diff --git a/flake.nix b/flake.nix index 7a87bbc..8a03d57 100644 --- a/flake.nix +++ b/flake.nix @@ -5,111 +5,129 @@ nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable"; nixpkgs-stable.url = "github:nixos/nixpkgs/nixos-22.11"; - home-manager = { url = "github:nix-community/home-manager/master"; inputs.nixpkgs.follows = "nixpkgs"; }; - home-manager-stable = { url = "github:nix-community/home-manager/release-22.11"; inputs.nixpkgs.follows = "nixpkgs-stable"; }; + home-manager = { + url = "github:nix-community/home-manager/master"; + inputs.nixpkgs.follows = "nixpkgs"; + }; + home-manager-stable = { + url = "github:nix-community/home-manager/release-22.11"; + inputs.nixpkgs.follows = "nixpkgs-stable"; + }; baduhai-nur.url = "github:baduhai/nur"; - kmonad = { url = "github:kmonad/kmonad?dir=nix"; inputs.nixpkgs.follows = "nixpkgs"; }; - - deploy-rs = { url = "github:serokell/deploy-rs"; inputs.nixpkgs.follows = "nixpkgs"; }; - - agenix = { url = "github:ryantm/agenix"; inputs.nixpkgs.follows = "nixpkgs"; }; - - nixos-generators = { url = "github:nix-community/nixos-generators"; inputs.nixpkgs.follows = "nixpkgs-stable"; }; - - homepage = { url = "github:baduhai/homepage"; flake = false; }; - - dotfiles = { url = "github:baduhai/dotfiles"; flake = false; }; - }; - - outputs = inputs @ { - self, - nixpkgs, - home-manager, - baduhai-nur, - kmonad, - nixpkgs-stable, - home-manager-stable, - deploy-rs, - agenix, - nixos-generators, - homepage, - dotfiles, - ... - }: { - nixosConfigurations = { - rotterdam = nixpkgs.lib.nixosSystem { - system = "x86_64-linux"; - specialArgs = { inherit inputs; }; - modules = [ - ./hosts/desktops/rotterdam.nix - agenix.nixosModules.default - kmonad.nixosModules.default - home-manager.nixosModules.default - { nixpkgs.overlays = [ baduhai-nur.overlay agenix.overlays.default ]; } - ]; - }; - - io = nixpkgs.lib.nixosSystem { - system = "x86_64-linux"; - specialArgs = { inherit inputs; }; - modules = [ - ./hosts/desktops/io.nix - agenix.nixosModules.default - kmonad.nixosModules.default - home-manager.nixosModules.default - { nixpkgs.overlays = [ baduhai-nur.overlay agenix.overlays.default ]; } - ]; - }; - - alexandria = nixpkgs-stable.lib.nixosSystem { - system = "x86_64-linux"; - specialArgs = { inherit inputs; }; - modules = [ - ./hosts/servers/alexandria.nix - agenix.nixosModules.default - home-manager-stable.nixosModules.home-manager - self.nixosModules.qbittorrent - ({ config, pkgs, ... }: - let - unstable-overlay = final: prev: { - unstable = nixpkgs.legacyPackages.x86_64-linux; - }; - in { - nixpkgs.overlays = [ unstable-overlay ]; - } - ) - ]; - }; + kmonad = { + url = "github:kmonad/kmonad?dir=nix"; + inputs.nixpkgs.follows = "nixpkgs"; }; - deploy = { - autoRollback = false; - magicRollback = false; - user = "root"; - sshUser = "root"; - nodes = { - alexandria = { - hostname = "alexandria"; - profiles.system = { - remoteBuild = true; - path = deploy-rs.lib.x86_64-linux.activate.nixos self.nixosConfigurations.alexandria; + deploy-rs = { + url = "github:serokell/deploy-rs"; + inputs.nixpkgs.follows = "nixpkgs"; + }; + + agenix = { + url = "github:ryantm/agenix"; + inputs.nixpkgs.follows = "nixpkgs"; + }; + + nixos-generators = { + url = "github:nix-community/nixos-generators"; + inputs.nixpkgs.follows = "nixpkgs-stable"; + }; + + homepage = { + url = "github:baduhai/homepage"; + flake = false; + }; + + dotfiles = { + url = "github:baduhai/dotfiles"; + flake = false; + }; + }; + + outputs = inputs@{ self, nixpkgs, home-manager, baduhai-nur, kmonad + , nixpkgs-stable, home-manager-stable, deploy-rs, agenix, nixos-generators + , homepage, dotfiles, ... }: { + nixosConfigurations = { + rotterdam = nixpkgs.lib.nixosSystem { + system = "x86_64-linux"; + specialArgs = { inherit inputs; }; + modules = [ + ./hosts/desktops/rotterdam.nix + agenix.nixosModules.default + kmonad.nixosModules.default + home-manager.nixosModules.default + { + nixpkgs.overlays = + [ baduhai-nur.overlay agenix.overlays.default ]; + } + ]; + }; + + io = nixpkgs.lib.nixosSystem { + system = "x86_64-linux"; + specialArgs = { inherit inputs; }; + modules = [ + ./hosts/desktops/io.nix + agenix.nixosModules.default + kmonad.nixosModules.default + home-manager.nixosModules.default + { + nixpkgs.overlays = + [ baduhai-nur.overlay agenix.overlays.default ]; + } + ]; + }; + + alexandria = nixpkgs-stable.lib.nixosSystem { + system = "x86_64-linux"; + specialArgs = { inherit inputs; }; + modules = [ + ./hosts/servers/alexandria.nix + agenix.nixosModules.default + home-manager-stable.nixosModules.home-manager + self.nixosModules.qbittorrent + ({ config, pkgs, ... }: + let + unstable-overlay = final: prev: { + unstable = nixpkgs.legacyPackages.x86_64-linux; + }; + in { nixpkgs.overlays = [ unstable-overlay ]; }) + ]; + }; + }; + + deploy = { + autoRollback = false; + magicRollback = false; + user = "root"; + sshUser = "root"; + nodes = { + alexandria = { + hostname = "alexandria"; + profiles.system = { + remoteBuild = true; + path = deploy-rs.lib.x86_64-linux.activate.nixos + self.nixosConfigurations.alexandria; + }; }; }; }; - }; - nixosModules.qbittorrent = import ./modules/qbittorrent.nix; + nixosModules.qbittorrent = import ./modules/qbittorrent.nix; - packages.x86_64-linux = { - install-iso = nixos-generators.nixosGenerate { - system = "x86_64-linux"; - modules = [ - {users.users.nixos.openssh.authorizedKeys.keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKcwF1yuWEfYGScNocEbs0AmGxyTIzGc4/IhpU587SJE" ];} - ]; - format = "install-iso"; + packages.x86_64-linux = { + install-iso = nixos-generators.nixosGenerate { + system = "x86_64-linux"; + modules = [{ + users.users.nixos.openssh.authorizedKeys.keys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKcwF1yuWEfYGScNocEbs0AmGxyTIzGc4/IhpU587SJE" + ]; + }]; + format = "install-iso"; + }; }; }; - }; } diff --git a/hosts/common/packages.nix b/hosts/common/packages.nix index 9f768c7..16312b9 100644 --- a/hosts/common/packages.nix +++ b/hosts/common/packages.nix @@ -18,9 +18,7 @@ tree wget # Package overrides - (nnn.override { - withNerdIcons = true; - }) + (nnn.override { withNerdIcons = true; }) ]; programs = { diff --git a/hosts/common/users.nix b/hosts/common/users.nix index a60a474..aaedb05 100644 --- a/hosts/common/users.nix +++ b/hosts/common/users.nix @@ -5,13 +5,12 @@ user = { isNormalUser = true; shell = pkgs.fish; - extraGroups = [ - "networkmanager" - "docker" - "wheel" + extraGroups = [ "networkmanager" "docker" "wheel" ]; + openssh.authorizedKeys.keys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKcwF1yuWEfYGScNocEbs0AmGxyTIzGc4/IhpU587SJE" ]; - openssh.authorizedKeys.keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKcwF1yuWEfYGScNocEbs0AmGxyTIzGc4/IhpU587SJE" ]; - hashedPassword = "$6$Pj7v/CpstyuWQQV0$cNujVDhfMBdwlGVEnnd8t71.kZPixbo0u25cd.874iaqLTH4V5fa1f98V5zGapjQCz5JyZmsR94xi00sUrntT0"; + hashedPassword = + "$6$Pj7v/CpstyuWQQV0$cNujVDhfMBdwlGVEnnd8t71.kZPixbo0u25cd.874iaqLTH4V5fa1f98V5zGapjQCz5JyZmsR94xi00sUrntT0"; }; root = { shell = pkgs.fish; @@ -22,7 +21,7 @@ hashedPassword = "!"; }; }; - + home-manager = { useGlobalPkgs = true; useUserPackages = true; diff --git a/hosts/desktops/common/boot.nix b/hosts/desktops/common/boot.nix index 53cb8cb..be343cf 100644 --- a/hosts/desktops/common/boot.nix +++ b/hosts/desktops/common/boot.nix @@ -10,9 +10,7 @@ extraModprobeConfig = '' options bluetooth disable_ertm=1 ''; - kernel.sysctl = { - "net.ipv4.tcp_mtu_probing" = 1; - }; + kernel.sysctl = { "net.ipv4.tcp_mtu_probing" = 1; }; kernelParams = [ "quiet" "splash" diff --git a/hosts/desktops/common/hardware.nix b/hosts/desktops/common/hardware.nix index 668aa32..3f1bc35 100644 --- a/hosts/desktops/common/hardware.nix +++ b/hosts/desktops/common/hardware.nix @@ -11,5 +11,6 @@ sound.enable = true; - security.rtkit.enable = true; # Needed for pipewire to acquire realtime priority + security.rtkit.enable = + true; # Needed for pipewire to acquire realtime priority } diff --git a/hosts/desktops/common/packages.nix b/hosts/desktops/common/packages.nix index 07607e4..d7576fa 100644 --- a/hosts/desktops/common/packages.nix +++ b/hosts/desktops/common/packages.nix @@ -19,10 +19,10 @@ fzf gimp gocryptfs -# helvum + # helvum heroic inkscape -# itch # Currently using unsafe electron version + # itch # Currently using unsafe electron version jellyfin-media-player junction kolourpaint @@ -42,7 +42,7 @@ prismlauncher-qt5 protontricks protonup -# prusa-slicer + # prusa-slicer qbittorrent quickemu qview @@ -62,9 +62,7 @@ wezterm yubikey-personalization-gui # Package overrides - (appimage-run.override { - extraPkgs = pkgs: [ libthai ]; - }) + (appimage-run.override { extraPkgs = pkgs: [ libthai ]; }) # Packages from 3rd party overlays agenix chatterino7 @@ -95,11 +93,6 @@ ]; }; - environment.plasma5.excludePackages = ( with pkgs.plasma5Packages; [ - elisa - gwenview - oxygen - khelpcenter - konsole - ]); + environment.plasma5.excludePackages = + (with pkgs.plasma5Packages; [ elisa gwenview oxygen khelpcenter konsole ]); } diff --git a/hosts/desktops/common/services.nix b/hosts/desktops/common/services.nix index 327d78d..76ced00 100644 --- a/hosts/desktops/common/services.nix +++ b/hosts/desktops/common/services.nix @@ -4,9 +4,8 @@ let plasma = pkgs.writeScriptBin "plasma" '' ${pkgs.plasma-workspace}/bin/startplasma-wayland &> /dev/null ''; -in -{ +in { services = { printing.enable = true; pipewire = { @@ -23,14 +22,15 @@ in layout = "us"; xkbVariant = "altgr-intl"; exportConfiguration = true; - excludePackages = ( with pkgs; [ xterm ]); + excludePackages = (with pkgs; [ xterm ]); displayManager.startx.enable = true; desktopManager.plasma5.enable = true; }; greetd = { enable = true; settings = { - default_session.command = "${pkgs.greetd.tuigreet}/bin/tuigreet --remember --user-menu --asterisks --time --greeting \"Welcome to NixOS\" --cmd ${plasma}/bin/plasma"; + default_session.command = '' + ${pkgs.greetd.tuigreet}/bin/tuigreet --remember --user-menu --asterisks --time --greeting "Welcome to NixOS" --cmd ${plasma}/bin/plasma''; initial_session = { command = "${plasma}/bin/plasma"; user = "user"; diff --git a/hosts/desktops/common/users.nix b/hosts/desktops/common/users.nix index 245ae50..f60c0c7 100644 --- a/hosts/desktops/common/users.nix +++ b/hosts/desktops/common/users.nix @@ -2,8 +2,10 @@ { environment.sessionVariables = rec { - KDEHOME = "$XDG_CONFIG_HOME/kde4"; # Stops kde from placing a .kde4 folder in the home dir - NIXOS_OZONE_WL = "1"; # Forces chromium and most electron apps to run in wayland + KDEHOME = + "$XDG_CONFIG_HOME/kde4"; # Stops kde from placing a .kde4 folder in the home dir + NIXOS_OZONE_WL = + "1"; # Forces chromium and most electron apps to run in wayland }; users.users.user = { diff --git a/hosts/desktops/io.nix b/hosts/desktops/io.nix index 65abe6e..e3527c8 100644 --- a/hosts/desktops/io.nix +++ b/hosts/desktops/io.nix @@ -20,11 +20,7 @@ }; boot = { - kernelParams = [ - "nosgx" - "i915.fastboot=1" - "mem_sleep_default=deep" - ]; + kernelParams = [ "nosgx" "i915.fastboot=1" "mem_sleep_default=deep" ]; kernelModules = [ "i2c-dev" # Required for arduino dev "i2c-piix4" # Required for arduino dev diff --git a/hosts/desktops/io/default.nix b/hosts/desktops/io/default.nix index a166058..704aaf0 100644 --- a/hosts/desktops/io/default.nix +++ b/hosts/desktops/io/default.nix @@ -1,7 +1,5 @@ { ... }: { - imports = [ - ./hardware-configuration.nix - ]; + imports = [ ./hardware-configuration.nix ]; } diff --git a/hosts/desktops/io/hardware-configuration.nix b/hosts/desktops/io/hardware-configuration.nix index 1c92617..236c77d 100644 --- a/hosts/desktops/io/hardware-configuration.nix +++ b/hosts/desktops/io/hardware-configuration.nix @@ -4,26 +4,26 @@ { config, lib, pkgs, modulesPath, ... }: { - imports = - [ (modulesPath + "/installer/scan/not-detected.nix") - ]; + imports = [ (modulesPath + "/installer/scan/not-detected.nix") ]; - boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "usb_storage" "sd_mod" "sdhci_pci" ]; + boot.initrd.availableKernelModules = + [ "xhci_pci" "ahci" "usb_storage" "sd_mod" "sdhci_pci" ]; boot.initrd.kernelModules = [ ]; boot.kernelModules = [ "kvm-intel" ]; boot.extraModulePackages = [ ]; - fileSystems."/" = - { device = "/dev/disk/by-uuid/2321ee32-a952-4a4b-bba0-bb25f616a4a5"; - fsType = "ext4"; - }; + fileSystems."/" = { + device = "/dev/disk/by-uuid/2321ee32-a952-4a4b-bba0-bb25f616a4a5"; + fsType = "ext4"; + }; - boot.initrd.luks.devices."luks-008bb7cb-917c-4dda-93fe-542c2285bafb".device = "/dev/disk/by-uuid/008bb7cb-917c-4dda-93fe-542c2285bafb"; + boot.initrd.luks.devices."luks-008bb7cb-917c-4dda-93fe-542c2285bafb".device = + "/dev/disk/by-uuid/008bb7cb-917c-4dda-93fe-542c2285bafb"; - fileSystems."/boot/efi" = - { device = "/dev/disk/by-uuid/36B4-C473"; - fsType = "vfat"; - }; + fileSystems."/boot/efi" = { + device = "/dev/disk/by-uuid/36B4-C473"; + fsType = "vfat"; + }; swapDevices = [ ]; @@ -35,5 +35,6 @@ # networking.interfaces.wlp0s20f3.useDHCP = lib.mkDefault true; powerManagement.cpuFreqGovernor = lib.mkDefault "powersave"; - hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; + hardware.cpu.intel.updateMicrocode = + lib.mkDefault config.hardware.enableRedistributableFirmware; } diff --git a/hosts/desktops/rotterdam.nix b/hosts/desktops/rotterdam.nix index c7935d0..1bd2973 100644 --- a/hosts/desktops/rotterdam.nix +++ b/hosts/desktops/rotterdam.nix @@ -18,13 +18,9 @@ systemd.targets.hibernate.enable = false; # disable non-functional hibernate - nix.nixPath = [ - "nixos-config=${./rotterdam.nix}" - ]; + nix.nixPath = [ "nixos-config=${./rotterdam.nix}" ]; - users.users.user.extraGroups = [ - "corectrl" - ]; + users.users.user.extraGroups = [ "corectrl" ]; boot.kernelParams = [ "processor.max_cstate=1" # Fixes bug where ryzen cpus freeze when in highest C state @@ -32,7 +28,8 @@ ]; environment.sessionVariables = rec { - KWIN_DRM_NO_AMS = "1"; # RDNA2 colour/gamma modesetting bug workaround for kwin wayland + KWIN_DRM_NO_AMS = + "1"; # RDNA2 colour/gamma modesetting bug workaround for kwin wayland }; programs = { @@ -45,17 +42,17 @@ cemu retroarchFull rpcs3 -# yuzu-ea + # yuzu-ea # Packages from 3rd party overlays emulationstation-de ]; networking.firewall = { - allowedTCPPorts =[ + allowedTCPPorts = [ 27036 # Steam remote play 27037 # Steam remote play ]; - allowedUDPPorts =[ + allowedUDPPorts = [ 27031 # Steam remote play 27036 # Steam remote play ]; diff --git a/hosts/desktops/rotterdam/default.nix b/hosts/desktops/rotterdam/default.nix index a166058..704aaf0 100644 --- a/hosts/desktops/rotterdam/default.nix +++ b/hosts/desktops/rotterdam/default.nix @@ -1,7 +1,5 @@ { ... }: { - imports = [ - ./hardware-configuration.nix - ]; + imports = [ ./hardware-configuration.nix ]; } diff --git a/hosts/desktops/rotterdam/hardware-configuration.nix b/hosts/desktops/rotterdam/hardware-configuration.nix index 313fa6b..9c61010 100644 --- a/hosts/desktops/rotterdam/hardware-configuration.nix +++ b/hosts/desktops/rotterdam/hardware-configuration.nix @@ -4,28 +4,26 @@ { config, lib, pkgs, modulesPath, ... }: { - imports = - [ (modulesPath + "/installer/scan/not-detected.nix") - ]; + imports = [ (modulesPath + "/installer/scan/not-detected.nix") ]; - boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "usbhid" "usb_storage" "sd_mod" ]; + boot.initrd.availableKernelModules = + [ "xhci_pci" "ahci" "usbhid" "usb_storage" "sd_mod" ]; boot.initrd.kernelModules = [ ]; boot.kernelModules = [ "kvm-amd" ]; boot.extraModulePackages = [ ]; - fileSystems."/" = - { device = "/dev/disk/by-uuid/9ccbb9e3-addc-42a3-b5d8-1e81eed37548"; - fsType = "ext4"; - }; + fileSystems."/" = { + device = "/dev/disk/by-uuid/9ccbb9e3-addc-42a3-b5d8-1e81eed37548"; + fsType = "ext4"; + }; - fileSystems."/boot/efi" = - { device = "/dev/disk/by-uuid/7707-0E25"; - fsType = "vfat"; - }; + fileSystems."/boot/efi" = { + device = "/dev/disk/by-uuid/7707-0E25"; + fsType = "vfat"; + }; swapDevices = - [ { device = "/dev/disk/by-uuid/39005453-0ac9-4fee-bdd3-7ea9bb6f9ca6"; } - ]; + [{ device = "/dev/disk/by-uuid/39005453-0ac9-4fee-bdd3-7ea9bb6f9ca6"; }]; # Enables DHCP on each ethernet and wireless interface. In case of scripted networking # (the default) this is the recommended approach. When using systemd-networkd it's @@ -35,5 +33,6 @@ # networking.interfaces.enp34s0.useDHCP = lib.mkDefault true; # networking.interfaces.wlo1.useDHCP = lib.mkDefault true; - hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; + hardware.cpu.amd.updateMicrocode = + lib.mkDefault config.hardware.enableRedistributableFirmware; } diff --git a/hosts/servers/alexandria/containerised.nix b/hosts/servers/alexandria/containerised.nix index 8b40eae..8653b4a 100644 --- a/hosts/servers/alexandria/containerised.nix +++ b/hosts/servers/alexandria/containerised.nix @@ -8,51 +8,27 @@ containers = { "actual" = { image = "jlongster/actual-server:latest"; - ports = [ - "${config.ports.actual}:5006" - ]; - volumes = [ - "/data/actual:/data" - ]; - extraOptions = [ - "--pull=always" - ]; + ports = [ "${config.ports.actual}:5006" ]; + volumes = [ "/data/actual:/data" ]; + extraOptions = [ "--pull=always" ]; }; "cinny" = { image = "ghcr.io/cinnyapp/cinny:latest"; - ports = [ - "${config.ports.cinny}:80" - ]; - volumes = [ - "/data/matrix/cinny-config.json:/app/config.json" - ]; - extraOptions = [ - "--pull=always" - ]; + ports = [ "${config.ports.cinny}:80" ]; + volumes = [ "/data/matrix/cinny-config.json:/app/config.json" ]; + extraOptions = [ "--pull=always" ]; }; "cinny2" = { image = "ghcr.io/cinnyapp/cinny:latest"; - ports = [ - "${config.ports.cinny2}:80" - ]; - volumes = [ - "/data/matrix/cinny-config.json:/app/config.json" - ]; - extraOptions = [ - "--pull=always" - ]; + ports = [ "${config.ports.cinny2}:80" ]; + volumes = [ "/data/matrix/cinny-config.json:/app/config.json" ]; + extraOptions = [ "--pull=always" ]; }; "librespeed" = { image = "lscr.io/linuxserver/librespeed:latest"; - environment = { - TZ = "America/Bahia"; - }; - ports = [ - "${config.ports.librespeed}:80" - ]; - extraOptions = [ - "--pull=always" - ]; + environment = { TZ = "America/Bahia"; }; + ports = [ "${config.ports.librespeed}:80" ]; + extraOptions = [ "--pull=always" ]; }; "whoogle" = { image = "benbusby/whoogle-search:latest"; @@ -63,12 +39,8 @@ WHOOGLE_CONFIG_VIEW_IMAGE = "1"; WHOOGLE_CONFIG_GET_ONLY = "1"; }; - ports = [ - "${config.ports.whoogle}:5000" - ]; - extraOptions = [ - "--pull=always" - ]; + ports = [ "${config.ports.whoogle}:5000" ]; + extraOptions = [ "--pull=always" ]; }; }; }; diff --git a/hosts/servers/alexandria/hardware-configuration.nix b/hosts/servers/alexandria/hardware-configuration.nix index 9758742..7bb1e53 100644 --- a/hosts/servers/alexandria/hardware-configuration.nix +++ b/hosts/servers/alexandria/hardware-configuration.nix @@ -4,24 +4,23 @@ { config, lib, pkgs, modulesPath, ... }: { - imports = - [ (modulesPath + "/installer/scan/not-detected.nix") - ]; + imports = [ (modulesPath + "/installer/scan/not-detected.nix") ]; - boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "usbhid" "usb_storage" "sd_mod" ]; + boot.initrd.availableKernelModules = + [ "xhci_pci" "ahci" "usbhid" "usb_storage" "sd_mod" ]; boot.initrd.kernelModules = [ ]; boot.kernelModules = [ "kvm-intel" ]; boot.extraModulePackages = [ ]; - fileSystems."/" = - { device = "/dev/disk/by-uuid/31289617-1d84-4432-a833-680b52e88525"; - fsType = "ext4"; - }; + fileSystems."/" = { + device = "/dev/disk/by-uuid/31289617-1d84-4432-a833-680b52e88525"; + fsType = "ext4"; + }; - fileSystems."/boot" = - { device = "/dev/disk/by-uuid/4130-BE54"; - fsType = "vfat"; - }; + fileSystems."/boot" = { + device = "/dev/disk/by-uuid/4130-BE54"; + fsType = "vfat"; + }; swapDevices = [ ]; @@ -33,7 +32,8 @@ # networking.interfaces.enp1s0.useDHCP = lib.mkDefault true; powerManagement.cpuFreqGovernor = lib.mkDefault "powersave"; - hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; + hardware.cpu.intel.updateMicrocode = + lib.mkDefault config.hardware.enableRedistributableFirmware; # high-resolution display hardware.video.hidpi.enable = lib.mkDefault true; } diff --git a/hosts/servers/alexandria/matrix.nix b/hosts/servers/alexandria/matrix.nix index 257434a..969e0e5 100644 --- a/hosts/servers/alexandria/matrix.nix +++ b/hosts/servers/alexandria/matrix.nix @@ -3,9 +3,7 @@ { services.matrix-conduit = { enable = true; - extraEnvironment = { - RUST_MIN_STACK = "16777216"; - }; + extraEnvironment = { RUST_MIN_STACK = "16777216"; }; package = pkgs.unstable.matrix-conduit; settings.global = { server_name = "baduhai.me"; diff --git a/hosts/servers/alexandria/security.nix b/hosts/servers/alexandria/security.nix index 975dfc6..aa2c1ae 100644 --- a/hosts/servers/alexandria/security.nix +++ b/hosts/servers/alexandria/security.nix @@ -15,9 +15,7 @@ dnsProvider = "cloudflare"; credentialsFile = config.age.secrets.cloudflare-creds.path; }; - certs."baduhai.me" = { - extraDomainNames = [ "*.baduhai.me" ]; - }; + certs."baduhai.me" = { extraDomainNames = [ "*.baduhai.me" ]; }; }; boot.kernel.sysctl = { diff --git a/hosts/servers/alexandria/services.nix b/hosts/servers/alexandria/services.nix index 8ba4a22..32fd87b 100644 --- a/hosts/servers/alexandria/services.nix +++ b/hosts/servers/alexandria/services.nix @@ -64,22 +64,108 @@ kTLS = true; root = inputs.homepage; }; - "bazarr.baduhai.me" = { useACMEHost = "baduhai.me"; forceSSL = true; kTLS = true; locations."/".proxyPass = "http://127.0.0.1:${config.ports.bazaar}"; }; - "bitwarden.baduhai.me" = { useACMEHost = "baduhai.me"; forceSSL = true; kTLS = true; locations."/".proxyPass = "http://127.0.0.1:${config.ports.vaultwarden}"; }; - "cinny.baduhai.me" = { useACMEHost = "baduhai.me"; forceSSL = true; kTLS = true; locations."/".proxyPass = "http://127.0.0.1:${config.ports.cinny}"; }; - "detect.baduhai.me" = { useACMEHost = "baduhai.me"; forceSSL = true; kTLS = true; locations."/".proxyPass = "http://127.0.0.1:${config.ports.changedetection-io}"; }; - "jackett.baduhai.me" = { useACMEHost = "baduhai.me"; forceSSL = true; kTLS = true; locations."/".proxyPass = "http://127.0.0.1:${config.ports.jackett}"; }; - "jellyfin.baduhai.me" = { useACMEHost = "baduhai.me"; forceSSL = true; kTLS = true; locations."/".proxyPass = "http://127.0.0.1:${config.ports.jellyfin}"; }; - "actual.baduhai.me" = { useACMEHost = "baduhai.me"; forceSSL = true; kTLS = true; locations."/".proxyPass = "http://127.0.0.1:${config.ports.actual}"; }; - "librespeed.baduhai.me" = { useACMEHost = "baduhai.me"; forceSSL = true; kTLS = true; locations."/".proxyPass = "http://127.0.0.1:${config.ports.librespeed}"; }; - "n8n.baduhai.me" = { useACMEHost = "baduhai.me"; forceSSL = true; kTLS = true; locations."/".proxyPass = "http://127.0.0.1:${config.ports.n8n}"; }; - "paperless.baduhai.me" = { useACMEHost = "baduhai.me"; forceSSL = true; kTLS = true; locations."/".proxyPass = "http://127.0.0.1:${config.ports.paperless}"; }; - "qbittorrent.baduhai.me" = { useACMEHost = "baduhai.me"; forceSSL = true; kTLS = true; locations."/".proxyPass = "http://127.0.0.1:${config.ports.qbittorrent}"; }; - "radarr.baduhai.me" = { useACMEHost = "baduhai.me"; forceSSL = true; kTLS = true; locations."/".proxyPass = "http://127.0.0.1:${config.ports.radarr}"; }; - "shiori.baduhai.me" = { useACMEHost = "baduhai.me"; forceSSL = true; kTLS = true; locations."/".proxyPass = "http://127.0.0.1:${config.ports.shiori}"; }; - "sonarr.baduhai.me" = { useACMEHost = "baduhai.me"; forceSSL = true; kTLS = true; locations."/".proxyPass = "http://127.0.0.1:${config.ports.sonarr}"; }; - "sync.baduhai.me" = { useACMEHost = "baduhai.me"; forceSSL = true; kTLS = true; locations."/".proxyPass = "http://127.0.0.1:${config.ports.syncthing}"; }; - "whoogle.baduhai.me" = { useACMEHost = "baduhai.me"; forceSSL = true; kTLS = true; locations."/".proxyPass = "http://127.0.0.1:${config.ports.whoogle}"; }; + "bazarr.baduhai.me" = { + useACMEHost = "baduhai.me"; + forceSSL = true; + kTLS = true; + locations."/".proxyPass = "http://127.0.0.1:${config.ports.bazaar}"; + }; + "bitwarden.baduhai.me" = { + useACMEHost = "baduhai.me"; + forceSSL = true; + kTLS = true; + locations."/".proxyPass = + "http://127.0.0.1:${config.ports.vaultwarden}"; + }; + "cinny.baduhai.me" = { + useACMEHost = "baduhai.me"; + forceSSL = true; + kTLS = true; + locations."/".proxyPass = "http://127.0.0.1:${config.ports.cinny}"; + }; + "detect.baduhai.me" = { + useACMEHost = "baduhai.me"; + forceSSL = true; + kTLS = true; + locations."/".proxyPass = + "http://127.0.0.1:${config.ports.changedetection-io}"; + }; + "jackett.baduhai.me" = { + useACMEHost = "baduhai.me"; + forceSSL = true; + kTLS = true; + locations."/".proxyPass = "http://127.0.0.1:${config.ports.jackett}"; + }; + "jellyfin.baduhai.me" = { + useACMEHost = "baduhai.me"; + forceSSL = true; + kTLS = true; + locations."/".proxyPass = "http://127.0.0.1:${config.ports.jellyfin}"; + }; + "actual.baduhai.me" = { + useACMEHost = "baduhai.me"; + forceSSL = true; + kTLS = true; + locations."/".proxyPass = "http://127.0.0.1:${config.ports.actual}"; + }; + "librespeed.baduhai.me" = { + useACMEHost = "baduhai.me"; + forceSSL = true; + kTLS = true; + locations."/".proxyPass = + "http://127.0.0.1:${config.ports.librespeed}"; + }; + "n8n.baduhai.me" = { + useACMEHost = "baduhai.me"; + forceSSL = true; + kTLS = true; + locations."/".proxyPass = "http://127.0.0.1:${config.ports.n8n}"; + }; + "paperless.baduhai.me" = { + useACMEHost = "baduhai.me"; + forceSSL = true; + kTLS = true; + locations."/".proxyPass = + "http://127.0.0.1:${config.ports.paperless}"; + }; + "qbittorrent.baduhai.me" = { + useACMEHost = "baduhai.me"; + forceSSL = true; + kTLS = true; + locations."/".proxyPass = + "http://127.0.0.1:${config.ports.qbittorrent}"; + }; + "radarr.baduhai.me" = { + useACMEHost = "baduhai.me"; + forceSSL = true; + kTLS = true; + locations."/".proxyPass = "http://127.0.0.1:${config.ports.radarr}"; + }; + "shiori.baduhai.me" = { + useACMEHost = "baduhai.me"; + forceSSL = true; + kTLS = true; + locations."/".proxyPass = "http://127.0.0.1:${config.ports.shiori}"; + }; + "sonarr.baduhai.me" = { + useACMEHost = "baduhai.me"; + forceSSL = true; + kTLS = true; + locations."/".proxyPass = "http://127.0.0.1:${config.ports.sonarr}"; + }; + "sync.baduhai.me" = { + useACMEHost = "baduhai.me"; + forceSSL = true; + kTLS = true; + locations."/".proxyPass = + "http://127.0.0.1:${config.ports.syncthing}"; + }; + "whoogle.baduhai.me" = { + useACMEHost = "baduhai.me"; + forceSSL = true; + kTLS = true; + locations."/".proxyPass = "http://127.0.0.1:${config.ports.whoogle}"; + }; }; }; @@ -90,9 +176,7 @@ passwordFile = config.age.secrets.paperless-pass.path; port = lib.toInt "${config.ports.paperless}"; consumptionDirIsPublic = true; - extraConfig = { - PAPERLESS_OCR_LANGUAGE = "eng+por+deu"; - }; + extraConfig = { PAPERLESS_OCR_LANGUAGE = "eng+por+deu"; }; }; postgresql.enable = true; @@ -132,5 +216,6 @@ }; }; - systemd.services.NetworkManager-wait-online.enable = false; # Workaround for upstream bug in NetworkManager-wait-online.service + systemd.services.NetworkManager-wait-online.enable = + false; # Workaround for upstream bug in NetworkManager-wait-online.service } diff --git a/hosts/servers/alexandria/users.nix b/hosts/servers/alexandria/users.nix index 8086711..8087cbb 100644 --- a/hosts/servers/alexandria/users.nix +++ b/hosts/servers/alexandria/users.nix @@ -9,13 +9,7 @@ groups = { hosted = { gid = 1005; - members = [ - "user" - "shiori" - "minecraft" - "paperless" - "vaultwarden" - ]; + members = [ "user" "shiori" "minecraft" "paperless" "vaultwarden" ]; }; }; }; diff --git a/hosts/servers/alexandria/variables.nix b/hosts/servers/alexandria/variables.nix index fda9cf7..aefa847 100644 --- a/hosts/servers/alexandria/variables.nix +++ b/hosts/servers/alexandria/variables.nix @@ -1,30 +1,30 @@ { specialArgs, inputs, config, pkgs, lib, ... }: let - mkStringOption = default: lib.mkOption { - inherit default; - type = lib.types.str; - }; -in + mkStringOption = default: + lib.mkOption { + inherit default; + type = lib.types.str; + }; -{ +in { options.ports = { - n8n = mkStringOption "5678"; - bazaar = mkStringOption "6767"; - radarr = mkStringOption "7878"; - vaultwarden = mkStringOption "8000"; - changedetection-io = mkStringOption "8001"; - cinny = mkStringOption "8002"; - librespeed = mkStringOption "8003"; - paperless = mkStringOption "8004"; - shiori = mkStringOption "8005"; - syncthing = mkStringOption "8006"; - jellyfin = mkStringOption "8096"; - whoogle = mkStringOption "8007"; - qbittorrent = mkStringOption "8008"; - actual = mkStringOption "8009"; - cinny2 = mkStringOption "8010"; - sonarr = mkStringOption "8989"; - jackett = mkStringOption "9117"; + n8n = mkStringOption "5678"; + bazaar = mkStringOption "6767"; + radarr = mkStringOption "7878"; + vaultwarden = mkStringOption "8000"; + changedetection-io = mkStringOption "8001"; + cinny = mkStringOption "8002"; + librespeed = mkStringOption "8003"; + paperless = mkStringOption "8004"; + shiori = mkStringOption "8005"; + syncthing = mkStringOption "8006"; + jellyfin = mkStringOption "8096"; + whoogle = mkStringOption "8007"; + qbittorrent = mkStringOption "8008"; + actual = mkStringOption "8009"; + cinny2 = mkStringOption "8010"; + sonarr = mkStringOption "8989"; + jackett = mkStringOption "9117"; }; } diff --git a/hosts/servers/common/default.nix b/hosts/servers/common/default.nix index b659e64..579cea9 100644 --- a/hosts/servers/common/default.nix +++ b/hosts/servers/common/default.nix @@ -1,8 +1,5 @@ { ... }: { - imports = [ - ./boot.nix - ./nix.nix - ]; + imports = [ ./boot.nix ./nix.nix ]; } diff --git a/modules/qbittorrent.nix b/modules/qbittorrent.nix index ede365b..81cc1a5 100644 --- a/modules/qbittorrent.nix +++ b/modules/qbittorrent.nix @@ -4,8 +4,7 @@ let cfg = config.services.qbittorrent; configDir = "${cfg.dataDir}/.config"; openFilesLimit = 4096; -in -{ +in { options.services.qbittorrent = { enable = mkOption { type = types.bool; diff --git a/users/common/default.nix b/users/common/default.nix index a6eeaf4..f9dfb30 100644 --- a/users/common/default.nix +++ b/users/common/default.nix @@ -1,8 +1,5 @@ { ... }: { - imports = [ - ./home.nix - ./programs.nix - ]; + imports = [ ./home.nix ./programs.nix ]; } diff --git a/users/common/home.nix b/users/common/home.nix index a33d449..6e35a7e 100644 --- a/users/common/home.nix +++ b/users/common/home.nix @@ -5,13 +5,14 @@ username = "user"; homeDirectory = "/home/user"; stateVersion = "22.05"; - sessionVariables = { - EDITOR = "micro"; - }; + sessionVariables = { EDITOR = "micro"; }; file = { - ".config/btop/themes/catppuccin_mocha.theme".source = "${inputs.dotfiles}/.config/btop/themes/catppuccin_mocha.theme"; - ".config/fish/themes/Catppuccin Mocha.theme".source = "${inputs.dotfiles}/.config/fish/themes/Catppuccin Mocha.theme"; - ".config/starship.toml".source = "${inputs.dotfiles}/.config/starship.toml"; + ".config/btop/themes/catppuccin_mocha.theme".source = + "${inputs.dotfiles}/.config/btop/themes/catppuccin_mocha.theme"; + ".config/fish/themes/Catppuccin Mocha.theme".source = + "${inputs.dotfiles}/.config/fish/themes/Catppuccin Mocha.theme"; + ".config/starship.toml".source = + "${inputs.dotfiles}/.config/starship.toml"; }; }; } diff --git a/users/common/programs.nix b/users/common/programs.nix index f7152fe..952e564 100644 --- a/users/common/programs.nix +++ b/users/common/programs.nix @@ -4,8 +4,8 @@ programs = { password-store.enable = true; bash = { - enable = true; - historyFile = "~/.cache/bash_history"; + enable = true; + historyFile = "~/.cache/bash_history"; }; nix-index = { enable = true; @@ -43,7 +43,7 @@ # loginShellInit = "nix-your-shell fish | source"; shellAliases = { nano = "micro"; - wget = "wget --hsts-file=\"$XDG_DATA_HOME/wget-hsts\""; + wget = ''wget --hsts-file="$XDG_DATA_HOME/wget-hsts"''; }; functions = { fish_greeting = ""; @@ -53,7 +53,7 @@ set -g -x NNN_OPTS H set -g -x FONTCONFIG_FILE ${pkgs.fontconfig.out}/etc/fonts/fonts.conf ''; - plugins = [ + plugins = [ { name = "bang-bang"; src = pkgs.fetchFromGitHub { diff --git a/users/desktops/common/default.nix b/users/desktops/common/default.nix index 35e3fc5..89d0d0e 100644 --- a/users/desktops/common/default.nix +++ b/users/desktops/common/default.nix @@ -1,9 +1,5 @@ { ... }: { - imports = [ - ./home.nix - ./programs.nix - ./services.nix - ]; + imports = [ ./home.nix ./programs.nix ./services.nix ]; } diff --git a/users/desktops/common/home.nix b/users/desktops/common/home.nix index c05b6d1..7da97e2 100644 --- a/users/desktops/common/home.nix +++ b/users/desktops/common/home.nix @@ -10,13 +10,20 @@ package = pkgs.breeze-icons; }; file = { - ".config/wezterm/wezterm.lua".source = "${inputs.dotfiles}/.config/wezterm/wezterm.lua"; - ".config/MangoHud/MangoHud.conf".source = "${inputs.dotfiles}/.config/MangoHud/MangoHud.conf"; - ".config/solvespace/settings.json".source = "${inputs.dotfiles}/.config/solvespace/settings.json"; - ".local/share/color-schemes/CatppuccinLatte.colors".source = "${inputs.dotfiles}/.local/share/color-schemes/CatppuccinLatte.colors"; - ".local/share/color-schemes/CatppuccinMocha.colors".source = "${inputs.dotfiles}/.local/share/color-schemes/CatppuccinMocha.colors"; + ".config/wezterm/wezterm.lua".source = + "${inputs.dotfiles}/.config/wezterm/wezterm.lua"; + ".config/MangoHud/MangoHud.conf".source = + "${inputs.dotfiles}/.config/MangoHud/MangoHud.conf"; + ".config/solvespace/settings.json".source = + "${inputs.dotfiles}/.config/solvespace/settings.json"; + ".local/share/color-schemes/CatppuccinLatte.colors".source = + "${inputs.dotfiles}/.local/share/color-schemes/CatppuccinLatte.colors"; + ".local/share/color-schemes/CatppuccinMocha.colors".source = + "${inputs.dotfiles}/.local/share/color-schemes/CatppuccinMocha.colors"; # Autostart programs - ".config/autostart/koi.desktop".source = config.lib.file.mkOutOfStoreSymlink "/var/run/current-system/sw/share/applications/koi.desktop"; + ".config/autostart/koi.desktop".source = + config.lib.file.mkOutOfStoreSymlink + "/var/run/current-system/sw/share/applications/koi.desktop"; }; }; } diff --git a/users/desktops/common/programs.nix b/users/desktops/common/programs.nix index a1cda7d..871668f 100644 --- a/users/desktops/common/programs.nix +++ b/users/desktops/common/programs.nix @@ -5,9 +5,18 @@ gtk = { enable = true; - font = { name = "Inter"; size = 10; }; - theme = { package = pkgs.breeze-gtk; name = "Breeze"; }; - iconTheme = { package = pkgs.breeze-icons; name = "Breeze"; }; + font = { + name = "Inter"; + size = 10; + }; + theme = { + package = pkgs.breeze-gtk; + name = "Breeze"; + }; + iconTheme = { + package = pkgs.breeze-icons; + name = "Breeze"; + }; }; programs = { @@ -30,10 +39,14 @@ interactiveShellInit = "nix-your-shell fish | source"; loginShellInit = "nix-your-shell fish | source"; functions = { - rebuild = "rm ~/.gtkrc-2.0; sudo nixos-rebuild switch --flake '/home/user/Projects/personal/nix-config#'"; - rebuild-boot = "rm ~/.gtkrc-2.0; sudo nixos-rebuild boot --flake '/home/user/Projects/personal/nix-config#'"; - upgrade = "rm ~/.gtkrc-2.0; nix flake lock --update-input nixpkgs --commit-lock-file /home/user/Projects/personal/nix-config; sudo nixos-rebuild switch --upgrade --flake '/home/user/Projects/personal/nix-config#'"; - upgrade-boot = "rm ~/.gtkrc-2.0; nix flake lock --update-input nixpkgs --commit-lock-file /home/user/Projects/personal/nix-config; sudo nixos-rebuild boot --upgrade --flake '/home/user/Projects/personal/nix-config#'"; + rebuild = + "rm ~/.gtkrc-2.0; sudo nixos-rebuild switch --flake '/home/user/Projects/personal/nix-config#'"; + rebuild-boot = + "rm ~/.gtkrc-2.0; sudo nixos-rebuild boot --flake '/home/user/Projects/personal/nix-config#'"; + upgrade = + "rm ~/.gtkrc-2.0; nix flake lock --update-input nixpkgs --commit-lock-file /home/user/Projects/personal/nix-config; sudo nixos-rebuild switch --upgrade --flake '/home/user/Projects/personal/nix-config#'"; + upgrade-boot = + "rm ~/.gtkrc-2.0; nix flake lock --update-input nixpkgs --commit-lock-file /home/user/Projects/personal/nix-config; sudo nixos-rebuild boot --upgrade --flake '/home/user/Projects/personal/nix-config#'"; }; }; }; diff --git a/users/desktops/common/services.nix b/users/desktops/common/services.nix index 34b15bf..8db94fc 100644 --- a/users/desktops/common/services.nix +++ b/users/desktops/common/services.nix @@ -1,7 +1,5 @@ { specialArgs, inputs, config, pkgs, lib, ... }: { - services = { - kdeconnect.enable = true; - }; + services = { kdeconnect.enable = true; }; }