alex/nixos-configs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: alex:main
Branches Tags
alex:main
..
compare: alex:5e84d0147b9e79d986270c0c942a136556bc7ade
Branches Tags
alex:main

2 Commits
main ... 5e84d0147b

Author SHA1 Message Date
Alexander Heldt
5e84d0147b tadpole: Enable gitea 2024-08-29 20:30:32 +02:00
Alexander Heldt
69b4b1cd21 tadpole: Add gitea module 2024-08-29 20:30:32 +02:00
161 changed files with 1549 additions and 2972 deletions
Expand all files Collapse all files

1
.envrc
View File

@@ -1 +0,0 @@
use flake

1
.gitignore vendored
View File

@@ -1,3 +1,2 @@
.direnv/
*.qcow2 *.qcow2
result result

10
README.md
View File

@@ -25,13 +25,3 @@ EDITOR=vim agenix -d "some-secret.age" -i ~/.ssh/alex.pinwheel
Or use some other SSH key that is has been used to key the secret. Or use some other SSH key that is has been used to key the secret.
# Test VM
Build the test VM with the command:
```
cm --build-test-vm
```
and test it with:
```
cm --run-test-vm
```

16
config-manager/default.nix
View File

@@ -1,10 +1,4 @@
{ { inputs, pkgs, lib, config, ... }:
inputs,
pkgs,
lib,
config,
...
}:
let let
flakePath = config.config-manager.flakePath; flakePath = config.config-manager.flakePath;
nixosConfiguration = config.config-manager.nixosConfiguration; nixosConfiguration = config.config-manager.nixosConfiguration;
@@ -20,20 +14,20 @@ let
pkgs.writeShellScriptBin "cm" '' pkgs.writeShellScriptBin "cm" ''
help() { help() {
cat << EOF cat << EOF
Usage: Usage:
cm [flag] cm [flag]
Flags: Flags:
--update updates the flake --update updates the flake
--switch rebuilds + switches configuration (using 'nh') --switch rebuilds + switches configuration (using 'nh')
--build-test-vm, --btvm build test-vm --build-test-vm, --btvm build test-vm
--run-test-vm, --rtvm run test-vm --run-test-vm, --rtvm run test-vm
EOF EOF
} }
update() { update() {
echo -e "\033[0;31mUPDATING FLAKE\033[0m" echo -e "\033[0;31mUPDATING FLAKE\033[0m"
nix flake update --flake ${flakePath} nix flake update ${flakePath}
} }
switch() { switch() {

162
flake.lock generated
View File

@@ -10,11 +10,11 @@
"systems": "systems" "systems": "systems"
}, },
"locked": { "locked": {
"lastModified": 1760836749, "lastModified": 1723293904,
"narHash": "sha256-wyT7Pl6tMFbFrs8Lk/TlEs81N6L+VSybPfiIgzU8lbQ=", "narHash": "sha256-b+uqzj+Wa6xgMS9aNbX4I+sXeb5biPDi39VgvSFqFvU=",
"owner": "ryantm", "owner": "ryantm",
"repo": "agenix", "repo": "agenix",
"rev": "2f0f812f69f3eb4140157fe15e12739adf82e32a", "rev": "f6291c5935fdc4e0bef208cfc0dcab7e3f7a1c41",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -31,11 +31,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1744478979, "lastModified": 1700795494,
"narHash": "sha256-dyN+teG9G82G+m+PX/aSAagkC+vUv0SgUw3XkPhQodQ=", "narHash": "sha256-gzGLZSiOhf155FW7262kdHo2YDeugp3VuIFb4/GGng0=",
"owner": "lnl7", "owner": "lnl7",
"repo": "nix-darwin", "repo": "nix-darwin",
"rev": "43975d782b418ebf4969e9ccba82466728c2851b", "rev": "4b9b83d5a92e8c1fbfd8eb27eda375908c11ec4d",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -45,39 +45,20 @@
"type": "github" "type": "github"
} }
}, },
"disko": {
"inputs": {
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1760701190,
"narHash": "sha256-y7UhnWlER8r776JsySqsbTUh2Txf7K30smfHlqdaIQw=",
"owner": "nix-community",
"repo": "disko",
"rev": "3a9450b26e69dcb6f8de6e2b07b3fc1c288d85f5",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "disko",
"type": "github"
}
},
"emacs-overlay": { "emacs-overlay": {
"inputs": { "inputs": {
"flake-utils": "flake-utils",
"nixpkgs": [ "nixpkgs": [
"nixpkgs" "nixpkgs"
], ],
"nixpkgs-stable": "nixpkgs-stable" "nixpkgs-stable": "nixpkgs-stable"
}, },
"locked": { "locked": {
"lastModified": 1760951609, "lastModified": 1723946515,
"narHash": "sha256-rWkUWKWcLin0+dKvinWC1IZVxJnIvXV3q/wlmmKkzo4=", "narHash": "sha256-b/OHNTfJl16JSLpGMDSoiGliqc13MmUUEu78GqS++Sg=",
"owner": "nix-community", "owner": "nix-community",
"repo": "emacs-overlay", "repo": "emacs-overlay",
"rev": "41bee8f6a80b36b0348a8e750e5db88fea528171", "rev": "c34c8d77f326f42d43d5912c33e8802a96d29cd0",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -91,11 +72,11 @@
"systems": "systems_2" "systems": "systems_2"
}, },
"locked": { "locked": {
"lastModified": 1731533236, "lastModified": 1710146030,
"narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=", "narHash": "sha256-SZ5L6eA7HJ/nmkzGG7/ISclqe6oZdOZTNoesiInkXPQ=",
"owner": "numtide", "owner": "numtide",
"repo": "flake-utils", "repo": "flake-utils",
"rev": "11707dc2f618dd54ca8739b309ec4fc024de578b", "rev": "b1d9ab70662946ef0850d488da1c9019f3a9752a",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -112,11 +93,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1745494811, "lastModified": 1703113217,
"narHash": "sha256-YZCh2o9Ua1n9uCvrvi5pRxtuVNml8X2a03qIFfRKpFs=", "narHash": "sha256-7ulcXOk63TIT2lVDSExj7XzFx09LpdSAPtvgtM7yQPE=",
"owner": "nix-community", "owner": "nix-community",
"repo": "home-manager", "repo": "home-manager",
"rev": "abfad3d2958c9e6300a883bd443512c55dfeb1be", "rev": "3bfaacf46133c037bb356193bd2f1765d9dc82c1",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -132,11 +113,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1760969583, "lastModified": 1723399884,
"narHash": "sha256-vsf5mvR0xxK4GsfLx5bMJAQ4ysdrKymMIifNw+4TP7g=", "narHash": "sha256-97wn0ihhGqfMb8WcUgzzkM/TuAxce2Gd20A8oiruju4=",
"owner": "nix-community", "owner": "nix-community",
"repo": "home-manager", "repo": "home-manager",
"rev": "c9d758b500e53db5b74aa02d17dc45b65229e8e9", "rev": "086f619dd991a4d355c07837448244029fc2d9ab",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -152,11 +133,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1759613406, "lastModified": 1722636442,
"narHash": "sha256-PzgQJydp+RlKvwDi807pXPlURdIAVqLppZDga3DwPqg=", "narHash": "sha256-+7IS0n3/F0I5j6ZbrVlLcIIPHY3o+/vLAqg/G48sG+w=",
"owner": "hyprwm", "owner": "hyprwm",
"repo": "contrib", "repo": "contrib",
"rev": "32e1a75b65553daefb419f0906ce19e04815aa3a", "rev": "9d67858b437d4a1299be496d371b66fc0d3e01f6",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -165,27 +146,6 @@
"type": "github" "type": "github"
} }
}, },
"naviterm": {
"inputs": {
"flake-utils": "flake-utils",
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1757496832,
"narHash": "sha256-R5EMcms24G6QGk62iNAMApeZmKsHwCDLj68UUdkhSLw=",
"owner": "detoxify92",
"repo": "naviterm",
"rev": "3b3bd2bace3676000f530b2f47fa28f431c56761",
"type": "gitlab"
},
"original": {
"owner": "detoxify92",
"repo": "naviterm",
"type": "gitlab"
}
},
"nh": { "nh": {
"inputs": { "inputs": {
"nixpkgs": [ "nixpkgs": [
@@ -193,11 +153,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1760961269, "lastModified": 1723753423,
"narHash": "sha256-Udg6DnM6scJj+imbttJR7GQpG2WWeDZ1JOtySTY99M0=", "narHash": "sha256-ULsoflnTS634565jqT1IXwHzISwcphLBq+YJYL7/p/Y=",
"owner": "viperML", "owner": "viperML",
"repo": "nh", "repo": "nh",
"rev": "e27508e06f74c7f03616150c1ac1431eaef7f443", "rev": "24d7b24f567ef3345ac267f61579df291e42bd71",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -223,11 +183,11 @@
}, },
"nixos-hardware": { "nixos-hardware": {
"locked": { "locked": {
"lastModified": 1760958188, "lastModified": 1723310128,
"narHash": "sha256-2m1S4jl+GEDtlt2QqeHil8Ny456dcGSKJAM7q3j/BFU=", "narHash": "sha256-IiH8jG6PpR4h9TxSGMYh+2/gQiJW9MwehFvheSb5rPc=",
"owner": "nixos", "owner": "nixos",
"repo": "nixos-hardware", "repo": "nixos-hardware",
"rev": "d6645c340ef7d821602fd2cd199e8d1eed10afbc", "rev": "c54cf53e022b0b3c1d3b8207aa0f9b194c24f0cf",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -239,11 +199,11 @@
}, },
"nixpkgs": { "nixpkgs": {
"locked": { "locked": {
"lastModified": 1760878510, "lastModified": 1723637854,
"narHash": "sha256-K5Osef2qexezUfs0alLvZ7nQFTGS9DL2oTVsIXsqLgs=", "narHash": "sha256-med8+5DSWa2UnOqtdICndjDAEjxr5D7zaIiK4pn0Q7c=",
"owner": "nixos", "owner": "nixos",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "5e2a59a5b1a82f89f2c7e598302a9cacebb72a67", "rev": "c3aa7b8938b17aebd2deecf7be0636000d62a2b9",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -255,16 +215,16 @@
}, },
"nixpkgs-stable": { "nixpkgs-stable": {
"locked": { "locked": {
"lastModified": 1760862643, "lastModified": 1723688146,
"narHash": "sha256-PXwG0TM7Ek87DNx4LbGWuD93PbFeKAJs4FfALtp7Wo0=", "narHash": "sha256-sqLwJcHYeWLOeP/XoLwAtYjr01TISlkOfz+NG82pbdg=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "33c6dca0c0cb31d6addcd34e90a63ad61826b28c", "rev": "c3d4ac725177c030b1e289015989da2ad9d56af0",
"type": "github" "type": "github"
}, },
"original": { "original": {
"owner": "NixOS", "owner": "NixOS",
"ref": "nixos-25.05", "ref": "nixos-24.05",
"repo": "nixpkgs", "repo": "nixpkgs",
"type": "github" "type": "github"
} }
@@ -282,29 +242,25 @@
"rev": "662a254ea8065a0f104ccf5a46b59252e1e08b58", "rev": "662a254ea8065a0f104ccf5a46b59252e1e08b58",
"revCount": 54, "revCount": 54,
"type": "git", "type": "git",
"url": "ssh://gitea@git.ppp.pm:1122/alex/ppp.pm-site.git" "url": "ssh://git@codeberg.org/ppp/ppp.pm-site.git"
}, },
"original": { "original": {
"ref": "main", "ref": "main",
"type": "git", "type": "git",
"url": "ssh://gitea@git.ppp.pm:1122/alex/ppp.pm-site.git" "url": "ssh://git@codeberg.org/ppp/ppp.pm-site.git"
} }
}, },
"root": { "root": {
"inputs": { "inputs": {
"agenix": "agenix", "agenix": "agenix",
"disko": "disko",
"emacs-overlay": "emacs-overlay", "emacs-overlay": "emacs-overlay",
"home-manager": "home-manager_2", "home-manager": "home-manager_2",
"hyprland-contrib": "hyprland-contrib", "hyprland-contrib": "hyprland-contrib",
"naviterm": "naviterm",
"nh": "nh", "nh": "nh",
"nix-gc-env": "nix-gc-env", "nix-gc-env": "nix-gc-env",
"nixos-hardware": "nixos-hardware", "nixos-hardware": "nixos-hardware",
"nixpkgs": "nixpkgs", "nixpkgs": "nixpkgs",
"pppdotpm-site": "pppdotpm-site", "pppdotpm-site": "pppdotpm-site"
"whib-backend": "whib-backend",
"whib-frontend": "whib-frontend"
} }
}, },
"systems": { "systems": {
@@ -336,48 +292,6 @@
"repo": "default", "repo": "default",
"type": "github" "type": "github"
} }
},
"whib-backend": {
"inputs": {
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1739029248,
"narHash": "sha256-ux/Udy0Mhs66P/EQQ8S+xIuXRm9UHEYwSy12IZtlbnA=",
"ref": "master",
"rev": "222a8f6dde2e9270f6390b5e1e83c7ae1ea48290",
"revCount": 371,
"type": "git",
"url": "ssh://gitea@git.ppp.pm:1122/alex/whib.git"
},
"original": {
"ref": "master",
"type": "git",
"url": "ssh://gitea@git.ppp.pm:1122/alex/whib.git"
}
},
"whib-frontend": {
"inputs": {
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1761508816,
"narHash": "sha256-adV/lyxcmuopyuzZ49v46Yt0gft+ioEL4yl1S+vUbus=",
"ref": "master",
"rev": "ab10bf50cb6b023a1b99f91c7e8d550231135eef",
"revCount": 223,
"type": "git",
"url": "ssh://gitea@git.ppp.pm:1122/alex/whib-react.git"
},
"original": {
"ref": "master",
"type": "git",
"url": "ssh://gitea@git.ppp.pm:1122/alex/whib-react.git"
}
} }
}, },
"root": "root", "root": "root",

95
flake.nix
View File

@@ -6,17 +6,12 @@
nixos-hardware.url = "github:nixos/nixos-hardware/master"; nixos-hardware.url = "github:nixos/nixos-hardware/master";
disko = {
url = "github:nix-community/disko";
inputs.nixpkgs.follows = "nixpkgs";
};
nh = { nh = {
url = "github:viperML/nh"; url = "github:viperML/nh";
inputs.nixpkgs.follows = "nixpkgs"; inputs.nixpkgs.follows = "nixpkgs";
}; };
nix-gc-env.url = "github:Julow/nix-gc-env"; nix-gc-env.url= "github:Julow/nix-gc-env";
home-manager = { home-manager = {
url = "github:nix-community/home-manager"; url = "github:nix-community/home-manager";
@@ -38,36 +33,17 @@
inputs.nixpkgs.follows = "nixpkgs"; inputs.nixpkgs.follows = "nixpkgs";
}; };
naviterm = {
url = "gitlab:detoxify92/naviterm";
inputs.nixpkgs.follows = "nixpkgs";
};
pppdotpm-site = { pppdotpm-site = {
url = "git+ssh://gitea@git.ppp.pm:1122/alex/ppp.pm-site.git?ref=main"; url = "git+ssh://git@codeberg.org/ppp/ppp.pm-site.git?ref=main";
inputs.nixpkgs.follows = "nixpkgs";
};
whib-backend = {
url = "git+ssh://gitea@git.ppp.pm:1122/alex/whib.git?ref=master";
inputs.nixpkgs.follows = "nixpkgs";
};
whib-frontend = {
url = "git+ssh://gitea@git.ppp.pm:1122/alex/whib-react.git?ref=master";
inputs.nixpkgs.follows = "nixpkgs"; inputs.nixpkgs.follows = "nixpkgs";
}; };
}; };
outputs = outputs = { self, ... }@inputs: {
{ ... }@inputs:
{
nixosConfigurations = { nixosConfigurations = {
pinwheel = inputs.nixpkgs.lib.nixosSystem { pinwheel = inputs.nixpkgs.lib.nixosSystem {
system = "x86_64-linux"; system = "x86_64-linux";
specialArgs = { specialArgs = { inherit inputs; };
inherit inputs;
};
modules = [ modules = [
./hosts/pinwheel/configuration.nix ./hosts/pinwheel/configuration.nix
inputs.nixos-hardware.nixosModules.lenovo-thinkpad-x1-10th-gen inputs.nixos-hardware.nixosModules.lenovo-thinkpad-x1-10th-gen
@@ -75,70 +51,37 @@
]; ];
}; };
manatee = inputs.nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
specialArgs = {
inherit inputs;
};
modules = [
./hosts/manatee/configuration.nix
./hosts/manatee/home.nix
];
};
backwards = inputs.nixpkgs.lib.nixosSystem { backwards = inputs.nixpkgs.lib.nixosSystem {
system = "x86_64-linux"; system = "x86_64-linux";
specialArgs = { specialArgs = { inherit inputs; };
inherit inputs;
};
modules = [ modules = [
./hosts/backwards/configuration.nix ./hosts/backwards/configuration.nix
./hosts/backwards/home.nix ./hosts/backwards/home.nix
]; ];
}; };
tadpole = sombrero = inputs.nixpkgs.lib.nixosSystem {
let system = "aarch64-linux";
system = "x86_64-linux"; specialArgs = { inherit inputs; };
in modules = [
inputs.nixpkgs.lib.nixosSystem { ./hosts/sombrero/configuration.nix
inherit system; ./hosts/sombrero/home.nix
specialArgs = { ];
inherit inputs;
}; };
tadpole = inputs.nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
specialArgs = { inherit inputs; };
modules = [ modules = [
./hosts/tadpole/configuration.nix ./hosts/tadpole/configuration.nix
./hosts/tadpole/home.nix ./hosts/tadpole/home.nix
inputs.whib-backend.nixosModules.${system}.default
inputs.whib-frontend.nixosModules.${system}.default
]; ];
}; };
test-vm = test-vm = inputs.nixpkgs.lib.nixosSystem {
let
system = "x86_64-linux"; system = "x86_64-linux";
in specialArgs = { inherit inputs; };
inputs.nixpkgs.lib.nixosSystem { modules = [ ./hosts/test-vm/configuration.nix ];
inherit system;
specialArgs = {
inherit inputs;
};
modules = [
./hosts/test-vm/configuration.nix
inputs.whib-backend.nixosModules.${system}.default
inputs.whib-frontend.nixosModules.${system}.default
];
};
};
devShells =
let
system = "x86_64-linux";
pkgs = inputs.nixpkgs.legacyPackages.${system};
in
{
${system}.default = pkgs.mkShell {
packages = [ pkgs.nixfmt-rfc-style ];
}; };
}; };
}; };

30
hosts/backwards/configuration.nix
View File

@@ -1,21 +1,18 @@
{ pkgs, ... }: { pkgs, ... }:
{ {
imports = [ imports =
[
../../config-manager/default.nix ../../config-manager/default.nix
../../shared-modules/syncthing.nix
./hardware-configuration.nix ./hardware-configuration.nix
./modules ./modules
]; ];
nix.settings.experimental-features = [ nix.settings.experimental-features = [ "nix-command" "flakes" ];
"nix-command"
"flakes"
];
nixpkgs.config.allowUnfree = true; nixpkgs.config.allowUnfree = true;
console.keyMap = "sv-latin1"; console.keyMap = "sv-latin1";
services.pulseaudio.enable = false; hardware.pulseaudio.enable = false;
security.rtkit.enable = true; security.rtkit.enable = true;
services.pipewire = { services.pipewire = {
enable = true; enable = true;
@@ -24,26 +21,11 @@
pulse.enable = true; pulse.enable = true;
}; };
hardware = {
graphics = {
enable = true;
extraPackages = [
pkgs.intel-media-driver
pkgs.libvdpau-va-gl
];
};
};
users.users.alex = { users.users.alex = {
isNormalUser = true; isNormalUser = true;
description = "alex"; description = "alex";
extraGroups = [ extraGroups = [ "networkmanager" "wheel" ];
"networkmanager" packages = [];
"wheel"
"video"
"render"
];
packages = [ ];
}; };
environment.variables.EDITOR = "vim"; environment.variables.EDITOR = "vim";

37
hosts/backwards/hardware-configuration.nix
View File

@@ -1,46 +1,31 @@
# Do not modify this file! It was generated by nixos-generate-config # Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes # and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead. # to /etc/nixos/configuration.nix instead.
{ { config, lib, pkgs, modulesPath, ... }:
config,
lib,
pkgs,
modulesPath,
...
}:
{ {
imports = [ imports =
(modulesPath + "/installer/scan/not-detected.nix") [ (modulesPath + "/installer/scan/not-detected.nix")
]; ];
boot.initrd.availableKernelModules = [ boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "usbhid" "usb_storage" "sd_mod" ];
"xhci_pci"
"ahci"
"usbhid"
"usb_storage"
"sd_mod"
];
boot.initrd.kernelModules = [ ]; boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-intel" ]; boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ]; boot.extraModulePackages = [ ];
fileSystems."/" = { fileSystems."/" =
device = "/dev/disk/by-uuid/bad3d82a-7bb8-490f-bd01-a4b16fe6f33d"; { device = "/dev/disk/by-uuid/bad3d82a-7bb8-490f-bd01-a4b16fe6f33d";
fsType = "ext4"; fsType = "ext4";
}; };
fileSystems."/boot" = { fileSystems."/boot" =
device = "/dev/disk/by-uuid/D049-60DD"; { device = "/dev/disk/by-uuid/D049-60DD";
fsType = "vfat"; fsType = "vfat";
options = [ options = [ "fmask=0077" "dmask=0077" ];
"fmask=0077"
"dmask=0077"
];
}; };
swapDevices = [ swapDevices =
{ device = "/dev/disk/by-uuid/ff4de0e5-2c60-4ee7-a55c-450727efb921"; } [ { device = "/dev/disk/by-uuid/ff4de0e5-2c60-4ee7-a55c-450727efb921"; }
]; ];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking # Enables DHCP on each ethernet and wireless interface. In case of scripted networking

5
hosts/backwards/home.nix
View File

@@ -13,10 +13,7 @@
home.username = "alex"; home.username = "alex";
home.homeDirectory = "/home/alex"; home.homeDirectory = "/home/alex";
home.packages = [ home.packages = [ pkgs.vim ];
pkgs.vim
pkgs.p7zip
];
home.stateVersion = "24.05"; home.stateVersion = "24.05";
}; };

7
hosts/backwards/modules/boot/default.nix
View File

@@ -1,9 +1,4 @@
{ { inputs, lib, config, ... }:
inputs,
lib,
config,
...
}:
let let
configurationLimit = config.mod.gc.configurationLimit; configurationLimit = config.mod.gc.configurationLimit;
in in

3
hosts/backwards/modules/default.nix
View File

@@ -12,9 +12,6 @@ in
ssh.enable = true; ssh.enable = true;
git.enable = true; git.enable = true;
nginx.enable = true;
syncthing.enable = true;
restic.enable = true;
}; };
}; };
} }

99
hosts/backwards/modules/firefox/default.nix
View File

@@ -1,99 +0,0 @@
{ pkgs, ... }:
let
wrapped = pkgs.wrapFirefox pkgs.firefox-devedition-unwrapped {
extraPolicies = {
DisableFirefoxAccounts = false;
CaptivePortal = false;
DisableFirefoxStudies = true;
DisablePocket = true;
DisableTelemetry = true;
OfferToSaveLogins = false;
OfferToSaveLoginsDefault = false;
PasswordManagerEnabled = false;
FirefoxHome = {
Search = false;
Pocket = false;
Snippets = false;
TopSites = false;
Highlights = false;
};
UserMessaging = {
ExtensionRecommendations = false;
SkipOnboarding = true;
};
};
};
ff-alex = pkgs.writeShellApplication {
name = "ff-alex";
text = ''
${wrapped}/bin/firefox-devedition -P alex --new-window "$@"
'';
};
sharedSettings = {
"general.smoothScroll" = true;
"apz.gtk.kinetic_scroll.enabled" = false;
"network.dns.force_waiting_https_rr" = false;
};
in
{
home-manager.users.alex = {
programs.firefox = {
enable = true;
package = wrapped;
profiles = {
alex = {
id = 0;
name = "alex";
isDefault = true;
settings = sharedSettings // { };
};
};
};
xdg = {
# /etc/profiles/per-user/alex/share/applications
desktopEntries = {
ff-alex = {
name = "ff-alex";
exec = "${ff-alex}/bin/ff-alex %U";
terminal = false;
};
};
mimeApps = {
enable = true;
defaultApplications = {
"text/html" = "ff-alex.desktop";
"x-scheme-handler/http" = "ff-alex.desktop";
"x-scheme-handler/https" = "ff-alex.desktop";
"application/x-exension-htm" = "ff-alex.desktop";
"application/x-exension-html" = "ff-alex.desktop";
"application/x-exension-shtml" = "ff-alex.desktop";
"application/xhtml+xml" = "ff-alex.desktop";
"application/x-exension-xhtml" = "ff-alex.desktop";
"application/x-exension-xht" = "ff-alex.desktop";
};
};
# https://github.com/nix-community/home-manager/issues/1213
configFile."mimeapps.list".force = true;
};
home.packages = [
ff-alex
];
};
environment.variables = {
MOZ_ENABLE_WAYLAND = 1;
BROWSER = "${ff-alex}/bin/ff-alex $@";
};
}

12
hosts/backwards/modules/games/default.nix
View File

@@ -2,16 +2,12 @@
{ {
home-manager.users.alex = { home-manager.users.alex = {
home.packages = [ home.packages = [
pkgs.nethack (pkgs.retroarch.override {
cores = [
pkgs.moonlight-qt
pkgs.pcsx2
(pkgs.retroarch.withCores (cores: [
pkgs.libretro.snes9x pkgs.libretro.snes9x
pkgs.libretro.genesis-plus-gx pkgs.libretro.genesis-plus-gx
pkgs.libretro.swanstation ];
])) })
]; ];
}; };
} }

7
hosts/backwards/modules/git/default.nix
View File

@@ -1,9 +1,4 @@
{ { pkgs, lib, config, ... }:
pkgs,
lib,
config,
...
}:
let let
enabled = config.mod.git.enable; enabled = config.mod.git.enable;
in in

12
hosts/backwards/modules/gnome/default.nix
View File

@@ -1,13 +1,6 @@
{ ... }: { ... }:
{ {
services = { services = {
displayManager = {
autoLogin = {
enable = true;
user = "alex";
};
};
xserver = { xserver = {
enable = true; enable = true;
@@ -21,6 +14,11 @@
}; };
displayManager = { displayManager = {
autoLogin = {
enable = true;
user = "alex";
};
gdm.enable = true; gdm.enable = true;
}; };
}; };

30
hosts/backwards/modules/jellyfin/default.nix Normal file
View File

@@ -0,0 +1,30 @@
{ pkgs, ... }:
{
# 1. enable vaapi on OS-level
nixpkgs.config.packageOverrides = pkgs: {
vaapiIntel = pkgs.vaapiIntel.override { enableHybridCodec = true; };
};
hardware.opengl = {
enable = true;
extraPackages = with pkgs; [
intel-media-driver
intel-vaapi-driver # previously vaapiIntel
vaapiVdpau
libvdpau-va-gl
intel-compute-runtime # OpenCL filter support (hardware tonemapping and subtitle burn-in)
vpl-gpu-rt # QSV on 11th gen or newer
];
};
services.jellyfin = {
enable = true;
openFirewall = true;
};
environment.systemPackages = [
pkgs.jellyfin
pkgs.jellyfin-web
pkgs.jellyfin-ffmpeg
];
}

25
hosts/backwards/modules/network/default.nix
View File

@@ -1,22 +1,10 @@
{ config, ... }:
{ {
networking = { networking = {
hostName = "backwards"; hostName = "backwards";
networkmanager.enable = false; networkmanager.enable = false;
wireless.enable = true;
#wireless.networks are defined in the secret `wpa_supplicant.conf` #wireless.networks are defined in the secret `wpa_supplicant.conf`
wireless = {
enable = true;
secretsFile = config.age.secrets.wireless-network-secrets.path;
networks = {
"w1-f1_5G" = {
pskRaw = "ext:w1-f1_psk";
};
};
};
defaultGateway = "192.168.50.1"; defaultGateway = "192.168.50.1";
nameservers = [ "1.1.1.1" ]; nameservers = [ "1.1.1.1" ];
@@ -24,18 +12,19 @@
wlp1s0 = { wlp1s0 = {
useDHCP = false; useDHCP = false;
ipv4 = { ipv4 = {
addresses = [ addresses = [{
{
address = "192.168.50.202"; address = "192.168.50.202";
prefixLength = 24; prefixLength = 24;
} }];
];
}; };
}; };
}; };
}; };
age.secrets = { age.secrets = {
"wireless-network-secrets".file = ../../../../secrets/backwards/wireless-network-secrets.age; "wpa_supplicant.conf" = {
file = ../../../../secrets/backwards/wpa_supplicant.conf.age;
path = "/etc/wpa_supplicant.conf";
};
}; };
} }

22
hosts/backwards/modules/nginx/default.nix
View File

@@ -1,22 +0,0 @@
{ lib, config, ... }:
let
enabled = config.mod.nginx.enable;
in
{
options = {
mod.nginx = {
enable = lib.mkEnableOption "Enable nginx module";
};
};
config = lib.mkIf enabled {
services = {
nginx = {
enable = true;
recommendedProxySettings = true;
recommendedTlsSettings = true;
};
};
};
}

74
hosts/backwards/modules/restic/default.nix
View File

@@ -1,74 +0,0 @@
{ lib, config, ... }:
let
enabled = config.mod.restic.enable;
in
{
options = {
mod.restic = {
enable = lib.mkEnableOption "Enable restic";
};
};
config = lib.mkIf enabled {
fileSystems."/home/alex/backup" = {
device = "/dev/disk/by-uuid/34601701-65e6-4b2c-ac4d-8bef3dfd743f";
fsType = "ext4";
options = [ "nofail" ];
};
services = {
restic.backups = {
"sync-to-external" = {
initialize = true;
passwordFile = config.age.secrets.restic-password.path;
paths = [ "/home/alex/sync" ];
repository = "/home/alex/backup/restic";
timerConfig = {
OnCalendar = "*-*-* 0/12:00:00"; # Every 12th hour, i.e. twice a day
Persistent = true;
};
pruneOpts = [
"--keep-daily 1"
"--keep-weekly 7"
"--keep-yearly 12"
];
};
"sync-to-cloud" = {
initialize = true;
passwordFile = config.age.secrets.restic-password.path;
environmentFile = config.age.secrets.restic-cloud-sync-key.path;
repositoryFile = config.age.secrets.restic-cloud-sync-repository.path;
paths = [ "/home/alex/sync" ];
exclude = [ "/home/alex/sync/reading-material" ];
timerConfig = {
OnCalendar = "*-*-* 0/12:00:00"; # Every 12th hour, i.e. twice a day
Persistent = true;
};
pruneOpts = [
"--keep-daily 1"
"--keep-weekly 7"
"--keep-yearly 12"
];
};
};
};
age = {
secrets = {
"restic-password".file = ../../../../secrets/backwards/restic-password.age;
"restic-cloud-sync-key".file = ../../../../secrets/backwards/restic-cloud-sync-key.age;
"restic-cloud-sync-repository".file =
../../../../secrets/backwards/restic-cloud-sync-repository.age;
};
};
};
}

53
hosts/backwards/modules/ssh/default.nix
View File

@@ -1,9 +1,4 @@
{ { pkgs, lib, config, ... }:
pkgs,
lib,
config,
...
}:
let let
enabled = config.mod.ssh.enable; enabled = config.mod.ssh.enable;
@@ -23,26 +18,12 @@ in
enable = true; enable = true;
matchBlocks = { matchBlocks = {
"manatee" = {
hostname = "manatee";
user = "alex";
identityFile = "/home/alex/.ssh/alex.backwards-manatee";
port = 1122;
};
"git.ppp.pm" = {
hostname = "git.ppp.pm";
identityFile = "/home/alex/.ssh/alex.backwards-git.ppp.pm";
};
"codeberg.org" = { "codeberg.org" = {
hostname = "codeberg.org"; hostname = "codeberg.org";
identityFile = "/home/alex/.ssh/alex.backwards-codeberg.org"; identityFile = "/home/alex/.ssh/alex.backwards-codeberg.org";
}; };
}; };
}; };
home.packages = [ pkgs.sshfs ];
}; };
environment.etc."ssh/authorized_keys_command" = { environment.etc."ssh/authorized_keys_command" = {
@@ -60,12 +41,10 @@ in
enable = true; enable = true;
ports = [ 1122 ]; ports = [ 1122 ];
hostKeys = [ hostKeys = [{
{
path = "${rootSSHKeyPath}/root.backwards"; path = "${rootSSHKeyPath}/root.backwards";
type = "ed25519"; type = "ed25519";
} }];
];
settings = { settings = {
PasswordAuthentication = false; PasswordAuthentication = false;
@@ -93,37 +72,11 @@ in
path = "${rootSSHKeyPath}/root.backwards.pub"; path = "${rootSSHKeyPath}/root.backwards.pub";
}; };
"alex.backwards-manatee" = {
file = ../../../../secrets/backwards/alex.backwards-manatee.age;
path = "/home/alex/.ssh/alex.backwards-manatee";
owner = "alex";
group = "users";
};
"alex.backwards-manatee.pub" = {
file = ../../../../secrets/backwards/alex.backwards-manatee.pub.age;
path = "/home/alex/.ssh/alex.backwards-manatee.pub";
owner = "alex";
group = "users";
};
"alex.pinwheel-backwards.pub" = { "alex.pinwheel-backwards.pub" = {
file = ../../../../secrets/pinwheel/alex.pinwheel-backwards.pub.age; file = ../../../../secrets/pinwheel/alex.pinwheel-backwards.pub.age;
path = "${authorizedKeysPath}/alex.pinwheel-backwards.pub"; path = "${authorizedKeysPath}/alex.pinwheel-backwards.pub";
}; };
"alex.backwards-git.ppp.pm" = {
file = ../../../../secrets/backwards/alex.backwards-git.ppp.pm.age;
path = "/home/alex/.ssh/alex.backwards-git.ppp.pm";
owner = "alex";
group = "users";
};
"alex.backwards-git.ppp.pm.pub" = {
file = ../../../../secrets/backwards/alex.backwards-git.ppp.pm.pub.age;
path = "/home/alex/.ssh/alex.backwards-git.ppp.pm.pub";
owner = "alex";
group = "users";
};
"alex.backwards-codeberg.org" = { "alex.backwards-codeberg.org" = {
file = ../../../../secrets/backwards/alex.backwards-codeberg.org.age; file = ../../../../secrets/backwards/alex.backwards-codeberg.org.age;
path = "/home/alex/.ssh/alex.backwards-codeberg.org"; path = "/home/alex/.ssh/alex.backwards-codeberg.org";

109
hosts/backwards/modules/syncthing/default.nix
View File

@@ -1,109 +0,0 @@
{ lib, config, ... }:
let
enabled = config.mod.syncthing.enable;
in
{
options = {
mod.syncthing = {
enable = lib.mkEnableOption "Enable syncthing module";
};
};
config = lib.mkIf enabled {
services.syncthing = {
enable = true;
openDefaultPorts = true;
cert = config.age.secrets.syncthing-cert.path;
key = config.age.secrets.syncthing-key.path;
user = "alex";
group = "users";
dataDir = "/home/alex/sync";
guiAddress = "0.0.0.0:8384";
settings = {
gui = {
user = "syncthing";
password = "$2a$12$J/h/JOUiW24ZXsLYLEl2kOZUS1LftxANi0OlZxLy8Dst3/jpBd0v2";
insecureSkipHostcheck = false;
};
devices = {
phone.id = config.lib.syncthing.phone;
pinwheel.id = config.lib.syncthing.pinwheel;
tablet.id = config.lib.syncthing.tablet;
};
folders = {
org = {
path = "/home/alex/sync/org";
devices = [
"phone"
"pinwheel"
];
versioning = {
type = "staggered";
params = {
maxage = "2592000"; # 30 days
};
};
};
personal = {
path = "/home/alex/sync/personal";
devices = [ "pinwheel" ];
versioning = {
type = "staggered";
params = {
maxAge = "2592000"; # 30 days
};
};
};
work = {
path = "/home/alex/sync/work";
devices = [ "pinwheel" ];
versioning = {
type = "staggered";
params = {
maxAge = "2592000"; # 30 days
};
};
};
books = {
path = "/home/alex/sync/reading-material/books";
devices = [ "pinwheel" ];
versioning = {
type = "staggered";
params = {
maxAge = "2592000"; # 30 days
};
};
};
"phone-gps" = {
path = "/home/alex/sync/phone-gps";
devices = [ "phone" ];
versioning = {
type = "staggered";
params = {
maxage = "2592000"; # 30 days
};
};
};
};
};
};
age = {
secrets = {
"syncthing-cert".file = ../../../../secrets/backwards/syncthing-cert.age;
"syncthing-key".file = ../../../../secrets/backwards/syncthing-key.age;
};
};
};
}

56
hosts/manatee/configuration.nix
View File

@@ -1,56 +0,0 @@
{ pkgs, ... }:
{
imports = [
../../config-manager/default.nix
../../shared-modules/syncthing.nix
./hardware-configuration.nix
./disk-config.nix
./modules
];
nix.settings.experimental-features = [
"nix-command"
"flakes"
];
nixpkgs.config.allowUnfree = true;
users.users.alex = {
isNormalUser = true;
description = "alex";
extraGroups = [
"wheel"
"storage"
];
};
environment.variables.EDITOR = "vim";
environment.systemPackages = with pkgs; [
vim
git
];
config-manager = {
flakePath = "/home/alex/config";
};
# This option defines the first version of NixOS you have installed on this particular machine,
# and is used to maintain compatibility with application data (e.g. databases) created on older NixOS versions.
#
# Most users should NEVER change this value after the initial install, for any reason,
# even if you've upgraded your system to a new NixOS release.
#
# This value does NOT affect the Nixpkgs version your packages and OS are pulled from,
# so changing it will NOT upgrade your system - see https://nixos.org/manual/nixos/stable/#sec-upgrading for how
# to actually do that.
#
# This value being lower than the current NixOS release does NOT mean your system is
# out of date, out of support, or vulnerable.
#
# Do NOT change this value unless you have manually inspected all the changes it would make to your configuration,
# and migrated your data accordingly.
#
# For more information, see `man configuration.nix` or https://nixos.org/manual/nixos/stable/options#opt-system.stateVersion .
system.stateVersion = "24.11"; # Did you read the comment?
}

243
hosts/manatee/disk-config.nix
View File

@@ -1,243 +0,0 @@
{
inputs,
pkgs,
config,
...
}:
{
imports = [ inputs.disko.nixosModules.disko ];
config = {
users.groups.storage = { };
users.users.storage = {
isSystemUser = true;
description = "storage";
group = "storage";
};
systemd.tmpfiles.settings = {
"10-media-public" = {
"/mnt/media/public" = {
d = {
# Create directory
user = "storage";
group = "storage";
mode = "2775";
};
z = {
# Ensure permissions are inherited
user = "storage";
group = "storage";
mode = "2775";
};
};
};
"10-cameras-public" = {
"/mnt/cameras/public" = {
d = {
# Create directory
user = "storage";
group = "storage";
mode = "2775";
};
z = {
# Ensure permissions are inherited
user = "storage";
group = "storage";
mode = "2775";
};
};
};
"10-sync-public" = {
"/mnt/sync/public" = {
d = {
# Create directory
user = "storage";
group = "storage";
mode = "2775";
};
z = {
# Ensure permissions are inherited
user = "storage";
group = "storage";
mode = "2775";
};
};
};
};
environment.systemPackages = [
pkgs.smartmontools
];
services.smartd = {
enable = true;
devices = [
{ device = config.disko.devices.disk.root.device; }
{ device = config.disko.devices.disk.disk1.device; }
{ device = config.disko.devices.disk.disk2.device; }
];
};
services.zfs.autoScrub.enable = true;
networking.hostId = "0a9474e7"; # Required by ZFS
disko.devices = {
disk = {
root = {
type = "disk";
device = "/dev/nvme0n1";
content = {
type = "gpt";
partitions = {
ESP = {
size = "500M";
type = "EF00";
content = {
type = "filesystem";
format = "vfat";
mountpoint = "/boot";
mountOptions = [ "umask=0077" ];
};
};
root = {
size = "100%";
content = {
type = "filesystem";
format = "ext4";
mountpoint = "/";
};
};
};
};
};
disk1 = {
type = "disk";
device = "/dev/disk/by-id/ata-ST8000VN004-3CP101_WWZ8QCG4";
content = {
type = "gpt";
partitions = {
zfs = {
size = "100%";
content = {
type = "zfs";
pool = "storage";
};
};
};
};
};
disk2 = {
type = "disk";
device = "/dev/disk/by-id/ata-ST8000VN004-3CP101_WWZ8QDJ5";
content = {
type = "gpt";
partitions = {
zfs = {
size = "100%";
content = {
type = "zfs";
pool = "storage";
};
};
};
};
};
disk3 = {
type = "disk";
device = "/dev/disk/by-id/ata-TOSHIBA_MG10ACA20TE_85K2A0UCF4MJ";
content = {
type = "gpt";
partitions = {
zfs = {
size = "100%";
content = {
type = "zfs";
pool = "storage";
};
};
};
};
};
disk4 = {
type = "disk";
device = "/dev/disk/by-id/ata-TOSHIBA_MG10ACA20TE_85K2A0V6F4MJ";
content = {
type = "gpt";
partitions = {
zfs = {
size = "100%";
content = {
type = "zfs";
pool = "storage";
};
};
};
};
};
};
zpool = {
storage = {
type = "zpool";
mode = {
topology = {
type = "topology";
vdev = [
{
mode = "mirror";
members = [
"disk1"
"disk2"
];
}
{
mode = "mirror";
members = [
"disk3"
"disk4"
];
}
];
};
};
rootFsOptions = {
mountpoint = "none";
compression = "zstd";
xattr = "sa";
"com.sun:auto-snapshot" = "false";
};
datasets = {
media = {
type = "zfs_fs";
mountpoint = "/mnt/media";
options.mountpoint = "legacy"; # otherwise we get a race between systemd and zfs; https://github.com/nix-community/disko/issues/214
};
cameras = {
type = "zfs_fs";
mountpoint = "/mnt/cameras";
options.mountpoint = "legacy"; # otherwise we get a race between systemd and zfs; https://github.com/nix-community/disko/issues/214
};
sync = {
type = "zfs_fs";
mountpoint = "/mnt/sync";
options.mountpoint = "legacy"; # otherwise we get a race between systemd and zfs; https://github.com/nix-community/disko/issues/214
};
};
};
};
};
};
}

39
hosts/manatee/hardware-configuration.nix
View File

@@ -1,39 +0,0 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{
config,
lib,
pkgs,
modulesPath,
...
}:
{
imports = [
(modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = [
"xhci_pci"
"nvme"
"ahci"
"usb_storage"
"usbhid"
"sd_mod"
];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true;
# networking.interfaces.enp3s0.useDHCP = lib.mkDefault true;
# networking.interfaces.enp4s0.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
}

29
hosts/manatee/modules/audiobookshelf/default.nix
View File

@@ -1,29 +0,0 @@
{ lib, config, ... }:
let
enabled = config.mod.audiobookshelf.enable;
in
{
options = {
mod.audiobookshelf = {
enable = lib.mkEnableOption "Enable audiobookshelf module";
};
};
config = lib.mkIf enabled {
users.users.audiobookshelf = {
isSystemUser = true;
description = "audiobookshelf";
group = "storage";
};
services.audiobookshelf = {
enable = true;
user = "audiobookshelf";
group = "storage";
host = "0.0.0.0";
port = 8000;
};
};
}

43
hosts/manatee/modules/boot/default.nix
View File

@@ -1,43 +0,0 @@
{
inputs,
lib,
config,
...
}:
let
configurationLimit = config.mod.gc.configurationLimit;
in
{
imports = [ inputs.nix-gc-env.nixosModules.default ];
options = {
mod.gc = {
configurationLimit = lib.mkOption {
type = lib.types.int;
default = 10;
description = "number of configuration generations to keep";
};
};
};
config = {
nix.gc = {
automatic = true;
dates = "weekly";
# `delete_generations` added by nix-gc-env
delete_generations = "+${builtins.toString configurationLimit}";
};
boot = {
loader = {
systemd-boot = {
enable = true;
inherit configurationLimit;
};
efi.canTouchEfiVariables = true;
};
};
};
}

47
hosts/manatee/modules/calibre-web/default.nix
View File

@@ -1,47 +0,0 @@
{ lib, config, ... }:
let
enabled = config.mod.calibre-web.enable;
in
{
options = {
mod.calibre-web = {
enable = lib.mkEnableOption "add calibre-web module";
};
};
config = lib.mkIf enabled {
services = {
calibre-web = {
enable = true;
user = "storage";
group = "storage";
listen = {
ip = "0.0.0.0";
port = 8083;
};
dataDir = "/mnt/media/public/books";
options = {
calibreLibrary = "/mnt/media/public/books";
enableBookUploading = true;
};
};
nginx = {
virtualHosts."books.ppp.pm" = {
extraConfig = ''
client_max_body_size 1024M;
'';
locations."/" = {
proxyPass = "http://0.0.0.0:8083"; # TODO add option for port + host
};
};
};
};
};
}

26
hosts/manatee/modules/default.nix
View File

@@ -1,26 +0,0 @@
{ lib, ... }:
let
toModulePath = dir: _: ./. + "/${dir}";
filterDirs = dirs: lib.attrsets.filterAttrs (_: type: type == "directory") dirs;
in
{
imports = lib.mapAttrsToList toModulePath (filterDirs (builtins.readDir ./.));
config = {
mod = {
gc.configurationLimit = 10;
ssh.enable = true;
git.enable = true;
nginx.enable = true;
syncthing.enable = true;
transmission.enable = true;
calibre-web.enable = true;
audiobookshelf.enable = true;
jellyfin.enable = true;
immich.enable = true;
navidrome.enable = true;
};
};
}

35
hosts/manatee/modules/immich/default.nix
View File

@@ -1,35 +0,0 @@
{ lib, config, ... }:
let
enabled = config.mod.immich.enable;
in
{
options = {
mod.immich = {
enable = lib.mkEnableOption "Enable immich module";
};
};
config = lib.mkIf enabled {
users.users.immich = {
isSystemUser = true;
group = "storage";
extraGroups = [
"render"
"video"
];
};
services.immich = {
enable = true;
user = "immich";
group = "storage";
host = "0.0.0.0";
mediaLocation = "/mnt/cameras/public";
accelerationDevices = [ "/dev/dri/renderD128" ];
};
};
}

55
hosts/manatee/modules/jellyfin/default.nix
View File

@@ -1,55 +0,0 @@
{
lib,
pkgs,
config,
...
}:
let
enabled = config.mod.jellyfin.enable;
in
{
options = {
mod.jellyfin = {
enable = lib.mkEnableOption "Enable jellyfin module";
};
};
config = lib.mkIf enabled {
users.users.jellyfin = {
isSystemUser = true;
group = "storage";
extraGroups = [
"render"
"video"
];
};
hardware = {
graphics = {
enable = true;
extraPackages = [
pkgs.intel-media-driver # Modern Intel VA-API driver (needed for N305)
pkgs.libvdpau-va-gl # VDPAU backend for VA-API GLX interop
];
};
};
services = {
jellyfin = {
enable = true;
openFirewall = true;
user = "jellyfin";
group = "storage";
};
};
environment.systemPackages = [
pkgs.jellyfin
pkgs.jellyfin-web
pkgs.jellyfin-ffmpeg
];
};
}

33
hosts/manatee/modules/navidrome/default.nix
View File

@@ -1,33 +0,0 @@
{
lib,
pkgs,
config,
...
}:
let
navidromeEnabled = config.mod.navidrome.enable;
in
{
options = {
mod.navidrome = {
enable = lib.mkEnableOption "Enable navidrome module";
};
};
config = {
services = lib.mkIf navidromeEnabled {
navidrome = {
enable = true;
openFirewall = true;
user = "navidrome";
group = "storage";
settings = {
Port = 4533;
Address = "0.0.0.0";
MusicFolder = "/mnt/media/public/music";
};
};
};
};
}

22
hosts/manatee/modules/network/default.nix
View File

@@ -1,22 +0,0 @@
{ ... }:
{
networking = {
hostName = "manatee";
defaultGateway = "192.168.50.1";
nameservers = [ "1.1.1.1" ];
interfaces = {
enp3s0 = {
useDHCP = false;
ipv4 = {
addresses = [
{
address = "192.168.50.203";
prefixLength = 24;
}
];
};
};
};
};
}

106
hosts/manatee/modules/ssh/default.nix
View File

@@ -1,106 +0,0 @@
{
pkgs,
lib,
config,
...
}:
let
enabled = config.mod.ssh.enable;
authorizedKeysPath = "/home/alex/.ssh/authorized-keys";
rootSSHKeyPath = "/etc/ssh";
in
{
options = {
mod.ssh = {
enable = lib.mkEnableOption "enable ssh module";
};
};
config = lib.mkIf enabled {
home-manager.users.alex = {
programs.ssh = {
enable = true;
matchBlocks = {
"git.ppp.pm" = {
hostname = "git.ppp.pm";
identityFile = "/home/alex/.ssh/alex.manatee-git.ppp.pm";
};
};
};
};
environment.etc."ssh/authorized_keys_command" = {
mode = "0755";
text = ''
#!${pkgs.bash}/bin/bash
for file in ${authorizedKeysPath}/*; do
${pkgs.coreutils}/bin/cat "$file"
done
'';
};
services = {
openssh = {
enable = true;
ports = [ 1122 ];
hostKeys = [
{
path = "${rootSSHKeyPath}/root.manatee";
type = "ed25519";
}
];
settings = {
PasswordAuthentication = false;
KbdInteractiveAuthentication = false;
};
authorizedKeysCommand = "/etc/ssh/authorized_keys_command";
authorizedKeysCommandUser = "root";
};
};
networking = {
firewall = {
allowedTCPPorts = [ 1122 ];
};
};
age.secrets = {
"root.manatee" = {
file = ../../../../secrets/manatee/root.manatee.age;
path = "${rootSSHKeyPath}/root.manatee";
};
"root.manatee.pub" = {
file = ../../../../secrets/manatee/root.manatee.pub.age;
path = "${rootSSHKeyPath}/root.manatee.pub";
};
"alex.pinwheel-manatee.pub" = {
file = ../../../../secrets/pinwheel/alex.pinwheel-manatee.pub.age;
path = "${authorizedKeysPath}/alex.pinwheel-manatee.pub";
};
"alex.backwards-manatee.pub" = {
file = ../../../../secrets/backwards/alex.backwards-manatee.pub.age;
path = "${authorizedKeysPath}/alex.backwards-manatee.pub";
};
"alex.manatee-git.ppp.pm" = {
file = ../../../../secrets/manatee/alex.manatee-git.ppp.pm.age;
path = "/home/alex/.ssh/alex.manatee-git.ppp.pm";
owner = "alex";
group = "users";
};
"alex.manatee-git.ppp.pm.pub" = {
file = ../../../../secrets/manatee/alex.manatee-git.ppp.pm.pub.age;
path = "/home/alex/.ssh/alex.manatee-git.ppp.pm.pub";
owner = "alex";
group = "users";
};
};
};
}

61
hosts/manatee/modules/syncthing/default.nix
View File

@@ -1,61 +0,0 @@
{ lib, config, ... }:
let
enabled = config.mod.syncthing.enable;
in
{
options = {
mod.syncthing = {
enable = lib.mkEnableOption "Enable syncthing module";
};
};
config = lib.mkIf enabled {
services.syncthing = {
enable = true;
cert = config.age.secrets.syncthing-cert.path;
key = config.age.secrets.syncthing-key.path;
user = "storage";
group = "storage";
dataDir = "/mnt/sync/public";
guiAddress = "0.0.0.0:8384";
settings = {
gui = {
user = "syncthing";
password = "$2a$12$YBcqhl8AXpoLmIWikuMtkOQLcrPXKKj0xY/qy4hggWnfjeVLQ3Ct6";
insecureSkipHostcheck = false;
};
devices = {
pinwheel.id = config.lib.syncthing.pinwheel;
};
folders = {
org = {
path = "/mnt/sync/public/org";
devices = [
"pinwheel"
];
versioning = {
type = "staggered";
params = {
maxage = "2592000"; # 30 days
};
};
};
};
};
};
age = {
secrets = {
"syncthing-cert".file = ../../../../secrets/manatee/syncthing-cert.age;
"syncthing-key".file = ../../../../secrets/manatee/syncthing-key.age;
};
};
};
}

11
hosts/manatee/modules/tailscale/default.nix
View File

@@ -1,11 +0,0 @@
{ ... }:
{
# If an exit node is used, set:
# tailscale set --exit-node-allow-lan-access
services.tailscale.enable = true;
networking.firewall = {
checkReversePath = "loose";
allowedUDPPorts = [ 41641 ];
};
}

8
hosts/pinwheel/configuration.nix
View File

@@ -1,6 +1,7 @@
{ pkgs, ... }: { pkgs, ... }:
{ {
imports = [ imports =
[
../../config-manager/default.nix ../../config-manager/default.nix
../../nix-wrapper/default.nix ../../nix-wrapper/default.nix
../../shared-modules/syncthing.nix ../../shared-modules/syncthing.nix
@@ -8,10 +9,7 @@
./modules ./modules
]; ];
nix.settings.experimental-features = [ nix.settings.experimental-features = [ "nix-command" "flakes" ];
"nix-command"
"flakes"
];
nixpkgs.config.allowUnfree = true; nixpkgs.config.allowUnfree = true;
users.users.alex = { users.users.alex = {

34
hosts/pinwheel/hardware-configuration.nix
View File

@@ -1,47 +1,31 @@
# Do not modify this file! It was generated by nixos-generate-config # Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes # and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead. # to /etc/nixos/configuration.nix instead.
{ { config, lib, modulesPath, ... }:
config,
lib,
modulesPath,
...
}:
{ {
imports = [ imports =
(modulesPath + "/installer/scan/not-detected.nix") [ (modulesPath + "/installer/scan/not-detected.nix")
]; ];
boot.initrd.availableKernelModules = [ boot.initrd.availableKernelModules = [ "xhci_pci" "thunderbolt" "nvme" "usb_storage" "sd_mod" ];
"xhci_pci"
"thunderbolt"
"nvme"
"usb_storage"
"sd_mod"
];
boot.initrd.kernelModules = [ ]; boot.initrd.kernelModules = [ ];
boot.kernelModules = [ ]; boot.kernelModules = [ ];
boot.extraModulePackages = [ ]; boot.extraModulePackages = [ ];
fileSystems."/" = { fileSystems."/" =
device = "/dev/disk/by-uuid/9c3ef2ad-0244-4310-9984-2e548ced3e22"; { device = "/dev/disk/by-uuid/9c3ef2ad-0244-4310-9984-2e548ced3e22";
fsType = "ext4"; fsType = "ext4";
}; };
boot.initrd.luks.devices."luks-f569d036-e500-4839-bc78-ce4b032840d8".device = "/dev/disk/by-uuid/f569d036-e500-4839-bc78-ce4b032840d8"; boot.initrd.luks.devices."luks-f569d036-e500-4839-bc78-ce4b032840d8".device = "/dev/disk/by-uuid/f569d036-e500-4839-bc78-ce4b032840d8";
fileSystems."/boot" = { fileSystems."/boot" =
device = "/dev/disk/by-uuid/FCAE-6849"; { device = "/dev/disk/by-uuid/FCAE-6849";
fsType = "vfat"; fsType = "vfat";
}; };
swapDevices = [ swapDevices = [ ];
{
device = "/swapfile";
size = 48 * 1024; # 48GB
}
];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's # (the default) this is the recommended approach. When using systemd-networkd it's

5
hosts/pinwheel/home.nix
View File

@@ -14,9 +14,6 @@
home.homeDirectory = "/home/alex"; home.homeDirectory = "/home/alex";
home.packages = [ home.packages = [
inputs.whib-backend.packages.${pkgs.system}.whib-import
# pkgs.beekeeper-studio
pkgs.bitwarden-desktop
pkgs.gimp pkgs.gimp
pkgs.zip pkgs.zip
pkgs.unar pkgs.unar
@@ -25,7 +22,7 @@
pkgs.htop pkgs.htop
pkgs.onlyoffice-bin pkgs.onlyoffice-bin
pkgs.wdisplays pkgs.wdisplays
pkgs.vlc pkgs.postman
]; ];
home.stateVersion = "23.05"; home.stateVersion = "23.05";

7
hosts/pinwheel/modules/bemenu/default.nix
View File

@@ -1,9 +1,4 @@
{ { pkgs, lib, config, ... }:
pkgs,
lib,
config,
...
}:
let let
hyprlandEnabled = config.mod.hyprland.enable; hyprlandEnabled = config.mod.hyprland.enable;

21
hosts/pinwheel/modules/bluetooth/default.nix
View File

@@ -1,9 +1,4 @@
{ { pkgs, lib, config, ... }:
pkgs,
lib,
config,
...
}:
let let
enabled = config.mod.bluetooth.enable; enabled = config.mod.bluetooth.enable;
in in
@@ -63,12 +58,7 @@ in
}; };
}; };
in in
builtins.listToAttrs ( builtins.listToAttrs (builtins.map mkTimer [ trackpad headphones ]);
builtins.map mkTimer [
trackpad
headphones
]
);
services = services =
let let
@@ -117,12 +107,7 @@ in
}; };
}; };
in in
builtins.listToAttrs ( builtins.listToAttrs (builtins.map mkService [ trackpad headphones ]);
builtins.map mkService [
trackpad
headphones
]
);
}; };
}; };
} }

10
hosts/pinwheel/modules/boot/default.nix
View File

@@ -1,10 +1,4 @@
{ { inputs, pkgs, lib, config, ... }:
inputs,
pkgs,
lib,
config,
...
}:
let let
configurationLimit = config.mod.gc.configurationLimit; configurationLimit = config.mod.gc.configurationLimit;
in in
@@ -33,8 +27,6 @@ in
boot = { boot = {
kernelPackages = pkgs.linuxPackages_latest; kernelPackages = pkgs.linuxPackages_latest;
tmp.cleanOnBoot = true;
kernel = { kernel = {
sysctl = { sysctl = {
"fs.inotify.max_user_instances" = 1024; # default: 128 "fs.inotify.max_user_instances" = 1024; # default: 128

7
hosts/pinwheel/modules/c/default.nix
View File

@@ -1,9 +1,4 @@
{ { pkgs, lib, config, ... }:
pkgs,
lib,
config,
...
}:
let let
enabled = config.mod.c.enable; enabled = config.mod.c.enable;
in in

2
hosts/pinwheel/modules/chromium/default.nix
View File

@@ -1,6 +1,6 @@
{ pkgs, ... }: { pkgs, ... }:
{ {
home-manager.users.alex = { home-manager.users.alex= {
home.packages = [ pkgs.ungoogled-chromium ]; home.packages = [ pkgs.ungoogled-chromium ];
}; };

2
hosts/pinwheel/modules/colors/default.nix
View File

@@ -3,7 +3,7 @@
colors = { colors = {
foreground = "bd93f9"; foreground = "bd93f9";
foreground-dim = "644294"; foreground-dim = "644294";
background = "1E1E2F"; background = "1E2029";
gray = "3a3a3a"; gray = "3a3a3a";
warning = "ff6969"; warning = "ff6969";

7
hosts/pinwheel/modules/containers/default.nix
View File

@@ -1,9 +1,4 @@
{ { pkgs, lib, config, ... }:
pkgs,
lib,
config,
...
}:
let let
dockerEnabled = config.mod.containers.docker.enable; dockerEnabled = config.mod.containers.docker.enable;
podmanEnabled = config.mod.containers.podman.enable; podmanEnabled = config.mod.containers.podman.enable;

2
hosts/pinwheel/modules/default.nix
View File

@@ -27,13 +27,13 @@ in
zsh.enable = true; zsh.enable = true;
openvpn.enable = true; openvpn.enable = true;
mullvad.enable = true;
c.enable = true; c.enable = true;
go.enable = true; go.enable = true;
rust.enable = true; rust.enable = true;
scala.enable = true; scala.enable = true;
python.enable = true; python.enable = true;
gleam.enable = true;
keyboard.enable = true; keyboard.enable = true;
containers = { containers = {

1
hosts/pinwheel/modules/direnv/default.nix
View File

@@ -9,6 +9,7 @@ in
nix-direnv.enable = true; nix-direnv.enable = true;
}; };
programs.direnv.enableZshIntegration = lib.mkIf zshEnabled true; programs.direnv.enableZshIntegration = lib.mkIf zshEnabled true;
}; };
} }

2
hosts/pinwheel/modules/dunst/default.nix
View File

@@ -7,6 +7,8 @@
settings = { settings = {
global = { global = {
monitor = 1; monitor = 1;
width = 300;
height = 300;
offset = "10x10"; offset = "10x10";
origin = "top-right"; origin = "top-right";
transparency = 10; transparency = 10;

4
hosts/pinwheel/modules/emacs/config.nix
View File

@@ -1,5 +1,5 @@
{ emacs, runCommand, ... }: { emacs, runCommand, ... }:
runCommand "default.el" { } '' runCommand "default.el" {} ''
cp ${./config.org} $TMPDIR/config.org cp ${./config.org} $TMPDIR/config.org
cd $TMPDIR cd $TMPDIR
${emacs}/bin/emacs --batch -Q \ ${emacs}/bin/emacs --batch -Q \
@@ -7,4 +7,4 @@ runCommand "default.el" { } ''
-f org-babel-tangle -f org-babel-tangle
mv config.el $out mv config.el $out
'' ''

70
hosts/pinwheel/modules/emacs/config.org
View File

@@ -479,34 +479,7 @@ Setup prefix for keybindings.
* Flycheck * Flycheck
#+BEGIN_SRC emacs-lisp #+BEGIN_SRC emacs-lisp
(use-package flycheck (use-package flycheck)
:preface
(defun mp-flycheck-eldoc (callback &rest _ignored)
"Print flycheck messages at point by calling CALLBACK."
(when-let ((flycheck-errors (and flycheck-mode (flycheck-overlay-errors-at (point)))))
(mapc
(lambda (err)
(funcall callback
(format "%s: %s"
(let ((level (flycheck-error-level err)))
(pcase level
('info (propertize "I" 'face 'flycheck-error-list-info))
('error (propertize "E" 'face 'flycheck-error-list-error))
('warning (propertize "W" 'face 'flycheck-error-list-warning))
(_ level)))
(flycheck-error-message err))
:thing (or (flycheck-error-id err)
(flycheck-error-group err))
:face 'font-lock-doc-face))
flycheck-errors)))
(defun mp-flycheck-prefer-eldoc ()
(add-hook 'eldoc-documentation-functions #'mp-flycheck-eldoc nil t)
(setq eldoc-documentation-strategy 'eldoc-documentation-compose-eagerly)
(setq flycheck-display-errors-function nil)
(setq flycheck-help-echo-function nil))
:hook ((flycheck-mode . mp-flycheck-prefer-eldoc)))
(use-package flycheck-eglot (use-package flycheck-eglot
:after (flycheck eglot) :after (flycheck eglot)
@@ -525,28 +498,15 @@ Setup prefix for keybindings.
) )
(defun alex/format-on-save () (defun alex/format-on-save ()
(let ((excluded-files '("secrets.nix"))) (add-hook 'before-save-hook #'eglot-format-buffer -10 t)
(unless (member (file-name-nondirectory buffer-file-name) excluded-files) )
(add-hook 'before-save-hook #'eglot-format-buffer -10 t))))
(use-package eglot (use-package eglot
:preface
(defun mp-eglot-eldoc ()
(setq eldoc-echo-area-use-multiline-p nil)
(setq eldoc-documentation-strategy
'eldoc-documentation-compose-eagerly))
:config :config
(add-to-list 'eglot-server-programs (add-to-list 'eglot-server-programs
'(scala-mode . '(scala-mode .
("metals" :initializationOptions (:isHttpEnabled t)))) ("metals" :initializationOptions (:isHttpEnabled t))))
(add-to-list 'eglot-server-programs
'(nix-mode . ("nixd")))
(add-to-list 'eglot-server-programs
'(gleam-ts-mode . ("gleam" "lsp")))
(setq-default eglot-workspace-configuration (setq-default eglot-workspace-configuration
'( '(
:metals ( :metals (
@@ -556,20 +516,12 @@ Setup prefix for keybindings.
) )
:hook ( :hook (
(eglot-managed-mode . mp-eglot-eldoc)
(go-mode . eglot-ensure) (go-mode . eglot-ensure)
(go-mode . alex/organize-imports-on-save) (go-mode . alex/organize-imports-on-save)
(go-mode . alex/format-on-save) (go-mode . alex/format-on-save)
(c-mode . eglot-ensure) (c-mode . eglot-ensure)
(nix-mode . eglot-ensure) (nix-mode . eglot-ensure)
(nix-mode . alex/format-on-save)
(gleam-ts-mode . eglot-ensure)
(gleam-ts-mode . alex/format-on-save)
(python-mode . eglot-ensure)
(javascript-mode . eglot-ensure) (javascript-mode . eglot-ensure)
(js-mode . eglot-ensure) (js-mode . eglot-ensure)
(js-jsx-mode . eglot-ensure) (js-jsx-mode . eglot-ensure)
@@ -589,6 +541,13 @@ Setup prefix for keybindings.
:after eglot :after eglot
:config (eglot-booster-mode)) :config (eglot-booster-mode))
#+END_SRC #+END_SRC
** Eldoc-box
#+BEGIN_SRC emacs-lisp
(use-package eldoc-box
:after eglot
:bind (:map eglot-mode-map
("M-h" . eldoc-box-help-at-point)))
#+END_SRC
** Go ** Go
#+BEGIN_SRC emacs-lisp #+BEGIN_SRC emacs-lisp
(use-package go-mode (use-package go-mode
@@ -606,12 +565,6 @@ Setup prefix for keybindings.
) )
) )
#+END_SRC #+END_SRC
** Gleam
#+BEGIN_SRC emacs-lisp
(use-package gleam-ts-mode
:mode "\\.gleam\\'"
)
#+END_SRC
** YAML ** YAML
#+BEGIN_SRC emacs-lisp #+BEGIN_SRC emacs-lisp
(use-package yaml-mode (use-package yaml-mode
@@ -643,8 +596,7 @@ Setup prefix for keybindings.
#+BEGIN_SRC emacs-lisp #+BEGIN_SRC emacs-lisp
(setq (setq
js-indent-level 2 js-indent-level 2
js2-basic-offset 2 js2-basic-offset 2)
indent-tabs-mode nil)
(add-to-list 'auto-mode-alist '("\\.ts\\'" . typescript-ts-mode)) (add-to-list 'auto-mode-alist '("\\.ts\\'" . typescript-ts-mode))
#+END_SRC #+END_SRC

3
hosts/pinwheel/modules/emacs/default.nix
View File

@@ -3,7 +3,7 @@ let
emacs = pkgs.emacsWithPackagesFromUsePackage { emacs = pkgs.emacsWithPackagesFromUsePackage {
package = pkgs.emacs-unstable; package = pkgs.emacs-unstable;
config = ./config.org; config = ./config.org;
defaultInitFile = pkgs.callPackage ./config.nix { }; defaultInitFile = pkgs.callPackage ./config.nix {};
alwaysEnsure = true; alwaysEnsure = true;
alwaysTangle = true; alwaysTangle = true;
@@ -51,7 +51,6 @@ in
emacs emacs
pkgs.wl-clipboard pkgs.wl-clipboard
pkgs.emacs-lsp-booster pkgs.emacs-lsp-booster
pkgs.nixd
]; ];
}; };

14
hosts/pinwheel/modules/firefox/default.nix
View File

@@ -29,14 +29,14 @@ let
ff = pkgs.writeShellApplication { ff = pkgs.writeShellApplication {
name = "ff"; name = "ff";
text = '' text = ''
${wrapped}/bin/firefox-devedition --ProfileManager ${wrapped}/bin/firefox --ProfileManager
''; '';
}; };
ff-alex = pkgs.writeShellApplication { ff-alex = pkgs.writeShellApplication {
name = "ff-alex"; name = "ff-alex";
text = '' text = ''
${wrapped}/bin/firefox-devedition -P alex --new-window "$@" ${wrapped}/bin/firefox -P alex --new-window "$@"
''; '';
}; };
@@ -59,7 +59,7 @@ in
name = "alex"; name = "alex";
isDefault = true; isDefault = true;
settings = sharedSettings // { }; settings = sharedSettings // {};
}; };
work = { work = {
@@ -109,14 +109,12 @@ in
configFile."mimeapps.list".force = true; configFile."mimeapps.list".force = true;
}; };
home.packages = [
ff home.packages = [ ff ff-alex ];
ff-alex
];
}; };
environment.variables = { environment.variables = {
MOZ_ENABLE_WAYLAND = 1; MOZ_ENABLE_WAYLAND=1;
BROWSER = "${ff-alex}/bin/ff-alex $@"; BROWSER = "${ff-alex}/bin/ff-alex $@";
}; };
} }

4
hosts/pinwheel/modules/fonts/default.nix
View File

@@ -2,9 +2,9 @@
{ {
fonts.packages = [ fonts.packages = [
pkgs.noto-fonts pkgs.noto-fonts
pkgs.noto-fonts-cjk-sans pkgs.noto-fonts-cjk
pkgs.noto-fonts-emoji pkgs.noto-fonts-emoji
pkgs.nerd-fonts.jetbrains-mono pkgs.nerdfonts
pkgs.liberation_ttf pkgs.liberation_ttf
]; ];
} }

7
hosts/pinwheel/modules/foot/default.nix
View File

@@ -1,9 +1,4 @@
{ { pkgs, lib, config, ... }:
pkgs,
lib,
config,
...
}:
let let
enabled = config.mod.foot.enable; enabled = config.mod.foot.enable;

12
hosts/pinwheel/modules/games/default.nix
View File

@@ -1,6 +1,16 @@
{ pkgs, ... }: { pkgs, ... }:
{ {
home-manager.users.alex = { home-manager.users.alex = {
home.packages = [ pkgs.brogue-ce ]; home.packages = [
pkgs.brogue-ce
(pkgs.retroarch.override {
cores = [
pkgs.libretro.genesis-plus-gx
pkgs.libretro.snes9x
pkgs.libretro.dolphin
];
})
];
}; };
} }

11
hosts/pinwheel/modules/git/default.nix
View File

@@ -1,9 +1,4 @@
{ { pkgs, lib, config, ... }:
pkgs,
lib,
config,
...
}:
let let
enabled = config.mod.git.enable; enabled = config.mod.git.enable;
in in
@@ -22,10 +17,6 @@ in
includes = [ includes = [
{ path = ./gitconfig; } { path = ./gitconfig; }
]; ];
extraConfig = {
rerere.enable = true;
};
}; };
home.packages = [ pkgs.tig ]; home.packages = [ pkgs.tig ];

5
hosts/pinwheel/modules/git/gitconfig
View File

@@ -5,8 +5,9 @@
[url "git@github.com:"] [url "git@github.com:"]
insteadOf = https://github.com/ insteadOf = https://github.com/
[url "git@gitlab.com:"]
insteadOf = https://gitlab.com/
[url "git@codeberg.org:"] [url "git@codeberg.org:"]
insteadOf = https://codeberg.org/ insteadOf = https://codeberg.org/
[url "gitea@git.ppp.pm:"]
insteadOf = https://git.ppp.pm/

25
hosts/pinwheel/modules/gleam/default.nix
View File

@@ -1,25 +0,0 @@
{
pkgs,
lib,
config,
...
}:
let
enabled = config.mod.gleam.enable;
in
{
options = {
mod.gleam = {
enable = lib.mkEnableOption "enable gleam module";
};
};
config = lib.mkIf enabled {
home-manager.users.alex = {
home.packages = [
pkgs.gleam
pkgs.erlang
];
};
};
}

25
hosts/pinwheel/modules/go/default.nix
View File

@@ -1,9 +1,4 @@
{ { pkgs, lib, config, ... }:
pkgs,
lib,
config,
...
}:
let let
enabled = config.mod.go.enable; enabled = config.mod.go.enable;
in in
@@ -15,14 +10,26 @@ in
}; };
config = lib.mkIf enabled { config = lib.mkIf enabled {
nixpkgs.overlays = let
buildGo122 = pkgs: pkg:
pkg.override { buildGoModule = pkgs.buildGo122Module; };
in
[
(final: prev: {
go = prev.go_1_22;
gopls = buildGo122 prev prev.gopls;
go-tools = buildGo122 prev prev.go-tools;
govulncheck = buildGo122 prev prev.govulncheck;
gotestsum = buildGo122 prev prev.gotestsum;
})
];
home-manager.users.alex = { home-manager.users.alex = {
programs.go = { programs.go = {
enable = true; enable = true;
package = pkgs.go; package = pkgs.go;
env = { goPath = "code/go";
GOPATH = "/home/alex/code/go";
};
}; };
home.packages = [ home.packages = [

10
hosts/pinwheel/modules/greetd/default.nix
View File

@@ -1,9 +1,4 @@
{ { pkgs, lib, config, ... }:
pkgs,
lib,
config,
...
}:
let let
enabled = config.mod.greetd.enable; enabled = config.mod.greetd.enable;
in in
@@ -18,8 +13,7 @@ in
services.greetd = { services.greetd = {
enable = true; enable = true;
settings = settings = let
let
session = { session = {
user = "alex"; user = "alex";
command = "${pkgs.hyprland}/bin/Hyprland"; command = "${pkgs.hyprland}/bin/Hyprland";

122
hosts/pinwheel/modules/hyprland/default.nix
View File

@@ -1,9 +1,4 @@
{ { pkgs, lib, config, ... }:
pkgs,
lib,
config,
...
}:
let let
enabled = config.mod.hyprland.enable; enabled = config.mod.hyprland.enable;
in in
@@ -25,14 +20,11 @@ in
extraConfig = '' extraConfig = ''
exec-once=waybar exec-once=waybar
exec-once=hyprctl setcursor Adwaita 24
env = GDK_DPI_SCALE,1.5 env = GDK_DPI_SCALE,1.5
env = HYPRCURSOR_THEME,Adwaita env = XCURSOR_SIZE,64
env = HYPRCURSOR_SIZE,24
monitor=eDP-1, 1920x1200, auto-center-down, 1 monitor=eDP-1, 1920x1200, 0x0, 1
monitor=HDMI-A-1, 2560x1440@100, auto-center-up, 1
workspace = 1, monitor:HDMI-A-1 workspace = 1, monitor:HDMI-A-1
workspace = 2, monitor:HDMI-A-1 workspace = 2, monitor:HDMI-A-1
@@ -45,13 +37,6 @@ in
workspace = 9, monitor:eDP-1 workspace = 9, monitor:eDP-1
workspace = 10, monitor:eDP-1 workspace = 10, monitor:eDP-1
workspace = w[tv1], gapsout:0, gapsin:0
workspace = f[1], gapsout:0, gapsin:0
windowrulev2 = bordersize 0, floating:0, onworkspace:w[tv1]
windowrulev2 = rounding 0, floating:0, onworkspace:w[tv1]
windowrulev2 = bordersize 0, floating:0, onworkspace:f[1]
windowrulev2 = rounding 0, floating:0, onworkspace:f[1]
exec-once=dbus-update-activation-environment --systemd WAYLAND_DISPLAY XDG_CURRENT_DESKTOP exec-once=dbus-update-activation-environment --systemd WAYLAND_DISPLAY XDG_CURRENT_DESKTOP
''; '';
@@ -70,7 +55,7 @@ in
# 2 - Cursor focus will be detached from keyboard focus. Clicking on a window will move keyboard focus to that window. # 2 - Cursor focus will be detached from keyboard focus. Clicking on a window will move keyboard focus to that window.
follow_mouse = 2; follow_mouse = 2;
sensitivity = 0.3; sensitivity = 0.30;
touchpad = { touchpad = {
natural_scroll = false; natural_scroll = false;
tap-and-drag = false; tap-and-drag = false;
@@ -94,21 +79,19 @@ in
dwindle = { dwindle = {
force_split = 2; force_split = 2;
no_gaps_when_only = 1;
}; };
bind = bind = let
let ws = x:
ws = let n = if (x + 1) < 10
x: then (x + 1)
let else 0;
n = if (x + 1) < 10 then (x + 1) else 0;
in in
builtins.toString n; builtins.toString n;
select = builtins.genList (x: "$mod, ${ws x}, workspace, ${builtins.toString (x + 1)}") 10; select = builtins.genList (x: "$mod, ${ws x}, workspace, ${builtins.toString (x + 1)}") 10;
move = builtins.genList ( move = builtins.genList (x: "$mod SHIFT, ${ws x}, movetoworkspacesilent, ${builtins.toString (x + 1)}") 10;
x: "$mod SHIFT, ${ws x}, movetoworkspacesilent, ${builtins.toString (x + 1)}"
) 10;
magnifier = pkgs.writeShellScript "magnifier" '' magnifier = pkgs.writeShellScript "magnifier" ''
CURRENT=$(${pkgs.hyprland}/bin/hyprctl getoption cursor:zoom_factor -j | ${pkgs.jq}/bin/jq .float) CURRENT=$(${pkgs.hyprland}/bin/hyprctl getoption cursor:zoom_factor -j | ${pkgs.jq}/bin/jq .float)
@@ -128,9 +111,7 @@ in
${pkgs.hyprland}/bin/hyprctl keyword cursor:zoom_factor $UPDATED ${pkgs.hyprland}/bin/hyprctl keyword cursor:zoom_factor $UPDATED
''; '';
in in
select select ++ move ++ [
++ move
++ [
"$mod, ESCAPE, killactive" "$mod, ESCAPE, killactive"
"$mod, f, fullscreen, 1" "$mod, f, fullscreen, 1"
@@ -180,5 +161,84 @@ in
# openGL is needed for wayland/hyprland # openGL is needed for wayland/hyprland
hardware.graphics.enable = true; hardware.graphics.enable = true;
systemd.user.services.hyprland-monitors = {
# systemctl --user restart hyprland-monitors.service
# journalctl --user -u hyprland-monitors.service -e -f
unitConfig = {
Description = "handles hyprland monitor connect/disconnect";
};
wantedBy = [ "graphical-session.target" ];
requires = [ "graphical-session.target" ];
after = [ "graphical-session.target" ];
path = [
pkgs.coreutils # to include `cat`
pkgs.waybar
pkgs.hyprland
pkgs.socat
pkgs.jq
pkgs.bc
pkgs.libnotify
];
script = let
moveWSToMonitor = monitor: first: last:
if last < first
then throw "'first' has to be less than or equal to 'last'"
else
builtins.genList (n: "dispatch moveworkspacetomonitor ${builtins.toString (first + n)} ${monitor}") (last - first + 1);
external = moveWSToMonitor "HDMI-A-1" 1 5;
internal = moveWSToMonitor "eDPI-1" 6 10;
onlyInternal = moveWSToMonitor "eDPI-1" 1 10;
in
''
update() {
HDMI_STATUS=$(cat /sys/class/drm/card1-HDMI-A-1/status)
INTERNAL_WIDTH=1920
INTERNAL_HEIGHT=1200
if [ $HDMI_STATUS = "connected" ]; then
notify-send "Using external and laptop monitor"
hyprctl keyword monitor HDMI-A-1,preferred,0x0,1
HDMI=$(hyprctl monitors -j | jq '.[] | select(.name=="HDMI-A-1")')
HDMI_WIDTH=$(echo $HDMI | jq .width)
HDMI_HEIGHT=$(echo $HDMI | jq .height)
INTERNAL_POS_X=$(echo "($HDMI_WIDTH - $INTERNAL_WIDTH) / 2" | bc)
if (( $(echo "$INTERNAL_POS_X < 0" | bc) )); then INTERNAL_POS_X=0; fi
INTERNAL_POS_Y=$HDMI_HEIGHT
hyprctl keyword monitor eDP-1,$INTERNAL_WIDTH"x"$INTERNAL_HEIGHT,$INTERNAL_POS_X"x"$INTERNAL_POS_Y,1
hyprctl --batch "${lib.strings.concatStringsSep ";" (external ++ internal)}"
else
notify-send "Using only laptop monitor"
hyprctl --batch "keyword monitor HDMI-A,disable; keyword monitor eDP-1,$INTERNAL_WIDTH"x"$INTERNAL_HEIGHT,0x0,1"
hyprctl --batch "${lib.strings.concatStringsSep ";" onlyInternal}"
fi
}
handle() {
case $1 in
monitoradded\>\>*|monitorremoved\>\>*)
echo "handling event: \"$1\""
update ;;
esac
}
echo "Starting service with instance \"$HYPRLAND_INSTANCE_SIGNATURE\""
# Do initial configuration
update
socat -U - UNIX-CONNECT:$XDG_RUNTIME_DIR/hypr/$HYPRLAND_INSTANCE_SIGNATURE/.socket2.sock | while read -r line; do handle "$line"; done
'';
};
}; };
} }

2
hosts/pinwheel/modules/javascript/default.nix
View File

@@ -1,4 +1,4 @@
{ pkgs, ... }: { pkgs, ...}:
{ {
home-manager.users.alex = { home-manager.users.alex = {
home.packages = [ pkgs.nodePackages.typescript-language-server ]; home.packages = [ pkgs.nodePackages.typescript-language-server ];

7
hosts/pinwheel/modules/keyboard/default.nix
View File

@@ -1,9 +1,4 @@
{ { pkgs, lib, config, ... }:
pkgs,
lib,
config,
...
}:
let let
enabled = config.mod.keyboard.enable; enabled = config.mod.keyboard.enable;
in in

7
hosts/pinwheel/modules/light/default.nix
View File

@@ -1,9 +1,4 @@
{ { pkgs, lib, config, ... }:
pkgs,
lib,
config,
...
}:
let let
hyprlandEnabled = config.mod.hyprland.enable; hyprlandEnabled = config.mod.hyprland.enable;
in in

30
hosts/pinwheel/modules/mullvad/default.nix Normal file
View File

@@ -0,0 +1,30 @@
{ pkgs, lib, config, ... }:
let
enabled = config.mod.mullvad.enable;
in
{
options = {
mod.mullvad = {
enable = lib.mkEnableOption "enable mullvad module";
};
};
config = lib.mkIf enabled {
services.mullvad-vpn = {
enable = true;
package = pkgs.mullvad-vpn;
};
age.secrets = {
"mullvad-device" = {
file = ../../../../secrets/pinwheel/mullvad-device.age;
path = "/etc/mullvad-vpn/device.json";
};
"mullvad-account-history" = {
file = ../../../../secrets/pinwheel/mullvad-account-history.age;
path = "/etc/mullvad-vpn/account-history.json";
};
};
};
}

50
hosts/pinwheel/modules/music/default.nix
View File

@@ -1,50 +0,0 @@
{
inputs,
pkgs,
lib,
config,
...
}:
let
hyprlandEnabled = config.mod.hyprland.enable;
in
{
home-manager.users.alex = {
wayland.windowManager.hyprland = lib.mkIf hyprlandEnabled {
settings = {
bind =
let
prev = "${pkgs.playerctl}/bin/playerctl -p naviterm,spotify previous";
next = "${pkgs.playerctl}/bin/playerctl -p naviterm,spotify next";
in
[
", XF86AudioPrev, exec, ${prev}"
", XF86AudioNext, exec, ${next}"
", XF86AudioPlay, exec, ${pkgs.playerctl}/bin/playerctl -p naviterm,spotify play-pause"
", XF86AudioPause, exec, ${pkgs.playerctl}/bin/playerctl -p naviterm,spoitfy play-pause"
"$mod ALT, LEFT, exec, ${prev}"
"$mod ALT, RIGHT, exec, ${next}"
"$mod ALT, DOWN, exec, ${pkgs.playerctl}/bin/playerctl -p naviterm,spotify play-pause"
];
};
};
home.packages = [
pkgs.playerctl
pkgs.spotify
inputs.naviterm.packages.${pkgs.system}.default
];
};
systemd.user.services.playerctld = {
unitConfig = {
Description = "starts playerctld daemon";
};
wantedBy = [ "default.target" ];
serviceConfig = {
ExecStart = "${pkgs.playerctl}/bin/playerctld";
};
};
}

2
hosts/pinwheel/modules/nix/default.nix
View File

@@ -2,7 +2,7 @@
{ {
home-manager.users.alex = { home-manager.users.alex = {
home.packages = [ home.packages = [
pkgs.nixfmt-rfc-style pkgs.nil
pkgs.nix-tree pkgs.nix-tree
]; ];
}; };

12
hosts/pinwheel/modules/openvpn/default.nix
View File

@@ -1,9 +1,4 @@
{ { pkgs, lib, config, ... }:
pkgs,
lib,
config,
...
}:
let let
enabled = config.mod.openvpn.enable; enabled = config.mod.openvpn.enable;
in in
@@ -18,12 +13,13 @@ in
home-manager.users.alex = { home-manager.users.alex = {
home.packages = [ home.packages = [
pkgs.openvpn pkgs.openvpn
pkgs.update-systemd-resolved
]; ];
}; };
services.resolved = { services.resolved = {
enable = true; enable = false;
dnssec = "false"; dnssec = "true";
domains = [ "~." ]; domains = [ "~." ];
fallbackDns = [ fallbackDns = [
"1.1.1.1#one.one.one.one" "1.1.1.1#one.one.one.one"

7
hosts/pinwheel/modules/physlock/default.nix
View File

@@ -1,9 +1,4 @@
{ { pkgs, lib, config, ... }:
pkgs,
lib,
config,
...
}:
let let
enabled = config.mod.physlock.enable; enabled = config.mod.physlock.enable;
hyprlandEnabled = config.mod.hyprland.enable; hyprlandEnabled = config.mod.hyprland.enable;

19
hosts/pinwheel/modules/power/default.nix
View File

@@ -1,9 +1,4 @@
{ { pkgs, lib, config, ... }:
pkgs,
lib,
config,
...
}:
let let
enabled = config.mod.power.enable; enabled = config.mod.power.enable;
lowbat = config.mod.lowbat; lowbat = config.mod.lowbat;
@@ -44,8 +39,8 @@ in
enable = true; enable = true;
settings = { settings = {
START_CHARGE_THRESH_BAT0 = 75; START_CHARGE_THRESH_BAT0=75;
STOP_CHARGE_THRESH_BAT0 = 80; STOP_CHARGE_THRESH_BAT0=80;
}; };
}; };
}; };
@@ -63,7 +58,7 @@ in
Persistent = true; Persistent = true;
}; };
wantedBy = [ "timers.target" ]; wantedBy = ["timers.target"];
}; };
}; };
@@ -83,11 +78,9 @@ in
pkgs.swaylock pkgs.swaylock
]; ];
script = script = let
let
pause-music = "${pkgs.playerctl}/bin/playerctl -p spotify pause"; pause-music = "${pkgs.playerctl}/bin/playerctl -p spotify pause";
in in ''
''
BATTERY_CAPACITY=$(cat /sys/class/power_supply/${lowbat.battery}/capacity) BATTERY_CAPACITY=$(cat /sys/class/power_supply/${lowbat.battery}/capacity)
BATTERY_STATUS=$(cat /sys/class/power_supply/${lowbat.battery}/status) BATTERY_STATUS=$(cat /sys/class/power_supply/${lowbat.battery}/status)
echo "Battery capacity: $BATTERY_CAPACITY" echo "Battery capacity: $BATTERY_CAPACITY"

7
hosts/pinwheel/modules/python/default.nix
View File

@@ -1,9 +1,4 @@
{ { pkgs, lib, config, ... }:
pkgs,
lib,
config,
...
}:
let let
enabled = config.mod.python.enable; enabled = config.mod.python.enable;
in in

7
hosts/pinwheel/modules/rust/default.nix
View File

@@ -1,9 +1,4 @@
{ { pkgs, lib, config, ... }:
pkgs,
lib,
config,
...
}:
let let
enabled = config.mod.rust.enable; enabled = config.mod.rust.enable;
in in

7
hosts/pinwheel/modules/scala/default.nix
View File

@@ -1,9 +1,4 @@
{ { pkgs, lib, config, ... }:
pkgs,
lib,
config,
...
}:
let let
enabled = config.mod.scala.enable; enabled = config.mod.scala.enable;

8
hosts/pinwheel/modules/screenshot/default.nix
View File

@@ -1,10 +1,4 @@
{ { inputs, pkgs, lib, config, ...}:
inputs,
pkgs,
lib,
config,
...
}:
let let
hyprlandEnabled = config.mod.hyprland.enable; hyprlandEnabled = config.mod.hyprland.enable;

7
hosts/pinwheel/modules/scripts/default.nix
View File

@@ -1,9 +1,4 @@
{ { pkgs, lib, config, ... }:
pkgs,
lib,
config,
...
}:
let let
enabled = config.mod.scripts.enable; enabled = config.mod.scripts.enable;

15
hosts/pinwheel/modules/sound/default.nix
View File

@@ -1,16 +1,11 @@
{ { pkgs, lib, config, ... }:
pkgs,
lib,
config,
...
}:
let let
hyprlandEnabled = config.mod.hyprland.enable; hyprlandEnabled = config.mod.hyprland.enable;
in in
{ {
users.users.alex.extraGroups = [ "audio" ]; users.users.alex.extraGroups = [ "audio" ];
services.pulseaudio.enable = false; hardware.pulseaudio.enable = false;
security.rtkit.enable = true; security.rtkit.enable = true;
services.pipewire = { services.pipewire = {
@@ -25,8 +20,7 @@ in
home-manager.users.alex = { home-manager.users.alex = {
wayland.windowManager.hyprland = lib.mkIf hyprlandEnabled { wayland.windowManager.hyprland = lib.mkIf hyprlandEnabled {
settings = { settings = {
bind = bind = let
let
toggle-output-mute = pkgs.writeShellScript "toggle-output-mute" '' toggle-output-mute = pkgs.writeShellScript "toggle-output-mute" ''
${pkgs.wireplumber}/bin/wpctl set-mute @DEFAULT_AUDIO_SINK@ toggle ${pkgs.wireplumber}/bin/wpctl set-mute @DEFAULT_AUDIO_SINK@ toggle
MUTED=$(${pkgs.wireplumber}/bin/wpctl get-volume @DEFAULT_AUDIO_SINK@ | grep MUTED | wc -l) MUTED=$(${pkgs.wireplumber}/bin/wpctl get-volume @DEFAULT_AUDIO_SINK@ | grep MUTED | wc -l)
@@ -38,8 +32,7 @@ in
MUTED=$(${pkgs.wireplumber}/bin/wpctl get-volume @DEFAULT_AUDIO_SOURCE@ | grep MUTED | wc -l) MUTED=$(${pkgs.wireplumber}/bin/wpctl get-volume @DEFAULT_AUDIO_SOURCE@ | grep MUTED | wc -l)
echo $MUTED > /sys/class/leds/platform::micmute/brightness echo $MUTED > /sys/class/leds/platform::micmute/brightness
''; '';
in in [
[
", XF86AudioRaiseVolume, exec, ${pkgs.wireplumber}/bin/wpctl set-volume -l 1.5 @DEFAULT_AUDIO_SINK@ 2%+" ", XF86AudioRaiseVolume, exec, ${pkgs.wireplumber}/bin/wpctl set-volume -l 1.5 @DEFAULT_AUDIO_SINK@ 2%+"
", XF86AudioLowerVolume, exec, ${pkgs.wireplumber}/bin/wpctl set-volume @DEFAULT_AUDIO_SINK@ 2%-" ", XF86AudioLowerVolume, exec, ${pkgs.wireplumber}/bin/wpctl set-volume @DEFAULT_AUDIO_SINK@ 2%-"
", XF86AudioMute, exec, ${toggle-output-mute}" ", XF86AudioMute, exec, ${toggle-output-mute}"

41
hosts/pinwheel/modules/spotify/default.nix Normal file
View File

@@ -0,0 +1,41 @@
{ pkgs, lib, config, ... }:
let
hyprlandEnabled = config.mod.hyprland.enable;
in
{
home-manager.users.alex = {
wayland.windowManager.hyprland = lib.mkIf hyprlandEnabled {
settings = {
bind = let
prev = "${pkgs.playerctl}/bin/playerctl -p spotify previous";
next = "${pkgs.playerctl}/bin/playerctl -p spotify next";
in [
", XF86AudioPrev, exec, ${prev}"
", XF86AudioNext, exec, ${next}"
", XF86AudioPlay, exec, ${pkgs.playerctl}/bin/playerctl -p spotify play-pause"
", XF86AudioPause, exec, ${pkgs.playerctl}/bin/playerctl -p spoitfy play-pause"
"$mod ALT, LEFT, exec, ${prev}"
"$mod ALT, RIGHT, exec, ${next}"
"$mod ALT, DOWN, exec, ${pkgs.playerctl}/bin/playerctl -p spotify play-pause"
];
};
};
home.packages = [
pkgs.playerctl
pkgs.spotify
];
};
systemd.user.services.playerctld = {
unitConfig = {
Description = "starts playerctld daemon";
};
wantedBy = [ "default.target" ];
serviceConfig = {
ExecStart = "${pkgs.playerctl}/bin/playerctld";
};
};
}

79
hosts/pinwheel/modules/ssh/default.nix
View File

@@ -5,20 +5,33 @@
enable = true; enable = true;
matchBlocks = { matchBlocks = {
"manatee" = { "backwards.local" = {
hostname = "manatee"; hostname = "192.168.50.202";
user = "alex";
identityFile = "/home/alex/.ssh/alex.pinwheel-manatee";
port = 1122;
};
"backwards" = {
hostname = "backwards";
user = "alex"; user = "alex";
identityFile = "/home/alex/.ssh/alex.pinwheel-backwards"; identityFile = "/home/alex/.ssh/alex.pinwheel-backwards";
port = 1122; port = 1122;
}; };
"sombrero.local" = {
hostname = "192.168.50.200";
user = "alex";
identityFile = "/home/alex/.ssh/alex.pinwheel-sombrero";
port = 1122;
};
"sombrero" = {
hostname = "sombrero.a2x.se";
user = "alex";
identityFile = "/home/alex/.ssh/alex.pinwheel-sombrero";
port = 1122;
};
"andromeda" = {
hostname = "andromeda.a2x.se";
user = "alex";
identityFile = "/home/alex/.ssh/alex.pinwheel-andromeda";
};
"tadpole" = { "tadpole" = {
hostname = "65.21.106.222"; hostname = "65.21.106.222";
user = "alex"; user = "alex";
@@ -35,11 +48,6 @@
hostname = "codeberg.org"; hostname = "codeberg.org";
identityFile = "/home/alex/.ssh/alex.pinwheel-codeberg.org"; identityFile = "/home/alex/.ssh/alex.pinwheel-codeberg.org";
}; };
"git.ppp.pm" = {
hostname = "git.ppp.pm";
identityFile = "/home/alex/.ssh/alex.pinwheel-git.ppp.pm";
};
}; };
}; };
@@ -47,19 +55,6 @@
}; };
age.secrets = { age.secrets = {
"alex.pinwheel-manatee" = {
file = ../../../../secrets/pinwheel/alex.pinwheel-manatee.age;
path = "/home/alex/.ssh/alex.pinwheel-manatee";
owner = "alex";
group = "users";
};
"alex.pinwheel-manatee.pub" = {
file = ../../../../secrets/pinwheel/alex.pinwheel-manatee.pub.age;
path = "/home/alex/.ssh/alex.pinwheel-manatee.pub";
owner = "alex";
group = "users";
};
"alex.pinwheel-backwards" = { "alex.pinwheel-backwards" = {
file = ../../../../secrets/pinwheel/alex.pinwheel-backwards.age; file = ../../../../secrets/pinwheel/alex.pinwheel-backwards.age;
path = "/home/alex/.ssh/alex.pinwheel-backwards"; path = "/home/alex/.ssh/alex.pinwheel-backwards";
@@ -72,6 +67,18 @@
owner = "alex"; owner = "alex";
group = "users"; group = "users";
}; };
"alex.pinwheel-sombrero" = {
file = ../../../../secrets/pinwheel/alex.pinwheel-sombrero.age;
path = "/home/alex/.ssh/alex.pinwheel-sombrero";
owner = "alex";
group = "users";
};
"alex.pinwheel-sombrero.pub" = {
file = ../../../../secrets/pinwheel/alex.pinwheel-sombrero.pub.age;
path = "/home/alex/.ssh/alex.pinwheel-sombrero.pub";
owner = "alex";
group = "users";
};
"alex.pinwheel-github.com" = { "alex.pinwheel-github.com" = {
file = ../../../../secrets/pinwheel/alex.pinwheel-github.com.age; file = ../../../../secrets/pinwheel/alex.pinwheel-github.com.age;
@@ -99,15 +106,15 @@
group = "users"; group = "users";
}; };
"alex.pinwheel-git.ppp.pm" = { "alex.pinwheel-andromeda" = {
file = ../../../../secrets/pinwheel/alex.pinwheel-git.ppp.pm.age; file = ../../../../secrets/pinwheel/alex.pinwheel-andromeda.age;
path = "/home/alex/.ssh/alex.pinwheel-git.ppp.pm"; path = "/home/alex/.ssh/alex.pinwheel-andromeda";
owner = "alex"; owner = "alex";
group = "users"; group = "users";
}; };
"alex.pinwheel-git.ppp.pm.pub" = { "alex.pinwheel-andromeda.pub" = {
file = ../../../../secrets/pinwheel/alex.pinwheel-git.ppp.pm.pub.age; file = ../../../../secrets/pinwheel/alex.pinwheel-andromeda.pub.age;
path = "/home/alex/.ssh/alex.pinwheel-git.ppp.pm.pub"; path = "/home/alex/.ssh/alex.pinwheel-andromeda.pub";
owner = "alex"; owner = "alex";
group = "users"; group = "users";
}; };
@@ -130,11 +137,9 @@
enable = true; enable = true;
ports = [ 1122 ]; ports = [ 1122 ];
hostKeys = [ hostKeys = [{
{
path = "/etc/ssh/pinwheel"; path = "/etc/ssh/pinwheel";
type = "ed25519"; type = "ed25519";
} }];
];
}; };
} }

10
hosts/pinwheel/modules/swaylock/default.nix
View File

@@ -1,9 +1,4 @@
{ { pkgs, lib, config, ... }:
pkgs,
lib,
config,
...
}:
let let
enabled = config.mod.swaylock.enable; enabled = config.mod.swaylock.enable;
hyprlandEnabled = config.mod.hyprland.enable; hyprlandEnabled = config.mod.hyprland.enable;
@@ -35,8 +30,7 @@ in
wayland.windowManager.hyprland = lib.mkIf hyprlandEnabled { wayland.windowManager.hyprland = lib.mkIf hyprlandEnabled {
settings = { settings = {
bind = bind = let
let
pause-music = "${pkgs.playerctl}/bin/playerctl -p spotify pause"; pause-music = "${pkgs.playerctl}/bin/playerctl -p spotify pause";
dpmsTimeout = config.mod.swaylock.dpmsTimeout; dpmsTimeout = config.mod.swaylock.dpmsTimeout;

17
hosts/pinwheel/modules/syncthing/default.nix
View File

@@ -15,18 +15,13 @@
settings = { settings = {
devices = { devices = {
phone.id = config.lib.syncthing.phone; phone.id = config.lib.syncthing.phone;
backwards.id = config.lib.syncthing.backwards; sombrero.id = config.lib.syncthing.sombrero;
manatee.id = config.lib.syncthing.manatee;
}; };
folders = { folders = {
org = { org = {
path = "/home/alex/sync/org"; path = "/home/alex/sync/org";
devices = [ devices = [ "sombrero" "phone" ];
"phone"
"backwards"
"manatee"
];
versioning = { versioning = {
type = "staggered"; type = "staggered";
params = { params = {
@@ -37,7 +32,7 @@
personal = { personal = {
path = "/home/alex/sync/personal"; path = "/home/alex/sync/personal";
devices = [ "backwards" ]; devices = [ "sombrero" ];
versioning = { versioning = {
type = "staggered"; type = "staggered";
params = { params = {
@@ -48,7 +43,7 @@
work = { work = {
path = "/home/alex/sync/work"; path = "/home/alex/sync/work";
devices = [ "backwards" ]; devices = [ "sombrero" ];
versioning = { versioning = {
type = "staggered"; type = "staggered";
params = { params = {
@@ -58,8 +53,8 @@
}; };
books = { books = {
path = "/home/alex/sync/reading-material/books"; path = "/home/alex/sync/books";
devices = [ "backwards" ]; devices = [ "sombrero" ];
versioning = { versioning = {
type = "staggered"; type = "staggered";
params = { params = {

1
hosts/pinwheel/modules/tailscale/default.nix
View File

@@ -6,4 +6,5 @@
checkReversePath = "loose"; checkReversePath = "loose";
allowedUDPPorts = [ 41641 ]; allowedUDPPorts = [ 41641 ];
}; };
} }

2
hosts/pinwheel/modules/terraform/default.nix
View File

@@ -1,4 +1,4 @@
{ pkgs, ... }: { pkgs, ...}:
{ {
home-manager.users.alex = { home-manager.users.alex = {
home.packages = [ home.packages = [

16
hosts/pinwheel/modules/vm/default.nix
View File

@@ -1,9 +1,4 @@
{ { pkgs, lib, config, ... }:
pkgs,
lib,
config,
...
}:
let let
enabled = config.mod.vm.enable; enabled = config.mod.vm.enable;
in in
@@ -17,10 +12,7 @@ in
config = lib.mkIf enabled { config = lib.mkIf enabled {
virtualisation = { virtualisation = {
spiceUSBRedirection.enable = true; # Allow redirecting USB to the VM spiceUSBRedirection.enable = true; # Allow redirecting USB to the VM
libvirtd = { libvirtd.enable = true;
enable = true;
qemu.vhostUserPackages = [ pkgs.virtiofsd ];
};
}; };
users.users.alex = { users.users.alex = {
@@ -34,8 +26,8 @@ in
home-manager.users.alex = { home-manager.users.alex = {
dconf.settings = { dconf.settings = {
"org/virt-manager/virt-manager/connections" = { "org/virt-manager/virt-manager/connections" = {
autoconnect = [ "qemu:///system" ]; autoconnect = ["qemu:///system"];
uris = [ "qemu:///system" ]; uris = ["qemu:///system"];
}; };
}; };
}; };

129
hosts/pinwheel/modules/waybar/default.nix
View File

@@ -1,20 +1,15 @@
{ { pkgs, lib, config, ... }:
pkgs,
lib,
config,
...
}:
let let
hyprlandEnabled = config.mod.hyprland.enable; hyprlandEnabled = config.mod.hyprland.enable;
music-status = pkgs.writeShellScript "music-status" '' spotify-status = pkgs.writeShellScript "spotify-status" ''
STATUS=$(${pkgs.playerctl}/bin/playerctl -p naviterm,spotify status 2>&1) STATUS=$(${pkgs.playerctl}/bin/playerctl -p spotify status 2>&1)
if [ "$STATUS" = "No players found" ]; then if [ "$STATUS" = "No players found" ]; then
echo "" echo ""
else else
FORMAT="{{markup_escape(xesam:title)}} - {{markup_escape(xesam:artist)}}" FORMAT="{{markup_escape(xesam:title)}} - {{markup_escape(xesam:artist)}}"
OUTPUT=$(${pkgs.playerctl}/bin/playerctl -p naviterm,spotify metadata --format "$FORMAT") OUTPUT=$(${pkgs.playerctl}/bin/playerctl -p spotify metadata --format "$FORMAT")
case "$STATUS" in case "$STATUS" in
"Playing") "Playing")
echo "<span font='14' rise='-3000'></span> $OUTPUT" echo "<span font='14' rise='-3000'></span> $OUTPUT"
@@ -40,45 +35,47 @@ let
fi fi
''; '';
tailscale = pkgs.writeShellScript "tailscale" '' mullvad = pkgs.writeShellScript "mullvad" ''
STATUS_STOPPED="Tailscale is stopped." STATUS_DISCONNECTING="Disconnecting"
STATUS_DISCONNECTED="Disconnected"
STATUS_CONNECTING="Connecting"
STATUS_CONNECTED="Connected"
status() {
STATUS=$(${pkgs.mullvad}/bin/mullvad status | ${pkgs.gawk}/bin/awk 'NR==1{print $1}')
echo $STATUS
}
output() { output() {
STATUS=$(tailscale status) case $(status) in
$STATUS_DISCONNECTED)
case $STATUS in echo '{ "text": "", "class": "disconnected" }' ;;
$STATUS_STOPPED) $STATUS_CONNECTING)
echo '{ "text": "", "class": "disconnected" }' ;; echo '{ "text": "", "tooltip": "Connecting", "class": "disconnected" }' ;;
$STATUS_CONNECTED)
TOOLTIP=$(${pkgs.mullvad}/bin/mullvad status | ${pkgs.gawk}/bin/awk 'NR==1')
echo "{ \"text\": \"\", \"tooltip\":\"$TOOLTIP\" }" ;;
$STATUS_DISCONNECTING)
echo '{ "text": "", "tooltip": "Disconnecting", "class": "disconnected" }' ;;
*) *)
EXIT_NODE=$(tailscale status --json | ${pkgs.jq}/bin/jq .ExitNodeStatus) echo '{ "text": "", "tooltip": "Status unknown", "class": "disconnected" }' ;;
EXIT_NODE_ONLINE=$(echo $EXIT_NODE | ${pkgs.jq}/bin/jq .Online)
if [ "$EXIT_NODE_ONLINE" == "null" ]; then
echo '{ "text": "", "class": "disconnected" }'
exit 0
fi
EXIT_NODE_ID=$(echo $EXIT_NODE | ${pkgs.jq}/bin/jq .ID)
EXIT_NODE_NAME=$(tailscale status --json | ${pkgs.jq}/bin/jq ".Peer.[] | select(.ID == $EXIT_NODE_ID) | .HostName")
echo "{ \"text\": \"\", \"tooltip\": $EXIT_NODE_NAME }"
;;
esac esac
} }
toggle-exit-node() { toggle() {
PREFERRED_EXIT_NODE=$(${pkgs.coreutils}/bin/cat ${config.age.secrets.tailscale-preferred-exit-node.path}) CURRENT_STATUS=$(status)
EXIT_NODE_ONLINE=$(tailscale status --json | ${pkgs.jq}/bin/jq .ExitNodeStatus.Online) case "$CURRENT_STATUS" in
if [ "$EXIT_NODE_ONLINE" == "true" ]; then $STATUS_DISCONNECTED)
tailscale set --exit-node="" && ${pkgs.libnotify}/bin/notify-send "Disconnected from Exit Node" ${pkgs.mullvad}/bin/mullvad connect --wait > /dev/null && ${pkgs.libnotify}/bin/notify-send "Connected to VPN";;
else $STATUS_CONNECTED)
tailscale set --exit-node=$PREFERRED_EXIT_NODE && ${pkgs.libnotify}/bin/notify-send "Connected to Exit Node" ${pkgs.mullvad}/bin/mullvad disconnect --wait > /dev/null && ${pkgs.libnotify}/bin/notify-send "Disconnected from VPN";;
fi esac
} }
case $1 in case $1 in
--toggle-exit-node) --toggle)
toggle-exit-node ;; toggle ;;
--output) --output)
output ;; output ;;
esac esac
@@ -126,12 +123,12 @@ in
modules-left = lib.mkIf hyprlandEnabled [ "hyprland/workspaces" ]; modules-left = lib.mkIf hyprlandEnabled [ "hyprland/workspaces" ];
modules-right = [ modules-right = [
"custom/work-vpn-status" "custom/work-vpn-status"
"custom/music" "custom/spotify"
"custom/container-status" "custom/container-status"
"custom/dunst" "custom/dunst"
"custom/mullvad"
"bluetooth" "bluetooth"
"wireplumber" "wireplumber"
"custom/tailscale"
"network" "network"
"battery" "battery"
"clock" "clock"
@@ -139,12 +136,12 @@ in
"custom/work-vpn-status" = { "custom/work-vpn-status" = {
exec = "${work-vpn-status}"; exec = "${work-vpn-status}";
interval = 2; interval = 1;
}; };
"custom/music" = { "custom/spotify" = {
exec = music-status; exec = spotify-status;
interval = 2; interval = 1;
max-length = 70; max-length = 70;
tooltip = false; tooltip = false;
}; };
@@ -152,21 +149,21 @@ in
"custom/container-status" = { "custom/container-status" = {
exec = "${container-status}"; exec = "${container-status}";
return-type = "json"; return-type = "json";
interval = 2; interval = 1;
}; };
"custom/dunst" = { "custom/dunst" = {
exec = notifications-status; exec = notifications-status;
on-click-right = "${pkgs.dunst}/bin/dunstctl set-paused toggle"; on-click-right = "${pkgs.dunst}/bin/dunstctl set-paused toggle";
interval = 2; interval = 1;
tooltip = false; tooltip = false;
}; };
"custom/tailscale" = { "custom/mullvad" = {
exec = "${tailscale} --output"; exec = "${mullvad} --output";
return-type = "json"; return-type = "json";
on-click-right = "${tailscale} --toggle-exit-node"; on-click-right = "${mullvad} --toggle";
interval = 2; interval = 1;
}; };
bluetooth = { bluetooth = {
@@ -197,15 +194,8 @@ in
"interval" = 60; "interval" = 60;
"format" = "<span font='10' rise='1000'>{icon}</span> {capacity}%"; "format" = "<span font='10' rise='1000'>{icon}</span> {capacity}%";
"format-time" = "{H}h {M}min"; "format-time" = "{H}h {M}min";
"format-charging" = "󰂄 {capacity}%"; "format-charging" ="󰂄 {capacity}%";
"format-icons" = [ "format-icons" = ["󰁺" "󰁻" "󰁽" "󰁿" "󰂁" "󰁹" ];
"󰁺"
"󰁻"
"󰁽"
"󰁿"
"󰂁"
"󰁹"
];
}; };
"clock" = { "clock" = {
@@ -222,10 +212,7 @@ in
height = 30; height = 30;
spacing = 20; spacing = 20;
fixed-center = false; fixed-center = false;
output = [ output = [ "HDMI-A-1" ];
"HDMI-A-1"
"DP-3"
];
modules-left = lib.mkIf hyprlandEnabled [ "hyprland/workspaces" ]; modules-left = lib.mkIf hyprlandEnabled [ "hyprland/workspaces" ];
modules-right = [ modules-right = [
@@ -235,7 +222,7 @@ in
"custom/work-vpn-status" = { "custom/work-vpn-status" = {
exec = "${work-vpn-status}"; exec = "${work-vpn-status}";
interval = 2; interval = 1;
}; };
"clock" = { "clock" = {
@@ -280,11 +267,7 @@ in
color: #${config.lib.colors.warning}; color: #${config.lib.colors.warning};
} }
#custom-tailscale { #custom-mullvad.disconnected {
font-size: 30px;
}
#custom-tailscale.disconnected {
color: #${config.lib.colors.warning}; color: #${config.lib.colors.warning};
} }
@@ -303,12 +286,4 @@ in
''; '';
}; };
}; };
age.secrets = {
"tailscale-preferred-exit-node" = {
file = ../../../../secrets/pinwheel/tailscale-preferred-exit-node.age;
owner = "alex";
group = "users";
};
};
} }

7
hosts/pinwheel/modules/wezterm/default.nix
View File

@@ -1,9 +1,4 @@
{ { pkgs, lib, config, ... }:
pkgs,
lib,
config,
...
}:
let let
enabled = config.mod.wezterm.enable; enabled = config.mod.wezterm.enable;

33
hosts/pinwheel/modules/work/default.nix
View File

@@ -1,9 +1,4 @@
{ { pkgs, lib, config, ... }:
pkgs,
lib,
config,
...
}:
let let
gitEnabled = config.mod.git.enable; gitEnabled = config.mod.git.enable;
goEnabled = config.mod.go.enable; goEnabled = config.mod.go.enable;
@@ -12,24 +7,20 @@ in
{ {
home-manager.users.alex = { home-manager.users.alex = {
home.sessionVariables = { home.sessionVariables = {
GITHUB_ACTOR = "Alexander Heldt"; GITHUB_ACTOR="Alexander Heldt";
GITHUB_TOKEN = "$(${pkgs.coreutils}/bin/cat ${config.age.secrets.work-github-token.path})"; GITHUB_TOKEN="$(${pkgs.coreutils}/bin/cat ${config.age.secrets.work-github-token.path})";
}; };
home.packages = [ home.packages = [
# (pkgs.callPackage ./pants.nix { inherit (pkgs) system; }) (pkgs.callPackage ./syb-cli.nix {})
# (pkgs.callPackage ./syb-cli.nix { }) (pkgs.callPackage ./pants.nix {})
(pkgs.jetbrains.plugins.addPlugins pkgs.jetbrains.idea-ultimate [ "ideavim" ]) (pkgs.jetbrains.plugins.addPlugins pkgs.jetbrains.idea-ultimate [ "ideavim" ])
(pkgs.google-cloud-sdk.withExtraComponents [ pkgs.google-cloud-sdk.components.gke-gcloud-auth-plugin ])
(pkgs.google-cloud-sdk.withExtraComponents [ (pkgs.graphite-cli.overrideAttrs(_: {
pkgs.google-cloud-sdk.components.gke-gcloud-auth-plugin version = "1.4.3";
]) }))
pkgs.xdg-utils # needed by graphite-cli
pkgs.graphite-cli
pkgs.postman
pkgs.grpcurl
# for `radio` # for `radio`
pkgs.go-mockery pkgs.go-mockery
@@ -37,9 +28,7 @@ in
]; ];
programs.go = lib.mkIf goEnabled { programs.go = lib.mkIf goEnabled {
env = { goPrivate = [ "$(${pkgs.coreutils}/bin/cat ${config.age.secrets.work-go-private.path})" ];
GOPRIVATE = [ "$(${pkgs.coreutils}/bin/cat ${config.age.secrets.work-go-private.path})" ];
};
}; };
programs.git = lib.mkIf gitEnabled { programs.git = lib.mkIf gitEnabled {

72
hosts/pinwheel/modules/work/pants.nix
View File

@@ -1,69 +1,47 @@
{ {
system, fetchurl,
pkgs, pkgs,
lib, lib,
...
}: }:
let let
pname = "pants";
version = "0.12.0"; version = "0.12.0";
if_let = v: p: if lib.attrsets.matchAttrs p v then v else null; scie-pants = pkgs.stdenv.mkDerivation {
match = inherit pname version;
v: l: builtins.elemAt (lib.lists.findFirst (x: (if_let v (builtins.elemAt x 0)) != null) null l) 1;
package = match { platform = system; } [ src = fetchurl {
[ url = "https://github.com/pantsbuild/scie-pants/releases/download/v${version}/scie-${pname}-linux-x86_64";
{ platform = "aarch64-linux"; }
{
url = "https://github.com/pantsbuild/scie-pants/releases/download/v${version}/scie-pants-linux-aarch64";
hash = lib.fakeSha256;
}
]
[
{ platform = "x86_64-linux"; }
{
url = "https://github.com/pantsbuild/scie-pants/releases/download/v${version}/scie-pants-linux-x86_64";
hash = "sha256-9PjgobndxVqDTYGtw1HESrtzwzH2qE9zFwR26xtwZrM="; hash = "sha256-9PjgobndxVqDTYGtw1HESrtzwzH2qE9zFwR26xtwZrM=";
} };
]
[
{ platform = "aarch64-darwin"; }
{
url = "https://github.com/pantsbuild/scie-pants/releases/download/v${version}/scie-pants-macos-aarch64";
hash = "sha256-1Ha8GAOl7mWVunGKf7INMjar+jnLXaDEPStqE+kK3D4=";
}
]
];
unpatched = pkgs.stdenv.mkDerivation { phases = ["installPhase" "patchPhase"];
name = "scie-pants";
version = version;
sourceRoot = ".";
phases = [
"installPhase"
"patchPhase"
];
src = pkgs.fetchurl package;
installPhase = '' installPhase = ''
runHook preInstall
mkdir -p $out/bin mkdir -p $out/bin
cp $src $out/bin/pants cp $src $out/bin/pants
chmod +x $out/bin/pants chmod +x $out/bin/pants
runHook postInstall
''; '';
}; };
in
patched = pkgs.buildFHSEnv { pkgs.buildFHSUserEnv {
name = "pants"; name = "pants";
targetPackages = [ pkgs.python39 ];
runScript = "${unpatched}/bin/pants"; targetPackages = with pkgs; [
python39
];
runScript = "${scie-pants}/bin/pants";
profile = '' profile = ''
export NIX_SSL_CERT_FILE="/etc/ssl/certs/ca-certificates.crt" export NIX_SSL_CERT_FILE="/etc/ssl/certs/ca-certificates.crt"
export SSL_CERT_FILE="/etc/ssl/certs/ca-bundle.crt" export SSL_CERT_FILE="/etc/ssl/certs/ca-bundle.crt"
''; '';
meta = with lib; {
description = "Protects your Pants from the elements";
homepage = "https://github.com/pantsbuild/scie-pants";
license = licenses.asl20;
maintainers = [];
platforms = [ "x86_64-linux" ];
mainProgram = "pants";
}; };
in }
if pkgs.stdenv.isDarwin then unpatched else patched

9
hosts/pinwheel/modules/zsh/default.nix
View File

@@ -1,9 +1,4 @@
{ { pkgs, lib, config, ... }:
pkgs,
lib,
config,
...
}:
let let
enabled = config.mod.zsh.enable; enabled = config.mod.zsh.enable;
in in
@@ -54,7 +49,7 @@ in
} }
]; ];
initContent = lib.strings.concatStringsSep "\n" [ initExtra = lib.strings.concatStringsSep "\n" [
"export KEYTIMEOUT=1" "export KEYTIMEOUT=1"
"bindkey -v '^?' backward-delete-char" "bindkey -v '^?' backward-delete-char"
"bindkey '^a' beginning-of-line" "bindkey '^a' beginning-of-line"

79
hosts/sombrero/configuration.nix Normal file
View File

@@ -0,0 +1,79 @@
{ pkgs, ... }:
{
imports =
[
../../config-manager/default.nix
../../shared-modules/syncthing.nix
./hardware-configuration.nix
./modules
];
nix.settings.experimental-features = [ "nix-command" "flakes" ];
nixpkgs.config.allowUnfree = true;
environment.variables.EDITOR = "vim";
hardware.enableRedistributableFirmware = true;
# Set your time zone.
time.timeZone = "Europe/Stockholm";
# Select internationalisation properties.
# i18n.defaultLocale = "en_US.UTF-8";
# console = {
# font = "Lat2-Terminus16";
# keyMap = "us";
# useXkbConfig = true; # use xkbOptions in tty.
# };
users = {
mutableUsers = false;
users.root = {
hashedPassword = "$6$3mkwaUWd8NA6XuEb$x80tETKGz6FEG.kej3v5Vh6hRNoC6bikhXogTP.zZwYtISA46JaN3RMK3ckbqt8Aj52d3krSLOfBaAR1qzuJ2/";
};
users."alex" = {
isNormalUser = true;
hashedPassword = "$6$3mkwaUWd8NA6XuEb$x80tETKGz6FEG.kej3v5Vh6hRNoC6bikhXogTP.zZwYtISA46JaN3RMK3ckbqt8Aj52d3krSLOfBaAR1qzuJ2/";
extraGroups = [ "wheel" ];
};
};
environment.systemPackages = with pkgs; [
gnumake
mkpasswd
vim
];
config-manager = {
flakePath = "/home/alex/config";
};
mod = {
git.enable = true;
ssh.enable = true;
docker.enable = true;
nginx.enable = true;
syncthing.enable = true;
plex.enable = true;
calibre-web.enable = true;
transmission.enable = true;
restic.enable = true;
pppdotpm-site.enable = false;
};
# Copy the NixOS configuration file and link it from the resulting system
# (/run/current-system/configuration.nix). This is useful in case you
# accidentally delete configuration.nix.
# system.copySystemConfiguration = true;
# This value determines the NixOS release from which the default
# settings for stateful data, like file locations and database versions
# on your system were taken. Its perfectly fine and recommended to leave
# this value at the release version of the first install of this system.
# Before changing this value read the documentation for this option
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
system.stateVersion = "22.11"; # Did you read the comment?
}

52
hosts/sombrero/hardware-configuration.nix Normal file
View File

@@ -0,0 +1,52 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ lib, modulesPath, ... }:
{
imports =
[ (modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = [ "xhci_pci" "usb_storage" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ ];
boot.extraModulePackages = [ ];
fileSystems."/" =
{ device = "/dev/disk/by-uuid/15329cb1-655e-475d-96f0-bfb8ccd05167";
fsType = "ext4";
};
fileSystems."/boot" =
{ device = "/dev/disk/by-uuid/AD29-0697";
fsType = "vfat";
};
fileSystems."/home/alex/media" =
{ device = "/dev/disk/by-uuid/ad4acc0f-172c-40f8-8473-777c957e8764";
fsType = "ext4";
options = [ "nofail" ];
};
fileSystems."/home/alex/backup" =
{ device = "/dev/disk/by-uuid/34601701-65e6-4b2c-ac4d-8bef3dfd743f";
fsType = "ext4";
options = [ "nofail" ];
};
swapDevices =
[ { device = "/dev/disk/by-uuid/98c46b15-7efe-43fd-8812-7e2c01f5a40a"; }
];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true;
# networking.interfaces.eth0.useDHCP = lib.mkDefault true;
# networking.interfaces.wlan0.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "aarch64-linux";
powerManagement.cpuFreqGovernor = lib.mkDefault "ondemand";
}

9
hosts/manatee/home.nix → hosts/sombrero/home.nix
View File

@@ -1,4 +1,4 @@
{ inputs, ... }: { inputs, pkgs, ... }:
{ {
imports = [ inputs.home-manager.nixosModules.home-manager ]; imports = [ inputs.home-manager.nixosModules.home-manager ];
@@ -13,10 +13,13 @@
home.username = "alex"; home.username = "alex";
home.homeDirectory = "/home/alex"; home.homeDirectory = "/home/alex";
home.packages = [ ]; home.packages = [
pkgs.unar
];
home.stateVersion = "24.11"; home.stateVersion = "22.11";
}; };
}; };
}; };
} }

2
hosts/manatee/modules/age/default.nix → hosts/sombrero/modules/age/default.nix
View File

@@ -4,7 +4,7 @@
config = { config = {
age = { age = {
identityPaths = [ "/etc/ssh/manatee" ]; identityPaths = [ "/etc/ssh/sombrero" ];
}; };
environment.systemPackages = [ environment.systemPackages = [

25
hosts/sombrero/modules/boot/default.nix Normal file
View File

@@ -0,0 +1,25 @@
{ pkgs, ... }: {
boot = {
loader = {
grub.enable = false;
efi.canTouchEfiVariables = true;
raspberryPi = {
enable = true;
version = 4;
};
};
tmp = {
useTmpfs = true;
};
kernelPackages = pkgs.linuxPackages_rpi4;
kernelParams = [
"8250.nr_uarts=1"
"console=ttyAMA0,115200"
"console=tty1"
"cma=128M"
];
};
}

52
hosts/sombrero/modules/calibre-web/default.nix Normal file
View File

@@ -0,0 +1,52 @@
{ lib, config, ... }:
let
enabled = config.mod.calibre-web.enable;
nginxEnabled = config.mod.nginx.enable;
in
{
options = {
mod.calibre-web = {
enable = lib.mkEnableOption "add calibre-web module";
};
};
config = lib.mkIf (enabled && nginxEnabled) {
services = {
calibre-web = {
enable = true;
user = "alex";
group = "users";
listen = {
ip = "127.0.0.1";
port = 8083;
};
options = {
calibreLibrary = "/home/alex/backup/books";
enableBookUploading = true;
};
};
};
networking = {
firewall = {
allowedTCPPorts = [ 8083 ];
};
};
services = {
nginx = {
virtualHosts."books.sombrero.a2x.se" = {
forceSSL = true;
enableACME = true;
locations."/" = {
proxyPass = "http://127.0.0.1:8083";
};
};
};
};
};
}

8
hosts/sombrero/modules/default.nix Normal file
View File

@@ -0,0 +1,8 @@
{ lib, ... }:
let
toModulePath = dir: _: ./. + "/${dir}";
filterDirs = dirs: lib.attrsets.filterAttrs (_: type: type == "directory") dirs;
in
{
imports = lib.mapAttrsToList toModulePath (filterDirs (builtins.readDir ./.));
}

29
hosts/sombrero/modules/docker/default.nix Normal file
View File

@@ -0,0 +1,29 @@
{ pkgs, lib, config, ... }:
let
enabled = config.mod.docker.enable;
in
{
options = {
mod.docker = {
enable = lib.mkEnableOption "enable docker module";
};
};
config = lib.mkIf enabled {
virtualisation = {
docker = {
enable = true;
};
oci-containers = {
backend = "docker";
};
};
users.users.alex.extraGroups = [ "docker" ];
home-manager.users.alex = {
home.packages = [ pkgs.docker-compose ];
};
};
}

11
hosts/manatee/modules/git/default.nix → hosts/sombrero/modules/git/default.nix
View File

@@ -1,9 +1,4 @@
{ { pkgs, lib, config, ... }:
pkgs,
lib,
config,
...
}:
let let
enabled = config.mod.git.enable; enabled = config.mod.git.enable;
in in
@@ -22,10 +17,6 @@ in
includes = [ includes = [
{ path = ./gitconfig; } { path = ./gitconfig; }
]; ];
extraConfig = {
rerere.enable = true;
};
}; };
home.packages = [ pkgs.tig ]; home.packages = [ pkgs.tig ];

5
hosts/manatee/modules/git/gitconfig → hosts/sombrero/modules/git/gitconfig
View File

@@ -5,5 +5,6 @@
[url "git@github.com:"] [url "git@github.com:"]
insteadOf = https://github.com/ insteadOf = https://github.com/
[url "gitea@git.ppp.pm:"] [url "git@codeberg.org:"]
insteadOf = https://git.ppp.pm/ insteadOf = https://codeberg.org/

6
hosts/sombrero/modules/mullvad/default.nix Normal file
View File

@@ -0,0 +1,6 @@
{ ... }:
{
services.mullvad-vpn = {
enable = true;
};
}

18
hosts/sombrero/modules/network/default.nix Normal file
View File

@@ -0,0 +1,18 @@
{
networking = {
hostName = "sombrero";
defaultGateway = "192.168.50.1";
nameservers = [ "8.8.8.8" ];
interfaces = {
eth0 = {
ipv4 = {
addresses = [{
address = "192.168.50.200";
prefixLength = 24;
}];
};
};
};
};
}

Some files were not shown because too many files have changed in this diff Show More