diff --git a/isla/boot/initrd.nix b/isla/boot/initrd.nix index 4f1ef31..8169876 100644 --- a/isla/boot/initrd.nix +++ b/isla/boot/initrd.nix @@ -1,4 +1,4 @@ -{lib, ...}: { +_: { boot = { initrd = { availableKernelModules = [ @@ -17,13 +17,8 @@ supportedFilesystems = { vfat = true; btrfs = true; - zfs = lib.mkForce false; }; - kernelModules = [ - "i915" - ]; - luks = { devices = { cryptroot = { diff --git a/isla/boot/kernel.nix b/isla/boot/kernel.nix index 0931dbc..0a0fe19 100644 --- a/isla/boot/kernel.nix +++ b/isla/boot/kernel.nix @@ -1,8 +1,4 @@ -{ - pkgs, - lib, - ... -}: { +{pkgs, ...}: { boot = { kernel = { sysctl = { @@ -16,13 +12,9 @@ }; }; - kernelPackages = pkgs.linuxPackages_zen; - extraModprobeConfig = '' - options thinkpad_acpi fan_control=1 - ''; + kernelPackages = pkgs.linuxPackages_latest; kernelParams = [ - "i915.enable_rc6=7" "udev.log_priority=3" "quiet" "splash" @@ -35,15 +27,12 @@ "page_alloc.shuffle=1" "page_poison=1" "slab_nomerge" + "zswap.enabled=0" "kernel.watchdog=0" "oops=panic" ]; - kernelModules = [ - "tp_smapi" - ]; - blacklistedKernelModules = [ "k10temp" "ax25" @@ -77,9 +66,6 @@ supportedFilesystems = { vfat = true; btrfs = true; - zfs = lib.mkForce false; }; - - # consoleLogLevel = 0; }; } diff --git a/isla/default.nix b/isla/default.nix index 08bdc02..df175fb 100644 --- a/isla/default.nix +++ b/isla/default.nix @@ -3,7 +3,7 @@ "${self}/isla/disko/disk.nix" "${self}/isla/disko/lvm_vg.nix" - "${self}/isla/boot/loader/system-boot.nix" + "${self}/isla/boot/loader/systemd-boot.nix" "${self}/isla/boot/lanzaboote.nix" "${self}/isla/boot/initrd.nix" "${self}/isla/boot/kernel.nix" diff --git a/isla/disko/disk.nix b/isla/disko/disk.nix index 8c60a0e..630fe89 100644 --- a/isla/disko/disk.nix +++ b/isla/disko/disk.nix @@ -2,7 +2,7 @@ _: { disko = { devices = { disk = { - main = { + "main" = { device = "/dev/disk/by-id/ata-ST92503010AS_5YH0CJFL"; type = "disk"; content = { diff --git a/isla/home-manager/users.nix b/isla/home-manager/users.nix index 04c47d9..0a5f3e3 100644 --- a/isla/home-manager/users.nix +++ b/isla/home-manager/users.nix @@ -1,19 +1,15 @@ -{ - inputs, - self, - ... -}: { +{self, ...}: { home-manager = { users = { - hand7s = { + "hand7s" = { imports = [ "${self}/hand7s/" - inputs.spicetify-nix.homeManagerModules.default - inputs.hyprland.homeManagerModules.default - inputs.chaotic.homeManagerModules.default - inputs.sops-nix.homeManagerModules.sops - - inputs.nix-index-database.homeModules.nix-index + self.inputs.spicetify-nix.homeManagerModules.default + self.inputs.hyprland.homeManagerModules.default + self.inputs.chaotic.homeManagerModules.default + self.inputs.sops-nix.homeManagerModules.sops + self.inputs.nix-index-database.homeModules.nix-index + self.inputs.noctalia.homeModules.default ]; }; }; @@ -22,7 +18,6 @@ extraSpecialArgs = { inherit - inputs self ; }; diff --git a/isla/networking/hostname.nix b/isla/networking/hostname.nix index c1ba168..99feb11 100644 --- a/isla/networking/hostname.nix +++ b/isla/networking/hostname.nix @@ -1,5 +1,5 @@ _: { networking = { - hostName = "s0melapt0p-nix"; + hostName = "isla"; }; } diff --git a/isla/networking/hosts.nix b/isla/networking/hosts.nix deleted file mode 100644 index ffff44d..0000000 --- a/isla/networking/hosts.nix +++ /dev/null @@ -1,64 +0,0 @@ -_: { - networking = { - hosts = { - # EVA00 - "100.109.169.141" = [ - "eva00-nix.netbird.cloud" - "eva00-nix" - ]; - - "90.156.226.152" = [ - "eva00-nix.lan" - "eva00-nix" - ]; - - "200:deb2:ed25:a9e5:e30:4900:f88f:cb87" = [ - "eva00-nix.ygg" - "eva00-nix" - ]; - - # EVA01 - "100.109.107.176" = [ - "eva01-nix.netbird.cloud" - "eva01-nix" - ]; - - "37.114.50.235" = [ - "eva01-nix.lan" - "eva01-nix" - ]; - - "200:6ef:a61f:2f01:71d4:196:ab70:2103" = [ - "eva01-nix.ygg" - "eva01-nix" - ]; - - # EVA02 - "100.109.178.135" = [ - "eva02-nix.netbird.cloud" - "eva02-nix" - ]; - - "51.195.222.85" = [ - "eva02-nix.lan" - "eva02-nix" - ]; - - "201:52d6:c753:c1fd:f8b6:5897:cc6a:e1be" = [ - "eva02-nix.ygg" - "eva02-nix" - ]; - - # nerv-nix - "100.109.7.114" = [ - "nerv-nix.netbird.cloud" - "nerv-nix" - ]; - - "200:7abc:53c9:be8a:9941:96d:221b:cc76" = [ - "nerv-nix.ygg" - "nerv-nix" - ]; - }; - }; -} diff --git a/isla/nix/settings/substituters.nix b/isla/nix/settings/substituters.nix index f00d6d2..da0035f 100644 --- a/isla/nix/settings/substituters.nix +++ b/isla/nix/settings/substituters.nix @@ -9,10 +9,10 @@ _: { # cachix "https://nix-community.cachix.org/" "https://chaotic-nyx.cachix.org/" - "https://ags.cachix.org" "https://hyprland.cachix.org" "https://chaotic-nyx.cachix.org/" - "https://colmena.cachix.org" + # nix-community + "https://hydra.nix-community.org/" ]; }; }; diff --git a/isla/services/yggdrasil.nix b/isla/services/yggdrasil.nix deleted file mode 100644 index faf7afb..0000000 --- a/isla/services/yggdrasil.nix +++ /dev/null @@ -1,46 +0,0 @@ -{config, ...}: { - services = { - yggdrasil = { - enable = true; - persistentKeys = false; - settings = { - PrivateKey = config.sops.secrets.yggKeyLT.path; - - Peers = [ - # only 1W+ peers (some exeptions are possible) - - # Russia - "tls://yggno.de:18227" - "tcp://yggno.de:18226" - - "tcp://kzn1.neonxp.ru:7991" - "tls://kzn1.neonxp.ru:7992" - "ws://kzn1.neonxp.ru:7993" - "quic://kzn1.neonxp.ru:7994" - ]; - - Listen = [ - # - ]; - - MulticastInterfaces = [ - { - Regex = ".*"; - Beacon = true; - Listen = false; - Password = ""; - } - ]; - - AllowedPublicKeys = [ - # - ]; - - IfName = "auto"; - - IfMTU = 65535; - NodeInfoPrivacy = false; - }; - }; - }; -} diff --git a/isla/services/zapret.nix b/isla/services/zapret.nix deleted file mode 100644 index c512ea0..0000000 --- a/isla/services/zapret.nix +++ /dev/null @@ -1,145 +0,0 @@ -_: { - services = { - zapret = { - enable = true; - configureFirewall = true; - qnum = 350; - params = [ - "--wssize 1:6" - - "--filter-tcp=80" - "--dpi-desync=multisplit" - "--dpi-desync-split-pos=10" - "--dpi-desync-repeats=6" - "--new" - - "--filter-tcp=443" - "--dpi-desync=multidisorder" - "--dpi-desync-split-pos=1,midsld" - "--new" - - "--filter-tcp=443" - "--dpi-desync=syndata" - "--dpi-desync-fake-syndata=0x00000000" - "--dpi-desync-ttl=10" - "--new" - - "--filter-udp=443" - "--dpi-desync=fake" - "--dpi-desync-repeats=6" - "--dpi-desync-fake-quic=0x00000000" - "--new" - - "--filter-udp=443" - "--dpi-desync=fake,udplen" - "--dpi-desync-udplen-increment=5" - "--dpi-desync-fake-tls=0x00000000" - "--dpi-desync-cutoff=n3" - "--dpi-desync-repeats=2" - "--new" - - "--filter-tcp=443" - "--dpi-desync=split" - "--dpi-desync-fooling=md5sig,badseq" - "--dpi-desync-fake-tls=0x00000000" - "--dpi-desync-split-pos=1" - "--dpi-desync-repeats=10" - "--new" - - "--filter-tcp=443" - "--dpi-desync=fake,split2" - "--dpi-desync-fooling=md5sig" - "--dpi-desync-fake-tls=0x00000000" - "--dpi-desync-split-seqovl=2" - "--dpi-desync-split-pos=2" - - "--dpi-desync-autottl" - "--new" - "--filter-tcp=443" - "--dpi-desync=fake,split2" - "--dpi-desync-fooling=md5sig" - "--dpi-desync-fake-tls=0x00000000" - "--dpi-desync-split-seqovl=2" - "--dpi-desync-split-pos=2" - "--dpi-desync-autottl" - "--new" - - "--filter-tcp=80" - "--dpi-desync=fake,split2" - "--dpi-desync-fooling=md5sig" - "--dpi-desync-fake-tls=0x00000000" - "--dpi-desync-autottl" - "--new" - - "--filter-tcp=80" - "--dpi-desync-ttl=1" - "--dpi-desync-autottl=2" - "--dpi-desync-fake-tls=0x00000000" - "--dpi-desync-split-pos=1" - "--dpi-desync=fake,split2" - "--dpi-desync-repeats=6" - "--dpi-desync-fooling=md5sig" - "--new" - ]; - - whitelist = [ - "googlevideo.com" - "youtu.be" - "youtube.com" - "youtubei.googleapis.com" - "googlevideo.com" - "youtu.be" - "youtube.com" - "youtubei.googleapis.com" - "youtubeembeddedplayer.googleapis.com" - "ytimg.l.google.com" - "ytimg.com" - "jnn-pa.googleapis.com" - "youtube-nocookie.com" - "youtube-ui.l.google.com" - "yt-video-upload.l.google.com" - "wide-youtube.l.google.com" - "youtubekids.com" - "ggpht.com" - "music.youtube.com" - "test.googlevideo.com" - "discord.com" - "gateway.discord.gg" - "cdn.discordapp.com" - "discordapp.net" - "discordapp.com" - "discord.gg" - "media.discordapp.net" - "images-ext-1.discordapp.net" - "discord.app" - "discord.media" - "discordcdn.com" - "discord.dev" - "discord.new" - "discord.gift" - "discordstatus.com" - "dis.gd" - "discord.co" - "discord-attachments-uploads-prd.storage.googleapis.com" - "7tv.app" - "7tv.io" - "10tv.app" - "x.com" - "t.co" - "ads-twitter.com" - "twimg.com" - "twitter.com" - "pscp.tv" - "twtrdns.net" - "twttr.com" - "periscope.tv" - "tweetdeck.com" - "twitpic.com" - "twitter.co" - "twitterinc.com" - "twitteroauth.com" - "twitterstat.us" - ]; - }; - }; -} diff --git a/isla/services/zerotier.nix b/isla/services/zerotier.nix deleted file mode 100644 index b864ebf..0000000 --- a/isla/services/zerotier.nix +++ /dev/null @@ -1,10 +0,0 @@ -_: { - services = { - zerotierone = { - enable = true; - joinNetworks = [ - # nope - ]; - }; - }; -} diff --git a/isla/time/timeZone.nix b/isla/time/timeZone.nix index cef1656..0bd1f2a 100644 --- a/isla/time/timeZone.nix +++ b/isla/time/timeZone.nix @@ -1,6 +1,5 @@ _: { time = { timeZone = "Europe/Moscow"; - hardwareClockInLocalTime = true; }; } diff --git a/isla/users/users/hand7s.nix b/isla/users/users/hand7s.nix index e36405b..e31caf3 100644 --- a/isla/users/users/hand7s.nix +++ b/isla/users/users/hand7s.nix @@ -1,16 +1,22 @@ -_: { +{lib, ...}: { users = { users = { - hand7s = { + "hand7s" = { description = "me"; isSystemUser = false; isNormalUser = true; - initialHashedPassword = "$6$ckgRhNWmJgSwOUpJ$kfeAdokd5fa76HWbTmWN2YXx4M/PQVOTJku1ODbqbBhEkUFiLftdaJFRnNXfIM3Jtz0ShoRMSVCB7mDkxDrdi/"; + initialHashedPassword = lib.hashString "sha512" "hand7s"; extraGroups = [ "wheel" - "networkmanager" - "docker" ]; + + openssh = { + authorizedKeys = { + keys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDp2IIdR5jV1HyG4aiRX7SfTNrXDhCx5rTiFU40qkOKq litvinovb0@gmail.com" + ]; + }; + }; }; }; }; diff --git a/isla/users/users/root.nix b/isla/users/users/root.nix index e1374f1..f85caae 100644 --- a/isla/users/users/root.nix +++ b/isla/users/users/root.nix @@ -1,8 +1,8 @@ _: { users = { users = { - root = { - initialHashedPassword = "$6$n4OLMvYHHStHvtmr$6OL0NV1dEM2b6oJRewkhuoFxM80lI67tfbJ6QkCg8WAA1gbeKrcwDAuJjm8zvpY4zcDR3Z5Zbo8uebfOi6XXF0"; + "root" = { + initialHashedPassword = lib.hashString "sha512" "root"; }; }; }; diff --git a/isla/virtualisation/docker.nix b/isla/virtualisation/docker.nix deleted file mode 100644 index 805ac30..0000000 --- a/isla/virtualisation/docker.nix +++ /dev/null @@ -1,10 +0,0 @@ -_: { - virtualisation = { - docker = { - enable = true; - rootless = { - enable = true; - }; - }; - }; -} diff --git a/isla/xdg/portal.nix b/isla/xdg/portal.nix index 80146ce..7744d29 100644 --- a/isla/xdg/portal.nix +++ b/isla/xdg/portal.nix @@ -20,8 +20,10 @@ }; extraPortals = with pkgs; [ + xdg-desktop-portal xdg-desktop-portal-gtk xdg-desktop-portal-wlr + xdg-desktop-portal-termfilechooser ]; }; };