From 9cbea8c4f4b0abb9882905f72a9e37456a3e0b98 Mon Sep 17 00:00:00 2001 From: batvin123 Date: Wed, 3 Jul 2024 18:17:11 -0400 Subject: [PATCH] first commit --- flake.lock | 49 +++ flake.lock.old | 64 ++++ flake.nix | 55 +++ nixos btrfs.pdf | Bin 0 -> 39149 bytes post-setup.sh | 15 + setup.sh | 3 + system/test-dell/configuration.nix | 314 +++++++++++++++++ .../test-dell/hardware-configuration.nix.old | 38 +++ system/vincents-hp/configuration.nix | 277 +++++++++++++++ .../hardware-configuration.nix.old | 40 +++ system/vm/configuration.nix | 316 ++++++++++++++++++ system/vm/hardware-configuration.nix | 38 +++ users/vincent/home.nix | 21 ++ 13 files changed, 1230 insertions(+) create mode 100644 flake.lock create mode 100755 flake.lock.old create mode 100755 flake.nix create mode 100755 nixos btrfs.pdf create mode 100755 post-setup.sh create mode 100755 setup.sh create mode 100755 system/test-dell/configuration.nix create mode 100755 system/test-dell/hardware-configuration.nix.old create mode 100755 system/vincents-hp/configuration.nix create mode 100755 system/vincents-hp/hardware-configuration.nix.old create mode 100755 system/vm/configuration.nix create mode 100755 system/vm/hardware-configuration.nix create mode 100755 users/vincent/home.nix diff --git a/flake.lock b/flake.lock new file mode 100644 index 0000000..095e5e9 --- /dev/null +++ b/flake.lock @@ -0,0 +1,49 @@ +{ + "nodes": { + "home-manager": { + "inputs": { + "nixpkgs": [ + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1720042602, + "narHash": "sha256-KyGlWXEi4xRntmcpDJe8je6MQX0D+HOIHJtvcGOVdIY=", + "owner": "nix-community", + "repo": "home-manager", + "rev": "58268b4d7745f6747be18033e6f10011466ce8d4", + "type": "github" + }, + "original": { + "owner": "nix-community", + "ref": "master", + "repo": "home-manager", + "type": "github" + } + }, + "nixpkgs": { + "locked": { + "lastModified": 1719848872, + "narHash": "sha256-H3+EC5cYuq+gQW8y0lSrrDZfH71LB4DAf+TDFyvwCNA=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "00d80d13810dbfea8ab4ed1009b09100cca86ba8", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "root": { + "inputs": { + "home-manager": "home-manager", + "nixpkgs": "nixpkgs" + } + } + }, + "root": "root", + "version": 7 +} diff --git a/flake.lock.old b/flake.lock.old new file mode 100755 index 0000000..0efce7b --- /dev/null +++ b/flake.lock.old @@ -0,0 +1,64 @@ +{ + "nodes": { + "home-manager": { + "inputs": { + "nixpkgs": [ + "nixpkgs" + ], + "utils": "utils" + }, + "locked": { + "lastModified": 1681127522, + "narHash": "sha256-Eo4dd0AmKshM+A6msQRMwT42QvWGNxa8RjmZ4tY7g9E=", + "owner": "nix-community", + "repo": "home-manager", + "rev": "93f5cb2482dd20e57eb8ca6c819cdad9738f98a0", + "type": "github" + }, + "original": { + "owner": "nix-community", + "ref": "master", + "repo": "home-manager", + "type": "github" + } + }, + "nixpkgs": { + "locked": { + "lastModified": 1681036984, + "narHash": "sha256-AbScJXshYzbeUKHh+Y3OICc3iAtr+NqJ3Xb81GW+ptU=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "fd531dee22c9a3d4336cc2da39e8dd905e8f3de4", + "type": "github" + }, + "original": { + "id": "nixpkgs", + "ref": "nixos-unstable", + "type": "indirect" + } + }, + "root": { + "inputs": { + "home-manager": "home-manager", + "nixpkgs": "nixpkgs" + } + }, + "utils": { + "locked": { + "lastModified": 1678901627, + "narHash": "sha256-U02riOqrKKzwjsxc/400XnElV+UtPUQWpANPlyazjH0=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "93a2b84fc4b70d9e089d029deacc3583435c2ed6", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + } + }, + "root": "root", + "version": 7 +} diff --git a/flake.nix b/flake.nix new file mode 100755 index 0000000..dd35d5e --- /dev/null +++ b/flake.nix @@ -0,0 +1,55 @@ +{ + description = "my nixos setup"; + + inputs = { + nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable"; + home-manager.url = "github:nix-community/home-manager/master"; + home-manager.inputs.nixpkgs.follows = "nixpkgs"; + }; + + outputs = { nixpkgs, home-manager, ... }: + let + system = "x86_64-linux"; + + pkgs = import nixpkgs { + inherit system; + config = { allowUnfree = true; }; + }; + + lib = nixpkgs.lib; + + in { + homeManagerConfigurations = { + vincent = home-manager.lib.homeManagerConfiguration { + inherit system pkgs; + username = "vincent"; + homeDirectory = "/home/vincent"; + configuration = { + import = [ + ./users/vincent/home.nix + ]; + }; + }; + }; + nixosConfigurations = { + vincents-hp = lib.nixosSystem { + inherit system; + modules = [ + ./system/vincents-hp/configuration.nix + ]; + }; + test-dell = lib.nixosSystem { + inherit system; + modules = [ + ./system/test-dell/configuration.nix + ]; + }; + nixos-vm = lib.nixosSystem { + inherit system; + modules = [ + ./system/vm/configuration.nix + ]; + }; + }; + }; +} diff --git a/nixos btrfs.pdf b/nixos btrfs.pdf new file mode 100755 index 0000000000000000000000000000000000000000..6a04d3d5852128f790f8cc5c1e2545dbdf604f06 GIT binary patch literal 39149 zcmaI618^rn*Z;fmCfRsn{o;*n+qP}nwr$(?#K+ytd0M>eDP#hf8{C0-A4%T*nKa$pNrWO{u)QnU# z0F6H?w6yF12~#Ua7k~>3lQt8B1}T8o#>T=>*-%g1)Pb6jo|%fC>02l+q97?j0kAMN zHv|Y9>YH1C3l;24EleFPrK}wc?Wt*~7#XPO0sJO*)|Q6UtV~oiR18c^3{j6+*FtPI|zU!E7SMD|E${7 z+Dbsz!4U9AfQ^oZj-G~=mW7s?k(HK~oQ8(vyL{^;tquPFC0txkhE@juazX#!oapNU zXrZY2BmvY?)^?V<7XKA7{8z-!`%m=0QVD(l4HUJ6*#GR6|Mg2s02rXC<#_=Pc8-Ss z-?mu(YfH$~!r?ngY9Wj7cmxdftqs2CNElifJD33IX&4x|xB&JJ-zUlv$|d7MUDX<^ z6~QZ8du9rV?~V+|N4Gn!&~uc(4*1bEmoq}gf-oH>COexoH1L)UGO*5~=>A zpa&c@tS+3Tl7S{W#gT%d6wQYZCa9&P%#y+Gg>Sm#6~($L1tvJ222x@FFoHzarG^@a zLX!MRfszdlp(|{I?l$8h3ynmrHlS-ggDE}1 zKqs9aQzz9lT?i8E$}6-S-n)D!6b#zrX&nL6Bo&ov!fUd1A4CPpq&7ds7w*P7lc#8a z8Fsn6IXBF~OtGKBpDU4lQS1_n+T;;#;W{4NZ^A}SlasCjRI7$aNdA-1c8<`H!d`!G z9LldWGqD0tQZMB(;Fes6aqB+q1>MZ;}24< zgFwbDI`hsgQhi&1AqUz!t^-+xs_(gZ)umIl6>Vqz*ar1+>?kk2Crih==W@p)M#SPL z26y%K)UNil8hihbYJ$(5;;Dcx)yvP;w$?LExj&4KW+AAR%Fu;QvYTxt#}aRs#b8&@ z3RgPjH738toKJra{)z8Fhu(u-u4KwN!`{b0`?(XK+d%GYgIdq#I+5Q(Y|n#vm}1Xn z_^{r;d3$3*xgTNMXeNN|t|%^M%->9ROExI61D?;MUviE&D_SlPIU2)R zv`I{!+zta)kC*e?1Q9tOoVw;M(=jGtX%W&v+C+)Au(ShOWZfVSOISw}|Fk}z;=_w? zrl3c@oEDafz_6xOQw4vpW(topzrcM-z5%rfa}TSQgz_)$q-T3x#bCeKXEEbnV7SFU z*p3ooBZmXmWCMzjkfzvYWQE9Twe_k_k9&F253EC20iva*`|Cx)*XibERnsBNeuAjB zEz67MtJ=w!EF$+@cz0RTdhVs^^_~-t*UIUaHy+W4dq&3TYF2Ez-gg67YSS$;WAdOU z(>(rpF!WNeFb&EW*K#Zj-H%i}QN6je#Ml`5v$>&Itu#tsZ(tj@ZdklA` zXeeY+o>Wez(BeNMWKX69+;#tQjU$+I)w9?C4peYHRMWB51c8TQ_%jS>E`sbLVwUlT z&o*0WH}@S`Tf|vwSzFbb`CZ&0^JzAHF$TkiaSo-~l+AQ30*OqBmF`S+j+}3mvonY@l(L?Ko`~6C!p)>Y8`b?+ zz|P<3_8`pOZ8*Wm!j2I;c-YFtxFn~bsM90+B{jv{0Wrm9fwX77 zN}LHmS(H%Of0;m+;Lj1`+5!m4rDBO#WgXaD^k>Fo6?TuW8TP!X8V3Vv{!Phsv8)j+ zja}tm2xBOAX*Q`YZz8&cskGcZSh||PXr^NzUxilf$wNjgIt3)KEkN;d$0K`iFV5?q zwWlBl$rY>Nr5^3}vg~&RfXOK>{NT?$y8b*lgIc7~WL1WAOK-Z~HDCV}ciZO+jl&AWd1BgrPO zHa;M4=tmNcWo=He*BcdBRe)7N)@Ut3R&)jB}yhd3J42(B*fr0RSEXbnV*;9vCex~qDB{kkzTy~{WBRM8TArM z<(`@t4XTBNB;};WjnfWJ+E@#QL*c4L+E`E3X4Lzck(hGehE%(s@o#MX)96@mi_;zx zGj&gSKIUSeYRjsdE^ZWf@Q%2@&JDArMFHF4*cGb!z;uL@)^ECOlJXWu`i%*GVgf&G zcLmU@aAStdK+>faz}c|NY~8t#_G}52z~Y3>DBiq;W~gf0;W@S9nEupK3GFPELJ&tU zpd~_>=XEq_;2woAX1|zF-sB$>Xw&BGr)=)uS&~p^({N9aIkE-6g+nYgYD(8kfDCD% za(0$&w!jgl#?p$12 zTlL=F{(25wJ0_b!nygWN!p&k}IQ=7%|2*#hhfV1IiwX*^HiiId8C~OVLXb1Gw|2DC zH?#+QgWNYO>B}2B0M!2nlc*I8T^s<^qL$x6zW>zx|EWbap{NC29E9Z^{?XI-RAG9+ zKl+h_q84TV{6ieMZ{ndAvbJ*gH!8#kVEo@vAtnIRe_G4{=Kt0GQ%V{dnCkLby8zT_ zzB`#{=>W{Ebl*<+zbzPAIoJdKq0YB;`EMA~caYJw`=8ElV*1}Efc1Y({of?^@9;l# z`rl~n|Cw|AUePyPiJKbO1JwT|MNad-Y)1Rf`TsGGU)Mp`!rJ(sALH*N{lDDM{y!-A ze_4wb@J*47Oy8mZ|L_>kIWurmy69yYnf74qRz#0*dpm_kM0ZmIoz`IYHq_BFM4)UvLuR{X_ zjHOJ?en1Q_XJtLm*>B#W4@^;QK*%g3b${JdoZKZNd#J5JciYkXRHQ0$8@}e|(PP$n z(Jx-nL(@~-J>c$n!fX~#rFEICEPPFKLv}~@w+FdG7fG(TKM-(lyIi}nuy~Kwf%~3X z_tL>_zENe;b#XZi_;By+uhLvO^!XJD)=DhT8LUM0ED9d;gmOvmz5tXsIyE3;2G2blZvbX-1c0c8q~ z(G2!ujM=x3KU$J0(WBVbeBRHUYi!uyq%&Mi>(f?wNTN`M{f9T-@6nV4+^L6rlQA14s)0i_^KAI9(cyqHc;5Xy`qn+9|Jtv`1*I_btdJ z!m8q_uHj4ufvbYzW712Q&&93I0K+`Nc5SjmDU+h@2j2`LW7GP^3AQ$?U@q}5zfUm! zX_lE~qcRx@mrQ{XZfmuMYPiudgPrjFZZvV_KMP&~(D zfacv-fpsS&)nE(wfDK_0G8%a-wPkY#R_kWn)%`)#{Jdb7AQiW z;rDX%YTeybw1eg$Q*?MmKELF&Fl5sd~t2oa?vGdksAWrpc>}<5Ab%X7qySv-XQVDLkasjWD zpUe!7;hgxpWoZNZn$cuEy-*rO?XCvsJ$-dZS9aYY}yWtL*e$j=S&F%mO64uqW*A1M>0% zxPjgQ8t$Wzva+(^h}rqD_r#@9WIi6AJ;?Q6P~jrxW=hi@r0aBqX0TOLoZ>nLKGD zTRxevvu#oh0$5NEkAUZ#2TNSpkIB*)UQfJ=Y^9I|8U-W|GB#{w11AL>m1ZqcqnGoS z5_kpR&W9}^F`k@{bZGk`Lc9K)TWp%R5z*ul-4|9i3|L`$`qU5+5L-#xh>!WVO;ygM zhFP8*-Wy%NbN|@kHPVFv)?u%%Y|3lLN`#a!=9xoT#T$2A3CCt0LJ|$^LdS}N3k}g* z7NuE_s)DndzdyuowH`bqqRjX-y@>~s6u8P+#4NhxHE^k`v5-oz7;8tBJ3Fa*)<$bl z*9XR++eQ%;7)*7LkBT6}{<1dy4y-FGr)w*n6@CGHhL*`lTPHI7Ni>7KQ4~o0+hbd? z`1;{}ox8Y9`k0XR{;r~zGP8Rf_~c35(xv0_`hW$S0yi^Si?md|q$LxShjL{jg3lWo zT&w7{)%_=;FB84LYf(iVFMQ$B1XPtNMv>~u*lJjF*KVATa68qta5wX1 zzUtdfEJ93UZ_{a6KPFV}s5o*jx6ND;)6w4$gtvnWS-^3mXO=`UVf4=)uEA_$$Xk4u zM>}dw&Rr`GeAPHkE`9t9n9&73_#`b<&K+xXamQ*F)^fof_ZGsO&SdjYr3Nm;Gl5C& zyXzgmZuekj2OXU%&M6FoFzia%vkLibw7mV2w|_#$aLRe_ZrqV&m>)e?b$TI z?Z$f(Y|WKltMzmYEBAxvOw?mo8LS7PZX@mDvl@V+OSjE|-CJ4Vt$uJ`uV~R=OCOr= zFj;))BND%rX5k!O9^mdwg^^|s=?iJZ!mmR*_hg3x8J`kJ?wj3Gy+ptk#Lw)0CbXq` zhj`1U`PFxV9`-$4|MZZiD2R!`j~}M615*{ZB5aOd8bP=vx{w~4ZM`RC4maP=I)vC} z46@#>Mp*p06sql{y>=zAQ3K#hA7 zZ@X{TUWLCD?>;Pb3%?THfrXbHS3TUk&u*8Lmn$N8TI7`$r0hdgAbv98K+YMlgzyUU z;ahKSs*!Rwk!Z894ve*+_I*ctYms(A^-hV#%eD`s>}Ap|z7Dyruo0UVS2pLlTa|ut zGH~)(hs-=bQPV+zO03)(OZ5O;BW=9<%{1}$mA2*;2 zW{5K!9#Pzfwd-Pg92$`yE_@mm#j5vpo2NCN+jRJW?Yl(Oki|4B=|I0BzE#L=hgiHP zp+T2C0<&w@>Sl$|oUzs`*t*mb-6Gvezb@@E;6izIF!v0PdkAq8|1$8t@s9eA$`^TE zcHLTnd=zfpuXK|whg+J>AcsM;Ack4^F}s$=mN0pwgUeytxgi~8Pu^;0g}csk=R)G? z-|2hHfnH?a_eYFuLv(S5d_*fP3P(wMHThSte95X+5%sL){jcx$Km>^fzs7Sr5Vb-R zz0u+kKUqzVvU^)Qd?~4s9`?!HBVU7Y__XD<*_5V`62~haTX=Cw;=B9a!qIj`7a&R1^peSqZQx}U zT;(Hsq%8Fgt>?46_TAfBp?Qm;NgD0IwjeI@=vxp`pq4!|k4S6}yZpQzl5NxMIk@$b zP|i^*<;`rub$;TV2l;5#P1)laK@YQ|g=Or=cG(DW^AmXqmb zkvYq0zBfBENkMb}VHG_QAg-T|2mR2qx{SQMEA@=U)GJl@_s*_iL*DktLm~(Y`MyR5 zVJz?L)qk+SopDs|B$)G9tfxaE)KT76I8NMDbca{D7 zK?$YI2qS;SIq=pF1H<8i`I^OmYVE_{Kz2xd5?q)gdg{a&s)E!V_FfXn#<6sB$Igi^ zvr^l#zyWpV%#}%gDgipuuY#(Wn@*v8d_vK>hjzkJx+jwu-AV^ zuMGiwDw?7RLol?I)}-Ykz71l59`6;5=+ODh*zndW6)&6!Oy4dC`Voex`BoyPl^PX_ z-+GatA$jW1VA_fh?|}`tWl9yJ@{;JFLZxRHAl0H~)b^R3#I-670^wpQ`3E%Q6ZHP;Jv4JMmqDvK?@rKt;b z9%G}6y)dwjEUJ;uOdo$9b|n}s=P;z@l1b>r{Q`q>lsF=hxb~5ek(_1|+eDiIx;anH zxDR&U4sz##5uUOwkkTyZu#1*IP9V#*(3XEUtRV6gqeJ4yVZr_qzB&6b&p-s_aBo0+ zU4acyC2t(i`H6>X253;BrksN(XHKv*yZ`BQ_u_v3PU>-1)=sd)SK!gfRVdwzP^)B{KI-Nrr&{M6Y~5Tc}E)Pc4RId84>DTDwB)D`DXB)c#@cb|GtGM$mNK{>li1Y5jxY0(wBG|4>nkQ&LFy@?q|;4x*r-_;D}E4|7l+ z|XzuU~%czTfqxp3pKT;ig}M5tBCqE)Hv#lh~*!!dD;AWhk`Zj@vO(`xx)nE?}} zQ!wo#a(t(Q56XPxM1`J*MoL0#ho506?e@ocjUEdwARmi&Xcp6aPb9o2V@+FJ|DF&B zO6wJF6^Agz1sGADha=T#1fU;$26lo@U?0i36 zrT-3Ko>>=70o>a|Skc74zgn=M?+HcVdj=IXN<696#FFg5s{v`P0&AC^fY?NX{JFF~0u|r^Pumi`e7W=Fg-2p0L-eZB@4mVtxti5up$iG$Q|cAuI(6?J>f66jv~+d-!hg zr%2eYZ11R!Reo@a+(^j03K``OO!{~VqsZ1ov`262=cOm`n76Te@V^LhHh4@#vyqhC z1up6%mXx_99Ut){l`*6F^Rf6pV*y2h(*>JP;L$;aFWb4%I%#XW=+V)sYJ8mS5TUW0 zjazU2M*&ad(&U1-;#2XPPac&VrZ=7btkLIBofoZ(Z(>sA;PzQijffJkuk&RP9D$od zu%(L1dOg^bo8>BXTkeI%G0s)OlqJ!q8nXe;2=UGiCV9>@P0EL2Do{S>o+P zH)!$88W@PTi@DzWH& z6ol4_cn=h`@5fVk$Y-L`(2#*aMCRon6ZIhkp!*Ulx(jrjvh_J^0mCEbc*;H@A^?v|Bj4 z{Z$*f^e1kVir;Yd%H-#*K>AhYXfa_UQfWWDIDRVdR;tK>QxSJ6TMm!vGEauHD_0)z z)hZ^HH`=JFSf%K`J3Qscal;n0cXWytrJs3?3-bWdt6NuW{m_8%_@b(r(~hIBdHQs!`Nqxn!d%v{BGi)Y2EgcMi3v5in-tkdg>w~k)6K&Oe7=0|Th3Nt0R@XLAKvo;d=xLQLBEl1Q& z(H4}75>BK9skvH!kST+`gkgije1F+STtKU%h1krly(^oht9b=wR%&GG07d-XU$VM( z#3Yij(6BCzuYphpz#7=Z{Rk&voEQqPJR_=PC6>4>a)hJ@h9mq0krM}l;vQ(aND4!y zIX^a2zp2h0Cn_qXlnf*ng;>E&@pWvG{rNG}v&1^fp$`GYPb}d-7*Vi0n3|aH;z%I# zF11qklLsmguhVJ|^cdKAIQJpoGyn`m0c{*vAf!C>8xjVJi4aj8-UdEIJ-S`hd(+Ag zClMhBz-LHjGqx!zORP{f>`cBMR11Q957HY@q-qeC2=9G<=_^QqFC4AUGxfdwdkC)x z|1UhR=ufR5wU`A2PQmbcMPa(bA(_57(=fE+0~W&q`vSq+g@sjwt`=S0sX8Q5M^J4w_KnU*s(I2i@5#SrbpZm)eO`%_^*9KX*8_*w1 zgJ%2tSLg?bP&o@Yl@JzmVyzPzL?8T6ISWt_fl^P%GP4W}0RjnrQy(E(paV<`)tO4j#2+`Ny2THV?r(0aZY1h$I=6pK5Jak6ub-3+N$$O7I;ksYj## zfCl%5uI2ZQ9dfk~Scozo$gbiv8aoiVf<+K<$$1nWRY6*tUX+7|38!FG_vA+8|y9k%|;8lW30ACU7J+XFaNQsw5Q-j% zPWW74a08qE#XGwF+@;UIIQ*8uqwzn{ariw@aD+Wzodz}okMP2tfzP8lK&Z=}5gP!V zzufh#`^alhZ{W}QJ&+#>I>Ds@ov@W5*4;q;ePlSk{vqDJ#qe7J#roDg>LJ#>Yu676T0HMRwFKVLw8F4`^~rF8mGy#mkXQnq zN!!DoQ^QEM8T+Sp9Q(U^FhjJvW0x_n3&XT~wBf&Ctp~M&t9K~-traYSn-RW%t_HRI z-B*9rNPV3$JG?4)O`m9g21$MGqOyHhd-D`$ zAJ3jZQ%|2{e|&dJEPU5|#olG7_tH~yC)s6eAM%RD-fme^U;E$sma@6%a<-3W?;I)b zuP=hk&qr^^*MB8L>PxzL?#tfs)q3URYvEt%s+!aO{PLALTDA^-t`6`o$(NTQsEUZ# ze+lb;?vCJzZx=%`ZbN~Fv5UXN*ult5(T!&n7BVWM6ikYzC{0b>X!9o_N<=)Blw|ZD zL_iz@=XX<%PEf$T0rFk7*}@Q3VU<^(m8H{QrLXvKU{AoG$SeF)EO7FNbd(k~l~S-@ zkNR{WexA=VYbD#fo=9CVG&dGJgu6LMI(zdaSEf7K5bVPwW0Q}cUE4B^*8X7-a>9Fa z+7+qQ#BgUI5m|X_;{_T;@CriMa47cGY;aGF3T*dwXF)3dDSAF)?(Q2 z(zsdtwYL>HKlw?|dd3+aRfz!Apd`W|jIT_nUKT$N6liXC`qd%fuS0uAN_x_S zWsBY4CW92VwpCq{90uBYHKs-_PFt!GFUHG#uGbTLj0-eUERTx%=h`UrAOu=&Kk_92BO1qrajFPm5Ja zgqZ}PgQGPz&#bjl&Z106UGj=H$i&Yq%jYQZ=3sR6Ov_ILN@t>(B8d_BN`(l_9ohVQ zOcZzs=GesR1Jz(>Gj#wRYM|LgiT7b94|R*EGu6`w8@y~d5dy(P4T;D2b)h~}^EvQ^ ziBaCYB=e9Hz$6W`neOAB<=DC;w;-&$$A4s3HKhu%O_i4>Le*>l!D0z_RLQfOol3*7 z)g8AljVrK8_otAFvKuL*CZ{E#iqiR-wkVcS&c1`2loS*d#EG(;NsfJWASTA|=FPHW zb_>dxLCb4zAA*B8pZFlBz8_$MgX_SF>&bzws)9Gou?x_c=DD>=G@=Ad?%BY*%n;** zJmbx=4s@l(6D#Qw#J%yEd(MtZkPuT|?t9y@&UV}%Dm`6pP0Zf!711MON_{#SBIJ?73urn|ZSB&PC2IoM1Riu<;i2@&Z2= z;ABgPC^Y_6@BJenX1QldEYPAYCYu))(pq9dnT>4>uUqZ(WQLC{h{aUXl_!EU5*gnr zD3?|r(lp5R{SyTpvsB%>kC>2yFaC(hKuZ6m^p!Lp9g$QKAa#7$`$9_UnoI)G+DCEl zAoVVUbt)ob^%YSVuJc}=q|TVA3s`l|qY3>_*0T0bTuAGDu;U=)ShnO)73A^-OXoIM zt({7?w#f-@gDq>1nc^tlTXKZblK|< z7DperIA`mfSB7*q(wSS%IK(gg9l^&|r|%gbMUPhVsMsx^;0-Dy0&Yv`M{1^pa;BLD z5_Pw1o@7?MHSD{8`w(YaJgEG?-;Vi{wgW6-KP2Csc5{UWUa<0#abIZk)pqd;WHA+QGA_c zCCId6osowoBnqd+{KTMs)Huh?FTWXoqDV+aPfk}dUrM!NbMK=$0nCZCsYYpajDsk|C6^MAR$Ox zxNJdcbSsIW$f(zExod}#YD=I>gF%pmPc#uW6JBd>tdQ+2vts#J@FQ8$))DwrthNy9 z*?Ib5s>^95w>iiWlbONkb;UMWYWP;!i_fWIlkR=do!uP@Lb$!%!PruO z)T)^`iO<7;u#^DC00}{qJXFX}wX~E;N@OB#18-@-?&sh5%PI};VLra3+S9BHMoT%p zsVo!a)dd3i#-BD@WY~=)G+9i0c{^#Tse|&8z$KRb*qI73Vt2b16F&=$1Nb`b-tI^E zAJ>Q&z-Idm$~Okr78c-bn}f}=Xe7K|M#12s(N*V~?KewS=&N5J58b_02(TD9A7vbb zW$|3Q%3kUijj!BF@4T%@u1J%$xOI8tRbR$^JjGhJH($ZLv$)<%R9H;~v^LkR zJfA34Jz7j>lv~oNqC7|3pS_NSQDPE?Vd{7%9WXRfH(*jzUC2mKTf*ss4HhxX=#S8h zj29m?tX1YdVAnFMf`5&`vEW`dZM_&YA7uu&b)>$_GE1gLx?E@pw+I_~A!yI*|Kx5N za*=d&2{LkW3H7S{ME-ya!tFiu^B~ws%((Y(ui83IS@-01Ufqb-r(m>Vu%aJ~=w;fY z+7l%(W^iM1C--F0vtQSHa3TCNHGSyDqWMHR`umY{LWzwu&p-fB5a5xUm8*$|H(wrt z&9ynt<29Ang#WiAD}I@O zEU#E}jgqAF-3f|L{Zf(0g_eOZ4ajq=E zK*P_Hc8mR$pQjub*)Gy^fk2ce`H1Eibx**ScZ_cW&v53lfzP3a7Y!}9Dr6&VNg`_( zcC95RCIlbFA`gMw|0K278>cHaWZI;TvC!e~T?ScchZCMVgWD~S(F~D=4Fx(&$Fh#? zdV1pv%~OZ7-e&VOuNfITX`St5Mm2%!ycZ{YrQN2mJO(qzF)h*f{pU=DZ=3dtB>LM8Y<;Acbto5LM*F1b6_ z1~$3`@gw`saA6Wwj`m4?{2~YaG)&>xDrk2|AiiOEX}ee5P?tivP_d5nm#K1NQ+@W{ z-u`H6xF5P*P8QlOe?4={bScK?hGk_Y=CfFel|nKhN!7qmiX{FzKft4ptTIeAry z#Y~*Rw52R7{!RHMw!*LxV@Y1r0h8FUE~AURo0@}donrc|@!tDLz-p-=LT5ZrN}NEE zX#oD4QtD`!0G=V;FU+oA;UU`EG;SVO@uQ6p_E_$1UCe9qE#-T^_-P3ivjxM+E4;l1*u#(7Jta4iGB~k2g;A+n zy^jvYoGMz~`&QhW5v)E+KIfnH!5Z70j;E+`JTF}LRf#SK6%r~8_E&~tPqeNH=WI19 zWyquF7VPZZM+#?Wz(} ziF5H!vHY$L_2AeEqZ3tdVoE)b8sAAi47Nm>ry(Zwd2_J9taVhBB0G8xmG+9)%&={)+6NhEVWeSwB#R>WfRk8 z`CKK(!QZ=hx+Kz?2XmXPyxW_^{k>J?Uq4J~4nFDTvjQb*lEjo>sT0f@t57Z>F^Od? zZQQ@I-7ep?a2>cKrx| z!`hHgfHRb??)6xZpK)t{Nw2AP$DS-6=DqGi&jW*y!i6bE1p7!t&Gu|sm8qEoIS)csu%c&vCod6uc&E#73E1Xbc}Qv5^M?hC1b-bT z_wdu7n|j)NgP_O&Nu6^OUXHEpHB7{ zp6cwxbJ*t8xb}UC*wVY5szaY=2$QKGkW~@$Q8COTYX>Fk#JKU&BZ$LVt-MxA%|vxk zW3;MgiL%aO90vxmZDBrtLfVxQ{D805o-aHStoNet^f0}{io4&Q30#Km`WTOlT51Ab z@+^$XH0p;5-F5ZluG$S?jccv0Hap&zg5k0y5BZIw=|cNy?Y??xPlwGBk_n?wNk%h9 zuDN^BV=;#)7v#c^#cz+yQ_gfphLdSG!b=5Z=-z3ziN)YT2mwI_IYlBA3F0sWzZN_iRfrVFlyAoZ*A7qzm|vU+kam@4pLXHW48oPj zZLp*TW#bHCHit1JWe{i7QCSLpkr3ClOPcw!&<-!ak#l%8GqTI#B5QwdtpXUvlxi5nh%B|@z@NP7zX%`oF zm9;?|mQ`+T!{rDEkshR~iQ62HHUnawll$?LqFwT8S8JHd8wJ2TP9?(qIo~I&oZHz- zE0th=5!Vq$$NY%3nHlNRcAUhU@>p-x545>1E*5F97aejq?WnLv6zgXE0}fV}V8!wS zm@Lk(*Ta`I;eGR_!MNHb4Mky21m3wy^crd{Kp&VJcqgITH4r>kH3X95l7sSKH$Aqo zz)B3&EYgx^b=o24=t81X+^TP|in&3Y08Ag98~S*>k~*(XggD zxJ^t?+Z?y*8MRH!Y)gP_3p@c0I)VTgAI#O#neFwZ=Uf&`y11$LEd%y<(j0>1P*{~- za{5JGP5p+MW+xH7TO= z))}-C`_`R7)a+Kx=J3?#4$Sz0VYR8w=y^P<$K^0~JtAKYd%3z5%X^i^-1?mK#%5JW zIhGXJzBd^4g!K2(dYBTk9Yqw8g*Nn3K`n8rg*r~k);LZe>taP~xcdOARg!g=J~grRyb!Jmnxi9Iih3F2zoM5~T6*MqW4 zrt{H0?8!lNot<|foIS#HYxXhQv09R0Of6Dr)-Df`E?kJ2)|3)5$gs-5I=r_`g5*iG zh3JUZ;({}ryKIeCZsu|#gT3X1m&@U->NZHXRoRJQhVlC!qOO<5sA8GZ(dnQOo-DL( zNbjh5HNr}HZV{{sbZRAYqp*6$G>^h%Ig7K4Kgwj3iA{FGkun6)N@kReO*2t1y&kTA z>9**$m^Nw?2*>htQu-s22hB)Mj%*+JI-Ih!%%85~&;=*csA!c43nA{@#Xt!KZ*y5^ z&(M$<#+~W>!A$kp1Ztp=7@#^d##MBwk=JHqN;&1#F)!WZ2PxQ^J`QMm(Ok=D6c25q zNl3wlAw%3}V;r(vm7TU4sXcfslD$1QY9}8-D9x7|&Q&{_0*PZIFq0g-W^Z1Xl;aij zTrL)tK5u)=gKN$jGwWTsZwG)&ZCLEOv_|Bp(&+$&JWk4>xUHLFoVuK`ZtJLbE5IHqkR(rs z;fYY6dWLzot(RvBQi8@zd5uF@6f;4vC}^1{!VLm5LJf|qMwHc>0&%w{Swugt%c+u3 zH7Rb*xspx|Qo|>mYvU#@>D22I>C##H#xsY?8lRA@vl=glGX{pJvRi1^-n-)rqd8hi zOr4J`c1|Ahg)BohoUD&l&Vo>!GY&4@KVFo#Tpy<0|E!kJ__-sz7zUZ+d)mi^^v3_l zo`TySx~6{?Z2yzaSSQ3pm}&@OgOMjs0;SfvMhr7k@DeA2C`tcSRH=u4?~z>T$2ENt zcs>WkMA;y(FdzpyN^Tx``u4OMcz)sH5oBvF(YsOen&nk5PNF$$-R;wvtRnw19W~f9 z0B7`ztWtgXhKc=3eCBHrXGg@P^SamM!ApD^2{>JpdRC$TFIHadQM$KXB3W6Hd0QPb~sL9#KlXk-LB&!?wOdG^Dl(hLteO{3%>(B<( zOd#L`WqPHs$|VjeMNU#x?jWUS zVkP2EMh&F{r-w?$EXN89TPIo>lzFL{usu$S8uT>}`K#@%1ovv@O0H00l@~DXD5Qds zq$~*7P<7{(p%rH|T<|{+iEehm5;X}4$Qc1D?g8Urf}(OPv=iI*{_B!k{DnrFltbOx1Zha209aw%%R=;?`IPshH-uSXNdl`IVgwJha)DX9+7b0aKP z*}J5Bs5kp|2DH@5tG&h4C6=_j2I@9@(zV(>1-^R6F^4o>?gi`>wiw>RSeewL+!yGZ zqq0AC6N9%%P+bqHDyZB3Z2vrjRb};bnlo3=Yz6D46k>nr(VE~I3d+w{{T+8(_J*I8;_C*R7_858YA>8DJQF+ zP_k7+i-b{RVwN}*Vm@!Juw#$~0%Wh1 zbu0GnX*Z4Y6q5R-M@2)QJus>wfV?yvS9<4Gq1I@;)mdQEJdeGW;Pvn{ZHgJfP<{6b zgUt+cwxeg?3hq2%`|$OL)ANVMIHn+G$ZMR%`N3r3FU%DFl6od8RQ?n0!E`WHc{9eFx4!9Rmyv zEBMocY-606qP)w77;@2;<{s*W?edk{?1tM3k=8ZSpJrroEst8APB*%5h3+hKQrUm2 zZ<-*i20h2&h)aLG7Z$K>0fYzFLI8dB7GBMeBxl z3hv2!aoO{AwbBsMuf%G9KFN*tSg*P54%D7;3beEpRs(LY_tlAVGc4VQ$#Z2R@0)TjP{`;~|$*yAqQ&+&CP{r26S;K;$RlXc349QQ<-$*y~e z*j{5TkYPLI6;X*FUo4YWC5U{ym<=iVZ6YVQfa(=x{Ct32+=4fCiKN{$Mgm?fI#ets z7MeOAK)z5;1UO=3P5AC!FJE3tzaeTlyHVig({Q4-fKA^~fVIC7{h|BF^Q3N89YjEC zqMsa;LwSXDp@bNc?wuqKDiA0u2F)f}X)J)qWD<|MEs*@%JJ+d*D!5U&UWI4Ia+44;E#zqeip-!O!hXYOM786tpy@#kfmy*V{=lTl zpv=g^-8F%OADI+|s~?K1{i*?B&Gp|e7IHR0!#+r6RmX45!bfgx`uOR85Nl+tY335< z3m1AmrpV?=)uP&DiiCe_EaVm$FS#$Kq2*_tVxy$6P}GGi0t~WcSCiBo(8Tpg>CqzY0M@P*{$4L7r5Rr@N^qUHiWTg?u9Xf13XELjO4%5q^0qArXEF9qUicp#JCV zP3&F%3d_0JeNJ7(($MOUG*H&S$mCP0=z>S~^V37c;L~tL%2waN*2K~XkL+J*pFuf? zKh7~0e-@GUk6uvek5Etz!1PD3M~g=f08q31nYIQV0{~BrnVFfIm6e|Ek6Q1~gPD%@ zv-xwGHSic&@YGls7^rDK7mf}OKu=Fi#|&Wolp_AC2fTkK|GWL~s0JQ03m!8o9upHY zH60T@10x>bb0AE#wEu|wyY26ReU9QE(ZApJGy0iH|M%;^ho*t|IXo7Iek1 zb9lT%)PoLY(MSC?KfjZpWq(Np9>k_~3}{m`$Z*i78L?MFlT&Md$i5*QRo6s3!)hdJWD#B*?)P)pJvRq3&o|5c z*(77~7emsSg0obVyU}H?(WD-Q5Nxn!QAN9}u5O`)Y9pIH&m{(KpJn}jDJucX zPYa(vRq%K5PznF*Mxw9tS9Cmh<}Mx zKYfmv|J+Xg7m+Fp9o_%94&q%QdF1C8t~QJ^?GA?9GNEW0pkSea_4#|{Bf7-VxCG(T zzamS^-<3pV6|3Yt@e7E}h+3&87n{JO1RI#HY%cPZsy(g0m*yMXucxN8pZ)&T+xR>A zYxUsy$D~eX`@>4)y{6fvj2}EN##|7136?@ka=Y_HgBbX>&=*x!14jjH)^SUp_sFSD zRs&C8Gd6BF4&GN?zof&0d5KI9uX#wG`GS z^4J;aH%vY0M_bU#0l3%ae^8_@usjhIarKv(1Mf% zjK8+P?g<$Y<=kDM_vSK`OleK2*A>;)-rjh*dI@EG9E<$4=yc)c-_#|R?5DV*6C9xQ zf5@#!teR1~N_7&6e5l+jRnuA^ZbzPWvUzv`aw2U^H9H)D#!~~o#9tn~@xB4M zK}EV7R^ljs6i+UL`T_VpDbF5j!Bp;?IiSV`}`lc5uS1fOg)i}9xl zd^v!JRrK_zt+Xo;;)I;@05>GU19BgoY%tf%UAjn|RA3O0JsJitf)ntGd8o38?apx3 zv91h|eLZ8DG3>%M6kG+q2O8&JF^^=$3K6iGW{xy=M~CU4MVA0ktNeyO$y09(V3okjx|lE{z+W=`ylp?&Y=q(Pkm*nKa2gY*UCXC4&A(81x4as1d!sJ*R> z1oEgNPzOJPe|~szMmvXP2+`!W8-uxGt5W3fl}^7Mnb_YX9FtCA9;wv9VDqU>yH>?> zyGHbIh2|?lmOSd6IRl2Qzpi|D#{KoC$s22p7@!UnqY43kK?G4%er96B(&7V~Gpp=< z(Qh(ln5DzOHt8{x@iHC&o4pR_h080n)f)dT$!eN!4306-CFOAnW2-6#9cF9xmmASa z@MyOY266g~xq{uOCixz99mG0hxeKRIlfikp@ca{}bQ@@!14CH{CjC*;(bdlY!}$BY z?`s@^Fk)5p8fH(Nc@eAwL-=M~;FsXer7}#KAq~0fy5UXG7X4gje3<>XY#;t8He80l zvQD1;oHOs(OJmkmZrsm@xMB>Vo9KBKQb(@|Par1Bkg_3{z6&|9Mi%f8UlR0fEOPk3(j^bxM9kx`Tc7RFT^zk56_!$!QcWo?E-VeyJ7gg3 ztc10{wGb{j5LxG43qOLdI-FbQTM+pVuGA-9?CAX8?C?HO)u-d7k(Pb*>H|_4{sN?E?(iSPa-4RTy zhi3;ETI!nusF#Pbpj)6Tp#2COEUNmSG{#lN$BOQePt6u%%N&$jCz`44u;CYu!#vl& zmwls_Cxe7I<_J~*E2sXDS%Le;7VC9hgLIhE3d*WfiE*Z0?;d5huaQ1+PElpqZ053H z8*~3fvjz%s6v@YZj-QE zsUH-!l2;E7349u$^>nM!BRaAphKN=6PdbBmg$Y}^OA!`ec4@qr@(Y^p%wH_v1eml?S{Ue zdKOGamM^KB4l^g7R5!>cmQxvY&C)(9rRA<1&mEXh)QQ!VDW(=<=a=b(!v(ZH`wo13`^ys zSf~_wy6)dTi_vbP=aR>&2ngW844<0nZ&a1`Eb7Sa(9u-g>z+2`6csZw{-t^%Oeig_ zy69^HRyYq}oD;&Y`sNC4a+_zR>fy1-%Z7>pKGpU69y*BHRJe5TK1i`Dgus8k>8r@- z$@Z*2f@6w&W&p{&*t$p+uwzl=)QrSx-ZOaqy#`wTU_g|$k&6nMGFyZG*ilzeG+_Yh zCR5pwWM^d+o>x&6K>sR>9rR#>E6YoAvurGk>$qK3E+&>E*s^duZ_$K_?ngc^^)73| zuZ$TD9ra_#SpCEet^I44l91=TR`-UK9 zuURVN%Lo)ZJoUUkF-dfYX2Ca>#DQe^6pws5PAL@o6hNqMYi6`4u9<-+V2IOfb}51m z>yfE$%_%8h!-T;+LttAv6-hl;RSn3IL1%w68Ku>NOAt|OF_fN}R#h^49xiaOU}J2i zm(Vybu1JA{iv6Ly%I_{AQQGrdXKf{=)AW!tY2NiTXWddbg({ibiV}G|Am@%q3}ZLU z7Fl`>`puDJv0?+FIE436e;t}XRi^+iY!G<;&gSvwf`o);hPwg$X&PR*1vXY7~SU^tMOLt{h?x?R0$?|1M@i*|-eV4UH_O<5= zR&Q<$K|B;V7~!S!0$t@*lC0sW?|=vx!Dnj5WgEEf$tKyfaw0;Kj^RmS$HIDx!Vfp1 zutyC|L`z79v4IM1?s(Vr3flw2+8PYSx*RQ42VjA#v-(r5whVkT>ZsC8Wv&4fWBI?L zv=t^nv;p=av63gooFCwEK3-p4DeyFsbp>}6E@;0Aap$^8PP zk>`^tnJ5qy?fD_9Sx+SE_du zjP!tix2Ksr+LGBjZ<|}0+-KSI=d&-0l59Zw6`%i@;xj+nGa)L(^tjHbG_?%_i9cmM zgqVhrV+e+D;xUYmE+kwNU){ZfAa#9Ivvn@RO8{ig&b<6kYQgbSNFS57tBOPA0)id} z!6%sQOVjJr)gG*mm2v`QU=EPCn6zorldt;EGaijv?=WktL@QGrdz|yl8gilW;;bSw zK!&4ErVl|N`(6Zx#|%1}qX2v_1S_(s%p#m0Ia-vj2MUr1-VZTMCRe2?hIz!Bxuzao zJYkpIo#;F)Pm*s^|HustO&Y*flxz z8GgV6KY*X-sfsp-gmSIINx1qKTOF8gr5G4B6|22mDW0@Z1-dZc8miRtCJq=(q!vG8 z?NFKD23?wt8Ygv=6q{GgvlOfnXZ^?4Jh4G{E}Nfv=^!X9eG+-m7;HUBxAIjHWK00C z0a@HPlR*J?`$D>@Xt7&tArL=|d>O@W!f)gjXd<*Os8G4&7UIAKp?IRvaNn(o(q{$) z1^p_PDZBRIm2-h(GZgs+NXS@!Qj-BQA@;JU(t%(D4~3$2S7T$#?xLL;`zz=XSz}t7 zD}YA~g$X9%^OLD-xFR~3s9Z&1bkiS02HhM39q5*RHQ-adZZ0X#ri7ViR0t@l#fK~c zeYZw)3;317!S@SJ6I;=>;2=;T!yRHW_o@v%t}x!){n0K*G(3t`V8_* zK(2^WxakkzpZOvWF1StkNyFeb-_{1fWAGcZqOYO0gVnpc1>mSDTr{l=8#aE~+1+cl zH(H_mhNGd<*RZP;%W?6z6w?Q;&C?^V^?O%c#>ID}I^=_CGO34P*uS0y&^Z}=deda;S zIDCTr@_n?qcg}Ggyj~hocRmc&WP-T4hh>5}d(s7fNwXn;+7#yNi(seI_6^_DIv$d?{oqm0&iZzxjP$vMgNhJLAVy92hVWTxowR4qd+Cn6;!pl zGkr_7u{^07XvNRJSh06S^zYbw*;jd5RyNG}Y$F!OBA$<1FFQUU9Nz8Ehn`8DIGaoc zf1}Vj`@4v`ORj|!ZdE%IP$Om{IBoNbvqd{=wo$(OF-3mdAzH70^GW``Q2MhG@|w;R zhoU-#HcXLp_mqzwUFOC#%-REd`Ik5?1*Stp5ODcM5Puu1CFi88ZA~nw^S$M*)^)W0 z^~eYcdojC*wH#KwkOQ{xgsm{ruqiYA@9-FL99vX7HYxi^( z1(lNNFDKDdR#r|7my@Y)GPf~$yJo0sPK}H;GfXG@Yb8{a0ZJM15sX_y|cd2TVqUI8-Boe9RQD^GG9*rV3%oL)w?=l&8nC+Uv^eZelHLzrP*J3CtEd_e zCXyd0OXknG?`Ieu{C1V!x-Bz2$Z$aXxg1lcjhU18YS18o`+y6FHF4>av0yYjhPJiG z4b?n`#%i;0o73VSPj#x`NoFml;ofr9O{z%gK$dP~8;CUVrg)T(VPC8IZ)vRFxHnrg zhuT{_A1dm5FD4<45S#`>9$hBWpFnWcUNql23dg)w-?nxJ89-@qxyT}DTED?yUz<8+ zAvMc^5K6IFTllBxH73}tP=iHE2ioNx@V=$-yT66(o%2&Xark0bM`247Q%EWYH@PNL_x7IP zP!A1G(e7Sr1=o`#;X}qp--d#VYeD(~ekdEZPyr4hd9>iR6`DxT&Q6ks_fX@;-@A*Q z$hyfK@_@004dcwZhs21-6_KdpBP;-pPEbuI%EgkB;d)n(I0iHEF#2dwkYMILtINK^;(AHYBVWJLE>+Xt-ouT>jw3P6D$?Hj@SbyskBs!q) zVYShQYdXcQ${hRs<}i`WXGu~HWCUQqcC?QH zU9K#>C@p_-TKr&9w9ge~LMiP(mMk!k*@SPqTs@Jh|xf^Ghru z)@b>DVa?7I>|g{Lk`ffq-_t94&^L4Pi4=-rHP0BX;V|e>CoJXd3!c-S>l-GA@=@hG zJCxqiX_DvP{a6^;`fP0L1=tAl*P(2+eHka#8GDN?V{5^Zik;;+WhsZIiD8dIOru69 z4WnG>`CGb`3v|XvAlV5PG@OkbSSMjEG=4wAyspeAL*JUk4borrEN(WH@8ZT&=|xOx zok7lzoY*s*piHbaqD$>9vEvlsV$SX6C93v^bs2m1=;`rN#xfa*4)`qqsN zN!Y1l6;AUch5ii2iRFZwNwudFHX)JJj*xC3lX8(>7w?j#%w+}41JNzFxV*S& z@ay(dE<>k&ER1d@($OEVzPlt)eZW+@UT=WmXtukLmiUY3JSIO1s40fGeBk^}LBn9% zzK>u?++g{*-rRV_tS>O&**?#TSC%Iv>cc~y#FQA?3o2#M)t^JB2zM9|{A9!{@nWo+ zvAzok=8hLY`kABTK>4NB5Z6FQxdWs9g35~}xa&(D$%fy#$S4NOiGleE)i6SD4FCcv z!`OnS>K%KaQ4eP?HcR_>ERgU@pD*Lav70P~w6Z54`D$jpfiS2ymB<=&+H$yfne4~b_~f3LA7{n2a4PwFh!S; zt>XlmUZChxr9D6=8Nex>1LGBS%`yPOhZOo){z<;6EA4t@j=;6_U|RwJmHoKGyLFvAoEYaAww!xsFQc6(wghCoa$I+s7RAli8aJ zbaR+L*Pk&VO7oe&ly`fMz4n={u3(R6$aKbJ#+x70E zm;HmEFtfWqzhPP3v1X*&0_{JXa(9jL*>8o*pytK~Xd6CXFxXf;x01dN-FaAcn+a)h z+C4CM1f_W-d~~%xc{7E!)s~1RKKE;$!PZ+iDX`@R8o~u!B})#ny=0@BXNbn*mP2 zm0OpZUhU1z$wZ8uPB%pRH>OCr5YQ+))d&|je(@AY!u=(4bYbGb2FextaF99(H4d7K z>$`?yQ8g$;W|X<)s#3KmF2e4{Pq&l1x0j*4pZsd;ur8HTL3>CrJOg_J9!%+%L*VDi z3}LY4r7sAA!)dIn#7xBTvSp3RR15NErZD7Pj@3^Wo+t#GeTP+_c%8<>2}wmV(-Wd% zjcyCK;)m_M++4w)`F<0#$Lb^{X8lVx4U>!O!W^#y}>YFF8)EY%3(fy1E~20HlsW!xSET}Y}8^{v~Y zj}_F|yjCtc_-=)0CpjH2htsj8qGA%Q)MA({bPevuYCODv;(^>BETvheJc3rxr!4rA zeH38#2vU0tBj;1ad8)n_DexP7Q1E(5=zP<=|D7mII3E*y?Y7-85{15bwz+Dc8wW$p z=`^>TDCwZ@(>@Kw0A)RkX-dtJA#N)&eUCxJ+);Z_(*ge>v=A ze}8&YqN#MTKOG3iYy>cT-*K4IKp+CAIJyzL4(;^1+J3oA|FBB&>c2MU!u&FZlj4O) z_9?>MB_>YAj`AAsYF_JZ>Yh#di1S*H@}ycP2r@oathwn2;f}LC(|P|AFqPDP-?1p! z-gM+mMWMvirVAgtbZwaWY6Bnhy76A-6k;I=BJKV(t2E)|eo+tj$-e31IEIJMa6*;D z$UzgEOr;n;JrwpG-Qfq7l-^l+%GaEh`k0uLe3V}2+VZmIis#_P45y{cbK=7qibSP3 zal+K_%?_fPvC-bmj2U?)0HKi7`8N8L2m=2C5~FOB!~lDEwIdVOb{I$M%4l%|oES&m z=u(Tapn$F(6!ES(eqQ2yrc5?zmN!D)X0_a!{tAWH8*#^U1710cEU6m|` z3p6Mal0q(4=!=GS&X{a*_II2Q7xzdlDTm5Cx3-WV2J~lC%Uqd^7YG7vSQK@5s}f?$ zKiY{5#;!5iXTtqW>18*A|2#uoQ@c@NT>moVq-6*dCkE{*@l;t78KUX6Cmkt_XKVnqrNf@&kX zyeyn}DcS8C!H8~quoxaiW^P+i7k+9uSnr!`q!F%&rT1?f#Y=afc*wRZ2jfPPUr`ve zO=2G@5kHX)ViGsmV#6X+6`667C({a-l|47lZ) za=_ph)^Hvi8UyoY)RGpBX&-R4^A@W-`Ou7`GAGT4B-Y;+qJ0t9iw6`cDeYADO_`E0 z2E4rNECv&KjuCev`5f;CTl=pW42k0u!fF|idG3j_T$!cIb682@(m9BhQeef@m^(R{NhndX66(0DZ1)h`5N5$@YST z3A=^t9hc6LCkBXHl3;5PafE#%-~pvf2k}2Ls;n#Y>Xij2e+;eN8WrGh>r7=PRi$pM ztsh8?Wke9`I}frPq%#p2oTvQuD)WD%;gc5&SUdQ+>t~)m7=x!o?0klWFEX43*L)@@ zOfeZ}71c@DNqu<7Prc}3|BQ*xB1W_UKHWQA-udM4!8Z3+icv5CzLClR%(uRI$}HAR zazg>v4p{ddC$e0g2uz@MyBgkCwyEHlV)0m+;dx@UdCiD#+M$7LVp_|=P;WL|T-nm< z(}=}wU}%t-?JqP6_~ki37GV@2>LeVR73GQTj~GPg>K(=sgetp1ZPRAH5own1OdLV_ z5yL`_Xp6)QW`n+cw?lxH7*}T9$GY>&K&U{^clXyW_Mih;B`HiGJUTRhS5W!=qpOYy z0lG-8=bDDp_a;3iz%J*3zf^_q>40-GjRJR_#X?n2yN9(*`5G9xYrfKugbdM@zYP_$m{Dm@8HRQk_dEvY`6adMff-3^Iyo%e<4lc zCb|Z;I`*HNBS~0UT79At?q1Cf0xSiU(k%r)CB)ed126EVR_DOrNyV z{{)-D0_RxWEm8NFKUOE z(7Vbz@=f8`}nk+j5wCyIsJPD%l@;<>Eeg2)>$zVM;Y2 z>QH+U$acT29ErHad%b_L94o5$&+7WW7S|tY?Z4T$|KNQ7&#UbJ75DkeGXH<#K7Tpm z|Kq~{hxh&8xDN}{9}Mw-!+ls8X<7b>eVx0xxXTMPd=$4dF4~i(=fz%_-<>la^RRit zAt2zzz!1rdebIqOWYqiiwHw5TD2L_S4vw^qmQYUa&{mHG7?TeAF6~4ZBv1q<8+9@~ z7%G}HJYdLUvjo`h>+Qx^+r!}H!!`3gr$gz)gZzAPOQEF$hA#i!w<7-70+{jEw~_GN zU}Z4TLMfV5Y0mYzrZD5aR{mYB>;DomkI=2RV3_sk>@xnV~P z$r-nI{qQSbK`=gv+nv8zFxU9oc&?ynf#NWmDt#tOFv4!{E?2E2#;up*{;L$%*oT!T zHS6!?-pSp|;7B%&w^oyYrzV}N=#Nsu=jqVOLe!5&^W??Z@(;C!cT!Y$`xoxSV%(W> zVYw(p911o5X0$?B1HkqIFGF9696Uo&V8+QP14ne^-9Br^6xj0(go2!kmS#WO`1xq+ zP^gsEMi|z1aXav7Z3cDE37Qxr9%hwp;k129c#1%g+OPRi864N-#kwk%Qd1Um&&1nmsoGhec& zS=Kas+PYlha4nkQ8w|4@pfwTp??1Bhvj<%ZrsbDU5A@hVrI~SR8ryXk5i-@CTLFor zVq)EJ9Vy=?o{sop^(DO91!jyAzhMUTY+DZ}&4vg?VyMU~M{#plDPK(Cvo2?sb^Fr$ zq5}aPdyWI}sF;XZhfhVstp^ADTXb{MBgk6EP3cnQ{TW86VddvcT&pCNe7zYahTtE( zU6JN+m81*J$VymbgceWoQXF#((NgT*MHtpf(YXqS)m7<`5B1IVze;RsqD-+Zg$>US zZOWq*P2YLYbN@V08f`;#>BI#tUt@0+pH)d$tWZ*CYs_z}fI3*oIotiVYq)AxQ#_92 zZ;oW!LOQiHz@e8kW-awp#LR&pX)h`T6BmCf;!Qsdq%llZX*E?!qLi4J|M{8|=AyP0-GZzFz&QjH&TV$X?m(Q)#w5lpPG#MLe3{Ars7jZYLDxH||V^-tW zsTH^-oc(^chTOH;Eve-0U=}bTf0&r`K8{`jTiQKUXiGb*x~m zyDtx2er;w};^0V?GS?^ESL8YfV3(#AJ)xemSJO7vwj2dQtD}|2{v6N#9{RkhitFgQ8h#kw8z)dYH(#L9PH;_62hSZmOUwQQXj=ZmBj$ud&b*A1PR!r72axL9C^+*Rsvowr> zGcaL5Z!$wFwAg=PR*W)2A=xn*22Bag?dmsNq(&>w%RFh>FNv+l5*WR(YnXJt^gE$2 zCHIy&ySYK}!@D@NPDW3$?{}27wNz&=av8@5gi7eJ=u*)@Z|I|Z^-qtg3pNU-f~lk_Cd|c@TsFX zx@@P0Zq4C^w<2xPoBg=^Qa=#m)#4B5zd4k-X18c~4BDrgxjmz!9j`mvdNCyRt@#PBbRd zo+~9WdmiK!;n4)7Gkw#0!D*{Dw$u0Fe)3T%L_|bMkPI?D5J}@$+VO{%l7^`?b`Fdj zX)%L55JRjH+dAWX-Naqfabv;fU*LAW&C{>d2LAgPrxZdp5pA1%oOW(^8IENd6pAwl z&O1L{(M~-H54MP%@1%}w0N8z$M7wiQ!Jd)&$Yn7S+D5f@%jOL}8k3fK4^=PAy=UZM zU-Y(6?l}9zp5!$rjc&~z?_Wte;4>v&1>Q+E`ya9oafq}0;&euw4FYT<=yCOoWfOiZ zcGWiiIE}|1F&n|z*E7I19M6T3PMs${X+P0B5xiHJofJpiy{$TCl}kKUnAMrpVE~Y( z%8m1lqb4mTe;CrK2`ZOR0#r2{-Ayd?izy*F7bTtbqBttAg){TuJU;Fa{1eRLc)Yb>2asgEa z#Kn>1w-Piq+?)}{btzWcsmsbML!nRh?_V?*xOGpD2+JNuk6;|})%YW8JV~}eM z?%1T{3u?@YmYkDH#|8#!f&6f$6ik8M+CE~zF-0zCNI79kB=1p!q_FK#4e!1`|9VU5 z&?C{K$w~DwmX9Q>g*bgvMUbgPnOvslh!hFJLrr#?5;Ppx&YR*8)Zhg>QhV;J`%Ym> zNpPHz;d0`85-6A*?Mn(JglxzyyOMoygyuq8>;FBTVuCU0x;kojVikygsSB zRE1p>1FpXIh#`zU1^Jq!4mBXZ6|TNzs?h29@~Q#p5zsKhZnKQzDYu7{ZI43;h8y=S-aHiwBu{-*ujLDO?Ri+u=;f{F z9-DxKJacq!H!#JptvIMg&EB4zm^9N?bxnon0VU1iFVoSjX z(5fMO|DfQ5(WOW7NZTy2{gBjL-Ya zT3J7s@!Aka*$}S6?=hd#@7AD3+QTY5SB7DXt z$9j^>tsNBidpYl#iFw)Ey@9#jbKCY8ezt#l;p+FL&&FMyk(Pm1r(09vhnAy|`g8c( zUQY3!nMksqGcs;*OT6YE2()d!LtD*4^jt<+hsgGg9T3c0u4Y+V!qAV$ne7xnFPulZ z@m28E_X~w+^amE{YYlhkG+$T0D+k;Wh@C9^`c}&g^=d&Nc{R5nuS&+4AhIqYZWoae z8$%0{m-NKJ=(#KIJq2**gbI;Cw{ebIl6p2H^tNwQFU32bP0RH$D*zvfVISa$#Y zWm1u8Rr=-0y@GAk(c6QrQ{1DkVdK5dBK9rnoZW2)!=e6D0{YN^dTw>Cagy55c<%N% zcp}swbw1JGFnXqRt8g;kpzwQsO%|IeRVypQD%GqrPOCz7#5rHpu(U4If^${TqS5)B zFZcF|jA@g3MH9h7riqVf)%-VbMwzR50*szLi%|6{dCsYY2FZgwY@OkHz!p`b;gWIdwTX7>X2?{)v9p zGR8XRSIXRao^o?ixDj&;1eQs|T z6bfS-(q-D37-ct+B}IeXQHz%H(T3TEO~aez6Z28?axz+SL&#)#;sE6&#~p07Y}JV& zb9yy-_D103A8mTKuwzQGWyJj(Q~ZnF(${{3{b-5bydG(rl#|q z-7aP2Gj&WSw=XB>uVww3 zdrcaKmI3%hTExWZ1}cfe+ClEuovhfQ=(b6Oi+j~~mQ!Lzz{$n**fn5dSJ}+VF)kMt zIsZZ{ORA}S0h4)6x2pHX_I?U{5BsWz7%4_iyzCrq=K6ZqhjF?7igU}k(29-S0C?0A zzg*d{KBGIQ^E$KVH1tUB)ZH+AYww*iZ=ZG#R|xjEBKS=fX&tRr-z20Ob1I7==PX*6 z852_~wvR@7mU^V>Y~0h)vBd*vrgGk6Gq1DCv6$Ax8hqRKqqMvm&usU0mzJ{UR0HpG z=ZxNT77i=^pB-p-aS4R5?h`j|nrm)qlZ#a1t!D49?3ZcWAJiEgA<1g4?^PeS85WCZ zr#R}375Cl_r+v;!zt!_L!mnH4mM$P+$wRmaGY0o52-697Z{>K{c{nxhsk;5PVko)vDr>s(!7?%xNyd?zDQhghpo6fnu(1*Co6!oGu;ztF zr)6bTMJ`!TC6|=Kg6+?_*w%FEwh*cj%;-46mRJWl2DxDMGIrAwO;LO!2E{|@b`?0H zaK`!&9oLGK=x?tIsgLyA4y}#usbXpSg8`Gt%{whBhnv5O%T145IuC^>vojhgCfII* zXO`a|X;yLFoS{+lsSj5CtBtOow!y}$4}LMtBA$L(4ChtbTJq|H`YTQ2`+*C#N=g63&F?UelO|OHaOUYOSSk z6Uk|ZAA2oxffW=>VyzlSY1@P08=Kf9bDyA@*^nm>1{znUoWY0#ovpJ7;=aj8reW?RiETf^hq~Aui$NEW?dI zR3UNU0ph5Ej$;2DTSFSQHpF(5R{u%T52jtj>|y1mXnDsBSDt;-{;Z-tT5(dC2S1%f z!~hworYzb`L>TC=`cR->A)$yNO zOUL}2Iv6X=n=-)GJ;oOF%cz3w?xYFwLkVFAwxs0k>znFciE48U>^tw4){@@D4(XTt z;YM94fmTr>7*Jp}JjT}f*<1chs(&tHgLsl_5vxlea`pqzRhGe{>? zo+pGZ+qjAjPnT{>Q1?uWfBtrtxbJ?m!qws9lbgVZW0M!N9#o7-_Ou#JNL7NtWLQW< zLyL-HI~*H1wS1|KK)z()I%rJs3|?yBGCv_Y}uJ9}P2X zDK<_k$jfnT({3ceETFW)keriLf+GfDNv~sL0_YuCCR*qS%&Yu(%G93c2-8qLcQyh7 z>4l`%eTu0l8k-wqXlL-ct|cbSHCNK;kD1qYnyf?4o{Mv;36P@3btGM#ep?~r1oUtN z@Cn5GTh$3T;eMxKyLp~zkn|f$(xcw)EQxBOw+5=|_DSo_7xCASHmy6RvTk6D3**5b zi0tm+@uiA2M%8R?Tz zJJe`;H=-N{~H)|dTg^U7Hf_ziDEe(0Y2f~spDymPr$b+QWCTc*mnpKZ{=j0{4`O^!>1CGEkYjJ z^FR|hs^rgtJE)B4>l58Tj$V7+5N{n#RZ=)nq$VsFQ#{yhJCRG^h53~Rk_^f!XVN7| z`HXHEX|qoyNU3INk>2CsLU}SEg6|y_<0I#?=gc}F=i$N1 zfsoS|VH2l6>dEz_ODO=oyMWOJ#YV8unIZ`%vXa!i$>W+4$m#=ZYu`=7r6olyvCvzri|=jCK8VNf(XT@h4SJ-DVG%*>hB@ zJ4yy1pwi5@oktwC#gvZ_r1H}$p6K)tKIb7)4pzfui(M@`;RV_|!|vI^7aqgv%~ z^Ky+t8Z+(;K1@v1Kr_uP0=(WSPa7Athwrhe3p_q0C5A)WM8oiBZQAMLNkcNtPIr z!U$9Lbs`C+(?OP$ljT@`58vPEl+N#WeXs8y-{-!r=X2ek`8@aXJkRI8X0CZ(uRG1Y zw)7yjN4!$4vR}mFP)~K< zR9O&A2sU%B#_c_!bi?2hr|Gwtv|U|I;C5#a#C*c#pqW=bYmJ%UdN=c@#_P>BSat5| zwqvs8_V1f*54k@Jf<8aCt07~b{OKW=L^@xfP9HuWlqu&Py$H$Q?`JNIL-l!Ix@rQK zY7F4Wvqx^5-Bgp-fbC&FG$N*Ujk{=DrepxwEHt7K@|ZCTdT1H?_}!-< z6QN_Wd|SmGNrG>e)}BV7!16??PH@-8fNTFUoOyVp>u*nkfnks%?Kj#Tn##OcSecdO zP;HksKe}^U0o}4~f01>YXOF8&*=qx4uy@*UaB8;6!dN-++KWi!P1KyNWJ40XxKmmw#bgyPZ!t- z$BsT6$^3A#?d7c7y952s^Vx5UI}e|44l5-lP3~ir2W>2)>QyCVuG;$^iJ+YzJ=btr z)>w*-yiuPrEcV7zb-K#!dZlqV<Mc}8kA76qOgYY-PPDj7ZT;y{Ttqj#o zTMXwcTX1+*VNrKd4Bs`dXygEv?KpHkj=)RxyKoGKw~;Ouk5xUO#uTZ8I~KX!>nbAn z%)FOMpI(a-FzLT{;JSQbsrBxLN2h#9v(_p(%`Saa7}mfqn1wzeqWQ@6p%hU+8m0CS z-+IXTtKEfDVR)O87lSm`opv347-=CR~V6~>@3|L zbi3N^o)_BGC>a?`$vUeRXvn|dd*7}}=8tJkgZNvXJd-bTMA9!9Ja(8avYM=#?Q3fv z*0P@V6`W1geTcX9L(XCA`GwhkW@xX~|PY zWV_Z$2Ni4~PVNQ+D9$a+yte>6W>)>wO^@;&cSeK(>&hem%UR~xy?dtowXwrl3vwY{V9+Y{OW0C zyF$~`rZ(^&e&|_P3#&khes8#2|)`QEXOoX>V*p)9oXBM8qT`tMHYnMF7LuKWd z-BG1!(HtG$=m_I`-)441;ztYe)>X2HYU@?S6MeuwQ+H3AE90j*)Apa;9FSyr7frrd zb?APnaJn@}^IG@*CjAji>!t36Ec#@+bAM6k`}gmSL0Lvg395hG2fpwnv`$`bxmY;e z7G$UWF5t$U=M~!7B{C<@I>zLZ6hqul zu4h~!oyw8^>b#LBTb!gMYn^fnd+y|2Ib2=D)g?A&mRlFEP!w44#wlf2Y>;8n^~J%~ zE`QUUsE!9otM@fh-)CR3F(a-hOylQD_|SV`=p}n!zsmfCFU?RNk$oCzci>l&J5CNu zvy8`F_zgKQ7oMAF-_Ds~C?_JX{1PK`SV(bm1`|h8#bKzlF>ZNk*dxhj$W2z&?RX($l`WS*8snkSiFX><2!h!i}}^{)rzg z@YX5|(n0fLfW|YmE`FlKYRR}9Sz)9&vdM6+fwz_)j3Da+9~REnVQs6P-$wousi>g8>NWaDY06ynygarsOo}t?dURvK$E6~*+D+q zjQ>dzFX0%qF18DWzUFw6N#Gh)T8MJxkDw4ZH&O|x(L8QgY3{4&5)$`E`C7;_{5Ai9 zhSX)A*D~(lj z)ZPW1An-YRj%B?nFxgT%`W1!PH$N#k4p~(DxHQ1N7SpVcqb+dNnPpQnd;Q1T>8$V^ zkCd96DDax_LGBR)cSg>l-begu$%54SjcRt!yfH~~;oubKxU^6&=%e~7I7GaTCnDPe zR1c20wqd9V9xHIB%=e!2QL58i01ta5G)&BKY+Uo;+(_OyHFFyZn=2fo?CJf$Xz0&o z92C+od`Q*rRiZVc1L!#+=rjP*Wa%uflAdjXn|ONYQ;*gO?uzJSPyQ?$e> zZa*u1WuMi?H1E|+WFh%H&T7+;xv1&8ZMyxeHjgnE|1!2fxUbcirq61WWdBn8^?Fa{ z;ySW$J`)kyK%M&2&uVPR!D{oN_iFs+X{*g*>J<4JqRx%ENRaG*477BZxd@F)oZ2+8 z8vC>vVl}n_1nVbH#rs<6EBdU;OZG!suSc0N7mf5=7B}aCRsj2}_o^*oy@4&xsA~O3 zg%)y)i}iyZ@SpXM+ekNcL*gml|CsBB0q9^D1Qr8`CjVAH{(D?EBt`?!Q38lDbrjHw zmbMmF3*fo|gyY>8xrwP)BQpIxP4cC^C_q@bTZEw7*emUn71*rXj!K z0RDgCIV1-8t#-~mrJWEfCm6S+*P>=Ct~45)Es-W1EG%A^|3#1TG{9U{=$%@`pHBmV zaYAx?P@7N`2i^f=;mR}G+2KZqo5A=rK6i#(`pLA&MI`2zk+~!Lf7J!HUm^^)ydAjf z`f)ZI84TxX5wo+X|k)OQW|Ci+i2;xWS=jam&6>Ws9%%Tp2`W z&2-Ukj@6njs(Mkz-NVIeYwVB6m$`q;#s5Q^`}Jk}K`r@xLjIdt$?X*Q9*wsBJip13 z@K8U0UVy)c;)Q=b4PJ6fSmh24vsdfza zz?z`7GY*LX?!H{rs*EI10N3Y~1P72A06@dUC_pj$y$=h=>>M*NHSL{qLt(J+ zo!0`>MSXKEDbx#KU54@kbV-N63w~RVR})7hl7O{yYmo$?np^BiU{Ko&<{6S#C~5me QKw-5JNM0Ds*w*BK0J*&A7XSbN literal 0 HcmV?d00001 diff --git a/post-setup.sh b/post-setup.sh new file mode 100755 index 0000000..a04831d --- /dev/null +++ b/post-setup.sh @@ -0,0 +1,15 @@ + +sudo flatpak remote-add --if-not-exists flathub https://flathub.org/repo/flathub.flatpakrepo + +mkdir ~/.librewolf +cp -r configs/librewolf ~/.librewolf/librewolf +cp configs/profiles.ini ~/.librewolf/profiles.ini + +mkdir ~/.wallpaers +cp -r configs/wallpaper ~/.wallpaers + +sudo nix-collect-garbage -d + +sudo tailscale up --accept-routes --login-server=https://headscale.ascosilinux.com + +echo "REBOOT YOUR COMPUTER AGAIN" diff --git a/setup.sh b/setup.sh new file mode 100755 index 0000000..fc53040 --- /dev/null +++ b/setup.sh @@ -0,0 +1,3 @@ +sudo nixos-rebuild build --flake .# + +echo "REBOOT YOUR COMPUTER" diff --git a/system/test-dell/configuration.nix b/system/test-dell/configuration.nix new file mode 100755 index 0000000..b8fa863 --- /dev/null +++ b/system/test-dell/configuration.nix @@ -0,0 +1,314 @@ +# Edit this configuration file to define what should be installed on +# your system. Help is available in the configuration.nix(5) man page +# and in the NixOS manual (accessible by running ‘nixos-help’). + +{ config, pkgs, lib, ... }: + +{ + imports = + [ # Include the results of the hardware scan. + ./hardware-configuration.nix + ]; + # legacy boot + #boot.loader.grub.enable = true; + #boot.loader.grub.device = "/dev/sda"; + #boot.loader.grub.useOSProber = true; + + # UEFI boot + boot.loader.systemd-boot.enable = true; + boot.loader.efi.canTouchEfiVariables = true; + boot.loader.efi.efiSysMountPoint = "/boot/efi"; + + # secure boot + boot.bootspec.enable = true; + + # ZRAM + zramSwap.enable = true; + zramSwap.memoryPercent = 50; + + boot.binfmt.emulatedSystems = [ "aarch64-linux" ]; + + boot.kernelPackages = pkgs.linuxPackages_xanmod_stable; + boot.extraModulePackages = with config.boot.kernelPackages; [ v4l2loopback ]; + + networking.hostName = "test-dell"; # Define your hostname. + networking.networkmanager.enable = true; + + # Set your time zone. + time.timeZone = "America/New_York"; + + # Select internationalisation properties. + i18n.defaultLocale = "en_US.UTF-8"; + console = { + font = "Lat2-Terminus16"; + keyMap = "us"; + }; + + # Enable the X11 windowing system. + services.xserver.enable = true; + + # opengl hardware + hardware.opengl.enable = true; + + # Enable the KDE Desktop Environment. + services.xserver.displayManager.sddm.enable = true; + services.xserver.desktopManager.plasma5.enable = true; + programs.kdeconnect.enable = true; + + # Configure keymap in X11 + services.xserver.layout = "us"; + #services.xserver.xkbVariant = "colemak,"; + #services.xserver.xkbOptions = "grp:win_space_toggle"; + + # Enable CUPS to print documents. + services.printing.enable = true; + services.avahi.enable = true; + services.avahi.nssmdns = true; + services.avahi.openFirewall = true; + services.printing.drivers = [ pkgs.hplip ]; + + # Enable sound with pipewire. + sound.enable = true; + hardware.pulseaudio.enable = false; + security.rtkit.enable = true; + services.pipewire = { + enable = true; + alsa.enable = true; + alsa.support32Bit = true; + pulse.enable = true; + # If you want to use JACK applications, uncomment this + jack.enable = true; + + # use the example session manager (no others are packaged yet so this is en> + # no need to redefine it in your config for now) + #media-session.enable = true; + }; + + # Enable touchpad support (enabled default in most desktopManager). + services.xserver.libinput.enable = true; + + # Define a user account. Don't forget to set a password with ‘passwd’. + users.users.vincent = { + isNormalUser = true; + initialHashedPassword = "$y$j9T$60d2ruHdjJT4EZAUcS3GW.$e1xmxQrRFTr2RUld3G2blpBUSALlG047ygAnkmk2JaA"; + extraGroups = [ "wheel" "networkmanager" "lp" "audio" "video" "cdrom" "libvirt" "kvm" "input" ]; + }; + + nix.extraOptions = ''experimental-features = nix-command flakes''; + + nixpkgs.config.permittedInsecurePackages = [ + "electron-12.2.3" + ]; + + nixpkgs.config.allowUnfree = true; + + # List packages installed in system profile. To search, run: + # $ nix search wget + environment.systemPackages = with pkgs; [ + xdg-desktop-portal-gtk + clamav + tailscale + linuxHeaders + steam-run + qgnomeplatform + open-dyslexic + glibc + cron + btop + neofetch + topgrade + # VM manager + gnome.gnome-boxes + OVMF + # remote access + sunshine + # backup + pika-backup + # kde apps + libsForQt5.discover + libsForQt5.sddm-kcm + libsForQt5.kaccounts-integration + libsForQt5.kaccounts-providers + libsForQt5.accounts-qt + libsForQt5.ark + # editors + libsForQt5.kate + nano + # office apps + onlyoffice-bin + trilium-desktop + celluloid + libsForQt5.elisa + # mirosoft font alitrnative + carlito + caladea + gelasio + comic-relief + noto-fonts + # battery saving packages + auto-cpufreq + tlp + # binary ELF interpreter + patchelf + binutils + # package manager + git + wget + flatpak + podman + distrobox + # web browser + librewolf + #captive browser + captive-browser + ]; + + # captive browser options + programs.captive-browser.enable = true; + programs.captive-browser.interface = "wlp2s0"; + + # sunshine udev rules + services.udev.extraRules = '' + Sunshine + KERNEL=="uinput", GROUP="input", MODE="0660", OPTIONS+="static_node=uinput" + ''; + # sunshine service + systemd.user.services.sunshine = { + description = "sunshine remote desktop"; + script = "/run/current-system/sw/bin/sunshine"; + wantedBy = [ "multi-user.target" ]; # starts after login + }; + systemd.user.services.sunshine.enable = true; + + # v4l2loopback + boot.kernelModules = [ "v4l2loopback" ]; + + # flatpak + xdg.portal.enable = true; + services.flatpak.enable = true; + + # packagekit + services.packagekit.enable = true; + + # enable libvirt and USB redirect + virtualisation.libvirtd.enable = true; + programs.dconf.enable = true; + virtualisation.spiceUSBRedirection.enable = true; + virtualisation.libvirtd.qemu.ovmf.enable = true; + + # enable podman + virtualisation.podman = { + enable = true; + + dockerCompat = true; + }; + + environment.shellInit = '' + [ -n "$DISPLAY" ] && xhost +si:localuser:$USER || true + ''; + + # iio screen rotation + hardware.sensor.iio.enable = true; + + # makemkv fix + boot.initrd.kernelModules = [ "sg" ]; + + # battery saving services enable + services.auto-cpufreq.enable = true; + services.tlp.enable = true; + services.power-profiles-daemon.enable = false; + # enable the tailscale service + services.tailscale.enable = true; + + # Some programs need SUID wrappers, can be configured further or are + # started in user sessions. + programs.mtr.enable = true; + programs.gnupg.agent = { + enable = true; + enableSSHSupport = true; + }; + + # clamAV + services.clamav.updater.enable = true; + services.clamav.daemon.enable = true; + + # List services that you want to enable: + + # Enable the OpenSSH daemon. + services.openssh.enable = false; + + # auto clean + nix.optimise.automatic = true; + nix.gc = { + automatic = true; + dates = "weekly"; + options = "--delete-older-than 15d"; + }; + + # auto update + system.autoUpgrade.enable = true; + system.autoUpgrade.allowReboot = true; + system.autoUpgrade.rebootWindow = { + lower = "01:00"; + upper = "05:00"; + }; + + # Open ports in the firewall. + networking.firewall.allowedTCPPorts = [ + 22 + 8384 + 22000 + 24800 + 21116 + 7236 + 7250 + 47984 + 47989 + 47990 + 48010 + ]; + networking.firewall.allowedUDPPorts = [ + 22000 + 21027 + 24800 + 5353 + 5900 + 3689 + 5353 + 7236 + 47998 + 47999 + 48000 + 48002 + ]; + networking.firewall.allowedTCPPortRanges = [ + { + from = 1714; + to = 1764; + } + ]; + networking.firewall.allowedUDPPortRanges = [ + { + from = 1714; + to = 1764; + } + ]; + networking.firewall.rejectPackets = true; + # networking.firewall.allowedUDPPorts = [ 21116 ]; + # Or disable the firewall altogether. + networking.firewall.checkReversePath = "loose"; + + services.fail2ban.enable = true; + networking.firewall.enable = true; + + # This value determines the NixOS release from which the default + # settings for stateful data, like file locations and database versions + # on your system were taken. It‘s perfectly fine and recommended to leave + # this value at the release version of the first install of this system. + # Before changing this value read the documentation for this option + # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). + system.stateVersion = "22.11"; # Did you read the comment? + +} + + diff --git a/system/test-dell/hardware-configuration.nix.old b/system/test-dell/hardware-configuration.nix.old new file mode 100755 index 0000000..a303fa7 --- /dev/null +++ b/system/test-dell/hardware-configuration.nix.old @@ -0,0 +1,38 @@ +# Do not modify this file! It was generated by ‘nixos-generate-config’ +# and may be overwritten by future invocations. Please make changes +# to /etc/nixos/configuration.nix instead. +{ config, lib, pkgs, modulesPath, ... }: + +{ + imports = + [ (modulesPath + "/installer/scan/not-detected.nix") + ]; + + boot.initrd.availableKernelModules = [ "xhci_pci" "ehci_pci" "ahci" "usb_storage" "sd_mod" "sr_mod" "sdhci_pci" ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ "kvm-intel" ]; + boot.extraModulePackages = [ ]; + + fileSystems."/" = + { device = "/dev/disk/by-uuid/e9b875b1-eb63-4fbc-b9e5-3f1af9fbf58e"; + fsType = "ext4"; + }; + + fileSystems."/boot/efi" = + { device = "/dev/disk/by-uuid/E732-7951"; + fsType = "vfat"; + }; + + swapDevices = [ ]; + + # Enables DHCP on each ethernet and wireless interface. In case of scripted networking + # (the default) this is the recommended approach. When using systemd-networkd it's + # still possible to use this option, but it's recommended to use it in conjunction + # with explicit per-interface declarations with `networking.interfaces..useDHCP`. + networking.useDHCP = lib.mkDefault true; + # networking.interfaces.enp12s0.useDHCP = lib.mkDefault true; + # networking.interfaces.wlp2s0.useDHCP = lib.mkDefault true; + + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; + hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; +} diff --git a/system/vincents-hp/configuration.nix b/system/vincents-hp/configuration.nix new file mode 100755 index 0000000..5bfa092 --- /dev/null +++ b/system/vincents-hp/configuration.nix @@ -0,0 +1,277 @@ +# Edit this configuration file to define what should be installed on +# your system. Help is available in the configuration.nix(5) man page +# and in the NixOS manual (accessible by running ‘nixos-help’). + +{ config, pkgs, lib, ... }: + +{ + imports = + [ # Include the results of the hardware scan. + ./hardware-configuration.nix + ]; + + # legacy boot + #boot.loader.grub.enable = true; + #boot.loader.grub.device = "/dev/vda"; + #boot.loader.grub.useOSProber = true; + + # UEFI boot + boot.loader.systemd-boot.enable = true; + boot.loader.efi.canTouchEfiVariables = true; + #boot.loader.efi.efiSysMountPoint = "/boot/efi"; + + boot.binfmt.registrations.appimage = { + interpreter = "${pkgs.appimage-run}/bin/appimage-run"; + recognitionType = "magic"; + offset = 0; + mask = ''\xff\xff\xff\xff\x00\x00\x00\x00\xff\xff\xff''; + magicOrExtension = ''\x7fELF....AI\x02''; + }; + + # boot logo + boot.plymouth.enable = true; + + # ZRAM + zramSwap.enable = true; + zramSwap.memoryPercent = 50; + boot.kernel.sysctl = { + "vm.swappiness" = 10; + "vm.vsf_cache_pressure" = 50; + }; + + boot.binfmt.emulatedSystems = [ "aarch64-linux" ]; + + boot.kernelPackages = pkgs.linuxPackages_xanmod_stable; + #boot.extraModulePackages = with config.boot.kernelPackages; [ v4l2loopback ]; + + networking.hostName = "vincent-hp"; # Define your hostname. + networking.networkmanager.enable = true; + + # Set your time zone. + time.timeZone = "America/New_York"; + + # Select internationalisation properties. + i18n.defaultLocale = "en_US.UTF-8"; + console = { + font = "Lat2-Terminus16"; + useXkbConfig = true; + }; + fonts.packages = [ pkgs.corefonts ]; + + # Enable the X11 windowing system. + services.xserver.enable = true; + + # displaylink + services.xserver.videoDrivers = [ "displaylink" "modesetting" ]; + + # waydroid + #virtualisation.waydroid.enable = true; + + # Enable the Cinnamon Desktop Environment. + services.displayManager.sddm.enable = true; + services.desktopManager.plasma6.enable = true; + programs.kdeconnect.enable = true; + + # Configure keymap in X11 + services.xserver = { + xkb.layout = "us"; + #xkb.variant = "colemak"; + #xkb.model = "chromebook"; + }; + services.xserver.xkb.options = "grp:win_space_toggle"; + + # Enable CUPS to print documents. + services.printing.enable = true; + services.avahi.enable = true; + services.avahi.nssmdns4 = true; + services.avahi.openFirewall = true; + services.printing.drivers = [ pkgs.hplip ]; + + # Enable sound with pipewire. + sound.enable = true; + hardware.pulseaudio.enable = false; + security.rtkit.enable = true; + services.pipewire = { + enable = true; + alsa.enable = true; + alsa.support32Bit = true; + pulse.enable = true; + # If you want to use JACK applications, uncomment this + jack.enable = true; + + # use the example session manager (no others are packaged yet so this is en> + # no need to redefine it in your config for now) + wireplumber.enable = true; + }; + programs.noisetorch.enable = true; + + # Enable touchpad support (enabled default in most desktopManager). + services.libinput.enable = true; + + # Define a user account. Don't forget to set a password with ‘passwd’. + users.users.vincent = { + isNormalUser = true; + shell = pkgs.fish; + initialHashedPassword = "$y$j9T$bNzCzml0kKQQxROnHJGee0$o7DvtXzBul58giMCwV9qFbuDBjdLiG7PoRTLUzT/jCB"; + extraGroups = [ "wheel" "networkmanager" "lp" "audio" "video" "cdrom" "input" "libvirtd" ]; + }; + programs.fish.enable = true; + + nix.extraOptions = ''experimental-features = nix-command flakes''; + + nixpkgs.config.permittedInsecurePackages = [ + "electron-12.2.3" + "electron-27.3.11" + ]; + + nixpkgs.config.allowUnfree = true; + + # List packages installed in system profile. To search, run: + # $ nix search wget + environment = { + systemPackages = with pkgs; [ + tailscale + bleachbit + btop + neofetch + clamtk + trayscale + topgrade + git + # kde apps + kdePackages.discover + kdePackages.sddm-kcm + kdePackages.ark + kdePackages.qtmultimedia + # editors + kdePackages.kate + nano + # vm + quickemu + quickgui + # office apps + bottles + rustdesk-flutter + libreoffice-qt + logseq + nextcloud-client + orca-slicer + # package manager + wget + # web browser + librewolf + ]; + }; + + # flatpak + xdg.portal.enable = true; + services.flatpak.enable = true; + systemd.services.configure-flathub-repo = { + wantedBy = ["multi-user.target"]; + path = [ pkgs.flatpak ]; + script = '' + flatpak remote-add --if-not-exists flathub https://flathub.org/repo/flathub.flatpakrepo + ''; + }; + + # bluetooth + hardware.bluetooth.enable = true; + + # dconf + programs.dconf.enable = true; + + # enable the tailscale service + services.tailscale.enable = true; + + # Some programs need SUID wrappers, can be configured further or are + # started in user sessions. + programs.mtr.enable = true; + programs.gnupg.agent = { + enable = true; + enableSSHSupport = true; + }; + + # List services that you want to enable: + + # preload + services.preload.enable = true; + + # schedualer + services.system76-scheduler.enable = true; + + # Enable the OpenSSH daemon. + services.openssh.enable = false; + + # auto clean + nix.optimise.automatic = true; + + # enable fwupd + services.fwupd.enable = true; + + # auto update + system.autoUpgrade.enable = true; + system.autoUpgrade.allowReboot = true; + system.autoUpgrade.rebootWindow = { + lower = "01:00"; + upper = "05:00"; + }; + + #clamav + services.clamav.updater.enable = true; + services.clamav.daemon.enable = true; + + # Open ports in the firewall. + networking.firewall.allowedTCPPorts = [ + 22 + 8384 + 22000 + 24800 + 21116 + 7236 + 7250 + 47984 + 47989 + 47990 + 48010 + ]; + networking.firewall.allowedUDPPorts = [ + 22000 + 21027 + 24800 + 5353 + 5900 + 3689 + 5353 + 7236 + 47998 + 47999 + 48000 + 48002 + ]; + networking.firewall.allowedTCPPortRanges = [ + { + from = 1714; + to = 1764; + } + ]; + networking.firewall.allowedUDPPortRanges = [ + { + from = 1714; + to = 1764; + } + ]; + networking.firewall.rejectPackets = true; + # networking.firewall.allowedUDPPorts = [ 21116 ]; + # Or disable the firewall altogether. + networking.firewall.checkReversePath = "loose"; + + services.fail2ban.enable = true; + networking.firewall.enable = true; + + # This value determines the NixOS release from which the default settings for stateful data, like file locations and database versions on your system were + # taken. It‘s perfectly fine and recommended to leave this value at the release version of the first install of this system. Before changing this value read + # the documentation for this option (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). + system.stateVersion = "24.05"; # Did you read the comment? + +} + diff --git a/system/vincents-hp/hardware-configuration.nix.old b/system/vincents-hp/hardware-configuration.nix.old new file mode 100755 index 0000000..ddf9122 --- /dev/null +++ b/system/vincents-hp/hardware-configuration.nix.old @@ -0,0 +1,40 @@ +# Do not modify this file! It was generated by ‘nixos-generate-config’ +# and may be overwritten by future invocations. Please make changes +# to /etc/nixos/configuration.nix instead. +{ config, lib, pkgs, modulesPath, ... }: + +{ + imports = + [ (modulesPath + "/installer/scan/not-detected.nix") + ]; + + boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "ahci" "usb_storage" "sd_mod" "rtsx_pci_sdmmc" ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ "kvm-amd" ]; + boot.extraModulePackages = [ ]; + + fileSystems."/" = + { device = "/dev/disk/by-uuid/1d5d7408-a9fc-4577-83c9-48626166b59a"; + fsType = "ext4"; + }; + + boot.initrd.luks.devices."luks-5bd845b2-9060-4aa4-9a12-463202623104".device = "/dev/disk/by-uuid/5bd845b2-9060-4aa4-9a12-463202623104"; + + fileSystems."/boot" = + { device = "/dev/disk/by-uuid/9B16-C557"; + fsType = "vfat"; + options = [ "fmask=0022" "dmask=0022" ]; + }; + + swapDevices = [ ]; + + # Enables DHCP on each ethernet and wireless interface. In case of scripted networking + # (the default) this is the recommended approach. When using systemd-networkd it's + # still possible to use this option, but it's recommended to use it in conjunction + # with explicit per-interface declarations with `networking.interfaces..useDHCP`. + networking.useDHCP = lib.mkDefault true; + # networking.interfaces.wlo1.useDHCP = lib.mkDefault true; + + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; + hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; +} diff --git a/system/vm/configuration.nix b/system/vm/configuration.nix new file mode 100755 index 0000000..7f5c95d --- /dev/null +++ b/system/vm/configuration.nix @@ -0,0 +1,316 @@ +# Edit this configuration file to define what should be installed on +# your system. Help is available in the configuration.nix(5) man page +# and in the NixOS manual (accessible by running ‘nixos-help’). + +{ config, pkgs, lib, ... }: + +{ + imports = + [ # Include the results of the hardware scan. + ./hardware-configuration.nix + ]; + # legacy boot + #boot.loader.grub.enable = true; + #boot.loader.grub.device = "/dev/vda"; + #boot.loader.grub.useOSProber = true; + + # UEFI boot + boot.loader.systemd-boot.enable = true; + boot.loader.efi.canTouchEfiVariables = true; + boot.loader.efi.efiSysMountPoint = "/boot/efi"; + + # secure boot + #boot.bootspec.enable = true; + + # ZRAM + zramSwap.enable = true; + zramSwap.memoryPercent = 50; + + boot.binfmt.emulatedSystems = [ "aarch64-linux" ]; + + boot.kernelPackages = pkgs.linuxPackages_xanmod_stable; + boot.extraModulePackages = with config.boot.kernelPackages; [ v4l2loopback ]; + + networking.hostName = "nixos-vm"; # Define your hostname. + networking.networkmanager.enable = true; + + # Set your time zone. + time.timeZone = "America/New_York"; + + # Select internationalisation properties. + i18n.defaultLocale = "en_US.UTF-8"; + console = { + font = "Lat2-Terminus16"; + keyMap = "us"; + }; + + # Enable the X11 windowing system. + services.xserver.enable = true; + + # opengl hardware + hardware.opengl.enable = true; + + # Enable the KDE Desktop Environment. + services.xserver.displayManager.gdm.enable = true; + services.xserver.desktopManager.gnome.enable = true; + programs.kdeconnect.package = pkgs.gnomeExtensions.gsconnect; + programs.kdeconnect.enable = true; + + # Configure keymap in X11 + services.xserver.layout = "us"; + #services.xserver.xkbVariant = "colemak,"; + #services.xserver.xkbOptions = "grp:win_space_toggle"; + + # Enable CUPS to print documents. + services.printing.enable = true; + services.avahi.enable = true; + services.avahi.nssmdns = true; + services.avahi.openFirewall = true; + services.printing.drivers = [ pkgs.hplip ]; + + # Enable sound with pipewire. + sound.enable = true; + hardware.pulseaudio.enable = false; + security.rtkit.enable = true; + services.pipewire = { + enable = true; + alsa.enable = true; + alsa.support32Bit = true; + pulse.enable = true; + # If you want to use JACK applications, uncomment this + jack.enable = true; + + # use the example session manager (no others are packaged yet so this is en> + # no need to redefine it in your config for now) + #media-session.enable = true; + }; + + # Enable touchpad support (enabled default in most desktopManager). + services.xserver.libinput.enable = true; + + # Define a user account. Don't forget to set a password with ‘passwd’. + users.users.vincent = { + isNormalUser = true; + initialHashedPassword = "$y$j9T$60d2ruHdjJT4EZAUcS3GW.$e1xmxQrRFTr2RUld3G2blpBUSALlG047ygAnkmk2JaA"; + extraGroups = [ "wheel" "networkmanager" "lp" "audio" "video" "cdrom" "libvirt" "kvm" "input" ]; + }; + + nix.extraOptions = ''experimental-features = nix-command flakes''; + + nixpkgs.config.permittedInsecurePackages = [ + "electron-12.2.3" + ]; + + nixpkgs.config.allowUnfree = true; + + # List packages installed in system profile. To search, run: + # $ nix search wget + environment.systemPackages = with pkgs; [ + xdg-desktop-portal-gtk + clamav + tailscale + linuxHeaders + steam-run + qgnomeplatform + open-dyslexic + glibc + cron + btop + neofetch + topgrade + papirus-icon-theme + # VM manager + virt-manager + OVMF + # remote access + sunshine + # backup + pika-backup + # gnome extensions + gnome.gnome-packagekit + gnomeExtensions.appindicator + gnomeExtensions.pop-shell + gnome.pomodoro + gnome.gnome-tweaks + # editors + libsForQt5.kate + nano + # office apps + onlyoffice-bin + trilium-desktop + celluloid + lollypop + # mirosoft font alitrnative + carlito + caladea + gelasio + comic-relief + noto-fonts + # battery saving packages + auto-cpufreq + tlp + # binary ELF interpreter + patchelf + binutils + # package manager + git + wget + flatpak + flatpak-builder + podman + distrobox + # web browser + librewolf + #captive browser + #captive-browser + ]; + + # captive browser options + #programs.captive-browser.enable = true; + #programs.captive-browser.interface = "wlp2s0"; + + # sunshine udev rules + services.udev.extraRules = '' + Sunshine + KERNEL=="uinput", GROUP="input", MODE="0660", OPTIONS+="static_node=uinput" + ''; + # sunshine service + systemd.user.services.sunshine = { + description = "sunshine remote desktop"; + script = "/run/current-system/sw/bin/sunshine"; + wantedBy = [ "multi-user.target" ]; # starts after login + }; + systemd.user.services.sunshine.enable = true; + + # v4l2loopback + boot.kernelModules = [ "v4l2loopback" ]; + + # flatpak + xdg.portal.enable = true; + services.flatpak.enable = true; + + # packagekit + services.packagekit.enable = true; + + # enable libvirt and USB redirect + virtualisation.libvirtd.enable = true; + programs.dconf.enable = true; + virtualisation.spiceUSBRedirection.enable = true; + virtualisation.libvirtd.qemu.ovmf.enable = true; + + # enable podman + virtualisation.podman = { + enable = true; + + dockerCompat = true; + }; + + environment.shellInit = '' + [ -n "$DISPLAY" ] && xhost +si:localuser:$USER || true + ''; + + # iio screen rotation + hardware.sensor.iio.enable = true; + + # makemkv fix + boot.initrd.kernelModules = [ "sg" ]; + + # battery saving services enable + services.auto-cpufreq.enable = true; + services.tlp.enable = true; + services.power-profiles-daemon.enable = false; + # enable the tailscale service + services.tailscale.enable = true; + + # Some programs need SUID wrappers, can be configured further or are + # started in user sessions. + programs.mtr.enable = true; + programs.gnupg.agent = { + enable = true; + enableSSHSupport = true; + }; + + # clamAV + services.clamav.updater.enable = true; + services.clamav.daemon.enable = true; + + # List services that you want to enable: + + # Enable the OpenSSH daemon. + services.openssh.enable = false; + + # auto clean + nix.optimise.automatic = true; + nix.gc = { + automatic = true; + dates = "weekly"; + options = "--delete-older-than 15d"; + }; + + # auto update + system.autoUpgrade.enable = true; + system.autoUpgrade.allowReboot = true; + system.autoUpgrade.rebootWindow = { + lower = "01:00"; + upper = "05:00"; + }; + + # Open ports in the firewall. + networking.firewall.allowedTCPPorts = [ + 22 + 8384 + 22000 + 24800 + 21116 + 7236 + 7250 + 47984 + 47989 + 47990 + 48010 + ]; + networking.firewall.allowedUDPPorts = [ + 22000 + 21027 + 24800 + 5353 + 5900 + 3689 + 5353 + 7236 + 47998 + 47999 + 48000 + 48002 + ]; + networking.firewall.allowedTCPPortRanges = [ + { + from = 1714; + to = 1764; + } + ]; + networking.firewall.allowedUDPPortRanges = [ + { + from = 1714; + to = 1764; + } + ]; + networking.firewall.rejectPackets = true; + # networking.firewall.allowedUDPPorts = [ 21116 ]; + # Or disable the firewall altogether. + networking.firewall.checkReversePath = "loose"; + + services.fail2ban.enable = true; + networking.firewall.enable = true; + + # This value determines the NixOS release from which the default + # settings for stateful data, like file locations and database versions + # on your system were taken. It‘s perfectly fine and recommended to leave + # this value at the release version of the first install of this system. + # Before changing this value read the documentation for this option + # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). + system.stateVersion = "22.11"; # Did you read the comment? + +} + + diff --git a/system/vm/hardware-configuration.nix b/system/vm/hardware-configuration.nix new file mode 100755 index 0000000..efd1a91 --- /dev/null +++ b/system/vm/hardware-configuration.nix @@ -0,0 +1,38 @@ +# Do not modify this file! It was generated by ‘nixos-generate-config’ +# and may be overwritten by future invocations. Please make changes +# to /etc/nixos/configuration.nix instead. +{ config, lib, pkgs, modulesPath, ... }: + +{ + imports = + [ (modulesPath + "/installer/scan/not-detected.nix") + ]; + + boot.initrd.availableKernelModules = [ "xhci_pci" "ehci_pci" "ahci" "usb_storage" "sd_mod" "sr_mod" "sdhci_pci" ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ "kvm-intel" ]; + boot.extraModulePackages = [ ]; + + fileSystems."/" = + { device = "/dev/vda2"; + fsType = "ext4"; + }; + + fileSystems."/boot/efi" = + { device = "/dev/vda1"; + fsType = "vfat"; + }; + + swapDevices = [ ]; + + # Enables DHCP on each ethernet and wireless interface. In case of scripted networking + # (the default) this is the recommended approach. When using systemd-networkd it's + # still possible to use this option, but it's recommended to use it in conjunction + # with explicit per-interface declarations with `networking.interfaces..useDHCP`. + networking.useDHCP = lib.mkDefault true; + # networking.interfaces.enp12s0.useDHCP = lib.mkDefault true; + # networking.interfaces.wlp2s0.useDHCP = lib.mkDefault true; + + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; + hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; +} diff --git a/users/vincent/home.nix b/users/vincent/home.nix new file mode 100755 index 0000000..abdde9a --- /dev/null +++ b/users/vincent/home.nix @@ -0,0 +1,21 @@ +{ pkgs, ...}: { + targets.genericLinux.enable = true; + + programs.git = { + enable = true; + userName = "batvin123"; + userEmail = "batvin123@protonmail.com"; + }; + +# programs.plasma = { +# shortcuts.kwin = { +# "Switch One Desktop Down" = "Meta+Ctrl+Down"; +# "Switch One Desktop to the Left" = "Meta+Ctrl+Left"; +# "Switch One Desktop to the Right" = "Meta+Ctrl+Right"; +# "Switch One Desktop Up" = "Meta+Ctrl+Up"; +# }; +# }; + + programs.home-manager.enable = true; + +}