CaZzzer/nix-conf
1
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: CaZzzer:updates
Branches Tags
CaZzzer:master CaZzzer:updates CaZzzer:feature/secure-boot-1 CaZzzer:router/home-assistant CaZzzer:router/keepalived CaZzzer:router/module-1 CaZzzer:router/module CaZzzer:router/desktop CaZzzer:router/wireguard CaZzzer:home/refactor CaZzzer:feature/glance CaZzzer:feature/router-4 CaZzzer:feature/router-3 CaZzzer:feature/router-1 CaZzzer:feature/router CaZzzer:feature/router-2 CaZzzer:feature/home-manager CaZzzer:feature/ollama
..
compare: CaZzzer:d9937916bb9c38b8286cbd121db9db4bbddbedc3
Branches Tags
CaZzzer:updates CaZzzer:master CaZzzer:feature/secure-boot-1 CaZzzer:router/home-assistant CaZzzer:router/keepalived CaZzzer:router/module-1 CaZzzer:router/module CaZzzer:router/desktop CaZzzer:router/wireguard CaZzzer:home/refactor CaZzzer:feature/glance CaZzzer:feature/router-4 CaZzzer:feature/router-3 CaZzzer:feature/router-1 CaZzzer:feature/router CaZzzer:feature/router-2 CaZzzer:feature/home-manager CaZzzer:feature/ollama

4 Commits
updates ... d9937916bb

Author SHA1 Message Date
Yuri Tatishchev
d9937916bb temp 2025-12-07 20:52:45 -08:00
Yuri Tatishchev
4c7142dcda make lanzaboote optional 2025-12-07 20:47:34 -08:00
Yuri Tatishchev
923f3f0ffc temp 2025-12-06 18:11:15 -08:00
Yuri Tatishchev
578f18bc2d WIP: add secure boot 2025-12-06 16:52:27 -08:00
4 changed files with 20 additions and 41 deletions
Expand all files Collapse all files

24
flake.lock generated
View File

@@ -81,11 +81,11 @@
]
},
"locked": {
"lastModified": 1777780644,
"narHash": "sha256-CYpc+mk28rmcQWGygeM8CA+Z8SZYy8BOyQtiW18spao=",
"lastModified": 1764034279,
"narHash": "sha256-hZH6EHQYFifVg0bmSBYT8Art5BWhXBXE307uPLnexY0=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "b9311028044a9e9b2cf27db15ef0a87d464e212d",
"rev": "381f4f8a3a5f773cb80d2b7eb8f8d733b8861434",
"type": "github"
},
"original": {
@@ -143,11 +143,11 @@
]
},
"locked": {
"lastModified": 1769813415,
"narHash": "sha256-nnVmNNKBi1YiBNPhKclNYDORoHkuKipoz7EtVnXO50A=",
"lastModified": 1751903740,
"narHash": "sha256-PeSkNMvkpEvts+9DjFiop1iT2JuBpyknmBUs0Un0a4I=",
"owner": "nix-community",
"repo": "nixos-generators",
"rev": "8946737ff703382fda7623b9fab071d037e897d5",
"rev": "032decf9db65efed428afd2fa39d80f7089085eb",
"type": "github"
},
"original": {
@@ -158,11 +158,11 @@
},
"nixpkgs": {
"locked": {
"lastModified": 1777578337,
"narHash": "sha256-Ad49moKWeXtKBJNy2ebiTQUEgdLyvGmTeykAQ9xM+Z4=",
"lastModified": 1763835633,
"narHash": "sha256-HzxeGVID5MChuCPESuC0dlQL1/scDKu+MmzoVBJxulM=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "15f4ee454b1dce334612fa6843b3e05cf546efab",
"rev": "050e09e091117c3d7328c7b2b7b577492c43c134",
"type": "github"
},
"original": {
@@ -182,11 +182,11 @@
]
},
"locked": {
"lastModified": 1775856943,
"narHash": "sha256-b7Mp7P+q2Md5AGt4rjHfMcBykzMumFTen10ST++AuTU=",
"lastModified": 1763909441,
"narHash": "sha256-56LwV51TX/FhgX+5LCG6akQ5KrOWuKgcJa+eUsRMxsc=",
"owner": "nix-community",
"repo": "plasma-manager",
"rev": "a524a6160e6df89f7673ba293cf7d78b559eb1a5",
"rev": "b24ed4b272256dfc1cc2291f89a9821d5f9e14b4",
"type": "github"
},
"original": {

1
hosts/Yura-TPX13/default.nix
View File

@@ -11,7 +11,6 @@
"sysrq_always_enabled=1"
];
boot.loader.systemd-boot.enable = false;
boot.lanzaboote = {
enable = true;
pkiBundle = "/var/lib/sbctl";

34
hosts/common-desktop.nix
View File

@@ -7,20 +7,12 @@
"sysrq_always_enabled=1"
];
boot.kernelPackages = pkgs.linuxKernel.packages.linux_6_18;
boot.kernelPackages = pkgs.linuxKernel.packages.linux_6_17;
boot.loader = {
efi.canTouchEfiVariables = true;
timeout = 3;
systemd-boot.enable = lib.mkDefault true;
systemd-boot.enable = !config.boot.lanzaboote.enable;
};
boot.kernel.sysctl = {
# https://wiki.archlinux.org/title/Zram#Optimizing_swap_on_zram
"vm.swappiness" = 180;
"vm.watermark_boost_factor" = 0;
"vm.watermark_scale_factor" = 125;
"vm.page-cluster" = 0;
};
zramSwap.enable = true;
# https://nixos.wiki/wiki/Accelerated_Video_Playback
hardware.graphics.enable = true;
@@ -73,7 +65,6 @@
programs.wireshark.package = pkgs.wireshark; # wireshark-cli by default
programs.bat.enable = true;
programs.htop.enable = true;
programs.nix-ld.enable = true;
# https://nixos.wiki/wiki/Docker
virtualisation.docker.enable = true;
@@ -119,10 +110,10 @@
powertop
rbw
restic
resticprofile
rclone
ripgrep-all
rustscan
unrar
whois
wireguard-tools
yt-dlp
@@ -142,7 +133,6 @@
];
})
nextcloud-client
lutris
lxqt.pavucontrol-qt
pinentry-all
tela-circle-icon-theme
@@ -152,14 +142,13 @@
# jetbrains.rust-rover
# jetbrains.goland
jetbrains.clion
jetbrains.idea
jetbrains.pycharm
jetbrains.idea-ultimate
jetbrains.pycharm-professional
jetbrains.webstorm
android-studio
rustup
zed-editor
package-version-server # for zed
antigravity-fhs
] ++ [
# C
gcc
@@ -181,25 +170,16 @@
# Nix
nil
nixd
nixfmt
nixfmt-rfc-style
# Gleam
gleam
beamMinimal28Packages.erlang
beamMinimal26Packages.erlang
# Racket
racket
# Ruby
ruby
# Java
zulu
] ++ [
jujutsu
lazyjj
jjui
# jj-fzf
gg-jj
];
}

2
modules/router/services.nix
View File

@@ -58,7 +58,7 @@ in
enable = true;
package = pkgs.caddy.withPlugins {
plugins = [ "github.com/caddy-dns/cloudflare@v0.2.1" ];
hash = "sha256-Zls+5kWd/JSQsmZC4SRQ/WS+pUcRolNaaI7UQoPzJA0=";
hash = "sha256-aRMg7R0dBAy+LJeGCMPg6HKppM6NPX2NPwtc0CeSQLg=";
};
virtualHosts."*.${domain}".extraConfig = ''
encode