Added vps config, rearranged current one

hosts/laptop/configuration.nix

@@ -2,7 +2,7 @@
 # your system.  Help is available in the configuration.nix(5) man page
 # and in the NixOS manual (accessible by running `nixos-help`).
 
-{ config, pkgs, pkgs-stable, secrets, ... }:
+{ config, pkgs, pkgs-stable, ... }:
 
 {  
   # boot.kernelPackages = pkgs.linuxPackages_zen;
@@ -32,9 +32,9 @@
       insmod fat
       set root='hd0,gpt4'
       if [ x$feature_platform_search_hint = xy ]; then
-        search --no-floppy --fs-uuid --set=root --hint-bios=hd0,gpt4 --hint-efi=hd0,gpt4 --hint-baremetal=ahci0,gpt4  ${secrets.drive-ids.volumes.windows_efi_uuid}
+        search --no-floppy --fs-uuid --set=root --hint-bios=hd0,gpt4 --hint-efi=hd0,gpt4 --hint-baremetal=ahci0,gpt4 8D94-2A4E
       else
-        search --no-floppy --fs-uuid --set=root ${secrets.drive-ids.volumes.windows_efi_uuid}
+        search --no-floppy --fs-uuid --set=root 8D94-2A4E
       fi
       chainloader /EFI/Microsoft/Boot/bootmgfw.efi
     }
@@ -43,11 +43,11 @@
       insmod fat
       # set root='hd0,gpt4'
       # if [ x$feature_platform_search_hint = xy ]; then
-      #   search --no-floppy --fs-uuid --set=root --hint-bios=hd0,gpt4 --hint-efi=hd0,gpt4 --hint-baremetal=ahci0,gpt4  ${secrets.drive-ids.volumes.ventoy_efi_uuid}
+      #   search --no-floppy --fs-uuid --set=root --hint-bios=hd0,gpt4 --hint-efi=hd0,gpt4 --hint-baremetal=ahci0,gpt4 BDAD-470D
       # else
-      #   search --no-floppy --fs-uuid --set=root ${secrets.drive-ids.volumes.ventoy_efi_uuid}
+      #   search --no-floppy --fs-uuid --set=root BDAD-470D
       # fi
-      search --no-floppy --fs-uuid --set=root ${secrets.drive-ids.volumes.ventoy_efi_uuid}
+      search --no-floppy --fs-uuid --set=root BDAD-470D
       chainloader /EFI/BOOT/BOOTX64.EFI
     }
     '';
@@ -80,10 +80,10 @@
   # ==[SECURITY]==
   # LUKS options
   # boot.initrd.luks.fido2Support = true;
-  boot.initrd.luks.devices = with secrets.drive-ids.luks; {
+  boot.initrd.luks.devices = {
     crypted = {
-      inherit device;
-      inherit header;
+      device = "/dev/disk/by-path/pci-0000:02:00.0-nvme-1";
+      header = "/dev/disk/by-partuuid/3c43dda3-6a23-7148-add5-84354a28a59e";
       preLVM = true;
       crypttabExtraOpts = [ "fido2-device=auto" "token-timeout=10s" ];
       # fido2.credential = "";
@@ -335,7 +335,6 @@
   zramSwap = {
     enable = true;
     # swapDevices = 2;
-    # writebackDevice = secrets.drive-ids.volumes.swap;
   };
 
   # List services that you want to enable:

hosts/laptop/email.nix

@@ -0,0 +1,42 @@
+{
+  accounts.email.accounts = {
+    "lgm-disroot" = {
+      primary = true;
+      address = "lgmrszd@disroot.org";
+      userName = "lgmrszd@disroot.org";
+      realName = "Lgmrszd";
+      gpg = {
+        key = "D3067BE844D3FC49535A47B29396B8BA6FBB14DE";
+        signByDefault = true;
+      };
+      imap = {
+        host = "disroot.org";
+        port = 993;
+      };
+      smtp = {
+        host = "disroot.org";
+        port = 465;
+        tls.enable = true;
+      };
+      thunderbird = {
+        enable = true;
+        profiles = [
+          "lgmrszd"
+        ];
+      };
+    };
+
+    "lgm-gmail" = {
+      address = "lgmrszd@gmail.com";
+      userName = "lgmrszd@gmail.com";
+      realName = "Lgmrszd";
+      flavor = "gmail.com";
+      thunderbird = {
+        enable = true;
+        profiles = [
+          "lgmrszd"
+        ];
+      };
+    };
+  };
+}

hosts/laptop/hardware-configuration.nix

@@ -5,7 +5,9 @@
 # and may be overwritten by future invocations.  Please make changes
 # to /etc/nixos/configuration.nix instead.
 { config, lib, pkgs, modulesPath, secrets, ... }:
-
+let
+  root = "/dev/vgmain/nixos";
+in
 {
   imports =
     [ (modulesPath + "/installer/scan/not-detected.nix")
@@ -17,25 +19,25 @@
   boot.extraModulePackages = [ ];
 
   fileSystems."/" =
-    { device = secrets.drive-ids.volumes.root;
+    { device = root;
       fsType = "btrfs";
       options = [ "subvol=root" ];
     };
 
   fileSystems."/nix" =
-    { device = secrets.drive-ids.volumes.root;
+    { device = root;
       fsType = "btrfs";
       options = [ "subvol=nix" ];
     };
 
   fileSystems."/home" =
-    { device = secrets.drive-ids.volumes.root;
+    { device = root;
       fsType = "btrfs";
       options = [ "subvol=home" ];
     };
 
   fileSystems."/boot" =
-    { device = secrets.drive-ids.volumes.boot;
+    { device = "/dev/disk/by-label/boot";
       fsType = "vfat";
       options = [
         "noauto"
@@ -47,7 +49,7 @@
     };
 
   swapDevices =
-    [ { device = secrets.drive-ids.volumes.swap; }
+    [ { device = "/dev/vgmain/swap"; }
     ];
 
   # Enables DHCP on each ethernet and wireless interface. In case of scripted networking

hosts/laptop/home.nix

@@ -0,0 +1,256 @@
+{ config, osConfig, pkgs, ... }:
+
+{
+  home.username = "lgm";
+  home.homeDirectory = "/home/lgm";
+
+  imports = [
+    ./email.nix
+  ];
+
+  # https://nixos-and-flakes.thiscute.world/nixos-with-flakes/start-using-home-manager
+
+  # Packages that should be installed to the user profile.
+  home.packages = with pkgs; [
+    # my scripts
+    # ((import ../scripts/rebuild.nix) {inherit pkgs;}) # outdated
+    wineWowPackages.waylandFull
+    openconnect
+    # file editing
+    onlyoffice-bin
+    # theming
+    libsForQt5.qtstyleplugin-kvantum
+    # osConfig.nur.repos.baduhai.koi
+    (catppuccin-gtk.override {
+      variant = "latte";
+      accents = [ "yellow" ];
+    })
+    (catppuccin-kde.override {
+      flavour = [ "macchiato" "latte" ];
+      accents = [ "yellow" ];
+    })
+    (catppuccin-kvantum.override {
+      variant = "Latte";
+      accent = "Yellow";
+    })
+    (catppuccin-kvantum.override {
+      variant = "Macchiato";
+      accent = "Yellow";
+    })
+
+
+    # web
+    firefox
+    protonvpn-gui
+    protonvpn-cli
+    # security
+    fresh.keepassxc
+    onlykey
+    onlykey-agent
+    libsForQt5.plasma-vault
+    gpgme.dev # For mailvelope
+
+    neofetch
+    libsForQt5.yakuake
+    libsForQt5.kgpg
+
+    # messaging
+    (fresh.discord.override {
+        withOpenASAR = true;
+    })
+    fresh.vesktop
+    fresh.telegram-desktop
+    libsForQt5.tokodon
+    libsForQt5.neochat
+#     pkgs-unstable.cinny-desktop
+#     pkgs-unstable.thunderbird # see programs.thunderbird
+    # graphics
+    gimp
+    krita
+    inkscape-with-extensions
+    # blockbench-electron
+    # games
+    prismlauncher
+    xonotic
+    superTux
+    superTuxKart
+    lutris
+    # dev
+    # jetbrains.jdk
+    jetbrains.idea-community
+    packwiz
+    # vscodium # see programs.vscode
+    rnix-lsp
+    #nnn # terminal file manager
+
+    # archives
+#     zip
+#     xz
+#     unzip
+#     p7zip
+
+    # utils
+    ani-cli
+    yt-dlp
+    mosh
+    appimage-run
+    kate
+    ncdu
+    # btrfs tools
+    btdu # ncdu but for btrfs
+    compsize
+
+    ripgrep # recursively searches directories for a regex pattern
+    jq # A lightweight and flexible command-line JSON processor
+    eza
+
+    # networking tools
+    dnsutils  # `dig` + `nslookup`
+    ldns # replacement of `dig`, it provide the command `drill`
+    aria2
+    socat # replacement of openbsd-netcat
+    nmap # A utility for network discovery and security auditing
+
+    # etc
+    vlc
+    qbittorrent
+    # misc
+    cowsay
+#     file
+#     which
+    tree
+#     gnused
+#     gnutar
+#     gawk
+#     zstd
+    gnupg
+
+    # nix related
+    nix-output-monitor
+
+    glow # markdown previewer in terminal
+
+    btop  # replacement of htop/nmon
+    iotop # io monitoring
+    iftop # network monitoring
+    # system call monitoring
+    strace # system call monitoring
+    ltrace # library call monitoring
+    lsof # list open files
+
+    # system tools
+    file
+#     sysstat
+    lm_sensors # for `sensors` command
+#     ethtool
+    pciutils # lspci
+    usbutils # lsusb
+    # android-tools
+
+    monero-gui
+  ];
+
+  # Email stuff
+
+  programs.thunderbird = {
+    enable = true;
+    package = pkgs.thunderbird;
+    profiles = {
+      lgmrszd = {
+        isDefault = true;
+        withExternalGnupg = true;
+      };
+    };
+  };
+
+  # ---------
+
+  services.nextcloud-client = {
+    enable = true;
+  };
+
+  programs.java = {
+    enable = true;
+    package = pkgs.fresh.jetbrains.jdk;
+  };
+
+  programs.git = {
+    enable = true;
+    delta.enable = true;
+    signing = {
+      signByDefault = true;
+      key = "D3067BE844D3FC49535A47B29396B8BA6FBB14DE";
+    };
+    userName = "Lgmrszd";
+    userEmail = "lgmrszd@disroot.org";
+    extraConfig = {
+      init = {
+        defaultBranch = "main";
+      };
+    };
+  };
+
+  programs.pazi = {
+    enable = true;
+    enableFishIntegration = true;
+  };
+
+  programs.fzf = {
+    enable = true;
+    enableFishIntegration = true;
+  };
+
+  
+  programs.vscode = {
+    enable = true;
+    package = pkgs.vscodium;
+    extensions = with pkgs.vscode-extensions; [
+      jnoortheen.nix-ide
+    ];
+  };
+
+
+  programs.starship = {
+    enable = true;
+    # custom settings
+    settings = {
+      add_newline = false;
+      aws.disabled = true;
+      gcloud.disabled = true;
+      # line_break.disabled = true;
+    };
+  };
+
+
+  programs.fish = {
+    enable = true;
+    plugins = [
+      {
+        name = "forgit";
+        src = pkgs.fishPlugins.forgit.src;
+      }
+      {
+        name = "fzf";
+        src = pkgs.fishPlugins.fzf.src;
+      }
+    ];
+  };
+
+  programs.bash = {
+    enable = true;
+    enableCompletion = true;
+  };
+
+  # This value determines the home Manager release that your
+  # configuration is compatible with. This helps avoid breakage
+  # when a new home Manager release introduces backwards
+  # incompatible changes.
+  #
+  # You can update home Manager without changing this value. See
+  # the home Manager release notes for a list of state version
+  # changes in each release.
+  home.stateVersion = "23.05";
+
+  # Let home Manager install and manage itself.
+  programs.home-manager.enable = true;
+}

hosts/laptop/mounts.nix

@@ -3,13 +3,13 @@ with secrets.drive-ids; {
   systemd.mounts =  [
     {
       where = "/mounts/my_data";
-      what = mounts.my_data;
+      what = "/dev/disk/by-label/My_Data";
       type = "ntfs3";
       options = "defaults,exec,noauto,prealloc,uid=1000,gid=100";
     }
     {
       where = "/mounts/windows";
-      what = mounts.windows;
+      what = "/dev/disk/by-label/WinPart";
       type = "ntfs3";
       options = "defaults,exec,noauto,prealloc,uid=1000,gid=100";
     }

hosts/vps1/configuration.nix

@@ -0,0 +1,36 @@
+{ pkgs, ... }: {
+  imports = [
+    ./hardware-configuration.nix
+    
+    
+  ];
+
+  programs.fish.enable = true;
+
+  nix.settings.experimental-features = [ "nix-command" "flakes" ];
+
+  boot.tmp.cleanOnBoot = true;
+  zramSwap.enable = true;
+  networking.hostName = "lgm-vps1";
+  networking.domain = "contaboserver.net";
+  services.openssh.enable = true;
+  services.openssh.ports = [ 37163 ];
+
+  services.endlessh-go = {
+    enable = true;
+    openFirewall = true;
+    port = 22;
+  };
+
+  programs.mosh.enable = true;
+  
+  users.users.lgm = {
+    isNormalUser = true;
+    description = "lgm";
+    extraGroups = [ "networkmanager" "wheel" "adbusers" "docker"];
+    shell = pkgs.fish;
+  };
+
+  system.stateVersion = "23.11";
+  users.users.root.openssh.authorizedKeys.keys = [''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOcHiU7AJfci41rk+CdON9oGkaMjOez1DzFN3NJFuSlC lgm@lgm-nixos'' ];
+}

hosts/vps1/hardware-configuration.nix

@@ -0,0 +1,9 @@
+{ modulesPath, ... }:
+{
+  imports = [ (modulesPath + "/profiles/qemu-guest.nix") ];
+  boot.loader.grub.device = "/dev/sda";
+  boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "xen_blkfront" "vmw_pvscsi" ];
+  boot.initrd.kernelModules = [ "nvme" ];
+  fileSystems."/" = { device = "/dev/sda3"; fsType = "ext4"; };
+  
+}