asmir/nixos_flake_config
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: asmir:30560f07cdabccab9ab856dafe6e8678cf7a0ea1
Branches Tags
asmir:master asmir:nftables_transition asmir:gitea_typst asmir:magento2
...
compare: asmir:gitea_typst
Branches Tags
asmir:master asmir:nftables_transition asmir:gitea_typst asmir:magento2

29 Commits
30560f07cd ... gitea_typs

Author SHA1 Message Date
Asmir A
f601854156 magpie/gitea: add typst syntax higlight 2024-12-05 11:06:43 +01:00
Asmir A
09bf9a3b17 flake: update nvim 2024-12-04 16:36:26 +01:00
Asmir A
0b069d7277 home/git: set defaultbranch to master 2024-12-04 15:22:01 +01:00
Asmir A
e3673902e2 home_packages: add typst 2024-12-03 23:13:07 +01:00
Asmir A
a9f02a8462 magpie/gitea: use unix socket for local connection 2024-12-03 16:02:53 +01:00
Asmir A
3f5747d8e0 nixy/fonts: update and add more fonts 2024-12-03 16:01:21 +01:00
Asmir A
da2c2dcd8c nixy/avahi: enable service 2024-12-03 16:01:05 +01:00
Asmir A
fca1cd048e home/zsh: add pay-respects alias; remove fast_syntax_highlight plugin 2024-12-03 15:59:57 +01:00
Asmir A
d1f26e838d home_packages: add sbcl, pay-respects; libreoffice -> libreoffice-qt6-fresh 2024-12-02 22:20:12 +01:00
Asmir A
5440679d16 switch nixpkgs to 24.11 2024-12-02 22:16:51 +01:00
Asmir A
fa1392dce8 home_packages: add weechat 2024-11-11 16:20:56 +01:00
Asmir A
0751e0ac30 nixy/fonts: noto-fonts-cjk -> noto-fonts-cjk-sans 2024-11-07 12:33:55 +01:00
Asmir A
a2cf986bc4 nixy/virtualisation: enable spice usb redirection 2024-11-07 12:33:17 +01:00
Asmir A
0a95372a68 nixy: iproute -> iproute2 2024-11-05 17:19:40 +01:00
Asmir A
ecf5065588 home_packages: add tectonic 2024-10-29 17:40:27 +01:00
Asmir A
bb6f0ab772 env/firejail: add qutebrowser.local profile 2024-10-15 04:20:40 +02:00
Asmir A
90f939e056 home/sway: bin/<name> -> lib.getExe 2024-10-15 04:16:58 +02:00
Asmir A
8740cc57fe home/sway: add tessen shortcut 2024-10-15 04:03:50 +02:00
Asmir A
f7eda08683 home_packages: add wrapper to qcad to use xcb as QT_QPA_PLATFORM 2024-10-08 11:56:47 +02:00
Asmir A
15e60767b6 flake: update 2024-10-07 16:07:09 +02:00
Asmir A
d9d0ccaed5 home_packages: add fpga, cad related and other utils 2024-10-07 16:05:28 +02:00
Asmir A
2818f61e28 all: pkgs.chromium -> pkgs.ungoogled-chromium 2024-09-14 16:29:56 +02:00
Asmir A
b1d4994f92 home/sway: format 2024-09-09 00:35:59 +02:00
Asmir A
4b6e99130b home/env: set NIXOS_OZONE_WL to 1 2024-09-03 11:48:53 +02:00
Asmir A
a2458211e3 magpie/nextcloud: disable 2024-09-02 22:59:14 +02:00
Asmir A
1f15bf221b magpie/initrd: fix networking with systemd-enabled initrd 2024-09-02 22:59:00 +02:00
Asmir A
908c352932 magpie/goatcounter: move to builting nixos module 2024-09-02 22:57:53 +02:00
Asmir A
db9139a08c flake: update 2024-09-02 21:50:43 +02:00
Asmir A
54e4e82dc7 magpie: use systemd in initrd, enable switchNg for nix 2024-09-02 21:50:34 +02:00
8 changed files with 127 additions and 204 deletions
Expand all files Collapse all files

181
flake.lock generated
View File

@@ -19,11 +19,11 @@
"flake-compat": {
"flake": false,
"locked": {
"lastModified": 1696426674,
"narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=",
"lastModified": 1732722421,
"narHash": "sha256-HRJ/18p+WoXpWJkcdsk9St5ZiukCqSDgbOGFa8Okehg=",
"owner": "edolstra",
"repo": "flake-compat",
"rev": "0f9255e01c2351cc7d116c072cb317785dd33b33",
"rev": "9ed2ac151eada2306ca8c418ebd97807bb08f6ac",
"type": "github"
},
"original": {
@@ -33,22 +33,6 @@
}
},
"flake-compat_2": {
"flake": false,
"locked": {
"lastModified": 1696426674,
"narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=",
"owner": "edolstra",
"repo": "flake-compat",
"rev": "0f9255e01c2351cc7d116c072cb317785dd33b33",
"type": "github"
},
"original": {
"owner": "edolstra",
"repo": "flake-compat",
"type": "github"
}
},
"flake-compat_3": {
"flake": false,
"locked": {
"lastModified": 1673956053,
@@ -64,7 +48,7 @@
"type": "github"
}
},
"flake-compat_4": {
"flake-compat_3": {
"flake": false,
"locked": {
"lastModified": 1696426674,
@@ -80,39 +64,6 @@
"type": "github"
}
},
"flake-parts": {
"inputs": {
"nixpkgs-lib": "nixpkgs-lib"
},
"locked": {
"lastModified": 1701473968,
"narHash": "sha256-YcVE5emp1qQ8ieHUnxt1wCZCC3ZfAS+SRRWZ2TMda7E=",
"owner": "hercules-ci",
"repo": "flake-parts",
"rev": "34fed993f1674c8d06d58b37ce1e0fe5eebcb9f5",
"type": "github"
},
"original": {
"owner": "hercules-ci",
"repo": "flake-parts",
"type": "github"
}
},
"flake-root": {
"locked": {
"lastModified": 1692742795,
"narHash": "sha256-f+Y0YhVCIJ06LemO+3Xx00lIcqQxSKJHXT/yk1RTKxw=",
"owner": "srid",
"repo": "flake-root",
"rev": "d9a70d9c7a5fd7f3258ccf48da9335e9b47c3937",
"type": "github"
},
"original": {
"owner": "srid",
"repo": "flake-root",
"type": "github"
}
},
"flake-utils": {
"inputs": {
"systems": "systems"
@@ -131,30 +82,6 @@
"type": "github"
}
},
"goatcounter": {
"inputs": {
"flake-compat": "flake-compat",
"flake-parts": "flake-parts",
"flake-root": "flake-root",
"nixpkgs": [
"nixpkgs"
],
"treefmt-nix": "treefmt-nix"
},
"locked": {
"lastModified": 1705880453,
"narHash": "sha256-Y1O6tia2Pc1MA5ZoFH3B2y7FwjZuIDiNT4C9+bBawrY=",
"owner": "asmir-abdulahovic",
"repo": "goatcounter-flake",
"rev": "f912ab7024cbc47d5fa80a416b643707a9b50b06",
"type": "github"
},
"original": {
"owner": "asmir-abdulahovic",
"repo": "goatcounter-flake",
"type": "github"
}
},
"home-manager": {
"inputs": {
"nixpkgs": [
@@ -162,11 +89,11 @@
]
},
"locked": {
"lastModified": 1722630065,
"narHash": "sha256-QfM/9BMRkCmgWzrPDK+KbgJOUlSJnfX4OvsUupEUZvA=",
"lastModified": 1730016908,
"narHash": "sha256-bFCxJco7d8IgmjfNExNz9knP8wvwbXU4s/d53KOK6U0=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "afc892db74d65042031a093adb6010c4c3378422",
"rev": "e83414058edd339148dc142a8437edb9450574c8",
"type": "github"
},
"original": {
@@ -177,17 +104,17 @@
},
"nix-xilinx": {
"inputs": {
"flake-compat": "flake-compat_2",
"flake-compat": "flake-compat",
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1699035130,
"narHash": "sha256-emK4aJCC2gW94b2P3N2LjkQ6PEMLUcDduVWwYQ7aq+o=",
"lastModified": 1732892167,
"narHash": "sha256-AZ0rgM9xj+Bf2C8RfGMUvuVdcqkvQU5/Wm8u6A5xYJg=",
"owner": "asmir.abdulahovic",
"repo": "nix-xilinx",
"rev": "0323990db46c32e361e4fd70600d859eb90862af",
"rev": "3071f40914fe2db3837a40a72a97af6f0a442f16",
"type": "gitlab"
},
"original": {
@@ -198,16 +125,16 @@
},
"nixpkgs": {
"locked": {
"lastModified": 1722630782,
"narHash": "sha256-hMyG9/WlUi0Ho9VkRrrez7SeNlDzLxalm9FwY7n/Noo=",
"lastModified": 1732981179,
"narHash": "sha256-F7thesZPvAMSwjRu0K8uFshTk3ZZSNAsXTIFvXBT+34=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "d04953086551086b44b6f3c6b7eeb26294f207da",
"rev": "62c435d93bf046a5396f3016472e8f7c8e2aed65",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "nixos-unstable",
"ref": "nixos-24.11",
"repo": "nixpkgs",
"type": "github"
}
@@ -227,31 +154,13 @@
"type": "indirect"
}
},
"nixpkgs-lib": {
"locked": {
"dir": "lib",
"lastModified": 1701253981,
"narHash": "sha256-ztaDIyZ7HrTAfEEUt9AtTDNoCYxUdSd6NrRHaYOIxtk=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "e92039b55bcd58469325ded85d4f58dd5a4eaf58",
"type": "github"
},
"original": {
"dir": "lib",
"owner": "NixOS",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs-stable": {
"locked": {
"lastModified": 1721524707,
"narHash": "sha256-5NctRsoE54N86nWd0psae70YSLfrOek3Kv1e8KoXe/0=",
"lastModified": 1729973466,
"narHash": "sha256-knnVBGfTCZlQgxY1SgH0vn2OyehH9ykfF8geZgS95bk=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "556533a23879fc7e5f98dd2e0b31a6911a213171",
"rev": "cd3e8833d70618c4eea8df06f95b364b016d4950",
"type": "github"
},
"original": {
@@ -268,11 +177,11 @@
]
},
"locked": {
"lastModified": 1718784775,
"narHash": "sha256-tKanhhqgHdMBWS8KZ+ZYsefrQ8ipVn8NbXlSciaNc+c=",
"lastModified": 1733261583,
"narHash": "sha256-HOVUtrhtJ16umPuEODuVE9fx+JmDCRp7wIxnEART0Eg=",
"ref": "refs/heads/master",
"rev": "e3c064d3a995fe81731c8df7664d48b1106a707b",
"revCount": 33,
"rev": "a09a34997ce692c7a2e8e434b44433156a73088c",
"revCount": 38,
"type": "git",
"url": "https://git.project-cloud.net/asmir/nvim_flake"
},
@@ -283,7 +192,7 @@
},
"peerix": {
"inputs": {
"flake-compat": "flake-compat_3",
"flake-compat": "flake-compat_2",
"flake-utils": "flake-utils",
"nixpkgs": [
"nixpkgs"
@@ -312,11 +221,11 @@
"theme_deepthought": "theme_deepthought"
},
"locked": {
"lastModified": 1705870326,
"narHash": "sha256-ojdGSeqztnnGMyLKjnSCGq0muGh3U+Zb9iwzaaDsaF4=",
"lastModified": 1729077289,
"narHash": "sha256-z5LEPxOJq2LjhPhY4QE1IOt0lBD39cipR6Lw8vRTNlI=",
"ref": "refs/heads/master",
"rev": "ad6af66a6142279789db8967b285eb04c6d18c02",
"revCount": 26,
"rev": "eab712e42139d33911ba767c2ff1bfbdf05c254d",
"revCount": 27,
"type": "git",
"url": "https://git.project-cloud.net/asmir/project-cloud"
},
@@ -327,7 +236,6 @@
},
"root": {
"inputs": {
"goatcounter": "goatcounter",
"home-manager": "home-manager",
"nix-xilinx": "nix-xilinx",
"nixpkgs": "nixpkgs",
@@ -343,18 +251,18 @@
"simple-nixos-mailserver": {
"inputs": {
"blobs": "blobs",
"flake-compat": "flake-compat_4",
"flake-compat": "flake-compat_3",
"nixpkgs": [
"nixpkgs"
],
"nixpkgs-24_05": "nixpkgs-24_05"
},
"locked": {
"lastModified": 1721121314,
"narHash": "sha256-zwc7YXga/1ppaZMWFreZykXtFwBgXodxUZiUx969r+g=",
"lastModified": 1722877200,
"narHash": "sha256-qgKDNJXs+od+1UbRy62uk7dYal3h98I4WojfIqMoGcg=",
"owner": "simple-nixos-mailserver",
"repo": "nixos-mailserver",
"rev": "059b50b2e729729ea00c6831124d3837c494f3d5",
"rev": "af7d3bf5daeba3fc28089b015c0dd43f06b176f2",
"type": "gitlab"
},
"original": {
@@ -371,11 +279,11 @@
"nixpkgs-stable": "nixpkgs-stable"
},
"locked": {
"lastModified": 1722114803,
"narHash": "sha256-s6YhI8UHwQvO4cIFLwl1wZ1eS5Cuuw7ld2VzUchdFP0=",
"lastModified": 1729999681,
"narHash": "sha256-qm0uCtM9bg97LeJTKQ8dqV/FvqRN+ompyW4GIJruLuw=",
"owner": "Mic92",
"repo": "sops-nix",
"rev": "eb34eb588132d653e4c4925d862f1e5a227cc2ab",
"rev": "1666d16426abe79af5c47b7c0efa82fd31bf4c56",
"type": "github"
},
"original": {
@@ -451,27 +359,6 @@
"type": "github"
}
},
"treefmt-nix": {
"inputs": {
"nixpkgs": [
"goatcounter",
"nixpkgs"
]
},
"locked": {
"lastModified": 1702461037,
"narHash": "sha256-ssyGxfGHRuuLHuMex+vV6RMOt7nAo07nwufg9L5GkLg=",
"owner": "numtide",
"repo": "treefmt-nix",
"rev": "d06b70e5163a903f19009c3f97770014787a080f",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "treefmt-nix",
"type": "github"
}
},
"zremap": {
"inputs": {
"nixpkgs": [

9
flake.nix
View File

@@ -2,7 +2,7 @@
description = "NixOS configuration";
inputs = {
nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable";
nixpkgs.url = "github:nixos/nixpkgs/nixos-24.11";
nix-xilinx = {
url = "gitlab:asmir.abdulahovic/nix-xilinx";
@@ -34,11 +34,6 @@
inputs.nixpkgs.follows = "nixpkgs";
};
goatcounter = {
url = "github:asmir-abdulahovic/goatcounter-flake";
inputs.nixpkgs.follows = "nixpkgs";
};
home-manager = {
url = "github:nix-community/home-manager";
inputs.nixpkgs.follows = "nixpkgs";
@@ -56,7 +51,6 @@
};
outputs = inputs @ {
goatcounter,
home-manager,
nixpkgs,
nix-xilinx,
@@ -166,7 +160,6 @@
{nix.registry.nixpkgs.flake = nixpkgs;}
./magpie/configuration.nix
./magpie/hardware-configuration.nix
goatcounter.nixosModules.goatcounter
simple-nixos-mailserver.nixosModule
sops-nix.nixosModules.sops
(builtins.toPath "${nixpkgs}/nixos/modules/profiles/qemu-guest.nix")

2
home/home.nix
View File

@@ -35,6 +35,7 @@ in {
EDITOR = "nvim";
_JAVA_AWT_WM_NONREPARENTING = "1";
MOZ_ENABLE_WAYLAND = "1";
NIXOS_OZONE_WL = "1";
QT_WAYLAND_DISABLE_WINDOWDECORATION = "1";
SUDO_EDITOR = "nvim";
WLR_RENDERER = "vulkan";
@@ -181,6 +182,7 @@ in {
userName = "Asmir A";
userEmail = "asmir.abdulahovic@gmail.com";
extraConfig = {
init.defaultBranch = "master";
pull = {rebase = true;};
credential = {helper = "store";};
};

30
home/home_packages.nix
View File

@@ -6,13 +6,16 @@
...
}: let
chromium_teams = pkgs.writeShellScriptBin "chromium_teams" ''
${lib.getExe pkgs.chromium} --socket=wayland org.chromium.Chromium --app=https://teams.microsoft.com/
${lib.getExe pkgs.ungoogled-chromium} --socket=wayland org.chromium.Chromium --app=https://teams.microsoft.com/
'';
chromium_discord = pkgs.writeShellScriptBin "chromium_discord" ''
${lib.getExe pkgs.chromium} --socket=wayland org.chromium.Chromium --app=https://discordapp.com/channels/@me
${lib.getExe pkgs.ungoogled-chromium} --socket=wayland org.chromium.Chromium --app=https://discordapp.com/channels/@me
'';
chromium_stackfield = pkgs.writeShellScriptBin "chromium_stackfield" ''
${lib.getExe pkgs.chromium} --socket=wayland org.chromium.Chromium --app=https://stackfield.com/
${lib.getExe pkgs.ungoogled-chromium} --socket=wayland org.chromium.Chromium --app=https://stackfield.com/
'';
qcad = pkgs.writeShellScriptBin "qcad" ''
QT_QPA_PLATFORM=xcb ${lib.getExe pkgs.qcad} $@
'';
ssh_proxy = pkgs.writeShellScriptBin "ssh_proxy" ''
if ${pkgs.coreutils}/bin/test $# -ne 1; then
@@ -51,13 +54,15 @@ in {
cached-nix-shell
caddy
cargo
chromium
ungoogled-chromium
cmake
compsize
/*cura*/
deluge
dfu-util
discord
dmenu-wayland
drawio
dualsensectl
ffmpeg-full
firefox
@@ -70,7 +75,9 @@ in {
gnumake
go
grim
heimdall
hyperfine
icestorm
imagemagick
imv
inkscape
@@ -80,35 +87,41 @@ in {
kodi-wayland
krita
libnotify
libreoffice
libreoffice-qt6-fresh
libva-utils
linuxPackages_latest.perf
lsix
lsix
mediainfo
ncdu
neovide
nextpnr
ngspice
nix-init
nixpkgs-fmt
nix-prefetch-git
nodePackages.peerflix
nom
openems
openocd
openscad
pandoc
paraview
pass-wayland
patchelf
pavucontrol
pwvucontrol
pay-respects
pirate-get
poppler_utils
powertop
pulsemixer
pwvucontrol
python3
python3Packages.west
remmina
river
rtorrent
sbcl
screen
seer
sioyek
@@ -119,12 +132,15 @@ in {
swayimg
tea
teams-for-linux
tectonic
tessen
texlive.combined.scheme-full
thunderbird
typst
upx
waybar
wdisplays
weechat
whatsapp-for-linux
wine
wireshark
@@ -133,6 +149,7 @@ in {
wofi
x2goclient
yewtube
yosys
yt-dlp
zapzap
zathura
@@ -145,6 +162,7 @@ in {
chromium_teams
ssh_proxy
wrap_sh
qcad
]
++ [
inputs.swaysw.packages.${system}.swaysw

25
home/sway.nix
View File

@@ -3,17 +3,18 @@
pkgs,
inputs,
system,
lib,
...
}: let
cliphist_sway = pkgs.writeShellScriptBin "cliphist_sway" ''
${pkgs.cliphist}/bin/cliphist list | \
${pkgs.wofi}/bin/wofi --dmenu --insensitive | \
${pkgs.cliphist}/bin/cliphist decode | \
${lib.getExe pkgs.cliphist} list | \
${lib.getExe pkgs.wofi} --dmenu --insensitive | \
${lib.getExe pkgs.cliphist} decode | \
${pkgs.wl-clipboard}/bin/wl-copy
'';
screenshot_clip = pkgs.writeShellScriptBin "screenshot_clip" ''
GEOM="$(${pkgs.slurp}/bin/slurp -d)"
${pkgs.grim}/bin/grim -g "$GEOM" - | ${pkgs.wl-clipboard}/bin/wl-copy
GEOM="$(${lib.getExe pkgs.slurp} -d)"
${lib.getExe pkgs.grim} -g "$GEOM" - | ${pkgs.wl-clipboard}/bin/wl-copy
'';
swaysw = inputs.swaysw.packages.${system}.swaysw;
viber = pkgs.callPackage ../packages/viber/default.nix {};
@@ -22,6 +23,7 @@ in {
wayland.windowManager.sway = {
enable = true;
extraSessionCommands = "";
extraConfigEarly = '''';
config = {
fonts = {
@@ -73,7 +75,7 @@ in {
style = "Bold Semi-Condensed";
size = 12.0;
};
statusCommand = "${pkgs.i3status-rust}/bin/i3status-rs ~/.config/i3status-rust/config-top.toml";
statusCommand = "${lib.getExe pkgs.i3status-rust} ~/.config/i3status-rust/config-top.toml";
}
];
@@ -120,15 +122,16 @@ in {
"Alt+slash" = "exec ${pkgs.moreutils}/bin/lckdo swaysw ${swaysw}/bin/swaysw";
"Alt+Escape" = "workspace back_and_forth";
"Alt+f" = "fullscreen enable";
"Alt+bracketright" = "focus output right";
"Alt+bracketleft" = "focus output left";
"Alt+bracketright" = "focus output right";
"Alt+bracketleft" = "focus output left";
"Mod4+l" = ''
exec ${pkgs.sway}/bin/swaymsg [app_id="python3"] scratchpad show || exec ${term} -a python3 ${pkgs.python3}/bin/python3'';
"Mod4+h" = "exec ${pkgs.sway}/bin/swaymsg [app_id=com.rtosta.zapzap] scratchpad show || exec ${pkgs.zapzap}/bin/zapzap";
exec ${pkgs.sway}/bin/swaymsg [app_id="python3"] scratchpad show || exec ${term} -a python3 ${lib.getExe pkgs.python3}'';
"Mod4+h" = "exec ${pkgs.sway}/bin/swaymsg [app_id=com.rtosta.zapzap] scratchpad show || exec ${lib.getExe pkgs.zapzap}";
"Mod4+j" = "exec ${pkgs.sway}/bin/swaymsg [app_id=com.viber] scratchpad show || exec ${viber}/bin/viber";
"Mod4+y" = ''
exec ${pkgs.sway}/bin/swaymsg [app_id="pulsemixer"] scratchpad show || exec ${term} -a pulsemixer ${pkgs.pulsemixer}/bin/pulsemixer'';
exec ${pkgs.sway}/bin/swaymsg [app_id="pulsemixer"] scratchpad show || exec ${term} -a pulsemixer ${lib.getExe pkgs.pulsemixer}'';
"Mod4+p" = "exec ${lib.getExe pkgs.tessen} -a copy";
};
};
};

6
home/zsh.nix
View File

@@ -17,6 +17,7 @@
cp = "cp -v";
rm = "rm -v";
ip = "ip --color=auto";
f = "''$(pay-respects zsh)";
};
history = {
@@ -37,11 +38,6 @@
src = pkgs.nix-zsh-completions;
file = "share/zsh/plugins/nix/nix-zsh-completions.plugin.zsh";
}
{
name = "fast_syntax_highlight";
src = pkgs.zsh-fast-syntax-highlighting;
file = "share/zsh/site-functions/fast-syntax-highlighting.plugin.zsh";
}
{
name = "pure_prompt";
src = pkgs.fetchFromGitHub {

34
magpie/configuration.nix
View File

@@ -3,7 +3,6 @@
pkgs,
lib,
project-cloud,
goatcounter,
nvim,
system,
...
@@ -12,12 +11,17 @@
nix.optimise.automatic = true;
nix.settings.experimental-features = ["nix-command" "flakes"];
system.switch = {
enable = false;
enableNg = true;
};
# Use the systemd-boot EFI boot loader.
boot.loader.systemd-boot.enable = true;
boot.loader.systemd-boot.configurationLimit = 2;
boot.loader.efi.canTouchEfiVariables = true;
boot.kernelPackages = pkgs.linuxPackages_latest;
boot.kernelParams = ["ip=dhcp"];
boot.kernel.sysctl = {
"net.core.default_qdisc" = "fq";
"net.ipv4.tcp_congestion_control" = "bbr";
@@ -26,9 +30,9 @@
boot.initrd = {
compressor = "zstd";
availableKernelModules = ["virtio-pci"];
systemd.enable = true;
network = {
enable = true;
udhcpc.enable = true;
ssh = {
enable = true;
hostKeys = [/etc/ssh_dummy_ed25519_key];
@@ -52,7 +56,6 @@
fzf
fzy
git
goatcounter.packages.${system}.goatcounter
nvim.packages.${system}.nvim
htop-vim
nvim
@@ -114,14 +117,9 @@
services.goatcounter = {
enable = true;
environmentFile = "/var/lib/goatcounter.env";
extraArgs = ["-listen='*:8002'" "-tls=proxy"];
database = {
backend = "sqlite";
name = "goatcounter";
user = "goatcounter";
automigrate = true;
};
port = 8002;
proxy = true;
address = "127.0.0.1";
};
services.nextcloud = {
@@ -171,12 +169,14 @@
root = "${project-cloud.packages.${system}.default}/public";
};
/*
virtualHosts.${config.services.nextcloud.hostName} = {
quic = true;
http3 = true;
forceSSL = true;
enableACME = true;
};
*/
virtualHosts."miniflux.project-cloud.net" = {
quic = true;
@@ -194,7 +194,7 @@
forceSSL = true;
enableACME = true;
locations."/" = {
proxyPass = "http://localhost:${toString config.services.gitea.settings.server.HTTP_PORT}";
proxyPass = "http://unix:${toString config.services.gitea.settings.server.HTTP_ADDR}";
};
};
@@ -222,6 +222,7 @@
DISABLE_SSH = true;
HTTP_PORT = 3001;
LANDING_PAGE = "explore";
PROTOCOL = "http+unix";
};
settings.mailer = {
ENABLED = true;
@@ -244,6 +245,13 @@
RENDER_COMMAND = "${docutils}/bin/rst2html.py";
IS_INPUT_FILE = false;
};
settings."markup.typst" = {
ENABLED = true;
FILE_EXTENSIONS = ".typ";
RENDER_COMMAND = "timeout 30s ${lib.getExe pkgs.python3Packages.pygments} -f html -O full";
IS_INPUT_FILE = false;
};
};
services.nfs.server.enable = false;
@@ -308,10 +316,12 @@
sopsFile = ./secrets/gitea_db.yaml;
owner = config.users.users.gitea.name;
};
/*
"nextcloud_admin" = {
sopsFile = ./secrets/nextcloud_admin.yaml;
owner = config.users.users.nextcloud.name;
};
*/
};
};

44
nixy/configuration.nix
View File

@@ -177,6 +177,11 @@
nixpkgs.config.allowUnfree = true;
nixpkgs.overlays = [nix-xilinx.overlay nvim.overlays.${system}.overlay];
environment = {
etc = {
"firejail/qutebrowser.local".text = ''
whitelist ''${RUNUSER}/qutebrowser
'';
};
extraInit = ''
unset -v SSH_ASKPASS
'';
@@ -233,8 +238,8 @@
serviceConfig = {
Type = "oneshot";
RemainAfterExit = true;
ExecStart = "${pkgs.iproute}/bin/ip netns add %I";
ExecStop = "${pkgs.iproute}/bin/ip netns del %I";
ExecStart = "${pkgs.iproute2}/bin/ip netns add %I";
ExecStop = "${pkgs.iproute2}/bin/ip netns del %I";
};
};
@@ -251,23 +256,23 @@
ExecStart = pkgs.writers.writeBash "wg-up" ''
set -e
ENDPOINT_IP=$(${pkgs.coreutils-full}/bin/cat "${config.sops.secrets."wg_endpoint_proton".path}")
${pkgs.iproute}/bin/ip link add proton_wg type wireguard
${pkgs.iproute}/bin/ip link set proton_wg netns wg
${pkgs.iproute}/bin/ip -n wg address add 10.2.0.2/32 dev proton_wg
${pkgs.iproute}/bin/ip netns exec wg \
${pkgs.iproute2}/bin/ip link add proton_wg type wireguard
${pkgs.iproute2}/bin/ip link set proton_wg netns wg
${pkgs.iproute2}/bin/ip -n wg address add 10.2.0.2/32 dev proton_wg
${pkgs.iproute2}/bin/ip netns exec wg \
${pkgs.wireguard-tools}/bin/wg set "proton_wg" private-key "${config.sops.secrets."wg_privkey_proton".path}"
${pkgs.iproute}/bin/ip netns exec wg \
${pkgs.iproute2}/bin/ip netns exec wg \
${pkgs.wireguard-tools}/bin/wg set "proton_wg" peer "g6DkXWKI/68RsLjROIwCEcyB/ZhyK5Q7OWcz1TtqER0=" \
endpoint "$ENDPOINT_IP:51820" \
persistent-keepalive "25" \
allowed-ips "0.0.0.0/0"
${pkgs.iproute}/bin/ip -n wg link set lo up
${pkgs.iproute}/bin/ip -n wg link set proton_wg up
${pkgs.iproute}/bin/ip -n wg route add default dev proton_wg
${pkgs.iproute2}/bin/ip -n wg link set lo up
${pkgs.iproute2}/bin/ip -n wg link set proton_wg up
${pkgs.iproute2}/bin/ip -n wg route add default dev proton_wg
'';
ExecStop = pkgs.writers.writeBash "wg-down" ''
${pkgs.iproute}/bin/ip -n wg route del default dev proton_wg
${pkgs.iproute}/bin/ip -n wg link del proton_wg
${pkgs.iproute2}/bin/ip -n wg route del default dev proton_wg
${pkgs.iproute2}/bin/ip -n wg link del proton_wg
'';
};
};
@@ -347,6 +352,12 @@
pulse.enable = true;
};
avahi = {
enable = true;
nssmdns4 = true;
openFirewall = true;
};
libinput.enable = true;
xserver = {
enable = true;
@@ -516,24 +527,27 @@
dina-font
fira-code
fira-code-symbols
font-awesome
font-awesome_4
font-awesome_6
inconsolata
iosevka
jetbrains-mono
liberation_ttf
libertine
noto-fonts
noto-fonts-cjk
noto-fonts-cjk-sans
noto-fonts-color-emoji
noto-fonts-emoji
proggyfonts
siji
terminus_font
terminus_font_ttf
ubuntu_font_family
vistafonts
];
};
virtualisation = {
spiceUSBRedirection.enable = true;
containers.storage.settings = {
storage = {
graphroot = "/var/lib/containers/storage";