kopatz/nix-config
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge branch 'master' of github.com:Kropatz/dotfiles

Browse Source
This commit is contained in:
Kopatz
2023-12-09 16:55:35 +01:00
parent ab2c602622 1505badeeb
commit 81e4ffb1cc
15 changed files with 108 additions and 40 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
flake.nix
View File

@@ -102,6 +102,7 @@
./modules/graphical/plasma.nix ./modules/graphical/plasma.nix
./modules/graphical/hyprland.nix ./modules/graphical/hyprland.nix
./modules/graphical/emulators.nix ./modules/graphical/emulators.nix
./modules/graphical/gamemode.nix
./modules/graphical/shared.nix ./modules/graphical/shared.nix
./modules/hardware/nvidia.nix ./modules/hardware/nvidia.nix
./modules/hardware/ssd.nix ./modules/hardware/ssd.nix

20
modules/adguard.nix
View File

@@ -39,7 +39,7 @@ in
"answer" = ip; "answer" = ip;
} }
{ {
"domain" = "server.local"; "domain" = "server.home.arpa";
"answer" = ip; "answer" = ip;
} }
{ {
@@ -47,39 +47,39 @@ in
"answer" = ip; "answer" = ip;
} }
{ {
"domain" = "adguard.local"; "domain" = "adguard.home.arpa";
"answer" = ip; "answer" = ip;
} }
{ {
"domain" = "nextcloud.local"; "domain" = "nextcloud.home.arpa";
"answer" = ip; "answer" = ip;
} }
{ {
"domain" = "kavita.local"; "domain" = "kavita.home.arpa";
"answer" = ip; "answer" = ip;
} }
{ {
"domain" = "yt.local"; "domain" = "yt.home.arpa";
"answer" = ip; "answer" = ip;
} }
{ {
"domain" = "nextcloud.local"; "domain" = "nextcloud.home.arpa";
"answer" = wireguardIp; "answer" = wireguardIp;
} }
{ {
"domain" = "kavita.local"; "domain" = "kavita.home.arpa";
"answer" = wireguardIp; "answer" = wireguardIp;
} }
{ {
"domain" = "yt.local"; "domain" = "yt.home.arpa";
"answer" = wireguardIp; "answer" = wireguardIp;
} }
{ {
"domain" = "turnserver.local"; "domain" = "turnserver.home.arpa";
"answer" = wireguardIp; "answer" = wireguardIp;
} }
{ {
"domain" = "inverter.local"; "domain" = "inverter.home.arpa";
"answer" = "192.168.0.9"; "answer" = "192.168.0.9";
} }
]; ];

17
modules/backup.nix
View File

@@ -37,10 +37,10 @@
passwordFile = config.age.secrets.restic-pw.path; passwordFile = config.age.secrets.restic-pw.path;
paths = [ paths = [
"/home" "/home"
"/var/backup/postgresql" "/var/backup/postgresql"
"/mnt/250ssd/matrix-synapse/media_store/" "/mnt/250ssd/matrix-synapse/media_store/"
"/mnt/250ssd/nextcloud" "/mnt/250ssd/nextcloud"
"/mnt/250ssd/paperless" "/mnt/250ssd/paperless"
"/mnt/250ssd/kavita" "/mnt/250ssd/kavita"
]; ];
exclude = [ exclude = [
@@ -62,10 +62,10 @@
passwordFile = config.age.secrets.restic-pw.path; passwordFile = config.age.secrets.restic-pw.path;
paths = [ paths = [
"/home" "/home"
"/var/backup/postgresql" "/var/backup/postgresql"
"/mnt/250ssd/matrix-synapse/media_store/" "/mnt/250ssd/matrix-synapse/media_store/"
"/mnt/250ssd/nextcloud" "/mnt/250ssd/nextcloud"
"/mnt/250ssd/paperless" "/mnt/250ssd/paperless"
]; ];
exclude = [ exclude = [
"/home/**/Cache" "/home/**/Cache"
@@ -97,6 +97,7 @@
environmentFile = config.age.secrets.restic-s3.path; environmentFile = config.age.secrets.restic-s3.path;
paths = [ paths = [
"/home" "/home"
"/var/backup/postgresql"
]; ];
pruneOpts = [ "--keep-daily 5" "--keep-weekly 5" "--keep-monthly 12" "--keep-yearly 75" ]; pruneOpts = [ "--keep-daily 5" "--keep-weekly 5" "--keep-monthly 12" "--keep-yearly 75" ];
timerConfig = { timerConfig = {

11
modules/graphical/gamemode.nix Normal file
View File

@@ -0,0 +1,11 @@
{ config, lib, pkgs, ... }:
{
programs.gamemode = {
enable = true;
settings.custom = {
start = "${pkgs.libnotify}/bin/notify-send 'GameMode started'";
end = "${pkgs.libnotify}/bin/notify-send 'GameMode ended'";
};
};
}

35
modules/graphical/hyprland.nix
View File

@@ -176,9 +176,11 @@ in
konsole = "${pkgs.konsole}/bin/konsole"; konsole = "${pkgs.konsole}/bin/konsole";
thunar = "${pkgs.xfce.thunar}/bin/thunar"; thunar = "${pkgs.xfce.thunar}/bin/thunar";
wl-copy = "${pkgs.wl-clipboard}/bin/wl-copy"; wl-copy = "${pkgs.wl-clipboard}/bin/wl-copy";
wl-paste = "${pkgs.wl-clipboard}/bin/wl-paste";
grim = "${pkgs.grim}/bin/grim"; grim = "${pkgs.grim}/bin/grim";
slurp = "${pkgs.slurp}/bin/slurp"; slurp = "${pkgs.slurp}/bin/slurp";
swww = "${pkgs.swww}/bin/swww"; swww = "${pkgs.swww}/bin/swww";
pdfgrep = "${pkgs.pdfgrep}/bin/pdfgrep";
in [ in [
"$mainMod, Q, exec, ${konsole}" "$mainMod, Q, exec, ${konsole}"
"$mainMod, C, killactive" "$mainMod, C, killactive"
@@ -186,10 +188,12 @@ in
"$mainMod, E, exec, ${thunar}" "$mainMod, E, exec, ${thunar}"
"$mainMod, V, togglefloating" "$mainMod, V, togglefloating"
"$mainMod, I, exec, ${rofi} -show drun -show-icons" "$mainMod, I, exec, ${rofi} -show drun -show-icons"
"$mainMod, S, exec, cat ~/songs | shuf -n 1 | sed \"s/^/b\.p /g\" | ${wl-copy}" "$mainMod, S, exec, cat ~/songs | shuf -n 0 | sed \"s/^/b\.p /g\" | ${wl-copy}"
"$mainMod, R, exec, ${swww} img $(ls -d ~/Nextcloud/dinge/Bg/* | shuf -n 1)" "$mainMod, R, exec, ${swww} img $(ls -d ~/Nextcloud/dinge/Bg/* | shuf -n 1)"
" , Print, exec, ${grim} -g \"$(${slurp} -d)\" - | ${wl-copy}" " , Print, exec, ${grim} -g \"$(${slurp} -d)\" - | ${wl-copy}"
"ALT, SPACE, exec, ${rofi} -show combi" "ALT, SPACE, exec, ${rofi} -show combi"
#"$mainMod, G, exec, ${wl-paste} | grep -C 10 -f - ~/Nextcloud/old_gdrive/fh/risikomanagement/crisam.txt | sed 's/^[ \\t]*//' | sed 's/[ \\t]*$//' | ${wl-copy}"
"$mainMod, P, pseudo" # dwindle "$mainMod, P, pseudo" # dwindle
"$mainMod, J, togglesplit" # dwindle "$mainMod, J, togglesplit" # dwindle
# Move focus with mainMod + arrow keys # Move focus with mainMod + arrow keys
@@ -263,6 +267,35 @@ in
"${pkgs.dunst}/bin/dunst &" "${pkgs.dunst}/bin/dunst &"
]; ];
}; };
extraConfig = let
wl-copy = "${pkgs.wl-clipboard}/bin/wl-copy";
wl-paste = "${pkgs.wl-clipboard}/bin/wl-paste";
in ''
bind = $mainMod, A, submap, notes
submap = notes
# below
bind = $mainMod, B, exec, ${wl-paste} | grep -B 15 -i -f - ~/Nextcloud/old_gdrive/fh/risikomanagement/crisam.txt | sed 's/[ \t]*$//' | ${wl-copy}
# above
bind = $mainMod, A, exec, ${wl-paste} | grep -A 15 -i -f - ~/Nextcloud/old_gdrive/fh/risikomanagement/crisam.txt | sed 's/[ \t]*$//' | ${wl-copy}
# context
bind = $mainMod, C, exec, ${wl-paste} | grep -C 15 -i -f - ~/Nextcloud/old_gdrive/fh/risikomanagement/crisam.txt | sed 's/[ \t]*$//' | ${wl-copy}
# trim
bind = $mainMod, T, exec, ${wl-paste} | sed 's/[ \t]*$//' | sed 's/^[ \t]*//' | ${wl-copy}
# notes
bind = $mainMod, 1, exec, cat ~/Nextcloud/old_gdrive/fh/risikomanagement/1.txt | ${wl-copy}
bind = $mainMod, 2, exec, cat ~/Nextcloud/old_gdrive/fh/risikomanagement/2.txt | ${wl-copy}
bind = $mainMod, 3, exec, cat ~/Nextcloud/old_gdrive/fh/risikomanagement/3.txt | ${wl-copy}
bind = $mainMod, 4, exec, cat ~/Nextcloud/old_gdrive/fh/risikomanagement/4.txt | ${wl-copy}
bind = $mainMod, 5, exec, cat ~/Nextcloud/old_gdrive/fh/risikomanagement/5.txt | ${wl-copy}
bind = $mainMod, 6, exec, cat ~/Nextcloud/old_gdrive/fh/risikomanagement/6.txt | ${wl-copy}
bind = $mainMod, 7, exec, cat ~/Nextcloud/old_gdrive/fh/risikomanagement/7.txt | ${wl-copy}
bind = $mainMod, 8, exec, cat ~/Nextcloud/old_gdrive/fh/risikomanagement/8.txt | ${wl-copy}
bind = $mainMod, 0, exec, cat ~/Nextcloud/old_gdrive/fh/risikomanagement/0.txt | ${wl-copy}
bind = , escape, submap, reset
submap = reset
'';
}; };
programs.waybar = { programs.waybar = {
enable = true; enable = true;

1
modules/graphical/shared.nix
View File

@@ -10,6 +10,7 @@ in
enable = true; enable = true;
remotePlay.openFirewall = true; # Open ports in the firewall for Steam Remote Play remotePlay.openFirewall = true; # Open ports in the firewall for Steam Remote Play
dedicatedServer.openFirewall = true; # Open ports in the firewall for Source Dedicated Server dedicatedServer.openFirewall = true; # Open ports in the firewall for Source Dedicated Server
gamescopeSession.enable = true;
}; };
programs.kdeconnect.enable = true; programs.kdeconnect.enable = true;

2
modules/hardware/nvidia.nix
View File

@@ -28,6 +28,6 @@
# accessible via `nvidia-settings`. # accessible via `nvidia-settings`.
nvidiaSettings = true; nvidiaSettings = true;
# Optionally, you may need to select the appropriate driver version for your specific GPU. # Optionally, you may need to select the appropriate driver version for your specific GPU.
package = config.boot.kernelPackages.nvidiaPackages.production; package = config.boot.kernelPackages.nvidiaPackages.beta;
}; };
} }

4
modules/invidious.nix
View File

@@ -1,6 +1,6 @@
{ config, vars, ...} : { config, vars, ...} :
let let
fqdn = "yt.local"; fqdn = "yt.home.arpa";
useHttps = config.services.step-ca.enable; useHttps = config.services.step-ca.enable;
in in
{ {
@@ -53,6 +53,8 @@ in
services.nginx.virtualHosts."${fqdn}" = { services.nginx.virtualHosts."${fqdn}" = {
forceSSL = useHttps; forceSSL = useHttps;
enableACME = useHttps; enableACME = useHttps;
quic = useHttps;
http3 = useHttps;
locations."/" = { locations."/" = {
recommendedProxySettings = true; recommendedProxySettings = true;
proxyPass = "http://127.0.0.1:8007"; proxyPass = "http://127.0.0.1:8007";

4
modules/kavita.nix
View File

@@ -1,6 +1,6 @@
{ config, pkgs, lib, inputs, ... }: { config, pkgs, lib, inputs, ... }:
let let
fqdn = "kavita.local"; fqdn = "kavita.home.arpa";
useHttps = config.services.step-ca.enable; useHttps = config.services.step-ca.enable;
in in
{ {
@@ -36,6 +36,8 @@ in
services.nginx.virtualHosts."${fqdn}" = { services.nginx.virtualHosts."${fqdn}" = {
forceSSL = useHttps; forceSSL = useHttps;
enableACME = useHttps; enableACME = useHttps;
quic = useHttps;
http3 = useHttps;
locations."/".proxyPass = "http://127.0.0.1:5000"; locations."/".proxyPass = "http://127.0.0.1:5000";
locations."/".extraConfig = '' locations."/".extraConfig = ''
add_header Access-Control-Allow-Origin *; add_header Access-Control-Allow-Origin *;

6
modules/nextcloud.nix
View File

@@ -1,7 +1,7 @@
{ config, pkgs, lib, inputs, vars, ... }: { config, pkgs, lib, inputs, vars, ... }:
let let
wireguardIp = vars.wireguardIp; wireguardIp = vars.wireguardIp;
fqdn = "nextcloud.local"; fqdn = "nextcloud.home.arpa";
useHttps = config.services.step-ca.enable; useHttps = config.services.step-ca.enable;
in in
{ {
@@ -41,11 +41,11 @@ in
enable = true; enable = true;
package = pkgs.nextcloud27; package = pkgs.nextcloud27;
https = true; https = true;
hostName = "nextcloud.local"; hostName = "nextcloud.home.arpa";
config.adminpassFile = config.age.secrets.nextcloud-admin.path; config.adminpassFile = config.age.secrets.nextcloud-admin.path;
config.dbtype = "pgsql"; config.dbtype = "pgsql";
database.createLocally = true; database.createLocally = true;
config.extraTrustedDomains = [ wireguardIp ]; config.extraTrustedDomains = [ wireguardIp "nextcloud.home.arpa" ];
home = "/mnt/250ssd/nextcloud"; home = "/mnt/250ssd/nextcloud";
extraApps = with config.services.nextcloud.package.packages.apps; { extraApps = with config.services.nextcloud.package.packages.apps; {
inherit keeweb onlyoffice calendar mail; inherit keeweb onlyoffice calendar mail;

23
modules/nginx.nix
View File

@@ -1,5 +1,7 @@
{ pkgs, ... }:
{ {
networking.firewall.allowedTCPPorts = [ 80 443 ]; networking.firewall.allowedTCPPorts = [ 80 443 ];
networking.firewall.allowedUDPPorts = [ 80 443 ];
systemd.tmpfiles.rules = [ systemd.tmpfiles.rules = [
"d /data 0770 github-actions-runner nginx -" "d /data 0770 github-actions-runner nginx -"
@@ -8,6 +10,7 @@
services.nginx = { services.nginx = {
enable = true; enable = true;
package = pkgs.nginxQuic;
# Use recommended settings # Use recommended settings
recommendedGzipSettings = true; recommendedGzipSettings = true;
@@ -24,12 +27,14 @@
#serverAliases = [ #serverAliases = [
# "www.kopatz.ddns.net" # "www.kopatz.ddns.net"
# "server.home" # "server.home"
# "server.local" # "server.home.arpa"
# "192.168.0.6" # "192.168.0.6"
#]; #];
root = "/data/website"; root = "/data/website";
forceSSL = true; forceSSL = true;
enableACME = true; enableACME = true;
quic = true;
http3 = true;
locations."~* \\.(jpg)$".extraConfig= '' locations."~* \\.(jpg)$".extraConfig= ''
add_header Access-Control-Allow-Origin *; add_header Access-Control-Allow-Origin *;
''; '';
@@ -43,19 +48,15 @@
proxy_set_header X-NginX-Proxy true; proxy_set_header X-NginX-Proxy true;
proxy_pass http://localhost:5091; proxy_pass http://localhost:5091;
''; '';
locations."/tracker-site" = { locations."/tracker-site" = {
tryFiles = "$uri $uri/ /tracker-site/index.html =404"; tryFiles = "$uri $uri/ /tracker-site/index.html =404";
}; };
locations."/tracker-site/api" = { locations."/tracker-site/api" = {
extraConfig ='' extraConfig =''
rewrite /tracker-site/api/(.*) /$1 break; rewrite /tracker-site/api/(.*) /$1 break;
''; '';
proxyPass = "http://127.0.0.1:8080"; proxyPass = "http://127.0.0.1:8080";
}; };
#locations."~/books(.*)$" = {
# proxyPass = "http://127.0.0.1:5000";
#};
}; };
#discord bot for tracking useractivity public version #discord bot for tracking useractivity public version
"activitytracker.site" = { "activitytracker.site" = {
@@ -65,6 +66,8 @@
root = "/data/website/tracker-site-public"; root = "/data/website/tracker-site-public";
forceSSL = true; forceSSL = true;
enableACME = true; enableACME = true;
quic = true;
http3 = true;
locations."/" = { locations."/" = {
tryFiles = "$uri $uri/ /index.html =404"; tryFiles = "$uri $uri/ /index.html =404";
}; };
@@ -75,10 +78,10 @@
proxyPass = "http://127.0.0.1:8081"; proxyPass = "http://127.0.0.1:8081";
}; };
}; };
"adguard.local" = { "adguard.home.arpa" = {
locations."/".proxyPass = "http://127.0.0.1:3000"; locations."/".proxyPass = "http://127.0.0.1:3000";
}; };
"kavita.local" = { "kavita.home.arpa" = {
locations."/".proxyPass = "http://127.0.0.1:5000"; locations."/".proxyPass = "http://127.0.0.1:5000";
locations."/".extraConfig = '' locations."/".extraConfig = ''
add_header Access-Control-Allow-Origin *; add_header Access-Control-Allow-Origin *;

5
modules/postgres.nix
View File

@@ -3,8 +3,9 @@
services.postgresql = { services.postgresql = {
enable = true; enable = true;
authentication = pkgs.lib.mkOverride 10 '' authentication = pkgs.lib.mkOverride 10 ''
#type database DBuser auth-method optional_ident_map #type database DBuser auth-method optional_ident_map
local sameuser all peer map=superuser_map local sameuser all peer map=superuser_map
local all postgres peer
''; '';
identMap = '' identMap = ''
# ArbitraryMapName systemUser DBUser # ArbitraryMapName systemUser DBUser

2
modules/step-ca.nix
View File

@@ -49,7 +49,7 @@ in
port = 8443; port = 8443;
intermediatePasswordFile = config.age.secrets.step-ca-pw.path; intermediatePasswordFile = config.age.secrets.step-ca-pw.path;
settings = { settings = {
dnsNames = [ "localhost" "127.0.0.1" "*.local" ]; dnsNames = [ "localhost" "127.0.0.1" "*.home.arpa" ];
root = pkgs.writeTextFile { root = pkgs.writeTextFile {
name = "root.ca"; name = "root.ca";
text = root_ca; text = root_ca;

4
systems/pc/configuration.nix
View File

@@ -81,8 +81,8 @@
# services.xserver.libinput.enable = true; # services.xserver.libinput.enable = true;
# Enable automatic login for the user. # Enable automatic login for the user.
services.xserver.displayManager.autoLogin.enable = true; #services.xserver.displayManager.autoLogin.enable = true;
services.xserver.displayManager.autoLogin.user = "kopatz"; #services.xserver.displayManager.autoLogin.user = "kopatz";
# Allow unfree packages # Allow unfree packages
nixpkgs.config.allowUnfree = true; nixpkgs.config.allowUnfree = true;

13
users/kopatz.nix
View File

@@ -51,6 +51,19 @@ in
enableZshIntegration = true; enableZshIntegration = true;
nix-direnv.enable = true; nix-direnv.enable = true;
}; };
programs.lf = {
enable = true;
previewer.source = pkgs.writeShellScript "pv.sh" ''
#!/bin/sh
case "$(${pkgs.file}/bin/file -Lb --mime-type -- "$1")" in
#image/*|video/*) ${pkgs.chafa}/bin/chafa -f sixel -s "$2x$3" --animate false $1;;
application/x-tar) tar tf "$1";;
application/vnd.rar) ${pkgs.p7zip}/bin/7z l "$1";;
application/x-7z-compressed) ${pkgs.p7zip}/bin/7z l "$1";;
*) ${pkgs.ctpv}/bin/ctpv "$1";;
esac
'';
};
home.stateVersion = "23.05"; home.stateVersion = "23.05";
}; };
}; };