feat: Add anvil's config

2026-01-10 11:34:02 -08:00 · 2026-01-10 11:34:02 -08:00 · 964830082f
commit 964830082f
parent b030b3a098
3 changed files with 80 additions and 62 deletions
--- a/anvil.nix
+++ b/anvil.nix
@ -0,0 +1,19 @@
+{ config, pkgs, ... }:
+
+{
+  networking.hostName = "anvil";
+  system.stateVersion = "24.11";
+  networking.firewall.allowedTCPPorts = [ 8384 ];
+  hardware.pulseaudio.enable = false;
+
+  boot.initrd.luks.devices."luks-1f261d60-dfb4-4f63-9c77-f331a007108b".device = "/dev/disk/by-uuid/1f261d60-dfb4-4f63-9c77-f331a007108b";
+
+  services.openssh = {
+    enable = true;
+    settings = {
+      PermitRootLogin = "no";
+      PasswordAuthentication = true;
+    };
+  };
+
+}
--- a/configuration.nix
+++ b/configuration.nix
@ -2,15 +2,15 @@

 let
  hostConfigs = {
-    crossbox = [ ./sdr.nix ./syncthing.nix ./forgejo.nix ./radicale.nix ./ollama.nix ./docuseal.nix ./nginx.nix ];
-    anvil = [ ./sdr.nix ./syncthing.nix ];
+    crossbox = [ ./crossbox.nix ./sdr.nix ./syncthing.nix ./forgejo.nix ./radicale.nix ./ollama.nix ./docuseal.nix ./nginx.nix ];
+    anvil = [ ./anvil.nix ./sdr.nix ./vpn.nix ./syncthing.nix ./staging.nginx.nix ];
  };
 in
 {
  imports =
    [ # Include the results of the hardware scan.
      ./hardware-configuration.nix
-    ] ++ hostConfigs.crossbox;
+    ] ++ hostConfigs.anvil;

  nix.settings.experimental-features = [ "nix-command" "flakes" ];
  nix.gc = {
@ -19,16 +19,16 @@ in
    options = "--delete-older-than 30d";
  };

-  # List packages installed in system profile.
  environment.systemPackages = with pkgs; [
    cargo
+    chromium
    curl
    docker-compose
    gcc
    git
    gnupg
    imv
-    lmstudio
+    mdbook
    mpv
    neovim
    openssl
@ -37,6 +37,7 @@ in
      exec ${pkgs.neovim}/bin/nvim "$@"
    '')
    pinentry-curses
+    python3
    rsync
    rustc
    tldr
@ -53,17 +54,6 @@ in
  boot.loader.systemd-boot.enable = true;
  boot.loader.efi.canTouchEfiVariables = true;

-  hardware.graphics = {
-    enable = true;
-    extraPackages = with pkgs; [
-      rocmPackages.clr.icd # ROCm OpenCL runtime
-      rocmPackages.clr
-      rocmPackages.rocminfo
-      rocmPackages.rocm-runtime
-    ];
-  };
-
-  networking.hostName = "crossbox";
  # Enables wireless support via wpa_supplicant.
  # networking.wireless.enable = true;

@ -109,7 +99,7 @@ in
  # XDG portal for screen sharing and other desktop features
  xdg.portal = {
    enable = true;
-    extraPortals = [ pkgs.xdg-desktop-portal-gtk ];
+    extraPortals = [ pkgs.xdg-desktop-portal-hyprland ];
  };

  services.xserver = {
@ -123,8 +113,6 @@ in
  # Enable CUPS to print documents.
  services.printing.enable = true;

-  # Enable sound with pipewire.
-  services.pulseaudio.enable = false;
  security.rtkit.enable = true;
  services.pipewire = {
    enable = true;
@ -168,7 +156,6 @@ in
    ];
  };

-  # Install firefox system-wide as well
  programs.firefox.enable = true;

  # Allow unfree packages
@ -190,12 +177,6 @@ in
  # Polkit for privilege escalation
  #security.polkit.enable = true;

-  networking.firewall.allowedTCPPorts = [ 22 ];
-
-  system.stateVersion = "25.11";
-
-  # Crossbox Configuration
-
  environment.shellAliases = {
    vi = "nvim";
    vim = "nvim";
@ -222,44 +203,9 @@ in
    dedicatedServer.openFirewall = true;
  };

-  # List services that you want to enable:
-  services.openssh = {
-    enable = true;
-    settings = {
-      PermitRootLogin = "no";
-      PasswordAuthentication = false;
-      KbdInteractiveAuthentication = false;
-    };
-  };
-
-  # Disable automatic suspend.
-  # Otherwise SSH tunnels and HDMI signals break.
-  services.logind = {
-    settings = {
-      Login = {
-        HandleLidSwitch = "ignore";
-	HandleHibernateKey = "ignore";
-	HandleSuspendKey = "ignore";
-	HandlePowerKey = "ignore";
-      };
-    };
-  };
-
  # Disable automatic suspend for SystemD.
  systemd.targets.sleep.enable = false;
  systemd.targets.suspend.enable = false;
  systemd.targets.hibernate.enable = false;
  systemd.targets.hybrid-sleep.enable = false;
-
-  virtualisation.docker = {
-    enable = true;
-    autoPrune = {
-      enable = true;
-      dates = "weekly";
-    };
-    rootless = {
-      enable = true;
-      setSocketVariable = true;
-    };
-  };
 }
--- a/crossbox.nix
+++ b/crossbox.nix
@ -0,0 +1,53 @@
+{ config, pkgs, ... }:
+
+{
+  networking.hostName = "crossbox";
+  system.stateVersion = "25.11";
+  networking.firewall.allowedTCPPorts = [ 22 ];
+  services.pulseaudio.enable = false;
+
+  hardware.graphics = {
+    enable = true;
+    extraPackages = with pkgs; [
+      rocmPackages.clr.icd # ROCm OpenCL runtime
+      rocmPackages.clr
+      rocmPackages.rocminfo
+      rocmPackages.rocm-runtime
+    ];
+  };
+
+  # List services that you want to enable:
+  services.openssh = {
+    enable = true;
+    settings = {
+      PermitRootLogin = "no";
+      PasswordAuthentication = false;
+      KbdInteractiveAuthentication = false;
+    };
+  };
+
+  # Disable automatic suspend.
+  # Otherwise SSH tunnels and HDMI signals break.
+  services.logind = {
+    settings = {
+      Login = {
+        HandleLidSwitch = "ignore";
+	HandleHibernateKey = "ignore";
+	HandleSuspendKey = "ignore";
+	HandlePowerKey = "ignore";
+      };
+    };
+  };
+
+  virtualisation.docker = {
+    enable = true;
+    autoPrune = {
+      enable = true;
+      dates = "weekly";
+    };
+    rootless = {
+      enable = true;
+      setSocketVariable = true;
+    };
+  };
+}