Merge branch 'main' of git.vatthauer.xyz:leonv/nixos

This commit is contained in:
Leon Vatthauer 2024-05-21 20:24:04 +02:00
commit 5ef874dc11
Signed by: leonv
SSH key fingerprint: SHA256:G4+ddwoZmhLPRB1agvXzZMXIzkVJ36dUYZXf5NxT+u8
30 changed files with 102 additions and 517 deletions

View file

@ -109,6 +109,9 @@
enable = true; enable = true;
}; };
# iwlwifi fix?
hardware.enableRedistributableFirmware = true;
# bluetooth # bluetooth
hardware.bluetooth.enable = true; hardware.bluetooth.enable = true;
hardware.bluetooth.powerOnBoot = true; hardware.bluetooth.powerOnBoot = true;
@ -139,14 +142,7 @@
# List packages installed in system profile. # List packages installed in system profile.
environment.systemPackages = environment.systemPackages =
with pkgs; with pkgs;
let [
catp-gtk = pkgs.catppuccin-gtk.override {
accents = [ "flamingo" ]; # You can specify multiple accents here to output multiple themes
size = "compact";
tweaks = [ "rimless" "black" ]; # You can also specify multiple tweaks here
variant = "macchiato";
};
in [
texliveFull texliveFull
# for connecting to nas # for connecting to nas
nfs-utils nfs-utils
@ -154,40 +150,14 @@
# some standards for convenience # some standards for convenience
vim vim
parted parted
os-prober
qpdfview qpdfview
swww
# greeter
greetd.gtkgreet
catp-gtk
# deps for hyprland / eww # deps for hyprland / eww
socat socat
xdg-desktop-portal-hyprland
]; ];
system.stateVersion = "24.05"; system.stateVersion = "24.05";
# NFS setup
services.rpcbind.enable = true; # needed for NFS
systemd.mounts = [{
type = "nfs";
mountConfig = {
Options = "noatime";
};
what = "192.168.178.20:/volume1/MiniDrive";
where = "/MiniDrive";
}];
systemd.automounts = [{
wantedBy = [ "multi-user.target" ];
automountConfig = {
TimeoutIdleSec = "10";
};
where = "/MiniDrive";
}];
# source zsh # source zsh
programs.zsh.enable = true; programs.zsh.enable = true;
users.defaultUserShell = pkgs.zsh; users.defaultUserShell = pkgs.zsh;
@ -200,8 +170,6 @@
environment.sessionVariables = { environment.sessionVariables = {
## disable logging when direnv changes ## disable logging when direnv changes
DIRENV_LOG_FORMAT = []; DIRENV_LOG_FORMAT = [];
# GTK theme (set here for greetd)
GTK_THEME = "Catppuccin-Macchiato-Compact-Flamingo-Dark";
}; };
# fonts # fonts
@ -237,8 +205,6 @@
IdentityFile ~/.ssh/git IdentityFile ~/.ssh/git
''; '';
programs.steam.enable = true;
# thunar # thunar
programs.thunar = { programs.thunar = {
enable = true; enable = true;

View file

@ -23,7 +23,7 @@ $overlay0: #6e738d;
$surface2: #5b6078; $surface2: #5b6078;
$surface1: #494d64; $surface1: #494d64;
$surface0: #363a4f; $surface0: #363a4f;
$base: #24273a; $base: #000000;//#24273a;
$mantle: #1e2030; $mantle: #1e2030;
$crust: #181926; $crust: #181926;
@ -32,11 +32,6 @@ $crust: #181926;
font-family: "monospace"; font-family: "monospace";
} }
// .bar {
// background-color: $base;
// border-radius: 16px;
// }
.container { .container {
background-color: $base; background-color: $base;
border-radius: 16px; border-radius: 16px;

View file

@ -16,7 +16,6 @@
(centerbox (centerbox
:class "bar" :class "bar"
(left) (left)
; (center)
"" ""
(right) (right)
) )
@ -32,15 +31,15 @@
) )
) )
(defwidget center [] ; (defwidget center []
(box ; (box
:space-evenly false ; :space-evenly false
:halign "center" ; :halign "center"
:class "container" ; :class "container"
:visible {strlength(window) != 0} ; :visible {strlength(window) != 0}
(windowtitle) ; (windowtitle)
) ; )
) ; )
(defwidget right [] (defwidget right []
(box (box

View file

@ -8,8 +8,9 @@
[ (modulesPath + "/installer/scan/not-detected.nix") [ (modulesPath + "/installer/scan/not-detected.nix")
]; ];
boot.initrd.availableKernelModules = [ "xhci_pci" "thunderbolt" "vmd" "nvme" "usb_storage" "sd_mod" ]; boot.initrd.availableKernelModules = [ "xhci_pci" "thunderbolt" "vmd" "ahci" "usbhid" "nvme" "usb_storage" "sd_mod" ];
boot.initrd.kernelModules = [ ]; boot.initrd.kernelModules = [ ];
boot.kernelPackages = pkgs.linuxPackages_latest;
boot.kernelModules = [ "kvm-intel" ]; boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ]; boot.extraModulePackages = [ ];

View file

@ -4,29 +4,22 @@ general {
after_sleep_cmd = hyprctl dispatch dpms on # to avoid having to press a key twice to turn on the display. after_sleep_cmd = hyprctl dispatch dpms on # to avoid having to press a key twice to turn on the display.
} }
#listener {
# timeout = 150 # 2.5min.
# on-timeout = brightnessctl -s set 10 # set monitor backlight to minimum, avoid 0 on OLED monitor.
# on-resume = brightnessctl -r # monitor backlight restore.
#}
# turn off keyboard backlight, comment out this section if you dont have a keyboard backlight.
#listener {
# timeout = 150 # 2.5min.
# on-timeout = brightnessctl -sd rgb:kbd_backlight set 0 # turn off keyboard backlight.
# on-resume = brightnessctl -rd rgb:kbd_backlight # turn on keyboard backlight.
#}
listener { listener {
timeout = 300 # 5min timeout = 150 # 2.5min.
on-timeout = loginctl lock-session # lock screen when timeout has passed on-timeout = brillo -O && brillo -S 10 # set monitor backlight to minimum, avoid 0 on OLED monitor.
on-resume = brillo -I # monitor backlight restore.
} }
listener { #listener {
timeout = 330 # 5.5min # timeout = 300 # 5min
on-timeout = hyprctl dispatch dpms off # screen off when timeout has passed # on-timeout = loginctl lock-session # lock screen when timeout has passed
on-resume = hyprctl dispatch dpms on # screen on when activity is detected after timeout has fired. #}
}
#listener {
# timeout = 330 # 5.5min
# on-timeout = hyprctl dispatch dpms off # screen off when timeout has passed
# on-resume = hyprctl dispatch dpms on # screen on when activity is detected after timeout has fired.
#}
listener { listener {
timeout = 1800 # 30min timeout = 1800 # 30min

View file

@ -1,15 +1,21 @@
{ pkgs, ... }: { pkgs, ... }:
{ {
services.hypridle.enable = true;
services.hyprpaper.enable = true;
programs.hyprlock.enable = true;
# hyprland setup # hyprland setup
wayland.windowManager.hyprland = { wayland.windowManager.hyprland = {
enable = true; enable = true;
xwayland.enable = true; xwayland.enable = true;
settings = { settings = {
xwayland."force_zero_scaling" = true;
env = [ env = [
"HYPRCURSOR_THEME,Bibata-Original-Classic" "HYPRCURSOR_THEME,Bibata-Original-Classic"
"HYPRCURSOR_SIZE,48" "HYPRCURSOR_SIZE,24"
"XCURSOR_THEME,Catppuccin-Macchiato-Red" #"XCURSOR_THEME,Catppuccin-Macchiato-Red"
"XCURSOR_SIZE,48" "XCURSOR_SIZE,24"
"GDK_SCALE,2"
]; ];
workspace = [ workspace = [
"1, monitor:eDP-1, default:true, persistent:true" "1, monitor:eDP-1, default:true, persistent:true"
@ -17,6 +23,7 @@
]; ];
monitor = [ monitor = [
"eDP-1, 2880x1800@120, 0x0, 2" "eDP-1, 2880x1800@120, 0x0, 2"
#"HDMI-A-1, 2560x1440@75, 0x1800, 1"
]; ];
input = { input = {
kb_layout = "de"; kb_layout = "de";
@ -26,30 +33,17 @@
"$mod" = "SUPER"; "$mod" = "SUPER";
"$modd" = "SUPER_SHIFT"; "$modd" = "SUPER_SHIFT";
general = { general = {
gaps_in = 8; gaps_in = 0;
gaps_out = 15; gaps_out = 0;
border_size = 3; border_size = 0;
resize_on_border = true; resize_on_border = true;
layout = "dwindle"; layout = "dwindle";
"col.active_border" = "rgba(cba6f7ff) rgba(89b4faff) rgba(94e2d5ff) 10deg";
"col.inactive_border" = "0xff45475a";
"col.nogroup_border" = "0xff89dceb";
"col.nogroup_border_active" = "0xfff9e2af";
}; };
decoration = { decoration = {
blur = { blur.enabled = false;
new_optimizations = true; drop_shadow = false;
size = 1; rounding = 0;
passes = 1;
};
drop_shadow = true;
shadow_range = 100;
shadow_render_power = 5;
"col.shadow" = "0x33000000";
"col.shadow_inactive" = "0x22000000";
rounding = 15;
}; };
animations = { animations = {
enabled = 1; enabled = 1;
@ -63,6 +57,7 @@
}; };
misc = { misc = {
disable_hyprland_logo = true; disable_hyprland_logo = true;
vfr = true;
}; };
bind = [ bind = [
# opening programs # opening programs
@ -126,11 +121,13 @@
", XF86MonBrightnessDown, exec, brillo -q -U 5" ", XF86MonBrightnessDown, exec, brillo -q -U 5"
]; ];
exec-once = [ exec-once = [
"/home/leonv/Git/nixos/absol/hypr/killer.sh" #"/home/leonv/Git/nixos/absol/hypr/killer.sh"
"/home/leonv/Git/nixos/absol/hypr/start.sh" #"/home/leonv/Git/nixos/absol/hypr/start.sh"
"hyprctl setcursor Bibata-Original-Classic 48" #"hyprctl setcursor Bibata-Original-Classic 24"
"systemctl --user import-environment" #"systemctl --user import-environment"
"hypridle" #"hypridle"
#"hyprpaper"
"mako"
]; ];
}; };
}; };
@ -147,22 +144,30 @@
dpi-aware = "yes"; dpi-aware = "yes";
}; };
colors = { colors = {
foreground = "cad3f5"; foreground="cdd6f4";
background = "24273a"; background="000000";
regular0 = "494d64"; regular0="bac2de";
regular1 = "ed8796"; regular1="f38ba8";
regular3 = "eed49f"; regular2="a6e3a1";
regular4 = "8aadf4"; regular3="f9e2af";
regular5 = "f5bde6"; regular4="89b4fa";
regular6 = "8bd5ca"; regular5="f5c2e7";
regular7 = "b8c0e0"; regular6="94e2d5";
bright0 = "5b6078"; regular7="585b70";
bright1 = "ed8796"; bright0="a6adc8";
bright3 = "eed49f"; bright1="f38ba8";
bright4 = "8aadf4"; bright2="a6e3a1";
bright5 = "f5bde6"; bright3="f9e2af";
bright6 = "8bd5ca"; bright4="89b4fa";
bright7 = "a5adcb"; bright5="f5c2e7";
bright6="94e2d5";
bright7="45475a";
selection-foreground="cdd6f4";
selection-background="414356";
search-box-no-match="11111b f38ba8";
search-box-match="cdd6f4 313244";
jump-labels="11111b fab387";
urls="89b4fa";
}; };
}; };
}; };
@ -190,11 +195,7 @@
style = '' style = ''
window { window {
margin: 0px; margin: 0px;
border: 2px solid #b59dc3;
background-color: #282a36;
border-radius: 18px; border-radius: 18px;
} }
#input { #input {
@ -202,21 +203,21 @@
border: none; border: none;
color: #f8f8f2; color: #f8f8f2;
border-radius: 15px; border-radius: 15px;
background-color: #44475a; background-color: #000000;
} }
#inner-box { #inner-box {
margin: 5px; margin: 5px;
border: none; border: none;
border-radius: 15px; border-radius: 15px;
background-color: #282a36; background-color: #000000;
} }
#outer-box { #outer-box {
margin: 5px; margin: 5px;
border: none; border: none;
border-radius: 15px; border-radius: 15px;
background-color: #282a36; background-color: #000000;
} }
#scroll { #scroll {
@ -242,7 +243,7 @@
#entry:selected { #entry:selected {
border-radius: 15px; border-radius: 15px;
background-color: #44475a; background-color: #62AEEFFF;
} }
#entry:selected #text { #entry:selected #text {

View file

@ -39,7 +39,7 @@ label {
input-field { input-field {
monitor = monitor =
size = 200, 50 size = 400, 50
outline_thickness = 3 outline_thickness = 3
dots_size = 0.33 # Scale of input-field height, 0.2 - 0.8 dots_size = 0.33 # Scale of input-field height, 0.2 - 0.8
dots_spacing = 0.15 # Scale of dots' absolute size, 0.0 - 1.0 dots_spacing = 0.15 # Scale of dots' absolute size, 0.0 - 1.0

View file

@ -1,4 +1,4 @@
preload = ~/Git/nixos/absol/hypr/wallpaper.jpg preload = /home/leonv/Git/nixos/absol/hypr/wallpaper.jpg
#set the default wallpaper(s) seen on inital workspace(s) --depending on the number of monitors used #set the default wallpaper(s) seen on inital workspace(s) --depending on the number of monitors used
wallpaper = monitor1,~/Git/nixos/absol/hypr/wallpaper.jpg wallpaper = ,/home/leonv/Git/nixos/absol/hypr/wallpaper.jpg

View file

@ -3,8 +3,8 @@
# init nmapplet # init nmapplet
# TODO add back once eww supports tray # TODO add back once eww supports tray
# nm-applet --indicator & # nm-applet --indicator &
swww init #swww init
swww img /home/leonv/Git/nixos/absol/hypr/wallpaper.jpg #swww img /home/leonv/Git/nixos/absol/hypr/wallpaper.jpg
# notification # notification
mako & #mako &

View file

@ -12,8 +12,7 @@
home.packages = with pkgs; [ home.packages = with pkgs; [
brillo brillo
# theme for gtk applications synology-drive-client
orchis-theme
# stuff # stuff
jq jq
@ -58,18 +57,14 @@
mako mako
libnotify libnotify
pavucontrol pavucontrol
hyprpaper
qimgv qimgv
playerctl playerctl
hyprpicker hyprpicker
hypridle
hyprlock
wev wev
inputs.hyprland-contrib.packages.${pkgs.system}.grimblast inputs.hyprland-contrib.packages.${pkgs.system}.grimblast
bluez bluez
htop htop
archiver archiver
#gnome.file-roller
zip zip
unzip unzip
emacs emacs
@ -96,6 +91,7 @@
xdg.configHome = /home/leonv/.config; xdg.configHome = /home/leonv/.config;
xdg.configFile."hypr/hypridle.conf".source = ./hypr/hypridle.conf; xdg.configFile."hypr/hypridle.conf".source = ./hypr/hypridle.conf;
xdg.configFile."hypr/hyprlock.conf".source = ./hypr/hyprlock.conf; xdg.configFile."hypr/hyprlock.conf".source = ./hypr/hyprlock.conf;
xdg.configFile."hypr/hyprpaper.conf".source = ./hypr/hyprpaper.conf;
xdg.configFile."doom/init.el".source = ./doom/init.el; xdg.configFile."doom/init.el".source = ./doom/init.el;
xdg.configFile."doom/config.el".source = ./doom/config.el; xdg.configFile."doom/config.el".source = ./doom/config.el;
xdg.configFile."doom/packages.el".source = ./doom/packages.el; xdg.configFile."doom/packages.el".source = ./doom/packages.el;
@ -120,16 +116,18 @@
oh-my-zsh.enable = true; oh-my-zsh.enable = true;
}; };
home.pointerCursor = {
gtk.enable = true;
package = pkgs.bibata-cursors;
name = "Bibata-Modern-Classic";
size = 24;
};
gtk = { gtk = {
enable = true; enable = true;
theme = { theme = {
name = "Catppuccin-Macchiato-Compact-Flamingo-Dark"; name = "Orchis-Dark-Compact";
package = pkgs.catppuccin-gtk.override { package = pkgs.orchis-theme.overrideAttrs (finalAttrs: { tweaks = [ "dark" ]; });
accents = [ "flamingo" ];
size = "compact";
tweaks = [ "rimless" "black" ];
variant = "macchiato";
};
}; };
iconTheme = { iconTheme = {
name = "Dracula"; name = "Dracula";
@ -139,7 +137,7 @@
name = "NotoSans Nerd Font"; name = "NotoSans Nerd Font";
}; };
}; };
home.sessionVariables.GTK_THEME = "Catppuccin-Macchiato-Compact-Flamingo-Dark"; home.sessionVariables.GTK_THEME = "Orchis-Dark-Compact";
home.sessionPath = [ "$HOME/.config/emacs/bin" ]; home.sessionPath = [ "$HOME/.config/emacs/bin" ];
services.mpris-proxy.enable = true; services.mpris-proxy.enable = true;

View file

@ -55,6 +55,7 @@
home-manager.useUserPackages = true; home-manager.useUserPackages = true;
home-manager.users.leonv = import ./absol/leonv.nix; home-manager.users.leonv = import ./absol/leonv.nix;
home-manager.extraSpecialArgs = { inherit inputs; }; home-manager.extraSpecialArgs = { inherit inputs; };
home-manager.backupFileExtension = "backup";
} }
]; ];
}; };

View file

@ -9,7 +9,7 @@
initialPassword = "leonv"; initialPassword = "leonv";
}; };
networking.hostName = "gunther"; # Define your hostname. networking.hostName = "iso"; # Define your hostname.
# Enable networking # Enable networking
networking.networkmanager = { networking.networkmanager = {
enable = true; enable = true;
@ -68,25 +68,6 @@
system.stateVersion = "23.11"; # Did you read the comment? system.stateVersion = "23.11"; # Did you read the comment?
# NFS setup
services.rpcbind.enable = true; # needed for NFS
systemd.mounts = [{
type = "nfs";
mountConfig = {
Options = "noatime";
};
what = "192.168.178.20:/volume1/MiniDrive";
where = "/MiniDrive";
}];
systemd.automounts = [{
wantedBy = [ "multi-user.target" ];
automountConfig = {
TimeoutIdleSec = "10";
};
where = "/MiniDrive";
}];
# source zsh # source zsh
programs.zsh.enable = true; programs.zsh.enable = true;
users.defaultUserShell = pkgs.zsh; users.defaultUserShell = pkgs.zsh;

View file

@ -1,20 +0,0 @@
# Willem
Willem is a server running on a Raspberry Pi 400 offering the following services:
- [Gitea](git.vatthauer.xyz)
- [Vaultwarden](bitwarden.vatthauer.xyz)
There are daily backups of the Gitea instance using Restic via B2.
## Installation on Raspberry Pi 400
### Resources
- https://nixos.wiki/wiki/NixOS_on_ARM/Raspberry_Pi_4
- https://nixos.wiki/wiki/NixOS_on_ARM#Installation
### Step by step
1. Follow the [generic installation steps](https://nixos.wiki/wiki/NixOS_on_ARM#Installation) to get NixOS up and running on the Pi.
2. Generate the default `configuration.nix` via `sudo nixos-generate-config` and do a first rebuild `sudo nixos-rebuild switch`
3. Somehow get this repository onto the machine and `cd` into it
4. We need git: `nix-shell -p git`
5. Build the flake via `sudo nixos-rebuild switch --flake .`
6. At this point you can restart
7. Login, set password, move the repository to `/home/leonv/nixos`

View file

@ -1,68 +0,0 @@
# Edit this configuration file to define what should be installed on
# your system. Help is available in the configuration.nix(5) man page
# and in the NixOS manual (accessible by running 'nixos-help').
{ config, pkgs, lib, inputs, ... }:
{
imports =
[
./hardware-configuration.nix
./services
./programs
];
# enable flakes
nix.settings.experimental-features = [ "nix-command" "flakes" ];
# Use the extlinux boot loader. (NixOS wants to enable GRUB by default)
boot.loader.grub.enable = false;
# Enables the generation of /boot/extlinux/extlinux.conf
boot.loader.generic-extlinux-compatible.enable = true;
networking.hostName = "willem"; # Define your hostname.
#networking.wireless.enable = true; # Enables wireless support via wpa_supplicant.
networking.firewall.allowedTCPPorts = [ 22 80 443 631 8096 8920 ];
networking.firewall.allowedUDPPorts = [ 22 80 443 631 1900 7359 ];
# Set your time zone.
time.timeZone = "Europe/Berlin";
# Define a user account. Don't forget to set a password with 'passwd'.
users.users.leonv = {
isNormalUser = true;
initialPassword = "leonv";
extraGroups = [ "wheel" ]; # Enable 'sudo' for the user.
packages = with pkgs; [
];
};
users.defaultUserShell = pkgs.zsh;
# List packages installed in system profile.
environment.systemPackages = with pkgs; [
wget
git
zsh
oh-my-zsh
restic
# for hugo website
hugo
go
];
environment.variables = {
EDITOR = "nvim";
# bitwarden key
YUBICO_CLIENT_ID = "${../nix-secrets/willem/vaultwarden/yubico-id}";
YUBICO_SECRET_KEY = "${../nix-secrets/willem/vaultwarden/yubico-secret}";
};
environment.shells = [ pkgs.zsh ];
nixpkgs.config.allowUnfreePredicate = pkg: builtins.elem (lib.getName pkg) [
"plexmediaserver"
];
services.jellyfin.enable = true;
system.stateVersion = "23.11"; # Did you read the comment?
}

View file

@ -1,26 +0,0 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
imports =
[ (modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = [ "xhci_pci" "usbhid" "usb_storage" "uas" "pcie-brcmstb" "reset-raspberrypi" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ ];
boot.extraModulePackages = [ ];
fileSystems."/" =
{ device = "/dev/disk/by-partuuid/45e5879b-02";
fsType = "ext4";
};
swapDevices = [ ];
networking.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "aarch64-linux";
powerManagement.cpuFreqGovernor = lib.mkDefault "ondemand";
}

View file

@ -1,8 +0,0 @@
{
imports = [
./neovim.nix
./ssh.nix
./starship.nix
./zsh.nix
];
}

View file

@ -1,14 +0,0 @@
{ pkgs, ... }:
{
programs.neovim = {
enable = true;
configure = {
customRC = '''';
packages.myVimPackage = with pkgs.vimPlugins; {
start = [ vim-nix ];
};
};
viAlias = true;
vimAlias = true;
};
}

View file

@ -1,6 +0,0 @@
{
programs.ssh.startAgent = true;
programs.ssh.extraConfig = ''
AddKeysToAgent yes
'';
}

View file

@ -1,8 +0,0 @@
{
programs.starship = {
enable = true;
settings = {
gradle.symbol = "🐘";
};
};
}

View file

@ -1,19 +0,0 @@
{
programs.zsh = {
enable = true;
shellAliases = {
clean = "sudo nix-env --delete-generations old --profile /nix/var/nix/profiles/system && sudo /nix/var/nix/profiles/system/bin/switch-to-configuration switch && sudo nix-store --gc";
};
shellInit = ''
function rebuild () {
sudo nixos-rebuild switch --flake "/home/leonv/nixos?submodules=1"
sudo cp -r /home/leonv/nixos /etc/
}
'';
ohMyZsh = {
enable = true;
plugins = [ "git" ];
theme = "dpoggi";
};
};
}

View file

@ -1,10 +0,0 @@
{
security.acme.acceptTerms = true;
security.acme.certs = {
"git.vatthauer.xyz".email = "leonvatthauer@outlook.com";
"bitwarden.vatthauer.xyz".email = "leonvatthauer@outlook.com";
"video.vatthauer.xyz".email = "leonvatthauer@outlook.com";
"files.vatthauer.xyz".email = "leonvatthauer@outlook.com";
"vatthauer.xyz".email = "leonvatthauer@outlook.com";
};
}

View file

@ -1,16 +0,0 @@
{ pkgs, ... }:
{
# dynamic dns
users.users.ddns = {
isSystemUser = true;
group = "ddns";
};
users.groups.ddns = {};
systemd.services.ddns-updater = {
enable = true;
serviceConfig.User = "ddns";
path = [ pkgs.curl ];
script = "${../../nix-secrets/willem/ddns/update}";
startAt = "hourly";
};
}

View file

@ -1,13 +0,0 @@
{ lib, pkgs, inputs, ... }:
{
imports = [
./acme.nix
./ddns.nix
./nginx.nix
./forgejo.nix
./printing.nix
./restic.nix
./ssh.nix
./vaultwarden.nix
];
}

View file

@ -1,23 +0,0 @@
{ pkgs, ...}:
{
services.forgejo = {
enable = true;
settings.DEFAULT.APP_NAME = "Lambda-Git";
package = pkgs.forgejo;
stateDir = "/forgejo";
database = {
type = "sqlite3";
};
dump = {
enable = true;
interval = "02:00";
};
settings.server = {
ROOT_URL = "https://git.vatthauer.xyz";
HTTP_PORT = 3001;
DOMAIN = "git.vatthauer.xyz";
};
settings.session.COOKIE_SECURE = true;
settings.service.DISABLE_REGISTRATION = true;
};
}

View file

@ -1,44 +0,0 @@
{ lib, pkgs, inputs, ... }:
{
services.nginx = {
enable = true;
recommendedGzipSettings = true;
recommendedOptimisation = true;
recommendedProxySettings = true;
recommendedTlsSettings = true;
};
services.nginx.virtualHosts."git.vatthauer.xyz" = {
enableACME = true;
forceSSL = true;
locations."/" = {
proxyPass = "http://localhost:3001/";
};
};
services.nginx.virtualHosts."bitwarden.vatthauer.xyz" = {
enableACME = true;
forceSSL = true;
locations."/" = {
proxyPass = "http://localhost:8222/";
};
};
services.nginx.virtualHosts."video.vatthauer.xyz" = {
enableACME = true;
forceSSL = false;
locations."/" = {
proxyPass = "http://localhost:8096";
};
};
services.nginx.virtualHosts."vatthauer.xyz" = {
forceSSL = true;
enableACME = true;
root = pkgs.callPackage ./resumee-website.nix {};
};
services.nginx.virtualHosts."files.vatthauer.xyz" = {
forceSSL = true;
enableACME = true;
root = "/var/www";
};
}

View file

@ -1,20 +0,0 @@
{ pkgs, ... }:
{
# Enable CUPS to print documents.
services.avahi = {
enable = true;
publish.enable = true;
publish.userServices = true;
};
services.printing = {
enable = true;
drivers = [ pkgs.splix ];
browsing = true;
listenAddresses = [ "*:631" ];
allowFrom = [ "all" ];
defaultShared = true;
extraConf = ''
BrowseLocalProtocols all
'';
};
}

View file

@ -1,17 +0,0 @@
{
services.restic.backups = {
giteaBackup = {
paths = [ "/gitea/dump" ];
# environmentFile = "/home/leonv/nixos/willem/private/gitea_backupCreds";
# passwordFile = "/home/leonv/nixos/willem/private/restic-password";
environmentFile = "${../../nix-secrets/willem/gitea/backupCreds}";
passwordFile = "${../../nix-secrets/willem/restic/password}";
repository = "b2:gitea-willem";
initialize = true;
timerConfig = {
OnCalendar = "04:00";
Persistent = true;
};
};
};
}

View file

@ -1,15 +0,0 @@
{ stdenv, git, go, hugo }:
stdenv.mkDerivation {
name = "resumee-website";
version = "1.0";
src = builtins.fetchGit {
url = "https://git.vatthauer.xyz/leonv/resumee-website.git";
rev = "5cd0f5bb30da8d7297a15be3704e4d9efc73d8b4";
};
nativeBuildInputs = [ git go hugo ];
buildPhase = "hugo -d $out";
outputHashAlgo = "sha256";
outputHashMode = "recursive";
outputHash = "sha256-PQzuhxRrruBbEfUjhPGPeJkJ6vsbMJ+5Ojg4t11oNV8=";
}

View file

@ -1,4 +0,0 @@
{
# Enable the OpenSSH daemon.
services.openssh.enable = true;
}

View file

@ -1,19 +0,0 @@
{
services.vaultwarden = {
enable = true;
config = {
DOMAIN = "https://bitwarden.vatthauer.xyz";
SIGNUPS_ALLOWED = false;
ROCKET_ADDRESS = "127.0.0.1";
ROCKET_PORT = 8222;
ROCKET_LOG = "critical";
ADMIN_TOKEN = "${../../nix-secrets/willem/vaultwarden/admin-token}";
YUBICO_CLIENT_ID = "${../../nix-secrets/willem/vaultwarden/yubico-id}";
YUBICO_SECRET_KEY = "${../../nix-secrets/willem/vaultwarden/yubico-secret}";
};
};
}