2025-10-14 04:59:39 +10:00
10 changed files with 175 additions and 229 deletions
--- a/.gitignore
+++ b/.gitignore
@ -1,3 +1 @@
-*.qcow2
 result
-*-template
--- a/32
+++ b/32
@ -0,0 +1,32 @@
+up:
+  nix flake update
+
+boot:
+  nixos-rebuild boot --flake . --use-remote-sudo
+
+switch:
+  git add .
+  git commit -a -m "update"
+  nixos-rebuild switch --flake . --use-remote-sudo
+
+debug:
+  nixos-rebuild switch --flake . --use-remote-sudo --show-trace --verbose
+
+# Update specific input
+# usage: make upp i=home-manager
+upp:
+  nix flake update $(i)
+
+history:
+  nix profile history --profile /nix/var/nix/profiles/system
+
+repl:
+  nix repl -f flake:nixpkgs
+
+clean:
+  # remove all generations older than 7 days
+  sudo nix profile wipe-history --profile /nix/var/nix/profiles/system  --older-than 7d
+
+gc:
+  # garbage collect all unused nix store entries
+  sudo nix-collect-garbage --delete-old
--- a/data/authorized_keys.nix
+++ b/data/authorized_keys.nix
@ -0,0 +1,7 @@
+[
+    "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDJTqgIA+klcgOz+LSxwj6ZPP+pFrviu171Dgif0oIVlIxA8PGupKataDLrAAKOunpGgMTLGnEDLfWAsC1BxdG9qxdUphDuoXlY4hXWypsm01bEMbEPyomHrDS9SABbAl15/cGdEricBCBqUa6j+rs7nZcKLDSr4jkNDKxEGmJCVodquM8F+u4DN0MYgN+yoKTIijMVPK7uzFB3X1OdLQB770R/nGRd3p180Ixs8BKmbp2Mc5rrSQ+bFOQQbM8E7jDv3SCRzbKBr7I6VvASi62bpXaAlXbcRcXciyaPLdWAcwqDNIkMrlTVeF947d9enDin0PX+wQAlgm3kWgJpuHSK1eScZd+NLuD6IXTQyse5cMoEtqUGcp4SXN6hqc1EthQ4wWAmCQPw5SUCd53I0fSwRA9Ik3mCX6UlLw2M41Q+zd3axXeNDG1gtDyWoafHKM38JZrCk+d56xOH9J43esDgH7gZtno+Nspt/YkgHCbV6BB0mxjkgSGj/EhgQUjrWpU= aly@DESKTOP-QJO3LML"
+    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOIteUtsZCWRz7CdEZwatVoJZOHyhoDxoECidQjUSrU+ u0_a315@localhost"
+    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPAPHB5cZxUF6btKjT8yNLcwWBxXf+Jb9x2iPszWY5l7 aly@alyssd"
+    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPx69hgnDfNMM8nuNdRRnhHSto6BvBBYkEL8mzNtKpVG aly@aly-ubuntu-vm"
+    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILmq4bJDXwpIgr60q7EyCXqYWZIT8ZAjazzLRflQPlqX aly@aly-laptop"
+]
--- a/flake.lock
+++ b/flake.lock
@ -7,11 +7,11 @@
        ]
      },
      "locked": {
-        "lastModified": 1755928099,
-        "narHash": "sha256-OILVkfhRCm8u18IZ2DKR8gz8CVZM2ZcJmQBXmjFLIfk=",
+        "lastModified": 1758463745,
+        "narHash": "sha256-uhzsV0Q0I9j2y/rfweWeGif5AWe0MGrgZ/3TjpDYdGA=",
        "owner": "nix-community",
        "repo": "home-manager",
-        "rev": "4a44fb9f7555da362af9d499817084f4288a957f",
+        "rev": "3b955f5f0a942f9f60cdc9cacb7844335d0f21c3",
        "type": "github"
      },
      "original": {
@ -23,11 +23,11 @@
    },
    "nixpkgs": {
      "locked": {
-        "lastModified": 1755922037,
-        "narHash": "sha256-wY1+2JPH0ZZC4BQefoZw/k+3+DowFyfOxv17CN/idKs=",
+        "lastModified": 1758346548,
+        "narHash": "sha256-afXE7AJ7MY6wY1pg/Y6UPHNYPy5GtUKeBkrZZ/gC71E=",
        "owner": "nixos",
        "repo": "nixpkgs",
-        "rev": "b1b3291469652d5a2edb0becc4ef0246fff97a7c",
+        "rev": "b2a3852bd078e68dd2b3dfa8c00c67af1f0a7d20",
        "type": "github"
      },
      "original": {
--- a/flake.nix
+++ b/flake.nix
@ -1,6 +1,4 @@
 {
-  description = "NixOS configuration";
-
  inputs = {
    nixpkgs.url = "github:nixos/nixpkgs/nixos-25.05";
    home-manager = {
@ -11,76 +9,18 @@

  outputs = inputs@{ nixpkgs, home-manager, ... }: {
    nixosConfigurations = {
-      aly-desktop = nixpkgs.lib.nixosSystem {
+      "aly-laptop" = nixpkgs.lib.nixosSystem {
        system = "x86_64-linux";
        modules = [
-          ({ config, pkgs, ... }: {
-            system.stateVersion = "25.05";
-            boot.loader.systemd-boot.enable = true;
-            boot.loader.efi.canTouchEfiVariables = true;
-            nix.settings.experimental-features = [ "nix-command" "flakes" ];
-            environment.systemPackages = with pkgs; [
-              git
-              vim
-              wget
-            ];
-            environment.variables.EDITOR = "vim";
-            security.sudo.wheelNeedsPassword = false;
-          
-            networking.hostName = "aly-desktop";
-            networking.networkmanager.enable = true;
-            services.pulseaudio.enable = false;
-            services.pipewire = {
-              enable = true;
-              pulse.enable = true;
-            };
-            time.timeZone = "Australia/Brisbane";
-            users.users.aly = {
-              isNormalUser = true;
-              description = "aly";
-              initialPassword = "test";
-              extraGroups = [ "networkmanager" "wheel" ];
-              openssh.authorizedKeys.keys = [
-                  "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGa9sXpYiDXy6L9dQHcKkK45PBgZHo0PCz/ejmvhDW6Z aly@aurora"
-              ];
-              packages = with pkgs; [
-          #      firefox
-              #  thunderbird
-              ];
-            };
-          
-            # Enable the OpenSSH daemon.
-            services.openssh = {
-              enable = true;
-              settings = {
-                X11Forwarding = true;
-                PermitRootLogin = "no"; # disable root login
-                PasswordAuthentication = false; # disable password login
-              };
-              openFirewall = true;
-            };
-            # Enable the X11 windowing system.
-            services.xserver.enable = true;
-          
-            # Enable the GNOME Desktop Environment.
-            services.xserver.displayManager.gdm.enable = true;
-            services.displayManager.autoLogin.user = "aly";
-            services.xserver.desktopManager.gnome.enable = true;
-          })
-
+          ./hw/aly-laptop.nix
+          ./system/aly-laptop.nix
+          ./system/global.nix
          home-manager.nixosModules.home-manager
          {
            home-manager.useGlobalPkgs = true;
            home-manager.useUserPackages = true;
-
-            home-manager.users.aly = import ./home.nix;
-
-            # Optionally, use home-manager.extraSpecialArgs to pass arguments to home.nix
+            home-manager.users.aly = import ./home/aly.nix;
          }
-
-          ({ pkgs, ... }: {
-            environment.etc."nixos".source = ./.;
-          })
        ];
      };
    };
--- a/home.nix
+++ b/home.nix
@ -1,156 +0,0 @@
-{ config, pkgs, ... }:
-
-{
-  home.username = "aly";
-  home.homeDirectory = "/home/aly";
-
-  # link the configuration file in current directory to the specified location in home directory
-  # home.file.".config/i3/wallpaper.jpg".source = ./wallpaper.jpg;
-
-  # link all files in `./scripts` to `~/.config/i3/scripts`
-  # home.file.".config/i3/scripts" = {
-  #   source = ./scripts;
-  #   recursive = true;   # link recursively
-  #   executable = true;  # make all files executable
-  # };
-
-  # encode the file content in nix configuration file directly
-  # home.file.".xxx".text = ''
-  #     xxx
-  # '';
-
-  # set cursor size and dpi for 4k monitor
-  xresources.properties = {
-    "Xcursor.size" = 16;
-    "Xft.dpi" = 172;
-  };
-
-  # Packages that should be installed to the user profile.
-  home.packages = with pkgs; [
-    # here is some command line tools I use frequently
-    # feel free to add your own or remove some of them
-
-    neofetch
-    nnn # terminal file manager
-
-    # archives
-    zip
-    xz
-    unzip
-    p7zip
-
-    # utils
-    ripgrep # recursively searches directories for a regex pattern
-    jq # A lightweight and flexible command-line JSON processor
-    yq-go # yaml processor https://github.com/mikefarah/yq
-    eza # A modern replacement for ‘ls’
-    fzf # A command-line fuzzy finder
-
-    # networking tools
-    mtr # A network diagnostic tool
-    iperf3
-    dnsutils  # `dig` + `nslookup`
-    ldns # replacement of `dig`, it provide the command `drill`
-    aria2 # A lightweight multi-protocol & multi-source command-line download utility
-    socat # replacement of openbsd-netcat
-    nmap # A utility for network discovery and security auditing
-    ipcalc  # it is a calculator for the IPv4/v6 addresses
-
-    # misc
-    cowsay
-    file
-    which
-    tree
-    gnused
-    gnutar
-    gawk
-    zstd
-    gnupg
-
-    # nix related
-    #
-    # it provides the command `nom` works just like `nix`
-    # with more details log output
-    nix-output-monitor
-
-    # productivity
-    hugo # static site generator
-    glow # markdown previewer in terminal
-
-    btop  # replacement of htop/nmon
-    iotop # io monitoring
-    iftop # network monitoring
-
-    # system call monitoring
-    strace # system call monitoring
-    ltrace # library call monitoring
-    lsof # list open files
-
-    # system tools
-    sysstat
-    lm_sensors # for `sensors` command
-    ethtool
-    pciutils # lspci
-    usbutils # lsusb
-  ];
-
-  # basic configuration of git, please change to your own
-  programs.git = {
-    enable = true;
-    userName = "alyssadev";
-    userEmail = "alyssa.dev.smith@gmail.com";
-  };
-
-  # starship - an customizable prompt for any shell
-  programs.starship = {
-    enable = true;
-    # custom settings
-    settings = {
-      add_newline = false;
-      aws.disabled = true;
-      gcloud.disabled = true;
-      line_break.disabled = true;
-    };
-  };
-
-  # alacritty - a cross-platform, GPU-accelerated terminal emulator
-  programs.alacritty = {
-    enable = true;
-    # custom settings
-    settings = {
-      env.TERM = "xterm-256color";
-      font = {
-        size = 12;
-        draw_bold_text_with_bright_colors = true;
-      };
-      scrolling.multiplier = 5;
-      selection.save_to_clipboard = true;
-    };
-  };
-
-  programs.bash = {
-    enable = true;
-    enableCompletion = true;
-    # TODO add your custom bashrc here
-    bashrcExtra = ''
-      export PATH="$PATH:$HOME/bin:$HOME/.local/bin:$HOME/go/bin"
-    '';
-
-    # set some aliases, feel free to add more or remove some
-    shellAliases = {
-      k = "kubectl";
-      urldecode = "python3 -c 'import sys, urllib.parse as ul; print(ul.unquote_plus(sys.stdin.read()))'";
-      urlencode = "python3 -c 'import sys, urllib.parse as ul; print(ul.quote_plus(sys.stdin.read()))'";
-    };
-  };
-
-  # This value determines the home Manager release that your
-  # configuration is compatible with. This helps avoid breakage
-  # when a new home Manager release introduces backwards
-  # incompatible changes.
-  #
-  # You can update home Manager without changing this value. See
-  # the home Manager release notes for a list of state version
-  # changes in each release.
-  home.stateVersion = "25.05";
-}
--- a/home/aly.nix
+++ b/home/aly.nix
@ -0,0 +1,31 @@
+{ config, pkgs, ... }:
+
+{
+  home.username = "aly";
+  home.homeDirectory = "/home/aly";
+  xresources.properties = {
+    "Xcursor.size" = 16;
+    "Xft.dpi" = 172;
+  };
+  home.packages = with pkgs; [
+    gnome-tweaks firefox obs-studio rpi-imager
+    neofetch nnn zip xz unzip p7zip ripgrep jq yq-go mtr iperf3 dnsutils
+    ldns aria2 socat nmap ipcalc file which tree gnused gnutar gawk zstd
+    gnupg btop iotop iftop strace ltrace lsof sysstat lm_sensors ethtool
+    pciutils usbutils nix-output-monitor
+  ];
+  programs.git = {
+    enable = true;
+    userName = "alydev";
+    userEmail = "alyssa.dev.smith@gmail.com";
+  };
+
+  programs.bash = {
+    enable = true;
+    enableCompletion = true;
+    bashrcExtra = ''
+      export PATH="$PATH:$HOME/bin:$HOME/.local/bin:$HOME/go/bin"
+    '';
+  };
+  home.stateVersion = "25.05";
+}
--- a/hw/aly-laptop.nix
+++ b/hw/aly-laptop.nix
@ -0,0 +1,41 @@
+# Do not modify this file!  It was generated by ‘nixos-generate-config’
+# and may be overwritten by future invocations.  Please make changes
+# to /etc/nixos/configuration.nix instead.
+{ config, lib, pkgs, modulesPath, ... }:
+
+{
+  imports =
+    [ (modulesPath + "/installer/scan/not-detected.nix")
+    ];
+
+  boot.initrd.availableKernelModules = [ "xhci_pci" "nvme" "uas" "sd_mod" "rtsx_pci_sdmmc" ];
+  boot.initrd.kernelModules = [ ];
+  boot.kernelModules = [ "kvm-intel" ];
+  boot.extraModulePackages = [ ];
+
+  fileSystems."/" =
+    { device = "/dev/disk/by-uuid/ef82934f-dab4-42bb-9b9a-2b8d74c4e4e4";
+      fsType = "ext4";
+    };
+
+  fileSystems."/boot" =
+    { device = "/dev/disk/by-uuid/35CB-B28A";
+      fsType = "vfat";
+      options = [ "fmask=0022" "dmask=0022" ];
+    };
+
+  swapDevices =
+    [ { device = "/dev/disk/by-uuid/9a5ddb1d-cc66-4861-ba04-f4a3e4363500"; }
+    ];
+
+  # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
+  # (the default) this is the recommended approach. When using systemd-networkd it's
+  # still possible to use this option, but it's recommended to use it in conjunction
+  # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
+  networking.useDHCP = lib.mkDefault true;
+  # networking.interfaces.enp0s31f6.useDHCP = lib.mkDefault true;
+  # networking.interfaces.wlp2s0.useDHCP = lib.mkDefault true;
+
+  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
+  hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
+}
--- a/system/aly-laptop.nix
+++ b/system/aly-laptop.nix
@ -0,0 +1,8 @@
+({ config, pkgs, ... }: {
+  networking.hostName = "aly-laptop";
+  services.logind = {
+    lidSwitch = "suspend";
+    lidSwitchDocked = "ignore";
+    lidSwitchExternalPower = "ignore";
+  };
+})
--- a/system/global.nix
+++ b/system/global.nix
@ -0,0 +1,45 @@
+({ config, pkgs, ... }: {
+  system.stateVersion = "25.05";
+  boot.loader.systemd-boot.enable = true;
+  boot.loader.efi.canTouchEfiVariables = true;
+  nix.settings.experimental-features = [ "nix-command" "flakes" ];
+  environment.systemPackages = with pkgs; [
+    cargo rustc just git vim wget gcc gnumake autoconf automake pkg-config
+  ];
+  environment.variables.EDITOR = "vim";
+  security.sudo.wheelNeedsPassword = false;
+
+  networking.networkmanager.enable = true;
+
+  services.flatpak.enable = true;
+  services.pulseaudio.enable = false;
+  services.pipewire = {
+    enable = true;
+    pulse.enable = true;
+  };
+  time.timeZone = "Australia/Brisbane";
+  users.users.aly = {
+    isNormalUser = true;
+    description = "aly";
+    hashedPassword = "$y$j9T$Q.yFJjo9LMA8o.7Ac5uSr/$Y8pYIPSzCXHSd4nAlUohaaohwpquK6XEIjxFKq3J4s/";
+    openssh.authorizedKeys.keys = import ../data/authorized_keys.nix;
+    extraGroups = [ "networkmanager" "wheel" ];
+  };
+
+  # Enable the OpenSSH daemon.
+  services.openssh = {
+    enable = true;
+    settings = {
+      X11Forwarding = true;
+      PermitRootLogin = "no"; # disable root login
+      PasswordAuthentication = false; # disable password login
+    };
+    openFirewall = true;
+  };
+  # Enable the X11 windowing system.
+  services.xserver.enable = true;
+
+  # Enable the GNOME Desktop Environment.
+  services.xserver.displayManager.gdm.enable = true;
+  services.xserver.desktopManager.gnome.enable = true;
+})