diff options
| -rw-r--r-- | blog/horses.org | 2 | ||||
| -rw-r--r-- | config/emacs.el | 4 | ||||
| -rw-r--r-- | config/emacs.org | 4 | ||||
| -rw-r--r-- | config/nix.org | 506 | ||||
| -rw-r--r-- | journal/20250201.org | 15 | ||||
| -rw-r--r-- | journal/index.org | 4 | ||||
| -rw-r--r-- | mindmap/lrc_circuit.png | bin | 3229 -> 3229 bytes | |||
| -rw-r--r-- | nix/flake.lock | 30 | ||||
| -rw-r--r-- | nix/flake.nix | 102 | ||||
| -rw-r--r-- | nix/modules/configuration.nix | 2 | ||||
| -rw-r--r-- | nix/modules/home/zsh.nix | 2 | ||||
| -rw-r--r-- | nix/systems/installer/default.nix | 19 |
12 files changed, 371 insertions, 319 deletions
diff --git a/blog/horses.org b/blog/horses.org index 3ffda71..b55d66d 100644 --- a/blog/horses.org +++ b/blog/horses.org @@ -67,7 +67,7 @@ you will be paying $520x$ on average. Now to set up the expected value equation (which, using our simplified model, our expected value should be 0): \begin{align} \frac{99 - 260x}{100} - \frac{99 \cdot 520x}{100} = 0 \\ -\frac{99}{100} - 2.6x - \frac{514.8x} = 0 \\ +\frac{99}{100} - 2.6x - 514.8x = 0 \\ 2.6x + 514.8x = .99 \\ 517.4x = .99 \\ x = \frac{.99}{517.4} \\ diff --git a/config/emacs.el b/config/emacs.el index 7068192..0b21a26 100644 --- a/config/emacs.el +++ b/config/emacs.el @@ -424,12 +424,12 @@ (use-package ellama :custom - (ellama-sessions-directory "~/org/ellama/" "Set org directory") + (ellama-sessions-directory "~/org/ellama/" "Set org directory for LLM sessions") :init (require 'llm-ollama) (setopt ellama-provider (make-llm-ollama :host "localhost" - :chat-model "gemma:7b"))) + :chat-model "deepseek-r1:14b"))) (use-package elfeed :custom diff --git a/config/emacs.org b/config/emacs.org index e3800c8..15a850a 100644 --- a/config/emacs.org +++ b/config/emacs.org @@ -533,12 +533,12 @@ competitive LLM that doesn't cost money. #+begin_src emacs-lisp (use-package ellama :custom - (ellama-sessions-directory "~/org/ellama/" "Set org directory") + (ellama-sessions-directory "~/org/ellama/" "Set org directory for LLM sessions") :init (require 'llm-ollama) (setopt ellama-provider (make-llm-ollama :host "localhost" - :chat-model "gemma:7b"))) + :chat-model "deepseek-r1:14b"))) #+end_src ** RSS Feed I use really simple syndication (RSS) in order to read news. As a result, I use diff --git a/config/nix.org b/config/nix.org index eb6672a..d224180 100644 --- a/config/nix.org +++ b/config/nix.org @@ -25,18 +25,18 @@ so that adding new configurations that add modifications is made simple. nixpkgs.url = "github:nixos/nixpkgs/nixos-24.11"; home-manager = { - url = "github:nix-community/home-manager/release-24.11"; - inputs.nixpkgs.follows = "nixpkgs"; + url = "github:nix-community/home-manager/release-24.11"; + inputs.nixpkgs.follows = "nixpkgs"; }; disko = { - url = "github:nix-community/disko"; - inputs.nixpkgs.follows = "nixpkgs"; + url = "github:nix-community/disko"; + inputs.nixpkgs.follows = "nixpkgs"; }; lanzaboote = { - url = "github:nix-community/lanzaboote/v0.4.1"; - inputs.nixpkgs.follows = "nixpkgs"; + url = "github:nix-community/lanzaboote/v0.4.1"; + inputs.nixpkgs.follows = "nixpkgs"; }; nur.url = "github:nix-community/NUR"; @@ -48,55 +48,55 @@ so that adding new configurations that add modifications is made simple. outputs = { nixpkgs, home-manager, nur, disko, lanzaboote, sops-nix, ... }@attrs: { nixosConfigurations = { - installer = nixpkgs.lib.nixosSystem { - system = "x86_64-linux"; - modules = [ - ( - { pkgs, modulesPath, ... }: - { - imports = [ (modulesPath + "/installer/cd-dvd/installation-cd-minimal.nix") ]; - } - ) - ./systems/installer/default.nix - ]; - }; - - continuity = nixpkgs.lib.nixosSystem { - system = "x86_64-linux"; - specialArgs = attrs; - modules = [ - lanzaboote.nixosModules.lanzaboote - disko.nixosModules.disko - home-manager.nixosModules.home-manager - sops-nix.nixosModules.sops - { nixpkgs.overlays = [ nur.overlays.default ]; } - { home-manager.extraSpecialArgs = attrs; } - - ./modules/sda-simple.nix - ./systems/continuity/default.nix - ]; - }; - - affinity = nixpkgs.lib.nixosSystem { - system = "x86_64-linux"; - specialArgs = attrs; - modules = [ - lanzaboote.nixosModules.lanzaboote - disko.nixosModules.disko - home-manager.nixosModules.home-manager - sops-nix.nixosModules.sops - { nixpkgs.overlays = [ nur.overlays.default ]; } - { home-manager.extraSpecialArgs = attrs; } - ./modules/nvme-simple.nix - ./systems/affinity/default.nix - ]; - }; - - spontaneity = nixpkgs.lib.nixosSystem { - system = "x86_64-linux"; - specialArgs = attrs; - modules = []; - }; + installer = nixpkgs.lib.nixosSystem { + system = "x86_64-linux"; + modules = [ + ( + { pkgs, modulesPath, ... }: + { + imports = [ (modulesPath + "/installer/cd-dvd/installation-cd-minimal.nix") ]; + } + ) + ./systems/installer/default.nix + ]; + }; + + continuity = nixpkgs.lib.nixosSystem { + system = "x86_64-linux"; + specialArgs = attrs; + modules = [ + lanzaboote.nixosModules.lanzaboote + disko.nixosModules.disko + home-manager.nixosModules.home-manager + sops-nix.nixosModules.sops + { nixpkgs.overlays = [ nur.overlays.default ]; } + { home-manager.extraSpecialArgs = attrs; } + + ./modules/sda-simple.nix + ./systems/continuity/default.nix + ]; + }; + + affinity = nixpkgs.lib.nixosSystem { + system = "x86_64-linux"; + specialArgs = attrs; + modules = [ + lanzaboote.nixosModules.lanzaboote + disko.nixosModules.disko + home-manager.nixosModules.home-manager + sops-nix.nixosModules.sops + { nixpkgs.overlays = [ nur.overlays.default ]; } + { home-manager.extraSpecialArgs = attrs; } + ./modules/nvme-simple.nix + ./systems/affinity/default.nix + ]; + }; + + spontaneity = nixpkgs.lib.nixosSystem { + system = "x86_64-linux"; + specialArgs = attrs; + modules = []; + }; }; }; } @@ -535,10 +535,10 @@ because they enhance security. environment = { etc = { - securetty.text = '' - # /etc/securetty: list of terminals on which root is allowed to login. - # See securetty(5) and login(1). - ''; + securetty.text = '' + # /etc/securetty: list of terminals on which root is allowed to login. + # See securetty(5) and login(1). + ''; }; }; @@ -546,13 +546,13 @@ because they enhance security. coredump.enable = false; network.config.networkConfig.IPv6PrivacyExtensions = "kernel"; tmpfiles.settings = { - "restricthome"."/home/*".Z.mode = "~0700"; + "restricthome"."/home/*".Z.mode = "~0700"; - "restrictetcnixos"."/etc/nixos/*".Z = { - mode = "0000"; - user = "root"; - group = "root"; - }; + "restrictetcnixos"."/etc/nixos/*".Z = { + mode = "0000"; + user = "root"; + group = "root"; + }; }; }; @@ -561,126 +561,126 @@ because they enhance security. extraModulePackages = [ ]; initrd = { - availableKernelModules = [ - "xhci_pci" - "ahci" - "usb_storage" - "sd_mod" - "nvme" - "sd_mod" - "ehci_pci" - "rtsx_pci_sdmmc" - "usbhid" - ]; - - kernelModules = [ ]; + availableKernelModules = [ + "xhci_pci" + "ahci" + "usb_storage" + "sd_mod" + "nvme" + "sd_mod" + "ehci_pci" + "rtsx_pci_sdmmc" + "usbhid" + ]; + + kernelModules = [ ]; }; lanzaboote = { - enable = config.monorepo.profiles.secureBoot.enable; - pkiBundle = "/etc/secureboot"; + enable = config.monorepo.profiles.secureBoot.enable; + pkiBundle = "/etc/secureboot"; }; loader = { - systemd-boot.enable = lib.mkForce (! config.monorepo.profiles.secureBoot.enable); - efi.canTouchEfiVariables = true; + systemd-boot.enable = lib.mkForce (! config.monorepo.profiles.secureBoot.enable); + efi.canTouchEfiVariables = true; }; kernelModules = [ - "snd-seq" - "snd-rawmidi" - "xhci_hcd" - "kvm_intel" + "snd-seq" + "snd-rawmidi" + "xhci_hcd" + "kvm_intel" ]; kernelParams = [ - "debugfs=off" - "page_alloc.shuffle=1" - "slab_nomerge" - "page_poison=1" - - # madaidan - "pti=on" - "randomize_kstack_offset=on" - "vsyscall=none" - "module.sig_enforce=1" - "lockdown=confidentiality" - - # cpu - "spectre_v2=on" - "spec_store_bypass_disable=on" - "tsx=off" - "tsx_async_abort=full,nosmt" - "mds=full,nosmt" - "l1tf=full,force" - "nosmt=force" - "kvm.nx_huge_pages=force" - - # hardened - "extra_latent_entropy" - - # mineral - "init_on_alloc=1" - "random.trust_cpu=off" - "random.trust_bootloader=off" - "intel_iommu=on" - "amd_iommu=force_isolation" - "iommu=force" - "iommu.strict=1" - "init_on_free=1" - "quiet" - "loglevel=0" + "debugfs=off" + "page_alloc.shuffle=1" + "slab_nomerge" + "page_poison=1" + + # madaidan + "pti=on" + "randomize_kstack_offset=on" + "vsyscall=none" + "module.sig_enforce=1" + "lockdown=confidentiality" + + # cpu + "spectre_v2=on" + "spec_store_bypass_disable=on" + "tsx=off" + "tsx_async_abort=full,nosmt" + "mds=full,nosmt" + "l1tf=full,force" + "nosmt=force" + "kvm.nx_huge_pages=force" + + # hardened + "extra_latent_entropy" + + # mineral + "init_on_alloc=1" + "random.trust_cpu=off" + "random.trust_bootloader=off" + "intel_iommu=on" + "amd_iommu=force_isolation" + "iommu=force" + "iommu.strict=1" + "init_on_free=1" + "quiet" + "loglevel=0" ]; blacklistedKernelModules = [ - "netrom" - "rose" - - "adfs" - "affs" - "bfs" - "befs" - "cramfs" - "efs" - "erofs" - "exofs" - "freevxfs" - "f2fs" - "hfs" - "hpfs" - "jfs" - "minix" - "nilfs2" - "ntfs" - "omfs" - "qnx4" - "qnx6" - "sysv" - "ufs" + "netrom" + "rose" + + "adfs" + "affs" + "bfs" + "befs" + "cramfs" + "efs" + "erofs" + "exofs" + "freevxfs" + "f2fs" + "hfs" + "hpfs" + "jfs" + "minix" + "nilfs2" + "ntfs" + "omfs" + "qnx4" + "qnx6" + "sysv" + "ufs" ]; kernel.sysctl = { - "kernel.ftrace_enabled" = false; - "net.core.bpf_jit_enable" = false; - "kernel.kptr_restrict" = 2; - - # madaidan - "vm.swappiness" = 1; - "vm.unprivileged_userfaultfd" = 0; - "dev.tty.ldisc_autoload" = 0; - "kernel.kexec_load_disabled" = 1; - "kernel.sysrq" = 4; - "kernel.perf_event_paranoid" = 3; - - # net - "net.ipv4.icmp_echo_ignore_broadcasts" = true; - - "net.ipv4.conf.all.accept_redirects" = false; - "net.ipv4.conf.all.secure_redirects" = false; - "net.ipv4.conf.default.accept_redirects" = false; - "net.ipv4.conf.default.secure_redirects" = false; - "net.ipv6.conf.all.accept_redirects" = false; - "net.ipv6.conf.default.accept_redirects" = false; + "kernel.ftrace_enabled" = false; + "net.core.bpf_jit_enable" = false; + "kernel.kptr_restrict" = 2; + + # madaidan + "vm.swappiness" = 1; + "vm.unprivileged_userfaultfd" = 0; + "dev.tty.ldisc_autoload" = 0; + "kernel.kexec_load_disabled" = 1; + "kernel.sysrq" = 4; + "kernel.perf_event_paranoid" = 3; + + # net + "net.ipv4.icmp_echo_ignore_broadcasts" = true; + + "net.ipv4.conf.all.accept_redirects" = false; + "net.ipv4.conf.all.secure_redirects" = false; + "net.ipv4.conf.default.accept_redirects" = false; + "net.ipv4.conf.default.secure_redirects" = false; + "net.ipv6.conf.all.accept_redirects" = false; + "net.ipv6.conf.default.accept_redirects" = false; }; }; @@ -688,12 +688,12 @@ because they enhance security. useDHCP = lib.mkDefault true; hostName = config.monorepo.vars.hostName; networkmanager = { - enable = true; - # wifi.macAddress = ""; + enable = true; + # wifi.macAddress = ""; }; firewall = { - allowedTCPPorts = [ ]; - allowedUDPPorts = [ ]; + allowedTCPPorts = [ 11434 ]; + allowedUDPPorts = [ ]; }; }; @@ -704,16 +704,16 @@ because they enhance security. pulseaudio.enable = ! config.monorepo.profiles.pipewire.enable; bluetooth = { - enable = true; - powerOnBoot = true; + enable = true; + powerOnBoot = true; }; }; services = { chrony = { - enable = true; - enableNTS = true; - servers = [ "time.cloudflare.com" "ptbtime1.ptb.de" "ptbtime2.ptb.de" ]; + enable = true; + enableNTS = true; + servers = [ "time.cloudflare.com" "ptbtime1.ptb.de" "ptbtime2.ptb.de" ]; }; jitterentropy-rngd.enable = true; @@ -726,12 +726,12 @@ because they enhance security. # Misc. udev = { - extraRules = ''''; - packages = with pkgs; [ - platformio-core - platformio-core.udev - openocd - ]; + extraRules = ''''; + packages = with pkgs; [ + platformio-core + platformio-core.udev + openocd + ]; }; printing.enable = true; @@ -748,20 +748,20 @@ because they enhance security. nixpkgs = { hostPlatform = lib.mkDefault "x86_64-linux"; config = { - allowUnfree = true; - cudaSupport = lib.mkDefault config.monorepo.profiles.cuda.enable; + allowUnfree = true; + cudaSupport = lib.mkDefault config.monorepo.profiles.cuda.enable; }; }; security = { apparmor = { - enable = true; - killUnconfinedConfinables = true; + enable = true; + killUnconfinedConfinables = true; }; pam.loginLimits = [ - { domain = "*"; item = "nofile"; type = "-"; value = "32768"; } - { domain = "*"; item = "memlock"; type = "-"; value = "32768"; } + { domain = "*"; item = "nofile"; type = "-"; value = "32768"; } + { domain = "*"; item = "memlock"; type = "-"; value = "32768"; } ]; rtkit.enable = true; @@ -771,9 +771,9 @@ because they enhance security. forcePageTableIsolation = true; tpm2 = { - enable = true; - pkcs11.enable = true; - tctiEnvironment.enable = true; + enable = true; + pkcs11.enable = true; + tctiEnvironment.enable = true; }; auditd.enable = true; @@ -786,9 +786,9 @@ because they enhance security. enable = true; wlr.enable = true; extraPortals = with pkgs; [ - xdg-desktop-portal-gtk - xdg-desktop-portal - xdg-desktop-portal-hyprland + xdg-desktop-portal-gtk + xdg-desktop-portal + xdg-desktop-portal-hyprland ]; config.common.default = "*"; }; @@ -803,21 +803,21 @@ because they enhance security. users.users = { root.openssh.authorizedKeys.keys = [ - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINSshvS1N/42pH9Unp3Zj4gjqs9BXoin99oaFWYHXZDJ preston@preston-arch" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINSshvS1N/42pH9Unp3Zj4gjqs9BXoin99oaFWYHXZDJ preston@preston-arch" ]; git = { - isSystemUser = true; - home = "/srv/git"; - shell = "${pkgs.git}/bin/git-shell"; + isSystemUser = true; + home = "/srv/git"; + shell = "${pkgs.git}/bin/git-shell"; }; "${config.monorepo.vars.userName}" = { - initialPassword = "${config.monorepo.vars.userName}"; - isNormalUser = true; - description = config.monorepo.vars.fullName; - extraGroups = [ "networkmanager" "wheel" "video" "docker" "jackaudio" "tss" "dialout" ]; - shell = pkgs.zsh; - packages = []; + initialPassword = "${config.monorepo.vars.userName}"; + isNormalUser = true; + description = config.monorepo.vars.fullName; + extraGroups = [ "networkmanager" "wheel" "video" "docker" "jackaudio" "tss" "dialout" ]; + shell = pkgs.zsh; + packages = []; }; }; @@ -2421,46 +2421,48 @@ A classic program that allows you to download from youtube. Also has integration My zsh config has some useful aliases that one should read through. Otherwise it is pretty standard. #+begin_src nix :tangle ../nix/modules/home/zsh.nix -{ lib, config, pkgs, ... }: -{ - programs.zsh = { - enable = true; - initExtra = '' - umask 0077 - export EXTRA_CCFLAGS="-I/usr/include" - source ${pkgs.zsh-vi-mode}/share/zsh-vi-mode/zsh-vi-mode.plugin.zsh - export QT_QPA_PLATFORM="wayland" - ''; + { lib, config, pkgs, ... }: + { + programs.zsh = { + enable = true; + initExtra = '' + umask 0077 + export EXTRA_CCFLAGS="-I/usr/include" + source ${pkgs.zsh-vi-mode}/share/zsh-vi-mode/zsh-vi-mode.plugin.zsh + export QT_QPA_PLATFORM="wayland" + ''; - localVariables = { - EDITOR = "emacsclient --create-frame --alternate-editor=vim"; - INPUT_METHOD = "fcitx"; - QT_IM_MODULE = "fcitx"; - GTK_IM_MODULE = "fcitx"; - XMODIFIERS = "@im=fcitx"; - XIM_SERVERS = "fcitx"; - WXSUPPRESS_SIZER_FLAGS_CHECK = "1"; - }; + localVariables = { + EDITOR = "emacsclient --create-frame --alternate-editor=vim"; + INPUT_METHOD = "fcitx"; + QT_IM_MODULE = "fcitx"; + GTK_IM_MODULE = "fcitx"; + XMODIFIERS = "@im=fcitx"; + XIM_SERVERS = "fcitx"; + WXSUPPRESS_SIZER_FLAGS_CHECK = "1"; + }; - shellAliases = { - c = "clear"; - g = "git"; - v = "vim"; - py = "python3"; - rb = "sudo nixos-rebuild switch --flake .#continuity"; - nfu = "cd ~/monorepo/nix && git add . && git commit -m \"new flake lock\" && nix flake update"; - usite - = "cd ~/monorepo/publish-org-roam-ui && bash local.sh && rm -rf ~/website_html/graph_view; cp -r ~/monorepo/publish-org-roam-ui/out ~/website_html/graph_view && rsync -azvP --chmod=\"Du=rwx,Dg=rx,Do=rx,Fu=rw,Fg=r,Fo=r\" ~/website_html/ root@${config.monorepo.vars.remoteHost}:/usr/share/nginx/ret2pop/"; - sai = "eval \"$(ssh-agent -s)\" && ssh-add ~/.ssh/id_ed25519 && ssh-add -l"; - i3 = "exec ${pkgs.i3-gaps}/bin/i3"; + shellAliases = { + c = "clear"; + g = "git"; + v = "vim"; + py = "python3"; + rb = "sudo nixos-rebuild switch --flake .#continuity"; + rba = "sudo nixos-rebuild switch --flake .#affinity"; + nfu = "cd ~/monorepo/nix && git add . && git commit -m \"new flake lock\" && nix flake update"; + usync = "rsync -azvP --chmod=\"Du=rwx,Dg=rx,Do=rx,Fu=rw,Fg=r,Fo=r\" ~/website_html/ root@nullring.xyz:/usr/share/nginx/ret2pop/"; + usite + = "cd ~/src/publish-org-roam-ui && bash local.sh && rm -rf ~/website_html/graph_view; cp -r ~/src/publish-org-roam-ui/out ~/website_html/graph_view && rsync -azvP --chmod=\"Du=rwx,Dg=rx,Do=rx,Fu=rw,Fg=r,Fo=r\" ~/website_html/ root@${config.monorepo.vars.remoteHost}:/usr/share/nginx/ret2pop/"; + sai = "eval \"$(ssh-agent -s)\" && ssh-add ~/.ssh/id_ed25519 && ssh-add -l"; + i3 = "exec ${pkgs.i3-gaps}/bin/i3"; + }; + loginExtra = '' + if [[ "$(tty)" = "/dev/tty1" ]]; then + exec Hyprland + fi + ''; }; - loginExtra = '' - if [[ "$(tty)" = "/dev/tty1" ]]; then - exec Hyprland - fi - ''; - }; -} + } #+end_src *** User This configuration is the backbone configuration for the default user. It specifies some @@ -2480,6 +2482,9 @@ for these configurations. if [ ! -d /home/${config.monorepo.vars.userName}/org ]; then mkdir -p /home/${config.monorepo.vars.userName}/org fi + if [ ! -d /home/${config.monorepo.vars.userName}/src ]; then + mkdir -p /home/${config.monorepo.vars.userName}/src + fi touch /home/${config.monorepo.vars.userName}/org/agenda.org touch /home/${config.monorepo.vars.userName}/org/notes.org ''; @@ -2600,7 +2605,7 @@ work deterministically. *** ISO Default Profile This contains the installation script I use to install my systems. #+begin_src nix :tangle ../nix/systems/installer/default.nix - { pkgs, config, ... }: + { pkgs, config, lib, ... }: let commits = import ./commits.nix; in @@ -2611,15 +2616,28 @@ This contains the installation script I use to install my systems. enable = true; }; firewall = { - allowedTCPPorts = [ ]; + allowedTCPPorts = [ 22 ]; allowedUDPPorts = [ ]; }; wireless.enable = false; }; + services.openssh = { + enable = true; + ports = [ 22 ]; + settings = { + PasswordAuthentication = true; + AllowUsers = null; + UseDns = true; + PermitRootLogin = lib.mkForce "prohibit-password"; + }; + }; users.extraUsers.root.password = "nixos"; users.extraUsers.nixos.password = "nixos"; users.users = { + root.openssh.authorizedKeys.keys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICts6+MQiMwpA+DfFQxjIN214Jn0pCw/2BDvOzPhR/H2 preston@continuity-dell" + ]; nixos = { packages = with pkgs; [ git @@ -2637,7 +2655,7 @@ This contains the installation script I use to install my systems. ping -q -c1 google.com &>/dev/null && echo "online! Proceeding with the installation..." || nmtui cd if [ ! -d "$HOME/monorepo/" ]; then - git clone --recurse-submodules https://git.nullring.xyz/monorepo.git + git clone https://git.nullring.xyz/monorepo.git cd monorepo git checkout "${commits.monorepoCommitHash}" fi diff --git a/journal/20250201.org b/journal/20250201.org new file mode 100644 index 0000000..fbf1975 --- /dev/null +++ b/journal/20250201.org @@ -0,0 +1,15 @@ +#+TITLE: Daily Journal +#+STARTUP: showeverything +#+DESCRIPTION: My daily journal entry +#+AUTHOR: Preston Pan +#+HTML_HEAD: <link rel="stylesheet" type="text/css" href="../style.css" /> +#+html_head: <script src="https://polyfill.io/v3/polyfill.min.js?features=es6"></script> +#+html_head: <script id="MathJax-script" async src="https://cdn.jsdelivr.net/npm/mathjax@3/es5/tex-mml-chtml.js"></script> +#+options: broken-links:t +* Saturday, 01 February 2025 +** 19:30 +I've set up various LLMs on my desktop PC. It's pretty cool that we +consumers can just run this stuff on consumer hardware, and I'm really +looking forward to using these tools more. Deepseek r1 is the model +that everyone is talking about, but I think that phi4 is another great +model right now and seems to be extremely competitive per the weight count. diff --git a/journal/index.org b/journal/index.org index ef9a27f..6828971 100644 --- a/journal/index.org +++ b/journal/index.org @@ -34,6 +34,10 @@ done #+end_src #+RESULTS: +- [[file:20250201.org][20250201.org]] +- [[file:20250123.org][20250123.org]] +- [[file:20250119.org][20250119.org]] +- [[file:20250116.org][20250116.org]] - [[file:20250112.org][20250112.org]] - [[file:20250111.org][20250111.org]] - [[file:20250108.org][20250108.org]] diff --git a/mindmap/lrc_circuit.png b/mindmap/lrc_circuit.png Binary files differindex 2c5b6b6..4dd394e 100644 --- a/mindmap/lrc_circuit.png +++ b/mindmap/lrc_circuit.png diff --git a/nix/flake.lock b/nix/flake.lock index f0a1cb2..cf1fb58 100644 --- a/nix/flake.lock +++ b/nix/flake.lock @@ -28,11 +28,11 @@ ] }, "locked": { - "lastModified": 1737038063, - "narHash": "sha256-rMEuiK69MDhjz1JgbaeQ9mBDXMJ2/P8vmOYRbFndXsk=", + "lastModified": 1738148035, + "narHash": "sha256-KYOATYEwaKysL3HdHdS5kbQMXvzS4iPJzJrML+3TKAo=", "owner": "nix-community", "repo": "disko", - "rev": "bf0abfde48f469c256f2b0f481c6281ff04a5db2", + "rev": "18d0a984cc2bc82cf61df19523a34ad463aa7f54", "type": "github" }, "original": { @@ -189,11 +189,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1737885640, - "narHash": "sha256-GFzPxJzTd1rPIVD4IW+GwJlyGwBDV1Tj5FLYwDQQ9sM=", + "lastModified": 1738277201, + "narHash": "sha256-6L+WXKCw5mqnUIExvqkD99pJQ41xgyCk6z/H9snClwk=", "owner": "nixos", "repo": "nixpkgs", - "rev": "4e96537f163fad24ed9eb317798a79afc85b51b7", + "rev": "666e1b3f09c267afd66addebe80fb05a5ef2b554", "type": "github" }, "original": { @@ -221,11 +221,11 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1737885589, - "narHash": "sha256-Zf0hSrtzaM1DEz8//+Xs51k/wdSajticVrATqDrfQjg=", + "lastModified": 1738142207, + "narHash": "sha256-NGqpVVxNAHwIicXpgaVqJEJWeyqzoQJ9oc8lnK9+WC4=", "owner": "nixos", "repo": "nixpkgs", - "rev": "852ff1d9e153d8875a83602e03fdef8a63f0ecf8", + "rev": "9d3ae807ebd2981d593cddd0080856873139aa40", "type": "github" }, "original": { @@ -258,11 +258,11 @@ "treefmt-nix": "treefmt-nix" }, "locked": { - "lastModified": 1738096417, - "narHash": "sha256-Ilaq4ZBWLKRQnnrVdo07RPXvL2bgLSpRRYQbEkTmY8E=", + "lastModified": 1738362438, + "narHash": "sha256-EO2dVkMVLThWqv4hobEZEZGWBEuH2Z9SYqQDrbLSclU=", "owner": "nix-community", "repo": "NUR", - "rev": "9749661663bff263eb630f3a7f200e8b5a6ce3da", + "rev": "95ddad0ff0e67c90314c6ca46324dce5f9a910d2", "type": "github" }, "original": { @@ -356,11 +356,11 @@ "nixpkgs": "nixpkgs_3" }, "locked": { - "lastModified": 1737411508, - "narHash": "sha256-j9IdflJwRtqo9WpM0OfAZml47eBblUHGNQTe62OUqTw=", + "lastModified": 1738291974, + "narHash": "sha256-wkwYJc8cKmmQWUloyS9KwttBnja2ONRuJQDEsmef320=", "owner": "Mic92", "repo": "sops-nix", - "rev": "015d461c16678fc02a2f405eb453abb509d4e1d4", + "rev": "4c1251904d8a08c86ac6bc0d72cc09975e89aef7", "type": "github" }, "original": { diff --git a/nix/flake.nix b/nix/flake.nix index c09005c..058635a 100644 --- a/nix/flake.nix +++ b/nix/flake.nix @@ -5,18 +5,18 @@ nixpkgs.url = "github:nixos/nixpkgs/nixos-24.11"; home-manager = { - url = "github:nix-community/home-manager/release-24.11"; - inputs.nixpkgs.follows = "nixpkgs"; + url = "github:nix-community/home-manager/release-24.11"; + inputs.nixpkgs.follows = "nixpkgs"; }; disko = { - url = "github:nix-community/disko"; - inputs.nixpkgs.follows = "nixpkgs"; + url = "github:nix-community/disko"; + inputs.nixpkgs.follows = "nixpkgs"; }; lanzaboote = { - url = "github:nix-community/lanzaboote/v0.4.1"; - inputs.nixpkgs.follows = "nixpkgs"; + url = "github:nix-community/lanzaboote/v0.4.1"; + inputs.nixpkgs.follows = "nixpkgs"; }; nur.url = "github:nix-community/NUR"; @@ -28,55 +28,55 @@ outputs = { nixpkgs, home-manager, nur, disko, lanzaboote, sops-nix, ... }@attrs: { nixosConfigurations = { - installer = nixpkgs.lib.nixosSystem { - system = "x86_64-linux"; - modules = [ - ( - { pkgs, modulesPath, ... }: - { - imports = [ (modulesPath + "/installer/cd-dvd/installation-cd-minimal.nix") ]; - } - ) - ./systems/installer/default.nix - ]; - }; + installer = nixpkgs.lib.nixosSystem { + system = "x86_64-linux"; + modules = [ + ( + { pkgs, modulesPath, ... }: + { + imports = [ (modulesPath + "/installer/cd-dvd/installation-cd-minimal.nix") ]; + } + ) + ./systems/installer/default.nix + ]; + }; - continuity = nixpkgs.lib.nixosSystem { - system = "x86_64-linux"; - specialArgs = attrs; - modules = [ - lanzaboote.nixosModules.lanzaboote - disko.nixosModules.disko - home-manager.nixosModules.home-manager - sops-nix.nixosModules.sops - { nixpkgs.overlays = [ nur.overlays.default ]; } - { home-manager.extraSpecialArgs = attrs; } + continuity = nixpkgs.lib.nixosSystem { + system = "x86_64-linux"; + specialArgs = attrs; + modules = [ + lanzaboote.nixosModules.lanzaboote + disko.nixosModules.disko + home-manager.nixosModules.home-manager + sops-nix.nixosModules.sops + { nixpkgs.overlays = [ nur.overlays.default ]; } + { home-manager.extraSpecialArgs = attrs; } - ./modules/sda-simple.nix - ./systems/continuity/default.nix - ]; - }; + ./modules/sda-simple.nix + ./systems/continuity/default.nix + ]; + }; - affinity = nixpkgs.lib.nixosSystem { - system = "x86_64-linux"; - specialArgs = attrs; - modules = [ - lanzaboote.nixosModules.lanzaboote - disko.nixosModules.disko - home-manager.nixosModules.home-manager - sops-nix.nixosModules.sops - { nixpkgs.overlays = [ nur.overlays.default ]; } - { home-manager.extraSpecialArgs = attrs; } - ./modules/nvme-simple.nix - ./systems/affinity/default.nix - ]; - }; + affinity = nixpkgs.lib.nixosSystem { + system = "x86_64-linux"; + specialArgs = attrs; + modules = [ + lanzaboote.nixosModules.lanzaboote + disko.nixosModules.disko + home-manager.nixosModules.home-manager + sops-nix.nixosModules.sops + { nixpkgs.overlays = [ nur.overlays.default ]; } + { home-manager.extraSpecialArgs = attrs; } + ./modules/nvme-simple.nix + ./systems/affinity/default.nix + ]; + }; - spontaneity = nixpkgs.lib.nixosSystem { - system = "x86_64-linux"; - specialArgs = attrs; - modules = []; - }; + spontaneity = nixpkgs.lib.nixosSystem { + system = "x86_64-linux"; + specialArgs = attrs; + modules = []; + }; }; }; } diff --git a/nix/modules/configuration.nix b/nix/modules/configuration.nix index 8127759..3c12962 100644 --- a/nix/modules/configuration.nix +++ b/nix/modules/configuration.nix @@ -181,7 +181,7 @@ # wifi.macAddress = ""; }; firewall = { - allowedTCPPorts = [ ]; + allowedTCPPorts = [ 11434 ]; allowedUDPPorts = [ ]; }; }; diff --git a/nix/modules/home/zsh.nix b/nix/modules/home/zsh.nix index a5641fd..fc041e9 100644 --- a/nix/modules/home/zsh.nix +++ b/nix/modules/home/zsh.nix @@ -25,7 +25,9 @@ v = "vim"; py = "python3"; rb = "sudo nixos-rebuild switch --flake .#continuity"; + rba = "sudo nixos-rebuild switch --flake .#affinity"; nfu = "cd ~/monorepo/nix && git add . && git commit -m \"new flake lock\" && nix flake update"; + usync = "rsync -azvP --chmod=\"Du=rwx,Dg=rx,Do=rx,Fu=rw,Fg=r,Fo=r\" ~/website_html/ root@nullring.xyz:/usr/share/nginx/ret2pop/"; usite = "cd ~/src/publish-org-roam-ui && bash local.sh && rm -rf ~/website_html/graph_view; cp -r ~/src/publish-org-roam-ui/out ~/website_html/graph_view && rsync -azvP --chmod=\"Du=rwx,Dg=rx,Do=rx,Fu=rw,Fg=r,Fo=r\" ~/website_html/ root@${config.monorepo.vars.remoteHost}:/usr/share/nginx/ret2pop/"; sai = "eval \"$(ssh-agent -s)\" && ssh-add ~/.ssh/id_ed25519 && ssh-add -l"; diff --git a/nix/systems/installer/default.nix b/nix/systems/installer/default.nix index cbfed0d..2b832f4 100644 --- a/nix/systems/installer/default.nix +++ b/nix/systems/installer/default.nix @@ -1,4 +1,4 @@ -{ pkgs, config, ... }: +{ pkgs, config, lib, ... }: let commits = import ./commits.nix; in @@ -9,15 +9,28 @@ in enable = true; }; firewall = { - allowedTCPPorts = [ ]; + allowedTCPPorts = [ 22 ]; allowedUDPPorts = [ ]; }; wireless.enable = false; }; + services.openssh = { + enable = true; + ports = [ 22 ]; + settings = { + PasswordAuthentication = true; + AllowUsers = null; + UseDns = true; + PermitRootLogin = lib.mkForce "prohibit-password"; + }; + }; users.extraUsers.root.password = "nixos"; users.extraUsers.nixos.password = "nixos"; users.users = { + root.openssh.authorizedKeys.keys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICts6+MQiMwpA+DfFQxjIN214Jn0pCw/2BDvOzPhR/H2 preston@continuity-dell" + ]; nixos = { packages = with pkgs; [ git @@ -35,7 +48,7 @@ fi ping -q -c1 google.com &>/dev/null && echo "online! Proceeding with the installation..." || nmtui cd if [ ! -d "$HOME/monorepo/" ]; then - git clone --recurse-submodules https://git.nullr |
