update

hosts/desktop/configuration.nix

@@ -7,6 +7,7 @@
       inputs.home-manager.nixosModules.default
       ../../modules/nixos/bootloader.nix
       ../../modules/nixos/user.nix
+      ../../modules/nixos/ssh.nix
       ../../modules/nixos/nvidia.nix
       ../../modules/nixos/i3.nix
       ../../modules/nixos/nm.nix
@@ -14,6 +15,8 @@
       ../../modules/nixos/steam.nix
       ../../modules/nixos/env.nix
       ../../modules/nixos/1password.nix
+      ../../modules/nixos/postgres.nix
+      ../../modules/nixos/docker.nix
     ];
 
   boot.kernelPackages = pkgs.linuxPackages_latest;
@@ -33,6 +36,7 @@
     wget
     git
     curl
+    lsof
   ];
 
   home-manager = {

hosts/desktop/hardware-configuration.nix

@@ -14,18 +14,17 @@
   boot.extraModulePackages = [ ];
 
   fileSystems."/" =
-    { device = "/dev/disk/by-uuid/4dc20e43-03f8-4695-8bb5-ad9974215ac8";
+    { device = "/dev/disk/by-uuid/f8d20844-226c-4375-9856-6ee29e08019c";
       fsType = "ext4";
     };
 
   fileSystems."/boot" =
-    { device = "/dev/disk/by-uuid/7F11-62C6";
+    { device = "/dev/disk/by-uuid/FDF5-4C02";
       fsType = "vfat";
+      options = [ "fmask=0022" "dmask=0022" ];
     };
 
-  swapDevices =
-    [ { device = "/dev/disk/by-uuid/51bbac0f-6f93-45ff-92b5-fea4d110c138"; }
-    ];
+  swapDevices = [ ];
 
   # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
   # (the default) this is the recommended approach. When using systemd-networkd it's

hosts/desktop/home.nix

@@ -14,6 +14,7 @@
     ../../modules/home-manager/eza
     ../../modules/home-manager/bat
     ../../modules/home-manager/irssi
+    ../../modules/home-manager/syncthing
   ];
   home.username = "mthomson";
   home.homeDirectory = "/home/mthomson";
@@ -39,6 +40,14 @@
     pasystray
     networkmanagerapplet 
     mangohud
+    kubectl
+    k9s
+    kubeseal
+    velero
+    fluxcd
+    zoom-us
+    crawl
+    obsidian
   ];
 
   home.sessionVariables = {

modules/home-manager/i3/config

@@ -252,3 +252,5 @@ exec_always --no-startup-id dunst
 
 # pasystray
 exec_always --no-startup-id pasystray
+
+exec_always --no-startup-id syncthing

modules/home-manager/syncthing/default.nix

@@ -0,0 +1,9 @@
+{ pkgs, config, ... }:
+
+{
+  services = {
+    syncthing = {
+      enable = true;
+    };
+  };
+}

modules/nixos/docker.nix

@@ -0,0 +1,3 @@
+{
+  virtualisation.docker.enable = true;
+}

modules/nixos/nvidia.nix

@@ -9,7 +9,7 @@
 
   hardware.nvidia.modesetting.enable = true;
   hardware.nvidia.nvidiaSettings = true;
-  hardware.nvidia.package = config.boot.kernelPackages.nvidiaPackages.stable;
+  hardware.nvidia.package = config.boot.kernelPackages.nvidiaPackages.beta;
 
-  services.xserver.videoDrivers = [ "nvidia "];
+  services.xserver.videoDrivers = [ "nvidia" ];
 }

modules/nixos/postgres.nix

@@ -0,0 +1,18 @@
+{ pkgs, ... }:
+
+{
+  services.postgresql = {
+    enable = true;
+    ensureDatabases = [ "mydatabase" ];
+    enableTCPIP = true;
+    port = 5432;
+    authentication = pkgs.lib.mkOverride 10 ''
+      #type database DBuser origin-address auth-method
+      local all      all                   trust
+      # ipv4
+      host  all      all     127.0.0.1/32   trust
+      # ipv6
+      host all       all     ::1/128        trust
+    '';
+  };
+}

modules/nixos/ssh.nix

@@ -0,0 +1,9 @@
+{
+  services.openssh = {
+    enable = true;
+    # require public key authentication for better security
+    settings.PasswordAuthentication = false;
+    settings.KbdInteractiveAuthentication = false;
+    #settings.PermitRootLogin = "yes";
+  };
+}

modules/nixos/user.nix

@@ -23,5 +23,8 @@
     description = "Michael Thomson";
     extraGroups = [ "networkmanager" "wheel" ];
     packages = with pkgs; [];
+    openssh.authorizedKeys.keys = [
+      "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCqLd5MRSD5GdVmFOgKGRq8t/I8I9xjH2gRMmNHSqtSPYWFx8xT8uOfwyHx1um73tMg99jb4LCs+OpTaTdEyitFygxF/UdSYvAwzP+Lg4p7n6vLljmt0V1i5Zbct3oPM5CKXsUaRZkNyJxB5gJEXe/wKQ3+xj59HV3+m6uw9MO72sI5PKSFIKQFA2LTCYkA2NfO+/VtrLwopcZ+fvIutdUgmaltA3ESWCglocQ+EDXFsdO/h2KUFN6sereT+EBVPC0ePbxWpT9gHZlpeHyPPDnDuj1lUYQisTVKiaRnyFk6FyLYyxquqk+kHX0vSGD/+tBQ/+NoE/ckp2XvjrM48M3+LqtTcOi5RnTHZFuP9NgKxUQyCGOntocNVJ50puLWgr1joFUdHABo3Xjaik0np0FL5QsfYFbNxY6x94OWUxYFUu+/ZRLMWhA3qab6+FcYo4nYB+VszNYv0kE0Lo0jk9EjACoDc/omS0i5P38wvMekwkE2k54U8CkkE+zB3gXtCATE+kN9/ueOy5W4xHhvnoRmMpFza2xO3LPIVB8mVTUiBRfwgz2+psb/AHQwsmORS9BzfA8QdaM1kbbmZo1F1iw8+m1ZCatos2xkcWgMwKfiT2224hZ7DsM+DAZ4IYQzxT7OBYknh7lX3kQeeficqF3Dlg2QLuAlOdnDqb2xyCSDyQ== mthomson"
+    ];
   };
 }