Compare commits
No commits in common. "master" and "bitcoin" have entirely different histories.
77
flake.lock
77
flake.lock
|
@ -46,11 +46,11 @@
|
|||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1728330715,
|
||||
"narHash": "sha256-xRJ2nPOXb//u1jaBnDP56M7v5ldavjbtR6lfGqSvcKg=",
|
||||
"lastModified": 1722113426,
|
||||
"narHash": "sha256-Yo/3loq572A8Su6aY5GP56knpuKYRvM2a1meP9oJZCw=",
|
||||
"owner": "numtide",
|
||||
"repo": "devshell",
|
||||
"rev": "dd6b80932022cea34a019e2bb32f6fa9e494dfef",
|
||||
"rev": "67cce7359e4cd3c45296fb4aaf6a19e2a9c757ae",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -230,11 +230,11 @@
|
|||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1729104314,
|
||||
"narHash": "sha256-pZRZsq5oCdJt3upZIU4aslS9XwFJ+/nVtALHIciX/BI=",
|
||||
"lastModified": 1727854478,
|
||||
"narHash": "sha256-/odH2nUMAwkMgOS2nG2z0exLQNJS4S2LfMW0teqU7co=",
|
||||
"owner": "cachix",
|
||||
"repo": "git-hooks.nix",
|
||||
"rev": "3c3e88f0f544d6bb54329832616af7eb971b6be6",
|
||||
"rev": "5f58871c9657b5fc0a7f65670fe2ba99c26c1d79",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -348,11 +348,11 @@
|
|||
},
|
||||
"impermanence": {
|
||||
"locked": {
|
||||
"lastModified": 1730403150,
|
||||
"narHash": "sha256-W1FH5aJ/GpRCOA7DXT/sJHFpa5r8sq2qAUncWwRZ3Gg=",
|
||||
"lastModified": 1727649413,
|
||||
"narHash": "sha256-FA53of86DjFdeQzRDVtvgWF9o52rWK70VHGx0Y8fElQ=",
|
||||
"owner": "nix-community",
|
||||
"repo": "impermanence",
|
||||
"rev": "0d09341beeaa2367bac5d718df1404bf2ce45e6f",
|
||||
"rev": "d0b38e550039a72aff896ee65b0918e975e6d48e",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -412,11 +412,11 @@
|
|||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1729826725,
|
||||
"narHash": "sha256-w3WNlYxqWYsuzm/jgFPyhncduoDNjot28aC8j39TW0U=",
|
||||
"lastModified": 1727707210,
|
||||
"narHash": "sha256-8XZp5XO2FC6INZEZ2WlwErtvFVpl45ACn8CJ2hfTA0Y=",
|
||||
"owner": "lnl7",
|
||||
"repo": "nix-darwin",
|
||||
"rev": "7840909b00fbd5a183008a6eb251ea307fe4a76e",
|
||||
"rev": "f61d5f2051a387a15817007220e9fb3bbead57b3",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -426,12 +426,13 @@
|
|||
}
|
||||
},
|
||||
"nix-secrets": {
|
||||
"flake": false,
|
||||
"locked": {
|
||||
"lastModified": 1730130467,
|
||||
"narHash": "sha256-mcyG1iu8hNmkDjgDEdFQyCZ3bBxBHFKd4nxT8NreMmY=",
|
||||
"lastModified": 1728169228,
|
||||
"narHash": "sha256-WT6kWWqMQE4KBdziZ/uuJ9sPcVg+6QJoOdBPdKAD0gI=",
|
||||
"ref": "refs/heads/master",
|
||||
"rev": "c82ff6f7e995503acabb9cf2478e5b4e401968ce",
|
||||
"revCount": 188,
|
||||
"rev": "e9709bbb9adc91fb6b4dab5b16e15546cc596695",
|
||||
"revCount": 165,
|
||||
"type": "git",
|
||||
"url": "ssh://git@git.bitlab21.com/sam/nix-secrets.git"
|
||||
},
|
||||
|
@ -473,11 +474,11 @@
|
|||
},
|
||||
"nixpkgs-stable": {
|
||||
"locked": {
|
||||
"lastModified": 1729973466,
|
||||
"narHash": "sha256-knnVBGfTCZlQgxY1SgH0vn2OyehH9ykfF8geZgS95bk=",
|
||||
"lastModified": 1725762081,
|
||||
"narHash": "sha256-vNv+aJUW5/YurRy1ocfvs4q/48yVESwlC/yHzjkZSP8=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "cd3e8833d70618c4eea8df06f95b364b016d4950",
|
||||
"rev": "dc454045f5b5d814e5862a6d057e7bb5c29edc05",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -505,11 +506,11 @@
|
|||
},
|
||||
"nixpkgs-unstable_2": {
|
||||
"locked": {
|
||||
"lastModified": 1730200266,
|
||||
"narHash": "sha256-l253w0XMT8nWHGXuXqyiIC/bMvh1VRszGXgdpQlfhvU=",
|
||||
"lastModified": 1728018373,
|
||||
"narHash": "sha256-NOiTvBbRLIOe5F6RbHaAh6++BNjsb149fGZd1T4+KBg=",
|
||||
"owner": "nixos",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "807e9154dcb16384b1b765ebe9cd2bba2ac287fd",
|
||||
"rev": "bc947f541ae55e999ffdb4013441347d83b00feb",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -521,16 +522,16 @@
|
|||
},
|
||||
"nixpkgs_2": {
|
||||
"locked": {
|
||||
"lastModified": 1730481737,
|
||||
"narHash": "sha256-HaUCfqLIFX/4wiSKkKKSTwUNmZd1EMy+lGB+faadQXU=",
|
||||
"lastModified": 1728067476,
|
||||
"narHash": "sha256-/uJcVXuBt+VFCPQIX+4YnYrHaubJSx4HoNsJVNRgANM=",
|
||||
"owner": "nixos",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "f18ab3b08f56abc54bcc2ef9bbca627d45926fee",
|
||||
"rev": "6e6b3dd395c3b1eb9be9f2d096383a8d05add030",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "nixos",
|
||||
"ref": "release-24.05",
|
||||
"ref": "nixos-24.05",
|
||||
"repo": "nixpkgs",
|
||||
"type": "github"
|
||||
}
|
||||
|
@ -549,11 +550,11 @@
|
|||
"treefmt-nix": "treefmt-nix"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1729945968,
|
||||
"narHash": "sha256-4u+nbBSMuXWGCtXxUPPEflRm54+y/HLIbhIep9do8Ew=",
|
||||
"lastModified": 1728083208,
|
||||
"narHash": "sha256-jaoWQm2+oAUDU1ft+RWrxcgc/4lHGE0AkZlIBiVjQiQ=",
|
||||
"owner": "nix-community",
|
||||
"repo": "nixvim",
|
||||
"rev": "c05ac01070425ed0797b1ff678dc690c333cea74",
|
||||
"rev": "e246bd57da2a09b18b0667f7de40dc1c55a94667",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -565,11 +566,11 @@
|
|||
},
|
||||
"nur": {
|
||||
"locked": {
|
||||
"lastModified": 1730472538,
|
||||
"narHash": "sha256-3m4OVGKsbPzMlnS0gVptIZBRlxgqQz+WhfwT+rT823Y=",
|
||||
"lastModified": 1728121595,
|
||||
"narHash": "sha256-e9kRLdv2D4Lk6obeLEzm/m2TYcnZuMnVtqtQUKBCMVs=",
|
||||
"owner": "nix-community",
|
||||
"repo": "NUR",
|
||||
"rev": "52c21ec8fde46366b1a5555e18d854ee18012ac8",
|
||||
"rev": "b638dbc3cd5ecae15140d2de7897dc9395cd128e",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -602,11 +603,11 @@
|
|||
"nixpkgs-stable": "nixpkgs-stable"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1729999681,
|
||||
"narHash": "sha256-qm0uCtM9bg97LeJTKQ8dqV/FvqRN+ompyW4GIJruLuw=",
|
||||
"lastModified": 1727734513,
|
||||
"narHash": "sha256-i47LQwoGCVQq4upV2YHV0OudkauHNuFsv306ualB/Sw=",
|
||||
"owner": "mic92",
|
||||
"repo": "sops-nix",
|
||||
"rev": "1666d16426abe79af5c47b7c0efa82fd31bf4c56",
|
||||
"rev": "3198a242e547939c5e659353551b0668ec150268",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
@ -638,11 +639,11 @@
|
|||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1729613947,
|
||||
"narHash": "sha256-XGOvuIPW1XRfPgHtGYXd5MAmJzZtOuwlfKDgxX5KT3s=",
|
||||
"lastModified": 1727984844,
|
||||
"narHash": "sha256-xpRqITAoD8rHlXQafYZOLvUXCF6cnZkPfoq67ThN0Hc=",
|
||||
"owner": "numtide",
|
||||
"repo": "treefmt-nix",
|
||||
"rev": "aac86347fb5063960eccb19493e0cadcdb4205ca",
|
||||
"rev": "4446c7a6fc0775df028c5a3f6727945ba8400e64",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
|
165
flake.nix
165
flake.nix
|
@ -3,7 +3,7 @@
|
|||
|
||||
inputs = {
|
||||
# Nixpkgs
|
||||
nixpkgs.url = "github:nixos/nixpkgs/release-24.05";
|
||||
nixpkgs.url = "github:nixos/nixpkgs/nixos-24.05";
|
||||
nixpkgs-unstable.url = "github:nixos/nixpkgs/nixos-unstable";
|
||||
|
||||
# NUR
|
||||
|
@ -53,84 +53,99 @@
|
|||
|
||||
nix-secrets = {
|
||||
url = "git+ssh://git@git.bitlab21.com/sam/nix-secrets.git";
|
||||
inputs = {};
|
||||
flake = false;
|
||||
};
|
||||
};
|
||||
|
||||
outputs = {
|
||||
self,
|
||||
nixpkgs,
|
||||
home-manager,
|
||||
...
|
||||
} @ inputs: let
|
||||
inherit (self) outputs;
|
||||
systems = [
|
||||
"x86_64-linux"
|
||||
];
|
||||
forAllSystems = nixpkgs.lib.genAttrs systems;
|
||||
inherit (nixpkgs) lib;
|
||||
configVars = import ./vars {inherit inputs lib;};
|
||||
specialArgs = {
|
||||
inherit
|
||||
inputs
|
||||
outputs
|
||||
configVars
|
||||
;
|
||||
};
|
||||
in {
|
||||
packages = forAllSystems (system: import ./pkgs nixpkgs.legacyPackages.${system});
|
||||
overlays = import ./overlays {inherit inputs;};
|
||||
nixosModules = import ./modules/nixos;
|
||||
homeManagerModules = import ./modules/home-manager;
|
||||
outputs =
|
||||
{ self
|
||||
, nixpkgs
|
||||
, home-manager
|
||||
, ...
|
||||
} @ inputs:
|
||||
let
|
||||
inherit (self) outputs;
|
||||
systems = [
|
||||
"x86_64-linux"
|
||||
];
|
||||
forAllSystems = nixpkgs.lib.genAttrs systems;
|
||||
specialArgs = { inherit inputs outputs; };
|
||||
in
|
||||
{
|
||||
packages = forAllSystems (system: import ./pkgs nixpkgs.legacyPackages.${system});
|
||||
formatter = forAllSystems (system: nixpkgs.legacyPackages.${system}.alejandra);
|
||||
overlays = import ./overlays { inherit inputs; };
|
||||
nixosModules = import ./modules/nixos;
|
||||
homeManagerModules = import ./modules/home-manager;
|
||||
|
||||
# System level configs
|
||||
nixosConfigurations = {
|
||||
bootstrap = nixpkgs.lib.nixosSystem {
|
||||
inherit specialArgs;
|
||||
modules = [
|
||||
./hosts/bootstrap
|
||||
];
|
||||
};
|
||||
sparky = nixpkgs.lib.nixosSystem {
|
||||
inherit specialArgs;
|
||||
modules = [
|
||||
./hosts/sparky
|
||||
home-manager.nixosModules.home-manager
|
||||
{
|
||||
home-manager.extraSpecialArgs = specialArgs;
|
||||
}
|
||||
];
|
||||
};
|
||||
semita = nixpkgs.lib.nixosSystem {
|
||||
inherit specialArgs;
|
||||
modules = [
|
||||
./hosts/semita
|
||||
home-manager.nixosModules.home-manager
|
||||
{
|
||||
home-manager.extraSpecialArgs = specialArgs;
|
||||
}
|
||||
];
|
||||
};
|
||||
merlin = nixpkgs.lib.nixosSystem {
|
||||
inherit specialArgs;
|
||||
modules = [
|
||||
./hosts/nebula
|
||||
home-manager.nixosModules.home-manager
|
||||
{
|
||||
home-manager.extraSpecialArgs = specialArgs;
|
||||
}
|
||||
];
|
||||
};
|
||||
citadel = nixpkgs.lib.nixosSystem {
|
||||
inherit specialArgs;
|
||||
modules = [
|
||||
./hosts/citadel
|
||||
home-manager.nixosModules.home-manager
|
||||
{
|
||||
home-manager.extraSpecialArgs = specialArgs;
|
||||
}
|
||||
];
|
||||
# System level configs
|
||||
nixosConfigurations = {
|
||||
nixdev = nixpkgs.lib.nixosSystem {
|
||||
inherit specialArgs;
|
||||
modules = [
|
||||
./hosts/nixdev
|
||||
home-manager.nixosModules.home-manager
|
||||
{
|
||||
home-manager.extraSpecialArgs = specialArgs;
|
||||
}
|
||||
];
|
||||
};
|
||||
fileserver = nixpkgs.lib.nixosSystem {
|
||||
inherit specialArgs;
|
||||
modules = [
|
||||
./hosts/fileserver
|
||||
home-manager.nixosModules.home-manager
|
||||
{
|
||||
home-manager.extraSpecialArgs = specialArgs;
|
||||
}
|
||||
];
|
||||
};
|
||||
bootstrap = nixpkgs.lib.nixosSystem {
|
||||
inherit specialArgs;
|
||||
modules = [
|
||||
./hosts/bootstrap
|
||||
];
|
||||
};
|
||||
sparky = nixpkgs.lib.nixosSystem {
|
||||
inherit specialArgs;
|
||||
modules = [
|
||||
./hosts/sparky
|
||||
home-manager.nixosModules.home-manager
|
||||
{
|
||||
home-manager.extraSpecialArgs = specialArgs;
|
||||
}
|
||||
];
|
||||
};
|
||||
semita = nixpkgs.lib.nixosSystem {
|
||||
inherit specialArgs;
|
||||
modules = [
|
||||
./hosts/semita
|
||||
home-manager.nixosModules.home-manager
|
||||
{
|
||||
home-manager.extraSpecialArgs = specialArgs;
|
||||
}
|
||||
];
|
||||
};
|
||||
nebula = nixpkgs.lib.nixosSystem {
|
||||
inherit specialArgs;
|
||||
modules = [
|
||||
./hosts/nebula
|
||||
home-manager.nixosModules.home-manager
|
||||
{
|
||||
home-manager.extraSpecialArgs = specialArgs;
|
||||
}
|
||||
];
|
||||
};
|
||||
citadel = nixpkgs.lib.nixosSystem {
|
||||
inherit specialArgs;
|
||||
modules = [
|
||||
./hosts/citadel
|
||||
home-manager.nixosModules.home-manager
|
||||
{
|
||||
home-manager.extraSpecialArgs = specialArgs;
|
||||
}
|
||||
];
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
{config, pkgs, ...}: {
|
||||
{config, ...}: {
|
||||
imports = [
|
||||
# Import users
|
||||
./users/sam
|
||||
|
@ -15,10 +15,6 @@
|
|||
./common/optional/yazi.nix
|
||||
];
|
||||
|
||||
home.packages = [
|
||||
pkgs.qgis
|
||||
];
|
||||
|
||||
colorScheme = {
|
||||
slug = "serene";
|
||||
name = "Serene";
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
{ pkgs, inputs, outputs, lib, ... }:
|
||||
{ pkgs, inputs, outputs, ... }:
|
||||
{
|
||||
imports = [
|
||||
inputs.nix-colors.homeManagerModules.default
|
||||
|
@ -18,15 +18,13 @@
|
|||
ripgrep
|
||||
fzf
|
||||
eza
|
||||
bat
|
||||
killall
|
||||
pciutils
|
||||
tree
|
||||
jq
|
||||
coreutils
|
||||
btop
|
||||
htop
|
||||
postgresql_16
|
||||
postgresql
|
||||
libqalculate
|
||||
tmux
|
||||
;
|
||||
|
|
|
@ -25,11 +25,9 @@
|
|||
pkgs.shellharden
|
||||
pkgs.shfmt
|
||||
pkgs.stylua
|
||||
pkgs.glow
|
||||
];
|
||||
programs.nixvim = {
|
||||
enable = true;
|
||||
package = pkgs.neovim-unwrapped;
|
||||
enableMan = true; # install man pages for nixvim options
|
||||
clipboard.register = "unnamedplus"; # use system clipboard instead of internal registers
|
||||
globals.mapleader = " ";
|
||||
|
|
|
@ -1,11 +1,13 @@
|
|||
{
|
||||
programs.nixvim.keymaps = [
|
||||
programs.nixvim.keymaps = [
|
||||
# Switching buffers
|
||||
{
|
||||
mode = ["n"];
|
||||
action = "<C-w>h";
|
||||
key = "<S-h>";
|
||||
options = {silent = true;};
|
||||
options = {
|
||||
silent = true;
|
||||
};
|
||||
}
|
||||
{
|
||||
mode = ["n"];
|
||||
|
@ -50,6 +52,35 @@ programs.nixvim.keymaps = [
|
|||
options = {noremap = true;};
|
||||
}
|
||||
|
||||
# Telescope Plugin
|
||||
{
|
||||
# find files
|
||||
mode = ["n"];
|
||||
key = "<Leader>ff";
|
||||
action = "<cmd>Telescope find_files<CR>";
|
||||
options = {noremap = true;};
|
||||
}
|
||||
{
|
||||
# live grep
|
||||
mode = ["n"];
|
||||
key = "<Leader>fg";
|
||||
action = "<cmd>Telescope live_grep<CR>";
|
||||
options = {noremap = true;};
|
||||
}
|
||||
{
|
||||
# buffers
|
||||
mode = ["n"];
|
||||
key = "<Leader>fb";
|
||||
action = "<cmd>Telescope buffers<CR>";
|
||||
options = {noremap = true;};
|
||||
}
|
||||
{
|
||||
# help tags
|
||||
mode = ["n"];
|
||||
key = "<Leader>fh";
|
||||
action = "<cmd>Telescope help_tags<CR>";
|
||||
options = {noremap = true;};
|
||||
}
|
||||
# paste over selected text without yanking it
|
||||
{
|
||||
mode = ["v"];
|
||||
|
@ -82,33 +113,5 @@ programs.nixvim.keymaps = [
|
|||
action = ": resize +1<CR>";
|
||||
options = {noremap = true;};
|
||||
}
|
||||
|
||||
# indent line in or out
|
||||
{
|
||||
mode = ["v"];
|
||||
key = "<";
|
||||
action = "<gv";
|
||||
options = {noremap = true;};
|
||||
}
|
||||
{
|
||||
mode = ["v"];
|
||||
key = ">";
|
||||
action = ">gv";
|
||||
options = {noremap = true;};
|
||||
}
|
||||
|
||||
# move selected line up or down
|
||||
{
|
||||
mode = ["v"];
|
||||
key = "J";
|
||||
action = ":m '>+1<CR>gv=gv";
|
||||
options = {noremap = true;};
|
||||
}
|
||||
{
|
||||
mode = ["v"];
|
||||
key = "K";
|
||||
action = ":m '<-2<CR>gv=gv";
|
||||
options = {noremap = true;};
|
||||
}
|
||||
];
|
||||
}
|
||||
|
|
|
@ -3,7 +3,6 @@
|
|||
cmp-emoji = { enable = true; };
|
||||
cmp = {
|
||||
enable = true;
|
||||
cmdline = {};
|
||||
settings = {
|
||||
autoEnableSources = true;
|
||||
experimental = { ghost_text = true; };
|
||||
|
@ -12,7 +11,7 @@
|
|||
fetchingTimeout = 200;
|
||||
maxViewEntries = 30;
|
||||
};
|
||||
snippet = { expand = "function(args) require('luasnip').lsp_expand(args.body) end"; };
|
||||
snippet = { expand = "luasnip"; };
|
||||
formatting = {
|
||||
fields = [ "kind" "abbr" "menu" ];
|
||||
format = ''
|
||||
|
@ -44,10 +43,14 @@
|
|||
};
|
||||
mapping = {
|
||||
"<Tab>" = "cmp.mapping(cmp.mapping.select_next_item(), {'i', 's'})";
|
||||
"<S-Tab>" = "cmp.mapping.select_prev_item()";
|
||||
"<C-j>" = "cmp.mapping.select_next_item()";
|
||||
"<C-k>" = "cmp.mapping.select_prev_item()";
|
||||
"<C-e>" = "cmp.mapping.abort()";
|
||||
"<C-b>" = "cmp.mapping.scroll_docs(-4)";
|
||||
"<C-f>" = "cmp.mapping.scroll_docs(4)";
|
||||
"<C-Space>" = "cmp.mapping.complete()";
|
||||
"<CR>" = "cmp.mapping.confirm({ select = true })";
|
||||
"<S-CR>" = "cmp.mapping.confirm({ behavior = cmp.ConfirmBehavior.Replace, select = true })";
|
||||
};
|
||||
};
|
||||
};
|
||||
|
@ -55,7 +58,7 @@
|
|||
cmp-buffer = { enable = true; };
|
||||
cmp-path = { enable = true; }; # file system paths
|
||||
cmp_luasnip = { enable = true; }; # snippets
|
||||
cmp-cmdline = { enable = true; }; # autocomplete for cmdline
|
||||
cmp-cmdline = { enable = false; }; # autocomplete for cmdline
|
||||
};
|
||||
programs.nixvim.extraConfigLua = ''
|
||||
luasnip = require("luasnip")
|
||||
|
@ -91,15 +94,22 @@
|
|||
|
||||
-- Use buffer source for `/` (if you enabled `native_menu`, this won't work anymore).
|
||||
cmp.setup.cmdline({'/', "?" }, {
|
||||
mapping = cmp.mapping.preset.cmdline(),
|
||||
sources = {
|
||||
{ name = 'buffer' }
|
||||
}
|
||||
})
|
||||
|
||||
-- Set configuration for specific filetype.
|
||||
cmp.setup.filetype('gitcommit', {
|
||||
sources = cmp.config.sources({
|
||||
{ name = 'cmp_git' }, -- You can specify the `cmp_git` source if you were installed it.
|
||||
}, {
|
||||
{ name = 'buffer' },
|
||||
})
|
||||
})
|
||||
|
||||
-- Use cmdline & path source for ':' (if you enabled `native_menu`, this won't work anymore).
|
||||
cmp.setup.cmdline(':', {
|
||||
mapping = cmp.mapping.preset.cmdline(),
|
||||
sources = cmp.config.sources({
|
||||
{ name = 'path' }
|
||||
}, {
|
||||
|
|
|
@ -38,16 +38,4 @@
|
|||
}
|
||||
|
||||
'';
|
||||
programs.nixvim.keymaps = [
|
||||
# format document with Conform
|
||||
{
|
||||
mode = ["n"];
|
||||
key = "<leader>cf";
|
||||
action = "<CMD>Format<CR>";
|
||||
options = {
|
||||
silent = true;
|
||||
desc = "Conform auto-format document";
|
||||
};
|
||||
}
|
||||
];
|
||||
}
|
||||
|
|
|
@ -5,7 +5,6 @@
|
|||
}: let
|
||||
user = config.home.username;
|
||||
in {
|
||||
|
||||
imports = [
|
||||
./cmp.nix
|
||||
./colorizer.nix
|
||||
|
@ -33,18 +32,6 @@ in {
|
|||
pkgs.vimPlugins.vim-dadbod-ui
|
||||
pkgs.vimPlugins.vim-dadbod-completion
|
||||
pkgs.vimPlugins.fugitive
|
||||
|
||||
(pkgs.vimUtils.buildVimPlugin
|
||||
{
|
||||
name = "glow.nvim";
|
||||
src = pkgs.fetchFromGitHub {
|
||||
owner = "ellisonleao";
|
||||
repo = "glow.nvim";
|
||||
rev = "238070a";
|
||||
sha256 = "sha256-GsNcASzVvY0066kak2nvUY5luzanoBclqcUOsODww8g=";
|
||||
};
|
||||
})
|
||||
|
||||
(pkgs.vimUtils.buildVimPlugin
|
||||
{
|
||||
name = "buffer_manager.nvim";
|
||||
|
@ -71,18 +58,6 @@ in {
|
|||
pkgs.vimPlugins.vim-devicons
|
||||
];
|
||||
programs.nixvim.extraConfigLua = ''
|
||||
-- function to read api key from secrets file
|
||||
local function read_api_key(file_path)
|
||||
local file = io.open(file_path, "r")
|
||||
if file then
|
||||
local api_key = file:read("*all")
|
||||
file:close()
|
||||
return api_key
|
||||
else
|
||||
error("Failed to open file: " .. file_path)
|
||||
end
|
||||
end
|
||||
|
||||
-- buffer_manager.nvim
|
||||
local opts = {noremap = true}
|
||||
|
||||
|
@ -109,16 +84,6 @@ in {
|
|||
}
|
||||
)
|
||||
|
||||
require('glow').setup({
|
||||
border = "shadow",
|
||||
style = "dark",
|
||||
pager = false,
|
||||
width = 80,
|
||||
height = 100,
|
||||
width_ratio = 0.7,
|
||||
height_ratio = 0.7,
|
||||
})
|
||||
|
||||
-- Custom color for modified buffers
|
||||
vim.api.nvim_set_hl(0, "BufferManagerModified", { fg = "#988100" })
|
||||
|
||||
|
|
|
@ -3,7 +3,6 @@
|
|||
enable = true;
|
||||
keymaps = {
|
||||
toggleQuickMenu = "<leader>h";
|
||||
addFile = "<leader>a";
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
|
@ -1,25 +1,10 @@
|
|||
{ osConfig , ... }:
|
||||
let
|
||||
hostname = osConfig.networking.hostName;
|
||||
in
|
||||
{
|
||||
programs.nixvim.plugins = {
|
||||
lsp = {
|
||||
enable = true;
|
||||
servers = {
|
||||
lua-ls = {enable = true;};
|
||||
nixd = {
|
||||
enable = true;
|
||||
cmd = ["nixd"];
|
||||
settings = {
|
||||
nixpkgs.expr = "import <nixpkgs> { }";
|
||||
options = {
|
||||
nixos.expr = "(builtins.getFlake \"/etc/nixos\").nixosConfigurations.${hostname}.options";
|
||||
# TODO get home-manager options working when hm imported as submodule
|
||||
# home_manager.expr = "(builtins.getFlake \"github:nix-community/home-manager\").homeConfigurations.${hostname}.options";
|
||||
};
|
||||
};
|
||||
};
|
||||
nixd = {enable = true;};
|
||||
bashls = {enable = true;};
|
||||
pyright = {enable = true;};
|
||||
html = {enable = true;};
|
||||
|
|
|
@ -1,9 +1,5 @@
|
|||
{
|
||||
programs.nixvim.plugins.oil = {
|
||||
enable = true;
|
||||
settings = {
|
||||
columns = ["icon"];
|
||||
view_options.show_hidden = true;
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
|
@ -3,48 +3,4 @@
|
|||
enable = true;
|
||||
extensions.fzy-native.enable = true;
|
||||
};
|
||||
programs.nixvim.keymaps = [
|
||||
{
|
||||
# find files
|
||||
mode = ["n"];
|
||||
key = "<Leader>ff";
|
||||
action = "<cmd>Telescope find_files<CR>";
|
||||
options = {noremap = true;};
|
||||
}
|
||||
{
|
||||
# live grep
|
||||
mode = ["n"];
|
||||
key = "<Leader>fg";
|
||||
action = "<cmd>Telescope live_grep<CR>";
|
||||
options = {noremap = true;};
|
||||
}
|
||||
{
|
||||
# grep string under cursor
|
||||
mode = ["n"];
|
||||
key = "<Leader>fs";
|
||||
action = "<cmd>Telescope string_grep<CR>";
|
||||
options = {noremap = true;};
|
||||
}
|
||||
{
|
||||
# buffers
|
||||
mode = ["n"];
|
||||
key = "<Leader>fb";
|
||||
action = "<cmd>Telescope buffers<CR>";
|
||||
options = {noremap = true;};
|
||||
}
|
||||
{
|
||||
# help tags
|
||||
mode = ["n"];
|
||||
key = "<Leader>fh";
|
||||
action = "<cmd>Telescope help_tags<CR>";
|
||||
options = {noremap = true;};
|
||||
}
|
||||
{
|
||||
# show recently opened files
|
||||
mode = ["n"];
|
||||
key = "<Leader>fo";
|
||||
action = "<cmd>Telescope oldfiles<CR>";
|
||||
options = {noremap = true;};
|
||||
}
|
||||
];
|
||||
}
|
||||
|
|
|
@ -9,9 +9,6 @@
|
|||
shellAliases = {
|
||||
ll = "ls -l";
|
||||
src = "cd ~/.local/share/src";
|
||||
no = "cd /etc/nixos";
|
||||
cat = "bat --decorations=never";
|
||||
ls = "eza";
|
||||
};
|
||||
history.size = 10000;
|
||||
history.path = "${config.xdg.dataHome}/zsh/history";
|
||||
|
|
|
@ -15,20 +15,8 @@
|
|||
pkgs.kcolorchooser
|
||||
pkgs.zotero
|
||||
pkgs.transmission
|
||||
pkgs.qgis
|
||||
pkgs.mpv
|
||||
pkgs.gnome.simple-scan
|
||||
pkgs.pandoc
|
||||
pkgs.texlive.combined.scheme-small
|
||||
pkgs.libreoffice-fresh
|
||||
pkgs.hunspell
|
||||
pkgs.hunspellDicts.en-gb-large
|
||||
pkgs.hunspellDicts.en-gb-large
|
||||
pkgs.hunspellDicts.en_US
|
||||
pkgs.set_wm_class
|
||||
pkgs.xorg.xkill
|
||||
pkgs.krita
|
||||
pkgs.R
|
||||
pkgs.gimp
|
||||
pkgs.gajim
|
||||
];
|
||||
}
|
||||
|
|
|
@ -1,53 +1,38 @@
|
|||
{
|
||||
pkgs,
|
||||
config,
|
||||
configVars,
|
||||
...
|
||||
}: let
|
||||
{ pkgs, config, ... }:
|
||||
let
|
||||
user = config.home.username;
|
||||
jellyfinIp = configVars.networking.addresses.jellyfin.ip;
|
||||
jellyfinPort = configVars.networking.addresses.jellyfin.port;
|
||||
bitcoinNodeIp = configVars.networking.addresses.bitcoin-node.ip;
|
||||
mempoolPort = configVars.networking.addresses.bitcoin-node.services.mempool.port;
|
||||
in {
|
||||
in
|
||||
{
|
||||
programs.firefox = {
|
||||
enable = true;
|
||||
profiles.${user} = {
|
||||
search = {
|
||||
force = true;
|
||||
default = "Searx";
|
||||
order = ["Searx" "DuckDuckGo"];
|
||||
order = [ "Searx" "DuckDuckGo" ];
|
||||
engines = {
|
||||
"Nix Packages" = {
|
||||
urls = [
|
||||
{
|
||||
template = "https://search.nixos.org/packages";
|
||||
params = [
|
||||
{
|
||||
name = "type";
|
||||
value = "packages";
|
||||
}
|
||||
{
|
||||
name = "query";
|
||||
value = "{searchTerms}";
|
||||
}
|
||||
];
|
||||
}
|
||||
];
|
||||
urls = [{
|
||||
template = "https://search.nixos.org/packages";
|
||||
params = [
|
||||
{ name = "type"; value = "packages"; }
|
||||
{ name = "query"; value = "{searchTerms}"; }
|
||||
];
|
||||
}];
|
||||
icon = "''${pkgs.nixos-icons}/share/icons/hicolor/scalable/apps/nix-snowflake.svg";
|
||||
definedAliases = ["@np"];
|
||||
definedAliases = [ "@np" ];
|
||||
};
|
||||
"NixOS Wiki" = {
|
||||
urls = [{template = "https://nixos.wiki/index.php?search={searchTerms}";}];
|
||||
urls = [{ template = "https://nixos.wiki/index.php?search={searchTerms}"; }];
|
||||
iconUpdateURL = "https://nixos.wiki/favicon.png";
|
||||
updateInterval = 24 * 60 * 60 * 1000; # every day
|
||||
definedAliases = ["@nw"];
|
||||
definedAliases = [ "@nw" ];
|
||||
};
|
||||
"Searx" = {
|
||||
urls = [{template = "http://10.0.10.35:8855/?q={searchTerms}";}];
|
||||
urls = [{ template = "http://10.0.10.35:8855/?q={searchTerms}"; }];
|
||||
iconUpdateURL = "https://docs.searxng.org/_static/searxng-wordmark.svg";
|
||||
updateInterval = 24 * 60 * 60 * 1000; # every day
|
||||
definedAliases = ["@searx"];
|
||||
definedAliases = [ "@searx" ];
|
||||
};
|
||||
"Bing".metaData.hidden = true;
|
||||
"Google".metaData.alias = "@g"; # builtin engines only support specifying one additional alias
|
||||
|
@ -56,22 +41,16 @@ in {
|
|||
|
||||
bookmarks = [
|
||||
{
|
||||
name = "toolbar";
|
||||
toolbar = true;
|
||||
bookmarks = [
|
||||
{
|
||||
name = "Jellyfin";
|
||||
url = "http://${jellyfinIp}:${jellyfinPort}";
|
||||
}
|
||||
{
|
||||
name = "Mempool";
|
||||
url = "http://${bitcoinNodeIp}:${toString mempoolPort}";
|
||||
}
|
||||
{
|
||||
name = "Nixos Package Search";
|
||||
url = "https://search.nixos.org/packages";
|
||||
}
|
||||
];
|
||||
name = "wikipedia";
|
||||
tags = [ "wiki" ];
|
||||
keyword = "wiki";
|
||||
url = "https://en.wikipedia.org/wiki/Special:Search?search=%s&go=Go";
|
||||
}
|
||||
{
|
||||
name = "bitlab21";
|
||||
tags = [ "bitcoin" ];
|
||||
keyword = "bitcoin";
|
||||
url = "https://bitlab21.com";
|
||||
}
|
||||
];
|
||||
|
||||
|
@ -96,6 +75,7 @@ in {
|
|||
privacy-badger
|
||||
zotero-connector
|
||||
];
|
||||
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
|
@ -1,13 +0,0 @@
|
|||
{
|
||||
pkgs,
|
||||
...
|
||||
}: {
|
||||
programs.kodi = {
|
||||
enable = true;
|
||||
package = pkgs.kodi.withPackages (kodiPkgs:
|
||||
with kodiPkgs; [
|
||||
netflix
|
||||
jellycon
|
||||
]);
|
||||
};
|
||||
}
|
|
@ -11,9 +11,4 @@
|
|||
pkgs.feh
|
||||
];
|
||||
|
||||
programs.chromium = {
|
||||
enable = true;
|
||||
package = pkgs.brave;
|
||||
};
|
||||
|
||||
}
|
||||
|
|
|
@ -31,8 +31,6 @@
|
|||
./scripts/aichat-wrapper.nix
|
||||
./scripts/dmenu-wifi.nix
|
||||
./scripts/battery-status.nix
|
||||
./scripts/dmenu-set-wm-class.nix
|
||||
./scripts/key-remaps.nix
|
||||
];
|
||||
|
||||
home.packages = [
|
||||
|
|
|
@ -1,13 +0,0 @@
|
|||
{ pkgs, ... }:
|
||||
{
|
||||
home.packages = with pkgs; [
|
||||
(writeShellScriptBin "dmenu-set-wm-class" ''
|
||||
${libnotify}/bin/notify-send "Set Window Class" "Select window..."
|
||||
winid=$(${xorg.xwininfo}/bin/xwininfo | grep "Window id:" | grep -o "0x[0-9a-fA-F]*")
|
||||
class=$(${xorg.xprop}/bin/xprop -id "$winid" WM_CLASS | grep -o "\".*\"$")
|
||||
new_class=$( echo "" | ${dmenu}/bin/dmenu -p "Selected: $class. Set class name of window:")
|
||||
[ -z "$new_class" ] && ${libnotify}/bin/notify-send "Set Window Class" "Nothing set, exiting" && exit
|
||||
${set_wm_class}/bin/set_wm_class "$winid" "$new_class"
|
||||
'')
|
||||
];
|
||||
}
|
|
@ -1,11 +0,0 @@
|
|||
{pkgs, ...}: {
|
||||
home.packages = with pkgs; [
|
||||
(writeShellScriptBin "key-remaps" ''
|
||||
${xorg.xmodmap}/bin/xmodmap -e "keycode 64 = Mode_switch"
|
||||
${xorg.xmodmap}/bin/xmodmap -e "keycode 43 = h H Left H"
|
||||
${xorg.xmodmap}/bin/xmodmap -e "keycode 44 = j J Down J"
|
||||
${xorg.xmodmap}/bin/xmodmap -e "keycode 45 = k K Up K"
|
||||
${xorg.xmodmap}/bin/xmodmap -e "keycode 46 = l L Right L"
|
||||
'')
|
||||
];
|
||||
}
|
|
@ -26,9 +26,6 @@
|
|||
|
||||
control + F7
|
||||
emoji-picker
|
||||
|
||||
control + F4
|
||||
dmenu-set-wm-class
|
||||
'';
|
||||
};
|
||||
}
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
{...}: {
|
||||
{pkgs, ...}: {
|
||||
# TODO: configure x11 to look in .config/x11
|
||||
home.file.".xinitrc" = {
|
||||
recursive = true;
|
||||
|
@ -7,7 +7,7 @@
|
|||
picom -b --config ~/.config/picom/picom.conf
|
||||
xrdb -merge ~/.Xresources
|
||||
|
||||
autostart="clipboard-save dwmblocks feh-wallpaper-changer sxhkd key-remaps"
|
||||
autostart="clipboard-save dwmblocks feh-wallpaper-changer sxhkd"
|
||||
|
||||
for program in $autostart; do
|
||||
pidof -sx "$program" || "$program" &
|
||||
|
|
|
@ -1,13 +1,10 @@
|
|||
{ pkgs, configVars, ... }:
|
||||
let
|
||||
email = configVars.email.user;
|
||||
in
|
||||
{ pkgs, ... }:
|
||||
{
|
||||
programs.git = {
|
||||
enable = true;
|
||||
package = pkgs.gitAndTools.gitFull;
|
||||
userName = "Sam";
|
||||
userEmail = "${email}";
|
||||
userEmail = "samual.shop@proton.me";
|
||||
aliases = { };
|
||||
extraConfig = {
|
||||
pull.rebase = false;
|
||||
|
|
|
@ -0,0 +1,14 @@
|
|||
{ ...
|
||||
}: {
|
||||
imports = [
|
||||
# Import users
|
||||
./users/admin
|
||||
|
||||
./common/core
|
||||
./common/optional/sops.nix
|
||||
|
||||
# Import optional
|
||||
./common/optional/git.nix
|
||||
|
||||
];
|
||||
}
|
|
@ -0,0 +1,13 @@
|
|||
{ ...
|
||||
}: {
|
||||
imports = [
|
||||
# Import users
|
||||
./users/admin
|
||||
|
||||
./common/core
|
||||
|
||||
# Import optional
|
||||
./common/optional/git.nix
|
||||
|
||||
];
|
||||
}
|
|
@ -0,0 +1,29 @@
|
|||
{ ...
|
||||
}: {
|
||||
imports = [
|
||||
# Import users
|
||||
./users/sam
|
||||
|
||||
./common/core
|
||||
./common/optional/desktop/hyprland
|
||||
./common/optional/desktop/waybar.nix
|
||||
./common/optional/sops.nix
|
||||
|
||||
# Import optional
|
||||
./common/optional/git.nix
|
||||
];
|
||||
|
||||
# ------
|
||||
# | DP-1
|
||||
# ------
|
||||
monitors = [
|
||||
{
|
||||
name = "Virtual-1";
|
||||
width = 2048;
|
||||
height = 1152;
|
||||
x = 0;
|
||||
workspace = "1";
|
||||
primary = true;
|
||||
}
|
||||
];
|
||||
}
|
|
@ -20,10 +20,6 @@
|
|||
./common/optional/transmission.nix
|
||||
];
|
||||
|
||||
home.packages = [
|
||||
pkgs.qgis
|
||||
];
|
||||
|
||||
colorScheme = {
|
||||
slug = "serene";
|
||||
name = "Serene";
|
||||
|
|
|
@ -11,7 +11,6 @@
|
|||
./common/optional/git.nix
|
||||
./common/optional/syncthing.nix
|
||||
./common/optional/desktop/cinnamon
|
||||
./common/optional/desktop/common/kodi.nix
|
||||
|
||||
];
|
||||
|
||||
|
|
|
@ -3,7 +3,6 @@
|
|||
lib,
|
||||
pkgs,
|
||||
config,
|
||||
configVars,
|
||||
...
|
||||
}: let
|
||||
# Disko setup
|
||||
|
@ -16,8 +15,6 @@
|
|||
else "/dev/root_vg/root";
|
||||
user = "sam";
|
||||
impermanence = true;
|
||||
pieholeIp = configVars.networking.addresses.piehole.ip;
|
||||
gatewayIp = configVars.networking.addresses.gateway.ip;
|
||||
in {
|
||||
imports = [
|
||||
# Create users for this host
|
||||
|
@ -53,8 +50,6 @@ in {
|
|||
../common/optional/printing.nix
|
||||
../common/optional/backlight.nix
|
||||
../common/optional/xmodmap-arrow-remaps.nix
|
||||
../common/optional/nix-ld.nix
|
||||
../common/optional/gaming.nix
|
||||
];
|
||||
|
||||
boot = {
|
||||
|
@ -72,34 +67,15 @@ in {
|
|||
};
|
||||
};
|
||||
|
||||
swapDevices = [
|
||||
{
|
||||
device = "/.swapvol/swapfile";
|
||||
size = 32 * 1024;
|
||||
}
|
||||
];
|
||||
|
||||
services = {
|
||||
libinput.touchpad.accelSpeed = "0.5";
|
||||
xserver = {
|
||||
xkb.options = "caps:swapescape";
|
||||
dpi = 196;
|
||||
upscaleDefaultCursor = true;
|
||||
# FIXME this doesnt work for some reason
|
||||
# displayManager.sessionCommands = pkgs.writeShellScriptBin "key-remaps" ''
|
||||
# ${pkgs.xorg.xmodmap}/bin/xmodmap -e "keycode 64 = Mode_switch"
|
||||
# ${pkgs.xorg.xmodmap}/bin/xmodmap -e "keycode 43 = h H Left H"
|
||||
# ${pkgs.xorg.xmodmap}/bin/xmodmap -e "keycode 44 = j J Down J"
|
||||
# ${pkgs.xorg.xmodmap}/bin/xmodmap -e "keycode 45 = k K Up K"
|
||||
# ${pkgs.xorg.xmodmap}/bin/xmodmap -e "keycode 46 = l L Right L"
|
||||
# '';
|
||||
};
|
||||
};
|
||||
|
||||
# fix cpu throttling on Lenovo Thinkpad
|
||||
# see: https://github.com/erpalma/throttled
|
||||
services.throttled.enable = true;
|
||||
|
||||
environment.variables = {
|
||||
GDK_SCALE = "2.2";
|
||||
GDK_DPI_SCALE = "0.8";
|
||||
|
@ -108,16 +84,16 @@ in {
|
|||
XCURSOR_SIZE = "64";
|
||||
};
|
||||
|
||||
# services.tlp = {
|
||||
# enable = true;
|
||||
# settings = {
|
||||
# CPU_SCALING_GOVERNOR_ON_AC = "ondemand";
|
||||
# CPU_SCALING_GOVERNOR_ON_BAT = "powersave";
|
||||
#
|
||||
# START_CHARGE_THRESH_BAT0 = 50;
|
||||
# STOP_CHARGE_THRESH_BAT0 = 95;
|
||||
# };
|
||||
# };
|
||||
services.tlp = {
|
||||
enable = true;
|
||||
settings = {
|
||||
CPU_SCALING_GOVERNOR_ON_AC = "ondemand";
|
||||
CPU_SCALING_GOVERNOR_ON_BAT = "powersave";
|
||||
|
||||
START_CHARGE_THRESH_BAT0 = 50;
|
||||
STOP_CHARGE_THRESH_BAT0 = 95;
|
||||
};
|
||||
};
|
||||
|
||||
hardware = {
|
||||
bluetooth = {
|
||||
|
@ -130,72 +106,11 @@ in {
|
|||
];
|
||||
};
|
||||
|
||||
# nvidia
|
||||
hardware.opengl = {
|
||||
enable = true;
|
||||
};
|
||||
|
||||
services.xserver.videoDrivers = [ "nvidia" ];
|
||||
|
||||
hardware.nvidia = {
|
||||
prime = {
|
||||
offload = {
|
||||
enable = true;
|
||||
enableOffloadCmd = true;
|
||||
};
|
||||
intelBusId = "PCI:0:2:0";
|
||||
nvidiaBusId = "PCI:1:0:0";
|
||||
};
|
||||
nvidiaPersistenced = true;
|
||||
modesetting.enable = true;
|
||||
powerManagement.enable = false;
|
||||
powerManagement.finegrained = false;
|
||||
open = false;
|
||||
nvidiaSettings = true;
|
||||
# FIXME issue with stable nvidia driver and latest linux kernel
|
||||
# use mkDriver to specify newer nvidia driver that is compatible
|
||||
# see: https://github.com/NixOS/nixpkgs/issues/341844#issuecomment-2351075413
|
||||
# and https://discourse.nixos.org/t/builder-for-nvidia-x11-550-78-6-10-drv-failed-with-exit-code-2/49360/32
|
||||
package = config.boot.kernelPackages.nvidiaPackages.mkDriver {
|
||||
version = "555.58.02";
|
||||
sha256_64bit = "sha256-xctt4TPRlOJ6r5S54h5W6PT6/3Zy2R4ASNFPu8TSHKM=";
|
||||
sha256_aarch64 = "sha256-wb20isMrRg8PeQBU96lWJzBMkjfySAUaqt4EgZnhyF8=";
|
||||
openSha256 = "sha256-8hyRiGB+m2hL3c9MDA/Pon+Xl6E788MZ50WrrAGUVuY=";
|
||||
settingsSha256 = "sha256-ZpuVZybW6CFN/gz9rx+UJvQ715FZnAOYfHn5jt5Z2C8=";
|
||||
persistencedSha256 = "sha256-a1D7ZZmcKFWfPjjH1REqPM5j/YLWKnbkP9qfRyIyxAw=";
|
||||
};
|
||||
};
|
||||
# https://bbs.archlinux.org/viewtopic.php?id=297276 for NVreg_EnableGpuFirmware fix
|
||||
# https://discourse.nixos.org/t/how-to-use-nvidia-prime-offload-to-run-the-x-server-on-the-integrated-board/9091/15
|
||||
# for udev rules to disable dGPU when not in use
|
||||
boot.extraModprobeConfig = ''
|
||||
options nvidia NVreg_DynamicPowerManagement=0x02
|
||||
options nvidia NVreg_EnableGpuFirmware=0
|
||||
'';
|
||||
services.udev.extraRules = ''
|
||||
# Remove NVIDIA USB xHCI Host Controller devices, if present
|
||||
ACTION=="add", SUBSYSTEM=="pci", ATTR{vendor}=="0x10de", ATTR{class}=="0x0c0330", ATTR{remove}="1"
|
||||
|
||||
# Remove NVIDIA USB Type-C UCSI devices, if present
|
||||
ACTION=="add", SUBSYSTEM=="pci", ATTR{vendor}=="0x10de", ATTR{class}=="0x0c8000", ATTR{remove}="1"
|
||||
|
||||
# Remove NVIDIA Audio devices, if present
|
||||
ACTION=="add", SUBSYSTEM=="pci", ATTR{vendor}=="0x10de", ATTR{class}=="0x040300", ATTR{remove}="1"
|
||||
|
||||
# Enable runtime PM for NVIDIA VGA/3D controller devices on driver bind
|
||||
ACTION=="bind", SUBSYSTEM=="pci", ATTR{vendor}=="0x10de", ATTR{class}=="0x030000", TEST=="power/control", ATTR{power/control}="auto"
|
||||
ACTION=="bind", SUBSYSTEM=="pci", ATTR{vendor}=="0x10de", ATTR{class}=="0x030200", TEST=="power/control", ATTR{power/control}="auto"
|
||||
|
||||
# Disable runtime PM for NVIDIA VGA/3D controller devices on driver unbind
|
||||
ACTION=="unbind", SUBSYSTEM=="pci", ATTR{vendor}=="0x10de", ATTR{class}=="0x030000", TEST=="power/control", ATTR{power/control}="on"
|
||||
ACTION=="unbind", SUBSYSTEM=="pci", ATTR{vendor}=="0x10de", ATTR{class}=="0x030200", TEST=="power/control", ATTR{power/control}="on"
|
||||
'';
|
||||
|
||||
networking = {
|
||||
hostName = "citadel";
|
||||
networkmanager.enable = true;
|
||||
enableIPv6 = false;
|
||||
nameservers = ["${pieholeIp}" "${gatewayIp}" "8.8.8.8"];
|
||||
nameservers = ["10.0.10.60" "8.8.8.8"];
|
||||
};
|
||||
|
||||
services.libinput.enable = true;
|
||||
|
|
|
@ -37,19 +37,12 @@ in
|
|||
};
|
||||
};
|
||||
|
||||
nix.gc = {
|
||||
automatic = true;
|
||||
dates = "weekly";
|
||||
options = "--delete-older-than 30d";
|
||||
};
|
||||
|
||||
environment.systemPackages = [
|
||||
pkgs.rsync
|
||||
pkgs.curl
|
||||
pkgs.just
|
||||
pkgs.git
|
||||
pkgs.vim
|
||||
pkgs.linuxKernel.packages.linux_zen.cpupower
|
||||
];
|
||||
|
||||
system.stateVersion = "24.05";
|
||||
|
|
|
@ -1,13 +1,13 @@
|
|||
{
|
||||
lib,
|
||||
inputs,
|
||||
config,
|
||||
...
|
||||
}: let
|
||||
{ pkgs, lib, inputs, config, ... }:
|
||||
|
||||
let
|
||||
secretsDirectory = builtins.toString inputs.nix-secrets;
|
||||
secretsFile = "${secretsDirectory}/secrets.yaml";
|
||||
hasOptinPersistence = config.environment.persistence ? "/persist";
|
||||
in {
|
||||
hostname = config.networking.hostName;
|
||||
|
||||
in
|
||||
{
|
||||
imports = [
|
||||
inputs.sops-nix.nixosModules.sops
|
||||
];
|
||||
|
@ -17,7 +17,7 @@ in {
|
|||
validateSopsFiles = false;
|
||||
|
||||
age = {
|
||||
sshKeyPaths = ["${lib.optionalString hasOptinPersistence "/persist"}/etc/ssh/ssh_host_ed25519_key"];
|
||||
sshKeyPaths = [ "${lib.optionalString hasOptinPersistence "/persist"}/etc/ssh/ssh_host_ed25519_key" ];
|
||||
};
|
||||
secrets = {
|
||||
"passwords/root".neededForUsers = true;
|
||||
|
|
|
@ -12,12 +12,12 @@
|
|||
windowManager.dwm = {
|
||||
enable = true;
|
||||
package = pkgs.dwm.overrideAttrs {
|
||||
# src = /home/sam/.local/share/src/dwm;
|
||||
src = pkgs.fetchgit {
|
||||
url = "https://git.bitlab21.com/sam/dwm";
|
||||
rev = "3e0601b29d879e589703239e064f0baaabb3474b";
|
||||
sha256 = "sha256-7Hq0vo6YnXKhEUdKjvaAeKodq2l8wwJRzCYJfdHDNMQ=";
|
||||
};
|
||||
#src = /home/sam/.local/share/src/dwm;
|
||||
src = pkgs.fetchgit {
|
||||
url = "https://git.bitlab21.com/sam/dwm";
|
||||
rev = "49dd30c0d9970ce480ada51dfcaac1a071804c64";
|
||||
sha256 = "0ywca25a1pdjvb4cgv5gx36x3yd6922pqvn9a5f60lcn5fv2a96n";
|
||||
};
|
||||
};
|
||||
};
|
||||
};
|
||||
|
|
|
@ -9,6 +9,7 @@
|
|||
# Steam
|
||||
mangohud
|
||||
gamemode
|
||||
gamescope
|
||||
|
||||
# WINE
|
||||
wine
|
||||
|
@ -40,9 +41,11 @@
|
|||
|
||||
programs.steam = {
|
||||
enable = true;
|
||||
gamescopeSession.enable = true;
|
||||
};
|
||||
|
||||
programs.gamemode.enable = true;
|
||||
programs.gamescope.enable = true;
|
||||
|
||||
nixpkgs.config.packageOverrides = pkgs: {
|
||||
steam = pkgs.steam.override {
|
||||
|
|
|
@ -1,21 +0,0 @@
|
|||
{ lib, pkgs, ... }:
|
||||
{
|
||||
# Using non-Nix Python Packages with Binaries on NixOS https://github.com/mcdonc/.nixconfig/blob/e7885ad18b7980f221e59a21c91b8eb02795b541/videos/pydev/script.rst
|
||||
programs.nix-ld.enable = true;
|
||||
programs.nix-ld.libraries = with pkgs; [
|
||||
zlib # numpy
|
||||
libgcc # sqlalchemy
|
||||
expat # pyosmium
|
||||
# that's where the shared libs go, you can find which one you need using
|
||||
# nix-locate --top-level libstdc++.so.6 (replace this with your lib)
|
||||
# ^ this requires `nix-index` pkg
|
||||
];
|
||||
|
||||
environment.variables = {
|
||||
NIX_LD_LIBRARY_PATH="/run/current-system/sw/share/nix-ld/lib";
|
||||
NIX_LD="/run/current-system/sw/share/nix-ld/lib/ld.so";
|
||||
LD_LIBRARY_PATH=lib.mkForce "$NIX_LD_LIBRARY_PATH";
|
||||
};
|
||||
|
||||
}
|
||||
|
|
@ -1,274 +0,0 @@
|
|||
{
|
||||
lib,
|
||||
pkgs,
|
||||
configVars,
|
||||
inputs,
|
||||
config,
|
||||
...
|
||||
}: let
|
||||
pubKeys = lib.filesystem.listFilesRecursive ../../users/keys;
|
||||
containerName = "bd-worker";
|
||||
containerIp = configVars.networking.addresses.bd-worker.ip;
|
||||
mongodbIp = configVars.networking.addresses.mongodb.ip;
|
||||
mongodbPort = toString configVars.networking.addresses.mongodb.port;
|
||||
gatewayIp = configVars.networking.addresses.gateway.ip;
|
||||
postgresIp = configVars.networking.addresses.postgres.ip;
|
||||
postgresPort = toString configVars.networking.addresses.postgres.port;
|
||||
bitcoindIp = configVars.networking.addresses.bitcoin-node.ip;
|
||||
bitcoindPort = toString configVars.networking.addresses.bitcoin-node.services.bitcoind.port;
|
||||
|
||||
#secrets
|
||||
sshKeyFile = lib.optionalString (lib.hasAttr "sops-nix" inputs) config.sops.secrets."ssh_keys/baseddata-models-access/id_ed25519".path;
|
||||
notifybotUsername = lib.optionalString (lib.hasAttr "sops-nix" inputs) config.sops.secrets."comms/xmpp/notifybot/username".path;
|
||||
notifybotPwd = lib.optionalString (lib.hasAttr "sops-nix" inputs) config.sops.secrets."comms/xmpp/notifybot/password".path;
|
||||
recipientUsername = lib.optionalString (lib.hasAttr "sops-nix" inputs) config.sops.secrets."comms/xmpp/mrsu/username".path;
|
||||
mongoclientAuth = lib.optionalString (lib.hasAttr "sops-nix" inputs) config.sops.secrets."software/mongodb/baseddata/auth".path;
|
||||
mongoclientUser = lib.optionalString (lib.hasAttr "sops-nix" inputs) config.sops.secrets."software/mongodb/baseddata/username".path;
|
||||
mongoclientPassword = lib.optionalString (lib.hasAttr "sops-nix" inputs) config.sops.secrets."software/mongodb/baseddata/password".path;
|
||||
postgresUser = lib.optionalString (lib.hasAttr "sops-nix" inputs) config.sops.secrets."software/postgres/baseddata/user_username".path;
|
||||
postgresPassword = lib.optionalString (lib.hasAttr "sops-nix" inputs) config.sops.secrets."software/postgres/baseddata/user_password".path;
|
||||
bitcoindRPCUsername = lib.optionalString (lib.hasAttr "sops-nix" inputs) config.sops.secrets."software/bitcoind/username".path;
|
||||
bitcoindRPCPassword= lib.optionalString (lib.hasAttr "sops-nix" inputs) config.sops.secrets."software/bitcoind/bitcoin-rpcpassword-public".path;
|
||||
baseddataEnv = "dev";
|
||||
in {
|
||||
sops.secrets = {
|
||||
"ssh_keys/baseddata-models-access/id_ed25519" = {};
|
||||
"comms/xmpp/notifybot/username" = {};
|
||||
"comms/xmpp/notifybot/password" = {};
|
||||
"comms/xmpp/mrsu/username" = {};
|
||||
"software/mongodb/baseddata/auth" = {};
|
||||
"software/mongodb/baseddata/username" = {};
|
||||
"software/mongodb/baseddata/password" = {};
|
||||
"software/postgres/baseddata/user_password" = {};
|
||||
"software/postgres/baseddata/user_username" = {};
|
||||
"software/bitcoind/username" = {};
|
||||
"software/bitcoind/bitcoin-rpcpassword-public" = {};
|
||||
};
|
||||
|
||||
environment.persistence."/persist" = {
|
||||
hideMounts = true;
|
||||
directories = [
|
||||
"/var/lib/nixos-containers/${containerName}"
|
||||
];
|
||||
};
|
||||
|
||||
networking.nat.enable = true;
|
||||
networking.nat.internalInterfaces = ["ve-+"];
|
||||
networking.nat.externalInterface = "br0";
|
||||
|
||||
containers.${containerName} = {
|
||||
autoStart = true;
|
||||
privateNetwork = true;
|
||||
hostBridge = "br0";
|
||||
nixpkgs = pkgs.path;
|
||||
bindMounts = {
|
||||
"/root/.ssh/id_ed25519" = {
|
||||
hostPath = "${sshKeyFile}";
|
||||
isReadOnly = true;
|
||||
};
|
||||
"/run/secrets/notifybotUsername" = {
|
||||
hostPath = "${notifybotUsername}";
|
||||
isReadOnly = true;
|
||||
};
|
||||
"/run/secrets/notifybotPassword" = {
|
||||
hostPath = "${notifybotPwd}";
|
||||
isReadOnly = true;
|
||||
};
|
||||
"/run/secrets/recipientUsername" = {
|
||||
hostPath = "${recipientUsername}";
|
||||
isReadOnly = true;
|
||||
};
|
||||
"/run/secrets/mongoclientAuth" = {
|
||||
hostPath = "${mongoclientAuth}";
|
||||
isReadOnly = true;
|
||||
};
|
||||
"/run/secrets/mongoclientUser" = {
|
||||
hostPath = "${mongoclientUser}";
|
||||
isReadOnly = true;
|
||||
};
|
||||
"/run/secrets/mongoclientPassword" = {
|
||||
hostPath = "${mongoclientPassword}";
|
||||
isReadOnly = true;
|
||||
};
|
||||
"/run/secrets/postgresPassword" = {
|
||||
hostPath = "${postgresPassword}";
|
||||
isReadOnly = true;
|
||||
};
|
||||
"/run/secrets/postgresUser" = {
|
||||
hostPath = "${postgresUser}";
|
||||
isReadOnly = true;
|
||||
};
|
||||
"/run/secrets/bitcoindRPCPassword" = {
|
||||
hostPath = "${bitcoindRPCPassword}";
|
||||
isReadOnly = true;
|
||||
};
|
||||
"/run/secrets/bitcoindRPCUsername" = {
|
||||
hostPath = "${bitcoindRPCUsername}";
|
||||
isReadOnly = true;
|
||||
};
|
||||
"/media/baseddata-data" = {
|
||||
hostPath = "/media/main-ssd/baseddata-data";
|
||||
isReadOnly = false;
|
||||
};
|
||||
};
|
||||
|
||||
config = {
|
||||
pkgs,
|
||||
lib,
|
||||
...
|
||||
}: {
|
||||
networking = {
|
||||
defaultGateway = "${gatewayIp}";
|
||||
interfaces.eth0.ipv4.addresses = [
|
||||
{
|
||||
"address" = "${containerIp}";
|
||||
"prefixLength" = 24;
|
||||
}
|
||||
];
|
||||
firewall = {
|
||||
enable = true;
|
||||
allowedTCPPorts = [
|
||||
4200
|
||||
];
|
||||
};
|
||||
useHostResolvConf = lib.mkForce false;
|
||||
};
|
||||
|
||||
services.resolved.enable = true;
|
||||
|
||||
environment.systemPackages = [
|
||||
pkgs.vim
|
||||
pkgs.git
|
||||
pkgs.python311
|
||||
pkgs.poetry
|
||||
pkgs.aria2
|
||||
pkgs.osmctools
|
||||
pkgs.osmium-tool
|
||||
];
|
||||
|
||||
environment.variables = {
|
||||
BASEDDATA_ENVIRONMENT = "dev";
|
||||
NIX_LD_LIBRARY_PATH = "/run/current-system/sw/share/nix-ld/lib";
|
||||
NIX_LD = "/run/current-system/sw/share/nix-ld/lib/ld.so";
|
||||
LD_LIBRARY_PATH = "/run/current-system/sw/share/nix-ld/lib";
|
||||
};
|
||||
|
||||
systemd.services.baseddata-deploy-service = {
|
||||
wantedBy = ["multi-user.target"];
|
||||
after = ["network.target"];
|
||||
description = "Initiates deployment of application and builds python environment using Poetry";
|
||||
environment = {
|
||||
BASEDDATA_ENVIRONMENT = "${baseddataEnv}";
|
||||
};
|
||||
serviceConfig = {
|
||||
ExecStart = pkgs.writeShellScript "baseddata-deploy-service" ''
|
||||
GITCMD="${pkgs.openssh}/bin/ssh -i /root/.ssh/id_ed25519"
|
||||
if [ ! -d "/srv/baseddata-models" ]; then
|
||||
GIT_SSH_COMMAND=$GITCMD ${pkgs.git}/bin/git clone --branch $BASEDDATA_ENVIRONMENT git@git.bitlab21.com:sam/baseddata-models.git /srv/baseddata-models
|
||||
else
|
||||
cd /srv/baseddata-models
|
||||
GIT_SSH_COMMAND=$GITCMD ${pkgs.git}/bin/git stash --include-untracked
|
||||
GIT_SSH_COMMAND=$GITCMD ${pkgs.git}/bin/git pull
|
||||
fi
|
||||
|
||||
cd /srv/baseddata-models
|
||||
mkdir .venv
|
||||
${pkgs.poetry}/bin/poetry install
|
||||
'';
|
||||
Restart = "on-failure";
|
||||
};
|
||||
};
|
||||
|
||||
systemd.services.baseddata-prefect-server = {
|
||||
wantedBy = ["multi-user.target"];
|
||||
after = ["baseddata-deploy-service.target"];
|
||||
description = "Initates the Prefect server";
|
||||
environment = {
|
||||
NIX_LD_LIBRARY_PATH = "/run/current-system/sw/share/nix-ld/lib";
|
||||
NIX_LD = "/run/current-system/sw/share/nix-ld/lib/ld.so";
|
||||
LD_LIBRARY_PATH = "/run/current-system/sw/share/nix-ld/lib";
|
||||
PREFECT_API_URL = "http://${containerIp}:4200/api";
|
||||
BASEDDATA_ENVIRONMENT = "${baseddataEnv}";
|
||||
};
|
||||
serviceConfig = {
|
||||
WorkingDirectory = "/srv/baseddata-models";
|
||||
ExecStart = pkgs.writeShellScript "baseddata-prefect-server" ''
|
||||
|
||||
# run prefect server
|
||||
.venv/bin/prefect server start --host 0.0.0.0
|
||||
|
||||
'';
|
||||
Restart = "on-failure";
|
||||
};
|
||||
};
|
||||
|
||||
systemd.services.baseddata-serve-flows = {
|
||||
wantedBy = ["multi-user.target"];
|
||||
after = ["baseddata-prefect-server.target"];
|
||||
description = "Serves the Prefect flows";
|
||||
environment = {
|
||||
PREFECT_API_URL = "http://${containerIp}:4200/api";
|
||||
BASEDDATA_ENVIRONMENT = "${baseddataEnv}";
|
||||
};
|
||||
serviceConfig = {
|
||||
Environment = "PATH=/run/current-system/sw/bin/";
|
||||
WorkingDirectory = "/srv/baseddata-models";
|
||||
ExecStartPre = "${pkgs.coreutils}/bin/timeout 120 ${pkgs.bash}/bin/bash -c 'until ${pkgs.netcat-openbsd}/bin/nc -z ${containerIp} 4200; do sleep 3; done'";
|
||||
ExecStart = pkgs.writeShellScript "baseddata-serve-flows" ''
|
||||
|
||||
# set prefect environment variables
|
||||
.venv/bin/prefect variable set "xmpp_jid" $(cat /run/secrets/notifybotUsername) --overwrite
|
||||
.venv/bin/prefect variable set "xmpp_password" $(cat /run/secrets/notifybotPassword) --overwrite
|
||||
.venv/bin/prefect variable set "xmpp_recipient" $(cat /run/secrets/recipientUsername) --overwrite
|
||||
.venv/bin/prefect variable set "mongoclient_auth" $(cat /run/secrets/mongoclientAuth) --overwrite
|
||||
.venv/bin/prefect variable set "mongoclient_host" "${mongodbIp}:${mongodbPort}" --overwrite
|
||||
.venv/bin/prefect variable set "mongoclient_user" $(cat /run/secrets/mongoclientUser) --overwrite
|
||||
.venv/bin/prefect variable set "mongoclient_pwd" $(cat /run/secrets/mongoclientPassword) --overwrite
|
||||
.venv/bin/prefect variable set "postgres_host" ${postgresIp} --overwrite
|
||||
.venv/bin/prefect variable set "postgres_port" ${postgresPort} --overwrite
|
||||
.venv/bin/prefect variable set "postgres_user" $(cat /run/secrets/postgresUser) --overwrite
|
||||
.venv/bin/prefect variable set "postgres_pwd" $(cat /run/secrets/postgresPassword) --overwrite
|
||||
.venv/bin/prefect variable set "bitcoin_rpc_password" $(cat /run/secrets/bitcoindRPCPassword) --overwrite
|
||||
.venv/bin/prefect variable set "bitcoin_rpc_username" $(cat /run/secrets/bitcoindRPCUsername) --overwrite
|
||||
.venv/bin/prefect variable set "bitcoind_ip" ${bitcoindIp} --overwrite
|
||||
.venv/bin/prefect variable set "bitcoind_port" ${bitcoindPort} --overwrite
|
||||
|
||||
.venv/bin/prefect variable set "osm_dir" "/media/baseddata-data/osm" --overwrite
|
||||
.venv/bin/prefect variable set "wdpa_dir" "/media/baseddata-data/wdpa" --overwrite
|
||||
.venv/bin/prefect variable set "mongo_db_name" "baseddata" --overwrite
|
||||
.venv/bin/prefect variable set "postgres_dbname" "baseddata" --overwrite
|
||||
.venv/bin/prefect variable set "postgres_schema" "models_final" --overwrite
|
||||
.venv/bin/prefect variable set "unique_key" "row_uuid" --overwrite
|
||||
|
||||
# serve flows
|
||||
.venv/bin/python automation/flows/serve-flows.py
|
||||
'';
|
||||
Restart = "on-failure";
|
||||
};
|
||||
};
|
||||
|
||||
programs.nix-ld.enable = true;
|
||||
programs.nix-ld.libraries = with pkgs; [
|
||||
zlib
|
||||
libgcc
|
||||
];
|
||||
|
||||
programs.ssh.knownHosts = {
|
||||
"git.bitlab21.com" = {
|
||||
publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIALNd2BGf64heYjWT9yt0fVmngepiHRIMsL7au/MRteg";
|
||||
};
|
||||
};
|
||||
|
||||
services.openssh = {
|
||||
enable = true;
|
||||
settings.PasswordAuthentication = false;
|
||||
};
|
||||
|
||||
users.users.root = {
|
||||
openssh.authorizedKeys.keys = lib.lists.forEach pubKeys (key: builtins.readFile key);
|
||||
};
|
||||
|
||||
system.stateVersion = "24.05";
|
||||
};
|
||||
};
|
||||
}
|
|
@ -1,18 +1,16 @@
|
|||
{
|
||||
lib,
|
||||
pkgs,
|
||||
configVars,
|
||||
...
|
||||
}: let
|
||||
pubKeys = lib.filesystem.listFilesRecursive ../../users/keys;
|
||||
containerName = "jellyfin";
|
||||
containerIp = configVars.networking.addresses.jellyfin.ip;
|
||||
gatewayIp = configVars.networking.addresses.gateway.ip;
|
||||
container_name = "jellyfin";
|
||||
container_ip = "10.0.10.6";
|
||||
in {
|
||||
environment.persistence."/persist" = {
|
||||
hideMounts = true;
|
||||
directories = [
|
||||
"/var/lib/nixos-containers/${containerName}"
|
||||
"/var/lib/nixos-containers/${container_name}"
|
||||
];
|
||||
};
|
||||
|
||||
|
@ -20,7 +18,7 @@ in {
|
|||
networking.nat.internalInterfaces = ["ve-+"];
|
||||
networking.nat.externalInterface = "br0";
|
||||
|
||||
containers.${containerName} = {
|
||||
containers.${container_name} = {
|
||||
autoStart = true;
|
||||
privateNetwork = true;
|
||||
hostBridge = "br0";
|
||||
|
@ -42,17 +40,17 @@ in {
|
|||
...
|
||||
}: {
|
||||
networking = {
|
||||
defaultGateway = "${gatewayIp}";
|
||||
defaultGateway = "10.0.10.1";
|
||||
interfaces.eth0.ipv4.addresses = [
|
||||
{
|
||||
"address" = "${containerIp}";
|
||||
"address" = "${container_ip}";
|
||||
"prefixLength" = 24;
|
||||
}
|
||||
];
|
||||
firewall = {
|
||||
enable = true;
|
||||
allowedTCPPorts = [
|
||||
8096
|
||||
5432
|
||||
];
|
||||
};
|
||||
useHostResolvConf = lib.mkForce false;
|
||||
|
|
|
@ -1,98 +0,0 @@
|
|||
{
|
||||
inputs,
|
||||
lib,
|
||||
config,
|
||||
configVars,
|
||||
pkgs,
|
||||
...
|
||||
}: let
|
||||
mongodbPasswordPath = lib.optionalString (lib.hasAttr "sops-nix" inputs) config.sops.secrets."software/mongodb/baseddata/password".path;
|
||||
pubKeys = lib.filesystem.listFilesRecursive ../../users/keys;
|
||||
containerName = "mongodb";
|
||||
containerIp = configVars.networking.addresses.mongodb.ip;
|
||||
gatewayIp = configVars.networking.addresses.gateway.ip;
|
||||
in {
|
||||
sops.secrets = {
|
||||
"software/postgres/postgres/password" = {
|
||||
};
|
||||
};
|
||||
|
||||
environment.persistence."/persist" = {
|
||||
hideMounts = true;
|
||||
directories = [
|
||||
"/var/lib/nixos-containers/${containerName}"
|
||||
];
|
||||
};
|
||||
|
||||
networking.nat.enable = true;
|
||||
networking.nat.internalInterfaces = ["ve-+"];
|
||||
networking.nat.externalInterface = "br0";
|
||||
|
||||
containers.${containerName} = {
|
||||
autoStart = true;
|
||||
privateNetwork = true;
|
||||
hostBridge = "br0";
|
||||
nixpkgs = pkgs.path;
|
||||
bindMounts = {
|
||||
# "/var/db/mongodb" = {
|
||||
# hostPath = "/media/main-ssd/mongodb";
|
||||
# isReadOnly = false;
|
||||
# };
|
||||
};
|
||||
|
||||
config = {
|
||||
pkgs,
|
||||
lib,
|
||||
...
|
||||
}: {
|
||||
networking = {
|
||||
defaultGateway = "${gatewayIp}";
|
||||
interfaces.eth0.ipv4.addresses = [
|
||||
{
|
||||
"address" = "${containerIp}";
|
||||
"prefixLength" = 24;
|
||||
}
|
||||
];
|
||||
firewall = {
|
||||
enable = true;
|
||||
allowedTCPPorts = [
|
||||
27017
|
||||
];
|
||||
};
|
||||
useHostResolvConf = lib.mkForce false;
|
||||
};
|
||||
|
||||
services.resolved.enable = true;
|
||||
|
||||
environment.systemPackages = with pkgs; [
|
||||
mongosh
|
||||
];
|
||||
|
||||
# allow unfree packages
|
||||
nixpkgs.config.allowUnfreePredicate = let
|
||||
whitelist = map lib.getName [
|
||||
pkgs.mongodb
|
||||
];
|
||||
in
|
||||
pkg: builtins.elem (lib.getName pkg) whitelist;
|
||||
|
||||
services.mongodb = {
|
||||
enable = true;
|
||||
# enableAuth = true;
|
||||
# initialRootPassword = mongodbPasswordPath;
|
||||
bind_ip = "0.0.0.0";
|
||||
};
|
||||
|
||||
services.openssh = {
|
||||
enable = true;
|
||||
settings.PasswordAuthentication = false;
|
||||
};
|
||||
|
||||
users.users.root = {
|
||||
openssh.authorizedKeys.keys = lib.lists.forEach pubKeys (key: builtins.readFile key);
|
||||
};
|
||||
|
||||
system.stateVersion = "24.05";
|
||||
};
|
||||
};
|
||||
}
|
|
@ -2,7 +2,6 @@
|
|||
inputs,
|
||||
lib,
|
||||
config,
|
||||
configVars,
|
||||
pkgs,
|
||||
...
|
||||
}: let
|
||||
|
@ -10,11 +9,8 @@
|
|||
bitcoin-rpcpassword-public = lib.optionalString (lib.hasAttr "sops-nix" inputs) config.sops.secrets."software/bitcoind/bitcoin-rpcpassword-public".path;
|
||||
bitcoin-HMAC-privileged = lib.optionalString (lib.hasAttr "sops-nix" inputs) config.sops.secrets."software/bitcoind/bitcoin-HMAC-privileged".path;
|
||||
bitcoin-HMAC-public = lib.optionalString (lib.hasAttr "sops-nix" inputs) config.sops.secrets."software/bitcoind/bitcoin-HMAC-public".path;
|
||||
containerName = "bitcoin-node";
|
||||
containerIp = configVars.networking.addresses.bitcoin-node.ip;
|
||||
mempoolPort = configVars.networking.addresses.bitcoin-node.services.mempool.port;
|
||||
gatewayIp = configVars.networking.addresses.gateway.ip;
|
||||
allowip = configVars.networking.addresses.bitcoin-node.services.bitcoind.allowip;
|
||||
container_name = "bitcoin-node";
|
||||
container_ip = "10.0.10.4";
|
||||
pubKeys = lib.filesystem.listFilesRecursive ../../users/keys;
|
||||
in {
|
||||
sops.secrets = {
|
||||
|
@ -27,7 +23,7 @@ in {
|
|||
environment.persistence."/persist" = {
|
||||
hideMounts = true;
|
||||
directories = [
|
||||
"/var/lib/nixos-containers/${containerName}"
|
||||
"/var/lib/nixos-containers/${container_name}"
|
||||
];
|
||||
};
|
||||
|
||||
|
@ -35,7 +31,7 @@ in {
|
|||
networking.nat.internalInterfaces = ["ve-+"];
|
||||
networking.nat.externalInterface = "br0";
|
||||
|
||||
containers.${containerName} = {
|
||||
containers.${container_name} = {
|
||||
autoStart = true;
|
||||
privateNetwork = true;
|
||||
hostBridge = "br0";
|
||||
|
@ -89,8 +85,8 @@ in {
|
|||
jq
|
||||
];
|
||||
networking = {
|
||||
defaultGateway = "${gatewayIp}";
|
||||
interfaces.eth0.ipv4.addresses = [ { "address" = "${containerIp}"; "prefixLength" = 24; } ];
|
||||
defaultGateway = "10.0.10.1";
|
||||
interfaces.eth0.ipv4.addresses = [ { "address" = "${container_ip}"; "prefixLength" = 24; } ];
|
||||
firewall = {
|
||||
enable = true;
|
||||
allowedTCPPorts = [
|
||||
|
@ -124,7 +120,7 @@ in {
|
|||
rpc = {
|
||||
address = "0.0.0.0";
|
||||
threads = 6;
|
||||
allowip = allowip;
|
||||
allowip = ["10.0.0.0/8"];
|
||||
users = let
|
||||
name = "bitcoin";
|
||||
in {
|
||||
|
@ -147,7 +143,7 @@ in {
|
|||
enable = true;
|
||||
electrumServer = "electrs";
|
||||
frontend = {
|
||||
port = mempoolPort;
|
||||
port = 4080;
|
||||
address = "0.0.0.0";
|
||||
};
|
||||
};
|
||||
|
|
|
@ -2,16 +2,13 @@
|
|||
inputs,
|
||||
lib,
|
||||
config,
|
||||
configVars,
|
||||
pkgs,
|
||||
...
|
||||
}: let
|
||||
postgresPasswordPath = lib.optionalString (lib.hasAttr "sops-nix" inputs) config.sops.secrets."software/postgres/postgres/password".path;
|
||||
pubKeys = lib.filesystem.listFilesRecursive ../../users/keys;
|
||||
containerName = "postgres";
|
||||
containerIp = configVars.networking.addresses.postgres.ip;
|
||||
subnetIp = configVars.networking.addresses.subnet.ip;
|
||||
gatewayIp = configVars.networking.addresses.gateway.ip;
|
||||
container_name = "postgres";
|
||||
container_ip = "10.0.10.5";
|
||||
in {
|
||||
sops.secrets = {
|
||||
"software/postgres/postgres/password" = {
|
||||
|
@ -21,7 +18,7 @@ in {
|
|||
environment.persistence."/persist" = {
|
||||
hideMounts = true;
|
||||
directories = [
|
||||
"/var/lib/nixos-containers/${containerName}"
|
||||
"/var/lib/nixos-containers/${container_name}"
|
||||
];
|
||||
};
|
||||
|
||||
|
@ -29,7 +26,7 @@ in {
|
|||
networking.nat.internalInterfaces = ["ve-+"];
|
||||
networking.nat.externalInterface = "br0";
|
||||
|
||||
containers.${containerName} = {
|
||||
containers.${container_name} = {
|
||||
autoStart = true;
|
||||
privateNetwork = true;
|
||||
hostBridge = "br0";
|
||||
|
@ -47,10 +44,10 @@ in {
|
|||
...
|
||||
}: {
|
||||
networking = {
|
||||
defaultGateway = "${gatewayIp}";
|
||||
defaultGateway = "10.0.10.1";
|
||||
interfaces.eth0.ipv4.addresses = [
|
||||
{
|
||||
"address" = "${containerIp}";
|
||||
"address" = "${container_ip}";
|
||||
"prefixLength" = 24;
|
||||
}
|
||||
];
|
||||
|
@ -74,7 +71,6 @@ in {
|
|||
enableJIT = true;
|
||||
package = pkgs.postgresql_16;
|
||||
extraPlugins = with pkgs.postgresql_16.pkgs; [ postgis ];
|
||||
enableTCPIP = true;
|
||||
settings = {
|
||||
max_worker_processes = "12";
|
||||
max_parallel_workers = "8";
|
||||
|
@ -86,11 +82,8 @@ in {
|
|||
maintenance_work_mem = "64MB";
|
||||
};
|
||||
authentication = pkgs.lib.mkOverride 10 ''
|
||||
#type database DBuser origin-address auth-method
|
||||
local all postgres peer
|
||||
host all all ${subnetIp}/24 scram-sha-256
|
||||
local replication all peer
|
||||
host replication all 127.0.0.1/32 scram-sha-256
|
||||
#type database DBuser auth-method
|
||||
local all all trust
|
||||
'';
|
||||
};
|
||||
|
||||
|
|
|
@ -1,10 +1,4 @@
|
|||
{
|
||||
pkgs,
|
||||
configVars,
|
||||
...
|
||||
}: let
|
||||
serverIp = configVars.networking.addresses.merlin.ip;
|
||||
in {
|
||||
{pkgs, ...}: {
|
||||
services = {
|
||||
udev.packages = [pkgs.sane-airscan];
|
||||
printing = {
|
||||
|
@ -22,7 +16,7 @@ in {
|
|||
sane = {
|
||||
enable = true;
|
||||
extraBackends = [pkgs.sane-airscan];
|
||||
netConf = "${serverIp}";
|
||||
netConf = "10.0.10.2";
|
||||
};
|
||||
printers = {
|
||||
ensurePrinters = [
|
||||
|
|
|
@ -3,7 +3,6 @@
|
|||
inputs,
|
||||
config,
|
||||
lib,
|
||||
configVars,
|
||||
...
|
||||
}: let
|
||||
hostname = config.networking.hostName;
|
||||
|
@ -11,7 +10,6 @@
|
|||
sopsHashedPasswordFile = lib.optionalString (lib.hasAttr "sops-nix" inputs) config.sops.secrets."passwords/sam".path;
|
||||
secretsDirectory = builtins.toString inputs.nix-secrets;
|
||||
secretsFile = "${secretsDirectory}/secrets.yaml";
|
||||
baseddataPostgresIp = configVars.networking.addresses.postgres.ip;
|
||||
username = "sam";
|
||||
in {
|
||||
users.users.${username} = {
|
||||
|
@ -29,7 +27,7 @@ in {
|
|||
"podman"
|
||||
];
|
||||
};
|
||||
services.tailscale.enable = true;
|
||||
|
||||
sops.secrets = {
|
||||
"passwords/${username}" = {
|
||||
sopsFile = "${secretsFile}";
|
||||
|
@ -57,8 +55,6 @@ in {
|
|||
"software/postgres/bitcoin/password" = {};
|
||||
"software/postgres/bitcoin/ip" = {};
|
||||
"software/postgres/bitcoin/username" = {};
|
||||
"software/postgres/baseddata/user_password" = {};
|
||||
"software/postgres/baseddata/user_username" = {};
|
||||
"software/zotero/username" = {};
|
||||
"software/zotero/password" = {};
|
||||
"software/zotero/guid" = {};
|
||||
|
@ -89,10 +85,6 @@ in {
|
|||
{
|
||||
"url": "postgresql://${config.sops.placeholder."software/postgres/bitcoin/username"}:${config.sops.placeholder."software/postgres/bitcoin/password"}@${config.sops.placeholder."software/postgres/bitcoin/ip"}/bitcoin",
|
||||
"name": "bitcoin"
|
||||
},
|
||||
{
|
||||
"url": "postgresql://${config.sops.placeholder."software/postgres/baseddata/user_username"}:${config.sops.placeholder."software/postgres/baseddata/user_password"}@${baseddataPostgresIp}/baseddata",
|
||||
"name": "baseddata"
|
||||
}
|
||||
]
|
||||
'';
|
||||
|
@ -107,23 +99,23 @@ in {
|
|||
target: dev
|
||||
outputs:
|
||||
dev:
|
||||
dbname: dev_baseddata
|
||||
host: ${baseddataPostgresIp}
|
||||
pass: '${config.sops.placeholder."software/postgres/baseddata/user_password"}'
|
||||
dbname: dev_baseddata_models
|
||||
host: ${config.sops.placeholder."software/postgres/baseddata_models/ip"}
|
||||
pass: '${config.sops.placeholder."software/postgres/baseddata_models/password"}'
|
||||
port: 5432
|
||||
schema: models
|
||||
threads: 6
|
||||
type: postgres
|
||||
user: ${config.sops.placeholder."software/postgres/baseddata/user_username"}
|
||||
user: ${config.sops.placeholder."software/postgres/baseddata_models/username"}
|
||||
prod:
|
||||
dbname: baseddata
|
||||
host: ${baseddataPostgresIp}
|
||||
pass: '${config.sops.placeholder."software/postgres/baseddata/user_password"}'
|
||||
dbname: baseddata_models
|
||||
host: ${config.sops.placeholder."software/postgres/baseddata_models/ip"}
|
||||
pass: '${config.sops.placeholder."software/postgres/baseddata_models/password"}'
|
||||
port: 5432
|
||||
schema: models
|
||||
threads: 6
|
||||
type: postgres
|
||||
user: ${config.sops.placeholder."software/postgres/baseddata/user_username"}
|
||||
user: ${config.sops.placeholder."software/postgres/baseddata_models/username"}
|
||||
|
||||
'';
|
||||
};
|
||||
|
@ -160,4 +152,8 @@ in {
|
|||
${username} = import ../../../../home/${hostname}.nix;
|
||||
};
|
||||
};
|
||||
|
||||
environment.systemPackages = [
|
||||
#inputs.sqlfmt.packages.x86_64-linux.sqlfmt
|
||||
];
|
||||
}
|
||||
|
|
|
@ -37,7 +37,7 @@ in
|
|||
};
|
||||
|
||||
networking = {
|
||||
hostName = "merlin";
|
||||
hostName = "nebula";
|
||||
networkmanager.enable = true;
|
||||
enableIPv6 = false;
|
||||
};
|
|
@ -2,7 +2,6 @@
|
|||
inputs,
|
||||
lib,
|
||||
pkgs,
|
||||
configVars,
|
||||
...
|
||||
}: let
|
||||
# Disko setup
|
||||
|
@ -15,10 +14,6 @@
|
|||
else "/dev/root_vg/root";
|
||||
user = "sam";
|
||||
impermanence = true;
|
||||
pieholeIp = configVars.networking.addresses.piehole.ip;
|
||||
gatewayIp = configVars.networking.addresses.gateway.ip;
|
||||
semitaIp = configVars.networking.addresses.semita.ip;
|
||||
|
||||
in {
|
||||
imports = [
|
||||
# Create users for this host
|
||||
|
@ -55,9 +50,6 @@ in {
|
|||
../common/optional/nixos-containers/nix-bitcoin.nix
|
||||
../common/optional/nixos-containers/postgres.nix
|
||||
../common/optional/nixos-containers/jellyfin.nix
|
||||
../common/optional/nixos-containers/baseddata-worker.nix
|
||||
../common/optional/nixos-containers/mongodb.nix
|
||||
../common/optional/nix-ld.nix
|
||||
];
|
||||
|
||||
fileSystems."/media/main-ssd" = {
|
||||
|
@ -99,11 +91,6 @@ in {
|
|||
vaapiIntel = pkgs.vaapiIntel.override {enableHybridCodec = true;};
|
||||
};
|
||||
|
||||
swapDevices = [ {
|
||||
device = "/.swapvol/swapfile";
|
||||
size = 32*1024;
|
||||
} ];
|
||||
|
||||
hardware.opengl = {
|
||||
enable = true;
|
||||
extraPackages = with pkgs; [
|
||||
|
@ -120,8 +107,8 @@ in {
|
|||
|
||||
networking = {
|
||||
hostName = "semita";
|
||||
nameservers = ["${pieholeIp}" "${gatewayIp}" "8.8.8.8"];
|
||||
defaultGateway = "${gatewayIp}";
|
||||
nameservers = ["10.0.10.60" "10.0.10.1" "8.8.8.8"];
|
||||
defaultGateway = "10.0.10.1";
|
||||
useDHCP = false;
|
||||
bridges = {
|
||||
br0 = {
|
||||
|
@ -131,7 +118,7 @@ in {
|
|||
interfaces.br0 = {
|
||||
ipv4.addresses = [
|
||||
{
|
||||
"address" = "${semitaIp}";
|
||||
"address" = "10.0.10.3";
|
||||
"prefixLength" = 24;
|
||||
}
|
||||
];
|
||||
|
|
|
@ -1,52 +1,37 @@
|
|||
{
|
||||
inputs,
|
||||
config,
|
||||
lib,
|
||||
configVars,
|
||||
...
|
||||
}: let
|
||||
{ inputs, config, lib, pkgs, outputs, ... }:
|
||||
let
|
||||
# Disko setup
|
||||
fsType = "btrfs"; # one of ext4 or btrfs. Use btrfs if using impermanence
|
||||
dev = "/dev/sda"; # depends on target hardware
|
||||
encrypted = false; # currrently only applies to btrfs
|
||||
btrfsMountDevice =
|
||||
if encrypted
|
||||
then "/dev/mapper/crypted"
|
||||
else "/dev/root_vg/root";
|
||||
btrfsMountDevice = if encrypted then "/dev/mapper/crypted" else "/dev/root_vg/root";
|
||||
impermanence = true;
|
||||
pieholeIp = configVars.networking.addresses.piehole.ip;
|
||||
gatewayIp = configVars.networking.addresses.gateway.ip;
|
||||
in {
|
||||
imports = [
|
||||
# Create users for this host
|
||||
../common/users/media
|
||||
in
|
||||
{
|
||||
imports =
|
||||
[
|
||||
# Create users for this host
|
||||
../common/users/media
|
||||
|
||||
# Disk configuration
|
||||
inputs.disko.nixosModules.disko
|
||||
(import ../common/disks {
|
||||
device = dev;
|
||||
impermanence = impermanence;
|
||||
fsType = fsType;
|
||||
encrypted = encrypted;
|
||||
})
|
||||
# Disk configuration
|
||||
inputs.disko.nixosModules.disko
|
||||
(import ../common/disks { device = dev; impermanence = impermanence; fsType = fsType; encrypted = encrypted; })
|
||||
|
||||
# Impermanence
|
||||
(import ../common/disks/btrfs/impermanence.nix {
|
||||
btrfsMountDevice = btrfsMountDevice;
|
||||
lib = lib;
|
||||
})
|
||||
# Impermanence
|
||||
(import ../common/disks/btrfs/impermanence.nix { btrfsMountDevice = btrfsMountDevice; lib = lib; })
|
||||
|
||||
# Import core options
|
||||
./hardware-configuration.nix
|
||||
../common/core
|
||||
# Import core options
|
||||
./hardware-configuration.nix
|
||||
../common/core
|
||||
|
||||
# Import optional options
|
||||
../common/optional/openssh.nix
|
||||
../common/optional/persistence.nix
|
||||
../common/optional/nfs-mounts/media.nix
|
||||
../common/optional/gaming.nix
|
||||
../common/optional/printing.nix
|
||||
];
|
||||
# Import optional options
|
||||
../common/optional/openssh.nix
|
||||
../common/optional/persistence.nix
|
||||
../common/optional/nfs-mounts/media.nix
|
||||
../common/optional/gaming.nix
|
||||
../common/optional/printing.nix
|
||||
|
||||
];
|
||||
|
||||
boot = {
|
||||
loader = {
|
||||
|
@ -55,13 +40,12 @@ in {
|
|||
timeout = 3;
|
||||
};
|
||||
};
|
||||
boot.kernelParams = ["i915.enable_psr=0"];
|
||||
boot.kernelParams = [ "i915.enable_psr=0" ];
|
||||
|
||||
networking = {
|
||||
hostName = "sparky";
|
||||
networkmanager.enable = true;
|
||||
enableIPv6 = false;
|
||||
nameservers = ["${pieholeIp}" "${gatewayIp}" "8.8.8.8"];
|
||||
};
|
||||
|
||||
nixpkgs.config.allowUnfreePredicate = pkg:
|
||||
|
@ -77,7 +61,7 @@ in {
|
|||
|
||||
services.xserver = {
|
||||
enable = true;
|
||||
videoDrivers = ["nvidia"];
|
||||
videoDrivers = [ "nvidia" ];
|
||||
displayManager.lightdm.enable = true;
|
||||
exportConfiguration = true;
|
||||
deviceSection = ''
|
||||
|
|
5
justfile
5
justfile
|
@ -14,11 +14,6 @@ rebuild-system:
|
|||
git add *.nix
|
||||
sudo nixos-rebuild switch --option eval-cache false --flake .#$(hostname)
|
||||
|
||||
# test full system rebuild from flake (stages changes and automatically detects host)
|
||||
rebuild-system-test:
|
||||
git add *.nix
|
||||
sudo nixos-rebuild test --option eval-cache false --flake .#$(hostname)
|
||||
|
||||
# updates all flake inputs for system
|
||||
update-flake:
|
||||
nix flake update
|
||||
|
|
|
@ -6,5 +6,4 @@ pkgs: {
|
|||
nsxiv = pkgs.callPackage ./nsxiv {};
|
||||
sqlfmt = pkgs.callPackage ./sqlfmt {};
|
||||
kunst = pkgs.callPackage ./kunst {};
|
||||
set_wm_class = pkgs.callPackage ./set_wm_class {};
|
||||
}
|
||||
|
|
|
@ -1,35 +0,0 @@
|
|||
{ pkgs ? import <nixpkgs> { }
|
||||
, fetchFromGitea ? pkgs.fetchFromGitea
|
||||
, pkg-config ? pkgs.pkg-config
|
||||
, libX11 ? pkgs.xorg.libX11
|
||||
}:
|
||||
pkgs.stdenv.mkDerivation {
|
||||
pname = "set_wm_class";
|
||||
name = "set_wm_class";
|
||||
|
||||
src = fetchFromGitea {
|
||||
domain = "git.bitlab21.com";
|
||||
owner = "sam";
|
||||
repo = "set_wm_class";
|
||||
rev = "b39fb4b360";
|
||||
sha256 = "sha256-5z2YQof4jbfa1dQll5GLt2OL54UhDKZ4Dzzte7vT0zM=";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [
|
||||
pkg-config
|
||||
];
|
||||
|
||||
buildInputs = [
|
||||
libX11
|
||||
];
|
||||
|
||||
buildPhase = ''
|
||||
make
|
||||
'';
|
||||
|
||||
installPhase = ''
|
||||
mkdir -p $out/bin
|
||||
mv set_wm_class $out/bin
|
||||
'';
|
||||
|
||||
}
|
|
@ -12,8 +12,8 @@ pkgs.stdenv.mkDerivation {
|
|||
domain = "git.bitlab21.com";
|
||||
owner = "sam";
|
||||
repo = "st";
|
||||
rev = "0e926487c85227aad9eed6667b91e149018014b8";
|
||||
sha256 = "sha256-aUquoUotLKJDxOISIcx0RUybNvBrytc7+EF7PE1MRJU=";
|
||||
rev = "31e0ba8cb2086fb12741afc5fc3dfd938ca1f59b";
|
||||
sha256 = "sha256-dbkXFbNr/lJveMeR7qXo7jGgF5+79S9vqKsLM7XM250=";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [
|
||||
|
|
|
@ -1,8 +0,0 @@
|
|||
{ inputs, ... }:
|
||||
{
|
||||
inherit (inputs.nix-secrets)
|
||||
networking
|
||||
email
|
||||
;
|
||||
|
||||
}
|
Loading…
Reference in New Issue