leonv/nixos
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Merge branch 'main' of git.vatthauer.xyz:leonv/nixos

Browse source
This commit is contained in:
Leon Vatthauer 2024-05-21 20:24:04 +02:00
commit 5ef874dc11
Signed by: leonv
SSH key fingerprint: SHA256:G4+ddwoZmhLPRB1agvXzZMXIzkVJ36dUYZXf5NxT+u8
30 changed files with 102 additions and 517 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

44
absol/configuration.nix
View file

@ -109,6 +109,9 @@
enable = true;
};
# iwlwifi fix?
hardware.enableRedistributableFirmware = true;
# bluetooth
hardware.bluetooth.enable = true;
hardware.bluetooth.powerOnBoot = true;
@ -138,15 +141,8 @@
# List packages installed in system profile.
environment.systemPackages =
with pkgs;
let
catp-gtk = pkgs.catppuccin-gtk.override {
accents = [ "flamingo" ]; # You can specify multiple accents here to output multiple themes
size = "compact";
tweaks = [ "rimless" "black" ]; # You can also specify multiple tweaks here
variant = "macchiato";
};
in [
with pkgs;
[
texliveFull
# for connecting to nas
nfs-utils
@ -154,40 +150,14 @@
# some standards for convenience
vim
parted
os-prober
qpdfview
swww
# greeter
greetd.gtkgreet
catp-gtk
# deps for hyprland / eww
socat
xdg-desktop-portal-hyprland
];
system.stateVersion = "24.05";
# NFS setup
services.rpcbind.enable = true; # needed for NFS
systemd.mounts = [{
type = "nfs";
mountConfig = {
Options = "noatime";
};
what = "192.168.178.20:/volume1/MiniDrive";
where = "/MiniDrive";
}];
systemd.automounts = [{
wantedBy = [ "multi-user.target" ];
automountConfig = {
TimeoutIdleSec = "10";
};
where = "/MiniDrive";
}];
# source zsh
programs.zsh.enable = true;
users.defaultUserShell = pkgs.zsh;
@ -200,8 +170,6 @@
environment.sessionVariables = {
## disable logging when direnv changes
DIRENV_LOG_FORMAT = [];
# GTK theme (set here for greetd)
GTK_THEME = "Catppuccin-Macchiato-Compact-Flamingo-Dark";
};
# fonts
@ -237,8 +205,6 @@
IdentityFile ~/.ssh/git
'';
programs.steam.enable = true;
# thunar
programs.thunar = {
enable = true;

7
absol/eww/config/eww.scss
View file

@ -23,7 +23,7 @@ $overlay0: #6e738d;
$surface2: #5b6078;
$surface1: #494d64;
$surface0: #363a4f;
$base: #24273a;
$base: #000000;//#24273a;
$mantle: #1e2030;
$crust: #181926;
@ -32,11 +32,6 @@ $crust: #181926;
font-family: "monospace";
}
// .bar {
// background-color: $base;
// border-radius: 16px;
// }
.container {
background-color: $base;
border-radius: 16px;

19
absol/eww/config/eww.yuck
View file

@ -16,7 +16,6 @@
(centerbox
:class "bar"
(left)
; (center)
""
(right)
)
@ -32,15 +31,15 @@
)
)
(defwidget center []
(box
:space-evenly false
:halign "center"
:class "container"
:visible {strlength(window) != 0}
(windowtitle)
)
)
; (defwidget center []
; (box
; :space-evenly false
; :halign "center"
; :class "container"
; :visible {strlength(window) != 0}
; (windowtitle)
; )
; )
(defwidget right []
(box

3
absol/hardware-configuration.nix
View file

@ -8,8 +8,9 @@
[ (modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = [ "xhci_pci" "thunderbolt" "vmd" "nvme" "usb_storage" "sd_mod" ];
boot.initrd.availableKernelModules = [ "xhci_pci" "thunderbolt" "vmd" "ahci" "usbhid" "nvme" "usb_storage" "sd_mod" ];
boot.initrd.kernelModules = [ ];
boot.kernelPackages = pkgs.linuxPackages_latest;
boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ];

33
absol/hypr/hypridle.conf
View file

@ -4,29 +4,22 @@ general {
after_sleep_cmd = hyprctl dispatch dpms on # to avoid having to press a key twice to turn on the display.
}
#listener {
# timeout = 150 # 2.5min.
# on-timeout = brightnessctl -s set 10 # set monitor backlight to minimum, avoid 0 on OLED monitor.
# on-resume = brightnessctl -r # monitor backlight restore.
#}
# turn off keyboard backlight, comment out this section if you dont have a keyboard backlight.
#listener {
# timeout = 150 # 2.5min.
# on-timeout = brightnessctl -sd rgb:kbd_backlight set 0 # turn off keyboard backlight.
# on-resume = brightnessctl -rd rgb:kbd_backlight # turn on keyboard backlight.
#}
listener {
timeout = 300 # 5min
on-timeout = loginctl lock-session # lock screen when timeout has passed
timeout = 150 # 2.5min.
on-timeout = brillo -O && brillo -S 10 # set monitor backlight to minimum, avoid 0 on OLED monitor.
on-resume = brillo -I # monitor backlight restore.
}
listener {
timeout = 330 # 5.5min
on-timeout = hyprctl dispatch dpms off # screen off when timeout has passed
on-resume = hyprctl dispatch dpms on # screen on when activity is detected after timeout has fired.
}
#listener {
# timeout = 300 # 5min
# on-timeout = loginctl lock-session # lock screen when timeout has passed
#}
#listener {
# timeout = 330 # 5.5min
# on-timeout = hyprctl dispatch dpms off # screen off when timeout has passed
# on-resume = hyprctl dispatch dpms on # screen on when activity is detected after timeout has fired.
#}
listener {
timeout = 1800 # 30min

103
absol/hypr/hyprland.nix
View file

@ -1,15 +1,21 @@
{ pkgs, ... }:
{
services.hypridle.enable = true;
services.hyprpaper.enable = true;
programs.hyprlock.enable = true;
# hyprland setup
wayland.windowManager.hyprland = {
enable = true;
xwayland.enable = true;
settings = {
xwayland."force_zero_scaling" = true;
env = [
"HYPRCURSOR_THEME,Bibata-Original-Classic"
"HYPRCURSOR_SIZE,48"
"XCURSOR_THEME,Catppuccin-Macchiato-Red"
"XCURSOR_SIZE,48"
"HYPRCURSOR_SIZE,24"
#"XCURSOR_THEME,Catppuccin-Macchiato-Red"
"XCURSOR_SIZE,24"
"GDK_SCALE,2"
];
workspace = [
"1, monitor:eDP-1, default:true, persistent:true"
@ -17,6 +23,7 @@
];
monitor = [
"eDP-1, 2880x1800@120, 0x0, 2"
#"HDMI-A-1, 2560x1440@75, 0x1800, 1"
];
input = {
kb_layout = "de";
@ -26,30 +33,17 @@
"$mod" = "SUPER";
"$modd" = "SUPER_SHIFT";
general = {
gaps_in = 8;
gaps_out = 15;
border_size = 3;
gaps_in = 0;
gaps_out = 0;
border_size = 0;
resize_on_border = true;
layout = "dwindle";
"col.active_border" = "rgba(cba6f7ff) rgba(89b4faff) rgba(94e2d5ff) 10deg";
"col.inactive_border" = "0xff45475a";
"col.nogroup_border" = "0xff89dceb";
"col.nogroup_border_active" = "0xfff9e2af";
};
decoration = {
blur = {
new_optimizations = true;
size = 1;
passes = 1;
};
drop_shadow = true;
shadow_range = 100;
shadow_render_power = 5;
"col.shadow" = "0x33000000";
"col.shadow_inactive" = "0x22000000";
rounding = 15;
blur.enabled = false;
drop_shadow = false;
rounding = 0;
};
animations = {
enabled = 1;
@ -63,6 +57,7 @@
};
misc = {
disable_hyprland_logo = true;
vfr = true;
};
bind = [
# opening programs
@ -126,11 +121,13 @@
", XF86MonBrightnessDown, exec, brillo -q -U 5"
];
exec-once = [
"/home/leonv/Git/nixos/absol/hypr/killer.sh"
"/home/leonv/Git/nixos/absol/hypr/start.sh"
"hyprctl setcursor Bibata-Original-Classic 48"
"systemctl --user import-environment"
"hypridle"
#"/home/leonv/Git/nixos/absol/hypr/killer.sh"
#"/home/leonv/Git/nixos/absol/hypr/start.sh"
#"hyprctl setcursor Bibata-Original-Classic 24"
#"systemctl --user import-environment"
#"hypridle"
#"hyprpaper"
"mako"
];
};
};
@ -147,22 +144,30 @@
dpi-aware = "yes";
};
colors = {
foreground = "cad3f5";
background = "24273a";
regular0 = "494d64";
regular1 = "ed8796";
regular3 = "eed49f";
regular4 = "8aadf4";
regular5 = "f5bde6";
regular6 = "8bd5ca";
regular7 = "b8c0e0";
bright0 = "5b6078";
bright1 = "ed8796";
bright3 = "eed49f";
bright4 = "8aadf4";
bright5 = "f5bde6";
bright6 = "8bd5ca";
bright7 = "a5adcb";
foreground="cdd6f4";
background="000000";
regular0="bac2de";
regular1="f38ba8";
regular2="a6e3a1";
regular3="f9e2af";
regular4="89b4fa";
regular5="f5c2e7";
regular6="94e2d5";
regular7="585b70";
bright0="a6adc8";
bright1="f38ba8";
bright2="a6e3a1";
bright3="f9e2af";
bright4="89b4fa";
bright5="f5c2e7";
bright6="94e2d5";
bright7="45475a";
selection-foreground="cdd6f4";
selection-background="414356";
search-box-no-match="11111b f38ba8";
search-box-match="cdd6f4 313244";
jump-labels="11111b fab387";
urls="89b4fa";
};
};
};
@ -190,11 +195,7 @@
style = ''
window {
margin: 0px;
border: 2px solid #b59dc3;
background-color: #282a36;
border-radius: 18px;
}
#input {
@ -202,21 +203,21 @@
border: none;
color: #f8f8f2;
border-radius: 15px;
background-color: #44475a;
background-color: #000000;
}
#inner-box {
margin: 5px;
border: none;
border-radius: 15px;
background-color: #282a36;
background-color: #000000;
}
#outer-box {
margin: 5px;
border: none;
border-radius: 15px;
background-color: #282a36;
background-color: #000000;
}
#scroll {
@ -242,7 +243,7 @@
#entry:selected {
border-radius: 15px;
background-color: #44475a;
background-color: #62AEEFFF;
}
#entry:selected #text {

2
absol/hypr/hyprlock.conf
View file

@ -39,7 +39,7 @@ label {
input-field {
monitor =
size = 200, 50
size = 400, 50
outline_thickness = 3
dots_size = 0.33 # Scale of input-field height, 0.2 - 0.8
dots_spacing = 0.15 # Scale of dots' absolute size, 0.0 - 1.0

4
absol/hypr/hyprpaper.conf
View file

@ -1,4 +1,4 @@
preload = ~/Git/nixos/absol/hypr/wallpaper.jpg
preload = /home/leonv/Git/nixos/absol/hypr/wallpaper.jpg
#set the default wallpaper(s) seen on inital workspace(s) --depending on the number of monitors used
wallpaper = monitor1,~/Git/nixos/absol/hypr/wallpaper.jpg
wallpaper = ,/home/leonv/Git/nixos/absol/hypr/wallpaper.jpg

6
absol/hypr/start.sh
View file

@ -3,8 +3,8 @@
# init nmapplet
# TODO add back once eww supports tray
# nm-applet --indicator &
swww init
swww img /home/leonv/Git/nixos/absol/hypr/wallpaper.jpg
#swww init
#swww img /home/leonv/Git/nixos/absol/hypr/wallpaper.jpg
# notification
mako &
#mako &

26
absol/leonv.nix
View file

@ -12,8 +12,7 @@
home.packages = with pkgs; [
brillo
# theme for gtk applications
orchis-theme
synology-drive-client
# stuff
jq
@ -58,18 +57,14 @@
mako
libnotify
pavucontrol
hyprpaper
qimgv
playerctl
hyprpicker
hypridle
hyprlock
wev
inputs.hyprland-contrib.packages.${pkgs.system}.grimblast
bluez
htop
archiver
#gnome.file-roller
zip
unzip
emacs
@ -96,6 +91,7 @@
xdg.configHome = /home/leonv/.config;
xdg.configFile."hypr/hypridle.conf".source = ./hypr/hypridle.conf;
xdg.configFile."hypr/hyprlock.conf".source = ./hypr/hyprlock.conf;
xdg.configFile."hypr/hyprpaper.conf".source = ./hypr/hyprpaper.conf;
xdg.configFile."doom/init.el".source = ./doom/init.el;
xdg.configFile."doom/config.el".source = ./doom/config.el;
xdg.configFile."doom/packages.el".source = ./doom/packages.el;
@ -120,16 +116,18 @@
oh-my-zsh.enable = true;
};
home.pointerCursor = {
gtk.enable = true;
package = pkgs.bibata-cursors;
name = "Bibata-Modern-Classic";
size = 24;
};
gtk = {
enable = true;
theme = {
name = "Catppuccin-Macchiato-Compact-Flamingo-Dark";
package = pkgs.catppuccin-gtk.override {
accents = [ "flamingo" ];
size = "compact";
tweaks = [ "rimless" "black" ];
variant = "macchiato";
};
name = "Orchis-Dark-Compact";
package = pkgs.orchis-theme.overrideAttrs (finalAttrs: { tweaks = [ "dark" ]; });
};
iconTheme = {
name = "Dracula";
@ -139,7 +137,7 @@
name = "NotoSans Nerd Font";
};
};
home.sessionVariables.GTK_THEME = "Catppuccin-Macchiato-Compact-Flamingo-Dark";
home.sessionVariables.GTK_THEME = "Orchis-Dark-Compact";
home.sessionPath = [ "$HOME/.config/emacs/bin" ];
services.mpris-proxy.enable = true;

1
flake.nix
View file

@ -55,6 +55,7 @@
home-manager.useUserPackages = true;
home-manager.users.leonv = import ./absol/leonv.nix;
home-manager.extraSpecialArgs = { inherit inputs; };
home-manager.backupFileExtension = "backup";
}
];
};

21
iso/configuration.nix
View file

@ -9,7 +9,7 @@
initialPassword = "leonv";
};
networking.hostName = "gunther"; # Define your hostname.
networking.hostName = "iso"; # Define your hostname.
# Enable networking
networking.networkmanager = {
enable = true;
@ -68,25 +68,6 @@
system.stateVersion = "23.11"; # Did you read the comment?
# NFS setup
services.rpcbind.enable = true; # needed for NFS
systemd.mounts = [{
type = "nfs";
mountConfig = {
Options = "noatime";
};
what = "192.168.178.20:/volume1/MiniDrive";
where = "/MiniDrive";
}];
systemd.automounts = [{
wantedBy = [ "multi-user.target" ];
automountConfig = {
TimeoutIdleSec = "10";
};
where = "/MiniDrive";
}];
# source zsh
programs.zsh.enable = true;
users.defaultUserShell = pkgs.zsh;

20
willem/README.md
View file

@ -1,20 +0,0 @@
# Willem
Willem is a server running on a Raspberry Pi 400 offering the following services:
- [Gitea](git.vatthauer.xyz)
- [Vaultwarden](bitwarden.vatthauer.xyz)
There are daily backups of the Gitea instance using Restic via B2.
## Installation on Raspberry Pi 400
### Resources
- https://nixos.wiki/wiki/NixOS_on_ARM/Raspberry_Pi_4
- https://nixos.wiki/wiki/NixOS_on_ARM#Installation
### Step by step
1. Follow the [generic installation steps](https://nixos.wiki/wiki/NixOS_on_ARM#Installation) to get NixOS up and running on the Pi.
2. Generate the default `configuration.nix` via `sudo nixos-generate-config` and do a first rebuild `sudo nixos-rebuild switch`
3. Somehow get this repository onto the machine and `cd` into it
4. We need git: `nix-shell -p git`
5. Build the flake via `sudo nixos-rebuild switch --flake .`
6. At this point you can restart
7. Login, set password, move the repository to `/home/leonv/nixos`

68
willem/configuration.nix
View file

@ -1,68 +0,0 @@
# Edit this configuration file to define what should be installed on
# your system. Help is available in the configuration.nix(5) man page
# and in the NixOS manual (accessible by running 'nixos-help').
{ config, pkgs, lib, inputs, ... }:
{
imports =
[
./hardware-configuration.nix
./services
./programs
];
# enable flakes
nix.settings.experimental-features = [ "nix-command" "flakes" ];
# Use the extlinux boot loader. (NixOS wants to enable GRUB by default)
boot.loader.grub.enable = false;
# Enables the generation of /boot/extlinux/extlinux.conf
boot.loader.generic-extlinux-compatible.enable = true;
networking.hostName = "willem"; # Define your hostname.
#networking.wireless.enable = true; # Enables wireless support via wpa_supplicant.
networking.firewall.allowedTCPPorts = [ 22 80 443 631 8096 8920 ];
networking.firewall.allowedUDPPorts = [ 22 80 443 631 1900 7359 ];
# Set your time zone.
time.timeZone = "Europe/Berlin";
# Define a user account. Don't forget to set a password with 'passwd'.
users.users.leonv = {
isNormalUser = true;
initialPassword = "leonv";
extraGroups = [ "wheel" ]; # Enable 'sudo' for the user.
packages = with pkgs; [
];
};
users.defaultUserShell = pkgs.zsh;
# List packages installed in system profile.
environment.systemPackages = with pkgs; [
wget
git
zsh
oh-my-zsh
restic
# for hugo website
hugo
go
];
environment.variables = {
EDITOR = "nvim";
# bitwarden key
YUBICO_CLIENT_ID = "${../nix-secrets/willem/vaultwarden/yubico-id}";
YUBICO_SECRET_KEY = "${../nix-secrets/willem/vaultwarden/yubico-secret}";
};
environment.shells = [ pkgs.zsh ];
nixpkgs.config.allowUnfreePredicate = pkg: builtins.elem (lib.getName pkg) [
"plexmediaserver"
];
services.jellyfin.enable = true;
system.stateVersion = "23.11"; # Did you read the comment?
}

26
willem/hardware-configuration.nix
View file

@ -1,26 +0,0 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
imports =
[ (modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = [ "xhci_pci" "usbhid" "usb_storage" "uas" "pcie-brcmstb" "reset-raspberrypi" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ ];
boot.extraModulePackages = [ ];
fileSystems."/" =
{ device = "/dev/disk/by-partuuid/45e5879b-02";
fsType = "ext4";
};
swapDevices = [ ];
networking.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "aarch64-linux";
powerManagement.cpuFreqGovernor = lib.mkDefault "ondemand";
}

8
willem/programs/default.nix
View file

@ -1,8 +0,0 @@
{
imports = [
./neovim.nix
./ssh.nix
./starship.nix
./zsh.nix
];
}

14
willem/programs/neovim.nix
View file

@ -1,14 +0,0 @@
{ pkgs, ... }:
{
programs.neovim = {
enable = true;
configure = {
customRC = '''';
packages.myVimPackage = with pkgs.vimPlugins; {
start = [ vim-nix ];
};
};
viAlias = true;
vimAlias = true;
};
}

6
willem/programs/ssh.nix
View file

@ -1,6 +0,0 @@
{
programs.ssh.startAgent = true;
programs.ssh.extraConfig = ''
AddKeysToAgent yes
'';
}

8
willem/programs/starship.nix
View file

@ -1,8 +0,0 @@
{
programs.starship = {
enable = true;
settings = {
gradle.symbol = "🐘";
};
};
}

19
willem/programs/zsh.nix
View file

@ -1,19 +0,0 @@
{
programs.zsh = {
enable = true;
shellAliases = {
clean = "sudo nix-env --delete-generations old --profile /nix/var/nix/profiles/system && sudo /nix/var/nix/profiles/system/bin/switch-to-configuration switch && sudo nix-store --gc";
};
shellInit = ''
function rebuild () {
sudo nixos-rebuild switch --flake "/home/leonv/nixos?submodules=1"
sudo cp -r /home/leonv/nixos /etc/
}
'';
ohMyZsh = {
enable = true;
plugins = [ "git" ];
theme = "dpoggi";
};
};
}

10
willem/services/acme.nix
View file

@ -1,10 +0,0 @@
{
security.acme.acceptTerms = true;
security.acme.certs = {
"git.vatthauer.xyz".email = "leonvatthauer@outlook.com";
"bitwarden.vatthauer.xyz".email = "leonvatthauer@outlook.com";
"video.vatthauer.xyz".email = "leonvatthauer@outlook.com";
"files.vatthauer.xyz".email = "leonvatthauer@outlook.com";
"vatthauer.xyz".email = "leonvatthauer@outlook.com";
};
}

16
willem/services/ddns.nix
View file

@ -1,16 +0,0 @@
{ pkgs, ... }:
{
# dynamic dns
users.users.ddns = {
isSystemUser = true;
group = "ddns";
};
users.groups.ddns = {};
systemd.services.ddns-updater = {
enable = true;
serviceConfig.User = "ddns";
path = [ pkgs.curl ];
script = "${../../nix-secrets/willem/ddns/update}";
startAt = "hourly";
};
}

13
willem/services/default.nix
View file

@ -1,13 +0,0 @@
{ lib, pkgs, inputs, ... }:
{
imports = [
./acme.nix
./ddns.nix
./nginx.nix
./forgejo.nix
./printing.nix
./restic.nix
./ssh.nix
./vaultwarden.nix
];
}

23
willem/services/forgejo.nix
View file

@ -1,23 +0,0 @@
{ pkgs, ...}:
{
services.forgejo = {
enable = true;
settings.DEFAULT.APP_NAME = "Lambda-Git";
package = pkgs.forgejo;
stateDir = "/forgejo";
database = {
type = "sqlite3";
};
dump = {
enable = true;
interval = "02:00";
};
settings.server = {
ROOT_URL = "https://git.vatthauer.xyz";
HTTP_PORT = 3001;
DOMAIN = "git.vatthauer.xyz";
};
settings.session.COOKIE_SECURE = true;
settings.service.DISABLE_REGISTRATION = true;
};
}

44
willem/services/nginx.nix
View file

@ -1,44 +0,0 @@
{ lib, pkgs, inputs, ... }:
{
services.nginx = {
enable = true;
recommendedGzipSettings = true;
recommendedOptimisation = true;
recommendedProxySettings = true;
recommendedTlsSettings = true;
};
services.nginx.virtualHosts."git.vatthauer.xyz" = {
enableACME = true;
forceSSL = true;
locations."/" = {
proxyPass = "http://localhost:3001/";
};
};
services.nginx.virtualHosts."bitwarden.vatthauer.xyz" = {
enableACME = true;
forceSSL = true;
locations."/" = {
proxyPass = "http://localhost:8222/";
};
};
services.nginx.virtualHosts."video.vatthauer.xyz" = {
enableACME = true;
forceSSL = false;
locations."/" = {
proxyPass = "http://localhost:8096";
};
};
services.nginx.virtualHosts."vatthauer.xyz" = {
forceSSL = true;
enableACME = true;
root = pkgs.callPackage ./resumee-website.nix {};
};
services.nginx.virtualHosts."files.vatthauer.xyz" = {
forceSSL = true;
enableACME = true;
root = "/var/www";
};
}

20
willem/services/printing.nix
View file

@ -1,20 +0,0 @@
{ pkgs, ... }:
{
# Enable CUPS to print documents.
services.avahi = {
enable = true;
publish.enable = true;
publish.userServices = true;
};
services.printing = {
enable = true;
drivers = [ pkgs.splix ];
browsing = true;
listenAddresses = [ "*:631" ];
allowFrom = [ "all" ];
defaultShared = true;
extraConf = ''
BrowseLocalProtocols all
'';
};
}

17
willem/services/restic.nix
View file

@ -1,17 +0,0 @@
{
services.restic.backups = {
giteaBackup = {
paths = [ "/gitea/dump" ];
# environmentFile = "/home/leonv/nixos/willem/private/gitea_backupCreds";
# passwordFile = "/home/leonv/nixos/willem/private/restic-password";
environmentFile = "${../../nix-secrets/willem/gitea/backupCreds}";
passwordFile = "${../../nix-secrets/willem/restic/password}";
repository = "b2:gitea-willem";
initialize = true;
timerConfig = {
OnCalendar = "04:00";
Persistent = true;
};
};
};
}

15
willem/services/resumee-website.nix
View file

@ -1,15 +0,0 @@
{ stdenv, git, go, hugo }:
stdenv.mkDerivation {
name = "resumee-website";
version = "1.0";
src = builtins.fetchGit {
url = "https://git.vatthauer.xyz/leonv/resumee-website.git";
rev = "5cd0f5bb30da8d7297a15be3704e4d9efc73d8b4";
};
nativeBuildInputs = [ git go hugo ];
buildPhase = "hugo -d $out";
outputHashAlgo = "sha256";
outputHashMode = "recursive";
outputHash = "sha256-PQzuhxRrruBbEfUjhPGPeJkJ6vsbMJ+5Ojg4t11oNV8=";
}

4
willem/services/ssh.nix
View file

@ -1,4 +0,0 @@
{
# Enable the OpenSSH daemon.
services.openssh.enable = true;
}

19
willem/services/vaultwarden.nix
View file

@ -1,19 +0,0 @@
{
services.vaultwarden = {
enable = true;
config = {
DOMAIN = "https://bitwarden.vatthauer.xyz";
SIGNUPS_ALLOWED = false;
ROCKET_ADDRESS = "127.0.0.1";
ROCKET_PORT = 8222;
ROCKET_LOG = "critical";
ADMIN_TOKEN = "${../../nix-secrets/willem/vaultwarden/admin-token}";
YUBICO_CLIENT_ID = "${../../nix-secrets/willem/vaultwarden/yubico-id}";
YUBICO_SECRET_KEY = "${../../nix-secrets/willem/vaultwarden/yubico-secret}";
};
};
}