diff --git a/hosts/laptop/configuration.nix b/hosts/laptop/configuration.nix index 0427f53..0904d76 100644 --- a/hosts/laptop/configuration.nix +++ b/hosts/laptop/configuration.nix @@ -13,10 +13,20 @@ powerManagement.enable = true; nix = { - settings.experimental-features = [ "nix-command" "flakes" ]; gc.automatic = true; + settings = { + experimental-features = [ "nix-command" "flakes" ]; + substituters = [ + "http://nix.dhilton.xyz/" + "https://cache.nixos.org/" + ]; + trusted-public-keys = [ + "nix.dhilton.xyz:MOW060dF1A0/UXmPZBue9KMxCO13PHYFwx1X9hcdYZ4=" + ]; + }; }; + networking = { hostName = "laptop"; networkmanager.enable = true; diff --git a/hosts/server/configuration.nix b/hosts/server/configuration.nix index 70047ec..0caea1d 100644 --- a/hosts/server/configuration.nix +++ b/hosts/server/configuration.nix @@ -2,13 +2,23 @@ { imports = [ ./hardware-configuration.nix ./service.nix ]; - powerManagement.enable = true; + powerManagement.enable = false; system.autoUpgrade.enable = true; networking.networkmanager.enable = true; + boot.kernelParams = [ "intel_pstate=active" ]; nix = { - settings.experimental-features = [ "nix-command" "flakes" ]; gc.automatic = true; + settings = { + experimental-features = [ "nix-command" "flakes" ]; + substituters = [ + "http://nix.dhilton.xyz/" + "https://cache.nixos.org/" + ]; + trusted-public-keys = [ + "nix.dhilton.xyz:MOW060dF1A0/UXmPZBue9KMxCO13PHYFwx1X9hcdYZ4=" + ]; + }; }; programs = { @@ -29,6 +39,8 @@ environment.systemPackages = with pkgs; [ microcodeIntel ]; + hardware.bluetooth.enable = true; + hardware.bluetooth.powerOnBoot = true; hardware.graphics = { enable = true; extraPackages = with pkgs; [ @@ -38,6 +50,7 @@ vaapiVdpau libvdpau-va-gl vpl-gpu-rt + neovim ]; }; diff --git a/hosts/server/service.nix b/hosts/server/service.nix index 030334e..cc0336d 100644 --- a/hosts/server/service.nix +++ b/hosts/server/service.nix @@ -2,7 +2,8 @@ networking.firewall = { enable = true; - allowedTCPPorts = [ 80 443 22 ]; + allowedTCPPorts = [ 80 443 22 26615 ]; + allowedUDPPorts = [ 26615 ]; }; security.acme = { @@ -19,11 +20,27 @@ fail2ban = { enable = true; }; + postgresql = { enable = true; }; + + i2p = { enable = true; }; + + nix-serve = { + enable = true; + secretKeyFile = "/var/cache-priv-key.pem"; + }; + + ollama = { + enable = true; + package = pkgs.ollama.overrideAttrs (oldAttrs: { + NIX_CFLAGS_COMPILE = "${oldAttrs.NIX_CFLAGS_COMPILE or ""} -mavx2 -mfma -march=native -O3"; + }); + }; + gitea = { enable = true; settings = { service.DISABLE_REGISTRATION = true; - service.ENABLE_PUSH_CREATE_USER = true; + service.ENABLE_PUSH_CREATE_USER = true; server = { HTTP_PORT = 8001; DOMAIN = "dhilton.xyz"; @@ -49,7 +66,7 @@ home-assistant = { enable = true; - extraComponents = [ "wiz" "fail2ban" ]; + extraComponents = [ "wiz" "fail2ban" "ollama" "wyoming" ]; config = { default_config = { }; "automation ui" = "!include automations.yaml"; @@ -61,11 +78,45 @@ }; }; + wyoming = { + piper.servers."piperNix" = { + enable = true; + uri = "tcp://0.0.0.0:10200"; + voice = "en-us-ryan-low"; + }; + faster-whisper.servers."whisperNix" = { + enable = true; + uri = "tcp://0.0.0.0:10300"; + language = "en"; + }; + }; + searx = { enable = true; settings = { server.port = 8005; server.secret_key = "secretlol"; + search.formats = ["html" "json"]; + }; + }; + + akkoma = { + enable = true; + initDb.enable = true; + config = { + ":pleroma" = { + ":instance" = { + name = "dhilton fedi"; + description = "dhilton akkoma server"; + email = "markers711@gmail.com"; + registration_open = false; + }; + "Pleroma.Web.Endpoint" = { url.host = "fed.dhilton.xyz"; }; + }; + }; + nginx = { + enableACME = true; + forceSSL = true; }; }; @@ -117,6 +168,10 @@ proxyWebsockets = true; }; }; + + "nix.dhilton.xyz" = { + locations."/".proxyPass = "http://127.0.0.1:5000"; + }; }; }; };