home-manager/sajenim/features/cli/zsh.nix

@@ -9,13 +9,11 @@
     enable = true;
     
     # Enable extra features
-    autosuggestion = {
+    enableAutosuggestions = true;
-      enable = true;
+    enableCompletion = true;
-    };
     syntaxHighlighting = {
       enable = true;
     };
-    enableCompletion = true;
     dotDir = ".config/zsh";
     
     # Commands that should be added to to top of '.zshrc'
@@ -25,8 +23,6 @@
     # Aliases
     shellAliases = {
       c  = "clear";
-      r  = "cd ~/.repositories";
-      p  = "cd ~/.print";
       la = "ls -a";
       ll = "ls -l";
       tt = "wezterm cli set-tab-title ";

home-manager/sajenim/features/games/mangohud.nix

@@ -6,7 +6,7 @@
     package = pkgs.mangohud;
     settings = {
       # Performance
-      fps_limit = 144;
+      fps_limit = 60;
       # GPU
       gpu_temp = true;
       gpu_junction_temp = true;

home-manager/sajenim/fuchsia.nix

@@ -37,9 +37,6 @@
     persistence."/persist/home/sajenim" = {
       directories = [
         ".mozilla"
-        # Hidden user data
-        ".repositories"
-        ".print"
         # Mutable configurations
         ".config/Yubico"
         # Application specific data
@@ -51,6 +48,7 @@
         "Games"
         "Music"
         "Pictures"
+        "Printer"
         "Videos"
       ];
     };

home-manager/sajenim/global/default.nix

@@ -28,6 +28,8 @@
 
     persistence."/persist/home/sajenim" = {
       directories = [
+        ".backup"
+        ".github"
         ".gnupg"
         ".ssh"
 

nixos/common/optional/key.nix

@@ -14,7 +14,7 @@
   programs.gnupg.agent = {
     enable = true;
     # Fix: invalid time when using keytocard
-    pinentryPackage = pkgs.pinentry-curses;
+    pinentryFlavor = "gtk2";
   };
 
   # Use our yubikey as a user login or for sudo access 

nixos/common/users/sajenim/default.nix

@@ -20,6 +20,5 @@
     users = {
       sajenim = import "${inputs.self}/home-manager/sajenim/${config.networking.hostName}.nix";
     };
-    backupFileExtension = "bak";
   };
 }

nixos/fuchsia/configuration.nix

@@ -3,11 +3,9 @@
 {
   imports = [
     ../common/global
-
     ../common/users/sajenim
     ../common/users/sajenim/samba
     ../common/users/sajenim/steam
-
     ../common/optional/key.nix
 
     ./services
@@ -67,26 +65,26 @@
     # Setup our display server.
     xserver = {
       enable = true;
-      xkb.layout = "au";
+      layout = "au";
       videoDrivers = [ "amdgpu" ];
+      libinput = {
+        enable = true;
+        mouse = {
+          accelProfile = "flat";
+        };
+      };
       displayManager.startx.enable = true;
     };
 
-    libinput = {
-      enable = true;
-      mouse = { accelProfile = "flat"; };
-    };
-
-
     # Get up and running with large language models locally.
-    # ollama = {
+    ollama = {
-    #   enable = true;
+      enable = true;
-    #   package = pkgs.unstable.ollama;
+      package = pkgs.unstable.ollama;
-    #   acceleration = "rocm";
+      acceleration = "rocm";
-    #   # environmentVariables = {
+      # environmentVariables = {
-    #   #  HSA_OVERRIDE_GFX_VERSION = "10.3.0";
+      #  HSA_OVERRIDE_GFX_VERSION = "10.3.0";
-    #   # };
+      # };
-    # };
+    };
 
     # Enable a few other services.
     ratbagd.enable = true;

nixos/viridian/configuration.nix

@@ -1,4 +1,4 @@
-{ pkgs, ... }: 
+{ outputs, pkgs, ... }: 
 
 {
   imports = [

nixos/viridian/hardware-configuration.nix

@@ -1,7 +1,5 @@
 { config, lib, ... }:
-let
+
-  hostname = config.networking.hostName;
-in
 {
   imports = [
     ../common/optional/ephemeral-btrfs.nix
@@ -32,17 +30,11 @@ in
   };
 
   fileSystems."/srv/containers" = {
-    device = "/dev/disk/by-label/${hostname}";
+    device = "/dev/disk/by-label/data";
     fsType = "btrfs";
     options = [ "subvol=containers" "compress=zstd" ];
   };
 
-  fileSystems."/srv/services" = {
-    device = "/dev/disk/by-label/${hostname}";
-    fsType = "btrfs";
-    options = [ "subvol=services" "compress=zstd" ];
-  };
-
   fileSystems."/srv/shares" = {
     device = "/dev/disk/by-label/data";
     fsType = "btrfs";

nixos/viridian/services/borgbackup.nix

@@ -7,21 +7,7 @@
         "/srv/containers"
       ];
       encryption.mode = "none";
-      repo = "/srv/backup/containers";
+      repo = "/srv/backup/borg/containers";
-      compression = "auto,zstd";
-      startAt = "daily";
-    };
-
-    services = {
-      paths = [
-        "/srv/services"
-      ];
-      encryption.mode = "none";
-      repo = "/srv/backup/services";
-      compression = "auto,zstd";
-      startAt = "daily";
-    };
-
     shares = {
       paths = [
         "/srv/shares"

nixos/viridian/services/default.nix

@@ -6,7 +6,6 @@
     ./minecraft
     ./borgbackup.nix
     ./forgejo.nix
-    ./httpd.nix
     ./mpd.nix
     ./samba.nix
   ];

nixos/viridian/services/httpd.nix

@@ -1,16 +0,0 @@
-{ ... }:
-
-{
-  services.httpd = {
-    enable = true;
-    virtualHosts."sajenim.dev" = {
-      documentRoot = "/srv/services/httpd/sajenim.dev";
-      listen = [{
-        ip = "192.168.1.102";
-        port = 5624;
-      }];
-      adminAddr = "its.jassy@pm.me";
-    };
-  };
-}
-

nixos/viridian/services/traefik/default.nix

@@ -11,7 +11,7 @@
   ];
 
   age.secrets.traefik = {
-    # Environment variables for porkbun dns challenge
+    # Environment variables for cloudflare dns challenge
     rekeyFile = ./environment.age;
     owner = "traefik";
     group = "traefik";
@@ -73,6 +73,24 @@
         # Hypertext Transfer Protocol Secure
         websecure = {
           address = ":443";
+          # Trust cloudflares forwarded header information
+          forwardedHeaders.trustedIPs = [
+            "173.245.48.0/20"
+            "103.21.244.0/22"
+            "103.22.200.0/22"
+            "103.31.4.0/22"
+            "141.101.64.0/18"
+            "108.162.192.0/18"
+            "190.93.240.0/20"
+            "188.114.96.0/20"
+            "197.234.240.0/22"
+            "198.41.128.0/17"
+            "162.158.0.0/15"
+            "172.64.0.0/13"
+            "131.0.72.0/22"
+            "104.16.0.0/13"
+            "104.24.0.0/14"
+          ];
           # Requests wildcard SSL certs for our services
           http.tls = {
             certResolver = "lets-encrypt";
@@ -103,7 +121,7 @@
           caServer = "https://acme-v02.api.letsencrypt.org/directory";
           # Use a DNS-01 ACME challenge
           dnsChallenge = {
-            provider = "porkbun";
+            provider = "cloudflare";
             resolvers = [
               "1.1.1.1:53"
               "8.8.8.8:53"

nixos/viridian/services/traefik/routers.nix

@@ -2,17 +2,6 @@
 
 { 
   services.traefik.dynamicConfigOptions.http.routers = {
-    httpd = {
-      rule = "Host(`sajenim.dev`)";
-      entryPoints = [
-        "websecure"
-      ];
-      middlewares = [
-        "geoblock"
-      ];
-      service = "httpd";
-    };
-
     forgejo = {
       rule = "Host(`git.sajenim.dev`)";
       entryPoints = [
@@ -124,7 +113,7 @@
     };
 
     qbittorrent = {
-      rule = "Host(`torrent.kanto.dev`)";
+      rule = "Host(`qbittorrent.kanto.dev`)";
       entryPoints = [
         "websecure"
       ];
@@ -155,17 +144,6 @@
       ];
       service = "microbin";
     };
-
-    ender1 = {
-      rule = "Host(`e1.kanto.dev`)";
-      entryPoints = [
-        "websecure"
-      ];
-      middlewares = [
-        "admin"
-      ];
-      service = "ender1";
-    };
   };
 }
 

nixos/viridian/services/traefik/services.nix

@@ -2,15 +2,9 @@
 
 {
   services.traefik.dynamicConfigOptions.http.services = {
-    # sajenim.dev
-    httpd.loadBalancer.servers = [
-      { url = "http://192.168.1.102:5624"; }
-    ];
     forgejo.loadBalancer.servers = [
       { url = "http://192.168.1.102:3131"; }
     ];
-
-    # kanto.dev
     homarr.loadBalancer.servers = [
       { url = "http://192.168.1.102:7575"; }
     ];
@@ -44,9 +38,6 @@
     microbin.loadBalancer.servers = [
       { url = "http://192.168.1.102:8181"; }
     ];
-    ender1.loadBalancer.servers = [
-      { url = "http://192.168.1.103:80"; }
-    ];
   };
 }