ada: upstream

Signed-off-by: s0me1newithhand7s <git+me@hand7s.org>
2026-03-25 18:47:19 +03:00 · 2026-03-25 18:47:19 +03:00 · bcb7f2dcb0
commit bcb7f2dcb0
parent c5f949506a
18 changed files with 45 additions and 79 deletions
--- a/ada/boot/initrd.nix
+++ b/ada/boot/initrd.nix
@ -9,7 +9,6 @@ _: {
        "usb_storage"
        "sd_mod"
        "btrfs"
-        "amneziawg"
        "cryptd"
      ];

@ -22,7 +21,7 @@ _: {
      kernelModules = [
        "amdgpu"
        "zenpower"
-        "amneziawg"
+        "i2c-dev"
      ];

      luks = {
--- a/ada/boot/kernel.nix
+++ b/ada/boot/kernel.nix
@ -20,14 +20,13 @@
    extraModulePackages = with config.boot.kernelPackages; [
      zenpower
      v4l2loopback
-      amneziawg
    ];

    kernelModules = [
      "amdgpu"
      "zenpower"
      "v4l2loopback"
-      "amneziawg"
+      "i2c_dev"
    ];

    kernelParams = [
--- a/ada/default.nix
+++ b/ada/default.nix
@ -1,5 +1,7 @@
 {self, ...}: {
  imports = [
+    "${self}/ada/age/rekey.nix"
+
    "${self}/ada/boot/initrd.nix"
    "${self}/ada/boot/kernel.nix"
    "${self}/ada/boot/lanzaboote.nix"
@ -39,7 +41,6 @@
    "${self}/ada/nix/package.nix"
    "${self}/ada/nix/settings/allowed-users.nix"
    "${self}/ada/nix/settings/experimental-features.nix"
-    "${self}/ada/nix/settings/substituters.nix"
    "${self}/ada/nix/settings/trusted-public-keys.nix"
    "${self}/ada/nix/settings/trusted-substituters.nix"
    "${self}/ada/nix/settings/trusted-users.nix"
@ -70,12 +71,14 @@
    "${self}/ada/services/qmk.nix"
    "${self}/ada/services/scx.nix"
    "${self}/ada/services/xserver.nix"
+    "${self}/ada/services/yggdrasil.nix"
    "${self}/ada/services/sunshine.nix"
    "${self}/ada/services/usbmuxd.nix"
    "${self}/ada/services/irqbalance.nix"
    "${self}/ada/services/yubikey-agent.nix"
    "${self}/ada/services/resolved.nix"
    "${self}/ada/services/firewalld.nix"
+    "${self}/ada/services/zerotier.nix"

    "${self}/ada/sops/defaults.nix"
    "${self}/ada/sops/secrets.nix"
--- a/ada/disko/disk.nix
+++ b/ada/disko/disk.nix
@ -2,7 +2,7 @@
  disko = {
    devices = {
      disk = {
-        main = {
+        "main" = {
          device = "/dev/disk/by-id/nvme-KINGSTON_SKC3000S_1024G_AA000000000000000013";
          type = "disk";
          content = {
--- a/ada/environment/variables.nix
+++ b/ada/environment/variables.nix
@ -1,16 +1,20 @@
-{config, ...}: {
+{
+  config,
+  lib,
+  ...
+}: {
  environment = {
    variables = {
-      AMD_VULKAN_ICD = "AMDVLK";
      HOSTNAME = config.networking.hostName;
-      QT_QPA_PLATFORM = "wayland";
+      QT_QPA_PLATFORMTHEME = lib.mkForce "xdgdesktopportal";
+      TDESKTOP_USE_GTK_FILE_DIALOG = 1;
      SDL_VIDEODRIVER = "wayland";
      CLUTTER_BACKEND = "wayland";
      GDK_BACKEND = "wayland";
-      NIXPKGS_ALLOW_UNFREE = "1";
-      NIXPKGS_ALLOW_INSECURE = "1";
-      NIXOS_OZONE_WL = "1";
-      GRIMBLAST_HIDE_CURSOR = "0";
+      NIXPKGS_ALLOW_UNFREE = 1;
+      NIXPKGS_ALLOW_INSECURE = 1;
+      NIXOS_OZONE_WL = 1;
+      GRIMBLAST_HIDE_CURSOR = 1;
      TERM = "xterm-256color";
    };
  };
--- a/ada/home-manager/users.nix
+++ b/ada/home-manager/users.nix
@ -4,12 +4,10 @@
      "hand7s" = {
        imports = [
          "${self}/hand7s/"
-          self.inputs.agenix.homeManagerModules.default
          self.inputs.spicetify-nix.homeManagerModules.default
          self.inputs.hyprland.homeManagerModules.default
          self.inputs.chaotic.homeManagerModules.default
          self.inputs.sops-nix.homeManagerModules.sops
-
          self.inputs.nix-index-database.homeModules.nix-index
          self.inputs.noctalia.homeModules.default
        ];
--- a/ada/networking/hosts.nix
+++ b/ada/networking/hosts.nix
@ -1,7 +0,0 @@
-_: {
-  networking = {
-    hosts = {
-      # nope
-    };
-  };
-}
--- a/ada/networking/timeServers.nix
+++ b/ada/networking/timeServers.nix
@ -1,10 +1,9 @@
 _: {
  networking = {
    timeServers = [
-      "0.nixos.pool.ntp.org"
-      "1.nixos.pool.ntp.org"
-      "2.nixos.pool.ntp.org"
-      "3.nixos.pool.ntp.org"
+      "time.cloudflare.com"
+      "time.google.com"
+      "ru.pool.ntp.org"
    ];
  };
 }
--- a/ada/nix/settings/substituters.nix
+++ b/ada/nix/settings/substituters.nix
@ -1,19 +0,0 @@
-_: {
-  nix = {
-    settings = {
-      substituters = [
-        # cache.nixos.org
-        "https://cache.nixos.org"
-        # cache.garnix.org
-        "https://cache.garnix.io"
-        # cachix
-        "https://nix-community.cachix.org/"
-        "https://chaotic-nyx.cachix.org/"
-        "https://hyprland.cachix.org"
-        "https://chaotic-nyx.cachix.org/"
-        # nix-community
-        "https://hydra.nix-community.org/"
-      ];
-    };
-  };
-}
--- a/ada/nix/settings/trusted-public-keys.nix
+++ b/ada/nix/settings/trusted-public-keys.nix
@ -7,12 +7,11 @@ _: {
        # cache.garnix.io
        "cache.garnix.io:CTFPyKSLcx5RMJKfLo5EEPUObbA78b0YQ2DTCJXqr9g="
        # cachix.org
+        "devenv.cachix.org-1:w1cLUi8dv3hnoSPGAuibQv+f9TZLr6cv/Hm9XgU50cw="
        "nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
        "chaotic-nyx.cachix.org-1:HfnXSw4pj95iI/n17rIDy40agHj12WfF+Gqk6SonIT8="
-        "ags.cachix.org-1:naAvMrz0CuYqeyGNyLgE010iUiuf/qx6kYrUv3NwAJ8="
        "hyprland.cachix.org-1:a7pgxzMz7+chwVL3/pzj6jIBMioiJM7ypFP8PwtkuGc="
        "chaotic-nyx.cachix.org-1:HfnXSw4pj95iI/n17rIDy40agHj12WfF+Gqk6SonIT8="
-        "colmena.cachix.org-1:7BzpDnjjH8ki2CT3f6GdOk7QAzPOl+1t3LvTLXqYcSg="
      ];
    };
  };
--- a/ada/security/pam/yubico.nix
+++ b/ada/security/pam/yubico.nix
@ -7,7 +7,7 @@ _: {
        mode = "challenge-response";
        control = "sufficient";
        id = [
-          "1873055870"
+          "funnyID"
        ];
      };
    };
--- a/ada/services/firewalld.nix
+++ b/ada/services/firewalld.nix
@ -3,12 +3,16 @@ _: {
    firewalld = {
      enable = true;

-      settings = {
-        # nope
-      };
-
      zones = {
-        # nope
+        "eno1" = {
+          interfaces = [
+            "ens1"
+          ];
+
+          services = [
+            "sunshine"
+          ];
+        };
      };
    };
  };
--- a/ada/services/openssh.nix
+++ b/ada/services/openssh.nix
@ -5,7 +5,7 @@
      allowSFTP = true;
      openFirewall = true;
      ports = [
-        53864
+        6969
      ];

      settings = {
--- a/ada/services/yggdrasil.nix
+++ b/ada/services/yggdrasil.nix
@ -1,11 +0,0 @@
-_: {
-  services = {
-    yggdrasil = {
-      enable = false;
-      persistentKeys = false;
-      settings = {
-        # nope
-      };
-    };
-  };
-}
--- a/ada/services/zerotier.nix
+++ b/ada/services/zerotier.nix
@ -1,10 +0,0 @@
-_: {
-  services = {
-    zerotierone = {
-      enable = true;
-      joinNetworks = [
-        # nope
-      ];
-    };
-  };
-}
--- a/ada/time/timeZone.nix
+++ b/ada/time/timeZone.nix
@ -1,6 +1,6 @@
 _: {
  time = {
    timeZone = "Europe/Moscow";
-    hardwareClockInLocalTime = true;
+    hardwareClockInLocalTime = false;
  };
 }
--- a/ada/users/users/hand7s.nix
+++ b/ada/users/users/hand7s.nix
@ -5,10 +5,18 @@ _: {
        description = "me";
        isSystemUser = false;
        isNormalUser = true;
-        initialHashedPassword = "$6$ckgRhNWmJgSwOUpJ$kfeAdokd5fa76HWbTmWN2YXx4M/PQVOTJku1ODbqbBhEkUFiLftdaJFRnNXfIM3Jtz0ShoRMSVCB7mDkxDrdi/";
+        initialHashedPassword = lib.hashString "sha512" "hand7s";
        extraGroups = [
          "wheel"
        ];
+
+        openssh = {
+          authorizedKeys = {
+            keys = [
+              "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDp2IIdR5jV1HyG4aiRX7SfTNrXDhCx5rTiFU40qkOKq litvinovb0@gmail.com"
+            ];
+          };
+        };
      };
    };
  };
--- a/ada/users/users/root.nix
+++ b/ada/users/users/root.nix
@ -1,8 +1,8 @@
-_: {
+{lib, ...}: {
  users = {
    users = {
      "root" = {
-        initialHashedPassword = "$6$n4OLMvYHHStHvtmr$6OL0NV1dEM2b6oJRewkhuoFxM80lI67tfbJ6QkCg8WAA1gbeKrcwDAuJjm8zvpY4zcDR3Z5Zbo8uebfOi6XXF0";
+        initialHashedPassword = lib.hashString "sha512" "root";
      };
    };
  };