macronova/nixos-config
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Refactor configs

Browse source
This commit is contained in:
Invariantspace 2024-08-31 21:13:43 -07:00
parent 84f7bc915f
commit 9710cae748
No known key found for this signature in database
GPG key ID: EBC4A20067373921
12 changed files with 125 additions and 128 deletions
Download patch file Download diff file Expand all files Collapse all files

6
linux/blitzar/device.nix
View file

@ -3,7 +3,7 @@
pkgs,
...
}: let
usr = config.constants.userName;
userName = config.constants.userName;
in {
hardware = {
bluetooth.enable = true;
@ -11,7 +11,7 @@ in {
keyboard.qmk.enable = true;
openrazer = {
enable = true;
users = [usr];
users = [userName];
};
};
@ -89,7 +89,7 @@ in {
udev.packages = [pkgs.via];
};
users.users.${usr}.extraGroups = ["adbusers" "cdrom"];
users.users.${userName}.extraGroups = ["adbusers" "cdrom"];
virtualisation = {
containers.enable = true;

19
linux/blitzar/gui.nix
View file

@ -3,9 +3,9 @@
pkgs,
...
}: let
usr = config.constants.userName;
userName = config.constants.userName;
in {
home-manager.users.${usr} = {
home-manager.users.${userName} = {
config,
pkgs,
...
@ -14,11 +14,8 @@ in {
in {
home.packages = with pkgs; [
feishin
hunspell
hunspellDicts.en-us-large
jellyfin-mpv-shim
joplin-desktop
libreoffice-qt6-fresh
lutris
nheko
nvtopPackages.amd
@ -55,7 +52,14 @@ in {
];
};
obs-studio.enable = true;
plasma.enable = true;
plasma.input.touchpads = [
{
enable = false;
name = "ASUE120A:00 04F3:319B Touchpad";
productId = "319B";
vendorId = "04F3";
}
];
zathura = {
enable = true;
options = {
@ -140,10 +144,9 @@ in {
};
services = {
colord.enable = true;
desktopManager.plasma6.enable = true;
displayManager = {
autoLogin.user = usr;
autoLogin.user = userName;
sddm = {
enable = true;
wayland.enable = true;

26
linux/nebula/conduit.nix
View file

@ -1,10 +1,24 @@
{config, ...}: {
services.matrix-conduit = {
enable = true;
settings.global = with config.constants; {
address = wildcard;
port = port.conduit;
server_name = domain;
services = with config.constants; {
coturn = {
enable = true;
realm = localhost;
static-auth-secret-file = config.sops.secrets.coturn.path;
use-auth-secret = true;
};
matrix-conduit = {
enable = true;
settings.global = {
address = wildcard;
port = port.conduit;
turn_secret = "TbbL8a4tsv6HkR9esjkPa4$fTKX";
turn_uris = [
"turn:${localhost}?transport=udp"
"turn:${localhost}?transport=tcp"
];
server_name = domain;
};
};
};
sops.secrets.coturn = {};
}

19
linux/nebula/jellyfin.nix
View file

@ -2,11 +2,8 @@
config,
pkgs,
...
}: let
const = config.constants;
ports = const.port;
usr = const.userName;
in {
}:
with config.constants; {
hardware.graphics.enable = true;
services = {
@ -17,29 +14,29 @@ in {
check-integrity = true;
max-concurrent-downloads = 16;
rpc-listen-all = true;
rpc-listen-port = ports.aria2;
rpc-listen-port = port.aria2;
};
};
jellyfin = {
enable = true;
user = usr;
user = userName;
};
jellyseerr = {
enable = true;
port = ports.jellyseerr;
port = port.jellyseerr;
};
prowlarr.enable = true;
radarr = {
enable = true;
user = usr;
user = userName;
};
sonarr = {
enable = true;
user = usr;
user = userName;
};
};
sops.secrets.aria2 = {};
users.users.${usr}.extraGroups = [config.systemd.services.aria2.serviceConfig.Group];
users.users.${userName}.extraGroups = [config.systemd.services.aria2.serviceConfig.Group];
}

7
linux/protostar/gui.nix
View file

@ -4,10 +4,10 @@
pkgs,
...
}: let
usr = config.constants.userName;
userName = config.constants.userName;
jovianPkgs = pkgs.extend inputs.jovian.overlays.default;
in {
home-manager.users.${usr} = {
home-manager.users.${userName} = {
home.packages = with jovianPkgs; [
feishin
lutris
@ -22,7 +22,6 @@ in {
winetricks
wineWowPackages.stagingFull
];
programs.plasma.enable = true;
};
jovian = {
devices.steamdeck = {
@ -33,7 +32,7 @@ in {
enable = true;
autoStart = true;
desktopSession = "plasma";
user = usr;
user = userName;
};
};

40
linux/singularity/caddy.nix
View file

@ -2,20 +2,20 @@
config,
pkgs,
...
}: {
}:
with config.constants; {
services.caddy = {
enable = true;
email = config.constants.postMaster;
email = postMaster;
virtualHosts = let
dn = config.constants.domain;
homeSrv = s: "nebula:${portStr.${s}}";
localSrv = s: "${config.constants.localhost}:${portStr.${s}}";
localSrv = s: "${localhost}:${portStr.${s}}";
msfqdn = config.mailserver.fqdn;
mtfqdn = "matrix.${dn}";
portStr = builtins.mapAttrs (n: v: toString v) config.constants.port;
mtfqdn = "matrix.${domain}";
portStr = builtins.mapAttrs (n: v: toString v) port;
wn = s: "/.well-known/${s}";
in {
"${dn}".extraConfig = let
"${domain}".extraConfig = let
wnm = wn "matrix";
in ''
header ${wnm}/* Content-Type application/json
@ -26,22 +26,22 @@
"m.identity_server": { "base_url": "https://${mtfqdn}" }
}`
'';
"aria2.${dn}".extraConfig = ''
"aria2.${domain}".extraConfig = ''
reverse_proxy /jsonrpc ${homeSrv "aria2"}
file_server {
root ${pkgs.ariang}/share/ariang
}
'';
"forgejo.${dn}".extraConfig = ''
"forgejo.${domain}".extraConfig = ''
reverse_proxy ${homeSrv "forgejo"}
'';
"headscale.${dn}".extraConfig = ''
"headscale.${domain}".extraConfig = ''
reverse_proxy ${localSrv "headscale"}
'';
"jellyfin.${dn}".extraConfig = ''
"jellyfin.${domain}".extraConfig = ''
reverse_proxy ${homeSrv "jellyfin"}
'';
"jellyseerr.${dn}".extraConfig = ''
"jellyseerr.${domain}".extraConfig = ''
reverse_proxy ${homeSrv "jellyseerr"}
'';
${msfqdn} = {
@ -52,24 +52,18 @@
'';
useACMEHost = msfqdn;
};
"matrix.${dn}".extraConfig = ''
"matrix.${domain}".extraConfig = ''
reverse_proxy /_matrix/* ${homeSrv "conduit"}
file_server {
root ${pkgs.cinny.override {
conf = {
defaultHomeserver = 0;
hashRouter.enabled = true;
homeserverList = [dn];
};
}}
root ${pkgs.fluffychat-web}
}
'';
"vault.${dn}".extraConfig = ''
"vault.${domain}".extraConfig = ''
reverse_proxy ${localSrv "vault"} {
header_up X-Real-IP {remote_host}
}
'';
"writefreely.${dn}".extraConfig = ''
"writefreely.${domain}".extraConfig = ''
reverse_proxy ${homeSrv "writefreely"}
'';
};
@ -78,7 +72,7 @@
security.acme = {
acceptTerms = true;
defaults = {
email = config.constants.postMaster;
email = postMaster;
webroot = "/var/lib/acme/acme-challenge";
};
};

15
linux/singularity/mailserver.nix
View file

@ -1,16 +1,15 @@
{config, ...}: let
dn = config.constants.domain;
usr = config.constants.userName;
mailSecret = "mail/${usr}/password";
{config, ...}:
with config.constants; let
mailSecret = "mail/${userName}/password";
in {
mailserver = {
enable = true;
fqdn = "mail.${dn}";
domains = [dn];
fqdn = "mail.${domain}";
domains = [domain];
loginAccounts = {
"${usr}@${dn}" = {
aliases = [config.constants.postMaster];
"${userName}@${domain}" = {
aliases = [postMaster];
hashedPasswordFile = config.sops.secrets.${mailSecret}.path;
};
};

8
linux/singularity/vaultwarden.nix
View file

@ -1,14 +1,12 @@
{config, ...}: {
services.vaultwarden = {
enable = true;
config = let
const = config.constants;
in {
config = with config.constants; {
# Disable signup
SIGNUPS_ALLOWED = false;
# Specify service port
ROCKET_ADDRESS = const.localhost;
ROCKET_PORT = const.port.vault;
ROCKET_ADDRESS = localhost;
ROCKET_PORT = port.vault;
};
};
}