william/nix-config
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

back to plasma

Browse source
This commit is contained in:
William 2025-06-06 10:36:26 -03:00
parent 0d37685470
commit 4dcd29bacb
25 changed files with 385 additions and 610 deletions
Download patch file Download diff file Expand all files Collapse all files

1
hosts/modules/alexandria/default.nix
View file

@ -19,7 +19,6 @@ in
./jellyfin.nix
./librespeed.nix
./memos.nix
./nextcloud.nix
./nginx.nix
./searx.nix
./services.nix

10
hosts/modules/alexandria/networking.nix
View file

@ -4,14 +4,10 @@
networking = {
firewall = {
allowedTCPPorts = [
80 # HTTP
443 # HTTPS
25565 # Minecraft
];
allowedUDPPorts = [
24454 # Minecraft Simple Voice Chat
25565 # Minecraft
80
443
];
allowedUDPPorts = [ ];
};
};
}

103
hosts/modules/alexandria/nextcloud.nix
View file

@ -1,103 +0,0 @@
{
lib,
config,
pkgs,
...
}:
{
services = {
nextcloud = {
enable = true;
package = pkgs.nextcloud30;
datadir = "/data/nextcloud";
hostName = "cloud.baduhai.dev";
configureRedis = true;
https = true;
autoUpdateApps.enable = true;
secretFile = config.age.secrets."nextcloud-secrets.json".path;
database.createLocally = true;
maxUploadSize = "16G";
caching = {
apcu = true;
redis = true;
};
settings = {
trusted_proxies = [ "127.0.0.1" ];
default_phone_region = "BR";
maintenance_window_start = "4";
enabledPreviewProviders = [
"OC\\Preview\\BMP"
"OC\\Preview\\EMF"
"OC\\Preview\\Font"
"OC\\Preview\\GIF"
"OC\\Preview\\HEIC"
"OC\\Preview\\Illustrator"
"OC\\Preview\\JPEG"
"OC\\Preview\\Krita"
"OC\\Preview\\MarkDown"
"OC\\Preview\\Movie"
"OC\\Preview\\MP3"
"OC\\Preview\\MSOffice2003"
"OC\\Preview\\MSOffice2007"
"OC\\Preview\\MSOfficeDoc"
"OC\\Preview\\OpenDocument"
"OC\\Preview\\PDF"
"OC\\Preview\\Photoshop"
"OC\\Preview\\PNG"
"OC\\Preview\\Postscript"
"OC\\Preview\\SVG"
"OC\\Preview\\TIFF"
"OC\\Preview\\TXT"
"OC\\Preview\\XBitmap"
];
};
config = {
dbtype = "pgsql";
adminpassFile = config.age.secrets.nextcloud-adminpass.path;
};
phpOptions = {
"opcache.interned_strings_buffer" = "16";
};
};
collabora-online = {
enable = true;
port = lib.strings.toInt config.ports.collabora;
settings.ssl = {
enable = false;
termination = true;
};
};
nginx.virtualHosts = {
${config.services.nextcloud.hostName} = {
useACMEHost = "baduhai.dev";
forceSSL = true;
kTLS = true;
};
"office.baduhai.dev" = {
useACMEHost = "baduhai.dev";
forceSSL = true;
kTLS = true;
locations."/" = {
proxyPass = "http://127.0.0.1:${config.ports.collabora}";
proxyWebsockets = true;
};
};
};
};
age.secrets = {
"nextcloud-secrets.json" = {
file = ../../../secrets/nextcloud-secrets.json.age;
owner = "nextcloud";
group = "hosted";
};
nextcloud-adminpass = {
file = ../../../secrets/nextcloud-adminpass.age;
owner = "nextcloud";
group = "hosted";
};
};
}

1
hosts/modules/default.nix
View file

@ -5,7 +5,6 @@
./boot.nix
./console.nix
./desktop.nix
./flatpak.nix
./impermanence.nix
./locale.nix
./networking.nix

16
hosts/modules/desktop.nix
View file

@ -18,11 +18,17 @@
# Workstation specific configuration
(lib.mkIf hostType.isWorkstation {
services = {
displayManager.sddm = {
enable = true;
wayland = {
displayManager = {
autoLogin = {
enable = true;
compositor = "kwin";
user = "user";
};
sddm = {
enable = true;
wayland = {
enable = true;
compositor = "kwin";
};
};
};
desktopManager.plasma6.enable = true;
@ -36,8 +42,6 @@
};
};
# programs.hyprland.enable = true;
hardware = {
xpadneo.enable = true;
bluetooth.enable = true;

35
hosts/modules/flatpak.nix
View file

@ -1,35 +0,0 @@
{
hostType,
lib,
...
}:
{
config = lib.mkMerge [
# Common configuration
{
}
# Server specific configuration
(lib.mkIf hostType.isServer {
})
# Workstation specific configuration
(lib.mkIf hostType.isWorkstation {
services.flatpak = {
enable = true;
packages = [
"com.github.k4zmu2a.spacecadetpinball"
"com.github.tchx84.Flatseal"
"com.steamgriddb.SGDBoop"
"app.zen_browser.zen"
"io.github.Foldex.AdwSteamGtk"
"io.itch.itch"
"org.freedesktop.Platform.VulkanLayer.MangoHud/x86_64/24.08"
];
uninstallUnmanaged = true;
update.auto.enable = true;
};
})
];
}

2
hosts/modules/impermanence.nix
View file

@ -27,14 +27,12 @@
];
directories = [
"/etc/NetworkManager/system-connections"
"/etc/waydroid-extra/images/"
"/var/lib/bluetooth"
"/var/lib/flatpak"
"/var/lib/nixos"
"/var/lib/systemd/coredump"
"/var/lib/systemd/timers"
"/var/lib/tailscale"
"/var/lib/waydroid"
"/var/log"
];
};

5
hosts/modules/networking.nix
View file

@ -18,7 +18,10 @@
enable = true;
extraUpFlags = [ "--operator=user" ];
};
openssh.enable = true;
openssh = {
enable = true;
settings.PermitRootLogin = "no";
};
};
}

217
hosts/modules/programs.nix
View file

@ -9,32 +9,32 @@
config = lib.mkMerge [
# Common configuration
{
environment.systemPackages = with pkgs; [
### Dev Tools ###
agenix
git
helix
### System Utilities ###
btop
fastfetch
nixos-firewall-tool
sysz
wget
tmux
];
environment = {
systemPackages = with pkgs; [
### Dev Tools ###
agenix
git
helix
### System Utilities ###
btop
fastfetch
nixos-firewall-tool
sysz
wget
tmux
];
shellAliases = {
ls = "${pkgs.eza}/bin/eza --icons --group-directories-first";
neofetch = "fastfetch";
tree = "ls --tree";
syscleanup = "sudo nix-collect-garbage -d; sudo /run/current-system/bin/switch-to-configuration boot";
};
};
programs = {
fish.enable = true;
command-not-found.enable = false;
};
environment.shellAliases = {
ls = "${pkgs.eza}/bin/eza --icons --group-directories-first";
neofetch = "fastfetch";
tree = "ls --tree";
tsh = "ssh -o RequestTTY=yes $argv tmux -u -CC new -A -s tmux-main";
syscleanup = "sudo nix-collect-garbage -d; sudo /run/current-system/bin/switch-to-configuration boot";
};
}
# Server specific configuration
@ -64,73 +64,86 @@
};
in
{
environment.systemPackages =
with pkgs;
[
### Dev Tools ###
bat
deploy-rs
fd
fzf
nixfmt-rfc-style
nix-init
nix-output-monitor
ripgrep
### Internet Browsers & Communication ###
beeper
brave
microsoft-edge
nextcloud-client
tor-browser
vesktop
### Office & Productivity ###
aspell
aspellDicts.de
aspellDicts.en
aspellDicts.en-computers
aspellDicts.pt_BR
kwrite
libreoffice-qt
obsidian
(octaveFull.withPackages (octavePackages: with octavePackages; [ signal ]))
onlyoffice-desktopeditors
rnote
### Graphics & Design ###
gimp
inkscape
orca-slicer
plasticity
### Gaming & Entertainment ###
clonehero
heroic
mangohud
prismlauncher
protonup
### System Utilities ###
adwaita-icon-theme
junction
kara
kde-rounded-corners
libfido2
# lilipod BROKEN
mission-center
p7zip
qbittorrent
quickemu
quickgui
rustdesk
steam-run
unrar
### Media ###
mpv
obs-studio
qview
]
++ kdepkgs;
environment = {
systemPackages =
with pkgs;
[
### Dev Tools ###
bat
deploy-rs
fd
fzf
nixfmt-rfc-style
nix-init
nix-output-monitor
ripgrep
### Internet Browsers & Communication ###
beeper
brave
tor-browser
vesktop
### Office & Productivity ###
aspell
aspellDicts.de
aspellDicts.en
aspellDicts.en-computers
aspellDicts.pt_BR
kwrite
libreoffice-qt
obsidian
onlyoffice-desktopeditors
rnote
### Graphics & Design ###
gimp
inkscape
orca-slicer
plasticity
### Gaming & Entertainment ###
clonehero
heroic
mangohud
prismlauncher
protonup
### System Utilities ###
adwaita-icon-theme
junction
kara
kde-rounded-corners
libfido2
# lilipod BROKEN
mission-center
p7zip
qbittorrent
quickemu
quickgui
rustdesk
steam-run
unrar
### Media ###
mpv
obs-studio
qview
]
++ kdepkgs;
plasma6.excludePackages = (
with pkgs.kdePackages;
[
discover
elisa
gwenview
kate
khelpcenter
oxygen
]
);
};
programs = {
adb.enable = true;
steam.enable = true;
steam = {
enable = true;
extraCompatPackages = [ pkgs.proton-ge-bin ];
};
dconf.enable = true;
nix-ld.enable = true;
kdeconnect.enable = true;
@ -157,17 +170,29 @@
];
};
environment.plasma6.excludePackages = (
with pkgs.kdePackages;
[
discover
elisa
gwenview
kate
khelpcenter
oxygen
]
);
services.flatpak = {
enable = true;
packages = [
### Dev Tools ###
### Internet Browsers & Communication ###
"app.zen_browser.zen"
### Office & Productivity ###
### Graphics & Design ###
"com.boxy_svg.BoxySVG"
### Gaming & Entertainment ###
"com.github.k4zmu2a.spacecadetpinball"
"io.itch.itch"
"io.mrarm.mcpelauncher"
"org.freedesktop.Platform.VulkanLayer.MangoHud/x86_64/24.08"
### System Utilities ###
"com.github.tchx84.Flatseal"
"io.github.Foldex.AdwSteamGtk"
"com.steamgriddb.SGDBoop"
### Media ###
];
uninstallUnmanaged = true;
update.auto.enable = true;
};
}
))
];

9
hosts/modules/trantor/boot.nix Normal file
View file

@ -0,0 +1,9 @@
{ ... }:
{
boot = {
loader.efi.efiSysMountPoint = "/boot";
initrd.systemd.enable = true;
kernel.sysctl."net.ipv4.ip_forward" = 1;
};
}

10
hosts/modules/trantor/default.nix Normal file
View file

@ -0,0 +1,10 @@
{ ... }:
{
imports = [
./boot.nix
./disko.nix
./hardware-configuration.nix
./networking.nix
];
}

32
hosts/modules/trantor/disko.nix Normal file
View file

@ -0,0 +1,32 @@
{
disko.devices = {
disk = {
main = {
type = "disk";
device = "/dev/sda";
content = {
type = "gpt";
partitions = {
boot = {
size = "512M";
type = "EF00";
content = {
type = "filesystem";
format = "vfat";
mountpoint = "/boot";
};
};
root = {
size = "100%";
content = {
type = "filesystem";
format = "ext4";
mountpoint = "/";
};
};
};
};
};
};
};
}

27
hosts/modules/trantor/hardware-configuration.nix Normal file
View file

@ -0,0 +1,27 @@
{
lib,
modulesPath,
...
}:
{
imports = [ (modulesPath + "/profiles/qemu-guest.nix") ];
boot = {
kernelModules = [ ];
extraModulePackages = [ ];
initrd = {
availableKernelModules = [
"xhci_pci"
"virtio_pci"
"virtio_scsi"
"usbhid"
];
kernelModules = [ ];
};
};
networking.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "aarch64-linux";
}

10
hosts/modules/trantor/networking.nix Normal file
View file

@ -0,0 +1,10 @@
{ ... }:
{
networking = {
firewall = {
allowedTCPPorts = [ 25566 ];
allowedUDPPorts = [ 25566 ];
};
};
}

8
hosts/modules/users.nix
View file

@ -20,17 +20,13 @@
"wheel"
];
openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKcwF1yuWEfYGScNocEbs0AmGxyTIzGc4/IhpU587SJE"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIA1v3+q3EaruiiStWjubEJWvtejam/r41uoOpCdwJtLL"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIA1v3+q3EaruiiStWjubEJWvtejam/r41uoOpCdwJtLL user@rotterdam"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO3Y0PVpGfJHonqDS7qoCFhqzUvqGq9I9sax+F9e/5cs user@io"
];
hashedPassword = "$6$Pj7v/CpstyuWQQV0$cNujVDhfMBdwlGVEnnd8t71.kZPixbo0u25cd.874iaqLTH4V5fa1f98V5zGapjQCz5JyZmsR94xi00sUrntT0";
};
root = {
shell = pkgs.fish;
openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKcwF1yuWEfYGScNocEbs0AmGxyTIzGc4/IhpU587SJE"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIA1v3+q3EaruiiStWjubEJWvtejam/r41uoOpCdwJtLL"
];
hashedPassword = "!";
};
};

1
hosts/modules/virtualisation.nix
View file

@ -32,7 +32,6 @@
virtualisation = {
libvirtd.enable = true;
lxd.enable = true;
waydroid.enable = true;
};
})
];

13
hosts/trantor.nix Normal file
View file

@ -0,0 +1,13 @@
{ ... }:
{
networking.hostName = "trantor";
imports = [
./modules/trantor
./modules
];
nix.nixPath = [ "nixos-config=${./trantor.nix}" ];
}