cyplo/dotfiles
1
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity

reformat all files using alejandra

Browse source
This commit is contained in:
Cyryl Płotnicki 2023-08-13 17:00:41 +01:00
parent d9543e17a4
commit df4d72c06e
74 changed files with 1351 additions and 972 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

43
flake.nix
View file

@ -1,10 +1,24 @@
{
description = "NixOS configuration with flakes";
outputs = { self, flake-utils, flake-compat, home-manager
, nixpkgs-nixos-unstable, nixpkgs-master, nixpkgs-stable, darwin
, nixos-hardware, nur, sops, nil, helix, alejandra, nixpkgs-rust-analyzer
, endless-sky, disko }@inputs:
let
outputs = {
self,
flake-utils,
flake-compat,
home-manager,
nixpkgs-nixos-unstable,
nixpkgs-master,
nixpkgs-stable,
darwin,
nixos-hardware,
nur,
sops,
nil,
helix,
alejandra,
nixpkgs-rust-analyzer,
endless-sky,
disko,
} @ inputs: let
mkServer = pkgs: system: hostname:
pkgs.lib.nixosSystem {
inherit system;
@ -19,7 +33,8 @@
mkRaspi = pkgs: hostname:
pkgs.lib.nixosSystem {
system = "aarch64-linux";
modules = [ (./. + "/nixos/boxes/${hostname}")
modules = [
(./. + "/nixos/boxes/${hostname}")
sops.nixosModules.sops
];
specialArgs = {inherit inputs;};
@ -37,8 +52,7 @@
home-manager.useGlobalPkgs = true;
home-manager.useUserPackages = true;
home-manager.users.cyryl = {
imports =
[ ./nixos/home-manager ./nixos/home-manager/linux.nix ];
imports = [./nixos/home-manager ./nixos/home-manager/linux.nix];
_module.args.inputs = inputs;
_module.args.system = system;
};
@ -70,8 +84,7 @@
home-manager.useGlobalPkgs = true;
home-manager.useUserPackages = true;
home-manager.users.cyryl = {
imports =
[ ./nixos/home-manager ./nixos/home-manager/linux.nix ];
imports = [./nixos/home-manager ./nixos/home-manager/linux.nix];
_module.args.inputs = inputs;
_module.args.system = system;
};
@ -89,9 +102,10 @@
};
};
};
mkShell = packageSet: system:
let pkgs = packageSet.legacyPackages.${system};
in pkgs.mkShell {
mkShell = packageSet: system: let
pkgs = packageSet.legacyPackages.${system};
in
pkgs.mkShell {
packages = with pkgs; [
inputs.alejandra.defaultPackage.${system}
cacert
@ -156,8 +170,7 @@
(import
"${inputs.nixpkgs-stable}/nixos/modules/installer/sd-card/sd-image-aarch64-installer.nix")
{
environment.systemPackages =
with nixpkgs-nixos-unstable.legacyPackages."aarch64-linux"; [
environment.systemPackages = with nixpkgs-nixos-unstable.legacyPackages."aarch64-linux"; [
neovim
htop
btop

7
nixos/boot.nix
View file

@ -1,4 +1,9 @@
{ config, pkgs, lib, ... }: {
{
config,
pkgs,
lib,
...
}: {
fileSystems."/".options = ["noatime" "nodiratime" "discard"];
hardware.enableRedistributableFirmware = lib.mkDefault true;

9
nixos/boxes/bolty/bolty-boot.nix
View file

@ -1,8 +1,11 @@
{ config, pkgs, ... }: {
{
config,
pkgs,
...
}: {
boot = {
kernelPackages = config.boot.zfs.package.latestCompatibleLinuxPackages;
initrd.availableKernelModules =
[ "nvme" "xhci_pci" "ahci" "usbhid" "usb_storage" "sd_mod" "sdhci_acpi" ];
initrd.availableKernelModules = ["nvme" "xhci_pci" "ahci" "usbhid" "usb_storage" "sd_mod" "sdhci_acpi"];
initrd.kernelModules = ["dm-snapshot"];
kernelModules = ["kvm-amd"];
extraModulePackages = [];

8
nixos/boxes/bolty/default.nix
View file

@ -1,4 +1,10 @@
{ config, pkgs, inputs, lib, ... }: {
{
config,
pkgs,
inputs,
lib,
...
}: {
imports = [
../cli.nix
./bolty-boot.nix

13
nixos/boxes/bolty/gitea-runner.nix
View file

@ -1,9 +1,14 @@
{ config, pkgs, inputs, lib, system, ... }:
let
{
config,
pkgs,
inputs,
lib,
system,
...
}: let
unstable = inputs.nixpkgs-nixos-unstable;
package = unstable.legacyPackages."${system}".gitea-actions-runner;
in
{
in {
sops.secrets."gitea-runner-token" = {
sopsFile = ./gitea-runner-token.sops;
format = "binary";

9
nixos/boxes/bolty/grafana.nix
View file

@ -1,5 +1,10 @@
{ config, pkgs, inputs, lib, ... }:
let
{
config,
pkgs,
inputs,
lib,
...
}: let
fqdn = "bolty.raptor-carp.ts.net";
port = 30001;
path = "/data/grafana";

13
nixos/boxes/bolty/home-assistant.nix
View file

@ -1,5 +1,10 @@
{ config, pkgs, inputs, lib, ... }:
let
{
config,
pkgs,
inputs,
lib,
...
}: let
port = 8123;
path = "/data/nginx";
certPath = "${path}/cert.pem";
@ -19,7 +24,8 @@ in {
allow_anonymous = true;
};
acl = ["topic readwrite #"];
}];
}
];
};
services.nginx = {
@ -58,5 +64,4 @@ in {
];
wants = ["tailscale-cert.service"];
};
}

8
nixos/boxes/bolty/home-security.nix
View file

@ -1,2 +1,8 @@
{ config, pkgs, inputs, lib, ... }: {
{
config,
pkgs,
inputs,
lib,
...
}: {
}

10
nixos/boxes/bolty/influxdb.nix
View file

@ -1,5 +1,10 @@
{ config, pkgs, inputs, lib, ... }:
let
{
config,
pkgs,
inputs,
lib,
...
}: let
fqdn = "bolty.raptor-carp.ts.net";
port = 8086;
path = "/data/influxdb";
@ -48,5 +53,4 @@ in {
tls-key = "${keyPath}";
};
};
}

9
nixos/boxes/bolty/nas.nix
View file

@ -1,4 +1,10 @@
{ config, pkgs, inputs, lib, ... }: {
{
config,
pkgs,
inputs,
lib,
...
}: {
networking.firewall.allowedTCPPorts = [2049];
services.nfs.server.enable = true;
services.nfs.server.exports = ''
@ -7,5 +13,4 @@
/data/nfs/home_assistant/media 10.0.0.244/24(rw,sync,insecure,no_subtree_check) 100.81.212.51(rw,sync,insecure,no_subtree_check)
/data/nfs/home_assistant/backups 10.0.0.244/24(rw,sync,insecure,no_subtree_check) 100.81.212.51(rw,sync,insecure,no_subtree_check)
'';
}

8
nixos/boxes/bolty/networking.nix
View file

@ -1,4 +1,10 @@
{ config, pkgs, inputs, lib, ... }: {
{
config,
pkgs,
inputs,
lib,
...
}: {
networking.hostName = "bolty";
systemd.network.enable = true;
networking.networkmanager.enable = false;

6
nixos/boxes/bolty/nix-store-server.nix
View file

@ -1,4 +1,8 @@
{ config, pkgs, ... }: {
{
config,
pkgs,
...
}: {
nix.settings.trusted-users = ["nix-ssh"];
nix.sshServe = {
enable = true;

16
nixos/boxes/bolty/print-server.nix
View file

@ -1,4 +1,9 @@
{ config, pkgs, lib, ... }: {
{
config,
pkgs,
lib,
...
}: {
networking.firewall.enable = true;
networking.firewall.allowedTCPPorts = [631 6566];
networking.firewall.allowedUDPPorts = [631 6566];
@ -15,15 +20,16 @@
'';
};
hardware.printers.ensurePrinters = [{
hardware.printers.ensurePrinters = [
{
description = "Epson XP-540";
location = "connected to bolty";
name = "epson_xp540";
deviceUri =
"usb://EPSON/XP-540%20Series?serial=583245393030303936&interface=1";
deviceUri = "usb://EPSON/XP-540%20Series?serial=583245393030303936&interface=1";
model = "raw";
ppdOptions = {PageSize = "A4";};
}];
}
];
hardware.sane = {
enable = true;

9
nixos/boxes/bolty/tailscale-cert.nix
View file

@ -1,5 +1,10 @@
{ config, pkgs, inputs, lib, ... }:
let
{
config,
pkgs,
inputs,
lib,
...
}: let
fqdn = "bolty.raptor-carp.ts.net";
basePath = "/var/lib/tailscale-certs";
keyPath = "${basePath}/key.pem";

9
nixos/boxes/bolty/virtualisation.nix
View file

@ -1,4 +1,10 @@
{ config, pkgs, inputs, lib, ... }: {
{
config,
pkgs,
inputs,
lib,
...
}: {
boot.kernelModules = ["kvm_amd"];
virtualisation = {
libvirtd = {
@ -17,5 +23,4 @@
networking.firewall.allowedTCPPorts = [5900];
security.allowUserNamespaces = true;
}

6
nixos/boxes/cli.nix
View file

@ -1,4 +1,8 @@
{ config, pkgs, ... }: {
{
config,
pkgs,
...
}: {
environment.systemPackages = with pkgs; [
atop
btop

13
nixos/boxes/form3/default.nix
View file

@ -1,8 +1,15 @@
{ config, pkgs, inputs, lib, nixpkgs-nixos-unstable-and-unfree, ... }:
let
{
config,
pkgs,
inputs,
lib,
nixpkgs-nixos-unstable-and-unfree,
...
}: let
system_cert_bundle_path = "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt";
form3_cert_path = ./form3-palo-alto.pem;
form3_cert_bundle = builtins.toFile "form3-cert-bundle.crt"
form3_cert_bundle =
builtins.toFile "form3-cert-bundle.crt"
(builtins.readFile system_cert_bundle_path
+ builtins.readFile form3_cert_path);
in {

14
nixos/boxes/foryog/hardware-configuration.nix
View file

@ -1,11 +1,16 @@
{ config, lib, pkgs, inputs, ... }: {
{
config,
lib,
pkgs,
inputs,
...
}: {
boot = {
kernelModules = ["kvm-intel"];
initrd = {
kernelModules = ["dm-snapshot"];
availableKernelModules =
[ "xhci_pci" "nvme" "usbhid" "usb_storage" "sd_mod" ];
availableKernelModules = ["xhci_pci" "nvme" "usbhid" "usb_storage" "sd_mod"];
};
loader.systemd-boot.enable = true;
@ -14,8 +19,7 @@
};
boot.initrd.secrets = {"/crypto_keyfile.bin" = null;};
boot.initrd.luks.devices."luks-43a80125-4089-45be-9561-fab93f984916".device =
"/dev/disk/by-uuid/43a80125-4089-45be-9561-fab93f984916";
boot.initrd.luks.devices."luks-43a80125-4089-45be-9561-fab93f984916".device = "/dev/disk/by-uuid/43a80125-4089-45be-9561-fab93f984916";
fileSystems."/boot/efi" = {
device = "/dev/disk/by-uuid/D6C0-1A9D";

23
nixos/boxes/foureighty/default.nix
View file

@ -1,4 +1,11 @@
{ config, pkgs, inputs, lib, nixpkgs-nixos-unstable-and-unfree, ... }: {
{
config,
pkgs,
inputs,
lib,
nixpkgs-nixos-unstable-and-unfree,
...
}: {
networking.hostName = "foureighty";
imports = [
@ -72,14 +79,10 @@
];
home-manager.users.cyryl = {...}: {
imports =
[ ../../home-manager/programs/alacritty.nix ../../gui/vscode.nix ];
home.packages =
with inputs.nixpkgs-nixos-unstable.legacyPackages."x86_64-linux";
[ bisq-desktop ] ++
(with pkgs; [ lutris ])
++ (with inputs.endless-sky.legacyPackages."x86_64-linux";
[ endless-sky ]);
imports = [../../home-manager/programs/alacritty.nix ../../gui/vscode.nix];
home.packages = with inputs.nixpkgs-nixos-unstable.legacyPackages."x86_64-linux";
[bisq-desktop]
++ (with pkgs; [lutris])
++ (with inputs.endless-sky.legacyPackages."x86_64-linux"; [endless-sky]);
};
}

11
nixos/boxes/homescreen/default.nix
View file

@ -1,6 +1,11 @@
{ config, pkgs, inputs, lib, ... }: {
imports =
[ inputs.nixos-hardware.nixosModules.raspberry-pi-4 ../../tailscale ];
{
config,
pkgs,
inputs,
lib,
...
}: {
imports = [inputs.nixos-hardware.nixosModules.raspberry-pi-4 ../../tailscale];
networking = {
hostName = "homescreen";

8
nixos/boxes/mb1/atuin.nix
View file

@ -1,4 +1,10 @@
{ config, pkgs, inputs, lib, ... }: {
{
config,
pkgs,
inputs,
lib,
...
}: {
imports = [
"${inputs.nixpkgs-nixos-unstable}/nixos/modules/services/misc/atuin.nix"
../nginx.nix

10
nixos/boxes/mb1/blog.nix
View file

@ -1,8 +1,10 @@
{ config, pkgs, ... }:
let
path = "/var/www/blog/";
in
{
config,
pkgs,
...
}: let
path = "/var/www/blog/";
in {
imports = [../nginx.nix];
services.nginx = {
virtualHosts = {

9
nixos/boxes/mb1/boot.nix
View file

@ -1,4 +1,10 @@
{ config, pkgs, inputs, lib, ... }: {
{
config,
pkgs,
inputs,
lib,
...
}: {
boot.kernelPackages = pkgs.linuxPackages_latest;
boot.loader.grub = {
@ -6,5 +12,4 @@
efiSupport = true;
efiInstallAsRemovable = true;
};
}

10
nixos/boxes/mb1/default.nix
View file

@ -1,4 +1,10 @@
{ config, pkgs, inputs, lib, ... }: {
{
config,
pkgs,
inputs,
lib,
...
}: {
imports = [
"${inputs.nixpkgs-stable}/nixos/modules/profiles/qemu-guest.nix"
../cli.nix
@ -10,7 +16,6 @@
];
networking.hostName = "mb1";
zramSwap = {
enable = true;
algorithm = "zstd";
@ -18,5 +23,4 @@
};
time.timeZone = "Europe/London";
}

10
nixos/boxes/mb1/search.nix
View file

@ -1,8 +1,11 @@
{ config, pkgs, ... }: {
{
config,
pkgs,
...
}: {
imports = [../nginx.nix];
virtualisation.oci-containers.containers.searxng = {
image =
"searxng/searxng@sha256:650c0b183a129e10c2493126bb27c3541ffebbead6e0255fab91831457211b06";
image = "searxng/searxng@sha256:650c0b183a129e10c2493126bb27c3541ffebbead6e0255fab91831457211b06";
volumes = [];
environment = {BASE_URL = "https://search.cyplo.dev";};
ports = ["9999:8080"];
@ -28,5 +31,4 @@
};
};
};
}

7
nixos/boxes/thinky/default.nix
View file

@ -1,4 +1,9 @@
{ config, pkgs, lib,... }: {
{
config,
pkgs,
lib,
...
}: {
networking.hostName = "thinky";
imports = [

14
nixos/boxes/thinky/hardware-configuration.nix
View file

@ -1,11 +1,16 @@
{ config, lib, pkgs, inputs, ... }: {
{
config,
lib,
pkgs,
inputs,
...
}: {
boot = {
kernelModules = ["kvm-intel"];
initrd = {
kernelModules = ["dm-snapshot"];
availableKernelModules =
[ "ata_generic" "uhci_hcd" "ehci_pci" "ahci" "usb_storage" "sd_mod" ];
availableKernelModules = ["ata_generic" "uhci_hcd" "ehci_pci" "ahci" "usb_storage" "sd_mod"];
};
loader.grub.enable = true;
@ -17,8 +22,7 @@
fsType = "btrfs";
};
boot.initrd.luks.devices."crypt".device =
"/dev/disk/by-uuid/8d51b38a-5d90-4a7a-a86a-0d57648fd82d";
boot.initrd.luks.devices."crypt".device = "/dev/disk/by-uuid/8d51b38a-5d90-4a7a-a86a-0d57648fd82d";
fileSystems."/boot" = {
device = "/dev/disk/by-uuid/195b3f15-885e-4123-879f-6e4591a58317";

10
nixos/boxes/vpsfree1/backups.nix
View file

@ -1,5 +1,8 @@
{ config, pkgs, ... }:
let
{
config,
pkgs,
...
}: let
genericBackupPath = "/var/lib/backups/";
containersBackupPath = "${genericBackupPath}/oci-containers/";
in rec {
@ -32,8 +35,7 @@ in rec {
systemctl start container@mastodon.service
'';
timerConfig = {OnCalendar = "daily";};
environmentFile =
"${config.sops.secrets.restic-backups-b2-environment.path}";
environmentFile = "${config.sops.secrets.restic-backups-b2-environment.path}";
};
};

11
nixos/boxes/vpsfree1/cryptpad.nix
View file

@ -1,4 +1,10 @@
{ config, pkgs, inputs, lib, ... }: {
{
config,
pkgs,
inputs,
lib,
...
}: {
imports = [../nginx.nix];
services.nginx = {
@ -15,8 +21,7 @@
};
};
virtualisation.oci-containers.containers.cryptpad = {
image =
"promasu/cryptpad@sha256:29c61f69e41173188c0592e72f2273cf23a83f48e7d143337e2cd7fea441ed87";
image = "promasu/cryptpad@sha256:29c61f69e41173188c0592e72f2273cf23a83f48e7d143337e2cd7fea441ed87";
volumes = [
"${./cryptpad.config.js}:/cryptpad/config/config.js"

8
nixos/boxes/vpsfree1/default.nix
View file

@ -1,4 +1,10 @@
{ config, pkgs, inputs, lib, ... }: {
{
config,
pkgs,
inputs,
lib,
...
}: {
networking.hostName = "vpsfree1";
imports = [

32
nixos/boxes/vpsfree1/fossil.nix
View file

@ -1,5 +1,10 @@
{ config, pkgs, inputs, lib, ... }:
let
{
config,
pkgs,
inputs,
lib,
...
}: let
port = 8081;
domain = "fossil.cyplo.dev";
baseurl = "https://${domain}";
@ -19,18 +24,23 @@ in {
containers.fossil = {
autoStart = true;
forwardPorts = [{
forwardPorts = [
{
containerPort = port;
hostPort = port;
}];
}
];
bindMounts = {
"${path}" = {
hostPath = "${path}";
isReadOnly = false;
};
};
config = { config, pkgs, ... }:
let
config = {
config,
pkgs,
...
}: let
user = "fossil";
group = "fossil";
in {
@ -59,9 +69,13 @@ in {
Group = group;
WorkingDirectory = path;
ReadWritePaths = [path];
ExecStart = "${pkgs.fossil}/bin/fossil server" + " --localhost"
+ " --https" + " --port ${toString port}"
+ " --baseurl ${baseurl}" + " --repolist ${path}";
ExecStart =
"${pkgs.fossil}/bin/fossil server"
+ " --localhost"
+ " --https"
+ " --port ${toString port}"
+ " --baseurl ${baseurl}"
+ " --repolist ${path}";
Restart = "always";
RestartSec = 3;
};

21
nixos/boxes/vpsfree1/foundryvtt.nix
View file

@ -1,5 +1,10 @@
{ config, pkgs, inputs, lib, ... }:
let
{
config,
pkgs,
inputs,
lib,
...
}: let
foundryvtt = pkgs.fetchzip {
name = "foundryvtt";
url = "file:///" + ./FoundryVTT-11.306.zip;
@ -26,17 +31,23 @@ in {
containers.foundryvtt = {
autoStart = true;
forwardPorts = [{
forwardPorts = [
{
containerPort = 30000;
hostPort = 30000;
}];
}
];
bindMounts = {
"/var/lib/foundryvtt" = {
hostPath = "/var/lib/foundryvtt";
isReadOnly = false;
};
};
config = { config, pkgs, ... }: {
config = {
config,
pkgs,
...
}: {
system.stateVersion = "23.05";
systemd.services."foundryvtt" = {
requires = ["network-online.target"];

27
nixos/boxes/vpsfree1/gitea.nix
View file

@ -1,5 +1,11 @@
{ config, pkgs, inputs, lib, system, ... }:
let
{
config,
pkgs,
inputs,
lib,
system,
...
}: let
unstable = inputs.nixpkgs-nixos-unstable;
package = unstable.legacyPackages."${system}".gitea;
httpPort = 8083;
@ -76,15 +82,21 @@ in {
isReadOnly = true;
};
};
config = { config, pkgs, lib, ... }: {
config = {
config,
pkgs,
lib,
...
}: {
system.stateVersion = "23.05";
users = users // {
users =
users
// {
mutableUsers = false;
allowNoPasswordLogin = true;
};
disabledModules = ["services/misc/gitea.nix"];
imports =
[ "${unstable}/nixos/modules/services/misc/gitea.nix" ];
imports = ["${unstable}/nixos/modules/services/misc/gitea.nix"];
services.gitea = {
enable = true;
inherit package;
@ -101,8 +113,7 @@ in {
"markup.mermaid" = {
ENABLED = true;
FILE_EXTENSIONS = ".md";
RENDER_COMMAND =
"${pkgs.asciidoc-full}/bin/asciidoc --out-file=- -";
RENDER_COMMAND = "${pkgs.asciidoc-full}/bin/asciidoc --out-file=- -";
IS_INPUT_FILE = false;
};
server = {

32
nixos/boxes/vpsfree1/mastodon.nix
View file

@ -1,5 +1,10 @@
{ config, pkgs, inputs, lib, ... }:
let
{
config,
pkgs,
inputs,
lib,
...
}: let
newestPackages = inputs.nixpkgs-master.legacyPackages.${pkgs.system};
package = newestPackages.mastodon;
domain = "peninsula.industries";
@ -58,14 +63,18 @@ in {
};
};
sops.secrets."${mailgunSmtpSecretName}" = {
sops.secrets."${mailgunSmtpSecretName}" =
{
sopsFile = ./mailgun.sops.yaml;
path = mailgunSmtpPasswordPath;
} // secretSettings;
sops.secrets."${mastodonDbSecretName}" = {
}
// secretSettings;
sops.secrets."${mastodonDbSecretName}" =
{
sopsFile = ./mastodon-db.sops.yaml;
path = mastodonDbSecretPath;
} // secretSettings;
}
// secretSettings;
inherit users;
@ -110,10 +119,17 @@ in {
isReadOnly = true;
};
};
config = { config, pkgs, lib, ... }: {
config = {
config,
pkgs,
lib,
...
}: {
system.stateVersion = "23.05";
services.postgresql.port = postgresPort;
users = users // {
users =
users
// {
mutableUsers = false;
allowNoPasswordLogin = true;
};

28
nixos/boxes/vpsfree1/rss.nix
View file

@ -1,5 +1,10 @@
{ config, pkgs, inputs, lib, ... }:
let
{
config,
pkgs,
inputs,
lib,
...
}: let
port = 8080;
domain = "news.cyplo.dev";
postgresPort = 5435;
@ -18,12 +23,17 @@ in {
containers.rss = {
autoStart = true;
forwardPorts = [{
forwardPorts = [
{
containerPort = port;
hostPort = port;
}];
config = { config, pkgs, ... }:
let
}
];
config = {
config,
pkgs,
...
}: let
inherit (config.services.tt-rss) pool;
inherit (config.services.tt-rss) root;
in {
@ -41,10 +51,12 @@ in {
enable = true;
virtualHosts = {
"${domain}" = {
listen = [{
listen = [
{
inherit port;
addr = "0.0.0.0";
}];
}
];
root = "${root}/www";
locations."/" = {index = "index.php";};
locations."^~ /feed-icons" = {root = "${root}";};

17
nixos/boxes/yoga/default.nix
View file

@ -1,7 +1,19 @@
{ config, pkgs, inputs, lib, system, nixpkgs-nixos-unstable-and-unfree, ... }: {
{
config,
pkgs,
inputs,
lib,
system,
nixpkgs-nixos-unstable-and-unfree,
...
}: {
networking.hostName = "yoga";
imports = [ ./hardware-configuration.nix ../../boot.nix ../../git ../../gui
imports = [
./hardware-configuration.nix
../../boot.nix
../../git
../../gui
../../vim
];
@ -73,5 +85,4 @@
# Workaround for GNOME autologin: https://github.com/NixOS/nixpkgs/issues/103746#issuecomment-945091229
systemd.services."getty@tty1".enable = false;
systemd.services."autovt@tty1".enable = false;
}

14
nixos/boxes/yoga/hardware-configuration.nix
View file

@ -1,8 +1,13 @@
{ config, lib, pkgs, modulesPath, ... }: {
{
config,
lib,
pkgs,
modulesPath,
...
}: {
imports = [];
boot.initrd.availableKernelModules =
[ "xhci_pci" "ahci" "usbhid" "usb_storage" "sd_mod" "rtsx_pci_sdmmc" ];
boot.initrd.availableKernelModules = ["xhci_pci" "ahci" "usbhid" "usb_storage" "sd_mod" "rtsx_pci_sdmmc"];
boot.initrd.kernelModules = [];
boot.kernelModules = ["kvm-intel"];
boot.extraModulePackages = [];
@ -19,8 +24,7 @@
options = ["subvol=@"];
};
boot.initrd.luks.devices."luks-99498047-118a-484a-8c2a-987ca68d4943".device =
"/dev/disk/by-uuid/99498047-118a-484a-8c2a-987ca68d4943";
boot.initrd.luks.devices."luks-99498047-118a-484a-8c2a-987ca68d4943".device = "/dev/disk/by-uuid/99498047-118a-484a-8c2a-987ca68d4943";
fileSystems."/boot/efi" = {
device = "/dev/disk/by-uuid/F179-A4EA";

20
nixos/common-hardware.nix
View file

@ -1,4 +1,10 @@
{ config, pkgs, nixpkgs-nixos-unstable-and-unfree, lib, ... }: {
{
config,
pkgs,
nixpkgs-nixos-unstable-and-unfree,
lib,
...
}: {
boot.kernelModules = ["fuse"];
services.smartd.enable = true;
@ -6,7 +12,8 @@
networking.networkmanager = {
enable = true;
dispatcherScripts = [{
dispatcherScripts = [
{
source = pkgs.writeText "upHook" ''
enable_disable_wifi ()
{
@ -27,7 +34,8 @@
fi
'';
type = "basic";
}];
}
];
};
hardware.enableRedistributableFirmware = true;
@ -73,8 +81,7 @@
description = "Epson XP-540 via bolty";
name = "epson_xp540_via_bolty";
deviceUri = "ipp://bolty:631/printers/epson_xp540";
model =
"epson-inkjet-printer-escpr/Epson-XP-540_Series-epson-escpr-en.ppd";
model = "epson-inkjet-printer-escpr/Epson-XP-540_Series-epson-escpr-en.ppd";
ppdOptions = {
PageSize = "A4";
Duplex = "DuplexNoTumble";
@ -83,8 +90,7 @@
{
description = "Samsung SCX-4623 Series";
name = "samsung-SCX-4623";
deviceUri =
"usb://Samsung/SCX-4623%20Series?serial=Z2TYBFFZC01007W&interface=1";
deviceUri = "usb://Samsung/SCX-4623%20Series?serial=Z2TYBFFZC01007W&interface=1";
model = "samsung/SCX-4623FW.ppd";
ppdOptions = {
PageSize = "A4";

7
nixos/common-services.nix
View file

@ -1,5 +1,8 @@
{ config, pkgs, ... }: {
{
config,
pkgs,
...
}: {
console.keyMap = "pl2";
imports = [./tailscale];
services = {

13
nixos/common.nix
View file

@ -1,5 +1,11 @@
{ config, pkgs, lib, inputs, nixpkgs-nixos-unstable-and-unfree, ... }:
let
{
config,
pkgs,
lib,
inputs,
nixpkgs-nixos-unstable-and-unfree,
...
}: let
stateVersion = "23.05";
username = "cyryl";
in {
@ -54,8 +60,7 @@ in {
shell = pkgs.zsh;
};
networking.nameservers =
[ "9.9.9.9" "2620:fe::fe" "149.112.112.112" "2620:fe::9" ];
networking.nameservers = ["9.9.9.9" "2620:fe::fe" "149.112.112.112" "2620:fe::9"];
networking.hosts = {"10.11.99.1" = ["remarkable"];};

18
nixos/distributed-builds.nix
View file

@ -1,5 +1,10 @@
{ config, pkgs, ... }: {
nix.buildMachines = [{
{
config,
pkgs,
...
}: {
nix.buildMachines = [
{
hostName = "bolty";
sshUser = "nix-builder";
sshKey = "/home/cyryl/.ssh/id_ed25519";
@ -8,14 +13,13 @@
speedFactor = 1;
supportedFeatures = ["kvm" "big-parallel"];
mandatoryFeatures = [];
}];
}
];
nix.extraOptions = ''
builders-use-substitutes = true
'';
nix.distributedBuilds = true;
nix.settings.substituters =
[ "https://cache.nixos.org/" "ssh://nix-ssh@bolty.raptor-carp.ts.net" ];
nix.settings.trusted-public-keys =
[ "cyplodev-store-key:a/+PEufePs7giWqYyRqy+TgUKLMbY+RQuJQu2aUjdl8=" ];
nix.settings.substituters = ["https://cache.nixos.org/" "ssh://nix-ssh@bolty.raptor-carp.ts.net"];
nix.settings.trusted-public-keys = ["cyplodev-store-key:a/+PEufePs7giWqYyRqy+TgUKLMbY+RQuJQu2aUjdl8="];
}

9
nixos/gnome/home.nix
View file

@ -1,9 +1,14 @@
{ config, pkgs, ... }: {
{
config,
pkgs,
...
}: {
services = {};
xsession = {enable = false;};
home.packages = (with pkgs; [ gnome-usage gnome3.gnome-tweaks ])
home.packages =
(with pkgs; [gnome-usage gnome3.gnome-tweaks])
++ (with pkgs.gnomeExtensions; [
caffeine
clipboard-indicator

6
nixos/gnome/system.nix
View file

@ -1,4 +1,8 @@
{ config, pkgs, ... }: {
{
config,
pkgs,
...
}: {
services.xserver = {
enable = true;
displayManager.gdm.enable = true;

16
nixos/gui/default.nix
View file

@ -1,6 +1,12 @@
{ config, pkgs, discord, inputs, nixpkgs-nixos-stable-and-unfree
, nixpkgs-nixos-unstable-and-unfree, ... }:
let
{
config,
pkgs,
discord,
inputs,
nixpkgs-nixos-stable-and-unfree,
nixpkgs-nixos-unstable-and-unfree,
...
}: let
unstable = inputs.nixpkgs-nixos-unstable.legacyPackages.${pkgs.system};
nixpkgs-master = inputs.nixpkgs-master.legacyPackages.${pkgs.system};
in {
@ -81,7 +87,9 @@ in {
yubikey-manager-qt
yubikey-personalization
yubikey-personalization-gui
] ++ (with unstable; [ glaxnimate gnucash kicad thunderbird ]) ++ [
]
++ (with unstable; [glaxnimate gnucash kicad thunderbird])
++ [
nixpkgs-nixos-stable-and-unfree.discord
nixpkgs-nixos-unstable-and-unfree.hopper
];

16
nixos/gui/vscode.nix
View file

@ -1,6 +1,10 @@
{ config, pkgs, inputs, ... }: {
home.packages = with pkgs;
[
{
config,
pkgs,
inputs,
...
}: {
home.packages = with pkgs; [
(vscode-with-extensions.override {
vscodeExtensions = with vscode-extensions;
[
@ -14,13 +18,13 @@
name = "vadimcn.vscode-lldb-1.6.10";
src = fetchurl {
name = "vadimcn.vscode-lldb.zip";
url =
"https://github.com/vadimcn/vscode-lldb/releases/download/v1.6.10/codelldb-${pkgs.system}.vsix";
url = "https://github.com/vadimcn/vscode-lldb/releases/download/v1.6.10/codelldb-${pkgs.system}.vsix";
sha256 = "sha256-QWbpe6ofacjrTCyWSKljwHDWWeHGmKNqi7cpw8Qy5Tw=";
};
buildInputs = with pkgs; [llvm lldb python38 autoPatchelfHook];
})
] ++ vscode-utils.extensionsFromVscodeMarketplace [
]
++ vscode-utils.extensionsFromVscodeMarketplace [
{
publisher = "bierner";
name = "markdown-mermaid";

8
nixos/home-manager/cli.nix
View file

@ -1,4 +1,10 @@
{ config, pkgs, inputs, system, ... }: {
{
config,
pkgs,
inputs,
system,
...
}: {
home.packages = with pkgs; [
(pass.withExtensions (ext: [
ext.pass-otp

10
nixos/home-manager/default.nix
View file

@ -1,5 +1,11 @@
{ config, pkgs, inputs, lib, ... }:
let username = "cyryl";
{
config,
pkgs,
inputs,
lib,
...
}: let
username = "cyryl";
in {
home.sessionVariables = {
LC_ALL = "en_GB.UTF-8";

7
nixos/home-manager/linux.nix
View file

@ -1,4 +1,9 @@
{ config, pkgs, inputs, ... }: {
{
config,
pkgs,
inputs,
...
}: {
services.gpg-agent = {
enable = true;
pinentryFlavor = "curses";

6
nixos/home-manager/programs.nix
View file

@ -1,4 +1,8 @@
{ config, pkgs, ... }: {
{
config,
pkgs,
...
}: {
programs = {
home-manager.enable = true;

12
nixos/home-manager/programs/alacritty.nix
View file

@ -1,4 +1,8 @@
{ config, pkgs, ... }: {
{
config,
pkgs,
...
}: {
home.sessionVariables = {TERMINAL = "alacritty";};
programs.alacritty = {
@ -6,11 +10,13 @@
settings = {
window.decorations = "none";
mouse_bindings = [{
mouse_bindings = [
{
mouse = "Middle";
mode = "~Vi";
action = "None";
}];
}
];
scrolling = {
history = 32000;
multiplier = 3;

16
nixos/home-manager/programs/helix.nix
View file

@ -9,10 +9,18 @@
alejandra = lib.getExe inputs.alejandra.packages.${system}.default;
nil = lib.getExe inputs.nil.packages.${system}.default;
in {
home.sessionVariables = { EDITOR = "vim"; VISUAL="vim"; };
programs.zsh.sessionVariables = { EDITOR = "vim"; VISUAL="vim"; };
systemd.user.sessionVariables = { EDITOR = "vim"; VISUAL="vim"; };
home.sessionVariables = {
EDITOR = "vim";
VISUAL = "vim";
};
programs.zsh.sessionVariables = {
EDITOR = "vim";
VISUAL = "vim";
};
systemd.user.sessionVariables = {
EDITOR = "vim";
VISUAL = "vim";
};
programs.helix = {
enable = true;

6
nixos/home-manager/programs/kitty.nix
View file

@ -1,4 +1,8 @@
{ config, pkgs, ... }: {
{
config,
pkgs,
...
}: {
home.sessionVariables = {TERMINAL = "kitty";};
programs.kitty = {

6
nixos/home-manager/programs/ssh.nix
View file

@ -1,4 +1,8 @@
{ config, pkgs, ... }: {
{
config,
pkgs,
...
}: {
programs.ssh.extraConfig = ''
Host vpsfree1 vpsfree1.cyplo.dev vpsfree1.raptor-carp.ts.net
HostName vpsfree1

6
nixos/home-manager/programs/termite.nix
View file

@ -1,4 +1,8 @@
{ config, pkgs, ... }: {
{
config,
pkgs,
...
}: {
home.sessionVariables = {TERMINAL = "termite";};
programs.termite = {
enable = true;

18
nixos/i3/default.nix
View file

@ -1,4 +1,8 @@
{ config, pkgs, ... }: {
{
config,
pkgs,
...
}: {
imports = [./autorandr.nix ./openweathermap-secrets.nix];
environment.systemPackages = with pkgs; [dconf];
programs.dconf.enable = true;
@ -6,17 +10,21 @@
security.sudo.extraRules = [
{
users = ["cyryl"];
commands = [{
commands = [
{
command = "${pkgs.i3}/bin/i3-msg";
options = ["NOPASSWD"];
}];
}
];
}
{
users = ["cyryl"];
commands = [{
commands = [
{
command = "${pkgs.intel-gpu-tools}/bin/intel_gpu_top";
options = ["NOPASSWD"];
}];
}
];
}
];

6
nixos/i3/dunst.nix
View file

@ -1,4 +1,8 @@
{ config, pkgs, ... }: {
{
config,
pkgs,
...
}: {
services.dunst = {
enable = true;
settings = {

6
nixos/i3/i3-status.nix
View file

@ -1,4 +1,8 @@
{ config, pkgs, ... }: {
{
config,
pkgs,
...
}: {
programs.i3status = {
enable = true;
enableDefault = false;

41
nixos/i3/i3.nix
View file

@ -1,5 +1,9 @@
{ config, pkgs, ... }:
let mod = "Mod4";
{
config,
pkgs,
...
}: let
mod = "Mod4";
in {
home.packages = with pkgs; [font-awesome intel-gpu-tools];
@ -23,8 +27,7 @@ in {
notification = false;
}
{
command =
"exec xdg-mime default org.gnome.Evince.desktop application/pdf";
command = "exec xdg-mime default org.gnome.Evince.desktop application/pdf";
always = false;
notification = false;
}
@ -42,7 +45,8 @@ in {
};
workspaceLayout = "tabbed";
bars = [{
bars = [
{
statusCommand = "${pkgs.i3status}/bin/i3status";
position = "top";
colors.background = "#001e26";
@ -53,7 +57,8 @@ in {
};
trayOutput = "primary";
}];
}
];
modifier = mod;
keybindings = {
@ -64,25 +69,17 @@ in {
"${mod}+Shift+l" = "exec physlock -d";
"${mod}+Return" = "exec i3-sensible-terminal";
"XF86AudioRaiseVolume" =
"exec --no-startup-id ${pkgs.pulseaudio}/bin/pactl set-sink-volume @DEFAULT_SINK@ +5%";
"XF86AudioLowerVolume" =
"exec --no-startup-id ${pkgs.pulseaudio}/bin/pactl set-sink-volume @DEFAULT_SINK@ -5%";
"XF86AudioMute" =
"exec --no-startup-id ${pkgs.pulseaudio}/bin/pactl set-sink-mute @DEFAULT_SINK@ toggle";
"XF86AudioMicMute" =
"exec --no-startup-id ${pkgs.pulseaudio}/bin/pactl set-source-mute @DEFAULT_SOURCE@ toggle";
"XF86AudioRaiseVolume" = "exec --no-startup-id ${pkgs.pulseaudio}/bin/pactl set-sink-volume @DEFAULT_SINK@ +5%";
"XF86AudioLowerVolume" = "exec --no-startup-id ${pkgs.pulseaudio}/bin/pactl set-sink-volume @DEFAULT_SINK@ -5%";
"XF86AudioMute" = "exec --no-startup-id ${pkgs.pulseaudio}/bin/pactl set-sink-mute @DEFAULT_SINK@ toggle";
"XF86AudioMicMute" = "exec --no-startup-id ${pkgs.pulseaudio}/bin/pactl set-source-mute @DEFAULT_SOURCE@ toggle";
"XF86MonBrightnessUp" =
"exec light -s sysfs/backlight/intel_backlight -A 5";
"XF86MonBrightnessDown" =
"exec light -s sysfs/backlight/intel_backlight -U 5";
"XF86MonBrightnessUp" = "exec light -s sysfs/backlight/intel_backlight -A 5";
"XF86MonBrightnessDown" = "exec light -s sysfs/backlight/intel_backlight -U 5";
"Print" =
"exec ${pkgs.gnome3.gnome-screenshot}/bin/gnome-screenshot -i";
"Print" = "exec ${pkgs.gnome3.gnome-screenshot}/bin/gnome-screenshot -i";
"${mod}+r" =
"exec ${pkgs.rofi}/bin/rofi -show combi -combi-modi window#run#ssh -modi combi";
"${mod}+r" = "exec ${pkgs.rofi}/bin/rofi -show combi -combi-modi window#run#ssh -modi combi";
"${mod}+c" = "exec ${pkgs.clipmenu}/bin/clipmenu";
"${mod}+q" = "kill";
"${mod}+f" = "fullscreen toggle";

6
nixos/i3/rofi.nix
View file

@ -1,4 +1,8 @@
{ config, pkgs, ... }: {
{
config,
pkgs,
...
}: {
programs.rofi = {
enable = true;
font = "BerkeleyMono Nerd Font 16";

15
nixos/sdr.nix
View file

@ -1,14 +1,15 @@
{ config, pkgs, inputs, ... }:
{
config,
pkgs,
inputs,
...
}: {
home-manager.users.cyryl = {...}: {
imports = [];
home.packages =
with inputs.nixpkgs-nixos-unstable.legacyPackages."x86_64-linux";
home.packages = with inputs.nixpkgs-nixos-unstable.legacyPackages."x86_64-linux";
with gnuradio3_8Packages;
[ gnuradio3_8 osmosdr gqrx audacity rtl-sdr inspectrum ] ++
(with pkgs; [ ]);
[gnuradio3_8 osmosdr gqrx audacity rtl-sdr inspectrum]
++ (with pkgs; []);
};
users.extraUsers.cyryl.extraGroups = ["plugdev"];

6
nixos/server-common.nix
View file

@ -1,4 +1,8 @@
{ config, pkgs, ... }: {
{
config,
pkgs,
...
}: {
imports = [./server-security.nix ./tailscale];
networking.nameservers = [
"100.100.100.100"

7
nixos/server-security.nix
View file

@ -1,5 +1,8 @@
{ config, pkgs, ... }:
let
{
config,
pkgs,
...
}: let
authorizedKeys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEo4R+6J3h6Ix3xWpOMdU7Es1/YxFchHw0c+kcCOJxFb cyryl@foureighty"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDN/2C59i+ucvSa9FLCHlVPJp0zebLOcw0+hnBYwy0cY cyryl@skinnyv"

17
nixos/sway/default.nix
View file

@ -1,5 +1,9 @@
{ config, pkgs, ... }:
let mod = "Mod4";
{
config,
pkgs,
...
}: let
mod = "Mod4";
in {
services.dbus.packages = with pkgs; [];
programs.dconf.enable = true;
@ -73,14 +77,15 @@ in {
titlebar = false;
border = 0;
};
bars = [{
bars = [
{
position = "top";
command = "${pkgs.waybar}/bin/waybar";
}];
}
];
startup = [
{
command =
"${pkgs.wl-clipboard}/bin/wl-paste -t text --watch ${pkgs.clipman}/bin/clipman store";
command = "${pkgs.wl-clipboard}/bin/wl-paste -t text --watch ${pkgs.clipman}/bin/clipman store";
}
{command = "${pkgs.clipman}/bin/clipman restore";}
{

26
nixos/sway/keybindings.nix
View file

@ -1,5 +1,9 @@
{ config, pkgs, ... }:
let mod = "Mod4";
{
config,
pkgs,
...
}: let
mod = "Mod4";
in {
wayland.windowManager.sway.config.keybindings = {
"${mod}+Shift+e" = "exit";
@ -7,19 +11,13 @@ in {
"${mod}+Shift+l" = "exec swaylock -c 657b83";
"${mod}+Return" = "exec ${pkgs.alacritty}/bin/alacritty";
"XF86AudioRaiseVolume" =
"exec --no-startup-id ${pkgs.pulseaudio}/bin/pactl set-sink-volume @DEFAULT_SINK@ +5%";
"XF86AudioLowerVolume" =
"exec --no-startup-id ${pkgs.pulseaudio}/bin/pactl set-sink-volume @DEFAULT_SINK@ -5%";
"XF86AudioMute" =
"exec --no-startup-id ${pkgs.pulseaudio}/bin/pactl set-sink-mute @DEFAULT_SINK@ toggle";
"XF86AudioMicMute" =
"exec --no-startup-id ${pkgs.pulseaudio}/bin/pactl set-source-mute @DEFAULT_SOURCE@ toggle";
"XF86AudioRaiseVolume" = "exec --no-startup-id ${pkgs.pulseaudio}/bin/pactl set-sink-volume @DEFAULT_SINK@ +5%";
"XF86AudioLowerVolume" = "exec --no-startup-id ${pkgs.pulseaudio}/bin/pactl set-sink-volume @DEFAULT_SINK@ -5%";
"XF86AudioMute" = "exec --no-startup-id ${pkgs.pulseaudio}/bin/pactl set-sink-mute @DEFAULT_SINK@ toggle";
"XF86AudioMicMute" = "exec --no-startup-id ${pkgs.pulseaudio}/bin/pactl set-source-mute @DEFAULT_SOURCE@ toggle";
"XF86MonBrightnessUp" =
"exec light -s sysfs/backlight/intel_backlight -A 5";
"XF86MonBrightnessDown" =
"exec light -s sysfs/backlight/intel_backlight -U 5";
"XF86MonBrightnessUp" = "exec light -s sysfs/backlight/intel_backlight -A 5";
"XF86MonBrightnessDown" = "exec light -s sysfs/backlight/intel_backlight -U 5";
"Print" = "exec ${pkgs.gnome3.gnome-screenshot}/bin/gnome-screenshot -i";

8
nixos/syncthing.nix
View file

@ -1,5 +1,9 @@
{ config, pkgs, inputs, ... }:
let
{
config,
pkgs,
inputs,
...
}: let
workstations = ["skinnyv" "foryog" "thinky"];
workstations_plus_phone = ["OnePlus9"] ++ workstations;
in {

14
nixos/tailscale/default.nix
View file

@ -1,7 +1,13 @@
{ config, pkgs, inputs, ... }:
let
inherit (inputs.nixpkgs-nixos-unstable.legacyPackages."x86_64-linux")
tailscale;
{
config,
pkgs,
inputs,
...
}: let
inherit
(inputs.nixpkgs-nixos-unstable.legacyPackages."x86_64-linux")
tailscale
;
in {
environment.systemPackages = [tailscale];
services.tailscale = {

7
nixos/vim/default.nix
View file

@ -1,4 +1,9 @@
{ config, pkgs, lib, ... }: {
{
config,
pkgs,
lib,
...
}: {
programs.zsh.enable = true;
home-manager.users.cyryl = {...}: {imports = [./home.nix];};

25
nixos/vim/home.nix
View file

@ -1,5 +1,11 @@
{ config, pkgs, lib, inputs, system, ... }:
let
{
config,
pkgs,
lib,
inputs,
system,
...
}: let
unstablePackages = inputs.nixpkgs-nixos-unstable.legacyPackages."${system}";
nil = inputs.nil.packages."${system}".default;
cocPackage = unstablePackages.vimPlugins.coc-nvim;
@ -7,9 +13,18 @@ let
in {
home.file.".vimrc".source = ../../.vimrc;
home.packages = with pkgs; [ripgrep];
home.sessionVariables = { EDITOR = "vim"; VISUAL="vim"; };
programs.zsh.sessionVariables = { EDITOR = "vim"; VISUAL="vim"; };
systemd.user.sessionVariables = { EDITOR = "vim"; VISUAL="vim"; };
home.sessionVariables = {
EDITOR = "vim";
VISUAL = "vim";
};
programs.zsh.sessionVariables = {
EDITOR = "vim";
VISUAL = "vim";
};
systemd.user.sessionVariables = {
EDITOR = "vim";
VISUAL = "vim";
};
programs.neovim = {
enable = true;

7
nixos/zsh/default.nix
View file

@ -1,4 +1,9 @@
{ config, pkgs, lib, ... }: {
{
config,
pkgs,
lib,
...
}: {
programs.zsh.enable = true;
home-manager.users.cyryl = {...}: {imports = [./home.nix];};
}

6
nixos/zsh/home.nix
View file

@ -1,4 +1,8 @@
{ config, pkgs, ... }: {
{
config,
pkgs,
...
}: {
programs.atuin.enableZshIntegration = true;
programs.zsh = {
enable = true;