bunch of updates

hosts/deck/configuration.nix

@@ -73,8 +73,9 @@
   # };
 
   # Enable automatic login for the user.
-  services.xserver.displayManager.autoLogin.enable = true;
-  services.xserver.displayManager.autoLogin.user = "anish";
+  # Disabled: jovian.steam.autoStart handles this
+  # services.xserver.displayManager.autoLogin.enable = true;
+  # services.xserver.displayManager.autoLogin.user = "anish";
 
   # Workaround for GNOME autologin: https://github.com/NixOS/nixpkgs/issues/103746#issuecomment-945091229
   systemd.services."getty@tty1".enable = false;

hosts/deck/default.nix

@@ -1,4 +1,4 @@
-{ self, pkgs, config, ... }:
+{ self, pkgs, config, lib, ... }:
 {
   imports = [
     ./configuration.nix
@@ -31,13 +31,16 @@
   #   theme = "motion";
   # };
 
-  jovian.steam.enable = true;
-  jovian.devices.steamdeck.enable = true;
-  jovian.steam.user = "anish";
-  jovian.steam.autoStart = true;
-  jovian.steam.desktopSession = "gnome";
+  # jovian.steam.enable = true;
+  # jovian.devices.steamdeck.enable = true;
+  # jovian.steam.user = "anish";
+  # jovian.steam.autoStart = true;
+  # jovian.steam.desktopSession = "gnome";
   # jovian.steam.desktopSession = "none+bspwm";
 
+  # Disable lightdm from desktop profile
+  services.xserver.displayManager.lightdm.enable = lib.mkForce false;
+
   # Install XR drivers
   # environment.systemPackages = with pkgs; [
   #   xrlinuxdriver

hosts/lituus/block-storage.nix

@@ -0,0 +1,53 @@
+{ config, lib, pkgs, ... }:
+
+{
+  # Block storage mount
+  fileSystems."/srv/sealight" = {
+    device = "/dev/disk/by-id/virtio-mel-3b1f60a89cd649";
+    fsType = "ext4";
+    options = [ "noatime" ];
+  };
+
+  # Bind mounts for service data
+  # PostgreSQL moved to NVMe for performance - data lives directly on /var/lib/postgresql
+  # fileSystems."/var/lib/postgresql" = {
+  #   device = "/srv/sealight/postgresql";
+  #   fsType = "none";
+  #   options = [ "bind" "x-systemd.requires-mounts-for=/srv/sealight" ];
+  # };
+
+  fileSystems."/var/lib/matrix-synapse" = {
+    device = "/srv/sealight/matrix-synapse";
+    fsType = "none";
+    options = [ "bind" "x-systemd.requires-mounts-for=/srv/sealight" ];
+  };
+
+  fileSystems."/var/lib/matrix-as-discord" = {
+    device = "/srv/sealight/matrix-as-discord";
+    fsType = "none";
+    options = [ "bind" "x-systemd.requires-mounts-for=/srv/sealight" ];
+  };
+
+  fileSystems."/var/lib/mautrix-telegram" = {
+    device = "/srv/sealight/mautrix-telegram";
+    fsType = "none";
+    options = [ "bind" "x-systemd.requires-mounts-for=/srv/sealight" ];
+  };
+
+  fileSystems."/var/lib/wireguard" = {
+    device = "/srv/sealight/wireguard";
+    fsType = "none";
+    options = [ "bind" "x-systemd.requires-mounts-for=/srv/sealight" ];
+  };
+
+  fileSystems."/var/www" = {
+    device = "/srv/sealight/www";
+    fsType = "none";
+    options = [ "bind" "x-systemd.requires-mounts-for=/srv/sealight" ];
+  };
+
+  # Ensure services wait for mounts
+  # PostgreSQL no longer needs to wait for /srv/sealight mount
+  # systemd.services.postgresql.unitConfig.RequiresMountsFor = [ "/srv/sealight" ];
+  systemd.services.matrix-synapse.unitConfig.RequiresMountsFor = [ "/srv/sealight" ];
+}

hosts/lituus/default.nix

@@ -1,7 +1,9 @@
 { self, profiles, suites, ... }:
 {
   imports = [
+    ./hardware-configuration.nix
     ./configuration.nix
+    ./block-storage.nix
     ../profiles/core
     ../profiles/server
     ../profiles/metrics

hosts/lituus/hardware-configuration.nix

@@ -1,27 +1,22 @@
-# Do not modify this file!  It was generated by ‘nixos-generate-config’
-# and may be overwritten by future invocations.  Please make changes
-# to /etc/nixos/configuration.nix instead.
 { config, lib, pkgs, modulesPath, ... }:
 
 {
-  imports =
-    [
-      (modulesPath + "/profiles/qemu-guest.nix")
-    ];
+  imports = [ ];
 
-  boot.initrd.availableKernelModules = [ "ata_piix" "floppy" "virtio_pci" "sr_mod" "virtio_blk" ];
+  boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "virtio_pci" "sr_mod" "virtio_blk" ];
   boot.initrd.kernelModules = [ ];
   boot.kernelModules = [ ];
   boot.extraModulePackages = [ ];
 
-  fileSystems."/" =
-    {
-      device = "/dev/disk/by-uuid/3b8b2c4b-835e-4822-8ac8-0effdc8270d6";
-      fsType = "btrfs";
-    };
+  fileSystems."/" = {
+    device = "/dev/disk/by-uuid/f9e9468f-ff3b-430d-9ecf-ba275cf2f716";
+    fsType = "ext4";
+  };
 
   swapDevices = [ ];
 
-  hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
-  nixpkgs.hostPlatform = "x86_64-linux";
+  networking.useDHCP = lib.mkDefault true;
+
+  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
+  virtualisation.hypervGuest.enable = true;
 }

hosts/profiles/matrix/default.nix

@@ -17,11 +17,14 @@
   age.secrets.synapse-config.file = "${self}/secrets/synapse-config.age";
   age.secrets.synapse-config.owner = "matrix-synapse";
 
+  systemd.services.matrix-synapse.serviceConfig.TimeoutStartSec = "10min";
+  
   services.matrix-synapse = {
     enable = true;
     settings = {
       max_upload_size = "100M";
       server_name = "sealight.xyz";
+      federation_sender_instances = [];
       listeners = [
         {
           port = 8448;
@@ -210,7 +213,12 @@
           root = "/var/www/sealight.xyz";
         };
         locations."/_matrix" = {
-          proxyPass = "http://localhost:8448";
+          proxyPass = "http://127.0.0.1:8448";
+          extraConfig = ''
+            proxy_read_timeout 300s;
+            proxy_connect_timeout 300s;
+            proxy_send_timeout 300s;
+          '';
         };
         # locations."/slackbridge" = {
         #   proxyPass = "http://localhost:9899";
@@ -222,6 +230,11 @@
         enableACME = true;
         locations."/" = {
           proxyPass = "http://localhost:8448";
+          extraConfig = ''
+            proxy_read_timeout 300s;
+            proxy_connect_timeout 300s;
+            proxy_send_timeout 300s;
+          '';
         };
       };
       ## virtual host for Riot/Web