5 changed files with 262 additions and 223 deletions
--- a/hosts/laptop/home.nix
+++ b/hosts/laptop/home.nix
@ -8,20 +8,22 @@
    homeDirectory = "/home/k";
    stateVersion = "23.11";
    enableNixpkgsReleaseCheck = false;
-    packages = with pkgs;[
+    packages = [
-      nerdfonts
+      pkgs.nerdfonts
-      firefox
+      pkgs.firefox
-      keepassxc
+      pkgs.keepassxc
-      thunderbird
+      pkgs.syncthing
-      blender
+      pkgs.thunderbird
-      vesktop
+      pkgs.blender
-      btop
+      pkgs.vesktop
-      zip
+      pkgs.btop
-      spotify
+      pkgs.zip
-      distrobox
+      pkgs.spotify
      pkgs.distrobox
-      modrinth-app
+      pkgs.modrinth-app
-      direnv
+      pkgs.emacs
      pkgs.direnv
    ];
  };
@ -32,12 +34,6 @@
      userEmail = "markers711@gmail.com";
    };
    direnv = {
      enable = true;
      enableZshIntegration = true;
      nix-direnv.enable = true;
    };
    starship.enable = true;
    zsh = {
      enable = true;
@ -58,12 +54,5 @@
    };
  };
-  services = {
+  services = { syncthing.enable = true; };
    syncthing.enable = true;
    activitywatch.enable = true;
    emacs = {
      enable = true;
      defaultEditor = true;
    };
  };
 }
--- a/hosts/server/configuration.nix
+++ b/hosts/server/configuration.nix
@ -1,32 +1,78 @@
 # Edit this configuration file to define what should be installed on
 # your system.  Help is available in the configuration.nix(5) man page
 # and in the NixOS manual (accessible by running ‘nixos-help’).
 { config, pkgs, inputs, ... }:
 {
-  imports = [ ./hardware-configuration.nix ./service.nix ];
+  imports =
    [ # Include the results of the hardware scan.
      ./hardware-configuration.nix
      ./service.nix
    ];
  nix.settings.experimental-features = ["nix-command" "flakes"];
  nixpkgs.config.allowUnfree = true;
  # networking.wireless.enable = true;  # Enables wireless support via wpa_supplicant.
  # Configure network proxy if necessary
  # networking.proxy.default = "http://user:password@proxy:port/";
  # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain";
   # Enable networking
  networking.networkmanager.enable = true;
  # Set your time zone.
  time.timeZone = "America/New_York";
  # Select internationalisation properties.
  i18n.defaultLocale = "en_US.UTF-8";
  i18n.extraLocaleSettings = {
    LC_ADDRESS = "en_US.UTF-8";
    LC_IDENTIFICATION = "en_US.UTF-8";
    LC_MEASUREMENT = "en_US.UTF-8";
    LC_MONETARY = "en_US.UTF-8";
    LC_NAME = "en_US.UTF-8";
    LC_NUMERIC = "en_US.UTF-8";
    LC_PAPER = "en_US.UTF-8";
    LC_TELEPHONE = "en_US.UTF-8";
    LC_TIME = "en_US.UTF-8";
  };
 # Enable CUPS to print documents.
  services.auto-cpufreq.enable = true;
  services.thermald.enable = true;
  powerManagement.powertop.enable = true;
  powerManagement.enable = true;
  system.autoUpgrade.enable = true;
  nix = {
    settings.experimental-features = [ "nix-command" "flakes" ];
    gc.automatic = true;
  };
  programs = {
    nix-ld.enable = true;
    nix-ld.libraries = with pkgs; [ glibc glib ];
    zsh.enable = true;
  };
  programs.nix-ld.enable = true;
  programs.nix-ld.libraries = with pkgs; [
  ];
  programs.zsh.enable = true;
  users.users.k = {
    isNormalUser = true;
    description = "k";
    extraGroups = [ "networkmanager" "wheel" ];
-    packages = with pkgs; [ zsh ];
+    packages = with pkgs; [zsh];
    shell = pkgs.zsh;
  };
  home-manager = {
    users = {
      "k" = import ./home.nix;
    };
  };
-  home-manager = { users = { "k" = import ./home.nix; }; };
+  system.autoUpgrade.enable = true;
  nix.gc.automatic = true;
  # List packages installed in system profile. To search, run:
  # $ nix search wget
  environment.systemPackages = with pkgs; [
  docker-compose
  intel-vaapi-driver
  intel-compute-runtime
  intel-media-driver 
--- a/hosts/server/hardware-configuration.nix
+++ b/hosts/server/hardware-configuration.nix
@ -4,10 +4,11 @@
 { config, lib, pkgs, modulesPath, ... }:
 {
-  imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
+  imports =
    [ (modulesPath + "/installer/scan/not-detected.nix")
    ];
-  boot.initrd.availableKernelModules =
+  boot.initrd.availableKernelModules = [ "xhci_pci" "thunderbolt" "nvme" "usb_storage" "sd_mod" "rtsx_pci_sdmmc" ];
    [ "xhci_pci" "thunderbolt" "nvme" "usb_storage" "sd_mod" "rtsx_pci_sdmmc" ];
  boot.initrd.kernelModules = [ ];
  boot.kernelModules = [ "kvm-intel" ];
  boot.extraModulePackages = [ ];
@ -17,18 +18,20 @@
  networking.hostName = "nixserver"; # Define your hostname.
-  fileSystems."/" = {
+
-    device = "/dev/disk/by-uuid/aaf4a4be-fed2-42b2-be79-4ca920bb7292";
+  fileSystems."/" =
    { device = "/dev/disk/by-uuid/aaf4a4be-fed2-42b2-be79-4ca920bb7292";
      fsType = "ext4";
    };
-  fileSystems."/boot" = {
+  fileSystems."/boot" =
-    device = "/dev/disk/by-uuid/150F-09C6";
+    { device = "/dev/disk/by-uuid/150F-09C6";
      fsType = "vfat";
    };
  swapDevices =
-    [{ device = "/dev/disk/by-uuid/ecde85bd-abea-4926-80d5-810b01d0e364"; }];
+    [ { device = "/dev/disk/by-uuid/ecde85bd-abea-4926-80d5-810b01d0e364"; }
    ];
  # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
  # (the default) this is the recommended approach. When using systemd-networkd it's
@ -38,6 +41,5 @@
  # networking.interfaces.wlp0s20f3.useDHCP = lib.mkDefault true;
  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
-  hardware.cpu.intel.updateMicrocode =
+  hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
    lib.mkDefault config.hardware.enableRedistributableFirmware;
 }
--- a/hosts/server/home.nix
+++ b/hosts/server/home.nix
@ -1,32 +1,34 @@
 { config, pkgs, inputs, ... }:
 {
  home.enableNixpkgsReleaseCheck = false;
  nixpkgs.config.allowUnfree = true;
-  home = {
+  home.username = "k";
-    username = "k";
+  home.homeDirectory = "/home/k";
-    homeDirectory = "/home/k";
+  home.stateVersion = "23.11";
    stateVersion = "23.11";
    enableNixpkgsReleaseCheck = false;
-    packages = [ pkgs.neovim pkgs.btop ];
+  home.packages = [
-  };
+    pkgs.syncthing
    pkgs.neovim
    pkgs.btop
  ];
-  programs = {
+  programs.git = {
    git = {
    enable = true;
    userName  = "k";
    userEmail = "markers711@gmail.com";
  };
-    starship.enable = true;
+  programs.starship.enable = true;
-    zsh = {
+  programs.zsh = {
    enable = true;
    autosuggestion.enable = true;
    enableCompletion = true;
    syntaxHighlighting.enable = true;
    autocd = true;
-      plugins = [{
+    plugins = [
      {
        name = "zsh-nix-shell";
        file = "nix-shell.plugin.zsh";
        src = pkgs.fetchFromGitHub {
@ -35,9 +37,8 @@
          rev = "v0.8.0";
          sha256 = "1lzrn0n4fxfcgg65v0qhnj7wnybybqzs4adz7xsrkgmcsr0ii8b7";
        };
-      }];
+      }
    ];
  };
  };
  services.syncthing.enable = true;
 }
--- a/hosts/server/service.nix
+++ b/hosts/server/service.nix
@ -1,25 +1,21 @@
-{ pkgs, lib, ... }: {
+{pkgs,lib,...}:
 {
  networking.firewall = {
    enable = true;
-    allowedTCPPorts = [ 80 443 22 ];
+    allowedTCPPorts = [80 443 22 ];
  };
-  security.acme = {
+  services.openssh = {
-    acceptTerms = true;
+    enable = true;
    defaults.email = "markers711@gmail.com";
  };
-  virtualisation.docker = { enable = true; };
+  services.jellyfin = {
    enable = true;
  };
-  services = {
+  services.gitea = {
    openssh = { enable = true; };
    jellyfin = { enable = true; };
    fail2ban = { enable = true; };
    gitea = {
    enable = true;
    settings = {
      service.DISABLE_REGISTRATION = true;
@ -32,35 +28,30 @@
    };
  };
-    gitea-actions-runner.instances.home = {
+  services.gitea-actions-runner.instances.home = {
    enable = true;
    url = "https://git.dhilton.xyz";
    name = "nixsrv";
    token = "LaqTWUDidsm510TGBglGvcphsUxYmCzMjrZbEtJj";
-      labels = [
+    labels = ["ubuntu-latest:docker://catthehacker/ubuntu:act-latest" "ubuntu-22.04:docker://catthehacker/ubuntu:act-22.04" "ubuntu-20.04:docker://catthehacker/ubuntu:act-20.04" "ubuntu-18.04:docker://catthehacker/ubuntu:act-18.04" "native:host"];
        "ubuntu-latest:docker://catthehacker/ubuntu:act-latest"
        "ubuntu-22.04:docker://catthehacker/ubuntu:act-22.04"
        "ubuntu-20.04:docker://catthehacker/ubuntu:act-20.04"
        "ubuntu-18.04:docker://catthehacker/ubuntu:act-18.04"
        "native:host"
      ];
  };
-    home-assistant = {
+  services.home-assistant = {
    enable = true;
-      extraComponents = [ "wiz" "fail2ban" ];
+    extraComponents = ["wiz" "fail2ban"];
    config = {
-        default_config = { };
+    default_config={};
    "automation ui" = "!include automations.yaml";
      http = {
-          use_x_forwarded_for = "true";
+	use_x_forwarded_for="true";
-          trusted_proxies = [ "127.0.0.1" ];
+	trusted_proxies=["127.0.0.1"];
-          server_port = 8003;
+      	server_port=8003;
      };
    };
  };
-    ntfy-sh = {
+
  services.ntfy-sh = {
    enable = true;
    settings = { 
      listen-http = ":8004";
@ -70,20 +61,26 @@
    };
  };
-    searx = {
+  services.searx = {
-      enable = true;
+    enable=true;
-      settings = {
+    settings = { server.port = 8005; server.secret_key = "secretlol";};
        server.port = 8005;
        server.secret_key = "secretlol";
      };
  };
-    nginx = {
+  services.fail2ban = {
    enable=true;
  };
  virtualisation.docker = {
    enable = true;
  };
  services.nginx = {
    enable = true;
    recommendedProxySettings = true;
    recommendedTlsSettings = true;
  };
-      virtualHosts = {
+  services.nginx.virtualHosts = {
    "dhilton.xyz" = {
      enableACME = true;
@ -145,6 +142,10 @@
 	};
     };
  };
-    };
+
  security.acme = {
    acceptTerms = true;
    defaults.email = "markers711@gmail.com";
  };
 }