updated postgres

This commit is contained in:
Sam 2024-09-09 11:41:10 +01:00
parent 564d4f6230
commit a8e0ae35da
8 changed files with 160 additions and 125 deletions

View File

@ -1,6 +1,4 @@
{ config {config, ...}: {
, ...
}: {
imports = [ imports = [
# Import users # Import users
./users/sam ./users/sam
@ -15,7 +13,6 @@
./common/optional/desktop/common/themes/standard-dark.nix ./common/optional/desktop/common/themes/standard-dark.nix
./common/optional/notes.nix ./common/optional/notes.nix
./common/optional/yazi.nix ./common/optional/yazi.nix
]; ];
colorScheme = { colorScheme = {
@ -72,7 +69,7 @@
Nsxiv.window.background: #${config.colorScheme.colors.base03} Nsxiv.window.background: #${config.colorScheme.colors.base03}
Nsxiv.window.foreground: #${config.colorScheme.colors.base05} Nsxiv.window.foreground: #${config.colorScheme.colors.base05}
Nsxiv.mark.foreground: #${config.colorScheme.colors.base08} Nsxiv.mark.foreground: #${config.colorScheme.colors.base08}
Nsxiv.bar.background: #${config.colorScheme.colors.base00} Nsxiv.bar.background: #${config.colorScheme.colors.base00}
Nsxiv.bar.foreground: #${config.colorScheme.colors.base05} Nsxiv.bar.foreground: #${config.colorScheme.colors.base05}
Nsxiv.bar.font: monospace:size=12 Nsxiv.bar.font: monospace:size=12

View File

@ -17,5 +17,6 @@
pkgs.transmission pkgs.transmission
pkgs.qgis pkgs.qgis
pkgs.mpv pkgs.mpv
pkgs.gnome.simple-scan
]; ];
} }

View File

@ -1,27 +1,48 @@
{ pkgs, ... }: {pkgs, ...}: {
{
# Prevent error when enabling gtk https://github.com/nix-community/home-manager/issues/3113 # Prevent error when enabling gtk https://github.com/nix-community/home-manager/issues/3113
# error: GDBus.Error:org.freedesktop.DBus.Error.ServiceUnknown: The name ca.desrt.dconf was not provided by any .service files # error: GDBus.Error:org.freedesktop.DBus.Error.ServiceUnknown: The name ca.desrt.dconf was not provided by any .service files
home.packages = [ home.packages = [
pkgs.dconf pkgs.dconf
pkgs.vimix-cursor-theme
]; ];
gtk.enable = true;
home.file.".icons/default".source = "${pkgs.vimix-cursor-theme}/share/icons/Vimix-Cursors";
# Get details about theme package # Get details about theme package
#cd $(nix build nixpkgs#kanagawa-gtk-theme --print-out-paths --no-link) && nix run nixpkgs#eza -- --tree --level 4 #cd $(nix build nixpkgs#kanagawa-gtk-theme --print-out-paths --no-link) && nix run nixpkgs#eza -- --tree --level 4
gtk.theme.package = pkgs.kanagawa-gtk-theme;
gtk.cursorTheme = { gtk = {
name = "Vimix-Cursors"; enable = true;
package = pkgs.vimix-cursor-theme; theme = {
name = "Kanagawa-B";
package = pkgs.kanagawa-gtk-theme;
};
iconTheme = {
package = pkgs.gnome.adwaita-icon-theme;
name = "Adwaita";
};
gtk3.extraConfig = {
Settings = ''
gtk-application-prefer-dark-theme=1
'';
};
gtk4.extraConfig = {
Settings = ''
gtk-application-prefer-dark-theme=1
'';
};
}; };
gtk.theme.name = "Kanagawa-B"; #gtk.theme.package = pkgs.kanagawa-gtk-theme;
gtk.iconTheme.package = pkgs.kanagawa-icon-theme; # gtk.cursorTheme = {
gtk.iconTheme.name = "Kanagawa"; # name = "Vimix-Cursors";
# package = pkgs.vimix-cursor-theme;
# };
# gtk.theme.name = "Kanagawa-B";
# gtk.iconTheme.package = pkgs.kanagawa-icon-theme;
# gtk.iconTheme.name = "Kanagawa";
qt.enable = true; qt.enable = true;
qt.platformTheme.name = "gtk"; qt.platformTheme.name = "gtk";

View File

@ -1,6 +1,7 @@
{ pkgs {
, config pkgs,
, ... config,
...
}: { }: {
imports = [ imports = [
# Import users # Import users
@ -16,7 +17,6 @@
./common/optional/desktop/common/themes/standard-dark.nix ./common/optional/desktop/common/themes/standard-dark.nix
./common/optional/notes.nix ./common/optional/notes.nix
./common/optional/yazi.nix ./common/optional/yazi.nix
]; ];
colorScheme = { colorScheme = {
@ -43,14 +43,6 @@
}; };
}; };
home.pointerCursor = {
x11.enable = true;
name = "Vimix-Cursors";
package = pkgs.vimix-cursor-theme;
size = 64;
gtk.enable = true;
};
xresources.extraConfig = '' xresources.extraConfig = ''
! st ! st
st.alpha: 0.8 st.alpha: 0.8
@ -79,10 +71,9 @@
Nsxiv.window.background: #${config.colorScheme.colors.base03} Nsxiv.window.background: #${config.colorScheme.colors.base03}
Nsxiv.window.foreground: #${config.colorScheme.colors.base05} Nsxiv.window.foreground: #${config.colorScheme.colors.base05}
Nsxiv.mark.foreground: #${config.colorScheme.colors.base08} Nsxiv.mark.foreground: #${config.colorScheme.colors.base08}
Nsxiv.bar.background: #${config.colorScheme.colors.base00} Nsxiv.bar.background: #${config.colorScheme.colors.base00}
Nsxiv.bar.foreground: #${config.colorScheme.colors.base05} Nsxiv.bar.foreground: #${config.colorScheme.colors.base05}
Nsxiv.bar.font: monospace:size=12 Nsxiv.bar.font: monospace:size=12
''; '';
} }

View File

@ -1,9 +1,9 @@
{ pkgs, ... }: {pkgs, ...}: {
{
services = { services = {
udev.packages = [pkgs.sane-airscan];
printing = { printing = {
enable = true; enable = true;
drivers = [ pkgs.gutenprint pkgs.hplip ]; drivers = [pkgs.gutenprint pkgs.hplip];
}; };
avahi = { avahi = {
enable = true; enable = true;
@ -11,18 +11,26 @@
openFirewall = true; openFirewall = true;
}; };
}; };
hardware.printers = {
ensurePrinters = [ hardware = {
{ sane = {
name = "HP_ENVY_6000"; enable = true;
description = "Network printer hosted on bob"; extraBackends = [pkgs.sane-airscan];
location = "bob"; netConf = "10.0.10.2";
deviceUri = "ipp://bob/printers/HP_ENVY_6000_series"; };
model = "everywhere"; printers = {
ppdOptions = { ensurePrinters = [
PageSize = "A4"; {
}; name = "HP_ENVY_6000";
} description = "Network printer hosted on bob";
]; location = "bob";
deviceUri = "ipp://bob/printers/HP_ENVY_6000_series";
model = "everywhere";
ppdOptions = {
PageSize = "A4";
};
}
];
};
}; };
} }

View File

@ -1,24 +1,28 @@
{ pkgs, inputs, config, lib, ... }: {
let pkgs,
inputs,
config,
lib,
...
}: let
username = "media"; username = "media";
pubKeys = lib.filesystem.listFilesRecursive (../keys); pubKeys = lib.filesystem.listFilesRecursive ../keys;
hostname = config.networking.hostName; hostname = config.networking.hostName;
sopsHashedPasswordFile = lib.optionalString (lib.hasAttr "sops-nix" inputs) config.sops.secrets."passwords/${username}".path; sopsHashedPasswordFile = lib.optionalString (lib.hasAttr "sops-nix" inputs) config.sops.secrets."passwords/${username}".path;
secretsDirectory = builtins.toString inputs.nix-secrets; secretsDirectory = builtins.toString inputs.nix-secrets;
secretsFile = "${secretsDirectory}/secrets.yaml"; secretsFile = "${secretsDirectory}/secrets.yaml";
in {
in
{
users.users.${username} = { users.users.${username} = {
isNormalUser = true; isNormalUser = true;
shell = pkgs.zsh; # default shell shell = pkgs.zsh; # default shell
hashedPasswordFile = sopsHashedPasswordFile; hashedPasswordFile = sopsHashedPasswordFile;
openssh.authorizedKeys.keys = lib.lists.forEach pubKeys (key: builtins.readFile key); openssh.authorizedKeys.keys = lib.lists.forEach pubKeys (key: builtins.readFile key);
extraGroups = extraGroups = [
[ "scanner"
"wheel" "lp"
]; "wheel"
];
packages = with pkgs; [ packages = with pkgs; [
flatpak flatpak
@ -65,16 +69,14 @@ in
# The containing ssh folders are created as root and if this is the first ~/.ssh/ entry when writing keys, # The containing ssh folders are created as root and if this is the first ~/.ssh/ entry when writing keys,
# the ownership is busted and home-manager can't target because it can't write into .ssh... # the ownership is busted and home-manager can't target because it can't write into .ssh...
# FIXME: We might not need this depending on how https://github.com/Mic92/sops-nix/issues/381 is fixed # FIXME: We might not need this depending on how https://github.com/Mic92/sops-nix/issues/381 is fixed
system.activationScripts.sopsSetSshOwnwership = system.activationScripts.sopsSetSshOwnwership = let
let sshFolder = "/home/${username}/.ssh";
sshFolder = "/home/${username}/.ssh"; user = config.users.users.${username}.name;
user = config.users.users.${username}.name; group = config.users.users.${username}.group;
group = config.users.users.${username}.group; in ''
in mkdir -p ${sshFolder} || true
'' chown -R ${user}:${group} /home/${username}/.ssh
mkdir -p ${sshFolder} || true '';
chown -R ${user}:${group} /home/${username}/.ssh
'';
services.flatpak.enable = true; services.flatpak.enable = true;
@ -82,7 +84,7 @@ in
programs.fuse.userAllowOther = true; programs.fuse.userAllowOther = true;
home-manager = { home-manager = {
extraSpecialArgs = { inherit inputs; }; extraSpecialArgs = {inherit inputs;};
users = { users = {
${username} = import ../../../../home/${hostname}.nix; ${username} = import ../../../../home/${hostname}.nix;
}; };

View File

@ -1,13 +1,17 @@
{ pkgs, inputs, config, lib, ... }: {
let pkgs,
inputs,
config,
lib,
...
}: let
hostname = config.networking.hostName; hostname = config.networking.hostName;
pubKeys = lib.filesystem.listFilesRecursive (../keys); pubKeys = lib.filesystem.listFilesRecursive ../keys;
sopsHashedPasswordFile = lib.optionalString (lib.hasAttr "sops-nix" inputs) config.sops.secrets."passwords/sam".path; sopsHashedPasswordFile = lib.optionalString (lib.hasAttr "sops-nix" inputs) config.sops.secrets."passwords/sam".path;
secretsDirectory = builtins.toString inputs.nix-secrets; secretsDirectory = builtins.toString inputs.nix-secrets;
secretsFile = "${secretsDirectory}/secrets.yaml"; secretsFile = "${secretsDirectory}/secrets.yaml";
username = "sam"; username = "sam";
in in {
{
users.users.${username} = { users.users.${username} = {
isNormalUser = true; isNormalUser = true;
shell = pkgs.zsh; # default shell shell = pkgs.zsh; # default shell
@ -17,8 +21,9 @@ in
extraGroups = [ extraGroups = [
"wheel" "wheel"
"networkmanager" "networkmanager"
"scanner"
"lp"
]; ];
}; };
sops.secrets = { sops.secrets = {
@ -39,15 +44,15 @@ in
"github-access-token" = { "github-access-token" = {
mode = "0655"; mode = "0655";
}; };
"software/postgres/btc_models/password" = { }; "software/postgres/btc_models/password" = {};
"software/postgres/btc_models/ip" = { }; "software/postgres/btc_models/ip" = {};
"software/postgres/btc_models/username" = { }; "software/postgres/btc_models/username" = {};
"software/postgres/osm/password" = { }; "software/postgres/osm/password" = {};
"software/postgres/osm/ip" = { }; "software/postgres/osm/ip" = {};
"software/postgres/osm/username" = { }; "software/postgres/osm/username" = {};
"software/zotero/username" = { }; "software/zotero/username" = {};
"software/zotero/password" = { }; "software/zotero/password" = {};
"software/zotero/guid" = { }; "software/zotero/guid" = {};
}; };
# Setup software specific templates for user # Setup software specific templates for user
@ -102,7 +107,7 @@ in
threads: 6 threads: 6
type: postgres type: postgres
user: ${config.sops.placeholder."software/postgres/btc_models/username"} user: ${config.sops.placeholder."software/postgres/btc_models/username"}
''; '';
}; };
@ -115,16 +120,14 @@ in
# The containing folders are created as root and if this is the first entry when writing files, # The containing folders are created as root and if this is the first entry when writing files,
# the ownership is busted and home-manager can't target because it can't write to these dirs... # the ownership is busted and home-manager can't target because it can't write to these dirs...
# FIXME: We might not need this depending on how https://github.com/Mic92/sops-nix/issues/381 is fixed # FIXME: We might not need this depending on how https://github.com/Mic92/sops-nix/issues/381 is fixed
system.activationScripts.sopsSetOwnwership = system.activationScripts.sopsSetOwnwership = let
let sshFolder = "/home/${username}/.ssh";
sshFolder = "/home/${username}/.ssh"; user = config.users.users.${username}.name;
user = config.users.users.${username}.name; group = config.users.users.${username}.group;
group = config.users.users.${username}.group; in ''
in mkdir -p ${sshFolder} || true
'' chown -R ${user}:${group} /home/${username}/.ssh
mkdir -p ${sshFolder} || true '';
chown -R ${user}:${group} /home/${username}/.ssh
'';
environment.persistence."/persist" = { environment.persistence."/persist" = {
directories = [ directories = [
@ -135,7 +138,7 @@ in
programs.zsh.enable = true; programs.zsh.enable = true;
home-manager = { home-manager = {
extraSpecialArgs = { inherit inputs; }; extraSpecialArgs = {inherit inputs;};
users = { users = {
${username} = import ../../../../home/${hostname}.nix; ${username} = import ../../../../home/${hostname}.nix;
}; };

View File

@ -1,43 +1,55 @@
{ inputs, lib, pkgs, ... }: {
let inputs,
lib,
pkgs,
...
}: let
# Disko setup # Disko setup
fsType = "btrfs"; # one of ext4 or btrfs. Use btrfs if using impermanence fsType = "btrfs"; # one of ext4 or btrfs. Use btrfs if using impermanence
dev = "/dev/nvme0n1"; # depends on target hardware dev = "/dev/nvme0n1"; # depends on target hardware
encrypted = true; # currrently only applies to btrfs encrypted = true; # currrently only applies to btrfs
btrfsMountDevice = if encrypted then "/dev/mapper/crypted" else "/dev/root_vg/root"; btrfsMountDevice =
if encrypted
then "/dev/mapper/crypted"
else "/dev/root_vg/root";
user = "sam"; user = "sam";
impermanence = true; impermanence = true;
in in {
{ imports = [
imports = # Create users for this host
[ ../common/users/${user}
# Create users for this host
../common/users/${user}
# Disk configuration # Disk configuration
inputs.disko.nixosModules.disko inputs.disko.nixosModules.disko
(import ../common/disks { device = dev; impermanence = impermanence; fsType = fsType; encrypted = encrypted; }) (import ../common/disks {
device = dev;
impermanence = impermanence;
fsType = fsType;
encrypted = encrypted;
})
# Impermanence # Impermanence
(import ../common/disks/btrfs/impermanence.nix { btrfsMountDevice = btrfsMountDevice; lib = lib; }) (import ../common/disks/btrfs/impermanence.nix {
btrfsMountDevice = btrfsMountDevice;
lib = lib;
})
# Import core options # Import core options
./hardware-configuration.nix ./hardware-configuration.nix
../common/core ../common/core
# Import optional options # Import optional options
../common/optional/persistence.nix ../common/optional/persistence.nix
../common/optional/pipewire.nix ../common/optional/pipewire.nix
../common/optional/openssh.nix ../common/optional/openssh.nix
../common/optional/dwm.nix ../common/optional/dwm.nix
../common/optional/nfs-mounts/media.nix ../common/optional/nfs-mounts/media.nix
../common/optional/nfs-mounts/homeshare.nix ../common/optional/nfs-mounts/homeshare.nix
../common/optional/printing.nix ../common/optional/printing.nix
];
];
boot = { boot = {
blacklistedKernelModules = [ "snd_hda_intel" "snd_soc_skl" ]; blacklistedKernelModules = ["snd_hda_intel" "snd_soc_skl"];
kernelPackages = pkgs.linuxPackagesFor pkgs.linux_latest; kernelPackages = pkgs.linuxPackagesFor pkgs.linux_latest;
loader = { loader = {
systemd-boot.enable = true; systemd-boot.enable = true;
@ -69,7 +81,7 @@ in
hostName = "semita"; hostName = "semita";
networkmanager.enable = true; networkmanager.enable = true;
enableIPv6 = false; enableIPv6 = false;
nameservers = [ "10.0.10.60" "8.8.8.8" ]; nameservers = ["10.0.10.60" "8.8.8.8"];
}; };
services.libinput.enable = true; services.libinput.enable = true;