updated postgres
This commit is contained in:
parent
564d4f6230
commit
a8e0ae35da
|
@ -1,6 +1,4 @@
|
||||||
{ config
|
{config, ...}: {
|
||||||
, ...
|
|
||||||
}: {
|
|
||||||
imports = [
|
imports = [
|
||||||
# Import users
|
# Import users
|
||||||
./users/sam
|
./users/sam
|
||||||
|
@ -15,7 +13,6 @@
|
||||||
./common/optional/desktop/common/themes/standard-dark.nix
|
./common/optional/desktop/common/themes/standard-dark.nix
|
||||||
./common/optional/notes.nix
|
./common/optional/notes.nix
|
||||||
./common/optional/yazi.nix
|
./common/optional/yazi.nix
|
||||||
|
|
||||||
];
|
];
|
||||||
|
|
||||||
colorScheme = {
|
colorScheme = {
|
||||||
|
|
|
@ -17,5 +17,6 @@
|
||||||
pkgs.transmission
|
pkgs.transmission
|
||||||
pkgs.qgis
|
pkgs.qgis
|
||||||
pkgs.mpv
|
pkgs.mpv
|
||||||
|
pkgs.gnome.simple-scan
|
||||||
];
|
];
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,27 +1,48 @@
|
||||||
{ pkgs, ... }:
|
{pkgs, ...}: {
|
||||||
{
|
|
||||||
# Prevent error when enabling gtk https://github.com/nix-community/home-manager/issues/3113
|
# Prevent error when enabling gtk https://github.com/nix-community/home-manager/issues/3113
|
||||||
# error: GDBus.Error:org.freedesktop.DBus.Error.ServiceUnknown: The name ca.desrt.dconf was not provided by any .service files
|
# error: GDBus.Error:org.freedesktop.DBus.Error.ServiceUnknown: The name ca.desrt.dconf was not provided by any .service files
|
||||||
home.packages = [
|
home.packages = [
|
||||||
pkgs.dconf
|
pkgs.dconf
|
||||||
pkgs.vimix-cursor-theme
|
|
||||||
];
|
];
|
||||||
gtk.enable = true;
|
|
||||||
home.file.".icons/default".source = "${pkgs.vimix-cursor-theme}/share/icons/Vimix-Cursors";
|
|
||||||
|
|
||||||
# Get details about theme package
|
# Get details about theme package
|
||||||
#cd $(nix build nixpkgs#kanagawa-gtk-theme --print-out-paths --no-link) && nix run nixpkgs#eza -- --tree --level 4
|
#cd $(nix build nixpkgs#kanagawa-gtk-theme --print-out-paths --no-link) && nix run nixpkgs#eza -- --tree --level 4
|
||||||
gtk.theme.package = pkgs.kanagawa-gtk-theme;
|
|
||||||
|
|
||||||
gtk.cursorTheme = {
|
gtk = {
|
||||||
name = "Vimix-Cursors";
|
enable = true;
|
||||||
package = pkgs.vimix-cursor-theme;
|
theme = {
|
||||||
|
name = "Kanagawa-B";
|
||||||
|
package = pkgs.kanagawa-gtk-theme;
|
||||||
|
};
|
||||||
|
iconTheme = {
|
||||||
|
package = pkgs.gnome.adwaita-icon-theme;
|
||||||
|
name = "Adwaita";
|
||||||
};
|
};
|
||||||
|
|
||||||
gtk.theme.name = "Kanagawa-B";
|
gtk3.extraConfig = {
|
||||||
|
Settings = ''
|
||||||
|
gtk-application-prefer-dark-theme=1
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
|
||||||
gtk.iconTheme.package = pkgs.kanagawa-icon-theme;
|
gtk4.extraConfig = {
|
||||||
gtk.iconTheme.name = "Kanagawa";
|
Settings = ''
|
||||||
|
gtk-application-prefer-dark-theme=1
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
#gtk.theme.package = pkgs.kanagawa-gtk-theme;
|
||||||
|
|
||||||
|
# gtk.cursorTheme = {
|
||||||
|
# name = "Vimix-Cursors";
|
||||||
|
# package = pkgs.vimix-cursor-theme;
|
||||||
|
# };
|
||||||
|
|
||||||
|
# gtk.theme.name = "Kanagawa-B";
|
||||||
|
|
||||||
|
# gtk.iconTheme.package = pkgs.kanagawa-icon-theme;
|
||||||
|
# gtk.iconTheme.name = "Kanagawa";
|
||||||
|
|
||||||
qt.enable = true;
|
qt.enable = true;
|
||||||
qt.platformTheme.name = "gtk";
|
qt.platformTheme.name = "gtk";
|
||||||
|
|
|
@ -1,6 +1,7 @@
|
||||||
{ pkgs
|
{
|
||||||
, config
|
pkgs,
|
||||||
, ...
|
config,
|
||||||
|
...
|
||||||
}: {
|
}: {
|
||||||
imports = [
|
imports = [
|
||||||
# Import users
|
# Import users
|
||||||
|
@ -16,7 +17,6 @@
|
||||||
./common/optional/desktop/common/themes/standard-dark.nix
|
./common/optional/desktop/common/themes/standard-dark.nix
|
||||||
./common/optional/notes.nix
|
./common/optional/notes.nix
|
||||||
./common/optional/yazi.nix
|
./common/optional/yazi.nix
|
||||||
|
|
||||||
];
|
];
|
||||||
|
|
||||||
colorScheme = {
|
colorScheme = {
|
||||||
|
@ -43,14 +43,6 @@
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
home.pointerCursor = {
|
|
||||||
x11.enable = true;
|
|
||||||
name = "Vimix-Cursors";
|
|
||||||
package = pkgs.vimix-cursor-theme;
|
|
||||||
size = 64;
|
|
||||||
gtk.enable = true;
|
|
||||||
};
|
|
||||||
|
|
||||||
xresources.extraConfig = ''
|
xresources.extraConfig = ''
|
||||||
! st
|
! st
|
||||||
st.alpha: 0.8
|
st.alpha: 0.8
|
||||||
|
@ -84,5 +76,4 @@
|
||||||
Nsxiv.bar.foreground: #${config.colorScheme.colors.base05}
|
Nsxiv.bar.foreground: #${config.colorScheme.colors.base05}
|
||||||
Nsxiv.bar.font: monospace:size=12
|
Nsxiv.bar.font: monospace:size=12
|
||||||
'';
|
'';
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,9 +1,9 @@
|
||||||
{ pkgs, ... }:
|
{pkgs, ...}: {
|
||||||
{
|
|
||||||
services = {
|
services = {
|
||||||
|
udev.packages = [pkgs.sane-airscan];
|
||||||
printing = {
|
printing = {
|
||||||
enable = true;
|
enable = true;
|
||||||
drivers = [ pkgs.gutenprint pkgs.hplip ];
|
drivers = [pkgs.gutenprint pkgs.hplip];
|
||||||
};
|
};
|
||||||
avahi = {
|
avahi = {
|
||||||
enable = true;
|
enable = true;
|
||||||
|
@ -11,7 +11,14 @@
|
||||||
openFirewall = true;
|
openFirewall = true;
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
hardware.printers = {
|
|
||||||
|
hardware = {
|
||||||
|
sane = {
|
||||||
|
enable = true;
|
||||||
|
extraBackends = [pkgs.sane-airscan];
|
||||||
|
netConf = "10.0.10.2";
|
||||||
|
};
|
||||||
|
printers = {
|
||||||
ensurePrinters = [
|
ensurePrinters = [
|
||||||
{
|
{
|
||||||
name = "HP_ENVY_6000";
|
name = "HP_ENVY_6000";
|
||||||
|
@ -25,4 +32,5 @@
|
||||||
}
|
}
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,22 +1,26 @@
|
||||||
{ pkgs, inputs, config, lib, ... }:
|
{
|
||||||
let
|
pkgs,
|
||||||
|
inputs,
|
||||||
|
config,
|
||||||
|
lib,
|
||||||
|
...
|
||||||
|
}: let
|
||||||
username = "media";
|
username = "media";
|
||||||
pubKeys = lib.filesystem.listFilesRecursive (../keys);
|
pubKeys = lib.filesystem.listFilesRecursive ../keys;
|
||||||
hostname = config.networking.hostName;
|
hostname = config.networking.hostName;
|
||||||
sopsHashedPasswordFile = lib.optionalString (lib.hasAttr "sops-nix" inputs) config.sops.secrets."passwords/${username}".path;
|
sopsHashedPasswordFile = lib.optionalString (lib.hasAttr "sops-nix" inputs) config.sops.secrets."passwords/${username}".path;
|
||||||
secretsDirectory = builtins.toString inputs.nix-secrets;
|
secretsDirectory = builtins.toString inputs.nix-secrets;
|
||||||
secretsFile = "${secretsDirectory}/secrets.yaml";
|
secretsFile = "${secretsDirectory}/secrets.yaml";
|
||||||
|
in {
|
||||||
in
|
|
||||||
{
|
|
||||||
users.users.${username} = {
|
users.users.${username} = {
|
||||||
isNormalUser = true;
|
isNormalUser = true;
|
||||||
shell = pkgs.zsh; # default shell
|
shell = pkgs.zsh; # default shell
|
||||||
hashedPasswordFile = sopsHashedPasswordFile;
|
hashedPasswordFile = sopsHashedPasswordFile;
|
||||||
openssh.authorizedKeys.keys = lib.lists.forEach pubKeys (key: builtins.readFile key);
|
openssh.authorizedKeys.keys = lib.lists.forEach pubKeys (key: builtins.readFile key);
|
||||||
|
|
||||||
extraGroups =
|
extraGroups = [
|
||||||
[
|
"scanner"
|
||||||
|
"lp"
|
||||||
"wheel"
|
"wheel"
|
||||||
];
|
];
|
||||||
|
|
||||||
|
@ -65,13 +69,11 @@ in
|
||||||
# The containing ssh folders are created as root and if this is the first ~/.ssh/ entry when writing keys,
|
# The containing ssh folders are created as root and if this is the first ~/.ssh/ entry when writing keys,
|
||||||
# the ownership is busted and home-manager can't target because it can't write into .ssh...
|
# the ownership is busted and home-manager can't target because it can't write into .ssh...
|
||||||
# FIXME: We might not need this depending on how https://github.com/Mic92/sops-nix/issues/381 is fixed
|
# FIXME: We might not need this depending on how https://github.com/Mic92/sops-nix/issues/381 is fixed
|
||||||
system.activationScripts.sopsSetSshOwnwership =
|
system.activationScripts.sopsSetSshOwnwership = let
|
||||||
let
|
|
||||||
sshFolder = "/home/${username}/.ssh";
|
sshFolder = "/home/${username}/.ssh";
|
||||||
user = config.users.users.${username}.name;
|
user = config.users.users.${username}.name;
|
||||||
group = config.users.users.${username}.group;
|
group = config.users.users.${username}.group;
|
||||||
in
|
in ''
|
||||||
''
|
|
||||||
mkdir -p ${sshFolder} || true
|
mkdir -p ${sshFolder} || true
|
||||||
chown -R ${user}:${group} /home/${username}/.ssh
|
chown -R ${user}:${group} /home/${username}/.ssh
|
||||||
'';
|
'';
|
||||||
|
@ -82,7 +84,7 @@ in
|
||||||
programs.fuse.userAllowOther = true;
|
programs.fuse.userAllowOther = true;
|
||||||
|
|
||||||
home-manager = {
|
home-manager = {
|
||||||
extraSpecialArgs = { inherit inputs; };
|
extraSpecialArgs = {inherit inputs;};
|
||||||
users = {
|
users = {
|
||||||
${username} = import ../../../../home/${hostname}.nix;
|
${username} = import ../../../../home/${hostname}.nix;
|
||||||
};
|
};
|
||||||
|
|
|
@ -1,13 +1,17 @@
|
||||||
{ pkgs, inputs, config, lib, ... }:
|
{
|
||||||
let
|
pkgs,
|
||||||
|
inputs,
|
||||||
|
config,
|
||||||
|
lib,
|
||||||
|
...
|
||||||
|
}: let
|
||||||
hostname = config.networking.hostName;
|
hostname = config.networking.hostName;
|
||||||
pubKeys = lib.filesystem.listFilesRecursive (../keys);
|
pubKeys = lib.filesystem.listFilesRecursive ../keys;
|
||||||
sopsHashedPasswordFile = lib.optionalString (lib.hasAttr "sops-nix" inputs) config.sops.secrets."passwords/sam".path;
|
sopsHashedPasswordFile = lib.optionalString (lib.hasAttr "sops-nix" inputs) config.sops.secrets."passwords/sam".path;
|
||||||
secretsDirectory = builtins.toString inputs.nix-secrets;
|
secretsDirectory = builtins.toString inputs.nix-secrets;
|
||||||
secretsFile = "${secretsDirectory}/secrets.yaml";
|
secretsFile = "${secretsDirectory}/secrets.yaml";
|
||||||
username = "sam";
|
username = "sam";
|
||||||
in
|
in {
|
||||||
{
|
|
||||||
users.users.${username} = {
|
users.users.${username} = {
|
||||||
isNormalUser = true;
|
isNormalUser = true;
|
||||||
shell = pkgs.zsh; # default shell
|
shell = pkgs.zsh; # default shell
|
||||||
|
@ -17,8 +21,9 @@ in
|
||||||
extraGroups = [
|
extraGroups = [
|
||||||
"wheel"
|
"wheel"
|
||||||
"networkmanager"
|
"networkmanager"
|
||||||
|
"scanner"
|
||||||
|
"lp"
|
||||||
];
|
];
|
||||||
|
|
||||||
};
|
};
|
||||||
|
|
||||||
sops.secrets = {
|
sops.secrets = {
|
||||||
|
@ -39,15 +44,15 @@ in
|
||||||
"github-access-token" = {
|
"github-access-token" = {
|
||||||
mode = "0655";
|
mode = "0655";
|
||||||
};
|
};
|
||||||
"software/postgres/btc_models/password" = { };
|
"software/postgres/btc_models/password" = {};
|
||||||
"software/postgres/btc_models/ip" = { };
|
"software/postgres/btc_models/ip" = {};
|
||||||
"software/postgres/btc_models/username" = { };
|
"software/postgres/btc_models/username" = {};
|
||||||
"software/postgres/osm/password" = { };
|
"software/postgres/osm/password" = {};
|
||||||
"software/postgres/osm/ip" = { };
|
"software/postgres/osm/ip" = {};
|
||||||
"software/postgres/osm/username" = { };
|
"software/postgres/osm/username" = {};
|
||||||
"software/zotero/username" = { };
|
"software/zotero/username" = {};
|
||||||
"software/zotero/password" = { };
|
"software/zotero/password" = {};
|
||||||
"software/zotero/guid" = { };
|
"software/zotero/guid" = {};
|
||||||
};
|
};
|
||||||
|
|
||||||
# Setup software specific templates for user
|
# Setup software specific templates for user
|
||||||
|
@ -115,13 +120,11 @@ in
|
||||||
# The containing folders are created as root and if this is the first entry when writing files,
|
# The containing folders are created as root and if this is the first entry when writing files,
|
||||||
# the ownership is busted and home-manager can't target because it can't write to these dirs...
|
# the ownership is busted and home-manager can't target because it can't write to these dirs...
|
||||||
# FIXME: We might not need this depending on how https://github.com/Mic92/sops-nix/issues/381 is fixed
|
# FIXME: We might not need this depending on how https://github.com/Mic92/sops-nix/issues/381 is fixed
|
||||||
system.activationScripts.sopsSetOwnwership =
|
system.activationScripts.sopsSetOwnwership = let
|
||||||
let
|
|
||||||
sshFolder = "/home/${username}/.ssh";
|
sshFolder = "/home/${username}/.ssh";
|
||||||
user = config.users.users.${username}.name;
|
user = config.users.users.${username}.name;
|
||||||
group = config.users.users.${username}.group;
|
group = config.users.users.${username}.group;
|
||||||
in
|
in ''
|
||||||
''
|
|
||||||
mkdir -p ${sshFolder} || true
|
mkdir -p ${sshFolder} || true
|
||||||
chown -R ${user}:${group} /home/${username}/.ssh
|
chown -R ${user}:${group} /home/${username}/.ssh
|
||||||
'';
|
'';
|
||||||
|
@ -135,7 +138,7 @@ in
|
||||||
programs.zsh.enable = true;
|
programs.zsh.enable = true;
|
||||||
|
|
||||||
home-manager = {
|
home-manager = {
|
||||||
extraSpecialArgs = { inherit inputs; };
|
extraSpecialArgs = {inherit inputs;};
|
||||||
users = {
|
users = {
|
||||||
${username} = import ../../../../home/${hostname}.nix;
|
${username} = import ../../../../home/${hostname}.nix;
|
||||||
};
|
};
|
||||||
|
|
|
@ -1,25 +1,38 @@
|
||||||
{ inputs, lib, pkgs, ... }:
|
{
|
||||||
let
|
inputs,
|
||||||
|
lib,
|
||||||
|
pkgs,
|
||||||
|
...
|
||||||
|
}: let
|
||||||
# Disko setup
|
# Disko setup
|
||||||
fsType = "btrfs"; # one of ext4 or btrfs. Use btrfs if using impermanence
|
fsType = "btrfs"; # one of ext4 or btrfs. Use btrfs if using impermanence
|
||||||
dev = "/dev/nvme0n1"; # depends on target hardware
|
dev = "/dev/nvme0n1"; # depends on target hardware
|
||||||
encrypted = true; # currrently only applies to btrfs
|
encrypted = true; # currrently only applies to btrfs
|
||||||
btrfsMountDevice = if encrypted then "/dev/mapper/crypted" else "/dev/root_vg/root";
|
btrfsMountDevice =
|
||||||
|
if encrypted
|
||||||
|
then "/dev/mapper/crypted"
|
||||||
|
else "/dev/root_vg/root";
|
||||||
user = "sam";
|
user = "sam";
|
||||||
impermanence = true;
|
impermanence = true;
|
||||||
in
|
in {
|
||||||
{
|
imports = [
|
||||||
imports =
|
|
||||||
[
|
|
||||||
# Create users for this host
|
# Create users for this host
|
||||||
../common/users/${user}
|
../common/users/${user}
|
||||||
|
|
||||||
# Disk configuration
|
# Disk configuration
|
||||||
inputs.disko.nixosModules.disko
|
inputs.disko.nixosModules.disko
|
||||||
(import ../common/disks { device = dev; impermanence = impermanence; fsType = fsType; encrypted = encrypted; })
|
(import ../common/disks {
|
||||||
|
device = dev;
|
||||||
|
impermanence = impermanence;
|
||||||
|
fsType = fsType;
|
||||||
|
encrypted = encrypted;
|
||||||
|
})
|
||||||
|
|
||||||
# Impermanence
|
# Impermanence
|
||||||
(import ../common/disks/btrfs/impermanence.nix { btrfsMountDevice = btrfsMountDevice; lib = lib; })
|
(import ../common/disks/btrfs/impermanence.nix {
|
||||||
|
btrfsMountDevice = btrfsMountDevice;
|
||||||
|
lib = lib;
|
||||||
|
})
|
||||||
|
|
||||||
# Import core options
|
# Import core options
|
||||||
./hardware-configuration.nix
|
./hardware-configuration.nix
|
||||||
|
@ -33,11 +46,10 @@ in
|
||||||
../common/optional/nfs-mounts/media.nix
|
../common/optional/nfs-mounts/media.nix
|
||||||
../common/optional/nfs-mounts/homeshare.nix
|
../common/optional/nfs-mounts/homeshare.nix
|
||||||
../common/optional/printing.nix
|
../common/optional/printing.nix
|
||||||
|
|
||||||
];
|
];
|
||||||
|
|
||||||
boot = {
|
boot = {
|
||||||
blacklistedKernelModules = [ "snd_hda_intel" "snd_soc_skl" ];
|
blacklistedKernelModules = ["snd_hda_intel" "snd_soc_skl"];
|
||||||
kernelPackages = pkgs.linuxPackagesFor pkgs.linux_latest;
|
kernelPackages = pkgs.linuxPackagesFor pkgs.linux_latest;
|
||||||
loader = {
|
loader = {
|
||||||
systemd-boot.enable = true;
|
systemd-boot.enable = true;
|
||||||
|
@ -69,7 +81,7 @@ in
|
||||||
hostName = "semita";
|
hostName = "semita";
|
||||||
networkmanager.enable = true;
|
networkmanager.enable = true;
|
||||||
enableIPv6 = false;
|
enableIPv6 = false;
|
||||||
nameservers = [ "10.0.10.60" "8.8.8.8" ];
|
nameservers = ["10.0.10.60" "8.8.8.8"];
|
||||||
};
|
};
|
||||||
|
|
||||||
services.libinput.enable = true;
|
services.libinput.enable = true;
|
||||||
|
|
Loading…
Reference in New Issue