fmt: alejandra

This commit is contained in:
♥ Minnie ♥ 2024-08-08 09:02:42 +08:00
parent 53378cdfc9
commit 3350d19a45
Signed by: jasmine
GPG key ID: 8563E358D4E8040E
79 changed files with 432 additions and 511 deletions

145
flake.nix
View file

@ -31,81 +31,84 @@
nixvim.url = "git+https://git.sajenim.dev/jasmine/nvim.nix.git";
};
outputs = { self, nixpkgs, home-manager, ... }@inputs:
let
inherit (self) outputs;
# Supported systems for your flake packages, shell, etc.
systems = [
"aarch64-linux"
"i686-linux"
"x86_64-linux"
"aarch64-darwin"
"x86_64-darwin"
];
# This is a function that generates an attribute by calling a function you
# pass to it, with each system as an argument
forAllSystems = nixpkgs.lib.genAttrs systems;
in
{
# Your custom packages
# Acessible through 'nix build', 'nix shell', etc
packages = forAllSystems (system: import ./pkgs nixpkgs.legacyPackages.${system});
# Formatter for your nix files, available through 'nix fmt'
# Other options beside 'alejandra' include 'nixpkgs-fmt'
formatter = forAllSystems (system: nixpkgs.legacyPackages.${system}.alejandra);
outputs = {
self,
nixpkgs,
home-manager,
...
} @ inputs: let
inherit (self) outputs;
# Supported systems for your flake packages, shell, etc.
systems = [
"aarch64-linux"
"i686-linux"
"x86_64-linux"
"aarch64-darwin"
"x86_64-darwin"
];
# This is a function that generates an attribute by calling a function you
# pass to it, with each system as an argument
forAllSystems = nixpkgs.lib.genAttrs systems;
in {
# Your custom packages
# Acessible through 'nix build', 'nix shell', etc
packages = forAllSystems (system: import ./pkgs nixpkgs.legacyPackages.${system});
# Formatter for your nix files, available through 'nix fmt'
# Other options beside 'alejandra' include 'nixpkgs-fmt'
formatter = forAllSystems (system: nixpkgs.legacyPackages.${system}.alejandra);
# Your custom packages and modifications, exported as overlays
overlays = import ./overlays { inherit inputs; };
# Reusable nixos modules you might want to export
# These are usually stuff you would upstream into nixpkgs
nixosModules = import ./modules/nixos;
# Reusable home-manager modules you might want to export
# These are usually stuff you would upstream into home-manager
homeManagerModules = import ./modules/home-manager;
# Your custom packages and modifications, exported as overlays
overlays = import ./overlays {inherit inputs;};
# Reusable nixos modules you might want to export
# These are usually stuff you would upstream into nixpkgs
nixosModules = import ./modules/nixos;
# Reusable home-manager modules you might want to export
# These are usually stuff you would upstream into home-manager
homeManagerModules = import ./modules/home-manager;
# Expose the necessary information in your flake so agenix-rekey
# knows where it has too look for secrets and paths.
agenix-rekey = inputs.agenix-rekey.configure {
userFlake = self;
nodes = self.nixosConfigurations;
# Expose the necessary information in your flake so agenix-rekey
# knows where it has too look for secrets and paths.
agenix-rekey = inputs.agenix-rekey.configure {
userFlake = self;
nodes = self.nixosConfigurations;
};
# NixOS configuration entrypoint
# Available through 'nixos-rebuild --flake .#your-hostname'
nixosConfigurations = {
fuchsia = nixpkgs.lib.nixosSystem {
specialArgs = {inherit inputs outputs;};
modules = [
./nixos/fuchsia/configuration.nix
];
};
# NixOS configuration entrypoint
# Available through 'nixos-rebuild --flake .#your-hostname'
nixosConfigurations = {
fuchsia = nixpkgs.lib.nixosSystem {
specialArgs = { inherit inputs outputs; };
modules = [
./nixos/fuchsia/configuration.nix
];
};
viridian = nixpkgs.lib.nixosSystem {
specialArgs = { inherit inputs outputs; };
modules = [
./nixos/viridian/configuration.nix
];
};
};
# Standalone home-manager configuration entrypoint
# Available through 'home-manager --flake .#your-username@your-hostname'
homeConfigurations = {
"sajenim@fuchsia" = home-manager.lib.homeManagerConfiguration {
pkgs = nixpkgs.legacyPackages.x86_64-linux;
extraSpecialArgs = { inherit inputs outputs; };
modules = [
./home-manager/sajenim/fuchsia.nix
];
};
"sajenim@viridian" = home-manager.lib.homeManagerConfiguration {
pkgs = nixpkgs.legacyPackages.x86_64-linux;
extraSpecialArgs = { inherit inputs outputs; };
modules = [
./home-manager/sajenim/viridian.nix
];
};
viridian = nixpkgs.lib.nixosSystem {
specialArgs = {inherit inputs outputs;};
modules = [
./nixos/viridian/configuration.nix
];
};
};
# Standalone home-manager configuration entrypoint
# Available through 'home-manager --flake .#your-username@your-hostname'
homeConfigurations = {
"sajenim@fuchsia" = home-manager.lib.homeManagerConfiguration {
pkgs = nixpkgs.legacyPackages.x86_64-linux;
extraSpecialArgs = {inherit inputs outputs;};
modules = [
./home-manager/sajenim/fuchsia.nix
];
};
"sajenim@viridian" = home-manager.lib.homeManagerConfiguration {
pkgs = nixpkgs.legacyPackages.x86_64-linux;
extraSpecialArgs = {inherit inputs outputs;};
modules = [
./home-manager/sajenim/viridian.nix
];
};
};
};
}

View file

@ -1,6 +1,4 @@
{ pkgs, ... }:
{
{pkgs, ...}: {
imports = [
./git.nix
./nvim.nix

View file

@ -1,6 +1,4 @@
{ pkgs, ... }:
{
{pkgs, ...}: {
home.packages = with pkgs; [
lazygit
];

View file

@ -1,7 +1,8 @@
{ inputs, pkgs, ... }:
{
inputs,
pkgs,
...
}: {
# Install our nixvim configuration for neovim.
home.packages = [ inputs.nixvim.packages.${pkgs.system}.default ];
home.packages = [inputs.nixvim.packages.${pkgs.system}.default];
}

View file

@ -1,6 +1,4 @@
{ pkgs, ... }:
{
{pkgs, ...}: {
home.packages = with pkgs; [
fzf # command-line fuzzy finder
];
@ -24,10 +22,10 @@
# Aliases
shellAliases = {
c = "clear";
r = "cd ~/.repositories";
p = "cd ~/.print";
d = "cd ~/.repositories/dotfiles.nix";
c = "clear";
r = "cd ~/.repositories";
p = "cd ~/.print";
d = "cd ~/.repositories/dotfiles.nix";
la = "ls -a";
ll = "ls -l";
tt = "wezterm cli set-tab-title ";
@ -66,4 +64,3 @@
'';
};
}

View file

@ -1,5 +1,4 @@
{ pkgs, ... }:
let
{pkgs, ...}: let
awesome = pkgs.awesome.overrideAttrs (oa: {
version = "ad0290bc1aac3ec2391aa14784146a53ebf9d1f0";
src = pkgs.fetchFromGitHub {
@ -9,16 +8,18 @@ let
hash = "sha256-uaskBbnX8NgxrprI4UbPfb5cRqdRsJZv0YXXshfsxFU=";
};
patches = [ ];
patches = [];
postPatch = ''
patchShebangs tests/examples/_postprocess.lua
'';
});
in
{
in {
xdg.configFile = {
awesome = { source = ./config; recursive = true; };
awesome = {
source = ./config;
recursive = true;
};
};
xsession.windowManager.awesome = {
@ -26,4 +27,3 @@ in
package = awesome;
};
}

View file

@ -1,6 +1,8 @@
{ inputs, pkgs, ... }:
{
inputs,
pkgs,
...
}: {
imports = [
./discord
./rofi

View file

@ -1,9 +1,7 @@
{ pkgs, ... }:
{
{pkgs, ...}: {
nixpkgs.overlays = [
(final: prev: {
discord = prev.discord.override { withOpenASAR = true; };
discord = prev.discord.override {withOpenASAR = true;};
})
];

View file

@ -1,6 +1,4 @@
{ pkgs, ... }:
{
{pkgs, ...}: {
home.packages = with pkgs; [
# protonmail-bridge requires password manager
pass
@ -115,4 +113,3 @@
];
};
}

View file

@ -1,6 +1,4 @@
{ pkgs, ... }:
{
{pkgs, ...}: {
home.packages = with pkgs; [
weechat
];
@ -16,4 +14,3 @@
];
};
}

View file

@ -1,6 +1,4 @@
{ pkgs, ... }:
{
{pkgs, ...}: {
services.mpd = {
enable = true;
musicDirectory = "nfs://viridian.kanto.dev/srv/multimedia/library/music";

View file

@ -1,6 +1,4 @@
{ ... }:
{
{...}: {
services.picom = {
enable = true;
shadow = true;

View file

@ -1,6 +1,4 @@
{ pkgs, ... }:
{
{pkgs, ...}: {
programs.rofi = {
enable = true;
font = "Fisa Code 10";
@ -16,4 +14,3 @@
recursive = true;
};
}

View file

@ -1,12 +1,12 @@
{ pkgs, ... }:
{
{pkgs, ...}: {
home.packages = with pkgs.unstable; [
wezterm
];
xdg.configFile = {
wezterm = { source = ./config; recursive = true; };
wezterm = {
source = ./config;
recursive = true;
};
};
}

View file

@ -1,6 +1,4 @@
{ pkgs, ... }:
{
{pkgs, ...}: {
imports = [
./mangohud.nix
];

View file

@ -1,6 +1,4 @@
{ pkgs, ... }:
{
{pkgs, ...}: {
programs.mangohud = {
enable = true;
package = pkgs.mangohud;

View file

@ -1,6 +1,4 @@
{ pkgs, ... }:
{
{pkgs, ...}: {
home = {
packages = with pkgs; [
blender

View file

@ -1,6 +1,4 @@
{ pkgs, ... }:
{
{pkgs, ...}: {
imports = [
./global
./features/desktop
@ -51,4 +49,3 @@
};
};
}

View file

@ -1,4 +1,8 @@
{ inputs, outputs, ... }: {
{
inputs,
outputs,
...
}: {
imports = [
inputs.impermanence.nixosModules.home-manager.impermanence
../features/cli
@ -12,7 +16,7 @@
];
config = {
allowUnfree = true;
allowUnfreePredicate = (_: true);
allowUnfreePredicate = _: true;
};
};

View file

@ -1,6 +1,4 @@
{ ... }:
{
{...}: {
imports = [
./global
];

View file

@ -1,6 +1,5 @@
# Add your reusable home-manager modules to this directory, on their own file (https://nixos.wiki/wiki/Module).
# These should be stuff you would like to share with others, not your personal configurations.
{
# List your module files here
# my-module = import ./my-module.nix;

View file

@ -1,6 +1,5 @@
# Add your reusable NixOS modules to this directory, on their own file (https://nixos.wiki/wiki/Module).
# These should be stuff you would like to share with others, not your personal configurations.
{
# List your module files here
# my-module = import ./my-module.nix;

View file

@ -1,8 +1,11 @@
{ config, pkgs, inputs, ... }:
let
hostname = config.networking.hostName;
in
{
config,
pkgs,
inputs,
...
}: let
hostname = config.networking.hostName;
in {
imports = [
inputs.agenix.nixosModules.default
inputs.agenix-rekey.nixosModules.default
@ -20,7 +23,7 @@ in
# Pubkey for rekeying
hostPubkey = ../../${hostname}/ssh_host_ed25519_key.pub;
# Master identity used for decryption
masterIdentities = [ ../users/sajenim/agenix-rekey.pub ];
masterIdentities = [../users/sajenim/agenix-rekey.pub];
# Where we store the rekeyed secrets
storageMode = "local";
localStorageDir = ./. + "/secrets/rekeyed/${config.networking.hostName}";

View file

@ -1,6 +1,4 @@
{ outputs, ... }:
{
{outputs, ...}: {
imports = [
./age.nix
./env.nix

View file

@ -1,35 +1,33 @@
{ pkgs, ... }:
{
{pkgs, ...}: {
environment = {
binsh = "${pkgs.bash}/bin/bash";
shells = with pkgs; [ zsh ];
shells = with pkgs; [zsh];
systemPackages = with pkgs; [
# Ensure home-manager is on all systems
home-manager
# Useful system utilities
tree # directory structure
bc # basic calculator
vim # editor
ranger # console file manager
htop # system monitor
scrot # screenshot
direnv # load environment
jq # JSON processor
git # version control
nmap # network mapper
xclip # clipboard
tree # directory structure
bc # basic calculator
vim # editor
ranger # console file manager
htop # system monitor
scrot # screenshot
direnv # load environment
jq # JSON processor
git # version control
nmap # network mapper
xclip # clipboard
ripgrep # searches the current directory for a regex pattern
# HTTP
curl # transfer dato to/from server
wget # download files from web
curl # transfer dato to/from server
wget # download files from web
# Archive
unrar # extract roshal archive
unzip # extract zip archive
unrar # extract roshal archive
unzip # extract zip archive
];
pathsToLink = [ "/share/zsh" ];
pathsToLink = ["/share/zsh"];
};
}

View file

@ -1,6 +1,9 @@
{ config, inputs, lib, ... }:
{
config,
inputs,
lib,
...
}: {
nix = {
gc = {
# Automatically run the garbage collector an a specified time.
@ -11,7 +14,7 @@
# This will add each flake input as a registry
# To make nix commands consistent with your flake
registry = lib.mapAttrs (_: value: { flake = value; }) inputs;
registry = lib.mapAttrs (_: value: {flake = value;}) inputs;
# This will additionally add your inputs to the system's legacy channels
# Making legacy nix commands consistent as well, awesome!

View file

@ -1,6 +1,4 @@
{ ... }:
{
{...}: {
services.openssh = {
enable = true;
settings = {
@ -8,7 +6,7 @@
PasswordAuthentication = false;
LogLevel = "VERBOSE";
};
ports = [ 22 ];
ports = [22];
openFirewall = true;
};

View file

@ -1,8 +1,10 @@
{ lib, config, ... }:
let
hostname = config.networking.hostName;
in
{
lib,
config,
...
}: let
hostname = config.networking.hostName;
in {
imports = [
./persist.nix
];
@ -36,26 +38,26 @@ in
"/" = {
device = "/dev/disk/by-label/${hostname}";
fsType = "btrfs";
options = [ "subvol=root" "compress=zstd" ];
options = ["subvol=root" "compress=zstd"];
};
"/nix" = {
device = "/dev/disk/by-label/${hostname}";
fsType = "btrfs";
options = [ "subvol=nix" "compress=zstd" ];
options = ["subvol=nix" "compress=zstd"];
};
"/persist" = {
device = "/dev/disk/by-label/${hostname}";
fsType = "btrfs";
options = [ "subvol=persist" "compress=zstd" ];
options = ["subvol=persist" "compress=zstd"];
neededForBoot = true;
};
"/swap" = {
device = "/dev/disk/by-label/${hostname}";
fsType = "btrfs";
options = [ "subvol=swap" "compress=zstd" ];
options = ["subvol=swap" "compress=zstd"];
};
};
}

View file

@ -1,6 +1,4 @@
{ pkgs, ... }:
{
{pkgs, ...}: {
environment.systemPackages = with pkgs; [
# Enables files to be encrypted to age identities stored on YubiKeys
age-plugin-yubikey

View file

@ -1,6 +1,4 @@
{ inputs, ... }:
{
{inputs, ...}: {
imports = [
inputs.impermanence.nixosModules.impermanence
];

View file

@ -1,22 +1,26 @@
{ inputs, outputs, pkgs, config, ... }:
{
inputs,
outputs,
pkgs,
config,
...
}: {
imports = [
inputs.home-manager.nixosModules.home-manager
];
users.users.sajenim = {
isNormalUser = true;
extraGroups = [ "audio" "docker" "networkmanager" "wheel" "adbusers" ];
shell = pkgs.zsh;
openssh.authorizedKeys.keyFiles = [
"${inputs.self}/home-manager/sajenim/sajenim_sk.pub"
];
hashedPassword = "$y$j9T$qIhW5qL9J9w.w6JWa.bGo/$oddG3HJyOZ1mwHzYnYPJ/MzN38oHEBEvPDc0sB3rAf9";
isNormalUser = true;
extraGroups = ["audio" "docker" "networkmanager" "wheel" "adbusers"];
shell = pkgs.zsh;
openssh.authorizedKeys.keyFiles = [
"${inputs.self}/home-manager/sajenim/sajenim_sk.pub"
];
hashedPassword = "$y$j9T$qIhW5qL9J9w.w6JWa.bGo/$oddG3HJyOZ1mwHzYnYPJ/MzN38oHEBEvPDc0sB3rAf9";
};
users.mutableUsers = false;
home-manager = {
extraSpecialArgs = { inherit inputs outputs; };
extraSpecialArgs = {inherit inputs outputs;};
users = {
sajenim = import "${inputs.self}/home-manager/sajenim/${config.networking.hostName}.nix";
};

View file

@ -1,12 +1,14 @@
{ pkgs, config, ... }:
{
pkgs,
config,
...
}: {
age.secrets.smb-secrets = {
rekeyFile = ./smb-secrets.age;
};
# For mount.cifs, required unless domain name resolution is not needed.
environment.systemPackages = [ pkgs.cifs-utils ];
environment.systemPackages = [pkgs.cifs-utils];
fileSystems."/home/sajenim/.backup" = {
device = "//192.168.20.4/sajenim";
@ -14,12 +16,10 @@
options = let
# this line prevents hanging on network split
automount_opts = "x-systemd.automount,noauto,x-systemd.idle-timeout=60,x-systemd.device-timeout=5s,x-systemd.mount-timeout=5s,user,users";
in ["${automount_opts},credentials=/etc/nixos/smb-secrets,uid=1000,gid=100"];
in ["${automount_opts},credentials=/etc/nixos/smb-secrets,uid=1000,gid=100"];
};
environment.etc = {
"nixos/smb-secrets".source = config.age.secrets.smb-secrets.path;
};
}

View file

@ -1,6 +1,4 @@
{ ... }:
{
{...}: {
fileSystems."/home/sajenim/.local/share/Steam" = {
device = "/dev/disk/by-label/data";
fsType = "btrfs";

View file

@ -1,13 +1,15 @@
{ inputs, pkgs, ... }:
{
inputs,
pkgs,
...
}: {
imports = [
inputs.home-manager.nixosModules.home-manager
];
users.users.spectre = {
isNormalUser = true;
shell = pkgs.zsh;
hashedPassword = "$y$j9T$eCJ0MDPsx3tww9LP0LU8..$sE8u5keO7QNKNAR1t2R6GqsDzvGD0Xn9Fi3to14Gf9/";
isNormalUser = true;
shell = pkgs.zsh;
hashedPassword = "$y$j9T$eCJ0MDPsx3tww9LP0LU8..$sE8u5keO7QNKNAR1t2R6GqsDzvGD0Xn9Fi3to14Gf9/";
};
users.mutableUsers = false;
}

View file

@ -1,6 +1,4 @@
{ pkgs, ... }:
{
{pkgs, ...}: {
imports = [
../common/global
@ -15,18 +13,18 @@
./hardware-configuration.nix
];
/* Boot configuration */
# Boot configuration
boot = {
kernelPackages = pkgs.linuxPackages_latest;
kernelParams = [
# Enable amdgpu driver sysfs API that allows fine grain control of GPU
"amdgpu.ppfeaturemask=0xffffffff"
];
kernelModules = [ "i2c-dev" "i2c-piix4" ];
initrd.kernelModules = [ "amdgpu" ];
kernelModules = ["i2c-dev" "i2c-piix4"];
initrd.kernelModules = ["amdgpu"];
};
/* Hardware configuration */
# Hardware configuration
hardware = {
bluetooth = {
enable = true;
@ -49,7 +47,7 @@
};
};
/* Networking configuration */
# Networking configuration
networking = {
hostName = "fuchsia";
networkmanager.enable = true;

View file

@ -1,14 +1,16 @@
{ config, lib, ... }:
{
config,
lib,
...
}: {
imports = [
../common/optional/ephemeral-btrfs.nix
];
boot = {
initrd = {
availableKernelModules = [ "nvme" "xhci_pci" "ahci" "usb_storage" "usbhid" "sd_mod" ];
kernelModules = [ "kvm-amd" ];
availableKernelModules = ["nvme" "xhci_pci" "ahci" "usb_storage" "usbhid" "sd_mod"];
kernelModules = ["kvm-amd"];
};
loader = {
systemd-boot.enable = true;
@ -25,8 +27,9 @@
};
swapDevices = [
{ device = "/swap/swapfile";
size = 16*1024;
{
device = "/swap/swapfile";
size = 16 * 1024;
}
];

View file

@ -1,6 +1,4 @@
{ ... }:
{
{...}: {
programs = {
zsh.enable = true;
# Load and unload environment variables.
@ -9,4 +7,3 @@
adb.enable = true;
};
}

View file

@ -1,6 +1,4 @@
{ pkgs, ... }:
{
{pkgs, ...}: {
# Our custom power state
environment.etc = {
"default/amdgpu-custom-states.card0" = {
@ -26,6 +24,5 @@
};
# Install our overclocking script.
environment.systemPackages = with pkgs; [ amdgpu-clocks ];
environment.systemPackages = with pkgs; [amdgpu-clocks];
}

View file

@ -1,6 +1,4 @@
{ ... }:
{
{...}: {
imports = [
./amdgpu-clocks.nix
./flatpak.nix

View file

@ -1,11 +1,9 @@
{ pkgs, ... }:
{
{pkgs, ...}: {
# Required to install flatpak
xdg.portal = {
enable = true;
config.common.default = [ "gtk" ];
extraPortals = [ pkgs.xdg-desktop-portal-wlr ];
config.common.default = ["gtk"];
extraPortals = [pkgs.xdg-desktop-portal-wlr];
};
services.flatpak.enable = true;

View file

@ -1,9 +1,7 @@
{ ... }:
{
{...}: {
services.libinput = {
enable = true;
mouse = { accelProfile = "flat"; };
mouse = {accelProfile = "flat";};
};
# DBus daemon to configure input devices.

View file

@ -1,6 +1,4 @@
{ ... }:
{
{...}: {
# Get up and running with large language models locally.
services.ollama = {
enable = true;

View file

@ -1,6 +1,4 @@
{ pkgs, ... }:
{
{pkgs, ...}: {
# Enable necessary udev rules.
services.udev.packages = with pkgs; [
openrgb

View file

@ -1,11 +1,9 @@
{ ... }:
{
{...}: {
# Setup our display server
services.xserver = {
enable = true;
xkb.layout = "au";
videoDrivers = [ "amdgpu" ];
videoDrivers = ["amdgpu"];
displayManager.startx.enable = true;
};
}

View file

@ -1,6 +1,4 @@
{ pkgs, ... }:
{
{pkgs, ...}: {
imports = [
../common/global
../common/users/sajenim
@ -33,24 +31,24 @@
enable = true;
allowPing = true;
allowedTCPPorts = [
53 # adguardhome (DNS)
80 # traefik (HTTP)
443 # traefik (HTTPS)
53 # adguardhome (DNS)
80 # traefik (HTTP)
443 # traefik (HTTPS)
32372 # qbittorrent
6600 # mpd
6600 # mpd
];
allowedUDPPorts = [
53 # adguardhome (DNS)
80 # traefik (HTTP)
443 # traefik (HTTPS)
53 # adguardhome (DNS)
80 # traefik (HTTP)
443 # traefik (HTTPS)
32372 # qbittorrent
51820 # Wireguard
6600 # mpd
6600 # mpd
];
};
};
programs = {
programs = {
zsh.enable = true;
};
@ -65,4 +63,3 @@
# https://nixos.wiki/wiki/FAQ/When_do_I_update_stateVersion
system.stateVersion = "24.05";
}

View file

@ -1,6 +1,4 @@
{ ... }:
{
{...}: {
imports = [
./jellyfin.nix
./jellyseerr.nix

View file

@ -1,8 +1,6 @@
{ ... }:
let
{...}: let
port = "8096";
in
{
in {
virtualisation.oci-containers.containers = {
# Volunteer-built media solution that puts you in control of your media
jellyfin = {
@ -35,7 +33,7 @@ in
services.traefik.dynamicConfigOptions.http.routers = {
jellyfin = {
rule = "Host(`jellyfin.kanto.dev`)";
rule = "Host(`jellyfin.kanto.dev`)";
entryPoints = [
"websecure"
];
@ -48,8 +46,7 @@ in
services.traefik.dynamicConfigOptions.http.services = {
jellyfin.loadBalancer.servers = [
{ url = "http://127.0.0.1:${port}"; }
{url = "http://127.0.0.1:${port}";}
];
};
}

View file

@ -1,8 +1,6 @@
{ ... }:
let
{...}: let
port = "5055";
in
{
in {
virtualisation.oci-containers.containers = {
# Request management
jellyseerr = {
@ -39,8 +37,7 @@ in
services.traefik.dynamicConfigOptions.http.services = {
jellyseerr.loadBalancer.servers = [
{ url = "http://127.0.0.1:${port}"; }
{url = "http://127.0.0.1:${port}";}
];
};
}

View file

@ -1,8 +1,6 @@
{ ... }:
let
{...}: let
port = "8686";
in
{
in {
virtualisation.oci-containers.containers = {
# # Music collection manager for Usenet and BitTorrent users
lidarr = {
@ -42,8 +40,7 @@ in
services.traefik.dynamicConfigOptions.http.services = {
lidarr.loadBalancer.servers = [
{ url = "http://127.0.0.1:${port}"; }
{url = "http://127.0.0.1:${port}";}
];
};
}

View file

@ -1,8 +1,6 @@
{ ... }:
let
{...}: let
port = "9925";
in
{
in {
virtualisation.oci-containers.containers = {
mealie = {
autoStart = true;
@ -29,7 +27,7 @@ in
services.traefik.dynamicConfigOptions.http.routers = {
mealie = {
rule = "Host(`mealie.kanto.dev`)";
rule = "Host(`mealie.kanto.dev`)";
entryPoints = [
"websecure"
];
@ -43,9 +41,7 @@ in
services.traefik.dynamicConfigOptions.http.services = {
mealie.loadBalancer.servers = [
{ url = "http://127.0.0.1:${port}"; }
{url = "http://127.0.0.1:${port}";}
];
};
}

View file

@ -1,13 +1,11 @@
{ config, ... }:
let
{config, ...}: let
port = "8181";
in
{
in {
age.secrets.microbin = {
# Environment variables for microbin
rekeyFile = ./environment.age;
owner = "sajenim";
group = "users";
# Environment variables for microbin
rekeyFile = ./environment.age;
owner = "sajenim";
group = "users";
};
virtualisation.oci-containers.containers = {
@ -43,8 +41,7 @@ in
services.traefik.dynamicConfigOptions.http.services = {
microbin.loadBalancer.servers = [
{ url = "http://127.0.0.1:${port}"; }
{url = "http://127.0.0.1:${port}";}
];
};
}

View file

@ -1,8 +1,6 @@
{ ... }:
let
{...}: let
port = "9696";
in
{
in {
virtualisation.oci-containers.containers = {
# Indexer manager/proxy built on the popular arr .net/reactjs base stack to integrate with your various PVR apps.
prowlarr = {
@ -39,8 +37,7 @@ in
services.traefik.dynamicConfigOptions.http.services = {
prowlarr.loadBalancer.servers = [
{ url = "http://127.0.0.1:${port}"; }
{url = "http://127.0.0.1:${port}";}
];
};
}

View file

@ -1,16 +1,14 @@
{ ... }:
let
{...}: let
port = "8487";
in
{
in {
virtualisation.oci-containers.containers = {
# # Open-source software alternative to µTorrent
qbittorrent = {
autoStart = true;
image = "ghcr.io/hotio/qbittorrent:release-4.6.5";
ports = [
"${port}:8080/tcp" # WebUI
"32372:32372/tcp" # Transport protocol
"${port}:8080/tcp" # WebUI
"32372:32372/tcp" # Transport protocol
];
volumes = [
# Seedbox
@ -42,8 +40,7 @@ in
services.traefik.dynamicConfigOptions.http.services = {
qbittorrent.loadBalancer.servers = [
{ url = "http://127.0.0.1:${port}"; }
{url = "http://127.0.0.1:${port}";}
];
};
}

View file

@ -1,8 +1,6 @@
{ ... }:
let
{...}: let
port = "7878";
in
{
in {
virtualisation.oci-containers.containers = {
# Movie collection manager for Usenet and BitTorrent users
radarr = {
@ -41,8 +39,7 @@ in
services.traefik.dynamicConfigOptions.http.services = {
radarr.loadBalancer.servers = [
{ url = "http://127.0.0.1:${port}"; }
{url = "http://127.0.0.1:${port}";}
];
};
}

View file

@ -1,6 +1,4 @@
{ ... }:
{
{...}: {
virtualisation.oci-containers.containers = {
# Automatically synchronize recommended settings from the TRaSH guides to your Sonarr/Radarr instances
recyclarr = {

View file

@ -1,8 +1,6 @@
{ ... }:
let
{...}: let
port = "8989";
in
{
in {
virtualisation.oci-containers.containers = {
# PVR for Usenet and BitTorrent users
sonarr = {
@ -42,8 +40,7 @@ in
services.traefik.dynamicConfigOptions.http.services = {
sonarr.loadBalancer.servers = [
{ url = "http://127.0.0.1:${port}"; }
{url = "http://127.0.0.1:${port}";}
];
};
}

View file

@ -1,16 +1,18 @@
{ config, lib, ... }:
let
hostname = config.networking.hostName;
in
{
config,
lib,
...
}: let
hostname = config.networking.hostName;
in {
imports = [
../common/optional/ephemeral-btrfs.nix
];
boot = {
initrd = {
availableKernelModules = [ "xhci_pci" "ahci" "nvme" "usbhid" "usb_storage" "sd_mod" ];
kernelModules = [ "kvm-intel" ];
availableKernelModules = ["xhci_pci" "ahci" "nvme" "usbhid" "usb_storage" "sd_mod"];
kernelModules = ["kvm-intel"];
};
loader = {
systemd-boot.enable = true;
@ -34,30 +36,31 @@ in
fileSystems."/srv/containers" = {
device = "/dev/disk/by-label/${hostname}";
fsType = "btrfs";
options = [ "subvol=containers" "compress=zstd" ];
options = ["subvol=containers" "compress=zstd"];
};
fileSystems."/srv/services" = {
device = "/dev/disk/by-label/${hostname}";
fsType = "btrfs";
options = [ "subvol=services" "compress=zstd" ];
options = ["subvol=services" "compress=zstd"];
};
fileSystems."/srv/shares" = {
device = "/dev/disk/by-label/data";
fsType = "btrfs";
options = [ "subvol=shares" "compress=zstd" ];
options = ["subvol=shares" "compress=zstd"];
};
fileSystems."/srv/backup" = {
device = "/dev/disk/by-label/data";
fsType = "btrfs";
options = [ "subvol=backup" "compress=zstd" ];
options = ["subvol=backup" "compress=zstd"];
};
swapDevices = [
{ device = "/swap/swapfile";
size = 16*1024;
{
device = "/swap/swapfile";
size = 16 * 1024;
}
];

View file

@ -1,6 +1,4 @@
{ ... }:
{
{...}: {
services.borgbackup.jobs = {
containers = {
paths = [
@ -33,4 +31,3 @@
};
};
}

View file

@ -1,8 +1,11 @@
{ config, inputs, pkgs, ... }:
let
port = "8080";
in
{
config,
inputs,
pkgs,
...
}: let
port = "8080";
in {
imports = [
inputs.crowdsec.nixosModules.crowdsec
inputs.crowdsec.nixosModules.crowdsec-firewall-bouncer
@ -86,9 +89,12 @@ in
environment.persistence."/persist" = {
directories = [
{ directory = "/var/lib/crowdsec"; user = "crowdsec"; group = "crowdsec"; }
{
directory = "/var/lib/crowdsec";
user = "crowdsec";
group = "crowdsec";
}
];
hideMounts = true;
};
}

View file

@ -1,6 +1,4 @@
{ ... }:
{
{...}: {
imports = [
./traefik
./crowdsec

View file

@ -1,6 +1,4 @@
{ config, ... }:
{
{config, ...}: {
services.forgejo = {
enable = true;
stateDir = "/srv/services/forgejo";
@ -34,8 +32,7 @@
services.traefik.dynamicConfigOptions.http.services = {
forgejo.loadBalancer.servers = [
{ url = "http://127.0.0.1:${toString config.services.forgejo.settings.server.HTTP_PORT}"; }
{url = "http://127.0.0.1:${toString config.services.forgejo.settings.server.HTTP_PORT}";}
];
};
}

View file

@ -1,6 +1,4 @@
{ config, ... }:
{
{config, ...}: {
# Setup grafana our grafana instance.
services.grafana = {
enable = true;
@ -24,13 +22,15 @@
# Setup our database for grafana.
services.mysql = {
ensureUsers = [{
name = "grafana";
ensurePermissions = {
"grafana.*" = "ALL PRIVILEGES";
};
}];
ensureDatabases = [ "grafana" ];
ensureUsers = [
{
name = "grafana";
ensurePermissions = {
"grafana.*" = "ALL PRIVILEGES";
};
}
];
ensureDatabases = ["grafana"];
};
# Setup our traefik router.
@ -50,7 +50,7 @@
# Setup our traefik service.
services.traefik.dynamicConfigOptions.http.services = {
grafana.loadBalancer.servers = [
{ url = "http://127.0.0.1:${toString config.services.grafana.settings.server.http_port}"; }
{url = "http://127.0.0.1:${toString config.services.grafana.settings.server.http_port}";}
];
};
}

View file

@ -1,6 +1,4 @@
{ config, ... }:
{
{config, ...}: {
services.lighttpd = {
enable = true;
port = 5624;
@ -23,8 +21,7 @@
services.traefik.dynamicConfigOptions.http.services = {
lighttpd.loadBalancer.servers = [
{ url = "http://127.0.0.1:${toString config.services.lighttpd.port}"; }
{url = "http://127.0.0.1:${toString config.services.lighttpd.port}";}
];
};
}

View file

@ -1,5 +1,10 @@
{ inputs, pkgs, lib, config, ... }:
let
{
inputs,
pkgs,
lib,
config,
...
}: let
modpack = pkgs.fetchPackwizModpack rec {
version = "7091175a49";
url = "https://git.sajenim.dev/jasmine/minecraft-modpack/raw/commit/${version}/pack.toml";
@ -7,9 +12,8 @@ let
};
mcVersion = modpack.manifest.versions.minecraft;
fabricVersion = modpack.manifest.versions.fabric;
serverVersion = lib.replaceStrings [ "." ] [ "_" ] "fabric-${mcVersion}";
in
{
serverVersion = lib.replaceStrings ["."] ["_"] "fabric-${mcVersion}";
in {
imports = [
inputs.nix-minecraft.nixosModules.minecraft-servers
];
@ -27,7 +31,7 @@ in
kanto = {
enable = true;
# The minecraft server package to use.
package = pkgs.fabricServers.${serverVersion}.override { loaderVersion = fabricVersion; }; # Specific fabric loader version.
package = pkgs.fabricServers.${serverVersion}.override {loaderVersion = fabricVersion;}; # Specific fabric loader version.
# Allowed players
whitelist = {
@ -49,7 +53,7 @@ in
# Things to symlink into this server's data directory.
symlinks = {
"mods" = "${modpack}/mods";
"mods" = "${modpack}/mods";
};
# Things to copy into this server's data directory.
@ -90,8 +94,7 @@ in
services.traefik.dynamicConfigOptions.http.services = {
minecraft.loadBalancer.servers = [
{ url = "http://127.0.0.1:${toString config.services.minecraft-servers.servers.kanto.serverProperties.server-port}"; }
{url = "http://127.0.0.1:${toString config.services.minecraft-servers.servers.kanto.serverProperties.server-port}";}
];
};
}

View file

@ -1,6 +1,4 @@
{ ... }:
{
{...}: {
services.mpd = {
enable = true;
musicDirectory = "/srv/multimedia/library/music";
@ -28,7 +26,7 @@
};
networking.firewall = {
# # for NFSv3; view with `rpcinfo -p`
allowedTCPPorts = [ 111 2049 4000 4001 4002 20048 ];
allowedUDPPorts = [ 111 2049 4000 4001 4002 20048 ];
allowedTCPPorts = [111 2049 4000 4001 4002 20048];
allowedUDPPorts = [111 2049 4000 4001 4002 20048];
};
}

View file

@ -1,10 +1,7 @@
{ pkgs, ... }:
{
{pkgs, ...}: {
services.mysql = {
enable = true;
package = pkgs.mariadb;
dataDir = "/srv/services/mysql";
};
}

View file

@ -1,9 +1,7 @@
{ config, ... }:
{
{config, ...}: {
services.prometheus = {
enable = true;
port = 9001; # Port to listen on.
port = 9001; # Port to listen on.
# Valid in all configuration contexts, defaults for other configuration sections.
globalConfig = {
@ -14,7 +12,7 @@
exporters = {
node = {
enable = true;
enabledCollectors = [ "systemd" "processes" ];
enabledCollectors = ["systemd" "processes"];
port = 9100;
};
};
@ -23,11 +21,12 @@
scrapeConfigs = [
{
job_name = "node";
static_configs = [{
targets = [ "127.0.0.1:${toString config.services.prometheus.exporters.node.port}" ];
}];
static_configs = [
{
targets = ["127.0.0.1:${toString config.services.prometheus.exporters.node.port}"];
}
];
}
];
};
}

View file

@ -1,6 +1,4 @@
{ ... }:
{
{...}: {
services.samba = {
enable = true;
securityType = "user";
@ -47,5 +45,5 @@
openFirewall = true;
};
environment.persistence."/persist".directories = [ "/var/lib/samba" ];
environment.persistence."/persist".directories = ["/var/lib/samba"];
}

View file

@ -1,7 +1,10 @@
{ inputs, config, pkgs, ... }:
{
disabledModules = [ "services/web-servers/traefik.nix" ];
inputs,
config,
pkgs,
...
}: {
disabledModules = ["services/web-servers/traefik.nix"];
imports = [
"${inputs.nixpkgs-unstable}/nixos/modules/services/web-servers/traefik.nix"
@ -86,12 +89,14 @@
# List of domains in our network
domains = [
# Internal services
{ main = "kanto.dev";
sans = [ "*.kanto.dev" ];
{
main = "kanto.dev";
sans = ["*.kanto.dev"];
}
# Public services
{ main = "sajenim.dev";
sans = [ "*.sajenim.dev" ];
{
main = "sajenim.dev";
sans = ["*.sajenim.dev"];
}
];
};
@ -106,7 +111,7 @@
metrics = {
prometheus = {
entryPoint = "metrics";
buckets = [ "0.1" "0.3" "1.2" "5.0" ];
buckets = ["0.1" "0.3" "1.2" "5.0"];
addEntryPointsLabels = true;
addRoutersLabels = true;
addServicesLabels = true;
@ -144,20 +149,33 @@
services.prometheus.scrapeConfigs = [
{
job_name = "traefik";
static_configs = [{
targets = [ "127.0.0.1:8082" ];
}];
static_configs = [
{
targets = ["127.0.0.1:8082"];
}
];
}
];
# Persist our traefik data & logs
environment.persistence."/persist" = {
directories = [
{ directory = "/var/lib/traefik"; user = "traefik"; group = "traefik"; }
{ directory = "/var/log/traefik"; user = "traefik"; group = "traefik"; }
{ directory = "/plugins-storage"; user = "traefik"; group = "traefik"; }
{
directory = "/var/lib/traefik";
user = "traefik";
group = "traefik";
}
{
directory = "/var/log/traefik";
user = "traefik";
group = "traefik";
}
{
directory = "/plugins-storage";
user = "traefik";
group = "traefik";
}
];
hideMounts = true;
};
}

View file

@ -1,6 +1,4 @@
{ config, ... }:
{
{config, ...}: {
# Crowdsec Local API key for the bouncer.
age.secrets.traefik-bouncer-key = {
rekeyFile = ../crowdsec/traefik-bouncer-key.age;
@ -12,7 +10,7 @@
services.traefik.dynamicConfigOptions.http.middlewares = {
# Restrict access to internal networks
internal.ipwhitelist.sourcerange = [
"127.0.0.1/32" # localhost
"127.0.0.1/32" # localhost
"192.168.20.1/24" # lan
];
@ -57,4 +55,3 @@
};
};
}

View file

@ -1,6 +1,4 @@
{ ... }:
{
{...}: {
services.traefik.dynamicConfigOptions.http.routers = {
traefik-dashboard = {
rule = "Host(`traefik.kanto.dev`)";
@ -25,4 +23,3 @@
};
};
}

View file

@ -1,10 +1,7 @@
{ ... }:
{
{...}: {
services.traefik.dynamicConfigOptions.http.services = {
ender1.loadBalancer.servers = [
{ url = "http://192.168.1.103:80"; }
{url = "http://192.168.1.103:80";}
];
};
}

View file

@ -1,7 +1,5 @@
# This file defines overlays
{ inputs, ... }:
{
{inputs, ...}: {
# This one brings our custom packages from the 'pkgs' directory
additions = final: _prev: import ../pkgs final.pkgs;

View file

@ -1,27 +1,27 @@
{ stdenv
, lib
, fetchFromGitHub
, bash
, subversion
, makeWrapper
{
stdenv,
lib,
fetchFromGitHub,
bash,
subversion,
makeWrapper,
}:
stdenv.mkDerivation {
pname = "amdgpu-clocks";
version = "973139a";
src = fetchFromGitHub {
# https://github.com/sibradzic/amdgpu-clocks
owner = "sibradzic";
repo = "amdgpu-clocks";
rev = "973139a5933bd315aa99332b642305ef5ef49a32";
sha256 = "sha256-mZV4ECNG9X6SDIWl6P0nHrxa4kGU1h/hFdMcswbEYrk=";
};
buildInputs = [ bash subversion ];
nativeBuildInputs = [ makeWrapper ];
installPhase = ''
mkdir -p $out/bin
cp amdgpu-clocks $out/bin/amdgpu-clocks
wrapProgram $out/bin/amdgpu-clocks \
--prefix PATH : ${lib.makeBinPath [ bash subversion ]}
'';
}
stdenv.mkDerivation {
pname = "amdgpu-clocks";
version = "973139a";
src = fetchFromGitHub {
# https://github.com/sibradzic/amdgpu-clocks
owner = "sibradzic";
repo = "amdgpu-clocks";
rev = "973139a5933bd315aa99332b642305ef5ef49a32";
sha256 = "sha256-mZV4ECNG9X6SDIWl6P0nHrxa4kGU1h/hFdMcswbEYrk=";
};
buildInputs = [bash subversion];
nativeBuildInputs = [makeWrapper];
installPhase = ''
mkdir -p $out/bin
cp amdgpu-clocks $out/bin/amdgpu-clocks
wrapProgram $out/bin/amdgpu-clocks \
--prefix PATH : ${lib.makeBinPath [bash subversion]}
'';
}

View file

@ -1,8 +1,7 @@
# Custom packages, that can be defined similarly to ones from nixpkgs
# You can build them using 'nix build .#example'
pkgs: {
xmobar = pkgs.callPackage ./xmobar-config { };
xmonad = pkgs.callPackage ./xmonad-config { };
amdgpu-clocks = pkgs.callPackage ./amdgpu-clocks { };
xmobar = pkgs.callPackage ./xmobar-config {};
xmonad = pkgs.callPackage ./xmonad-config {};
amdgpu-clocks = pkgs.callPackage ./amdgpu-clocks {};
}

View file

@ -1,5 +1,4 @@
{ pkgs }:
{pkgs}:
pkgs.haskellPackages.developPackage {
root = ./.;
}

View file

@ -1,4 +1,4 @@
{ pkgs ? import <nixpkgs> {} }:
pkgs.mkShell {
nativeBuildInputs = with pkgs.buildPackages; [ cabal-install ghc ];
{pkgs ? import <nixpkgs> {}}:
pkgs.mkShell {
nativeBuildInputs = with pkgs.buildPackages; [cabal-install ghc];
}

View file

@ -1,12 +1,10 @@
{ pkgs }:
{pkgs}:
pkgs.haskellPackages.developPackage {
root = ./.;
source-overrides = {
xmonad = (builtins.fetchTarball {
xmonad = builtins.fetchTarball {
url = "https://github.com/xmonad/xmonad/archive/refs/tags/v0.18.0.tar.gz";
sha256 = "0jlc60n5jarcxgjxm1vcsgc3s2lwmn3c3n56hialhzx54wfskkbc";
});
};
};
}

View file

@ -1,4 +1,4 @@
{ pkgs ? import <nixpkgs> {} }:
pkgs.mkShell {
nativeBuildInputs = with pkgs.buildPackages; [ cabal-install ghc ];
{pkgs ? import <nixpkgs> {}}:
pkgs.mkShell {
nativeBuildInputs = with pkgs.buildPackages; [cabal-install ghc];
}