Some pinentry setup; updated mnemosyne disk to use labels

Updates to bash-scripts; updating flake.lock
Moved keyring setup to shared; added mwdblib to mnemosyne
2026-05-18 09:42:06 -04:00 · 2026-05-18 09:23:34 -04:00 · 2026-05-07 22:04:23 -04:00 · 2026-05-07 21:59:33 -04:00 · 2026-05-04 12:00:00 -04:00 · 2026-04-26 13:04:37 -04:00
17 changed files with 113 additions and 90 deletions
--- a/2
+++ b/2
--- a/config/ai.nix
+++ b/config/ai.nix
@@ -37,15 +37,18 @@

  services.ollama = {
    enable = true;
+    host = "0.0.0.0";
+    openFirewall = true;
+    # Make sure this path is created and has the permissions of ollama:ollama.
+    models = "/mnt/storage/models";
+    environmentVariables = {
+        OLLAMA_CONTEXT_LENGTH = "8192";
+    };
    package = pkgs.ollama-cuda.override {
      cudaArches = [
        "61"
      ];
    };
-    openFirewall = true;
-    environmentVariables = {
-        OLLAMA_CONTEXT_LENGTH = "8192";
-    };
  };

  # NGINX Reverse Proxy Setup
@@ -54,7 +57,7 @@
    enable = true;
    virtualHosts = {
      # Jellyfin
-      "mindforge.randomctf.local" = {
+      "mindforge.randomctf.lan" = {
        extraConfig = ''
          access_log /var/log/nginx/access.mindforge.log;
        '';
@@ -77,4 +80,8 @@
      };
    };
  };
+
+  environment.systemPackages = with pkgs; [
+    (llama-cpp.override { cudaSupport = true; })
+  ];
 }
--- a/config/logging.nix
+++ b/config/logging.nix
@@ -23,7 +23,7 @@
      settings.server = {
          http_addr = "127.0.0.1";
          http_port = 3000;
-          domain = "grafana.randomctf.local";
+          domain = "grafana.randomctf.lan";
      };
  };

@@ -31,19 +31,19 @@
    enable = true;
    virtualHosts = {
      # Grafana
-      "grafana.randomctf.local" = {
+      "grafana.randomctf.lan" = {
        extraConfig = ''
          access_log /var/log/nginx/access.grafana.log;
        '';

        locations."/".extraConfig = ''
-          proxy_set_header Host grafana.randomctf.local;
+          proxy_set_header Host grafana.randomctf.lan;
          proxy_pass http://localhost:3000/;
        '';
      };

      # Prometheus
-      "prometheus.randomctf.local" = {
+      "prometheus.randomctf.lan" = {
        extraConfig = ''
          access_log /var/log/nginx/access.prometheus.log;
        '';
--- a/config/mnemosyne.nix
+++ b/config/mnemosyne.nix
@@ -12,4 +12,8 @@
  ];

  users.users.mnemosyne = import ./user.nix;
+
+  environment.systemPackages = with pkgs; [
+    python313Packages.mwdblib
+  ];
 }
--- a/config/networking.nix
+++ b/config/networking.nix
@@ -1,28 +1,30 @@
-{ ip_address, hostname, open_ports, lib }: let
+{ ip_address, hostname, open_ports, lib, }: let
  gateway_ip = "192.168.100.1";
 in {
  # Configure hostname.
  networking.hostName = hostname;

+  # Bug fix
+  systemd.services.systemd-networkd-wait-online.enable = lib.mkForce false;
+
+  # DNS config
+  networking.nameservers = [ gateway_ip ];
+
+  # Allowed Ports
+  networking.firewall.allowedTCPPorts = open_ports;
+
  # Conigure a static IP address.
  networking.useDHCP = false;
  networking.useNetworkd = true;
  networking.enableIPv6 = false;
-
-  # Bug fix
-  systemd.services.systemd-networkd-wait-online.enable = lib.mkForce false;
-
-  networking.defaultGateway = {
-      address = gateway_ip;
-      interface = "enp6s18";
-  };
-
-  networking.nameservers = [ gateway_ip ];
-  networking.firewall.allowedTCPPorts = open_ports;
  networking.interfaces.enp6s18.ipv4.addresses = [
    {
      address = ip_address;
      prefixLength = 24;
    }
  ];
+  networking.defaultGateway = {
+      address = gateway_ip;
+      interface = "enp6s18";
+  };
 }
--- a/config/omen.nix
+++ b/config/omen.nix
@@ -50,7 +50,7 @@
  environment.variables.GDK_SCALE = "0.5";

  # Ignore laptop lid closing when connected to power.
-  services.logind.lidSwitchExternalPower = "ignore";
+  services.logind.settings.Login.HandleLidSwitchExternalPower = "ignore";

  # Enable bluetooth
  hardware.bluetooth.enable = true;
@@ -71,13 +71,6 @@
  # For RTL-SDR
  hardware.rtl-sdr.enable = true;

-  # Setup Pinentry
-  programs.gnupg.agent = {
-    enable = true;
-    pinentryPackage = pkgs.pinentry-gtk2;
-    enableSSHSupport = true;
-  };
-
  # Setup protonmail bridge
  systemd.user.services.protonmail-bridge = {
    description = "Protonmail Bridge";
@@ -107,19 +100,19 @@
      zlib
      dbus
      python3
-      xorg.libX11
-      xorg.libXext
-      xorg.libXrender
-      xorg.libXrandr
-      xorg.libXcursor
-      xorg.libXi
-      xorg.libxcb
-      xorg.xcbutilwm
-      xorg.xcbutil
-      xorg.xcbutilimage
-      xorg.xcbutilkeysyms
-      xorg.xcbutilrenderutil
-      xorg.xcbutilcursor
+      libx11
+      libxext
+      libxrender
+      libxrandr
+      libxcursor
+      libxi
+      libxcb
+      libxcb-wm
+      libxcb-util
+      libxcb-image
+      libxcb-keysyms
+      libxcb-render-util
+      libxcb-cursor
    ];
  };
 }
--- a/config/shared.nix
+++ b/config/shared.nix
@@ -53,6 +53,17 @@
    }))
  ];

+  # Setup Pinentry
+  programs.gnupg.agent = {
+    enable = true;
+    pinentryPackage = pkgs.pinentry-gtk2;
+    enableSSHSupport = true;
+  };
+
+  # Keyring Setup
+  services.gnome.gnome-keyring.enable = true;
+  security.pam.services.login.enableGnomeKeyring = true;
+
  # Enable services.
  services.openssh.enable = true;
  services.tailscale.enable = true;
@@ -62,7 +73,6 @@
  services.gvfs.enable = true;
  services.tumbler.enable = true;

-
  # Enable docker service.
  virtualisation.docker.enable = true;

--- a/flake.lock
+++ b/flake.lock
@@ -7,11 +7,11 @@
        ]
      },
      "locked": {
-        "lastModified": 1775077333,
-        "narHash": "sha256-OXcxobt7lBkh1B8AjwreU+24myhtKpqeLfAeIyNLFY8=",
+        "lastModified": 1778905220,
+        "narHash": "sha256-ox/5IHc8uwy6UTw6N7Shp6uCHIgu/S2PsWeuXsOHSo8=",
        "owner": "nix-community",
        "repo": "home-manager",
-        "rev": "49ca96b2714c5931e17401eff87f3edd42d2b0f2",
+        "rev": "d1686dc7d36cbd1234cb226ad6ef97e882716acb",
        "type": "github"
      },
      "original": {
@@ -28,11 +28,11 @@
        ]
      },
      "locked": {
-        "lastModified": 1775360939,
-        "narHash": "sha256-XUBlSgUFdvTh6+K5LcI5mJu5F5L8scmJDMRiZM484TM=",
+        "lastModified": 1778937626,
+        "narHash": "sha256-OzLAT0G96WlT/WWaNdkTvQ7E9ohq9h0xQTdL1oe3gm0=",
        "owner": "nix-community",
        "repo": "home-manager",
-        "rev": "2097a5c82bdc099c6135eae4b111b78124604554",
+        "rev": "d5ece85b6d3d6b5ab5a514b2785fb952b629bfea",
        "type": "github"
      },
      "original": {
@@ -48,11 +48,11 @@
        ]
      },
      "locked": {
-        "lastModified": 1775365369,
-        "narHash": "sha256-DgH5mveLoau20CuTnaU5RXZWgFQWn56onQ4Du2CqYoI=",
+        "lastModified": 1778393439,
+        "narHash": "sha256-mOtQxUjtKaPHLeoLOY/YEDctmud1X9KwJr4kE1MJ3Wc=",
        "owner": "nix-community",
        "repo": "nix-index-database",
-        "rev": "cef5cf82671e749ac87d69aadecbb75967e6f6c3",
+        "rev": "01466c414c7357ae2ce32be4a272a7c69e94ab5f",
        "type": "github"
      },
      "original": {
@@ -63,11 +63,11 @@
    },
    "nix-unstable": {
      "locked": {
-        "lastModified": 1775036866,
-        "narHash": "sha256-ZojAnPuCdy657PbTq5V0Y+AHKhZAIwSIT2cb8UgAz/U=",
+        "lastModified": 1778443072,
+        "narHash": "sha256-zi7/fsqM/kFdNuED//4WOCUtezGtKKqRNORjMvfwjnA=",
        "owner": "nixos",
        "repo": "nixpkgs",
-        "rev": "6201e203d09599479a3b3450ed24fa81537ebc4e",
+        "rev": "da5ad661ba4e5ef59ba743f0d112cbc30e474f32",
        "type": "github"
      },
      "original": {
@@ -79,11 +79,11 @@
    },
    "nixpkgs": {
      "locked": {
-        "lastModified": 1775421654,
-        "narHash": "sha256-VmXMI4BdI3arAn55/tDCB5gDcRk3JWF3JRp6tMi7i10=",
+        "lastModified": 1778937455,
+        "narHash": "sha256-1QMHzgrJfnMh4Bg6NgkZejexiTtuV+jpZT9sohuqLB4=",
        "owner": "nixos",
        "repo": "nixpkgs",
-        "rev": "05a5d2344a57fc43b71b4ae721cabea056081d70",
+        "rev": "534de2b33df9f73253082221de221bd68c5a77c2",
        "type": "github"
      },
      "original": {
--- a/flake.nix
+++ b/flake.nix
@@ -79,14 +79,19 @@
          ./home/modules/hacking.nix
        ];

+        mindforge = mkHomeUnstableConfig "mindforge" [
+          ./home/headless-nixos.nix
+          ./home/modules/development.nix
+        ];
+
        mnemosyne = mkHomeConfig "mnemosyne" [
          ./home/headless-nixos.nix
          ./home/modules/development.nix
        ];

+
        media = mkHomeConfig "media" [ ./home/headless-nixos.nix ];
        logging = mkHomeConfig "logging" [ ./home/headless-nixos.nix ];
-        mindforge = mkHomeConfig "mindforge" [ ./home/headless-nixos.nix ];
      };
    };
 }
--- a/hardware/ai.nix
+++ b/hardware/ai.nix
@@ -24,6 +24,12 @@
    options = [ "fmask=0022" "dmask=0022" ];
  };

+  # The label "storage" can be set using e2label.
+  fileSystems."/mnt/storage" = {
+    device = "/dev/disk/by-label/storage";
+    fsType = "ext4";
+  };
+
  swapDevices = [ ];

  # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
--- a/hardware/mnemosyne.nix
+++ b/hardware/mnemosyne.nix
@@ -18,13 +18,9 @@
    fsType = "ext4";
  };

-  fileSystems."/sampledb" = {
-    device = "/dev/disk/by-uuid/7d70bfdb-510f-4f30-969f-d4ac59175719";
-    fsType = "ext4";
-  };
-
+  # The label "storage" can be set using e2label.
  fileSystems."/mnt/archive" = {
-    device = "/dev/disk/by-uuid/66103455-9fcd-4b5b-9735-37b85a51019d";
+    device = "/dev/disk/by-label/storage";
    fsType = "ext4";
  };

--- a/home/modules/development.nix
+++ b/home/modules/development.nix
@@ -16,6 +16,10 @@
    zig
    zls

+    # AI tools
+    opencode
+    claude-code
+
    # Other
    python3
    ansible
--- a/home/modules/emacs.nix
+++ b/home/modules/emacs.nix
@@ -23,8 +23,6 @@
    ccls
    yaml-language-server
    python3Packages.python-lsp-server
-    nodePackages.typescript-language-server
-    nodePackages.vscode-json-languageserver
  ];

  programs = {
--- a/home/modules/gui-apps.nix
+++ b/home/modules/gui-apps.nix
@@ -35,12 +35,15 @@
    };
  };

-  gtk = {
-    enable = true;
+  gtk = let
    theme = {
      name = "Materia-dark";
      package = pkgs.materia-theme;
    };
+  in {
+    enable = true;
+    inherit theme;
+    gtk4.theme = theme;
  };

  xdg.mimeApps = {
--- a/home/modules/hacking.nix
+++ b/home/modules/hacking.nix
@@ -39,6 +39,7 @@
    exiftool
    pwntools
    flare-floss
+    python313Packages.mwdblib

    # Wordlists
    (wordlists.override {
--- a/home/modules/neovim.nix
+++ b/home/modules/neovim.nix
@@ -2,6 +2,9 @@
  programs.neovim = {
    enable = true;
    vimAlias = true;
+    withPython3 = true;
+    withRuby = true;
+
    coc =  {
      enable = true;
      settings = {
@@ -23,7 +26,6 @@
      coc-svelte
      coc-clangd
      coc-docker
-      coc-tsserver
      coc-rust-analyzer
    ];

--- a/home/modules/zsh.nix
+++ b/home/modules/zsh.nix
@@ -9,12 +9,11 @@
    eza.enable = true;
    tealdeer = {
      enable = true;
-      settings = {
-        updates.auto_update = true;
-      };
+      settings.updates.auto_update = true;
    };
    atuin = {
      enable = true;
+      daemon.enable = true;
      enableZshIntegration = true;
      settings = {
        enter_accept = false;
@@ -26,7 +25,6 @@
      enable = true;
      enableCompletion = true;
      autosuggestion.enable = true;
-      syntaxHighlighting.enable = true;
      history.size = 100000000;

      shellAliases = {
@@ -48,7 +46,7 @@
        r330-media = "ssh media@192.168.100.40";
        r330-logging = "ssh logging@192.168.100.41";
        mnemosyne = "ssh mnemosyne@192.168.100.42";
-        mindforge = "ssh mindforge@mindforge.randomctf.local";
+        mindforge = "ssh mindforge@mindforge.randomctf.lan";

        # Nix Specific aliases
        update-config = "sudo nixos-rebuild switch --flake ~/dotfiles";
@@ -83,18 +81,12 @@
          src = ../../assets;
          file = ".p10k.zsh";
        }
-      ];
-
-      zplug = {
-        enable = true;
-        plugins = [
-          { name = "romkatv/powerlevel10k"; tags = [ as:theme depth:1 ]; }
+        {
+          name = "powerlevel10k";
+          src = pkgs.zsh-powerlevel10k;
+          file = "share/zsh-powerlevel10k/powerlevel10k.zsh-theme";
+        }
      ];
    };
  };
-  };
-
-  home.file = {
-      ".functions.zsh".source = ../../assets/.functions.zsh;
-  };
 }
Author	SHA1	Message	Date
Random936	5491cfc0a2	Some pinentry setup; updated mnemosyne disk to use labels	2026-05-18 09:42:06 -04:00
Random936	dd1d998fdf	Updates to bash-scripts; updating flake.lock	2026-05-18 09:23:34 -04:00
Random936	bafb77726c	Moved keyring setup to shared; added mwdblib to mnemosyne	2026-05-07 22:04:23 -04:00
Random936	50a1694767	Keyring setup; some general fixes; bash scripts update	2026-05-07 21:59:33 -04:00
Random936	0109b80871	Added llama-cpp to system packages	2026-05-04 12:00:00 -04:00
Random936	3849ccdf8f	Disabled ZSH syntax highlighting; updated ollama host to be wildcard	2026-04-26 13:04:37 -04:00
Random936	0c0fbb5e02	Updated development home module to contain AI tools	2026-04-26 09:31:50 -04:00
Random936	0f9900c878	Fixed bug with atuin daemon	2026-04-25 18:27:55 -04:00
Random936	8ecb4d3962	Updated AI host to use 2 HDDs	2026-04-25 18:18:00 -04:00
Random936	f8fb28d560	Updated zsh config to make terminal more performant	2026-04-25 18:16:53 -04:00
Random936	b6a10bebc4	Removing HDD from mnemosyne hardware config	2026-04-25 12:39:38 -04:00
Random936	9ec14ce9fa	Updates to config following flake.lock update	2026-04-25 10:33:01 -04:00
Random936	76e69f0bc8	Switching to .lan from .local to prevent mDNS issues	2026-04-24 20:10:17 -04:00
Random936	75d6d62271	Adding some AI packages to mindforge	2026-04-24 19:39:05 -04:00
Random936	90743455c9	Updated flake.nix	2026-04-20 12:22:06 -04:00