+4 -4

flake.lock

··· 838 838 "prismlauncher-meta": "prismlauncher-meta" 839 839 }, 840 840 "locked": { 841 841 - "lastModified": 1766993094, 842 842 - "narHash": "sha256-p2yy3xrFtUsQzNVogRsd0ofIMakCg8dZoBD4dZ1TQF4=", 841 841 + "lastModified": 1766997046, 842 842 + "narHash": "sha256-2SmSOtkzDd5H+3bgIJ6o7rUzzbkH1Z4YAsiHHOdCFn0=", 843 843 "ref": "refs/heads/main", 844 844 - "rev": "49016464801aa44c044a97d2fe96d0ecb7497337", 845 845 - "revCount": 348, 844 844 + "rev": "2969e5a22668b46310dbb23425846e7291801d81", 845 845 + "revCount": 349, 846 846 "type": "git", 847 847 "url": "https://codeberg.org/spoonbaker/mono" 848 848 },

+58 -51

nixosConfigurations/black-mesa.nix

··· 2 2 inputs, 3 3 outputs, 4 4 ... 5 5 - }: { 5 5 + }: 6 6 + { 6 7 system = "x86_64-linux"; 7 7 - specialArgs.inputs = inputs // inputs.spoon.inputs // {inherit (inputs) self;}; 8 8 + specialArgs.inputs = inputs // inputs.spoon.inputs // { inherit (inputs) self; }; 8 9 9 9 - modules = 10 10 - (builtins.attrValues outputs.nixosModules) 11 11 - ++ [ 12 12 - inputs.nixos-hardware.nixosModules.common-gpu-amd 13 13 - inputs.nixos-hardware.nixosModules.common-cpu-amd 14 14 - inputs.spoon.nixosModules.black-mesa 10 10 + modules = (builtins.attrValues outputs.nixosModules) ++ [ 11 11 + inputs.nixos-hardware.nixosModules.common-gpu-amd 12 12 + inputs.nixos-hardware.nixosModules.common-cpu-amd 13 13 + inputs.spoon.nixosModules.black-mesa 14 14 + ( 15 15 + { config, ... }: 15 16 { 16 17 home-manager.users.bean.home.stateVersion = "25.05"; 17 18 system.stateVersion = "25.05"; ··· 27 28 "usb_storage" 28 29 "sd_mod" 29 30 ]; 30 30 - boot.kernelModules = ["kvm-amd"]; 31 31 - boot.extraModulePackages = []; 31 31 + boot.kernelModules = [ "kvm-amd" ]; 32 32 + boot.extraModulePackages = [ ]; 32 33 33 34 hardware.enableRedistributableFirmware = true; 34 35 ··· 38 39 fsType = "btrfs"; 39 40 }; 40 41 41 41 - users.users = let 42 42 - secureRoot = "/nix/persist/secure"; 43 43 - in { 44 44 - bean.hashedPasswordFile = "${secureRoot}/hashed-passwd"; 45 45 - root.hashedPasswordFile = "${secureRoot}/hashed-passwd"; 46 46 - }; 42 42 + users.users = 43 43 + let 44 44 + secureRoot = "/nix/persist/secure"; 45 45 + in 46 46 + { 47 47 + bean.hashedPasswordFile = "${secureRoot}/hashed-passwd"; 48 48 + root = { 49 49 + openssh.authorizedKeys.keys = [ config.cow.bean.pubkey ]; 50 50 + hashedPasswordFile = "${secureRoot}/hashed-passwd"; 51 51 + }; 52 52 + }; 47 53 48 54 home-manager.users.bean.cow = { 49 55 sync.enable = true; ··· 65 71 }; 66 72 }; 67 73 } 68 68 - { 69 69 - # Bingus! 70 70 - imports = [inputs.bingus.nixosModules.default]; 71 71 - nixpkgs.overlays = [inputs.bingus.overlays.default]; 74 74 + ) 75 75 + { 76 76 + # Bingus! 77 77 + imports = [ inputs.bingus.nixosModules.default ]; 78 78 + nixpkgs.overlays = [ inputs.bingus.overlays.default ]; 79 79 + 80 80 + cow.imperm.keep = [ 81 81 + "/var/lib/private/bingus" 82 82 + ]; 72 83 73 73 - cow.imperm.keep = [ 74 74 - "/var/lib/private/bingus" 84 84 + services.bingus-bot = { 85 85 + enable = true; 86 86 + tokenFile = "/nix/persist/secure/bingus-token"; 87 87 + replyChannels = [ 88 88 + 1295447496948191262 89 89 + 1295245646542143489 75 90 ]; 76 76 - 77 77 - services.bingus-bot = { 78 78 - enable = true; 79 79 - tokenFile = "/nix/persist/secure/bingus-token"; 80 80 - replyChannels = [ 81 81 - 1295447496948191262 82 82 - 1295245646542143489 83 83 - ]; 91 91 + }; 92 92 + } 93 93 + { 94 94 + # for WOL 95 95 + systemd.network.links."79-eth-wol" = { 96 96 + matchConfig = { 97 97 + Type = "ether"; 98 98 + Driver = "!veth"; 99 99 + Virtualization = "false"; 84 100 }; 85 85 - } 86 86 - { 87 87 - # for WOL 88 88 - systemd.network.links."79-eth-wol" = { 89 89 - matchConfig = { 90 90 - Type = "ether"; 91 91 - Driver = "!veth"; 92 92 - Virtualization = "false"; 93 93 - }; 94 94 - linkConfig = { 95 95 - WakeOnLan = "magic"; 96 96 - NamePolicy = "keep kernel database onboard slot path"; 97 97 - AlternativeNamesPolicy = "database onboard slot path mac"; 98 98 - MACAddressPolicy = "persistent"; 99 99 - }; 101 101 + linkConfig = { 102 102 + WakeOnLan = "magic"; 103 103 + NamePolicy = "keep kernel database onboard slot path"; 104 104 + AlternativeNamesPolicy = "database onboard slot path mac"; 105 105 + MACAddressPolicy = "persistent"; 100 106 }; 101 101 - } 102 102 - { 103 103 - virtualisation.podman.enable = true; 107 107 + }; 108 108 + } 109 109 + { 110 110 + virtualisation.podman.enable = true; 104 111 105 105 - cow.imperm.keep = ["/var/lib/containers"]; 106 106 - } 107 107 - ]; 112 112 + cow.imperm.keep = [ "/var/lib/containers" ]; 113 113 + } 114 114 + ]; 108 115 }

+7 -2

nixosModules/user-bean.nix

··· 9 9 options.cow.bean = { 10 10 enable = lib.mkEnableOption "Bean user"; 11 11 sudoer = lib.mkEnableOption "Bean being a sudoer"; 12 12 + pubkey = lib.mkOption { 13 13 + type = lib.types.str; 14 14 + description = "Public Key to Add for Bean"; 15 15 + default = pubkey; 16 16 + }; 12 17 }; 13 18 14 19 config = lib.mkIf config.cow.bean.enable { ··· 17 22 description = "Ben C"; 18 23 extraGroups = lib.optionals config.cow.bean.sudoer ["wheel"]; 19 24 shell = pkgs.nushell; 20 20 - openssh.authorizedKeys.keys = [pubkey]; 25 25 + openssh.authorizedKeys.keys = [config.cow.bean.pubkey]; 21 26 }; 22 27 23 28 home-manager.users.bean = lib.mkIf config.cow.hm.enable { 24 29 cow.bean = { 25 30 inherit (config.cow.bean) enable; 26 26 - inherit pubkey; 31 31 + inherit (config.cow.bean) pubkey; 27 32 }; 28 33 cow.games.enable = config.cow.gaming.enable; 29 34 cow.gdi = {