diff --git a/common/nvidia.nix b/common/nvidia.nix index 91e03db..5f845df 100755 --- a/common/nvidia.nix +++ b/common/nvidia.nix @@ -31,7 +31,7 @@ # supported GPUs is at: # https://github.com/NVIDIA/open-gpu-kernel-modules#compatible-gpus # Only available from driver 515.43.04+ - open = false; + open = true; # Enable the Nvidia settings menu, # accessible via `nvidia-settings`. diff --git a/home/regent/home.nix b/home/regent/home.nix index db87dd3..95854c3 100755 --- a/home/regent/home.nix +++ b/home/regent/home.nix @@ -162,7 +162,6 @@ window#waybar { "sway/workspaces" = { disable-scroll = true; - sort-by-name = true; }; tray = { icon-size = 13; diff --git a/hosts/focalor/default.nix b/hosts/focalor/default.nix index 46577a4..7a89a57 100755 --- a/hosts/focalor/default.nix +++ b/hosts/focalor/default.nix @@ -29,10 +29,12 @@ ../../host-secrets.nix ]; - modules.syncthing = { + services.syncthing = { enable = true; openDefaultPorts = true; - disableDefaultFolder = true; + user = "regent"; + dataDir = "/home/regent"; + configDir = "/home/regent/.config/syncthing"; }; # ============================================================================= @@ -102,10 +104,10 @@ # ============================================================================= boot.supportedFilesystems = [ "nfs" ]; - fileSystems."/mnt/storage" = { + /*fileSystems."/mnt/storage" = { device = "valefar:/storage"; fsType = "nfs"; - }; + };*/ # ============================================================================= # SERVICES @@ -177,6 +179,6 @@ # code-server # DHCP (disabled in favor of systemd-networkd) - # useDHCP = true; + networking.useDHCP = false; # firewall.allowedTCPPorts = [22 80 443 2456 2457 9000 9001 9002]; -} \ No newline at end of file +} diff --git a/hosts/focalor/hardware.nix b/hosts/focalor/hardware.nix index 126d39c..a865d68 100755 --- a/hosts/focalor/hardware.nix +++ b/hosts/focalor/hardware.nix @@ -9,11 +9,11 @@ ]; boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "ahci" "uas" "usbhid" "sd_mod" ]; - boot.initrd.kernelModules = [ "vfio" "vfio_iommu_type1" "vfio_pci" ]; +# boot.initrd.kernelModules = [ "vfio" "vfio_iommu_type1" "vfio_pci" ]; boot.kernelModules = [ "kvm-amd" ]; boot.kernelParams = [ "amd_iommu=on" - "vfio-pci.ids=10de:2484,10de228b,1022:149c,15b7:5045,1dbe:5236,1022:149c" +# "vfio-pci.ids=10de:2484,10de228b,1022:149c,15b7:5045,1dbe:5236,1022:149c" ]; boot.extraModulePackages = [ ]; diff --git a/modules/syncthing/default.nix b/modules/syncthing/default.nix deleted file mode 100644 index 0a77d0e..0000000 --- a/modules/syncthing/default.nix +++ /dev/null @@ -1,257 +0,0 @@ -{ config, lib, pkgs, ... }: - -with lib; -let - cfg = config.modules.syncthing; - - # Helper function to create a serviceConfig entry if the condition is met - mkServiceConfigOption = name: value: mkIf (value != null) { "${name}" = value; }; - - # Construct the settings object for Syncthing - syncthingSettings = mkMerge [ - # GUI configuration - (mkIf cfg.gui.enable { - gui = mkMerge [ - (mkIf (cfg.gui.user != null) { - user = cfg.gui.user; - }) - ]; - }) - - # Devices configuration - (mkIf (cfg.devices != {}) { - devices = mapAttrs (name: device: { - id = device.id; - } // optionalAttrs (device.name != null) { - name = device.name; - } // optionalAttrs (device.addresses != []) { - addresses = device.addresses; - }) cfg.devices; - }) - - # Folders configuration - (mkIf (cfg.folders != {}) { - folders = mapAttrs (name: folder: { - path = folder.path; - devices = folder.devices; - } // optionalAttrs (folder.ignorePerms != null) { - ignorePerms = folder.ignorePerms; - } // optionalAttrs (folder.type != null) { - type = folder.type; - } // optionalAttrs (folder.rescanIntervalS != null) { - rescanIntervalS = folder.rescanIntervalS; - } // optionalAttrs (folder.versioning != null) { - versioning = folder.versioning; - }) cfg.folders; - }) - - # Extra options - cfg.extraOptions - ]; -in -{ - options = { - modules.syncthing = { - enable = mkEnableOption "Deploy syncthing"; - - openDefaultPorts = mkOption { - type = types.bool; - default = true; - description = "Open ports in the firewall for Syncthing"; - }; - - disableDefaultFolder = mkOption { - type = types.bool; - default = true; - description = "Don't create default ~/Sync folder"; - }; - - gui = { - enable = mkEnableOption "Enable GUI configuration"; - - user = mkOption { - type = types.nullOr types.str; - default = null; - description = "GUI username"; - example = "myuser"; - }; - - passwordFile = mkOption { - type = types.nullOr types.path; - default = null; - description = "Path to file containing GUI password"; - example = "config.age.secrets.syncthing-gui-password.path"; - }; - }; - - identity = { - keyPath = mkOption { - type = types.nullOr types.path; - default = null; - description = "Path to Syncthing private key for stable device ID"; - example = "config.age.secrets.syncthing-key.path"; - }; - - certPath = mkOption { - type = types.nullOr types.path; - default = null; - description = "Path to Syncthing certificate for stable device ID"; - example = "config.age.secrets.syncthing-cert.path"; - }; - }; - - devices = mkOption { - type = types.attrsOf (types.submodule { - options = { - id = mkOption { - type = types.str; - description = "Device ID"; - example = "DMWVMM6-MKEQVB4-I4UZTRH-5A6E24O-XHQTL3K-AAI5R5L-MXNMUGX-QTGRHQ2"; - }; - - name = mkOption { - type = types.nullOr types.str; - default = null; - description = "Device name (optional)"; - }; - - addresses = mkOption { - type = types.listOf types.str; - default = []; - description = "Device addresses"; - example = [ "tcp://192.168.1.100:22000" ]; - }; - }; - }); - default = {}; - description = "Syncthing devices configuration"; - example = { - "laptop" = { - id = "DMWVMM6-MKEQVB4-I4UZTRH-5A6E24O-XHQTL3K-AAI5R5L-MXNMUGX-QTGRHQ2"; - }; - "phone" = { - id = "ANOTHER-DEVICE-ID-GOES-HERE"; - addresses = [ "tcp://192.168.1.101:22000" ]; - }; - }; - }; - - folders = mkOption { - type = types.attrsOf (types.submodule { - options = { - path = mkOption { - type = types.str; - description = "Local folder path"; - example = "/home/myuser/Documents"; - }; - - devices = mkOption { - type = types.listOf (types.either types.str (types.submodule { - options = { - name = mkOption { - type = types.str; - description = "Device name"; - }; - - encryptionPasswordFile = mkOption { - type = types.path; - description = "Path to file containing encryption password"; - }; - }; - })); - default = []; - description = "List of devices that can access this folder"; - example = [ "laptop" "phone" ]; - }; - - ignorePerms = mkOption { - type = types.nullOr types.bool; - default = null; - description = "Whether to ignore file permissions"; - }; - - type = mkOption { - type = types.nullOr (types.enum [ "sendreceive" "sendonly" "receiveonly" ]); - default = null; - description = "Folder type"; - }; - - rescanIntervalS = mkOption { - type = types.nullOr types.int; - default = null; - description = "Rescan interval in seconds"; - }; - - versioning = mkOption { - type = types.nullOr (types.submodule { - options = { - type = mkOption { - type = types.enum [ "external" "simple" "staggered" "trashcan" ]; - description = "Versioning type"; - }; - - params = mkOption { - type = types.attrsOf types.str; - default = {}; - description = "Versioning parameters"; - }; - }; - }); - default = null; - description = "Folder versioning configuration"; - }; - }; - }); - default = {}; - description = "Syncthing folders configuration"; - example = { - "Documents" = { - path = "/home/myuser/Documents"; - devices = [ "laptop" "phone" ]; - ignorePerms = false; - }; - "Sensitive" = { - path = "/home/myuser/Sensitive"; - devices = [ - "laptop" - { - name = "phone"; - encryptionPasswordFile = "/run/secrets/syncthing-sensitive-password"; - } - ]; - }; - }; - }; - - extraOptions = mkOption { - type = types.attrsOf types.anything; - default = {}; - description = "Additional Syncthing configuration options"; - }; - }; - }; - - config = mkIf cfg.enable { - services.syncthing = { - enable = true; - openDefaultPorts = cfg.openDefaultPorts; - # Set stable identity if provided - key = mkIf (cfg.identity.keyPath != null) cfg.identity.keyPath; - cert = mkIf (cfg.identity.certPath != null) cfg.identity.certPath; - # Combine all settings - settings = syncthingSettings; - }; - - # Configure systemd service options collectively - systemd.services.syncthing = { - # Add environment variable to disable default folder creation - environment.STNODEFAULTFOLDER = mkIf cfg.disableDefaultFolder "true"; - - # Add supplementary groups for secret access - serviceConfig.SupplementaryGroups = [ "syncthing-secrets" ]; - }; - - # Create a group for accessing secrets - users.groups.syncthing-secrets = {}; - }; -} \ No newline at end of file