Merge branch 'master' of clank:repos/nixos

Merge upstream with Ratchets local changes

hosts/Aphelion/hardware-Aphelion.nix

@@ -13,6 +13,7 @@
   boot.kernelModules = [ "kvm-amd" ];
   boot.extraModulePackages = [ ];
   boot.kernelPackages = pkgs.linuxPackages_zen;
+  boot.extraModprobeConfig = "options kvm_amd nested=1";
 
   fileSystems."/" =
     { #device = "/dev/disk/by-uuid/3126fadd-b793-4110-bcb7-577b7978cba2";

hosts/Aphelion/sunshine.nix

@@ -6,4 +6,5 @@
     capSysAdmin = true;
     openFirewall = true;
   };
+  programs.noisetorch.enable = true;
 }

hosts/Quark/Quark-hardware.nix

@@ -0,0 +1,63 @@
+# Do not modify this file!  It was generated by ‘nixos-generate-config’
+# and may be overwritten by future invocations.  Please make changes
+# to /etc/nixos/configuration.nix instead.
+{ config, lib, pkgs, modulesPath, ... }:
+
+{
+  imports =
+    [ (modulesPath + "/installer/scan/not-detected.nix")
+    ];
+  boot.initrd.supportedFilesystems = [ "nfs" "nfsv4" "overlay" ];
+  boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "usb_storage" "usbhid" "sd_mod" "sr_mod" "nfs" "nfsv4" ];
+  boot.initrd.kernelModules = [ 
+    "vfio_pci"
+    "vfio"
+    "vfio_iommu_type1"
+  ];
+  boot.kernelModules = [ 
+    "kvm-intel" 
+  ];
+  boot.extraModulePackages = [ ];
+  swapDevices = [ ];
+  boot.extraModprobeConfig = "options kvm_intel nested=1";
+  boot.kernelParams = [
+    "intel_iommu=on"
+  ];
+
+  fileSystems."/" = {
+    device = "/dev/sda4";
+    fsType = "btrfs";
+    options = [ "subvol=@" ];
+  };
+  fileSystems."/nix" = {
+    device = "/dev/sda4";
+    fsType = "btrfs";
+    options = [ "subvol=@nix" ];
+  };
+  fileSystems."/vol/me" = {
+    device = "/dev/sda1";
+    fsType = "ntfs3";
+  };
+  fileSystems."/vol/dad" = {
+    device = "/dev/sda2";
+    fsType = "ntfs3";
+  };
+  fileSystems."/vol/mom" = {
+    device = "/dev/sda3";
+    fsType = "ntfs3";
+  };
+
+  # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
+  # (the default) this is the recommended approach. When using systemd-networkd it's
+  # still possible to use this option, but it's recommended to use it in conjunction
+  # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
+  #networking.useDHCP = lib.mkDefault true;
+  #boot.initrd.network.flushBeforeStage2 = false;
+  # networking.interfaces.enp3s0.useDHCP = lib.mkDefault true;
+  # networking.interfaces.enp5s0.useDHCP = lib.mkDefault true;
+  networking.firewall.allowedTCPPorts = [ 4713 ];
+  networking.hostName = "Qwark";
+  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
+  system.stateVersion = "25.05";
+  hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
+}

hosts/Quark/smb.nix

@@ -0,0 +1,67 @@
+{ ... }:
+{
+services.samba = {
+  enable = true;
+  openFirewall = true;
+  settings = {
+    global = {
+      "workgroup" = "WORKGROUP";
+      "server string" = "Qwark";
+      "netbios name" = "qwark";
+      "security" = "user";
+      #"use sendfile" = "yes";
+      #"max protocol" = "smb2";
+      # note: localhost is the ipv6 localhost ::1
+      "hosts allow" = "192.168.0. 127.0.0.1 localhost 192.168.122.2";
+      "hosts deny" = "0.0.0.0/0";
+      "guest account" = "nobody";
+      "map to guest" = "bad user";
+    };
+    "dad" = {
+      "path" = "/vol/dad";
+      "browseable" = "yes";
+      "read only" = "no";
+      "guest ok" = "no";
+      "create mask" = "0644";
+      "directory mask" = "0755";
+      "force user" = "yaroslav";
+      "force group" = "users";
+    };
+    "mom" = {
+      "path" = "/vol/mom";
+      "browseable" = "yes";
+      "read only" = "no";
+      "guest ok" = "no";
+      "create mask" = "0644";
+      "directory mask" = "0755";
+      "force user" = "yaroslav";
+      "force group" = "users";
+    };
+    "me" = {
+      "path" = "/vol/me";
+      "browseable" = "yes";
+      "read only" = "no";
+      "guest ok" = "no";
+      "create mask" = "0644";
+      "directory mask" = "0755";
+      "force user" = "yaroslav";
+      "force group" = "users";
+    };
+  };
+};
+
+services.samba-wsdd = {
+  enable = true;
+  openFirewall = true;
+};
+
+services.avahi = {
+  publish.enable = true;
+  publish.userServices = true;
+  # ^^ Needed to allow samba to automatically register mDNS records (without the need for an `extraServiceFile`
+  nssmdns4 = true;
+  # ^^ Not one hundred percent sure if this is needed- if it aint broke, don't fix it
+  enable = true;
+  openFirewall = true;
+};
+}

hosts/Quark/sound.nix

@@ -0,0 +1,12 @@
+{ ... }:
+{
+#  security.rtkit.enable = true;
+  services.pipewire = {
+    enable = true;
+    alsa.enable = true;
+    alsa.support32Bit = true;
+    pulse.enable = true;
+    # If you want to use JACK applications, uncomment this
+    jack.enable = true;
+  };
+}

hosts/Ratchet/hardware-Ratchet.nix

@@ -12,6 +12,7 @@
   boot.initrd.kernelModules = [ ];
   boot.kernelModules = [ "kvm-amd" ];
   boot.extraModulePackages = [ ];
+  boot.extraModprobeConfig = "options kvm_amd nested=1";
 
   fileSystems."/" =
     { device = "none";

hosts/generic/configuration_generic.nix

@@ -24,6 +24,7 @@
   };
 
   services.openssh.enable = true;
+  services.openssh.settings.X11Forwarding = true;
 
   # networking
   networking.networkmanager.enable = true;

hosts/generic/users.nix

@@ -9,6 +9,11 @@
       tree
     ];
     initialHashedPassword = "$6$.r5fJE91KtrOA2T.$JVjtzlFWx.RsTsNmO5WOsi1MhK6TUTKo8K5F2GgG.bAXYuYjGu4sK3SMzhk4oJ9FBoAcnyHmk7sLMsgLbUeoE1";
+    openssh.authorizedKeys.keys = [
+      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEqOGDr8w8p2rYpePF7rDS4RRtIEOBggx85ybERyjngI yaroslav@Ratchet"
+      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHqNEL4CNjvbgCdlaXNo/u+rHu7uPYpL2onEJ12H1bjZ u0_a326@localhost"
+      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINgYswQa7LdwBpNkiw73du4nocbbET9FXKzWtjivBwHv yaroslav@Aphelion"
+      ];
   };
   users.users.root = {
     initialHashedPassword = "$y$j9T$eS.via4Hx/iPNJKAFbVah/$aHFf172uH6UYrSXPMrnbaFkAQ2o8AnJcYd4JgX1/of5";

hosts/generic/virtualization.nix

@@ -2,7 +2,7 @@
 
 {
     environment = {
-    systemPackages = [ pkgs.qemu ];
+    systemPackages = [ pkgs.qemu pkgs.virt-manager ];
     };
     systemd.tmpfiles.rules = [ "L+ /var/lib/qemu/firmware - - - - ${pkgs.qemu}/share/qemu/firmware" ];
     boot.binfmt.emulatedSystems = [
@@ -24,5 +24,5 @@
         };
         };
     };
-    boot.extraModprobeConfig = "options kvm_amd nested=1";
+   
 }