alarsyo/nixos-config
alarsyo/nixos-config
1
1
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

Compare commits

base: alarsyo:4f0d45e4d54f2a9cca794e68eb76d5d8e7fe7003
Branches Tags
alarsyo:main
alarsyo:framework
alarsyo:matrix-synapse-auto-compress
alarsyo:tmux-thumbs
..
compare: alarsyo:86eef74e9c35cb553901e8044f791c71b691115a
Branches Tags
alarsyo:main
alarsyo:framework
alarsyo:matrix-synapse-auto-compress
alarsyo:tmux-thumbs

No commits in common. "4f0d45e4d54f2a9cca794e68eb76d5d8e7fe7003" and "86eef74e9c35cb553901e8044f791c71b691115a" have entirely different histories.
4f0d45e4d5 ... 86eef74e9c

89 changed files with 1314 additions and 1622 deletions
Show stats Expand all files Collapse all files

3
base/default.nix
View file

@ -1,4 +1,5 @@
{...}: { { ... }:
{
imports = [ imports = [
./gui-programs.nix ./gui-programs.nix
./networking.nix ./networking.nix

28
base/gui-programs.nix
View file

@ -1,17 +1,12 @@
{ { pkgs, lib, config, options, ... }:
pkgs, let
lib, inherit (lib)
config,
options,
...
}: let
inherit
(lib)
mkEnableOption mkEnableOption
mkIf mkIf
optional optional
; ;
in { in
{
options.my.gui = { options.my.gui = {
enable = mkEnableOption "System has some kind of screen attached"; enable = mkEnableOption "System has some kind of screen attached";
isNvidia = mkEnableOption "System a NVIDIA GPU"; isNvidia = mkEnableOption "System a NVIDIA GPU";
@ -24,9 +19,7 @@ in {
xserver = { xserver = {
enable = true; enable = true;
# NOTE: could use `mkOptionDefault` but this feels more explicit # NOTE: could use `mkOptionDefault` but this feels more explicit
videoDrivers = videoDrivers = if config.my.gui.isNvidia then [ "nvidia" ]
if config.my.gui.isNvidia
then ["nvidia"]
else options.services.xserver.videoDrivers.default; else options.services.xserver.videoDrivers.default;
windowManager.i3.enable = true; windowManager.i3.enable = true;
layout = "fr"; layout = "fr";
@ -38,8 +31,7 @@ in {
}; };
environment.systemPackages = builtins.attrValues { environment.systemPackages = builtins.attrValues {
inherit inherit (pkgs)
(pkgs)
element-desktop element-desktop
feh feh
firefox firefox
@ -68,11 +60,11 @@ in {
dispatcherScripts = [ dispatcherScripts = [
{ {
source = let source =
let
grep = "${pkgs.gnugrep}/bin/grep"; grep = "${pkgs.gnugrep}/bin/grep";
nmcli = "${pkgs.networkmanager}/bin/nmcli"; nmcli = "${pkgs.networkmanager}/bin/nmcli";
in in pkgs.writeShellScript "disable_wifi_on_ethernet" ''
pkgs.writeShellScript "disable_wifi_on_ethernet" ''
export LC_ALL=C export LC_ALL=C
enable_disable_wifi () enable_disable_wifi ()

9
base/networking.nix
View file

@ -1,10 +1,11 @@
{lib, ...}: let { lib, ... }:
inherit let
(lib) inherit (lib)
mkOption mkOption
types types
; ;
in { in
{
options.my.networking.externalInterface = mkOption { options.my.networking.externalInterface = mkOption {
type = types.nullOr types.str; type = types.nullOr types.str;
default = null; default = null;

3
base/nix.nix
View file

@ -1,4 +1,5 @@
{pkgs, ...}: { { pkgs, ... }:
{
nixpkgs.config.allowUnfree = true; nixpkgs.config.allowUnfree = true;
nix = { nix = {

18
base/programs.nix
View file

@ -1,4 +1,5 @@
{pkgs, ...}: { { pkgs, ... }:
{
programs = { programs = {
fish.enable = true; fish.enable = true;
gnupg.agent = { gnupg.agent = {
@ -19,10 +20,8 @@
}; };
environment.systemPackages = builtins.attrValues { environment.systemPackages = builtins.attrValues {
inherit inherit (pkgs)
(pkgs)
# shell usage # shell usage
fd fd
ripgrep ripgrep
sd sd
@ -30,9 +29,8 @@
tokei tokei
tree tree
wget wget
# development
alejandra # development
git git
git-crypt git-crypt
git-lfs git-lfs
@ -42,8 +40,8 @@
pinentry-gnome pinentry-gnome
python3 python3
vim vim
# terminal utilities
# terminal utilities
bottom bottom
dogdns dogdns
du-dust du-dust
@ -52,14 +50,14 @@
tealdeer tealdeer
unzip unzip
zip zip
# nix pkgs lookup
# nix pkgs lookup
nix-index nix-index
agenix agenix
; ;
inherit inherit (pkgs.llvmPackages_11)
(pkgs.llvmPackages_11)
bintools bintools
clang clang
; ;

11
base/users.nix
View file

@ -1,11 +1,8 @@
{ { config, lib, pkgs, ... }:
config, let
lib,
pkgs,
...
}: let
secrets = config.my.secrets; secrets = config.my.secrets;
in { in
{
users.mutableUsers = false; users.mutableUsers = false;
users.users.root = { users.users.root = {
passwordFile = config.age.secrets."users/root-hashed-password".path; passwordFile = config.age.secrets."users/root-hashed-password".path;

3
boreal.nix
View file

@ -1,4 +1,5 @@
{...}: { { ... }:
{
imports = [ imports = [
# Default configuration # Default configuration
./base ./base

57
flake.nix
View file

@ -51,14 +51,7 @@
}; };
}; };
outputs = { outputs = { self, nixpkgs, home-manager, agenix, ... } @inputs: {
self,
nixpkgs,
home-manager,
agenix,
...
} @ inputs:
{
nixosModules = { nixosModules = {
home = { home = {
home-manager.useGlobalPkgs = true; home-manager.useGlobalPkgs = true;
@ -75,10 +68,10 @@
overlays = import ./overlays; overlays = import ./overlays;
nixosConfigurations = let nixosConfigurations =
let
system = "x86_64-linux"; system = "x86_64-linux";
shared_overlays = shared_overlays = [
[
(self: super: { (self: super: {
packages = import ./pkgs { pkgs = super; }; packages = import ./pkgs { pkgs = super; };
@ -87,32 +80,28 @@
inherit system; inherit system;
config.allowUnfree = true; config.allowUnfree = true;
}; };
}) })
agenix.overlay agenix.overlay
] ] ++ builtins.attrValues self.overlays;
++ builtins.attrValues self.overlays; sharedModules = [
sharedModules =
[
agenix.nixosModule agenix.nixosModule
home-manager.nixosModule home-manager.nixosModule
{ nixpkgs.overlays = shared_overlays; } { nixpkgs.overlays = shared_overlays; }
] ] ++ (nixpkgs.lib.attrValues self.nixosModules);
++ (nixpkgs.lib.attrValues self.nixosModules);
in { in {
poseidon = nixpkgs.lib.nixosSystem rec { poseidon = nixpkgs.lib.nixosSystem rec {
inherit system; inherit system;
modules = modules = [
[
./poseidon.nix ./poseidon.nix
] ] ++ sharedModules;
++ sharedModules;
}; };
boreal = nixpkgs.lib.nixosSystem rec { boreal = nixpkgs.lib.nixosSystem rec {
inherit system; inherit system;
modules = modules = [
[
./boreal.nix ./boreal.nix
{ {
@ -127,14 +116,12 @@
# }) # })
]; ];
} }
] ] ++ sharedModules;
++ sharedModules;
}; };
zephyrus = nixpkgs.lib.nixosSystem rec { zephyrus = nixpkgs.lib.nixosSystem rec {
inherit system; inherit system;
modules = modules = [
[
./zephyrus.nix ./zephyrus.nix
inputs.nixos-hardware.nixosModules.common-cpu-intel inputs.nixos-hardware.nixosModules.common-cpu-intel
@ -146,26 +133,22 @@
inputs.emacs-overlay.overlay inputs.emacs-overlay.overlay
]; ];
} }
] ] ++ sharedModules;
++ sharedModules;
}; };
}; };
} } // inputs.flake-utils.lib.eachDefaultSystem (system: {
// inputs.flake-utils.lib.eachDefaultSystem (system: {
packages = packages =
( (
inputs.flake-utils.lib.flattenTree inputs.flake-utils.lib.flattenTree
(import ./pkgs { pkgs = import nixpkgs { inherit system; }; }) (import ./pkgs { pkgs = import nixpkgs { inherit system; }; })
) ) // {
// { emacsPgtkGcc = (
emacsPgtkGcc =
(
import nixpkgs { import nixpkgs {
inherit system; inherit system;
overlays = [ inputs.emacs-overlay.overlay ]; overlays = [ inputs.emacs-overlay.overlay ];
} }
) ).emacsPgtkGcc;
.emacsPgtkGcc;
}; };
}); });
} }

14
home/alacritty.nix
View file

@ -1,18 +1,14 @@
{ { config, lib, pkgs, ... }:
config, let
lib, inherit (lib)
pkgs,
...
}: let
inherit
(lib)
mkEnableOption mkEnableOption
mkIf mkIf
; ;
cfg = config.my.home.alacritty; cfg = config.my.home.alacritty;
alacrittyTheme = config.my.theme.alacrittyTheme; alacrittyTheme = config.my.theme.alacrittyTheme;
in { in
{
options.my.home.alacritty.enable = (mkEnableOption "Alacritty terminal") // { default = config.my.home.x.enable; }; options.my.home.alacritty.enable = (mkEnableOption "Alacritty terminal") // { default = config.my.home.x.enable; };
config = mkIf cfg.enable { config = mkIf cfg.enable {

13
home/bat.nix
View file

@ -1,17 +1,14 @@
{ { config, lib, ... }:
config, let
lib, inherit (lib)
...
}: let
inherit
(lib)
mkEnableOption mkEnableOption
mkIf mkIf
; ;
cfg = config.my.home.bat; cfg = config.my.home.bat;
batTheme = config.my.theme.batTheme; batTheme = config.my.theme.batTheme;
in { in
{
options.my.home.bat = { options.my.home.bat = {
enable = (mkEnableOption "bat code display tool") // { default = true; }; enable = (mkEnableOption "bat code display tool") // { default = true; };
}; };

3
home/default.nix
View file

@ -1,4 +1,5 @@
{...}: { { ... }:
{
imports = [ imports = [
./alacritty.nix ./alacritty.nix
./bat.nix ./bat.nix

19
home/emacs.nix
View file

@ -1,32 +1,27 @@
{ { config, lib, pkgs, ... }:
config, let
lib, inherit (lib)
pkgs,
...
}: let
inherit
(lib)
mkEnableOption mkEnableOption
mkIf mkIf
; ;
in { in
{
options.my.home.emacs = { options.my.home.emacs = {
enable = mkEnableOption "Emacs daemon configuration"; enable = mkEnableOption "Emacs daemon configuration";
}; };
config = mkIf config.my.home.emacs.enable { config = mkIf config.my.home.emacs.enable {
home.sessionPath = [ "${config.xdg.configHome}/emacs/bin" ]; home.sessionPath = [ "${config.xdg.configHome}/emacs/bin" ];
home.sessionVariables = { home.sessionVariables = {
EDITOR = "emacsclient -t"; EDITOR = "emacsclient -t";
}; };
home.packages = builtins.attrValues { home.packages = builtins.attrValues {
inherit inherit (pkgs)
(pkgs)
sqlite # needed by org-roam sqlite # needed by org-roam
# fonts used by my config # fonts used by my config
emacs-all-the-icons-fonts emacs-all-the-icons-fonts
iosevka-bin iosevka-bin
; ;

3
home/env.nix
View file

@ -1,4 +1,5 @@
{config, ...}: { { config, ... }:
{
home.sessionPath = [ home.sessionPath = [
"${config.home.homeDirectory}/.cargo/bin" "${config.home.homeDirectory}/.cargo/bin"
"${config.home.homeDirectory}/.local/bin" "${config.home.homeDirectory}/.local/bin"

14
home/firefox.nix
View file

@ -1,17 +1,13 @@
{ { config, lib, pkgs, ... }:
config, let
lib, inherit (lib)
pkgs,
...
}: let
inherit
(lib)
mkEnableOption mkEnableOption
mkIf mkIf
; ;
cfg = config.my.home.firefox; cfg = config.my.home.firefox;
in { in
{
options.my.home.firefox = { options.my.home.firefox = {
enable = (mkEnableOption "firefox config") // { default = config.my.home.x.enable; }; enable = (mkEnableOption "firefox config") // { default = config.my.home.x.enable; };
}; };

13
home/fish/default.nix
View file

@ -1,16 +1,13 @@
{ { config, lib, ... }:
config, let
lib, inherit (lib)
...
}: let
inherit
(lib)
mkEnableOption mkEnableOption
mkIf mkIf
; ;
cfg = config.my.home.fish; cfg = config.my.home.fish;
in { in
{
options.my.home.fish.enable = (mkEnableOption "Fish shell") // { default = true; }; options.my.home.fish.enable = (mkEnableOption "Fish shell") // { default = true; };
config = mkIf cfg.enable { config = mkIf cfg.enable {

13
home/flameshot.nix
View file

@ -1,16 +1,13 @@
{ { config, lib, ... }:
config, let
lib, inherit (lib)
...
}: let
inherit
(lib)
mkEnableOption mkEnableOption
mkIf mkIf
; ;
cfg = config.my.home.flameshot; cfg = config.my.home.flameshot;
in { in
{
options.my.home.flameshot = { options.my.home.flameshot = {
enable = mkEnableOption "flameshot autolaunch"; enable = mkEnableOption "flameshot autolaunch";
}; };

14
home/git.nix
View file

@ -1,17 +1,13 @@
{ { config, lib, pkgs, ... }:
config, let
lib, inherit (lib)
pkgs,
...
}: let
inherit
(lib)
mkEnableOption mkEnableOption
mkIf mkIf
; ;
cfg = config.my.home.git; cfg = config.my.home.git;
in { in
{
options.my.home.git.enable = (mkEnableOption "Git configuration") // { default = true; }; options.my.home.git.enable = (mkEnableOption "Git configuration") // { default = true; };
config = mkIf cfg.enable { config = mkIf cfg.enable {

13
home/laptop.nix
View file

@ -1,13 +1,10 @@
{ { config, lib, ... }:
config, let
lib, inherit (lib)
...
}: let
inherit
(lib)
mkEnableOption mkEnableOption
; ;
in { in
{
options.my.home.laptop = { options.my.home.laptop = {
enable = mkEnableOption "Laptop settings"; enable = mkEnableOption "Laptop settings";
}; };

13
home/lorri.nix
View file

@ -1,16 +1,13 @@
{ { config, lib, ... }:
config, let
lib, inherit (lib)
...
}: let
inherit
(lib)
mkEnableOption mkEnableOption
mkIf mkIf
; ;
cfg = config.my.home.lorri; cfg = config.my.home.lorri;
in { in
{
options.my.home.lorri = { options.my.home.lorri = {
enable = (mkEnableOption "lorri daemon setup") // { default = true; }; enable = (mkEnableOption "lorri daemon setup") // { default = true; };
}; };

14
home/mail.nix
View file

@ -1,11 +1,6 @@
{ { config, lib, pkgs, ... }:
config, let
lib, inherit (lib)
pkgs,
...
}: let
inherit
(lib)
mkEnableOption mkEnableOption
mkIf mkIf
; ;
@ -15,7 +10,8 @@
email_lrde = "amartin@lrde.epita.fr"; email_lrde = "amartin@lrde.epita.fr";
cfg = config.my.home.mail; cfg = config.my.home.mail;
in { in
{
options.my.home.mail = { options.my.home.mail = {
# I *could* read email in a terminal emacs client on a server, but in # I *could* read email in a terminal emacs client on a server, but in
# practice I don't think it'll happen very often, so let's enable this only # practice I don't think it'll happen very often, so let's enable this only

16
home/rbw.nix
View file

@ -1,18 +1,14 @@
{ { config, lib, pkgs, ... }:
config, let
lib, inherit (lib)
pkgs,
...
}: let
inherit
(lib)
mkEnableOption mkEnableOption
mkIf mkIf
; ;
cfg = config.my.home.mail; cfg = config.my.home.mail;
in { in
{
options.my.home.rbw = { options.my.home.rbw = {
enable = mkEnableOption "rbw configuration"; enable = (mkEnableOption "rbw configuration");
}; };
config = mkIf cfg.enable { config = mkIf cfg.enable {

14
home/rofi.nix
View file

@ -1,17 +1,13 @@
{ { config, lib, pkgs, ... }:
config, let
lib, inherit (lib)
pkgs,
...
}: let
inherit
(lib)
mkEnableOption mkEnableOption
mkIf mkIf
; ;
cfg = config.my.home.rofi; cfg = config.my.home.rofi;
in { in
{
options.my.home.rofi = { options.my.home.rofi = {
enable = (mkEnableOption "rofi configuration") // { default = config.my.home.x.enable; }; enable = (mkEnableOption "rofi configuration") // { default = config.my.home.x.enable; };
}; };

13
home/ssh.nix
View file

@ -1,16 +1,13 @@
{ { config, lib, ... }:
config, let
lib, inherit (lib)
...
}: let
inherit
(lib)
mkEnableOption mkEnableOption
mkIf mkIf
; ;
cfg = config.my.home.ssh; cfg = config.my.home.ssh;
in { in
{
options.my.home.ssh = { options.my.home.ssh = {
enable = (mkEnableOption "ssh configuration") // { default = true; }; enable = (mkEnableOption "ssh configuration") // { default = true; };
}; };

6
home/themes/alacritty.nix
View file

@ -1,6 +1,6 @@
{lib}: let { lib }:
inherit let
(lib) inherit (lib)
mkOption mkOption
types types
; ;

6
home/themes/bat.nix
View file

@ -1,6 +1,6 @@
{lib}: let { lib }:
inherit let
(lib) inherit (lib)
mkOption mkOption
types types
; ;

12
home/themes/color.nix
View file

@ -1,15 +1,11 @@
{lib}: let { lib }:
inherit let
(lib) inherit (lib)
mkOption mkOption
types types
; ;
mkColorOption = { mkColorOption = {default ? "#000000", description ? "" }: mkOption {
default ? "#000000",
description ? "",
}:
mkOption {
inherit description default; inherit description default;
example = "#abcdef"; example = "#abcdef";
type = types.strMatching "#[0-9a-f]{6}"; type = types.strMatching "#[0-9a-f]{6}";

13
home/themes/default.nix
View file

@ -1,10 +1,6 @@
{ { config, lib, ... }:
config, let
lib, inherit (lib)
...
}: let
inherit
(lib)
mkOption mkOption
types types
; ;
@ -29,7 +25,8 @@
}; };
}; };
}; };
in { in
{
options.my.theme = mkOption { options.my.theme = mkOption {
type = themeType; type = themeType;
default = {}; default = {};

9
home/themes/i3.nix
View file

@ -1,6 +1,6 @@
{lib}: let { lib }:
inherit let
(lib) inherit (lib)
mkOption mkOption
types types
; ;
@ -102,7 +102,8 @@ in
background = "#900000"; background = "#900000";
text = "#ffffff"; text = "#ffffff";
}; };
description = "Border, background and text color for the binding mode indicator"; description =
"Border, background and text color for the binding mode indicator";
}; };
}; };
}; };

6
home/themes/i3bar.nix
View file

@ -1,6 +1,6 @@
{lib}: let { lib }:
inherit let
(lib) inherit (lib)
mkOption mkOption
types types
; ;

6
home/themes/solarizedLight/alacritty.nix
View file

@ -1,6 +1,5 @@
let let
inherit inherit (import ./colors.nix)
(import ./colors.nix)
base0 base0
base00 base00
base01 base01
@ -18,7 +17,8 @@ let
violet violet
yellow yellow
; ;
in { in
{
primary = { primary = {
background = base3; background = base3;
foreground = base00; foreground = base00;

6
home/themes/solarizedLight/i3.nix
View file

@ -1,6 +1,5 @@
let let
inherit inherit (import ./colors.nix)
(import ./colors.nix)
base00 base00
base2 base2
base3 base3
@ -10,7 +9,8 @@ let
red red
yellow yellow
; ;
in { in
{
bar = { bar = {
background = base3; background = base3;
statusline = yellow; statusline = yellow;

6
home/themes/solarizedLight/i3bar.nix
View file

@ -1,6 +1,5 @@
let let
inherit inherit (import ./colors.nix)
(import ./colors.nix)
base00 base00
base2 base2
base3 base3
@ -9,7 +8,8 @@ let
red red
yellow yellow
; ;
in { in
{
theme = { theme = {
name = "solarized-light"; name = "solarized-light";
overrides = { overrides = {

18
home/tmux.nix
View file

@ -1,17 +1,13 @@
{ { config, lib, pkgs, ... }:
config, let
lib, inherit (lib)
pkgs,
...
}: let
inherit
(lib)
mkEnableOption mkEnableOption
mkIf mkIf
; ;
cfg = config.my.home.tmux; cfg = config.my.home.tmux;
in { in
{
options.my.home.tmux = { options.my.home.tmux = {
enable = (mkEnableOption "tmux dotfiles") // { default = true; }; enable = (mkEnableOption "tmux dotfiles") // { default = true; };
}; };
@ -23,9 +19,7 @@ in {
terminal = "screen-256color"; terminal = "screen-256color";
clock24 = true; clock24 = true;
plugins = let plugins = let inherit (pkgs) tmuxPlugins; in [
inherit (pkgs) tmuxPlugins;
in [
{ {
plugin = tmuxPlugins.cpu; plugin = tmuxPlugins.cpu;
extraConfig = '' extraConfig = ''

13
home/tridactyl.nix
View file

@ -1,16 +1,13 @@
{ { config, lib, ... }:
config, let
lib, inherit (lib)
...
}: let
inherit
(lib)
mkEnableOption mkEnableOption
mkIf mkIf
; ;
cfg = config.my.home.tridactyl; cfg = config.my.home.tridactyl;
in { in
{
options.my.home.tridactyl = { options.my.home.tridactyl = {
enable = (mkEnableOption "tridactyl code display tool") // { default = config.my.home.firefox.enable; }; enable = (mkEnableOption "tridactyl code display tool") // { default = config.my.home.firefox.enable; };
}; };

14
home/x/cursor.nix
View file

@ -1,17 +1,13 @@
{ { config, lib, pkgs, ... }:
config, let
lib, inherit (lib)
pkgs,
...
}: let
inherit
(lib)
mkEnableOption mkEnableOption
mkIf mkIf
; ;
cfg = config.my.home.x.cursor; cfg = config.my.home.x.cursor;
in { in
{
options.my.home.x.cursor.enable = (mkEnableOption "X cursor") // { default = config.my.home.x.enable; }; options.my.home.x.cursor.enable = (mkEnableOption "X cursor") // { default = config.my.home.x.enable; };
config = mkIf cfg.enable { config = mkIf cfg.enable {

14
home/x/default.nix
View file

@ -1,14 +1,10 @@
{ { config, lib, pkgs, ... }:
config, let
lib, inherit (lib)
pkgs,
...
}: let
inherit
(lib)
mkEnableOption mkEnableOption
; ;
in { in
{
imports = [ imports = [
./cursor.nix ./cursor.nix
./i3.nix ./i3.nix

35
home/x/i3.nix
View file

@ -1,11 +1,6 @@
{ { config, lib, pkgs, ... }:
config, let
lib, inherit (lib)
pkgs,
...
}: let
inherit
(lib)
mkIf mkIf
mkOptionDefault mkOptionDefault
; ;
@ -25,7 +20,8 @@
logoutMode = "[L]ogout, [S]uspend, [P]oweroff, [R]eboot"; logoutMode = "[L]ogout, [S]uspend, [P]oweroff, [R]eboot";
i3Theme = config.my.theme.i3Theme; i3Theme = config.my.theme.i3Theme;
in { in
{
config = mkIf isEnabled { config = mkIf isEnabled {
my.home = { my.home = {
flameshot.enable = true; flameshot.enable = true;
@ -39,10 +35,12 @@ in {
config = { config = {
inherit modifier; inherit modifier;
bars = let bars =
let
barConfigPath = barConfigPath =
config.xdg.configFile."i3status-rust/config-top.toml".target; config.xdg.configFile."i3status-rust/config-top.toml".target;
in [ in
[
{ {
statusCommand = "i3status-rs ${barConfigPath}"; statusCommand = "i3status-rs ${barConfigPath}";
position = "top"; position = "top";
@ -64,8 +62,7 @@ in {
]; ];
colors = { colors = {
inherit inherit (i3Theme)
(i3Theme)
focused focused
focusedInactive focusedInactive
unfocused unfocused
@ -107,10 +104,9 @@ in {
"${modifier}+d" = "exec ${pkgs.rofi}/bin/rofi -show run"; "${modifier}+d" = "exec ${pkgs.rofi}/bin/rofi -show run";
}; };
modes = let modes =
makeModeBindings = attrs: let
attrs makeModeBindings = attrs: attrs // {
// {
"Escape" = "mode default"; "Escape" = "mode default";
"Return" = "mode default"; "Return" = "mode default";
}; };
@ -134,10 +130,7 @@ in {
}; };
window.commands = [ window.commands = [
{ { command = "border pixel 2"; criteria = { class = "Alacritty"; }; }
command = "border pixel 2";
criteria = {class = "Alacritty";};
}
# NOTE: should be done with an assign command, but Spotify doesn't set # NOTE: should be done with an assign command, but Spotify doesn't set
# its class until after initialization, so has to be done this way. # its class until after initialization, so has to be done this way.

39
home/x/i3bar.nix
View file

@ -1,11 +1,6 @@
{ { config, lib, pkgs, ... }:
config, let
lib, inherit (lib)
pkgs,
...
}: let
inherit
(lib)
lists lists
mkIf mkIf
mkOption mkOption
@ -16,7 +11,8 @@
isEnabled = config.my.home.x.enable; isEnabled = config.my.home.x.enable;
i3BarTheme = config.my.theme.i3BarTheme; i3BarTheme = config.my.theme.i3BarTheme;
cfg = config.my.home.x.i3bar; cfg = config.my.home.x.i3bar;
in { in
{
options.my.home.x.i3bar = { options.my.home.x.i3bar = {
temperature.chip = mkOption { temperature.chip = mkOption {
type = types.str; type = types.str;
@ -38,10 +34,8 @@ in {
config = mkIf isEnabled { config = mkIf isEnabled {
home.packages = builtins.attrValues { home.packages = builtins.attrValues {
inherit inherit (pkgs)
(pkgs)
# FIXME: is this useful? # FIXME: is this useful?
font-awesome font-awesome
; ;
}; };
@ -55,8 +49,7 @@ in {
theme = i3BarTheme.theme.name; theme = i3BarTheme.theme.name;
settings = i3BarTheme; settings = i3BarTheme;
blocks = blocks = [
[
{ {
block = "pomodoro"; block = "pomodoro";
length = 60; length = 60;
@ -95,19 +88,18 @@ in {
chip = cfg.temperature.chip; chip = cfg.temperature.chip;
inputs = cfg.temperature.inputs; inputs = cfg.temperature.inputs;
} }
] ] ++ (lists.optionals ((builtins.length cfg.networking.throughput_interfaces) != 0)
++ (
lists.optionals ((builtins.length cfg.networking.throughput_interfaces) != 0)
(map (map
(interface: { (interface:
{
block = "net"; block = "net";
device = interface; device = interface;
interval = 1; interval = 1;
hide_inactive = true; hide_inactive = true;
}) })
cfg.networking.throughput_interfaces) cfg.networking.throughput_interfaces)
) ) ++ [
++ [
{ {
block = "networkmanager"; block = "networkmanager";
primary_only = true; primary_only = true;
@ -116,14 +108,11 @@ in {
block = "sound"; block = "sound";
driver = "pulseaudio"; driver = "pulseaudio";
} }
] ] ++ (optional config.my.home.laptop.enable
++ (
optional config.my.home.laptop.enable
{ {
block = "battery"; block = "battery";
} }
) ) ++ [
++ [
# { # {
# block = "notify"; # block = "notify";
# } # }

11
hosts/boreal/default.nix
View file

@ -1,14 +1,11 @@
# Edit this configuration file to define what should be installed on # Edit this configuration file to define what should be installed on
# your system. Help is available in the configuration.nix(5) man page # your system. Help is available in the configuration.nix(5) man page
# and in the NixOS manual (accessible by running nixos-help). # and in the NixOS manual (accessible by running nixos-help).
{ config, lib, pkgs, ... }:
{ {
config, imports =
lib, [ # Include the results of the hardware scan.
pkgs,
...
}: {
imports = [
# Include the results of the hardware scan.
./hardware-configuration.nix ./hardware-configuration.nix
./home.nix ./home.nix

20
hosts/boreal/hardware-configuration.nix
View file

@ -1,15 +1,11 @@
# Do not modify this file! It was generated by nixos-generate-config # Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes # and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead. # to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{ {
config, imports =
lib, [ (modulesPath + "/installer/scan/not-detected.nix")
pkgs,
modulesPath,
...
}: {
imports = [
(modulesPath + "/installer/scan/not-detected.nix")
]; ];
boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "nvme" "usbhid" "usb_storage" "sd_mod" ]; boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "nvme" "usbhid" "usb_storage" "sd_mod" ];
@ -17,14 +13,14 @@
boot.kernelModules = [ "kvm-amd" ]; boot.kernelModules = [ "kvm-amd" ];
boot.extraModulePackages = [ ]; boot.extraModulePackages = [ ];
fileSystems."/" = { fileSystems."/" =
device = "/dev/disk/by-uuid/1a942915-c1ae-4058-b99d-09d12d40dbd3"; { device = "/dev/disk/by-uuid/1a942915-c1ae-4058-b99d-09d12d40dbd3";
fsType = "btrfs"; fsType = "btrfs";
options = [ "subvol=nixos" "compress=zstd:1" "noatime" ]; options = [ "subvol=nixos" "compress=zstd:1" "noatime" ];
}; };
fileSystems."/boot" = { fileSystems."/boot" =
device = "/dev/disk/by-uuid/17C7-368D"; { device = "/dev/disk/by-uuid/17C7-368D";
fsType = "vfat"; fsType = "vfat";
}; };

13
hosts/boreal/home.nix
View file

@ -1,8 +1,5 @@
{ config, pkgs, ... }:
{ {
config,
pkgs,
...
}: {
home-manager.users.alarsyo = { home-manager.users.alarsyo = {
# Keyboard settings & i3 settings # Keyboard settings & i3 settings
my.home.x.enable = true; my.home.x.enable = true;
@ -14,16 +11,14 @@
my.theme = config.home-manager.users.alarsyo.my.themes.solarizedLight; my.theme = config.home-manager.users.alarsyo.my.themes.solarizedLight;
home.packages = builtins.attrValues { home.packages = builtins.attrValues {
inherit inherit (pkgs)
(pkgs)
# some websites only work there :( # some websites only work there :(
chromium chromium
# dev # dev
rustup rustup
# keyboard goodness
# keyboard goodness
chrysalis chrysalis
; ;

16
hosts/boreal/secrets.nix
View file

@ -1,16 +1,12 @@
{ config, lib, options, ... }:
{ {
config,
lib,
options,
...
}: {
config.age = { config.age = {
secrets = let secrets =
toSecret = name: {...} @ attrs: let
{ toSecret = name: { ... }@attrs: {
file = ./../../modules/secrets + "/${name}.age"; file = ./../../modules/secrets + "/${name}.age";
} } // attrs;
// attrs;
in in
lib.mapAttrs toSecret { lib.mapAttrs toSecret {
"restic-backup/boreal-credentials" = {}; "restic-backup/boreal-credentials" = {};

16
hosts/poseidon/default.nix
View file

@ -1,16 +1,14 @@
# Edit this configuration file to define what should be installed on # Edit this configuration file to define what should be installed on
# your system. Help is available in the configuration.nix(5) man page # your system. Help is available in the configuration.nix(5) man page
# and in the NixOS manual (accessible by running nixos-help). # and in the NixOS manual (accessible by running nixos-help).
{
config, { config, lib, pkgs, ... }:
lib, let
pkgs,
...
}: let
secrets = config.my.secrets; secrets = config.my.secrets;
in { in
imports = [ {
# Include the results of the hardware scan. imports =
[ # Include the results of the hardware scan.
./hardware-configuration.nix ./hardware-configuration.nix
./home.nix ./home.nix

31
hosts/poseidon/hardware-configuration.nix
View file

@ -1,20 +1,15 @@
# Do not modify this file! It was generated by nixos-generate-config # Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes # and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead. # to /etc/nixos/configuration.nix instead.
{ { config, lib, pkgs, modulesPath, ... }:
config, let
lib, inherit (lib)
pkgs,
modulesPath,
...
}: let
inherit
(lib)
mkDefault mkDefault
; ;
in { in
imports = [ {
(modulesPath + "/installer/scan/not-detected.nix") imports =
[ (modulesPath + "/installer/scan/not-detected.nix")
]; ];
boot.initrd.availableKernelModules = [ "ahci" "usbhid" ]; boot.initrd.availableKernelModules = [ "ahci" "usbhid" ];
@ -22,8 +17,8 @@ in {
boot.kernelModules = [ "kvm-intel" ]; boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ]; boot.extraModulePackages = [ ];
fileSystems."/" = { fileSystems."/" =
device = "/dev/disk/by-uuid/adcf0158-edfb-402f-82e7-61e4902af989"; { device = "/dev/disk/by-uuid/adcf0158-edfb-402f-82e7-61e4902af989";
fsType = "btrfs"; fsType = "btrfs";
options = [ options = [
"subvol=@nixos" "subvol=@nixos"
@ -32,13 +27,13 @@ in {
]; ];
}; };
fileSystems."/boot" = { fileSystems."/boot" =
device = "/dev/disk/by-uuid/ff54b622-0e26-4c6e-aa0c-ac2c1e12699a"; { device = "/dev/disk/by-uuid/ff54b622-0e26-4c6e-aa0c-ac2c1e12699a";
fsType = "ext4"; fsType = "ext4";
}; };
swapDevices = [ swapDevices =
{device = "/dev/disk/by-uuid/381a9c5e-4d71-45b4-ac62-e7414b3768fc";} [ { device = "/dev/disk/by-uuid/381a9c5e-4d71-45b4-ac62-e7414b3768fc"; }
]; ];
powerManagement.cpuFreqGovernor = mkDefault "ondemand"; powerManagement.cpuFreqGovernor = mkDefault "ondemand";

4
hosts/poseidon/home.nix
View file

@ -1,5 +1,7 @@
{config, ...}: { { config, ... }:
{
home-manager.users.alarsyo = { home-manager.users.alarsyo = {
my.theme = config.home-manager.users.alarsyo.my.themes.solarizedLight; my.theme = config.home-manager.users.alarsyo.my.themes.solarizedLight;
}; };
} }

16
hosts/poseidon/secrets.nix
View file

@ -1,16 +1,12 @@
{ config, lib, options, ... }:
{ {
config,
lib,
options,
...
}: {
config.age = { config.age = {
secrets = let secrets =
toSecret = name: {...} @ attrs: let
{ toSecret = name: { ... }@attrs: {
file = ./../../modules/secrets + "/${name}.age"; file = ./../../modules/secrets + "/${name}.age";
} } // attrs;
// attrs;
in in
lib.mapAttrs toSecret { lib.mapAttrs toSecret {
"gandi/api-key" = {}; "gandi/api-key" = {};

11
hosts/zephyrus/default.nix
View file

@ -1,14 +1,11 @@
# Edit this configuration file to define what should be installed on # Edit this configuration file to define what should be installed on
# your system. Help is available in the configuration.nix(5) man page # your system. Help is available in the configuration.nix(5) man page
# and in the NixOS manual (accessible by running nixos-help). # and in the NixOS manual (accessible by running nixos-help).
{ config, lib, pkgs, ... }:
{ {
config, imports =
lib, [ # Include the results of the hardware scan.
pkgs,
...
}: {
imports = [
# Include the results of the hardware scan.
./hardware-configuration.nix ./hardware-configuration.nix
./home.nix ./home.nix
./secrets.nix ./secrets.nix

35
hosts/zephyrus/hardware-configuration.nix
View file

@ -1,20 +1,15 @@
# Do not modify this file! It was generated by nixos-generate-config # Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes # and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead. # to /etc/nixos/configuration.nix instead.
{ { config, lib, pkgs, modulesPath, ... }:
config, let
lib, inherit (lib)
pkgs,
modulesPath,
...
}: let
inherit
(lib)
mkDefault mkDefault
; ;
in { in
imports = [ {
(modulesPath + "/installer/scan/not-detected.nix") imports =
[ (modulesPath + "/installer/scan/not-detected.nix")
]; ];
boot.initrd.availableKernelModules = [ "xhci_pci" "nvme" "usb_storage" "sd_mod" "rtsx_pci_sdmmc" ]; boot.initrd.availableKernelModules = [ "xhci_pci" "nvme" "usb_storage" "sd_mod" "rtsx_pci_sdmmc" ];
@ -22,29 +17,29 @@ in {
boot.kernelModules = [ "kvm-intel" ]; boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ]; boot.extraModulePackages = [ ];
fileSystems."/" = { fileSystems."/" =
device = "/dev/disk/by-uuid/6395cef1-c30b-450a-917c-cfb3c0380642"; { device = "/dev/disk/by-uuid/6395cef1-c30b-450a-917c-cfb3c0380642";
fsType = "btrfs"; fsType = "btrfs";
options = [ "subvol=@" "compress=zstd" "noatime" ]; options = [ "subvol=@" "compress=zstd" "noatime" ];
}; };
boot.initrd.luks.devices."cryptroot".device = "/dev/disk/by-uuid/c59e7067-e33c-474c-9b8e-96d0e8f59297"; boot.initrd.luks.devices."cryptroot".device = "/dev/disk/by-uuid/c59e7067-e33c-474c-9b8e-96d0e8f59297";
fileSystems."/home" = { fileSystems."/home" =
device = "/dev/disk/by-uuid/6395cef1-c30b-450a-917c-cfb3c0380642"; { device = "/dev/disk/by-uuid/6395cef1-c30b-450a-917c-cfb3c0380642";
fsType = "btrfs"; fsType = "btrfs";
options = [ "subvol=@home" "compress=zstd" "noatime" ]; options = [ "subvol=@home" "compress=zstd" "noatime" ];
neededForBoot = true; # agenix needs my key for some root secrets neededForBoot = true; # agenix needs my key for some root secrets
}; };
fileSystems."/nix" = { fileSystems."/nix" =
device = "/dev/disk/by-uuid/6395cef1-c30b-450a-917c-cfb3c0380642"; { device = "/dev/disk/by-uuid/6395cef1-c30b-450a-917c-cfb3c0380642";
fsType = "btrfs"; fsType = "btrfs";
options = [ "subvol=@nix" "compress=zstd" "noatime" ]; options = [ "subvol=@nix" "compress=zstd" "noatime" ];
}; };
fileSystems."/boot" = { fileSystems."/boot" =
device = "/dev/disk/by-uuid/D9DA-F46C"; { device = "/dev/disk/by-uuid/D9DA-F46C";
fsType = "vfat"; fsType = "vfat";
}; };

14
hosts/zephyrus/home.nix
View file

@ -1,8 +1,5 @@
{ config, pkgs, ... }:
{ {
config,
pkgs,
...
}: {
home-manager.users.alarsyo = { home-manager.users.alarsyo = {
my.home.laptop.enable = true; my.home.laptop.enable = true;
@ -16,14 +13,13 @@
my.theme = config.home-manager.users.alarsyo.my.themes.solarizedLight; my.theme = config.home-manager.users.alarsyo.my.themes.solarizedLight;
home.packages = builtins.attrValues { home.packages = builtins.attrValues {
inherit inherit (pkgs)
(pkgs)
# some websites only work there :( # some websites only work there :(
chromium chromium
darktable
# dev
darktable
# dev
rustup rustup
; ;

16
hosts/zephyrus/secrets.nix
View file

@ -1,16 +1,12 @@
{ config, lib, options, ... }:
{ {
config,
lib,
options,
...
}: {
config.age = { config.age = {
secrets = let secrets =
toSecret = name: {...} @ attrs: let
{ toSecret = name: { ... }@attrs: {
file = ./../../modules/secrets + "/${name}.age"; file = ./../../modules/secrets + "/${name}.age";
} } // attrs;
// attrs;
in in
lib.mapAttrs toSecret { lib.mapAttrs toSecret {
"restic-backup/zephyrus-credentials" = {}; "restic-backup/zephyrus-credentials" = {};

3
modules/default.nix
View file

@ -1,4 +1,5 @@
{...}: { { ... }:
{
imports = [ imports = [
./sddm.nix ./sddm.nix
./secrets ./secrets

20
modules/sddm.nix
View file

@ -1,17 +1,13 @@
{ { config, lib, pkgs, ... }:
config, let
lib, inherit (lib)
pkgs,
...
}: let
inherit
(lib)
mkEnableOption mkEnableOption
mkIf mkIf
; ;
cfg = config.my.displayManager.sddm; cfg = config.my.displayManager.sddm;
in { in
{
options.my.displayManager.sddm.enable = mkEnableOption "SDDM setup"; options.my.displayManager.sddm.enable = mkEnableOption "SDDM setup";
config = mkIf cfg.enable { config = mkIf cfg.enable {
@ -21,13 +17,11 @@ in {
}; };
environment.systemPackages = builtins.attrValues { environment.systemPackages = builtins.attrValues {
inherit inherit (pkgs.packages)
(pkgs.packages)
sddm-sugar-candy sddm-sugar-candy
; ;
inherit inherit (pkgs.libsForQt5.qt5)
(pkgs.libsForQt5.qt5)
qtgraphicaleffects qtgraphicaleffects
qtquickcontrols2 qtquickcontrols2
qtsvg qtsvg

11
modules/secrets/default.nix
View file

@ -1,13 +1,8 @@
{ config, lib, options, ... }:
{ {
config,
lib,
options,
...
}: {
config.age = { config.age = {
identityPaths = identityPaths = options.age.identityPaths.default ++ [
options.age.identityPaths.default
++ [
"/home/alarsyo/.ssh/id_ed25519" "/home/alarsyo/.ssh/id_ed25519"
]; ];
}; };

3
modules/secrets/secrets.nix
View file

@ -9,7 +9,8 @@ let
machines = [ boreal poseidon zephyrus ]; machines = [ boreal poseidon zephyrus ];
all = users ++ machines; all = users ++ machines;
in { in
{
"gandi/api-key.age".publicKeys = [ poseidon ]; "gandi/api-key.age".publicKeys = [ poseidon ];
"lohr/shared-secret.age".publicKeys = [ poseidon ]; "lohr/shared-secret.age".publicKeys = [ poseidon ];

19
modules/wakeonwlan.nix
View file

@ -1,11 +1,7 @@
{ { config, lib, pkgs, ... }:
config,
lib, let
pkgs, inherit (lib)
...
}: let
inherit
(lib)
concatStringsSep concatStringsSep
literalExample literalExample
mapAttrs' mapAttrs'
@ -29,10 +25,9 @@
${pkgs.iw}/bin/iw ${name} wowlan enable ${concatStringsSep " " cfg.methods} ${pkgs.iw}/bin/iw ${name} wowlan enable ${concatStringsSep " " cfg.methods}
''; '';
}; };
in { in
options.my.wakeonwlan = let {
inherit (lib) types; options.my.wakeonwlan = let inherit (lib) types; in {
in {
interfaces = mkOption { interfaces = mkOption {
default = { }; default = { };
description = "Wireless interfaces where you want to enable WoWLAN"; description = "Wireless interfaces where you want to enable WoWLAN";

6
overlays/i3status-rust/default.nix
View file

@ -1,4 +1,5 @@
final: prev: { final: prev:
{
# overlay created because nixpkgs's `i3status-rust` depended on `notmuch`, and # overlay created because nixpkgs's `i3status-rust` depended on `notmuch`, and
# `notmuch`'s tests were briefly broken. the features I'm disabling, I don't # `notmuch`'s tests were briefly broken. the features I'm disabling, I don't
# need anyway: (at the time of writing) # need anyway: (at the time of writing)
@ -7,8 +8,7 @@ final: prev: {
# - maildir # - maildir
i3status-rust = prev.i3status-rust.overrideAttrs (oldAttrs: { i3status-rust = prev.i3status-rust.overrideAttrs (oldAttrs: {
buildInputs = builtins.attrValues { buildInputs = builtins.attrValues {
inherit inherit (final)
(final)
dbus dbus
lm_sensors lm_sensors
openssl openssl

3
pkgs/default.nix
View file

@ -1,4 +1,5 @@
{pkgs}: { { pkgs }:
{
sddm-sugar-candy = pkgs.callPackage ./sddm-sugar-candy {}; sddm-sugar-candy = pkgs.callPackage ./sddm-sugar-candy {};
kaleidoscope-udev-rules = pkgs.callPackage ./kaleidoscope-udev-rules {}; kaleidoscope-udev-rules = pkgs.callPackage ./kaleidoscope-udev-rules {};
grafanaDashboards = pkgs.recurseIntoAttrs (pkgs.callPackage ./grafana-dashboards {}); grafanaDashboards = pkgs.recurseIntoAttrs (pkgs.callPackage ./grafana-dashboards {});

3
pkgs/grafana-dashboards/default.nix
View file

@ -1,4 +1,5 @@
{callPackage}: { { callPackage }:
{
nginx = callPackage ./nginx.nix {}; nginx = callPackage ./nginx.nix {};
node-exporter = callPackage ./node-exporter.nix {}; node-exporter = callPackage ./node-exporter.nix {};
} }

11
pkgs/grafana-dashboards/nginx.nix
View file

@ -1,11 +1,6 @@
{ { stdenv, fetchFromGitHub, lib, ... }:
stdenv, let
fetchFromGitHub, inherit (lib)
lib,
...
}: let
inherit
(lib)
licenses licenses
; ;

11
pkgs/grafana-dashboards/node-exporter.nix
View file

@ -1,11 +1,6 @@
{ { stdenv, fetchFromGitHub, lib, ... }:
stdenv, let
fetchFromGitHub, inherit (lib)
lib,
...
}: let
inherit
(lib)
licenses licenses
; ;

11
pkgs/kaleidoscope-udev-rules/default.nix
View file

@ -1,10 +1,7 @@
{ { stdenv, lib, fetchFromGitHub }:
stdenv,
lib, let
fetchFromGitHub, inherit (lib)
}: let
inherit
(lib)
licenses licenses
; ;

5
pkgs/sddm-sugar-candy/default.nix
View file

@ -1,7 +1,4 @@
{ { stdenv, fetchFromGitLab }:
stdenv,
fetchFromGitLab,
}:
stdenv.mkDerivation rec { stdenv.mkDerivation rec {
pname = "sddm-sugar-candy"; pname = "sddm-sugar-candy";
# latest master commit, no recent tags :( # latest master commit, no recent tags :(

10
pkgs/spot/default.nix
View file

@ -1,8 +1,8 @@
{ { stdenv
stdenv, , fetchurl
fetchurl, , python3
python3, }:
}: let let
version = "2.10.4"; version = "2.10.4";
in in
stdenv.mkDerivation { stdenv.mkDerivation {

4
poseidon.nix
View file

@ -1,4 +1,6 @@
{...}: { { ... }:
{
imports = [ imports = [
# Default configuration # Default configuration
./base ./base

4
services/default.nix
View file

@ -1,4 +1,6 @@
{...}: { { ... }:
{
imports = [ imports = [
./vaultwarden.nix ./vaultwarden.nix
./fail2ban.nix ./fail2ban.nix

12
services/fail2ban.nix
View file

@ -1,11 +1,7 @@
{ { config, lib, pkgs, ... }:
config,
lib, let
pkgs, inherit (lib)
...
}: let
inherit
(lib)
mkEnableOption mkEnableOption
mkIf mkIf
; ;

19
services/fava.nix
View file

@ -1,11 +1,7 @@
{ { config, lib, pkgs, ... }:
config,
lib, let
pkgs, inherit (lib)
...
}: let
inherit
(lib)
mkEnableOption mkEnableOption
mkIf mkIf
mkOption mkOption
@ -15,10 +11,9 @@
my = config.my; my = config.my;
domain = config.networking.domain; domain = config.networking.domain;
secrets = config.my.secrets; secrets = config.my.secrets;
in { in
options.my.services.fava = let {
inherit (lib) types; options.my.services.fava = let inherit (lib) types; in {
in {
enable = mkEnableOption "Fava"; enable = mkEnableOption "Fava";
home = mkOption { home = mkOption {

16
services/gitea/default.nix
View file

@ -1,11 +1,7 @@
{ { config, lib, pkgs, ... }:
config,
lib, let
pkgs, inherit (lib)
...
}: let
inherit
(lib)
mkEnableOption mkEnableOption
mkIf mkIf
mkOption mkOption
@ -16,9 +12,7 @@
domain = config.networking.domain; domain = config.networking.domain;
in { in {
options.my.services.gitea = let options.my.services.gitea = let inherit (lib) types; in {
inherit (lib) types;
in {
enable = mkEnableOption "Personal Git hosting with Gitea"; enable = mkEnableOption "Personal Git hosting with Gitea";
privatePort = mkOption { privatePort = mkOption {

12
services/jellyfin.nix
View file

@ -1,11 +1,7 @@
{ { config, lib, pkgs, ... }:
config,
lib, let
pkgs, inherit (lib)
...
}: let
inherit
(lib)
mkEnableOption mkEnableOption
mkIf mkIf
; ;

22
services/lohr.nix
View file

@ -1,11 +1,7 @@
{ { config, lib, pkgs, ... }:
config,
lib, let
pkgs, inherit (lib)
...
}: let
inherit
(lib)
mkEnableOption mkEnableOption
mkIf mkIf
mkOption mkOption
@ -15,14 +11,14 @@
my = config.my; my = config.my;
domain = config.networking.domain; domain = config.networking.domain;
secrets = config.my.secrets; secrets = config.my.secrets;
lohrPkg = let lohrPkg =
let
flake = builtins.getFlake "github:alarsyo/lohr?rev=58503cc8b95c8b627f6ae7e56740609e91f323cd"; flake = builtins.getFlake "github:alarsyo/lohr?rev=58503cc8b95c8b627f6ae7e56740609e91f323cd";
in in
flake.defaultPackage."x86_64-linux"; # FIXME: use correct system flake.defaultPackage."x86_64-linux"; # FIXME: use correct system
in { in
options.my.services.lohr = let {
inherit (lib) types; options.my.services.lohr = let inherit (lib) types; in {
in {
enable = mkEnableOption "Lohr Mirroring Daemon"; enable = mkEnableOption "Lohr Mirroring Daemon";
home = mkOption { home = mkOption {

78
services/matrix.nix
View file

@ -7,14 +7,10 @@
# - https://github.com/delroth/infra.delroth.net/blob/master/roles/matrix-synapse.nix # - https://github.com/delroth/infra.delroth.net/blob/master/roles/matrix-synapse.nix
# - https://nixos.org/manual/nixos/stable/index.html#module-services-matrix # - https://nixos.org/manual/nixos/stable/index.html#module-services-matrix
# #
{ { config, lib, pkgs, ... }:
config,
lib, let
pkgs, inherit (lib)
...
}: let
inherit
(lib)
mkEnableOption mkEnableOption
mkIf mkIf
mkOption mkOption
@ -24,19 +20,11 @@
cfg = config.my.services.matrix; cfg = config.my.services.matrix;
my = config.my; my = config.my;
federationPort = { federationPort = { public = 8448; private = 11338; };
public = 8448; clientPort = { public = 443; private = 11339; };
private = 11338;
};
clientPort = {
public = 443;
private = 11339;
};
domain = config.networking.domain; domain = config.networking.domain;
in { in {
options.my.services.matrix = let options.my.services.matrix = let inherit (lib) types; in {
inherit (lib) types;
in {
enable = mkEnableOption "Matrix Synapse"; enable = mkEnableOption "Matrix Synapse";
secretConfigFile = mkOption { secretConfigFile = mkOption {
@ -106,12 +94,7 @@ in {
port = federationPort.private; port = federationPort.private;
tls = false; # Terminated by nginx. tls = false; # Terminated by nginx.
x_forwarded = true; x_forwarded = true;
resources = [ resources = [ { names = [ "federation" ]; compress = false; } ];
{
names = ["federation"];
compress = false;
}
];
} }
# Client # Client
@ -120,12 +103,7 @@ in {
port = clientPort.private; port = clientPort.private;
tls = false; # Terminated by nginx. tls = false; # Terminated by nginx.
x_forwarded = true; x_forwarded = true;
resources = [ resources = [ { names = [ "client" ]; compress = false; } ];
{
names = ["client"];
compress = false;
}
];
} }
]; ];
@ -149,7 +127,8 @@ in {
onlySSL = true; onlySSL = true;
useACMEHost = domain; useACMEHost = domain;
locations = let locations =
let
proxyToClientPort = { proxyToClientPort = {
proxyPass = "http://[::1]:${toString clientPort.private}"; proxyPass = "http://[::1]:${toString clientPort.private}";
}; };
@ -164,17 +143,10 @@ in {
}; };
listen = [ listen = [
{ { addr = "0.0.0.0"; port = clientPort.public; ssl = true; }
addr = "0.0.0.0"; { addr = "[::]"; port = clientPort.public; ssl = true; }
port = clientPort.public;
ssl = true;
}
{
addr = "[::]";
port = clientPort.public;
ssl = true;
}
]; ];
}; };
# same as above, but listening on the federation port # same as above, but listening on the federation port
@ -190,31 +162,26 @@ in {
}; };
listen = [ listen = [
{ { addr = "0.0.0.0"; port = federationPort.public; ssl = true; }
addr = "0.0.0.0"; { addr = "[::]"; port = federationPort.public; ssl = true; }
port = federationPort.public;
ssl = true;
}
{
addr = "[::]";
port = federationPort.public;
ssl = true;
}
]; ];
}; };
"${domain}" = { "${domain}" = {
forceSSL = true; forceSSL = true;
useACMEHost = domain; useACMEHost = domain;
locations."= /.well-known/matrix/server".extraConfig = let locations."= /.well-known/matrix/server".extraConfig =
let
server = { "m.server" = "matrix.${domain}:${toString federationPort.public}"; }; server = { "m.server" = "matrix.${domain}:${toString federationPort.public}"; };
in '' in ''
add_header Content-Type application/json; add_header Content-Type application/json;
return 200 '${builtins.toJSON server}'; return 200 '${builtins.toJSON server}';
''; '';
locations."= /.well-known/matrix/client".extraConfig = let locations."= /.well-known/matrix/client".extraConfig =
let
client = { client = {
"m.homeserver" = { "base_url" = "https://matrix.${domain}"; }; "m.homeserver" = { "base_url" = "https://matrix.${domain}"; };
"m.identity_server" = { "base_url" = "https://vector.im"; }; "m.identity_server" = { "base_url" = "https://vector.im"; };
@ -269,8 +236,7 @@ in {
my.services.restic-backup = let my.services.restic-backup = let
dataDir = config.services.matrix-synapse.dataDir; dataDir = config.services.matrix-synapse.dataDir;
in in mkIf cfg.enable {
mkIf cfg.enable {
paths = [ dataDir ]; paths = [ dataDir ];
# this is just caching for other servers media, doesn't need backup # this is just caching for other servers media, doesn't need backup
exclude = [ "${dataDir}/media/remote_*" ]; exclude = [ "${dataDir}/media/remote_*" ];

16
services/media.nix
View file

@ -1,21 +1,17 @@
{ { config, lib, ... }:
config, let
lib, inherit (lib)
...
}: let
inherit
(lib)
mkIf mkIf
; ;
mediaServices = builtins.attrValues { mediaServices = builtins.attrValues {
inherit inherit (config.my.services)
(config.my.services)
jellyfin jellyfin
transmission transmission
; ;
}; };
needed = builtins.any (service: service.enable) mediaServices; needed = builtins.any (service: service.enable) mediaServices;
in { in
{
config.users.groups.media = mkIf needed { }; config.users.groups.media = mkIf needed { };
} }

16
services/miniflux.nix
View file

@ -1,11 +1,7 @@
{ { config, lib, pkgs, ... }:
config,
lib, let
pkgs, inherit (lib)
...
}: let
inherit
(lib)
mkEnableOption mkEnableOption
mkIf mkIf
mkOption mkOption
@ -16,9 +12,7 @@
domain = config.networking.domain; domain = config.networking.domain;
in { in {
options.my.services.miniflux = let options.my.services.miniflux = let inherit (lib) types; in {
inherit (lib) types;
in {
enable = mkEnableOption "Serve a Miniflux instance"; enable = mkEnableOption "Serve a Miniflux instance";
adminCredentialsFile = mkOption { adminCredentialsFile = mkOption {

22
services/monitoring.nix
View file

@ -1,11 +1,7 @@
{ { config, lib, pkgs, ... }:
config,
lib, let
pkgs, inherit (lib)
...
}: let
inherit
(lib)
mkEnableOption mkEnableOption
mkIf mkIf
mkOption mkOption
@ -14,9 +10,7 @@
cfg = config.my.services.monitoring; cfg = config.my.services.monitoring;
domain = config.networking.domain; domain = config.networking.domain;
in { in {
options.my.services.monitoring = let options.my.services.monitoring = let inherit (lib) types; in {
inherit (lib) types;
in {
enable = mkEnableOption "Enable monitoring"; enable = mkEnableOption "Enable monitoring";
domain = mkOption { domain = mkOption {
@ -93,11 +87,9 @@ in {
scrapeConfigs = [ scrapeConfigs = [
{ {
job_name = config.networking.hostName; job_name = config.networking.hostName;
static_configs = [ static_configs = [{
{
targets = [ "127.0.0.1:${toString config.services.prometheus.exporters.node.port}" ]; targets = [ "127.0.0.1:${toString config.services.prometheus.exporters.node.port}" ];
} }];
];
} }
]; ];
}; };

16
services/navidrome.nix
View file

@ -1,11 +1,7 @@
{ { config, lib, pkgs, ... }:
config,
lib, let
pkgs, inherit (lib)
...
}: let
inherit
(lib)
mkEnableOption mkEnableOption
mkIf mkIf
mkOption mkOption
@ -15,9 +11,7 @@
cfg = config.my.services.navidrome; cfg = config.my.services.navidrome;
domain = config.networking.domain; domain = config.networking.domain;
in { in {
options.my.services.navidrome = let options.my.services.navidrome = let inherit (lib) types; in {
inherit (lib) types;
in {
enable = mkEnableOption "Navidrome"; enable = mkEnableOption "Navidrome";
musicFolder = { musicFolder = {
path = mkOption { path = mkOption {

22
services/nextcloud.nix
View file

@ -1,13 +1,9 @@
{ { lib, config, pkgs, ... }:
lib,
config,
pkgs,
...
}:
# TODO: setup prometheus exporter # TODO: setup prometheus exporter
let let
inherit inherit (lib)
(lib)
mkEnableOption mkEnableOption
mkIf mkIf
mkOption mkOption
@ -17,10 +13,9 @@ let
my = config.my; my = config.my;
domain = config.networking.domain; domain = config.networking.domain;
dbName = "nextcloud"; dbName = "nextcloud";
in { in
options.my.services.nextcloud = let {
inherit (lib) types; options.my.services.nextcloud = let inherit (lib) types; in {
in {
enable = mkEnableOption "NextCloud"; enable = mkEnableOption "NextCloud";
adminpassFile = mkOption { adminpassFile = mkOption {
@ -92,8 +87,7 @@ in {
my.services.restic-backup = let my.services.restic-backup = let
nextcloudHome = config.services.nextcloud.home; nextcloudHome = config.services.nextcloud.home;
in in mkIf cfg.enable {
mkIf cfg.enable {
paths = [ nextcloudHome ]; paths = [ nextcloudHome ];
exclude = [ exclude = [
# borg can fail if *.part files disappear during backup # borg can fail if *.part files disappear during backup

23
services/nginx.nix
View file

@ -1,17 +1,13 @@
# Part of config shamelessly stolen from: # Part of config shamelessly stolen from:
# #
# https://github.com/delroth/infra.delroth.net # https://github.com/delroth/infra.delroth.net
{ { config, lib, pkgs, ... }:
config, let
lib, inherit (lib)
pkgs,
...
}: let
inherit
(lib)
mkIf mkIf
; ;
in { in
{
# Whenever something defines an nginx vhost, ensure that nginx defaults are # Whenever something defines an nginx vhost, ensure that nginx defaults are
# properly set. # properly set.
config = mkIf ((builtins.attrNames config.services.nginx.virtualHosts) != [ "localhost" ]) { config = mkIf ((builtins.attrNames config.services.nginx.virtualHosts) != [ "localhost" ]) {
@ -36,14 +32,12 @@ in {
scrapeConfigs = [ scrapeConfigs = [
{ {
job_name = "nginx"; job_name = "nginx";
static_configs = [ static_configs = [{
{
targets = [ "127.0.0.1:${toString config.services.prometheus.exporters.nginx.port}" ]; targets = [ "127.0.0.1:${toString config.services.prometheus.exporters.nginx.port}" ];
labels = { labels = {
instance = config.networking.hostName; instance = config.networking.hostName;
}; };
} }];
];
} }
]; ];
}; };
@ -52,7 +46,8 @@ in {
acceptTerms = true; acceptTerms = true;
defaults.email = "antoine97.martin@gmail.com"; defaults.email = "antoine97.martin@gmail.com";
certs = let certs =
let
domain = config.networking.domain; domain = config.networking.domain;
gandiKey = config.my.secrets.gandiKey; gandiKey = config.my.secrets.gandiKey;
in { in {

14
services/nuage.nix
View file

@ -1,17 +1,15 @@
{ { config, lib, ... }:
config,
lib, let
... inherit (lib)
}: let
inherit
(lib)
mkEnableOption mkEnableOption
mkIf mkIf
; ;
cfg = config.my.services.nuage; cfg = config.my.services.nuage;
my = config.my; my = config.my;
in { in
{
options.my.services.nuage = { options.my.services.nuage = {
enable = mkEnableOption "Nuage redirect"; enable = mkEnableOption "Nuage redirect";
}; };

19
services/paperless.nix
View file

@ -1,11 +1,7 @@
{ { config, lib, pkgs, ... }:
config,
lib, let
pkgs, inherit (lib)
...
}: let
inherit
(lib)
mkEnableOption mkEnableOption
mkIf mkIf
mkOption mkOption
@ -15,10 +11,9 @@
my = config.my; my = config.my;
domain = config.networking.domain; domain = config.networking.domain;
paperlessDomain = "paperless.${domain}"; paperlessDomain = "paperless.${domain}";
in { in
options.my.services.paperless = let {
inherit (lib) types; options.my.services.paperless = let inherit (lib) types; in {
in {
enable = mkEnableOption "Paperless"; enable = mkEnableOption "Paperless";
port = mkOption { port = mkOption {

16
services/pipewire.nix
View file

@ -1,12 +1,7 @@
{ { config, lib, pkgs, options, ... }:
config,
lib, let
pkgs, inherit (lib)
options,
...
}: let
inherit
(lib)
mkEnableOption mkEnableOption
mkIf mkIf
optionalAttrs optionalAttrs
@ -14,7 +9,8 @@
cfg = config.my.services.pipewire; cfg = config.my.services.pipewire;
my = config.my; my = config.my;
in { in
{
options.my.services.pipewire = { options.my.services.pipewire = {
enable = mkEnableOption "Pipewire sound backend"; enable = mkEnableOption "Pipewire sound backend";
}; };

13
services/postgresql-backup.nix
View file

@ -1,11 +1,7 @@
{ { config, lib, pkgs, ... }:
config,
lib, let
pkgs, inherit (lib)
...
}: let
inherit
(lib)
mkEnableOption mkEnableOption
mkIf mkIf
; ;
@ -31,4 +27,5 @@ in {
exclude = [ "/var/backup/postgresql/*.prev.sql.gz" ]; exclude = [ "/var/backup/postgresql/*.prev.sql.gz" ];
}; };
}; };
} }

5
services/postgresql.nix
View file

@ -1,8 +1,5 @@
{ config, pkgs, ... }:
{ {
config,
pkgs,
...
}: {
# set postgresql version so we don't get any bad surprise # set postgresql version so we don't get any bad surprise
config.services.postgresql = { config.services.postgresql = {
package = pkgs.postgresql_13; package = pkgs.postgresql_13;

20
services/restic-backup.nix
View file

@ -1,11 +1,7 @@
{ { config, lib, pkgs, ... }:
config,
lib, let
pkgs, inherit (lib)
...
}: let
inherit
(lib)
attrsets attrsets
concatStringsSep concatStringsSep
mkEnableOption mkEnableOption
@ -19,9 +15,7 @@
makePruneOpts = pruneOpts: makePruneOpts = pruneOpts:
attrsets.mapAttrsToList (name: value: "--keep-${name} ${toString value}") pruneOpts; attrsets.mapAttrsToList (name: value: "--keep-${name} ${toString value}") pruneOpts;
in { in {
options.my.services.restic-backup = let options.my.services.restic-backup = let inherit (lib) types; in {
inherit (lib) types;
in {
enable = mkEnableOption "Enable Restic backups for this host"; enable = mkEnableOption "Enable Restic backups for this host";
repo = mkOption { repo = mkOption {
@ -29,6 +23,7 @@ in {
default = null; default = null;
example = "/mnt/hdd"; example = "/mnt/hdd";
description = "Restic backup repo"; description = "Restic backup repo";
}; };
paths = mkOption { paths = mkOption {
@ -97,8 +92,7 @@ in {
passwordFile = cfg.passwordFile; passwordFile = cfg.passwordFile;
environmentFile = cfg.environmentFile; environmentFile = cfg.environmentFile;
extraBackupArgs = extraBackupArgs = [ "--verbose=2" ]
["--verbose=2"]
++ optional (builtins.length cfg.exclude != 0) excludeArg; ++ optional (builtins.length cfg.exclude != 0) excludeArg;
timerConfig = cfg.timerConfig; timerConfig = cfg.timerConfig;

15
services/tailscale.nix
View file

@ -1,17 +1,14 @@
{ { config, lib, pkgs, ... }:
config,
lib, let
pkgs, inherit (lib)
...
}: let
inherit
(lib)
mkEnableOption mkEnableOption
mkIf mkIf
; ;
cfg = config.my.services.tailscale; cfg = config.my.services.tailscale;
in { in
{
options.my.services.tailscale = { options.my.services.tailscale = {
enable = mkEnableOption "Tailscale"; enable = mkEnableOption "Tailscale";

14
services/tgv.nix
View file

@ -1,17 +1,15 @@
{ { config, lib, ... }:
config,
lib, let
... inherit (lib)
}: let
inherit
(lib)
mkEnableOption mkEnableOption
mkIf mkIf
; ;
cfg = config.my.services.tgv; cfg = config.my.services.tgv;
my = config.my; my = config.my;
in { in
{
options.my.services.tgv = { options.my.services.tgv = {
enable = mkEnableOption "TGV redirect"; enable = mkEnableOption "TGV redirect";
}; };

23
services/transmission.nix
View file

@ -1,10 +1,6 @@
{ { config, lib, ... }:
config, let
lib, inherit (lib)
...
}: let
inherit
(lib)
mkEnableOption mkEnableOption
mkIf mkIf
mkOption mkOption
@ -20,10 +16,9 @@
transmissionPeerPort = 30251; transmissionPeerPort = 30251;
downloadBase = "/media/torrents/"; downloadBase = "/media/torrents/";
in { in
options.my.services.transmission = let {
inherit (lib) types; options.my.services.transmission = let inherit (lib) types; in {
in {
enable = mkEnableOption "Transmission torrent client"; enable = mkEnableOption "Transmission torrent client";
username = mkOption { username = mkOption {
@ -42,8 +37,7 @@ in {
}; };
config = mkIf cfg.enable { config = mkIf cfg.enable {
services.transmission = services.transmission = {
{
enable = true; enable = true;
group = "media"; group = "media";
@ -66,8 +60,7 @@ in {
# automatically allow transmission.settings.peer-port # automatically allow transmission.settings.peer-port
openFirewall = true; openFirewall = true;
} } // (optionalAttrs (cfg.secretConfigFile != null) {
// (optionalAttrs (cfg.secretConfigFile != null) {
credentialsFile = cfg.secretConfigFile; credentialsFile = cfg.secretConfigFile;
}); });

17
services/vaultwarden.nix
View file

@ -1,11 +1,7 @@
{ { config, lib, pkgs, ... }:
config,
lib, let
pkgs, inherit (lib)
...
}: let
inherit
(lib)
mkEnableOption mkEnableOption
mkIf mkIf
mkOption mkOption
@ -16,9 +12,7 @@
domain = config.networking.domain; domain = config.networking.domain;
in { in {
options.my.services.vaultwarden = let options.my.services.vaultwarden = let inherit (lib) types; in {
inherit (lib) types;
in {
enable = mkEnableOption "Vaultwarden"; enable = mkEnableOption "Vaultwarden";
privatePort = mkOption { privatePort = mkOption {
@ -125,4 +119,5 @@ in {
''; '';
}; };
}; };
} }

3
zephyrus.nix
View file

@ -1,4 +1,5 @@
{...}: { { ... }:
{
imports = [ imports = [
# Default configuration # Default configuration
./base ./base