From 2d30294ba21a3cf8a112d03103c9ab98516019d1 Mon Sep 17 00:00:00 2001 From: Markus Heurung Date: Mon, 20 May 2024 17:33:39 +0200 Subject: [PATCH 1/7] Activate sshd --- hosts/cube.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/hosts/cube.nix b/hosts/cube.nix index 438d8bc..d218c91 100644 --- a/hosts/cube.nix +++ b/hosts/cube.nix @@ -54,6 +54,7 @@ services.flatpak.enable = true; services.fwupd.enable = true; security.rtkit.enable = true; + services.openssh.enable = true; services.pipewire = { enable = true; alsa.enable = true; From 3b4e682ab447adad94efadacde6920583612146a Mon Sep 17 00:00:00 2001 From: Markus Heurung Date: Mon, 20 May 2024 17:35:31 +0200 Subject: [PATCH 2/7] Add tailscale auto login --- hosts/cube.nix | 4 ++++ secrets/secrets.yaml | 5 +++-- 2 files changed, 7 insertions(+), 2 deletions(-) diff --git a/hosts/cube.nix b/hosts/cube.nix index d218c91..cd22224 100644 --- a/hosts/cube.nix +++ b/hosts/cube.nix @@ -65,6 +65,7 @@ }; services.tailscale = { enable = true; + authKeyFile = config.sops.secrets.tailscale_auth_key.path; }; # Configure keymap in X11 @@ -74,6 +75,9 @@ }; # sops.defaultSopsFile = "/home/muhh/nix-config/secrets/secrets.yaml"; + sops.defaultSopsFile = ../secrets/secrets.yaml; + sops.age.keyFile = "/home/muhh/.config/sops/age/keys.txt"; + sops.secrets.tailscale_auth_key = {}; # Define a user account. Don't forget to set a password with ‘passwd’. users.users.muhh = { isNormalUser = true; diff --git a/secrets/secrets.yaml b/secrets/secrets.yaml index 5d3e946..55bb63e 100644 --- a/secrets/secrets.yaml +++ b/secrets/secrets.yaml @@ -1,4 +1,5 @@ just_a_test: ENC[AES256_GCM,data:HDhSG6BejOadBaeW,iv:idSJWRevqi4h/gaTREOt5tGfamRcxSUSmaelgyZUmu0=,tag:jo5lugFHpdjGeo/RtN86DA==,type:str] +tailscale_auth_key: ENC[AES256_GCM,data:1zT4rp8bxLLllmSPzC/n+Kg4m//zVynXdX8JnyO5G6mHdUrl46yYuWeyx4HNSRJmBicjVCvLMSnNeVMktg==,iv:cyInU7JNrTAnYtgF5e9jt+WKvNrumaWmRofr7++JQWA=,tag:ztKvGc1t8qeFKMbSbaq5Tw==,type:str] mail: privat: address: ENC[AES256_GCM,data:MdODBjT/vGmoZidXYppWX0EN,iv:Ai2YVodb/vOEyCK2spnH1vwPJrdvqIHM40ZGhALHq8A=,tag:ge1dIDEgiSYVJGNwuq+qKw==,type:str] @@ -32,8 +33,8 @@ sops: SEFxb2UwbDFiSG5QdzVWRk02b3lIZDQKYF4Vv3FwvKv3uwACRXb/jwD6Q5rh39Yu w7J86gsX7Yh9Wm65y+CW1JE8EN72mhBbYwve3lK8twDjxmLhYOMjIg== -----END AGE ENCRYPTED FILE----- - lastmodified: "2024-04-11T15:20:09Z" - mac: ENC[AES256_GCM,data:k6sIben6qmbR4vdHKjbPXfbycAoJC4nDwkb5c8EF1tBCyPM294XUK9DJ8MrEtijB7snp6q5hbFOxeYm4saTdUCmIA0OJi09Gto+mKbPn4oUWu1IGOqphe+71JBsdC5VK0X7C/6AskMpGHTjVFzEMSCNG1QlWwqjbj+nooMxT5X4=,iv:Mw3mrFx/CAmuCplqVcXiUDBEeb0bqK0Y4kTCZxMise8=,tag:seTx8hAi/8oGRCwpv9Qdug==,type:str] + lastmodified: "2024-05-19T16:46:00Z" + mac: ENC[AES256_GCM,data:xEOM5qqtGEeCmOi+z+MdZ3h4jLjj9aLn6EFGmvHkLsZCG4DWCc7KTaSOTyTVRnpsL/Nsuhqj88QNaM+ekBPA3120C64IKM6J/ZEfOriLfrmL8uzwMXPPqTMkCDs3ALNNontMl/zUL0LYGJ5bcraIQr0DBaup0DuRD5zcGVjUUCs=,iv:2/WrjzoKNCTfwogz0ITC+FeSg/gPCTTR1s+OtIJ3Esc=,tag:flAkHZ9+jIsEsQXChCc0vQ==,type:str] pgp: [] unencrypted_suffix: _unencrypted version: 3.8.1 From 82b9870fd3476278169be00f53c365cdefe71f5f Mon Sep 17 00:00:00 2001 From: Markus Heurung Date: Mon, 20 May 2024 17:35:47 +0200 Subject: [PATCH 3/7] mount additional disks --- hosts/cube-hardware-configuration.nix | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/hosts/cube-hardware-configuration.nix b/hosts/cube-hardware-configuration.nix index b50cd6d..cbacf92 100644 --- a/hosts/cube-hardware-configuration.nix +++ b/hosts/cube-hardware-configuration.nix @@ -23,6 +23,16 @@ fsType = "vfat"; }; + fileSystems."/storage/family" = + { device = "/dev/disk/by-uuid/896c11dc-d275-4992-99e6-fddc394a7bf1"; + fsType = "xfs"; + }; + + fileSystems."/storage/muhh" = + { device = "/dev/disk/by-uuid/8b716713-359b-4bac-8951-a35405dccd4c"; + fsType = "xfs"; + }; + swapDevices = [ ]; # Enables DHCP on each ethernet and wireless interface. In case of scripted networking From a42ed7e30fd88f9402445ce027913e18d7fda008 Mon Sep 17 00:00:00 2001 From: Markus Heurung Date: Mon, 20 May 2024 17:36:08 +0200 Subject: [PATCH 4/7] setup plex --- hosts/cube.nix | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/hosts/cube.nix b/hosts/cube.nix index cd22224..08ead5a 100644 --- a/hosts/cube.nix +++ b/hosts/cube.nix @@ -63,6 +63,14 @@ # If you want to use JACK applications, uncomment this #jack.enable = true; }; + services.plex = { + enable = true; + dataDir = "/var/lib/plex"; + openFirewall = true; + user = "plex"; + group = "plex"; + }; + services.tailscale = { enable = true; authKeyFile = config.sops.secrets.tailscale_auth_key.path; From 4592d7850129321c9021aeb2209729cd8f5a41b9 Mon Sep 17 00:00:00 2001 From: Markus Heurung Date: Mon, 20 May 2024 17:37:28 +0200 Subject: [PATCH 5/7] sway configuration --- home.nix | 32 ++++++++++++++++++++++++++++++++ hosts/cube.nix | 5 ++++- 2 files changed, 36 insertions(+), 1 deletion(-) diff --git a/home.nix b/home.nix index 2af0097..d03e133 100644 --- a/home.nix +++ b/home.nix @@ -381,6 +381,20 @@ playerctld.enable = true; swayidle = { enable = true; + events = [ + { event = "before-sleep"; command = "${pkgs.swaylock}/bin/swaylock -fF"; } + ]; + timeouts = [ + { + timeout = 300; + command = "${pkgs.swaylock}/bin/swaylock -fF"; + } + { + timeout = 330; + command = "${pkgs.sway}/bin/swaymsg 'output * dpms off'"; + resumeCommand = "${pkgs.sway}/bin/swaymsg 'output * dpms on'"; + } + ]; }; syncthing = { enable = true; @@ -408,6 +422,10 @@ enable = true; config = { gaps = { + inner = 50; + vertical = 100; + horizontal = 600; + smartGaps = true; smartBorders = "on"; }; input = { @@ -436,6 +454,20 @@ "XF86AudioPrev" = "exec playerctl previous"; }; modifier = "Mod4"; + output = { + DP-1 = { + resolution = "3840x2160@30Hz"; + position = "1920 0"; + # background = "/home/muhh/Sync/Backgrounds/wald.jpg fill"; + scale = "1.0"; + }; + HDMI-A-1 = { + resolution = "1920x1080@60.000Hz"; + transform = "180"; + position = "0 0"; + # background = "/home/muhh/Sync/Backgrounds/pfuetze.jpg fill"; + }; + }; seat = { "*" = { hide_cursor = "5000"; diff --git a/hosts/cube.nix b/hosts/cube.nix index 08ead5a..1c3e55a 100644 --- a/hosts/cube.nix +++ b/hosts/cube.nix @@ -51,9 +51,12 @@ LC_TIME = "de_DE.UTF-8"; }; + security = { + rtkit.enable = true; + pam.services.swaylock = {}; + }; services.flatpak.enable = true; services.fwupd.enable = true; - security.rtkit.enable = true; services.openssh.enable = true; services.pipewire = { enable = true; From be72e7565a82f640285903b97a9bef950a7e6297 Mon Sep 17 00:00:00 2001 From: Markus Heurung Date: Mon, 20 May 2024 17:38:01 +0200 Subject: [PATCH 6/7] install some software --- home.nix | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/home.nix b/home.nix index d03e133..64a770a 100644 --- a/home.nix +++ b/home.nix @@ -28,6 +28,7 @@ git neovide (nerdfonts.override { fonts = [ "Iosevka" ]; }) + mpv obsidian powertop qutebrowser @@ -118,6 +119,9 @@ enable = true; nix-direnv.enable = true; }; + firefox = { + enable = true; + }; fish = { enable = true; loginShellInit = '' From 73fc0bd445b340a5e3661c0c288a42df5ab1159c Mon Sep 17 00:00:00 2001 From: Markus Heurung Date: Mon, 20 May 2024 17:38:15 +0200 Subject: [PATCH 7/7] cleanup --- hosts/cube.nix | 1 - 1 file changed, 1 deletion(-) diff --git a/hosts/cube.nix b/hosts/cube.nix index 1c3e55a..22b30c4 100644 --- a/hosts/cube.nix +++ b/hosts/cube.nix @@ -85,7 +85,6 @@ xkb.options = "compose:ralt"; }; - # sops.defaultSopsFile = "/home/muhh/nix-config/secrets/secrets.yaml"; sops.defaultSopsFile = ../secrets/secrets.yaml; sops.age.keyFile = "/home/muhh/.config/sops/age/keys.txt"; sops.secrets.tailscale_auth_key = {};