: bcm2711-genet-v5 driver: bcmgenet v: N/A port: N/A bus-ID: N/A + chip-ID: brcm:fd580000 class-ID: ethernet + IF: eth0 state: up speed: 1000 Mbps duplex: full mac: + IP v4: type: dynamic noprefixroute scope: global broadcast: + IP v6: type: noprefixroute scope: link + IF-ID-1: docker0 state: down mac: + IP v4: scope: global broadcast: + WAN IP: +RAID: Device-1: zroot type: zfs status: ONLINE level: linear size: 464 GiB free: 444 GiB + allocated: 20.3 GiB + Components: Online: N/A +Drives: Local Storage: total: raw: 495.48 GiB usable: 959.48 GiB used: 17.79 GiB (1.9%) + ID-1: /dev/mmcblk0 maj-min: 179:0 vendor: SanDisk model: SL32G size: 29.72 GiB + block-size: physical: 512 B logical: 512 B rotation: SSD serial: scheme: MBR + SMART Message: Unknown smartctl error. Unable to generate data. + ID-2: /dev/sda maj-min: 8:0 type: USB vendor: Hitachi model: HTS547550A9E384 + family: HGST Travelstar 5K750 size: 465.76 GiB block-size: physical: 4096 B + logical: 512 B sata: 2.6 speed: 3.0 Gb/s rotation: 5400 rpm serial: rev: JE3O + temp: 29 C scheme: GPT + SMART: yes state: enabled health: PASSED on: 1y 233d 8h cycles: 69600 Old-Age: + g-sense error rate: 1057 Pre-Fail: reallocated sector: 100 threshold: 5 +Partition: ID-1: / raw-size: N/A size: 432.61 GiB used: 3.25 GiB (0.8%) fs: zfs + logical: zroot/private/root + ID-2: /boot raw-size: 1024 MiB size: 1022 MiB (99.80%) used: 252.7 MiB (24.7%) fs: vfat + block-size: 512 B dev: /dev/sda1 maj-min: 8:1 +Swap: Alert: No swap data was found. +Sensors: System Temperatures: cpu: 61.8 C mobo: N/A + Fan Speeds (RPM): N/A +Info: Processes: 181 + Uptime: 08:29:52 up 8 days 12:50, 0 users, load average: 0.27, 0.16, 0.18 + Init: systemd v: 253 target: multi-user.target tool: systemctl Compilers: gcc: 9.5.0 + Packages: nix-default: 0 nix-sys: 630 lib: 143 nix-usr: 0 Client: Sudo v: 1.9.13p3 inxi: 3.3.04 ``` - + [comment]: (< add host and public key to features/system/nix.nix +# configure nix-server, add host and public key to features/system/nix.nix inv init-nix-serve --hosts ${TARGETIP} --hostnames ${TARGETNAME} ``` # configure nix-server inv init-nix-server --hosts export DIR_NIXSERVE=/persist/host/data/nix-serve -mkdir -p $DIR_NIXSERVE && cd $DIR_NIXSERVE +mkdir -p $DIR_NIXSERVE && cd $DIR_NIXSERVE nix-store --generate-binary-cache-key rpi40.adele.local cache-priv-key.pem cache-pub-key.pem # Update RPI and configure USB boot @@ -176,4 +176,4 @@ inv firmware-rpi-update --hosts End [Commons installation](../installation.md) with **custom task** -TODO: update rpi40, bootstore nix-server documentation and remove persistent store \ No newline at end of file +TODO: update rpi40, bootstore nix-server documentation and remove persistent store diff --git a/docs/hosts/rpi40/hardwares.txt b/docs/hosts/rpi40/hardwares.txt index fa7f0fb..9d233a8 100644 --- a/docs/hosts/rpi40/hardwares.txt +++ b/docs/hosts/rpi40/hardwares.txt @@ -1,70 +1,70 @@ -System: Kernel: 5.15.84 aarch64 bits: 64 compiler: gcc v: 12.2.0 - parameters: coherent_pool=1M 8250.nr_uarts=1 snd_bcm2835.enable_compat_alsa=0 - snd_bcm2835.enable_hdmi=1 bcm2708_fb.fbwidth=0 bcm2708_fb.fbheight=0 - bcm2708_fb.fbswap=1 smsc95xx.macaddr=DC:A6:32:F0:05:16 vc_mem.mem_base=0x3eb00000 - vc_mem.mem_size=0x3ff00000 nohibernate loglevel=4 - init=/nix/store/xnr2z5ivp0imfkkvd37p2h0nd3vmcqqn-nixos-system-rpi40-23.05.20230420.1dc2054/init - Console: N/A Distro: NixOS 23.05 (Stoat) -Machine: Type: ARM Device System: Raspberry Pi 4 Model B Rev 1.4 details: BCM2835 rev: d03114 - serial: -Memory: RAM: total: 7.62 GiB used: 4.99 GiB (65.4%) - RAM Report: smbios: No SMBIOS data for dmidecode to process -PCI Slots: ARM: No ARM data found for this feature. -CPU: Info: Quad Core model: N/A variant: cortex-a72 bits: 64 type: MCP arch: ARMv8 family: 8 - model-id: 0 stepping: 3 - features: Use -f option to see features bogomips: 432 - Speed: 600 MHz min/max: 600/1500 MHz Core speeds (MHz): 1: 600 2: 600 3: 600 4: 600 - Vulnerabilities: Type: itlb_multihit status: Not affected - Type: l1tf status: Not affected - Type: mds status: Not affected - Type: meltdown status: Not affected - Type: mmio_stale_data status: Not affected - Type: retbleed status: Not affected - Type: spec_store_bypass status: Vulnerable - Type: spectre_v1 mitigation: __user pointer sanitization - Type: spectre_v2 status: Vulnerable - Type: srbds status: Not affected - Type: tsx_async_abort status: Not affected -Graphics: Device-1: bcm2708-fb driver: N/A bus-ID: N/A chip-ID: brcm:soc class-ID: fb - Device-2: bcm2711-hdmi0 driver: N/A bus-ID: N/A chip-ID: brcm:soc class-ID: hdmi - Device-3: bcm2711-hdmi1 driver: N/A bus-ID: N/A chip-ID: brcm:soc class-ID: hdmi - Display: server: No display server data found. Headless machine? tty: N/A - Message: Advanced graphics data unavailable in console for root. -Audio: Device-1: bcm2711-hdmi0 driver: N/A bus-ID: N/A chip-ID: brcm:soc class-ID: hdmi - Device-2: bcm2711-hdmi1 driver: N/A bus-ID: N/A chip-ID: brcm:soc class-ID: hdmi -Network: Device-1: bcm2835-mmc driver: mmc_bcm2835 v: N/A port: N/A bus-ID: N/A - chip-ID: brcm:fe300000 class-ID: mmcnr - IF: wlan0 state: down mac: - Device-2: bcm2711-genet-v5 driver: bcmgenet v: N/A port: N/A bus-ID: N/A - chip-ID: brcm:fd580000 class-ID: ethernet - IF: end0 state: up speed: 1000 Mbps duplex: full mac: - IP v4: type: dynamic noprefixroute scope: global broadcast: - IP v6: type: noprefixroute scope: link - IF-ID-1: docker0 state: down mac: - IP v4: scope: global broadcast: - WAN IP: -RAID: Device-1: zroot type: zfs status: ONLINE level: linear size: 464 GiB free: 442 GiB - allocated: 22.5 GiB - Components: Online: N/A -Drives: Local Storage: total: raw: 495.48 GiB usable: 959.48 GiB used: 20 GiB (2.1%) - ID-1: /dev/mmcblk0 maj-min: 179:0 vendor: SanDisk model: SL32G size: 29.72 GiB - block-size: physical: 512 B logical: 512 B rotation: SSD serial: scheme: MBR - SMART Message: Unknown smartctl error. Unable to generate data. - ID-2: /dev/sda maj-min: 8:0 type: USB vendor: Hitachi model: HTS547550A9E384 - family: HGST Travelstar 5K750 size: 465.76 GiB block-size: physical: 4096 B - logical: 512 B sata: 2.6 speed: 3.0 Gb/s rotation: 5400 rpm serial: rev: JE3O - temp: 37 C scheme: GPT - SMART: yes state: enabled health: PASSED on: 1y 276d 7h cycles: 69605 Old-Age: - g-sense error rate: 1061 Pre-Fail: reallocated sector: 100 threshold: 5 -Partition: ID-1: / raw-size: N/A size: 431.85 GiB used: 4.69 GiB (1.1%) fs: zfs - logical: zroot/private/root - ID-2: /boot raw-size: 1024 MiB size: 1022 MiB (99.80%) used: 267.2 MiB (26.1%) fs: vfat - block-size: 512 B dev: /dev/sda1 maj-min: 8:1 -Swap: Alert: No swap data was found. -Sensors: System Temperatures: cpu: 75.0 C mobo: N/A - Fan Speeds (RPM): N/A -Info: Processes: 197 - Uptime: 07:24:27 up 4 days 9:51, 1 user, load average: 3.85, 3.02, 2.69 - Init: systemd v: 253 target: multi-user.target tool: systemctl Compilers: gcc: 9.5.0 - Packages: 1492 nix-default: 431 lib: 2 nix-sys: 630 lib: 143 nix-usr: 431 lib: 71 - Client: Sudo v: 1.9.13p3 inxi: 3.3.04 +System: Kernel: 5.15.84 aarch64 bits: 64 compiler: gcc v: 12.2.0 + parameters: coherent_pool=1M 8250.nr_uarts=1 snd_bcm2835.enable_compat_alsa=0 + snd_bcm2835.enable_hdmi=1 bcm2708_fb.fbwidth=0 bcm2708_fb.fbheight=0 + bcm2708_fb.fbswap=1 smsc95xx.macaddr=DC:A6:32:F0:05:16 vc_mem.mem_base=0x3eb00000 + vc_mem.mem_size=0x3ff00000 nohibernate loglevel=4 + init=/nix/store/xnr2z5ivp0imfkkvd37p2h0nd3vmcqqn-nixos-system-rpi40-23.05.20230420.1dc2054/init + Console: N/A Distro: NixOS 23.05 (Stoat) +Machine: Type: ARM Device System: Raspberry Pi 4 Model B Rev 1.4 details: BCM2835 rev: d03114 + serial: +Memory: RAM: total: 7.62 GiB used: 4.99 GiB (65.4%) + RAM Report: smbios: No SMBIOS data for dmidecode to process +PCI Slots: ARM: No ARM data found for this feature. +CPU: Info: Quad Core model: N/A variant: cortex-a72 bits: 64 type: MCP arch: ARMv8 family: 8 + model-id: 0 stepping: 3 + features: Use -f option to see features bogomips: 432 + Speed: 600 MHz min/max: 600/1500 MHz Core speeds (MHz): 1: 600 2: 600 3: 600 4: 600 + Vulnerabilities: Type: itlb_multihit status: Not affected + Type: l1tf status: Not affected + Type: mds status: Not affected + Type: meltdown status: Not affected + Type: mmio_stale_data status: Not affected + Type: retbleed status: Not affected + Type: spec_store_bypass status: Vulnerable + Type: spectre_v1 mitigation: __user pointer sanitization + Type: spectre_v2 status: Vulnerable + Type: srbds status: Not affected + Type: tsx_async_abort status: Not affected +Graphics: Device-1: bcm2708-fb driver: N/A bus-ID: N/A chip-ID: brcm:soc class-ID: fb + Device-2: bcm2711-hdmi0 driver: N/A bus-ID: N/A chip-ID: brcm:soc class-ID: hdmi + Device-3: bcm2711-hdmi1 driver: N/A bus-ID: N/A chip-ID: brcm:soc class-ID: hdmi + Display: server: No display server data found. Headless machine? tty: N/A + Message: Advanced graphics data unavailable in console for root. +Audio: Device-1: bcm2711-hdmi0 driver: N/A bus-ID: N/A chip-ID: brcm:soc class-ID: hdmi + Device-2: bcm2711-hdmi1 driver: N/A bus-ID: N/A chip-ID: brcm:soc class-ID: hdmi +Network: Device-1: bcm2835-mmc driver: mmc_bcm2835 v: N/A port: N/A bus-ID: N/A + chip-ID: brcm:fe300000 class-ID: mmcnr + IF: wlan0 state: down mac: + Device-2: bcm2711-genet-v5 driver: bcmgenet v: N/A port: N/A bus-ID: N/A + chip-ID: brcm:fd580000 class-ID: ethernet + IF: end0 state: up speed: 1000 Mbps duplex: full mac: + IP v4: type: dynamic noprefixroute scope: global broadcast: + IP v6: type: noprefixroute scope: link + IF-ID-1: docker0 state: down mac: + IP v4: scope: global broadcast: + WAN IP: +RAID: Device-1: zroot type: zfs status: ONLINE level: linear size: 464 GiB free: 442 GiB + allocated: 22.5 GiB + Components: Online: N/A +Drives: Local Storage: total: raw: 495.48 GiB usable: 959.48 GiB used: 20 GiB (2.1%) + ID-1: /dev/mmcblk0 maj-min: 179:0 vendor: SanDisk model: SL32G size: 29.72 GiB + block-size: physical: 512 B logical: 512 B rotation: SSD serial: scheme: MBR + SMART Message: Unknown smartctl error. Unable to generate data. + ID-2: /dev/sda maj-min: 8:0 type: USB vendor: Hitachi model: HTS547550A9E384 + family: HGST Travelstar 5K750 size: 465.76 GiB block-size: physical: 4096 B + logical: 512 B sata: 2.6 speed: 3.0 Gb/s rotation: 5400 rpm serial: rev: JE3O + temp: 37 C scheme: GPT + SMART: yes state: enabled health: PASSED on: 1y 276d 7h cycles: 69605 Old-Age: + g-sense error rate: 1061 Pre-Fail: reallocated sector: 100 threshold: 5 +Partition: ID-1: / raw-size: N/A size: 431.85 GiB used: 4.69 GiB (1.1%) fs: zfs + logical: zroot/private/root + ID-2: /boot raw-size: 1024 MiB size: 1022 MiB (99.80%) used: 267.2 MiB (26.1%) fs: vfat + block-size: 512 B dev: /dev/sda1 maj-min: 8:1 +Swap: Alert: No swap data was found. +Sensors: System Temperatures: cpu: 75.0 C mobo: N/A + Fan Speeds (RPM): N/A +Info: Processes: 197 + Uptime: 07:24:27 up 4 days 9:51, 1 user, load average: 3.85, 3.02, 2.69 + Init: systemd v: 253 target: multi-user.target tool: systemctl Compilers: gcc: 9.5.0 + Packages: 1492 nix-default: 431 lib: 2 nix-sys: 630 lib: 143 nix-usr: 431 lib: 71 + Client: Sudo v: 1.9.13p3 inxi: 3.3.04 diff --git a/docs/hosts/rpi40/nix.txt b/docs/hosts/rpi40/nix.txt index 7eec1b3..0d0efe8 100644 --- a/docs/hosts/rpi40/nix.txt +++ b/docs/hosts/rpi40/nix.txt @@ -4,4 +4,3 @@ - sandbox: `yes` - version: `nix-env (Nix) 2.15.0` - nixpkgs: `/nix/var/nix/profiles/per-user/root/channels/nixos` - diff --git a/docs/hosts/rpi40/scan.json b/docs/hosts/rpi40/scan.json index fa4276b..df79fe4 100644 --- a/docs/hosts/rpi40/scan.json +++ b/docs/hosts/rpi40/scan.json @@ -47,4 +47,4 @@ "@name": "jetdirect" } } -] \ No newline at end of file +] diff --git a/docs/hosts/rpi40/services.json b/docs/hosts/rpi40/services.json index 6172951..1c31197 100644 --- a/docs/hosts/rpi40/services.json +++ b/docs/hosts/rpi40/services.json @@ -1 +1 @@ -[{"@protocol": "tcp", "@portid": "22", "service": {"@name": "ssh", "@product": "OpenSSH", "@extrainfo": "protocol 2.0"}}, {"@protocol": "tcp", "@portid": "80", "service": {"@name": "http", "@product": "nginx"}}, {"@protocol": "tcp", "@portid": "5000", "service": {"@name": "upnp"}}] \ No newline at end of file +[{"@protocol": "tcp", "@portid": "22", "service": {"@name": "ssh", "@product": "OpenSSH", "@extrainfo": "protocol 2.0"}}, {"@protocol": "tcp", "@portid": "80", "service": {"@name": "http", "@product": "nginx"}}, {"@protocol": "tcp", "@portid": "5000", "service": {"@name": "upnp"}}] diff --git a/docs/hosts/rpi40/summaries.json b/docs/hosts/rpi40/summaries.json index 1356bb4..3f2b488 100644 --- a/docs/hosts/rpi40/summaries.json +++ b/docs/hosts/rpi40/summaries.json @@ -9,4 +9,4 @@ "bits": "64", "bogomips": 108 } -} \ No newline at end of file +} diff --git a/docs/hosts/sadhome.md b/docs/hosts/sadhome.md index a1c59f7..dc83495 100644 --- a/docs/hosts/sadhome.md +++ b/docs/hosts/sadhome.md @@ -16,110 +16,110 @@ RAM : 8 Go Go DISK : 465.76 GiB Go KERNEL : 5.15.78 ``` - + ### Topologie ![hardware topology](https://raw.githubusercontent.com/badele/nix-homelab/master/docs/hosts/latino/topologie.svg) - - + + ### Hardwares ``` -System: Kernel: 5.15.78 x86_64 bits: 64 compiler: gcc v: 11.3.0 - parameters: initrd=~efi~nixos~5yzc4622rdcw9pfmg6zqjxanvpjr72an-initrd-linux-5.15.78-initrd.efi - init=/nix/store/b4m6k9hf1rmqva6nxlkhi0qrqnw50hgf-nixos-system-latino-22.11.20221115.85d6b39/init - nohibernate loglevel=4 - Console: tty pts/1 Distro: NixOS 22.11 (Raccoon) -Machine: Type: Laptop System: Dell product: Latitude E5540 v: 00 serial: Chassis: - type: 9 serial: - Mobo: Dell model: 0H3FM5 v: A00 serial: UEFI: Dell v: A15 date: 09/27/2016 -Battery: ID-1: BAT0 charge: 25.3 Wh (100.0%) condition: 25.3/66.6 Wh (38.0%) volts: 12.7 - min: 11.1 model: SMP DELL WGCW633 type: Li-ion serial: status: Full -Memory: RAM: total: 7.68 GiB used: 7.3 GiB (95.0%) - Array-1: capacity: 16 GiB slots: 2 EC: None max-module-size: 8 GiB note: est. - Device-1: DIMM A size: 4 GiB speed: 1600 MT/s type: DDR3 detail: synchronous - bus-width: 64 bits total: 64 bits manufacturer: Samsung part-no: M471B5173QH0-YK0 - serial: - Device-2: DIMM B size: 4 GiB speed: 1600 MT/s type: DDR3 detail: synchronous - bus-width: 64 bits total: 64 bits manufacturer: Crucial part-no: CT51264BF160BJ.M8F - serial: -PCI Slots: Slot: 0 type: x16 PCI Express J6B2 status: In Use length: Long - Slot: 1 type: x1 PCI Express J6B1 status: In Use length: Short - Slot: 2 type: x1 PCI Express J6D1 status: In Use length: Short - Slot: 3 type: x1 PCI Express J7B1 status: In Use length: Short - Slot: 4 type: x1 PCI Express J8B4 status: In Use length: Short -CPU: Info: Dual Core model: Intel Core i5-4300U socket: rPGA988B bits: 64 type: MT MCP - arch: Haswell family: 6 model-id: 45 (69) stepping: 1 microcode: 26 cache: L1: 128 KiB - L2: 3 MiB L3: 3 MiB - flags: avx avx2 lm nx pae sse sse2 sse3 sse4_1 sse4_2 ssse3 vmx bogomips: 19954 - Speed: 2304 MHz min/max: 800/2900 MHz base/boost: 1900/1900 volts: 1.2 V - ext-clock: 100 MHz Core speeds (MHz): 1: 2304 2: 1932 3: 2521 4: 2045 - Vulnerabilities: Type: itlb_multihit status: KVM: VMX disabled - Type: l1tf mitigation: PTE Inversion; VMX: conditional cache flushes, SMT vulnerable - Type: mds mitigation: Clear CPU buffers; SMT vulnerable - Type: meltdown mitigation: PTI - Type: mmio_stale_data status: Unknown: No mitigations - Type: retbleed status: Not affected - Type: spec_store_bypass - mitigation: Speculative Store Bypass disabled via prctl and seccomp - Type: spectre_v1 mitigation: usercopy/swapgs barriers and __user pointer sanitization - Type: spectre_v2 mitigation: Retpolines, IBPB: conditional, IBRS_FW, STIBP: - conditional, RSB filling, PBRSB-eIBRS: Not affected - Type: srbds mitigation: Microcode - Type: tsx_async_abort status: Not affected -Graphics: Device-1: Intel Haswell-ULT Integrated Graphics vendor: Dell driver: i915 v: kernel - bus-ID: 00:02.0 chip-ID: 8086:0a16 class-ID: 0300 - Device-2: Microdia Laptop_Integrated_Webcam_HD type: USB driver: uvcvideo - bus-ID: 1-1.6:3 chip-ID: 0c45:649d class-ID: 0e02 - Display: server: No display server data found. Headless machine? tty: 190x48 - Message: Advanced graphics data unavailable in console for root. -Audio: Device-1: Intel Haswell-ULT HD Audio vendor: Dell driver: snd_hda_intel v: kernel - bus-ID: 00:03.0 chip-ID: 8086:0a0c class-ID: 0403 - Device-2: Intel 8 Series HD Audio vendor: Dell driver: snd_hda_intel v: kernel - bus-ID: 00:1b.0 chip-ID: 8086:9c20 class-ID: 0403 - Sound Server-1: ALSA v: k5.15.78 running: yes - Sound Server-2: PipeWire v: 0.3.59 running: yes -Network: Device-1: Intel Ethernet I218-LM vendor: Dell driver: e1000e v: kernel port: f080 - bus-ID: 00:19.0 chip-ID: 8086:155a class-ID: 0200 - IF: eno1 state: down mac: - Device-2: Intel Wireless 7260 driver: iwlwifi v: kernel port: f040 bus-ID: 02:00.0 - chip-ID: 8086:08b1 class-ID: 0280 - IF: wlp2s0 state: up mac: - IP v4: type: dynamic noprefixroute scope: global broadcast: - IP v6: type: noprefixroute scope: link - IF-ID-1: docker0 state: down mac: - IP v4: scope: global broadcast: - WAN IP: -Bluetooth: Device-1: Intel Bluetooth wireless interface type: USB driver: btusb v: 0.8 - bus-ID: 1-1.8.2:5 chip-ID: 8087:07dc class-ID: e001 - Report: rfkill ID: hci0 rfk-id: 4 state: down bt-service: not found rfk-block: - hardware: no software: no address: see --recommends -RAID: Hardware-1: Intel 82801 Mobile SATA Controller [RAID mode] driver: ahci v: 3.0 - port: f060 bus-ID: 00:1f.2 chip-ID: 8086.282a rev: 04 class-ID: 0104 - Device-1: latino type: zfs status: ONLINE level: linear size: 464 GiB free: 427 GiB - allocated: 36.8 GiB - Components: Online: N/A -Drives: Local Storage: total: raw: 465.76 GiB usable: 929.76 GiB used: 37.36 GiB (4.0%) - ID-1: /dev/sda maj-min: 8:0 vendor: Samsung model: SSD 850 EVO 500GB family: based SSDs - size: 465.76 GiB block-size: physical: 512 B logical: 512 B sata: 3.1 speed: 6.0 Gb/s - rotation: SSD serial: rev: 2B6Q temp: 43 C scheme: GPT - SMART: yes state: enabled health: PASSED on: 367d 15h cycles: 1352 written: 8.46 TiB -Partition: ID-1: / raw-size: N/A size: 431.46 GiB used: 18.65 GiB (4.3%) fs: zfs - logical: latino/private/root - ID-2: /boot raw-size: 512 MiB size: 511 MiB (99.80%) used: 31.5 MiB (6.2%) fs: vfat - block-size: 512 B dev: /dev/sda1 maj-min: 8:1 -Swap: Alert: No swap data was found. -Sensors: System Temperatures: cpu: 66.0 C mobo: 43.0 C sodimm: SODIMM C - Fan Speeds (RPM): cpu: 3495 -Info: Processes: 262 - Uptime: 22:30:04 up 1 day 13:36, 1 user, load average: 3.73, 2.69, 2.50 wakeups: 1 - Init: systemd v: 251 target: multi-user.target tool: systemctl Compilers: gcc: 11.3.0 - Packages: 1195 nix-default: 271 lib: 1 nix-sys: 653 lib: 150 nix-usr: 271 lib: 28 +System: Kernel: 5.15.78 x86_64 bits: 64 compiler: gcc v: 11.3.0 + parameters: initrd=~efi~nixos~5yzc4622rdcw9pfmg6zqjxanvpjr72an-initrd-linux-5.15.78-initrd.efi + init=/nix/store/b4m6k9hf1rmqva6nxlkhi0qrqnw50hgf-nixos-system-latino-22.11.20221115.85d6b39/init + nohibernate loglevel=4 + Console: tty pts/1 Distro: NixOS 22.11 (Raccoon) +Machine: Type: Laptop System: Dell product: Latitude E5540 v: 00 serial: Chassis: + type: 9 serial: + Mobo: Dell model: 0H3FM5 v: A00 serial: UEFI: Dell v: A15 date: 09/27/2016 +Battery: ID-1: BAT0 charge: 25.3 Wh (100.0%) condition: 25.3/66.6 Wh (38.0%) volts: 12.7 + min: 11.1 model: SMP DELL WGCW633 type: Li-ion serial: status: Full +Memory: RAM: total: 7.68 GiB used: 7.3 GiB (95.0%) + Array-1: capacity: 16 GiB slots: 2 EC: None max-module-size: 8 GiB note: est. + Device-1: DIMM A size: 4 GiB speed: 1600 MT/s type: DDR3 detail: synchronous + bus-width: 64 bits total: 64 bits manufacturer: Samsung part-no: M471B5173QH0-YK0 + serial: + Device-2: DIMM B size: 4 GiB speed: 1600 MT/s type: DDR3 detail: synchronous + bus-width: 64 bits total: 64 bits manufacturer: Crucial part-no: CT51264BF160BJ.M8F + serial: +PCI Slots: Slot: 0 type: x16 PCI Express J6B2 status: In Use length: Long + Slot: 1 type: x1 PCI Express J6B1 status: In Use length: Short + Slot: 2 type: x1 PCI Express J6D1 status: In Use length: Short + Slot: 3 type: x1 PCI Express J7B1 status: In Use length: Short + Slot: 4 type: x1 PCI Express J8B4 status: In Use length: Short +CPU: Info: Dual Core model: Intel Core i5-4300U socket: rPGA988B bits: 64 type: MT MCP + arch: Haswell family: 6 model-id: 45 (69) stepping: 1 microcode: 26 cache: L1: 128 KiB + L2: 3 MiB L3: 3 MiB + flags: avx avx2 lm nx pae sse sse2 sse3 sse4_1 sse4_2 ssse3 vmx bogomips: 19954 + Speed: 2304 MHz min/max: 800/2900 MHz base/boost: 1900/1900 volts: 1.2 V + ext-clock: 100 MHz Core speeds (MHz): 1: 2304 2: 1932 3: 2521 4: 2045 + Vulnerabilities: Type: itlb_multihit status: KVM: VMX disabled + Type: l1tf mitigation: PTE Inversion; VMX: conditional cache flushes, SMT vulnerable + Type: mds mitigation: Clear CPU buffers; SMT vulnerable + Type: meltdown mitigation: PTI + Type: mmio_stale_data status: Unknown: No mitigations + Type: retbleed status: Not affected + Type: spec_store_bypass + mitigation: Speculative Store Bypass disabled via prctl and seccomp + Type: spectre_v1 mitigation: usercopy/swapgs barriers and __user pointer sanitization + Type: spectre_v2 mitigation: Retpolines, IBPB: conditional, IBRS_FW, STIBP: + conditional, RSB filling, PBRSB-eIBRS: Not affected + Type: srbds mitigation: Microcode + Type: tsx_async_abort status: Not affected +Graphics: Device-1: Intel Haswell-ULT Integrated Graphics vendor: Dell driver: i915 v: kernel + bus-ID: 00:02.0 chip-ID: 8086:0a16 class-ID: 0300 + Device-2: Microdia Laptop_Integrated_Webcam_HD type: USB driver: uvcvideo + bus-ID: 1-1.6:3 chip-ID: 0c45:649d class-ID: 0e02 + Display: server: No display server data found. Headless machine? tty: 190x48 + Message: Advanced graphics data unavailable in console for root. +Audio: Device-1: Intel Haswell-ULT HD Audio vendor: Dell driver: snd_hda_intel v: kernel + bus-ID: 00:03.0 chip-ID: 8086:0a0c class-ID: 0403 + Device-2: Intel 8 Series HD Audio vendor: Dell driver: snd_hda_intel v: kernel + bus-ID: 00:1b.0 chip-ID: 8086:9c20 class-ID: 0403 + Sound Server-1: ALSA v: k5.15.78 running: yes + Sound Server-2: PipeWire v: 0.3.59 running: yes +Network: Device-1: Intel Ethernet I218-LM vendor: Dell driver: e1000e v: kernel port: f080 + bus-ID: 00:19.0 chip-ID: 8086:155a class-ID: 0200 + IF: eno1 state: down mac: + Device-2: Intel Wireless 7260 driver: iwlwifi v: kernel port: f040 bus-ID: 02:00.0 + chip-ID: 8086:08b1 class-ID: 0280 + IF: wlp2s0 state: up mac: + IP v4: type: dynamic noprefixroute scope: global broadcast: + IP v6: type: noprefixroute scope: link + IF-ID-1: docker0 state: down mac: + IP v4: scope: global broadcast: + WAN IP: +Bluetooth: Device-1: Intel Bluetooth wireless interface type: USB driver: btusb v: 0.8 + bus-ID: 1-1.8.2:5 chip-ID: 8087:07dc class-ID: e001 + Report: rfkill ID: hci0 rfk-id: 4 state: down bt-service: not found rfk-block: + hardware: no software: no address: see --recommends +RAID: Hardware-1: Intel 82801 Mobile SATA Controller [RAID mode] driver: ahci v: 3.0 + port: f060 bus-ID: 00:1f.2 chip-ID: 8086.282a rev: 04 class-ID: 0104 + Device-1: latino type: zfs status: ONLINE level: linear size: 464 GiB free: 427 GiB + allocated: 36.8 GiB + Components: Online: N/A +Drives: Local Storage: total: raw: 465.76 GiB usable: 929.76 GiB used: 37.36 GiB (4.0%) + ID-1: /dev/sda maj-min: 8:0 vendor: Samsung model: SSD 850 EVO 500GB family: based SSDs + size: 465.76 GiB block-size: physical: 512 B logical: 512 B sata: 3.1 speed: 6.0 Gb/s + rotation: SSD serial: rev: 2B6Q temp: 43 C scheme: GPT + SMART: yes state: enabled health: PASSED on: 367d 15h cycles: 1352 written: 8.46 TiB +Partition: ID-1: / raw-size: N/A size: 431.46 GiB used: 18.65 GiB (4.3%) fs: zfs + logical: latino/private/root + ID-2: /boot raw-size: 512 MiB size: 511 MiB (99.80%) used: 31.5 MiB (6.2%) fs: vfat + block-size: 512 B dev: /dev/sda1 maj-min: 8:1 +Swap: Alert: No swap data was found. +Sensors: System Temperatures: cpu: 66.0 C mobo: 43.0 C sodimm: SODIMM C + Fan Speeds (RPM): cpu: 3495 +Info: Processes: 262 + Uptime: 22:30:04 up 1 day 13:36, 1 user, load average: 3.73, 2.69, 2.50 wakeups: 1 + Init: systemd v: 251 target: multi-user.target tool: systemctl Compilers: gcc: 11.3.0 + Packages: 1195 nix-default: 271 lib: 1 nix-sys: 653 lib: 150 nix-usr: 271 lib: 28 Client: Sudo v: 1.9.12p1 inxi: 3.3.04 ``` - + [comment]: (</default.nix and hosts//hardware-configuration.nix +# Configure hosts//default.nix and hosts//hardware-configuration.nix # NixOS installation inv init.nixos-install --hosts ${TARGETIP} --flakeattr ${TARGETNAME} diff --git a/docs/hosts/sadhome/scan.json b/docs/hosts/sadhome/scan.json index 29e71dc..ef1e9f9 100644 --- a/docs/hosts/sadhome/scan.json +++ b/docs/hosts/sadhome/scan.json @@ -8,4 +8,4 @@ "@extrainfo": "protocol 2.0" } } -] \ No newline at end of file +] diff --git a/docs/hosts/sadhome/summaries.json b/docs/hosts/sadhome/summaries.json index 372b970..0e3a5dc 100644 --- a/docs/hosts/sadhome/summaries.json +++ b/docs/hosts/sadhome/summaries.json @@ -9,4 +9,4 @@ "bits": 0, "bogomips": 0 } -} \ No newline at end of file +} diff --git a/docs/hosts/sadphone.md b/docs/hosts/sadphone.md index 6ba3ad9..47e125a 100644 --- a/docs/hosts/sadphone.md +++ b/docs/hosts/sadphone.md @@ -7,4 +7,4 @@ This page generated with `inv docs.all-pages` -[comment]: (< # encrypt ZFS inv init.disk-format --hosts ${TARGETIP} --disk /dev/sda --mirror /dev/sdb --mode MBR inv init.disk-format --hosts ${TARGETIP} --disk /dev/nvme0n1 --mode EFI -or -inv init.disk-mount --hosts ${TARGETIP} --password "" [--mirror /dev/sdb] +or +inv init.disk-mount --hosts ${TARGETIP} --password "" [--mirror /dev/sdb] inv init.ssh-init-host-key --hosts ${TARGETIP} --hostnames ${TARGETNAME} inv init.nixos-generate-config --hosts ${TARGETIP} --hostnames ${TARGETNAME} @@ -64,7 +64,7 @@ sops ./hosts/${TARGETNAME}/secrets.yml #################################################### # Add hostname in configurations.nix with minimalModules -# Configure hosts//default.nix and hosts//hardware-configuration.nix +# Configure hosts//default.nix and hosts//hardware-configuration.nix # NixOS installation inv init.nixos-install --hostnames ${TARGETIP} --flakeattr ${TARGETNAME} diff --git a/docs/network.puml b/docs/network.puml index 07e7d9c..8a79f8f 100644 --- a/docs/network.puml +++ b/docs/network.puml @@ -1,7 +1,7 @@ @startuml nwdiag { internet [shape = cloud]; - + network net-provider { address = "81.64.x.x"; box-provider; @@ -61,7 +61,7 @@ nwdiag { ntp-r; zigbee2mqtt; } - + network net-ladroom { address = "192.168.254.x"; color = "LightGreen"; diff --git a/docs/nix.md b/docs/nix.md index 0f8ed2f..b23cc3c 100644 --- a/docs/nix.md +++ b/docs/nix.md @@ -87,4 +87,4 @@ in source = "${pkgs.iputils.out}/bin/ping"; }; } -``` \ No newline at end of file +``` diff --git a/docs/nvim/help.txt b/docs/nvim/help.txt index f7b7190..72fa335 100644 --- a/docs/nvim/help.txt +++ b/docs/nvim/help.txt @@ -164,7 +164,7 @@ U - restore (undo) last changed line Ctrl + r - redo . - repeat last command -== Visual Commands +== Visual Commands > - shift text right < - shift text left diff --git a/docs/prometheus.md b/docs/prometheus.md index e206e99..3031b4b 100644 --- a/docs/prometheus.md +++ b/docs/prometheus.md @@ -9,4 +9,4 @@ The mikrotik-export seem not working, i prefed use the SNMP exporter set [ find default=yes ] addresses=192.168.254.100/32 /snmp set enabled=yes -``` \ No newline at end of file +``` diff --git a/docs/reboot.png b/docs/reboot.png new file mode 100644 index 0000000..a1f37a6 Binary files /dev/null and b/docs/reboot.png differ diff --git a/docs/usb-installer.png b/docs/usb-installer.png new file mode 100644 index 0000000..42a3937 Binary files /dev/null and b/docs/usb-installer.png differ diff --git a/docs/wireguard.md b/docs/wireguard.md index 9c6327e..a63876f 100644 --- a/docs/wireguard.md +++ b/docs/wireguard.md @@ -35,4 +35,4 @@ public-key: 3TjlMI639ikErw1BNkPTex50N382zieu/01eYhAJoic= keep connexion: 25 endpoint: xxx.xxx.xxx.xxx:13231 Allowed address: 10.123.21.0/24, 192.168.254.254/24, 192.168.0.0/24 -``` \ No newline at end of file +``` diff --git a/docs/zigbee2mqtt.md b/docs/zigbee2mqtt.md index 3b85548..08ba2d5 100644 --- a/docs/zigbee2mqtt.md +++ b/docs/zigbee2mqtt.md @@ -29,5 +29,5 @@ mosquitto_pub -d -h zigbee.adele.im -u zigbee2mqtt -P "${MQTT_Z2M_PASS}" -t zigb ```bash export MQTT_Z2M_PASS=$(pass show home/bruno/homelab/mqtt/zigbee2mqtt) -mqttui -b mqtt://mqtt.adele.im -u zigbee2mqtt --password "${MQTT_Z2M_PASS}" +mqttui -b mqtt://mqtt.adele.im -u zigbee2mqtt --password "${MQTT_Z2M_PASS}" ``` diff --git a/flake.lock b/flake.lock index 5b6eacb..05fae95 100644 --- a/flake.lock +++ b/flake.lock @@ -1,288 +1,289 @@ { "nodes": { - "flake-compat": { - "flake": false, + "base16": { + "inputs": { + "fromYaml": "fromYaml" + }, "locked": { - "lastModified": 1673956053, - "narHash": "sha256-4gtG9iQuiKITOjNQQeQIpoIB6b16fm+504Ch3sNKLd8=", - "owner": "edolstra", - "repo": "flake-compat", - "rev": "35bb57c0c8d8b62bbfd284272c928ceb64ddbde9", + "lastModified": 1708890466, + "narHash": "sha256-LlrC09LoPi8OPYOGPXegD72v+//VapgAqhbOFS3i8sc=", + "owner": "SenchoPens", + "repo": "base16.nix", + "rev": "665b3c6748534eb766c777298721cece9453fdae", "type": "github" }, "original": { - "owner": "edolstra", - "repo": "flake-compat", + "owner": "SenchoPens", + "repo": "base16.nix", "type": "github" } }, - "flake-compat_2": { + "base16-fish": { "flake": false, "locked": { - "lastModified": 1673956053, - "narHash": "sha256-4gtG9iQuiKITOjNQQeQIpoIB6b16fm+504Ch3sNKLd8=", - "owner": "edolstra", - "repo": "flake-compat", - "rev": "35bb57c0c8d8b62bbfd284272c928ceb64ddbde9", + "lastModified": 1622559957, + "narHash": "sha256-PebymhVYbL8trDVVXxCvZgc0S5VxI7I1Hv4RMSquTpA=", + "owner": "tomyun", + "repo": "base16-fish", + "rev": "2f6dd973a9075dabccd26f1cded09508180bf5fe", "type": "github" }, "original": { - "owner": "edolstra", - "repo": "flake-compat", + "owner": "tomyun", + "repo": "base16-fish", "type": "github" } }, - "flake-utils": { + "base16-helix": { + "flake": false, "locked": { - "lastModified": 1652776076, - "narHash": "sha256-gzTw/v1vj4dOVbpBSJX4J0DwUR6LIyXo7/SuuTJp1kM=", - "owner": "numtide", - "repo": "flake-utils", - "rev": "04c1b180862888302ddfb2e3ad9eaa63afc60cf8", + "lastModified": 1725860795, + "narHash": "sha256-Z2o8VBPW3I+KKTSfe25kskz0EUj7MpUh8u355Z1nVsU=", + "owner": "tinted-theming", + "repo": "base16-helix", + "rev": "7f795bf75d38e0eea9fed287264067ca187b88a9", "type": "github" }, "original": { - "owner": "numtide", - "repo": "flake-utils", + "owner": "tinted-theming", + "repo": "base16-helix", "type": "github" } }, - "flake-utils_2": { - "inputs": { - "systems": "systems" - }, + "base16-vim": { + "flake": false, "locked": { - "lastModified": 1681202837, - "narHash": "sha256-H+Rh19JDwRtpVPAWp64F+rlEtxUWBAQW28eAi3SRSzg=", - "owner": "numtide", - "repo": "flake-utils", - "rev": "cfacdce06f30d2b68473a46042957675eebb3401", + "lastModified": 1716150083, + "narHash": "sha256-ZMhnNmw34ogE5rJZrjRv5MtG3WaqKd60ds2VXvT6hEc=", + "owner": "tinted-theming", + "repo": "base16-vim", + "rev": "6e955d704d046b0dc3e5c2d68a2a6eeffd2b5d3d", "type": "github" }, "original": { - "owner": "numtide", - "repo": "flake-utils", + "owner": "tinted-theming", + "repo": "base16-vim", "type": "github" } }, - "gitignore": { + "disko": { "inputs": { "nixpkgs": [ - "nix-rice", - "pre-commit-hooks", "nixpkgs" ] }, "locked": { - "lastModified": 1660459072, - "narHash": "sha256-8DFJjXG8zqoONA1vXtgeKXy68KdJL5UaXR8NtVMUbx8=", - "owner": "hercules-ci", - "repo": "gitignore.nix", - "rev": "a20de23b925fd8264fd7fad6454652e142fd7f73", + "lastModified": 1728922573, + "narHash": "sha256-FegyBabjV4868aJUbvFtqH0zKDEtUpeCAfnB1vWXeBg=", + "owner": "nix-community", + "repo": "disko", + "rev": "3b778f10eb275573da9f5c8a7a49e774200b87e5", "type": "github" }, "original": { - "owner": "hercules-ci", - "repo": "gitignore.nix", + "owner": "nix-community", + "repo": "disko", "type": "github" } }, - "hardware": { + "flake-compat": { + "flake": false, "locked": { - "lastModified": 1704799046, - "narHash": "sha256-uV6bzj2VbnlMXmoUwjBRKwgZIy2XWEJD8A4Z2oUCEG4=", - "owner": "badele", - "repo": "fork-nixos-hardware", - "rev": "b9a6809344d4f29376f07bbaca42194559368312", + "lastModified": 1673956053, + "narHash": "sha256-4gtG9iQuiKITOjNQQeQIpoIB6b16fm+504Ch3sNKLd8=", + "owner": "edolstra", + "repo": "flake-compat", + "rev": "35bb57c0c8d8b62bbfd284272c928ceb64ddbde9", "type": "github" }, "original": { - "owner": "badele", - "ref": "xps-15-9530", - "repo": "fork-nixos-hardware", + "owner": "edolstra", + "repo": "flake-compat", "type": "github" } }, - "home-manager": { + "flake-utils": { "inputs": { - "nixpkgs": [ - "nixpkgs" + "systems": [ + "stylix", + "systems" ] }, "locked": { - "lastModified": 1708988456, - "narHash": "sha256-RCz7Xe64tN2zgWk+MVHkzg224znwqknJ1RnB7rVqUWw=", - "owner": "nix-community", - "repo": "home-manager", - "rev": "1d085ea4444d26aa52297758b333b449b2aa6fca", + "lastModified": 1710146030, + "narHash": "sha256-SZ5L6eA7HJ/nmkzGG7/ISclqe6oZdOZTNoesiInkXPQ=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "b1d9ab70662946ef0850d488da1c9019f3a9752a", "type": "github" }, "original": { - "owner": "nix-community", - "repo": "home-manager", + "owner": "numtide", + "repo": "flake-utils", "type": "github" } }, - "impermanence": { + "fromYaml": { + "flake": false, "locked": { - "lastModified": 1708968331, - "narHash": "sha256-VUXLaPusCBvwM3zhGbRIJVeYluh2uWuqtj4WirQ1L9Y=", - "owner": "nix-community", - "repo": "impermanence", - "rev": "a33ef102a02ce77d3e39c25197664b7a636f9c30", + "lastModified": 1689549921, + "narHash": "sha256-iX0pk/uB019TdBGlaJEWvBCfydT6sRq+eDcGPifVsCM=", + "owner": "SenchoPens", + "repo": "fromYaml", + "rev": "11fbbbfb32e3289d3c631e0134a23854e7865c84", "type": "github" }, "original": { - "owner": "nix-community", - "repo": "impermanence", + "owner": "SenchoPens", + "repo": "fromYaml", "type": "github" } }, - "kitty-themes-src": { + "gnome-shell": { "flake": false, "locked": { - "lastModified": 1678282211, - "narHash": "sha256-heJayOz/2Bey/zAwL2PR1OsfGyCPqMyxT1XzwHLhQ0w=", - "owner": "kovidgoyal", - "repo": "kitty-themes", - "rev": "c01fcbd694353507c3cc7f657179bad1f32140a7", + "lastModified": 1713702291, + "narHash": "sha256-zYP1ehjtcV8fo+c+JFfkAqktZ384Y+y779fzmR9lQAU=", + "owner": "GNOME", + "repo": "gnome-shell", + "rev": "0d0aadf013f78a7f7f1dc984d0d812971864b934", "type": "github" }, "original": { - "owner": "kovidgoyal", - "repo": "kitty-themes", + "owner": "GNOME", + "ref": "46.1", + "repo": "gnome-shell", "type": "github" } }, - "nix-pre-commit": { - "inputs": { - "flake-utils": "flake-utils", - "nixpkgs": [ - "nixpkgs" - ] - }, + "hardware": { "locked": { - "lastModified": 1653259102, - "narHash": "sha256-XfCEu4zur/N2Dk4v8wFiQAgJ7bgNqPqwWp1vBXkeczM=", - "owner": "jmgilman", - "repo": "nix-pre-commit", - "rev": "6a99b2711c7eac9960939d8eb91e84322b22d50c", + "lastModified": 1728729581, + "narHash": "sha256-oazkQ/z7r43YkDLLQdMg8oIB3CwWNb+2ZrYOxtLEWTQ=", + "owner": "NixOS", + "repo": "nixos-hardware", + "rev": "a8dd1b21995964b115b1e3ec639dd6ce24ab9806", "type": "github" }, "original": { - "owner": "jmgilman", - "repo": "nix-pre-commit", + "owner": "NixOS", + "ref": "master", + "repo": "nixos-hardware", "type": "github" } }, - "nix-rice": { + "home-manager": { "inputs": { - "flake-compat": "flake-compat", - "flake-utils": "flake-utils_2", - "kitty-themes-src": "kitty-themes-src", - "nixpkgs-lib": "nixpkgs-lib", - "pre-commit-hooks": "pre-commit-hooks" + "nixpkgs": [ + "nixpkgs" + ] }, "locked": { - "lastModified": 1682952592, - "narHash": "sha256-1qXvqCxnWpk0ELdpmS2OMDu047gvl166CGBm+sfi8oo=", - "owner": "bertof", - "repo": "nix-rice", - "rev": "dddd03ed3c5e05c728b0df985f7af905b002f588", + "lastModified": 1728903686, + "narHash": "sha256-ZHFrGNWDDriZ4m8CA/5kDa250SG1LiiLPApv1p/JF0o=", + "owner": "nix-community", + "repo": "home-manager", + "rev": "e1aec543f5caf643ca0d94b6a633101942fd065f", "type": "github" }, "original": { - "owner": "bertof", - "repo": "nix-rice", + "owner": "nix-community", + "ref": "master", + "repo": "home-manager", "type": "github" } }, - "nixpkgs": { + "home-manager_2": { + "inputs": { + "nixpkgs": [ + "stylix", + "nixpkgs" + ] + }, "locked": { - "lastModified": 1681303793, - "narHash": "sha256-JEdQHsYuCfRL2PICHlOiH/2ue3DwoxUX7DJ6zZxZXFk=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "fe2ecaf706a5907b5e54d979fbde4924d84b65fc", + "lastModified": 1724435763, + "narHash": "sha256-UNky3lJNGQtUEXT2OY8gMxejakSWPTfWKvpFkpFlAfM=", + "owner": "nix-community", + "repo": "home-manager", + "rev": "c2cd2a52e02f1dfa1c88f95abeb89298d46023be", "type": "github" }, "original": { - "owner": "NixOS", - "ref": "nixos-unstable", - "repo": "nixpkgs", + "owner": "nix-community", + "repo": "home-manager", "type": "github" } }, - "nixpkgs-lib": { + "impermanence": { "locked": { - "lastModified": 1681001314, - "narHash": "sha256-5sDnCLdrKZqxLPK4KA8+f4A3YKO/u6ElpMILvX0g72c=", + "lastModified": 1727649413, + "narHash": "sha256-FA53of86DjFdeQzRDVtvgWF9o52rWK70VHGx0Y8fElQ=", "owner": "nix-community", - "repo": "nixpkgs.lib", - "rev": "367c0e1086a4eb4502b24d872cea2c7acdd557f4", + "repo": "impermanence", + "rev": "d0b38e550039a72aff896ee65b0918e975e6d48e", "type": "github" }, "original": { "owner": "nix-community", - "repo": "nixpkgs.lib", + "repo": "impermanence", "type": "github" } }, - "nixpkgs-stable": { + "nixpkgs": { "locked": { - "lastModified": 1678872516, - "narHash": "sha256-/E1YwtMtFAu2KUQKV/1+KFuReYPANM2Rzehk84VxVoc=", - "owner": "NixOS", + "lastModified": 1728492678, + "narHash": "sha256-9UTxR8eukdg+XZeHgxW5hQA9fIKHsKCdOIUycTryeVw=", + "owner": "nixos", "repo": "nixpkgs", - "rev": "9b8e5abb18324c7fe9f07cb100c3cd4a29cda8b8", + "rev": "5633bcff0c6162b9e4b5f1264264611e950c8ec7", "type": "github" }, "original": { - "owner": "NixOS", - "ref": "nixos-22.11", + "owner": "nixos", + "ref": "nixos-unstable", "repo": "nixpkgs", "type": "github" } }, - "nixpkgs-stable_2": { + "nixpkgs-stable": { "locked": { - "lastModified": 1708819810, - "narHash": "sha256-1KosU+ZFXf31GPeCBNxobZWMgHsSOJcrSFA6F2jhzdE=", + "lastModified": 1728156290, + "narHash": "sha256-uogSvuAp+1BYtdu6UWuObjHqSbBohpyARXDWqgI12Ss=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "89a2a12e6c8c6a56c72eb3589982c8e2f89c70ea", + "rev": "17ae88b569bb15590549ff478bab6494dde4a907", "type": "github" }, "original": { "owner": "NixOS", - "ref": "release-23.11", + "ref": "release-24.05", "repo": "nixpkgs", "type": "github" } }, "nixpkgs_2": { "locked": { - "lastModified": 1708984720, - "narHash": "sha256-gJctErLbXx4QZBBbGp78PxtOOzsDaQ+yw1ylNQBuSUY=", - "owner": "nixos", + "lastModified": 1725194671, + "narHash": "sha256-tLGCFEFTB5TaOKkpfw3iYT9dnk4awTP/q4w+ROpMfuw=", + "owner": "NixOS", "repo": "nixpkgs", - "rev": "13aff9b34cc32e59d35c62ac9356e4a41198a538", + "rev": "b833ff01a0d694b910daca6e2ff4a3f26dee478c", "type": "github" }, "original": { - "owner": "nixos", - "ref": "nixos-unstable", + "owner": "NixOS", + "ref": "nixpkgs-unstable", "repo": "nixpkgs", "type": "github" } }, "nur": { "locked": { - "lastModified": 1709144707, - "narHash": "sha256-RvJU+wWBs05ET56LSK8gXIC6vXZuKl9HewCezS1Ta2Q=", + "lastModified": 1728989467, + "narHash": "sha256-HHdnfi+mps/5ir620XViqAtC3p59v422migqNHzW2E4=", "owner": "nix-community", "repo": "NUR", - "rev": "a6e5afae495cf1dd3dcd1d89c672885fc5eb2688", + "rev": "64526fb085fd7b042f800bfd06b66982fabe70d4", "type": "github" }, "original": { @@ -291,41 +292,16 @@ "type": "github" } }, - "pre-commit-hooks": { - "inputs": { - "flake-compat": "flake-compat_2", - "flake-utils": [ - "nix-rice", - "flake-utils" - ], - "gitignore": "gitignore", - "nixpkgs": "nixpkgs", - "nixpkgs-stable": "nixpkgs-stable" - }, - "locked": { - "lastModified": 1682596858, - "narHash": "sha256-Hf9XVpqaGqe/4oDGr30W8HlsWvJXtMsEPHDqHZA6dDg=", - "owner": "cachix", - "repo": "pre-commit-hooks.nix", - "rev": "fb58866e20af98779017134319b5663b8215d912", - "type": "github" - }, - "original": { - "owner": "cachix", - "repo": "pre-commit-hooks.nix", - "type": "github" - } - }, "root": { "inputs": { + "disko": "disko", "hardware": "hardware", "home-manager": "home-manager", "impermanence": "impermanence", - "nix-pre-commit": "nix-pre-commit", - "nix-rice": "nix-rice", - "nixpkgs": "nixpkgs_2", + "nixpkgs": "nixpkgs", "nur": "nur", - "sops-nix": "sops-nix" + "sops-nix": "sops-nix", + "stylix": "stylix" } }, "sops-nix": { @@ -333,14 +309,14 @@ "nixpkgs": [ "nixpkgs" ], - "nixpkgs-stable": "nixpkgs-stable_2" + "nixpkgs-stable": "nixpkgs-stable" }, "locked": { - "lastModified": 1708987867, - "narHash": "sha256-k2lDaDWNTU5sBVHanYzjDKVDmk29RHIgdbbXu5sdzBA=", + "lastModified": 1728345710, + "narHash": "sha256-lpunY1+bf90ts+sA2/FgxVNIegPDKCpEoWwOPu4ITTQ=", "owner": "mic92", "repo": "sops-nix", - "rev": "a1c8de14f60924fafe13aea66b46157f0150f4cf", + "rev": "06535d0e3d0201e6a8080dd32dbfde339b94f01b", "type": "github" }, "original": { @@ -349,6 +325,36 @@ "type": "github" } }, + "stylix": { + "inputs": { + "base16": "base16", + "base16-fish": "base16-fish", + "base16-helix": "base16-helix", + "base16-vim": "base16-vim", + "flake-compat": "flake-compat", + "flake-utils": "flake-utils", + "gnome-shell": "gnome-shell", + "home-manager": "home-manager_2", + "nixpkgs": "nixpkgs_2", + "systems": "systems", + "tinted-foot": "tinted-foot", + "tinted-kitty": "tinted-kitty", + "tinted-tmux": "tinted-tmux" + }, + "locked": { + "lastModified": 1728900372, + "narHash": "sha256-hmG/u7qZEm7CTh1XPDi+pg4Oi0nNrv7sL8PgZDRe6wg=", + "owner": "danth", + "repo": "stylix", + "rev": "33a2eff15181e557bb6dd9d2073b90f7d218975d", + "type": "github" + }, + "original": { + "owner": "danth", + "repo": "stylix", + "type": "github" + } + }, "systems": { "locked": { "lastModified": 1681028828, @@ -363,6 +369,55 @@ "repo": "default", "type": "github" } + }, + "tinted-foot": { + "flake": false, + "locked": { + "lastModified": 1696725948, + "narHash": "sha256-65bz2bUL/yzZ1c8/GQASnoiGwaF8DczlxJtzik1c0AU=", + "owner": "tinted-theming", + "repo": "tinted-foot", + "rev": "eedbcfa30de0a4baa03e99f5e3ceb5535c2755ce", + "type": "github" + }, + "original": { + "owner": "tinted-theming", + "repo": "tinted-foot", + "type": "github" + } + }, + "tinted-kitty": { + "flake": false, + "locked": { + "lastModified": 1716423189, + "narHash": "sha256-2xF3sH7UIwegn+2gKzMpFi3pk5DlIlM18+vj17Uf82U=", + "owner": "tinted-theming", + "repo": "tinted-kitty", + "rev": "eb39e141db14baef052893285df9f266df041ff8", + "type": "github" + }, + "original": { + "owner": "tinted-theming", + "repo": "tinted-kitty", + "rev": "eb39e141db14baef052893285df9f266df041ff8", + "type": "github" + } + }, + "tinted-tmux": { + "flake": false, + "locked": { + "lastModified": 1696725902, + "narHash": "sha256-wDPg5elZPcQpu7Df0lI5O8Jv4A3T6jUQIVg63KDU+3Q=", + "owner": "tinted-theming", + "repo": "tinted-tmux", + "rev": "c02050bebb60dbb20cb433cd4d8ce668ecc11ba7", + "type": "github" + }, + "original": { + "owner": "tinted-theming", + "repo": "tinted-tmux", + "type": "github" + } } }, "root": "root", diff --git a/flake.nix b/flake.nix index edbb9ce..747559d 100644 --- a/flake.nix +++ b/flake.nix @@ -12,36 +12,37 @@ # You can access packages and modules from different nixpkgs revs # at the same time. Here's an working example: + disko = { + url = "github:nix-community/disko"; + inputs.nixpkgs.follows = "nixpkgs"; + }; + # Home manager home-manager = { - url = "github:nix-community/home-manager"; + url = "github:nix-community/home-manager/master"; inputs.nixpkgs.follows = "nixpkgs"; }; # hardware.url = "git+file:///home/badele/ghq/github.com/badele/fork-nixos-hardware"; - hardware.url = "github:badele/fork-nixos-hardware/xps-15-9530"; - # hardware.url = "github:NixOS/nixos-hardware/master"; + # hardware.url = "github:badele/fork-nixos-hardware/xps-15-9530"; + hardware.url = "github:NixOS/nixos-hardware/master"; impermanence = { url = "github:nix-community/impermanence"; }; - nur.url = "github:nix-community/NUR"; + nur = { + url = "github:nix-community/NUR"; + inputs.nixpkgs.follows = "nixpkgs"; + }; + sops-nix = { url = "github:mic92/sops-nix"; inputs.nixpkgs.follows = "nixpkgs"; }; # Color scheme - nix-rice = { - url = "github:bertof/nix-rice"; - }; - - # Precomit local generator - nix-pre-commit = { - url = "github:jmgilman/nix-pre-commit"; - inputs.nixpkgs.follows = "nixpkgs"; - }; + stylix.url = "github:danth/stylix"; }; outputs = @@ -50,8 +51,8 @@ , home-manager , sops-nix , hardware - , nix-pre-commit - , nix-rice + # , nix-pre-commit + , stylix , nur , ... }@inputs: @@ -72,7 +73,6 @@ let pkgs = import nixpkgs { inherit system; - overlays = [ nix-rice.overlays.default ]; }; in import ./nix/pkgs { inherit pkgs; }); @@ -80,7 +80,7 @@ # Acessible through 'nix develop' or 'nix-shell' (legacy) devShells = forAllSystems (system: let pkgs = nixpkgs.legacyPackages.${system}; - in import ./shell.nix { inherit pkgs system nix-pre-commit; }); + in import ./shell.nix { inherit pkgs system; }); # Your custom packages and modifications, exported as overlays overlays = import ./nix/overlays { inherit inputs; }; @@ -89,12 +89,50 @@ nixosModules = import ./nix/modules/nixos; # Reusable home-manager modules you might want to export # These are usually stuff you would upstream into home-manager - homeManagerModules = import ./nix/modules/home-manager; + # homeManagerModules = import ./nix/modules/home-manager; # NixOS configuration entrypoint # Available through 'nixos-rebuild --flake .#your-hostname' # or 'nixos-rebuild --flake .' for current hostname nixosConfigurations = { + # Build a iso image (NixOS installer) + iso = nixpkgs.lib.nixosSystem { + specialArgs = { inherit inputs outputs; }; + modules = [ + # "${nixpkgs}/nixos/modules/installer/cd-dvd/installation-cd-graphical-gnome.nix" + "${nixpkgs}/nixos/modules/installer/cd-dvd/installation-cd-minimal.nix" + "${nixpkgs}/nixos/modules/installer/cd-dvd/channel.nix" + inputs.sops-nix.nixosModules.sops + ./hosts/iso + ]; + }; + + demovm = nixpkgs.lib.nixosSystem { + specialArgs = { inherit inputs outputs; }; + modules = [ + inputs.sops-nix.nixosModules.sops + ./hosts/demovm + + home-manager.nixosModules.home-manager + { + home-manager = { + useGlobalPkgs = true; + useUserPackages = true; + verbose = true; + users = { + root = import ./users/root/demovm.nix; + demo = { + imports = [ + stylix.homeManagerModules.stylix + ./users/demo/demovm.nix + ]; + }; + }; + }; + } + ]; + }; + b4d14 = nixpkgs.lib.nixosSystem { specialArgs = { inherit inputs outputs; }; modules = [ inputs.sops-nix.nixosModules.sops ./hosts/b4d14 ]; @@ -102,7 +140,29 @@ badxps = nixpkgs.lib.nixosSystem { specialArgs = { inherit inputs outputs; }; - modules = [ inputs.sops-nix.nixosModules.sops ./hosts/badxps ]; + modules = [ + inputs.sops-nix.nixosModules.sops + ./hosts/badxps + + home-manager.nixosModules.home-manager + { + home-manager = { + useGlobalPkgs = true; + useUserPackages = true; + verbose = true; + users = { + root = import ./users/root/badxps.nix; + badele = { + imports = [ + nur.nixosModules.nur + stylix.homeManagerModules.stylix + ./users/badele/badxps.nix + ]; + }; + }; + }; + } + ]; }; sadhome = nixpkgs.lib.nixosSystem { @@ -119,6 +179,11 @@ specialArgs = { inherit inputs outputs; }; modules = [ inputs.sops-nix.nixosModules.sops ./hosts/rpi40 ]; }; + + srvhoma = nixpkgs.lib.nixosSystem { + specialArgs = { inherit inputs outputs; }; + modules = [ inputs.sops-nix.nixosModules.sops ./hosts/srvhoma ]; + }; }; # Standalone home-manager configuration entrypoint @@ -134,7 +199,6 @@ extraSpecialArgs = { inherit inputs outputs; }; modules = [ # > Our main home-manager configuration file < - { nixpkgs.overlays = [ nix-rice.overlays.default ]; } ./users/root/b4d14.nix ]; }; @@ -146,84 +210,101 @@ modules = [ # > Our main home-manager configuration file < nur.hmModules.nur - { nixpkgs.overlays = [ nix-rice.overlays.default ]; } ./users/badele/b4d14.nix ]; }; ######################################################################## - # badxps + # sadhome ######################################################################## - "root@badxps" = home-manager.lib.homeManagerConfiguration { + "root@sadhome" = home-manager.lib.homeManagerConfiguration { pkgs = nixpkgs.legacyPackages.x86_64-linux; # Home-manager requires 'pkgs' instance extraSpecialArgs = { inherit inputs outputs; }; modules = [ # > Our main home-manager configuration file < - { nixpkgs.overlays = [ nix-rice.overlays.default ]; } - ./users/root/badxps.nix + ./nix/home-manager/users/root/sadhome.nix ]; }; - "badele@badxps" = home-manager.lib.homeManagerConfiguration { + "badele@sadhome" = home-manager.lib.homeManagerConfiguration { pkgs = nixpkgs.legacyPackages.x86_64-linux; # Home-manager requires 'pkgs' instance extraSpecialArgs = { inherit inputs outputs; }; modules = [ # > Our main home-manager configuration file < - nur.hmModules.nur - { nixpkgs.overlays = [ nix-rice.overlays.default ]; } - ./users/badele/badxps.nix + ./users/badele/sadhome.nix + ]; + }; + + "sadele@sadhome" = home-manager.lib.homeManagerConfiguration { + pkgs = + nixpkgs.legacyPackages.x86_64-linux; # Home-manager requires 'pkgs' instance + extraSpecialArgs = { inherit inputs outputs; }; + modules = [ + # > Our main home-manager configuration file < + ./users/sadele/sadhome.nix ]; }; ######################################################################## - # sadhome + # rpi40 ######################################################################## - "root@sadhome" = home-manager.lib.homeManagerConfiguration { + "badele@rpi40" = home-manager.lib.homeManagerConfiguration { pkgs = - nixpkgs.legacyPackages.x86_64-linux; # Home-manager requires 'pkgs' instance + nixpkgs.legacyPackages.aarch64-linux; # Home-manager requires 'pkgs' instance extraSpecialArgs = { inherit inputs outputs; }; modules = [ # > Our main home-manager configuration file < - { nixpkgs.overlays = [ nix-rice.overlays.default ]; } - ./nix/home-manager/users/root/sadhome.nix + ./users/badele/rpi40.nix ]; }; - "badele@sadhome" = home-manager.lib.homeManagerConfiguration { + ######################################################################## + # srvhoma + ######################################################################## + "root@srvhoma" = home-manager.lib.homeManagerConfiguration { pkgs = nixpkgs.legacyPackages.x86_64-linux; # Home-manager requires 'pkgs' instance extraSpecialArgs = { inherit inputs outputs; }; modules = [ # > Our main home-manager configuration file < - { nixpkgs.overlays = [ nix-rice.overlays.default ]; } - ./users/badele/sadhome.nix + ./users/root/srvhoma.nix ]; }; - "sadele@sadhome" = home-manager.lib.homeManagerConfiguration { + "badele@srvhoma" = home-manager.lib.homeManagerConfiguration { pkgs = nixpkgs.legacyPackages.x86_64-linux; # Home-manager requires 'pkgs' instance extraSpecialArgs = { inherit inputs outputs; }; modules = [ # > Our main home-manager configuration file < - { nixpkgs.overlays = [ nix-rice.overlays.default ]; } - ./users/sadele/sadhome.nix + nur.hmModules.nur + ./users/badele/srvhoma.nix ]; }; ######################################################################## - # rpi40 + # demo ######################################################################## - "badele@rpi40" = home-manager.lib.homeManagerConfiguration { + "root@demovm" = home-manager.lib.homeManagerConfiguration { pkgs = - nixpkgs.legacyPackages.aarch64-linux; # Home-manager requires 'pkgs' instance + nixpkgs.legacyPackages.x86_64-linux; # Home-manager requires 'pkgs' instance extraSpecialArgs = { inherit inputs outputs; }; modules = [ # > Our main home-manager configuration file < - { nixpkgs.overlays = [ nix-rice.overlays.default ]; } - ./users/badele/rpi40.nix + ./users/root/demo.nix + ]; + }; + + "badele@demovm" = home-manager.lib.homeManagerConfiguration { + pkgs = + nixpkgs.legacyPackages.x86_64-linux; # Home-manager requires 'pkgs' instance + extraSpecialArgs = { inherit inputs outputs; }; + modules = [ + # > Our main home-manager configuration file < + nur.hmModules.nur + ./users/badele/demo.nix ]; }; }; diff --git a/homelab.json b/homelab.json index 03f3453..74eb597 100644 --- a/homelab.json +++ b/homelab.json @@ -126,15 +126,15 @@ "os": "MikroTik" }, "sadhome": { - "icon": "https://cdn.icon-icons.com/icons2/2699/PNG/512/archlinux_logo_icon_167835.png", + "icon": "https://nixos.wiki/images/thumb/2/20/Home-nixos-logo.png/207px-Home-nixos-logo.png", "ipv4": "192.168.254.200", "zone": "livingroom", "parent": "router-ladbedroom", "description": "Stephanie's laptop", - "os": "ArchLinux" + "os": "NixOS" }, "rpi40": { - "icon": "https://upload.wikimedia.org/wikipedia/fr/thumb/3/3b/Raspberry_Pi_logo.svg/32px-Raspberry_Pi_logo.svg.png", + "icon": "https://nixos.wiki/images/thumb/2/20/Home-nixos-logo.png/207px-Home-nixos-logo.png", "ipv4": "192.168.254.101", "zone": "homeoffice", "parent": "router-homeoffice", @@ -155,7 +155,7 @@ ] }, "bootstore": { - "icon": "https://simpleicons.org/icons/databricks.svg", + "icon": "https://nixos.wiki/images/thumb/2/20/Home-nixos-logo.png/207px-Home-nixos-logo.png", "description": "HP Microserver N40L server", "os": "NixOS", "ipv4": "192.168.254.100", @@ -191,22 +191,6 @@ "home-assistant" ] }, - "badwork": { - "icon": "https://upload.wikimedia.org/wikipedia/commons/thumb/3/3e/IBM_ThinkPad_logo_askew_badge.svg/32px-IBM_ThinkPad_logo_askew_badge.svg.png", - "ipv4": "192.168.254.189", - "zone": "homeoffice", - "parent": "router-ladbedroom", - "description": "A work thinkpad", - "os": "Nix" - }, - "badwork-eth": { - "icon": "https://upload.wikimedia.org/wikipedia/commons/thumb/3/3e/IBM_ThinkPad_logo_askew_badge.svg/32px-IBM_ThinkPad_logo_askew_badge.svg.png", - "ipv4": "192.168.254.102", - "zone": "homeoffice", - "parent": "router-homeoffice", - "description": "A ethernet work thinkpad", - "os": "Nix" - }, "badphone": { "icon": "https://cdn-icons-png.flaticon.com/512/38/38002.png", "ipv4": "192.168.254.194", @@ -264,7 +248,7 @@ "os": "GoogleMini" }, "b4d14": { - "icon": "https://ih1.redbubble.net/image.201056839.4943/flat,32x32,075,t.jpg", + "icon": "https://nixos.wiki/images/thumb/2/20/Home-nixos-logo.png/207px-Home-nixos-logo.png", "ipv4": "192.168.254.124", "zone": "homeoffice", "parent": "router-ladbedroom", @@ -272,7 +256,7 @@ "os": "NixOS" }, "badxps": { - "icon": "https://ih1.redbubble.net/image.201056839.4943/flat,32x32,075,t.jpg", + "icon": "https://nixos.wiki/images/thumb/2/20/Home-nixos-logo.png/207px-Home-nixos-logo.png", "ipv4": "192.168.254.114", "zone": "homeoffice", "parent": "router-ladbedroom", @@ -280,10 +264,11 @@ "virtualization" ], "description": "Dell XPS 9570 Latop", - "os": "NixOS" + "os": "NixOS", + "roles": [] }, "badxps-eth": { - "icon": "https://ih1.redbubble.net/image.201056839.4943/flat,32x32,075,t.jpg", + "icon": "https://nixos.wiki/images/thumb/2/20/Home-nixos-logo.png/207px-Home-nixos-logo.png", "ipv4": "192.168.254.179", "zone": "homeoffice", "parent": "router-ladbedroom", @@ -297,6 +282,26 @@ "parent": "router-ladbedroom", "description": "Philips Hue bridge", "os": "Bridge" + }, + "srvhoma": { + "icon": "https://nixos.wiki/images/thumb/2/20/Home-nixos-logo.png/207px-Home-nixos-logo.png", + "ipv4": "192.168.254.116", + "zone": "office", + "parent": "router-homeoffice", + "dnsalias": [], + "description": "First NUC homelab server", + "os": "NixOS", + "roles": [ + "ntp" + ] + }, + "demovm": { + "icon": "https://cdn.icon-icons.com/icons2/2699/PNG/512/qemu_logo_icon_169821.png", + "ipv4": "127.0.0.1", + "zone": "unknown", + "parent": "none", + "description": "qemu VM (SSH on port 2222)", + "os": "NixOS" } } } diff --git a/hosts/README.md b/hosts/README.md new file mode 100644 index 0000000..41d70ea --- /dev/null +++ b/hosts/README.md @@ -0,0 +1,58 @@ +# Host installation + + + +- [Host installation](#host-installation) + - [Requirements](#requirements) + - [Installation](#installation) + - [Update](#update) + + + +## Requirements + +- Computer with NixOS +- Customised a NixOS ISO installer `just iso-build` (see + `./hosts/iso/default.nix` for some options) + - Passwordless SSH public key + - Users password + - Keyboard layout + - Your customised scripts +- A passwordstore configured `PASSWORD_STORE_DIR` + +## Installation + +- From new host + - launch USB installer + +- from nix-homelab project folder (generally user desktop) + - init new host with `just nixos-init-host ` (generate a SSH keys + and age key), store de private key on `nix-homelab/hosts//*` + passowrdstore + - Create a new host configuration in `homelab.json` + - Add the content generated age key (`./hosts//ssh-to-age.txt`) in + `hosts` section on the `.sops.yaml` + - Create new host section on `flake.nix` + - in `nixosConfigurations` + - in `homeConfigurations` + - Update credentials for new host + - Edit `sops ./hosts//secrets.yml` + - Add root passwd + - `just passwd-generate` + - `pass show nix-homelab/hosts//accounts/root | mkpasswd -m sha-512 -s` + - Update host credentials for host key + `just secret-update hosts//secrets.yml` + - Configure NixOS host + - `./hosts//default.nix` + - `./hosts//disks.nix` + - `./hosts//hardware-configuration.nix` + - Deploy system wide environment + - `just nixos-install ` or + `just demo-test-install` for testing an ISO image on qemu + - Deploy user environment (logon on new host) + - `ghq get git@github.com:badele/nix-homelab.git` + - `cd ~/ghq/github.com/badele/nix-homelab/` + - `nix develop` + - `just home-deploy` + +## Update diff --git a/hosts/b4d14/default.nix b/hosts/b4d14/default.nix index 32f1e6d..b71d2ab 100644 --- a/hosts/b4d14/default.nix +++ b/hosts/b4d14/default.nix @@ -78,6 +78,7 @@ #################################### # Hardware #################################### + videoDrivers = [ "intel" "i965" "nvidia" ]; # Nvidia diff --git a/hosts/b4d14/hardware-configuration.nix b/hosts/b4d14/hardware-configuration.nix index 17984df..f9dd654 100644 --- a/hosts/b4d14/hardware-configuration.nix +++ b/hosts/b4d14/hardware-configuration.nix @@ -5,7 +5,8 @@ { imports = - [ (modulesPath + "/installer/scan/not-detected.nix") + [ + (modulesPath + "/installer/scan/not-detected.nix") ]; boot.initrd.availableKernelModules = [ "xhci_pci" "thunderbolt" "nvme" "usb_storage" "sr_mod" "rtsx_pci_sdmmc" ]; @@ -14,43 +15,49 @@ boot.extraModulePackages = [ ]; fileSystems."/" = - { device = "zroot/private/root"; + { + device = "zroot/private/root"; fsType = "zfs"; }; fileSystems."/boot" = - { device = "/dev/disk/by-uuid/C178-A6D4"; + { + device = "/dev/disk/by-uuid/C178-A6D4"; fsType = "vfat"; }; fileSystems."/nix" = - { device = "zroot/public/nix"; + { + device = "zroot/public/nix"; fsType = "zfs"; }; fileSystems."/nix-homelab" = - { device = "zroot/public/nix-homelab"; + { + device = "zroot/public/nix-homelab"; fsType = "zfs"; }; fileSystems."/data" = - { device = "zroot/private/data"; + { + device = "zroot/private/data"; fsType = "zfs"; }; fileSystems."/persist/host" = - { device = "zroot/private/persist/host"; + { + device = "zroot/private/persist/host"; fsType = "zfs"; }; fileSystems."/persist/user" = - { device = "zroot/private/persist/user"; + { + device = "zroot/private/persist/user"; fsType = "zfs"; }; swapDevices = - [ { device = "/dev/disk/by-uuid/3b4aaec1-ae97-468b-8203-ae2e0757a4ad"; } - ]; + [{ device = "/dev/disk/by-uuid/3b4aaec1-ae97-468b-8203-ae2e0757a4ad"; }]; # Enables DHCP on each ethernet and wireless interface. In case of scripted networking # (the default) this is the recommended approach. When using systemd-networkd it's diff --git a/hosts/badele.nix b/hosts/badele.nix index fbd92de..1a21027 100644 --- a/hosts/badele.nix +++ b/hosts/badele.nix @@ -15,6 +15,7 @@ let ] ++ ifTheyExist [ "docker" "git" + "incus-admin" "libvirtd" "network" "networkmanager" @@ -38,7 +39,7 @@ in inherit extraGroups; shell = pkgs.zsh; uid = 1000; - passwordFile = config.sops.secrets."system/user/badele-hash".path; + hashedPasswordFile = config.sops.secrets."system/user/badele-hash".path; openssh.authorizedKeys.keys = [ "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDsXvfr+qp9EtSfsNtLfp0mfrr/TMUk48RGjqRFXJEJwkpE2BDhjnBIjz/ijdNRfnwUQFE589y4L+eyG1SpJ5XD1Ia3lRPPK2ofA64h/tueS6HPBxcuQJtbZpZlcYqHFaXVxULIYqgF3VASqsZdUMMn55HfZzb1snUPgBNvsrFiuiVgIQZsrxxwtlBz+yh7cjRoyMC0QT/DPZELT29+QnSIC4CgRj9yiYZSgBxvxrWwLJvIxx87wN8xAo4dZQCIuVy55WcNd3VVW/cOVImpQKQw0NpyshUsBCHrPddNF0IU9kUBeBtVmWypYCOFi2zfaoa3aRjgkkpBmh1BCUN6XJxKb1Mde+wYzGHswTkiiHOv1iEmFjDgOmrr+Ad72Kd3J4+8ecuKqeN7TUopiLhcqwZSKIow5R1+xfxOI0K5JmPVNomurI8F0UOSgTHvz2hRREoBJ4pXFlhqYpv4J80IZpuJLhixWgm3ZUa8+CvAlaMCYOsrpFtB2d0uITOe540T4f9l1ngVVtj3FA8T/TXKY8gdHrxbj0C0whNT+yHKtaWHjXBEBgIfhjTvLGlo3F4RWr+Cko/zY9GSd7ACmT/nbQKSYwN77kqSMoeDVa3KFfCT1XCFBBvb9CrviFx+anb1nEeqAXYqWP0a3nqv1Vlvxn5QSPFCdFxex7K2kFObaniJiQ== badele@gpg" ]; diff --git a/hosts/badxps/default.nix b/hosts/badxps/default.nix index 723bad0..06a0aee 100644 --- a/hosts/badxps/default.nix +++ b/hosts/badxps/default.nix @@ -9,11 +9,13 @@ }: { imports = [ + inputs.hardware.nixosModules.dell-xps-15-9570-intel ./hardware-configuration.nix - #inputs.hardware.nixosModules.dell-xps-15-9560 + + # homelab modules ../../nix/modules/nixos/host.nix - # Users + # Users account ../root.nix ../badele.nix @@ -21,21 +23,33 @@ ../../nix/nixos/features/commons ../../nix/nixos/features/homelab ../../nix/nixos/features/system/containers.nix - ../../nix/nixos/features/system/virtualisation.nix + + # Virtualisation + ../../nix/nixos/features/virtualisation/incus.nix + ../../nix/nixos/features/virtualisation/libvirt.nix # Desktop ../../nix/nixos/features/system/bluetooth.nix ../../nix/nixos/features/desktop/wm/xorg/lightdm.nix + # + # # Roles + ../../nix/nixos/roles # Automatically load service from sectionn from `homelab.json` file ]; #################################### # Boot #################################### + nixpkgs.config = { + # allowBroken = true; + # nvidia.acceptLicense = true; + }; + boot = { + kernelPackages = pkgs.linuxPackages_6_6; kernelParams = [ + "i915.force_probe=3e9b" "mem_sleep_default=deep" - "nouveau.blacklist=0" "acpi_osi=!" "acpi_osi=\"Windows 2015\"" "acpi_backlight=vendor" @@ -45,7 +59,7 @@ kernelModules = [ "kvm-intel" ]; #extraModulePackages = [ pkgs.linuxPackages.nvidia_x11 ]; - supportedFilesystems = [ "zfs" ]; + supportedFilesystems = [ "zfs" "ntfs" ]; zfs = { requestEncryptionCredentials = true; extraPools = [ "zroot" ]; @@ -64,6 +78,8 @@ }; # xorg + # services.xserver.videoDrivers = [ "intel" "i965" "nvidia" ]; + services.xserver.videoDrivers = [ "modesetting" ]; #services.xserver.videoDrivers = [ "nvidia" ]; #hardware.opengl.enable = true; #hardware.nvidia.package = boot.kernelPackages.nvidiaPackages.stable; @@ -86,19 +102,43 @@ #################################### + # Enable OpenGL acceleration + hardware.graphics.enable = true; + + # intel + hardware.opengl = { + enable = true; + extraPackages = with pkgs; [ + vpl-gpu-rt # for newer GPUs on NixOS >24.05 or unstable + ]; + }; + # Nvidia - hardware.opengl.enable = true; - hardware.nvidia.package = config.boot.kernelPackages.nvidiaPackages.stable; - hardware.nvidia.modesetting.enable = true; - hardware.bumblebee.enable = true; - hardware.bumblebee.pmMethod = "none"; # Needs nixos-unstable - nixpkgs.config.nvidia.acceptLicense = true; + # hardware.nvidia = { + # open = false; + # # modesetting.enable = true; + # # powerManagement.enable = false; + # # powerManagement.finegrained = false; + # # nvidiaSettings = true; + # package = config.boot.kernelPackages.nvidiaPackages.production; # 550.90.07 + # # + # # # sudo lshw -c display + # # # Convert the hex result to decimal bus PCI, ex: 0e:00:00 to 14:0:0 + # # prime = { + # # intelBusId = "PCI:0:2:0"; + # # nvidiaBusId = "PCI:1:0:0"; + # # }; + # }; + + # hardware.bumblebee.enable = true; + # hardware.bumblebee.pmMethod = "none"; # Needs nixos-unstable # hardware.nvidia.optimus_prime = { # intelBusId = "PCI:0:2:0"; # nvidiaBusId = "PCI:1:0:0"; # }; # Pulseaudio + services.pipewire.enable = false; hardware.pulseaudio = { enable = true; support32Bit = true; ## If compatibility with 32-bit applications is desired @@ -133,5 +173,5 @@ }; nixpkgs.hostPlatform.system = "x86_64-linux"; - system.stateVersion = "22.11"; + system.stateVersion = "24.05"; } diff --git a/nix/nixos/roles/grafana/dashboards/nodex_export_overall.json b/hosts/demo-secrets.yml similarity index 100% rename from nix/nixos/roles/grafana/dashboards/nodex_export_overall.json rename to hosts/demo-secrets.yml diff --git a/hosts/demo.nix b/hosts/demo.nix new file mode 100644 index 0000000..c4b6c07 --- /dev/null +++ b/hosts/demo.nix @@ -0,0 +1,46 @@ +########################################################## +# NIXOS +########################################################## +{ pkgs +, config +, lib +, ... +}: +let + ifTheyExist = groups: builtins.filter (group: builtins.hasAttr group config.users.groups) groups; + extraGroups = [ + "audio" + "video" + "wheel" + ] ++ ifTheyExist [ + "docker" + "git" + "libvirtd" + "network" + "networkmanager" + "plugdev" + ]; + +in +{ + sops.secrets = { + "system/user/demo-hash" = { + sopsFile = ./demovm/secrets.yml; + neededForUsers = true; + }; + }; + + users.users = { + # demo user + demo = { + isNormalUser = true; + home = "/home/demo"; + inherit extraGroups; + shell = pkgs.zsh; + uid = 1000; + passwordFile = config.sops.secrets."system/user/demo-hash".path; + openssh.authorizedKeys.keys = [ + ]; + }; + }; +} diff --git a/hosts/demovm/default.nix b/hosts/demovm/default.nix new file mode 100644 index 0000000..2d9e857 --- /dev/null +++ b/hosts/demovm/default.nix @@ -0,0 +1,111 @@ +########################################################## +# NIXOS (hosts) +########################################################## +{ inputs +, config +, pkgs +, lib +, ... +}: +{ + imports = [ + ./hardware-configuration.nix + ./disks.nix + ../../nix/modules/nixos/host.nix + + # Users + # /home/badele/ghq/github.com/badele/nix-homelab/nix/nixos/features/commons/sops.nix + # Secret loaded from hosts/${config.networking.hostName}/secrets.yml"; + + ../root.nix + ../demo.nix + + # Commons + ../../nix/nixos/features/commons + ../../nix/nixos/features/homelab + + # i3 + ../../nix/nixos/features/desktop/wm/xorg/lightdm.nix + + # Gnome + # ../../nix/nixos/features/desktop/wm/xorg/gdm.nix # Gnome + ]; + + #################################### + # Boot + #################################### + + + boot = { + kernelParams = [ + "mem_sleep_default=deep" + ]; + blacklistedKernelModules = [ ]; + kernelModules = [ "kvm-intel" ]; + supportedFilesystems = [ "btrfs" ]; + + # Grub EFI boot loader + loader = { + grub = { + enable = true; + devices = [ "nodev" ]; + efiInstallAsRemovable = true; + efiSupport = true; + useOSProber = true; + }; + }; + + # Qemu support + initrd = { + availableKernelModules = [ "virtio_net" "virtio_pci" "virtio_mmio" "virtio_blk" "virtio_scsi" "9p" "9pnet_virtio" ]; + kernelModules = [ "virtio_balloon" "virtio_console" "virtio_rng" ]; + postDeviceCommands = lib.mkIf (!config.boot.initrd.systemd.enable) + '' + # Set the system time from the hardware clock to work around a + # bug in qemu-kvm > 1.5.2 (where the VM clock is initialised + # to the *boot time* of the host). + hwclock -s + ''; + }; + }; + + # xorg + # videoDrivers = [ "intel" "i965" "nvidia" ]; + + #################################### + # host profile + #################################### + hostprofile = { + nproc = 12; + autologin = { + user = "demo"; + session = "none+i3"; + }; + }; + + #################################### + # Hardware + #################################### + + # Pulseaudio + services.pipewire.enable = false; + hardware.pulseaudio = { + enable = true; + support32Bit = true; ## If compatibility with 32-bit applications is desired + #extraConfig = "load-module module-combine-sink"; + }; + + networking.hostName = "demovm"; + networking.useDHCP = lib.mkDefault true; + + #################################### + # Programs + #################################### + powerManagement.powertop.enable = true; + programs = { + dconf.enable = true; + }; + + nixpkgs.hostPlatform.system = "x86_64-linux"; + system.stateVersion = "24.05"; +} diff --git a/hosts/demovm/disks.nix b/hosts/demovm/disks.nix new file mode 100644 index 0000000..45f58dc --- /dev/null +++ b/hosts/demovm/disks.nix @@ -0,0 +1,80 @@ +{ inputs, lib, ... }: { + + imports = [ + inputs.disko.nixosModules.disko + ]; + + disko.devices = { + disk = { + disk1 = { + type = "disk"; + device = lib.mkDefault "/dev/disk/by-id/ata-QEMU_HARDDISK_QM00001"; + content = { + type = "gpt"; + partitions = { + ESP = { + priority = 1; + name = "ESP"; + start = "1M"; + end = "128M"; + type = "EF00"; + content = { + type = "filesystem"; + format = "vfat"; + mountpoint = "/boot"; + }; + }; + root = { + size = "100%"; + content = { + type = "btrfs"; + extraArgs = [ "-f" ]; # Override existing partition + # Subvolumes must set a mountpoint in order to be mounted, + # unless their parent is mounted + subvolumes = { + # Subvolume name is different from mountpoint + "/rootfs" = { + mountpoint = "/"; + }; + # Subvolume name is the same as the mountpoint + "/home" = { + mountOptions = [ "compress=zstd" ]; + mountpoint = "/home"; + }; + # Sub(sub)volume doesn't need a mountpoint as its parent is mounted + "/home/user" = { }; + # Parent is not mounted so the mountpoint must be set + "/nix" = { + mountOptions = [ "compress=zstd" "noatime" ]; + mountpoint = "/nix"; + }; + # This subvolume will be created but not mounted + "/test" = { }; + # Subvolume for the swapfile + "/swap" = { + mountpoint = "/.swapvol"; + swap = { + swapfile.size = "20M"; + swapfile2.size = "20M"; + swapfile2.path = "rel-path"; + }; + }; + }; + + mountpoint = "/partition-root"; + swap = { + swapfile = { + size = "20M"; + }; + swapfile1 = { + size = "20M"; + }; + }; + }; + }; + }; + }; + }; + }; + }; +} diff --git a/hosts/demovm/hardware-configuration.nix b/hosts/demovm/hardware-configuration.nix new file mode 100644 index 0000000..8adbe18 --- /dev/null +++ b/hosts/demovm/hardware-configuration.nix @@ -0,0 +1,58 @@ +# Do not modify this file! It was generated by ‘nixos-generate-config’ +# and may be overwritten by future invocations. Please make changes +# to /etc/nixos/configuration.nix instead. +{ config, lib, pkgs, modulesPath, ... }: + +{ + imports = [ + (modulesPath + "/installer/scan/not-detected.nix") + ]; + + # fileSystems."/" = + # { + # device = "zroot/private/root"; + # fsType = "zfs"; + # }; + # + # fileSystems."/boot" = + # { + # device = "/dev/disk/by-uuid/7765-E4F4"; + # fsType = "vfat"; + # }; + # + # fileSystems."/nix" = + # { + # device = "zroot/public/nix"; + # fsType = "zfs"; + # }; + # + # fileSystems."/nix-homelab" = + # { + # device = "zroot/public/nix-homelab"; + # fsType = "zfs"; + # }; + # + # fileSystems."/data" = + # { + # device = "zroot/private/data"; + # fsType = "zfs"; + # }; + # + # fileSystems."/persist/host" = + # { + # device = "zroot/private/persist/host"; + # fsType = "zfs"; + # }; + # + # fileSystems."/persist/user" = + # { + # device = "zroot/private/persist/user"; + # fsType = "zfs"; + # }; + # + # swapDevices = + # [{ device = "/dev/disk/by-uuid/29ab3500-255c-4490-b5e9-7fad4da6b369"; }]; + + powerManagement.cpuFreqGovernor = lib.mkDefault "powersave"; + hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; +} diff --git a/hosts/demovm/secrets.yml b/hosts/demovm/secrets.yml new file mode 100644 index 0000000..b723dda --- /dev/null +++ b/hosts/demovm/secrets.yml @@ -0,0 +1,33 @@ +system: + user: + root-hash: ENC[AES256_GCM,data:iT9415+f0ybiQfvJXE4dc1/yqtnlWrCWwPDKNW6+6/tD8dsaEdr15va6iP06568MrLySGrjYK1fO819s8H6b9uWGsVQVNTlf6Qu3WNVweJc+eu60UG6lFKJ7puW+NxSpXNkRyL7nWlziEg==,iv:D1FnWUbWY+Mky+pUJqZ4QQKRYLuQ7Tz0hCRE3fe1aIs=,tag:ux6jdtIbMpp8mkeNJPaGtw==,type:str] + demo-hash: ENC[AES256_GCM,data:PzqVswBwOyfx3u5nGQp6lfQSrOOEGYEkWcPXih2QyydTE4UFP5ucaQ5k8yr+PTfyV9qNQOK4il8H9XY3IhLzZDJKluWej5awRHG/vax8BrvOgfYGOLtks878XKVpu5ZGDZ29ZBdg2mMXhQ==,iv:zEoBbWE7FmUw/7mZiRqLeLbhwJkpLLa8KOy5iO3LqKQ=,tag:EvNekSuXir25QAiNweAZTg==,type:str] +sops: + kms: [] + gcp_kms: [] + azure_kv: [] + hc_vault: [] + age: + - recipient: age1x703g2zquc2uv5lzz79rvj3m9g868wft6lp8g5sp9qsnaa3ld5esas4nqk + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBHQlJIdHZaQkliMk81RWFZ + SkpTSDZMUHBSQ2RaMDN0eTFibGlUV3VzT1VrCnNDaUMvampXeU50TXpXbERMVmVl + VFhNUEo5eUFLbXNtU0xjUWdGdUc0N1UKLS0tIFY0VXUvZWN6S0VGekNjNXhZU3ZZ + MWhhZDJ0dEhsR1ZBSG9sVk1zaWV6eUUKqS/cNUVWaV440cixNAGKreIWXSAjCE0A + HL1Wm8QdyG34QauFmdCH590MyH4ehrjYBrEfJ0U87OFY8GhYi0D6zA== + -----END AGE ENCRYPTED FILE----- + - recipient: age1j9szuan8nt709ewa5f6vlkhde0zg2kmlfccqarfu74dhg2a5h3jsrhxg2g + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBvWmxGQkdyNkFWUm16S1B1 + QWZaRURKaHIxSVdVWkNxOWFiYVFJdXExQmx3CklGdHNSU0YrK0JjcWtpditLOXVk + aUZMcVdPckdPQkFGdnZ1cDRnVE1XdW8KLS0tIEJSblhpKzZEUTZrVWlUNDhCRmFt + bGhISG5DMkI0WXBKc2JobXlmY050N0kKXBk2MRWQUHL444sptjZMDY2uPKq2GoRs + HFZS1UK17zydswgUDOoI66zEc7ApKzN5H5vu/hvmGp+NeBgKzNEi0w== + -----END AGE ENCRYPTED FILE----- + lastmodified: "2024-10-26T11:05:00Z" + mac: ENC[AES256_GCM,data:ZGwYa6SN/u+tFlfo66DCdLOs/1uOVUuFPoIBxtgZdGzhb0KYL8jMTt7Q+cUHMEK7Osrkf6fyWvwGXbrE9hRJAm2vKpSK4BLpyxH0XD4vZa42eEBcOG96VAnZ9VijIVNYxQxD+ZWmY6WDMra+emsmHJqFwEXQctrs8EhD1CQQLWo=,iv:A+De5uoRo5C5f4vOrnMSLlp0FfU9FsyaPaWTp6rnllI=,tag:vYi/bJNzIXOtsvFMYoK8fg==,type:str] + pgp: [] + unencrypted_suffix: _unencrypted + version: 3.9.1 diff --git a/hosts/demovm/ssh-to-age.txt b/hosts/demovm/ssh-to-age.txt new file mode 100644 index 0000000..55316a5 --- /dev/null +++ b/hosts/demovm/ssh-to-age.txt @@ -0,0 +1 @@ +age1j9szuan8nt709ewa5f6vlkhde0zg2kmlfccqarfu74dhg2a5h3jsrhxg2g diff --git a/hosts/iso/default.nix b/hosts/iso/default.nix new file mode 100644 index 0000000..82b4d63 --- /dev/null +++ b/hosts/iso/default.nix @@ -0,0 +1,160 @@ +########################################################## +# NIXOS (hosts) +########################################################## +{ inputs +, config +, pkgs +, lib +, ... +}: +let + installpassword = "nixosusb"; + sshkey = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDsXvfr+qp9EtSfsNtLfp0mfrr/TMUk48RGjqRFXJEJwkpE2BDhjnBIjz/ijdNRfnwUQFE589y4L+eyG1SpJ5XD1Ia3lRPPK2ofA64h/tueS6HPBxcuQJtbZpZlcYqHFaXVxULIYqgF3VASqsZdUMMn55HfZzb1snUPgBNvsrFiuiVgIQZsrxxwtlBz+yh7cjRoyMC0QT/DPZELT29+QnSIC4CgRj9yiYZSgBxvxrWwLJvIxx87wN8xAo4dZQCIuVy55WcNd3VVW/cOVImpQKQw0NpyshUsBCHrPddNF0IU9kUBeBtVmWypYCOFi2zfaoa3aRjgkkpBmh1BCUN6XJxKb1Mde+wYzGHswTkiiHOv1iEmFjDgOmrr+Ad72Kd3J4+8ecuKqeN7TUopiLhcqwZSKIow5R1+xfxOI0K5JmPVNomurI8F0UOSgTHvz2hRREoBJ4pXFlhqYpv4J80IZpuJLhixWgm3ZUa8+CvAlaMCYOsrpFtB2d0uITOe540T4f9l1ngVVtj3FA8T/TXKY8gdHrxbj0C0whNT+yHKtaWHjXBEBgIfhjTvLGlo3F4RWr+Cko/zY9GSd7ACmT/nbQKSYwN77kqSMoeDVa3KFfCT1XCFBBvb9CrviFx+anb1nEeqAXYqWP0a3nqv1Vlvxn5QSPFCdFxex7K2kFObaniJiQ== cardno:18_150_451"; +in +{ + imports = [ + ../../nix/nixos/features/commons + ../../nix/nixos/features/homelab + ]; + + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; + nix.settings.experimental-features = [ "nix-command" "flakes" ]; + nixpkgs.config.allowUnfree = true; + isoImage.squashfsCompression = "gzip -Xcompression-level 1"; + + # Managed by networkmanager + networking.wireless.enable = false; + + boot = { + kernelPackages = pkgs.linuxPackages_latest; + supportedFilesystems = lib.mkForce [ "btrfs" "reiserfs" "vfat" "f2fs" "xfs" "ntfs" "cifs" ]; + }; + + ############################################################################## + # User definition + ############################################################################## + users = { + users = { + root = + { + initialPassword = installpassword; + openssh.authorizedKeys.keys = [ + sshkey + ]; + }; + + nixos = { + initialPassword = installpassword; + openssh.authorizedKeys.keys = [ + sshkey + ]; + }; + }; + }; + + # services = { + # openssh.settings.PermitRootLogin = lib.mkForce "yes"; + # }; + # systemd.services.sshd.wantedBy = pkgs.lib.mkForce [ "multi-user.target" ]; + + users.users.nixos.extraGroups = [ + "wheel" + "video" + "audio" + "networkmanager" + "libvirtd" + "kvm" + "docker" + "git" + ]; + + + ############################################################################## + # Packages + ############################################################################## + + # Disable gnome tour + environment.gnome.excludePackages = + (with pkgs; [ gnome-tour ]); + + powerManagement.enable = lib.mkForce false; + services.xserver.desktopManager.gnome.extraGSettingsOverrides = '' + [org.gnome.desktop.session] + idle-delay=0 + + [org.gnome.settings-daemon.plugins.power] + sleep-inactive-ac-type='nothing' + + [org.gnome.desktop.interface] + color-scheme='prefer-dark' + ''; + + services.getty.helpLine = '' + ███╗ ██╗██╗██╗ ██╗ + ████╗ ██║██║╚██╗██╔╝ + ██╔██╗ ██║██║ ╚███╔╝ + ██║╚██╗██║██║ ██╔██╗ + ██║ ╚████║██║██╔╝ ██╗ + ╚═╝ ╚═══╝╚═╝╚═╝ ╚═╝ + + ██╗ ██╗ ██████╗ ███╗ ███╗███████╗██╗ █████╗ ██████╗ + ██║ ██║██╔═══██╗████╗ ████║██╔════╝██║ ██╔══██╗██╔══██╗ + ███████║██║ ██║██╔████╔██║█████╗ ██║ ███████║██████╔╝ + ██╔══██║██║ ██║██║╚██╔╝██║██╔══╝ ██║ ██╔══██║██╔══██╗ + ██║ ██║╚██████╔╝██║ ╚═╝ ██║███████╗███████╗██║ ██║██████╔╝ + ╚═╝ ╚═╝ ╚═════╝ ╚═╝ ╚═╝╚══════╝╚══════╝╚═╝ ╚═╝╚═════╝ + + ██╗███╗ ██╗███████╗████████╗ █████╗ ██╗ ██╗ ███████╗██████╗ + ██║████╗ ██║██╔════╝╚══██╔══╝██╔══██╗██║ ██║ ██╔════╝██╔══██╗ + ██║██╔██╗ ██║███████╗ ██║ ███████║██║ ██║ █████╗ ██████╔╝ + ██║██║╚██╗██║╚════██║ ██║ ██╔══██║██║ ██║ ██╔══╝ ██╔══██╗ + ██║██║ ╚████║███████║ ██║ ██║ ██║███████╗███████╗███████╗██║ ██║ + ╚═╝╚═╝ ╚═══╝╚══════╝ ╚═╝ ╚═╝ ╚═╝╚══════╝╚══════╝╚══════╝╚═╝ ╚═╝ + (c) 2024 github.com/badele/nix-homelab + + Tools: + - nmtui : Network Manager TUI + + ''; + + # Just git gum :) + environment.systemPackages = with pkgs; + [ + just + git + gum + + btrfs-progs + rsync + + ( + writeShellScriptBin "installer" + '' + #!/usr/bin/env bash + set -euo pipefail + + if [ ! -d "$HOME/nix-homelab/.git" ]; then + git clone -q https://github.com/badele/nix-homelab.git "$HOME/nix-homelab" + fi + + gum style --border normal --margin "1" --padding "1 2" --border-foreground 212 "Chose the $(gum style --foreground 212 'host') to install ." + + TARGET_HOST=$(ls -1 $HOME/nix-homelab/hosts/*/default.nix | sed 's|.*/hosts/||g' | cut -d'/' -f1 | grep -v iso | gum choose) + + if [ -e "$HOME/nix-homelab/hosts/$TARGET_HOST/disks.nix" ]; then + gum confirm --default=false \ + "🚨 🚨 🚨 WARNING!!!! This will ERASE ALL DATA on the disk $TARGET_HOST !!! 🚨 🚨 🚨 Do you want to continue ?" + + echo "Partitioning Disks" + sudo nix run github:nix-community/disko \ + --extra-experimental-features "nix-command flakes" \ + --no-write-lock-file \ + -- \ + --mode zap_create_mount \ + "$HOME/nix-homelab/hosts/$TARGET_HOST/disks.nix" + fi + sudo nixos-install --flake "$HOME/nix-homelab#$TARGET_HOST" + '' + ) + ]; +} diff --git a/hosts/iso/hardware-configuration.nix.disable b/hosts/iso/hardware-configuration.nix.disable new file mode 100644 index 0000000..17984df --- /dev/null +++ b/hosts/iso/hardware-configuration.nix.disable @@ -0,0 +1,65 @@ +# Do not modify this file! It was generated by ‘nixos-generate-config’ +# and may be overwritten by future invocations. Please make changes +# to /etc/nixos/configuration.nix instead. +{ config, lib, pkgs, modulesPath, ... }: + +{ + imports = + [ (modulesPath + "/installer/scan/not-detected.nix") + ]; + + boot.initrd.availableKernelModules = [ "xhci_pci" "thunderbolt" "nvme" "usb_storage" "sr_mod" "rtsx_pci_sdmmc" ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ "kvm-intel" ]; + boot.extraModulePackages = [ ]; + + fileSystems."/" = + { device = "zroot/private/root"; + fsType = "zfs"; + }; + + fileSystems."/boot" = + { device = "/dev/disk/by-uuid/C178-A6D4"; + fsType = "vfat"; + }; + + fileSystems."/nix" = + { device = "zroot/public/nix"; + fsType = "zfs"; + }; + + fileSystems."/nix-homelab" = + { device = "zroot/public/nix-homelab"; + fsType = "zfs"; + }; + + fileSystems."/data" = + { device = "zroot/private/data"; + fsType = "zfs"; + }; + + fileSystems."/persist/host" = + { device = "zroot/private/persist/host"; + fsType = "zfs"; + }; + + fileSystems."/persist/user" = + { device = "zroot/private/persist/user"; + fsType = "zfs"; + }; + + swapDevices = + [ { device = "/dev/disk/by-uuid/3b4aaec1-ae97-468b-8203-ae2e0757a4ad"; } + ]; + + # Enables DHCP on each ethernet and wireless interface. In case of scripted networking + # (the default) this is the recommended approach. When using systemd-networkd it's + # still possible to use this option, but it's recommended to use it in conjunction + # with explicit per-interface declarations with `networking.interfaces..useDHCP`. + networking.useDHCP = lib.mkDefault true; + # networking.interfaces.wlp0s20f3.useDHCP = lib.mkDefault true; + + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; + powerManagement.cpuFreqGovernor = lib.mkDefault "powersave"; + hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; +} diff --git a/hosts/root.nix b/hosts/root.nix index ffb6241..a561fac 100644 --- a/hosts/root.nix +++ b/hosts/root.nix @@ -9,7 +9,6 @@ { sops.secrets = { "system/user/root-hash" = { - sopsFile = ./secrets.yml; neededForUsers = true; }; }; @@ -18,7 +17,7 @@ # Root root = { shell = pkgs.zsh; - passwordFile = config.sops.secrets."system/user/root-hash".path; + hashedPasswordFile = config.sops.secrets."system/user/root-hash".path; openssh.authorizedKeys.keys = [ "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDsXvfr+qp9EtSfsNtLfp0mfrr/TMUk48RGjqRFXJEJwkpE2BDhjnBIjz/ijdNRfnwUQFE589y4L+eyG1SpJ5XD1Ia3lRPPK2ofA64h/tueS6HPBxcuQJtbZpZlcYqHFaXVxULIYqgF3VASqsZdUMMn55HfZzb1snUPgBNvsrFiuiVgIQZsrxxwtlBz+yh7cjRoyMC0QT/DPZELT29+QnSIC4CgRj9yiYZSgBxvxrWwLJvIxx87wN8xAo4dZQCIuVy55WcNd3VVW/cOVImpQKQw0NpyshUsBCHrPddNF0IU9kUBeBtVmWypYCOFi2zfaoa3aRjgkkpBmh1BCUN6XJxKb1Mde+wYzGHswTkiiHOv1iEmFjDgOmrr+Ad72Kd3J4+8ecuKqeN7TUopiLhcqwZSKIow5R1+xfxOI0K5JmPVNomurI8F0UOSgTHvz2hRREoBJ4pXFlhqYpv4J80IZpuJLhixWgm3ZUa8+CvAlaMCYOsrpFtB2d0uITOe540T4f9l1ngVVtj3FA8T/TXKY8gdHrxbj0C0whNT+yHKtaWHjXBEBgIfhjTvLGlo3F4RWr+Cko/zY9GSd7ACmT/nbQKSYwN77kqSMoeDVa3KFfCT1XCFBBvb9CrviFx+anb1nEeqAXYqWP0a3nqv1Vlvxn5QSPFCdFxex7K2kFObaniJiQ== badele@gpg" ]; diff --git a/hosts/sadhome/hardware-configuration.nix b/hosts/sadhome/hardware-configuration.nix index ee0d2aa..5b9c995 100644 --- a/hosts/sadhome/hardware-configuration.nix +++ b/hosts/sadhome/hardware-configuration.nix @@ -5,7 +5,8 @@ { imports = - [ (modulesPath + "/installer/scan/not-detected.nix") + [ + (modulesPath + "/installer/scan/not-detected.nix") ]; boot.initrd.availableKernelModules = [ "xhci_pci" "ehci_pci" "ahci" "usb_storage" "sd_mod" "sr_mod" "sdhci_pci" ]; @@ -14,43 +15,49 @@ boot.extraModulePackages = [ ]; fileSystems."/" = - { device = "zroot/private/root"; + { + device = "zroot/private/root"; fsType = "zfs"; }; fileSystems."/boot" = - { device = "/dev/disk/by-uuid/1EB0-D29C"; + { + device = "/dev/disk/by-uuid/1EB0-D29C"; fsType = "vfat"; }; fileSystems."/nix" = - { device = "zroot/public/nix"; + { + device = "zroot/public/nix"; fsType = "zfs"; }; fileSystems."/nix-homelab" = - { device = "zroot/public/nix-homelab"; + { + device = "zroot/public/nix-homelab"; fsType = "zfs"; }; fileSystems."/data" = - { device = "zroot/private/data"; + { + device = "zroot/private/data"; fsType = "zfs"; }; fileSystems."/persist/host" = - { device = "zroot/private/persist/host"; + { + device = "zroot/private/persist/host"; fsType = "zfs"; }; fileSystems."/persist/user" = - { device = "zroot/private/persist/user"; + { + device = "zroot/private/persist/user"; fsType = "zfs"; }; swapDevices = - [ { device = "/dev/disk/by-uuid/f00eba74-e309-4e50-bd7d-65191aa8c4c2"; } - ]; + [{ device = "/dev/disk/by-uuid/f00eba74-e309-4e50-bd7d-65191aa8c4c2"; }]; # Enables DHCP on each ethernet and wireless interface. In case of scripted networking # (the default) this is the recommended approach. When using systemd-networkd it's diff --git a/hosts/sam/hardware-configuration.nix b/hosts/sam/hardware-configuration.nix index 0534e2a..ad1d638 100644 --- a/hosts/sam/hardware-configuration.nix +++ b/hosts/sam/hardware-configuration.nix @@ -76,4 +76,3 @@ hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; } - diff --git a/hosts/secrets.yml b/hosts/secrets.yml index ff93d6d..8dc725f 100644 --- a/hosts/secrets.yml +++ b/hosts/secrets.yml @@ -16,65 +16,74 @@ sops: - recipient: age15js628ku59g94njn0vup20r4xx34guesgsj5dqsken5hma2zqg2szjed66 enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA4STJ4VUxONTJQeVJScXQ4 - alNiUVFvRDFlWnZ0N1JKNk1EWlNER09ncDAwCkFvMjZMblBzME5tUStLK0hNb0Z1 - cGVWLzNLNkowTE5jRlpQSXMwNjBBUEUKLS0tIExjZW41VWllcGRWTHZ5RFVzOFB6 - MmFUai80UVF4R010VjNvbHMrT1ZNWFEKqSPTiAQ0SQxHE42pn/fKlytgc4fI9H4T - qJhvNLmDg73wDPR2lVGI2j6L7JsFXYFFwxvx1QPKrcjcvGa/Mu31Ew== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBqZEpoMVFHdFFEbDBTUzU3 + Qno4dWdPbjFyY0w3R3ZubHNJaWxyViswbXdnCjBlT2FucmVzcGRYaWNuaTJSQnds + eFRtbWJnOGNuTnZqMlpiL1dBQkhsWjAKLS0tIE9jYWdyOU9XcFpyM3ZEeTlNdGZK + d1pEUU8wZHgvaFlOSENzZGpQSTlCa0UKIK5KcNMsP309+PyhGsTW2RrjAh5iybU9 + 9HYvhOVstdGDlCOyCAWkbYcW8jeVaCcFi/P7+BRlCQ01ouXo5jTmSA== -----END AGE ENCRYPTED FILE----- - recipient: age1w9v05mvydywp39cq8tmgxjh8yc2w86qpp9aa4zt9ukf0qq8n5y4s5tkn7z enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBLeVlRbVFjUDhzWmxwa1VJ - L0xseFhkZGtrL05ic1RKbGdtbmRldjdXMlFzCmRsVHVJckhieWluenZ4bzJmN0JG - WVJ4WGFYY3lEWXV3TDhFQW83NWJrNDQKLS0tIERqR25GaS9EbUMzaklPT3NOMVd6 - akxYUUx0aFFGaXd1Y3BDOXkrUnlPMXcKOXZudDx/mYMSGEozXPlZldHADoB7wOjQ - iQUNKNIaYObRscGaJziBOm1bYLw8Y2MOKymMb3onCZMlq3hX4yUkbw== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBRdmF2SVZYLzBZdll3ZlE1 + Tjdtd1NoTWw0ZmF4TXpFY0hXanh4K2VmOXdBClRLSFR3a21keUdRUk9KQUJiVkZ6 + ekYySXRHbERwTGt2VkpWYlVTT29VdW8KLS0tIDd4SWp3MnNnWTEvRE84N2dHMDFS + UithT1ZhVG9SbEhqMktzaURQb08vN2sKRM+mU7v3LwEMtwupcm5/QJcZW2mRLiwR + ITGXPpq+0UUFAL5IUM6J0eeAxZqZhhebQMrX+ruj2ZGvWwfxdriihA== -----END AGE ENCRYPTED FILE----- - recipient: age1ejza6f2xzycq7jj2eu8fyg5vjdctljttm67mfteyd4k7wzvdyc8s7sc8jh enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA3ejV4Si9pUkI4Z1dGUjU3 - cWY0UFVuNzVaYWJERC9NWktsalhST1FBQVVzClJXelBscm5La1ZRcUwvVWxMajNG - QkVOVTlkVDVEQkJtT05QYWthR29OUFEKLS0tIFRpdCt3c0xQck9WdVVMQnEydUJx - SFFEM0lrOS9hTTc0SzFOVUpqM0o0Y1UKfCmcVtUXl4/HYbq4CikRhIlcUBLq9QS5 - +YegGDa9LI+bg+hGKMQAmPvgWsWFLLfm6vTgkU6kgT5/IbrHq1ebhg== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBWODBQRFMxT21vOW9KeXZn + T2p1d3BXc2U4TEwvT1FibDljZXM5azhKQjE0Cm5RbWJ2MlJkQVZaZSs4RHlxK0Vw + VTFzd01LTWJ1YXd6aFdaQStRcFdSaTAKLS0tIDQraVFNejl6enVGckpaUmdROStw + Y1hNUWFONjIzOHBQVlRyWVlnQklIV1UKdgvMjJY2lm2G5pCBmsec76qCqkkqyKcD + AYbAeGDQWY8Z/wmkkNZ43FJdqnKUqjZaMOIOuTkAHRHCVACKtyPd0w== -----END AGE ENCRYPTED FILE----- - recipient: age152ud7upe5xylsvf7kkfpdz6x99r6hcmkam8gwntfdv0px70f0u0sqzc8qe enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB4QmVzNktCVVQyZGI5SHov - VXlzM2o1aCsvMkRpWjd4QkpZWGdFSnhQclZBCmZGRFJsRjJCNjd3dVV4cjZiK0NI - YkQ3UHBiTnFsdExhZHpyQlY4d1E2eGcKLS0tIFNPUnBQL2ZEeC95Ty9BVE02OGZB - N09YVEhxREdkMWpReGlPNXdGWVJ6TFUK/iNBUMm2IDp7+/roP+delMM89nH1EE+j - n49mmC5DcwsOjmLKyXDZOI1Jv70MBIG798TNBbkCLYqFOQo2104tzQ== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBsejhvc3RhemRNVWVlUkN4 + LzhuYWg2WlFFbmRKUFlyaGh0amg3TEVkbjF3Clh0WFcwNXlMZ1pSL0ZjUllaUEZi + SWhGcGYyRThjN3B6TFJ4dmM1U2xpb0UKLS0tIENRMFA5d2dsV2sxTU5VVURNRjNN + RW1hNlhBZ3Vtdk4wUmx1MnAyYzZhQnMKzJNl0evZSHmcbchple+jkAfs2bGXQdrh + vjTkPacOrr3hOxcZzsbU0c8NOPpjHFjmENHW4b3W5Wc6C0ZugN5I4Q== -----END AGE ENCRYPTED FILE----- - recipient: age1qfarvkm9ejyfu785vmawj5vve3uffsh7r78pef4ec3njl9vfgs2sx3524g enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAzd0Z3eVNYeDhqOEdhUG13 - UFdNcWI2NlkyUWtEV2dSRkdjclhheXFKSjNVCngya2VNdThYWlNyaVRNS1FpT21t - VnhDWnNZZVB1RFR2b2RKcWFDbkFvSEEKLS0tIFcrR2xUWk5SZjVpUWp0VGJBcDl4 - NWVYZXROb3phOEl2dVZaZDdTdUZKbHMKcJyHtq3r0Z+5Mi6yWm9rv1hyxdzn3ZVK - 5B1hG32L67d06zqVVBh1wLyi+RsfXnwRCVV98dnW2YqI9ad8ZJNSLA== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBJWEp4a0JIVXlIWm03NFov + THZxMnRIQlBqUHFMZHRHeDlRME9BUFR1U0dZCmM4c0JtTEdrN01UVStNVnBRd2gr + Ym80UEZpR2kyc3pGemsxWmJsbG5lSlEKLS0tIDFqeGkzZmFTL2VTSmhpM2pQUjRy + dGNsbWNPSVlnMWRiWE9tbHFNS1lLR00KhyqOvOQDVzgZ0V6e9xxwNDy03AGMuqe8 + yAsYybFo/svHQJvCHJOZafBY2q7spnkSbBwCfLnUrQRD6mzbr72/kA== -----END AGE ENCRYPTED FILE----- - recipient: age1x363tjjzx6j77j3m4zynkjgyj38qcyf4wah5mc8mtjt5yt6zvgxqr3z7px enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBWS01JU3JJK2RPRzMzR3lj - Z2hKSE43Mk8xSHBoSzM4enp3YzhLbkJER0M4CjhTYmNxNStiRkNXdnpKS1N5Rys5 - SWdzNTgwVStvYTEzRmhuWldralhieWsKLS0tIGROWXdFRExnVDhOakZ2VzRacDFn - Y2FsQnFBYjZUVk1wN1VrUjIrM2tyK2MKcQvDw7KJmBLBMde749wS8M+NoeLW34QF - pWMfdDZpEF/5EZR42uuYrhspYatrEPs9Kewj75VLRlZJtMs/hzaNhQ== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAzVGpXYWVyM2VMeEZGdHFH + b0E0NlBLN0ZTeWpxYmIyN3p3VVdSYVNKREFFCm44cFMxcW1pVjU3NmdHMGxGcDVF + SDR6RkErdjB6dmF4L1NtY3RVWDdtcXcKLS0tIDlzWU1nWDc3S1dvUVFHTTEzNUNM + T2xoVVBaam9MNXdTUTNqZjZSZnd3dXcKlS3KQOq3kleiSuXtL1DSDJzOq1kzmDAy + 2zU9qEksJEmyfPrYMxdXOz/l40lvvnUBx/IRyC/oVI9wCu/p7Nh0WQ== -----END AGE ENCRYPTED FILE----- - recipient: age1r7d0v4nudrv9wy7rvh784lnmzspm24uja6c6hrhhwjy7qf4e5d5q04gf3x enc: | -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBGZHlPQ3BYZ3F6dVp2RGdl - bTg4SXlUS0tGSEZzUWtZWXRXTENhWmRNMVQ0ClRJVlBxdlRnbGZKVFJXTjZpb1Rm - d3h2dFFyN1gvN2tXZmZOOFV5TWNWY0UKLS0tIC9wUkdTdFNrc2loUUY2M1ZDckJP - RmdYZGV5ZkViVWFRSklCUWZzblRJVDQKz6fDnIjmiQC751H1pSPNl/MHtA623Lyq - Nl5mjcrok0tBL8iyqgReVdCkVYh2WglzLZVyoZmW/nc62T1mkn+u5w== + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBmSVUreWZ3YUFkZHdpWi9B + MWltaXZIV1hRZlNEN1I0S2lsemgvdExaWHhNCkp6a1N4dCsxRm1VN2xiRkRkdkFW + QVV2THpoM2tTVmVhQU5jR0RWcDB1S1EKLS0tIEx0NlE0OFJ5Wld6Si9qRFZ1M2wy + TVptSEh4SnU4WjBiYzFPNG50UUhBZVUKpcrh98kbsCu4zrStQDoGLWPMfr/SJTKQ + jRPiBDd6gCKEbabTS5qEkbvDY8s7qjEpEsBi35rVCHlQzcUmgpCTng== + -----END AGE ENCRYPTED FILE----- + - recipient: age1jldv57mqz6ahwcm62efelumv22ngyvxjff8736shx9kycu9z7a4q7a3xdl + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBSaFcxNnh4NFVsYjR2Ri9S + bnh2MzJLdGRlZ2J0bU45WnNlT05mc1M0dkFBCldVcTFVNkNkL2Z3akc1bmU5dHJT + Vkw3Rzd0bEZNNjRmeDhldFJCSDFBZDAKLS0tIHdQQW11em5oYVE1T1NJa29TQTJu + NmtuQzZDNFR1a01Dei9IaFVjMVJYemMKYrYoYAx5y63e9ZeyJNAFL2eyTGCswaR/ + 0qabYpTVwW3Ueo9s+qHtwl6nHCkXY9cFrp6AQ7extO6uSbeE1P6k3Q== -----END AGE ENCRYPTED FILE----- lastmodified: "2023-08-13T13:37:23Z" mac: ENC[AES256_GCM,data:CFvBtxBp9Evs3aChCkV0sbPsXgkzCQs8Sgx43oV5mIx7ZhyqKZlZQq9YtQuNH7kNwwDwM293ofhXMiqVMRsFwKTt+3mkAgBofLbfRFIhlcsrMi5Hpj68eB3qa283HF7QywiZ4+aNnzz8eCpI6P+QODKSuEc6WZ8izmRQxqCdPiM=,iv:ymtLngFJevSpV97HlPdF9/8ocvFqn7vprSWl+u4WD8Q=,tag:GoqvG+nXgulfgx0TUmOvJw==,type:str] diff --git a/hosts/srvhoma/default.nix b/hosts/srvhoma/default.nix new file mode 100644 index 0000000..656dd25 --- /dev/null +++ b/hosts/srvhoma/default.nix @@ -0,0 +1,87 @@ +########################################################## +# NIXOS (hosts) +########################################################## +{ inputs +, config +, pkgs +, lib +, ... +}: +{ + imports = [ + ./hardware-configuration.nix + ./disks.nix + ../../nix/modules/nixos/host.nix + + # Users + ../root.nix + ../badele.nix + + # Commons + ../../nix/nixos/features/commons + ../../nix/nixos/features/homelab + + # Roles + ../../nix/nixos/roles # Automatically load service from sectionn from `homelab.json` file + # ../../nix/nixos/roles/prometheus/exporter/node.nix + # ../../nix/nixos/roles/prometheus/exporter/snmp.nix + # ../../nix/nixos/roles/prometheus/exporter/smokeping.nix + ]; + + #################################### + # Boot + #################################### + + boot = { + kernelParams = [ + "mem_sleep_default=deep" + ]; + blacklistedKernelModules = [ ]; + kernelModules = [ "kvm-intel" ]; + supportedFilesystems = [ "btrfs" ]; + + # Grub EFI boot loader + loader = { + grub = { + enable = true; + devices = [ "nodev" ]; + efiInstallAsRemovable = true; + efiSupport = true; + useOSProber = true; + }; + }; + }; + + # xorg + # videoDrivers = [ "intel" "i965" "nvidia" ]; + + #################################### + # host profile + #################################### + hostprofile = { + nproc = 8; + }; + + #################################### + # Hardware + #################################### + + # Pulseaudio + hardware.pulseaudio = { + enable = true; + support32Bit = true; ## If compatibility with 32-bit applications is desired + #extraConfig = "load-module module-combine-sink"; + }; + + networking.hostName = "srvhoma"; + networking.useDHCP = lib.mkDefault true; + + #################################### + # Programs + #################################### + powerManagement.powertop.enable = true; + programs = { }; + + nixpkgs.hostPlatform.system = "x86_64-linux"; + system.stateVersion = "24.05"; +} diff --git a/hosts/srvhoma/disks.nix b/hosts/srvhoma/disks.nix new file mode 100644 index 0000000..10bdec6 --- /dev/null +++ b/hosts/srvhoma/disks.nix @@ -0,0 +1,80 @@ +{ inputs, lib, ... }: { + + imports = [ + inputs.disko.nixosModules.disko + ]; + + disko.devices = { + disk = { + disk1 = { + type = "disk"; + device = lib.mkDefault "/dev/disk/by-id/ata-CYX-SSD-S1000_230324000201S5121504"; + content = { + type = "gpt"; + partitions = { + ESP = { + priority = 1; + name = "ESP"; + start = "1M"; + end = "128M"; + type = "EF00"; + content = { + type = "filesystem"; + format = "vfat"; + mountpoint = "/boot"; + }; + }; + root = { + size = "100%"; + content = { + type = "btrfs"; + extraArgs = [ "-f" ]; # Override existing partition + # Subvolumes must set a mountpoint in order to be mounted, + # unless their parent is mounted + subvolumes = { + # Subvolume name is different from mountpoint + "/rootfs" = { + mountpoint = "/"; + }; + # Subvolume name is the same as the mountpoint + "/home" = { + mountOptions = [ "compress=zstd" ]; + mountpoint = "/home"; + }; + # Sub(sub)volume doesn't need a mountpoint as its parent is mounted + "/home/user" = { }; + # Parent is not mounted so the mountpoint must be set + "/nix" = { + mountOptions = [ "compress=zstd" "noatime" ]; + mountpoint = "/nix"; + }; + # This subvolume will be created but not mounted + "/test" = { }; + # Subvolume for the swapfile + "/swap" = { + mountpoint = "/.swapvol"; + swap = { + swapfile.size = "20M"; + swapfile2.size = "20M"; + swapfile2.path = "rel-path"; + }; + }; + }; + + mountpoint = "/partition-root"; + swap = { + swapfile = { + size = "20M"; + }; + swapfile1 = { + size = "20M"; + }; + }; + }; + }; + }; + }; + }; + }; + }; +} diff --git a/hosts/srvhoma/hardware-configuration.nix b/hosts/srvhoma/hardware-configuration.nix new file mode 100644 index 0000000..d59f93d --- /dev/null +++ b/hosts/srvhoma/hardware-configuration.nix @@ -0,0 +1,13 @@ +# Do not modify this file! It was generated by ‘nixos-generate-config’ +# and may be overwritten by future invocations. Please make changes +# to /etc/nixos/configuration.nix instead. +{ config, lib, pkgs, modulesPath, ... }: + +{ + imports = [ + (modulesPath + "/installer/scan/not-detected.nix") + ]; + + powerManagement.cpuFreqGovernor = lib.mkDefault "powersave"; + hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; +} diff --git a/hosts/srvhoma/secrets.yml b/hosts/srvhoma/secrets.yml new file mode 100644 index 0000000..45eb6d2 --- /dev/null +++ b/hosts/srvhoma/secrets.yml @@ -0,0 +1,33 @@ +system: + user: + root-hash: ENC[AES256_GCM,data:PScvPSDvRaHUXTr5dMBcUoZ2GaJcbb44030WMTvQ2cooKrL/eevf5a5apbRpFSRXu0HsOKpOwrXqauKD3coMY2HTyiYDGEgidrJlij9CjMOKVvHJl4P7hD1aszTuvEgBkwEj8BGAAtG+CA==,iv:AuM7cdeIXuptmRbcS0HcP5ZB7+VcbQuDlECQppCR8lo=,tag:4Te9jkG8yHijyICZlEKiuw==,type:str] + badele-hash: ENC[AES256_GCM,data:vsQy1euMz0qiHiN1Mm4Ab3+y1bvuAJ4QBh60jzLU9RN9JNkpXcsZMVyZ4K5aMFYPVDQ1146T6j+S9UlE9oR3QvenmcrjFWEORXZg+M3ZigHtubKOdbL66FR3lyXGsUgtLFiF7MXuCriubw==,iv:SZChyIKjR2P3/pU2dVxch/7IH86XnPFJGye3x4WKQNQ=,tag:WaEI+35ilONoBEibfpSNkg==,type:str] +sops: + kms: [] + gcp_kms: [] + azure_kv: [] + hc_vault: [] + age: + - recipient: age15js628ku59g94njn0vup20r4xx34guesgsj5dqsken5hma2zqg2szjed66 + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBrdFN4K0xmUWpHSEsrQzNs + SzloN241T1hhVHNjWHplZXppU3AwRlNMUUdvCmkzU1JldmdNMzRJZ3ZhY01SL2JK + Y2EzMU1FeUdaR25FS0dZeE5LQndBc3cKLS0tIDVoN0UrVW1vcFplZDVMb0JhWHNq + Q2xMSXB3a2ZwVGFYbGNCaFJBYzA1SDQK+U81OMzgp7hs/9sD+HHNMPG4iRBXwG/L + Oy16AJAJaey8Pec89PsoXOOFns4Rlc7CVTBeJBGrm8OvmrxhUwQR9Q== + -----END AGE ENCRYPTED FILE----- + - recipient: age1jldv57mqz6ahwcm62efelumv22ngyvxjff8736shx9kycu9z7a4q7a3xdl + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBNdDdwUTAwSkszbjlTTjQ3 + eVdtdXhqU1FsSUQyb1BuajVFMWQ0dEZ0alNBCkVwdHB5MmFPaWFUc2NXNlZ3bnpO + VHIrQ2h2OUJRejF1VlVrenJXQUJ4dWsKLS0tIE4zVlJWR080d1ltdlFkalZoRHhr + Ky94eUxDbk9DdU5SZTl2QVpBUVQ3ZUkKtgKRWPDO2WbDF6p4T8H0nq8CSJ0/fDKT + sT+bXLAKz3eRwls+qOk78nQp0LNBiL6W24GUyxz1GBpt9ZeT1NKypw== + -----END AGE ENCRYPTED FILE----- + lastmodified: "2024-04-07T14:05:53Z" + mac: ENC[AES256_GCM,data:Vf55BWU8YOmfUKeZnVpRaPfTdfUb2zDbNTx2UyZ9tti8PSSktja/2Am5UDBtF/IJ5Uy8vjXr0VJJQ4dEF4Kq4jmX7+sCgi6w0QrALhDk2Wu03Fj2t68G7XRQN6FfAyODm4T3paoJPx9o/OOcIJ6VK9KAIG6h17ZHDeVxxOLh5ZA=,iv:242HvFsrqXNwUknhPCcCx0SOT9WkRu5nrL1I9d6htlQ=,tag:ehxw8HEzTEUPbWIikHiatQ==,type:str] + pgp: [] + unencrypted_suffix: _unencrypted + version: 3.8.1 diff --git a/hosts/srvhoma/ssh-to-age.txt b/hosts/srvhoma/ssh-to-age.txt new file mode 100644 index 0000000..ab819f1 --- /dev/null +++ b/hosts/srvhoma/ssh-to-age.txt @@ -0,0 +1 @@ +age1jldv57mqz6ahwcm62efelumv22ngyvxjff8736shx9kycu9z7a4q7a3xdl diff --git a/hosts/srvhoma/ssh_host_ed25519_key.pub b/hosts/srvhoma/ssh_host_ed25519_key.pub new file mode 100644 index 0000000..1a659b7 --- /dev/null +++ b/hosts/srvhoma/ssh_host_ed25519_key.pub @@ -0,0 +1 @@ +ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIP0x6Xb7oq065YBqWRf/9B3vAfn2yMYz4pDW8lfpyUK5 badele@badxps diff --git a/hosts/srvhoma/ssh_host_rsa_key.pub b/hosts/srvhoma/ssh_host_rsa_key.pub new file mode 100644 index 0000000..8779c19 --- /dev/null +++ b/hosts/srvhoma/ssh_host_rsa_key.pub @@ -0,0 +1 @@ +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDEUz91F9Rf0OeRga2pi0b834eXBLngK5ItypHgCWnfcNUz4Dtj205ZZ+JeVQOecxh5q+baS/6C7qVkavaUNQsu4K30j/EBKvKjasTmXBqDbsemjQQA86FQplRrcCeknKwjwJ6ysMvG0s705x7QEnqpX8KQVHZiLYRkw6FfFjAhKk+itDTT3x/+omB3bR+FPbfMvAvOkPVL9zgkqYPCphEzU4Q7YEGBm9bJPuCzn1Fx0Cs5YuuwDSKraZyjXIdivD9Azk3le7bYVsnBmZ2paG/TX2fX6UPFqGKCXX45AoVbM6lNcpK+8DBocg7Inb37SNj35okNxrA4DZ55HbPkR1p+IAOU8uoFLFfgRUUpDi6lG7I8v9JAu3+ow03n2SUnvQ4bu2+lVYpbaoemWs6y6zyNh93I7SNcsAWET8XwjIl6secipvzctBUUe8CCzsEBbF4hS/vzkJ9xMHZi5caaf6W6rcK4eadjN+B6Hyem6XR+OY8mY60Fj5aAd6ujCGC3MROUom37ExnBdZ0dEcTlQpk8iLLkDme1tZMh6+amkk9eGl1L9AARrndr2xgoYL7C5QZ2oaliz4iWl4vxnM0HmLYaskdOs0KQ4L82+MsBLuS/2S/TPJ71r0N/T2F1CyyLutUkb0Ls15/5mDth5TnOE8Jz8wgpdXYf3wctMSMYctxZVw== badele@badxps diff --git a/justfile b/justfile new file mode 100644 index 0000000..5678b4c --- /dev/null +++ b/justfile @@ -0,0 +1,262 @@ +#!/usr/bin/env just -f + +set export + +SSHPASS := "nixosusb" + +# This help +# Help it showed if just is called without arguments +@help: + just -l -u | column -s '#' -t | sed 's/[ \t]*$//' + +############################################################################### +# Pre-commit +############################################################################### + +# Setup pre-commit +precommit-install: + #!/usr/bin/env bash + test ! -f .git/hooks/pre-commit && pre-commit install || true + +# Update pre-commit +@precommit-update: + pre-commit autoupdate + +# precommit check +@precommit-check: + pre-commit run --all-files + +############################################################################### +# Documentation +############################################################################### + +# Update documentation +@doc-update FAKEFILENAME: + ./.pre-commit-scripts/updatedoc.ts + +# Lint the project +@lint: + pre-commit run --all-files + +############################################################################### +# Documentation +############################################################################### + +# Repl the project +@debug-repl: + nix repl --extra-experimental-features repl-flake .# + +############################################################################### +# Flake +############################################################################### + +# Show flake metadata +@flake-metadata: + nix flake metadata + +# Update the flake +@flake-update: + nix flake update + +# @flake-sync-registry: +# nix flake metadata --json | jq -r '.locks.nodes."nixpkgs".locked.rev' +# nix flake metadata --json | jq -r '.locks.nodes."home-manager".locked.rev' + +# Check the nix homelab configuration +@flake-check: + nix flake check + +############################################################################### +# NIXOS installer +############################################################################### + +# Generate random password +@passwd-generate: + pwgen -s 12 1 + +# Update secrets SOPS +@secret-update FILE: + sops updatekeys {{ FILE }} + +[private] +nixos-init-ssh-host host save="true": + #!/usr/bin/env bash + mkdir -p ./hosts/{{host}} /tmp/nix-homelab + cleanup() { + rm -rf "/tmp/nix-homelab" + } + trap cleanup EXIT + + if [ ! -f ./hosts/{{host}}/ssh_host_ed25519_key.pub ]; then + # Generate ssh keys + ssh-keygen -q -N "" -t rsa -b 4096 -f /tmp/nix-homelab/ssh_host_rsa_key + ssh-keygen -q -N "" -t ed25519 -f /tmp/nix-homelab/ssh_host_ed25519_key + + # Insert ssh keys to pass + if [ "{{save}}" == "true" ]; then + pass insert -m nix-homelab/hosts/{{host}}/ssh_host_rsa_key < /tmp/nix-homelab/ssh_host_rsa_key + pass insert -m nix-homelab/hosts/{{host}}/ssh_host_ed25519_key < /tmp/nix-homelab/ssh_host_ed25519_key + else + cp /tmp/nix-homelab/ssh_host_rsa_key ./hosts/{{host}} + cp /tmp/nix-homelab/ssh_host_ed25519_key ./hosts/{{host}} + fi + + # Copy ssh pub keys to host configuration + cp /tmp/nix-homelab/ssh_host_rsa_key.pub ./hosts/{{host}} + cp /tmp/nix-homelab/ssh_host_ed25519_key.pub ./hosts/{{host}} + + # Create age key from host ssh key + ssh-to-age -i ./hosts/{{host}}/ssh_host_ed25519_key.pub -o ./hosts/{{host}}/ssh-to-age.txt + fi + +[private] +nixos-init-root-pass host: + #!/usr/bin/env bash + if [ ! -f ./hosts/{{host}}/ssh_host_ed25519_key.pub ]; then + # Generate root password + just passwd-generate | pass insert -m nix-homelab/hosts/{{host}}/accounts/root + fi + +# Init nixos host if not exists +nixos-init-host host: (nixos-init-ssh-host host) (nixos-init-root-pass host) + +# Install new to : system wide +nixos-install hostname targetip port="22": + #!/usr/bin/env bash + mkdir -p /tmp/nix-homelab + cleanup() { + rm -rf "/tmp/nix-homelab" + } + trap cleanup EXIT + + # Decrypt ssh keys + install -d -m755 "/tmp/nix-homelab/etc/ssh" + pass nix-homelab/hosts/{{hostname}}/ssh_host_ed25519_key > "/tmp/nix-homelab/etc/ssh/ssh_host_ed25519_key" + chmod 600 "/tmp/nix-homelab/etc/ssh/ssh_host_ed25519_key" + nixos-anywhere --extra-files /tmp/nix-homelab -p {{port}} --flake .#{{hostname}} root@{{targetip}} + +[private] +nixos-command action hostname="" options="": + sudo nixos-rebuild {{ action }} {{ options }} --fast --option accept-flake-config true --flake .#{{ hostname }} + +# Nixos clean build cache and garbage unused derivations +@nixos-garbage: + sudo nix-collect-garbage -d + +# Nixos build local host +@nixos-build hostname="" options="": + just nixos-command build {{ hostname }} {{ options }} + +# Install new to : system wide +demo-nixos-install hostname targetip port="22": + #!/usr/bin/env bash + mkdir -p /tmp/nix-homelab + cleanup() { + rm -rf "/tmp/nix-homelab" + } + trap cleanup EXIT + + # Copy host ssh keys + install -d -m755 "/tmp/nix-homelab/etc/ssh" + cp ./hosts/demovm/ssh_host_ed25519_key /tmp/nix-homelab/etc/ssh/ssh_host_ed25519_key + chmod 600 /tmp/nix-homelab/etc/ssh/ssh_host_ed25519_key + + # copy demo age key + install -d -m755 "/tmp/nix-homelab/root/.config/sops/age" + PRIVATEKEY=$(tail -1 ./users/demo/age-key.txt) + echo "$PRIVATEKEY" > /tmp/nix-homelab/root/.config/sops/age/keys.txt + chmod 600 "/tmp/nix-homelab/etc/ssh/ssh_host_ed25519_key" "/tmp/nix-homelab/root/.config/sops/age/keys.txt" + nixos-anywhere --env-password --extra-files /tmp/nix-homelab -p {{port}} --flake .#{{hostname}} root@{{targetip}} + +# Update NixOS on local host +@nixos-update hostname="" options="": + just nixos-command switch {{ hostname }} {{ options }} + +# Deploy NixOS on remote host +@nixos-remote-deploy hostname targetip: + just nixos-command switch {{ hostname }} "--target-host root@{ targetip }}" + +[private] +home-command action: + home-manager {{action}} --option accept-flake-config true --flake . + +# Home build for local user +@home-build: + just home-command build + +# Home deploy local user +@home-deploy: + just home-command switch + +############################################################################### +# ISO & Demo +############################################################################### + +# Build NixOS ISO image +@iso-build: + nix build '.#nixosConfigurations.iso.config.system.build.isoImage' + +# Init demo credentials +demo-init-credentials passwd="demopass": (nixos-init-ssh-host "demovm" "false") + #!/usr/bin/env bash + + # Generate demo age key + if [ ! -f ./users/demo/age-key.txt ]; then + age-keygen -o ./users/demo/age-key.txt + fi + + PUBLICKEY=$(head -n2 ./users/demo/age-key.txt | tail -1 | sed 's/.*: age/age/') + PRIVATEKEY=$(tail -1 ./users/demo/age-key.txt) + HOSTAGEKEY=$(cat hosts/demovm/ssh-to-age.txt) + + # Add private key to sops + if ! grep -q "$PRIVATEKEY" ~/.config/sops/age/keys.txt; then + echo "$PRIVATEKEY" >> ~/.config/sops/age/keys.txt + fi + + # Add public key to sops + sed -i "s/\&demo .*/\&demo $PUBLICKEY/" .sops.yaml + sed -i "s/\&demovm .*/\&demovm $HOSTAGEKEY/" .sops.yaml + + cat << EOF > ./hosts/demovm/secrets.tmp + system: + user: + root-hash: $(echo "{{passwd}}" | mkpasswd -m sha-512 -s) + demo-hash: $(echo "{{passwd}}" | mkpasswd -m sha-512 -s) + EOF + sops --input-type yaml --output-type yaml -e ./hosts/demovm/secrets.tmp > ./hosts/demovm/secrets.yml + rm -f ./hosts/demovm/secrets.tmp + +[private] +@demo-create-disk: + [ -e disk-demo.raw ] || qemu-img create disk-demo.raw 20G + +# Start NixOS demo from ISO image +@demo-start: demo-create-disk + qemu-system-x86_64 -enable-kvm -smp 2 -m 4096 --bios $UEFI_FILE -device virtio-vga -net nic,model=virtio-net-pci -net user,hostfwd=tcp::2222-:22 -drive file=disk-demo.raw,format=raw -cdrom result/iso/nixos-*.iso & + +# (type ESC for select boot device) +# Test NixOS installation deployment on qemu virutal machine +@demo-qemu-nixos-install: demo-init-credentials demo-start + ssh-keygen -R "[127.0.0.1]:2222" + just demo-nixos-install demovm 127.0.0.1 2222 + +# (type ESC for select boot device) +# Test NixOS update deployment on qemu virutal machine +@demo-qemu-nixos-update: demo-start + ssh-keygen -R "[127.0.0.1]:2222" + # Disable --fast (if you have error: cached failure of attribute) + # Disable --fallback (if you have error: cannot build derivation) + NIX_SSHOPTS="-l root -p 2222 -o StrictHostKeychecking=no" nixos-rebuild switch --fallback --show-trace --option accept-flake-config true --target-host 127.0.0.1 --flake .#demovm + +# Stop demo vm test +@demo-stop: + pkill qemu + +# Clean demo vm test +@demo-clean: + rm -f disk-demo.raw + +# Show installed packages +@packages: + echo $PATH | tr ":" "\n" | grep -E "/nix/store" | sed -e "s/\/nix\/store\/[a-z0-9]\+\-//g" | sed -e "s/\/.*//g" diff --git a/nix/home-manager/commons/packages.nix b/nix/home-manager/commons/packages.nix deleted file mode 100644 index 75a22c5..0000000 --- a/nix/home-manager/commons/packages.nix +++ /dev/null @@ -1,52 +0,0 @@ -{ pkgs, ... }: -{ - programs = { - # TODO: remove ranger from package - yazi.enable = true; # TUI file manager - }; - - home.packages = with pkgs; [ - # Nix - haskellPackages.nix-derivation # Analyse derivation with pretty-derivation < packagename.drv - nix-prefetch-github # Compute SHA256 github repository - nixpkgs-fmt # Nix formatter - - nix-diff # Check derivation differences - nvd # Show diff nix packages - - # Colors - pastel ## Colors generator - # grc ## colorize some commands results - # TODO: Colout with - - # Disk & File - du-dust # du rust version - duf # df go version - eza # ls alternative - fd # find alternative - - # Floating apps - bashmount # Terminal mount helper - bluetuith # Bluetooth manager - btop # Top alternative - procs # Top alternative - - bat # cat alternative - httpie # curl alternative - ranger # TUI file manager - - # procs # top alternative - atop # Top alternative - - jq # JSON pretty printer and manipulator - ripgrep # Better grep - - # Misc - curl # HTTP client - eva # Calculator - tmux # Terminal multiplexer - unzip # Unzip files - up # UI interactively pipe - wget # HTTP client - ]; -} diff --git a/nix/home-manager/features/desktop/commons/base.nix b/nix/home-manager/features/desktop/apps/base.nix similarity index 93% rename from nix/home-manager/features/desktop/commons/base.nix rename to nix/home-manager/features/desktop/apps/base.nix index ff85d66..8e8bd37 100644 --- a/nix/home-manager/features/desktop/commons/base.nix +++ b/nix/home-manager/features/desktop/apps/base.nix @@ -2,6 +2,7 @@ { imports = [ # Theme + ./fonts.nix ./gtk.nix ./qt.nix @@ -10,8 +11,7 @@ ./pulseaudio.nix # Misc - ./fonts.nix - ./wezterm.nix + ./kitty.nix ./wpa-gui.nix ]; diff --git a/nix/home-manager/features/desktop/commons/development/vscode.nix b/nix/home-manager/features/desktop/apps/development/vscode.nix similarity index 94% rename from nix/home-manager/features/desktop/commons/development/vscode.nix rename to nix/home-manager/features/desktop/apps/development/vscode.nix index a233a08..1e6f3ec 100644 --- a/nix/home-manager/features/desktop/commons/development/vscode.nix +++ b/nix/home-manager/features/desktop/apps/development/vscode.nix @@ -7,7 +7,7 @@ # package = pkgs.vscodium; extensions = with pkgs.vscode-extensions; [ bbenoist.nix - github.copilot + github.copilot golang.go gruntfuggly.todo-tree jebbs.plantuml @@ -47,7 +47,7 @@ ]; userSettings = { - "editor.fontFamily" = "'Source Code Pro','Droid Sans Mono', 'monospace', monospace, 'Droid Sans Fallback'"; + # "editor.fontFamily" = "'Source Code Pro','Droid Sans Mono', 'monospace', monospace, 'Droid Sans Fallback'"; "explorer.confirmDragAndDrop" = false; "explorer.confirmDelete" = false; "workspace-manager.includeGlobPattern" = [ @@ -85,4 +85,3 @@ }; }; } - diff --git a/nix/home-manager/features/desktop/commons/fonts.nix b/nix/home-manager/features/desktop/apps/fonts.nix similarity index 100% rename from nix/home-manager/features/desktop/commons/fonts.nix rename to nix/home-manager/features/desktop/apps/fonts.nix diff --git a/nix/home-manager/features/desktop/commons/google-chrome.nix b/nix/home-manager/features/desktop/apps/google-chrome.nix similarity index 92% rename from nix/home-manager/features/desktop/commons/google-chrome.nix rename to nix/home-manager/features/desktop/apps/google-chrome.nix index 348a016..4330fed 100644 --- a/nix/home-manager/features/desktop/commons/google-chrome.nix +++ b/nix/home-manager/features/desktop/apps/google-chrome.nix @@ -8,7 +8,7 @@ "oncbjlgldmiagjophlhobkogeladjijl" # Bookmark cleaner "hmbkmkdhhlgemdgeefnhfaffdpddohpa" # Crypto Tab "fihnjjcciajhdojfnbdddfaoknhalnja" # I don't care cookies - "gccahjgcckaemgpliioopngfgdaceffo" # Spell Merci App + "gccahjgcckaemgpliioopngfgdaceffo" # Spell Merci App "noaijdpnepcgjemiklgfkcfbkokogabh" # Translation "fiabciakcmgepblmdkmemdbbkilneeeh" # Tab suspender "cjpalhdlnbpafiamejdnhcphjbkeiagm" # uBlock Origin diff --git a/nix/home-manager/features/desktop/commons/gtk.nix b/nix/home-manager/features/desktop/apps/gtk.nix similarity index 83% rename from nix/home-manager/features/desktop/commons/gtk.nix rename to nix/home-manager/features/desktop/apps/gtk.nix index 0c06b88..aed60a5 100644 --- a/nix/home-manager/features/desktop/commons/gtk.nix +++ b/nix/home-manager/features/desktop/apps/gtk.nix @@ -2,10 +2,10 @@ rec { gtk = { enable = true; - font = { - name = config.fontProfiles.regular.family; - size = 12; - }; + # font = { + # name = config.fontProfiles.regular.family; + # size = 12; + # }; # theme = { # name = "${config.colorscheme.slug}"; # package = gtkThemeFromScheme { scheme = config.colorscheme; }; diff --git a/nix/home-manager/features/desktop/apps/kitty.nix b/nix/home-manager/features/desktop/apps/kitty.nix new file mode 100644 index 0000000..430dc49 --- /dev/null +++ b/nix/home-manager/features/desktop/apps/kitty.nix @@ -0,0 +1,10 @@ +{ config, pkgs, inputs, ... }: + +let + hexPalette = with inputs.nix-rice.lib; palette.toRGBHex pkgs.rice.colorPalette; +in +{ + programs.kitty = { + enable = true; + }; +} diff --git a/nix/home-manager/features/desktop/commons/obs.nix b/nix/home-manager/features/desktop/apps/obs.nix similarity index 100% rename from nix/home-manager/features/desktop/commons/obs.nix rename to nix/home-manager/features/desktop/apps/obs.nix diff --git a/nix/home-manager/features/desktop/commons/playerctl.nix b/nix/home-manager/features/desktop/apps/playerctl.nix similarity index 100% rename from nix/home-manager/features/desktop/commons/playerctl.nix rename to nix/home-manager/features/desktop/apps/playerctl.nix diff --git a/nix/home-manager/features/desktop/commons/pulseaudio.nix b/nix/home-manager/features/desktop/apps/pulseaudio.nix similarity index 100% rename from nix/home-manager/features/desktop/commons/pulseaudio.nix rename to nix/home-manager/features/desktop/apps/pulseaudio.nix diff --git a/nix/home-manager/features/desktop/commons/qt.nix b/nix/home-manager/features/desktop/apps/qt.nix similarity index 53% rename from nix/home-manager/features/desktop/commons/qt.nix rename to nix/home-manager/features/desktop/apps/qt.nix index b368d1d..91a8fef 100644 --- a/nix/home-manager/features/desktop/commons/qt.nix +++ b/nix/home-manager/features/desktop/apps/qt.nix @@ -1,6 +1,6 @@ { qt = { enable = true; - platformTheme = "gtk"; + platformTheme.name = "gtk"; }; } diff --git a/nix/home-manager/features/desktop/commons/spotify.nix b/nix/home-manager/features/desktop/apps/spotify.nix similarity index 98% rename from nix/home-manager/features/desktop/commons/spotify.nix rename to nix/home-manager/features/desktop/apps/spotify.nix index dd47099..d344dfe 100644 --- a/nix/home-manager/features/desktop/commons/spotify.nix +++ b/nix/home-manager/features/desktop/apps/spotify.nix @@ -11,7 +11,7 @@ home.packages = with pkgs; [ spotify - spotify-tui + # spotify-tui ncspot playerctl ]; diff --git a/nix/home-manager/features/desktop/apps/wezterm.nix b/nix/home-manager/features/desktop/apps/wezterm.nix new file mode 100644 index 0000000..5270117 --- /dev/null +++ b/nix/home-manager/features/desktop/apps/wezterm.nix @@ -0,0 +1,66 @@ +{ config, pkgs, inputs, ... }: + +let + hexPalette = with inputs.nix-rice.lib; palette.toRGBHex pkgs.rice.colorPalette; +in +{ + programs.wezterm = { + enable = true; + + # colorSchemes = { + # "usertheme" = { + # + # foreground = hexPalette.foreground; + # background = hexPalette.background; + # + # ansi = [ + # hexPalette.normal.black + # hexPalette.normal.red + # hexPalette.normal.green + # hexPalette.normal.yellow + # hexPalette.normal.blue + # hexPalette.normal.magenta + # hexPalette.normal.cyan + # hexPalette.normal.white + # ]; + # + # brights = [ + # hexPalette.bright.black + # hexPalette.bright.red + # hexPalette.bright.green + # hexPalette.bright.yellow + # hexPalette.bright.blue + # hexPalette.bright.magenta + # hexPalette.bright.cyan + # hexPalette.bright.white + # ]; + # + # cursor_bg = hexPalette.cursor_bg; + # cursor_border = hexPalette.cursor_border; + # cursor_fg = hexPalette.cursor_fg; + # selection_fg = hexPalette.selection_fg; + # selection_bg = hexPalette.selection_bg; + # }; + # }; + #font = wezterm.font("${config.fontProfiles.monospace.family}"), + # extraConfig = /* lua */ '' + # return { + # font_size = 12.0, + # color_scheme = "usertheme", + # hide_tab_bar_if_only_one_tab = true, + # window_close_confirmation = "NeverPrompt", + # set_environment_variables = { + # TERM = 'wezterm', + # }, + # -- config.disable_default_key_bindings = true + # keys = { + # { + # key = 'F', + # mods = 'SHIFT|CTRL', + # action = wezterm.action.DisableDefaultAssignment, + # } + # }, + # } + # ''; + }; +} diff --git a/nix/home-manager/features/desktop/commons/wpa-gui.nix b/nix/home-manager/features/desktop/apps/wpa-gui.nix similarity index 100% rename from nix/home-manager/features/desktop/commons/wpa-gui.nix rename to nix/home-manager/features/desktop/apps/wpa-gui.nix diff --git a/nix/home-manager/features/desktop/commons/development/packages.nix b/nix/home-manager/features/desktop/commons/development/packages.nix deleted file mode 100644 index 95c3199..0000000 --- a/nix/home-manager/features/desktop/commons/development/packages.nix +++ /dev/null @@ -1,15 +0,0 @@ -{ config -, pkgs -, ... -}: { - - home.packages = with pkgs; [ - deno # javascript engine - # just # justfile (Makefile like) - meld # Visual diff and merge tool - vagrant # Virtual machine manager - qemu # Virtual machine manager - lazygit # git terminal UI - lazydocker # docker terminal UI - ]; -} diff --git a/nix/home-manager/features/desktop/commons/wezterm.nix b/nix/home-manager/features/desktop/commons/wezterm.nix deleted file mode 100644 index 3bdcf26..0000000 --- a/nix/home-manager/features/desktop/commons/wezterm.nix +++ /dev/null @@ -1,66 +0,0 @@ -{ config, pkgs, inputs, ... }: - -let - hexPalette = with inputs.nix-rice.lib; palette.toRGBHex pkgs.rice.colorPalette; -in -{ - programs.wezterm = { - enable = true; - - colorSchemes = { - "usertheme" = { - - foreground = hexPalette.foreground; - background = hexPalette.background; - - ansi = [ - hexPalette.normal.black - hexPalette.normal.red - hexPalette.normal.green - hexPalette.normal.yellow - hexPalette.normal.blue - hexPalette.normal.magenta - hexPalette.normal.cyan - hexPalette.normal.white - ]; - - brights = [ - hexPalette.bright.black - hexPalette.bright.red - hexPalette.bright.green - hexPalette.bright.yellow - hexPalette.bright.blue - hexPalette.bright.magenta - hexPalette.bright.cyan - hexPalette.bright.white - ]; - - cursor_bg = hexPalette.cursor_bg; - cursor_border = hexPalette.cursor_border; - cursor_fg = hexPalette.cursor_fg; - selection_fg = hexPalette.selection_fg; - selection_bg = hexPalette.selection_bg; - }; - }; - #font = wezterm.font("${config.fontProfiles.monospace.family}"), - extraConfig = /* lua */ '' - return { - font_size = 12.0, - color_scheme = "usertheme", - hide_tab_bar_if_only_one_tab = true, - window_close_confirmation = "NeverPrompt", - set_environment_variables = { - TERM = 'wezterm', - }, - -- config.disable_default_key_bindings = true - keys = { - { - key = 'F', - mods = 'SHIFT|CTRL', - action = wezterm.action.DisableDefaultAssignment, - } - }, - } - ''; - }; -} diff --git a/nix/home-manager/features/desktop/wayland/hyprland/default.nix b/nix/home-manager/features/desktop/wayland/hyprland/default.nix index 00ff901..466e41b 100644 --- a/nix/home-manager/features/desktop/wayland/hyprland/default.nix +++ b/nix/home-manager/features/desktop/wayland/hyprland/default.nix @@ -128,7 +128,7 @@ bind=CONTROL,Print,exec,${grimblast} --notify copysave screen bind=SUPER,Print,exec,${grimblast} --notify copysave window bind=ALT,Print,exec,${grimblast} --notify copysave output - + bind=SUPER,space,exec,${wofi} -S drun -x 10 -y 10 -W 25% -H 60% bind=SUPER,d,exec,${wofi} -S run @@ -247,7 +247,7 @@ windowrule=workspace 1,class:ncspot windowrule=workspace 3 silent,Discord windowrule=workspace 7 silent,firefox - windowrule=workspace 9 silent,codium-url-handler + windowrule=workspace 9 silent,codium-url-handler ''; }; } diff --git a/nix/home-manager/features/desktop/wayland/sway/default.nix b/nix/home-manager/features/desktop/wayland/sway/default.nix index 713d8e2..16b1372 100644 --- a/nix/home-manager/features/desktop/wayland/sway/default.nix +++ b/nix/home-manager/features/desktop/wayland/sway/default.nix @@ -261,5 +261,3 @@ in }; }; } - - diff --git a/nix/home-manager/features/desktop/wayland/waybar.nix b/nix/home-manager/features/desktop/wayland/waybar.nix index 795f9bc..b483931 100644 --- a/nix/home-manager/features/desktop/wayland/waybar.nix +++ b/nix/home-manager/features/desktop/wayland/waybar.nix @@ -345,8 +345,8 @@ in style = let inherit (config.colorscheme) colors; in '' - - + + * { border: none; border-radius: 0; @@ -379,7 +379,7 @@ in #workspaces button.active { background: #${colors.base0F}; color: #${colors.base07}; - } + } #pulseaudio, #network, @@ -403,7 +403,7 @@ in border-radius: 10px 0px 0px 10px; color: #${colors.base07}; background: #${colors.base02}; - } + } #custom-weather, #memory { @@ -412,7 +412,7 @@ in /*transition: none;*/ color: #${colors.base07}; background: #${colors.base02}; - } + } #custom-currentplayer { @@ -422,7 +422,7 @@ in font-size: 24px; color: #${colors.base07}; background: #${colors.base02}; - } + } #custom-player { @@ -431,7 +431,7 @@ in /*transition: none;*/ color: #${colors.base07}; background: #${colors.base02}; - } + } #custom-cava { @@ -440,7 +440,7 @@ in /*transition: none;*/ color: #${colors.base07}; background: #${colors.base02}; - } + } #cpu { @@ -449,15 +449,15 @@ in border-radius: 0px 0px 0px 0px; color: #${colors.base07}; background: #${colors.base02}; - } + } #cpu.warning { color: #${colors.base09}; - } + } #cpu.critical { color: #${colors.base08}; - } + } #temperature { padding-left: 16px; @@ -465,15 +465,15 @@ in border-radius: 10px 0px 0px 10px; color: #${colors.base07}; background: #${colors.base02}; - } + } #memory.warning { color: #${colors.base09}; - } + } #memory.critical { color: #${colors.base08}; - } + } #battery.charging { @@ -523,4 +523,3 @@ in ''; }; } - diff --git a/nix/home-manager/features/desktop/xorg/dunst.nix b/nix/home-manager/features/desktop/xorg/dunst.nix index c3e3474..3238061 100644 --- a/nix/home-manager/features/desktop/xorg/dunst.nix +++ b/nix/home-manager/features/desktop/xorg/dunst.nix @@ -1,6 +1,6 @@ -{ config, lib, pkgs, inputs, ... }: +{ config, lib, pkgs, ... }: let - hexPalette = with inputs.nix-rice.lib; palette.toRGBHex pkgs.rice.colorPalette; + # hexPalette = with inputs.nix-rice.lib; palette.toRGBHex pkgs.rice.colorPalette; in { @@ -18,13 +18,13 @@ in offset = "30x50"; origin = "top-right"; transparency = 10; - frame_color = hexPalette.bright.magenta; - font = "${config.fontProfiles.monospace.family} 12"; + # frame_color = hexPalette.bright.magenta; + # font = "${config.fontProfiles.monospace.family} 12"; }; urgency_normal = { - background = hexPalette.normal.black; - foreground = hexPalette.bright.magenta; + # background = hexPalette.normal.black; + # foreground = hexPalette.bright.magenta; timeout = 10; }; }; diff --git a/nix/home-manager/features/desktop/xorg/rofi.nix b/nix/home-manager/features/desktop/xorg/rofi.nix index 0d487a6..72e19a8 100644 --- a/nix/home-manager/features/desktop/xorg/rofi.nix +++ b/nix/home-manager/features/desktop/xorg/rofi.nix @@ -3,7 +3,7 @@ programs.rofi = { enable = true; - theme = "solarized"; + # theme = "solarized"; extraConfig = { modi = "drun"; font = "Source Code Pro 18"; diff --git a/nix/home-manager/features/desktop/xorg/wm/i3.nix b/nix/home-manager/features/desktop/xorg/wm/i3.nix index e125bfe..451b915 100644 --- a/nix/home-manager/features/desktop/xorg/wm/i3.nix +++ b/nix/home-manager/features/desktop/xorg/wm/i3.nix @@ -1,9 +1,9 @@ -{ config, lib, pkgs, inputs, ... }: +{ config, pkgs, ... }: let cfg = config.xsession.windowManager.i3.config; - hexPalette = with inputs.nix-rice.lib; - palette.toRGBHex pkgs.rice.colorPalette; + # hexPalette = with inputs.nix-rice.lib; + # palette.toRGBHex pkgs.rice.colorPalette; lockTime = 4 * 60; # TODO: configurable desktop (10 min)/laptop (4 min) execAndNotify = cmd: mess: ''exec "${cmd}; notify-send '${mess}'"''; @@ -37,8 +37,10 @@ let i3lock = "${pkgs.i3lock-color}/bin/i3lock-color"; xidlehook = "${pkgs.xidlehook}/bin/xidlehook"; lockCmd = "${i3lock} --blur 5"; - terminal = "${pkgs.wezterm}/bin/wezterm"; -in { + # terminal = "${pkgs.wezterm}/bin/wezterm"; + terminal = "${pkgs.kitty}/bin/kitty"; +in +{ imports = [ # ./py3status.nix @@ -54,31 +56,31 @@ in { modifier = mod; terminal = terminal; - fonts = { - names = [ - "${config.fontProfiles.monospace.family}" - "${config.fontProfiles.fontawesome.family}" - ]; - style = "Bold Semi-Condensed"; - size = 12.0; - }; - - colors = { - focused = { - background = hexPalette.background; - border = hexPalette.normal.magenta; - childBorder = hexPalette.normal.magenta; - indicator = hexPalette.normal.magenta; - text = hexPalette.bright.white; - }; - unfocused = { - background = hexPalette.background; - border = hexPalette.dark-normal.white; - childBorder = hexPalette.dark-normal.white; - indicator = hexPalette.dark-normal.white; - text = hexPalette.bright.white; - }; - }; + # fonts = { + # names = [ + # "${config.fontProfiles.monospace.family}" + # "${config.fontProfiles.fontawesome.family}" + # ]; + # style = "Bold Semi-Condensed"; + # size = 12.0; + # }; + + # colors = { + # focused = { + # background = hexPalette.background; + # border = hexPalette.normal.magenta; + # childBorder = hexPalette.normal.magenta; + # indicator = hexPalette.normal.magenta; + # text = hexPalette.bright.white; + # }; + # unfocused = { + # background = hexPalette.background; + # border = hexPalette.dark-normal.white; + # childBorder = hexPalette.dark-normal.white; + # indicator = hexPalette.dark-normal.white; + # text = hexPalette.bright.white; + # }; + # }; window = { titlebar = false; @@ -139,11 +141,11 @@ in { "${mod}+p" = "exec --no-startup-id ${playerctl} play-pause"; "${mod}+s" = "exec --no-startup-id ${playerctl} next"; "${mod}+a" = "exec --no-startup-id autorandr -c"; - "${mod}+b" = "exec --no-startup-id ${cfg.terminal} start --class winfloat -- bluetuith"; - "${mod}+d" = "exec --no-startup-id ${cfg.terminal} start --class winfloat -- bashmount"; - "${mod}+m" = "exec --no-startup-id ${cfg.terminal} start --class winfloat -- pulsemixer"; - "${mod}+n" = "exec --no-startup-id ${cfg.terminal} start --class winfloat -- nmtui"; - "${mod}+t" = "exec --no-startup-id ${cfg.terminal} start --class winfloat -- btop"; + "${mod}+b" = "exec --no-startup-id ${cfg.terminal} --class winfloat -- bluetuith"; + "${mod}+d" = "exec --no-startup-id ${cfg.terminal} --class winfloat -- bashmount"; + "${mod}+m" = "exec --no-startup-id ${cfg.terminal} --class winfloat -- pulsemixer"; + "${mod}+n" = "exec --no-startup-id ${cfg.terminal} --class winfloat -- nmtui"; + "${mod}+t" = "exec --no-startup-id ${cfg.terminal} --class winfloat -- btop"; # # Screen brightness controls "XF86MonBrightnessUp" = @@ -252,26 +254,26 @@ in { statusCommand = "${i3status-rust} ~/.config/i3status-rust/config-top.toml"; - colors = { - background = hexPalette.background; - statusline = hexPalette.normal.white; - - inactiveWorkspace = { - border = hexPalette.normal.black; - background = hexPalette.background; - text = hexPalette.bright.black; - }; - focusedWorkspace = { - border = hexPalette.normal.blue; - background = hexPalette.normal.blue; - text = hexPalette.bright.white; - }; - urgentWorkspace = { - border = hexPalette.bright.red; - background = hexPalette.normal.red; - text = hexPalette.bright.white; - }; - }; + # colors = { + # background = hexPalette.background; + # statusline = hexPalette.normal.white; + # + # inactiveWorkspace = { + # border = hexPalette.normal.black; + # background = hexPalette.background; + # text = hexPalette.bright.black; + # }; + # focusedWorkspace = { + # border = hexPalette.normal.blue; + # background = hexPalette.normal.blue; + # text = hexPalette.bright.white; + # }; + # urgentWorkspace = { + # border = hexPalette.bright.red; + # background = hexPalette.normal.red; + # text = hexPalette.bright.white; + # }; + # }; }]; startup = [ @@ -283,7 +285,7 @@ in { notification = false; } { - command = "${feh} --bg-scale '${config.wallpaper}'"; + command = "${feh} --bg-scale '${config.stylix.image}'"; always = false; notification = false; } @@ -298,7 +300,7 @@ in { assigns = { "${w2}" = [{ class = "Spotify"; }]; "${w3}" = [{ class = "Discord"; }]; - "${w7}" = [ { class = "Google-chrome"; } { class = "firefox"; } ]; + "${w7}" = [{ class = "Google-chrome"; } { class = "firefox"; }]; "${w9}" = [{ class = "VSCodium"; }]; }; @@ -307,8 +309,6 @@ in { border = 1; titlebar = false; criteria = [ - { class = "winfloat"; } - # SDR { class = ".gnuradio-companion-wrapped"; } { class = "gqrx"; } @@ -330,6 +330,10 @@ in { #for_window [class="pulsemixer"] floating enable border pixel $border }; + + extraConfig = '' + for_window [class="winfloat"] floating enable resize set 640 480 move absolute position center + ''; }; }; } diff --git a/nix/home-manager/features/desktop/xorg/wm/i3status-rust.nix b/nix/home-manager/features/desktop/xorg/wm/i3status-rust.nix index d9fe41d..46017b5 100644 --- a/nix/home-manager/features/desktop/xorg/wm/i3status-rust.nix +++ b/nix/home-manager/features/desktop/xorg/wm/i3status-rust.nix @@ -1,6 +1,6 @@ -{ config, lib, pkgs, inputs, ... }: +{ config, lib, pkgs, ... }: let - hexPalette = with inputs.nix-rice.lib; palette.toRGBHex pkgs.rice.colorPalette; + # hexPalette = with inputs.nix-rice.lib; palette.toRGBHex pkgs.rice.colorPalette; grep = (lib.getBin pkgs.gnugrep) + "/bin/grep"; bash = (lib.getBin pkgs.bash) + "/bin/bash"; @@ -17,7 +17,7 @@ in #!${bash} echo "ON ENTER" >> /tmp/audio.log - + set -e @@ -42,27 +42,27 @@ in top = { theme = "modern"; icons = "awesome6"; - settings.theme = { - overrides = { - idle_bg = "${hexPalette.dark-bright.blue}"; - idle_fg = "${hexPalette.bright.blue}"; - info_bg = "${hexPalette.dark-bright.blue}"; - info_fg = "${hexPalette.bright.white}"; - good_bg = "${hexPalette.dark-normal.green}"; - good_fg = "${hexPalette.bright.white}"; - warning_bg = "${hexPalette.dark-bright.yellow}"; - warning_fg = "${hexPalette.bright.white}"; - critical_bg = "${hexPalette.dark-bright.red}"; - critical_fg = "${hexPalette.bright.white}"; - - separator = ""; - # #separator = "\ue0b2"; - # separator_bg = "auto"; - # separator_fg = "auto"; - alternating_tint_bg = "#222222"; - alternating_tint_fg = "#222222"; - }; - }; + # settings.theme = { + # overrides = { + # idle_bg = "${hexPalette.dark-bright.blue}"; + # idle_fg = "${hexPalette.bright.blue}"; + # info_bg = "${hexPalette.dark-bright.blue}"; + # info_fg = "${hexPalette.bright.white}"; + # good_bg = "${hexPalette.dark-normal.green}"; + # good_fg = "${hexPalette.bright.white}"; + # warning_bg = "${hexPalette.dark-bright.yellow}"; + # warning_fg = "${hexPalette.bright.white}"; + # critical_bg = "${hexPalette.dark-bright.red}"; + # critical_fg = "${hexPalette.bright.white}"; + # + # separator = ""; + # # #separator = "\ue0b2"; + # # separator_bg = "auto"; + # # separator_fg = "auto"; + # alternating_tint_bg = "#222222"; + # alternating_tint_fg = "#222222"; + # }; + # }; blocks = [ # Spotify @@ -89,7 +89,7 @@ in # theme_overrides = { # idle_bg = "${hexPalette.dark-bright.blue}"; # idle_fg = "${hexPalette.bright.blue}"; - # }; + # }; merge_with_next = true; } { diff --git a/nix/home-manager/features/desktop/xorg/wm/py3status.nix b/nix/home-manager/features/desktop/xorg/wm/py3status.nix index 128351f..ca8193e 100644 --- a/nix/home-manager/features/desktop/xorg/wm/py3status.nix +++ b/nix/home-manager/features/desktop/xorg/wm/py3status.nix @@ -69,7 +69,7 @@ in } audiosink { display_name_mapping = { - "Nor-Tec streaming mic Stéréo analogique": "USB", + "Nor-Tec streaming mic Stéréo analogique": "USB", "Audio interne Stéréo analogique": "INT" } format = "🎧 {audiosink}" @@ -106,4 +106,3 @@ in } ''; } - diff --git a/nix/home-manager/features/language/c.nix b/nix/home-manager/features/language/c.nix index bfaa91c..3a8779b 100644 --- a/nix/home-manager/features/language/c.nix +++ b/nix/home-manager/features/language/c.nix @@ -4,4 +4,3 @@ gcc ]; } - diff --git a/nix/home-manager/features/term/base.nix b/nix/home-manager/features/term/base.nix index 569a2d7..5ef47bb 100644 --- a/nix/home-manager/features/term/base.nix +++ b/nix/home-manager/features/term/base.nix @@ -8,14 +8,13 @@ { imports = [ + # Hardware informations ./tools/inxi.nix # Shell - ./tools/starship.nix ./tools/zsh.nix - # Misc - ./tools/broot.nix + # # Misc ./tools/htop.nix ./tools/neofetch.nix ./tools/top @@ -25,7 +24,7 @@ systemd.user.startServices = "sd-switch"; nixpkgs = { - overlays = builtins.attrValues outputs.overlays; + # overlays = builtins.attrValues outputs.overlays; config = { allowUnfree = true; allowUnfreePredicate = (_: true); @@ -33,7 +32,7 @@ }; nix = { - package = pkgs.nix; + package = lib.mkForce pkgs.nix; settings = { experimental-features = [ "nix-command" "flakes" "repl-flake" ]; warn-dirty = false; @@ -41,8 +40,10 @@ }; - # NOTE: By default all programs enabled for the all shells + # # NOTE: By default all programs enabled for the all shells programs = { + yazi.enable = true; # Filemanager + starship.enable = true; # Terminal prompt home-manager.enable = true; git.enable = true; nix-index.enable = true; # command not found and nix-locate @@ -62,6 +63,7 @@ }; # Cheats navigators + # alias: lnavi (local search) navi = { enable = true; settings = { @@ -87,5 +89,11 @@ }; }; - home.packages = with pkgs ; [ ]; + home.packages = with pkgs; [ + act # Run your GitHub Actions locally + delta # A syntax-highlighting pager for git + ghq # Remote repository management made easy + direnv # load environment when on the current directory + ]; + } diff --git a/nix/home-manager/features/term/development/base.nix b/nix/home-manager/features/term/development/base.nix deleted file mode 100644 index 538e0fb..0000000 --- a/nix/home-manager/features/term/development/base.nix +++ /dev/null @@ -1,20 +0,0 @@ -# ██████╗ ███████╗██╗ ██╗███████╗██╗ ██████╗ ██████╗ ███╗ ███╗███████╗███╗ ██╗████████╗ -# ██╔══██╗██╔════╝██║ ██║██╔════╝██║ ██╔═══██╗██╔══██╗████╗ ████║██╔════╝████╗ ██║╚══██╔══╝ -# ██║ ██║█████╗ ██║ ██║█████╗ ██║ ██║ ██║██████╔╝██╔████╔██║█████╗ ██╔██╗ ██║ ██║ -# ██║ ██║██╔══╝ ╚██╗ ██╔╝██╔══╝ ██║ ██║ ██║██╔═══╝ ██║╚██╔╝██║██╔══╝ ██║╚██╗██║ ██║ -# ██████╔╝███████╗ ╚████╔╝ ███████╗███████╗╚██████╔╝██║ ██║ ╚═╝ ██║███████╗██║ ╚████║ ██║ -# ╚═════╝ ╚══════╝ ╚═══╝ ╚══════╝╚══════╝ ╚═════╝ ╚═╝ ╚═╝ ╚═╝╚══════╝╚═╝ ╚═══╝ ╚═╝ - -{ config -, pkgs -, inputs -, ... -}: { - - home.packages = with pkgs; [ - act # Run your GitHub Actions locally - delta # A syntax-highlighting pager for git - ghq # Remote repository management made easy - direnv # load environment when on the current directory - ]; -} diff --git a/nix/home-manager/features/term/editor/lazyvim.nix b/nix/home-manager/features/term/editor/lazyvim.nix deleted file mode 100644 index 15a7045..0000000 --- a/nix/home-manager/features/term/editor/lazyvim.nix +++ /dev/null @@ -1,23 +0,0 @@ -{ config, pkgs, ... }: -{ - programs.neovim = { - enable = true; - - viAlias = true; - vimAlias = true; - vimdiffAlias = true; - - extraPackages = with pkgs; [ - ]; - }; - - home.packages = with pkgs; [ - # treesitter - tree-sitter - nodejs - xclip # Use system clipboard - yarn # needed by markdown-preview - # TODO: create package diagon # Diagon diagram - sqlite # Needed by yanky.nvim - ]; -} diff --git a/nix/home-manager/features/term/editor/nvim/default.nix b/nix/home-manager/features/term/editor/nvim/default.nix deleted file mode 100644 index 02bd096..0000000 --- a/nix/home-manager/features/term/editor/nvim/default.nix +++ /dev/null @@ -1,138 +0,0 @@ -{ config, pkgs, ... }: -{ - # Custom help file - - xdg.configFile."nvim/doc/help.txt".text = (builtins.readFile - ../../../../../../docs/nvim/help.txt); - - programs.neovim = { - enable = true; - - viAlias = true; - vimAlias = true; - vimdiffAlias = true; - - extraPackages = with pkgs; [ - # treesitter - tree-sitter - nodejs - xclip # Use system clipboard - - luajitPackages.lua-lsp # LUA LSP - pyright # Python LSP - rnix-lsp # Nix LSP - - # LSP servers - nodePackages.bash-language-server - nodePackages.dockerfile-language-server-nodejs - nodePackages.pyright # Python - nodePackages.typescript-language-server - nodePackages.vim-language-server - nodePackages.vscode-css-languageserver-bin - nodePackages.vscode-html-languageserver-bin - nodePackages.vscode-json-languageserver-bin - nodePackages.yaml-language-server - - # LSP requirement Packages - code-minimap - luaPackages.lua-lsp - ]; - - plugins = with pkgs.vimPlugins; [ - ################################################################################ - # Editor & UI - ################################################################################ - nvim-web-devicons # Icons - tokyonight-nvim # Colorscheme tokyonight - gitsigns-nvim # Git integration for buffers - bufferline-nvim # buffer line (with tabpage integration) - lualine-nvim # Neovim statusline written in Lua - indent-blankline-nvim # Indentation guide - alpha-nvim # Start screen - which-key-nvim # Show maps keys - neo-tree-nvim # Folders - - # scope-nvim # Introducing Enhanced Tab Scoping - telescope-nvim # Telescope - telescope-live-grep-args-nvim - telescope-file-browser-nvim - telescope-fzf-native-nvim - telescope-symbols-nvim - telescope-zoxide - - # project - project-nvim - telescope-project-nvim - - # Tools - vim-easy-align # Text align - - ################################################################################ - # LSP & Completion - ################################################################################ - - # Format some language - neoformat - comment-nvim - - # Completion - cmp-nvim-lsp - coq_nvim - coq-artifacts - coq-thirdparty - nvim-cmp - - # LSP - nvim-lspconfig - - markdown-preview-nvim - - vim-nix - nvim-colorizer-lua # Colorize RGB color code ex: #444444 - - # renders diagnostics using virtual lines on top of the real line of code. - lsp_lines-nvim - - # Show function information - lspsaga-nvim - - # Language server to inject LSP diagnostics, code actions, and more via Lua. - null-ls-nvim - - # Neovim setup for init.lua and plugin development with full signature help, - # docs and completion for the nvim lua API. - neodev-nvim - - # vscode-like pictograms for neovim lsp completion items - lspkind-nvim - - #nvim-treesitter.withAllGrammars - (nvim-treesitter.withPlugins (p: [ - p.tree-sitter-bash - p.tree-sitter-dockerfile - p.tree-sitter-go - p.tree-sitter-json - p.tree-sitter-json5 - p.tree-sitter-jsonc - p.tree-sitter-lua - p.tree-sitter-nix - p.tree-sitter-python - p.tree-sitter-toml - p.tree-sitter-vim - ])) - - lsp_signature-nvim - ]; - - extraConfig = '' - lua << EOF - ${builtins.readFile lua/init.lua} - ${builtins.readFile lua/alpha.lua} - ${builtins.readFile lua/lsp_completion.lua} - ${builtins.readFile lua/lualine.lua} - ${builtins.readFile lua/telescope.lua} - ${builtins.readFile lua/web-icons.lua} - ${builtins.readFile lua/which-key.lua} - EOF''; - }; -} diff --git a/nix/home-manager/features/term/editor/nvim/lua/alpha.lua b/nix/home-manager/features/term/editor/nvim/lua/alpha.lua deleted file mode 100644 index d367320..0000000 --- a/nix/home-manager/features/term/editor/nvim/lua/alpha.lua +++ /dev/null @@ -1,60 +0,0 @@ -local alpha = require("alpha") -local dashboard = require("alpha.themes.dashboard") - -local function footer() - --local total_plugins = "#vim.tbl_keys(packer_plugins)" - local datetime = os.date(" %d-%m-%Y  %H:%M:%S") - local version = vim.version() - local nvim_version_info = "  v" .. version.major .. "." .. version.minor .. "." .. version.patch - - return datetime .. nvim_version_info -end - --- header generated with lachlanarthur.github.io/Braille-ASCII-Art -dashboard.section.header.val = { - "⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⣀⣀⣀⣀⣆⣀⣀⣀⡀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀ ", - "⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⢀⣀⣶⣶⣶⣿⣿⣿⣿⣿⣿⣿⣿⣷⣶⣀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀ ", - "⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⢰⣾⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣶⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀ ", - "⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⢠⣼⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣶⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀ ", - "⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⢠⣼⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀ ", - "⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⢠⡜⠛⠛⠛⠛⠛⠛⠛⠛⠛⣿⣿⣿⣿⡟⠛⠛⠛⠛⠛⠛⠛⠛⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀ ", - "⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠸⢿⡿⠋⠉⠻⠀⠉⠉⠀⣶⣦⡄⠀⠈⠉⠉⠉⠹⠉⠉⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀ ", - "⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⢀⡀⠈⠁⠀⠀⠀⠀⠀⣀⣀⣿⣿⣇⣀⡀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀ ", - "⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⢸⣷⣶⣶⣶⣶⣶⣶⣶⣿⣿⣿⣿⣿⣏⣱⣶⣶⣶⣶⣶⣶⠀⣶⠀⠀⠀⠀⠀⠀⠀⠀⠀ ", - "⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⢸⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣶⣿⠀⠀⠀⠀⠀⠀⠀⠀⠀ ", - "⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⢸⣿⣿⣿⣿⣿⣿⣿⣿⠀⠀⠀⠀⠀⠀⢸⣿⣿⣿⣿⣿⣿⣿⠛⠀⠀⠀⠀⠀⠀⠀⠀⠀ ", - "⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⢸⣿⣿⣿⣿⣿⣿⠀⠀⠀⠀⣤⣿⡟⠛⠛⠛⢻⣿⣿⣿⣿⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀ ", - "⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⢸⣿⣿⡟⠛⠀⠀⠛⠛⠛⠛⠛⠃⠘⠃⠀⠀⠀⠘⢻⣿⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀ ", - "⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠸⢿⡧⠀⣤⣿⣿⣿⣿⣿⠛⢻⣿⣿⣿⣧⡄⠠⠘⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀ ", - "⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠈⠁⠰⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⡿⢷⠄⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀ ", - "⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⢀⠀⠀⠉⣉⣿⣿⣿⣿⡿⢿⣿⣿⣿⣇⡈⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀ ", - "⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠈⢰⣀⠀⠿⠉⣿⠿⠉⠇⠈⠉⠉⠉⠉⠁⠀⢀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀ ", - "⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⢸⣿⣶⣤⣀⠉⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⢸⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀ ", - "⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⢸⣿⣿⣿⣿⣿⣤⠀⠀⢠⣤⣤⣤⣼⣿⣿⣿⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀ ", - "⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⢸⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀ ", - "⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⢿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⣿⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀ ", - "⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠙⠿⣿⣿⣿⣿⣿⣿⣿⣿⣿⡿⠏⠁⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀ ", - "⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠉⠉⠉⠿⠿⠿⠏⠉⠉⠁⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀⠀ ", - " ", -} -dashboard.section.header.opts.hl = "Comment" - -dashboard.section.footer.val = footer() -dashboard.section.footer.opts.hl = "Constant" - --- Set menu -dashboard.section.buttons.val = { - dashboard.button( "n", " > New file" , ":ene startinsert "), - dashboard.button( "f", " > Find file", ":cd " .. homefolder .. " | Telescope find_files"), - dashboard.button( "r", " > Recent" , ":Telescope oldfiles"), - dashboard.button( "p", " > Project" , ":Telescope projects"), - dashboard.button( "q", " > Quit NVIM", ":qa"), -} - --- Send config to alpha -alpha.setup(dashboard.opts) - --- Disable folding on alpha buffer -vim.cmd([[ -autocmd FileType alpha setlocal nofoldenable -]]) diff --git a/nix/home-manager/features/term/editor/nvim/lua/init.lua b/nix/home-manager/features/term/editor/nvim/lua/init.lua deleted file mode 100644 index 3ad5819..0000000 --- a/nix/home-manager/features/term/editor/nvim/lua/init.lua +++ /dev/null @@ -1,80 +0,0 @@ -local cmd = vim.cmd -local homefolder = "$HOME/ghq" -- Home folder for telescope find_files - -vim.g.mapleader = " " - -vim.g.loaded_perl_provider = 0 -- Disable perl provider -vim.g.loaded_ruby_provider = 0 -- Disabled ruby - --------------------------------------------------------------------------------- --- Check some plugins with :checkheath --------------------------------------------------------------------------------- - --- misc utils -local scopes = {o = vim.o, b = vim.bo, w = vim.wo} - -local function opt(scope, key, value) - scopes[scope][key] = value - if scope ~= "o" then - scopes["o"][key] = value - end -end - - ------------------------- --- Options ------------------------- - -opt("b", "undofile", true) -opt("o", "ignorecase", true) -opt("o", "splitbelow", true) -opt("o", "splitright", true) -opt("o", "termguicolors", true) -opt("w", "number", true) -opt("w", "relativenumber", true) -opt("o", "numberwidth", 2) -opt("b", "textwidth", 80) -opt("w", "wrap", true) -opt("w", "cursorline", true) -opt("w", "colorcolumn", "+1") -opt("b", "spelllang", "en,fr") -opt("w", "signcolumn", "yes") -opt("o", "cmdheight", 1) - -opt("o", "mouse", "a") -opt("o", "clipboard", "unnamedplus") - --- tabulation / indentline -opt("b", "expandtab", true) -opt("b", "shiftwidth", 4) - - -------------------------------- --- Start screen and Colorscheme -------------------------------- -require'colorizer'.setup() -require("gitsigns").setup() -require('Comment').setup() - -require("project_nvim").setup { - patterns = { ".git", "Makefile" }, -} - -require("bufferline").setup { - options = { - right_mouse_command = nil, - middle_mouse_command = "bdelete! %d", - indicator = { - style = " ", - }, - }, -} - --- Indent guide line -vim.opt.list = true -vim.opt.listchars:append "" -require("indent_blankline").setup { - show_end_of_line = false, -} - -cmd[[colorscheme tokyonight-moon]] diff --git a/nix/home-manager/features/term/editor/nvim/lua/lsp_completion.lua b/nix/home-manager/features/term/editor/nvim/lua/lsp_completion.lua deleted file mode 100644 index fd80e72..0000000 --- a/nix/home-manager/features/term/editor/nvim/lua/lsp_completion.lua +++ /dev/null @@ -1,149 +0,0 @@ -function on_attach(client, bufnr) - local function map(...) - vim.api.nvim_buf_set_keymap(bufnr, ...) - end - - local function buf_set_option(...) - vim.api.nvim_buf_set_option(bufnr, ...) - end - - buf_set_option("omnifunc", "v:lua.vim.lsp.omnifunc") - - -- Mappings - local opts = {noremap = true, silent = true} - - map("n", "gD", "lua vim.lsp.buf.declaration()", opts) - map("n", "gd", "lua vim.lsp.buf.definition()", opts) - map("n", "K", "lua vim.lsp.buf.hover()", opts) - map("n", "gi", "lua vim.lsp.buf.implementation()", opts) - map("n", "", "lua vim.lsp.buf.signature_help()", opts) - map("n", "wa", "lua vim.lsp.buf.add_workspace_folder()", opts) - map("n", "wr", "lua vim.lsp.buf.remove_workspace_folder()", opts) - map("n", "wl", "lua print(vim.inspect(vim.lsp.buf.list_workspace_folders()))", opts) - map("n", "D", "lua vim.lsp.buf.type_definition()", opts) - map("n", "rn", "lua vim.lsp.buf.rename()", opts) - map("n", "gr", "lua vim.lsp.buf.references()", opts) - map("n", "e", "lua vim.lsp.diagnostic.show_line_diagnostics()", opts) - map("n", "[d", "lua vim.lsp.diagnostic.goto_prev()", opts) - map("n", "]d", "lua vim.lsp.diagnostic.goto_next()", opts) - map("n", "q", "lua vim.lsp.diagnostic.set_loclist()", opts) - -- map("n", "ga", "lua vim.lsp.buf.code_action()", opts) - - -- Set some keybinds conditional on server capabilities - if client.server_capabilities.document_formatting then - map("n", "f", "lua vim.lsp.buf.formatting()", opts) - elseif client.server_capabilities.document_range_formatting then - map("v", "f", "lua vim.lsp.buf.range_formatting()", opts) - end -end - -local lspconf = require "lspconfig" -local servers = {"pyright" , "bashls", "rls", "jsonls", "rnix", "eslint"} -local capabilities = require('cmp_nvim_lsp').default_capabilities() - -for k, lang in pairs(servers) do - lspconf[lang].setup { - root_dir = vim.loop.cwd, - on_attach = on_attach, - capabilities = capabilities, - } -end - --- Enable diagnostics -vim.lsp.handlers["textDocument/publishDiagnostics"] = vim.lsp.with( -vim.lsp.diagnostic.on_publish_diagnostics, { - virtual_text = true, - signs = true, - update_in_insert = true, -} -) - --- lua lsp settings -require "lspconfig".lua_ls.setup { - cmd = {"lua-lsp"}, - root_dir = function() - return vim.loop.cwd() - end, - on_attach = on_attach, - settings = { - Lua = { - runtime = { - version = "LuaJIT", - path = vim.split(package.path, ";") - }, - diagnostics = { - globals = {"vim"} - }, - workspace = { - library = { - [vim.fn.expand("$VIMRUNTIME/lua")] = true, - [vim.fn.expand("$VIMRUNTIME/lua/vim/lsp")] = true - } - }, - telemetry = { - enable = false - } - } - } -} - -require "lspconfig".jsonls.setup { - cmd = {"json-languageserver"}, - root_dir = function() - return vim.loop.cwd() - end, - on_attach = on_attach, -} - -require "lspconfig".html.setup { - cmd = {"html-languageserver"}, - root_dir = function() - return vim.loop.cwd() - end, - on_attach = on_attach, -} - -require "lspconfig".cssls.setup { - cmd = {"css-languageserver"}, - root_dir = function() - return vim.loop.cwd() - end, - on_attach = on_attach, -} - ------------------------- --- Completion ------------------------- - -vim.g.coq_settings = { - auto_start = 'shut-up', - xdg = true, - - clients = { - tabnine = { - enabled = true, - }, - }, - display = { - preview = { - border = 'shadow', - }, - }, - limits = { - completion_auto_timeout = 0.5, - }, - match = { - max_results = 100, - }, -} - -cmd 'packadd coq_nvim' - --- require 'coq_3p' { --- { src = "codeium", short_name = "COD", accept_key = "" }, --- } - --------------------------------------------------------------------------------- --- Treesitter --------------------------------------------------------------------------------- - diff --git a/nix/home-manager/features/term/editor/nvim/lua/lualine.lua b/nix/home-manager/features/term/editor/nvim/lua/lualine.lua deleted file mode 100644 index ebdeffe..0000000 --- a/nix/home-manager/features/term/editor/nvim/lua/lualine.lua +++ /dev/null @@ -1,12 +0,0 @@ - --------------------------------------------------------------------------------- --- lualine --------------------------------------------------------------------------------- - -require("lualine").setup { - options = { - theme = "tokyonight", - component_separators = { left = "", right = "" }, - section_separators = { left = "", right = "" }, - }, -} diff --git a/nix/home-manager/features/term/editor/nvim/lua/telescope.lua b/nix/home-manager/features/term/editor/nvim/lua/telescope.lua deleted file mode 100644 index 608893a..0000000 --- a/nix/home-manager/features/term/editor/nvim/lua/telescope.lua +++ /dev/null @@ -1,73 +0,0 @@ - --------------------------------------------------------------------------------- --- lualine --------------------------------------------------------------------------------- -local telescope = require("telescope") -local lga_actions = require("telescope-live-grep-args.actions") - -telescope.load_extension('fzf') -telescope.load_extension('projects') - -telescope.setup { - defaults = { - -- Default configuration for telescope goes here: - -- config_key = value, - - mappings = { - i = { - -- map actions.which_key to (default: ) - -- actions.which_key shows the mappings for your picker, - -- e.g. git_{create, delete, ...}_branch for the git_branches picker - [""] = "which_key" - } - } - }, - - pickers = { - find_files = { - -- theme = "dropdown", - -- find_command = { "rg", "--files", "--hidden", "--glob", "!**/.git/*" }, - } - }, - - --- prompt_prefix = "  ", --- selection_caret = " ", --- entry_prefix = " ", --- initial_mode = "insert", --- selection_strategy = "reset", --- sorting_strategy = "ascending", --- layout_strategy = "horizontal", --- layout_config = { --- horizontal = { --- prompt_position = "top", --- preview_width = 0.55, --- results_width = 0.8, --- }, --- vertical = { --- mirror = false, --- }, --- width = 0.87, --- height = 0.80, --- preview_cutoff = 120, --- }, - - extensions = { - live_grep_args = { - auto_quoting = true, -- enable/disable auto-quoting - mappings = { - i = { - [""] = lga_actions.quote_prompt(), - [""] = lga_actions.quote_prompt({ postfix = " --iglob " }), - }, - }, - }, - - fzf = { - fuzzy = false, -- false will only do exact matching - override_generic_sorter = true, -- override the generic sorter - override_file_sorter = true, -- override the file sorter - case_mode = "ignore_case", -- or "ignore_case" or "respect_case" - } - } -} diff --git a/nix/home-manager/features/term/editor/nvim/lua/web-icons.lua b/nix/home-manager/features/term/editor/nvim/lua/web-icons.lua deleted file mode 100644 index e349428..0000000 --- a/nix/home-manager/features/term/editor/nvim/lua/web-icons.lua +++ /dev/null @@ -1,110 +0,0 @@ -require "nvim-web-devicons".setup { - default = true; - override = { - html = { - icon = "", - color = "#DE8C92", - name = "html" - }, - css = { - icon = "", - color = "#61afef", - name = "css" - }, - js = { - icon = "", - color = "#EBCB8B", - name = "js" - }, - ts = { - icon = "ﯤ", - color = "#519ABA", - name = "ts" - }, - kt = { - icon = "󱈙", - color = "#ffcb91", - name = "kt" - }, - png = { - icon = " ", - color = "#BD77DC", - name = "png" - }, - jpg = { - icon = " ", - color = "#BD77DC", - name = "jpg" - }, - jpeg = { - icon = " ", - color = "#BD77DC", - name = "jpeg" - }, - mp3 = { - icon = "", - color = "#C8CCD4", - name = "mp3" - }, - mp4 = { - icon = "", - color = "#C8CCD4", - name = "mp4" - }, - out = { - icon = "", - color = "#C8CCD4", - name = "out" - }, - Dockerfile = { - icon = "", - color = "#b8b5ff", - name = "Dockerfile" - }, - rb = { - icon = "", - color = "#ff75a0", - name = "rb" - }, - vue = { - icon = "﵂", - color = "#7eca9c", - name = "vue" - }, - py = { - icon = "", - color = "#a7c5eb", - name = "py" - }, - toml = { - icon = "", - color = "#61afef", - name = "toml" - }, - lock = { - icon = "", - color = "#DE6B74", - name = "lock" - }, - zip = { - icon = "", - color = "#EBCB8B", - name = "zip" - }, - xz = { - icon = "", - color = "#EBCB8B", - name = "xz" - }, - deb = { - icon = "", - color = "#a3b8ef", - name = "deb" - }, - rpm = { - icon = "", - color = "#fca2aa", - name = "rpm" - } - } -} diff --git a/nix/home-manager/features/term/editor/nvim/lua/which-key.lua b/nix/home-manager/features/term/editor/nvim/lua/which-key.lua deleted file mode 100644 index b60f94b..0000000 --- a/nix/home-manager/features/term/editor/nvim/lua/which-key.lua +++ /dev/null @@ -1,87 +0,0 @@ --------------------------------------------------------------------------------- --- which-key mappings --------------------------------------------------------------------------------- --- Keymap Modes --- c = command_mode --- i = insert_mode --- n = normal_mode --- t = term_mode --- v = visual_mode --- x = visual_block_mode - -local opt = {silent = true} -local map = vim.api.nvim_set_keymap - -map("i", "", "Neoformat write", opt) -- Save current file -map("n", "", "", opt) -- Link to vim help link -map("n", "", "Telescope buffers", {silent=false}) -- Search buffers -map("n", "", "NeoTreeReveal", opt) -- Show folder --- map("n", "", "Telescope live_grep", {silent=false}) -- Search content -map("n", "", "Alpha", {silent=false}) -- Search main dashboard --- map("n", "", "Telescope projects", {silent=false}) -- Search projects -map("n", "", "Neoformat write", opt) -- Format and save file -map("n", "", "h MyHLHelp", opt) -- Sow my help - -local wk = require("which-key") -local telescope = require('telescope') -local telescopb = require('telescope.builtin') - -wk.register({ - [""] = { - c = { - name = "+Code", - f = { - name = "Format", - n = { "Neoformat" , "Neoformat" }, - a = { "Neoformat" , "Autoformat" }, - }, - d = { "Telescope lsp_definitions" , "Search definitions" }, - r = { "Telescope lsp_references" , "Search references" }, - }, - s = { - name = "+Search", - ["/"] = { "let @/ = ''" , "Cancel search" }, - x = { - name =" test", - b = { telescopb.buffers , "Buffers" }, - }, - - b = { telescopb.buffers , "Buffers" }, - c = { telescopb.commands , "Commands" }, - f = { telescopb.find_files , "Files" }, - g = { telescope.extensions.live_grep_args.live_grep_args , "Grep" }, - h = { telescopb.help_tags , "Help tags" }, -- Search MyHL tags - k = { telescopb.keymaps , "Keys" }, - l = { telescopb.current_buffer_fuzzy_find , "Search in current buffer" }, - p = { telescopb.projects , "Project" }, - r = { telescopb.oldfiles , "Recent files" }, - s = { "Telescope" , "Telescope" }, - t = { telescopb.spell_suggest , "Translate spell suggestion" }, - v = { telescopb.vim_options , "Vim options" }, - w = { telescopb.grep_string , "Grep work around" }, - }, - - h = { - name = "+Help", - k = { "WhichKey" , "Show which key" }, - r = { "helptags ALL" , "Refresh helptags" }, - }, - - f = { - name = "+File", - d = { "NeoTreeRevealToggle" , "Toggle folder bar" }, - f = { "Telescope find_files" , "Find File" }, - h = { "Telescope help_tags" , "Help tags" }, - r = { "NeoTreeRevealToggle" , "Reveal file in the tree" }, - o = { "Telescope oldfiles" , "Open Recent File" }, - n = { "enew" , "New File" }, - }, - t = { - name = "+Text", - l = { "left" , "Left align" }, - c = { "center" , "Center align" }, - r = { "right" , "Right align" }, - w = { "gqq" , "Wrap" }, - }, - }, -}) diff --git a/nix/home-manager/features/term/security/gpg.nix b/nix/home-manager/features/term/security/gpg.nix index fb2ff3e..590f12f 100644 --- a/nix/home-manager/features/term/security/gpg.nix +++ b/nix/home-manager/features/term/security/gpg.nix @@ -3,23 +3,16 @@ let fetchKey = { url, sha256 ? lib.fakeSha256 }: builtins.fetchurl { inherit sha256 url; }; - pinentry = - if config.gtk.enable then { - packages = [ pkgs.pinentry-qt ]; - name = "qt"; - } else { - packages = [ pkgs.pinentry-curses ]; - name = "curses"; - }; in { - home.packages = pinentry.packages; - services.gpg-agent = { enable = true; enableSshSupport = true; sshKeys = [ config.home.userconf.user.gpg.id ]; - pinentryFlavor = pinentry.name; + pinentryPackage = + if config.gtk.enable + then pkgs.pinentry-qt + else pkgs.pinentry-curses; enableExtraSocket = true; }; diff --git a/nix/home-manager/features/term/security/keyring.nix b/nix/home-manager/features/term/security/keyring.nix index d4ceaa7..65d9df6 100644 --- a/nix/home-manager/features/term/security/keyring.nix +++ b/nix/home-manager/features/term/security/keyring.nix @@ -3,7 +3,8 @@ let ssh = "${pkgs.openssh}/bin/ssh"; gpg-connect-agent = "${pkgs.gnupg}/bin/gpg-connect-agent"; -in { +in +{ isUnlocked = "${pkgs.procps}/bin/pgrep 'gpg-agent' &> /dev/null && ${gpg-connect-agent} 'scd getinfo card_list' /bye | ${pkgs.gnugrep}/bin/grep SERIALNO -q"; unlock = "${ssh} -T localhost -o StrictHostKeyChecking=no exit"; } diff --git a/nix/home-manager/features/term/tools/broot.nix b/nix/home-manager/features/term/tools/broot.nix deleted file mode 100644 index c837321..0000000 --- a/nix/home-manager/features/term/tools/broot.nix +++ /dev/null @@ -1,88 +0,0 @@ -# ██████╗ ██████╗ ██████╗ ██████╗ ████████╗ -# ██╔══██╗██╔══██╗██╔═══██╗██╔═══██╗╚══██╔══╝ -# ██████╔╝██████╔╝██║ ██║██║ ██║ ██║ -# ██╔══██╗██╔══██╗██║ ██║██║ ██║ ██║ -# ██████╔╝██║ ██║╚██████╔╝╚██████╔╝ ██║ -# ╚═════╝ ╚═╝ ╚═╝ ╚═════╝ ╚═════╝ ╚═╝ - - -{ ... }: -{ - programs.broot = { - enable = true; ## Alias br alias - settings = { - default_flags = "sdp"; - date_time_format = "%d/%m/%Y %R"; - show_selection_mark = true; - max_panels_count = 2; - - verbs = [ - { - invocation = "goto_home"; - shortcut = "gh"; - execution = ":focus ~/"; - "leave_broot" = false; - } - { - invocation = "search_image"; - shortcut = "si"; - cmd = ":focus ~;/.jpg|.jpeg|.png|.gif;:preview_image"; - "leave_broot" = false; - } - { - invocation = "goto_wallpapers"; - shortcut = "gw"; - cmd = ":focus ~/wallpapers;/.jpg|.jpeg|.png|.gif;:preview_image"; - "leave_broot" = false; - } - { - invocation = "goto_docs"; - shortcut = "gd"; - execution = ":focus ~/docs"; - "leave_broot" = false; - } - { - invocation = "goto_medias"; - shortcut = "gm"; - execution = ":focus /run/media/badele/"; - "leave_broot" = false; - } - { - invocation = "change_colors_scheme"; - shortcut = "ccs"; - key = "ctrl-b"; - external = "my-set-color-scheme-from-image \"{file}\""; - "leave_broot" = false; - } - { - invocation = "edit"; - shortcut = "e"; - execution = "$EDITOR +{line} {file}"; - "leave_broot" = false; - } - { - invocation = "create {subpath}"; - execution = "$EDITOR {directory}/{subpath}"; - "leave_broot" = false; - } - { - invocation = "git_diff"; - shortcut = "gd"; - "leave_broot" = false; - execution = "git difftool -y {file}"; - } - { - invocation = "terminal"; - key = "ctrl-t"; - execution = "$SHELL"; - "set_working_dir" = true; - "leave_broot" = false; - } - ]; - }; - }; - - # xdg.configFile = { - # "broot/verbs.hjson".source = ./verbs.hjson; - # }; -} diff --git a/nix/home-manager/features/term/tools/starship.nix b/nix/home-manager/features/term/tools/starship.nix deleted file mode 100644 index 24519fe..0000000 --- a/nix/home-manager/features/term/tools/starship.nix +++ /dev/null @@ -1,109 +0,0 @@ -# ███████╗████████╗ █████╗ ██████╗ ███████╗██╗ ██╗██╗██████╗ -# ██╔════╝╚══██╔══╝██╔══██╗██╔══██╗██╔════╝██║ ██║██║██╔══██╗ -# ███████╗ ██║ ███████║██████╔╝███████╗███████║██║██████╔╝ -# ╚════██║ ██║ ██╔══██║██╔══██╗╚════██║██╔══██║██║██╔═══╝ -# ███████║ ██║ ██║ ██║██║ ██║███████║██║ ██║██║██║ -# ╚══════╝ ╚═╝ ╚═╝ ╚═╝╚═╝ ╚═╝╚══════╝╚═╝ ╚═╝╚═╝╚═╝ - -# Search font symbol => https://www.nerdfonts.com/cheat-sheet -# Configuration => https://starship.rs/config/ -{ config, pkgs, inputs, ... }: -let - hexPalette = with inputs.nix-rice.lib; palette.toRGBHex pkgs.rice.colorPalette; -in -{ - programs.starship = { - enable = true; - - settings = { - add_newline = true; - # pastel sort-by hue | pastel format - format = ''$status$username$hostname[](bg:${hexPalette.normal.blue} fg:${hexPalette.normal.magenta})$directory[](bg:${hexPalette.bright.blue} fg:${hexPalette.normal.blue})$git_branch$git_status[](bg:${hexPalette.normal.cyan} fg:${hexPalette.bright.blue})$cmd_duration[ ](bg:${hexPalette.background} fg:${hexPalette.normal.cyan})''; - right_format = "[](bg:${hexPalette.background} fg:${hexPalette.normal.blue})$c$golang[](bg:${hexPalette.normal.blue} fg:${hexPalette.normal.magenta})$time"; - fill = { - symbol = " "; - disabled = false; - }; - - status = - { - style = "bg:${hexPalette.normal.white} fg:${hexPalette.bright.green}"; - format = "[$symbol$common_meaning \($status\)$signal_name$maybe_int]($style)[](bg:${hexPalette.bright.cyan} fg:${hexPalette.normal.white})"; - map_symbol = true; - disabled = false; - }; - - username = { - style_user = "bg:${hexPalette.normal.magenta}"; - style_root = "bg:${hexPalette.normal.red}"; - format = "[$user]($style)"; - show_always = true; - }; - - hostname = { - format = "[@$hostname]($style)"; - ssh_only = false; - style = "bg:${hexPalette.normal.magenta}"; - }; - - directory = { - style = "bg:${hexPalette.normal.blue}"; - format = "[ $path ]($style)"; - # truncation_length = 3; - # truncation_symbol = "…/"; - - substitutions = { - "Documents" = "󰈙"; - "Downloads" = " "; - "Music" = " "; - "Pictures" = " "; - }; - - }; - - git_branch = { - symbol = ""; - style = "bg:${hexPalette.bright.blue}"; - format = "[ $symbol $branch ]($style)"; - }; - - git_status = { - style = "bg:${hexPalette.bright.blue}"; - format = "[$all_status$ahead_behind ]($style)"; - }; - - golang = { - symbol = "Go "; - style = "bg:${hexPalette.normal.blue}"; - format = "[ $symbol ($version) ]($style)"; - }; - - # docker_context = { - # symbol = " "; - # style = "bg:${hexPalette.bright.yellow}"; - # format = "[ $symbol $context ]($style) $path"; - # }; - - # vagrant = { - # symbol = " "; - # style = "bg:${hexPalette.bright.yellow} fg:${hexPalette.normal.black}"; - # format = "[ $symbol $version ]($style)"; - # }; - - cmd_duration = { - disabled = false; - style = "bg:${hexPalette.normal.cyan} fg:${hexPalette.background}"; - format = "[ 󰅒 $duration ]($style)"; - }; - - time = { - disabled = false; - time_format = "%R"; # Hour:Minute Format - style = "bg:${hexPalette.normal.magenta}"; - format = "[ 󰥔 $time ]($style)"; - }; - - }; - }; -} - diff --git a/nix/home-manager/features/term/tools/top/toprc b/nix/home-manager/features/term/tools/top/toprc index 28c2e65..8a903d1 100644 --- a/nix/home-manager/features/term/tools/top/toprc +++ b/nix/home-manager/features/term/tools/top/toprc @@ -13,4 +13,3 @@ Usr fieldscur= winflags=458036, sortindx=3, maxtasks=0, graph_cpus=0, graph_mems=0 summclr=2, msgsclr=3, headclr=5, taskclr=5 Fixed_widest=0, Summ_mscale=1, Task_mscale=1, Zero_suppress=0 - diff --git a/nix/home-manager/features/term/tools/user-scripts/src/my-download-nixpkgs-cache-index b/nix/home-manager/features/term/tools/user-scripts/src/my-download-nixpkgs-cache-index index 9608bbf..90e27d6 100644 --- a/nix/home-manager/features/term/tools/user-scripts/src/my-download-nixpkgs-cache-index +++ b/nix/home-manager/features/term/tools/user-scripts/src/my-download-nixpkgs-cache-index @@ -4,4 +4,4 @@ filename="index-$(uname -m)-$(uname | tr A-Z a-z)" mkdir -p ~/.cache/nix-index && cd ~/.cache/nix-index # -N will only download a new version if there is an update. wget -q -N https://github.com/Mic92/nix-index-database/releases/latest/download/$filename -ln -f $filename files \ No newline at end of file +ln -f $filename files diff --git a/nix/home-manager/features/term/tools/user-scripts/src/status-weather b/nix/home-manager/features/term/tools/user-scripts/src/status-weather index 971adec..4e0f013 100755 --- a/nix/home-manager/features/term/tools/user-scripts/src/status-weather +++ b/nix/home-manager/features/term/tools/user-scripts/src/status-weather @@ -1,85 +1,85 @@ #!/usr/bin/env python3 - import json -import requests from datetime import datetime - -# Source: https://github.com/lgaboury/Sway-Waybar-Install-Script/blob/master/.config/waybar/scripts/wttr.py -LOCALE={ + +import requests + +# Source: https://github.com/lgaboury/Sway-Waybar-Install-Script/blob/master/.config/waybar/scripts/wttr.py +LOCALE = { "today": "Aujourd'hui", "tomorrow": "Demain", "wind": "Vent", "humidity": "Humidité", - "feelslike": "Resenti" + "feelslike": "Resenti", } # TODO: translate hour['weatherDesc'][0]['value'] values # https://raw.githubusercontent.com/chubin/wttr.in/3ae8c6123694d14dc48f0d263eee75d8636cd5b4/share/translations/en.txt WEATHER_CODES = { - '113': '☀️', - '116': '⛅️', - '119': '☁️', - '122': '☁️', - '143': '🌫', - '176': '🌦', - '179': '🌧', - '182': '🌧', - '185': '🌧', - '200': '⛈', - '227': '🌨', - '230': '❄️', - '248': '🌫', - '260': '🌫', - '263': '🌦', - '266': '🌦', - '281': '🌧', - '284': '🌧', - '293': '🌦', - '296': '🌦', - '299': '🌧', - '302': '🌧', - '305': '🌧', - '308': '🌧', - '311': '🌧', - '314': '🌧', - '317': '🌧', - '320': '🌨', - '323': '🌨', - '326': '🌨', - '329': '❄️', - '332': '❄️', - '335': '❄️', - '338': '❄️', - '350': '🌧', - '353': '🌦', - '356': '🌧', - '359': '🌧', - '362': '🌧', - '365': '🌧', - '368': '🌨', - '371': '❄️', - '374': '🌧', - '377': '🌧', - '386': '⛈', - '389': '🌩', - '392': '⛈', - '395': '❄️' + "113": "☀️", + "116": "⛅️", + "119": "☁️", + "122": "☁️", + "143": "🌫", + "176": "🌦", + "179": "🌧", + "182": "🌧", + "185": "🌧", + "200": "⛈", + "227": "🌨", + "230": "❄️", + "248": "🌫", + "260": "🌫", + "263": "🌦", + "266": "🌦", + "281": "🌧", + "284": "🌧", + "293": "🌦", + "296": "🌦", + "299": "🌧", + "302": "🌧", + "305": "🌧", + "308": "🌧", + "311": "🌧", + "314": "🌧", + "317": "🌧", + "320": "🌨", + "323": "🌨", + "326": "🌨", + "329": "❄️", + "332": "❄️", + "335": "❄️", + "338": "❄️", + "350": "🌧", + "353": "🌦", + "356": "🌧", + "359": "🌧", + "362": "🌧", + "365": "🌧", + "368": "🌨", + "371": "❄️", + "374": "🌧", + "377": "🌧", + "386": "⛈", + "389": "🌩", + "392": "⛈", + "395": "❄️", } - + data = {} - - + + weather = requests.get("https://wttr.in?format=j1").json() - - + + def format_time(time): return time.replace("00", "").zfill(2) - - + + def format_temp(temp): - return (hour['FeelsLikeC']+"°").ljust(3) - - + return (hour["FeelsLikeC"] + "°").ljust(3) + + def format_chances(hour): chances = { "chanceoffog": "Brouillard", @@ -89,43 +89,59 @@ def format_chances(hour): "chanceofsnow": "Neige", "chanceofsunshine": "Ensoleillé", "chanceofthunder": "Orage", - "chanceofwindy": "Vent" + "chanceofwindy": "Vent", } - + conditions = [] for event in chances.keys(): if int(hour[event]) > 0: - conditions.append(chances[event]+" "+hour[event]+"%") + conditions.append(chances[event] + " " + hour[event] + "%") return ", ".join(conditions) - - -data['text'] = WEATHER_CODES[weather['current_condition'][0]['weatherCode']] + \ - " " + weather['current_condition'][0]['FeelsLikeC']+ "°" -#data['text'] = weather['current_condition'][0]['FeelsLikeC']+"°" - -data['tooltip'] = f"{weather['current_condition'][0]['weatherDesc'][0]['value']} {weather['current_condition'][0]['temp_C']}°\n" -data['tooltip'] += f"{LOCALE['feelslike']}: {weather['current_condition'][0]['FeelsLikeC']}°\n" -data['tooltip'] += f"{LOCALE['wind']}: {weather['current_condition'][0]['windspeedKmph']}Km/h\n" -data['tooltip'] += f"{LOCALE['humidity']}: {weather['current_condition'][0]['humidity']}%\n" -for i, day in enumerate(weather['weather']): - data['tooltip'] += f"\n" + + +data["text"] = ( + WEATHER_CODES[weather["current_condition"][0]["weatherCode"]] + + " " + + weather["current_condition"][0]["FeelsLikeC"] + + "°" +) +# data['text'] = weather['current_condition'][0]['FeelsLikeC']+"°" + +data[ + "tooltip" +] = f"{weather['current_condition'][0]['weatherDesc'][0]['value']} {weather['current_condition'][0]['temp_C']}°\n" +data[ + "tooltip" +] += f"{LOCALE['feelslike']}: {weather['current_condition'][0]['FeelsLikeC']}°\n" +data[ + "tooltip" +] += f"{LOCALE['wind']}: {weather['current_condition'][0]['windspeedKmph']}Km/h\n" +data[ + "tooltip" +] += f"{LOCALE['humidity']}: {weather['current_condition'][0]['humidity']}%\n" +for i, day in enumerate(weather["weather"]): + data["tooltip"] += f"\n" if i == 0: - data['tooltip'] += f"{LOCALE['today']}" + data["tooltip"] += f"{LOCALE['today']}" if i == 1: - data['tooltip'] += f"{LOCALE['tomorrow']}" - - data['tooltip'] += "\n" - data['tooltip'] += f"⬇️ {day['mintempC']}° ⬆️ {day['maxtempC']}° " - data['tooltip'] += f" {day['astronomy'][0]['sunrise']}  {day['astronomy'][0]['sunset']}\n" - for hour in day['hourly']: + data["tooltip"] += f"{LOCALE['tomorrow']}" + + data["tooltip"] += "\n" + data["tooltip"] += f"⬇️ {day['mintempC']}° ⬆️ {day['maxtempC']}° " + data[ + "tooltip" + ] += f" {day['astronomy'][0]['sunrise']}  {day['astronomy'][0]['sunset']}\n" + for hour in day["hourly"]: if i == 0: - if int(format_time(hour['time'])) < datetime.now().hour-2: + if int(format_time(hour["time"])) < datetime.now().hour - 2: continue - data['tooltip'] += f"{format_time(hour['time'])} {WEATHER_CODES[hour['weatherCode']]} {format_temp(hour['FeelsLikeC'])} ~ {format_chances(hour)}\n" + data[ + "tooltip" + ] += f"{format_time(hour['time'])} {WEATHER_CODES[hour['weatherCode']]} {format_temp(hour['FeelsLikeC'])} ~ {format_chances(hour)}\n" # data['tooltip'] += f"{format_time(hour['time'])} {WEATHER_CODES[hour['weatherCode']]} {format_temp(hour['FeelsLikeC'])} {hour['weatherDesc'][0]['value']}, {format_chances(hour)}\n" print(json.dumps(data)) - -print(json.dumps(data)) \ No newline at end of file + +print(json.dumps(data)) diff --git a/nix/home-manager/features/term/tools/zsh.nix b/nix/home-manager/features/term/tools/zsh.nix index 2dadb94..b6dc216 100644 --- a/nix/home-manager/features/term/tools/zsh.nix +++ b/nix/home-manager/features/term/tools/zsh.nix @@ -15,6 +15,7 @@ { config, pkgs, lib, ... }: let xprop = "${pkgs.xorg.xprop}/bin/xprop"; + hexyl = "${pkgs.xorg.xprop}/bin/hexyl"; prj_devtools = "${config.home.homeDirectory}/ghq/github.com/cynapps/devtools"; in { @@ -48,8 +49,6 @@ in "golang" "sudo" "docker" - "ripgrep" - "fd" "kubectl" "helm" "terraform" @@ -105,20 +104,6 @@ in # rm -f /tpm/.sso_exported # } - ############################################################################## - # broot - ############################################################################## - - # Wallpapers selector - function brw () { - br -c ":gw" - } - - # Filter - function brf () { - br -h -c "/$1" - } - # Load some files if exists test -d "~/.kube" && export KUBECONFIG=$(ls -1 ~/.kube/*.yml | tr " " ":") # Kubernetes contexts test -f ~/.nix-profile/etc/grc.zsh && source ~/.nix-profile/etc/grc.zsh @@ -163,7 +148,6 @@ in fd = "fd"; # find files alternative (fd) # pup = "up"; # pipe output (we can run linux command in realtime) hexyl = "hexyl --border none"; # hexdump alternative - #br="broot"; # File manager # ZSH my-zkeys = @@ -209,20 +193,21 @@ in cdw = "cd ~/ghq/github.com/cynapps"; # git - gs = "git status"; # git status - gl = "git log"; # git log - gd = "git diff"; # git diff - gds = "git diff --staged"; # git diff - gcb = "git checkout"; - gbl = "git branch"; # git branch - gbm = "git blame"; # git blame - ga = "git add"; # git add - gc = "git commit -m"; # git commit - gss = "git stash"; # git stash - gsl = "git stash list"; # git stash list - gsp = "git stash pop"; # git stash pop - gpl = "git pull"; # git pull - gph = "git push"; # git push + gs = "git status"; + gl = "git log"; + gd = "git diff"; + gds = "git diff --staged"; + gbl = "git branch"; + gbm = "git blame"; + ga = "git add"; + gc = "git commit -m"; + gcb = "git checkout -b"; + gcm = "git checkout main"; + gss = "git stash"; + gsl = "git stash list"; + gsp = "git stash pop"; + gpl = "git pull"; + gph = "git push"; # pass pps = "pass git status"; # pass status @@ -247,6 +232,7 @@ in #unalias kubectl # Disable clourify for using P10K plugin a = "aws"; # aws alias g = "gcloud"; # gcloud alias + i = "incus"; # LXD & VM j = "just"; # just k = "kubectl"; # kubectl alias t = "terraform"; # terraform alias diff --git a/nix/modules/home-manager/wallpaper.nix b/nix/modules/home-manager/wallpaper.nix index 5ba52c0..e085b23 100644 --- a/nix/modules/home-manager/wallpaper.nix +++ b/nix/modules/home-manager/wallpaper.nix @@ -3,7 +3,7 @@ let inherit (lib) types mkOption; in { options.wallpaper = mkOption { - type = types.path; + type = types.str; default = ""; description = '' Wallpaper path diff --git a/nix/nixos/features/commons/locale.nix b/nix/nixos/features/commons/locale.nix index c9b1dd9..98f263d 100644 --- a/nix/nixos/features/commons/locale.nix +++ b/nix/nixos/features/commons/locale.nix @@ -1,6 +1,6 @@ { lib, ... }: { - console.keyMap = "fr"; + # Common locales i18n = { defaultLocale = lib.mkDefault "fr_FR.UTF-8"; extraLocaleSettings = { @@ -12,4 +12,29 @@ ]; }; time.timeZone = lib.mkDefault "Europe/Paris"; + + # Xorg keyboad layout if Xorg is enabled + services = { + xserver = { + xkb = { + options = "caps:shiftlock"; + layout = "fr"; + }; + + }; + + # Touchpad + libinput = { + enable = true; + touchpad = { + tapping = true; + middleEmulation = false; + naturalScrolling = true; + }; + }; + + }; + + # Console keyboard layout + console.keyMap = "fr"; } diff --git a/nix/nixos/features/commons/networking.nix b/nix/nixos/features/commons/networking.nix index 12d7cb0..a1c9108 100644 --- a/nix/nixos/features/commons/networking.nix +++ b/nix/nixos/features/commons/networking.nix @@ -39,7 +39,7 @@ in config.homelab.hosts)} # Alias - ${lib.concatMapStringsSep "\n" (host: + ${lib.concatMapStringsSep "\n" (host: "${host.ip} ${host.name}.${domain} ${host.name}" ) aliasIps} ''; diff --git a/nix/nixos/features/commons/nix.nix b/nix/nixos/features/commons/nix.nix index b56f2e0..4403a9a 100644 --- a/nix/nixos/features/commons/nix.nix +++ b/nix/nixos/features/commons/nix.nix @@ -12,7 +12,7 @@ in # nixpkgs.config.enableParallelBuildingByDefault = true; nix = { - # Add all flake inputs to registry / CMD: nix registry list + # Add all flake inputs to registry / CMD: nix registry list registry = lib.mapAttrs (_: value: { flake = value; }) inputs; # Add all flake inputs to legacy / CMD: echo $NIX_PATH | tr ":" "\n" @@ -35,7 +35,7 @@ in warn-dirty = false; }; - package = pkgs.nixUnstable; + # package = pkgs.nix; gc = { automatic = true; dates = "weekly"; diff --git a/nix/nixos/features/commons/packages.nix b/nix/nixos/features/commons/packages.nix index 39d996f..9136210 100644 --- a/nix/nixos/features/commons/packages.nix +++ b/nix/nixos/features/commons/packages.nix @@ -4,6 +4,12 @@ services.udisks2.enable = true; + # # LD_LIBRARY_PATH + # programs.nix-ld = { + # enable = true; + # libraries = with pkgs; [ zlib ]; + # }; + environment.systemPackages = with pkgs; [ # System diagnose @@ -37,5 +43,8 @@ # Deployment secrets tool sops + + # Used by nix-homelab deployemnt + ghq ]; } diff --git a/nix/nixos/features/commons/sops.nix b/nix/nixos/features/commons/sops.nix index d28a3c5..86d82fb 100644 --- a/nix/nixos/features/commons/sops.nix +++ b/nix/nixos/features/commons/sops.nix @@ -1,6 +1,5 @@ { inputs, lib, config, ... }: let - key = builtins.elemAt (builtins.filter (k: k.type == "ed25519") config.services.openssh.hostKeys) 0; defaultHostSopsFile = ./../../../.. + "/hosts/${config.networking.hostName}/secrets.yml"; in { @@ -12,5 +11,6 @@ in sops.defaultSopsFile = if builtins.pathExists defaultHostSopsFile then defaultHostSopsFile - else null; + # can't define null, we set to unused secret file + else ./../../../../hosts/demo-secrets.yml; } diff --git a/nix/nixos/features/commons/sshd.nix b/nix/nixos/features/commons/sshd.nix index 9488d5d..a6b259d 100644 --- a/nix/nixos/features/commons/sshd.nix +++ b/nix/nixos/features/commons/sshd.nix @@ -2,8 +2,10 @@ { services.openssh = { enable = true; - passwordAuthentication = true; - permitRootLogin = "yes"; + settings = { + PasswordAuthentication = true; + PermitRootLogin = "yes"; + }; hostKeys = [{ path = "/etc/ssh/ssh_host_ed25519_key"; @@ -12,5 +14,5 @@ }; # Passwordless sudo when SSH'ing with keys - security.pam.enableSSHAgentAuth = true; + security.pam.sshAgentAuth.enable = true; } diff --git a/nix/nixos/features/commons/zfs.nix b/nix/nixos/features/commons/zfs.nix index da0874d..f4f6d1e 100644 --- a/nix/nixos/features/commons/zfs.nix +++ b/nix/nixos/features/commons/zfs.nix @@ -12,4 +12,3 @@ ACTION=="add|change", KERNEL=="sd[a-z]*[0-9]*|mmcblk[0-9]*p[0-9]*|nvme[0-9]*n[0-9]*p[0-9]*", ENV{ID_FS_TYPE}=="zfs_member", ATTR{../queue/scheduler}="none" ''; } - diff --git a/nix/nixos/features/desktop/wm/xorg/gdm.nix b/nix/nixos/features/desktop/wm/xorg/gdm.nix index b64992d..7527cf0 100644 --- a/nix/nixos/features/desktop/wm/xorg/gdm.nix +++ b/nix/nixos/features/desktop/wm/xorg/gdm.nix @@ -11,28 +11,23 @@ displayManager = { gdm.enable = true; defaultSession = config.hostprofile.autologin.session; - autoLogin.user = config.hostprofile.autologin.user; + autoLogin = { + enable = true; + user = config.hostprofile.autologin.user; + }; }; - xkbOptions = "caps:shiftlock"; - layout = "fr"; -# Touchpad - libinput = { - enable = true; - naturalScrolling = true; - middleEmulation = false; - tapping = true; - }; + # INFO: Keyboard layout and touchpad are configured in ./nixos/features/commons/locale.nix }; environment.gnome.excludePackages = (with pkgs; [ - gnome-photos - gnome-tour + gnome-photos + gnome-tour + gedit # text editor ]) ++ (with pkgs.gnome; [ cheese # webcam tool gnome-music gnome-terminal - gedit # text editor epiphany # web browser geary # email reader evince # document viewer diff --git a/nix/nixos/features/desktop/wm/xorg/lightdm.nix b/nix/nixos/features/desktop/wm/xorg/lightdm.nix index 8979b64..3c094c7 100644 --- a/nix/nixos/features/desktop/wm/xorg/lightdm.nix +++ b/nix/nixos/features/desktop/wm/xorg/lightdm.nix @@ -1,30 +1,41 @@ -{ config, pkgs, ... }: +{ config, lib, pkgs, ... }: { imports = [ ../../../../../modules/nixos/host.nix ]; - environment.pathsToLink = [ "/libexec" ]; # links /libexec from derivations to /run/current-system/sw - services.xserver = { - enable = true; - #xkbVariant = ""; - xkbOptions = "caps:shiftlock"; - layout = "fr"; - videoDrivers = [ "intel" "i965" "nvidia" ]; + environment.pathsToLink = [ "/libexec" ]; # links /libexec from derivations to /run/current-system/sw + services = { + xserver = { + enable = true; + #xkbVariant = ""; + xkb = { + options = "caps:shiftlock"; + layout = "fr"; + }; + displayManager = { + lightdm.enable = true; + # defaultSession = config.hostprofile.autologin.session; + }; + + windowManager.i3.enable = true; + }; + displayManager = { - lightdm.enable = true; - defaultSession = config.hostprofile.autologin.session; autoLogin.user = config.hostprofile.autologin.user; + defaultSession = config.hostprofile.autologin.session; }; # Touchpad libinput = { enable = true; - naturalScrolling = true; - middleEmulation = false; - tapping = true; + touchpad = { + naturalScrolling = true; + middleEmulation = false; + tapping = true; + }; }; - windowManager.i3.enable = true; + }; } diff --git a/nix/nixos/features/system/printer.nix b/nix/nixos/features/system/printer.nix index 7ec2b65..dc9e302 100644 --- a/nix/nixos/features/system/printer.nix +++ b/nix/nixos/features/system/printer.nix @@ -1,5 +1,6 @@ -{ pkgs, - ... }: +{ pkgs +, ... +}: { services.printing = { enable = true; diff --git a/nix/nixos/features/virtualisation/incus.nix b/nix/nixos/features/virtualisation/incus.nix new file mode 100644 index 0000000..ff98713 --- /dev/null +++ b/nix/nixos/features/virtualisation/incus.nix @@ -0,0 +1,62 @@ +{ pkgs, ... }: +{ + networking.nftables.enable = true; + + networking.firewall.interfaces.incusbr0.allowedTCPPorts = [ + 53 + 67 + ]; + networking.firewall.interfaces.incusbr0.allowedUDPPorts = [ + 53 + 67 + ]; + + + environment.systemPackages = with pkgs; [ + distrobuilder + ]; + + virtualisation.incus = { + enable = true; + ui.enable = true; + # preseed = { + # networks = [ + # { + # config = { + # "ipv4.address" = "10.0.100.1/24"; + # "ipv4.nat" = "true"; + # }; + # name = "incusbr0"; + # type = "bridge"; + # } + # ]; + # profiles = [ + # { + # devices = { + # eth0 = { + # name = "eth0"; + # network = "incusbr0"; + # type = "nic"; + # }; + # root = { + # path = "/"; + # pool = "default"; + # size = "35GiB"; + # type = "disk"; + # }; + # }; + # name = "default"; + # } + # ]; + # storage_pools = [ + # { + # config = { + # source = "/var/lib/incus/storage-pools/default"; + # }; + # driver = "dir"; + # name = "default"; + # } + # ]; + # }; + }; +} diff --git a/nix/nixos/features/system/virtualisation.nix b/nix/nixos/features/virtualisation/libvirt.nix similarity index 98% rename from nix/nixos/features/system/virtualisation.nix rename to nix/nixos/features/virtualisation/libvirt.nix index 7d94bcd..afde5a1 100644 --- a/nix/nixos/features/system/virtualisation.nix +++ b/nix/nixos/features/virtualisation/libvirt.nix @@ -3,4 +3,3 @@ virtualisation.libvirtd.enable = true; programs.virt-manager.enable = true; } - diff --git a/nix/nixos/roles/acme.nix b/nix/nixos/roles/acme.nix index da836e0..0e62607 100644 --- a/nix/nixos/roles/acme.nix +++ b/nix/nixos/roles/acme.nix @@ -5,7 +5,7 @@ let in lib.mkIf (roleEnabled) { - # Configure sops secret + # Configure sops secret sops.secrets.gandi-apikey = { }; # acme must nginx user diff --git a/nix/nixos/roles/coredns.nix b/nix/nixos/roles/coredns.nix index a923577..a467dad 100644 --- a/nix/nixos/roles/coredns.nix +++ b/nix/nixos/roles/coredns.nix @@ -47,18 +47,18 @@ let 30 ; Zone update retry timeout 180 ; Zone TTL 3600) ; Negative response TTL - + h. IN NS ns.${config.homelab.domain}. ns ${toString ttl} IN A ${config.homelab.currentHost.ipv4} ; hosts - ${lib.concatMapStringsSep "\n" (host: + ${lib.concatMapStringsSep "\n" (host: "${host.name}.${config.homelab.domain}. ${toString ttl} IN A ${host.ip}") hostsIps} ; alias - ${lib.concatMapStringsSep "\n" (host: + ${lib.concatMapStringsSep "\n" (host: "${host.name}.${config.homelab.domain}. ${toString ttl} IN A ${host.ip}") aliasIps} ''; diff --git a/nix/nixos/roles/default.nix b/nix/nixos/roles/default.nix index a3cfee7..4867048 100644 --- a/nix/nixos/roles/default.nix +++ b/nix/nixos/roles/default.nix @@ -21,6 +21,7 @@ ./smokeping.nix ./statping.nix ./uptime.nix + ./virtualization.nix ./zigbee2mqtt.nix ]; } diff --git a/nix/nixos/roles/grafana/dashboards/alert.json b/nix/nixos/roles/grafana/dashboards/alert.json index c6a084f..b78c3a4 100644 --- a/nix/nixos/roles/grafana/dashboards/alert.json +++ b/nix/nixos/roles/grafana/dashboards/alert.json @@ -3714,4 +3714,4 @@ "uid": "eea-9_sik", "version": 2, "weekStart": "" -} \ No newline at end of file +} diff --git a/nix/nixos/roles/grafana/dashboards/coredns.json b/nix/nixos/roles/grafana/dashboards/coredns.json index 2fdb9ca..7868c6f 100644 --- a/nix/nixos/roles/grafana/dashboards/coredns.json +++ b/nix/nixos/roles/grafana/dashboards/coredns.json @@ -1469,4 +1469,4 @@ "title": "CoreDNS", "uid": "thael1rie7ohG6OY3eMeisahtee2iGoo1gooGhuu", "version": 0 -} \ No newline at end of file +} diff --git a/nix/nixos/roles/grafana/dashboards/node_exporter.json b/nix/nixos/roles/grafana/dashboards/node_exporter.json index 547055c..1c9783f 100644 --- a/nix/nixos/roles/grafana/dashboards/node_exporter.json +++ b/nix/nixos/roles/grafana/dashboards/node_exporter.json @@ -1237,4 +1237,4 @@ "uid": "ZKD8c5h4k", "version": 1, "weekStart": "" -} \ No newline at end of file +} diff --git a/nix/nixos/roles/grafana/dashboards/node_exporter_full.json b/nix/nixos/roles/grafana/dashboards/node_exporter_full.json index da7a3e2..eef79fc 100644 --- a/nix/nixos/roles/grafana/dashboards/node_exporter_full.json +++ b/nix/nixos/roles/grafana/dashboards/node_exporter_full.json @@ -23176,4 +23176,4 @@ "uid": "rYdddlPWk", "version": 1, "weekStart": "" -} \ No newline at end of file +} diff --git a/nix/nixos/roles/grafana/dashboards/prometheus_overview.json b/nix/nixos/roles/grafana/dashboards/prometheus_overview.json index 7caa594..33a7148 100644 --- a/nix/nixos/roles/grafana/dashboards/prometheus_overview.json +++ b/nix/nixos/roles/grafana/dashboards/prometheus_overview.json @@ -1273,4 +1273,4 @@ "uid": "U5dlT5h4z", "version": 1, "weekStart": "" -} \ No newline at end of file +} diff --git a/nix/nixos/roles/grafana/dashboards/prometheus_stats.json b/nix/nixos/roles/grafana/dashboards/prometheus_stats.json index 543ab15..6c0eb99 100644 --- a/nix/nixos/roles/grafana/dashboards/prometheus_stats.json +++ b/nix/nixos/roles/grafana/dashboards/prometheus_stats.json @@ -1546,4 +1546,4 @@ "uid": "UDdpyzz7z", "version": 1, "weekStart": "" -} \ No newline at end of file +} diff --git a/nix/nixos/roles/grafana/dashboards/prometheus_stats_2.json b/nix/nixos/roles/grafana/dashboards/prometheus_stats_2.json index 543ab15..6c0eb99 100644 --- a/nix/nixos/roles/grafana/dashboards/prometheus_stats_2.json +++ b/nix/nixos/roles/grafana/dashboards/prometheus_stats_2.json @@ -1546,4 +1546,4 @@ "uid": "UDdpyzz7z", "version": 1, "weekStart": "" -} \ No newline at end of file +} diff --git a/nix/nixos/roles/grafana/dashboards/smokeping.json b/nix/nixos/roles/grafana/dashboards/smokeping.json index 7cb9de7..30a1b2b 100644 --- a/nix/nixos/roles/grafana/dashboards/smokeping.json +++ b/nix/nixos/roles/grafana/dashboards/smokeping.json @@ -602,4 +602,4 @@ "uid": "isupaSmok", "version": 1, "weekStart": "" -} \ No newline at end of file +} diff --git a/nix/nixos/roles/grafana/dashboards/snmp-mikrotik.json b/nix/nixos/roles/grafana/dashboards/snmp-mikrotik.json index 20c0f4e..fce4ae9 100644 --- a/nix/nixos/roles/grafana/dashboards/snmp-mikrotik.json +++ b/nix/nixos/roles/grafana/dashboards/snmp-mikrotik.json @@ -8948,4 +8948,4 @@ "uid": "nR3NRDGaz", "version": 1, "weekStart": "" -} \ No newline at end of file +} diff --git a/nix/nixos/roles/grafana/dashboards/snmp-network.json b/nix/nixos/roles/grafana/dashboards/snmp-network.json index 2e59c87..3e57f5e 100644 --- a/nix/nixos/roles/grafana/dashboards/snmp-network.json +++ b/nix/nixos/roles/grafana/dashboards/snmp-network.json @@ -238,4 +238,4 @@ "uid": "Koinmfh4z", "version": 1, "weekStart": "" - } \ No newline at end of file + } diff --git a/nix/nixos/roles/grafana/dashboards/snmp-stats.json b/nix/nixos/roles/grafana/dashboards/snmp-stats.json index dd75881..4aee754 100644 --- a/nix/nixos/roles/grafana/dashboards/snmp-stats.json +++ b/nix/nixos/roles/grafana/dashboards/snmp-stats.json @@ -953,4 +953,4 @@ "uid": "7qKD6I1Wk", "version": 1, "weekStart": "" -} \ No newline at end of file +} diff --git a/nix/nixos/roles/grafana/default.nix b/nix/nixos/roles/grafana/default.nix index 0f703b6..187223b 100644 --- a/nix/nixos/roles/grafana/default.nix +++ b/nix/nixos/roles/grafana/default.nix @@ -66,7 +66,7 @@ lib.mkIf (roleEnabled) proxy_pass http://127.0.0.1:${toString config.services.grafana.settings.server.http_port}; proxy_set_header Host $host; proxy_set_header Upgrade $http_upgrade; - proxy_set_header Connection $connection_upgrade; + proxy_set_header Connection $connection_upgrade; ''; }; }; diff --git a/nix/nixos/roles/home-assistant/blueprints/low-battery.nix b/nix/nixos/roles/home-assistant/blueprints/low-battery.nix index 9ab53df..01ac779 100644 --- a/nix/nixos/roles/home-assistant/blueprints/low-battery.nix +++ b/nix/nixos/roles/home-assistant/blueprints/low-battery.nix @@ -11,7 +11,7 @@ let }; installPhase = '' - mkdir -p "$out/sbyx" + mkdir -p "$out/sbyx" install -Dm444 "${src}/low-battery-level-detection-notification-for-all-battery-sensors.yaml" "$out/sbyx/" ''; }; diff --git a/nix/nixos/roles/home-assistant/default.nix b/nix/nixos/roles/home-assistant/default.nix index 71fea77..710c303 100644 --- a/nix/nixos/roles/home-assistant/default.nix +++ b/nix/nixos/roles/home-assistant/default.nix @@ -7,7 +7,7 @@ let # Hass config hass_config = pkgs.writeText "configuration.yaml" '' # Discovery - default_config: + default_config: # Web Server configuration http: @@ -30,7 +30,7 @@ let default: warning logs: homeassistant.components.rfxtrx: debug - RFXtrx: debug + RFXtrx: debug ''; in @@ -177,7 +177,7 @@ lib.mkIf (roleEnabled) # proxy_pass http://127.0.0.1:${toString cfg.config.http.server_port}; # proxy_set_header Host $host; # proxy_set_header Upgrade $http_upgrade; -# proxy_set_header Connection $connection_upgrade; +# proxy_set_header Connection $connection_upgrade; # ''; # }; # }; diff --git a/nix/nixos/roles/loki/loki.nix b/nix/nixos/roles/loki/loki.nix index b369bd4..c980014 100644 --- a/nix/nixos/roles/loki/loki.nix +++ b/nix/nixos/roles/loki/loki.nix @@ -96,7 +96,7 @@ lib.mkIf (roleEnabled) proxy_pass http://127.0.0.1:${toString port_loki}; proxy_set_header Host $host; proxy_set_header Upgrade $http_upgrade; - proxy_set_header Connection $connection_upgrade; + proxy_set_header Connection $connection_upgrade; ''; }; }; diff --git a/nix/nixos/roles/loki/promtail.nix b/nix/nixos/roles/loki/promtail.nix index d09fc52..c32ee87 100644 --- a/nix/nixos/roles/loki/promtail.nix +++ b/nix/nixos/roles/loki/promtail.nix @@ -51,7 +51,7 @@ lib.mkIf (roleEnabled) proxy_pass http://127.0.0.1:${toString port_promtail}; proxy_set_header Host $host; proxy_set_header Upgrade $http_upgrade; - proxy_set_header Connection $connection_upgrade; + proxy_set_header Connection $connection_upgrade; ''; }; }; diff --git a/nix/nixos/roles/mosquitto.nix b/nix/nixos/roles/mosquitto.nix index 81d50dd..9278733 100644 --- a/nix/nixos/roles/mosquitto.nix +++ b/nix/nixos/roles/mosquitto.nix @@ -9,7 +9,7 @@ let in lib.mkIf (roleEnabled) { - # Configure sops secret + # Configure sops secret sops.secrets."mqtt/pass/zigbee2mqtt" = { owner = "mosquitto"; group = "mosquitto"; }; sops.secrets."mqtt/pass/hass" = { owner = "mosquitto"; group = "mosquitto"; }; diff --git a/nix/nixos/roles/nix-serve.nix b/nix/nixos/roles/nix-serve.nix index 58c5fde..d7bf5db 100644 --- a/nix/nixos/roles/nix-serve.nix +++ b/nix/nixos/roles/nix-serve.nix @@ -1,6 +1,6 @@ -# Run on destination nixos installation +# Run on destination nixos installation # export DIR_NIXSERVE=/persist/host/data/nix-serve -# mkdir -p $DIR_NIXSERVE && cd $DIR_NIXSERVE +# mkdir -p $DIR_NIXSERVE && cd $DIR_NIXSERVE # nix-store --generate-binary-cache-key $(hostname).$(hostname -d) cache-priv-key.pem cache-pub-key.pem # # curl https://nixcache.adele.im:5000/nix-cache-info @@ -14,7 +14,7 @@ let in lib.mkIf (roleEnabled) { - # Configure sops secret + # Configure sops secret sops.secrets.nixserve-private-key = { }; networking.firewall.allowedTCPPorts = [ diff --git a/nix/nixos/roles/prometheus/alert-rules.nix b/nix/nixos/roles/prometheus/alert-rules.nix index 851b38a..b221f83 100644 --- a/nix/nixos/roles/prometheus/alert-rules.nix +++ b/nix/nixos/roles/prometheus/alert-rules.nix @@ -3,13 +3,13 @@ { lib }: lib.mapAttrsToList (name: opts: # Params - { - alert = name; - expr = opts.condition; - for = opts.time or "2m"; - labels = { }; - annotations.description = opts.description; - } + { + alert = name; + expr = opts.condition; + for = opts.time or "2m"; + labels = { }; + annotations.description = opts.description; + } ) ( { diff --git a/nix/nixos/roles/prometheus/default.nix b/nix/nixos/roles/prometheus/default.nix index 639cb81..14fa094 100644 --- a/nix/nixos/roles/prometheus/default.nix +++ b/nix/nixos/roles/prometheus/default.nix @@ -54,7 +54,7 @@ lib.mkIf (roleEnabled) # Secret content all variables content # example: - # alertmanager: | + # alertmanager: | # var_name1=value1 # var_name2=value2 environmentFile = config.sops.secrets.alertmanager.path; @@ -137,7 +137,7 @@ lib.mkIf (roleEnabled) proxy_pass http://127.0.0.1:${toString cfg.port}; proxy_set_header Host $host; proxy_set_header Upgrade $http_upgrade; - proxy_set_header Connection $connection_upgrade; + proxy_set_header Connection $connection_upgrade; ''; }; }; diff --git a/nix/nixos/roles/prometheus/exporter/snmp.nix b/nix/nixos/roles/prometheus/exporter/snmp.nix index afa8d3a..22c6ea0 100644 --- a/nix/nixos/roles/prometheus/exporter/snmp.nix +++ b/nix/nixos/roles/prometheus/exporter/snmp.nix @@ -69,5 +69,3 @@ in } ]; } - - diff --git a/nix/nixos/roles/smokeping.nix b/nix/nixos/roles/smokeping.nix index 094e557..e4f8e13 100644 --- a/nix/nixos/roles/smokeping.nix +++ b/nix/nixos/roles/smokeping.nix @@ -94,7 +94,7 @@ lib.mkIf (roleEnabled) ++ all-numericable menu = all-numericable title = All numericable DNS - host = /DNS/numericable1 /DNS/numericable2 + host = /DNS/numericable1 /DNS/numericable2 ++ all-cloudflare menu = all-cloudflare @@ -115,7 +115,7 @@ lib.mkIf (roleEnabled) menu = all-google title = All google DNS host = /DNS/google8 /DNS/google4 - + ++ numericable1 menu = numericable1 title = numericable ns1.numericable.net DNS performance diff --git a/nix/nixos/roles/statping.nix b/nix/nixos/roles/statping.nix index 1eff8bc..a15f7e9 100644 --- a/nix/nixos/roles/statping.nix +++ b/nix/nixos/roles/statping.nix @@ -23,4 +23,3 @@ in ]; }; } - diff --git a/nix/nixos/roles/uptime.nix b/nix/nixos/roles/uptime.nix index 7a5355e..318d416 100644 --- a/nix/nixos/roles/uptime.nix +++ b/nix/nixos/roles/uptime.nix @@ -22,4 +22,3 @@ in ]; }; } - diff --git a/nix/nixos/roles/virtualization.nix b/nix/nixos/roles/virtualization.nix new file mode 100644 index 0000000..a02df92 --- /dev/null +++ b/nix/nixos/roles/virtualization.nix @@ -0,0 +1,27 @@ +{ pkgs, outputs, lib, config, ... }: +let + roleName = "virtualization"; + roleEnabled = lib.elem roleName config.homelab.currentHost.roles; +in +lib.mkIf (roleEnabled) +{ + virtualisation.libvirtd = { + enable = true; + qemu = { + package = pkgs.qemu_kvm; + runAsRoot = true; + swtpm.enable = true; + ovmf = { + enable = true; + packages = [ + (pkgs.OVMF.override { + secureBoot = true; + tpmSupport = true; + }).fd + ]; + }; + }; + }; + + programs.virt-manager.enable = true; +} diff --git a/nix/nixos/roles/zigbee2mqtt.nix b/nix/nixos/roles/zigbee2mqtt.nix index a65ff39..d9d4e07 100644 --- a/nix/nixos/roles/zigbee2mqtt.nix +++ b/nix/nixos/roles/zigbee2mqtt.nix @@ -9,7 +9,7 @@ let in lib.mkIf (roleEnabled) { - # Configure sops secret + # Configure sops secret sops.secrets."mqtt/secret/zigbee2mqtt" = { path = "/var/lib/zigbee2mqtt/secret.yaml"; owner = "${config.systemd.services.zigbee2mqtt.serviceConfig.User}"; diff --git a/nix/overlays/default.nix b/nix/overlays/default.nix index 059029e..609b26d 100644 --- a/nix/overlays/default.nix +++ b/nix/overlays/default.nix @@ -5,9 +5,9 @@ additions = final: _prev: import ../pkgs { pkgs = final; }; # My wallpapers - wallpapers = final: prev: { - wallpapers = final.callPackage ../pkgs/wallpapers { }; - }; + # wallpapers = final: prev: { + # wallpapers = final.callPackage ../pkgs/wallpapers { }; + # }; # This one contains whatever you want to overlay # You can change versions, add patches, set compilation flags, anything really. @@ -16,70 +16,6 @@ # example = prev.example.overrideAttrs (oldAttrs: rec { # ... # }); - - # rice.colorPalette = with final.lib.nix-rice; - rice.colorPalette = with inputs.nix-rice.lib; - - let - # https://github.com/kovidgoyal/kitty-themes/tree/master/themes - themename = "gruvbox-dark"; - theme = kitty-themes.getThemeByName themename; - - blackDarkenValue = 15; - darkNormalValue = 90; - darkBrightValue = 90; - in - rec { - dark-normal = { - black = color.darken darkNormalValue theme.color0; - red = color.darken darkNormalValue theme.color1; - green = color.darken darkNormalValue theme.color2; - yellow = color.darken darkNormalValue theme.color3; - blue = color.darken darkNormalValue theme.color4; - magenta = color.darken darkNormalValue theme.color5; - cyan = color.darken darkNormalValue theme.color6; - white = color.darken darkNormalValue theme.color7; - }; - dark-bright = { - black = color.darken darkBrightValue theme.color0; - red = color.darken darkBrightValue theme.color1; - green = color.darken darkBrightValue theme.color2; - yellow = color.darken darkBrightValue theme.color3; - blue = color.darken darkBrightValue theme.color4; - magenta = color.darken darkBrightValue theme.color5; - cyan = color.darken darkBrightValue theme.color6; - white = color.darken darkBrightValue theme.color7; - }; - normal = { - black = theme.color0; - red = theme.color1; - green = theme.color2; - yellow = theme.color3; - blue = theme.color4; - magenta = theme.color5; - cyan = theme.color6; - white = theme.color7; - }; - bright = { - black = theme.color8; - red = theme.color9; - green = theme.color10; - yellow = theme.color11; - blue = theme.color12; - magenta = theme.color13; - cyan = theme.color14; - white = theme.color15; - }; - background = color.darken blackDarkenValue theme.color0; - foreground = color.darken 10 theme.color15; - - cursor_bg = color.darken 10 theme.color15; - cursor_border = color.darken 10 theme.color15; - cursor_fg = color.darken blackDarkenValue theme.color0; - - selection_bg = color.darken 10 theme.color4; - selection_fg = color.darken blackDarkenValue theme.color0; - }; }; # When applied, the unstable nixpkgs set (declared in the flake inputs) will diff --git a/nix/pkgs/wallpapers/default.nix b/nix/pkgs/wallpapers/default.nix index 6fdd005..1182d24 100644 --- a/nix/pkgs/wallpapers/default.nix +++ b/nix/pkgs/wallpapers/default.nix @@ -1,5 +1,5 @@ # From Misterio77 repository => https://github.com/Misterio77/nix-config -# +# # This exposes a attrset of wallpaper derivations, each one is fetch from # imgur. You can manually include new wallpapers in list.nix, or generate them # from an imgur album using ./from_album.sh diff --git a/shell.nix b/shell.nix index 83dd7d8..102249f 100644 --- a/shell.nix +++ b/shell.nix @@ -1,68 +1,61 @@ # Shell for bootstrapping flake-enabled nix and home-manager # You can enter it through 'nix develop' or (legacy) 'nix-shell' -{ pkgs ? (import ./nixpkgs.nix) { }, nix-pre-commit, system }: +{ pkgs ? (import ./nixpkgs.nix) { }, system }: let - # Precomit configuration - config = { - repos = [ - { - repo = "local"; - hooks = [ - - { - id = "reorder-python-imports"; - entry = "${pkgs.python310Packages.reorder-python-imports}/bin/reorder-python-imports"; - language = "system"; - types = [ "python" ]; - } - { - id = "black"; - entry = "${pkgs.python310Packages.black}/bin/black"; - language = "system"; - types = [ "python" ]; - "args" = [ - "--line-length=79" - ]; - } - { - id = "flake8"; - entry = "${pkgs.python310Packages.flake8}/bin/flake8"; - language = "system"; - types = [ "python" ]; - } - ]; - } - ]; - }; + uefi_file = "${pkgs.OVMF.fd}/FV/OVMF.fd"; in { default = pkgs.mkShell { # Enable experimental features without having to specify the argument NIX_CONFIG = "experimental-features = nix-command flakes"; nativeBuildInputs = with pkgs; [ - nix + + # Required by nix-homelab project + borgbackup + deno git home-manager - borgbackup - vim + just + nix + plantuml + pre-commit - sops - gnupg + # Testing nix-homelab + qemu + qemu_kvm + OVMF + + # Nix unentended installation + nixos-anywhere + + # Credentials age + gnupg + pass + pwgen + sops + ssh-to-age - python3.pkgs.invoke - python3.pkgs.deploykit - python3.pkgs.xmltodict + # Required by invoke wireguard-tools openssl_3_0.bin - plantuml + # diagrams + graphviz + + # Wireguard + wireguard-tools + openssl_3_0.bin + + # Wireguard + openssl_3_0.bin + wireguard-tools ] ++ lib.optional (stdenv.isLinux) mkpasswd; - shellHook = (nix-pre-commit.lib.${system}.mkConfig { - inherit pkgs config; - }).shellHook; + shellHook = '' + export UEFI_FILE=${uefi_file}; + ''; }; } diff --git a/tasks.py b/tasks.py deleted file mode 100644 index 5674a6a..0000000 --- a/tasks.py +++ /dev/null @@ -1,1368 +0,0 @@ -#!/usr/bin/env python3 -# -*- coding: utf-8 -*- -import json -import math -import os -import re -import shutil -import sys -from pathlib import Path -from typing import Any -from typing import Callable -from typing import IO -from typing import List - -import xmltodict -from deploykit import DeployGroup -from deploykit import DeployHost -from deploykit import HostKeyCheck -from invoke import Collection -from invoke import run -from invoke import task - -import taskslib - -ROOT = Path(__file__).parent.resolve() -os.chdir(ROOT) - - -RSYNC_EXCLUDES = [".git"] - -# NOTE: Array order is important (Config section must be computed first) -OSSCAN = { - "NixOS": ["Role", "Scan", "Config", "Topologie", "Hardwares", "Nix"], - "Nix": ["Scan", "Config", "Topologie", "Hardwares", "Nix"], - "MikroTik": [ - "Scan", - ], - "Sagem": [ - "Scan", - ], - "Android": [ - "Scan", - ], - "Iphone": [ - "Scan", - ], - "Chromecast": [ - "Scan", - ], - "GoogleMini": [ - "Scan", - ], - "Bridge": [ - "Scan", - ], - "ArchLinux": [ - "Scan", - ], -} - - -def get_hosts(hosts: str) -> List[DeployHost]: - return [DeployHost(h, user="root") for h in hosts.split(",")] - - -def get_deploylist_from_homelab(username: str, hosts: str) -> List[DeployHost]: - with open("homelab.json", "r") as fh: - jinfo = json.load(fh) - hostslist = jinfo["hosts"] - - if hosts == "": - hostnames = hostslist.keys() - else: - hostnames = hosts.split(",") - - deploylist = [] - for hn in hostnames: - dh = DeployHost( - hostslist[hn]["ipv4"], - user=username, - host_key_check=HostKeyCheck.NONE, - meta=dict(hostname=hn, os=hostslist[hn]["os"]), - ) - deploylist.append(dh) - - return deploylist - - -def get_deploylist_from_role(role: str) -> List[DeployHost]: - with open("homelab.json", "r") as fh: - jinfo = json.load(fh) - hostslist = jinfo["hosts"] - hostnames = hostslist.keys() - - deploylist = [] - for hn in hostnames: - if "roles" in hostslist[hn] and role in hostslist[hn]["roles"]: - dh = DeployHost( - hostslist[hn]["ipv4"], - user="root", - meta=dict(hostname=hn, os=hostslist[hn]["os"]), - ) - deploylist.append(dh) - - return deploylist - - -def color_text(code: int, file: IO[Any] = sys.stdout) -> Callable[[str], None]: - def wrapper(text: str) -> None: - if sys.stderr.isatty(): - print(f"\x1b[{code}m{text}\x1b[0m", file=file) - else: - print(text, file=file) - - return wrapper - - -warn = color_text(31, file=sys.stderr) -info = color_text(32) - - -############################################################################## -# Tasks -############################################################################## - - -@task -def firmware_rpi_update(c, hosts): - for h in get_hosts(hosts): - _firmware_rpi_update(h) - - -@task -def ssh_init_host_key(c, hosts, hostnames): - """ - Init ssh host key from nixos installation - """ - h = get_hosts(hosts) - hn = hostnames.split(",") - - for idx in range(len(h)): - _ssh_init_host_key(h[idx], hn[idx]) - - -@task(name="keys") -def wireguard_keys(c, hostname): - """ - Generate wireguard private key for - """ - - _wireguard_keys(hostname) - - -# @task(name="gen-pub") -# def wireguard_gen_public_key(c, private=""): -# """ -# Generate wireguard public key - -# If the private key is not provided, -# it is recovered from hosts/secrets.yml -# """ - -# _wireguard_genpub(private) - - -# wg = Collection("wireguard") -# wg.add_task(wireguard_keys) - - -@task -def disk_format(c, hosts, disk, mirror="", mode="GPT", password=""): - """ - Format disks with zfs - """ - - for h in get_hosts(hosts): - _format_disks(h, disk, mirror, mode, password) - _disk_mount(h, mirror, password) - - -@task -def disk_mount(c, hosts, mirror="", password=""): - """ - Mount disks from the installer - """ - for h in get_hosts(hosts): - _disk_mount(h, mirror, password) - - -@task -def sync_homelab(c, hosts): - """ - rsync currently local homelab project to future nixos installation - """ - for h in get_hosts(hosts): - _sync_homelab({h.host}) - - -@task -def nixos_generate_config(c, hosts, hostnames): - """ - Generate hardware configuration for the host - """ - - h = get_hosts(hosts) - hn = hostnames.split(",") - - for idx in range(len(h)): - _nixos_generate_config(h[idx], hn[idx]) - - -############################################################################## -# Nixos -############################################################################## - - -@task -def nixos_install(c, hosts, flakeattr): - """ - install nixos - """ - for h in get_hosts(hosts): - # Sync project - info("Sync homelab project") - _sync_homelab(h) - - # Install nixos - info("Install NixOS") - h.run( - f"cd /mnt/nix-homelab && nix --extra-experimental-features \ - 'nix-command flakes' shell nixpkgs#git -c nixos-install \ - --verbose --flake .#{flakeattr} && sync" - ) - - -@task( - name="build", - help={ - "cache": "Use binary cache from flake extra-substituers section", - "keeperror": "Continue, if error", - "showtrace": "Show trace on error", - }, -) -def nix_build(c, hostnames="", cache=True, keeperror=True, showtrace=False): - """ - Test to server - - if is empty, deploy to all nix homelab server - - """ - _execute_nixos_rebuild( - "build", hostnames, False, cache, keeperror, showtrace - ) - - -@task( - name="test", - help={ - "discovery": "get host information after deployment", - "cache": "Use binary cache from flake extra-substituers section", - "keeperror": "Continue, if error", - "showtrace": "Show trace on error", - }, -) -def nix_test( - c, - hostnames="", - discovery=True, - cache=True, - keeperror=True, - showtrace=False, -): - """ - Test to server - - if is empty, deploy to all nix homelab server - - """ - _execute_nixos_rebuild( - "test", hostnames, discovery, cache, keeperror, showtrace - ) - - -@task( - name="deploy", - help={ - "discovery": "get host information after deployment", - "cache": "Use binary cache from flake extra-substituers section", - "keeperror": "Continue, if error", - "showtrace": "Show trace on error", - }, -) -def nix_deploy( - c, - hostnames="", - discovery=True, - cache=True, - keeperror=True, - showtrace=False, -): - """ - Deploy to server - - if is empty, deploy to all nix homelab server - - """ - _execute_nixos_rebuild( - "switch", hostnames, discovery, cache, keeperror, showtrace - ) - - -@task( - name="boot", - help={ - "discovery": "get host information after deployment", - "cache": "Use binary cache from flake extra-substituers section", - "keeperror": "Continue, if error", - "showtrace": "Show trace on error", - }, -) -def nix_boot( - c, - hostnames="", - discovery=True, - cache=True, - keeperror=True, - showtrace=False, -): - """ - rebuild boot to server - - if is empty, deploy to all nix homelab server - - """ - _execute_nixos_rebuild( - "boot", hostnames, discovery, cache, keeperror, showtrace - ) - - -nixos = Collection("nixos") -nixos.add_task(nix_deploy) -nixos.add_task(nix_test) -nixos.add_task(nix_build) -nixos.add_task(nix_boot) - -############################################################################## -# Home-manager (user) -############################################################################## - - -@task( - name="build", - help={ - "cache": "Use binary cache from flake extra-substituers section", - "keeperror": "Continue, if error", - "showtrace": "Show trace on error", - }, -) -def home_build( - c, username="", hostnames="", cache=True, keeperror=True, showtrace=False -): - """ - Test to server - - if is empty, deploy to all nix homelab server - - """ - _execute_home_remote_deploy( - "build", username, hostnames, cache, keeperror, showtrace - ) - - -@task( - name="deploy", - help={ - "cache": "Use binary cache from flake extra-substituers section", - "keeperror": "Continue, if error", - "showtrace": "Show trace on error", - }, -) -def home_deploy( - c, - username="", - hostnames="", - cache=True, - keeperror=True, - showtrace=False, -): - """ - Deploy to server - - if is empty, deploy to all nix homelab server - - """ - _execute_home_remote_deploy( - "switch", username, hostnames, cache, keeperror, showtrace - ) - - -home = Collection("home") -home.add_task(home_deploy) -home.add_task(home_build) - - -@task( - name="build", - help={ - "cache": "Use binary cache from flake extra-substituers section", - "keeperror": "Continue, if error", - "showtrace": "Show trace on error", - }, -) -def role_build(c, role, cache=True, keeperror=True, showtrace=False): - """ - Build for all hosts contains the role - """ - - deploylist = get_deploylist_from_role(role) - _nixos_rebuild(deploylist, "build", False, cache, keeperror, showtrace) - - -@task( - name="test", - help={ - "discovery": "get host information after deployment", - "cache": "Use binary cache from flake extra-substituers section", - "keeperror": "Continue, if error", - "showtrace": "Show trace on error", - }, -) -def role_test( - c, role, discovery=True, cache=True, keeperror=True, showtrace=False -): - """ - Test for all hosts contains the role - """ - - deploylist = get_deploylist_from_role(role) - _nixos_rebuild(deploylist, "test", discovery, cache, keeperror, showtrace) - - -@task( - name="deploy", - help={ - "discovery": "get host information after deployment", - "cache": "Use binary cache from flake extra-substituers section", - "keeperror": "Continue, if error", - "showtrace": "Show trace on error", - }, -) -def role_deploy( - c, role, discovery=True, cache=True, keeperror=True, showtrace=False -): - """ - Deploy for all hosts contains the role - """ - - deploylist = get_deploylist_from_role(role) - _nixos_rebuild( - deploylist, "switch", discovery, cache, keeperror, showtrace - ) - - -role = Collection("role") -role.add_task(role_deploy) -role.add_task(role_test) -role.add_task(role_build) - - -@task(name="nix-serve") -def init_nix_serve(c, hosts, hostnames): - """ - Init nix binary cache server nix-serve private & public key - """ - - h = get_hosts(hosts) - hn = hostnames.split(",") - - for idx in range(len(h)): - taskslib._init_nix_serve(h[idx], hn[idx]) - - -@task(name="domain-cert") -def cert_init_cert_domain(c): - """ - Init domain certificate - """ - taskslib._cert_init_cert_domain() - - -init = Collection("init") -init.add_task(disk_format) -init.add_task(disk_mount) -init.add_task(init_nix_serve) -init.add_task(cert_init_cert_domain) -init.add_task(ssh_init_host_key) -init.add_task(nixos_generate_config) -init.add_task(nixos_install) - - -@task(name="all_pages") -def doc_generate_all_pages(c): - """ - generate all homelab documentation - """ - - _doc_update_hosts_pages() - taskslib._doc_update_main_project_page() - - -@task(name="main_page") -def doc_generate_main_page(c): - """ - generate main homelab page - """ - - taskslib._doc_update_main_project_page() - - -@task(name="host_pages") -def doc_generate_hosts_pages(c): - """ - generate all homelab hosts page - """ - - _doc_update_hosts_pages() - - -@task(name="scan_all_hosts") -def doc_scan_all_hosts(c, hosts=""): - """ - Retrieve all hosts system infromations - """ - deploylist = get_deploylist_from_homelab("root", hosts) - _scan_all_hosts(deploylist) - - -docs = Collection("docs") -docs.add_task(doc_generate_all_pages) -docs.add_task(doc_generate_main_page) -docs.add_task(doc_generate_hosts_pages) -docs.add_task(doc_scan_all_hosts) - - -############################################################################## -# Functions -############################################################################## - - -def _format_disks( - host: DeployHost, disk: str, mirror: str, mode: str, zfspassphrase: str -) -> None: - # format disk in hybrid mode (GPT and MBR) with as follow : - # - partition 1 MBR/EFI boot partition - # - partition 2 swap partition for system with few RAM - # - partition 3 zfs partition - - if mode not in ["MBR", "EFI"]: - print("Please choose MBR or EFI partition mode") - sys.exit(1) - - diskprefix = "" - - if "nvme" in disk: - diskprefix = "p" - - # Umount all /mnt - host.run("umount -R /mnt", check=False) - - # swapoff - host.run(f"swapoff {disk}{diskprefix}2", check=False) - if mirror: - host.run(f"swapoff {mirror}2", check=False) - - # Check previous zfs volumes - r = host.run("zpool list | grep 'zroot'", check=False) - if r.returncode == 0: - host.run( - """ - zfs destroy -r zroot - zpool destroy zroot - """ - ) - - # Wipe & Partitioning - host.run( - f"sgdisk -Z -n 1:2048:+1G -n 2:+0:+8G -N 3 -t 1:ef00 -t 2:8200 -t 3:8304 {disk}" # noqa: E501 - ) - - # For legacy bios - if mode == "MBR": - host.run(f"sgdisk -m 1:2:3 {disk}") - - # Clone partition [If mirror mode] - if mirror: - host.run(f"sfdisk --dump {disk} | sfdisk {mirror}") - zdisks = f"{disk}{diskprefix}3 {mirror}{diskprefix}3".strip() - else: - zdisks = f"{disk}{diskprefix}3".strip() - # Create ZFS pool - if mirror: - host.run( - f"zpool create -f -o ashift=12 -O mountpoint=none zroot mirror {zdisks}" # noqa: E501 - ) - else: - host.run( - f"zpool create -f -o ashift=12 -O mountpoint=none zroot {zdisks}" - ) - - # Format boot - host.run( - f""" - mkfs.vfat {disk}{diskprefix}1 -n BOOT_1ST - test -n "{mirror}" && mkfs.vfat {mirror}{diskprefix}1 -n BOOT_2ND || true - """ - ) - - # swap - host.run( - f""" - mkswap {disk}{diskprefix}2 -L SWAP_1ST - test -n "{mirror}" && mkswap {mirror}{diskprefix}2 -L SWAP_2ND || true - """ - ) - - # public volumes - host.run( - """ - zfs create -o mountpoint=none -o canmount=off zroot/public - zfs create -o mountpoint=legacy -o canmount=on -o atime=off zroot/public/nix - zfs create -o mountpoint=legacy -o canmount=on -o atime=off zroot/public/nix-homelab - """ # noqa: E501 - ) - - # private volumes(encrypted) - zfspool = "public" - if zfspassphrase: - host.run( - f"echo '{zfspassphrase}' | zfs create -o mountpoint=none -o canmount=off -o encryption=aes-256-gcm -o keyformat=passphrase -o keylocation=prompt zroot/private" # noqa: E501 - ) - zfspool = "private" - - # Create private or public volume - host.run( - f""" - zfs create -o mountpoint=legacy -o canmount=on zroot/{zfspool}/root - zfs create -o mountpoint=legacy -o canmount=on zroot/{zfspool}/data - zfs create -o mountpoint=legacy -o canmount=off zroot/{zfspool}/persist - zfs create -o mountpoint=legacy -o canmount=on zroot/{zfspool}/persist/host - zfs create -o mountpoint=legacy -o canmount=on zroot/{zfspool}/persist/user - """ # noqa: E501 - ) - - # Show encrypted volumes - host.run("zfs get encryption") - - -def _disk_mount(host: DeployHost, mirror: str, zfspassphrase: str) -> None: - # Umount all volumes - host.run("umount -R /mnt", check=False) - - # Re-import zpool informations - host.run("zpool import -af") - - zfspool = "public" - if zfspassphrase: - host.run( - f"echo '{zfspassphrase}' | zfs load-key zroot/private", check=False - ) - zfspool = "private" - - # Import volumes - host.run( - f""" - mount -t zfs zroot/{zfspool}/root /mnt - mkdir -p /mnt/{{boot,boot-fallback,nix,nix-homelab,data,persist/host,persist/user}} - mount /dev/disk/by-label/BOOT_1ST /mnt/boot - test -n "{mirror}" && mount /dev/disk/by-label/BOOT_2ND /mnt/boot-fallback || true - mount -t zfs zroot/public/nix /mnt/nix - mount -t zfs zroot/public/nix-homelab /mnt/nix-homelab - mount -t zfs zroot/{zfspool}/data /mnt/data - mount -t zfs zroot/{zfspool}/persist/host /mnt/persist/host - mount -t zfs zroot/{zfspool}/persist/user /mnt/persist/user - """ # noqa: E501 - ) - - # Mount swap - host.run( - f""" -swapon /dev/disk/by-label/SWAP_1ST -test -n "{mirror}" && swapon /dev/disk/by-label/SWAP_2ND || true -mount -o remount,nr_inodes=0,size=6G /nix/.rw-store -swapon --show -""", - check=False, - ) - - -def _firmware_rpi_update(host: DeployHost) -> None: - # USB boot configuration - - host.run("mkdir -p /firmware") - host.run("mount /dev/disk/by-label/FIRMWARE /firmware", check=False) - host.run( - """ - nix-shell -p raspberrypi-eeprom --run "BOOTFS=/firmware FIRMWARE_RELEASE_STATUS=stable rpi-eeprom-update -d -a" - cat < /tmp/boot_nixos.conf -[all] -BOOT_UART=0 -WAKE_ON_GPIO=1 -POWER_OFF_ON_HALT=0 -BOOT_ORDER=0xf14 -EOF - - nix-shell -p raspberrypi-eeprom --run "BOOTFS=/firmware FIRMWARE_RELEASE_STATUS=stable rpi-eeprom-update --apply /tmp/boot_nixos.conf" - """ # noqa: E501 - ) - - -def _ssh_init_host_key(host: DeployHost, hostname: str) -> None: - # Copy to nixos system - host.run( - """ - install -m400 --target /mnt/etc/ssh -D /etc/ssh/ssh_host_* - chmod 444 /mnt/etc/ssh/ssh_host_*.pub - """ - ) - # host.run("chmod 444 /mnt/etc/ssh/ssh_host_*.pub") - - # Generate age key - host.run( - """ - nix-shell -p ssh-to-age --command "ssh-to-age -i /mnt/etc/ssh/ssh_host_ed25519_key.pub -o /tmp/ssh-to-age.txt" - """ # noqa: E501 - ) - - # Copy ssh pub to git repository - info("copy public ssh & age key") - run( - f""" - mkdir -p ./hosts/{hostname} - scp root@{host.host}:/mnt/etc/ssh/ssh_host_*.pub ./hosts/{hostname} - scp root@{host.host}:/tmp/ssh-to-age.txt ./hosts/{hostname} - """ # noqa: E501 - ) - - -def _wireguard_keys(hostname: str) -> None: - # Private key - res = run( - f""" - mkdir -p ./hosts/{hostname} - wg genkey - """, - hide=True, - ) - private = res.stdout.strip() - - # pub key - res = run( - f"echo '{private}' | wg pubkey > ./hosts/{hostname}/wireguard.pub", - hide=True, - ) - - info(f"wireguard-priv-key: {private}") - - -def _execute_nixos_rebuild( - action: str, - hostnames: str, - discovery: bool, - cache: bool, - keeperror: bool, - showtrace: bool, -): - if hostnames != "": - # Remote deploy - deploylist = get_deploylist_from_homelab("root", hostnames) - _nixos_rebuild( - deploylist, action, discovery, cache, keeperror, showtrace - ) - else: - # Local deploy - _nix_local_deploy(action, discovery, cache, keeperror, showtrace) - - -def _execute_home_remote_deploy( - action: str, - username: str, - hostnames: str, - cache: bool, - keeperror: bool, - showtrace: bool, -): - if hostnames != "": - # Remote deploy - deploylist = get_deploylist_from_homelab(username, hostnames) - - _home_remote_deploy( - username, deploylist, action, cache, keeperror, showtrace - ) - else: - # Local deploy - _home_local_deploy(action, cache, keeperror, showtrace) - - -def _nixos_generate_config(host: DeployHost, hostname: str) -> None: - confpath = f"hosts/{hostname}/hardware-configuration.nix" - - os.makedirs(f"hosts/{hostname}", exist_ok=True) - if not os.path.exists(confpath): - host.run( - """ - nixos-generate-config --dir /tmp/hw --root /mnt - """ - ) - - info(f"copy hardware-configuration.nix to {confpath}") - run( - f""" - scp root@{host.host}:/tmp/hw/hardware-configuration.nix {confpath} - """ - ) - - -# Remove .git (for ignoring dirty message), no git add needed :) -def _sync_homelab(host: DeployHost) -> None: - run( - f"rsync --delete {' --exclude '.join([''] + RSYNC_EXCLUDES)} -ar . root@{host.host}:/mnt/nix-homelab/" # noqa: E501 - ) - - -def _host_hardware_discovery(h: DeployHost) -> None: - with open("homelab.json", "r") as fr: - jinfo = json.load(fr) - hosts = jinfo["hosts"] - - # Create - hn = h.meta.get("hostname") - run(f"mkdir -p docs/hosts/{hn}") - - if not os.system(f"ping -c 1 -w 1 {h.host}"): - if hn and h.meta.get("os") in ["NixOS", "Nix"]: - h.run( - """ - rm -rf /tmp/hw - mkdir -p /tmp/hw - """, - check=False, - ) - - for dn in OSSCAN[hosts[hn]["os"]]: - # For non NixOS installation - # TODO: find beautifull solution (.bash_profile & co) - PREFIX_COMMAND = "source /etc/bashrc ; LC_ALL=C" - SSH_OPTS = '-o "UserKnownHostsFile=/dev/null" -o "StrictHostKeyChecking=no"' # noqa: E501 - match dn: - case "Nix" | "NixOS": - h.run( - f"{PREFIX_COMMAND} nix-shell -p nix-info --run 'nix-info -m' > /tmp/hw/{dn}.txt" # noqa: E501 - ) - run( - f"scp {SSH_OPTS} root@{h.host}:/tmp/hw/{dn}.txt docs/hosts/{hn}/{dn.lower()}.txt" # noqa: E501 - ) - case "Hardwares": - h.run( - f"{PREFIX_COMMAND} nix-shell -p 'inxi.override {{ withRecommends = true; }}' --run 'sudo inxi -F -a -i --slots -xxx -c0 -i -m --filter' > /tmp/hw/{dn}.txt" # noqa: E501 - ) - run( - f"scp {SSH_OPTS} root@{h.host}:/tmp/hw/{dn}.txt docs/hosts/{hn}/{dn.lower()}.txt" # noqa: E501 - ) - case "CPU": - h.run(f"{PREFIX_COMMAND} lscpu > /tmp/hw/{dn}.txt") - run( - f"scp {SSH_OPTS} root@{h.host}:/tmp/hw/{dn}.txt docs/hosts/{hn}/{dn.lower()}.txt" # noqa: E501 - ) - case "Topologie": - res = h.run( - f"{PREFIX_COMMAND} nix-shell -p hwloc --run 'sudo lstopo -f /tmp/hw/{hn}.lstopo.svg'" # noqa: E501 - ) - run( - f"scp {SSH_OPTS} root@{hosts[hn]['ipv4']}:/tmp/hw/{hn}.lstopo.svg docs/hosts/{hn}/{dn.lower()}.svg" # noqa: E501 - ) - case "Scan": - res = run( - f"{PREFIX_COMMAND} nix-shell -p nmap --run 'sudo nmap --version-intensity 0 -sV {hosts[hn]['ipv4']} -oX -'" # noqa: E501 - ) - - # dom = parseString(res.stdout) - xpars = xmltodict.parse(res.stdout) - try: - ports = xpars["nmaprun"]["host"]["ports"]["port"] - - if isinstance(ports, dict): - ports = [ports] - - # Remove sensible or unimportant values - for idx in range(len(ports)): - # State - if "state" in ports[idx]: - del ports[idx]["state"] - - # service elements - if "service" in ports[idx]: - for value in [ - "@version", - "@servicefp", - "@method", - "@conf", - "cpe", - ]: - if value in ports[idx]["service"]: - del ports[idx]["service"][value] - - jcontent = json.dumps(ports, indent=4) - - with open( - f"docs/hosts/{hn}/{dn.lower()}.json", "w" - ) as fw: - fw.write(jcontent) - except KeyError: - pass - - -def _nixos_rebuild( - hosts: List[DeployHost], - action: str, - discovery: bool, - cache: bool, - keeperror: bool, - showtrace: bool, -) -> None: - """ - Deploy to all hosts in parallel - """ - g = DeployGroup(hosts) - - def deploy(h: DeployHost) -> None: - with open("homelab.json", "r") as f: - jinfo = json.load(f) - hosts = jinfo["hosts"] - - # Search host by ip - hostname = None - for hn in hosts: - if "ipv4" in hosts[hn] and hosts[hn]["ipv4"] == h.host: - hostname = hn - break - - h.run_local( - f"rsync --delete {' --exclude '.join([''] + RSYNC_EXCLUDES)} -ar . {h.user}@{h.host}:/nix-homelab/" # noqa: E501 - ) - - if hostname: - cache_opts = "" - if not cache: - cache_opts = "--fallback --option binary-caches https://cache.nixos.org/" # noqa: E501 - - keeperror_opts = "" - if keeperror: - keeperror_opts = "--option keep-going true" - - showtrace_opts = "" - if showtrace: - showtrace_opts = "--show-trace" - - cmd = f"cd /nix-homelab && nixos-rebuild -v {action} {showtrace_opts} {cache_opts} {keeperror_opts} --fast --option accept-flake-config true --flake .#{hostname}" # noqa: E501 - h.run(cmd) - - if action == "build": - print("#####################################################") - print( - "# You can see the build result at" - f"{h.user}@{h.host}:/nix-homelab/result" - ) - print("#####################################################") - - if discovery: - h.meta["hostname"] = hostname - _host_hardware_discovery(h) - - g.run_function(deploy) - - -def _home_remote_deploy( - username: str, - hosts: List[DeployHost], - action: str, - cache: bool, - keeperror: bool, - showtrace: bool, -) -> None: - """ - Deploy to all hosts in parallel - """ - g = DeployGroup(hosts) - - def deploy(h: DeployHost) -> None: - with open("homelab.json", "r") as f: - jinfo = json.load(f) - hosts = jinfo["hosts"] - - # Search host by ip - hostname = None - for hn in hosts: - if "ipv4" in hosts[hn] and hosts[hn]["ipv4"] == h.host: - hostname = hn - break - - h.run_local( - f"rsync --delete {' --exclude '.join([''] + RSYNC_EXCLUDES)} -ar . {h.user}@{h.host}:~/nix-homelab/" # noqa: E501 - ) - - if hostname: - cache_opts = "" - if not cache: - cache_opts = "--fallback --option binary-caches https://cache.nixos.org/" # noqa: E501 - - keeperror_opts = "" - if keeperror: - keeperror_opts = "--option keep-going true" - - showtrace_opts = "" - if showtrace: - showtrace_opts = "--show-trace" - - # Create missing user profile - h.run( - "mkdir -p ~/.local/state/nix/profiles && home-manager init" - ) # noqa: E501 - # h.run(f"sudo mkdir -p /nix/var/nix/profiles/per-user/{h.user}") - # h.run( - # f"sudo chown {h.user} /nix/var/nix/profiles/per-user/{h.user}" - # ) - - # homemanager deployment - cmd = f"cd ~/nix-homelab && home-manager -v {action} {showtrace_opts} {cache_opts} {keeperror_opts} --option accept-flake-config true --flake .#{username}@{hostname}" # noqa: E501 - h.run(cmd) - - g.run_function(deploy) - - -def _nix_local_deploy( - action: str, discovery: bool, cache: bool, keeperror: bool, showtrace: bool -) -> None: - """ - Deploy to on local compute - """ - run( - f"rsync --delete {' --exclude '.join([''] + RSYNC_EXCLUDES)} -ar . /nix-homelab/" # noqa: E501 - ) - - cache_opts = "" - if not cache: - cache_opts = ( - "--fallback --option binary-caches https://cache.nixos.org/" - ) - - keeperror_opts = "" - if keeperror: - keeperror_opts = "--option keep-going true" - - showtrace_opts = "" - if showtrace: - showtrace_opts = "--show-trace" - - cmd = f"cd /nix-homelab && sudo nixos-rebuild -v {action} {showtrace_opts} {cache_opts} {keeperror_opts} --fast --option accept-flake-config true --flake .#" # noqa: E501 - run(cmd) - - if action == "build": - print("#####################################################") - print("# You can see the build result at /nix-homelab/result") - print("#####################################################") - - -def _home_local_deploy( - action: str, cache: bool, keeperror: bool, showtrace: bool -) -> None: - """ - Deploy to on local compute - """ - run( - f"rsync --delete {' --exclude '.join([''] + RSYNC_EXCLUDES)} -ar . ~/nix-homelab/" # noqa: E501 - ) - - cache_opts = "" - if not cache: - cache_opts = ( - "--fallback --option binary-caches https://cache.nixos.org/" - ) - - keeperror_opts = "" - if keeperror: - keeperror_opts = "--option keep-going true" - - showtrace_opts = "" - if showtrace: - showtrace_opts = "--show-trace" - - cmd = f"cd ~/nix-homelab && home-manager {action} {showtrace_opts} {cache_opts} {keeperror_opts} --option accept-flake-config true --flake ." # noqa: E501 - run(cmd) - - -# def _nix_build(hosts: List[DeployHost], cache: bool, keeperror: bool, showtrace: bool) -> None: # noqa: E501 -# """ -# Build for all hosts in parallel -# """ -# g = DeployGroup(hosts) - -# def deploy(h: DeployHost) -> None: -# with open('homelab.json', 'r') as f: -# jinfo = json.load(f) -# hosts = jinfo['hosts'] - -# # Search host by ip -# hostname = None -# for hn in hosts: -# if 'ipv4' in hosts[hn] and hosts[hn]['ipv4'] == h.host: -# hostname = hn -# break - -# h.run_local( -# f"rsync --delete {' --exclude '.join([''] + RSYNC_EXCLUDES)} -ar . {h.user}@{h.host}:/nix-homelab/" # noqa: E501 -# ) - -# if hostname: -# cache_opts = "" -# if not cache: -# cache_opts = "--fallback --option binary-caches https://cache.nixos.org/" # noqa: E501 - -# keeperror_opts = "" -# if keeperror: -# keeperror_opts = "--option keep-going true" - -# showtrace_opts = "" -# if showtrace: -# showtrace_opts="--show-trace" - -# cmd = f"cd /nix-homelab && nixos-rebuild -v build {showtrace_opts} {cache_opts} {keeperror_opts} --fast --option accept-flake-config true --option keep-going true --flake .#{hostname}" # noqa: E501 -# h.run(cmd) - -# h.meta['hostname'] = hostname - -# g.run_function(deploy) - - -def _scan_all_hosts(deploylist: List[DeployHost]) -> None: - for dh in deploylist: - _host_hardware_discovery(dh) - - -def _doc_update_hosts_pages() -> None: - with open("homelab.json", "r") as fh: - jinfo = json.load(fh) - hosts = jinfo["hosts"] - - for hn in hosts: - # Readme name - os.makedirs(f"docs/hosts/{hn}", exist_ok=True) - rname = f"docs/hosts/{hn}.md" - - # Clone template if doc not exists - if not os.path.exists(rname): - shutil.copyfile("docs/hosts/host.tpl", rname) - - # Read readme.md content - with open(rname, "r") as fr: - content = fr.read().rstrip() - - hinfo = "" - sinfo = { - "memory": "", - "disk": "", - "kernel": "", - "cpu": { - "arch": "", - "model": "", - "nb": "", - "bits": 0, - "bogomips": 0, - }, - } - - for dn in OSSCAN[hosts[hn]["os"]]: - output = "" - match dn: - case "Role": - output = taskslib.generateUsedRoles( - hostname=hn, rootpath=".." - ) - case "Config": - filename = f"docs/hosts/{hn}/cpu.txt" - if os.path.exists(filename): - output = "```text\n" - with open(filename, "r") as fr: - cpu_content = fr.read().strip() - - # CPU architecture - m = re.search( - r"Architecture:\s+(.*)", - cpu_content, - flags=re.M, - ) - if m: - sinfo["cpu"]["arch"] = m.group(1) - output += f"Arch : {sinfo['cpu']['arch']}\n" # noqa: E501 - - # CPU number - m = re.search( - r"CPU\(s\):\s+([0-9]+)", - cpu_content, - flags=re.M, - ) - if m: - sinfo["cpu"]["nb"] = m.group(1) - - # CPU model - m = re.search( - r"Model name:\s+(.*)", - cpu_content, - flags=re.M, - ) - if m: - sinfo["cpu"]["model"] = m.group(1) - output += f"CPU : {sinfo['cpu']['nb']} x {sinfo['cpu']['model']}\n" # noqa: E501 - - # CPU cores - m = re.search( - r"BogoMIPS:\s+([0-9]+)", - cpu_content, - flags=re.M, - ) - if m: - sinfo["cpu"]["bogomips"] = round( - int(m.group(1)) - ) - output += f"BogoMIPS : {sinfo['cpu']['bogomips']}\n" # noqa: E501 - - filename = f"docs/hosts/{hn}/hardwares.txt" - if os.path.exists(filename): - with open(filename, "r") as fr: - hw_content = ( - fr.read().strip().replace("\\", "~") - ) - - # Memory - m = re.search( - r"Memory:.*RAM: total: .*?([0-9]+\.[0-9]+) GiB", # noqa: E501 - hw_content, - flags=re.M, - ) - if m: - sinfo[ - "memory" - ] = f"{math.floor(float(m.group(1))*1.073741824)} Go" # noqa: E501 - output += f"RAM : {sinfo['memory']} Go\n" # noqa: E501 - - # Disk - m = re.search( - r"Local Storage:.*?total.*?: ([0-9]+\.[0-9]+ \w?iB)", # noqa: E501 - hw_content, - flags=re.M, - ) - if m: - sinfo["disk"] = m.group(1) - output += ( - f"DISK : {sinfo['disk']} Go\n" - ) - - # CPU bits - m = re.search( - r"CPU: .*?bits: (.*?) \w+:", - hw_content, - flags=re.M, - ) - if m: - sinfo["cpu"]["bits"] = m.group(1) - - # Kernel - m = re.search( - r"System: .*?Kernel: ([0-9]+\.[0-9]+\.[0-9]+)", # noqa: E501 - hw_content, - flags=re.M, - ) - if m: - sinfo["kernel"] = m.group(1) - output += ( - f"KERNEL : {sinfo['kernel']}\n" - ) - - if output: - output += "```" - - case "Hardwares": - filename = f"docs/hosts/{hn}/{dn.lower()}.txt" - if os.path.exists(filename): - with open(filename, "r") as fr: - hw_content = ( - fr.read().strip().replace("\\", "~") - ) - - output = f"""``` -{hw_content} -``` -""" - case "Topologie": - output = f""" -![hardware topology](https://raw.githubusercontent.com/badele/nix-homelab/master/docs/hosts/{hn}/topologie.svg) - """ # noqa: E501 - - case "Scan": - filename = f"docs/hosts/{hn}/{dn.lower()}.json" - - if os.path.exists(filename): - with open(filename, "r") as fr: - frs = fr.read().strip().replace("\\", "~") - services = json.loads(frs) - - output = """| Port | Proto | Service | Product | Extra info | -| ------ | ------ | ------ |------ |------ | -""" # noqa: E501 - - for svc in services: - proto = svc["@protocol"] - port = svc["@portid"] - - name = svc["service"].get("@name", "") - product = svc["service"].get( - "@product", "" - ) - extrainfo = svc["service"].get( - "@extrainfo", "" - ) - - output += f"|{port}|{proto}|{name}|{product}|{extrainfo}|\n" # noqa: E501 - output += "\n" - - if output != "": - hinfo += f""" -### {dn} - -{output} - """ - - with open(f"docs/hosts/{hn}/summaries.json", "w") as fw: - fw.write(json.dumps(sinfo, indent=4)) - - # Replace content - newcontent = taskslib._replace_content( - content, "HOSTINFOS", hinfo - ) - - # Write new content - with open(rname, "w") as fw: - fw.write(newcontent) - - -############################################################################## -# Menu commands -############################################################################## - -ns = Collection() -# ns.add_collection(wg) -ns.add_collection(nixos) -ns.add_collection(home) -ns.add_collection(docs) -ns.add_collection(init) -ns.add_collection(role) diff --git a/taskslib.py b/taskslib.py deleted file mode 100644 index 9ab4a3f..0000000 --- a/taskslib.py +++ /dev/null @@ -1,189 +0,0 @@ -#!/usr/bin/env python3 -# -*- coding: utf-8 -*- -import json -import os -import re -import sys -from typing import Any -from typing import Callable -from typing import IO - -from deploykit import DeployHost -from invoke import run - - -def color_text(code: int, file: IO[Any] = sys.stdout) -> Callable[[str], None]: - def wrapper(text: str) -> None: - if sys.stderr.isatty(): - print(f"\x1b[{code}m{text}\x1b[0m", file=file) - else: - print(text, file=file) - - return wrapper - - -warn = color_text(31, file=sys.stderr) -info = color_text(32) - - -############################################################################## -# Run -############################################################################## - - -def _init_nix_serve(host: DeployHost, hostname: str) -> None: - # TODO: use domain from homelab.json file - host.run( - f""" -export DIR_NIXSERVE=/persist/host/data/nix-serve -mkdir -p $DIR_NIXSERVE && cd $DIR_NIXSERVE -nix-store --generate-binary-cache-key {hostname}.h cache-priv-key.pem cache-pub-key.pem -""" # noqa: E501 - ) - - -def generateCommandsList() -> str: - res = run("inv -l", hide=True) - commands = f"""``` -{res.stdout} -``` -""" - - return commands - - -############################################################################## -# Functions -############################################################################## - - -def generateHostsList() -> str: - with open("homelab.json", "r") as f: - jhl = json.load(f) - hosts = jhl["hosts"] - - # Header table - hosts_table = """ - - - - - - """ - - # Hosts loop - for hn in hosts: - hosts_table += f""" - - - - - """ # noqa: E501 - - hosts_table += "
LogoNameOSDescription
{hn} ({hosts[hn]["ipv4"]}){hosts[hn]["os"]}{hosts[hn]["description"]}
" - - return hosts_table - - -def getUsedRolesList(hostname=None): - filename = "homelab.json" - allroles = {} - with open(filename, "r") as fr: - jinfo = json.load(fr) - hostslist = jinfo["hosts"] - - for hn in hostslist: - if hostname and hn != hostname: - continue - - if "roles" in hostslist[hn]: - for svc in hostslist[hn]["roles"]: - if svc not in allroles: - allroles[svc] = [] - allroles[svc].append(hn) - - return allroles - - -def generateUsedRoles(rootpath, hostname=None) -> str: - # Get hosts infos - with open("homelab.json", "r") as fhl: - jhl = json.load(fhl) - roles = jhl["roles"] - - allroles = getUsedRolesList(hostname) - - if not allroles: - return "" - - roles_table = """ - - - - - - """ - - for mname in allroles: - hosts_list = [] - for h in allroles[mname]: - hosts_list.append(h) - - filename = f"docs/{mname}.md" - if os.path.exists(filename): - roles_table += f""" - - - """ # noqa: E501 - else: - roles_table += f""" - - - """ - - roles_table += f""" - - """ - - roles_table += "
LogoModuleHostsDescription
{mname}
{mname}{", ".join(hosts_list)}{roles[mname]['description']}
" - - return roles_table - - -# Replace the content marker -def _replace_content(content: str, marker: str, newcontent) -> str: - newcontent = f"""[comment]: (>>{marker}) - -{newcontent} - -[comment]: (<<{marker})""" - - result = re.sub( - rf"\[comment\]: \(\>\>{marker}\).*\[comment\]\: \(\<\<{marker}\)", - newcontent, - content, - flags=re.DOTALL | re.M, - ) - - return result - - -# Update the main README.md project page -def _doc_update_main_project_page() -> None: - # Read readme.md content - with open("README.md", "r") as fr: - content = fr.read().rstrip() - - # Get generated contents - hosts_table = generateHostsList() - roles_table = generateUsedRoles(rootpath="./docs") - commands = generateCommandsList() - - # Replace content - newcontent = _replace_content(content, "HOSTS", hosts_table) - newcontent = _replace_content(newcontent, "ROLES", roles_table) - newcontent = _replace_content(newcontent, "COMMANDS", commands) - - # Write new content - with open("README.md", "w") as fw: - fw.write(newcontent) diff --git a/users/badele/badxps.nix b/users/badele/badxps.nix index e2f52b8..876f5ba 100644 --- a/users/badele/badxps.nix +++ b/users/badele/badxps.nix @@ -3,24 +3,31 @@ ########################################################## { config , inputs -, outputs , pkgs , lib , ... }: let feh = "${pkgs.feh}/bin/feh"; + theme = "${pkgs.base16-schemes}/share/themes/catppuccin-latte.yaml"; + wallpaper = pkgs.runCommand "image.png" { } '' + COLOR=$(${pkgs.yq}/bin/yq -r .base00 ${theme}) + COLOR="#"$COLOR + ${pkgs.imagemagick}/bin/magick convert -size 1920x1080 xc:$COLOR $out + ''; in { imports = [ - # User - ./commons.nix + # homelab Modules + ../../nix/modules/home-manager/font.nix + ../../nix/modules/home-manager/userconf.nix - # Commons packages - ../../nix/home-manager/commons/packages.nix + # Common tools and packages for all badele user hosts + ./commons.nix # Editor - ../../nix/home-manager/features/term/editor/lazyvim.nix + # INFO: I use my independant neovim configuration => https://github.com/badele/vides + # ../../nix/home-manager/features/term/editor/lazyvim.nix # Term ../../nix/home-manager/features/term/base.nix @@ -32,28 +39,23 @@ in ../../nix/home-manager/features/language/python.nix # Desktop - ../../nix/home-manager/features/desktop/commons/base.nix + ../../nix/home-manager/features/desktop/apps/base.nix ../../nix/home-manager/features/desktop/xorg/base.nix ../../nix/home-manager/features/desktop/xorg/wm/i3.nix # Web browser - ../../nix/home-manager/features/desktop/commons/google-chrome.nix + ../../nix/home-manager/features/desktop/apps/google-chrome.nix ../../users/badele/firefox.nix # Multimedia - ../../nix/home-manager/features/desktop/commons/spotify.nix - - # Development term - ../../nix/home-manager/features/term/development/base.nix + ../../nix/home-manager/features/desktop/apps/spotify.nix # Development desktop - ../../nix/home-manager/features/desktop/commons/development/packages.nix - ../../nix/home-manager/features/desktop/commons/development/vscode.nix + ../../nix/home-manager/features/desktop/apps/development/vscode.nix # Virtualisation ../../nix/home-manager/features/desktop/xorg/virtualisation.nix - - ] ++ (builtins.attrValues outputs.homeManagerModules); + ]; ############################################################################### @@ -64,6 +66,52 @@ in openscad librecad solvespace + + # MQTT + mosquitto + mqttui + + ##################################" + # Development + ##################################" + + # TypeScript / JavaScript + # deno # javascript engine + # nodejs + + # Go + # go + + ##################################" + # Cloud & co + ##################################" + awscli2 # AWS CLI + kubectl # Kubernetes CLI + kubectx # Kubernetes CLI + k9s # Kubernetes CLI + kubernetes-helm # Helm + argocd # ArgoCD CLI + + # Network + ipcalc # IP subnetcalculator + trippy # mtr traceroute alternative + + # Graphics + geeqie + gifsicle + gimp + imagemagick + inkscape + + # Office + discord + libreoffice + + # Misc + xclip + + # VPN + wireguard-tools ]; @@ -101,13 +149,45 @@ in }; hooks.postswitch = '' ${pkgs.i3}/bin/i3-msg restart - ${feh} --bg-scale '${config.wallpaper}' + ${feh} --bg-scale '${config.stylix.image}' ''; }; }; }; }; - # inv home.deploy ; neofetch ; ll - wallpaper = pkgs.wallpapers.forest-deer-landscape; + # You can preview the palette at ~/.config/stylix/palette.html + stylix.enable = true; + stylix.autoEnable = true; + + stylix.base16Scheme = "${pkgs.base16-schemes}/share/themes/gruvbox-dark-medium.yaml"; + stylix.image = pkgs.fetchurl { + url = "https://w.wallhaven.cc/full/0w/wallhaven-0w3pdr.jpg"; + sha256 = "sha256-xrLfcRkr6TjTW464GYf9XNFHRe5HlLtjpB0LQAh/l6M="; + }; + + # Disable neovim, it managed by https://github.com/badele/vide + stylix.targets.neovim.enable = false; + + stylix.fonts = { + serif = { + package = pkgs.dejavu_fonts; + name = "DejaVu Serif"; + }; + + sansSerif = { + package = pkgs.dejavu_fonts; + name = "DejaVu Sans"; + }; + + monospace = { + package = pkgs.dejavu_fonts; + name = "DejaVu Sans Mono"; + }; + + emoji = { + package = pkgs.noto-fonts-emoji; + name = "Noto Color Emoji"; + }; + }; } diff --git a/users/badele/commons.nix b/users/badele/commons.nix index 9466b6d..37a5d64 100644 --- a/users/badele/commons.nix +++ b/users/badele/commons.nix @@ -40,50 +40,58 @@ }; ############################################################################## - # Packages + # User packages ############################################################################## home.packages = with pkgs; [ - # MQTT - mosquitto - mqttui + ##################################" + # Tool + ##################################" - # Development - go - lua54Packages.luarocks - nano - nodejs - stylua - tree-sitter - gh # Github CLI - meld # Awesome diff tool + atop # Top alternative + bat # cat alternative + curl # HTTP client + du-dust # du rust version + duf # df go version + eva # Calculator + eza # ls alternative + fd # find alternative + httpie # curl alternative + jq # JSON pretty printer and manipulator + pastel # Colors generator + ripgrep # Better grep + tmux # Terminal multiplexer + unzip # Unzip files + up # UI interactively pipe + wget # HTTP client - # Cloud & co - awscli2 # AWS CLI - kubectl # Kubernetes CLI - kubectx # Kubernetes CLI - k9s # Kubernetes CLI - kubernetes-helm # Helm - argocd # ArgoCD CLI + # Floating apps (used in i3) + bashmount # Terminal mount helper + bluetuith # Bluetooth manager + btop # Top alternative + procs # Top alternative - # Network - ipcalc # IP subnetcalculator - trippy # mtr traceroute alternative + ##################################" + # Development + ##################################" - # Graphics - geeqie - gifsicle - gimp - imagemagick - inkscape + # Makefile like + just # justfile (Makefile like) - # Office - discord - libreoffice + # Git + meld # Visual diff and merge tool + lazygit # git terminal UI - # Misc - xclip + # Nix + haskellPackages.nix-derivation # Analyse derivation with pretty-derivation < packagename.drv + nix-prefetch-github # Compute SHA256 github repository + nixpkgs-fmt # Nix formatter + nix-diff # Check derivation differences + nvd # Show diff nix packages - # VPN - wireguard-tools + ##################################" + # Container / Virtualization + ##################################" + lazydocker # docker terminal UI + qemu # Virtual machine manager ]; } diff --git a/users/badele/firefox.nix b/users/badele/firefox.nix index fc0a9dd..96e12cc 100644 --- a/users/badele/firefox.nix +++ b/users/badele/firefox.nix @@ -114,7 +114,7 @@ # tomato-clock # Pomodoro timer ublock-origin # addblocker - # Install manually addons + # Install manually addons # Search AddonId with about:support # Fireshot diff --git a/users/badele/srvhoma.nix b/users/badele/srvhoma.nix new file mode 100644 index 0000000..960a7e1 --- /dev/null +++ b/users/badele/srvhoma.nix @@ -0,0 +1,113 @@ +########################################################## +# HOME-MANAGER (user) +########################################################## +{ config +, inputs +, outputs +, pkgs +, lib +, ... +}: +let + feh = "${pkgs.feh}/bin/feh"; +in +{ + imports = [ + # User + ./commons.nix + + # Commons packages + ../../nix/home-manager/commons/packages.nix + + # Editor + ../../nix/home-manager/features/term/editor/lazyvim.nix + + # Term + ../../nix/home-manager/features/term/base.nix + ../../nix/home-manager/features/term/security + + # Language + # ../../nix/home-manager/features/language/c.nix + # ../../nix/home-manager/features/language/go.nix + # ../../nix/home-manager/features/language/python.nix + + # Desktop + # ../../nix/home-manager/features/desktop/commons/base.nix + # ../../nix/home-manager/features/desktop/xorg/base.nix + # ../../nix/home-manager/features/desktop/xorg/wm/i3.nix + + # Web browser + # ../../nix/home-manager/features/desktop/commons/google-chrome.nix + # ../../users/badele/firefox.nix + + # Multimedia + # ../../nix/home-manager/features/desktop/commons/spotify.nix + + # Development term + # ../../nix/home-manager/features/term/development/base.nix + + # Development desktop + # ../../nix/home-manager/features/desktop/commons/development/packages.nix + # ../../nix/home-manager/features/desktop/commons/development/vscode.nix + + # Virtualisation + # ../../nix/home-manager/features/desktop/xorg/virtualisation.nix + + ] ++ (builtins.attrValues outputs.homeManagerModules); + + + ############################################################################### + # Packages + ############################################################################### + home.packages = with pkgs; [ + # DAO/CAO + openscad + librecad + solvespace + ]; + + + programs = { + #################################### + # Monitors configuration + # autorandr --fingerprints + # autorandr --config + #################################### + autorandr = { + enable = true; + + profiles = { + "home-up" = { + fingerprint = { + eDP1 = "00ffffffffffff004d109a1400000000041c0104a52213780ede50a3544c99260f505400000001010101010101010101010101010101ac3780a070383e403020350058c210000018000000000000000000000000000000000000000000fe00544b365237804c513135364d31000000000002410328001200000a010a2020002b"; + DP3 = "00ffffffffffff0009d107779c0200000b110103802f1e78eecf75a455499927135054bdef80454f614f01018180818f714f0101010121399030621a274068b03600b10f1100001cd50980a0205e631010605208782d1100001a000000fd00384c1e5411000a202020202020000000fc0042656e51204650323232570a0a01d002031b71230907078301000067030c002000802d43100403e2000f8c0ad08a20e02d10103e9600a05a000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000018"; + }; + config = { + eDP1 = { + enable = true; + primary = true; + crtc = 0; + position = "1680x0"; + mode = "1920x1080"; + rate = "60.00"; + }; + DP3 = { + enable = true; + crtc = 1; + position = "0x0"; + mode = "1680x1050"; + rate = "60.00"; + }; + }; + hooks.postswitch = '' + ${pkgs.i3}/bin/i3-msg restart + ${feh} --bg-scale '${config.wallpaper}' + ''; + }; + }; + }; + }; + + # inv home.deploy ; neofetch ; ll + wallpaper = pkgs.wallpapers.forest-deer-landscape; +} diff --git a/users/badele/vm-test.nix b/users/badele/vm-test.nix new file mode 100644 index 0000000..e2f52b8 --- /dev/null +++ b/users/badele/vm-test.nix @@ -0,0 +1,113 @@ +########################################################## +# HOME-MANAGER (user) +########################################################## +{ config +, inputs +, outputs +, pkgs +, lib +, ... +}: +let + feh = "${pkgs.feh}/bin/feh"; +in +{ + imports = [ + # User + ./commons.nix + + # Commons packages + ../../nix/home-manager/commons/packages.nix + + # Editor + ../../nix/home-manager/features/term/editor/lazyvim.nix + + # Term + ../../nix/home-manager/features/term/base.nix + ../../nix/home-manager/features/term/security + + # Language + ../../nix/home-manager/features/language/c.nix + ../../nix/home-manager/features/language/go.nix + ../../nix/home-manager/features/language/python.nix + + # Desktop + ../../nix/home-manager/features/desktop/commons/base.nix + ../../nix/home-manager/features/desktop/xorg/base.nix + ../../nix/home-manager/features/desktop/xorg/wm/i3.nix + + # Web browser + ../../nix/home-manager/features/desktop/commons/google-chrome.nix + ../../users/badele/firefox.nix + + # Multimedia + ../../nix/home-manager/features/desktop/commons/spotify.nix + + # Development term + ../../nix/home-manager/features/term/development/base.nix + + # Development desktop + ../../nix/home-manager/features/desktop/commons/development/packages.nix + ../../nix/home-manager/features/desktop/commons/development/vscode.nix + + # Virtualisation + ../../nix/home-manager/features/desktop/xorg/virtualisation.nix + + ] ++ (builtins.attrValues outputs.homeManagerModules); + + + ############################################################################### + # Packages + ############################################################################### + home.packages = with pkgs; [ + # DAO/CAO + openscad + librecad + solvespace + ]; + + + programs = { + #################################### + # Monitors configuration + # autorandr --fingerprints + # autorandr --config + #################################### + autorandr = { + enable = true; + + profiles = { + "home-up" = { + fingerprint = { + eDP1 = "00ffffffffffff004d109a1400000000041c0104a52213780ede50a3544c99260f505400000001010101010101010101010101010101ac3780a070383e403020350058c210000018000000000000000000000000000000000000000000fe00544b365237804c513135364d31000000000002410328001200000a010a2020002b"; + DP3 = "00ffffffffffff0009d107779c0200000b110103802f1e78eecf75a455499927135054bdef80454f614f01018180818f714f0101010121399030621a274068b03600b10f1100001cd50980a0205e631010605208782d1100001a000000fd00384c1e5411000a202020202020000000fc0042656e51204650323232570a0a01d002031b71230907078301000067030c002000802d43100403e2000f8c0ad08a20e02d10103e9600a05a000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000018"; + }; + config = { + eDP1 = { + enable = true; + primary = true; + crtc = 0; + position = "1680x0"; + mode = "1920x1080"; + rate = "60.00"; + }; + DP3 = { + enable = true; + crtc = 1; + position = "0x0"; + mode = "1680x1050"; + rate = "60.00"; + }; + }; + hooks.postswitch = '' + ${pkgs.i3}/bin/i3-msg restart + ${feh} --bg-scale '${config.wallpaper}' + ''; + }; + }; + }; + }; + + # inv home.deploy ; neofetch ; ll + wallpaper = pkgs.wallpapers.forest-deer-landscape; +} diff --git a/users/demo/commons.nix b/users/demo/commons.nix new file mode 100644 index 0000000..cf39afc --- /dev/null +++ b/users/demo/commons.nix @@ -0,0 +1,32 @@ +{ config, pkgs, lib, ... }: { + ############################################################################## + # Common user conf + ############################################################################## + home = { + username = lib.mkDefault "demo"; + homeDirectory = lib.mkDefault "/home/${config.home.username}"; + + userconf = { + user = { + gpg = { + id = "00F421C4C5377BA39820E13F6B95E13DE469CC5D"; + url = "https://keybase.io/brunoadele/pgp_keys.asc"; + sha256 = + "sha256:1hr53gj98cdvk1jrhczzpaz76cp1xnn8aj23mv2idwy8gcwlpwlg"; + }; + }; + }; + + stateVersion = lib.mkDefault "22.11"; + }; + + programs.git.enable = true; + + ############################################################################## + # Packages + ############################################################################## + home.packages = with pkgs; [ + nano + xclip + ]; +} diff --git a/users/demo/demovm.nix b/users/demo/demovm.nix new file mode 100644 index 0000000..dfc664d --- /dev/null +++ b/users/demo/demovm.nix @@ -0,0 +1,93 @@ +########################################################## +# HOME-MANAGER (user) +########################################################## +{ config +, inputs +, pkgs +, lib +, ... +}: +let + feh = "${pkgs.feh}/bin/feh"; + theme = "${pkgs.base16-schemes}/share/themes/catppuccin-latte.yaml"; + wallpaper = pkgs.runCommand "image.png" { } '' + COLOR=$(${pkgs.yq}/bin/yq -r .base00 ${theme}) + COLOR="#"$COLOR + ${pkgs.imagemagick}/bin/magick convert -size 1920x1080 xc:$COLOR $out + ''; +in +{ + imports = [ + # Modules + ../../nix/modules/home-manager/font.nix + ../../nix/modules/home-manager/userconf.nix + + # Common tools and packages for all demovm user hosts + ./commons.nix + + # Editor + # INFO: I use my independant neovim configuration => https://github.com/badele/vides + # ../../nix/home-manager/features/term/editor/lazyvim.nix + + # Term + ../../nix/home-manager/features/term/base.nix + ../../nix/home-manager/features/term/security + + # Desktop + ../../nix/home-manager/features/desktop/apps/base.nix + ../../nix/home-manager/features/desktop/xorg/base.nix + ../../nix/home-manager/features/desktop/xorg/wm/i3.nix + + # # Web browser + ../../nix/home-manager/features/desktop/apps/google-chrome.nix + + # # Multimedia + ../../nix/home-manager/features/desktop/apps/spotify.nix + + # # Development term + ../../nix/home-manager/features/desktop/apps/development/vscode.nix + ]; + + + ############################################################################### + # Packages + ############################################################################### + home.packages = with pkgs; [ + # Insert your packages here + ]; + + # You can preview the palette at ~/.config/stylix/palette.html + stylix.enable = true; + stylix.autoEnable = true; + + stylix.base16Scheme = "${pkgs.base16-schemes}/share/themes/gruvbox-dark-medium.yaml"; + stylix.image = pkgs.fetchurl { + url = "https://w.wallhaven.cc/full/0w/wallhaven-0w3pdr.jpg"; + sha256 = "sha256-xrLfcRkr6TjTW464GYf9XNFHRe5HlLtjpB0LQAh/l6M="; + }; + + # Disable neovim, it managed by https://github.com/badele/vide + stylix.targets.neovim.enable = false; + + stylix.fonts = { + serif = { + package = pkgs.dejavu_fonts; + name = "DejaVu Serif"; + }; + + sansSerif = { + package = pkgs.dejavu_fonts; + name = "DejaVu Sans"; + }; + + monospace = { + package = pkgs.dejavu_fonts; + name = "DejaVu Sans Mono"; + }; + + emoji = { + package = pkgs.noto-fonts-emoji; + name = "Noto Color Emoji"; + }; + }; +} diff --git a/users/root/b4d14.nix b/users/root/b4d14.nix index 3976f31..d38c399 100644 --- a/users/root/b4d14.nix +++ b/users/root/b4d14.nix @@ -9,7 +9,8 @@ }: { imports = [ - #inputs.sops-nix.nixosModules.sops + # Common tools and packages for all root user hosts + ./commons.nix ]; home = { diff --git a/users/root/badxps.nix b/users/root/badxps.nix index 3976f31..d38c399 100644 --- a/users/root/badxps.nix +++ b/users/root/badxps.nix @@ -9,7 +9,8 @@ }: { imports = [ - #inputs.sops-nix.nixosModules.sops + # Common tools and packages for all root user hosts + ./commons.nix ]; home = { diff --git a/users/root/commons.nix b/users/root/commons.nix new file mode 100644 index 0000000..648ceca --- /dev/null +++ b/users/root/commons.nix @@ -0,0 +1,9 @@ +{ config, pkgs, lib, ... }: { + ############################################################################## + # User packages + ############################################################################## + home.packages = with pkgs; [ + # Makefile like + just # justfile (Makefile like) + ]; +} diff --git a/users/root/demovm.nix b/users/root/demovm.nix new file mode 100644 index 0000000..d38c399 --- /dev/null +++ b/users/root/demovm.nix @@ -0,0 +1,21 @@ +########################################################## +# HOME-MANAGER (user) +########################################################## +{ config +, inputs +, pkgs +, lib +, ... +}: +{ + imports = [ + # Common tools and packages for all root user hosts + ./commons.nix + ]; + + home = { + username = lib.mkDefault "root"; + homeDirectory = lib.mkDefault "/root/"; + stateVersion = lib.mkDefault "22.05"; + }; +} diff --git a/users/root/srvhoma.nix b/users/root/srvhoma.nix new file mode 100644 index 0000000..ae3e4e2 --- /dev/null +++ b/users/root/srvhoma.nix @@ -0,0 +1,21 @@ +########################################################## +# HOME-MANAGER (user) +########################################################## +{ config +, inputs +, pkgs +, lib +, ... +}: +{ + imports = [ + # Common tools and packages for all root user hosts + ./commons.nix + ]; + + home = { + username = lib.mkDefault "root"; + homeDirectory = lib.mkDefault "/root/"; + stateVersion = lib.mkDefault "24.05"; + }; +} diff --git a/users/sadele/commons.nix b/users/sadele/commons.nix index 4c38215..2900297 100644 --- a/users/sadele/commons.nix +++ b/users/sadele/commons.nix @@ -1,18 +1,18 @@ { config - , inputs - , outputs - , pkgs - , lib - , ... +, inputs +, outputs +, pkgs +, lib +, ... }: let mkTuple = lib.hm.gvariant.mkTuple; in { -############################################################################## -# Common user conf -############################################################################## + ############################################################################## + # Common user conf + ############################################################################## home = { username = lib.mkDefault "sadele"; homeDirectory = lib.mkDefault "/home/${config.home.username}"; @@ -21,23 +21,23 @@ in programs = { }; -############################################################################## -# Packages -############################################################################## + ############################################################################## + # Packages + ############################################################################## home.packages = with pkgs; [ firefox - gimp - inkscape - libreoffice + gimp + inkscape + libreoffice ]; -############################################################################## -# Gnome configuration -############################################################################## + ############################################################################## + # Gnome configuration + ############################################################################## dconf.settings = { "org/gnome/desktop/input-sources" = { "current" = "uint32 0"; "sources" = [ (mkTuple [ "xkb" "fr" ]) ]; }; - }; + }; }