25.11 girls are unforgettable

flake.lock

@@ -149,12 +149,15 @@
       }
     },
     "flake-utils": {
+      "inputs": {
+        "systems": "systems"
+      },
       "locked": {
-        "lastModified": 1659877975,
+        "lastModified": 1731533236,
-        "narHash": "sha256-zllb8aq3YO3h8B/U0/J1WBgAL8EX5yWf5pMj3G0NAmc=",
+        "narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=",
         "owner": "numtide",
         "repo": "flake-utils",
-        "rev": "c0e246b9b83f637f4681389ecabcb2681b4f3af0",
+        "rev": "11707dc2f618dd54ca8739b309ec4fc024de578b",
         "type": "github"
       },
       "original": {
@@ -242,16 +245,16 @@
         ]
       },
       "locked": {
-        "lastModified": 1743808813,
+        "lastModified": 1765605144,
-        "narHash": "sha256-2lDQBOmlz9ggPxcS7/GvcVdzXMIiT+PpMao6FbLJSr0=",
+        "narHash": "sha256-RM2xs+1HdHxesjOelxoA3eSvXShC8pmBvtyTke4Ango=",
         "owner": "nix-community",
         "repo": "home-manager",
-        "rev": "a9f8b3db211b4609ddd83683f9db89796c7f6ac6",
+        "rev": "90b62096f099b73043a747348c11dbfcfbdea949",
         "type": "github"
       },
       "original": {
         "owner": "nix-community",
-        "ref": "release-24.11",
+        "ref": "release-25.11",
         "repo": "home-manager",
         "type": "github"
       }
@@ -358,11 +361,11 @@
         ]
       },
       "locked": {
-        "lastModified": 1713543440,
+        "lastModified": 1752054764,
-        "narHash": "sha256-lnzZQYG0+EXl/6NkGpyIz+FEOc/DSEG57AP1VsdeNrM=",
+        "narHash": "sha256-Ob/HuUhANoDs+nvYqyTKrkcPXf4ZgXoqMTQoCK0RFgQ=",
         "owner": "guibou",
         "repo": "nixGL",
-        "rev": "310f8e49a149e4c9ea52f1adf70cdc768ec53f8a",
+        "rev": "a8e1ce7d49a149ed70df676785b07f63288f53c5",
         "type": "github"
       },
       "original": {
@@ -421,11 +424,11 @@
     },
     "nixos-hardware": {
       "locked": {
-        "lastModified": 1743420942,
+        "lastModified": 1762463231,
-        "narHash": "sha256-b/exDDQSLmENZZgbAEI3qi9yHkuXAXCPbormD8CSJXo=",
+        "narHash": "sha256-hv1mG5j5PTbnWbtHHomzTus77pIxsc4x8VrMjc7+/YE=",
         "owner": "NixOS",
         "repo": "nixos-hardware",
-        "rev": "de6fc5551121c59c01e2a3d45b277a6d05077bc4",
+        "rev": "52113c4f5cfd1e823001310e56d9c8d0699a6226",
         "type": "github"
       },
       "original": {
@@ -453,16 +456,16 @@
     },
     "nixpkgs": {
       "locked": {
-        "lastModified": 1743703532,
+        "lastModified": 1765762245,
-        "narHash": "sha256-s1KLDALEeqy+ttrvqV3jx9mBZEvmthQErTVOAzbjHZs=",
+        "narHash": "sha256-3iXM/zTqEskWtmZs3gqNiVtRTsEjYAedIaLL0mSBsrk=",
         "owner": "nixos",
         "repo": "nixpkgs",
-        "rev": "bdb91860de2f719b57eef819b5617762f7120c70",
+        "rev": "c8cfcd6ccd422e41cc631a0b73ed4d5a925c393d",
         "type": "github"
       },
       "original": {
         "owner": "nixos",
-        "ref": "nixos-24.11",
+        "ref": "nixos-25.11",
         "repo": "nixpkgs",
         "type": "github"
       }
@@ -531,11 +534,11 @@
     },
     "nixpkgs_2": {
       "locked": {
-        "lastModified": 1743583204,
+        "lastModified": 1751011381,
-        "narHash": "sha256-F7n4+KOIfWrwoQjXrL2wD9RhFYLs2/GGe/MQY1sSdlE=",
+        "narHash": "sha256-krGXKxvkBhnrSC/kGBmg5MyupUUT5R6IBCLEzx9jhMM=",
         "owner": "nixos",
         "repo": "nixpkgs",
-        "rev": "2c8d3f48d33929642c1c12cd243df4cc7d2ce434",
+        "rev": "30e2e2857ba47844aa71991daa6ed1fc678bcbb7",
         "type": "github"
       },
       "original": {
@@ -547,10 +550,12 @@
     },
     "nixpkgs_3": {
       "locked": {
-        "lastModified": 0,
+        "lastModified": 1762361079,
-        "narHash": "sha256-7PCBQ4aGVF8OrzMkzqtYSKyoQuU2jtpPi4lmABpe5X4=",
+        "narHash": "sha256-lz718rr1BDpZBYk7+G8cE6wee3PiBUpn8aomG/vLLiY=",
-        "path": "/nix/store/yl6bc4g0axk5z4v0lsz8fzpxkc3yv1jl-source",
+        "owner": "NixOS",
-        "type": "path"
+        "repo": "nixpkgs",
+        "rev": "ffcdcf99d65c61956d882df249a9be53e5902ea5",
+        "type": "github"
       },
       "original": {
         "id": "nixpkgs",
@@ -564,11 +569,11 @@
         "treefmt-nix": "treefmt-nix"
       },
       "locked": {
-        "lastModified": 1743848787,
+        "lastModified": 1751281595,
-        "narHash": "sha256-LyE0Sr3mTb/ElWjueF+Lp6bL2FtJcltREd/qvBM0C04=",
+        "narHash": "sha256-y0fShu8oxqjP+LNNZWvxQGdlLkZmnK75nNCe8jfIfN0=",
         "owner": "nix-community",
         "repo": "NUR",
-        "rev": "5ec7bc0851c41c90f2b62f976fcbf2a0f6f4a88c",
+        "rev": "f73c91ffeff4282beb786e4e3de0db037fe07969",
         "type": "github"
       },
       "original": {
@@ -668,6 +673,21 @@
         "type": "github"
       }
     },
+    "systems": {
+      "locked": {
+        "lastModified": 1681028828,
+        "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
+        "owner": "nix-systems",
+        "repo": "default",
+        "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
+        "type": "github"
+      },
+      "original": {
+        "owner": "nix-systems",
+        "repo": "default",
+        "type": "github"
+      }
+    },
     "treefmt-nix": {
       "inputs": {
         "nixpkgs": [
@@ -691,11 +711,11 @@
     },
     "unstable": {
       "locked": {
-        "lastModified": 1743689281,
+        "lastModified": 1765644376,
-        "narHash": "sha256-y7Hg5lwWhEOgflEHRfzSH96BOt26LaYfrYWzZ+VoVdg=",
+        "narHash": "sha256-yqHBL2wYGwjGL2GUF2w3tofWl8qO9tZEuI4wSqbCrtE=",
         "owner": "nixos",
         "repo": "nixpkgs",
-        "rev": "2bfc080955153be0be56724be6fa5477b4eefabb",
+        "rev": "23735a82a828372c4ef92c660864e82fbe2f5fbe",
         "type": "github"
       },
       "original": {

flake.nix

@@ -2,9 +2,9 @@
   description = "dandellion's home-manager profiles";
 
   inputs  = {
-    nixpkgs.url = "github:nixos/nixpkgs/nixos-24.11";
+    nixpkgs.url = "github:nixos/nixpkgs/nixos-25.11";
 
-    home-manager.url = "github:nix-community/home-manager/release-24.11";
+    home-manager.url = "github:nix-community/home-manager/release-25.11";
     home-manager.inputs.nixpkgs.follows = "nixpkgs";
 
     unstable.url = "github:nixos/nixpkgs/nixpkgs-unstable";
@@ -75,11 +75,11 @@
 
       mkHomes = machines: extraArgs: nixlib.genAttrs machines (machine: mkHome ({inherit machine; } // extraArgs));
 
-      allMachines = [ "laptop" "desktop" "headless" "pvv-terminal" "ikari" ];
+      allMachines = [ "ayanami" "desktop" "headless" "pvv-terminal" "ikari" ];
   in
   {
 
-    homeConfigurations = mkHomes [ "laptop" "headless" "ikari" ] { }
+    homeConfigurations = mkHomes [ "ayanami" "headless" "ikari" ] { }
       // mkHomes [ "desktop" ] { username = "dan"; }
       // mkHomes [ "pvv-terminal" ] { username = "danio"; homeDirectory = "/home/pvv/d/danio"; };
 
@@ -90,11 +90,20 @@
           inherit inputs;
         };
         modules = [
+          home-manager.nixosModules.home-manager
+          {
+            home-manager.useGlobalPkgs = false;
+            home-manager.useUserPackages = true;
+            home-manager.users.daniel = import ./home/machines/ayanami.nix;
+            home-manager.extraSpecialArgs = {
+              overlays = defaultOverlays;
+            };
+          }
+
           ./hosts/ayanami/configuration.nix
-          nixos-hardware.nixosModules.lenovo-thinkpad-l480
+          nixos-hardware.nixosModules.lenovo-thinkpad-p14s-amd-gen2
         ];
       };
-
       soryu-old = nixpkgs.lib.nixosSystem {
         system = "x86_64-linux";
         specialArgs = {

home/machines/ayanami.nix

@@ -0,0 +1,31 @@
+{ config, lib, pkgs, overlays, ... }:
+{
+  nixpkgs.overlays = overlays;
+  nixpkgs.config.allowUnfreePredicate = (pkg: true);
+  nixpkgs.config.allowUnfree = true;
+
+  imports = [ ../profiles ];
+
+  machine = {
+    name = "Ayanami";
+    eth = "enp5s0";
+    wlan = "wlp3s0";
+    secondary-fs = null;
+  };
+
+  profiles.base.enable = true;
+  profiles.base.plus = true;
+  profiles.xsession.enable = true;
+  profiles.audio.fancy = true;
+  profiles.zsh.enable = true;
+
+  profiles.games.enable = true;
+
+  profiles.timetracking.enable = true;
+
+  home.packages = [
+      pkgs.unstable.osu-lazer-bin
+  ];
+
+  home.stateVersion = "24.11";
+}

home/profiles/audio.nix

@@ -1,7 +1,25 @@
 {pkgs, config, lib, ...}:
 let
   cfg = config.profiles.audio;
-  audio-plugins = pkgs.symlinkJoin { name = "audio-plugins"; paths = [ pkgs.lsp-plugins pkgs.speech-denoiser ];};
+  # audio-plugins = pkgs.symlinkJoin {
+  #   name = "audio-plugins";
+  #   stripPrefix = "/lib";
+  #   paths = [
+  #     pkgs.lsp-plugins
+  #     pkgs.rnnoise-plugin
+  #   ];
+  # };
+  audio-plugins = pkgs.buildEnv {
+    name = "audio-plugins";
+    paths = [
+      pkgs.lsp-plugins
+      # pkgs.calf
+      # pkgs.tal-plugins
+      pkgs.rnnoise-plugin
+    ];
+    # pathsToLink = [ "/lib/lv2" "/lib/ladspa" "/lib/clap" "/lib/vst" "/lib/vst3" ];
+  };
+
 in
 {
   options.profiles.audio = {

home/profiles/base/default.nix

@@ -81,7 +81,7 @@ in
       eza
       ripgrep
 
-      gregctl
+      # gregctl
 #      wack
 #
       unstable.ollama
@@ -92,13 +92,13 @@ in
       sxiv
       eog
 
-      dolphin
+      kdePackages.dolphin
-      plasma5Packages.dolphin-plugins
+      kdePackages.dolphin-plugins
-      ffmpegthumbs
+      kdePackages.ffmpegthumbs
-      plasma5Packages.kdegraphics-thumbnailers
+      kdePackages.kdegraphics-thumbnailers
-      plasma5Packages.kio
+      kdePackages.kio
-      plasma5Packages.kio-extras
+      kdePackages.kio-extras
-      konsole # https://bugs.kde.org/show_bug.cgi?id=407990 reeee
+      kdePackages.konsole # https://bugs.kde.org/show_bug.cgi?id=407990 reeee
 
       gedit
 
@@ -111,7 +111,7 @@ in
       libreoffice
       thunderbird
 
-      kdenlive
+      kdePackages.kdenlive
       frei0r
       audacity
       # inkscape
@@ -336,7 +336,7 @@ in
 
     home.sessionVariables = {
       EDITOR = "hx";
-      GRZEGORZ_DEFAULT_API_BASE = "https://georg.pvv.ntnu.no/api";
+      GRZEGORZ_DEFAULT_API_BASE = "https://georg-backend.pvv.ntnu.no/api/";
       OLLAMA_HOST="100.64.0.19";
     };
 

home/profiles/xsession/default.nix

@@ -70,9 +70,9 @@ in
             "XF86AudioMicMute" = "exec --no-startup-id ${pkgs.pulseaudio}/bin/pactl set-source-mute 1 toggle";
 
             # Georg volume controls
-            "Shift+XF86AudioRaiseVolume" = "exec --no-startup-id ${lib.getExe pkgs.gregctl} set-volume -- +5%";
+            # "Shift+XF86AudioRaiseVolume" = "exec --no-startup-id ${lib.getExe pkgs.gregctl} set-volume -- +5%";
-            "Shift+XF86AudioLowerVolume" = "exec --no-startup-id ${lib.getExe pkgs.gregctl} set-volume -- -5%";
+            # "Shift+XF86AudioLowerVolume" = "exec --no-startup-id ${lib.getExe pkgs.gregctl} set-volume -- -5%";
-            "Shift+XF86AudioMute" = "exec --no-startup-id ${lib.getExe pkgs.gregctl} toggle";
+            # "Shift+XF86AudioMute" = "exec --no-startup-id ${lib.getExe pkgs.gregctl} toggle";
 
             "XF86MonBrightnessUp" = "exec --no-startup-id brightnessctl set +5%";
             "XF86MonBrightnessDown" = "exec --no-startup-id brightnessctl set 5%-";
@@ -147,11 +147,12 @@ in
     gtk = {
       enable = true;
       theme = {
-        package = pkgs.breeze-gtk;
+        # package = pkgs.breeze-gtk;
+        package = pkgs.kdePackages.breeze-gtk;
         name = "Breeze";
       };
       iconTheme = {
-        package = pkgs.breeze-icons;
+        package = pkgs.kdePackages.breeze-icons;
         name = "breeze";
       };
     };
@@ -181,8 +182,8 @@ in
 
       pkgs.source-code-pro
 
-      pkgs.breeze-qt5
+      pkgs.kdePackages.breeze-gtk
-      pkgs.breeze-icons
+      pkgs.kdePackages.breeze-icons
     ];
   };
 }

hosts/asuka/soryu/ai-container.nix

@@ -0,0 +1,36 @@
+{ config, lib, pkgs, ... }:
+
+{
+  systemd.nspawn.ubuntu-ai = {
+    execConfig = {
+      Boot = true;
+    };
+    networkConfig = {
+      Private = false;
+    };
+    filesConfig = {
+      BindReadOnly = [
+        "/etc/resolv.conf:/etc/resolv.conf"
+      ];
+      Bind = [
+        "/dev/dri:/dev/dri"
+        "/dev/kfd:/dev/kfd"
+        "/mnt/human/sd:/sd:idmap"
+      ];
+    };
+  };
+
+  systemd.services."systemd-nspawn@ubuntu-ai" = {
+    environment = {
+      SYSTEMD_NSPAWN_TMPFS_TMP = "0";
+    };
+    serviceConfig = {
+      CPUQuota = "1400%";
+      MemoryHigh = "90G";
+      MemoryMax = "94G";
+      MemorySwapMax = "40G";
+      ExecStart = "systemd-nspawn --quiet --keep-unit --boot --link-journal=try-guest --network-veth -U --settings=override --machine=%i -D /mnt/human/machines/ubuntu-ai";
+    };
+  #  overrideStrategy = "asDropin";
+  };
+}

hosts/asuka/soryu/configuration.nix

@@ -10,6 +10,7 @@
       ./hardware-configuration.nix
 #      ./wack.nix
       ./ollama.nix
+      ./ai-container.nix
       ../../common/builder.nix
     ];
 
@@ -34,6 +35,24 @@
     };
   };
 
+  boot.kernelParams = [ "ip=dhcp" ];
+  boot.initrd.availableKernelModules = [ "r8169" ];
+  boot.initrd.network.enable = true;
+  boot.initrd.network.ssh = {
+    enable = true;
+    port = 22;
+    authorizedKeys = [
+      "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCp8iMOx3eTiG5AmDh2KjKcigf7xdRKn9M7iZQ4RqP0np0UN2NUbu+VAMJmkWFyi3JpxmLuhszU0F1xY+3qM3ARduy1cs89B/bBE85xlOeYhcYVmpcgPR5xduS+TuHTBzFAgp+IU7/lgxdjcJ3PH4K0ruGRcX1xrytmk/vdY8IeSk3GVWDRrRbH6brO4cCCFjX0zJ7G6hBQueTPQoOy3jrUvgpRkzZY4ZCuljXtxbuX5X/2qWAkp8ca0iTQ5FzNA5JUyj+DWeEzjIEz6GrckOdV2LjWpT9+CtOqoPZOUudE1J9mJk4snNlMQjE06It7Kr50bpwoPqnxjo7ZjlHFLezl"
+    ];
+    hostKeys = [
+      "/etc/secrets/initrd/ssh_host_rsa_key"
+      "/etc/secrets/initrd/ssh_host_ed25519_key"
+    ];
+    shell = "/bin/cryptsetup-askpass";
+  };
+
+  hardware.bluetooth.enable = true;
+
   boot.extraModulePackages = with config.boot.kernelPackages; [ v4l2loopback ];
   boot.kernelPackages = pkgs.linuxPackages_latest;
 
@@ -113,14 +132,10 @@
   networking.firewall.allowedUDPPorts = [ config.services.murmur.port ];
 
 
-
+  security.rtkit.enable = false; # Enable again when mumble is fixed
-  # Enable CUPS to print documents.
-  # services.printing.enable = true;
-
-
-  security.rtkit.enable = true;
   services.pipewire = {
     enable = true;
+    extraLv2Packages = [ pkgs.rnnoise-plugin.lv2 ];
     alsa.enable = true;
     alsa.support32Bit = true;
     pulse.enable = true;
@@ -163,11 +178,18 @@
   services.xserver.xkb.layout = "no";
   # services.xserver.xkbOptions = "eurosign:e";
 
+  i18n = {
+    defaultLocale = "nb_NO.UTF-8";
+    extraLocales = [ "en_US.UTF-8/UTF-8" "nn_NO.UTF-8/UTF-8" ];
+    extraLocaleSettings = {
+      LC_COLLATE = "nb_NO.UTF-8";
+      LC_MESSAGES = "en_US.UTF-8";
+    };
+  };
+
   services.xserver.displayManager.lightdm.enable = true;
   services.xserver.videoDrivers = ["amdgpu"];
 
-
-
   programs.zsh.enable = true;
 
   virtualisation.docker.enable = true;
@@ -177,8 +199,6 @@
 
 #  networking.nameservers = lib.mkForce [ "192.168.0.25" ];
 
-
-
 #  services.ipfs.enable = true;
 #  services.ipfs.gatewayAddress = "/ip4/127.0.0.1/tcp/5002";
 
@@ -203,5 +223,4 @@
   # servers. You should change this only after NixOS release notes say you
   # should.
   system.stateVersion = "24.11"; # Did you read the comment?
-
 }

hosts/ayanami-old/configuration.nix

@@ -0,0 +1,261 @@
+#n Edit this configuration file to define what should be installed on your system.  
+# Help is available in the configuration.nix(5) man page and in the NixOS manual 
+# (accessible by running ‘nixos-help’).
+
+{ config, pkgs, ... }:
+
+{
+  imports =
+    [
+      ./hardware-configuration.nix
+    ];
+
+  networking.hosts = {
+   # "10.10.111.103" = [ "snowbell.htb" "legacy.snowbell.htb" "management.snowbell.htb" ];
+  };
+
+  services.restic.backups."main" = {
+    repositoryFile = "/root/restic-main-repo";
+    passwordFile = "/root/restic-main-password";
+    pruneOpts = [
+      "--keep-last 2"
+      "--keep-within 3d"
+      "--keep-daily 7"
+      "--keep-weekly 5"
+      "--keep-monthly 12"
+      "--keep-yearly 5"
+    ];
+    paths = [
+      "/home/daniel"
+      "/var/lib"
+    ];
+    exclude = [
+      "/home/*/.cache"
+
+      "/home/*/.local/share/Trash"
+
+      "/home/*/.cargo"
+
+      "/home/*/.local/share/Steam/*"
+      "!/home/*/.local/share/Steam/compatdata"
+
+      "/home/*/mnt"
+    ];
+    extraBackupArgs = [
+      "--one-file-system"
+    ];
+  };
+
+  boot.binfmt.emulatedSystems = [ "aarch64-linux" ];
+
+  virtualisation.podman.enable = true;
+  virtualisation.libvirtd.enable = true;
+  programs.dconf.enable = true;
+
+  programs.wireshark.enable = true;
+  programs.wireshark.package = pkgs.wireshark;
+
+  services.mysql.enable = true;
+  services.mysql.package = pkgs.mariadb;
+  services.mysql.settings.mysqld = {
+    bind-address = "127.0.0.1";
+    port = 3306;
+  };
+  services.mysql.ensureUsers = [
+    {
+      name = "daniel";
+      ensurePermissions = {
+        "lab1.*" = "ALL PRIVILEGES";
+        "lab2.*" = "ALL PRIVILEGES";
+        "lab3.*" = "ALL PRIVILEGES";
+        "lab4.*" = "ALL PRIVILEGES";
+        "lab5.*" = "ALL PRIVILEGES";
+      };
+    }
+  ];
+
+  # services.create_ap.enable = false;
+  # services.create_ap.settings = {
+  #   INTERNET_IFACE = "enp0s31f6";
+  #   PASSPHRASE = "12345678";
+  #   SSID = "DOTA2ERBEST";
+  #   WIFI_IFACE = "wlp5s0";
+  #   MAC_FILTER = 0;
+  #   HIDDEN = 0;
+  # };
+
+  boot.kernelModules = [ "v4l2loopback" ];
+
+  # Use the systemd-boot EFI boot loader.
+  boot.loader.systemd-boot.enable = true;
+  boot.loader.efi.canTouchEfiVariables = true;
+
+  networking.hostName = "ayanami"; # Define your hostname.
+  networking.networkmanager.enable = true;
+
+  hardware.bluetooth.enable = true;
+  services.blueman.enable = true;
+  
+  # Set your time zone.
+  time.timeZone = "Europe/Oslo";
+
+  services.tailscale.enable = true;
+
+  # The global useDHCP flag is deprecated, therefore explicitly set to false here.
+  # Per-interface useDHCP will be mandatory in the future, so this generated config
+  # replicates the default behaviour.
+  networking.useDHCP = false;
+  networking.interfaces.enp0s31f6.useDHCP = false;
+  networking.interfaces.wlp5s0.useDHCP = false;
+
+  services.avahi.enable = false;
+
+  # services.atftpd = {
+  #   enable = false;
+  # };
+
+  # Select internationalisation properties.
+  i18n.supportedLocales = [ "en_US.UTF-8/UTF-8" "nb_NO.UTF-8/UTF-8" ];
+  i18n.defaultLocale = "en_US.UTF-8";
+  i18n.extraLocaleSettings = {
+    LC_TIME = "nb_NO.UTF-8";
+    LC_PAPER = "nb_NO.UTF-8";
+    LC_NAME = "nb_NO.UTF-8";
+    LC_ADDRESS = "nb_NO.UTF-8";
+    LC_TELEPHONE = "nb_NO.UTF-8";
+    LC_MEASUREMENT = "nb_NO.UTF-8";
+    LC_IDENTIFICATION = "nb_NO.UTF-8";
+};
+  console = {
+    font = "Lat2-Terminus16";
+    keyMap = "no-latin1";
+  };
+
+  services.xserver.displayManager.lightdm.enable = true;
+  services.displayManager.defaultSession = "xsession";
+  # Enable the X11 windowing system.
+  services.xserver.enable = true;
+  services.xserver.displayManager = {
+    session = [
+      {
+        manage = "desktop";
+        name = "xsession";
+        start = "exec $HOME/.xsession";
+      }
+    ];
+  };
+
+  # Disable cups we will just not print anything :))
+  services.printing.enable = false;
+
+  security.rtkit.enable = true;
+  services.pipewire = {
+    enable = true;
+    alsa.enable = true;
+    alsa.support32Bit = true;
+    pulse.enable = true;
+    jack.enable = true;
+  };
+
+  hardware.opengl.driSupport32Bit = true;
+  hardware.opengl.extraPackages = with pkgs; [ libva ];
+
+  # Enable touchpad support (enabled default in most desktopManager).
+  services.libinput.enable = true;
+  services.xserver.xkb.layout = "no";
+
+
+  programs.zsh.enable = true;
+
+
+  # Define a user account. Don't forget to set a password with ‘passwd’.
+  users.users.daniel = {
+    isNormalUser = true;
+    shell = pkgs.zsh;
+    extraGroups = [ "wheel" "networkmanager" "wireshark" "libvirtd" ];
+  };
+
+  environment.systemPackages = with pkgs; [
+    vim
+    git
+    wget
+    virt-manager
+    podman-compose
+  ];
+
+
+  services.dbus.packages = with pkgs; [ pkgs.dconf ];
+
+  services.openssh.enable = true;
+  services.openssh.openFirewall = false;
+
+  networking.firewall.interfaces."tailscale0" = let
+    all = { from = 0; to = 65535; };
+  in {
+    allowedUDPPortRanges = [ all ];
+    allowedTCPPortRanges = [ all ];
+  };
+
+  # Open ports in the firewall.
+  networking.firewall.allowedTCPPorts = [ 69 8010 9090 ];
+  networking.firewall.allowedUDPPorts = [ 69 8010 9090 ];
+  # Or disable the firewall altogether.
+  # networking.firewall.enable = false;
+
+  nix.settings.trusted-users = [ "daniel" ];
+
+  nix.buildMachines = [
+    { hostName = "soryu";
+      system = "x86_64-linux";
+      maxJobs = 16;
+      supportedFeatures = [ "big-parallel" ];
+      speedFactor = 66317;
+    }
+    # { hostName = "bob.pvv.ntnu.no";
+    #   system = "x86_64-linux";
+    #   maxJobs = 12;
+    #   supportedFeatures = [ "big-parallel" ];
+    #   speedFactor = 129270;
+    # }
+    # { hostName = "bolle.pbsds.net";
+    #   system = "x86_64-linux";
+    #   maxJobs = 6;
+    #   speedFactor = 12857;
+    # }
+    # { hostName = "garp.pbsds.net";
+    #   system = "x86_64-linux";
+    #   maxJobs = 4;
+    #   # i7-6700
+    #   speedFactor = 8088;
+    # }
+    # { hostName = "lilith";
+    #   system = "x86_64-linux";
+    #   maxJobs = 6;
+    #   #speedFactor = 13199;
+    #   speedFactor = 6000;
+    # }
+    # {
+    #   hostName = "isvegg.pvv.ntnu.no";
+    #   system = "x86_64-linux";
+    #   maxJobs = 4;
+    #   speedFactor = 4961;
+    #   supportedFeatures = [ "big-parallel" ];
+    #   mandatoryFeatures = [ ];
+    # }
+  ];
+  nix.distributedBuilds = true;
+  nix.extraOptions = ''
+    builders-use-substitutes = true
+    experimental-features = nix-command flakes impure-derivations ca-derivations
+  '';
+
+  # This value determines the NixOS release from which the default
+  # settings for stateful data, like file locations and database versions
+  # on your system were taken. It‘s perfectly fine and recommended to leave
+  # this value at the release version of the first install of this system.
+  # Before changing this value read the documentation for this option
+  # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
+  system.stateVersion = "23.11"; # Did you read the comment?
+
+}
+

hosts/ayanami-old/hardware-configuration.nix

@@ -0,0 +1,61 @@
+# Do not modify this file!  It was generated by ‘nixos-generate-config’
+# and may be overwritten by future invocations.  Please make changes
+# to /etc/nixos/configuration.nix instead.
+{ config, lib, pkgs, modulesPath, ... }:
+
+{
+  imports =
+    [ (modulesPath + "/installer/scan/not-detected.nix")
+    ];
+
+  boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "usb_storage" "sd_mod" "sdhci_pci" ];
+  boot.initrd.kernelModules = [ ];
+  boot.kernelModules = [ "kvm-intel" ];
+  boot.extraModulePackages = [ ];
+
+  fileSystems."/" =
+    { device = "/dev/disk/by-uuid/276d0801-34f7-4d40-aa24-bfc43ea4ff51";
+      fsType = "btrfs";
+      options = [ "subvol=root" ];
+    };
+
+  boot.initrd.luks.devices."enc" = {
+    allowDiscards = true;
+    device = "/dev/disk/by-uuid/27c2e6ae-d9ec-4bbd-9ebe-6ec2e63dd139";
+  };
+  fileSystems."/home" =
+    { device = "/dev/disk/by-uuid/276d0801-34f7-4d40-aa24-bfc43ea4ff51";
+      fsType = "btrfs";
+      options = [ "subvol=home" ];
+    };
+
+  fileSystems."/nix" =
+    { device = "/dev/disk/by-uuid/276d0801-34f7-4d40-aa24-bfc43ea4ff51";
+      fsType = "btrfs";
+      options = [ "subvol=nix" ];
+    };
+
+  fileSystems."/persist" =
+    { device = "/dev/disk/by-uuid/276d0801-34f7-4d40-aa24-bfc43ea4ff51";
+      fsType = "btrfs";
+      options = [ "subvol=persist" ];
+    };
+
+  fileSystems."/var/log" =
+    { device = "/dev/disk/by-uuid/276d0801-34f7-4d40-aa24-bfc43ea4ff51";
+      fsType = "btrfs";
+      options = [ "subvol=log" ];
+      neededForBoot = true;
+    };
+
+  fileSystems."/boot" =
+    { device = "/dev/disk/by-uuid/503B-1BC9";
+      fsType = "vfat";
+    };
+
+  swapDevices =
+    [ { device = "/dev/disk/by-uuid/28c04c57-b026-471f-a7bf-366cbc102b78"; }
+    ];
+
+  hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
+}

hosts/ayanami/configuration.nix

@@ -1,23 +1,21 @@
-#n Edit this configuration file to define what should be installed on your system.  
+# Edit this configuration file to define what should be installed on
-# Help is available in the configuration.nix(5) man page and in the NixOS manual 
+# your system.  Help is available in the configuration.nix(5) man page
-# (accessible by running ‘nixos-help’).
+# and in the NixOS manual (accessible by running ‘nixos-help’).
 
-{ config, pkgs, ... }:
+{ config, lib, pkgs, ... }:
 
 {
   imports =
-    [
+    [ # Include the results of the hardware scan.
       ./hardware-configuration.nix
     ];
 
-  networking.hosts = {
-   # "10.10.111.103" = [ "snowbell.htb" "legacy.snowbell.htb" "management.snowbell.htb" ];
-  };
 
   services.restic.backups."main" = {
     repositoryFile = "/root/restic-main-repo";
     passwordFile = "/root/restic-main-password";
     pruneOpts = [
+      "-keep-tag keep"
       "--keep-last 2"
       "--keep-within 3d"
       "--keep-daily 7"
@@ -36,8 +34,8 @@
 
       "/home/*/.cargo"
 
-      "/home/*/.local/share/Steam/*"
       "!/home/*/.local/share/Steam/compatdata"
+      "/home/*/.local/share/Steam/*"
 
       "/home/*/mnt"
     ];
@@ -48,147 +46,52 @@
 
   boot.binfmt.emulatedSystems = [ "aarch64-linux" ];
 
-  virtualisation.podman.enable = true;
+  nixpkgs.config = {
-  virtualisation.libvirtd.enable = true;
+    allowUnfree = true;
-  programs.dconf.enable = true;
+    rocmSupport = true;
-
-  programs.wireshark.enable = true;
-  programs.wireshark.package = pkgs.wireshark;
-
-  services.mysql.enable = true;
-  services.mysql.package = pkgs.mariadb;
-  services.mysql.settings.mysqld = {
-    bind-address = "127.0.0.1";
-    port = 3306;
   };
-  services.mysql.ensureUsers = [
-    {
-      name = "daniel";
-      ensurePermissions = {
-        "lab1.*" = "ALL PRIVILEGES";
-        "lab2.*" = "ALL PRIVILEGES";
-        "lab3.*" = "ALL PRIVILEGES";
-        "lab4.*" = "ALL PRIVILEGES";
-        "lab5.*" = "ALL PRIVILEGES";
-      };
-    }
-  ];
-
-  # services.create_ap.enable = false;
-  # services.create_ap.settings = {
-  #   INTERNET_IFACE = "enp0s31f6";
-  #   PASSPHRASE = "12345678";
-  #   SSID = "DOTA2ERBEST";
-  #   WIFI_IFACE = "wlp5s0";
-  #   MAC_FILTER = 0;
-  #   HIDDEN = 0;
-  # };
-
-  boot.kernelModules = [ "v4l2loopback" ];
 
   # Use the systemd-boot EFI boot loader.
-  boot.loader.systemd-boot.enable = true;
   boot.loader.efi.canTouchEfiVariables = true;
+  boot.loader.systemd-boot = {
+    enable = true;
+    netbootxyz = { enable = true; sortKey = "y_netbootxyz"; };
+    edk2-uefi-shell = { enable = true; sortKey = "z_edk2-uefi-shell"; };
+  };
 
-  networking.hostName = "ayanami"; # Define your hostname.
+  boot.extraModulePackages = with config.boot.kernelPackages; [ v4l2loopback ];
+  boot.kernelPackages = pkgs.linuxPackages_latest;
+
+  services.fwupd.enable = true;
+
+  #  programs.adb.enable = true;
+
+  systemd.enableEmergencyMode = false;
+
+  networking.hostName = "ayanami";
   networking.networkmanager.enable = true;
+  networking.useDHCP = false;
 
   hardware.bluetooth.enable = true;
-  services.blueman.enable = true;
+
-  
+  zramSwap = {
-  # Set your time zone.
+    enable = true;
-  time.timeZone = "Europe/Oslo";
+    memoryMax = 24 * 1024 * 1024 * 1024;  # 24 GB ZRAM
+  };
+
+  services.resolved.enable = true;
+  services.resolved.dnssec = "false";
+
+  services.gnome.gnome-keyring.enable = true;
+
+  programs.steam = {
+    enable = true;
+    remotePlay.openFirewall = false;
+    dedicatedServer.openFirewall = false;
+  };
 
   services.tailscale.enable = true;
 
-  # The global useDHCP flag is deprecated, therefore explicitly set to false here.
-  # Per-interface useDHCP will be mandatory in the future, so this generated config
-  # replicates the default behaviour.
-  networking.useDHCP = false;
-  networking.interfaces.enp0s31f6.useDHCP = false;
-  networking.interfaces.wlp5s0.useDHCP = false;
-
-  services.avahi.enable = false;
-
-  # services.atftpd = {
-  #   enable = false;
-  # };
-
-  # Select internationalisation properties.
-  i18n.supportedLocales = [ "en_US.UTF-8/UTF-8" "nb_NO.UTF-8/UTF-8" ];
-  i18n.defaultLocale = "en_US.UTF-8";
-  i18n.extraLocaleSettings = {
-    LC_TIME = "nb_NO.UTF-8";
-    LC_PAPER = "nb_NO.UTF-8";
-    LC_NAME = "nb_NO.UTF-8";
-    LC_ADDRESS = "nb_NO.UTF-8";
-    LC_TELEPHONE = "nb_NO.UTF-8";
-    LC_MEASUREMENT = "nb_NO.UTF-8";
-    LC_IDENTIFICATION = "nb_NO.UTF-8";
-};
-  console = {
-    font = "Lat2-Terminus16";
-    keyMap = "no-latin1";
-  };
-
-  services.xserver.displayManager.lightdm.enable = true;
-  services.displayManager.defaultSession = "xsession";
-  # Enable the X11 windowing system.
-  services.xserver.enable = true;
-  services.xserver.displayManager = {
-    session = [
-      {
-        manage = "desktop";
-        name = "xsession";
-        start = "exec $HOME/.xsession";
-      }
-    ];
-  };
-
-  # Disable cups we will just not print anything :))
-  services.printing.enable = false;
-
-  security.rtkit.enable = true;
-  services.pipewire = {
-    enable = true;
-    alsa.enable = true;
-    alsa.support32Bit = true;
-    pulse.enable = true;
-    jack.enable = true;
-  };
-
-  hardware.opengl.driSupport32Bit = true;
-  hardware.opengl.extraPackages = with pkgs; [ libva ];
-
-  # Enable touchpad support (enabled default in most desktopManager).
-  services.libinput.enable = true;
-  services.xserver.xkb.layout = "no";
-
-
-  programs.zsh.enable = true;
-
-
-  # Define a user account. Don't forget to set a password with ‘passwd’.
-  users.users.daniel = {
-    isNormalUser = true;
-    shell = pkgs.zsh;
-    extraGroups = [ "wheel" "networkmanager" "wireshark" "libvirtd" ];
-  };
-
-  environment.systemPackages = with pkgs; [
-    vim
-    git
-    wget
-    virt-manager
-    podman-compose
-  ];
-
-
-  services.dbus.packages = with pkgs; [ pkgs.dconf ];
-
-  services.openssh.enable = true;
-  services.openssh.openFirewall = false;
-
   networking.firewall.interfaces."tailscale0" = let
     all = { from = 0; to = 65535; };
   in {
@@ -196,14 +99,108 @@
     allowedTCPPortRanges = [ all ];
   };
 
+  # Select internationalisation properties.
+  console.keyMap = "no-latin1";
+
+  time.timeZone = "Europe/Oslo";
+
+  # List packages installed in system profile. To search, run:
+  # $ nix search wget
+  environment.systemPackages = with pkgs; [
+   wget vim git
+  ];
+
+  # Some programs need SUID wrappers, can be configured further or are
+  # started in user sessions.
+  # programs.mtr.enable = true;
+  # programs.gnupg.agent = { enable = true; enableSSHSupport = true; };
+
+  # List services that you want to enable:
+
+  # Enable the OpenSSH daemon.
+  services.openssh.enable = true;
+  services.openssh.openFirewall = false;
+
   # Open ports in the firewall.
-  networking.firewall.allowedTCPPorts = [ 69 8010 9090 ];
+  # networking.firewall.allowedTCPPorts = [ ... ];
-  networking.firewall.allowedUDPPorts = [ 69 8010 9090 ];
+  # networking.firewall.allowedUDPPorts = [ ... ];
   # Or disable the firewall altogether.
-  # networking.firewall.enable = false;
+  networking.firewall.enable = true;
+  networking.firewall.allowedTCPPorts = [ ];
+  networking.firewall.allowedUDPPorts = [ ];
 
-  nix.settings.trusted-users = [ "daniel" ];
 
+  security.rtkit.enable = false; # Enable again when mumble is fixed
+  services.pipewire = {
+    enable = true;
+    extraLv2Packages = [ pkgs.rnnoise-plugin.lv2 ];
+    alsa.enable = true;
+    alsa.support32Bit = true;
+    pulse.enable = true;
+    jack.enable = true;
+  };
+
+  hardware.graphics.enable = true;
+  hardware.graphics.enable32Bit = true;
+  hardware.graphics.extraPackages = with pkgs; [
+    libva rocmPackages.clr.icd
+  ];
+  hardware.amdgpu.opencl.enable = true;
+
+  systemd.tmpfiles.rules = 
+  let
+    rocmEnv = pkgs.symlinkJoin {
+      name = "rocm-combined";
+      paths = with pkgs.rocmPackages; [
+        rocblas
+        hipblas
+        clr
+      ];
+    };
+  in [
+    "L+    /opt/rocm   -    -    -     -    ${rocmEnv}"
+  ];
+
+
+  # Enable the X11 windowing system.
+  services.xserver.enable = true;
+  services.xserver.displayManager = {
+    defaultSession = "xsession";
+    session = [
+      { manage = "desktop";
+        name = "xsession";
+        start = "exec $HOME/.xsession";
+      }
+    ];
+  };
+  services.xserver.xkb.layout = "no";
+  # services.xserver.xkbOptions = "eurosign:e";
+
+  i18n = {
+    defaultLocale = "nb_NO.UTF-8";
+    extraLocales = [ "en_US.UTF-8/UTF-8" "nn_NO.UTF-8/UTF-8" ];
+    extraLocaleSettings = {
+      LC_COLLATE = "nb_NO.UTF-8";
+      LC_MESSAGES = "en_US.UTF-8";
+    };
+  };
+
+  services.xserver.displayManager.lightdm.enable = true;
+  services.xserver.videoDrivers = ["amdgpu"];
+
+  programs.zsh.enable = true;
+
+  virtualisation.docker.enable = true;
+  virtualisation.libvirtd.enable = true;
+  virtualisation.spiceUSBRedirection.enable = true;
+
+
+#  networking.nameservers = lib.mkForce [ "192.168.0.25" ];
+
+#  services.ipfs.enable = true;
+#  services.ipfs.gatewayAddress = "/ip4/127.0.0.1/tcp/5002";
+
+  nix.distributedBuilds = true;
   nix.buildMachines = [
     { hostName = "soryu";
       system = "x86_64-linux";
@@ -211,12 +208,6 @@
       supportedFeatures = [ "big-parallel" ];
       speedFactor = 66317;
     }
-    # { hostName = "bob.pvv.ntnu.no";
-    #   system = "x86_64-linux";
-    #   maxJobs = 12;
-    #   supportedFeatures = [ "big-parallel" ];
-    #   speedFactor = 129270;
-    # }
     # { hostName = "bolle.pbsds.net";
     #   system = "x86_64-linux";
     #   maxJobs = 6;
@@ -228,34 +219,26 @@
     #   # i7-6700
     #   speedFactor = 8088;
     # }
-    # { hostName = "lilith";
-    #   system = "x86_64-linux";
-    #   maxJobs = 6;
-    #   #speedFactor = 13199;
-    #   speedFactor = 6000;
-    # }
-    # {
-    #   hostName = "isvegg.pvv.ntnu.no";
-    #   system = "x86_64-linux";
-    #   maxJobs = 4;
-    #   speedFactor = 4961;
-    #   supportedFeatures = [ "big-parallel" ];
-    #   mandatoryFeatures = [ ];
-    # }
   ];
-  nix.distributedBuilds = true;
+  nix.trustedUsers = [ "daniel" ];
   nix.extraOptions = ''
-    builders-use-substitutes = true
+    experimental-features = nix-command flakes
-    experimental-features = nix-command flakes impure-derivations ca-derivations
   '';
 
-  # This value determines the NixOS release from which the default
+  users.users.daniel = {
-  # settings for stateful data, like file locations and database versions
+    isNormalUser = true;
-  # on your system were taken. It‘s perfectly fine and recommended to leave
+    uid = 1000;
-  # this value at the release version of the first install of this system.
+    shell = pkgs.zsh;
-  # Before changing this value read the documentation for this option
+    extraGroups = [ "wheel" "networkmanager" "docker" "video" "libvirtd" ];
-  # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
+    initialPassword = "Abc123";
-  system.stateVersion = "23.11"; # Did you read the comment?
+  };
 
+  programs.dconf.enable = true;
+  services.dbus.packages = with pkgs; [ dconf ];
+
+  # This value determines the NixOS release with which your system is to be
+  # compatible, in order to avoid breaking some software such as database
+  # servers. You should change this only after NixOS release notes say you
+  # should.
+  system.stateVersion = "25.05"; # Did you read the comment?
 }
-

hosts/ayanami/hardware-configuration.nix

@@ -8,54 +8,50 @@
     [ (modulesPath + "/installer/scan/not-detected.nix")
     ];
 
-  boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "usb_storage" "sd_mod" "sdhci_pci" ];
+  boot.initrd.availableKernelModules = [ "nvme" "xhci_pci_renesas" "xhci_pci" "usb_storage" "sd_mod" "rtsx_pci_sdmmc" ];
   boot.initrd.kernelModules = [ ];
-  boot.kernelModules = [ "kvm-intel" ];
+  boot.kernelModules = [ "kvm-amd" ];
   boot.extraModulePackages = [ ];
 
   fileSystems."/" =
-    { device = "/dev/disk/by-uuid/276d0801-34f7-4d40-aa24-bfc43ea4ff51";
+    { device = "/dev/disk/by-uuid/65fda346-b80f-410d-9577-891cdbf3e4b2";
       fsType = "btrfs";
-      options = [ "subvol=root" ];
+      options = [ "subvol=root" "compress=zstd" ];
     };
 
-  boot.initrd.luks.devices."enc" = {
+  boot.initrd.luks.devices."cryptroot".device = "/dev/disk/by-uuid/5ec9c954-9862-4d1d-bd61-bda34caf504b";
-    allowDiscards = true;
+
-    device = "/dev/disk/by-uuid/27c2e6ae-d9ec-4bbd-9ebe-6ec2e63dd139";
-  };
   fileSystems."/home" =
-    { device = "/dev/disk/by-uuid/276d0801-34f7-4d40-aa24-bfc43ea4ff51";
+    { device = "/dev/disk/by-uuid/65fda346-b80f-410d-9577-891cdbf3e4b2";
       fsType = "btrfs";
-      options = [ "subvol=home" ];
+      options = [ "subvol=home" "compress=zstd" ];
     };
 
   fileSystems."/nix" =
-    { device = "/dev/disk/by-uuid/276d0801-34f7-4d40-aa24-bfc43ea4ff51";
+    { device = "/dev/disk/by-uuid/65fda346-b80f-410d-9577-891cdbf3e4b2";
       fsType = "btrfs";
-      options = [ "subvol=nix" ];
+      options = [ "subvol=nix" "noatime" ];
-    };
-
-  fileSystems."/persist" =
-    { device = "/dev/disk/by-uuid/276d0801-34f7-4d40-aa24-bfc43ea4ff51";
-      fsType = "btrfs";
-      options = [ "subvol=persist" ];
-    };
-
-  fileSystems."/var/log" =
-    { device = "/dev/disk/by-uuid/276d0801-34f7-4d40-aa24-bfc43ea4ff51";
-      fsType = "btrfs";
-      options = [ "subvol=log" ];
-      neededForBoot = true;
     };
 
   fileSystems."/boot" =
-    { device = "/dev/disk/by-uuid/503B-1BC9";
+    { device = "/dev/disk/by-uuid/ED9D-8221";
       fsType = "vfat";
+      options = [ "fmask=0077" "dmask=0077" ];
     };
 
   swapDevices =
-    [ { device = "/dev/disk/by-uuid/28c04c57-b026-471f-a7bf-366cbc102b78"; }
+    [ { device = "/dev/disk/by-uuid/6f23c4a2-2936-4d44-b5c0-03132b720742"; }
     ];
 
-  hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
+  # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
+  # (the default) this is the recommended approach. When using systemd-networkd it's
+  # still possible to use this option, but it's recommended to use it in conjunction
+  # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
+  networking.useDHCP = lib.mkDefault true;
+  # networking.interfaces.enp2s0f0.useDHCP = lib.mkDefault true;
+  # networking.interfaces.enp5s0.useDHCP = lib.mkDefault true;
+  # networking.interfaces.wlp3s0.useDHCP = lib.mkDefault true;
+
+  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
+  hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
 }