+26 -93

hosts/portable/amd64/configuration.nix

reviewed

··· 8 8 baseHmConfig = import ../../../shared/home-manager/main.nix { 9 9 inherit config pkgs lib home-manager; 10 10 }; 11 11 + 12 12 + # localhost + local network in HaliliFam WiFi network 13 13 + baseHostsFile = with import ../../shared/hosts-file.nix; { 14 14 + "127.0.0.1" = localhost ++ [ 15 15 + "nixos-portable.local" 16 16 + "nixos-portable.tailnet" 17 17 + "nixos-portable.fawn-cod.ts.net" 18 18 + ]; 19 19 + } // localNetwork.halilifam; 20 20 + 21 21 + # tailnet, blocking ads via blackholing to 0.0.0.0, etc. 22 22 + extraHosts = with import ../../shared/hosts-file.nix; 23 23 + tailnet; 24 24 + 25 25 + # them merge them all together 26 26 + hostsFile = baseHostsFile // extraHosts; 11 27 in 12 28 { 13 29 imports = 14 14 - [ # Include the results of the hardware scan. 15 15 - #../../../shared/desktop/bluetooth.nix 16 16 - ../../../shared/desktop/firewall.nix 30 30 + [ 31 31 + ../../../shared/meta.nix 32 32 + ../../../shared/desktop/base.nix 17 33 ../../../shared/desktop/kde-plasma.nix 18 18 - ../../../shared/flatpak.nix 19 19 - ../../../shared/gnupg.nix 20 20 - ../../../shared/locale.nix 21 21 - ../../../shared/meta-configs.nix 22 22 - ../../../shared/networking.nix 23 23 - #../../../shared/server/ssh.nix 34 34 + ../../../shared/server/ssh.nix 24 35 ../../../shared/server/tailscale.nix 25 25 - ../../../shared/systemd.nix 26 26 - ../../../shared/yubikey.nix 27 36 ../../../shared/server/devenv.nix 28 28 - ../../../shared/1password.nix 29 29 - ../../../shared/desktop/firefox.nix 30 30 - ../../../shared/shells/bash.nix 31 31 - ../../../shared/server/cockpit.nix 37 37 + #../../../shared/server/cockpit.nix 32 38 ./hardware-configuration.nix 33 39 ]; 34 40 ··· 36 42 boot.loader.systemd-boot.enable = true; 37 43 boot.loader.efi.canTouchEfiVariables = true; 38 44 39 39 - networking.hostName = "nixos-portable"; # Define your hostname. 40 40 - 41 41 - # Enable networking 42 42 - networking.networkmanager.enable = true; 43 43 - 44 44 - # Set your time zone. 45 45 - time.timeZone = "Asia/Manila"; 46 46 - 47 47 - # Select internationalisation properties. 48 48 - i18n.defaultLocale = "en_PH.UTF-8"; 49 49 - 50 50 - i18n.extraLocaleSettings = { 51 51 - LC_ADDRESS = "en_PH.UTF-8"; 52 52 - LC_IDENTIFICATION = "en_PH.UTF-8"; 53 53 - LC_MEASUREMENT = "en_PH.UTF-8"; 54 54 - LC_MONETARY = "en_PH.UTF-8"; 55 55 - LC_NAME = "en_PH.UTF-8"; 56 56 - LC_NUMERIC = "en_PH.UTF-8"; 57 57 - LC_PAPER = "en_PH.UTF-8"; 58 58 - LC_TELEPHONE = "en_PH.UTF-8"; 59 59 - LC_TIME = "en_PH.UTF-8"; 45 45 + networking = { 46 46 + hostName = "nixos-portable"; # Define your hostname. 47 47 + hosts = hostsFile; 48 48 + networkmanager.enable = true; # manage networking via networkmanager 60 49 }; 61 50 62 51 # Enable the X11 windowing system. ··· 109 98 extraGroups = [ "networkmanager" "wheel" ]; 110 99 }; 111 100 112 112 - # Install firefox. 113 113 - programs.firefox.enable = true; 114 114 - 115 115 - # Allow unfree packages 116 116 - nixpkgs.config.allowUnfree = true; 117 117 - 118 118 - # List packages installed in system profile. To search, run: 119 119 - # $ nix search wget 120 120 - environment.systemPackages = with pkgs; [ 121 121 - wget 122 122 - dig 123 123 - btop 124 124 - htop 125 125 - icu 126 126 - thunderbird 127 127 - google-chrome 128 128 - microsoft-edge 129 129 - kdePackages.kate 130 130 - libreoffice-qt6-fresh 131 131 - hunspell 132 132 - hunspellDicts.en_US 133 133 - gnupg 134 134 - gpg-tui 135 135 - gpgme 136 136 - byobu 137 137 - tmux 138 138 - android-tools 139 139 - adbtuifm 140 140 - ]; 141 141 - 142 142 - # Some programs need SUID wrappers, can be configured further or are 143 143 - # started in user sessions. 144 144 - # programs.mtr.enable = true; 145 145 - # programs.gnupg.agent = { 146 146 - # enable = true; 147 147 - # enableSSHSupport = true; 148 148 - # }; 149 149 - 150 150 - # List services that you want to enable: 151 151 - 152 152 - # Enable the OpenSSH daemon. 153 153 - # services.openssh.enable = true; 154 154 - 155 155 - # Open ports in the firewall. 156 156 - # networking.firewall.allowedTCPPorts = [ ... ]; 157 157 - # networking.firewall.allowedUDPPorts = [ ... ]; 158 158 - # Or disable the firewall altogether. 159 159 - # networking.firewall.enable = false; 160 160 - 161 161 - # This value determines the NixOS release from which the default 162 162 - # settings for stateful data, like file locations and database versions 163 163 - # on your system were taken. It‘s perfectly fine and recommended to leave 164 164 - # this value at the release version of the first install of this system. 165 165 - # Before changing this value read the documentation for this option 166 166 - # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). 167 167 - system.stateVersion = "25.05"; # Did you read the comment? 168 168 - 101 101 + system.nixos.tags = [ "portable-configs" "portable-amd64" ]; 169 102 }

+8 -21

hosts/stellapent-cier/configuration.nix

reviewed

··· 14 14 ]; 15 15 } // localNetwork.halilifam; 16 16 17 17 - # tailnet, blackholing to 0.0.0.0, etc. 17 17 + # tailnet, blocking ads via blackholing to 0.0.0.0, etc. 18 18 extraHosts = with import ../../shared/hosts-file.nix; 19 19 tailnet; 20 20 + 21 21 + # them merge them all together 20 22 hostsFile = baseHostsFile // extraHosts; 21 23 in 22 24 { 23 25 imports = 24 26 [ 27 27 + ../../shared/meta.nix 25 28 ../../shared/desktop/base.nix 26 29 ../../shared/desktop/kde-plasma.nix 27 27 - ../../shared/flatpak.nix 28 28 - ../../shared/gnupg.nix 29 29 - ../../shared/locale.nix 30 30 - ../../shared/meta-configs.nix 31 31 - ../../shared/networking.nix 32 30 ../../shared/server/ssh.nix 33 31 ../../shared/server/tailscale.nix 34 34 - ../../shared/systemd.nix 35 35 - ../../shared/yubikey.nix 36 32 ../../shared/server/devenv.nix 37 37 - ../../shared/1password.nix 38 38 - ../../shared/shells/bash.nix 39 33 ../../shared/server/cockpit.nix 40 34 ]; 41 35 ··· 107 101 # old HP laptop my overseas Filipino dad gave me in 2024. 108 102 users.users.gildedguy = { 109 103 isNormalUser = true; 110 110 - description = "Gildedguy (Michael Moy)"; # We're not impersonating the animatior here. 104 104 + description = "Gildedguy (Michael Moy)"; # We're not impersonating the animatior here lol. 111 105 extraGroups = [ "networkmanager" "wheel" "docker"]; 112 106 openssh = { 113 107 authorizedKeys.keys = with import ../../shared/ssh-keys.nix; [ ··· 117 111 rp.gildedguy 118 112 ]; 119 113 }; 120 120 - #home-manager = { 121 121 - # enable = true; 122 122 - #}; 114 114 + linger = true; 115 115 + uid = 1000; 123 116 }; 124 117 home-manager.users.gildedguy = import ./users/gildedguy.nix; 125 118 #programs.home-manager.enable = true; # allow home-manager to manage itself ··· 136 129 # started in user sessions. 137 130 programs.mtr.enable = true; 138 131 139 139 - # This value determines the NixOS release from which the default 140 140 - # settings for stateful data, like file locations and database versions 141 141 - # on your system were taken. It‘s perfectly fine and recommended to leave 142 142 - # this value at the release version of the first install of this system. 143 143 - # Before changing this value read the documentation for this option 144 144 - # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). 145 145 - system.stateVersion = "25.05"; # Did you read the comment? 132 132 + system.nixos.tags = [ "laptop" "homelab" ]; 146 133 }

+2

shared/1password.nix

reviewed

··· 7 7 # require enabling PolKit integration on some desktop environments (e.g. Plasma). 8 8 polkitPolicyOwners = [ "gildedguy" "ajhalili2006" ]; 9 9 }; 10 10 + 11 11 + system.nixos.tags = [ "with-1password" ]; 10 12 }

+2

shared/flatpak.nix

reviewed

··· 14 14 flatpak remote-add --if-not-exists flathub https://flathub.org/repo/flathub.flatpakrepo 15 15 ''; 16 16 }; 17 17 + 18 18 + system.nixos.tags = [ "with-flatpak" ]; 17 19 }

+2 -1

shared/hosts-file.nix

reviewed

··· 1 1 # An static list of host entries to be used in networking.hosts configuration. 2 2 + # You probably want to use this inside a let...in block, see the example 3 3 + # at ../hosts/stellapent-cier/configuration.nix for the hints. 2 4 { 3 5 localhost = [ 4 6 "localhost" ··· 13 15 "stellapent.local" 14 16 ]; 15 17 "192.168.254.179" = [ 16 16 - "rpi-aether" 17 18 "rpi-aether.local" 18 19 "aether.local" 19 20 ];

+2

shared/server/cockpit.nix

reviewed

··· 6 6 package = pkgs.cockpit; 7 7 #allowed-origins = []; 8 8 }; 9 9 + 10 10 + system.nixos.tags = [ "with-cockpit" ]; 9 11 }

+10 -3

shared/server/devenv.nix

reviewed

··· 2 2 3 3 { 4 4 environment.defaultPackages = with pkgs; [ 5 5 + # nix utils 5 6 direnv 6 7 cachix 7 8 devbox 9 9 + nixfmt-rfc-style 10 10 + 11 11 + # tmux and friendos 8 12 byobu 9 13 tmux 10 14 ··· 19 23 podman = { 20 24 enable = true; 21 25 package = pkgs.podman; 22 22 - #extraPackages = with pkgs; [ 23 23 - # gvisor 24 24 - #]; 26 26 + extraPackages = with pkgs; [ 27 27 + gvisor 28 28 + podman-compose 29 29 + ]; 25 30 }; 26 31 docker = { 27 32 enable = true; ··· 44 49 programs.virt-manager.enable = true; 45 50 services.qemuGuest.enable = true; 46 51 services.spice-vdagentd.enable = true; 52 52 + 53 53 + system.nixos.tags = [ "with-containers" "with-qemu" "with-devtools-enabled"]; 47 54 }

+2

shared/server/ssh.nix

reviewed

··· 18 18 }; 19 19 20 20 programs.mosh.enable = true; 21 21 + 22 22 + system.nixos.tags = [ "with-ssh" "with-mosh" ]; 21 23 }

+2

shared/server/tailscale.nix

reviewed

··· 14 14 "--verbose 3" 15 15 ]; 16 16 }; 17 17 + 18 18 + system.nixos.tags = [ "with-tailscale" ]; 17 19 }