+10

flake.nix

··· 33 33 ]; 34 34 }; 35 35 36 36 + nixosConfigurations.trinity = inputs.nixpkgs.lib.nixosSystem { 37 37 + specialArgs = inputs; 38 38 + modules = [ 39 39 + ./modules/common 40 40 + ./modules/nixos 41 41 + ./hosts/trinity 42 42 + inputs.home-manager.nixosModules.home-manager 43 43 + ]; 44 44 + }; 45 45 + 36 46 nixosConfigurations.bluepill = inputs.nixpkgs-stable.lib.nixosSystem { 37 47 specialArgs = inputs; 38 48 modules = [

+55

hosts/trinity/default.nix

··· 1 1 + { 2 2 + config, 3 3 + pkgs, 4 4 + ... 5 5 + }: { 6 6 + imports = [ 7 7 + ./hardware.nix 8 8 + ./services/power.nix 9 9 + ./services/fwupd.nix 10 10 + ./services/ssh.nix 11 11 + ./services/tailscale.nix 12 12 + ]; 13 13 + 14 14 + boot.loader = { 15 15 + systemd-boot.enable = true; 16 16 + efi.canTouchEfiVariables = true; 17 17 + }; 18 18 + 19 19 + networking.hostName = "trinity"; 20 20 + networking.networkmanager.enable = true; 21 21 + 22 22 + powerManagement.enable = true; 23 23 + 24 24 + services.displayManager.gdm.enable = true; 25 25 + services.desktopManager.gnome.enable = true; 26 26 + 27 27 + environment.systemPackages = with pkgs; [ 28 28 + steam 29 29 + prismlauncher 30 30 + chromium 31 31 + (discord.override { 32 32 + withOpenASAR = true; 33 33 + withMoonlight = true; 34 34 + }) 35 35 + rewaita 36 36 + adw-gtk3 37 37 + refine 38 38 + ]; 39 39 + 40 40 + programs.chromium = { 41 41 + enable = true; 42 42 + extensions = [ 43 43 + "clngdbkpkpeebahjckkjfobafhncgmne" 44 44 + "ddkjiahejlhfcafbddmgiahcphecmpfh" 45 45 + ]; 46 46 + }; 47 47 + 48 48 + programs.steam = { 49 49 + enable = true; 50 50 + remotePlay.openFirewall = true; 51 51 + dedicatedServer.openFirewall = true; 52 52 + }; 53 53 + 54 54 + system.stateVersion = "25.11"; 55 55 + }

+35

hosts/trinity/hardware.nix

··· 1 1 + # Do not modify this file! It was generated by ‘nixos-generate-config’ 2 2 + # and may be overwritten by future invocations. Please make changes 3 3 + # to /etc/nixos/configuration.nix instead. 4 4 + { 5 5 + config, 6 6 + lib, 7 7 + pkgs, 8 8 + modulesPath, 9 9 + ... 10 10 + }: { 11 11 + imports = [ 12 12 + (modulesPath + "/installer/scan/not-detected.nix") 13 13 + ]; 14 14 + 15 15 + boot.initrd.availableKernelModules = ["xhci_pci" "ahci" "usbhid" "sd_mod" "rtsx_pci_sdmmc"]; 16 16 + boot.initrd.kernelModules = []; 17 17 + boot.kernelModules = ["kvm-amd"]; 18 18 + boot.extraModulePackages = []; 19 19 + 20 20 + fileSystems."/" = { 21 21 + device = "/dev/disk/by-uuid/fcff0631-a9c5-4174-9318-c17abd48ff12"; 22 22 + fsType = "ext4"; 23 23 + }; 24 24 + 25 25 + fileSystems."/boot" = { 26 26 + device = "/dev/disk/by-uuid/DE32-2615"; 27 27 + fsType = "vfat"; 28 28 + options = ["fmask=0077" "dmask=0077"]; 29 29 + }; 30 30 + 31 31 + swapDevices = []; 32 32 + 33 33 + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; 34 34 + hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; 35 35 + }

+3

hosts/trinity/services/fwupd.nix

··· 1 1 + {...}: { 2 2 + services.fwupd.enable = true; 3 3 + }

+5

hosts/trinity/services/power.nix

··· 1 1 + {...}: { 2 2 + powerManagement.enable = true; 3 3 + services.power-profiles-daemon.enable = false; 4 4 + services.tlp.enable = true; 5 5 + }

+10

hosts/trinity/services/ssh.nix

··· 1 1 + {...}: { 2 2 + services = { 3 3 + openssh = { 4 4 + enable = true; 5 5 + settings.PasswordAuthentication = false; 6 6 + }; 7 7 + 8 8 + fail2ban.enable = true; 9 9 + }; 10 10 + }

+3

hosts/trinity/services/tailscale.nix

··· 1 1 + {...}: { 2 2 + services.tailscale.enable = true; 3 3 + }