notohh/snowflake
notohh/snowflake
1
0
Fork 0
Code Issues Pull requests Projects 1 Releases Packages Wiki Activity

treewide: adhere to official nix formatting style #28

Closed
notohh wants to merge 4 commits from nixfmt-rfc-style into master
pull from: nixfmt-rfc-style
merge into: notohh:master
Conversation 1 Commits 4 Files changed 118 +1910 -1490
118 changed files with 1910 additions and 1490 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files
Showing only changes of commit 274d13acf1 - Show all commits

87
flake.nix
View file

@ -41,50 +41,53 @@
inputs.nixpkgs.follows = "nixpkgs"; inputs.nixpkgs.follows = "nixpkgs";
}; };
}; };
outputs = { outputs =
self, {
nixpkgs, self,
pre-commit-hooks, nixpkgs,
... pre-commit-hooks,
} @ inputs: let ...
system = "x86_64-linux"; }@inputs:
pkgs = import nixpkgs { let
inherit system; system = "x86_64-linux";
}; pkgs = import nixpkgs { inherit system; };
in { in
checks = { {
pre-commit-check = pre-commit-hooks.lib.${system}.run { checks = {
src = ./.; pre-commit-check = pre-commit-hooks.lib.${system}.run {
hooks = { src = ./.;
stylua.enable = true; hooks = {
eslint.enable = true; stylua.enable = true;
statix.enable = true; eslint.enable = true;
alejandra.enable = false; statix.enable = true;
deadnix = { alejandra.enable = false;
enable = true; deadnix = {
excludes = ["overlays.nix"]; enable = true;
}; excludes = [ "overlays.nix" ];
prettier = { };
enable = true; prettier = {
files = "\\.(js|ts|md|json)$"; enable = true;
files = "\\.(js|ts|md|json)$";
};
}; };
}; };
}; };
devShells.${system}.default = pkgs.mkShell {
name = "snowflake";
inherit (self.checks.pre-commit-check) shellHook;
packages = with pkgs; [
git
sops
# alejandra
nixfmt-rfc-style
statix
deadnix
yaml-language-server
lua-language-server
];
};
# formatter.${system} = pkgs.alejandra;
deploy = import ./hosts/deploy.nix inputs;
nixosConfigurations = import ./hosts inputs;
}; };
devShells.${system}.default = pkgs.mkShell {
name = "snowflake";
inherit (self.checks.pre-commit-check) shellHook;
packages = with pkgs; [
git
sops
# alejandra
nixfmt-rfc-style
yaml-language-server
lua-language-server
];
};
# formatter.${system} = pkgs.alejandra;
deploy = import ./hosts/deploy.nix inputs;
nixosConfigurations = import ./hosts inputs;
};
} }

17
home/ags/default.nix
View file

@ -1,15 +1,16 @@
{ { pkgs, config, ... }:
pkgs, let
config,
...
}: let
configDir = "/home/notoh/snowflake/home/ags/config"; configDir = "/home/notoh/snowflake/home/ags/config";
in { in
{
programs.ags = { programs.ags = {
enable = true; enable = true;
extraPackages = with pkgs; [libsoup_3 libdbusmenu-gtk3]; extraPackages = with pkgs; [
libsoup_3
libdbusmenu-gtk3
];
}; };
home.packages = with pkgs; [dart-sass]; home.packages = with pkgs; [ dart-sass ];
xdg.configFile = { xdg.configFile = {
"ags".source = config.lib.file.mkOutOfStoreSymlink "${configDir}"; "ags".source = config.lib.file.mkOutOfStoreSymlink "${configDir}";
}; };

22
home/anyrun/default.nix
View file

@ -3,12 +3,18 @@
pkgs, pkgs,
lib, lib,
... ...
}: let }:
compileSCSS = name: source: "${pkgs.runCommandLocal name {} '' let
mkdir -p $out compileSCSS =
${lib.getExe pkgs.sassc} -t expanded '${source}' > $out/${name}.css name: source:
''}/${name}.css"; "${
in { pkgs.runCommandLocal name { } ''
mkdir -p $out
${lib.getExe pkgs.sassc} -t expanded '${source}' > $out/${name}.css
''
}/${name}.css";
in
{
programs.anyrun = { programs.anyrun = {
enable = true; enable = true;
config = { config = {
@ -17,7 +23,9 @@ in {
dictionary dictionary
websearch websearch
]; ];
width = {fraction = 0.3;}; width = {
fraction = 0.3;
};
hideIcons = false; hideIcons = false;
ignoreExclusiveZones = false; ignoreExclusiveZones = false;
layer = "overlay"; layer = "overlay";

11
home/default.nix
View file

@ -1,4 +1,5 @@
{pkgs, ...}: { { pkgs, ... }:
{
imports = [ imports = [
./helix ./helix
./neofetch ./neofetch
@ -63,7 +64,11 @@
key = "BD47506D475EE86D"; key = "BD47506D475EE86D";
signByDefault = true; signByDefault = true;
}; };
ignores = ["*result*" ".direnv" "node_modules"]; ignores = [
"*result*"
".direnv"
"node_modules"
];
}; };
gh = { gh = {
enable = true; enable = true;
@ -81,7 +86,7 @@
zoxide = { zoxide = {
enable = true; enable = true;
enableNushellIntegration = true; enableNushellIntegration = true;
options = ["--cmd cdd"]; options = [ "--cmd cdd" ];
}; };
}; };
} }

35
home/firefox/default.nix
View file

@ -1,4 +1,5 @@
{pkgs, ...}: { { pkgs, ... }:
{
programs.firefox = { programs.firefox = {
enable = true; enable = true;
policies = { policies = {
@ -42,7 +43,7 @@
]; ];
} }
]; ];
definedAliases = ["@g"]; definedAliases = [ "@g" ];
}; };
"SearXNG" = { "SearXNG" = {
urls = [ urls = [
@ -56,7 +57,7 @@
]; ];
} }
]; ];
definedAliases = ["@sx"]; definedAliases = [ "@sx" ];
}; };
"Nix Packages" = { "Nix Packages" = {
urls = [ urls = [
@ -75,7 +76,7 @@
} }
]; ];
icon = "''${pkgs.nixos-icons}/share/icons/hicolor/scalable/apps/nix-snowflake.svg"; icon = "''${pkgs.nixos-icons}/share/icons/hicolor/scalable/apps/nix-snowflake.svg";
definedAliases = ["@np"]; definedAliases = [ "@np" ];
}; };
"Bing".metaData.hidden = true; "Bing".metaData.hidden = true;
"Google".metaData.hidden = true; "Google".metaData.hidden = true;
@ -108,19 +109,19 @@
xdg.mimeApps = { xdg.mimeApps = {
enable = true; enable = true;
defaultApplications = { defaultApplications = {
"x-scheme-handler/discord-409416265891971072" = ["discord-409416265891971072.desktop"]; "x-scheme-handler/discord-409416265891971072" = [ "discord-409416265891971072.desktop" ];
"x-scheme-handler/discord-402572971681644545" = ["discord-402572971681644545.desktop"]; "x-scheme-handler/discord-402572971681644545" = [ "discord-402572971681644545.desktop" ];
"x-scheme-handler/discord-696343075731144724" = ["discord-696343075731144724.desktop"]; "x-scheme-handler/discord-696343075731144724" = [ "discord-696343075731144724.desktop" ];
"x-scheme-handler/http" = ["firefox.desktop"]; "x-scheme-handler/http" = [ "firefox.desktop" ];
"x-scheme-handler/https" = ["firefox.desktop"]; "x-scheme-handler/https" = [ "firefox.desktop" ];
"x-scheme-handler/chrome" = ["firefox.desktop"]; "x-scheme-handler/chrome" = [ "firefox.desktop" ];
"text/html" = ["firefox.desktop"]; "text/html" = [ "firefox.desktop" ];
"application/x-extension-htm" = ["firefox.desktop"]; "application/x-extension-htm" = [ "firefox.desktop" ];
"application/x-extension-html" = ["firefox.desktop"]; "application/x-extension-html" = [ "firefox.desktop" ];
"application/x-extension-shtml" = ["firefox.desktop"]; "application/x-extension-shtml" = [ "firefox.desktop" ];
"application/xhtml+xml" = ["firefox.desktop"]; "application/xhtml+xml" = [ "firefox.desktop" ];
"application/x-extension-xhtml" = ["firefox.desktop"]; "application/x-extension-xhtml" = [ "firefox.desktop" ];
"application/x-extension-xht" = ["firefox.desktop"]; "application/x-extension-xht" = [ "firefox.desktop" ];
}; };
}; };
} }

5
home/gtk/catppuccin-red.nix
View file

@ -1,4 +1,5 @@
{pkgs, ...}: { { pkgs, ... }:
{
home.pointerCursor = { home.pointerCursor = {
package = pkgs.bibata-cursors; package = pkgs.bibata-cursors;
name = "Bibata-Modern-Classic"; name = "Bibata-Modern-Classic";
@ -12,7 +13,7 @@
theme = { theme = {
name = "Catppuccin-Mocha-Standard-Red-Dark"; name = "Catppuccin-Mocha-Standard-Red-Dark";
package = pkgs.catppuccin-gtk.override { package = pkgs.catppuccin-gtk.override {
accents = ["red"]; accents = [ "red" ];
size = "standard"; size = "standard";
variant = "mocha"; variant = "mocha";
}; };

3
home/gtk/default.nix
View file

@ -1,4 +1,5 @@
{pkgs, ...}: { { pkgs, ... }:
{
home.pointerCursor = { home.pointerCursor = {
package = pkgs.bibata-cursors; package = pkgs.bibata-cursors;
name = "Bibata-Modern-Classic"; name = "Bibata-Modern-Classic";

26
home/helix/default.nix
View file

@ -1,4 +1,5 @@
{...}: { { ... }:
{
imports = [ imports = [
./languages.nix ./languages.nix
./themes/catppuccin_mocha.nix ./themes/catppuccin_mocha.nix
@ -16,11 +17,26 @@
completion-replace = true; completion-replace = true;
soft-wrap.enable = true; soft-wrap.enable = true;
idle-timeout = 1; idle-timeout = 1;
gutters = ["diff" "diagnostics" "line-numbers" "spacer"]; gutters = [
"diff"
"diagnostics"
"line-numbers"
"spacer"
];
statusline = { statusline = {
left = ["mode" "spinner"]; left = [
center = ["file-name"]; "mode"
right = ["diagnostics" "selections" "position" "file-line-ending" "file-type" "version-control"]; "spinner"
];
center = [ "file-name" ];
right = [
"diagnostics"
"selections"
"position"
"file-line-ending"
"file-type"
"version-control"
];
separator = "|"; separator = "|";
mode = { mode = {
normal = "NORMAL"; normal = "NORMAL";

9
home/helix/languages.nix
View file

@ -1,8 +1,5 @@
{ pkgs, lib, ... }:
{ {
pkgs,
lib,
...
}: {
programs.helix.languages = { programs.helix.languages = {
language = with pkgs; [ language = with pkgs; [
{ {
@ -10,7 +7,7 @@
auto-format = true; auto-format = true;
formatter = { formatter = {
command = lib.getExe alejandra; command = lib.getExe alejandra;
args = ["-q"]; args = [ "-q" ];
}; };
} }
{ {
@ -34,7 +31,7 @@
}; };
vscode-css-language-server = { vscode-css-language-server = {
command = "${nodePackages.vscode-css-languageserver-bin}/bin/css-languageserver"; command = "${nodePackages.vscode-css-languageserver-bin}/bin/css-languageserver";
args = ["--stdio"]; args = [ "--stdio" ];
}; };
}; };
}; };

433
home/helix/themes/catppuccin_mocha.nix
View file

@ -1,216 +1,243 @@
_: { _: {
programs.helix = { programs.helix = {
themes.catppuccin_mocha = let themes.catppuccin_mocha =
rosewater = "#f5e0dc"; let
flamingo = "#f2cdcd"; rosewater = "#f5e0dc";
pink = "#f5c2e7"; flamingo = "#f2cdcd";
mauve = "#cba6f7"; pink = "#f5c2e7";
red = "#f38ba8"; mauve = "#cba6f7";
maroon = "#eba0ac"; red = "#f38ba8";
peach = "#fab387"; maroon = "#eba0ac";
yellow = "#f9e2af"; peach = "#fab387";
green = "#a6e3a1"; yellow = "#f9e2af";
teal = "#94e2d5"; green = "#a6e3a1";
sky = "#89dceb"; teal = "#94e2d5";
sapphire = "#74c7ec"; sky = "#89dceb";
blue = "#89b4fa"; sapphire = "#74c7ec";
lavender = "#b4befe"; blue = "#89b4fa";
lavender = "#b4befe";
text = "#cdd6f4"; text = "#cdd6f4";
subtext1 = "#bac2de"; subtext1 = "#bac2de";
subtext0 = "#a6adc8"; subtext0 = "#a6adc8";
overlay2 = "#9399b2"; overlay2 = "#9399b2";
overlay1 = "#7f849c"; overlay1 = "#7f849c";
overlay0 = "#6c7086"; overlay0 = "#6c7086";
surface2 = "#585b70"; surface2 = "#585b70";
surface1 = "#45475a"; surface1 = "#45475a";
surface0 = "#313244"; surface0 = "#313244";
base = "#1e1e2e"; base = "#1e1e2e";
mantle = "#181825"; mantle = "#181825";
crust = "#11111b"; crust = "#11111b";
cursorline = "#2a2b3c"; cursorline = "#2a2b3c";
secondary_cursor = "#b5a6a8"; secondary_cursor = "#b5a6a8";
in { in
"type" = yellow; {
"constructor" = sapphire; "type" = yellow;
"constant" = peach; "constructor" = sapphire;
"constant.builtin" = peach; "constant" = peach;
"constant.character" = teal; "constant.builtin" = peach;
"constant.character.escape" = pink; "constant.character" = teal;
"string" = green; "constant.character.escape" = pink;
"string.regexp" = peach; "string" = green;
"string.special" = blue; "string.regexp" = peach;
"comment" = { "string.special" = blue;
fg = maroon; "comment" = {
modifiers = ["italic"]; fg = maroon;
}; modifiers = [ "italic" ];
"variable" = "text";
"variable.parameter" = {
fg = maroon;
modifiers = ["italic"];
};
"variable.builtin" = red;
"variable.other.member" = teal;
"label" = sapphire;
"punctuation" = overlay2;
"punctuation.special" = sky;
"keyword" = mauve;
"keyword.control.conditional" = {
fg = mauve;
modifiers = ["italic"];
};
"operator" = sky;
"function" = blue;
"function.macro" = mauve;
"tag" = mauve;
"attribute" = blue;
"namespace" = {
fg = blue;
modifiers = ["italic"];
};
"special" = blue;
"markup.heading.marker" = {
fg = peach;
modifiers = ["bold"];
};
"markup.heading.1" = lavender;
"markup.heading.2" = mauve;
"markup.heading.3" = green;
"markup.heading.4" = yellow;
"markup.heading.5" = pink;
"markup.heading.6" = teal;
"markup.list" = mauve;
"markup.bold" = {modifiers = ["bold"];};
"markup.italic" = {modifiers = ["italic"];};
"markup.link.url" = {
fg = rosewater;
modifiers = ["italic" "underlined"];
};
"markup.link.text" = blue;
"markup.raw" = flamingo;
"diff.plus" = green;
"diff.minus" = red;
"diff.delta" = blue;
"ui.background" = {fg = surface1;};
"ui.linenr" = {fg = surface1;};
"ui.linenr.selected" = {fg = lavender;};
"ui.statusline" = {
fg = subtext1;
bg = mantle;
};
"ui.statusline.inactive" = {
fg = surface2;
bg = mantle;
};
"ui.statusline.normal" = {
fg = base;
bg = lavender;
modifiers = ["bold"];
};
"ui.statusline.insert" = {
fg = base;
bg = green;
modifiers = ["bold"];
};
"ui.statusline.select" = {
fg = base;
bg = flamingo;
modifiers = ["bold"];
};
"ui.popup" = {
fg = text;
bg = surface0;
};
"ui.window" = {fg = crust;};
"ui.help" = {
fg = overlay2;
bg = surface0;
};
"ui.bufferline" = {
fg = subtext0;
bg = mantle;
};
"ui.bufferline.active" = {
fg = mauve;
bg = base;
underline = {
color = mauve;
style = "line";
}; };
}; "variable" = "text";
"ui.bufferline.background" = {bg = crust;}; "variable.parameter" = {
"ui.text" = text; fg = maroon;
"ui.text.focus" = { modifiers = [ "italic" ];
fg = text;
bg = surface0;
modifiers = ["bold"];
};
"ui.text.inactive" = {fg = overlay1;};
"ui.virtual" = overlay0;
"ui.virtual.ruler" = {bg = surface0;};
"ui.virtual.indent-guide" = surface0;
"ui.virtual.inlay-hint" = {
fg = surface1;
bg = mantle;
};
"ui.selection" = {bg = surface1;};
"ui.cursor" = {
fg = base;
bg = secondary_cursor;
};
"ui.cursor.primary" = {
fg = base;
bg = rosewater;
};
"ui.cursor.match" = {
fg = peach;
modifiers = ["bold"];
};
"ui.cursorline.primary" = {bg = cursorline;};
"ui.highlight" = {
bg = surface1;
modifiers = ["bold"];
};
"ui.menu" = {
fg = overlay2;
bg = surface0;
};
"ui.menu.selected" = {
fg = text;
bg = surface1;
modifiers = ["bold"];
};
"diagnostic.error" = {
underline = {
color = red;
style = "curl";
}; };
}; "variable.builtin" = red;
"diagnostic.warning" = { "variable.other.member" = teal;
underline = { "label" = sapphire;
color = yellow; "punctuation" = overlay2;
style = "curl"; "punctuation.special" = sky;
"keyword" = mauve;
"keyword.control.conditional" = {
fg = mauve;
modifiers = [ "italic" ];
}; };
}; "operator" = sky;
"diagnostic.info" = { "function" = blue;
underline = { "function.macro" = mauve;
color = sky; "tag" = mauve;
style = "curl"; "attribute" = blue;
"namespace" = {
fg = blue;
modifiers = [ "italic" ];
}; };
}; "special" = blue;
"diagnostic.hint" = { "markup.heading.marker" = {
underline = { fg = peach;
color = teal; modifiers = [ "bold" ];
style = "curl"; };
"markup.heading.1" = lavender;
"markup.heading.2" = mauve;
"markup.heading.3" = green;
"markup.heading.4" = yellow;
"markup.heading.5" = pink;
"markup.heading.6" = teal;
"markup.list" = mauve;
"markup.bold" = {
modifiers = [ "bold" ];
};
"markup.italic" = {
modifiers = [ "italic" ];
};
"markup.link.url" = {
fg = rosewater;
modifiers = [
"italic"
"underlined"
];
};
"markup.link.text" = blue;
"markup.raw" = flamingo;
"diff.plus" = green;
"diff.minus" = red;
"diff.delta" = blue;
"ui.background" = {
fg = surface1;
};
"ui.linenr" = {
fg = surface1;
};
"ui.linenr.selected" = {
fg = lavender;
};
"ui.statusline" = {
fg = subtext1;
bg = mantle;
};
"ui.statusline.inactive" = {
fg = surface2;
bg = mantle;
};
"ui.statusline.normal" = {
fg = base;
bg = lavender;
modifiers = [ "bold" ];
};
"ui.statusline.insert" = {
fg = base;
bg = green;
modifiers = [ "bold" ];
};
"ui.statusline.select" = {
fg = base;
bg = flamingo;
modifiers = [ "bold" ];
};
"ui.popup" = {
fg = text;
bg = surface0;
};
"ui.window" = {
fg = crust;
};
"ui.help" = {
fg = overlay2;
bg = surface0;
};
"ui.bufferline" = {
fg = subtext0;
bg = mantle;
};
"ui.bufferline.active" = {
fg = mauve;
bg = base;
underline = {
color = mauve;
style = "line";
};
};
"ui.bufferline.background" = {
bg = crust;
};
"ui.text" = text;
"ui.text.focus" = {
fg = text;
bg = surface0;
modifiers = [ "bold" ];
};
"ui.text.inactive" = {
fg = overlay1;
};
"ui.virtual" = overlay0;
"ui.virtual.ruler" = {
bg = surface0;
};
"ui.virtual.indent-guide" = surface0;
"ui.virtual.inlay-hint" = {
fg = surface1;
bg = mantle;
};
"ui.selection" = {
bg = surface1;
};
"ui.cursor" = {
fg = base;
bg = secondary_cursor;
};
"ui.cursor.primary" = {
fg = base;
bg = rosewater;
};
"ui.cursor.match" = {
fg = peach;
modifiers = [ "bold" ];
};
"ui.cursorline.primary" = {
bg = cursorline;
};
"ui.highlight" = {
bg = surface1;
modifiers = [ "bold" ];
};
"ui.menu" = {
fg = overlay2;
bg = surface0;
};
"ui.menu.selected" = {
fg = text;
bg = surface1;
modifiers = [ "bold" ];
};
"diagnostic.error" = {
underline = {
color = red;
style = "curl";
};
};
"diagnostic.warning" = {
underline = {
color = yellow;
style = "curl";
};
};
"diagnostic.info" = {
underline = {
color = sky;
style = "curl";
};
};
"diagnostic.hint" = {
underline = {
color = teal;
style = "curl";
};
}; };
};
"error" = red; "error" = red;
"warning" = yellow; "warning" = yellow;
"info" = sky; "info" = sky;
"hint" = teal; "hint" = teal;
}; };
}; };
} }

410
home/helix/themes/tokyonight.nix
View file

@ -1,170 +1,260 @@
_: { _: {
programs.helix = { programs.helix = {
themes.tokyonight = let themes.tokyonight =
red = "#f7768e"; let
orange = "#ff9e64"; red = "#f7768e";
yellow = "#e0af68"; orange = "#ff9e64";
light-green = "#9ece6a"; yellow = "#e0af68";
green = "#73daca"; light-green = "#9ece6a";
turquoise = "#89ddff"; green = "#73daca";
teal = "#2ac3de"; turquoise = "#89ddff";
cyan = "#7dcfff"; teal = "#2ac3de";
blue = "#7aa2f7"; cyan = "#7dcfff";
magenta = "#bb9af7"; blue = "#7aa2f7";
white = "#c0caf5"; magenta = "#bb9af7";
light-gray = "#9aa5ce"; white = "#c0caf5";
comment = "#565f89"; light-gray = "#9aa5ce";
black = "#414868"; comment = "#565f89";
foreground = "#a9b1d6"; black = "#414868";
foreground_gutter = "#363b54"; foreground = "#a9b1d6";
background_highlight = "#30374b"; foreground_gutter = "#363b54";
background_menu = "#16161e"; background_highlight = "#30374b";
in { background_menu = "#16161e";
"comment" = { in
fg = comment; {
modifiers = ["italic"]; "comment" = {
}; fg = comment;
"constant" = {fg = orange;}; modifiers = [ "italic" ];
"constant.character.escape" = {fg = magenta;}; };
"function" = { "constant" = {
fg = blue; fg = orange;
modifiers = ["italic"]; };
}; "constant.character.escape" = {
"function.macro" = {fg = cyan;}; fg = magenta;
"keyword" = { };
fg = cyan; "function" = {
modifiers = ["italic"]; fg = blue;
}; modifiers = [ "italic" ];
"keyword.control" = {fg = magenta;}; };
"keyword.control.import" = {fg = cyan;}; "function.macro" = {
"keyword.operator" = {fg = turquoise;}; fg = cyan;
"keyword.function" = { };
fg = magenta; "keyword" = {
modifiers = ["italic"]; fg = cyan;
}; modifiers = [ "italic" ];
"operator" = {fg = turquoise;}; };
"punctuation" = {fg = turquoise;}; "keyword.control" = {
"string" = {fg = light-green;}; fg = magenta;
"string.regexp" = {fg = "light-blue";}; };
"tag" = {fg = red;}; "keyword.control.import" = {
"type" = {fg = teal;}; fg = cyan;
"namespace" = {fg = blue;}; };
"variable" = {fg = white;}; "keyword.operator" = {
"variable.builtin" = {fg = red;}; fg = turquoise;
"variable.other.member" = {fg = green;}; };
"variable.parameter" = { "keyword.function" = {
fg = yellow; fg = magenta;
modifiers = ["italic"]; modifiers = [ "italic" ];
}; };
"operator" = {
fg = turquoise;
};
"punctuation" = {
fg = turquoise;
};
"string" = {
fg = light-green;
};
"string.regexp" = {
fg = "light-blue";
};
"tag" = {
fg = red;
};
"type" = {
fg = teal;
};
"namespace" = {
fg = blue;
};
"variable" = {
fg = white;
};
"variable.builtin" = {
fg = red;
};
"variable.other.member" = {
fg = green;
};
"variable.parameter" = {
fg = yellow;
modifiers = [ "italic" ];
};
"diff.plus" = {fg = green;}; "diff.plus" = {
"diff.delta" = {fg = orange;}; fg = green;
"diff.minus" = {fg = red;}; };
"diff.delta" = {
fg = orange;
};
"diff.minus" = {
fg = red;
};
"ui.background" = {fg = foreground;}; "ui.background" = {
fg = foreground;
};
"ui.cursor" = {modifiers = ["reversed"];}; "ui.cursor" = {
"ui.cursor.match" = { modifiers = [ "reversed" ];
fg = orange; };
modifiers = ["bold"]; "ui.cursor.match" = {
}; fg = orange;
"ui.cursor.primary" = {modifiers = ["reversed"];}; modifiers = [ "bold" ];
"ui.cursorline.primary" = {bg = background_menu;}; };
"ui.help" = { "ui.cursor.primary" = {
fg = foreground; modifiers = [ "reversed" ];
bg = background_menu; };
}; "ui.cursorline.primary" = {
"ui.linenr" = {fg = foreground_gutter;}; bg = background_menu;
"ui.linenr.selected" = {fg = foreground;}; };
"ui.menu" = { "ui.help" = {
fg = foreground; fg = foreground;
bg = background_menu; bg = background_menu;
}; };
"ui.menu.selected" = {bg = background_highlight;}; "ui.linenr" = {
"ui.popup" = { fg = foreground_gutter;
fg = foreground; };
bg = background_menu; "ui.linenr.selected" = {
}; fg = foreground;
"ui.selection" = {bg = background_highlight;}; };
"ui.selection.primary" = {bg = background_highlight;}; "ui.menu" = {
"ui.statusline" = { fg = foreground;
fg = foreground; bg = background_menu;
bg = background_menu; };
}; "ui.menu.selected" = {
"ui.statusline.inactive" = { bg = background_highlight;
fg = foreground_gutter; };
bg = background_menu; "ui.popup" = {
}; fg = foreground;
"ui.statusline.normal" = { bg = background_menu;
fg = black; };
bg = blue; "ui.selection" = {
}; bg = background_highlight;
"ui.statusline.insert" = { };
fg = black; "ui.selection.primary" = {
bg = green; bg = background_highlight;
}; };
"ui.statusline.select" = { "ui.statusline" = {
fg = black; fg = foreground;
bg = magenta; bg = background_menu;
}; };
"ui.text" = {fg = foreground;}; "ui.statusline.inactive" = {
"ui.text.focus" = {fg = cyan;}; fg = foreground_gutter;
"ui.virtual.ruler" = {bg = foreground_gutter;}; bg = background_menu;
"ui.virtual.whitespace" = {fg = foreground_gutter;}; };
"ui.virtual.inlay-hint" = {fg = comment;}; "ui.statusline.normal" = {
"ui.window" = {fg = black;}; fg = black;
bg = blue;
};
"ui.statusline.insert" = {
fg = black;
bg = green;
};
"ui.statusline.select" = {
fg = black;
bg = magenta;
};
"ui.text" = {
fg = foreground;
};
"ui.text.focus" = {
fg = cyan;
};
"ui.virtual.ruler" = {
bg = foreground_gutter;
};
"ui.virtual.whitespace" = {
fg = foreground_gutter;
};
"ui.virtual.inlay-hint" = {
fg = comment;
};
"ui.window" = {
fg = black;
};
"error" = {fg = red;}; "error" = {
"warning" = {fg = yellow;}; fg = red;
"info" = {fg = blue;}; };
"hint" = {fg = teal;}; "warning" = {
"diagnostic.error" = { fg = yellow;
underline = { };
style = "curl"; "info" = {
color = red; fg = blue;
};
"hint" = {
fg = teal;
};
"diagnostic.error" = {
underline = {
style = "curl";
color = red;
};
};
"diagnostic.warning" = {
underline = {
style = "curl";
color = yellow;
};
};
"diagnostic.info" = {
underline = {
style = "curl";
color = blue;
};
};
"diagnostic.hint" = {
underline = {
style = "curl";
color = teal;
};
};
"special" = {
fg = orange;
};
"markup.heading" = {
fg = cyan;
modifiers = [ "bold" ];
};
"markup.list" = {
fg = cyan;
};
"markup.bold" = {
fg = orange;
modifiers = [ "bold" ];
};
"markup.italic" = {
fg = yellow;
modifiers = [ "italic" ];
};
"markup.strikethrough" = {
modifiers = [ "crossed_out" ];
};
"markup.link.url" = {
fg = green;
};
"markup.link.text" = {
fg = light-gray;
};
"markup.quote" = {
fg = yellow;
modifiers = [ "italic" ];
};
"markup.raw" = {
fg = cyan;
}; };
}; };
"diagnostic.warning" = {
underline = {
style = "curl";
color = yellow;
};
};
"diagnostic.info" = {
underline = {
style = "curl";
color = blue;
};
};
"diagnostic.hint" = {
underline = {
style = "curl";
color = teal;
};
};
"special" = {fg = orange;};
"markup.heading" = {
fg = cyan;
modifiers = ["bold"];
};
"markup.list" = {fg = cyan;};
"markup.bold" = {
fg = orange;
modifiers = ["bold"];
};
"markup.italic" = {
fg = yellow;
modifiers = ["italic"];
};
"markup.strikethrough" = {modifiers = ["crossed_out"];};
"markup.link.url" = {fg = green;};
"markup.link.text" = {fg = light-gray;};
"markup.quote" = {
fg = yellow;
modifiers = ["italic"];
};
"markup.raw" = {fg = cyan;};
};
}; };
} }

19
home/lazygit/default.nix
View file

@ -5,14 +5,17 @@ _: {
windowSize = "normal"; windowSize = "normal";
gui.theme = { gui.theme = {
lightTheme = false; lightTheme = false;
activeBorderColor = ["#2ac3de" "bold"]; activeBorderColor = [
inactiveBorderColor = ["#f7768e"]; "#2ac3de"
optionsTextColor = [" #c0caf5"]; "bold"
selectedLineBgColor = ["#24283b"]; ];
selectedRangeByColor = ["#24283b"]; inactiveBorderColor = [ "#f7768e" ];
cherryPickedCommitBgColor = ["#94e2d5"]; optionsTextColor = [ " #c0caf5" ];
cherryPickedCommitFgColor = ["#89b4fa"]; selectedLineBgColor = [ "#24283b" ];
unstagedChangesColor = ["red"]; selectedRangeByColor = [ "#24283b" ];
cherryPickedCommitBgColor = [ "#94e2d5" ];
cherryPickedCommitFgColor = [ "#89b4fa" ];
unstagedChangesColor = [ "red" ];
showRandomTip = false; showRandomTip = false;
animateExplosion = true; animateExplosion = true;
}; };

5
home/neofetch/default.nix
View file

@ -1,4 +1,5 @@
{pkgs, ...}: { { pkgs, ... }:
home.packages = [pkgs.neofetch]; {
home.packages = [ pkgs.neofetch ];
xdg.configFile."neofetch/config.conf".source = ./config.conf; xdg.configFile."neofetch/config.conf".source = ./config.conf;
} }

5
home/spotify-player/default.nix
View file

@ -1,5 +1,6 @@
{pkgs, ...}: { { pkgs, ... }:
home.packages = [pkgs.spotify-player]; {
home.packages = [ pkgs.spotify-player ];
xdg.configFile."spotify-player/app.toml" = { xdg.configFile."spotify-player/app.toml" = {
text = '' text = ''
theme = "tokyonight" theme = "tokyonight"

11
home/starship/default.nix
View file

@ -1,8 +1,5 @@
{ config, lib, ... }:
{ {
config,
lib,
...
}: {
home.sessionVariables.STARSHIP_CACHE = "${config.xdg.cacheHome}/starship"; home.sessionVariables.STARSHIP_CACHE = "${config.xdg.cacheHome}/starship";
programs.starship = { programs.starship = {
@ -40,9 +37,7 @@
"$rust" "$rust"
"$golang" "$golang"
]; ];
right_format = lib.concatStrings [ right_format = lib.concatStrings [ "$nix_shell" ];
"$nix_shell"
];
character = { character = {
error_symbol = "[](bold red)"; error_symbol = "[](bold red)";
success_symbol = "[](bold teal)"; success_symbol = "[](bold teal)";
@ -77,7 +72,7 @@
impure_msg = "[impure shell](bold red)"; impure_msg = "[impure shell](bold red)";
pure_msg = "[pure shell](bold green)"; pure_msg = "[pure shell](bold green)";
unknown_msg = "[unknown shell](bold yellow)"; unknown_msg = "[unknown shell](bold yellow)";
format = "via [ $state( \($name\))](bold teal)"; format = "via [ $state( ($name))](bold teal)";
}; };
git_branch = { git_branch = {
symbol = ""; symbol = "";

12
home/wayland/default.nix
View file

@ -1,8 +1,5 @@
{ { pkgs, inputs, ... }:
pkgs, let
inputs,
...
}: let
dbus-hyprland-environment = pkgs.writeTextFile { dbus-hyprland-environment = pkgs.writeTextFile {
name = "dbus-hyprland-environment"; name = "dbus-hyprland-environment";
destination = "/bin/dbus-hyprland-environment"; destination = "/bin/dbus-hyprland-environment";
@ -13,8 +10,9 @@
systemctl --user start pipewire wireplumber pipewire-media-session xdg-desktop-portal xdg-desktop-portal-hyprland systemctl --user start pipewire wireplumber pipewire-media-session xdg-desktop-portal xdg-desktop-portal-hyprland
''; '';
}; };
in { in
imports = [./greetd.nix]; {
imports = [ ./greetd.nix ];
environment = { environment = {
systemPackages = with pkgs; [ systemPackages = with pkgs; [
dbus-hyprland-environment dbus-hyprland-environment

11
home/wayland/hyprland/config/general.nix
View file

@ -1,11 +1,12 @@
{pkgs, ...}: { { pkgs, ... }:
{
wayland.windowManager.hyprland = { wayland.windowManager.hyprland = {
settings = { settings = {
monitor = [ monitor = [
"HDMI-A-1,1920x1080@60, 3640x560, auto, transform, 3" #right "HDMI-A-1,1920x1080@60, 3640x560, auto, transform, 3" # right
"DP-1,1920x1080@60, 0x560, auto, transform, 1" #left "DP-1,1920x1080@60, 0x560, auto, transform, 1" # left
"DP-2,2560x1440@144, 1080x1080, auto" #middle "DP-2,2560x1440@144, 1080x1080, auto" # middle
"DP-3,1920x1080@144, 1400x0, auto" #top "DP-3,1920x1080@144, 1400x0, auto" # top
]; ];
exec-once = [ exec-once = [
"ags" "ags"

16
home/yazi/default.nix
View file

@ -1,10 +1,10 @@
{ config, pkgs, ... }:
{ {
config,
pkgs,
...
}: {
xdg.configFile."yazi/init.lua".source = ./init.lua; xdg.configFile."yazi/init.lua".source = ./init.lua;
imports = [./keymap.nix ./openers.nix]; imports = [
./keymap.nix
./openers.nix
];
programs.yazi = { programs.yazi = {
enable = true; enable = true;
@ -12,7 +12,11 @@
enableNushellIntegration = true; enableNushellIntegration = true;
settings = { settings = {
manager = { manager = {
ratio = [1 3 3]; ratio = [
1
3
3
];
sort_by = "natural"; sort_by = "natural";
sort_reverse = false; sort_reverse = false;
sort_dir_first = true; sort_dir_first = true;

123
home/yazi/keymap.nix
View file

@ -2,17 +2,17 @@ _: {
programs.yazi.keymap = { programs.yazi.keymap = {
manager.keymap = [ manager.keymap = [
{ {
on = ["<Esc>"]; on = [ "<Esc>" ];
exec = "escape"; exec = "escape";
desc = "Exit visual mode; clear selected; or cancel search"; desc = "Exit visual mode; clear selected; or cancel search";
} }
{ {
on = ["q"]; on = [ "q" ];
exec = "quit"; exec = "quit";
desc = "Exit the process"; desc = "Exit the process";
} }
{ {
on = ["<C-q>"]; on = [ "<C-q>" ];
exec = "close"; exec = "close";
desc = "Close the current tab; or quit if it is last tab"; desc = "Close the current tab; or quit if it is last tab";
} }
@ -20,59 +20,65 @@ _: {
# Navigation # Navigation
{ {
on = ["<Up>"]; on = [ "<Up>" ];
exec = "arrow -1"; exec = "arrow -1";
desc = "Move cursor up"; desc = "Move cursor up";
} }
{ {
on = ["<Down>"]; on = [ "<Down>" ];
exec = "arrow 1"; exec = "arrow 1";
desc = "Move cursor down"; desc = "Move cursor down";
} }
{ {
on = ["<Left>"]; on = [ "<Left>" ];
exec = "leave"; exec = "leave";
desc = "Go back to the parent directory"; desc = "Go back to the parent directory";
} }
{ {
on = ["<Right>"]; on = [ "<Right>" ];
exec = "enter"; exec = "enter";
desc = "Enter the child directory"; desc = "Enter the child directory";
} }
{ {
on = ["g" "g"]; on = [
"g"
"g"
];
exec = "arrow -99999999"; exec = "arrow -99999999";
desc = "Move cursor to the top"; desc = "Move cursor to the top";
} }
{ {
on = ["G"]; on = [ "G" ];
exec = "arrow 99999999"; exec = "arrow 99999999";
desc = "Move cursor to the bottom"; desc = "Move cursor to the bottom";
} }
# Selection # Selection
{ {
on = ["<Space>"]; on = [ "<Space>" ];
exec = ["select --state=none" "arrow 1"]; exec = [
"select --state=none"
"arrow 1"
];
desc = "Toggle the current selection state"; desc = "Toggle the current selection state";
} }
{ {
on = ["i"]; on = [ "i" ];
exec = "visual_mode"; exec = "visual_mode";
desc = "Enter visual mode (selection mode)"; desc = "Enter visual mode (selection mode)";
} }
{ {
on = ["I"]; on = [ "I" ];
exec = "visual_mode --unset"; exec = "visual_mode --unset";
desc = "Enter visual mode (unset mode)"; desc = "Enter visual mode (unset mode)";
} }
{ {
on = ["<C-a>"]; on = [ "<C-a>" ];
exec = "select_all --state=true"; exec = "select_all --state=true";
desc = "Select all files"; desc = "Select all files";
} }
{ {
on = ["<C-r>"]; on = [ "<C-r>" ];
exec = "select_all --state=none"; exec = "select_all --state=none";
desc = "Inverse selection of all files"; desc = "Inverse selection of all files";
} }
@ -80,67 +86,67 @@ _: {
# Operations # Operations
{ {
on = ["<Enter>"]; on = [ "<Enter>" ];
exec = "open"; exec = "open";
desc = "Open selected file(s)"; desc = "Open selected file(s)";
} }
{ {
on = ["y"]; on = [ "y" ];
exec = "yank"; exec = "yank";
desc = "Copy selected file(s)"; desc = "Copy selected file(s)";
} }
{ {
on = ["x"]; on = [ "x" ];
exec = "yank --cut"; exec = "yank --cut";
desc = "Cut selected file(s)"; desc = "Cut selected file(s)";
} }
{ {
on = ["p"]; on = [ "p" ];
exec = "paste"; exec = "paste";
desc = "Paste the file(s)"; desc = "Paste the file(s)";
} }
{ {
on = ["P"]; on = [ "P" ];
exec = "paste --force"; exec = "paste --force";
desc = "Paste the files (overwrite)"; desc = "Paste the files (overwrite)";
} }
{ {
on = ["d"]; on = [ "d" ];
exec = "remove --permanently"; exec = "remove --permanently";
desc = "Permanently delete the file(s)"; desc = "Permanently delete the file(s)";
} }
{ {
on = ["D"]; on = [ "D" ];
exec = "remove --permanently"; exec = "remove --permanently";
desc = "Permanently delete the files(s)"; desc = "Permanently delete the files(s)";
} }
{ {
on = ["a"]; on = [ "a" ];
exec = "create"; exec = "create";
desc = "create a file or directory (ends with / for directories)"; desc = "create a file or directory (ends with / for directories)";
} }
{ {
on = ["r"]; on = [ "r" ];
exec = "rename"; exec = "rename";
desc = "rename a file or directory"; desc = "rename a file or directory";
} }
{ {
on = [":"]; on = [ ":" ];
exec = "shell --block"; exec = "shell --block";
desc = "run a blocking shell command"; desc = "run a blocking shell command";
} }
{ {
on = ["."]; on = [ "." ];
exec = "hidden toggle"; exec = "hidden toggle";
desc = "toggle hidden files"; desc = "toggle hidden files";
} }
{ {
on = ["z"]; on = [ "z" ];
exec = "jump zoxide"; exec = "jump zoxide";
desc = "jump to a directory using zoxide"; desc = "jump to a directory using zoxide";
} }
{ {
on = ["Z"]; on = [ "Z" ];
exec = "jump fzf"; exec = "jump fzf";
desc = "reveal files with fzf"; desc = "reveal files with fzf";
} }
@ -148,17 +154,26 @@ _: {
# Copy # Copy
{ {
on = ["c" "c"]; on = [
"c"
"c"
];
exec = "copy path"; exec = "copy path";
desc = "copy the absolute path"; desc = "copy the absolute path";
} }
{ {
on = ["c" "d"]; on = [
"c"
"d"
];
exec = "copy dirname"; exec = "copy dirname";
desc = "copy parent directory path"; desc = "copy parent directory path";
} }
{ {
on = ["c" "f"]; on = [
"c"
"f"
];
exec = "copy filename"; exec = "copy filename";
desc = "copy file name"; desc = "copy file name";
} }
@ -166,105 +181,105 @@ _: {
# Find # Find
{ {
on = ["/"]; on = [ "/" ];
exec = "find"; exec = "find";
} }
{ {
on = ["?"]; on = [ "?" ];
exec = "find --previous"; exec = "find --previous";
} }
{ {
on = ["n"]; on = [ "n" ];
exec = "find_arrow"; exec = "find_arrow";
} }
{ {
on = ["N"]; on = [ "N" ];
exec = "find_arrow --previous"; exec = "find_arrow --previous";
} }
{ {
on = ["s"]; on = [ "s" ];
exec = "search fd"; exec = "search fd";
} }
{ {
on = ["S"]; on = [ "S" ];
exec = "search rg"; exec = "search rg";
} }
{ {
on = ["<C-s>"]; on = [ "<C-s>" ];
exec = "search none"; exec = "search none";
} }
# Tabs # Tabs
{ {
on = ["t"]; on = [ "t" ];
exec = "tab_create --current"; exec = "tab_create --current";
desc = "Create a new tab using the current path"; desc = "Create a new tab using the current path";
} }
{ {
on = ["1"]; on = [ "1" ];
exec = "tab_switch 0"; exec = "tab_switch 0";
desc = "Switch to the first tab"; desc = "Switch to the first tab";
} }
{ {
on = ["2"]; on = [ "2" ];
exec = "tab_switch 1"; exec = "tab_switch 1";
desc = "Switch to the second tab"; desc = "Switch to the second tab";
} }
{ {
on = ["3"]; on = [ "3" ];
exec = "tab_switch 2"; exec = "tab_switch 2";
desc = "Switch to the third tab"; desc = "Switch to the third tab";
} }
{ {
on = ["4"]; on = [ "4" ];
exec = "tab_switch 3"; exec = "tab_switch 3";
desc = "Switch to the fourth tab"; desc = "Switch to the fourth tab";
} }
{ {
on = ["5"]; on = [ "5" ];
exec = "tab_switch 4"; exec = "tab_switch 4";
desc = "Switch to the fifth tab"; desc = "Switch to the fifth tab";
} }
{ {
on = ["6"]; on = [ "6" ];
exec = "tab_switch 5"; exec = "tab_switch 5";
desc = "Switch to the sixth tab"; desc = "Switch to the sixth tab";
} }
{ {
on = ["7"]; on = [ "7" ];
exec = "tab_switch 6"; exec = "tab_switch 6";
desc = "Switch to the seventh tab"; desc = "Switch to the seventh tab";
} }
{ {
on = ["8"]; on = [ "8" ];
exec = "tab_switch 7"; exec = "tab_switch 7";
desc = "Switch to the eighth tab"; desc = "Switch to the eighth tab";
} }
{ {
on = ["9"]; on = [ "9" ];
exec = "tab_switch 8"; exec = "tab_switch 8";
desc = "Switch to the ninth tab"; desc = "Switch to the ninth tab";
} }
{ {
on = ["["]; on = [ "[" ];
exec = "tab_switch -1 --relative"; exec = "tab_switch -1 --relative";
desc = "Switch to the previous tab"; desc = "Switch to the previous tab";
} }
{ {
on = ["]"]; on = [ "]" ];
exec = "tab_switch 1 --relative"; exec = "tab_switch 1 --relative";
desc = "Switch to the next tab"; desc = "Switch to the next tab";
} }
{ {
on = ["{"]; on = [ "{" ];
exec = "tab_swap -1"; exec = "tab_swap -1";
desc = "Swap the current tab with the previous tab"; desc = "Swap the current tab with the previous tab";
} }
{ {
on = ["}"]; on = [ "}" ];
exec = "tab_swap 1"; exec = "tab_swap 1";
desc = "Swap the current tab with the next tab"; desc = "Swap the current tab with the next tab";
} }
@ -272,7 +287,7 @@ _: {
# Tasks # Tasks
{ {
on = ["w"]; on = [ "w" ];
exec = "tasks_show"; exec = "tasks_show";
desc = "Show the tasks manager"; desc = "Show the tasks manager";
} }
@ -280,7 +295,7 @@ _: {
# Help # Help
{ {
on = ["~"]; on = [ "~" ];
exec = "help"; exec = "help";
desc = "Open help"; desc = "Open help";
} }

29
home/yazi/openers.nix
View file

@ -1,25 +1,42 @@
{pkgs, ...}: { { pkgs, ... }:
{
programs.yazi.settings = { programs.yazi.settings = {
open.rules = [ open.rules = [
{ {
mime = "text/*"; mime = "text/*";
use = ["edit" "reveal"]; use = [
"edit"
"reveal"
];
} }
{ {
mime = "image/*"; mime = "image/*";
use = ["image" "reveal"]; use = [
"image"
"reveal"
];
} }
{ {
mime = "video/*"; mime = "video/*";
use = ["play" "reveal"]; use = [
"play"
"reveal"
];
} }
{ {
mime = "application/json"; mime = "application/json";
use = ["edit" "reveal"]; use = [
"edit"
"reveal"
];
} }
{ {
mime = "*"; mime = "*";
use = ["edit" "open" "reveal"]; use = [
"edit"
"open"
"reveal"
];
} }
]; ];
opener = { opener = {

4
home/zellij/default.nix
View file

@ -1,7 +1,5 @@
_: { _: {
imports = [ imports = [ ./layouts.nix ];
./layouts.nix
];
programs.zellij = { programs.zellij = {
enable = true; enable = true;

3
hosts/ame/default.nix
View file

@ -1,4 +1,5 @@
{...}: { { ... }:
{
imports = [ imports = [
./hardware.nix ./hardware.nix
./services ./services

24
hosts/ame/hardware.nix
View file

@ -3,14 +3,13 @@
lib, lib,
modulesPath, modulesPath,
... ...
}: { }:
imports = [ {
(modulesPath + "/installer/scan/not-detected.nix") imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
];
boot = { boot = {
kernelModules = ["kvm-intel"]; kernelModules = [ "kvm-intel" ];
extraModulePackages = []; extraModulePackages = [ ];
loader = { loader = {
systemd-boot = { systemd-boot = {
enable = true; enable = true;
@ -22,8 +21,13 @@
}; };
}; };
initrd = { initrd = {
availableKernelModules = ["xhci_pci" "ahci" "usb_storage" "sd_mod"]; availableKernelModules = [
kernelModules = []; "xhci_pci"
"ahci"
"usb_storage"
"sd_mod"
];
kernelModules = [ ];
}; };
}; };
@ -42,9 +46,7 @@
}; };
}; };
swapDevices = [ swapDevices = [ { device = "/dev/disk/by-uuid/4f69ab31-f6a9-4799-92f1-5abbe0dc9180"; } ];
{device = "/dev/disk/by-uuid/4f69ab31-f6a9-4799-92f1-5abbe0dc9180";}
];
networking.useDHCP = lib.mkDefault true; networking.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";

5
hosts/ame/home.nix
View file

@ -1,4 +1,5 @@
{pkgs, ...}: { { pkgs, ... }:
{
imports = [ imports = [
../../home ../../home
../../home/anyrun ../../home/anyrun
@ -35,7 +36,7 @@
wl-clipboard wl-clipboard
swww swww
hyprpicker hyprpicker
(libsForQt5.callPackage ../../pkgs/chatterino7 {}) (libsForQt5.callPackage ../../pkgs/chatterino7 { })
]; ];
stateVersion = "23.05"; stateVersion = "23.05";
}; };

7
hosts/ame/services/default.nix
View file

@ -1,5 +1,4 @@
{...}: { { ... }:
imports = [ {
./restic.nix imports = [ ./restic.nix ];
];
} }

19
hosts/ame/services/restic.nix
View file

@ -1,17 +1,16 @@
{ pkgs, config, ... }:
{ {
pkgs, sops.secrets.restic-ame = {
config, sopsFile = ../../../secrets/restic/secrets.yaml;
... };
}: { sops.secrets.ame-s3 = {
sops.secrets.restic-ame = {sopsFile = ../../../secrets/restic/secrets.yaml;}; sopsFile = ../../../secrets/s3/secrets.yaml;
sops.secrets.ame-s3 = {sopsFile = ../../../secrets/s3/secrets.yaml;}; };
environment.systemPackages = [pkgs.restic]; environment.systemPackages = [ pkgs.restic ];
services.restic = { services.restic = {
backups = { backups = {
ame = { ame = {
paths = [ paths = [ "/home" ];
"/home"
];
exclude = [ exclude = [
"*.qcow2" "*.qcow2"
"*.iso" "*.iso"

3
hosts/arashi/default.nix
View file

@ -1,4 +1,5 @@
{...}: { { ... }:
{
imports = [ imports = [
./hardware.nix ./hardware.nix
./services ./services

32
hosts/arashi/hardware.nix
View file

@ -1,16 +1,13 @@
{ lib, modulesPath, ... }:
{ {
lib, imports = [ (modulesPath + "/profiles/qemu-guest.nix") ];
modulesPath,
...
}: {
imports = [
(modulesPath + "/profiles/qemu-guest.nix")
];
boot = { boot = {
kernelModules = []; kernelModules = [ ];
kernel.sysctl = {"kernel.shmmax" = 100663296;}; kernel.sysctl = {
extraModulePackages = []; "kernel.shmmax" = 100663296;
};
extraModulePackages = [ ];
loader.grub = { loader.grub = {
enable = true; enable = true;
configurationLimit = 5; configurationLimit = 5;
@ -18,8 +15,15 @@
useOSProber = false; useOSProber = false;
}; };
initrd = { initrd = {
availableKernelModules = ["ata_piix" "uhci_hcd" "virtio_pci" "virtio_scsi" "sd_mod" "sr_mod"]; availableKernelModules = [
kernelModules = []; "ata_piix"
"uhci_hcd"
"virtio_pci"
"virtio_scsi"
"sd_mod"
"sr_mod"
];
kernelModules = [ ];
}; };
}; };
@ -34,9 +38,7 @@
}; };
}; };
swapDevices = [ swapDevices = [ { device = "/dev/disk/by-uuid/e9eb4b6a-e9a1-4616-8c82-349d2f38d140"; } ];
{device = "/dev/disk/by-uuid/e9eb4b6a-e9a1-4616-8c82-349d2f38d140";}
];
networking.useDHCP = lib.mkDefault true; networking.useDHCP = lib.mkDefault true;

7
hosts/arashi/home.nix
View file

@ -1,7 +1,6 @@
{...}: { { ... }:
imports = [ {
../../home imports = [ ../../home ];
];
systemd.user.startServices = "sd-switch"; systemd.user.startServices = "sd-switch";
programs.home-manager.enable = true; programs.home-manager.enable = true;

7
hosts/arashi/services/postgresql.nix
View file

@ -1,9 +1,6 @@
{ pkgs, lib, ... }:
{ {
pkgs, networking.firewall.allowedTCPPorts = [ 5432 ];
lib,
...
}: {
networking.firewall.allowedTCPPorts = [5432];
services.postgresql = { services.postgresql = {
enable = true; enable = true;
enableTCPIP = true; enableTCPIP = true;

5
hosts/arashi/services/redis.nix
View file

@ -1,5 +1,6 @@
{pkgs, ...}: { { pkgs, ... }:
environment.systemPackages = [pkgs.redis-dump]; {
environment.systemPackages = [ pkgs.redis-dump ];
services.redis.servers = { services.redis.servers = {
forgejo = { forgejo = {
enable = true; enable = true;

15
hosts/arashi/services/restic.nix
View file

@ -1,17 +1,14 @@
{ pkgs, config, ... }:
{ {
pkgs, sops.secrets.restic-arashi = {
config, sopsFile = ../../../secrets/restic/secrets.yaml;
... };
}: { environment.systemPackages = [ pkgs.restic ];
sops.secrets.restic-arashi = {sopsFile = ../../../secrets/restic/secrets.yaml;};
environment.systemPackages = [pkgs.restic];
services.restic = { services.restic = {
backups = { backups = {
arashi = { arashi = {
user = "root"; user = "root";
paths = [ paths = [ "/var/backup/" ];
"/var/backup/"
];
pruneOpts = [ pruneOpts = [
"--keep-daily=7" "--keep-daily=7"
"--keep-weekly=6" "--keep-weekly=6"

118
hosts/default.nix
View file

@ -1,4 +1,5 @@
inputs: let inputs:
let
system = "x86_64-linux"; system = "x86_64-linux";
sopsModule = inputs.sops-nix.nixosModules.sops; sopsModule = inputs.sops-nix.nixosModules.sops;
hmModule = inputs.home-manager.nixosModules.home-manager; hmModule = inputs.home-manager.nixosModules.home-manager;
@ -9,10 +10,13 @@ inputs: let
atticModule = inputs.attic.nixosModules.atticd; atticModule = inputs.attic.nixosModules.atticd;
nurModule = inputs.nur.nixosModules.nur; nurModule = inputs.nur.nixosModules.nur;
inherit (inputs.nixpkgs.lib) nixosSystem; inherit (inputs.nixpkgs.lib) nixosSystem;
in { in
{
tsuki = nixosSystem { tsuki = nixosSystem {
inherit system; inherit system;
specialArgs = {inherit inputs;}; specialArgs = {
inherit inputs;
};
modules = [ modules = [
./tsuki ./tsuki
sopsModule sopsModule
@ -23,7 +27,9 @@ in {
home-manager = { home-manager = {
useGlobalPkgs = true; useGlobalPkgs = true;
useUserPackages = true; useUserPackages = true;
extraSpecialArgs = {inherit inputs;}; extraSpecialArgs = {
inherit inputs;
};
users.notoh = { users.notoh = {
imports = [ imports = [
./tsuki/home.nix ./tsuki/home.nix
@ -39,7 +45,9 @@ in {
}; };
sakura = nixosSystem { sakura = nixosSystem {
inherit system; inherit system;
specialArgs = {inherit inputs;}; specialArgs = {
inherit inputs;
};
modules = [ modules = [
./sakura ./sakura
sopsModule sopsModule
@ -48,11 +56,11 @@ in {
home-manager = { home-manager = {
useGlobalPkgs = true; useGlobalPkgs = true;
useUserPackages = true; useUserPackages = true;
extraSpecialArgs = {inherit inputs;}; extraSpecialArgs = {
inherit inputs;
};
users.notoh = { users.notoh = {
imports = [ imports = [ ./sakura/home.nix ];
./sakura/home.nix
];
}; };
}; };
} }
@ -60,7 +68,9 @@ in {
}; };
kariru = nixosSystem { kariru = nixosSystem {
inherit system; inherit system;
specialArgs = {inherit inputs;}; specialArgs = {
inherit inputs;
};
modules = [ modules = [
./kariru ./kariru
sopsModule sopsModule
@ -69,11 +79,11 @@ in {
home-manager = { home-manager = {
useGlobalPkgs = true; useGlobalPkgs = true;
useUserPackages = true; useUserPackages = true;
extraSpecialArgs = {inherit inputs;}; extraSpecialArgs = {
inherit inputs;
};
users.notoh = { users.notoh = {
imports = [ imports = [ ./kariru/home.nix ];
./kariru/home.nix
];
}; };
}; };
} }
@ -81,7 +91,9 @@ in {
}; };
yuki = nixosSystem { yuki = nixosSystem {
inherit system; inherit system;
specialArgs = {inherit inputs;}; specialArgs = {
inherit inputs;
};
modules = [ modules = [
./yuki ./yuki
sopsModule sopsModule
@ -90,11 +102,11 @@ in {
home-manager = { home-manager = {
useGlobalPkgs = true; useGlobalPkgs = true;
useUserPackages = true; useUserPackages = true;
extraSpecialArgs = {inherit inputs;}; extraSpecialArgs = {
inherit inputs;
};
users.notoh = { users.notoh = {
imports = [ imports = [ ./yuki/home.nix ];
./yuki/home.nix
];
}; };
}; };
} }
@ -102,7 +114,9 @@ in {
}; };
ame = nixosSystem { ame = nixosSystem {
inherit system; inherit system;
specialArgs = {inherit inputs;}; specialArgs = {
inherit inputs;
};
modules = [ modules = [
./ame ./ame
sopsModule sopsModule
@ -111,7 +125,9 @@ in {
home-manager = { home-manager = {
useGlobalPkgs = true; useGlobalPkgs = true;
useUserPackages = true; useUserPackages = true;
extraSpecialArgs = {inherit inputs;}; extraSpecialArgs = {
inherit inputs;
};
users.notoh = { users.notoh = {
imports = [ imports = [
./ame/home.nix ./ame/home.nix
@ -125,7 +141,9 @@ in {
}; };
arashi = nixosSystem { arashi = nixosSystem {
inherit system; inherit system;
specialArgs = {inherit inputs;}; specialArgs = {
inherit inputs;
};
modules = [ modules = [
./arashi ./arashi
sopsModule sopsModule
@ -134,11 +152,11 @@ in {
home-manager = { home-manager = {
useGlobalPkgs = true; useGlobalPkgs = true;
useUserPackages = true; useUserPackages = true;
extraSpecialArgs = {inherit inputs;}; extraSpecialArgs = {
inherit inputs;
};
users.notoh = { users.notoh = {
imports = [ imports = [ ./arashi/home.nix ];
./arashi/home.nix
];
}; };
}; };
} }
@ -146,7 +164,9 @@ in {
}; };
sora = nixosSystem { sora = nixosSystem {
inherit system; inherit system;
specialArgs = {inherit inputs;}; specialArgs = {
inherit inputs;
};
modules = [ modules = [
./sora ./sora
sopsModule sopsModule
@ -156,11 +176,11 @@ in {
home-manager = { home-manager = {
useGlobalPkgs = true; useGlobalPkgs = true;
useUserPackages = true; useUserPackages = true;
extraSpecialArgs = {inherit inputs;}; extraSpecialArgs = {
inherit inputs;
};
users.notoh = { users.notoh = {
imports = [ imports = [ ./sora/home.nix ];
./sora/home.nix
];
}; };
}; };
} }
@ -168,7 +188,9 @@ in {
}; };
tsuru = nixosSystem { tsuru = nixosSystem {
inherit system; inherit system;
specialArgs = {inherit inputs;}; specialArgs = {
inherit inputs;
};
modules = [ modules = [
./tsuru ./tsuru
sopsModule sopsModule
@ -177,11 +199,11 @@ in {
home-manager = { home-manager = {
useGlobalPkgs = true; useGlobalPkgs = true;
useUserPackages = true; useUserPackages = true;
extraSpecialArgs = {inherit inputs;}; extraSpecialArgs = {
inherit inputs;
};
users.notoh = { users.notoh = {
imports = [ imports = [ ./tsuru/home.nix ];
./tsuru/home.nix
];
}; };
}; };
} }
@ -189,7 +211,9 @@ in {
}; };
haru = nixosSystem { haru = nixosSystem {
inherit system; inherit system;
specialArgs = {inherit inputs;}; specialArgs = {
inherit inputs;
};
modules = [ modules = [
./haru ./haru
sopsModule sopsModule
@ -198,11 +222,11 @@ in {
home-manager = { home-manager = {
useGlobalPkgs = true; useGlobalPkgs = true;
useUserPackages = true; useUserPackages = true;
extraSpecialArgs = {inherit inputs;}; extraSpecialArgs = {
inherit inputs;
};
users.notoh = { users.notoh = {
imports = [ imports = [ ./haru/home.nix ];
./haru/home.nix
];
}; };
}; };
} }
@ -210,7 +234,9 @@ in {
}; };
kaze = nixosSystem { kaze = nixosSystem {
inherit system; inherit system;
specialArgs = {inherit inputs;}; specialArgs = {
inherit inputs;
};
modules = [ modules = [
./kaze ./kaze
sopsModule sopsModule
@ -219,11 +245,11 @@ in {
home-manager = { home-manager = {
useGlobalPkgs = true; useGlobalPkgs = true;
useUserPackages = true; useUserPackages = true;
extraSpecialArgs = {inherit inputs;}; extraSpecialArgs = {
inherit inputs;
};
users.notoh = { users.notoh = {
imports = [ imports = [ ./kaze/home.nix ];
./kaze/home.nix
];
}; };
}; };
} }

48
hosts/deploy.nix
View file

@ -7,7 +7,11 @@ inputs: {
path = activate.nixos inputs.self.nixosConfigurations.sakura; path = activate.nixos inputs.self.nixosConfigurations.sakura;
}; };
sshUser = "root"; sshUser = "root";
sshOpts = ["-t" "-i" "~/.ssh/forgejo"]; sshOpts = [
"-t"
"-i"
"~/.ssh/forgejo"
];
magicRollback = true; magicRollback = true;
}; };
kariru = { kariru = {
@ -17,7 +21,11 @@ inputs: {
path = activate.nixos inputs.self.nixosConfigurations.kariru; path = activate.nixos inputs.self.nixosConfigurations.kariru;
}; };
sshUser = "root"; sshUser = "root";
sshOpts = ["-t" "-i" "~/.ssh/forgejo"]; sshOpts = [
"-t"
"-i"
"~/.ssh/forgejo"
];
magicRollback = true; magicRollback = true;
}; };
yuki = { yuki = {
@ -27,7 +35,11 @@ inputs: {
path = activate.nixos inputs.self.nixosConfigurations.yuki; path = activate.nixos inputs.self.nixosConfigurations.yuki;
}; };
sshUser = "root"; sshUser = "root";
sshOpts = ["-t" "-i" "~/.ssh/forgejo"]; sshOpts = [
"-t"
"-i"
"~/.ssh/forgejo"
];
magicRollback = true; magicRollback = true;
}; };
arashi = { arashi = {
@ -37,7 +49,11 @@ inputs: {
path = activate.nixos inputs.self.nixosConfigurations.arashi; path = activate.nixos inputs.self.nixosConfigurations.arashi;
}; };
sshUser = "root"; sshUser = "root";
sshOpts = ["-t" "-i" "~/.ssh/forgejo"]; sshOpts = [
"-t"
"-i"
"~/.ssh/forgejo"
];
magicRollback = true; magicRollback = true;
}; };
sora = { sora = {
@ -47,7 +63,11 @@ inputs: {
path = activate.nixos inputs.self.nixosConfigurations.sora; path = activate.nixos inputs.self.nixosConfigurations.sora;
}; };
sshUser = "root"; sshUser = "root";
sshOpts = ["-t" "-i" "~/.ssh/forgejo"]; sshOpts = [
"-t"
"-i"
"~/.ssh/forgejo"
];
magicRollback = true; magicRollback = true;
}; };
tsuru = { tsuru = {
@ -57,7 +77,11 @@ inputs: {
path = activate.nixos inputs.self.nixosConfigurations.tsuru; path = activate.nixos inputs.self.nixosConfigurations.tsuru;
}; };
sshUser = "root"; sshUser = "root";
sshOpts = ["-t" "-i" "~/.ssh/forgejo"]; sshOpts = [
"-t"
"-i"
"~/.ssh/forgejo"
];
magicRollback = true; magicRollback = true;
}; };
haru = { haru = {
@ -67,7 +91,11 @@ inputs: {
path = activate.nixos inputs.self.nixosConfigurations.haru; path = activate.nixos inputs.self.nixosConfigurations.haru;
}; };
sshUser = "root"; sshUser = "root";
sshOpts = ["-t" "-i" "~/.ssh/forgejo"]; sshOpts = [
"-t"
"-i"
"~/.ssh/forgejo"
];
magicRollback = true; magicRollback = true;
}; };
kaze = { kaze = {
@ -77,7 +105,11 @@ inputs: {
path = activate.nixos inputs.self.nixosConfigurations.kaze; path = activate.nixos inputs.self.nixosConfigurations.kaze;
}; };
sshUser = "root"; sshUser = "root";
sshOpts = ["-t" "-i" "~/.ssh/forgejo"]; sshOpts = [
"-t"
"-i"
"~/.ssh/forgejo"
];
magicRollback = true; magicRollback = true;
}; };
}; };

3
hosts/haru/default.nix
View file

@ -1,4 +1,5 @@
{...}: { { ... }:
{
imports = [ imports = [
./hardware.nix ./hardware.nix
./services ./services

28
hosts/haru/hardware.nix
View file

@ -1,15 +1,10 @@
{ lib, modulesPath, ... }:
{ {
lib, imports = [ (modulesPath + "/profiles/qemu-guest.nix") ];
modulesPath,
...
}: {
imports = [
(modulesPath + "/profiles/qemu-guest.nix")
];
boot = { boot = {
kernelModules = []; kernelModules = [ ];
extraModulePackages = []; extraModulePackages = [ ];
loader.grub = { loader.grub = {
enable = true; enable = true;
configurationLimit = 5; configurationLimit = 5;
@ -17,8 +12,15 @@
useOSProber = false; useOSProber = false;
}; };
initrd = { initrd = {
availableKernelModules = ["ata_piix" "uhci_hcd" "virtio_pci" "virtio_scsi" "sd_mod" "sr_mod"]; availableKernelModules = [
kernelModules = []; "ata_piix"
"uhci_hcd"
"virtio_pci"
"virtio_scsi"
"sd_mod"
"sr_mod"
];
kernelModules = [ ];
}; };
}; };
@ -29,9 +31,7 @@
}; };
}; };
swapDevices = [ swapDevices = [ { device = "/dev/disk/by-uuid/c879fa21-fd80-422c-9aef-0becce5ff19c"; } ];
{device = "/dev/disk/by-uuid/c879fa21-fd80-422c-9aef-0becce5ff19c";}
];
networking.useDHCP = lib.mkDefault true; networking.useDHCP = lib.mkDefault true;

7
hosts/haru/home.nix
View file

@ -1,7 +1,6 @@
{...}: { { ... }:
imports = [ {
../../home imports = [ ../../home ];
];
systemd.user.startServices = "sd-switch"; systemd.user.startServices = "sd-switch";
programs.home-manager.enable = true; programs.home-manager.enable = true;

106
hosts/haru/services/blocky.nix
View file

@ -1,8 +1,12 @@
{pkgs, ...}: { { pkgs, ... }:
networking.firewall.allowedTCPPorts = [53 4000]; {
networking.firewall.allowedUDPPorts = [53]; networking.firewall.allowedTCPPorts = [
53
4000
];
networking.firewall.allowedUDPPorts = [ 53 ];
environment.systemPackages = [pkgs.blocky]; environment.systemPackages = [ pkgs.blocky ];
services.blocky = { services.blocky = {
enable = true; enable = true;
@ -72,25 +76,25 @@
"https://zerodot1.gitlab.io/CoinBlockerLists/hosts_browser" "https://zerodot1.gitlab.io/CoinBlockerLists/hosts_browser"
"https://raw.githubusercontent.com/StevenBlack/hosts/master/alternates/fakenews-only/hosts" "https://raw.githubusercontent.com/StevenBlack/hosts/master/alternates/fakenews-only/hosts"
]; ];
catchall = [ catchall = [ "https://big.oisd.nl/domainswild" ];
"https://big.oisd.nl/domainswild"
];
};
whiteLists = let
customWhitelist = pkgs.writeText "misc.txt" ''
ax.phobos.apple.com.edgesuite.net
amp-api-edge.apps.apple.com
(\.|^)dscx\.akamaiedge\.net$
(\.|^)wac\.phicdn\.net$
*.flake.sh
'';
in {
ads = [
"https://raw.githubusercontent.com/anudeepND/whitelist/master/domains/whitelist.txt"
"https://raw.githubusercontent.com/anudeepND/whitelist/master/domains/optional-list.txt"
];
misc = [customWhitelist];
}; };
whiteLists =
let
customWhitelist = pkgs.writeText "misc.txt" ''
ax.phobos.apple.com.edgesuite.net
amp-api-edge.apps.apple.com
(\.|^)dscx\.akamaiedge\.net$
(\.|^)wac\.phicdn\.net$
*.flake.sh
'';
in
{
ads = [
"https://raw.githubusercontent.com/anudeepND/whitelist/master/domains/whitelist.txt"
"https://raw.githubusercontent.com/anudeepND/whitelist/master/domains/optional-list.txt"
];
misc = [ customWhitelist ];
};
clientGroupsBlock = { clientGroupsBlock = {
default = [ default = [
"ads" "ads"
@ -103,39 +107,41 @@
}; };
customDNS = { customDNS = {
customTTL = "1h"; customTTL = "1h";
mapping = let mapping =
yukiIp = "192.168.1.98"; let
in { yukiIp = "192.168.1.98";
# infra in
{
# infra
"truenas.internal.flake.sh" = "192.168.1.199"; "truenas.internal.flake.sh" = "192.168.1.199";
"hass.internal.flake.sh" = "${yukiIp}"; "hass.internal.flake.sh" = "${yukiIp}";
"dashboard.internal.flake.sh" = "${yukiIp}"; "dashboard.internal.flake.sh" = "${yukiIp}";
"udm.internal.flake.sh" = "192.168.1.1"; "udm.internal.flake.sh" = "192.168.1.1";
"pve.internal.flake.sh" = "192.168.1.37"; "pve.internal.flake.sh" = "192.168.1.37";
"pbs.internal.flake.sh" = "192.168.1.38"; "pbs.internal.flake.sh" = "192.168.1.38";
# media # media
"jellyfin.internal.flake.sh" = "${yukiIp}"; "jellyfin.internal.flake.sh" = "${yukiIp}";
"jellyseerr.internal.flake.sh" = "${yukiIp}"; "jellyseerr.internal.flake.sh" = "${yukiIp}";
"sonarr.internal.flake.sh" = "${yukiIp}"; "sonarr.internal.flake.sh" = "${yukiIp}";
"radarr.internal.flake.sh" = "${yukiIp}"; "radarr.internal.flake.sh" = "${yukiIp}";
"readarr.internal.flake.sh" = "${yukiIp}"; "readarr.internal.flake.sh" = "${yukiIp}";
"lidarr.internal.flake.sh" = "${yukiIp}"; "lidarr.internal.flake.sh" = "${yukiIp}";
"whisparr.internal.flake.sh" = "${yukiIp}"; "whisparr.internal.flake.sh" = "${yukiIp}";
"bazarr.internal.flake.sh" = "${yukiIp}"; "bazarr.internal.flake.sh" = "${yukiIp}";
"prowlarr.internal.flake.sh" = "${yukiIp}"; "prowlarr.internal.flake.sh" = "${yukiIp}";
"stash.internal.flake.sh" = "${yukiIp}"; "stash.internal.flake.sh" = "${yukiIp}";
"nextcloud.internal.flake.sh" = "192.168.1.199"; "nextcloud.internal.flake.sh" = "192.168.1.199";
# misc # misc
"wallos.internal.flake.sh" = "${yukiIp}"; "wallos.internal.flake.sh" = "${yukiIp}";
"synology.internal.flake.sh" = "192.168.1.71"; "synology.internal.flake.sh" = "192.168.1.71";
"paperless.internal.flake.sh" = "${yukiIp}"; "paperless.internal.flake.sh" = "${yukiIp}";
"rss.internal.flake.sh" = "${yukiIp}"; "rss.internal.flake.sh" = "${yukiIp}";
}; };
}; };
redis = { redis = {
address = "192.168.1.211:6381"; address = "192.168.1.211:6381";

3
hosts/kariru/default.nix
View file

@ -1,4 +1,5 @@
{...}: { { ... }:
{
imports = [ imports = [
./hardware.nix ./hardware.nix
./services ./services

28
hosts/kariru/hardware.nix
View file

@ -1,15 +1,10 @@
{ lib, modulesPath, ... }:
{ {
lib, imports = [ (modulesPath + "/profiles/qemu-guest.nix") ];
modulesPath,
...
}: {
imports = [
(modulesPath + "/profiles/qemu-guest.nix")
];
boot = { boot = {
kernelModules = []; kernelModules = [ ];
extraModulePackages = []; extraModulePackages = [ ];
loader.grub = { loader.grub = {
enable = true; enable = true;
configurationLimit = 5; configurationLimit = 5;
@ -17,8 +12,15 @@
useOSProber = false; useOSProber = false;
}; };
initrd = { initrd = {
availableKernelModules = ["ata_piix" "uhci_hcd" "virtio_pci" "virtio_scsi" "sd_mod" "sr_mod"]; availableKernelModules = [
kernelModules = []; "ata_piix"
"uhci_hcd"
"virtio_pci"
"virtio_scsi"
"sd_mod"
"sr_mod"
];
kernelModules = [ ];
}; };
}; };
@ -41,9 +43,7 @@
}; };
}; };
swapDevices = [ swapDevices = [ { device = "/dev/disk/by-uuid/f28bad28-ae14-4aa7-85c5-47abe46bae56"; } ];
{device = "/dev/disk/by-uuid/f28bad28-ae14-4aa7-85c5-47abe46bae56";}
];
networking.useDHCP = lib.mkDefault true; networking.useDHCP = lib.mkDefault true;

7
hosts/kariru/home.nix
View file

@ -1,7 +1,6 @@
{...}: { { ... }:
imports = [ {
../../home imports = [ ../../home ];
];
systemd.user.startServices = "sd-switch"; systemd.user.startServices = "sd-switch";
programs.home-manager.enable = true; programs.home-manager.enable = true;

15
hosts/kariru/services/default.nix
View file

@ -1,12 +1,13 @@
{pkgs, ...}: { { pkgs, ... }:
networking.firewall.allowedTCPPorts = [9292]; {
networking.firewall.allowedTCPPorts = [ 9292 ];
imports = [ imports = [
./restic.nix ./restic.nix
./torrent.nix ./torrent.nix
]; ];
environment.systemPackages = [pkgs.recyclarr]; environment.systemPackages = [ pkgs.recyclarr ];
services = { services = {
radarr = { radarr = {
enable = true; enable = true;
@ -38,18 +39,18 @@
virtualisation.oci-containers.containers = { virtualisation.oci-containers.containers = {
whisparr = { whisparr = {
image = "ghcr.io/hotio/whisparr@sha256:88b91920b77339e2deda418960be28868df538413abea6cdddaf4013e43c4c0f"; # v3-3.0.0.425 image = "ghcr.io/hotio/whisparr@sha256:88b91920b77339e2deda418960be28868df538413abea6cdddaf4013e43c4c0f"; # v3-3.0.0.425
ports = ["6969:6969"]; ports = [ "6969:6969" ];
volumes = [ volumes = [
"/var/lib/whisparr:/config" "/var/lib/whisparr:/config"
"/stash:/media/stash" "/stash:/media/stash"
"/media/downloads:/media/downloads" "/media/downloads:/media/downloads"
]; ];
extraOptions = ["--network=host"]; extraOptions = [ "--network=host" ];
}; };
flaresolverr = { flaresolverr = {
image = "ghcr.io/flaresolverr/flaresolverr@sha256:213bb58aa341a0188e64ce2c21e1c5748b167c719828bc61dd904eb0fb1aec63"; # v3.3.13 image = "ghcr.io/flaresolverr/flaresolverr@sha256:213bb58aa341a0188e64ce2c21e1c5748b167c719828bc61dd904eb0fb1aec63"; # v3.3.13
ports = ["8191:8191"]; ports = [ "8191:8191" ];
extraOptions = ["--network=host"]; extraOptions = [ "--network=host" ];
}; };
}; };
} }

11
hosts/kariru/services/restic.nix
View file

@ -1,10 +1,9 @@
{ pkgs, config, ... }:
{ {
pkgs, sops.secrets.restic-kariru = {
config, sopsFile = ../../../secrets/restic/secrets.yaml;
... };
}: { environment.systemPackages = [ pkgs.restic ];
sops.secrets.restic-kariru = {sopsFile = ../../../secrets/restic/secrets.yaml;};
environment.systemPackages = [pkgs.restic];
services.restic = { services.restic = {
backups = { backups = {
kariru = { kariru = {

21
hosts/kariru/services/torrent.nix
View file

@ -1,24 +1,25 @@
{config, ...}: { { config, ... }:
sops.secrets.gluetun = {}; {
sops.secrets.gluetun = { };
virtualisation.oci-containers.containers = { virtualisation.oci-containers.containers = {
gluetun = { gluetun = {
image = "qmcgaw/gluetun@sha256:e15ede3ce007e3f6e3f6532c7d8d6051f4bb0dca4bb3c5edd7aa3316916e9990"; #v3.37.0 image = "qmcgaw/gluetun@sha256:e15ede3ce007e3f6e3f6532c7d8d6051f4bb0dca4bb3c5edd7aa3316916e9990"; # v3.37.0
hostname = "gluetun"; hostname = "gluetun";
ports = [ ports = [
"8000:8000/tcp" # HTTP control server "8000:8000/tcp" # HTTP control server
"8888:8888/tcp" # HTTP proxy "8888:8888/tcp" # HTTP proxy
"8388:8388/tcp" # Shadowsocks "8388:8388/tcp" # Shadowsocks
"8388:8388/udp" # Shadowsocks "8388:8388/udp" # Shadowsocks
"8080:8080" #qb "8080:8080" # qb
"6881:6881" #qb "6881:6881" # qb
"6881:6881/udp" #qb "6881:6881/udp" # qb
]; ];
environmentFiles = [config.sops.secrets.gluetun.path]; environmentFiles = [ config.sops.secrets.gluetun.path ];
extraOptions = ["--cap-add=NET_ADMIN"]; extraOptions = [ "--cap-add=NET_ADMIN" ];
}; };
qbittorrent = { qbittorrent = {
image = "linuxserver/qbittorrent@sha256:c388ef02586a7d37c708c63eef069025663f4ac99cd29c9480bc34018d8b4194"; # v4.6.3 image = "linuxserver/qbittorrent@sha256:c388ef02586a7d37c708c63eef069025663f4ac99cd29c9480bc34018d8b4194"; # v4.6.3
dependsOn = ["gluetun"]; dependsOn = [ "gluetun" ];
environment = { environment = {
PUID = "1001"; PUID = "1001";
PGID = "2001"; PGID = "2001";
@ -30,7 +31,7 @@
"/media/downloads:/downloads" "/media/downloads:/downloads"
"/media/incomplete-downloads:/incomplete-downloads" "/media/incomplete-downloads:/incomplete-downloads"
]; ];
extraOptions = ["--network=container:gluetun"]; extraOptions = [ "--network=container:gluetun" ];
}; };
}; };
} }

3
hosts/kaze/default.nix
View file

@ -1,4 +1,5 @@
{...}: { { ... }:
{
imports = [ imports = [
./hardware.nix ./hardware.nix
./services ./services

29
hosts/kaze/hardware.nix
View file

@ -1,15 +1,10 @@
{ lib, modulesPath, ... }:
{ {
lib, imports = [ (modulesPath + "/profiles/qemu-guest.nix") ];
modulesPath,
...
}: {
imports = [
(modulesPath + "/profiles/qemu-guest.nix")
];
boot = { boot = {
kernelModules = ["kvm-amd"]; kernelModules = [ "kvm-amd" ];
extraModulePackages = []; extraModulePackages = [ ];
loader.grub = { loader.grub = {
enable = true; enable = true;
configurationLimit = 5; configurationLimit = 5;
@ -17,8 +12,16 @@
useOSProber = true; useOSProber = true;
}; };
initrd = { initrd = {
availableKernelModules = ["ata_piix" "uhci_hcd" "virtio_pci" "virtio_scsi" "sd_mod" "sr_mod" "virtio_blk"]; availableKernelModules = [
kernelModules = []; "ata_piix"
"uhci_hcd"
"virtio_pci"
"virtio_scsi"
"sd_mod"
"sr_mod"
"virtio_blk"
];
kernelModules = [ ];
}; };
}; };
@ -33,9 +36,7 @@
}; };
}; };
swapDevices = [ swapDevices = [ { device = "/dev/disk/by-uuid/100a4262-ce57-47a7-b99a-f124a8e369de"; } ];
{device = "/dev/disk/by-uuid/100a4262-ce57-47a7-b99a-f124a8e369de";}
];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's # (the default) this is the recommended approach. When using systemd-networkd it's

7
hosts/kaze/home.nix
View file

@ -1,7 +1,6 @@
{...}: { { ... }:
imports = [ {
../../home imports = [ ../../home ];
];
systemd.user.startServices = "sd-switch"; systemd.user.startServices = "sd-switch";
programs.home-manager.enable = true; programs.home-manager.enable = true;

37
hosts/kaze/services/minio.nix
View file

@ -1,27 +1,28 @@
{ config, pkgs, ... }:
{ {
config, environment.systemPackages = [ pkgs.minio-client ];
pkgs,
...
}: {
environment.systemPackages = [pkgs.minio-client];
systemd.services.minio.environment = {MINIO_BROWSER_REDIRECT = "false";}; systemd.services.minio.environment = {
MINIO_BROWSER_REDIRECT = "false";
};
sops.secrets.minio = { sops.secrets.minio = {
owner = "minio"; owner = "minio";
group = "minio"; group = "minio";
mode = "0600"; mode = "0600";
restartUnits = ["minio.service"]; restartUnits = [ "minio.service" ];
};
services.minio = let
dataDir = "/var/lib/slab/minio";
in {
enable = true;
region = "us-east-1";
consoleAddress = "0.0.0.0:9006";
listenAddress = "0.0.0.0:9005";
rootCredentialsFile = config.sops.secrets.minio.path;
dataDir = ["${dataDir}/data"];
configDir = "${dataDir}/config";
}; };
services.minio =
let
dataDir = "/var/lib/slab/minio";
in
{
enable = true;
region = "us-east-1";
consoleAddress = "0.0.0.0:9006";
listenAddress = "0.0.0.0:9005";
rootCredentialsFile = config.sops.secrets.minio.path;
dataDir = [ "${dataDir}/data" ];
configDir = "${dataDir}/config";
};
} }

28
hosts/kaze/services/tailscale.nix
View file

@ -3,22 +3,34 @@
lib, lib,
pkgs, pkgs,
... ...
}: { }:
sops.secrets.tsauth-kaze = {sopsFile = ../../../secrets/tailscale/secrets.yaml;}; {
environment.systemPackages = [pkgs.jq pkgs.tailscale]; sops.secrets.tsauth-kaze = {
sopsFile = ../../../secrets/tailscale/secrets.yaml;
};
environment.systemPackages = [
pkgs.jq
pkgs.tailscale
];
services.tailscale = { services.tailscale = {
useRoutingFeatures = lib.mkDefault "client"; useRoutingFeatures = lib.mkDefault "client";
}; };
networking.firewall.allowedUDPPorts = [config.services.tailscale.port]; networking.firewall.allowedUDPPorts = [ config.services.tailscale.port ];
networking.firewall.trustedInterfaces = [config.services.tailscale.interfaceName]; networking.firewall.trustedInterfaces = [ config.services.tailscale.interfaceName ];
systemd.services.tailscale-autoconnect = { systemd.services.tailscale-autoconnect = {
description = "Automatic connection to Tailscale"; description = "Automatic connection to Tailscale";
# make sure tailscale is running before trying to connect to tailscale # make sure tailscale is running before trying to connect to tailscale
after = ["network-pre.target" "tailscale.service"]; after = [
wants = ["network-pre.target" "tailscale.service"]; "network-pre.target"
wantedBy = ["multi-user.target"]; "tailscale.service"
];
wants = [
"network-pre.target"
"tailscale.service"
];
wantedBy = [ "multi-user.target" ];
# set this service as a oneshot job # set this service as a oneshot job
serviceConfig.Type = "oneshot"; serviceConfig.Type = "oneshot";

28
hosts/sakura/hardware.nix
View file

@ -1,15 +1,10 @@
{ lib, modulesPath, ... }:
{ {
lib, imports = [ (modulesPath + "/profiles/qemu-guest.nix") ];
modulesPath,
...
}: {
imports = [
(modulesPath + "/profiles/qemu-guest.nix")
];
boot = { boot = {
kernelModules = []; kernelModules = [ ];
extraModulePackages = []; extraModulePackages = [ ];
loader.grub = { loader.grub = {
enable = true; enable = true;
configurationLimit = 5; configurationLimit = 5;
@ -17,8 +12,15 @@
useOSProber = false; useOSProber = false;
}; };
initrd = { initrd = {
availableKernelModules = ["ata_piix" "uhci_hcd" "virtio_pci" "virtio_scsi" "sd_mod" "sr_mod"]; availableKernelModules = [
kernelModules = []; "ata_piix"
"uhci_hcd"
"virtio_pci"
"virtio_scsi"
"sd_mod"
"sr_mod"
];
kernelModules = [ ];
}; };
}; };
@ -37,9 +39,7 @@
}; };
}; };
swapDevices = [ swapDevices = [ { device = "/dev/disk/by-uuid/c5afba13-f1af-4e7f-994b-f565c52d92fc"; } ];
{device = "/dev/disk/by-uuid/c5afba13-f1af-4e7f-994b-f565c52d92fc";}
];
networking.useDHCP = lib.mkDefault true; networking.useDHCP = lib.mkDefault true;

7
hosts/sakura/home.nix
View file

@ -1,7 +1,6 @@
{...}: { { ... }:
imports = [ {
../../home imports = [ ../../home ];
];
systemd.user.startServices = "sd-switch"; systemd.user.startServices = "sd-switch";
programs.home-manager.enable = true; programs.home-manager.enable = true;

125
hosts/sakura/services/authelia.nix
View file

@ -1,68 +1,77 @@
{config, ...}: { { config, ... }:
networking.firewall.allowedTCPPorts = [9091]; {
sops.secrets.authelia-jwt = {owner = config.systemd.services.authelia-default.serviceConfig.User;}; networking.firewall.allowedTCPPorts = [ 9091 ];
sops.secrets.authelia-sek = {owner = config.systemd.services.authelia-default.serviceConfig.User;}; sops.secrets.authelia-jwt = {
owner = config.systemd.services.authelia-default.serviceConfig.User;
};
sops.secrets.authelia-sek = {
owner = config.systemd.services.authelia-default.serviceConfig.User;
};
services.authelia.instances.default = { services.authelia.instances.default = {
enable = true; enable = true;
secrets = { secrets = {
jwtSecretFile = config.sops.secrets.authelia-jwt.path; jwtSecretFile = config.sops.secrets.authelia-jwt.path;
storageEncryptionKeyFile = config.sops.secrets.authelia-sek.path; storageEncryptionKeyFile = config.sops.secrets.authelia-sek.path;
}; };
settings = let settings =
pqdn = "notohh.dev"; let
in { pqdn = "notohh.dev";
log.level = "debug"; in
theme = "dark"; {
default_2fa_method = "totp"; log.level = "debug";
default_redirection_url = "https://passport.${pqdn}/"; theme = "dark";
authentication_backend = { default_2fa_method = "totp";
file.path = "/var/lib/authelia-default/user.yml"; default_redirection_url = "https://passport.${pqdn}/";
}; authentication_backend = {
session = { file.path = "/var/lib/authelia-default/user.yml";
domain = pqdn; };
expiration = 3600; session = {
inactivity = 300; domain = pqdn;
}; expiration = 3600;
totp = { inactivity = 300;
issuer = "authelia.com"; };
disable = false; totp = {
algorithm = "sha1"; issuer = "authelia.com";
digits = 6; disable = false;
period = 30; algorithm = "sha1";
skew = 1; digits = 6;
secret_size = 32; period = 30;
}; skew = 1;
server = { secret_size = 32;
host = "0.0.0.0"; };
port = 9091; server = {
}; host = "0.0.0.0";
access_control = { port = 9091;
default_policy = "deny"; };
rules = [ access_control = {
default_policy = "deny";
rules = [
{
domain = pqdn;
policy = "bypass";
}
];
};
regulation = {
max_retries = 3;
find_time = 120;
ban_time = 300;
};
notifier.filesystem = {
filename = "/var/lib/authelia-default/notif.txt";
};
storage.postgres =
let
dbInfo = "authelia";
in
{ {
domain = pqdn; host = "192.168.1.211";
policy = "bypass"; port = 5432;
} database = dbInfo;
]; schema = "public";
username = dbInfo;
password = dbInfo;
};
}; };
regulation = {
max_retries = 3;
find_time = 120;
ban_time = 300;
};
notifier.filesystem = {
filename = "/var/lib/authelia-default/notif.txt";
};
storage.postgres = let
dbInfo = "authelia";
in {
host = "192.168.1.211";
port = 5432;
database = dbInfo;
schema = "public";
username = dbInfo;
password = dbInfo;
};
};
}; };
} }

7
hosts/sakura/services/conduit.nix
View file

@ -1,5 +1,8 @@
_: { _: {
networking.firewall.allowedTCPPorts = [6167 8448]; networking.firewall.allowedTCPPorts = [
6167
8448
];
services.matrix-conduit = { services.matrix-conduit = {
enable = true; enable = true;
settings = { settings = {
@ -14,7 +17,7 @@ _: {
max_request_size = 20000000; max_request_size = 20000000;
database_backend = "rocksdb"; database_backend = "rocksdb";
enable_lightning_bolt = false; enable_lightning_bolt = false;
trusted_servers = ["matrix.org"]; trusted_servers = [ "matrix.org" ];
}; };
}; };
}; };

3
hosts/sakura/services/default.nix
View file

@ -1,4 +1,5 @@
{...}: { { ... }:
{
imports = [ imports = [
./restic.nix ./restic.nix
./authelia.nix ./authelia.nix

18
hosts/sakura/services/forgejo.nix
View file

@ -1,14 +1,14 @@
{ { lib, config, ... }:
lib, let
config,
...
}: let
sshPort = 2222; sshPort = 2222;
dbHost = "192.168.1.211"; dbHost = "192.168.1.211";
dbLogin = "forgejo"; dbLogin = "forgejo";
in { in
sops.secrets.smtp2go-pwd = {owner = "forgejo";}; {
networking.firewall.allowedTCPPorts = [2222]; sops.secrets.smtp2go-pwd = {
owner = "forgejo";
};
networking.firewall.allowedTCPPorts = [ 2222 ];
services.forgejo = { services.forgejo = {
enable = true; enable = true;
stateDir = "/var/lib/forgejo"; stateDir = "/var/lib/forgejo";
@ -78,7 +78,7 @@ in {
services.fail2ban.jails.forgejo = { services.fail2ban.jails.forgejo = {
settings = { settings = {
filter = "forgejo"; filter = "forgejo";
action = ''iptables-allports''; action = "iptables-allports";
mode = "aggressive"; mode = "aggressive";
maxretry = 3; maxretry = 3;
findtime = 3600; findtime = 3600;

6
hosts/sakura/services/grafana.nix
View file

@ -1,7 +1,9 @@
_: let _:
let
prometheusPort = "9090"; prometheusPort = "9090";
dbLogin = "grafana"; dbLogin = "grafana";
in { in
{
services.grafana = { services.grafana = {
enable = true; enable = true;
settings = { settings = {

2
hosts/sakura/services/hedgedoc.nix
View file

@ -5,7 +5,7 @@ _: {
port = 3300; port = 3300;
domain = "scratch.flake.sh"; domain = "scratch.flake.sh";
host = "100.121.201.47"; host = "100.121.201.47";
allowOrigin = ["scratch.flake.sh"]; allowOrigin = [ "scratch.flake.sh" ];
allowAnonymous = true; allowAnonymous = true;
allowFreeURL = true; allowFreeURL = true;
allowEmailRegister = false; allowEmailRegister = false;

4
hosts/sakura/services/justlog.nix
View file

@ -1,8 +1,8 @@
_: { _: {
networking.firewall.allowedTCPPorts = [8025]; networking.firewall.allowedTCPPorts = [ 8025 ];
virtualisation.oci-containers.containers.justlog = { virtualisation.oci-containers.containers.justlog = {
image = "ghcr.io/gempir/justlog@sha256:44b2426c0057b44019b78b1daece13dac2356ff68f9f506f067c8c4c92f54f22"; image = "ghcr.io/gempir/justlog@sha256:44b2426c0057b44019b78b1daece13dac2356ff68f9f506f067c8c4c92f54f22";
ports = ["8025:8025"]; ports = [ "8025:8025" ];
volumes = [ volumes = [
"/home/notoh/justlog/config.json:/etc/justlog.json" "/home/notoh/justlog/config.json:/etc/justlog.json"
"/home/notoh/justlog/logs:/logs" "/home/notoh/justlog/logs:/logs"

11
hosts/sakura/services/restic.nix
View file

@ -1,10 +1,9 @@
{ pkgs, config, ... }:
{ {
pkgs, sops.secrets.restic-sakura = {
config, sopsFile = ../../../secrets/restic/secrets.yaml;
... };
}: { environment.systemPackages = [ pkgs.restic ];
sops.secrets.restic-sakura = {sopsFile = ../../../secrets/restic/secrets.yaml;};
environment.systemPackages = [pkgs.restic];
services.restic = { services.restic = {
backups = { backups = {
sakura = { sakura = {

7
hosts/sakura/services/rustypaste.nix
View file

@ -1,9 +1,10 @@
{pkgs, ...}: { { pkgs, ... }:
environment.systemPackages = with pkgs; [rustypaste]; {
environment.systemPackages = with pkgs; [ rustypaste ];
systemd.services.rustypaste = { systemd.services.rustypaste = {
enable = true; enable = true;
wantedBy = ["multi-user.target"]; wantedBy = [ "multi-user.target" ];
description = "A minimal file upload/pastebin service."; description = "A minimal file upload/pastebin service.";
environment = { environment = {
CONFIG = "/var/lib/rustypaste/config.toml"; CONFIG = "/var/lib/rustypaste/config.toml";

28
hosts/sakura/services/tailscale.nix
View file

@ -3,22 +3,34 @@
lib, lib,
pkgs, pkgs,
... ...
}: { }:
sops.secrets.tsauth-sakura = {sopsFile = ../../../secrets/tailscale/secrets.yaml;}; {
environment.systemPackages = [pkgs.jq pkgs.tailscale]; sops.secrets.tsauth-sakura = {
sopsFile = ../../../secrets/tailscale/secrets.yaml;
};
environment.systemPackages = [
pkgs.jq
pkgs.tailscale
];
services.tailscale = { services.tailscale = {
useRoutingFeatures = lib.mkDefault "client"; useRoutingFeatures = lib.mkDefault "client";
}; };
networking.firewall.allowedUDPPorts = [config.services.tailscale.port]; networking.firewall.allowedUDPPorts = [ config.services.tailscale.port ];
networking.firewall.trustedInterfaces = [config.services.tailscale.interfaceName]; networking.firewall.trustedInterfaces = [ config.services.tailscale.interfaceName ];
systemd.services.tailscale-autoconnect = { systemd.services.tailscale-autoconnect = {
description = "Automatic connection to Tailscale"; description = "Automatic connection to Tailscale";
# make sure tailscale is running before trying to connect to tailscale # make sure tailscale is running before trying to connect to tailscale
after = ["network-pre.target" "tailscale.service"]; after = [
wants = ["network-pre.target" "tailscale.service"]; "network-pre.target"
wantedBy = ["multi-user.target"]; "tailscale.service"
];
wants = [
"network-pre.target"
"tailscale.service"
];
wantedBy = [ "multi-user.target" ];
# set this service as a oneshot job # set this service as a oneshot job
serviceConfig.Type = "oneshot"; serviceConfig.Type = "oneshot";

7
hosts/sakura/services/vaultwarden.nix
View file

@ -1,9 +1,6 @@
{ pkgs, config, ... }:
{ {
pkgs, sops.secrets.vaultwarden-env = { };
config,
...
}: {
sops.secrets.vaultwarden-env = {};
services.vaultwarden = { services.vaultwarden = {
enable = true; enable = true;
package = pkgs.vaultwarden-postgresql; package = pkgs.vaultwarden-postgresql;

14
hosts/sora/hardware.nix
View file

@ -1,5 +1,6 @@
{modulesPath, ...}: { { modulesPath, ... }:
imports = [(modulesPath + "/profiles/qemu-guest.nix")]; {
imports = [ (modulesPath + "/profiles/qemu-guest.nix") ];
zramSwap.enable = true; zramSwap.enable = true;
@ -11,8 +12,13 @@
device = "nodev"; device = "nodev";
}; };
initrd = { initrd = {
availableKernelModules = ["ata_piix" "uhci_hcd" "xen_blkfront" "vmw_pvscsi"]; availableKernelModules = [
kernelModules = ["nvme"]; "ata_piix"
"uhci_hcd"
"xen_blkfront"
"vmw_pvscsi"
];
kernelModules = [ "nvme" ];
}; };
}; };

7
hosts/sora/home.nix
View file

@ -1,7 +1,6 @@
{...}: { { ... }:
imports = [ {
../../home imports = [ ../../home ];
];
systemd.user.startServices = "sd-switch"; systemd.user.startServices = "sd-switch";
programs.home-manager.enable = true; programs.home-manager.enable = true;

3
hosts/sora/networking.nix
View file

@ -1,4 +1,5 @@
{lib, ...}: { { lib, ... }:
{
networking = { networking = {
hostName = "sora"; hostName = "sora";
nameservers = [ nameservers = [

11
hosts/sora/services/attic.nix
View file

@ -1,18 +1,15 @@
{ config, pkgs, ... }:
{ {
config, sops.secrets.attic = { };
pkgs,
...
}: {
sops.secrets.attic = {};
environment.systemPackages = [pkgs.attic]; environment.systemPackages = [ pkgs.attic ];
services.atticd = { services.atticd = {
enable = true; enable = true;
credentialsFile = config.sops.secrets.attic.path; credentialsFile = config.sops.secrets.attic.path;
settings = { settings = {
listen = "[::]:8200"; listen = "[::]:8200";
allowed-hosts = ["cache.flake.sh"]; allowed-hosts = [ "cache.flake.sh" ];
database.url = "postgres://attic:attic@100.94.214.100:5432/attic"; database.url = "postgres://attic:attic@100.94.214.100:5432/attic";
api-endpoint = "https://cache.flake.sh/"; api-endpoint = "https://cache.flake.sh/";
require-proof-of-possession = false; require-proof-of-possession = false;

5
hosts/sora/services/atuin.nix
View file

@ -1,5 +1,6 @@
{lib, ...}: { { lib, ... }:
networking.firewall.allowedTCPPorts = [8888]; {
networking.firewall.allowedTCPPorts = [ 8888 ];
services.atuin = { services.atuin = {
enable = true; enable = true;
openRegistration = false; openRegistration = false;

3
hosts/sora/services/default.nix
View file

@ -1,4 +1,5 @@
{...}: { { ... }:
{
imports = [ imports = [
./restic.nix ./restic.nix
./traefik.nix ./traefik.nix

2
hosts/sora/services/factorio.nix
View file

@ -4,7 +4,7 @@ _: {
public = false; public = false;
lan = false; lan = false;
openFirewall = true; openFirewall = true;
admins = ["notoh"]; admins = [ "notoh" ];
game-name = "forsen"; game-name = "forsen";
autosave-interval = 20; autosave-interval = 20;
}; };

8
hosts/sora/services/foundryvtt.nix
View file

@ -1,9 +1,9 @@
_: { _: {
sops.secrets.foundry-username = {}; sops.secrets.foundry-username = { };
sops.secrets.foundry-password = {}; sops.secrets.foundry-password = { };
virtualisation.oci-containers.containers.foundryvtt = { virtualisation.oci-containers.containers.foundryvtt = {
image = "felddy/foundryvtt@sha256:d85dab9704d771f3a33f21439f1bf34748fb5bf1987668ff402b5b17d1973f5a"; image = "felddy/foundryvtt@sha256:d85dab9704d771f3a33f21439f1bf34748fb5bf1987668ff402b5b17d1973f5a";
volumes = ["/home/notoh/docker/foundryvtt:/data"]; volumes = [ "/home/notoh/docker/foundryvtt:/data" ];
environment = { environment = {
CONTAINER_PRESERVE_CONFIG = "true"; CONTAINER_PRESERVE_CONFIG = "true";
}; };
@ -11,6 +11,6 @@ _: {
/run/secrets/foundry-username /run/secrets/foundry-username
/run/secrets/foundry-password /run/secrets/foundry-password
]; ];
ports = ["30000:30000"]; ports = [ "30000:30000" ];
}; };
} }

4
hosts/sora/services/glances.nix
View file

@ -1,8 +1,8 @@
_: { _: {
virtualisation.oci-containers.containers.glances = { virtualisation.oci-containers.containers.glances = {
image = "nicolargo/glances"; image = "nicolargo/glances";
ports = ["61208-61209:61208-61209"]; ports = [ "61208-61209:61208-61209" ];
volumes = ["/var/run/docker.sock:/var/run/docker.sock"]; volumes = [ "/var/run/docker.sock:/var/run/docker.sock" ];
environment = { environment = {
GLANCES_OPT = "-w"; GLANCES_OPT = "-w";
}; };

11
hosts/sora/services/minecraft.nix
View file

@ -1,9 +1,12 @@
_: { _: {
networking.firewall.allowedTCPPorts = [25565]; networking.firewall.allowedTCPPorts = [ 25565 ];
networking.firewall.allowedUDPPorts = [24454]; networking.firewall.allowedUDPPorts = [ 24454 ];
virtualisation.oci-containers.containers.minecraft = { virtualisation.oci-containers.containers.minecraft = {
image = "itzg/minecraft-server"; image = "itzg/minecraft-server";
ports = ["25565:25565" "24454:24454/udp"]; ports = [
"25565:25565"
"24454:24454/udp"
];
environment = { environment = {
EULA = "TRUE"; EULA = "TRUE";
VERSION = "1.19.2"; VERSION = "1.19.2";
@ -12,6 +15,6 @@ _: {
FABRIC_LOADER_VERSION = "0.14.23"; FABRIC_LOADER_VERSION = "0.14.23";
FABRIC_LAUNCHER_VERSION = "0.11.2"; FABRIC_LAUNCHER_VERSION = "0.11.2";
}; };
volumes = ["/home/notoh/docker/modded-mc:/data:rw"]; volumes = [ "/home/notoh/docker/modded-mc:/data:rw" ];
}; };
} }

5
hosts/sora/services/ntfy-sh.nix
View file

@ -1,5 +1,6 @@
{pkgs, ...}: { { pkgs, ... }:
environment.systemPackages = [pkgs.ntfy-sh]; {
environment.systemPackages = [ pkgs.ntfy-sh ];
services.ntfy-sh = { services.ntfy-sh = {
enable = true; enable = true;
settings = { settings = {

15
hosts/sora/services/restic.nix
View file

@ -1,13 +1,14 @@
{ pkgs, config, ... }:
{ {
pkgs,
config,
...
}: {
sops.secrets = { sops.secrets = {
restic-sora = {sopsFile = ../../../secrets/restic/secrets.yaml;}; restic-sora = {
sora-s3 = {sopsFile = ../../../secrets/s3/secrets.yaml;}; sopsFile = ../../../secrets/restic/secrets.yaml;
};
sora-s3 = {
sopsFile = ../../../secrets/s3/secrets.yaml;
};
}; };
environment.systemPackages = [pkgs.restic]; environment.systemPackages = [ pkgs.restic ];
services.restic = { services.restic = {
backups = { backups = {
sora = { sora = {

28
hosts/sora/services/tailscale.nix
View file

@ -3,22 +3,34 @@
lib, lib,
pkgs, pkgs,
... ...
}: { }:
sops.secrets.tsauth-sora = {sopsFile = ../../../secrets/tailscale/secrets.yaml;}; {
environment.systemPackages = [pkgs.jq pkgs.tailscale]; sops.secrets.tsauth-sora = {
sopsFile = ../../../secrets/tailscale/secrets.yaml;
};
environment.systemPackages = [
pkgs.jq
pkgs.tailscale
];
services.tailscale = { services.tailscale = {
useRoutingFeatures = lib.mkDefault "server"; # important to make it a server, it sets sysctl for ip forwarding without intervention and reboot useRoutingFeatures = lib.mkDefault "server"; # important to make it a server, it sets sysctl for ip forwarding without intervention and reboot
}; };
networking.firewall.allowedUDPPorts = [config.services.tailscale.port]; networking.firewall.allowedUDPPorts = [ config.services.tailscale.port ];
networking.firewall.trustedInterfaces = [config.services.tailscale.interfaceName]; networking.firewall.trustedInterfaces = [ config.services.tailscale.interfaceName ];
systemd.services.tailscale-autoconnect = { systemd.services.tailscale-autoconnect = {
description = "Automatic connection to Tailscale"; description = "Automatic connection to Tailscale";
# make sure tailscale is running before trying to connect to tailscale # make sure tailscale is running before trying to connect to tailscale
after = ["network-pre.target" "tailscale.service"]; after = [
wants = ["network-pre.target" "tailscale.service"]; "network-pre.target"
wantedBy = ["multi-user.target"]; "tailscale.service"
];
wants = [
"network-pre.target"
"tailscale.service"
];
wantedBy = [ "multi-user.target" ];
# set this service as a oneshot job # set this service as a oneshot job
serviceConfig.Type = "oneshot"; serviceConfig.Type = "oneshot";

6
hosts/sora/services/terraria.nix
View file

@ -1,9 +1,9 @@
_: { _: {
networking.firewall.allowedTCPPorts = [7777]; networking.firewall.allowedTCPPorts = [ 7777 ];
virtualisation.oci-containers.containers.terraria = { virtualisation.oci-containers.containers.terraria = {
image = "jacobsmile/tmodloader1.4:v2023.11.3.3"; image = "jacobsmile/tmodloader1.4:v2023.11.3.3";
ports = ["7777:7777"]; ports = [ "7777:7777" ];
volumes = ["/var/lib/terraria/tmodloader:/data"]; volumes = [ "/var/lib/terraria/tmodloader:/data" ];
environment = { environment = {
TMOD_MOTD = "forsen"; TMOD_MOTD = "forsen";
TMOD_PASS = "forsen"; TMOD_PASS = "forsen";

310
hosts/sora/services/traefik.nix
View file

@ -1,12 +1,18 @@
{config, ...}: { { config, ... }:
sops.secrets.cloudflare-api-key = {}; {
networking.firewall.allowedTCPPorts = [80 443 2222 8080]; sops.secrets.cloudflare-api-key = { };
networking.firewall.allowedTCPPorts = [
80
443
2222
8080
];
systemd.services.traefik = { systemd.services.traefik = {
environment = { environment = {
CLOUDFLARE_EMAIL = "jch0tm2e@notohh.dev"; CLOUDFLARE_EMAIL = "jch0tm2e@notohh.dev";
}; };
serviceConfig = { serviceConfig = {
EnvironmentFile = [config.sops.secrets.cloudflare-api-key.path]; EnvironmentFile = [ config.sops.secrets.cloudflare-api-key.path ];
}; };
}; };
services.traefik = { services.traefik = {
@ -16,12 +22,12 @@
routers = { routers = {
gitssh = { gitssh = {
rule = "HostSNI(`*`)"; rule = "HostSNI(`*`)";
entrypoints = ["ssh"]; entrypoints = [ "ssh" ];
service = "gitssh"; service = "gitssh";
}; };
}; };
services = { services = {
gitssh.loadBalancer.servers = [{address = "100.121.201.47:2222";}]; gitssh.loadBalancer.servers = [ { address = "100.121.201.47:2222"; } ];
}; };
}; };
http = { http = {
@ -47,149 +53,153 @@
}; };
}; };
}; };
routers = let routers =
pqdn = "flake.sh"; let
in { pqdn = "flake.sh";
api = { in
rule = "PathPrefix(`/api/`)"; {
entrypoints = ["websecure"]; api = {
service = "api@internal"; rule = "PathPrefix(`/api/`)";
entrypoints = [ "websecure" ];
service = "api@internal";
};
authelia = {
rule = "Host(`passport.notohh.dev`)";
entrypoints = [ "websecure" ];
service = "authelia";
tls.domains = [ { main = "*.notohh.dev"; } ];
tls.certresolver = "production";
};
uptime-kuma = {
rule = "Host(`status.${pqdn}`)";
entrypoints = [ "websecure" ];
service = "uptime-kuma";
tls.domains = [ { main = "*.${pqdn}"; } ];
tls.certresolver = "production";
};
conduit = {
rule = "Host(`matrix.${pqdn}`)";
entrypoints = [ "websecure" ];
service = "conduit";
tls.domains = [ { main = "*.${pqdn}"; } ];
tls.certresolver = "production";
};
foundryvtt = {
rule = "Host(`foundry.${pqdn}`)";
entrypoints = [ "websecure" ];
service = "foundryvtt";
tls.domains = [ { main = "*.${pqdn}"; } ];
tls.certresolver = "production";
};
forgejo = {
rule = "Host(`git.${pqdn}`)";
entrypoints = [ "websecure" ];
service = "forgejo";
tls.domains = [ { main = "*.${pqdn}"; } ];
tls.certresolver = "production";
middlewares = "cors";
};
rustypaste = {
rule = "Host(`i.${pqdn}`)";
entrypoints = [ "websecure" ];
service = "rustypaste";
tls.domains = [ { main = "*.${pqdn}"; } ];
tls.certresolver = "production";
};
grafana = {
rule = "Host(`metrics.${pqdn}`)";
entrypoints = [ "websecure" ];
service = "grafana";
tls.domains = [ { main = "*.${pqdn}"; } ];
tls.certresolver = "production";
};
hedgedoc = {
rule = "Host(`scratch.${pqdn}`)";
entrypoints = [ "websecure" ];
service = "hedgedoc";
tls.domains = [ { main = "*.${pqdn}"; } ];
tls.certresolver = "production";
};
vaultwarden = {
rule = "Host(`vault.${pqdn}`)";
entrypoints = [ "websecure" ];
service = "vaultwarden";
tls.domains = [ { main = "*.${pqdn}"; } ];
tls.certresolver = "production";
};
neko = {
rule = "Host(`neko.${pqdn}`)";
entrypoints = [ "websecure" ];
service = "neko";
tls.domains = [ { main = "*.${pqdn}"; } ];
tls.certresolver = "production";
};
justlog = {
rule = "Host(`logs.${pqdn}`)";
entrypoints = [ "websecure" ];
service = "justlog";
tls.domains = [ { main = "*.${pqdn}"; } ];
tls.certresolver = "production";
};
ntfy = {
rule = "Host(`ntfy.${pqdn}`)";
entrypoints = [ "websecure" ];
service = "ntfy-sh";
tls.domains = [ { main = "*.${pqdn}"; } ];
tls.certresolver = "production";
};
attic = {
rule = "Host(`cache.${pqdn}`)";
entrypoints = [ "websecure" ];
service = "attic";
tls.domains = [ { main = "*.${pqdn}"; } ];
tls.certresolver = "production";
};
minio = {
rule = "Host(`s3.${pqdn}`)";
entrypoints = [ "websecure" ];
service = "minio";
tls.domains = [ { main = "*.${pqdn}"; } ];
tls.certresolver = "production";
middlewares = "cors-allow-all";
};
woodpecker = {
rule = "Host(`ci.${pqdn}`)";
entrypoints = [ "websecure" ];
service = "woodpecker";
tls.domains = [ { main = "*.${pqdn}"; } ];
tls.certresolver = "production";
};
}; };
authelia = { services =
rule = "Host(`passport.notohh.dev`)"; let
entrypoints = ["websecure"]; sakuraIp = "100.121.201.47:";
service = "authelia"; soraIp = "100.104.42.96:";
tls.domains = [{main = "*.notohh.dev";}]; in
tls.certresolver = "production"; {
}; # sora
uptime-kuma = { uptime-kuma.loadBalancer.servers = [ { url = "http://${soraIp}4000"; } ];
rule = "Host(`status.${pqdn}`)"; foundryvtt.loadBalancer.servers = [ { url = "http://${soraIp}30000"; } ];
entrypoints = ["websecure"]; ntfy-sh.loadBalancer.servers = [ { url = "http://${soraIp}8090"; } ];
service = "uptime-kuma"; attic.loadBalancer.servers = [ { url = "http://${soraIp}8200"; } ];
tls.domains = [{main = "*.${pqdn}";}];
tls.certresolver = "production";
};
conduit = {
rule = "Host(`matrix.${pqdn}`)";
entrypoints = ["websecure"];
service = "conduit";
tls.domains = [{main = "*.${pqdn}";}];
tls.certresolver = "production";
};
foundryvtt = {
rule = "Host(`foundry.${pqdn}`)";
entrypoints = ["websecure"];
service = "foundryvtt";
tls.domains = [{main = "*.${pqdn}";}];
tls.certresolver = "production";
};
forgejo = {
rule = "Host(`git.${pqdn}`)";
entrypoints = ["websecure"];
service = "forgejo";
tls.domains = [{main = "*.${pqdn}";}];
tls.certresolver = "production";
middlewares = "cors";
};
rustypaste = {
rule = "Host(`i.${pqdn}`)";
entrypoints = ["websecure"];
service = "rustypaste";
tls.domains = [{main = "*.${pqdn}";}];
tls.certresolver = "production";
};
grafana = {
rule = "Host(`metrics.${pqdn}`)";
entrypoints = ["websecure"];
service = "grafana";
tls.domains = [{main = "*.${pqdn}";}];
tls.certresolver = "production";
};
hedgedoc = {
rule = "Host(`scratch.${pqdn}`)";
entrypoints = ["websecure"];
service = "hedgedoc";
tls.domains = [{main = "*.${pqdn}";}];
tls.certresolver = "production";
};
vaultwarden = {
rule = "Host(`vault.${pqdn}`)";
entrypoints = ["websecure"];
service = "vaultwarden";
tls.domains = [{main = "*.${pqdn}";}];
tls.certresolver = "production";
};
neko = {
rule = "Host(`neko.${pqdn}`)";
entrypoints = ["websecure"];
service = "neko";
tls.domains = [{main = "*.${pqdn}";}];
tls.certresolver = "production";
};
justlog = {
rule = "Host(`logs.${pqdn}`)";
entrypoints = ["websecure"];
service = "justlog";
tls.domains = [{main = "*.${pqdn}";}];
tls.certresolver = "production";
};
ntfy = {
rule = "Host(`ntfy.${pqdn}`)";
entrypoints = ["websecure"];
service = "ntfy-sh";
tls.domains = [{main = "*.${pqdn}";}];
tls.certresolver = "production";
};
attic = {
rule = "Host(`cache.${pqdn}`)";
entrypoints = ["websecure"];
service = "attic";
tls.domains = [{main = "*.${pqdn}";}];
tls.certresolver = "production";
};
minio = {
rule = "Host(`s3.${pqdn}`)";
entrypoints = ["websecure"];
service = "minio";
tls.domains = [{main = "*.${pqdn}";}];
tls.certresolver = "production";
middlewares = "cors-allow-all";
};
woodpecker = {
rule = "Host(`ci.${pqdn}`)";
entrypoints = ["websecure"];
service = "woodpecker";
tls.domains = [{main = "*.${pqdn}";}];
tls.certresolver = "production";
};
};
services = let
sakuraIp = "100.121.201.47:";
soraIp = "100.104.42.96:";
in {
# sora
uptime-kuma.loadBalancer.servers = [{url = "http://${soraIp}4000";}];
foundryvtt.loadBalancer.servers = [{url = "http://${soraIp}30000";}];
ntfy-sh.loadBalancer.servers = [{url = "http://${soraIp}8090";}];
attic.loadBalancer.servers = [{url = "http://${soraIp}8200";}];
# sakura # sakura
forgejo.loadBalancer.servers = [{url = "http://${sakuraIp}3200";}]; forgejo.loadBalancer.servers = [ { url = "http://${sakuraIp}3200"; } ];
conduit.loadBalancer.servers = [{url = "http://${sakuraIp}6167";}]; conduit.loadBalancer.servers = [ { url = "http://${sakuraIp}6167"; } ];
authelia.loadBalancer.servers = [{url = "http://${sakuraIp}9091";}]; authelia.loadBalancer.servers = [ { url = "http://${sakuraIp}9091"; } ];
rustypaste.loadBalancer.servers = [{url = "http://${sakuraIp}8000";}]; rustypaste.loadBalancer.servers = [ { url = "http://${sakuraIp}8000"; } ];
grafana.loadBalancer.servers = [{url = "http://${sakuraIp}3100";}]; grafana.loadBalancer.servers = [ { url = "http://${sakuraIp}3100"; } ];
hedgedoc.loadBalancer.servers = [{url = "http://${sakuraIp}3300";}]; hedgedoc.loadBalancer.servers = [ { url = "http://${sakuraIp}3300"; } ];
vaultwarden.loadBalancer.servers = [{url = "http://${sakuraIp}8222";}]; vaultwarden.loadBalancer.servers = [ { url = "http://${sakuraIp}8222"; } ];
searxng.loadBalancer.servers = [{url = "http://${sakuraIp}8100";}]; searxng.loadBalancer.servers = [ { url = "http://${sakuraIp}8100"; } ];
justlog.loadBalancer.servers = [{url = "http://${sakuraIp}8025";}]; justlog.loadBalancer.servers = [ { url = "http://${sakuraIp}8025"; } ];
# kaze # kaze
minio.loadBalancer.servers = [{url = "http://100.69.79.81:9005";}]; minio.loadBalancer.servers = [ { url = "http://100.69.79.81:9005"; } ];
# tsuru # tsuru
woodpecker.loadBalancer.servers = [{url = "http://100.82.146.40:8200";}]; woodpecker.loadBalancer.servers = [ { url = "http://100.82.146.40:8200"; } ];
}; };
}; };
}; };
staticConfigOptions = { staticConfigOptions = {
@ -227,7 +237,10 @@
caServer = "https://acme-staging-v02.api.letsencrypt.org/directory"; caServer = "https://acme-staging-v02.api.letsencrypt.org/directory";
dnsChallenge = { dnsChallenge = {
provider = "cloudflare"; provider = "cloudflare";
resolvers = ["1.1.1.1:53" "1.0.0.1:53"]; resolvers = [
"1.1.1.1:53"
"1.0.0.1:53"
];
delayBeforeCheck = "0"; delayBeforeCheck = "0";
}; };
}; };
@ -237,7 +250,10 @@
caServer = "https://acme-v02.api.letsencrypt.org/directory"; caServer = "https://acme-v02.api.letsencrypt.org/directory";
dnsChallenge = { dnsChallenge = {
provider = "cloudflare"; provider = "cloudflare";
resolvers = ["1.1.1.1:53" "1.0.0.1:53"]; resolvers = [
"1.1.1.1:53"
"1.0.0.1:53"
];
delayBeforeCheck = "0"; delayBeforeCheck = "0";
}; };
}; };

11
hosts/tsuki/default.nix
View file

@ -3,7 +3,8 @@
config, config,
pkgs, pkgs,
... ...
}: { }:
{
imports = [ imports = [
inputs.nix-gaming.nixosModules.steamCompat inputs.nix-gaming.nixosModules.steamCompat
inputs.nix-gaming.nixosModules.pipewireLowLatency inputs.nix-gaming.nixosModules.pipewireLowLatency
@ -34,7 +35,7 @@
}; };
xserver = { xserver = {
enable = true; enable = true;
videoDrivers = ["nvidia"]; videoDrivers = [ "nvidia" ];
xkb = { xkb = {
layout = "us"; layout = "us";
variant = ""; variant = "";
@ -56,9 +57,7 @@
gamemode.enable = true; gamemode.enable = true;
steam = { steam = {
enable = true; enable = true;
extraCompatPackages = [ extraCompatPackages = [ inputs.nix-gaming.packages.${pkgs.system}.proton-ge ];
inputs.nix-gaming.packages.${pkgs.system}.proton-ge
];
}; };
}; };
@ -71,7 +70,7 @@
}; };
opengl = { opengl = {
enable = true; enable = true;
extraPackages = [pkgs.nvidia-vaapi-driver]; extraPackages = [ pkgs.nvidia-vaapi-driver ];
}; };
opentabletdriver = { opentabletdriver = {
enable = true; enable = true;

29
hosts/tsuki/hardware.nix
View file

@ -3,14 +3,16 @@
lib, lib,
modulesPath, modulesPath,
... ...
}: { }:
imports = [ {
(modulesPath + "/installer/scan/not-detected.nix") imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
];
boot = { boot = {
kernelModules = ["v4l2loopback" "kvm-intel"]; kernelModules = [
extraModulePackages = with config.boot.kernelPackages; [v4l2loopback.out]; "v4l2loopback"
"kvm-intel"
];
extraModulePackages = with config.boot.kernelPackages; [ v4l2loopback.out ];
loader = { loader = {
systemd-boot = { systemd-boot = {
enable = true; enable = true;
@ -22,8 +24,15 @@
}; };
}; };
initrd = { initrd = {
availableKernelModules = ["xhci_pci" "ahci" "nvme" "usb_storage" "usbhid" "sd_mod"]; availableKernelModules = [
kernelModules = []; "xhci_pci"
"ahci"
"nvme"
"usb_storage"
"usbhid"
"sd_mod"
];
kernelModules = [ ];
}; };
}; };
@ -58,9 +67,7 @@
}; };
}; };
swapDevices = [ swapDevices = [ { device = "/dev/disk/by-uuid/2f5e2c64-99b8-4fa0-943c-c9dd45c84fdc"; } ];
{device = "/dev/disk/by-uuid/2f5e2c64-99b8-4fa0-943c-c9dd45c84fdc";}
];
networking.useDHCP = lib.mkDefault true; networking.useDHCP = lib.mkDefault true;

9
hosts/tsuki/home.nix
View file

@ -1,8 +1,5 @@
{ inputs, pkgs, ... }:
{ {
inputs,
pkgs,
...
}: {
imports = [ imports = [
./services/swayidle.nix ./services/swayidle.nix
../../home ../../home
@ -54,8 +51,8 @@
prismlauncher prismlauncher
yuzu yuzu
inputs.nix-gaming.packages.${pkgs.system}.osu-lazer-bin inputs.nix-gaming.packages.${pkgs.system}.osu-lazer-bin
(libsForQt5.callPackage ../../pkgs/chatterino7 {}) (libsForQt5.callPackage ../../pkgs/chatterino7 { })
(callPackage ../../pkgs/jellyfin-rpc {}) (callPackage ../../pkgs/jellyfin-rpc { })
]; ];
stateVersion = "23.05"; stateVersion = "23.05";
}; };

7
hosts/tsuki/services/atticd.nix
View file

@ -1,9 +1,10 @@
{pkgs, ...}: { { pkgs, ... }:
environment.systemPackages = [pkgs.attic]; {
environment.systemPackages = [ pkgs.attic ];
systemd.services.atticd = { systemd.services.atticd = {
enable = true; enable = true;
wantedBy = ["multi-user.target"]; wantedBy = [ "multi-user.target" ];
description = "atticd"; description = "atticd";
serviceConfig = { serviceConfig = {

3
hosts/tsuki/services/default.nix
View file

@ -1,4 +1,5 @@
{...}: { { ... }:
{
imports = [ imports = [
./restic.nix ./restic.nix
./atticd.nix ./atticd.nix

12
hosts/tsuki/services/hydroxide.nix
View file

@ -1,10 +1,14 @@
{pkgs, ...}: { { pkgs, ... }:
environment.systemPackages = [pkgs.hydroxide]; {
networking.firewall.allowedTCPPorts = [1025 1143]; environment.systemPackages = [ pkgs.hydroxide ];
networking.firewall.allowedTCPPorts = [
1025
1143
];
systemd.services.hydroxide = { systemd.services.hydroxide = {
enable = true; enable = true;
wantedBy = ["multi-user.target"]; wantedBy = [ "multi-user.target" ];
description = "A third-party, open-source ProtonMail bridge"; description = "A third-party, open-source ProtonMail bridge";
serviceConfig = { serviceConfig = {

21
hosts/tsuki/services/restic.nix
View file

@ -1,16 +1,17 @@
{ pkgs, config, ... }:
{ {
pkgs, sops.secrets.restic-tsuki = {
config, sopsFile = ../../../secrets/restic/secrets.yaml;
... };
}: { sops.secrets.restic-osu = {
sops.secrets.restic-tsuki = {sopsFile = ../../../secrets/restic/secrets.yaml;}; sopsFile = ../../../secrets/restic/secrets.yaml;
sops.secrets.restic-osu = {sopsFile = ../../../secrets/restic/secrets.yaml;}; };
environment.systemPackages = [pkgs.restic]; environment.systemPackages = [ pkgs.restic ];
services.restic = { services.restic = {
backups = { backups = {
tsuki = { tsuki = {
user = "root"; user = "root";
paths = ["/home"]; paths = [ "/home" ];
exclude = [ exclude = [
"*.qcow2" "*.qcow2"
"*.iso" "*.iso"
@ -47,8 +48,8 @@
}; };
osu = { osu = {
user = "root"; user = "root";
paths = ["/home/*/osu!"]; paths = [ "/home/*/osu!" ];
pruneOpts = ["--keep-last=2"]; pruneOpts = [ "--keep-last=2" ];
initialize = true; initialize = true;
repository = "/nas/osu-backups"; repository = "/nas/osu-backups";
passwordFile = config.sops.secrets.restic-osu.path; passwordFile = config.sops.secrets.restic-osu.path;

3
hosts/tsuru/default.nix
View file

@ -1,4 +1,5 @@
{...}: { { ... }:
{
imports = [ imports = [
./hardware.nix ./hardware.nix
./services ./services

28
hosts/tsuru/hardware.nix
View file

@ -1,15 +1,10 @@
{ lib, modulesPath, ... }:
{ {
lib, imports = [ (modulesPath + "/profiles/qemu-guest.nix") ];
modulesPath,
...
}: {
imports = [
(modulesPath + "/profiles/qemu-guest.nix")
];
boot = { boot = {
kernelModules = []; kernelModules = [ ];
extraModulePackages = []; extraModulePackages = [ ];
loader.grub = { loader.grub = {
enable = true; enable = true;
configurationLimit = 5; configurationLimit = 5;
@ -17,8 +12,15 @@
useOSProber = false; useOSProber = false;
}; };
initrd = { initrd = {
availableKernelModules = ["ata_piix" "uhci_hcd" "virtio_pci" "virtio_scsi" "sd_mod" "sr_mod"]; availableKernelModules = [
kernelModules = []; "ata_piix"
"uhci_hcd"
"virtio_pci"
"virtio_scsi"
"sd_mod"
"sr_mod"
];
kernelModules = [ ];
}; };
}; };
@ -29,9 +31,7 @@
}; };
}; };
swapDevices = [ swapDevices = [ { device = "/dev/disk/by-uuid/5be1a83b-5b40-4068-ade3-fcf28ff07e35"; } ];
{device = "/dev/disk/by-uuid/5be1a83b-5b40-4068-ade3-fcf28ff07e35";}
];
networking.useDHCP = lib.mkDefault true; networking.useDHCP = lib.mkDefault true;

7
hosts/tsuru/home.nix
View file

@ -1,7 +1,6 @@
{...}: { { ... }:
imports = [ {
../../home imports = [ ../../home ];
];
systemd.user.startServices = "sd-switch"; systemd.user.startServices = "sd-switch";
programs.home-manager.enable = true; programs.home-manager.enable = true;

6
hosts/tsuru/services/default.nix
View file

@ -1,5 +1 @@
_: { _: { imports = [ ./woodpecker.nix ]; }
imports = [
./woodpecker.nix
];
}

28
hosts/tsuru/services/tailscale.nix
View file

@ -3,22 +3,34 @@
lib, lib,
pkgs, pkgs,
... ...
}: { }:
sops.secrets.tsauth-tsuru = {sopsFile = ../../../secrets/tailscale/secrets.yaml;}; {
environment.systemPackages = [pkgs.jq pkgs.tailscale]; sops.secrets.tsauth-tsuru = {
sopsFile = ../../../secrets/tailscale/secrets.yaml;
};
environment.systemPackages = [
pkgs.jq
pkgs.tailscale
];
services.tailscale = { services.tailscale = {
useRoutingFeatures = lib.mkDefault "client"; useRoutingFeatures = lib.mkDefault "client";
}; };
networking.firewall.allowedUDPPorts = [config.services.tailscale.port]; networking.firewall.allowedUDPPorts = [ config.services.tailscale.port ];
networking.firewall.trustedInterfaces = [config.services.tailscale.interfaceName]; networking.firewall.trustedInterfaces = [ config.services.tailscale.interfaceName ];
systemd.services.tailscale-autoconnect = { systemd.services.tailscale-autoconnect = {
description = "Automatic connection to Tailscale"; description = "Automatic connection to Tailscale";
# make sure tailscale is running before trying to connect to tailscale # make sure tailscale is running before trying to connect to tailscale
after = ["network-pre.target" "tailscale.service"]; after = [
wants = ["network-pre.target" "tailscale.service"]; "network-pre.target"
wantedBy = ["multi-user.target"]; "tailscale.service"
];
wants = [
"network-pre.target"
"tailscale.service"
];
wantedBy = [ "multi-user.target" ];
# set this service as a oneshot job # set this service as a oneshot job
serviceConfig.Type = "oneshot"; serviceConfig.Type = "oneshot";

9
hosts/tsuru/services/woodpecker.nix
View file

@ -1,6 +1,7 @@
{config, ...}: { { config, ... }:
sops.secrets.woodpecker-server = {}; {
sops.secrets.woodpecker-agent-secret = {}; sops.secrets.woodpecker-server = { };
sops.secrets.woodpecker-agent-secret = { };
services.woodpecker-server = { services.woodpecker-server = {
enable = true; enable = true;
environment = { environment = {
@ -31,6 +32,6 @@
WOODPECKER_KEEPALIVE_MIN_TIME = "10s"; WOODPECKER_KEEPALIVE_MIN_TIME = "10s";
WOODPECKER_HEALTHCHECK = "true"; WOODPECKER_HEALTHCHECK = "true";
}; };
extraGroups = ["docker"]; extraGroups = [ "docker" ];
}; };
} }

3
hosts/yuki/default.nix
View file

@ -1,4 +1,5 @@
{...}: { { ... }:
{
imports = [ imports = [
./hardware.nix ./hardware.nix
./services ./services

28
hosts/yuki/hardware.nix
View file

@ -1,15 +1,10 @@
{ lib, modulesPath, ... }:
{ {
lib, imports = [ (modulesPath + "/profiles/qemu-guest.nix") ];
modulesPath,
...
}: {
imports = [
(modulesPath + "/profiles/qemu-guest.nix")
];
boot = { boot = {
kernelModules = []; kernelModules = [ ];
extraModulePackages = []; extraModulePackages = [ ];
loader.grub = { loader.grub = {
enable = true; enable = true;
configurationLimit = 5; configurationLimit = 5;
@ -17,8 +12,15 @@
useOSProber = false; useOSProber = false;
}; };
initrd = { initrd = {
availableKernelModules = ["ata_piix" "uhci_hcd" "virtio_pci" "virtio_scsi" "sd_mod" "sr_mod"]; availableKernelModules = [
kernelModules = []; "ata_piix"
"uhci_hcd"
"virtio_pci"
"virtio_scsi"
"sd_mod"
"sr_mod"
];
kernelModules = [ ];
}; };
}; };
@ -45,9 +47,7 @@
}; };
}; };
swapDevices = [ swapDevices = [ { device = "/dev/disk/by-uuid/bd7ccb73-6f85-4b3d-b37f-5cff58a6ab59"; } ];
{device = "/dev/disk/by-uuid/bd7ccb73-6f85-4b3d-b37f-5cff58a6ab59";}
];
networking.useDHCP = lib.mkDefault true; networking.useDHCP = lib.mkDefault true;

7
hosts/yuki/home.nix
View file

@ -1,7 +1,6 @@
{...}: { { ... }:
imports = [ {
../../home imports = [ ../../home ];
];
systemd.user.startServices = "sd-switch"; systemd.user.startServices = "sd-switch";
programs.home-manager.enable = true; programs.home-manager.enable = true;

5
hosts/yuki/services/anki-sync-server.nix
View file

@ -1,5 +1,6 @@
{config, ...}: { { config, ... }:
sops.secrets.anki-pwd = {}; {
sops.secrets.anki-pwd = { };
services.anki-sync-server = { services.anki-sync-server = {
enable = true; enable = true;
openFirewall = true; openFirewall = true;

3
hosts/yuki/services/default.nix
View file

@ -1,4 +1,5 @@
{...}: { { ... }:
{
imports = [ imports = [
./hass ./hass
./restic.nix ./restic.nix

2
hosts/yuki/services/hass/config.nix
View file

@ -13,6 +13,6 @@ _: {
currency = "USD"; currency = "USD";
country = "US"; country = "US";
}; };
default_config = {}; default_config = { };
}; };
} }

2
hosts/yuki/services/hass/default.nix
View file

@ -4,7 +4,7 @@ _: {
./config.nix ./config.nix
]; ];
nixpkgs.config.permittedInsecurePackages = ["openssl-1.1.1w"]; nixpkgs.config.permittedInsecurePackages = [ "openssl-1.1.1w" ];
services.home-assistant = { services.home-assistant = {
enable = true; enable = true;

43
hosts/yuki/services/hass/lovelace.nix
View file

@ -24,8 +24,12 @@ _: {
{ {
type = "light"; type = "light";
entity = "light.living_room"; entity = "light.living_room";
tap_action = {action = "toggle";}; tap_action = {
hold_action = {action = "Default action";}; action = "toggle";
};
hold_action = {
action = "Default action";
};
style = { style = {
top = "72.8%"; top = "72.8%";
left = "75.3%"; left = "75.3%";
@ -34,8 +38,12 @@ _: {
{ {
type = "light"; type = "light";
entity = "light.hall_light"; entity = "light.hall_light";
tap_action = {action = "toggle";}; tap_action = {
hold_action = {action = "Default action";}; action = "toggle";
};
hold_action = {
action = "Default action";
};
style = { style = {
top = "72.8%"; top = "72.8%";
left = "75.3%"; left = "75.3%";
@ -49,8 +57,12 @@ _: {
{ {
type = "light"; type = "light";
entity = "light.master_bedroom_lamp"; entity = "light.master_bedroom_lamp";
tap_action = {action = "toggle";}; tap_action = {
hold_action = {action = "Default action";}; action = "toggle";
};
hold_action = {
action = "Default action";
};
style = { style = {
top = "72.8%"; top = "72.8%";
left = "75.3%"; left = "75.3%";
@ -66,8 +78,12 @@ _: {
entity = "light.bedroom_1"; entity = "light.bedroom_1";
show_state = true; show_state = true;
show_icon = true; show_icon = true;
tap_action = {action = "toggle";}; tap_action = {
hold_action = {action = "Default action";}; action = "toggle";
};
hold_action = {
action = "Default action";
};
style = { style = {
top = "72.8%"; top = "72.8%";
left = "75.3%"; left = "75.3%";
@ -78,8 +94,12 @@ _: {
entity = "light.light_panels_58_6c_84"; entity = "light.light_panels_58_6c_84";
show_state = true; show_state = true;
show_icon = true; show_icon = true;
tap_action = {action = "toggle";}; tap_action = {
hold_action = {action = "Default action";}; action = "toggle";
};
hold_action = {
action = "Default action";
};
style = { style = {
top = "72.8%"; top = "72.8%";
left = "75.3%"; left = "75.3%";
@ -102,8 +122,7 @@ _: {
} }
{ {
title = "Bedroom 2"; title = "Bedroom 2";
cards = [ cards = [ ];
];
} }
]; ];
}; };

12
hosts/yuki/services/hydroxide.nix
View file

@ -1,10 +1,14 @@
{pkgs, ...}: { { pkgs, ... }:
environment.systemPackages = [pkgs.hydroxide]; {
networking.firewall.allowedTCPPorts = [1025 1143]; environment.systemPackages = [ pkgs.hydroxide ];
networking.firewall.allowedTCPPorts = [
1025
1143
];
systemd.services.hydroxide = { systemd.services.hydroxide = {
enable = true; enable = true;
wantedBy = ["multi-user.target"]; wantedBy = [ "multi-user.target" ];
description = "A third-party, open-source ProtonMail bridge"; description = "A third-party, open-source ProtonMail bridge";
serviceConfig = { serviceConfig = {

7
hosts/yuki/services/miniflux.nix
View file

@ -1,9 +1,6 @@
{ config, lib, ... }:
{ {
config, sops.secrets.miniflux = { };
lib,
...
}: {
sops.secrets.miniflux = {};
services.miniflux = { services.miniflux = {
enable = true; enable = true;

Some files were not shown because too many files have changed in this diff Show more