provision/additional-setup.md

@@ -2,7 +2,18 @@
 
 The following documents some NixOS setup that wasn't automated.
 
-## NIPR email, Teams, etc.
+## Encryption Keys
+
+### Github SSH
+
+Keys for SSH aren't automatically placed with chezmoi `secret` since it complicated
+things to much. The key for github SSH must be transferred manually from Bitwarden
+or:
+
+- `/run/secrets/keys/github_personal` to `~/.ssh/keys/github_personal`.
+- `/run/secrets/radicale/users` to `~/.config/radicale/users`.
+
+### NIPR email, Teams, etc.
 
 - Run `pcscan` and make sure card reader shows up.
 - Run `pkcs11-register` to register cac.
@@ -77,3 +88,8 @@ git clone https://<user>:<token>@git.tstarr.us/tstarr/vulcan.git
 Copy another `.obsidian` folder for the new host (i.e. `.obsidian-<host>`).
 
 Open vault folder in obsidian and change the `.obsidian` folder in settings.
+
+
+## Wifi on Shivan
+
+Connect to wifi network with: `nmcli device wifi connect <SSID> password <password>`.

provision/hosts/bulwark/steam-deck.nix

@@ -2,14 +2,21 @@
 {
   imports = [
     (jovian-nixos + "/modules")
+    #home-manager.nixosModule
   ];
 
   jovian = {
     steam.desktopSession = "gnome";
     steam.enable = true;
+    steam.autoStart = true; 
     steam.user = "${user}";
-    devices.steamdeck.enable = true;
+    devices.steamdeck = {
+      enable = true;
     };
+  };
+
+  # Disable gdm (this is required for Jovian-NixOS)
+  services.xserver.displayManager.gdm.enable = lib.mkForce false;
 
   environment.systemPackages = with pkgs; [
     jupiter-dock-updater-bin # Binary package for updating firmware on Jupiter Dock, a hardware accessory for certain laptops.

provision/hosts/default/default.nix

@@ -1,5 +1,10 @@
 { config, pkgs, user, lib, inputs, ... }:
 {
+  imports = [ 
+    ./git.nix
+    ./home-default.nix
+  ];
+
   nix = {
     package = pkgs.nixFlakes;
     extraOptions = "experimental-features = nix-command flakes";
@@ -25,19 +30,4 @@
 
   # Did you read the comment?
   system.stateVersion = "23.11";
-
-  home-manager.users.${user} = {
-    home.username = "${user}";
-    home.homeDirectory = "/home/${user}";
-    programs.home-manager.enable = true;
-
-    programs.direnv = {
-      enable = true;
-      enableBashIntegration = true;
-      nix-direnv.enable = true;
-    };
-
-    # Did you read the comment?
-    home.stateVersion = "23.11";
-  };
 }

provision/hosts/default/home-default.nix

@@ -0,0 +1,20 @@
+{ config, pkgs, user, ... }:
+{
+  home-manager.users.${user} = {
+    home.username = "${user}";
+    home.homeDirectory = "/home/${user}";
+    programs.home-manager.enable = true;
+
+    programs.direnv = {
+      enable = true;
+      enableBashIntegration = true;
+      nix-direnv.enable = true;
+    };
+
+    home.packages = with pkgs; [
+    ];
+
+    # Did you read the comment?
+    home.stateVersion = "23.11";
+  };
+}

provision/hosts/default/physical/backup.nix

@@ -0,0 +1,22 @@
+{ config, pkgs, user, lib, ... }:
+{
+  services.borgmatic.enable = true;
+  environment.systemPackages = with pkgs; [
+    borgbackup # Deduplicating backup program 
+    tree
+    (pkgs.writeScriptBin "stop-docker-containers" ''
+      #!/bin/sh
+      [ -e /tmp/docker_images ] && rm /tmp/docker_images
+      images=$(docker ps -a -q)
+      echo "$images" > /tmp/docker_images
+      docker stop $images
+    '')
+    (pkgs.writeScriptBin "restore-docker-containers" ''
+      #!/bin/sh
+      [ ! -e /tmp/docker_images ] && exit 0
+      docker start $(cat /tmp/docker_images)
+      rm /tmp/docker_images
+    '')
+  ];
+}
+          

provision/hosts/default/physical/configuration.nix

@@ -1,5 +1,10 @@
 { config, pkgs, user, lib, inputs, ... }:
 {
+  imports = [ 
+    ./home-configuration.nix
+    ./backup.nix
+  ];
+
   nixpkgs.config.permittedInsecurePackages = [ "electron-25.9.0" "openssl-1.1.1w" ];
 
   # Use the systemd-boot EFI boot loader.
@@ -12,11 +17,4 @@
     extraGroups = [ "dialout" "wheel" "docker" "libvirtd" ];
     shell = pkgs.bash;
   };
-
-  home-manager.users.${user} = {
-    programs.vscode = {
-      enable = true;
-      package = pkgs.vscode.fhs;
-    };
-  };
 }

provision/hosts/default/physical/home-configuration.nix

@@ -0,0 +1,9 @@
+{ config, pkgs, user, ... }:
+{
+  home-manager.users.${user} = {
+    programs.vscode = {
+      enable = true;
+      package = pkgs.vscode.fhs;
+    };
+  };
+}

provision/hosts/kestrel/configuration.nix

@@ -65,7 +65,6 @@
       virt-manager.enable = true;
     };
     system = {
-      backup.enable = true;
       nipr.enable = true;
       ssh.enable = true;
       terminal.enable = true;

provision/hosts/torus/configuration.nix

@@ -106,7 +106,6 @@
       jellyfin.enable = true;
     };
     system = {
-      backup.enable = true;
       terminal.enable = true;
       ssh.enable = true;
     };

provision/modules/desktop/gnome.nix

@@ -139,7 +139,6 @@ in {
           favorite-apps = [
             "google-chrome.desktop"
             "kitty.desktop"
-            "org.gnome.Nautilus.desktop"
             "steam.desktop"
             "vesktop.desktop"
           ];

provision/modules/programs/default.nix

@@ -1,4 +1,4 @@
 { ... }:
 {
-  imports = [ ./git.nix ./chezmoi.nix ./kitty.nix ];
+  imports = [ ./chezmoi.nix ./kitty.nix ];
 }

provision/modules/system/backup.nix

@@ -1,26 +0,0 @@
-{ config, pkgs, user, lib, ... }:
-
-let cfg = config.modules.system.backup;
-in {
-  options.modules.system.backup.enable = lib.mkEnableOption "backup";
-  config = lib.mkIf cfg.enable {
-    services.borgmatic.enable = true;
-    environment.systemPackages = with pkgs; [
-      borgbackup # Deduplicating backup program 
-      tree
-      (pkgs.writeScriptBin "stop-docker-containers" ''
-        #!/bin/sh
-        [ -e /tmp/docker_images ] && rm /tmp/docker_images
-        images=$(docker ps -a -q)
-        echo "$images" > /tmp/docker_images
-        docker stop $images
-      '')
-      (pkgs.writeScriptBin "restore-docker-containers" ''
-        #!/bin/sh
-        [ ! -e /tmp/docker_images ] && exit 0
-        docker start $(cat /tmp/docker_images)
-        rm /tmp/docker_images
-      '')
-    ];
-  };
-}

provision/modules/system/default.nix

@@ -1,4 +1,4 @@
 { ... }:
 {
-  imports = [ ./backup.nix ./nipr.nix ./ssh.nix ./terminal.nix ./wireguard-client.nix ];
+  imports = [ ./nipr.nix ./ssh.nix ./terminal.nix ./wireguard-client.nix ];
 }

provision/readme.md

@@ -5,7 +5,8 @@ Set of configs files to setup NixOS.
 
 ## Usage
 
-1. Install NixOS with this [guide](https://nixos.wiki/wiki/NixOS_Installation_Guide). Use the following paritions and btrfs subvolumes:
+1. Install NixOS with this [guide](https://nixos.wiki/wiki/NixOS_Installation_Guide).
+   Use the following paritions and btrfs subvolumes:
 
    | Name    | Type  | Mount Point | Size         |
    |---------|-------|-------------|--------------|
@@ -18,18 +19,18 @@ Set of configs files to setup NixOS.
 
 2. Run the following commands:
 
-```bash
-nix-shell -p vim git
-git clone https://github.com/starr-dusT/dotfiles ~/.local/share/chezmoi 
-```
+   ```bash
+   nix-shell -p vim git
+   git clone https://github.com/starr-dusT/dotfiles ~/.local/share/chezmoi 
+   ```
    
-Move the installer created hardware.nix to dotfiles. E.g. `provision/hosts/<host>/hardware.nix`.
+   Move the installer created hardware.nix to dotfiles. E.g. `provision/hosts/<host>/hardware.nix`.
    
-```bash
-cd ~/.local/share/chezmoi/provision
-sudo nixos-rebuild switch --flake .#<host>
-chezmoi init && chezmoi apply
-```
+   ```bash
+   cd ~/.local/share/chezmoi/provision
+   sudo nixos-rebuild switch --flake .#<host>
+   chezmoi init && chezmoi apply
+   ```
 
 3. Profit!
 
@@ -37,4 +38,5 @@ Perform additional setup found in [additional-setup](additional-setup.md)
 
 ## Update
 
-`nixos-rebuild` command is aliased to `nu` assuming the flake is named the same at the hostname of the machine.
+`nixos-rebuild` command is aliased to `nu` assuming the flake is named the same at the
+hostname of the machine.