diff --git a/flake.lock b/flake.lock index 8da8bb8..a2fce2c 100644 --- a/flake.lock +++ b/flake.lock @@ -90,26 +90,6 @@ "type": "github" } }, - "framework-plymouth": { - "inputs": { - "nixpkgs": [ - "nixpkgs" - ] - }, - "locked": { - "lastModified": 1744254441, - "narHash": "sha256-zpbqouGFxu0fdECX54jHPyjYEX+04kZRWZFZ4IKL58c=", - "owner": "j-pap", - "repo": "framework-plymouth", - "rev": "6aa8efd36bd79660ced9b8a82495afdb0c8c1166", - "type": "github" - }, - "original": { - "owner": "j-pap", - "repo": "framework-plymouth", - "type": "github" - } - }, "git-hooks": { "inputs": { "flake-compat": "flake-compat", @@ -334,7 +314,6 @@ "inputs": { "disko": "disko", "flake-parts": "flake-parts", - "framework-plymouth": "framework-plymouth", "git-hooks": "git-hooks", "nixinate": "nixinate", "nixos-generators": "nixos-generators", diff --git a/flake.nix b/flake.nix index 6f11097..5148d6e 100644 --- a/flake.nix +++ b/flake.nix @@ -34,11 +34,6 @@ inputs.nixpkgs.follows = "nixpkgs"; }; - framework-plymouth = { - url = "github:j-pap/framework-plymouth"; - inputs.nixpkgs.follows = "nixpkgs"; - }; - # own flakes stunkymonkey = { url = "github:Stunkymonkey/stunkymonkey.de"; @@ -81,9 +76,7 @@ }: { # make pkgs available to all `perSystem` functions - _module.args.pkgs = import inputs.nixpkgs { - inherit system; - }; + _module.args.pkgs = import inputs.nixpkgs { inherit system; }; # enable pre-commit checks pre-commit.settings = { diff --git a/machines/.sops.yaml b/machines/.sops.yaml index ca27a02..cefc057 100644 --- a/machines/.sops.yaml +++ b/machines/.sops.yaml @@ -2,16 +2,10 @@ keys: - &admin_felix age1hf8m9upp00dr7qv2kmqdr50fpvd9ejzkfu8yknqnuda2aas2tvrs4l3u7m - - &workman age1f2e644jteyeppfaatajtvjmsupl0e7nzx97ded6m0cgzw04l84ks5xl9l2 - &thinkman age1spt854cdscqs757a8kazth52rv4p9udh54suw9lpzlqg5savyapq2u0c03 - &serverle age14nt7qcsrye0vrpk0xcgcfmhkxwwumna39fpn83g3x0zml62skatqpnmhk4 - &newton age1s9spl75rwhgm3cvvqsr9rze5m0kuxqes2tsxjmq07xg5ycn5j47s2m0dlu creation_rules: - - path_regex: workman/secrets.yaml$ - key_groups: - - age: - - *admin_felix - - *workman - path_regex: thinkman/secrets.yaml$ key_groups: - age: diff --git a/machines/configurations.nix b/machines/configurations.nix index 8d3569a..f489dd3 100644 --- a/machines/configurations.nix +++ b/machines/configurations.nix @@ -58,13 +58,6 @@ in ./thinkman/configuration.nix ]; }; - workman = nixosSystem { - system = "x86_64-linux"; - modules = defaultModules ++ [ - nixos-hardware.nixosModules.framework-amd-ai-300-series - ./workman/configuration.nix - ]; - }; newton = nixosSystem { system = "x86_64-linux"; modules = defaultModules ++ [ ./newton/configuration.nix ]; diff --git a/machines/core/users.nix b/machines/core/users.nix index 131883e..aae5e42 100644 --- a/machines/core/users.nix +++ b/machines/core/users.nix @@ -17,7 +17,6 @@ "libvirtd" # kvm control "networkmanager" # wireless configuration "podman" # usage of `podman` socket - "seat" # access to input devices "video" # screen control "wheel" # `sudo` for the user. ]; diff --git a/machines/workman/boot.nix b/machines/workman/boot.nix deleted file mode 100644 index cb46451..0000000 --- a/machines/workman/boot.nix +++ /dev/null @@ -1,24 +0,0 @@ -{ - config, - inputs, - ... -}: -{ - boot = { - loader = { - timeout = 1; - systemd-boot = { - enable = true; - configurationLimit = 10; - consoleMode = "keep"; - editor = true; - }; - efi.canTouchEfiVariables = true; - }; - plymouth = { - enable = true; - theme = "framework"; - themePackages = [ inputs.framework-plymouth.packages.${config.nixpkgs.system}.default ]; - }; - }; -} diff --git a/machines/workman/configuration.nix b/machines/workman/configuration.nix deleted file mode 100644 index 4e55599..0000000 --- a/machines/workman/configuration.nix +++ /dev/null @@ -1,29 +0,0 @@ -{ ... }: -{ - imports = [ - ./boot.nix - ./disko-config.nix - ./hardware-configuration.nix - ./network.nix - ./profiles.nix - ./remote-build.nix - ./services.nix - ./system.nix - ]; - - networking.hostName = "workman"; - - sops = { - defaultSopsFile = ./secrets.yaml; - age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ]; - gnupg.sshKeyPaths = [ ]; - }; - - # needed for cross-compilation - boot.binfmt.emulatedSystems = [ "aarch64-linux" ]; - - system = { - stateVersion = "24.11"; - autoUpgrade.enable = true; - }; -} diff --git a/machines/workman/disko-config.nix b/machines/workman/disko-config.nix deleted file mode 100644 index c265b74..0000000 --- a/machines/workman/disko-config.nix +++ /dev/null @@ -1,72 +0,0 @@ -{ - disko.devices = { - disk = { - vdb = { - type = "disk"; - device = "/dev/disk/by-id/nvme-eui.e8238fa6bf530001001b444a456de595"; - content = { - type = "gpt"; - partitions = { - boot = { - size = "1M"; - type = "EF02"; # for grub MBR - }; - ESP = { - size = "512M"; - type = "EF00"; - content = { - type = "filesystem"; - format = "vfat"; - mountpoint = "/boot"; - mountOptions = [ "defaults" ]; - }; - }; - luks = { - size = "100%"; - content = { - type = "luks"; - name = "encrypted"; - settings.allowDiscards = true; - passwordFile = "/tmp/disk.key"; - content = { - type = "lvm_pv"; - vg = "pool"; - }; - }; - }; - }; - }; - }; - }; - lvm_vg = { - pool = { - type = "lvm_vg"; - lvs = { - root = { - size = "100G"; - content = { - type = "filesystem"; - format = "ext4"; - mountpoint = "/"; - }; - }; - home = { - size = "500G"; - content = { - type = "filesystem"; - format = "ext4"; - mountpoint = "/home"; - }; - }; - swap = { - size = "64G"; - content = { - type = "swap"; - resumeDevice = true; - }; - }; - }; - }; - }; - }; -} diff --git a/machines/workman/hardware-configuration.nix b/machines/workman/hardware-configuration.nix deleted file mode 100644 index 0e56bad..0000000 --- a/machines/workman/hardware-configuration.nix +++ /dev/null @@ -1,30 +0,0 @@ -{ - pkgs, - ... -}: -let - cpuFlavor = "amd"; -in -{ - boot.kernelPackages = pkgs.linuxPackages_latest; - - my.hardware = { - bluetooth.enable = true; - debug.enable = true; - drive-monitor.enable = true; - firmware = { - enable = true; - inherit cpuFlavor; - }; - graphics = { - enable = true; - inherit cpuFlavor; - }; - id-card.enable = true; - keychron.enable = true; - monitor.enable = true; - sound.enable = true; - thunderbolt.enable = true; - yubikey.enable = true; - }; -} diff --git a/machines/workman/network.nix b/machines/workman/network.nix deleted file mode 100644 index 712d5f3..0000000 --- a/machines/workman/network.nix +++ /dev/null @@ -1,20 +0,0 @@ -# network settings -_: { - # hotfixes for dns settings - networking.extraHosts = - let - serverle_ip = "192.168.178.60"; - in - '' - ${serverle_ip} stunkymonkey.de - ${serverle_ip} automation.stunkymonkey.de - ${serverle_ip} download.stunkymonkey.de - ${serverle_ip} esphome.stunkymonkey.de - ${serverle_ip} indexer.stunkymonkey.de - ${serverle_ip} media.stunkymonkey.de - ${serverle_ip} movies.stunkymonkey.de - ${serverle_ip} series.stunkymonkey.de - ${serverle_ip} subtitles.stunkymonkey.de - ${serverle_ip} view.stunkymonkey.de - ''; -} diff --git a/machines/workman/profiles.nix b/machines/workman/profiles.nix deleted file mode 100644 index 01ed516..0000000 --- a/machines/workman/profiles.nix +++ /dev/null @@ -1,24 +0,0 @@ -# enabled profiles -_: { - my.profiles = { - "3d-design".enable = true; - android.enable = true; - clean.enable = true; - desktop-apps.enable = true; - desktop-dev.enable = true; - development.enable = true; - filesystem.enable = true; - gaming.enable = true; - latex.enable = true; - media.enable = true; - meeting.enable = true; - nautilus.enable = true; - powersave.enable = true; - printing.enable = true; - sway.enable = true; - sync.enable = true; - update.enable = true; - usb-iso.enable = true; - webcam.enable = true; - }; -} diff --git a/machines/workman/remote-build.nix b/machines/workman/remote-build.nix deleted file mode 100644 index 90ee53e..0000000 --- a/machines/workman/remote-build.nix +++ /dev/null @@ -1,24 +0,0 @@ -# enabled remote-build service -{ config, ... }: -let - inherit (config.sops) secrets; -in -{ - sops.secrets."nixremote/ssh_key" = { }; - nix.buildMachines = [ - { - hostName = "buehler.rocks"; - system = "x86_64-linux"; - supportedFeatures = [ - "benchmark" - "kvm" - "big-parallel" - ]; - sshUser = "nixremote"; - sshKey = secrets."nixremote/ssh_key".path; - maxJobs = 4; - } - ]; - - nix.distributedBuilds = true; -} diff --git a/machines/workman/secrets.yaml b/machines/workman/secrets.yaml deleted file mode 100644 index 01b83f6..0000000 --- a/machines/workman/secrets.yaml +++ /dev/null @@ -1,37 +0,0 @@ -users: - felix: - password: ENC[AES256_GCM,data:3r1f8iUSgT3mDflSkvl3cyfciBZI5rDa9jMZcfW/mniNt9PJTNaaNbBC/cIxgbwcD991Y/Y0NKB0vxOmKMCIcclvGRUwLdKwFQ==,iv:Chya0lUhNtYcOp3GyNl+I1VyNV3KvSOZxeWUgz3SBnA=,tag:OhdIXdwbQAV0eZZS/kpW1Q==,type:str] -borgbackup: - password: ENC[AES256_GCM,data:BodZSJGi/pYZYIG5NYEeNrTVdYdzlgA2lZCNcIL+kT4=,iv:Vmbzq8MxyboeLmM3MyTGVr6+S/JrwbFDaP8PWh+s8aY=,tag:atj9ap7X6drdGMnnCbEZPg==,type:str] - ssh_key: ENC[AES256_GCM,data:LhGZ2VzOWwcjO0gd1ia7Nb6Roy9+kZwYW2ucjWqpeq6e1xl6JXFRkJJ/bLIA++yUVZarLSabhDn0DDHVfGyO5fOdSuuduu0lCl+ffxz3zX7RjibInwstwnvqJo2ZrBbI+9QPBxI4IRo4uEllljN5N4Fvq3Pq6tMLX2ZpkqIEWayDa28gxM3Ib/at9DGSiEsyhJm2b6HTMUi/lXX9vIxPPOgaqmuWgpp7Tzkd8Ph08zvnloWvlRZaYxl/n7+VxEohqZY88RfFSNT/N5TtgnFFTTRX+9B0vCRqyJq9XQ3cf0fG0NJzb0kcO25k45kAGU7QOJ8V7YPgPPwPPWU7IAluhFi9x78QLsuAioXnl79aZli11NE7Gyn2n4FkkhVX1W078tbvLiNURSfVro7crcf6WCX1PBvbuDFdKg8I2r58aZ5vglD5QD0gBbhL0js13z80DRCdNCtyNQZfgMXvAIEq3Lw3UvTUspInMJos7Kgs0hCK/SoP87SymYEkGORpZzoGg/zlHf0kExOj3Fni+LK24sArc/CIeCBBc/BJ,iv:jDAB5ExuplfUtJqgub4oV/wbytpnjK3MjJko/rsJ0fM=,tag:s2aODtXR9Qu29tKjZvfyKA==,type:str] -nixremote: - ssh_key: ENC[AES256_GCM,data:vO3U1dW3VhHSNDDFlt6Slqf2+sf0xeZ/3ztyqGIkUKwU87flHP0cVVyPF71UCSowhFu7SSK/DEkzTdNjoCnx21HDQ5zc+JZFJjKIE7HotcJwWR6/a9hFZniY4FVLAnW+locWjbcOB+Mou/VHm1uo+a8wmNOJTw7FS3ZM6FfANLDZcjxcjJKu23UcUyXDxuMySkRKmLneyfwlk5aP1toyjBwnS9og1UPjSTy6ldM6gsfUv1mZ+BbCWgtiwxcGEy859ROOMuqKxUKGDbgHnby/aqs7dP8xzoVoZQXjHYoWLp1/7IforoyXb8GiUkOWRlCC/dJm6Kx9Y67M13LwKEpX2+WOfNCHqTjYO4234zfOZ1DRJtwCAMKH7y0sjAYp9bK6iHv3qKIjreDSA8S6xbQP5LnXvp55460Puq+Xe2HdnugRfd3d6pKMrHmnRE8mmstG6jDxdGqtoGo2VBvDGAC080J6BXxP0/xpeXwc99TSDdHEymqodZoz3jQuGMb+brxSyDgaw6FEDPNkpxdUFl0/vShTfROqgT0NVbH3,iv:SXIDRjHBQBcstSz1Pgv5jI8+XHbJA/QrqF9EOkIcvqE=,tag:ZakbophvoJmWlVX88hMA7A==,type:str] -sops: - kms: [] - gcp_kms: [] - azure_kv: [] - hc_vault: [] - age: - - recipient: age1hf8m9upp00dr7qv2kmqdr50fpvd9ejzkfu8yknqnuda2aas2tvrs4l3u7m - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSArdGpCSWlVMUt1M1hZM2FM - WWVzVlA3bVRpOUlXU1hQMEhKUDlKMmtrRWhRCkNNZko1ZlowRWtTZzRwelBYTlY3 - Q1o2NE9pSFNUckJDQzBTZUxkbkR4SncKLS0tIHBrQVo0OGpvQnJVblRta0JHLy9I - K2JaanpIRXVsR3VNejhWNmdEMjczUTQKfp7BI9UEl+r4iehbfoJk9x5KjXszsjVZ - qEKeyj7z8w+rjspNXtAhh1CN2EcHsT8DiygrIheltSMZYfWk1Ai8Zw== - -----END AGE ENCRYPTED FILE----- - - recipient: age1f2e644jteyeppfaatajtvjmsupl0e7nzx97ded6m0cgzw04l84ks5xl9l2 - enc: | - -----BEGIN AGE ENCRYPTED FILE----- - YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBKTkhPcmJKVDc0RWRaeHA0 - U2F5WnVzMzcxSGZUakRCNlQzK0tyeEZ2bDEwCklRMUxVS3gyYlM3aWsxODV4MmVO - S0JuVFNvaHNJMzFUVDkvbmZYa2MweTQKLS0tIDJ1eHp2OGI1QjJJTjJzK2ZpNm5n - bEl0bWl3OHdOcDU2UEpIWjNUWjZpeEkK7J7WK/09l2gY9NixQL+I5B7wCWH2fJQ1 - +Zau6I2CDVhine3twNsGN0OpUQF7aHX2dwFhKyxPthFj3YTE1oR0yA== - -----END AGE ENCRYPTED FILE----- - lastmodified: "2025-05-05T21:53:42Z" - mac: ENC[AES256_GCM,data:700AWjj0wgdSdyXPAKkdttqeThxtz5Ui7K53wRt0VY657fsRJiezqCp/1JVgLfFCKstfbIE1GbTtAetDJ2cRdthpsgMDCG6EQVap7Kt8YCnqDPcPl7ND5yKR6nOjzmd+p2drIp4SHIDSzM9IJvd1XNvpWsgakPs3YgQjFoRElnY=,iv:l/M8pShzBzd/XyHUXE9HWM1a/At9biYJTj2cZ4xbxkQ=,tag:FtELUjvGO6BImmV8D/FmfA==,type:str] - pgp: [] - unencrypted_suffix: _unencrypted - version: 3.9.4 diff --git a/machines/workman/services.nix b/machines/workman/services.nix deleted file mode 100644 index d481823..0000000 --- a/machines/workman/services.nix +++ /dev/null @@ -1,21 +0,0 @@ -# Deployed services -{ config, ... }: -let - inherit (config.sops) secrets; -in -{ - sops.secrets."borgbackup/password" = { }; - sops.secrets."borgbackup/ssh_key" = { }; - - # List services that you want to enable: - my.services = { - backup = { - enable = true; - OnFailureNotification = true; - passwordFile = secrets."borgbackup/password".path; - sshKeyFile = secrets."borgbackup/ssh_key".path; - paths = [ "/" ]; - }; - vpn.enable = true; - }; -} diff --git a/machines/workman/system.nix b/machines/workman/system.nix deleted file mode 100644 index ef07512..0000000 --- a/machines/workman/system.nix +++ /dev/null @@ -1,13 +0,0 @@ -# enabled system services -_: { - my.system = { - avahi.enable = true; - fonts.enable = true; - kvm = { - enable = true; - cpuFlavor = "amd"; - }; - podman.enable = true; - spell-check.enable = true; - }; -} diff --git a/profiles/sway/default.nix b/profiles/sway/default.nix index 04f6de9..3a5ff3f 100644 --- a/profiles/sway/default.nix +++ b/profiles/sway/default.nix @@ -31,8 +31,6 @@ in environment.systemPackages = with pkgs; [ polkit_gnome ]; environment.pathsToLink = [ "/libexec" ]; - services.seatd.enable = true; - programs = { foot.enable = true; light.enable = true;