flake: upload 2nd machine

flake.nix

@@ -88,6 +88,10 @@
         inherit config nixpkgs agenix overlays inputs;
       };
 
+      nixosConfigurations.starcruiser = import ./hosts/starcruiser {
+        inherit config nixpkgs agenix overlays inputs;
+      };
+
       homeConfigurations.fortuneteller2k = import ./users/fortuneteller2k {
         inherit config nixpkgs home discocss nix-colors overlays inputs;
       };

hosts/starcruiser/configuration.nix

@@ -0,0 +1,352 @@
+{ config, lib, pkgs, options, inputs, system, ... }:
+
+/*
+  NixOS configuration
+
+  Useful links:
+  - Package Search: https://search.nixos.org/packages?channel=unstable
+  - Options Search: https://search.nixos.org/options?channel=unstable
+*/
+{
+  boot = {
+    /*
+      NOTE: replace this with your desired kernel, see: https://nixos.wiki/wiki/Linux_kernel for reference.
+
+      If you're not me or a XanMod kernel maintainer in Nixpkgs, use pkgs.linuxKernel.packages.linux_xanmod instead to avoid compilation.
+    */
+    kernelPackages = pkgs.master.linuxKernel.packages.linux_xanmod;
+
+    kernelParams = [
+      "mitigations=off"
+    ];
+
+    kernel.sysctl = {
+      "fs.file-max" = 2097152;
+      "kernel.printk" = "3 3 3 3";
+      "kernel.sched_migration_cost_ns" = 5000000;
+      "kernel.sched_nr_fork_threshold" = 3;
+      "kernel.sched_fake_interactive_win_time_ms" = 1000;
+      "kernel.unprivileged_userns_clone" = 1;
+      "net.core.default_qdisc" = "fq_pie";
+      "vm.dirty_ratio" = 60;
+      "vm.dirty_background_ratio" = 2;
+      "vm.swappiness" = 10;
+      "vm.vfs_cache_pressure" = 75;
+      "net.core.netdev_max_backlog" = 16384;
+      "net.core.somaxconn" = 8192;
+      "net.core.rmem_default" = 1048576;
+      "net.core.rmem_max" = 16777216;
+      "net.core.wmem_default" = 1048576;
+      "net.core.wmem_max" = 16777216;
+      "net.core.optmem_max" = 65536;
+      "net.ipv4.tcp_rmem" = "4096 1048576 2097152";
+      "net.ipv4.tcp_wmem" = "4096 65536 16777216";
+      "net.ipv4.udp_rmem_min" = 8192;
+      "net.ipv4.udp_wmem_min" = 8192;
+      "net.ipv4.tcp_fastopen" = 3;
+      "net.ipv4.tcp_keepalive_time" = 60;
+      "net.ipv4.tcp_keepalive_intvl" = 10;
+      "net.ipv4.tcp_keepalive_probes" = 6;
+      "net.ipv4.conf.default.log_martians" = 1;
+      "net.ipv4.conf.all.log_martians" = 1;
+      "net.ipv4.tcp_mtu_probing" = 1;
+      "net.ipv4.tcp_syncookies" = 1;
+      "net.ipv4.tcp_congestion_control" = "bbr2";
+    };
+
+    loader = {
+      efi.canTouchEfiVariables = true;
+
+      systemd-boot = {
+        enable = true;
+        configurationLimit = 3;
+        consoleMode = "max";
+        editor = false;
+      };
+    };
+  };
+
+  console = {
+    font = "Lat2-Terminus16";
+    keyMap = "us";
+
+    colors =
+      let colorscheme = inputs.nix-colors.colorSchemes.material-darker;
+      in
+      with colorscheme.colors; [
+        base01
+        base08
+        base0B
+        base0A
+        base0D
+        base0E
+        base0C
+        base06
+        base02
+        base08
+        base0B
+        base0A
+        base0D
+        base0E
+        base0C
+        base07
+      ];
+  };
+
+  documentation.man =
+    let
+      activeManOutputs = [ "man" ] ++ lib.optionals config.documentation.dev.enable [ "devman" ];
+    in
+    {
+      generateCaches = true;
+
+      man-db.manualPages = (pkgs.buildEnv {
+        name = "man-paths";
+        paths = config.environment.systemPackages;
+        pathsToLink = [ "/share/man" ];
+        extraOutputsToInstall = activeManOutputs;
+        ignoreCollisions = true;
+      }).overrideAttrs (_: { __contentAddressed = true; });
+    };
+
+  hardware = {
+    cpu.amd.updateMicrocode = true;
+
+    /*
+      hardware-configuration.nix enables this by default because of this line:
+
+      >  imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
+
+      See https://github.com/NixOS/nixpkgs/blob/master/nixos/modules/installer/scan/not-detected.nix
+    */
+    enableRedistributableFirmware = true;
+
+    nvidia = {
+      package = config.boot.kernelPackages.nvidiaPackages.beta;
+    };
+
+    opengl = {
+      enable = true;
+      driSupport = true;
+      extraPackages = with pkgs; [ vaapiVdpau libvdpau-va-gl ];
+    };
+  };
+
+  imports = [
+    ./hardware-configuration.nix
+    # Append your custom NixOS modules in this list
+    ../../modules/nixos/programs/river.nix
+  ];
+
+  i18n = {
+    defaultLocale = "en_US.UTF-8";
+    supportedLocales = [ "en_US.UTF-8/UTF-8" ];
+  };
+
+  environment = {
+    /*
+      NOTE: This isn't found in https://search.nixos.org/options.
+
+      Here's the warning that came with it:
+
+      "Please note that NixOS assumes all over the place that shell to be Bash,
+      so override the default setting only if you know exactly what you're doing."
+    */
+    binsh = "${pkgs.zsh}/bin/zsh";
+    pathsToLink = [ "/share/zsh" ];
+    shells = with pkgs; [ zsh ];
+
+    # Font packages should go in fonts.fonts a few lines below this.
+    systemPackages = lib.attrValues {
+      inherit (pkgs)
+        brightnessctl
+        coreutils
+        curl
+        dash
+        fd
+        file
+        home-manager
+        man-pages
+        man-pages-posix
+        ntfs3g
+        pavucontrol
+        pulseaudio
+        ripgrep
+        util-linux
+        unrar
+        unzip
+        wget
+        xarchiver
+        zip;
+
+      inherit (pkgs.qt5) qtwayland;
+      inherit (pkgs.gnome3) nautilus;
+
+      git = pkgs.git.overrideAttrs (_: { __contentAddressed = true; });
+      subversion = pkgs.subversion.overrideAttrs (_: { __contentAddressed = true; });
+    };
+  };
+
+  fonts = {
+    fonts = lib.attrValues {
+      inherit (pkgs)
+        emacs-all-the-icons-fonts
+        fantasque-sans-mono
+        # NOTE: use only when current is outdated
+        # iosevka-ft
+        # iosevka-ft-qp
+        sarasa-gothic
+        symbola
+        terminus_font
+        twemoji-color-font;
+
+      inherit (inputs.nixpkgs-f2k.packages.${system})
+        iosevka-ft-bin
+        iosevka-ft-qp-bin;
+
+      nerdfonts = pkgs.nerdfonts.override { fonts = [ "FantasqueSansMono" "Iosevka" ]; };
+    };
+
+    fontconfig = {
+      enable = true;
+
+      defaultFonts = {
+        serif = [
+          "Sarasa Gothic C"
+          "Sarasa Gothic J"
+          "Sarasa Gothic K"
+        ];
+
+        sansSerif = [
+          "Sarasa Gothic C"
+          "Sarasa Gothic J"
+          "Sarasa Gothic K"
+        ];
+
+        monospace = [
+          "Iosevka FT"
+          "Iosevka Nerd Font"
+          "Sarasa Mono C"
+          "Sarasa Mono J"
+          "Sarasa Mono K"
+        ];
+
+        emoji = [ "Twitter Color Emoji" ];
+      };
+    };
+  };
+
+  networking = {
+    hostName = "starcruiser";
+
+    # Replace with your interface names.
+    interfaces.enp5s0.useDHCP = true;
+    nameservers = [ "1.1.1.1" "1.0.0.1" "8.8.8.8" "8.8.4.4" ];
+  };
+
+  powerManagement.cpuFreqGovernor = "performance";
+
+  programs = {
+    bash.interactiveShellInit = ''export HISTFILE=$HOME/.config/.bash_history'';
+    command-not-found.enable = false;
+    dconf.enable = true;
+    qt5ct.enable = true;
+  };
+
+  security.sudo.wheelNeedsPassword = false;
+
+  services = {
+    chrony = {
+      enable = true;
+
+      servers = [
+        "ntp.pagasa.dost.gov.ph"
+        "0.nixos.pool.ntp.org"
+        "1.nixos.pool.ntp.org"
+        "2.nixos.pool.ntp.org"
+        "3.nixos.pool.ntp.org"
+      ];
+    };
+
+    greetd = {
+      enable = true;
+
+      settings = {
+        default_session.command = "${pkgs.greetd.tuigreet}/bin/tuigreet --time --cmd 'sway --unsupported-gpu'";
+
+        initial_session = {
+          command = "sway";
+          user = "fortuneteller2k";
+        };
+      };
+    };
+
+    journald.extraConfig = lib.mkForce "";
+
+    openssh = {
+      enable = true;
+      gatewayPorts = "yes";
+      permitRootLogin = "yes";
+    };
+
+    pipewire = {
+      enable = true;
+      socketActivation = false;
+
+      alsa = {
+        enable = true;
+        support32Bit = true;
+      };
+
+      jack.enable = true;
+      pulse.enable = true;
+    };
+
+    usbmuxd.enable = true;
+  };
+
+  system = {
+
+    /*
+      NOTE: DO NOT CHANGE THIS IF YOU DON'T KNOW WHAT YOU'RE DOING.
+
+      Only change this if you are ABSOLUTELY 100% SURE that you don't have stateful data.
+    */
+    stateVersion = "22.05";
+  };
+
+  systemd = {
+    services.rtkit-daemon = import ./services/rtkit-daemon.nix { inherit pkgs; };
+
+    user.services = {
+      pipewire.wantedBy = [ "default.target" ];
+      pipewire-pulse.wantedBy = [ "default.target" ];
+    };
+  };
+
+  time.timeZone = "Asia/Manila";
+
+  users.users.fortuneteller2k = {
+    isNormalUser = true;
+    home = "/home/fortuneteller2k";
+    shell = pkgs.zsh;
+
+    extraGroups = [
+      "wheel"
+      "video"
+      "audio"
+      "realtime"
+    ];
+  };
+
+  xdg.portal = {
+    enable = true;
+    gtkUsePortal = true;
+    wlr.enable = true;
+  };
+
+  zramSwap = {
+    enable = true;
+    memoryPercent = 40;
+  };
+}

hosts/starcruiser/default.nix

@@ -0,0 +1,26 @@
+{ config, nixpkgs, agenix, overlays, inputs }:
+
+# See https://github.com/NixOS/nixpkgs/blob/master/flake.nix#L24 for reference.
+nixpkgs.lib.nixosSystem rec {
+  system = "x86_64-linux";
+
+  modules = [
+    agenix.nixosModules.age
+
+    {
+      # NOTE: you should either change this or disable it completely by commenting it out
+      age.secrets.github-token = {
+        file = ../../secrets/github-token.age;
+        owner = "fortuneteller2k";
+        mode = "0444";
+      };
+
+      nix = import ../../nix-settings.nix { inherit inputs system nixpkgs; };
+      nixpkgs = { inherit config overlays; };
+    }
+
+    ./configuration.nix
+  ];
+
+  specialArgs = { inherit inputs system; };
+}