Switch to nixfmt-rfc-style
This commit is contained in:
parent
c823e50b2a
commit
ce88b03198
18
flake.lock
18
flake.lock
|
@ -89,11 +89,11 @@
|
||||||
},
|
},
|
||||||
"nixos-hardware": {
|
"nixos-hardware": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1706182238,
|
"lastModified": 1706834982,
|
||||||
"narHash": "sha256-Ti7CerGydU7xyrP/ow85lHsOpf+XMx98kQnPoQCSi1g=",
|
"narHash": "sha256-3CfxA7gZ+DVv/N9Pvw61bV5Oe/mWfxYPyVQGqp9TMJA=",
|
||||||
"owner": "nixos",
|
"owner": "nixos",
|
||||||
"repo": "nixos-hardware",
|
"repo": "nixos-hardware",
|
||||||
"rev": "f84eaffc35d1a655e84749228cde19922fcf55f1",
|
"rev": "83e571bb291161682b9c3ccd48318f115143a550",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -104,11 +104,11 @@
|
||||||
},
|
},
|
||||||
"nixpkgs": {
|
"nixpkgs": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1706098335,
|
"lastModified": 1706718339,
|
||||||
"narHash": "sha256-r3dWjT8P9/Ah5m5ul4WqIWD8muj5F+/gbCdjiNVBKmU=",
|
"narHash": "sha256-S+S97c/HzkO2A/YsU7ZmNF9w2s7Xk6P8dzmfDdckzLs=",
|
||||||
"owner": "nixos",
|
"owner": "nixos",
|
||||||
"repo": "nixpkgs",
|
"repo": "nixpkgs",
|
||||||
"rev": "a77ab169a83a4175169d78684ddd2e54486ac651",
|
"rev": "53fbe41cf76b6a685004194e38e889bc8857e8c2",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
@ -120,11 +120,11 @@
|
||||||
},
|
},
|
||||||
"nixpkgs-unstable": {
|
"nixpkgs-unstable": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1706191920,
|
"lastModified": 1706550542,
|
||||||
"narHash": "sha256-eLihrZAPZX0R6RyM5fYAWeKVNuQPYjAkCUBr+JNvtdE=",
|
"narHash": "sha256-UcsnCG6wx++23yeER4Hg18CXWbgNpqNXcHIo5/1Y+hc=",
|
||||||
"owner": "NixOS",
|
"owner": "NixOS",
|
||||||
"repo": "nixpkgs",
|
"repo": "nixpkgs",
|
||||||
"rev": "ae5c332cbb5827f6b1f02572496b141021de335f",
|
"rev": "97b17f32362e475016f942bbdfda4a4a72a8a652",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
|
31
flake.nix
31
flake.nix
|
@ -19,16 +19,22 @@
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
outputs = inputs@{ self, agenix, nixpkgs, nixpkgs-unstable, nixos-hardware
|
outputs =
|
||||||
, home-manager }:
|
inputs@{
|
||||||
|
self,
|
||||||
|
agenix,
|
||||||
|
nixpkgs,
|
||||||
|
nixpkgs-unstable,
|
||||||
|
nixos-hardware,
|
||||||
|
home-manager,
|
||||||
|
}:
|
||||||
let
|
let
|
||||||
mkComputer = import "${inputs.self}/lib/mk_computer.nix";
|
mkComputer = import "${inputs.self}/lib/mk_computer.nix";
|
||||||
mkRaspi = import "${inputs.self}/lib/mk_raspi.nix";
|
mkRaspi = import "${inputs.self}/lib/mk_raspi.nix";
|
||||||
mksdImage = host:
|
mksdImage =
|
||||||
|
host:
|
||||||
(self.nixosConfigurations.${host}.extendModules {
|
(self.nixosConfigurations.${host}.extendModules {
|
||||||
modules = [
|
modules = [ "${nixpkgs}/nixos/modules/installer/sd-card/sd-image-aarch64.nix" ];
|
||||||
"${nixpkgs}/nixos/modules/installer/sd-card/sd-image-aarch64.nix"
|
|
||||||
];
|
|
||||||
}).config.system.build.sdImage;
|
}).config.system.build.sdImage;
|
||||||
# required for home-manager only setup {
|
# required for home-manager only setup {
|
||||||
overlay-unstable = final: prev: {
|
overlay-unstable = final: prev: {
|
||||||
|
@ -39,11 +45,14 @@
|
||||||
};
|
};
|
||||||
pkgs = import inputs.nixpkgs {
|
pkgs = import inputs.nixpkgs {
|
||||||
system = "x86_64-linux";
|
system = "x86_64-linux";
|
||||||
config = { allowUnfree = true; };
|
config = {
|
||||||
|
allowUnfree = true;
|
||||||
|
};
|
||||||
overlays = [ overlay-unstable ];
|
overlays = [ overlay-unstable ];
|
||||||
};
|
};
|
||||||
# }
|
in
|
||||||
in {
|
# }
|
||||||
|
{
|
||||||
images = {
|
images = {
|
||||||
git = mksdImage "git";
|
git = mksdImage "git";
|
||||||
loki-test = mksdImage "loki-test";
|
loki-test = mksdImage "loki-test";
|
||||||
|
@ -131,7 +140,9 @@
|
||||||
];
|
];
|
||||||
extraSpecialArgs = {
|
extraSpecialArgs = {
|
||||||
inherit inputs;
|
inherit inputs;
|
||||||
nixosConfig = { az-username = "zweili"; };
|
nixosConfig = {
|
||||||
|
az-username = "zweili";
|
||||||
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
|
@ -1,4 +1,11 @@
|
||||||
{ config, lib, nixosConfig, pkgs, ... }: {
|
{
|
||||||
|
config,
|
||||||
|
lib,
|
||||||
|
nixosConfig,
|
||||||
|
pkgs,
|
||||||
|
...
|
||||||
|
}:
|
||||||
|
{
|
||||||
# Home Manager needs a bit of information about you and the
|
# Home Manager needs a bit of information about you and the
|
||||||
# paths it should manage.
|
# paths it should manage.
|
||||||
programs = {
|
programs = {
|
||||||
|
@ -23,7 +30,9 @@
|
||||||
"$git_status"
|
"$git_status"
|
||||||
"$character"
|
"$character"
|
||||||
];
|
];
|
||||||
python = { format = "[\${symbol}($virtualenv) ]($style)"; };
|
python = {
|
||||||
|
format = "[\${symbol}($virtualenv) ]($style)";
|
||||||
|
};
|
||||||
};
|
};
|
||||||
enable = true;
|
enable = true;
|
||||||
};
|
};
|
||||||
|
@ -74,9 +83,8 @@
|
||||||
};
|
};
|
||||||
|
|
||||||
shellAliases = {
|
shellAliases = {
|
||||||
format-modules = "nixfmt **/*.nix";
|
format-modules = "unstable.nixfmt-rfc-style **/*.nix";
|
||||||
nix-generations =
|
nix-generations = "sudo nix-env --list-generations --profile /nix/var/nix/profiles/system";
|
||||||
"sudo nix-env --list-generations --profile /nix/var/nix/profiles/system";
|
|
||||||
rebuild = ''
|
rebuild = ''
|
||||||
nixos-rebuild -j auto switch --use-remote-sudo
|
nixos-rebuild -j auto switch --use-remote-sudo
|
||||||
'';
|
'';
|
||||||
|
@ -93,7 +101,7 @@
|
||||||
highlight
|
highlight
|
||||||
killall
|
killall
|
||||||
ncdu
|
ncdu
|
||||||
nixfmt
|
unstable.nixfmt-rfc-style
|
||||||
nmon
|
nmon
|
||||||
tree
|
tree
|
||||||
unzip
|
unzip
|
||||||
|
|
|
@ -1,4 +1,5 @@
|
||||||
{ ... }: {
|
{ ... }:
|
||||||
|
{
|
||||||
imports = [
|
imports = [
|
||||||
./common
|
./common
|
||||||
./programs/alacritty
|
./programs/alacritty
|
||||||
|
|
|
@ -1,9 +1,10 @@
|
||||||
{ config, lib, ... }:
|
{ config, lib, ... }:
|
||||||
let cfg = config.programs.az-alacritty;
|
let
|
||||||
in {
|
cfg = config.programs.az-alacritty;
|
||||||
|
in
|
||||||
|
{
|
||||||
options = {
|
options = {
|
||||||
programs.az-alacritty.enable =
|
programs.az-alacritty.enable = lib.mkEnableOption "Enable alacritty terminal.";
|
||||||
lib.mkEnableOption "Enable alacritty terminal.";
|
|
||||||
};
|
};
|
||||||
|
|
||||||
config = lib.mkIf cfg.enable {
|
config = lib.mkIf cfg.enable {
|
||||||
|
|
|
@ -1,6 +1,13 @@
|
||||||
{ config, lib, pkgs, ... }:
|
{
|
||||||
let cfg = config.programs.az-ansible;
|
config,
|
||||||
in {
|
lib,
|
||||||
|
pkgs,
|
||||||
|
...
|
||||||
|
}:
|
||||||
|
let
|
||||||
|
cfg = config.programs.az-ansible;
|
||||||
|
in
|
||||||
|
{
|
||||||
options = {
|
options = {
|
||||||
programs.az-ansible.enable = lib.mkEnableOption "Enable ansible.";
|
programs.az-ansible.enable = lib.mkEnableOption "Enable ansible.";
|
||||||
};
|
};
|
||||||
|
|
|
@ -1,6 +1,13 @@
|
||||||
{ config, lib, pkgs, ... }:
|
{
|
||||||
let cfg = config.programs.az-calibre;
|
config,
|
||||||
in {
|
lib,
|
||||||
|
pkgs,
|
||||||
|
...
|
||||||
|
}:
|
||||||
|
let
|
||||||
|
cfg = config.programs.az-calibre;
|
||||||
|
in
|
||||||
|
{
|
||||||
options = {
|
options = {
|
||||||
programs.az-calibre.enable = lib.mkEnableOption "Enable calibre.";
|
programs.az-calibre.enable = lib.mkEnableOption "Enable calibre.";
|
||||||
};
|
};
|
||||||
|
|
|
@ -1,6 +1,13 @@
|
||||||
{ config, lib, pkgs, ... }:
|
{
|
||||||
let cfg = config.programs.az-czkawka;
|
config,
|
||||||
in {
|
lib,
|
||||||
|
pkgs,
|
||||||
|
...
|
||||||
|
}:
|
||||||
|
let
|
||||||
|
cfg = config.programs.az-czkawka;
|
||||||
|
in
|
||||||
|
{
|
||||||
options = {
|
options = {
|
||||||
programs.az-czkawka.enable = lib.mkEnableOption "Enable czkawka.";
|
programs.az-czkawka.enable = lib.mkEnableOption "Enable czkawka.";
|
||||||
};
|
};
|
||||||
|
|
|
@ -1,7 +1,16 @@
|
||||||
{ config, lib, pkgs, ... }:
|
{
|
||||||
let cfg = config.programs.az-emacs;
|
config,
|
||||||
in {
|
lib,
|
||||||
options = { programs.az-emacs.enable = lib.mkEnableOption "Enable emacs."; };
|
pkgs,
|
||||||
|
...
|
||||||
|
}:
|
||||||
|
let
|
||||||
|
cfg = config.programs.az-emacs;
|
||||||
|
in
|
||||||
|
{
|
||||||
|
options = {
|
||||||
|
programs.az-emacs.enable = lib.mkEnableOption "Enable emacs.";
|
||||||
|
};
|
||||||
|
|
||||||
config = lib.mkIf cfg.enable {
|
config = lib.mkIf cfg.enable {
|
||||||
home.packages = with pkgs; [
|
home.packages = with pkgs; [
|
||||||
|
@ -25,8 +34,8 @@ in {
|
||||||
languagetool-console-command "${pkgs.languagetool}/share/languagetool-commandline.jar"
|
languagetool-console-command "${pkgs.languagetool}/share/languagetool-commandline.jar"
|
||||||
languagetool-server-command "${pkgs.languagetool}/share/languagetool-server.jar")
|
languagetool-server-command "${pkgs.languagetool}/share/languagetool-server.jar")
|
||||||
'';
|
'';
|
||||||
extraPackages = epkgs:
|
extraPackages =
|
||||||
with pkgs; [
|
epkgs: with pkgs; [
|
||||||
epkgs.ag
|
epkgs.ag
|
||||||
epkgs.amx
|
epkgs.amx
|
||||||
epkgs.annotate
|
epkgs.annotate
|
||||||
|
|
|
@ -1,9 +1,15 @@
|
||||||
{ config, inputs, lib, ... }:
|
{
|
||||||
let cfg = config.programs.az-email;
|
config,
|
||||||
in {
|
inputs,
|
||||||
|
lib,
|
||||||
|
...
|
||||||
|
}:
|
||||||
|
let
|
||||||
|
cfg = config.programs.az-email;
|
||||||
|
in
|
||||||
|
{
|
||||||
options = {
|
options = {
|
||||||
programs.az-email.enable =
|
programs.az-email.enable = lib.mkEnableOption "Configure everything required for sending emails.";
|
||||||
lib.mkEnableOption "Configure everything required for sending emails.";
|
|
||||||
};
|
};
|
||||||
|
|
||||||
config = lib.mkIf cfg.enable {
|
config = lib.mkIf cfg.enable {
|
||||||
|
@ -18,14 +24,21 @@ in {
|
||||||
userName = "andreas@zweili.ch";
|
userName = "andreas@zweili.ch";
|
||||||
primary = true;
|
primary = true;
|
||||||
passwordCommand = "cat /run/user/1000/agenix/personalEmailKey";
|
passwordCommand = "cat /run/user/1000/agenix/personalEmailKey";
|
||||||
aliases = [ "andreas.zweili@gmail.com" "andreas@2li.ch" ];
|
aliases = [
|
||||||
|
"andreas.zweili@gmail.com"
|
||||||
|
"andreas@2li.ch"
|
||||||
|
];
|
||||||
msmtp.enable = true;
|
msmtp.enable = true;
|
||||||
mu.enable = true;
|
mu.enable = true;
|
||||||
offlineimap = {
|
offlineimap = {
|
||||||
enable = true;
|
enable = true;
|
||||||
extraConfig = {
|
extraConfig = {
|
||||||
account = { autorefresh = 15; };
|
account = {
|
||||||
local = { sync_deletes = true; };
|
autorefresh = 15;
|
||||||
|
};
|
||||||
|
local = {
|
||||||
|
sync_deletes = true;
|
||||||
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
imap = {
|
imap = {
|
||||||
|
|
|
@ -1,6 +1,13 @@
|
||||||
{ config, lib, pkgs, ... }:
|
{
|
||||||
let cfg = config.programs.az-evince;
|
config,
|
||||||
in {
|
lib,
|
||||||
|
pkgs,
|
||||||
|
...
|
||||||
|
}:
|
||||||
|
let
|
||||||
|
cfg = config.programs.az-evince;
|
||||||
|
in
|
||||||
|
{
|
||||||
options = {
|
options = {
|
||||||
programs.az-evince.enable = lib.mkEnableOption "Enable evince.";
|
programs.az-evince.enable = lib.mkEnableOption "Enable evince.";
|
||||||
};
|
};
|
||||||
|
|
|
@ -1,6 +1,8 @@
|
||||||
{ config, lib, ... }:
|
{ config, lib, ... }:
|
||||||
let cfg = config.programs.az-git;
|
let
|
||||||
in {
|
cfg = config.programs.az-git;
|
||||||
|
in
|
||||||
|
{
|
||||||
options = {
|
options = {
|
||||||
programs.az-git = {
|
programs.az-git = {
|
||||||
enable = lib.mkEnableOption "Enable git.";
|
enable = lib.mkEnableOption "Enable git.";
|
||||||
|
@ -25,15 +27,25 @@ in {
|
||||||
syntax-theme = "GitHub";
|
syntax-theme = "GitHub";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
includes = [{
|
includes = [
|
||||||
path = "~/.config/git/workconfig";
|
{
|
||||||
condition = "gitdir:~/git_repos/work/";
|
path = "~/.config/git/workconfig";
|
||||||
}];
|
condition = "gitdir:~/git_repos/work/";
|
||||||
|
}
|
||||||
|
];
|
||||||
extraConfig = {
|
extraConfig = {
|
||||||
core = { hooksPath = "~/.config/git/hooks/"; };
|
core = {
|
||||||
safe = { directory = "*"; };
|
hooksPath = "~/.config/git/hooks/";
|
||||||
pull = { rebase = false; };
|
};
|
||||||
push = { autoSetupRemote = true; };
|
safe = {
|
||||||
|
directory = "*";
|
||||||
|
};
|
||||||
|
pull = {
|
||||||
|
rebase = false;
|
||||||
|
};
|
||||||
|
push = {
|
||||||
|
autoSetupRemote = true;
|
||||||
|
};
|
||||||
merge.conflictStyle = "diff3";
|
merge.conflictStyle = "diff3";
|
||||||
rerere.enabled = true;
|
rerere.enabled = true;
|
||||||
};
|
};
|
||||||
|
@ -122,7 +134,6 @@ in {
|
||||||
|
|
||||||
# ignore pycache"
|
# ignore pycache"
|
||||||
"__pycache__/"
|
"__pycache__/"
|
||||||
|
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
# raw files
|
# raw files
|
||||||
|
|
|
@ -1,6 +1,13 @@
|
||||||
{ config, lib, pkgs, ... }:
|
{
|
||||||
let cfg = config.programs.az-hunspell;
|
config,
|
||||||
in {
|
lib,
|
||||||
|
pkgs,
|
||||||
|
...
|
||||||
|
}:
|
||||||
|
let
|
||||||
|
cfg = config.programs.az-hunspell;
|
||||||
|
in
|
||||||
|
{
|
||||||
options = {
|
options = {
|
||||||
programs.az-hunspell.enable = lib.mkEnableOption "Add dictionaries";
|
programs.az-hunspell.enable = lib.mkEnableOption "Add dictionaries";
|
||||||
};
|
};
|
||||||
|
|
|
@ -1,6 +1,13 @@
|
||||||
{ config, lib, pkgs, ... }:
|
{
|
||||||
let cfg = config.programs.az-keeweb;
|
config,
|
||||||
in {
|
lib,
|
||||||
|
pkgs,
|
||||||
|
...
|
||||||
|
}:
|
||||||
|
let
|
||||||
|
cfg = config.programs.az-keeweb;
|
||||||
|
in
|
||||||
|
{
|
||||||
options = {
|
options = {
|
||||||
programs.az-keeweb.enable = lib.mkEnableOption "Enable keeweb.";
|
programs.az-keeweb.enable = lib.mkEnableOption "Enable keeweb.";
|
||||||
};
|
};
|
||||||
|
@ -17,7 +24,9 @@ in {
|
||||||
Environment = "QT_SCALE_FACTOR=1.25";
|
Environment = "QT_SCALE_FACTOR=1.25";
|
||||||
ExecStart = "${pkgs.keeweb}/bin/keeweb --no-sandbox";
|
ExecStart = "${pkgs.keeweb}/bin/keeweb --no-sandbox";
|
||||||
};
|
};
|
||||||
Install = { WantedBy = [ "graphical-session.target" ]; };
|
Install = {
|
||||||
|
WantedBy = [ "graphical-session.target" ];
|
||||||
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,22 +1,31 @@
|
||||||
{ config, lib, pkgs, ... }:
|
{
|
||||||
|
config,
|
||||||
|
lib,
|
||||||
|
pkgs,
|
||||||
|
...
|
||||||
|
}:
|
||||||
let
|
let
|
||||||
cfg = config.programs.az-mpv;
|
cfg = config.programs.az-mpv;
|
||||||
delete-file = (pkgs.stdenvNoCC.mkDerivation rec {
|
delete-file = (
|
||||||
name = "mpv-delete-file";
|
pkgs.stdenvNoCC.mkDerivation rec {
|
||||||
src = pkgs.fetchurl {
|
name = "mpv-delete-file";
|
||||||
url =
|
src = pkgs.fetchurl {
|
||||||
"https://git.2li.ch/various/mpv-scripts/raw/commit/19ea069abcb794d1bf8fac2f59b50d71ab992130/delete_file.lua";
|
url = "https://git.2li.ch/various/mpv-scripts/raw/commit/19ea069abcb794d1bf8fac2f59b50d71ab992130/delete_file.lua";
|
||||||
sha256 = "sha256-1FX23t+O1aFZnbuvl+9zDT8OcKEziWNGj5cAMSvRIas=";
|
sha256 = "sha256-1FX23t+O1aFZnbuvl+9zDT8OcKEziWNGj5cAMSvRIas=";
|
||||||
};
|
};
|
||||||
dontBuild = true;
|
dontBuild = true;
|
||||||
dontUnpack = true;
|
dontUnpack = true;
|
||||||
installPhase = ''
|
installPhase = ''
|
||||||
install -Dm644 ${src} $out/share/mpv/scripts/delete_file.lua
|
install -Dm644 ${src} $out/share/mpv/scripts/delete_file.lua
|
||||||
'';
|
'';
|
||||||
passthru.scriptName = "delete_file.lua";
|
passthru.scriptName = "delete_file.lua";
|
||||||
});
|
}
|
||||||
in {
|
);
|
||||||
options = { programs.az-mpv.enable = lib.mkEnableOption "Enable MPV."; };
|
in
|
||||||
|
{
|
||||||
|
options = {
|
||||||
|
programs.az-mpv.enable = lib.mkEnableOption "Enable MPV.";
|
||||||
|
};
|
||||||
|
|
||||||
config = lib.mkIf cfg.enable {
|
config = lib.mkIf cfg.enable {
|
||||||
programs.mpv = {
|
programs.mpv = {
|
||||||
|
@ -25,13 +34,17 @@ in {
|
||||||
s = "playlist-shuffle";
|
s = "playlist-shuffle";
|
||||||
r = "cycle_values video-rotate 90 180 270 0";
|
r = "cycle_values video-rotate 90 180 270 0";
|
||||||
};
|
};
|
||||||
config = { "keepaspect-window" = "no"; };
|
config = {
|
||||||
|
"keepaspect-window" = "no";
|
||||||
|
};
|
||||||
scripts = [ delete-file ];
|
scripts = [ delete-file ];
|
||||||
};
|
};
|
||||||
|
|
||||||
xdg.mimeApps = {
|
xdg.mimeApps = {
|
||||||
enable = true;
|
enable = true;
|
||||||
associations.added = { "inode/directory" = [ "mpv.desktop" ]; };
|
associations.added = {
|
||||||
|
"inode/directory" = [ "mpv.desktop" ];
|
||||||
|
};
|
||||||
defaultApplications = {
|
defaultApplications = {
|
||||||
"application/mxf" = "mpv.desktop";
|
"application/mxf" = "mpv.desktop";
|
||||||
"application/sdp" = "mpv.desktop";
|
"application/sdp" = "mpv.desktop";
|
||||||
|
|
|
@ -1,9 +1,10 @@
|
||||||
{ config, lib, ... }:
|
{ config, lib, ... }:
|
||||||
let cfg = config.programs.az-open-port;
|
let
|
||||||
in {
|
cfg = config.programs.az-open-port;
|
||||||
|
in
|
||||||
|
{
|
||||||
options = {
|
options = {
|
||||||
programs.az-open-port.enable =
|
programs.az-open-port.enable = lib.mkEnableOption "Two functions to quickly open a port in iptables.";
|
||||||
lib.mkEnableOption "Two functions to quickly open a port in iptables.";
|
|
||||||
};
|
};
|
||||||
|
|
||||||
config = lib.mkIf cfg.enable {
|
config = lib.mkIf cfg.enable {
|
||||||
|
|
|
@ -1,9 +1,15 @@
|
||||||
{ config, lib, pkgs, ... }:
|
{
|
||||||
let cfg = config.programs.az-rapid-photo-downloader;
|
config,
|
||||||
in {
|
lib,
|
||||||
|
pkgs,
|
||||||
|
...
|
||||||
|
}:
|
||||||
|
let
|
||||||
|
cfg = config.programs.az-rapid-photo-downloader;
|
||||||
|
in
|
||||||
|
{
|
||||||
options = {
|
options = {
|
||||||
programs.az-rapid-photo-downloader.enable =
|
programs.az-rapid-photo-downloader.enable = lib.mkEnableOption "Enable Rapid Photo Downloader.";
|
||||||
lib.mkEnableOption "Enable Rapid Photo Downloader.";
|
|
||||||
};
|
};
|
||||||
|
|
||||||
config = lib.mkIf cfg.enable {
|
config = lib.mkIf cfg.enable {
|
||||||
|
|
|
@ -1,6 +1,13 @@
|
||||||
{ config, lib, pkgs, ... }:
|
{
|
||||||
let cfg = config.programs.az-signal;
|
config,
|
||||||
in {
|
lib,
|
||||||
|
pkgs,
|
||||||
|
...
|
||||||
|
}:
|
||||||
|
let
|
||||||
|
cfg = config.programs.az-signal;
|
||||||
|
in
|
||||||
|
{
|
||||||
options = {
|
options = {
|
||||||
programs.az-signal.enable = lib.mkEnableOption "Enable Signal.";
|
programs.az-signal.enable = lib.mkEnableOption "Enable Signal.";
|
||||||
};
|
};
|
||||||
|
@ -12,14 +19,20 @@ in {
|
||||||
xdg.desktopEntries = {
|
xdg.desktopEntries = {
|
||||||
signal = {
|
signal = {
|
||||||
name = "Signal with tray icon";
|
name = "Signal with tray icon";
|
||||||
exec =
|
exec = "${pkgs.unstable.signal-desktop}/bin/signal-desktop --use-tray-icon --no-sandbox %U";
|
||||||
"${pkgs.unstable.signal-desktop}/bin/signal-desktop --use-tray-icon --no-sandbox %U";
|
|
||||||
terminal = false;
|
terminal = false;
|
||||||
type = "Application";
|
type = "Application";
|
||||||
icon = "signal-desktop";
|
icon = "signal-desktop";
|
||||||
comment = "Private messaging from your desktop";
|
comment = "Private messaging from your desktop";
|
||||||
mimeType = [ "x-scheme-handler/sgnl" "x-scheme-handler/signalcaptcha" ];
|
mimeType = [
|
||||||
categories = [ "Network" "InstantMessaging" "Chat" ];
|
"x-scheme-handler/sgnl"
|
||||||
|
"x-scheme-handler/signalcaptcha"
|
||||||
|
];
|
||||||
|
categories = [
|
||||||
|
"Network"
|
||||||
|
"InstantMessaging"
|
||||||
|
"Chat"
|
||||||
|
];
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
|
@ -1,7 +1,11 @@
|
||||||
{ config, lib, ... }:
|
{ config, lib, ... }:
|
||||||
let cfg = config.programs.az-ssh;
|
let
|
||||||
in {
|
cfg = config.programs.az-ssh;
|
||||||
options = { programs.az-ssh.enable = lib.mkEnableOption "Enable SSH host."; };
|
in
|
||||||
|
{
|
||||||
|
options = {
|
||||||
|
programs.az-ssh.enable = lib.mkEnableOption "Enable SSH host.";
|
||||||
|
};
|
||||||
|
|
||||||
config = lib.mkIf cfg.enable {
|
config = lib.mkIf cfg.enable {
|
||||||
programs.ssh = {
|
programs.ssh = {
|
||||||
|
|
|
@ -1,6 +1,13 @@
|
||||||
{ config, lib, pkgs, ... }:
|
{
|
||||||
let cfg = config.programs.az-telegram;
|
config,
|
||||||
in {
|
lib,
|
||||||
|
pkgs,
|
||||||
|
...
|
||||||
|
}:
|
||||||
|
let
|
||||||
|
cfg = config.programs.az-telegram;
|
||||||
|
in
|
||||||
|
{
|
||||||
options = {
|
options = {
|
||||||
programs.az-telegram.enable = lib.mkEnableOption "Enable Telegram.";
|
programs.az-telegram.enable = lib.mkEnableOption "Enable Telegram.";
|
||||||
};
|
};
|
||||||
|
|
|
@ -1,7 +1,11 @@
|
||||||
{ config, lib, ... }:
|
{ config, lib, ... }:
|
||||||
let cfg = config.programs.az-tmux;
|
let
|
||||||
in {
|
cfg = config.programs.az-tmux;
|
||||||
options = { programs.az-tmux.enable = lib.mkEnableOption "Enable tmux"; };
|
in
|
||||||
|
{
|
||||||
|
options = {
|
||||||
|
programs.az-tmux.enable = lib.mkEnableOption "Enable tmux";
|
||||||
|
};
|
||||||
|
|
||||||
config = lib.mkIf cfg.enable {
|
config = lib.mkIf cfg.enable {
|
||||||
programs.tmux = {
|
programs.tmux = {
|
||||||
|
@ -70,4 +74,3 @@ in {
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -1,9 +1,15 @@
|
||||||
{ config, lib, pkgs, ... }:
|
{
|
||||||
let cfg = config.programs.az-vagrant-wsl;
|
config,
|
||||||
in {
|
lib,
|
||||||
|
pkgs,
|
||||||
|
...
|
||||||
|
}:
|
||||||
|
let
|
||||||
|
cfg = config.programs.az-vagrant-wsl;
|
||||||
|
in
|
||||||
|
{
|
||||||
options = {
|
options = {
|
||||||
programs.az-vagrant-wsl.enable =
|
programs.az-vagrant-wsl.enable = lib.mkEnableOption "Enable Vagrant in WSL.";
|
||||||
lib.mkEnableOption "Enable Vagrant in WSL.";
|
|
||||||
};
|
};
|
||||||
|
|
||||||
config = lib.mkIf cfg.enable {
|
config = lib.mkIf cfg.enable {
|
||||||
|
|
|
@ -1,11 +1,21 @@
|
||||||
{ config, lib, pkgs, ... }:
|
{
|
||||||
let cfg = config.programs.az-work-desktop;
|
config,
|
||||||
in {
|
lib,
|
||||||
|
pkgs,
|
||||||
|
...
|
||||||
|
}:
|
||||||
|
let
|
||||||
|
cfg = config.programs.az-work-desktop;
|
||||||
|
in
|
||||||
|
{
|
||||||
options = {
|
options = {
|
||||||
programs.az-work-desktop.enable =
|
programs.az-work-desktop.enable = lib.mkEnableOption "Applications and config required for work.";
|
||||||
lib.mkEnableOption "Applications and config required for work.";
|
|
||||||
};
|
};
|
||||||
|
|
||||||
config =
|
config = lib.mkIf cfg.enable {
|
||||||
lib.mkIf cfg.enable { home.packages = with pkgs; [ dbeaver vagrant ]; };
|
home.packages = with pkgs; [
|
||||||
|
dbeaver
|
||||||
|
vagrant
|
||||||
|
];
|
||||||
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,6 +1,8 @@
|
||||||
{ config, lib, ... }:
|
{ config, lib, ... }:
|
||||||
let cfg = config.programs.az-yt-dlp;
|
let
|
||||||
in {
|
cfg = config.programs.az-yt-dlp;
|
||||||
|
in
|
||||||
|
{
|
||||||
options = {
|
options = {
|
||||||
programs.az-yt-dlp.enable = lib.mkEnableOption "Enable yt-dlp.";
|
programs.az-yt-dlp.enable = lib.mkEnableOption "Enable yt-dlp.";
|
||||||
};
|
};
|
||||||
|
@ -11,7 +13,9 @@ in {
|
||||||
extraConfig = ''
|
extraConfig = ''
|
||||||
-S "+codec:h264"
|
-S "+codec:h264"
|
||||||
'';
|
'';
|
||||||
settings = { remux-video = "mkv"; };
|
settings = {
|
||||||
|
remux-video = "mkv";
|
||||||
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,9 +1,15 @@
|
||||||
{ config, lib, pkgs, ... }:
|
{
|
||||||
let cfg = config.services.az-desktop-base;
|
config,
|
||||||
in {
|
lib,
|
||||||
|
pkgs,
|
||||||
|
...
|
||||||
|
}:
|
||||||
|
let
|
||||||
|
cfg = config.services.az-desktop-base;
|
||||||
|
in
|
||||||
|
{
|
||||||
options = {
|
options = {
|
||||||
services.az-desktop-base.enable =
|
services.az-desktop-base.enable = lib.mkEnableOption "Base configuration for a destkop.";
|
||||||
lib.mkEnableOption "Base configuration for a destkop.";
|
|
||||||
};
|
};
|
||||||
|
|
||||||
config = lib.mkIf cfg.enable {
|
config = lib.mkIf cfg.enable {
|
||||||
|
@ -23,10 +29,8 @@ in {
|
||||||
az-tmux.enable = true;
|
az-tmux.enable = true;
|
||||||
bash = {
|
bash = {
|
||||||
shellAliases = {
|
shellAliases = {
|
||||||
management-server =
|
management-server = "mosh ${config.home.username}@10.7.89.150 -- tmux new -A -s 0";
|
||||||
"mosh ${config.home.username}@10.7.89.150 -- tmux new -A -s 0";
|
work-management = "mosh --ssh='ssh -i ~/.ssh/zweili.key' zweili@10.49.0.100 -- tmux new -A -s 0";
|
||||||
work-management =
|
|
||||||
"mosh --ssh='ssh -i ~/.ssh/zweili.key' zweili@10.49.0.100 -- tmux new -A -s 0";
|
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
@ -40,8 +44,7 @@ in {
|
||||||
remmina
|
remmina
|
||||||
];
|
];
|
||||||
# raw config files
|
# raw config files
|
||||||
home.file.".config/qtile/autostart.d/xdg-portal-add-path.sh".source =
|
home.file.".config/qtile/autostart.d/xdg-portal-add-path.sh".source = ./xdg-portal-add-path.sh;
|
||||||
./xdg-portal-add-path.sh;
|
|
||||||
|
|
||||||
gtk.theme.name = "Arc-Darker";
|
gtk.theme.name = "Arc-Darker";
|
||||||
|
|
||||||
|
@ -94,7 +97,9 @@ in {
|
||||||
configFile."mimeapps.list".force = true;
|
configFile."mimeapps.list".force = true;
|
||||||
};
|
};
|
||||||
|
|
||||||
xsession = { numlock.enable = true; };
|
xsession = {
|
||||||
|
numlock.enable = true;
|
||||||
|
};
|
||||||
|
|
||||||
services = {
|
services = {
|
||||||
az-dunst.enable = true;
|
az-dunst.enable = true;
|
||||||
|
@ -109,4 +114,3 @@ in {
|
||||||
systemd.user.startServices = "sd-switch";
|
systemd.user.startServices = "sd-switch";
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -1,7 +1,11 @@
|
||||||
{ config, lib, ... }:
|
{ config, lib, ... }:
|
||||||
let cfg = config.services.az-dunst;
|
let
|
||||||
in {
|
cfg = config.services.az-dunst;
|
||||||
options = { services.az-dunst.enable = lib.mkEnableOption "Enable dunst."; };
|
in
|
||||||
|
{
|
||||||
|
options = {
|
||||||
|
services.az-dunst.enable = lib.mkEnableOption "Enable dunst.";
|
||||||
|
};
|
||||||
|
|
||||||
config = lib.mkIf cfg.enable {
|
config = lib.mkIf cfg.enable {
|
||||||
services.dunst = {
|
services.dunst = {
|
||||||
|
|
|
@ -1,6 +1,8 @@
|
||||||
{ config, lib, ... }:
|
{ config, lib, ... }:
|
||||||
let cfg = config.services.az-espanso;
|
let
|
||||||
in {
|
cfg = config.services.az-espanso;
|
||||||
|
in
|
||||||
|
{
|
||||||
options = {
|
options = {
|
||||||
services.az-espanso.enable = lib.mkEnableOption "Enable espanso.";
|
services.az-espanso.enable = lib.mkEnableOption "Enable espanso.";
|
||||||
};
|
};
|
||||||
|
@ -16,23 +18,30 @@ in {
|
||||||
{
|
{
|
||||||
trigger = "<dd";
|
trigger = "<dd";
|
||||||
replace = "{{current_date}}";
|
replace = "{{current_date}}";
|
||||||
vars = [{
|
vars = [
|
||||||
name = "current_date";
|
{
|
||||||
type = "date";
|
name = "current_date";
|
||||||
params = { format = "%Y-%m-%d"; };
|
type = "date";
|
||||||
}];
|
params = {
|
||||||
|
format = "%Y-%m-%d";
|
||||||
|
};
|
||||||
|
}
|
||||||
|
];
|
||||||
}
|
}
|
||||||
{
|
{
|
||||||
trigger = "<ds";
|
trigger = "<ds";
|
||||||
replace = "{{current_date}}";
|
replace = "{{current_date}}";
|
||||||
vars = [{
|
vars = [
|
||||||
name = "current_date";
|
{
|
||||||
type = "date";
|
name = "current_date";
|
||||||
params = { format = "%Y-%m-%d_%H%M%S"; };
|
type = "date";
|
||||||
}];
|
params = {
|
||||||
|
format = "%Y-%m-%d_%H%M%S";
|
||||||
|
};
|
||||||
|
}
|
||||||
|
];
|
||||||
}
|
}
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -1,9 +1,15 @@
|
||||||
{ config, lib, pkgs, ... }:
|
{
|
||||||
let cfg = config.services.az-grobi;
|
config,
|
||||||
in {
|
lib,
|
||||||
|
pkgs,
|
||||||
|
...
|
||||||
|
}:
|
||||||
|
let
|
||||||
|
cfg = config.services.az-grobi;
|
||||||
|
in
|
||||||
|
{
|
||||||
options = {
|
options = {
|
||||||
services.az-grobi.enable =
|
services.az-grobi.enable = lib.mkEnableOption "Enabel grobi display manager.";
|
||||||
lib.mkEnableOption "Enabel grobi display manager.";
|
|
||||||
};
|
};
|
||||||
|
|
||||||
config = lib.mkIf cfg.enable {
|
config = lib.mkIf cfg.enable {
|
||||||
|
@ -23,7 +29,10 @@ in {
|
||||||
}
|
}
|
||||||
{
|
{
|
||||||
name = "docked";
|
name = "docked";
|
||||||
outputs_connected = [ "eDP-1" "DP-1-2" ];
|
outputs_connected = [
|
||||||
|
"eDP-1"
|
||||||
|
"DP-1-2"
|
||||||
|
];
|
||||||
atomic = true;
|
atomic = true;
|
||||||
configure_single = "DP-1-2";
|
configure_single = "DP-1-2";
|
||||||
primary = true;
|
primary = true;
|
||||||
|
|
|
@ -8,7 +8,8 @@ let
|
||||||
nvidia-offload mpv --shuffle --mute=yes "/run/user/1000/gvfs/smb-share:server=10.7.89.108,share=various2/$directory/" &
|
nvidia-offload mpv --shuffle --mute=yes "/run/user/1000/gvfs/smb-share:server=10.7.89.108,share=various2/$directory/" &
|
||||||
done
|
done
|
||||||
'';
|
'';
|
||||||
in {
|
in
|
||||||
|
{
|
||||||
imports = [ "${inputs.self}/home-manager/modules" ];
|
imports = [ "${inputs.self}/home-manager/modules" ];
|
||||||
home = {
|
home = {
|
||||||
packages = with pkgs; [
|
packages = with pkgs; [
|
||||||
|
@ -22,8 +23,7 @@ in {
|
||||||
az-media
|
az-media
|
||||||
];
|
];
|
||||||
shellAliases = {
|
shellAliases = {
|
||||||
unlock-luks =
|
unlock-luks = "ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -o User=root";
|
||||||
"ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -o User=root";
|
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
|
@ -34,6 +34,7 @@ in {
|
||||||
az-yt-dlp.enable = true;
|
az-yt-dlp.enable = true;
|
||||||
};
|
};
|
||||||
|
|
||||||
services = { az-desktop-base.enable = true; };
|
services = {
|
||||||
|
az-desktop-base.enable = true;
|
||||||
|
};
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -1,4 +1,5 @@
|
||||||
{ inputs, ... }: {
|
{ inputs, ... }:
|
||||||
|
{
|
||||||
imports = [ "${inputs.self}/home-manager/modules" ];
|
imports = [ "${inputs.self}/home-manager/modules" ];
|
||||||
systemd.user.startServices = "sd-switch";
|
systemd.user.startServices = "sd-switch";
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,4 +1,5 @@
|
||||||
{ inputs, pkgs, ... }: {
|
{ inputs, pkgs, ... }:
|
||||||
|
{
|
||||||
imports = [ "${inputs.self}/home-manager/modules" ];
|
imports = [ "${inputs.self}/home-manager/modules" ];
|
||||||
|
|
||||||
home = {
|
home = {
|
||||||
|
@ -9,8 +10,7 @@
|
||||||
xclip
|
xclip
|
||||||
];
|
];
|
||||||
shellAliases = {
|
shellAliases = {
|
||||||
unlock-luks =
|
unlock-luks = "ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -o User=root";
|
||||||
"ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -o User=root";
|
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
|
@ -1,4 +1,5 @@
|
||||||
{ inputs, ... }: {
|
{ inputs, ... }:
|
||||||
|
{
|
||||||
imports = [ "${inputs.self}/home-manager/modules" ];
|
imports = [ "${inputs.self}/home-manager/modules" ];
|
||||||
|
|
||||||
targets.genericLinux.enable = true;
|
targets.genericLinux.enable = true;
|
||||||
|
|
|
@ -1,4 +1,5 @@
|
||||||
{ inputs, pkgs, ... }: {
|
{ inputs, pkgs, ... }:
|
||||||
|
{
|
||||||
imports = [ "${inputs.self}/home-manager/modules" ];
|
imports = [ "${inputs.self}/home-manager/modules" ];
|
||||||
home = {
|
home = {
|
||||||
packages = with pkgs; [
|
packages = with pkgs; [
|
||||||
|
@ -8,10 +9,13 @@
|
||||||
};
|
};
|
||||||
|
|
||||||
programs = {
|
programs = {
|
||||||
az-git = { userEmail = "zweili@contria.com"; };
|
az-git = {
|
||||||
|
userEmail = "zweili@contria.com";
|
||||||
|
};
|
||||||
az-work-desktop.enable = true;
|
az-work-desktop.enable = true;
|
||||||
};
|
};
|
||||||
|
|
||||||
services = { az-desktop-base.enable = true; };
|
services = {
|
||||||
|
az-desktop-base.enable = true;
|
||||||
|
};
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -1,4 +1,10 @@
|
||||||
{ config, inputs, pkgs, ... }: {
|
{
|
||||||
|
config,
|
||||||
|
inputs,
|
||||||
|
pkgs,
|
||||||
|
...
|
||||||
|
}:
|
||||||
|
{
|
||||||
imports = [ "${inputs.self}/home-manager/modules" ];
|
imports = [ "${inputs.self}/home-manager/modules" ];
|
||||||
|
|
||||||
programs.direnv = {
|
programs.direnv = {
|
||||||
|
@ -15,7 +21,13 @@
|
||||||
NIX_PATH = "nixpkgs=${inputs.nixpkgs}";
|
NIX_PATH = "nixpkgs=${inputs.nixpkgs}";
|
||||||
PATH = "$PATH:$HOME/.local/bin";
|
PATH = "$PATH:$HOME/.local/bin";
|
||||||
};
|
};
|
||||||
packages = with pkgs; [ keychain nixfmt mosh gyre-fonts source-code-pro ];
|
packages = with pkgs; [
|
||||||
|
keychain
|
||||||
|
unstable.nixfmt-rfc-style
|
||||||
|
mosh
|
||||||
|
gyre-fonts
|
||||||
|
source-code-pro
|
||||||
|
];
|
||||||
};
|
};
|
||||||
nix = {
|
nix = {
|
||||||
package = pkgs.nix;
|
package = pkgs.nix;
|
||||||
|
@ -25,8 +37,10 @@
|
||||||
experimental-features = "nix-command flakes";
|
experimental-features = "nix-command flakes";
|
||||||
fallback = true;
|
fallback = true;
|
||||||
warn-dirty = false;
|
warn-dirty = false;
|
||||||
substituters =
|
substituters = [
|
||||||
[ "https://nix-community.cachix.org" "https://cache.nixos.org" ];
|
"https://nix-community.cachix.org"
|
||||||
|
"https://cache.nixos.org"
|
||||||
|
];
|
||||||
trusted-public-keys = [
|
trusted-public-keys = [
|
||||||
"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
|
"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
|
||||||
"cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY="
|
"cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY="
|
||||||
|
@ -38,7 +52,9 @@
|
||||||
programs = {
|
programs = {
|
||||||
az-ansible.enable = true;
|
az-ansible.enable = true;
|
||||||
az-emacs.enable = true;
|
az-emacs.enable = true;
|
||||||
az-git = { userEmail = "zweili@contria.com"; };
|
az-git = {
|
||||||
|
userEmail = "zweili@contria.com";
|
||||||
|
};
|
||||||
az-hunspell.enable = true;
|
az-hunspell.enable = true;
|
||||||
az-tmux.enable = true;
|
az-tmux.enable = true;
|
||||||
az-vagrant-wsl.enable = true;
|
az-vagrant-wsl.enable = true;
|
||||||
|
@ -47,8 +63,7 @@
|
||||||
. /home/zweili/.nix-profile/etc/profile.d/nix.sh
|
. /home/zweili/.nix-profile/etc/profile.d/nix.sh
|
||||||
'';
|
'';
|
||||||
shellAliases = {
|
shellAliases = {
|
||||||
work-management =
|
work-management = "mosh --ssh='ssh -i ~/.ssh/zweili.key' zweili@10.49.0.100 -- tmux new -A -s 0";
|
||||||
"mosh --ssh='ssh -i ~/.ssh/zweili.key' zweili@10.49.0.100 -- tmux new -A -s 0";
|
|
||||||
work-vm = ''ssh andreas@localhost -p 2222 -t "$@" "tmux new -A -s 0"'';
|
work-vm = ''ssh andreas@localhost -p 2222 -t "$@" "tmux new -A -s 0"'';
|
||||||
hm-rebuild = "home-manager switch";
|
hm-rebuild = "home-manager switch";
|
||||||
};
|
};
|
||||||
|
@ -56,4 +71,3 @@
|
||||||
};
|
};
|
||||||
systemd.user.startServices = "suggest";
|
systemd.user.startServices = "suggest";
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -1,5 +1,10 @@
|
||||||
{ hostname, inputs, system ? "x86_64-linux", home-module ? "headless"
|
{
|
||||||
, username ? "andreas" }:
|
hostname,
|
||||||
|
inputs,
|
||||||
|
system ? "x86_64-linux",
|
||||||
|
home-module ? "headless",
|
||||||
|
username ? "andreas",
|
||||||
|
}:
|
||||||
let
|
let
|
||||||
overlay-unstable = final: prev: {
|
overlay-unstable = final: prev: {
|
||||||
unstable = import inputs.nixpkgs-unstable {
|
unstable = import inputs.nixpkgs-unstable {
|
||||||
|
@ -10,7 +15,9 @@ let
|
||||||
|
|
||||||
pkgs = import inputs.nixpkgs {
|
pkgs = import inputs.nixpkgs {
|
||||||
inherit system;
|
inherit system;
|
||||||
config = { allowUnfree = true; };
|
config = {
|
||||||
|
allowUnfree = true;
|
||||||
|
};
|
||||||
overlays = [
|
overlays = [
|
||||||
overlay-unstable
|
overlay-unstable
|
||||||
# (final: prev: {
|
# (final: prev: {
|
||||||
|
@ -26,9 +33,12 @@ let
|
||||||
# })
|
# })
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
in inputs.nixpkgs.lib.nixosSystem {
|
in
|
||||||
|
inputs.nixpkgs.lib.nixosSystem {
|
||||||
inherit system pkgs;
|
inherit system pkgs;
|
||||||
specialArgs = { inherit inputs; };
|
specialArgs = {
|
||||||
|
inherit inputs;
|
||||||
|
};
|
||||||
modules = ([
|
modules = ([
|
||||||
# System configuration for this host
|
# System configuration for this host
|
||||||
(import "${inputs.self}/systems/${hostname}" { inherit hostname; })
|
(import "${inputs.self}/systems/${hostname}" { inherit hostname; })
|
||||||
|
@ -46,7 +56,9 @@ in inputs.nixpkgs.lib.nixosSystem {
|
||||||
{
|
{
|
||||||
home-manager.useGlobalPkgs = true;
|
home-manager.useGlobalPkgs = true;
|
||||||
home-manager.useUserPackages = true;
|
home-manager.useUserPackages = true;
|
||||||
home-manager.extraSpecialArgs = { inherit inputs system; };
|
home-manager.extraSpecialArgs = {
|
||||||
|
inherit inputs system;
|
||||||
|
};
|
||||||
age.identityPaths = [ "/home/${username}/.ssh/id_rsa" ];
|
age.identityPaths = [ "/home/${username}/.ssh/id_rsa" ];
|
||||||
home-manager.users.${username}.imports = [
|
home-manager.users.${username}.imports = [
|
||||||
inputs.agenix.homeManagerModules.default
|
inputs.agenix.homeManagerModules.default
|
||||||
|
|
|
@ -1,5 +1,10 @@
|
||||||
{ hostname, inputs, system ? "aarch64-linux", home-module ? "headless"
|
{
|
||||||
, username ? "andreas" }:
|
hostname,
|
||||||
|
inputs,
|
||||||
|
system ? "aarch64-linux",
|
||||||
|
home-module ? "headless",
|
||||||
|
username ? "andreas",
|
||||||
|
}:
|
||||||
let
|
let
|
||||||
overlay-unstable = final: prev: {
|
overlay-unstable = final: prev: {
|
||||||
unstable = import inputs.nixpkgs-unstable {
|
unstable = import inputs.nixpkgs-unstable {
|
||||||
|
@ -10,34 +15,39 @@ let
|
||||||
|
|
||||||
pkgs = import inputs.nixpkgs {
|
pkgs = import inputs.nixpkgs {
|
||||||
inherit system;
|
inherit system;
|
||||||
config = { allowUnfree = true; };
|
config = {
|
||||||
|
allowUnfree = true;
|
||||||
|
};
|
||||||
overlays = [
|
overlays = [
|
||||||
overlay-unstable
|
overlay-unstable
|
||||||
(final: prev: {
|
(final: prev: {
|
||||||
freshrss = prev.freshrss.overrideAttrs (_: rec {
|
freshrss = prev.freshrss.overrideAttrs (
|
||||||
version = "1.32.1";
|
_: rec {
|
||||||
src = pkgs.fetchFromGitHub {
|
version = "1.32.1";
|
||||||
owner = "FreshRSS";
|
src = pkgs.fetchFromGitHub {
|
||||||
repo = "FreshRSS";
|
owner = "FreshRSS";
|
||||||
rev = "c89073d60e491f775a13a9ec57915313eb073964";
|
repo = "FreshRSS";
|
||||||
sha256 = "sha256-DqfkbfvqGkAMQ2oawfb7Ggiv2u6/Qq6UgygLTNov9CA=";
|
rev = "c89073d60e491f775a13a9ec57915313eb073964";
|
||||||
};
|
sha256 = "sha256-DqfkbfvqGkAMQ2oawfb7Ggiv2u6/Qq6UgygLTNov9CA=";
|
||||||
});
|
};
|
||||||
|
}
|
||||||
|
);
|
||||||
})
|
})
|
||||||
|
|
||||||
# The following is requried for building images {
|
# The following is requried for building images {
|
||||||
# https://github.com/NixOS/nixpkgs/issues/126755#issuecomment-869149243
|
# https://github.com/NixOS/nixpkgs/issues/126755#issuecomment-869149243
|
||||||
(final: super: {
|
(final: super: {
|
||||||
makeModulesClosure = x:
|
makeModulesClosure = x: super.makeModulesClosure (x // { allowMissing = true; });
|
||||||
super.makeModulesClosure (x // { allowMissing = true; });
|
|
||||||
})
|
})
|
||||||
# }
|
# }
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
|
in
|
||||||
in inputs.nixpkgs.lib.nixosSystem {
|
inputs.nixpkgs.lib.nixosSystem {
|
||||||
inherit pkgs system;
|
inherit pkgs system;
|
||||||
specialArgs = { inherit inputs; };
|
specialArgs = {
|
||||||
|
inherit inputs;
|
||||||
|
};
|
||||||
modules = ([
|
modules = ([
|
||||||
# System configuration for this host
|
# System configuration for this host
|
||||||
(import "${inputs.self}/systems/${hostname}" { inherit hostname; })
|
(import "${inputs.self}/systems/${hostname}" { inherit hostname; })
|
||||||
|
@ -55,7 +65,9 @@ in inputs.nixpkgs.lib.nixosSystem {
|
||||||
{
|
{
|
||||||
home-manager.useGlobalPkgs = true;
|
home-manager.useGlobalPkgs = true;
|
||||||
home-manager.useUserPackages = true;
|
home-manager.useUserPackages = true;
|
||||||
home-manager.extraSpecialArgs = { inherit inputs system; };
|
home-manager.extraSpecialArgs = {
|
||||||
|
inherit inputs system;
|
||||||
|
};
|
||||||
home-manager.users.${username}.imports = [
|
home-manager.users.${username}.imports = [
|
||||||
inputs.agenix.homeManagerModules.default
|
inputs.agenix.homeManagerModules.default
|
||||||
"${inputs.self}/home-manager/profiles/${home-module}.nix"
|
"${inputs.self}/home-manager/profiles/${home-module}.nix"
|
||||||
|
|
|
@ -1,4 +1,5 @@
|
||||||
{ ... }: {
|
{ ... }:
|
||||||
|
{
|
||||||
imports = [
|
imports = [
|
||||||
./hardware/bluetooth
|
./hardware/bluetooth
|
||||||
./hardware/dvd
|
./hardware/dvd
|
||||||
|
|
|
@ -1,6 +1,8 @@
|
||||||
{ config, lib, ... }:
|
{ config, lib, ... }:
|
||||||
let cfg = config.hardware.az-bluetooth;
|
let
|
||||||
in {
|
cfg = config.hardware.az-bluetooth;
|
||||||
|
in
|
||||||
|
{
|
||||||
options = {
|
options = {
|
||||||
hardware.az-bluetooth.enable = lib.mkEnableOption "Enable Bluetooth";
|
hardware.az-bluetooth.enable = lib.mkEnableOption "Enable Bluetooth";
|
||||||
};
|
};
|
||||||
|
@ -21,4 +23,3 @@ in {
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -1,7 +1,16 @@
|
||||||
{ config, lib, pkgs, ... }:
|
{
|
||||||
let cfg = config.hardware.az-dvd;
|
config,
|
||||||
in {
|
lib,
|
||||||
options = { hardware.az-dvd.enable = lib.mkEnableOption "DVD"; };
|
pkgs,
|
||||||
|
...
|
||||||
|
}:
|
||||||
|
let
|
||||||
|
cfg = config.hardware.az-dvd;
|
||||||
|
in
|
||||||
|
{
|
||||||
|
options = {
|
||||||
|
hardware.az-dvd.enable = lib.mkEnableOption "DVD";
|
||||||
|
};
|
||||||
|
|
||||||
config = lib.mkIf cfg.enable {
|
config = lib.mkIf cfg.enable {
|
||||||
environment.systemPackages = with pkgs; [
|
environment.systemPackages = with pkgs; [
|
||||||
|
|
|
@ -1,12 +1,18 @@
|
||||||
{ config, lib, ... }:
|
{ config, lib, ... }:
|
||||||
let cfg = config.hardware.az-nvidia;
|
let
|
||||||
in {
|
cfg = config.hardware.az-nvidia;
|
||||||
|
in
|
||||||
|
{
|
||||||
options = {
|
options = {
|
||||||
hardware.az-nvidia.enable = lib.mkEnableOption "Nvidia GPU Support";
|
hardware.az-nvidia.enable = lib.mkEnableOption "Nvidia GPU Support";
|
||||||
};
|
};
|
||||||
|
|
||||||
config = lib.mkIf cfg.enable {
|
config = lib.mkIf cfg.enable {
|
||||||
environment = { variables = { XDG_DATA_HOME = "$HOME/.local/share"; }; };
|
environment = {
|
||||||
|
variables = {
|
||||||
|
XDG_DATA_HOME = "$HOME/.local/share";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
hardware.nvidia.prime = {
|
hardware.nvidia.prime = {
|
||||||
# Bus ID of the Intel GPU. You can find it using lspci, either under 3D or VGA
|
# Bus ID of the Intel GPU. You can find it using lspci, either under 3D or VGA
|
||||||
|
|
|
@ -1,3 +1,8 @@
|
||||||
{ ... }: {
|
{ ... }:
|
||||||
imports = [ ./raspi-base.nix ./raspi-ethernet.nix ./raspi-usb.nix ];
|
{
|
||||||
|
imports = [
|
||||||
|
./raspi-base.nix
|
||||||
|
./raspi-ethernet.nix
|
||||||
|
./raspi-usb.nix
|
||||||
|
];
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,9 +1,7 @@
|
||||||
{ pkgs, ... }: {
|
{ pkgs, ... }:
|
||||||
|
{
|
||||||
imports = [
|
imports = [
|
||||||
"${
|
"${fetchTarball "https://github.com/NixOS/nixos-hardware/archive/32f61571b486efc987baca553fb35df22532ba63.tar.gz"}/raspberry-pi/4"
|
||||||
fetchTarball
|
|
||||||
"https://github.com/NixOS/nixos-hardware/archive/32f61571b486efc987baca553fb35df22532ba63.tar.gz"
|
|
||||||
}/raspberry-pi/4"
|
|
||||||
];
|
];
|
||||||
|
|
||||||
fileSystems = {
|
fileSystems = {
|
||||||
|
@ -14,7 +12,10 @@
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
environment.systemPackages = with pkgs; [ raspberrypi-eeprom vim ];
|
environment.systemPackages = with pkgs; [
|
||||||
|
raspberrypi-eeprom
|
||||||
|
vim
|
||||||
|
];
|
||||||
|
|
||||||
system.stateVersion = "23.05";
|
system.stateVersion = "23.05";
|
||||||
services.openssh.enable = true;
|
services.openssh.enable = true;
|
||||||
|
@ -26,7 +27,12 @@
|
||||||
experimental-features = nix-command flakes
|
experimental-features = nix-command flakes
|
||||||
warn-dirty = false
|
warn-dirty = false
|
||||||
'';
|
'';
|
||||||
settings = { trusted-users = [ "root" "@wheel" ]; };
|
settings = {
|
||||||
|
trusted-users = [
|
||||||
|
"root"
|
||||||
|
"@wheel"
|
||||||
|
];
|
||||||
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
users = {
|
users = {
|
||||||
|
@ -46,22 +52,24 @@
|
||||||
};
|
};
|
||||||
|
|
||||||
security.sudo = {
|
security.sudo = {
|
||||||
extraRules = [{
|
extraRules = [
|
||||||
users = [ "nixos" ];
|
{
|
||||||
commands = [
|
users = [ "nixos" ];
|
||||||
{
|
commands = [
|
||||||
command = "${pkgs.nixos-rebuild}/bin/nixos-rebuild -j auto switch";
|
{
|
||||||
options = [ "NOPASSWD" ];
|
command = "${pkgs.nixos-rebuild}/bin/nixos-rebuild -j auto switch";
|
||||||
}
|
options = [ "NOPASSWD" ];
|
||||||
{
|
}
|
||||||
command = "/run/current-system/sw/bin/nixos-rebuild";
|
{
|
||||||
options = [ "NOPASSWD" ];
|
command = "/run/current-system/sw/bin/nixos-rebuild";
|
||||||
}
|
options = [ "NOPASSWD" ];
|
||||||
{
|
}
|
||||||
command = "ALL";
|
{
|
||||||
options = [ "SETENV" ];
|
command = "ALL";
|
||||||
}
|
options = [ "SETENV" ];
|
||||||
];
|
}
|
||||||
}];
|
];
|
||||||
|
}
|
||||||
|
];
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,4 +1,9 @@
|
||||||
{ config, lib, pkgs, ... }:
|
{
|
||||||
|
config,
|
||||||
|
lib,
|
||||||
|
pkgs,
|
||||||
|
...
|
||||||
|
}:
|
||||||
let
|
let
|
||||||
cfg = config.hardware.az-raspi4-base;
|
cfg = config.hardware.az-raspi4-base;
|
||||||
test-sd-card = pkgs.writeShellScriptBin "test-sd-card" ''
|
test-sd-card = pkgs.writeShellScriptBin "test-sd-card" ''
|
||||||
|
@ -53,16 +58,26 @@ let
|
||||||
|
|
||||||
printf "microSD card benchmark complete!\n\n"
|
printf "microSD card benchmark complete!\n\n"
|
||||||
'';
|
'';
|
||||||
in {
|
in
|
||||||
|
{
|
||||||
options = {
|
options = {
|
||||||
hardware.az-raspi4-base.enable =
|
hardware.az-raspi4-base.enable = lib.mkEnableOption "Enable the base config for a Raspberry Pi 4.";
|
||||||
lib.mkEnableOption "Enable the base config for a Raspberry Pi 4.";
|
|
||||||
};
|
};
|
||||||
|
|
||||||
config = lib.mkIf cfg.enable {
|
config = lib.mkIf cfg.enable {
|
||||||
boot.supportedFilesystems =
|
boot.supportedFilesystems = lib.mkForce [
|
||||||
lib.mkForce [ "f2fs" "ntfs" "cifs" "ext4" "vfat" "nfs" "nfs4" ];
|
"f2fs"
|
||||||
boot.kernelParams = [ "rootflags=atgc" "rw" ];
|
"ntfs"
|
||||||
|
"cifs"
|
||||||
|
"ext4"
|
||||||
|
"vfat"
|
||||||
|
"nfs"
|
||||||
|
"nfs4"
|
||||||
|
];
|
||||||
|
boot.kernelParams = [
|
||||||
|
"rootflags=atgc"
|
||||||
|
"rw"
|
||||||
|
];
|
||||||
|
|
||||||
fileSystems."/" = {
|
fileSystems."/" = {
|
||||||
device = "/dev/disk/by-label/root";
|
device = "/dev/disk/by-label/root";
|
||||||
|
@ -96,7 +111,9 @@ in {
|
||||||
device = "/dev/disk/by-label/cryptroot";
|
device = "/dev/disk/by-label/cryptroot";
|
||||||
allowDiscards = true; # required for TRIM
|
allowDiscards = true; # required for TRIM
|
||||||
};
|
};
|
||||||
loader = { systemd-boot.enable = true; };
|
loader = {
|
||||||
|
systemd-boot.enable = true;
|
||||||
|
};
|
||||||
};
|
};
|
||||||
boot.extraModulePackages = [ ];
|
boot.extraModulePackages = [ ];
|
||||||
|
|
||||||
|
|
|
@ -1,6 +1,8 @@
|
||||||
{ config, lib, ... }:
|
{ config, lib, ... }:
|
||||||
let cfg = config.hardware.az-raspi4-ethernet;
|
let
|
||||||
in {
|
cfg = config.hardware.az-raspi4-ethernet;
|
||||||
|
in
|
||||||
|
{
|
||||||
options = {
|
options = {
|
||||||
hardware.az-raspi4-ethernet = {
|
hardware.az-raspi4-ethernet = {
|
||||||
enable = lib.mkEnableOption "Enable options required for Raspberry Pi 4.";
|
enable = lib.mkEnableOption "Enable options required for Raspberry Pi 4.";
|
||||||
|
@ -29,10 +31,12 @@ in {
|
||||||
};
|
};
|
||||||
defaultGateway = "10.7.89.1";
|
defaultGateway = "10.7.89.1";
|
||||||
nameservers = [ "10.7.89.1" ];
|
nameservers = [ "10.7.89.1" ];
|
||||||
interfaces.eth0.ipv4.addresses = [{
|
interfaces.eth0.ipv4.addresses = [
|
||||||
address = cfg.ip;
|
{
|
||||||
prefixLength = 24;
|
address = cfg.ip;
|
||||||
}];
|
prefixLength = 24;
|
||||||
|
}
|
||||||
|
];
|
||||||
};
|
};
|
||||||
|
|
||||||
services = {
|
services = {
|
||||||
|
@ -41,4 +45,3 @@ in {
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -1,6 +1,8 @@
|
||||||
{ config, lib, ... }:
|
{ config, lib, ... }:
|
||||||
let cfg = config.hardware.az-raspi4-usb;
|
let
|
||||||
in {
|
cfg = config.hardware.az-raspi4-usb;
|
||||||
|
in
|
||||||
|
{
|
||||||
options = {
|
options = {
|
||||||
hardware.az-raspi4-usb = {
|
hardware.az-raspi4-usb = {
|
||||||
enable = lib.mkEnableOption "Enable options required for Raspberry Pi 4.";
|
enable = lib.mkEnableOption "Enable options required for Raspberry Pi 4.";
|
||||||
|
@ -31,15 +33,21 @@ in {
|
||||||
"127.0.0.1" = [ "${cfg.hostname}.2li.local" ];
|
"127.0.0.1" = [ "${cfg.hostname}.2li.local" ];
|
||||||
ip = [ "${cfg.hostname}.2li.local" ];
|
ip = [ "${cfg.hostname}.2li.local" ];
|
||||||
};
|
};
|
||||||
interfaces.usb0.ipv4.addresses = [{
|
interfaces.usb0.ipv4.addresses = [
|
||||||
address = cfg.ip;
|
{
|
||||||
prefixLength = 24;
|
address = cfg.ip;
|
||||||
}];
|
prefixLength = 24;
|
||||||
|
}
|
||||||
|
];
|
||||||
wireless = {
|
wireless = {
|
||||||
enable = true;
|
enable = true;
|
||||||
userControlled.enable = true;
|
userControlled.enable = true;
|
||||||
interfaces = [ "wlan0" ];
|
interfaces = [ "wlan0" ];
|
||||||
networks = { "Gröibschi" = { psk = "schottland"; }; };
|
networks = {
|
||||||
|
"Gröibschi" = {
|
||||||
|
psk = "schottland";
|
||||||
|
};
|
||||||
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
|
@ -52,7 +60,10 @@ in {
|
||||||
dhcp-range = [ "10.213.0.100,10.213.0.200,255.255.255.0,24h" ];
|
dhcp-range = [ "10.213.0.100,10.213.0.200,255.255.255.0,24h" ];
|
||||||
dhcp-option = [ "option:router,${cfg.ip}" ];
|
dhcp-option = [ "option:router,${cfg.ip}" ];
|
||||||
interface = "usb0";
|
interface = "usb0";
|
||||||
server = [ "84.200.69.80" "84.200.70.40" ];
|
server = [
|
||||||
|
"84.200.69.80"
|
||||||
|
"84.200.70.40"
|
||||||
|
];
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
|
@ -96,4 +107,3 @@ in {
|
||||||
systemd.services."network-addresses-usb0".after = [ "usb-otg.service" ];
|
systemd.services."network-addresses-usb0".after = [ "usb-otg.service" ];
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -1,4 +1,11 @@
|
||||||
{ config, inputs, lib, pkgs, ... }: {
|
{
|
||||||
|
config,
|
||||||
|
inputs,
|
||||||
|
lib,
|
||||||
|
pkgs,
|
||||||
|
...
|
||||||
|
}:
|
||||||
|
{
|
||||||
# The rough location
|
# The rough location
|
||||||
location = {
|
location = {
|
||||||
latitude = 46.948;
|
latitude = 46.948;
|
||||||
|
@ -17,11 +24,15 @@
|
||||||
allowPing = true;
|
allowPing = true;
|
||||||
allowedTCPPorts = [ 22 ];
|
allowedTCPPorts = [ 22 ];
|
||||||
};
|
};
|
||||||
timeServers = [ "10.7.89.1" "ch.pool.ntp.org" ];
|
timeServers = [
|
||||||
|
"10.7.89.1"
|
||||||
|
"ch.pool.ntp.org"
|
||||||
|
];
|
||||||
};
|
};
|
||||||
|
|
||||||
hardware = { enableRedistributableFirmware = true; };
|
hardware = {
|
||||||
|
enableRedistributableFirmware = true;
|
||||||
|
};
|
||||||
|
|
||||||
# required in order to have apropos and whatis working
|
# required in order to have apropos and whatis working
|
||||||
programs.mosh.enable = true;
|
programs.mosh.enable = true;
|
||||||
|
@ -68,7 +79,11 @@
|
||||||
btm = "btm --color default-light";
|
btm = "btm --color default-light";
|
||||||
sudo = "sudo ";
|
sudo = "sudo ";
|
||||||
};
|
};
|
||||||
systemPackages = [ pkgs.bottom pkgs.man-pages pkgs.vim ];
|
systemPackages = [
|
||||||
|
pkgs.bottom
|
||||||
|
pkgs.man-pages
|
||||||
|
pkgs.vim
|
||||||
|
];
|
||||||
};
|
};
|
||||||
# Disable the root user
|
# Disable the root user
|
||||||
users.users.root.hashedPassword = "!";
|
users.users.root.hashedPassword = "!";
|
||||||
|
@ -76,7 +91,10 @@
|
||||||
users.users.${config.az-username} = {
|
users.users.${config.az-username} = {
|
||||||
isNormalUser = true;
|
isNormalUser = true;
|
||||||
initialPassword = "password";
|
initialPassword = "password";
|
||||||
extraGroups = [ "wheel" "networkmanager" ];
|
extraGroups = [
|
||||||
|
"wheel"
|
||||||
|
"networkmanager"
|
||||||
|
];
|
||||||
openssh.authorizedKeys.keys = [
|
openssh.authorizedKeys.keys = [
|
||||||
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCR+JXNHSAEQamn2QiaKV0vejCPy6OmzOePXoaQF6CEknXyvBO4j7+qpgZ5RAhe7ups8xZrEpBKdtxRMf7OdQQEXg1PLlfWZSJTC8EGu1TbMltbwwHizgsK/15LkDhJ0Gk/GFz9O9GvGqjizik8Kvvqz8XWY0tEtYs5Riq8bB5D5Ctwl10iultqnIQkdaX0bNa/2X57XKeutWdbqhuSC/C7awC1aVDIdfy1BNT3weHhQhFVAeAlH7Fy4rx3gYPclICfzu27lulLeXKJj9F+NdeY84zEy7E8IkE7eqdo1zfdJJpXSIh3FqekWen5njzWJsXqZCa2Ynk1poK/Rv/ti+ySE+4XicyXp0VJM8fDz6iUI0S/pjumHwzpoN9CeNe5PDK3Y7iQzSlO9REvkj/+v7r2s6XKslk9B7hTKunvH5JgHlIeYymzXb4r2LggNrP/1KUgNk1Ztu+s1c5onXYfBNul1iQOFU3+kgTk8Oh/UFK3FA0dYeWrOLA02TdH2S7U6yE= andreas@gwyn"
|
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCR+JXNHSAEQamn2QiaKV0vejCPy6OmzOePXoaQF6CEknXyvBO4j7+qpgZ5RAhe7ups8xZrEpBKdtxRMf7OdQQEXg1PLlfWZSJTC8EGu1TbMltbwwHizgsK/15LkDhJ0Gk/GFz9O9GvGqjizik8Kvvqz8XWY0tEtYs5Riq8bB5D5Ctwl10iultqnIQkdaX0bNa/2X57XKeutWdbqhuSC/C7awC1aVDIdfy1BNT3weHhQhFVAeAlH7Fy4rx3gYPclICfzu27lulLeXKJj9F+NdeY84zEy7E8IkE7eqdo1zfdJJpXSIh3FqekWen5njzWJsXqZCa2Ynk1poK/Rv/ti+ySE+4XicyXp0VJM8fDz6iUI0S/pjumHwzpoN9CeNe5PDK3Y7iQzSlO9REvkj/+v7r2s6XKslk9B7hTKunvH5JgHlIeYymzXb4r2LggNrP/1KUgNk1Ztu+s1c5onXYfBNul1iQOFU3+kgTk8Oh/UFK3FA0dYeWrOLA02TdH2S7U6yE= andreas@gwyn"
|
||||||
|
|
||||||
|
@ -98,8 +116,14 @@
|
||||||
settings = {
|
settings = {
|
||||||
warn-dirty = false;
|
warn-dirty = false;
|
||||||
auto-optimise-store = true;
|
auto-optimise-store = true;
|
||||||
experimental-features = [ "nix-command" "flakes" ];
|
experimental-features = [
|
||||||
trusted-users = [ "root" "@wheel" ];
|
"nix-command"
|
||||||
|
"flakes"
|
||||||
|
];
|
||||||
|
trusted-users = [
|
||||||
|
"root"
|
||||||
|
"@wheel"
|
||||||
|
];
|
||||||
min-free = 1000000000;
|
min-free = 1000000000;
|
||||||
max-free = 10000000000;
|
max-free = 10000000000;
|
||||||
connect-timeout = 5;
|
connect-timeout = 5;
|
||||||
|
@ -113,7 +137,9 @@
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
security.sudo = { wheelNeedsPassword = false; };
|
security.sudo = {
|
||||||
|
wheelNeedsPassword = false;
|
||||||
|
};
|
||||||
|
|
||||||
system.activationScripts.diff = {
|
system.activationScripts.diff = {
|
||||||
supportsDryActivation = true;
|
supportsDryActivation = true;
|
||||||
|
@ -132,4 +158,3 @@
|
||||||
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
|
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
|
||||||
system.stateVersion = "23.05";
|
system.stateVersion = "23.05";
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -1,12 +1,12 @@
|
||||||
{ config, inputs, ... }: {
|
{ config, inputs, ... }:
|
||||||
|
{
|
||||||
boot.initrd.network = {
|
boot.initrd.network = {
|
||||||
enable = true;
|
enable = true;
|
||||||
ssh = {
|
ssh = {
|
||||||
enable = true;
|
enable = true;
|
||||||
port = 22;
|
port = 22;
|
||||||
shell = "/bin/cryptsetup-askpass";
|
shell = "/bin/cryptsetup-askpass";
|
||||||
authorizedKeys =
|
authorizedKeys = config.users.users.${config.az-username}.openssh.authorizedKeys.keys;
|
||||||
config.users.users.${config.az-username}.openssh.authorizedKeys.keys;
|
|
||||||
hostKeys = [ "/etc/secrets/initrd/ssh_host_ed25519_key" ];
|
hostKeys = [ "/etc/secrets/initrd/ssh_host_ed25519_key" ];
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
|
@ -1,4 +1,5 @@
|
||||||
{ lib, ... }: {
|
{ lib, ... }:
|
||||||
|
{
|
||||||
options = {
|
options = {
|
||||||
az-username = lib.mkOption {
|
az-username = lib.mkOption {
|
||||||
type = lib.types.str;
|
type = lib.types.str;
|
||||||
|
|
|
@ -1,12 +1,21 @@
|
||||||
{ config, lib, pkgs, ... }:
|
{
|
||||||
let cfg = config.profiles.az-desktop;
|
config,
|
||||||
in {
|
lib,
|
||||||
|
pkgs,
|
||||||
|
...
|
||||||
|
}:
|
||||||
|
let
|
||||||
|
cfg = config.profiles.az-desktop;
|
||||||
|
in
|
||||||
|
{
|
||||||
options = {
|
options = {
|
||||||
profiles.az-desktop.enable = lib.mkEnableOption "Enable desktop";
|
profiles.az-desktop.enable = lib.mkEnableOption "Enable desktop";
|
||||||
};
|
};
|
||||||
|
|
||||||
config = lib.mkIf cfg.enable {
|
config = lib.mkIf cfg.enable {
|
||||||
networking = { networkmanager.enable = true; };
|
networking = {
|
||||||
|
networkmanager.enable = true;
|
||||||
|
};
|
||||||
|
|
||||||
documentation = {
|
documentation = {
|
||||||
man.generateCaches = true;
|
man.generateCaches = true;
|
||||||
|
@ -60,7 +69,10 @@ in {
|
||||||
serif = [ "TeX Gyre Pagella" ];
|
serif = [ "TeX Gyre Pagella" ];
|
||||||
monospace = [ "Source Code Pro" ];
|
monospace = [ "Source Code Pro" ];
|
||||||
};
|
};
|
||||||
packages = [ pkgs.gyre-fonts pkgs.source-code-pro ];
|
packages = [
|
||||||
|
pkgs.gyre-fonts
|
||||||
|
pkgs.source-code-pro
|
||||||
|
];
|
||||||
};
|
};
|
||||||
|
|
||||||
# Enable keyring
|
# Enable keyring
|
||||||
|
@ -109,7 +121,9 @@ in {
|
||||||
source-code-pro
|
source-code-pro
|
||||||
unrar
|
unrar
|
||||||
];
|
];
|
||||||
variables = { WINIT_X11_SCALE_FACTOR = "1"; };
|
variables = {
|
||||||
|
WINIT_X11_SCALE_FACTOR = "1";
|
||||||
|
};
|
||||||
sessionVariables = {
|
sessionVariables = {
|
||||||
DEFAULT_BROWSER = "${pkgs.firefox}/bin/firefox";
|
DEFAULT_BROWSER = "${pkgs.firefox}/bin/firefox";
|
||||||
QT_SCALE_FACTOR = "1.25";
|
QT_SCALE_FACTOR = "1.25";
|
||||||
|
|
|
@ -1,13 +1,22 @@
|
||||||
{ config, lib, pkgs, ... }:
|
{
|
||||||
let cfg = config.programs.az-distrobox;
|
config,
|
||||||
in {
|
lib,
|
||||||
|
pkgs,
|
||||||
|
...
|
||||||
|
}:
|
||||||
|
let
|
||||||
|
cfg = config.programs.az-distrobox;
|
||||||
|
in
|
||||||
|
{
|
||||||
options = {
|
options = {
|
||||||
programs.az-distrobox.enable = lib.mkEnableOption
|
programs.az-distrobox.enable = lib.mkEnableOption "Install distrobox and configure it to run GUI applications.";
|
||||||
"Install distrobox and configure it to run GUI applications.";
|
|
||||||
};
|
};
|
||||||
config = lib.mkIf cfg.enable {
|
config = lib.mkIf cfg.enable {
|
||||||
environment = {
|
environment = {
|
||||||
systemPackages = [ pkgs.unstable.distrobox pkgs.xorg.xhost ];
|
systemPackages = [
|
||||||
|
pkgs.unstable.distrobox
|
||||||
|
pkgs.xorg.xhost
|
||||||
|
];
|
||||||
shellInit = ''
|
shellInit = ''
|
||||||
[ -n "$DISPLAY" ] && xhost +si:localuser:$USER || true
|
[ -n "$DISPLAY" ] && xhost +si:localuser:$USER || true
|
||||||
'';
|
'';
|
||||||
|
|
|
@ -1,6 +1,13 @@
|
||||||
{ config, lib, pkgs, ... }:
|
{
|
||||||
let cfg = config.programs.az-eog;
|
config,
|
||||||
in {
|
lib,
|
||||||
|
pkgs,
|
||||||
|
...
|
||||||
|
}:
|
||||||
|
let
|
||||||
|
cfg = config.programs.az-eog;
|
||||||
|
in
|
||||||
|
{
|
||||||
options = {
|
options = {
|
||||||
programs.az-eog.enable = lib.mkEnableOption "Gnome Image Viewer";
|
programs.az-eog.enable = lib.mkEnableOption "Gnome Image Viewer";
|
||||||
};
|
};
|
||||||
|
@ -24,4 +31,3 @@ in {
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -1,9 +1,15 @@
|
||||||
{ config, lib, pkgs, ... }:
|
{
|
||||||
let cfg = config.programs.az-idevices;
|
config,
|
||||||
in {
|
lib,
|
||||||
|
pkgs,
|
||||||
|
...
|
||||||
|
}:
|
||||||
|
let
|
||||||
|
cfg = config.programs.az-idevices;
|
||||||
|
in
|
||||||
|
{
|
||||||
options = {
|
options = {
|
||||||
programs.az-idevices.enable =
|
programs.az-idevices.enable = lib.mkEnableOption "Enable support for iDevices.";
|
||||||
lib.mkEnableOption "Enable support for iDevices.";
|
|
||||||
};
|
};
|
||||||
|
|
||||||
config = lib.mkIf cfg.enable {
|
config = lib.mkIf cfg.enable {
|
||||||
|
|
|
@ -1,6 +1,13 @@
|
||||||
{ config, lib, pkgs, ... }:
|
{
|
||||||
let cfg = config.programs.az-lockscreen;
|
config,
|
||||||
in {
|
lib,
|
||||||
|
pkgs,
|
||||||
|
...
|
||||||
|
}:
|
||||||
|
let
|
||||||
|
cfg = config.programs.az-lockscreen;
|
||||||
|
in
|
||||||
|
{
|
||||||
options = {
|
options = {
|
||||||
programs.az-lockscreen.enable = lib.mkEnableOption "Lockscreen";
|
programs.az-lockscreen.enable = lib.mkEnableOption "Lockscreen";
|
||||||
};
|
};
|
||||||
|
@ -14,4 +21,3 @@ in {
|
||||||
environment.systemPackages = with pkgs; [ i3lock ];
|
environment.systemPackages = with pkgs; [ i3lock ];
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -1,7 +1,16 @@
|
||||||
{ config, lib, pkgs, ... }:
|
{
|
||||||
let cfg = config.programs.az-makemkv;
|
config,
|
||||||
in {
|
lib,
|
||||||
options = { programs.az-makemkv.enable = lib.mkEnableOption "MakeMKV"; };
|
pkgs,
|
||||||
|
...
|
||||||
|
}:
|
||||||
|
let
|
||||||
|
cfg = config.programs.az-makemkv;
|
||||||
|
in
|
||||||
|
{
|
||||||
|
options = {
|
||||||
|
programs.az-makemkv.enable = lib.mkEnableOption "MakeMKV";
|
||||||
|
};
|
||||||
|
|
||||||
config = lib.mkIf cfg.enable {
|
config = lib.mkIf cfg.enable {
|
||||||
home-manager.users.${config.az-username} = {
|
home-manager.users.${config.az-username} = {
|
||||||
|
|
|
@ -1,6 +1,13 @@
|
||||||
{ config, lib, pkgs, ... }:
|
{
|
||||||
let cfg = config.programs.az-nautilus;
|
config,
|
||||||
in {
|
lib,
|
||||||
|
pkgs,
|
||||||
|
...
|
||||||
|
}:
|
||||||
|
let
|
||||||
|
cfg = config.programs.az-nautilus;
|
||||||
|
in
|
||||||
|
{
|
||||||
options = {
|
options = {
|
||||||
programs.az-nautilus.enable = lib.mkEnableOption "Enable Nautilus";
|
programs.az-nautilus.enable = lib.mkEnableOption "Enable Nautilus";
|
||||||
};
|
};
|
||||||
|
|
|
@ -1,6 +1,8 @@
|
||||||
{ config, lib, ... }:
|
{ config, lib, ... }:
|
||||||
let cfg = config.programs.az-nix-direnv;
|
let
|
||||||
in {
|
cfg = config.programs.az-nix-direnv;
|
||||||
|
in
|
||||||
|
{
|
||||||
options = {
|
options = {
|
||||||
programs.az-nix-direnv.enable = lib.mkEnableOption "Enable nix-direnv";
|
programs.az-nix-direnv.enable = lib.mkEnableOption "Enable nix-direnv";
|
||||||
};
|
};
|
||||||
|
@ -16,5 +18,4 @@ in {
|
||||||
programs.direnv.nix-direnv.enable = true;
|
programs.direnv.nix-direnv.enable = true;
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,4 +1,10 @@
|
||||||
{ config, inputs, lib, pkgs, ... }:
|
{
|
||||||
|
config,
|
||||||
|
inputs,
|
||||||
|
lib,
|
||||||
|
pkgs,
|
||||||
|
...
|
||||||
|
}:
|
||||||
let
|
let
|
||||||
cfg = config.programs.az-restic-management;
|
cfg = config.programs.az-restic-management;
|
||||||
password_file = config.age.secrets.resticKey.path;
|
password_file = config.age.secrets.resticKey.path;
|
||||||
|
@ -33,20 +39,19 @@ let
|
||||||
|
|
||||||
${pkgs.restic}/bin/restic --password-file ${password_file} snapshots'';
|
${pkgs.restic}/bin/restic --password-file ${password_file} snapshots'';
|
||||||
|
|
||||||
restic-infomaniak-mount =
|
restic-infomaniak-mount = pkgs.writeShellScriptBin "restic-infomaniak-mount" ''
|
||||||
pkgs.writeShellScriptBin "restic-infomaniak-mount" ''
|
export $(${pkgs.gnugrep}/bin/grep -v '^#' ${infomaniak-env} | ${pkgs.findutils}/bin/xargs)
|
||||||
export $(${pkgs.gnugrep}/bin/grep -v '^#' ${infomaniak-env} | ${pkgs.findutils}/bin/xargs)
|
export RESTIC_REPOSITORY="${infomaniak-repo}"
|
||||||
export RESTIC_REPOSITORY="${infomaniak-repo}"
|
export OS_AUTH_URL="${infomaniak-auth-url}"
|
||||||
export OS_AUTH_URL="${infomaniak-auth-url}"
|
export OS_USER_DOMAIN_NAME=default
|
||||||
export OS_USER_DOMAIN_NAME=default
|
|
||||||
|
|
||||||
mkdir -p /tmp/restic &&
|
mkdir -p /tmp/restic &&
|
||||||
|
|
||||||
${pkgs.restic}/bin/restic --password-file ${password_file} mount /tmp/restic'';
|
${pkgs.restic}/bin/restic --password-file ${password_file} mount /tmp/restic'';
|
||||||
in {
|
in
|
||||||
|
{
|
||||||
options = {
|
options = {
|
||||||
programs.az-restic-management.enable =
|
programs.az-restic-management.enable = lib.mkEnableOption "Enable restic management commands.";
|
||||||
lib.mkEnableOption "Enable restic management commands.";
|
|
||||||
};
|
};
|
||||||
config = lib.mkIf cfg.enable {
|
config = lib.mkIf cfg.enable {
|
||||||
age.secrets.infomaniakEnv = {
|
age.secrets.infomaniakEnv = {
|
||||||
|
|
|
@ -1,4 +1,9 @@
|
||||||
{ config, lib, pkgs, ... }:
|
{
|
||||||
|
config,
|
||||||
|
lib,
|
||||||
|
pkgs,
|
||||||
|
...
|
||||||
|
}:
|
||||||
let
|
let
|
||||||
cfg = config.programs.az-scripts;
|
cfg = config.programs.az-scripts;
|
||||||
compress-pdf = pkgs.writeShellScriptBin "compress-pdf" ''
|
compress-pdf = pkgs.writeShellScriptBin "compress-pdf" ''
|
||||||
|
@ -9,8 +14,7 @@ let
|
||||||
-dBATCH \
|
-dBATCH \
|
||||||
-sOutputFile=compressed_$1 $1'';
|
-sOutputFile=compressed_$1 $1'';
|
||||||
|
|
||||||
files-to-lowercase = pkgs.writeScriptBin "files-to-lowercase"
|
files-to-lowercase = pkgs.writeScriptBin "files-to-lowercase" "${builtins.readFile ./files-to-lowercase.sh}";
|
||||||
"${builtins.readFile ./files-to-lowercase.sh}";
|
|
||||||
|
|
||||||
heif-to-jpeg = pkgs.writeShellScriptBin "heif-to-jpeg" ''
|
heif-to-jpeg = pkgs.writeShellScriptBin "heif-to-jpeg" ''
|
||||||
for f in *.heic
|
for f in *.heic
|
||||||
|
@ -19,17 +23,16 @@ let
|
||||||
${pkgs.libheif}/bin/heif-convert $f $f.jpg
|
${pkgs.libheif}/bin/heif-convert $f $f.jpg
|
||||||
done'';
|
done'';
|
||||||
|
|
||||||
remove-special-characters = pkgs.writeScriptBin "remove-special-characters"
|
remove-special-characters = pkgs.writeScriptBin "remove-special-characters" "${builtins.readFile ./remove_special_characters.sh}";
|
||||||
"${builtins.readFile ./remove_special_characters.sh}";
|
|
||||||
|
|
||||||
replace-listings = pkgs.writeScriptBin "replace-listings"
|
replace-listings = pkgs.writeScriptBin "replace-listings" "${builtins.readFile ./replace-listings.sh}";
|
||||||
"${builtins.readFile ./replace-listings.sh}";
|
|
||||||
|
|
||||||
thumbnails = pkgs.writeShellScriptBin "thumbnails" ''
|
thumbnails = pkgs.writeShellScriptBin "thumbnails" ''
|
||||||
for d in $1/*; do
|
for d in $1/*; do
|
||||||
${pkgs.ffmpeg}/bin/ffmpeg -i "$d" -t 2 -r 0.5 "$d".jpg
|
${pkgs.ffmpeg}/bin/ffmpeg -i "$d" -t 2 -r 0.5 "$d".jpg
|
||||||
done'';
|
done'';
|
||||||
in {
|
in
|
||||||
|
{
|
||||||
options = {
|
options = {
|
||||||
programs.az-scripts.enable = lib.mkEnableOption "Enable scripts";
|
programs.az-scripts.enable = lib.mkEnableOption "Enable scripts";
|
||||||
};
|
};
|
||||||
|
@ -44,6 +47,4 @@ in {
|
||||||
thumbnails
|
thumbnails
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -1,7 +1,11 @@
|
||||||
{ config, lib, ... }:
|
{ config, lib, ... }:
|
||||||
let cfg = config.programs.az-steam;
|
let
|
||||||
in {
|
cfg = config.programs.az-steam;
|
||||||
options = { programs.az-steam.enable = lib.mkEnableOption "Enable Steam"; };
|
in
|
||||||
|
{
|
||||||
|
options = {
|
||||||
|
programs.az-steam.enable = lib.mkEnableOption "Enable Steam";
|
||||||
|
};
|
||||||
|
|
||||||
config = lib.mkIf cfg.enable {
|
config = lib.mkIf cfg.enable {
|
||||||
programs.steam.enable = true;
|
programs.steam.enable = true;
|
||||||
|
@ -11,8 +15,7 @@ in {
|
||||||
allowedUDPPorts = [ 27031 ];
|
allowedUDPPorts = [ 27031 ];
|
||||||
};
|
};
|
||||||
home-manager.users.${config.az-username} = {
|
home-manager.users.${config.az-username} = {
|
||||||
home.file.".local/share/applications/steam.desktop".source =
|
home.file.".local/share/applications/steam.desktop".source = ./steam.desktop;
|
||||||
./steam.desktop;
|
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,9 +1,10 @@
|
||||||
{ config, lib, ... }:
|
{ config, lib, ... }:
|
||||||
let cfg = config.services.az-x86;
|
let
|
||||||
in {
|
cfg = config.services.az-x86;
|
||||||
|
in
|
||||||
|
{
|
||||||
options = {
|
options = {
|
||||||
services.az-x86.enable =
|
services.az-x86.enable = lib.mkEnableOption "Enable options for x86 systems";
|
||||||
lib.mkEnableOption "Enable options for x86 systems";
|
|
||||||
};
|
};
|
||||||
|
|
||||||
config = lib.mkIf cfg.enable {
|
config = lib.mkIf cfg.enable {
|
||||||
|
@ -14,6 +15,8 @@ in {
|
||||||
systemd-boot.enable = true;
|
systemd-boot.enable = true;
|
||||||
efi.canTouchEfiVariables = true;
|
efi.canTouchEfiVariables = true;
|
||||||
};
|
};
|
||||||
hardware = { cpu.intel.updateMicrocode = true; };
|
hardware = {
|
||||||
|
cpu.intel.updateMicrocode = true;
|
||||||
|
};
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,9 +1,10 @@
|
||||||
{ config, lib, ... }:
|
{ config, lib, ... }:
|
||||||
let cfg = config.services.az-data-share;
|
let
|
||||||
in {
|
cfg = config.services.az-data-share;
|
||||||
|
in
|
||||||
|
{
|
||||||
options = {
|
options = {
|
||||||
services.az-data-share.enable =
|
services.az-data-share.enable = lib.mkEnableOption "Enable the server data FNS share";
|
||||||
lib.mkEnableOption "Enable the server data FNS share";
|
|
||||||
};
|
};
|
||||||
config = lib.mkIf cfg.enable {
|
config = lib.mkIf cfg.enable {
|
||||||
fileSystems."/mnt/data" = {
|
fileSystems."/mnt/data" = {
|
||||||
|
@ -19,4 +20,3 @@ in {
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -1,22 +1,33 @@
|
||||||
{ config, inputs, lib, pkgs, ... }:
|
{
|
||||||
|
config,
|
||||||
|
inputs,
|
||||||
|
lib,
|
||||||
|
pkgs,
|
||||||
|
...
|
||||||
|
}:
|
||||||
let
|
let
|
||||||
cfg = config.services.az-mailserver;
|
cfg = config.services.az-mailserver;
|
||||||
version = "13.2.0";
|
version = "13.2.0";
|
||||||
mailserver-setup = (pkgs.writeScriptBin "mailserver-setup"
|
mailserver-setup =
|
||||||
"${builtins.readFile (pkgs.fetchurl {
|
(pkgs.writeScriptBin "mailserver-setup" "${builtins.readFile (
|
||||||
url =
|
pkgs.fetchurl {
|
||||||
"https://raw.githubusercontent.com/docker-mailserver/docker-mailserver/v${version}/setup.sh";
|
url = "https://raw.githubusercontent.com/docker-mailserver/docker-mailserver/v${version}/setup.sh";
|
||||||
sha256 = "sha256-HMT790mp5ADdNYaOLUJfHJq9LWI0OPilTabAhogVXnc=";
|
sha256 = "sha256-HMT790mp5ADdNYaOLUJfHJq9LWI0OPilTabAhogVXnc=";
|
||||||
})}").overrideAttrs (old: {
|
}
|
||||||
buildCommand = ''
|
)}"
|
||||||
${old.buildCommand}
|
).overrideAttrs
|
||||||
patchShebangs $out'';
|
(
|
||||||
});
|
old: {
|
||||||
|
buildCommand = ''
|
||||||
|
${old.buildCommand}
|
||||||
|
patchShebangs $out'';
|
||||||
|
}
|
||||||
|
);
|
||||||
volumePath = "/mnt/server-data/docker-mailserver";
|
volumePath = "/mnt/server-data/docker-mailserver";
|
||||||
in {
|
in
|
||||||
|
{
|
||||||
options = {
|
options = {
|
||||||
services.az-mailserver.enable =
|
services.az-mailserver.enable = lib.mkEnableOption "Enable docker-mailserver";
|
||||||
lib.mkEnableOption "Enable docker-mailserver";
|
|
||||||
};
|
};
|
||||||
|
|
||||||
config = lib.mkIf cfg.enable {
|
config = lib.mkIf cfg.enable {
|
||||||
|
@ -51,7 +62,11 @@ in {
|
||||||
fileSystems."${volumePath}" = {
|
fileSystems."${volumePath}" = {
|
||||||
device = "10.7.89.108:server_data/docker-mailserver";
|
device = "10.7.89.108:server_data/docker-mailserver";
|
||||||
fsType = "nfs";
|
fsType = "nfs";
|
||||||
options = [ "hard" "noatime" "rw" ];
|
options = [
|
||||||
|
"hard"
|
||||||
|
"noatime"
|
||||||
|
"rw"
|
||||||
|
];
|
||||||
};
|
};
|
||||||
services.az-docker.enable = true;
|
services.az-docker.enable = true;
|
||||||
|
|
||||||
|
@ -62,8 +77,14 @@ in {
|
||||||
image = "docker.io/mailserver/docker-mailserver:${version}";
|
image = "docker.io/mailserver/docker-mailserver:${version}";
|
||||||
autoStart = true;
|
autoStart = true;
|
||||||
environmentFiles = [ ./mailserver.env ];
|
environmentFiles = [ ./mailserver.env ];
|
||||||
ports =
|
ports = [
|
||||||
[ "25:25" "143:143" "465:465" "587:587" "993:993" "11334:11334" ];
|
"25:25"
|
||||||
|
"143:143"
|
||||||
|
"465:465"
|
||||||
|
"587:587"
|
||||||
|
"993:993"
|
||||||
|
"11334:11334"
|
||||||
|
];
|
||||||
volumes = [
|
volumes = [
|
||||||
"/etc/localtime:/etc/localtime:ro"
|
"/etc/localtime:/etc/localtime:ro"
|
||||||
"/etc/dkim:/etc/dkim:ro"
|
"/etc/dkim:/etc/dkim:ro"
|
||||||
|
|
|
@ -1,7 +1,16 @@
|
||||||
{ config, lib, pkgs, ... }:
|
{
|
||||||
let cfg = config.services.az-docker;
|
config,
|
||||||
in {
|
lib,
|
||||||
options = { services.az-docker.enable = lib.mkEnableOption "Enable Docker"; };
|
pkgs,
|
||||||
|
...
|
||||||
|
}:
|
||||||
|
let
|
||||||
|
cfg = config.services.az-docker;
|
||||||
|
in
|
||||||
|
{
|
||||||
|
options = {
|
||||||
|
services.az-docker.enable = lib.mkEnableOption "Enable Docker";
|
||||||
|
};
|
||||||
|
|
||||||
config = lib.mkIf cfg.enable {
|
config = lib.mkIf cfg.enable {
|
||||||
virtualisation.docker = {
|
virtualisation.docker = {
|
||||||
|
|
|
@ -1,6 +1,14 @@
|
||||||
{ config, inputs, lib, pkgs, ... }:
|
{
|
||||||
let cfg = config.services.az-freshrss;
|
config,
|
||||||
in {
|
inputs,
|
||||||
|
lib,
|
||||||
|
pkgs,
|
||||||
|
...
|
||||||
|
}:
|
||||||
|
let
|
||||||
|
cfg = config.services.az-freshrss;
|
||||||
|
in
|
||||||
|
{
|
||||||
options = {
|
options = {
|
||||||
services.az-freshrss.enable = lib.mkEnableOption "Enable FreshRSS.";
|
services.az-freshrss.enable = lib.mkEnableOption "Enable FreshRSS.";
|
||||||
};
|
};
|
||||||
|
@ -20,7 +28,10 @@ in {
|
||||||
group = config.services.freshrss.user;
|
group = config.services.freshrss.user;
|
||||||
};
|
};
|
||||||
|
|
||||||
networking.firewall.allowedTCPPorts = [ 80 443 ];
|
networking.firewall.allowedTCPPorts = [
|
||||||
|
80
|
||||||
|
443
|
||||||
|
];
|
||||||
security.acme = {
|
security.acme = {
|
||||||
acceptTerms = true;
|
acceptTerms = true;
|
||||||
defaults.email = "admin+acme@zweili.ch";
|
defaults.email = "admin+acme@zweili.ch";
|
||||||
|
@ -42,11 +53,15 @@ in {
|
||||||
mysql = {
|
mysql = {
|
||||||
enable = true;
|
enable = true;
|
||||||
package = pkgs.mariadb_110;
|
package = pkgs.mariadb_110;
|
||||||
ensureUsers = [{
|
ensureUsers = [
|
||||||
name = "freshrss";
|
{
|
||||||
ensurePermissions = { "freshrss.*" = "ALL PRIVILEGES"; };
|
name = "freshrss";
|
||||||
}];
|
ensurePermissions = {
|
||||||
initialDatabases = [{ name = "freshrss"; }];
|
"freshrss.*" = "ALL PRIVILEGES";
|
||||||
|
};
|
||||||
|
}
|
||||||
|
];
|
||||||
|
initialDatabases = [ { name = "freshrss"; } ];
|
||||||
settings = {
|
settings = {
|
||||||
mysqld = {
|
mysqld = {
|
||||||
innodb_file_per_table = 1;
|
innodb_file_per_table = 1;
|
||||||
|
@ -95,4 +110,3 @@ in {
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -1,8 +1,14 @@
|
||||||
{ config, inputs, lib, ... }:
|
{
|
||||||
|
config,
|
||||||
|
inputs,
|
||||||
|
lib,
|
||||||
|
...
|
||||||
|
}:
|
||||||
let
|
let
|
||||||
cfg = config.services.az-gitea;
|
cfg = config.services.az-gitea;
|
||||||
volumePath = "/mnt/server-data/gitea";
|
volumePath = "/mnt/server-data/gitea";
|
||||||
in {
|
in
|
||||||
|
{
|
||||||
options = {
|
options = {
|
||||||
services.az-gitea.enable = lib.mkEnableOption "Enable Gitea in Docker.";
|
services.az-gitea.enable = lib.mkEnableOption "Enable Gitea in Docker.";
|
||||||
services.az-gitea.domain = lib.mkOption {
|
services.az-gitea.domain = lib.mkOption {
|
||||||
|
@ -17,13 +23,19 @@ in {
|
||||||
fileSystems."${volumePath}" = {
|
fileSystems."${volumePath}" = {
|
||||||
device = "10.7.89.108:server_data/gitea/data";
|
device = "10.7.89.108:server_data/gitea/data";
|
||||||
fsType = "nfs";
|
fsType = "nfs";
|
||||||
options = [ "hard" "noatime" "rw" ];
|
options = [
|
||||||
|
"hard"
|
||||||
|
"noatime"
|
||||||
|
"rw"
|
||||||
|
];
|
||||||
};
|
};
|
||||||
services = {
|
services = {
|
||||||
az-docker.enable = true;
|
az-docker.enable = true;
|
||||||
az-mariadb-for-containers.enable = true;
|
az-mariadb-for-containers.enable = true;
|
||||||
mysql.settings = {
|
mysql.settings = {
|
||||||
mysql = { default-character-set = "utf8mb4"; };
|
mysql = {
|
||||||
|
default-character-set = "utf8mb4";
|
||||||
|
};
|
||||||
mysqld = {
|
mysqld = {
|
||||||
collation-server = "utf8mb4_unicode_ci";
|
collation-server = "utf8mb4_unicode_ci";
|
||||||
init-connect = "SET NAMES utf8mb4";
|
init-connect = "SET NAMES utf8mb4";
|
||||||
|
@ -55,7 +67,10 @@ in {
|
||||||
DISABLE_REGISTRATION = "true";
|
DISABLE_REGISTRATION = "true";
|
||||||
};
|
};
|
||||||
environmentFiles = [ config.age.secrets.giteaEnv.path ];
|
environmentFiles = [ config.age.secrets.giteaEnv.path ];
|
||||||
ports = [ "2222:22" "8080:3000" ];
|
ports = [
|
||||||
|
"2222:22"
|
||||||
|
"8080:3000"
|
||||||
|
];
|
||||||
volumes = [
|
volumes = [
|
||||||
"/etc/timezone:/etc/timezone:ro"
|
"/etc/timezone:/etc/timezone:ro"
|
||||||
"/etc/localtime:/etc/localtime:ro"
|
"/etc/localtime:/etc/localtime:ro"
|
||||||
|
|
|
@ -2,8 +2,11 @@
|
||||||
let
|
let
|
||||||
cfg = config.services.az-grav;
|
cfg = config.services.az-grav;
|
||||||
volumePath = "/mnt/server-data/grav";
|
volumePath = "/mnt/server-data/grav";
|
||||||
in {
|
in
|
||||||
options = { services.az-grav.enable = lib.mkEnableOption "Enable Grav."; };
|
{
|
||||||
|
options = {
|
||||||
|
services.az-grav.enable = lib.mkEnableOption "Enable Grav.";
|
||||||
|
};
|
||||||
|
|
||||||
config = lib.mkIf cfg.enable {
|
config = lib.mkIf cfg.enable {
|
||||||
services.az-docker.enable = true;
|
services.az-docker.enable = true;
|
||||||
|
@ -11,14 +14,17 @@ in {
|
||||||
fileSystems."${volumePath}" = {
|
fileSystems."${volumePath}" = {
|
||||||
device = "10.7.89.108:server_data/grav";
|
device = "10.7.89.108:server_data/grav";
|
||||||
fsType = "nfs";
|
fsType = "nfs";
|
||||||
options = [ "hard" "noatime" "rw" ];
|
options = [
|
||||||
|
"hard"
|
||||||
|
"noatime"
|
||||||
|
"rw"
|
||||||
|
];
|
||||||
};
|
};
|
||||||
virtualisation.oci-containers = {
|
virtualisation.oci-containers = {
|
||||||
backend = "docker";
|
backend = "docker";
|
||||||
containers."grav" = {
|
containers."grav" = {
|
||||||
# https://fleet.linuxserver.io/image?name=linuxserver/grav
|
# https://fleet.linuxserver.io/image?name=linuxserver/grav
|
||||||
image =
|
image = "lscr.io/linuxserver/grav:1.7.43@sha256:6cc4e340eda8c72f4671f9b9a4c1fad195deac59b9a88b6221f8b31d4fd64c08";
|
||||||
"lscr.io/linuxserver/grav:1.7.43@sha256:6cc4e340eda8c72f4671f9b9a4c1fad195deac59b9a88b6221f8b31d4fd64c08";
|
|
||||||
autoStart = true;
|
autoStart = true;
|
||||||
environment = {
|
environment = {
|
||||||
TZ = "Europe/Zurich";
|
TZ = "Europe/Zurich";
|
||||||
|
@ -36,4 +42,3 @@ in {
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -1,6 +1,8 @@
|
||||||
{ config, lib, ... }:
|
{ config, lib, ... }:
|
||||||
let cfg = config.services.az-haproxy;
|
let
|
||||||
in {
|
cfg = config.services.az-haproxy;
|
||||||
|
in
|
||||||
|
{
|
||||||
options = {
|
options = {
|
||||||
services.az-haproxy.enable = lib.mkEnableOption "Enable HAProxy";
|
services.az-haproxy.enable = lib.mkEnableOption "Enable HAProxy";
|
||||||
};
|
};
|
||||||
|
@ -8,7 +10,11 @@ in {
|
||||||
config = lib.mkIf cfg.enable {
|
config = lib.mkIf cfg.enable {
|
||||||
networking = {
|
networking = {
|
||||||
enableIPv6 = false;
|
enableIPv6 = false;
|
||||||
firewall.allowedTCPPorts = [ 80 443 1936 ];
|
firewall.allowedTCPPorts = [
|
||||||
|
80
|
||||||
|
443
|
||||||
|
1936
|
||||||
|
];
|
||||||
};
|
};
|
||||||
services.haproxy = {
|
services.haproxy = {
|
||||||
enable = true;
|
enable = true;
|
||||||
|
|
|
@ -2,7 +2,8 @@
|
||||||
let
|
let
|
||||||
cfg = config.services.az-heimdall;
|
cfg = config.services.az-heimdall;
|
||||||
volumePath = "/mnt/server-data/heimdall";
|
volumePath = "/mnt/server-data/heimdall";
|
||||||
in {
|
in
|
||||||
|
{
|
||||||
options = {
|
options = {
|
||||||
services.az-heimdall.enable = lib.mkEnableOption "Enable Heimdall";
|
services.az-heimdall.enable = lib.mkEnableOption "Enable Heimdall";
|
||||||
};
|
};
|
||||||
|
@ -13,14 +14,17 @@ in {
|
||||||
fileSystems."${volumePath}" = {
|
fileSystems."${volumePath}" = {
|
||||||
device = "10.7.89.108:server_data/heimdall";
|
device = "10.7.89.108:server_data/heimdall";
|
||||||
fsType = "nfs";
|
fsType = "nfs";
|
||||||
options = [ "hard" "noatime" "rw" ];
|
options = [
|
||||||
|
"hard"
|
||||||
|
"noatime"
|
||||||
|
"rw"
|
||||||
|
];
|
||||||
};
|
};
|
||||||
virtualisation.oci-containers = {
|
virtualisation.oci-containers = {
|
||||||
backend = "docker";
|
backend = "docker";
|
||||||
containers."heimdall" = {
|
containers."heimdall" = {
|
||||||
# https://fleet.linuxserver.io/image?name=linuxserver/heimdall
|
# https://fleet.linuxserver.io/image?name=linuxserver/heimdall
|
||||||
image =
|
image = "linuxserver/heimdall:2.5.8@sha256:2bf4feba39a64ceabb8e8aef1395c69513c8ab7dd122caa605c307d7ffcdad6f";
|
||||||
"linuxserver/heimdall:2.5.8@sha256:2bf4feba39a64ceabb8e8aef1395c69513c8ab7dd122caa605c307d7ffcdad6f";
|
|
||||||
autoStart = true;
|
autoStart = true;
|
||||||
environment = {
|
environment = {
|
||||||
TZ = "Europe/Zurich";
|
TZ = "Europe/Zurich";
|
||||||
|
@ -28,11 +32,12 @@ in {
|
||||||
PGID = "100";
|
PGID = "100";
|
||||||
};
|
};
|
||||||
ports = [ "8081:80" ];
|
ports = [ "8081:80" ];
|
||||||
volumes =
|
volumes = [
|
||||||
[ "/etc/localtime:/etc/localtime:ro" "${volumePath}:/config" ];
|
"/etc/localtime:/etc/localtime:ro"
|
||||||
|
"${volumePath}:/config"
|
||||||
|
];
|
||||||
extraOptions = [ "--log-opt=tag='heimdall'" ];
|
extraOptions = [ "--log-opt=tag='heimdall'" ];
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -1,6 +1,8 @@
|
||||||
{ config, lib, ... }:
|
{ config, lib, ... }:
|
||||||
let cfg = config.services.az-log2ram;
|
let
|
||||||
in {
|
cfg = config.services.az-log2ram;
|
||||||
|
in
|
||||||
|
{
|
||||||
options = {
|
options = {
|
||||||
services.az-log2ram.enable = lib.mkEnableOption "Enable log to RAM";
|
services.az-log2ram.enable = lib.mkEnableOption "Enable log to RAM";
|
||||||
};
|
};
|
||||||
|
@ -9,7 +11,10 @@ in {
|
||||||
fileSystems."/var/log" = {
|
fileSystems."/var/log" = {
|
||||||
device = "none";
|
device = "none";
|
||||||
fsType = "tmpfs";
|
fsType = "tmpfs";
|
||||||
options = [ "defaults" "size=512M" ];
|
options = [
|
||||||
|
"defaults"
|
||||||
|
"size=512M"
|
||||||
|
];
|
||||||
};
|
};
|
||||||
services.journald.extraConfig = ''
|
services.journald.extraConfig = ''
|
||||||
SystemMaxUse=300M
|
SystemMaxUse=300M
|
||||||
|
|
|
@ -1,6 +1,13 @@
|
||||||
{ config, lib, pkgs, ... }:
|
{
|
||||||
let cfg = config.services.az-logs-share;
|
config,
|
||||||
in {
|
lib,
|
||||||
|
pkgs,
|
||||||
|
...
|
||||||
|
}:
|
||||||
|
let
|
||||||
|
cfg = config.services.az-logs-share;
|
||||||
|
in
|
||||||
|
{
|
||||||
options = {
|
options = {
|
||||||
services.az-logs-share.enable = lib.mkEnableOption "Enable mount share";
|
services.az-logs-share.enable = lib.mkEnableOption "Enable mount share";
|
||||||
};
|
};
|
||||||
|
|
|
@ -1,18 +1,27 @@
|
||||||
{ config, lib, pkgs, ... }:
|
{
|
||||||
let cfg = config.services.az-mariadb-for-containers;
|
config,
|
||||||
in {
|
lib,
|
||||||
|
pkgs,
|
||||||
|
...
|
||||||
|
}:
|
||||||
|
let
|
||||||
|
cfg = config.services.az-mariadb-for-containers;
|
||||||
|
in
|
||||||
|
{
|
||||||
options = {
|
options = {
|
||||||
services.az-mariadb-for-containers.enable =
|
services.az-mariadb-for-containers.enable = lib.mkEnableOption "Enable MariaDB configured for container clients.";
|
||||||
lib.mkEnableOption "Enable MariaDB configured for container clients.";
|
|
||||||
};
|
};
|
||||||
|
|
||||||
config = lib.mkIf cfg.enable {
|
config = lib.mkIf cfg.enable {
|
||||||
services.mysql = {
|
services.mysql = {
|
||||||
enable = true;
|
enable = true;
|
||||||
package = pkgs.mariadb_110;
|
package = pkgs.mariadb_110;
|
||||||
settings = { mysqld = { bind-address = "172.17.0.1"; }; };
|
settings = {
|
||||||
|
mysqld = {
|
||||||
|
bind-address = "172.17.0.1";
|
||||||
|
};
|
||||||
|
};
|
||||||
};
|
};
|
||||||
networking.firewall.extraCommands =
|
networking.firewall.extraCommands = "iptables -A INPUT -p tcp --destination-port 3306 -s 172.16.0.0/12 -j ACCEPT";
|
||||||
"iptables -A INPUT -p tcp --destination-port 3306 -s 172.16.0.0/12 -j ACCEPT";
|
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,16 +1,21 @@
|
||||||
{ config, lib, ... }:
|
{ config, lib, ... }:
|
||||||
let cfg = config.services.az-media-share;
|
let
|
||||||
in {
|
cfg = config.services.az-media-share;
|
||||||
|
in
|
||||||
|
{
|
||||||
options = {
|
options = {
|
||||||
services.az-media-share.enable =
|
services.az-media-share.enable = lib.mkEnableOption "Mount the NFS share for with my media.";
|
||||||
lib.mkEnableOption "Mount the NFS share for with my media.";
|
|
||||||
};
|
};
|
||||||
|
|
||||||
config = lib.mkIf cfg.enable {
|
config = lib.mkIf cfg.enable {
|
||||||
fileSystems."/mnt/media" = {
|
fileSystems."/mnt/media" = {
|
||||||
device = "10.7.89.108:media";
|
device = "10.7.89.108:media";
|
||||||
fsType = "nfs";
|
fsType = "nfs";
|
||||||
options = [ "noatime" "hard" "nfsvers=4.0" ];
|
options = [
|
||||||
|
"noatime"
|
||||||
|
"hard"
|
||||||
|
"nfsvers=4.0"
|
||||||
|
];
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,4 +1,10 @@
|
||||||
{ config, inputs, lib, pkgs, ... }:
|
{
|
||||||
|
config,
|
||||||
|
inputs,
|
||||||
|
lib,
|
||||||
|
pkgs,
|
||||||
|
...
|
||||||
|
}:
|
||||||
let
|
let
|
||||||
cfg = config.services.az-nextcloud;
|
cfg = config.services.az-nextcloud;
|
||||||
cronService = "${config.virtualisation.oci-containers.backend}-cron";
|
cronService = "${config.virtualisation.oci-containers.backend}-cron";
|
||||||
|
@ -6,8 +12,7 @@ let
|
||||||
MYSQL_DATABASE = "nextcloud";
|
MYSQL_DATABASE = "nextcloud";
|
||||||
MYSQL_USER = "nextcloud";
|
MYSQL_USER = "nextcloud";
|
||||||
MYSQL_HOST = "172.17.0.1";
|
MYSQL_HOST = "172.17.0.1";
|
||||||
NEXTCLOUD_TRUSTED_DOMAINS =
|
NEXTCLOUD_TRUSTED_DOMAINS = "${cfg.domain} ${config.networking.hostName}.2li.local 10.7.89.103";
|
||||||
"${cfg.domain} ${config.networking.hostName}.2li.local 10.7.89.103";
|
|
||||||
REDIS_HOST = "redis";
|
REDIS_HOST = "redis";
|
||||||
SMTP_HOST = "mail.infomaniak.com";
|
SMTP_HOST = "mail.infomaniak.com";
|
||||||
SMTP_SECURE = "ssl";
|
SMTP_SECURE = "ssl";
|
||||||
|
@ -15,15 +20,13 @@ let
|
||||||
};
|
};
|
||||||
networkName = "nextcloud";
|
networkName = "nextcloud";
|
||||||
# https://github.com/Nebucatnetzer/nextcloud-smb
|
# https://github.com/Nebucatnetzer/nextcloud-smb
|
||||||
nextcloudImage =
|
nextcloudImage = "ghcr.io/nebucatnetzer/nextcloud-smb/nextcloud-smb:28.0.1@sha256:2fc015f2844e44e861099474927696244ddb59bcfb3fc7b693468a30543a211e";
|
||||||
"ghcr.io/nebucatnetzer/nextcloud-smb/nextcloud-smb:28.0.1@sha256:2fc015f2844e44e861099474927696244ddb59bcfb3fc7b693468a30543a211e";
|
nextcloudService = "${config.virtualisation.oci-containers.backend}-nextcloud";
|
||||||
nextcloudService =
|
|
||||||
"${config.virtualisation.oci-containers.backend}-nextcloud";
|
|
||||||
volumePath = "/mnt/server-data/nextcloud";
|
volumePath = "/mnt/server-data/nextcloud";
|
||||||
in {
|
in
|
||||||
|
{
|
||||||
options = {
|
options = {
|
||||||
services.az-nextcloud.enable =
|
services.az-nextcloud.enable = lib.mkEnableOption "Enable Nextcloud running in a container.";
|
||||||
lib.mkEnableOption "Enable Nextcloud running in a container.";
|
|
||||||
services.az-nextcloud.domain = lib.mkOption {
|
services.az-nextcloud.domain = lib.mkOption {
|
||||||
type = lib.types.str;
|
type = lib.types.str;
|
||||||
description = "The domain Nextcloud is being run from.";
|
description = "The domain Nextcloud is being run from.";
|
||||||
|
@ -36,7 +39,11 @@ in {
|
||||||
fileSystems."${volumePath}" = {
|
fileSystems."${volumePath}" = {
|
||||||
device = "10.7.89.108:server_data/nextcloud/data";
|
device = "10.7.89.108:server_data/nextcloud/data";
|
||||||
fsType = "nfs";
|
fsType = "nfs";
|
||||||
options = [ "hard" "noatime" "rw" ];
|
options = [
|
||||||
|
"hard"
|
||||||
|
"noatime"
|
||||||
|
"rw"
|
||||||
|
];
|
||||||
};
|
};
|
||||||
services = {
|
services = {
|
||||||
az-acme-base.enable = true;
|
az-acme-base.enable = true;
|
||||||
|
@ -99,8 +106,10 @@ in {
|
||||||
"/etc/localtime:/etc/localtime:ro"
|
"/etc/localtime:/etc/localtime:ro"
|
||||||
"${volumePath}:/var/www/html"
|
"${volumePath}:/var/www/html"
|
||||||
];
|
];
|
||||||
extraOptions =
|
extraOptions = [
|
||||||
[ "--net=${networkName}" "--log-opt=tag='nextcloud-nginx'" ];
|
"--net=${networkName}"
|
||||||
|
"--log-opt=tag='nextcloud-nginx'"
|
||||||
|
];
|
||||||
};
|
};
|
||||||
containers."cron" = {
|
containers."cron" = {
|
||||||
image = nextcloudImage;
|
image = nextcloudImage;
|
||||||
|
@ -109,8 +118,10 @@ in {
|
||||||
environmentFiles = [ config.age.secrets.nextcloudEnv.path ];
|
environmentFiles = [ config.age.secrets.nextcloudEnv.path ];
|
||||||
entrypoint = "/cron.sh";
|
entrypoint = "/cron.sh";
|
||||||
dependsOn = [ "redis" ];
|
dependsOn = [ "redis" ];
|
||||||
volumes =
|
volumes = [
|
||||||
[ "/etc/localtime:/etc/localtime:ro" "${volumePath}:/var/www/html" ];
|
"/etc/localtime:/etc/localtime:ro"
|
||||||
|
"${volumePath}:/var/www/html"
|
||||||
|
];
|
||||||
extraOptions = [
|
extraOptions = [
|
||||||
"--add-host=host.docker.internal:host-gateway"
|
"--add-host=host.docker.internal:host-gateway"
|
||||||
"--net=nextcloud"
|
"--net=nextcloud"
|
||||||
|
@ -121,7 +132,10 @@ in {
|
||||||
image = "redis:alpine";
|
image = "redis:alpine";
|
||||||
autoStart = true;
|
autoStart = true;
|
||||||
volumes = [ "/etc/localtime:/etc/localtime:ro" ];
|
volumes = [ "/etc/localtime:/etc/localtime:ro" ];
|
||||||
extraOptions = [ "--net=${networkName}" "--log-opt=tag='redis'" ];
|
extraOptions = [
|
||||||
|
"--net=${networkName}"
|
||||||
|
"--log-opt=tag='redis'"
|
||||||
|
];
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
system.activationScripts.makeDockerNetwork = ''
|
system.activationScripts.makeDockerNetwork = ''
|
||||||
|
@ -129,7 +143,9 @@ in {
|
||||||
'';
|
'';
|
||||||
|
|
||||||
systemd.services.nextcloud-previews = {
|
systemd.services.nextcloud-previews = {
|
||||||
serviceConfig = { Type = "oneshot"; };
|
serviceConfig = {
|
||||||
|
Type = "oneshot";
|
||||||
|
};
|
||||||
script = ''
|
script = ''
|
||||||
${pkgs.docker}/bin/docker exec -u www-data nextcloud php occ preview:pre-generate
|
${pkgs.docker}/bin/docker exec -u www-data nextcloud php occ preview:pre-generate
|
||||||
'';
|
'';
|
||||||
|
@ -142,8 +158,10 @@ in {
|
||||||
environment.shellAliases = {
|
environment.shellAliases = {
|
||||||
occ = "${pkgs.docker}/bin/docker exec -u www-data nextcloud php occ";
|
occ = "${pkgs.docker}/bin/docker exec -u www-data nextcloud php occ";
|
||||||
};
|
};
|
||||||
systemd.services.${nextcloudService}.after =
|
systemd.services.${nextcloudService}.after = [
|
||||||
[ "mysql.service" "nginx.service" ];
|
"mysql.service"
|
||||||
|
"nginx.service"
|
||||||
|
];
|
||||||
systemd.services.${cronService}.after = [ "mysql.service" ];
|
systemd.services.${cronService}.after = [ "mysql.service" ];
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,13 +1,17 @@
|
||||||
{ config, lib, ... }:
|
{ config, lib, ... }:
|
||||||
let cfg = config.services.az-acme-base;
|
let
|
||||||
in {
|
cfg = config.services.az-acme-base;
|
||||||
|
in
|
||||||
|
{
|
||||||
options = {
|
options = {
|
||||||
services.az-acme-base.enable =
|
services.az-acme-base.enable = lib.mkEnableOption "All the common options I need for ACME certs.";
|
||||||
lib.mkEnableOption "All the common options I need for ACME certs.";
|
|
||||||
};
|
};
|
||||||
|
|
||||||
config = lib.mkIf cfg.enable {
|
config = lib.mkIf cfg.enable {
|
||||||
networking.firewall.allowedTCPPorts = [ 80 443 ];
|
networking.firewall.allowedTCPPorts = [
|
||||||
|
80
|
||||||
|
443
|
||||||
|
];
|
||||||
security.acme = {
|
security.acme = {
|
||||||
acceptTerms = true;
|
acceptTerms = true;
|
||||||
defaults.email = "admin+acme@zweili.ch";
|
defaults.email = "admin+acme@zweili.ch";
|
||||||
|
|
|
@ -1,10 +1,16 @@
|
||||||
{ config, lib, pkgs, ... }:
|
{
|
||||||
let cfg = config.services.az-nginx-fpm;
|
config,
|
||||||
in {
|
lib,
|
||||||
|
pkgs,
|
||||||
|
...
|
||||||
|
}:
|
||||||
|
let
|
||||||
|
cfg = config.services.az-nginx-fpm;
|
||||||
|
in
|
||||||
|
{
|
||||||
options = {
|
options = {
|
||||||
services.az-nginx-fpm = {
|
services.az-nginx-fpm = {
|
||||||
enable =
|
enable = lib.mkEnableOption "Enable Nginx with config for FPM in a container.";
|
||||||
lib.mkEnableOption "Enable Nginx with config for FPM in a container.";
|
|
||||||
dataDir = lib.mkOption {
|
dataDir = lib.mkOption {
|
||||||
type = lib.types.str;
|
type = lib.types.str;
|
||||||
description = "The directory where the application lives on the host.";
|
description = "The directory where the application lives on the host.";
|
||||||
|
@ -53,5 +59,4 @@ in {
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,6 +1,8 @@
|
||||||
{ config, lib, ... }:
|
{ config, lib, ... }:
|
||||||
let cfg = config.services.az-nginx-proxy;
|
let
|
||||||
in {
|
cfg = config.services.az-nginx-proxy;
|
||||||
|
in
|
||||||
|
{
|
||||||
options = {
|
options = {
|
||||||
services.az-nginx-proxy = {
|
services.az-nginx-proxy = {
|
||||||
enable = lib.mkEnableOption "Enable Nginx proxy, mainly to provide SSL.";
|
enable = lib.mkEnableOption "Enable Nginx proxy, mainly to provide SSL.";
|
||||||
|
|
|
@ -1,6 +1,8 @@
|
||||||
{ config, lib, ... }:
|
{ config, lib, ... }:
|
||||||
let cfg = config.services.az-pipewire;
|
let
|
||||||
in {
|
cfg = config.services.az-pipewire;
|
||||||
|
in
|
||||||
|
{
|
||||||
options = {
|
options = {
|
||||||
services.az-pipewire.enable = lib.mkEnableOption "Enable pipewire";
|
services.az-pipewire.enable = lib.mkEnableOption "Enable pipewire";
|
||||||
};
|
};
|
||||||
|
|
|
@ -1,11 +1,16 @@
|
||||||
{ config, inputs, lib, ... }:
|
{
|
||||||
|
config,
|
||||||
|
inputs,
|
||||||
|
lib,
|
||||||
|
...
|
||||||
|
}:
|
||||||
let
|
let
|
||||||
cfg = config.services.az-plex;
|
cfg = config.services.az-plex;
|
||||||
volumePath = "/mnt/media";
|
volumePath = "/mnt/media";
|
||||||
in {
|
in
|
||||||
|
{
|
||||||
options = {
|
options = {
|
||||||
services.az-plex.enable =
|
services.az-plex.enable = lib.mkEnableOption "Enable Plex running in Docker";
|
||||||
lib.mkEnableOption "Enable Plex running in Docker";
|
|
||||||
};
|
};
|
||||||
|
|
||||||
config = lib.mkIf cfg.enable {
|
config = lib.mkIf cfg.enable {
|
||||||
|
@ -33,8 +38,7 @@ in {
|
||||||
containers."plex" = {
|
containers."plex" = {
|
||||||
autoStart = true;
|
autoStart = true;
|
||||||
# https://fleet.linuxserver.io/image?name=linuxserver/plex
|
# https://fleet.linuxserver.io/image?name=linuxserver/plex
|
||||||
image =
|
image = "lscr.io/linuxserver/plex:1.32.8@sha256:656cfa13024d3d1a96e2fa91aa4e8a9a5e2d8c4bb67fc1feb5da0e13ef99e705";
|
||||||
"lscr.io/linuxserver/plex:1.32.8@sha256:656cfa13024d3d1a96e2fa91aa4e8a9a5e2d8c4bb67fc1feb5da0e13ef99e705";
|
|
||||||
environment = {
|
environment = {
|
||||||
TZ = " Europe/Zurich ";
|
TZ = " Europe/Zurich ";
|
||||||
PUID = "1000";
|
PUID = "1000";
|
||||||
|
@ -48,7 +52,10 @@ in {
|
||||||
"/var/lib/plex/tmp:/transcode"
|
"/var/lib/plex/tmp:/transcode"
|
||||||
"/etc/localtime:/etc/localtime:ro"
|
"/etc/localtime:/etc/localtime:ro"
|
||||||
];
|
];
|
||||||
extraOptions = [ "--network=host" "--log-opt=tag='plex'" ];
|
extraOptions = [
|
||||||
|
"--network=host"
|
||||||
|
"--log-opt=tag='plex'"
|
||||||
|
];
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
|
@ -1,9 +1,15 @@
|
||||||
{ config, lib, pkgs, ... }:
|
{
|
||||||
let cfg = config.services.az-postgresql;
|
config,
|
||||||
in {
|
lib,
|
||||||
|
pkgs,
|
||||||
|
...
|
||||||
|
}:
|
||||||
|
let
|
||||||
|
cfg = config.services.az-postgresql;
|
||||||
|
in
|
||||||
|
{
|
||||||
options = {
|
options = {
|
||||||
services.az-postgresql.enable = lib.mkEnableOption
|
services.az-postgresql.enable = lib.mkEnableOption "Enable PostgreSQL with settings for container clients.";
|
||||||
"Enable PostgreSQL with settings for container clients.";
|
|
||||||
};
|
};
|
||||||
|
|
||||||
config = lib.mkIf cfg.enable {
|
config = lib.mkIf cfg.enable {
|
||||||
|
@ -13,7 +19,6 @@ in {
|
||||||
package = pkgs.postgresql_14;
|
package = pkgs.postgresql_14;
|
||||||
settings.listen_addresses = pkgs.lib.mkForce "127.0.0.1,172.17.0.1";
|
settings.listen_addresses = pkgs.lib.mkForce "127.0.0.1,172.17.0.1";
|
||||||
};
|
};
|
||||||
networking.firewall.extraCommands =
|
networking.firewall.extraCommands = "iptables -A INPUT -p tcp --destination-port 5432 -s 172.16.0.0/12 -j ACCEPT";
|
||||||
"iptables -A INPUT -p tcp --destination-port 5432 -s 172.16.0.0/12 -j ACCEPT";
|
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,4 +1,9 @@
|
||||||
{ config, lib, pkgs, ... }:
|
{
|
||||||
|
config,
|
||||||
|
lib,
|
||||||
|
pkgs,
|
||||||
|
...
|
||||||
|
}:
|
||||||
let
|
let
|
||||||
cfg = config.services.az-qtile;
|
cfg = config.services.az-qtile;
|
||||||
rofi-search = pkgs.writeShellScriptBin "rofi-search" ''
|
rofi-search = pkgs.writeShellScriptBin "rofi-search" ''
|
||||||
|
@ -15,10 +20,10 @@ let
|
||||||
echo "No input provided."
|
echo "No input provided."
|
||||||
fi
|
fi
|
||||||
'';
|
'';
|
||||||
in {
|
in
|
||||||
|
{
|
||||||
options = {
|
options = {
|
||||||
services.az-qtile.enable =
|
services.az-qtile.enable = lib.mkEnableOption "Enable Qtile window manager.";
|
||||||
lib.mkEnableOption "Enable Qtile window manager.";
|
|
||||||
};
|
};
|
||||||
|
|
||||||
config = lib.mkIf cfg.enable {
|
config = lib.mkIf cfg.enable {
|
||||||
|
|
|
@ -1,7 +1,16 @@
|
||||||
{ config, lib, pkgs, ... }:
|
{
|
||||||
let cfg = config.services.az-rdp;
|
config,
|
||||||
in {
|
lib,
|
||||||
options = { services.az-rdp.enable = lib.mkEnableOption "enable rdp"; };
|
pkgs,
|
||||||
|
...
|
||||||
|
}:
|
||||||
|
let
|
||||||
|
cfg = config.services.az-rdp;
|
||||||
|
in
|
||||||
|
{
|
||||||
|
options = {
|
||||||
|
services.az-rdp.enable = lib.mkEnableOption "enable rdp";
|
||||||
|
};
|
||||||
|
|
||||||
config = lib.mkIf cfg.enable {
|
config = lib.mkIf cfg.enable {
|
||||||
services.xrdp = {
|
services.xrdp = {
|
||||||
|
|
|
@ -1,12 +1,18 @@
|
||||||
{ config, inputs, lib, pkgs, ... }:
|
{
|
||||||
|
config,
|
||||||
|
inputs,
|
||||||
|
lib,
|
||||||
|
pkgs,
|
||||||
|
...
|
||||||
|
}:
|
||||||
let
|
let
|
||||||
cfg = config.services.az-restic-client-desktop;
|
cfg = config.services.az-restic-client-desktop;
|
||||||
password_file = config.age.secrets.resticKey.path;
|
password_file = config.age.secrets.resticKey.path;
|
||||||
repository = "rest:http://10.7.89.30:8000";
|
repository = "rest:http://10.7.89.30:8000";
|
||||||
in {
|
in
|
||||||
|
{
|
||||||
options = {
|
options = {
|
||||||
services.az-restic-client-desktop.enable =
|
services.az-restic-client-desktop.enable = lib.mkEnableOption "Enable restic backups";
|
||||||
lib.mkEnableOption "Enable restic backups";
|
|
||||||
};
|
};
|
||||||
config = lib.mkIf cfg.enable {
|
config = lib.mkIf cfg.enable {
|
||||||
services.az-telegram-notifications.enable = true;
|
services.az-telegram-notifications.enable = true;
|
||||||
|
|
|
@ -1,6 +1,14 @@
|
||||||
{ config, inputs, lib, pkgs, ... }:
|
{
|
||||||
let cfg = config.services.az-restic-client-server-mysql;
|
config,
|
||||||
in {
|
inputs,
|
||||||
|
lib,
|
||||||
|
pkgs,
|
||||||
|
...
|
||||||
|
}:
|
||||||
|
let
|
||||||
|
cfg = config.services.az-restic-client-server-mysql;
|
||||||
|
in
|
||||||
|
{
|
||||||
options = {
|
options = {
|
||||||
services.az-restic-client-server-mysql = {
|
services.az-restic-client-server-mysql = {
|
||||||
enable = lib.mkEnableOption "Enable restic backups for MariaDB.";
|
enable = lib.mkEnableOption "Enable restic backups for MariaDB.";
|
||||||
|
@ -21,14 +29,18 @@ in {
|
||||||
};
|
};
|
||||||
|
|
||||||
config = lib.mkIf cfg.enable {
|
config = lib.mkIf cfg.enable {
|
||||||
services.az-telegram-notifications = { enable = true; };
|
services.az-telegram-notifications = {
|
||||||
|
enable = true;
|
||||||
|
};
|
||||||
|
|
||||||
age.secrets.resticKey.file = "${inputs.self}/scrts/restic.key.age";
|
age.secrets.resticKey.file = "${inputs.self}/scrts/restic.key.age";
|
||||||
|
|
||||||
systemd.timers."restic-backups" = {
|
systemd.timers."restic-backups" = {
|
||||||
wantedBy = [ "timers.target" ];
|
wantedBy = [ "timers.target" ];
|
||||||
partOf = [ "restic-backups.service" ];
|
partOf = [ "restic-backups.service" ];
|
||||||
timerConfig = { OnCalendar = cfg.time; };
|
timerConfig = {
|
||||||
|
OnCalendar = cfg.time;
|
||||||
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
systemd.services."restic-backups" = {
|
systemd.services."restic-backups" = {
|
||||||
|
|
|
@ -1,6 +1,14 @@
|
||||||
{ config, inputs, lib, pkgs, ... }:
|
{
|
||||||
let cfg = config.services.az-restic-client-server-postgres;
|
config,
|
||||||
in {
|
inputs,
|
||||||
|
lib,
|
||||||
|
pkgs,
|
||||||
|
...
|
||||||
|
}:
|
||||||
|
let
|
||||||
|
cfg = config.services.az-restic-client-server-postgres;
|
||||||
|
in
|
||||||
|
{
|
||||||
options = {
|
options = {
|
||||||
services.az-restic-client-server-postgres = {
|
services.az-restic-client-server-postgres = {
|
||||||
enable = lib.mkEnableOption "Enable restic backups for PostgreSQL.";
|
enable = lib.mkEnableOption "Enable restic backups for PostgreSQL.";
|
||||||
|
@ -28,7 +36,9 @@ in {
|
||||||
systemd.timers."restic-backups" = {
|
systemd.timers."restic-backups" = {
|
||||||
wantedBy = [ "timers.target" ];
|
wantedBy = [ "timers.target" ];
|
||||||
partOf = [ "restic-backups.service" ];
|
partOf = [ "restic-backups.service" ];
|
||||||
timerConfig = { OnCalendar = cfg.time; };
|
timerConfig = {
|
||||||
|
OnCalendar = cfg.time;
|
||||||
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
systemd.services."restic-backups" = {
|
systemd.services."restic-backups" = {
|
||||||
|
|
|
@ -1,6 +1,14 @@
|
||||||
{ config, inputs, lib, pkgs, ... }:
|
{
|
||||||
let cfg = config.services.az-restic-client-server;
|
config,
|
||||||
in {
|
inputs,
|
||||||
|
lib,
|
||||||
|
pkgs,
|
||||||
|
...
|
||||||
|
}:
|
||||||
|
let
|
||||||
|
cfg = config.services.az-restic-client-server;
|
||||||
|
in
|
||||||
|
{
|
||||||
options = {
|
options = {
|
||||||
services.az-restic-client-server = {
|
services.az-restic-client-server = {
|
||||||
enable = lib.mkEnableOption "Enable restic backups on server systems.";
|
enable = lib.mkEnableOption "Enable restic backups on server systems.";
|
||||||
|
@ -27,7 +35,9 @@ in {
|
||||||
systemd.timers."restic-backups" = {
|
systemd.timers."restic-backups" = {
|
||||||
wantedBy = [ "timers.target" ];
|
wantedBy = [ "timers.target" ];
|
||||||
partOf = [ "restic-backups.service" ];
|
partOf = [ "restic-backups.service" ];
|
||||||
timerConfig = { OnCalendar = cfg.time; };
|
timerConfig = {
|
||||||
|
OnCalendar = cfg.time;
|
||||||
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
systemd.services."restic-backups" = {
|
systemd.services."restic-backups" = {
|
||||||
|
|
|
@ -1,6 +1,14 @@
|
||||||
{ config, inputs, lib, pkgs, ... }:
|
{
|
||||||
let cfg = config.services.az-restic-server;
|
config,
|
||||||
in {
|
inputs,
|
||||||
|
lib,
|
||||||
|
pkgs,
|
||||||
|
...
|
||||||
|
}:
|
||||||
|
let
|
||||||
|
cfg = config.services.az-restic-server;
|
||||||
|
in
|
||||||
|
{
|
||||||
options = {
|
options = {
|
||||||
services.az-restic-server = {
|
services.az-restic-server = {
|
||||||
enable = lib.mkEnableOption "Enable a restic server.";
|
enable = lib.mkEnableOption "Enable a restic server.";
|
||||||
|
@ -27,7 +35,11 @@ in {
|
||||||
fileSystems."${cfg.repository}" = {
|
fileSystems."${cfg.repository}" = {
|
||||||
device = "10.7.89.108:restic-server";
|
device = "10.7.89.108:restic-server";
|
||||||
fsType = "nfs";
|
fsType = "nfs";
|
||||||
options = [ "noatime" "hard" "nfsvers=4.0" ];
|
options = [
|
||||||
|
"noatime"
|
||||||
|
"hard"
|
||||||
|
"nfsvers=4.0"
|
||||||
|
];
|
||||||
};
|
};
|
||||||
services.restic.server = {
|
services.restic.server = {
|
||||||
enable = true;
|
enable = true;
|
||||||
|
|
|
@ -2,7 +2,8 @@
|
||||||
let
|
let
|
||||||
cfg = config.services.az-rss-bridge;
|
cfg = config.services.az-rss-bridge;
|
||||||
whitelist = builtins.toFile "whitelist.txt" "*";
|
whitelist = builtins.toFile "whitelist.txt" "*";
|
||||||
in {
|
in
|
||||||
|
{
|
||||||
options = {
|
options = {
|
||||||
services.az-rss-bridge.enable = lib.mkEnableOption "Enable RSS bridge.";
|
services.az-rss-bridge.enable = lib.mkEnableOption "Enable RSS bridge.";
|
||||||
};
|
};
|
||||||
|
@ -14,8 +15,7 @@ in {
|
||||||
backend = "docker";
|
backend = "docker";
|
||||||
containers."rss-bridge" = {
|
containers."rss-bridge" = {
|
||||||
# https://hub.docker.com/r/rssbridge/rss-bridge/tags
|
# https://hub.docker.com/r/rssbridge/rss-bridge/tags
|
||||||
image =
|
image = "rssbridge/rss-bridge@sha256:908ee2936c1acdddbff69020cf4f01f259b4e230fd924876b3c8dfbaa8e3326c";
|
||||||
"rssbridge/rss-bridge@sha256:908ee2936c1acdddbff69020cf4f01f259b4e230fd924876b3c8dfbaa8e3326c";
|
|
||||||
autoStart = true;
|
autoStart = true;
|
||||||
ports = [ "8082:80" ];
|
ports = [ "8082:80" ];
|
||||||
volumes = [
|
volumes = [
|
||||||
|
|
|
@ -1,7 +1,11 @@
|
||||||
{ config, lib, ... }:
|
{ config, lib, ... }:
|
||||||
let cfg = config.services.az-syslog;
|
let
|
||||||
in {
|
cfg = config.services.az-syslog;
|
||||||
options = { services.az-syslog.enable = lib.mkEnableOption "Enable syslog"; };
|
in
|
||||||
|
{
|
||||||
|
options = {
|
||||||
|
services.az-syslog.enable = lib.mkEnableOption "Enable syslog";
|
||||||
|
};
|
||||||
|
|
||||||
config = lib.mkIf cfg.enable {
|
config = lib.mkIf cfg.enable {
|
||||||
services.rsyslogd = {
|
services.rsyslogd = {
|
||||||
|
@ -15,4 +19,3 @@ in {
|
||||||
systemd.services.syslog.after = [ "network-online.target" ];
|
systemd.services.syslog.after = [ "network-online.target" ];
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -1,4 +1,10 @@
|
||||||
{ config, inputs, lib, pkgs, ... }:
|
{
|
||||||
|
config,
|
||||||
|
inputs,
|
||||||
|
lib,
|
||||||
|
pkgs,
|
||||||
|
...
|
||||||
|
}:
|
||||||
let
|
let
|
||||||
cfg = config.services.az-telegram-notifications;
|
cfg = config.services.az-telegram-notifications;
|
||||||
|
|
||||||
|
@ -16,18 +22,19 @@ let
|
||||||
${send-to-telegram} "$ALERT Unit failed $UNIT $ALERT
|
${send-to-telegram} "$ALERT Unit failed $UNIT $ALERT
|
||||||
Status:
|
Status:
|
||||||
$UNITSTATUS"'';
|
$UNITSTATUS"'';
|
||||||
in {
|
in
|
||||||
|
{
|
||||||
options = {
|
options = {
|
||||||
services.az-telegram-notifications.enable =
|
services.az-telegram-notifications.enable = lib.mkEnableOption "Enable Telegram Notifications";
|
||||||
lib.mkEnableOption "Enable Telegram Notifications";
|
|
||||||
};
|
};
|
||||||
|
|
||||||
config = lib.mkIf cfg.enable {
|
config = lib.mkIf cfg.enable {
|
||||||
age.secrets.telegramNotifyEnv.file =
|
age.secrets.telegramNotifyEnv.file = "${inputs.self}/scrts/telegram_notify_env.age";
|
||||||
"${inputs.self}/scrts/telegram_notify_env.age";
|
|
||||||
systemd.services."unit-status-telegram@" = {
|
systemd.services."unit-status-telegram@" = {
|
||||||
description = "Unit Status Telegram Service";
|
description = "Unit Status Telegram Service";
|
||||||
unitConfig = { After = "network-online.target"; };
|
unitConfig = {
|
||||||
|
After = "network-online.target";
|
||||||
|
};
|
||||||
serviceConfig = {
|
serviceConfig = {
|
||||||
Type = "simple";
|
Type = "simple";
|
||||||
ExecStart = "${unit-status-telegram} %I";
|
ExecStart = "${unit-status-telegram} %I";
|
||||||
|
|
|
@ -1,7 +1,11 @@
|
||||||
{ config, lib, ... }:
|
{ config, lib, ... }:
|
||||||
let cfg = config.services.az-tlp;
|
let
|
||||||
in {
|
cfg = config.services.az-tlp;
|
||||||
options = { services.az-tlp.enable = lib.mkEnableOption "Enable TLP"; };
|
in
|
||||||
|
{
|
||||||
|
options = {
|
||||||
|
services.az-tlp.enable = lib.mkEnableOption "Enable TLP";
|
||||||
|
};
|
||||||
|
|
||||||
config = lib.mkIf cfg.enable {
|
config = lib.mkIf cfg.enable {
|
||||||
services.tlp = {
|
services.tlp = {
|
||||||
|
|
|
@ -1,15 +1,17 @@
|
||||||
{ config, lib, ... }:
|
{ config, lib, ... }:
|
||||||
let cfg = config.services.az-virtualbox-guest;
|
let
|
||||||
in {
|
cfg = config.services.az-virtualbox-guest;
|
||||||
|
in
|
||||||
|
{
|
||||||
options = {
|
options = {
|
||||||
services.az-virtualbox-guest.enable =
|
services.az-virtualbox-guest.enable = lib.mkEnableOption "Enable virtualbox services";
|
||||||
lib.mkEnableOption "Enable virtualbox services";
|
|
||||||
};
|
};
|
||||||
|
|
||||||
config = lib.mkIf cfg.enable {
|
config = lib.mkIf cfg.enable {
|
||||||
virtualisation.virtualbox.guest.enable = true;
|
virtualisation.virtualbox.guest.enable = true;
|
||||||
virtualisation.virtualbox.guest.x11 = true;
|
virtualisation.virtualbox.guest.x11 = true;
|
||||||
users.users.${config.az-username} = { extraGroups = [ "vboxsf" ]; };
|
users.users.${config.az-username} = {
|
||||||
|
extraGroups = [ "vboxsf" ];
|
||||||
|
};
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -1,34 +1,23 @@
|
||||||
let
|
let
|
||||||
andreas =
|
andreas = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCR+JXNHSAEQamn2QiaKV0vejCPy6OmzOePXoaQF6CEknXyvBO4j7+qpgZ5RAhe7ups8xZrEpBKdtxRMf7OdQQEXg1PLlfWZSJTC8EGu1TbMltbwwHizgsK/15LkDhJ0Gk/GFz9O9GvGqjizik8Kvvqz8XWY0tEtYs5Riq8bB5D5Ctwl10iultqnIQkdaX0bNa/2X57XKeutWdbqhuSC/C7awC1aVDIdfy1BNT3weHhQhFVAeAlH7Fy4rx3gYPclICfzu27lulLeXKJj9F+NdeY84zEy7E8IkE7eqdo1zfdJJpXSIh3FqekWen5njzWJsXqZCa2Ynk1poK/Rv/ti+ySE+4XicyXp0VJM8fDz6iUI0S/pjumHwzpoN9CeNe5PDK3Y7iQzSlO9REvkj/+v7r2s6XKslk9B7hTKunvH5JgHlIeYymzXb4r2LggNrP/1KUgNk1Ztu+s1c5onXYfBNul1iQOFU3+kgTk8Oh/UFK3FA0dYeWrOLA02TdH2S7U6yE= andreas@gwyn";
|
||||||
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCR+JXNHSAEQamn2QiaKV0vejCPy6OmzOePXoaQF6CEknXyvBO4j7+qpgZ5RAhe7ups8xZrEpBKdtxRMf7OdQQEXg1PLlfWZSJTC8EGu1TbMltbwwHizgsK/15LkDhJ0Gk/GFz9O9GvGqjizik8Kvvqz8XWY0tEtYs5Riq8bB5D5Ctwl10iultqnIQkdaX0bNa/2X57XKeutWdbqhuSC/C7awC1aVDIdfy1BNT3weHhQhFVAeAlH7Fy4rx3gYPclICfzu27lulLeXKJj9F+NdeY84zEy7E8IkE7eqdo1zfdJJpXSIh3FqekWen5njzWJsXqZCa2Ynk1poK/Rv/ti+ySE+4XicyXp0VJM8fDz6iUI0S/pjumHwzpoN9CeNe5PDK3Y7iQzSlO9REvkj/+v7r2s6XKslk9B7hTKunvH5JgHlIeYymzXb4r2LggNrP/1KUgNk1Ztu+s1c5onXYfBNul1iQOFU3+kgTk8Oh/UFK3FA0dYeWrOLA02TdH2S7U6yE= andreas@gwyn";
|
andreas-nixos-vm = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDA3/7NfN0GSFq4CCZa1BSizm95tFx7Ogz4IS2SaIosZ7xdjVpqAQ7iK/UG5GRKvBjhUnrGUwU9CRt6wYLhs47/qj20pMlnpvLb/0yDUwvY+2SfH6taZeLArL/o4d6jFrPuOGxP5Lt213qe/hZA0hnc6f7gZY13vXJ37Wm4K+st3N8qtk3lcTncb9aPrPoYBfrm7DGWBczdJtPPp/eJmgKATDHsy95hUuUYm17Pu2uzSVRaXIZnuevfySgRHi9qsk962GdC7CcWlctMGry7++1D0lzXdollseZQaKf40wRzMQJrOb7OueI0s5hlKsVNJR9SXbZm0rJhTeUJOzh3v+b5nNzcjqG4Cx6BOOg400ayvTxBC5pH7GRBO1Pgpj3+r2mWFOlPYwfIYS0EjoQIdKYQBefrqRrzDavancIFlqyifs8XQIru7PnF6IP6EmyQwIoybUlZzLPAWXSTXyyx7F0+w181+hYLnbHd7+u6ddVLXbUKfZ77SXiPThep9Tfw3J8= andreas@nixos";
|
||||||
andreas-nixos-vm =
|
users = [
|
||||||
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDA3/7NfN0GSFq4CCZa1BSizm95tFx7Ogz4IS2SaIosZ7xdjVpqAQ7iK/UG5GRKvBjhUnrGUwU9CRt6wYLhs47/qj20pMlnpvLb/0yDUwvY+2SfH6taZeLArL/o4d6jFrPuOGxP5Lt213qe/hZA0hnc6f7gZY13vXJ37Wm4K+st3N8qtk3lcTncb9aPrPoYBfrm7DGWBczdJtPPp/eJmgKATDHsy95hUuUYm17Pu2uzSVRaXIZnuevfySgRHi9qsk962GdC7CcWlctMGry7++1D0lzXdollseZQaKf40wRzMQJrOb7OueI0s5hlKsVNJR9SXbZm0rJhTeUJOzh3v+b5nNzcjqG4Cx6BOOg400ayvTxBC5pH7GRBO1Pgpj3+r2mWFOlPYwfIYS0EjoQIdKYQBefrqRrzDavancIFlqyifs8XQIru7PnF6IP6EmyQwIoybUlZzLPAWXSTXyyx7F0+w181+hYLnbHd7+u6ddVLXbUKfZ77SXiPThep9Tfw3J8= andreas@nixos";
|
andreas
|
||||||
users = [ andreas andreas-nixos-vm ];
|
andreas-nixos-vm
|
||||||
|
];
|
||||||
|
|
||||||
git =
|
git = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDO40In82pEqQJexG9nlXOsYb4T/sYrb/4EVtGc0bfEb";
|
||||||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDO40In82pEqQJexG9nlXOsYb4T/sYrb/4EVtGc0bfEb";
|
gwyn = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGNmtdodpXHcwEsX2x89RyxjX5F6eERanzM4OXlNDx50";
|
||||||
gwyn =
|
loki-test = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKqCmY9F2nWasFtmBpk401lacclXeddDm+OTZ4+tNM94";
|
||||||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGNmtdodpXHcwEsX2x89RyxjX5F6eERanzM4OXlNDx50";
|
mail = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGQ64p/o1u8KUqxmOQkngMdNkfTCNkqYh8ptinatxUDX";
|
||||||
loki-test =
|
management = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICr5M2m7cic6fCaVNEesCn8Ii/VDB0EtyxYWs79aE4BD";
|
||||||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKqCmY9F2nWasFtmBpk401lacclXeddDm+OTZ4+tNM94";
|
nextcloud = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHASRPSKyADQUBe6lQEo8EHixPwktbHQjAPX24GIoWwg";
|
||||||
mail =
|
nixos-vm = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOcmWE9b7GQKOOq61gYLdFA5uZ+hhpBYePmmdRDGwIVu";
|
||||||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGQ64p/o1u8KUqxmOQkngMdNkfTCNkqYh8ptinatxUDX";
|
plex = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDAp4qkxNLabAuwRSKjD1e7nNZ0QuB+BO2VxcYpdfr/X";
|
||||||
management =
|
proxy = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINOhI/rT7BMrXmDgFC2VnrWyFwnMiZPED0z1QFwVgA4B";
|
||||||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICr5M2m7cic6fCaVNEesCn8Ii/VDB0EtyxYWs79aE4BD";
|
staubfinger = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINHaGKfqdWGUC5vg+EFHK19rR+fz29p0rV/9/lbT0lyq";
|
||||||
nextcloud =
|
restic-server = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILX9Sm69VGPrek8PRgWa8xJPqzRrixs1g+8hBu2F6265";
|
||||||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHASRPSKyADQUBe6lQEo8EHixPwktbHQjAPX24GIoWwg";
|
ttrss = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOfWq/ZWeMNIMqXsI4rnkwR+wc/FVdb2jA70sdLMEnyX";
|
||||||
nixos-vm =
|
|
||||||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOcmWE9b7GQKOOq61gYLdFA5uZ+hhpBYePmmdRDGwIVu";
|
|
||||||
plex =
|
|
||||||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDAp4qkxNLabAuwRSKjD1e7nNZ0QuB+BO2VxcYpdfr/X";
|
|
||||||
proxy =
|
|
||||||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINOhI/rT7BMrXmDgFC2VnrWyFwnMiZPED0z1QFwVgA4B";
|
|
||||||
staubfinger =
|
|
||||||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINHaGKfqdWGUC5vg+EFHK19rR+fz29p0rV/9/lbT0lyq";
|
|
||||||
restic-server =
|
|
||||||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILX9Sm69VGPrek8PRgWa8xJPqzRrixs1g+8hBu2F6265";
|
|
||||||
ttrss =
|
|
||||||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOfWq/ZWeMNIMqXsI4rnkwR+wc/FVdb2jA70sdLMEnyX";
|
|
||||||
systems = [
|
systems = [
|
||||||
git
|
git
|
||||||
gwyn
|
gwyn
|
||||||
|
@ -43,10 +32,17 @@ let
|
||||||
staubfinger
|
staubfinger
|
||||||
ttrss
|
ttrss
|
||||||
];
|
];
|
||||||
defaultKeys =
|
defaultKeys = [
|
||||||
[ andreas andreas-nixos-vm gwyn management nixos-vm staubfinger ];
|
andreas
|
||||||
|
andreas-nixos-vm
|
||||||
|
gwyn
|
||||||
|
management
|
||||||
|
nixos-vm
|
||||||
|
staubfinger
|
||||||
|
];
|
||||||
all = users ++ systems;
|
all = users ++ systems;
|
||||||
in {
|
in
|
||||||
|
{
|
||||||
"dkim_2li.ch.age".publicKeys = defaultKeys ++ [ mail ];
|
"dkim_2li.ch.age".publicKeys = defaultKeys ++ [ mail ];
|
||||||
"dkim_zweili.ch.age".publicKeys = defaultKeys ++ [ mail ];
|
"dkim_zweili.ch.age".publicKeys = defaultKeys ++ [ mail ];
|
||||||
"freshrss_db_pass.age".publicKeys = defaultKeys ++ [ ttrss ];
|
"freshrss_db_pass.age".publicKeys = defaultKeys ++ [ ttrss ];
|
||||||
|
@ -60,4 +56,3 @@ in {
|
||||||
"telegram_notify_env.age".publicKeys = all;
|
"telegram_notify_env.age".publicKeys = all;
|
||||||
"webdav_andreas.age".publicKeys = defaultKeys;
|
"webdav_andreas.age".publicKeys = defaultKeys;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -1,14 +1,13 @@
|
||||||
{ pkgs ? import <nixpkgs> { } }:
|
{
|
||||||
|
pkgs ? import <nixpkgs> { },
|
||||||
|
}:
|
||||||
pkgs.mkShell {
|
pkgs.mkShell {
|
||||||
name = "nixosbuildshell";
|
name = "nixosbuildshell";
|
||||||
nativeBuildInputs = with pkgs; [ nixFlakes ];
|
nativeBuildInputs = with pkgs; [ nixFlakes ];
|
||||||
|
|
||||||
shellHook = ''
|
shellHook = ''
|
||||||
PATH=${
|
PATH=${pkgs.writeShellScriptBin "nix" ''
|
||||||
pkgs.writeShellScriptBin "nix" ''
|
${pkgs.nixFlakes}/bin/nix --experimental-features "nix-command flakes" "$@"
|
||||||
${pkgs.nixFlakes}/bin/nix --experimental-features "nix-command flakes" "$@"
|
''}/bin:$PATH
|
||||||
''
|
|
||||||
}/bin:$PATH
|
|
||||||
'';
|
'';
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
13
shell.nix
13
shell.nix
|
@ -1,4 +1,6 @@
|
||||||
{ pkgs ? import <nixpkgs> { } }:
|
{
|
||||||
|
pkgs ? import <nixpkgs> { },
|
||||||
|
}:
|
||||||
pkgs.mkShell {
|
pkgs.mkShell {
|
||||||
name = "nixosbuildshell";
|
name = "nixosbuildshell";
|
||||||
nativeBuildInputs = with pkgs; [
|
nativeBuildInputs = with pkgs; [
|
||||||
|
@ -14,11 +16,8 @@ pkgs.mkShell {
|
||||||
];
|
];
|
||||||
|
|
||||||
shellHook = ''
|
shellHook = ''
|
||||||
PATH=${
|
PATH=${pkgs.writeShellScriptBin "nix" ''
|
||||||
pkgs.writeShellScriptBin "nix" ''
|
${pkgs.nixFlakes}/bin/nix --experimental-features "nix-command flakes" "$@"
|
||||||
${pkgs.nixFlakes}/bin/nix --experimental-features "nix-command flakes" "$@"
|
''}/bin:$PATH
|
||||||
''
|
|
||||||
}/bin:$PATH
|
|
||||||
'';
|
'';
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -1,7 +1,12 @@
|
||||||
{ hostname }:
|
{ hostname }:
|
||||||
{ config, inputs, ... }: {
|
{ config, inputs, ... }:
|
||||||
boot.initrd.availableKernelModules =
|
{
|
||||||
[ "ata_piix" "ohci_pci" "sd_mod" "sr_mod" ];
|
boot.initrd.availableKernelModules = [
|
||||||
|
"ata_piix"
|
||||||
|
"ohci_pci"
|
||||||
|
"sd_mod"
|
||||||
|
"sr_mod"
|
||||||
|
];
|
||||||
boot.initrd.kernelModules = [ ];
|
boot.initrd.kernelModules = [ ];
|
||||||
boot.kernelModules = [ ];
|
boot.kernelModules = [ ];
|
||||||
boot.extraModulePackages = [ ];
|
boot.extraModulePackages = [ ];
|
||||||
|
@ -22,7 +27,7 @@
|
||||||
interfaces.enp0s3.useDHCP = true;
|
interfaces.enp0s3.useDHCP = true;
|
||||||
};
|
};
|
||||||
|
|
||||||
swapDevices = [{ device = "/dev/disk/by-label/swap"; }];
|
swapDevices = [ { device = "/dev/disk/by-label/swap"; } ];
|
||||||
|
|
||||||
users.users.${config.az-username} = {
|
users.users.${config.az-username} = {
|
||||||
openssh.authorizedKeys.keys = [
|
openssh.authorizedKeys.keys = [
|
||||||
|
@ -30,10 +35,11 @@
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
profiles.az-desktop.enable = true;
|
profiles.az-desktop.enable = true;
|
||||||
programs = { az-distrobox.enable = true; };
|
programs = {
|
||||||
|
az-distrobox.enable = true;
|
||||||
|
};
|
||||||
services = {
|
services = {
|
||||||
az-virtualbox-guest.enable = true;
|
az-virtualbox-guest.enable = true;
|
||||||
az-x86.enable = true;
|
az-x86.enable = true;
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -1,7 +1,9 @@
|
||||||
{ hostname }:
|
{ hostname }:
|
||||||
{ inputs, pkgs, ... }:
|
{ inputs, pkgs, ... }:
|
||||||
let domain = "git.2li.ch";
|
let
|
||||||
in {
|
domain = "git.2li.ch";
|
||||||
|
in
|
||||||
|
{
|
||||||
hardware = {
|
hardware = {
|
||||||
az-raspi4-ethernet = {
|
az-raspi4-ethernet = {
|
||||||
enable = true;
|
enable = true;
|
||||||
|
|
|
@ -1,5 +1,11 @@
|
||||||
{ hostname }:
|
{ hostname }:
|
||||||
{ inputs, lib, pkgs, ... }: {
|
{
|
||||||
|
inputs,
|
||||||
|
lib,
|
||||||
|
pkgs,
|
||||||
|
...
|
||||||
|
}:
|
||||||
|
{
|
||||||
imports = [
|
imports = [
|
||||||
inputs.nixos-hardware.nixosModules.dell-precision-5530
|
inputs.nixos-hardware.nixosModules.dell-precision-5530
|
||||||
inputs.nixos-hardware.nixosModules.common-gpu-nvidia
|
inputs.nixos-hardware.nixosModules.common-gpu-nvidia
|
||||||
|
@ -19,7 +25,10 @@
|
||||||
];
|
];
|
||||||
|
|
||||||
boot.initrd.kernelModules = [ "dm-snapshot" ];
|
boot.initrd.kernelModules = [ "dm-snapshot" ];
|
||||||
boot.kernelModules = [ "kvm-intel" "sg" ];
|
boot.kernelModules = [
|
||||||
|
"kvm-intel"
|
||||||
|
"sg"
|
||||||
|
];
|
||||||
boot.extraModulePackages = [ ];
|
boot.extraModulePackages = [ ];
|
||||||
boot.kernelParams = [
|
boot.kernelParams = [
|
||||||
"ip=dhcp" # required for ssh at initrd
|
"ip=dhcp" # required for ssh at initrd
|
||||||
|
@ -32,8 +41,16 @@
|
||||||
|
|
||||||
# Required to build aarch64 packages
|
# Required to build aarch64 packages
|
||||||
boot.binfmt.emulatedSystems = [ "aarch64-linux" ];
|
boot.binfmt.emulatedSystems = [ "aarch64-linux" ];
|
||||||
boot.supportedFilesystems =
|
boot.supportedFilesystems = [
|
||||||
[ "apfs" "exfat" "ext4" "nfs" "nfs4" "ntfs" "cifs" "f2fs" ];
|
"apfs"
|
||||||
|
"exfat"
|
||||||
|
"ext4"
|
||||||
|
"nfs"
|
||||||
|
"nfs4"
|
||||||
|
"ntfs"
|
||||||
|
"cifs"
|
||||||
|
"f2fs"
|
||||||
|
];
|
||||||
|
|
||||||
fileSystems."/" = {
|
fileSystems."/" = {
|
||||||
device = "/dev/disk/by-label/nixos";
|
device = "/dev/disk/by-label/nixos";
|
||||||
|
@ -46,7 +63,7 @@
|
||||||
|
|
||||||
networking.hostName = hostname;
|
networking.hostName = hostname;
|
||||||
|
|
||||||
swapDevices = [{ device = "/dev/disk/by-label/swap"; }];
|
swapDevices = [ { device = "/dev/disk/by-label/swap"; } ];
|
||||||
|
|
||||||
hardware = {
|
hardware = {
|
||||||
az-bluetooth.enable = true;
|
az-bluetooth.enable = true;
|
||||||
|
@ -75,4 +92,3 @@
|
||||||
|
|
||||||
virtualisation.virtualbox.host.enable = true;
|
virtualisation.virtualbox.host.enable = true;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -1,5 +1,6 @@
|
||||||
{ hostname }:
|
{ hostname }:
|
||||||
{ inputs, pkgs, ... }: {
|
{ inputs, pkgs, ... }:
|
||||||
|
{
|
||||||
hardware = {
|
hardware = {
|
||||||
az-raspi4-ethernet = {
|
az-raspi4-ethernet = {
|
||||||
enable = true;
|
enable = true;
|
||||||
|
|
|
@ -1,5 +1,6 @@
|
||||||
{ hostname }:
|
{ hostname }:
|
||||||
{ inputs, pkgs, ... }: {
|
{ inputs, pkgs, ... }:
|
||||||
|
{
|
||||||
hardware = {
|
hardware = {
|
||||||
az-raspi4-ethernet = {
|
az-raspi4-ethernet = {
|
||||||
enable = true;
|
enable = true;
|
||||||
|
@ -22,4 +23,3 @@
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -1,5 +1,6 @@
|
||||||
{ hostname }:
|
{ hostname }:
|
||||||
{ inputs, ... }: {
|
{ inputs, ... }:
|
||||||
|
{
|
||||||
hardware = {
|
hardware = {
|
||||||
az-raspi4-ethernet = {
|
az-raspi4-ethernet = {
|
||||||
enable = true;
|
enable = true;
|
||||||
|
@ -24,5 +25,4 @@
|
||||||
az-nix-direnv.enable = true;
|
az-nix-direnv.enable = true;
|
||||||
az-restic-management.enable = true;
|
az-restic-management.enable = true;
|
||||||
};
|
};
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
Some files were not shown because too many files have changed in this diff Show More
Loading…
Reference in New Issue