macronova/nixos-config
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Reformat with alejandra

Browse source
This commit is contained in:
Invariantspace 2024-08-14 11:14:20 -07:00
parent 7b2b5b3b80
commit 52a81ddb21
No known key found for this signature in database
GPG key ID: EBC4A20067373921
53 changed files with 764 additions and 746 deletions
Download patch file Download diff file Expand all files Collapse all files

12
linux/blitzar/configuration.nix
View file

@ -1,16 +1,15 @@
# Edit this configuration file to define what should be installed on
# your system. Help is available in the configuration.nix(5) man page
# and in the NixOS manual (accessible by running nixos-help).
{ pkgs, ... }:
{
{pkgs, ...}: {
# Configure boot
boot = {
initrd.systemd.enable = true;
loader = {
efi.canTouchEfiVariables = true;
grub = let yorha = pkgs.yorha-grub-theme; in {
grub = let
yorha = pkgs.yorha-grub-theme;
in {
enable = true;
device = "nodev";
efiSupport = true;
@ -22,7 +21,7 @@
enable = true;
extraConfig = "DeviceScale=1";
theme = "target_2";
themePackages = [ pkgs.adi1090x-plymouth-themes ];
themePackages = [pkgs.adi1090x-plymouth-themes];
};
};
@ -46,4 +45,3 @@
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
system.stateVersion = "24.05"; # Did you read the comment?
}

4
linux/blitzar/default.nix
View file

@ -1,6 +1,4 @@
{ inputs, ... }:
{
{inputs, ...}: {
imports = with inputs; [
disko.nixosModules.default
hardware.nixosModules.asus-zephyrus-ga402

23
linux/blitzar/device.nix
View file

@ -1,15 +1,16 @@
{ config, pkgs, ... }:
let
usr = config.constants.userName;
in
{
config,
pkgs,
...
}: let
usr = config.constants.userName;
in {
hardware = {
bluetooth.enable = true;
graphics.enable = true;
openrazer = {
enable = true;
users = [ usr ];
users = [usr];
};
};
@ -32,7 +33,7 @@ in
kanata = {
enable = true;
keyboards.core = {
devices = [ "/dev/input/by-id/usb-ASUSTeK_Computer_Inc._N-KEY_Device-if02-event-kbd" ];
devices = ["/dev/input/by-id/usb-ASUSTeK_Computer_Inc._N-KEY_Device-if02-event-kbd"];
config = ''
(defsrc
esc f1 f2 f3 f4 f5 f6 f7 f8 f9 f10 f11 f12 del
@ -46,7 +47,7 @@ in
_ _ _ _ _ _ _ _ _ _ _ _ _ _
_ _ _ _ _ _ _ _ _ _ _ _ _ _
_ _ _ _ _ _ _ _ _ _ _ _ _ _
_ _ _ _ _ _ _ _ _ _ _ _ _
_ _ _ _ _ _ _ _ _ _ _ _ _
_ _ _ _ _ _ _ _ _ _ _ _ _
_ _ _ _ _ @li _ _ _
)
@ -54,7 +55,7 @@ in
XX XX XX XX XX XX XX XX XX XX XX XX XX XX
XX XX XX XX XX XX XX XX XX XX XX XX XX XX
XX XX XX XX XX XX XX XX XX XX XX XX XX XX
XX XX XX XX XX XX XX XX XX XX XX XX XX
XX XX XX XX XX XX XX XX XX XX XX XX XX
XX XX XX XX XX @lb XX @lm XX XX XX XX XX
XX XX XX XX XX XX XX XX XX
)
@ -62,7 +63,7 @@ in
XX XX XX XX XX XX XX XX XX XX XX XX XX XX
XX XX XX XX XX XX XX XX XX XX XX XX XX XX
XX XX XX XX XX XX XX XX XX XX XX XX XX XX
XX XX XX XX XX XX XX XX XX XX XX XX XX
XX XX XX XX XX XX XX XX XX XX XX XX XX
XX XX XX XX XX XX XX XX prev next XX XX XX
XX XX XX pp XX @li XX XX XX
)
@ -86,7 +87,7 @@ in
printing.enable = true;
};
users.users.${usr}.extraGroups = [ "adbusers" "cdrom" ];
users.users.${usr}.extraGroups = ["adbusers" "cdrom"];
virtualisation = {
containers.enable = true;

4
linux/blitzar/disko.nix
View file

@ -1,6 +1,4 @@
{ ... }:
{
{...}: {
disko.devices = {
# Partition the physical disk
disk.storage = {

206
linux/blitzar/gui.nix
View file

@ -1,9 +1,19 @@
{ config, pkgs, ... }:
let usr = config.constants.userName; in {
home-manager.users.${usr} = { config, pkgs, ... }:
let xdgCfg = config.xdg; in {
home.packages = with pkgs; [
{
config,
pkgs,
...
}: let
usr = config.constants.userName;
in {
home-manager.users.${usr} = {
config,
pkgs,
...
}: let
xdgCfg = config.xdg;
in {
home.packages = with pkgs;
[
feishin
hunspell
hunspellDicts.en-us-large
@ -20,114 +30,106 @@ let usr = config.constants.userName; in {
thunderbird
winetricks
wineWowPackages.stagingFull
] ++ (with kdePackages; [
]
++ (with kdePackages; [
k3b
kdepim-addons
merkuro
]);
programs = {
firefox.enable = true;
git.signing = {
key = "0x6A815D4CB1637AAC";
signByDefault = true;
};
gpg = {
enable = true;
homedir = "${xdgCfg.dataHome}/gnupg";
};
kitty = {
enable = true;
settings = {
background_opacity = "0.96";
remember_window_size = "no";
};
theme = "Tokyo Night Moon";
};
mpv = {
enable = true;
config = {
osd-bar = "no";
border = "no";
};
scripts = with pkgs.mpvScripts; [
mpris
thumbfast
uosc
vr-reversal
];
};
obs-studio.enable = true;
plasma.enable = true;
zathura = {
enable = true;
options = {
completion-bg = "#504945";
completion-fg = "#ebdbb2";
completion-group-bg = "#3c3836";
completion-group-fg = "#928374";
completion-highlight-bg = "#83a598";
completion-highlight-fg = "#504945";
default-bg = "#1d2021";
default-fg = "#ebdbb2";
highlight-active-color = "#fe8019";
highlight-color = "#fabd2f";
index-active-bg = "#83a598";
index-active-fg = "#504945";
index-bg = "#504945";
index-fg = "#ebdbb2";
inputbar-bg = "#1d2021";
inputbar-fg = "#ebdbb2";
notification-bg = "#1d2021";
notification-error-bg = "#1d2021";
notification-error-fg = "#fb4934";
notification-fg = "#b8bb26";
notification-warning-bg = "#1d2021";
notification-warning-fg = "#fabd2f";
recolor = "true";
recolor-darkcolor = "#ebdbb2";
recolor-keephue = "true";
recolor-lightcolor = "#1d2021";
render-loading = "true";
render-loading-bg = "#1d2021";
render-loading-fg = "#ebdbb2";
selection-clipboard = "clipboard";
statusbar-bg = "#504945";
statusbar-fg = "#ebdbb2";
};
};
programs = {
git.signing = {
key = "0x6A815D4CB1637AAC";
signByDefault = true;
};
services = {
easyeffects.enable = true;
gpg-agent = {
enable = true;
pinentryPackage = pkgs.pinentry-qt;
gpg = {
enable = true;
homedir = "${xdgCfg.dataHome}/gnupg";
};
mpv = {
enable = true;
config = {
osd-bar = "no";
border = "no";
};
xsettingsd = {
enable = true;
settings = {
"Gdk/UnscaledDPI" = 98304;
"Gdk/WindowScalingFactor" = 2;
"Gtk/EnableAnimations" = 1;
"Gtk/DecorationLayout" = "icon:minimize,maximize,close";
"Net/ThemeName" = "Sweet-Ambar-Blue";
"Gtk/PrimaryButtonWarpsSlider" = 1;
"Gtk/ToolbarStyle" = 3;
"Gtk/MenuImages" = 1;
"Gtk/ButtonImages" = 1;
"Gtk/CursorThemeSize" = 96;
"Gtk/CursorThemeName" = "Sweet-cursors";
"Net/SoundThemeName" = "yorha";
"Net/IconThemeName" = "Sweet-Rainbow";
"Gtk/FontName" = "Noto Sans, 10";
};
scripts = with pkgs.mpvScripts; [
mpris
thumbfast
uosc
vr-reversal
];
};
obs-studio.enable = true;
plasma.enable = true;
zathura = {
enable = true;
options = {
completion-bg = "#504945";
completion-fg = "#ebdbb2";
completion-group-bg = "#3c3836";
completion-group-fg = "#928374";
completion-highlight-bg = "#83a598";
completion-highlight-fg = "#504945";
default-bg = "#1d2021";
default-fg = "#ebdbb2";
highlight-active-color = "#fe8019";
highlight-color = "#fabd2f";
index-active-bg = "#83a598";
index-active-fg = "#504945";
index-bg = "#504945";
index-fg = "#ebdbb2";
inputbar-bg = "#1d2021";
inputbar-fg = "#ebdbb2";
notification-bg = "#1d2021";
notification-error-bg = "#1d2021";
notification-error-fg = "#fb4934";
notification-fg = "#b8bb26";
notification-warning-bg = "#1d2021";
notification-warning-fg = "#fabd2f";
recolor = "true";
recolor-darkcolor = "#ebdbb2";
recolor-keephue = "true";
recolor-lightcolor = "#1d2021";
render-loading = "true";
render-loading-bg = "#1d2021";
render-loading-fg = "#ebdbb2";
selection-clipboard = "clipboard";
statusbar-bg = "#504945";
statusbar-fg = "#ebdbb2";
};
};
};
services = {
easyeffects.enable = true;
gpg-agent = {
enable = true;
pinentryPackage = pkgs.pinentry-qt;
};
xsettingsd = {
enable = true;
settings = {
"Gdk/UnscaledDPI" = 98304;
"Gdk/WindowScalingFactor" = 2;
"Gtk/EnableAnimations" = 1;
"Gtk/DecorationLayout" = "icon:minimize,maximize,close";
"Net/ThemeName" = "Sweet-Ambar-Blue";
"Gtk/PrimaryButtonWarpsSlider" = 1;
"Gtk/ToolbarStyle" = 3;
"Gtk/MenuImages" = 1;
"Gtk/ButtonImages" = 1;
"Gtk/CursorThemeSize" = 96;
"Gtk/CursorThemeName" = "Sweet-cursors";
"Net/SoundThemeName" = "yorha";
"Net/IconThemeName" = "Sweet-Rainbow";
"Gtk/FontName" = "Noto Sans, 10";
};
};
};
};
i18n.inputMethod = {
enable = true;
type = "fcitx5";
fcitx5.addons = with pkgs; [ fcitx5-nord fcitx5-rime ];
fcitx5.addons = with pkgs; [fcitx5-nord fcitx5-rime];
};
programs = {
@ -148,7 +150,7 @@ let usr = config.constants.userName; in {
};
xserver = {
enable = true;
videoDrivers = [ "amdgpu" ];
videoDrivers = ["amdgpu"];
};
};
}

23
linux/blitzar/hardware-configuration.nix
View file

@ -1,18 +1,21 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
imports =
[
(modulesPath + "/installer/scan/not-detected.nix")
];
config,
lib,
pkgs,
modulesPath,
...
}: {
imports = [
(modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "usbhid" "sdhci_pci" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-amd" ];
boot.extraModulePackages = [ ];
boot.initrd.availableKernelModules = ["nvme" "xhci_pci" "usbhid" "sdhci_pci"];
boot.initrd.kernelModules = [];
boot.kernelModules = ["kvm-amd"];
boot.extraModulePackages = [];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's

4
linux/blitzar/network.nix
View file

@ -1,6 +1,4 @@
{ ... }:
{
{...}: {
networking = {
hostId = "30f8f777";
networkmanager = {

11
linux/blitzar/syncthing.nix
View file

@ -1,24 +1,21 @@
{ ... }:
{
{...}: {
services.syncthing = {
enable = true;
settings.folders = {
game-data = {
devices = [ "protostar" ];
devices = ["protostar"];
path = "~/Game/data";
type = "sendonly";
};
game-save = {
devices = [ "protostar" ];
devices = ["protostar"];
path = "~/Game/save";
};
music = {
devices = [ "nebula" ];
devices = ["nebula"];
path = "~/Music";
type = "sendonly";
};
};
};
}

4
linux/blitzar/tailscale.nix
View file

@ -1,6 +1,4 @@
{ ... }:
{
{...}: {
services.tailscale = {
enable = true;
port = 22276;

60
linux/blitzar/zfs.nix
View file

@ -1,6 +1,8 @@
{ config, lib, ... }:
{
config,
lib,
...
}: {
boot = {
kernelPackages = config.boot.zfs.package.latestCompatibleLinuxPackages;
loader.grub.zfsSupport = true;
@ -15,60 +17,71 @@
enable = true;
settings = {
global = {
logging = [{
type = "syslog";
level = "info";
format = "human";
}];
logging = [
{
type = "syslog";
level = "info";
format = "human";
}
];
};
jobs = [
{
name = "snapshot";
type = "snap";
filesystems = { "zroot/main/home" = true; };
filesystems = {"zroot/main/home" = true;};
snapshotting = {
type = "periodic";
prefix = "zrepl-";
interval = "1h";
};
pruning = {
keep = [{
type = "grid";
regex = "^zrepl-.*";
grid = lib.concatStringsSep " | " [ "1x1h(keep=all)" "24x1h" "7x1d" "4x1w" ];
}];
keep = [
{
type = "grid";
regex = "^zrepl-.*";
grid = lib.concatStringsSep " | " ["1x1h(keep=all)" "24x1h" "7x1d" "4x1w"];
}
];
};
}
{
name = "push-to-local-drive";
type = "push";
send = { encrypted = true; };
send = {encrypted = true;};
connect = {
type = "local";
listener_name = "sink-to-local-drive";
client_identity = config.networking.hostName;
};
filesystems = { "zroot/main/home" = true; };
filesystems = {"zroot/main/home" = true;};
replication = {
protection = {
initial = "guarantee_resumability";
incremental = "guarantee_incremental";
};
};
snapshotting = { type = "manual"; };
snapshotting = {type = "manual";};
pruning = {
keep_sender = [{ type = "regex"; regex = ".*"; }];
keep_receiver = [{
type = "grid";
regex = "^zrepl-.*";
grid = lib.concatStringsSep " | " [ "1x1h(keep=all)" "365x1d" "52x1w" ];
}];
keep_sender = [
{
type = "regex";
regex = ".*";
}
];
keep_receiver = [
{
type = "grid";
regex = "^zrepl-.*";
grid = lib.concatStringsSep " | " ["1x1h(keep=all)" "365x1d" "52x1w"];
}
];
};
}
{
name = "sink-to-local-drive";
type = "sink";
recv = { placeholder = { encryption = "off"; }; };
recv = {placeholder = {encryption = "off";};};
root_fs = "zbackup";
serve = {
type = "local";
@ -79,4 +92,3 @@
};
};
}

5
linux/comet/configuration.nix
View file

@ -1,10 +1,7 @@
# Edit this configuration file to define what should be installed on
# your system. Help is available in the configuration.nix(5) man page
# and in the NixOS manual (accessible by running nixos-help).
{ ... }:
{
{...}: {
# Configure boot loader
boot.loader = {
efi.canTouchEfiVariables = true;

4
linux/comet/default.nix
View file

@ -1,6 +1,4 @@
{ inputs, ... }:
{
{inputs, ...}: {
imports = with inputs; [
hardware.nixosModules.common-cpu-intel
../../common

43
linux/comet/hardware-configuration.nix
View file

@ -1,32 +1,33 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
imports =
[
(modulesPath + "/installer/scan/not-detected.nix")
];
config,
lib,
pkgs,
modulesPath,
...
}: {
imports = [
(modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = [ "ahci" "xhci_pci" "usbhid" "uas" "sd_mod" "sdhci_acpi" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ];
boot.initrd.availableKernelModules = ["ahci" "xhci_pci" "usbhid" "uas" "sd_mod" "sdhci_acpi"];
boot.initrd.kernelModules = [];
boot.kernelModules = ["kvm-intel"];
boot.extraModulePackages = [];
fileSystems."/" =
{
device = "/dev/disk/by-uuid/9f65c4b3-1c87-42a0-8c1d-f3c1ff2e71b1";
fsType = "ext4";
};
fileSystems."/" = {
device = "/dev/disk/by-uuid/9f65c4b3-1c87-42a0-8c1d-f3c1ff2e71b1";
fsType = "ext4";
};
fileSystems."/boot" =
{
device = "/dev/disk/by-uuid/1C5A-E5B5";
fsType = "vfat";
};
fileSystems."/boot" = {
device = "/dev/disk/by-uuid/1C5A-E5B5";
fsType = "vfat";
};
swapDevices = [ ];
swapDevices = [];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's

4
linux/comet/network.nix
View file

@ -1,6 +1,4 @@
{ ... }:
{
{...}: {
networking = {
hostId = "3ddd2ad2";
nftables.enable = true;

4
linux/comet/tailscale.nix
View file

@ -1,6 +1,4 @@
{ ... }:
{
{...}: {
services.tailscale = {
enable = true;
port = 12765;

4
linux/nebula/conduit.nix
View file

@ -1,6 +1,4 @@
{ config, ... }:
{
{config, ...}: {
services.matrix-conduit = {
enable = true;
settings.global = with config.constants; {

6
linux/nebula/configuration.nix
View file

@ -1,10 +1,7 @@
# Edit this configuration file to define what should be installed on
# your system. Help is available in the configuration.nix(5) man page
# and in the NixOS manual (accessible by running `nixos-help`).
{ ... }:
{
{...}: {
# Configure boot loader
boot.loader = {
efi.canTouchEfiVariables = true;
@ -22,4 +19,3 @@
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
system.stateVersion = "24.05"; # Did you read the comment?
}

4
linux/nebula/default.nix
View file

@ -1,6 +1,4 @@
{ inputs, ... }:
{
{inputs, ...}: {
imports = with inputs; [
disko.nixosModules.default
hardware.nixosModules.common-cpu-amd

5
linux/nebula/disko.nix
View file

@ -1,6 +1,4 @@
{ ... }:
{
{...}: {
disko.devices = {
# Partition the physical disk
disk.storage = {
@ -77,5 +75,4 @@
};
};
};
}

4
linux/nebula/forgejo.nix
View file

@ -1,6 +1,4 @@
{ config, ... }:
{
{config, ...}: {
services.forgejo = {
enable = true;
settings = {

23
linux/nebula/hardware-configuration.nix
View file

@ -1,18 +1,21 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
imports =
[
(modulesPath + "/installer/scan/not-detected.nix")
];
config,
lib,
pkgs,
modulesPath,
...
}: {
imports = [
(modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "usbhid" "uas" "sd_mod" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-amd" ];
boot.extraModulePackages = [ ];
boot.initrd.availableKernelModules = ["nvme" "xhci_pci" "usbhid" "uas" "sd_mod"];
boot.initrd.kernelModules = [];
boot.kernelModules = ["kvm-amd"];
boot.extraModulePackages = [];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's

15
linux/nebula/jellyfin.nix
View file

@ -1,11 +1,12 @@
{ config, pkgs, ... }:
let
{
config,
pkgs,
...
}: let
const = config.constants;
ports = const.port;
usr = const.userName;
in
{
in {
hardware.graphics.enable = true;
services = {
@ -38,7 +39,7 @@ in
};
};
sops.secrets.aria2 = { };
sops.secrets.aria2 = {};
users.users.${usr}.extraGroups = [ config.systemd.services.aria2.serviceConfig.Group ];
users.users.${usr}.extraGroups = [config.systemd.services.aria2.serviceConfig.Group];
}

6
linux/nebula/network.nix
View file

@ -1,8 +1,6 @@
{ config, ... }:
{
{config, ...}: {
networking = {
firewall.trustedInterfaces = [ config.services.tailscale.interfaceName ];
firewall.trustedInterfaces = [config.services.tailscale.interfaceName];
hostId = "e6449321";
networkmanager = {
enable = true;

6
linux/nebula/syncthing.nix
View file

@ -1,10 +1,8 @@
{ ... }:
{
{...}: {
services.syncthing = {
enable = true;
settings.folders.music = {
devices = [ "blitzar" ];
devices = ["blitzar"];
path = "~/Music";
type = "receiveonly";
};

4
linux/nebula/tailscale.nix
View file

@ -1,6 +1,4 @@
{ ... }:
{
{...}: {
services.tailscale = {
enable = true;
port = 25555;

4
linux/nebula/writefreely.nix
View file

@ -1,6 +1,4 @@
{ config, ... }:
{
{config, ...}: {
services.writefreely = with config.constants; {
enable = true;
host = "writefreely.${domain}";

7
linux/nebula/zfs.nix
View file

@ -1,7 +1,4 @@
{ config, ... }:
{
{config, ...}: {
boot = {
kernelPackages = config.boot.zfs.package.latestCompatibleLinuxPackages;
loader.grub.zfsSupport = true;
@ -11,6 +8,4 @@
autoScrub.enable = true;
trim.enable = true;
};
}

7
linux/protostar/configuration.nix
View file

@ -1,10 +1,7 @@
# Edit this configuration file to define what should be installed on
# your system. Help is available in the configuration.nix(5) man page
# and in the NixOS manual (accessible by running `nixos-help`).
{ ... }:
{
{...}: {
# Configuration boot
boot.loader = {
efi.canTouchEfiVariables = true;
@ -27,6 +24,4 @@
# Before changing this value read the documentation for this option
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
system.stateVersion = "24.05"; # Did you read the comment?
}

4
linux/protostar/default.nix
View file

@ -1,6 +1,4 @@
{ inputs, ... }:
{
{inputs, ...}: {
imports = with inputs; [
disko.nixosModules.default
jovian.nixosModules.default

5
linux/protostar/disko.nix
View file

@ -1,6 +1,4 @@
{ ... }:
{
{...}: {
disko.devices = {
# Partition the physical disk
disk.storage = {
@ -69,5 +67,4 @@
};
};
};
}

17
linux/protostar/gui.nix
View file

@ -1,10 +1,12 @@
{ config, inputs, pkgs, ... }:
let
{
config,
inputs,
pkgs,
...
}: let
usr = config.constants.userName;
jovianPkgs = pkgs.extend inputs.jovian.overlays.default;
in
{
in {
home-manager.users.${usr} = {
home.packages = with jovianPkgs; [
feishin
@ -20,10 +22,7 @@ in
winetricks
wineWowPackages.stagingFull
];
programs = {
firefox.enable = true;
plasma.enable = true;
};
programs.plasma.enable = true;
};
jovian = {
devices.steamdeck = {

23
linux/protostar/hardware-configuration.nix
View file

@ -1,18 +1,21 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
imports =
[
(modulesPath + "/installer/scan/not-detected.nix")
];
config,
lib,
pkgs,
modulesPath,
...
}: {
imports = [
(modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "usbhid" "sdhci_pci" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-amd" ];
boot.extraModulePackages = [ ];
boot.initrd.availableKernelModules = ["nvme" "xhci_pci" "usbhid" "sdhci_pci"];
boot.initrd.kernelModules = [];
boot.kernelModules = ["kvm-amd"];
boot.extraModulePackages = [];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's

6
linux/protostar/network.nix
View file

@ -1,8 +1,6 @@
{ config, ... }:
{
{config, ...}: {
networking = {
firewall.trustedInterfaces = [ config.services.tailscale.interfaceName ];
firewall.trustedInterfaces = [config.services.tailscale.interfaceName];
hostId = "74247225";
networkmanager.enable = true;
nftables.enable = true;

8
linux/protostar/syncthing.nix
View file

@ -1,16 +1,14 @@
{ ... }:
{
{...}: {
services.syncthing = {
enable = true;
settings.folders = {
game-data = {
devices = [ "blitzar" ];
devices = ["blitzar"];
path = "~/Game/data";
type = "receiveonly";
};
game-save = {
devices = [ "blitzar" ];
devices = ["blitzar"];
path = "~/Game/save";
};
};

4
linux/protostar/tailscale.nix
View file

@ -1,6 +1,4 @@
{ ... }:
{
{...}: {
services.tailscale = {
enable = true;
port = 25172;

5
linux/protostar/zfs.nix
View file

@ -1,9 +1,6 @@
{ ... }:
{
{...}: {
services.zfs = {
autoScrub.enable = true;
trim.enable = true;
};
}

123
linux/singularity/caddy.nix
View file

@ -1,70 +1,72 @@
{ config, pkgs, ... }:
{
config,
pkgs,
...
}: {
services.caddy = {
enable = true;
email = config.constants.postMaster;
virtualHosts =
let
dn = config.constants.domain;
homeSrv = s: "nebula:${portStr.${s}}";
localSrv = s: "${config.constants.localhost}:${portStr.${s}}";
msfqdn = config.mailserver.fqdn;
mtfqdn = "matrix.${dn}";
portStr = builtins.mapAttrs (n: v: toString v) config.constants.port;
wn = s: "/.well-known/${s}";
in
{
"${dn}".extraConfig = let wnm = wn "matrix"; in ''
header ${wnm}/* Content-Type application/json
header ${wnm}/* Access-Control-Allow-Origin *
respond ${wnm}/server `{ "m.server": "${mtfqdn}:${portStr.https}" }`
respond ${wnm}/client `{
"m.homeserver": { "base_url": "https://${mtfqdn}" },
"m.identity_server": { "base_url": "https://${mtfqdn}" }
}`
'';
"aria2.${dn}".extraConfig = ''
reverse_proxy /jsonrpc ${homeSrv "aria2"}
file_server {
root ${pkgs.ariang}/share/ariang
virtualHosts = let
dn = config.constants.domain;
homeSrv = s: "nebula:${portStr.${s}}";
localSrv = s: "${config.constants.localhost}:${portStr.${s}}";
msfqdn = config.mailserver.fqdn;
mtfqdn = "matrix.${dn}";
portStr = builtins.mapAttrs (n: v: toString v) config.constants.port;
wn = s: "/.well-known/${s}";
in {
"${dn}".extraConfig = let
wnm = wn "matrix";
in ''
header ${wnm}/* Content-Type application/json
header ${wnm}/* Access-Control-Allow-Origin *
respond ${wnm}/server `{ "m.server": "${mtfqdn}:${portStr.https}" }`
respond ${wnm}/client `{
"m.homeserver": { "base_url": "https://${mtfqdn}" },
"m.identity_server": { "base_url": "https://${mtfqdn}" }
}`
'';
"aria2.${dn}".extraConfig = ''
reverse_proxy /jsonrpc ${homeSrv "aria2"}
file_server {
root ${pkgs.ariang}/share/ariang
}
'';
"forgejo.${dn}".extraConfig = ''
reverse_proxy ${homeSrv "forgejo"}
'';
"headscale.${dn}".extraConfig = ''
reverse_proxy ${localSrv "headscale"}
'';
"jellyfin.${dn}".extraConfig = ''
reverse_proxy ${homeSrv "jellyfin"}
'';
"jellyseerr.${dn}".extraConfig = ''
reverse_proxy ${homeSrv "jellyseerr"}
'';
${msfqdn} = {
extraConfig = ''
file_server ${wn "acme-challenge"}/* {
root ${config.security.acme.defaults.webroot}/
}
'';
"forgejo.${dn}".extraConfig = ''
reverse_proxy ${homeSrv "forgejo"}
'';
"headscale.${dn}".extraConfig = ''
reverse_proxy ${localSrv "headscale"}
'';
"jellyfin.${dn}".extraConfig = ''
reverse_proxy ${homeSrv "jellyfin"}
'';
"jellyseerr.${dn}".extraConfig = ''
reverse_proxy ${homeSrv "jellyseerr"}
'';
${msfqdn} = {
extraConfig = ''
file_server ${wn "acme-challenge"}/* {
root ${config.security.acme.defaults.webroot}/
}
'';
useACMEHost = msfqdn;
};
"matrix.${dn}".extraConfig = ''
reverse_proxy /_matrix/* ${homeSrv "conduit"}
file_server {
root ${pkgs.cinny}
}
'';
"vault.${dn}".extraConfig = ''
reverse_proxy ${localSrv "vault"} {
header_up X-Real-IP {remote_host}
}
'';
"writefreely.${dn}".extraConfig = ''
reverse_proxy ${homeSrv "writefreely"}
'';
useACMEHost = msfqdn;
};
"matrix.${dn}".extraConfig = ''
reverse_proxy /_matrix/* ${homeSrv "conduit"}
file_server {
root ${pkgs.cinny}
}
'';
"vault.${dn}".extraConfig = ''
reverse_proxy ${localSrv "vault"} {
header_up X-Real-IP {remote_host}
}
'';
"writefreely.${dn}".extraConfig = ''
reverse_proxy ${homeSrv "writefreely"}
'';
};
};
security.acme = {
@ -74,5 +76,4 @@
webroot = "/var/lib/acme/acme-challenge";
};
};
}

5
linux/singularity/configuration.nix
View file

@ -1,7 +1,4 @@
{ ... }:
{
{...}: {
boot = {
tmp.cleanOnBoot = true;
loader.grub.device = "/dev/sda";

4
linux/singularity/default.nix
View file

@ -1,6 +1,4 @@
{ inputs, ... }:
{
{inputs, ...}: {
imports = with inputs; [
mailserver.nixosModules.default
../../common

26
linux/singularity/hardware-configuration.nix
View file

@ -1,28 +1,34 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
imports = [ (modulesPath + "/profiles/qemu-guest.nix") ];
config,
lib,
pkgs,
modulesPath,
...
}: {
imports = [(modulesPath + "/profiles/qemu-guest.nix")];
# boot.initrd.availableKernelModules =
# [ "ata_piix" "virtio_pci" "virtio_scsi" "sd_mod" ];
# boot.initrd.kernelModules = [ ];
boot.kernelModules = [ ];
boot.extraModulePackages = [ ];
boot.kernelModules = [];
boot.extraModulePackages = [];
# fileSystems."/" = {
# device = "/dev/disk/by-uuid/6d3bf8cd-1996-45fb-";
# fsType = "ext4";
# };
boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "xen_blkfront" "vmw_pvscsi" ];
boot.initrd.kernelModules = [ "nvme" ];
fileSystems."/" = { device = "/dev/sda3"; fsType = "ext4"; };
boot.initrd.availableKernelModules = ["ata_piix" "uhci_hcd" "xen_blkfront" "vmw_pvscsi"];
boot.initrd.kernelModules = ["nvme"];
fileSystems."/" = {
device = "/dev/sda3";
fsType = "ext4";
};
swapDevices = [ ];
swapDevices = [];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's

4
linux/singularity/headscale.nix
View file

@ -1,6 +1,4 @@
{ config, ... }:
{
{config, ...}: {
services = {
headscale = with config.constants; {
enable = true;

13
linux/singularity/mailserver.nix
View file

@ -1,24 +1,21 @@
{ config, ... }:
let
{config, ...}: let
dn = config.constants.domain;
usr = config.constants.userName;
mailSecret = "mail/${usr}/password";
in
{
in {
mailserver = {
enable = true;
fqdn = "mail.${dn}";
domains = [ dn ];
domains = [dn];
loginAccounts = {
"${usr}@${dn}" = {
aliases = [ config.constants.postMaster ];
aliases = [config.constants.postMaster];
hashedPasswordFile = config.sops.secrets.${mailSecret}.path;
};
};
certificateScheme = "acme";
};
sops.secrets.${mailSecret} = { };
sops.secrets.${mailSecret} = {};
}

10
linux/singularity/network.nix
View file

@ -1,8 +1,8 @@
{ config, ... }:
let hn = config.networking.hostName; in {
{config, ...}: let
hn = config.networking.hostName;
in {
networking = {
firewall.allowedTCPPorts = with config.constants.port; [ http https ];
firewall.allowedTCPPorts = with config.constants.port; [http https];
hostId = "2cadb253";
nftables.enable = true;
};
@ -16,5 +16,5 @@ let hn = config.networking.hostName; in {
openssh.enable = true;
};
sops.secrets."cloudflare/${hn}" = { };
sops.secrets."cloudflare/${hn}" = {};
}

8
linux/singularity/vaultwarden.nix
View file

@ -1,9 +1,9 @@
{ config, ... }:
{
{config, ...}: {
services.vaultwarden = {
enable = true;
config = let const = config.constants; in {
config = let
const = config.constants;
in {
# Disable signup
SIGNUPS_ALLOWED = false;
# Specify service port