diff --git a/modules/graphical/i3.nix b/modules/graphical/i3.nix index bcf6114..edb0811 100644 --- a/modules/graphical/i3.nix +++ b/modules/graphical/i3.nix @@ -24,9 +24,7 @@ in { }; services = { - displayManager = { - defaultSession = "none+i3"; - }; + displayManager = { defaultSession = "none+i3"; }; xserver = { enable = true; @@ -46,6 +44,24 @@ in { }; }; + security.polkit.enable = true; + systemd = { + user.services.polkit-gnome-authentication-agent-1 = { + description = "polkit-gnome-authentication-agent-1"; + wantedBy = [ "graphical-session.target" ]; + wants = [ "graphical-session.target" ]; + after = [ "graphical-session.target" ]; + serviceConfig = { + Type = "simple"; + ExecStart = + "${pkgs.polkit_gnome}/libexec/polkit-gnome-authentication-agent-1"; + Restart = "on-failure"; + RestartSec = 1; + TimeoutStopSec = 10; + }; + }; + }; + environment.systemPackages = with pkgs; [ picom # compositor rofi # application diff --git a/modules/hardware/nvidia.nix b/modules/hardware/nvidia.nix index 0358c11..4b7fe57 100644 --- a/modules/hardware/nvidia.nix +++ b/modules/hardware/nvidia.nix @@ -10,7 +10,7 @@ in { # Enable OpenGL hardware.graphics = { enable = true; - driSupport32Bit = true; + enable32Bit = true; }; services.xserver.videoDrivers = [ "nvidia" ]; diff --git a/modules/services/default.nix b/modules/services/default.nix index d8718cb..8d48d9c 100644 --- a/modules/services/default.nix +++ b/modules/services/default.nix @@ -17,5 +17,6 @@ ./kop-fileshare.nix ./adam-site.nix ./plausible.nix + ./syncthing.nix ]; } diff --git a/modules/services/syncthing.nix b/modules/services/syncthing.nix index 7efe876..1bfed1f 100644 --- a/modules/services/syncthing.nix +++ b/modules/services/syncthing.nix @@ -1,87 +1,103 @@ -{ config, pkgs, lib, ... }: -let basePath = "/synced"; +{ config, pkgs, lib, inputs, ... }: +let cfg = config.custom.services.syncthing; in { - systemd.tmpfiles.rules = - [ "d ${basePath} 0700 ${config.mainUser.name} users -" ]; - - # check device id: syncthing cli --gui-address=/synced/gui-socket --gui-apikey= show system - environment.systemPackages = with pkgs; [ syncthing ]; - - services.syncthing = { - enable = true; - dataDir = basePath; - user = config.mainUser.name; - group = "users"; - guiAddress = "${basePath}/gui-socket"; - overrideDevices = true; - overrideFolders = true; - - settings = { - options.urAccepted = -1; - options.relaysEnabled = false; - options.globalAnnounceEnabled = false; - options.crashReportingEnabled = false; - - devices = { - kop-pc = { - id = - "DZKIUS7-WCGTYEV-4OKVSZU-MIVL2NC-N45AKZL-ABT3VN2-I7RXUMF-RF4CYAU"; - addresses = [ "tcp://192.168.0.11" ]; - }; - server = { - id = - "HZUUQEQ-JOKYHTU-AVFVC3U-7KUAXVC-QY3OJTF-HGU7RZ3-5HA5TOE-VT4FNQB"; - addresses = [ "tcp://192.168.0.6" "tcp://192.168.2.1" ]; - }; - mini-pc = { - id = - "NKRWOR6-2YNLVY5-GH6TG7T-V3M4VHD-OFS4XR3-Q45CALD-JVSIBKU-JZBGRQ3"; - addresses = [ "tcp://192.168.0.10" "tcp://192.168.2.1" ]; - }; - mini-pc-proxmox = { - id = - "FK3DW4B-6Y7C25O-IDBSOMV-GOUSWZW-KQR7ELS-QUKS4UR-AFZXLZE-67QJXAX"; - addresses = [ "tcp://192.168.0.10" "tcp://192.168.2.1" ]; - }; - laptop = { - id = - "5T6Y3WO-FOQYYFQ-5MLNDSZ-7APIDUG-6KM2ZZM-RTRXMWX-MCZKLMH-BYNDJAQ"; - addresses = [ "tcp://192.168.2.22" ]; - }; - phone = { - id = - "XFQ7MV6-MKBYQXH-WGYVQUB-BYJJPFJ-HJTNZEP-PXWAMYY-DMADWSU-PQOTVAI"; - addresses = [ "tcp://192.168.0.15" "tcp://192.168.2.20" ]; - }; - }; - folders."default" = { - id = "default"; - path = "${basePath}/default"; - devices = - [ "kop-pc" "server" "laptop" "mini-pc" "mini-pc-proxmox" "phone" ]; - ignorePerms = false; - }; - - folders."books" = { - id = "books"; - path = "${basePath}/books"; - devices = [ "kop-pc" "server" "laptop" "mini-pc" "mini-pc-proxmox" ]; - }; - - folders."fh" = { - id = "fh"; - path = "${basePath}/fh"; - devices = [ "kop-pc" "server" "laptop" "mini-pc" "mini-pc-proxmox" ]; - }; - - folders."work_drive" = { - id = "work_drive"; - path = "${basePath}/work_drive"; - devices = [ "kop-pc" "server" "laptop" "mini-pc" "mini-pc-proxmox" ]; - }; + options.custom.services.syncthing = { + enable = lib.mkEnableOption "Enables syncthing"; + basePath = lib.mkOption { + type = with lib.types; string; + default = "/synced"; + description = "Base path for syncthing data"; }; }; + config = lib.mkIf cfg.enable { + systemd.tmpfiles.rules = + [ "d ${cfg.basePath} 0700 ${config.mainUser.name} users -" ]; - networking.firewall.allowedTCPPorts = [ 8384 22000 ]; - networking.firewall.allowedUDPPorts = [ 22000 21027 ]; + # check device id: syncthing cli --gui-address=/synced/gui-socket --gui-apikey= show system + environment.systemPackages = with pkgs; [ syncthing ]; + + services.syncthing = { + enable = true; + dataDir = cfg.basePath; + user = config.mainUser.name; + group = "users"; + guiAddress = "${cfg.basePath}/gui-socket"; + overrideDevices = true; + overrideFolders = true; + + settings = { + options.urAccepted = -1; + options.relaysEnabled = false; + options.globalAnnounceEnabled = false; + options.crashReportingEnabled = false; + + devices = { + kop-pc = { + id = + "DZKIUS7-WCGTYEV-4OKVSZU-MIVL2NC-N45AKZL-ABT3VN2-I7RXUMF-RF4CYAU"; + addresses = [ "tcp://192.168.0.11" ]; + }; + server = { + id = + "HZUUQEQ-JOKYHTU-AVFVC3U-7KUAXVC-QY3OJTF-HGU7RZ3-5HA5TOE-VT4FNQB"; + addresses = [ "tcp://192.168.0.6" "tcp://192.168.2.1" ]; + }; + mini-pc = { + id = + "NKRWOR6-2YNLVY5-GH6TG7T-V3M4VHD-OFS4XR3-Q45CALD-JVSIBKU-JZBGRQ3"; + addresses = [ "tcp://192.168.0.10" "tcp://192.168.2.1" ]; + }; + mini-pc-proxmox = { + id = + "FK3DW4B-6Y7C25O-IDBSOMV-GOUSWZW-KQR7ELS-QUKS4UR-AFZXLZE-67QJXAX"; + addresses = [ "tcp://192.168.0.10" "tcp://192.168.2.1" ]; + }; + laptop = { + id = + "5T6Y3WO-FOQYYFQ-5MLNDSZ-7APIDUG-6KM2ZZM-RTRXMWX-MCZKLMH-BYNDJAQ"; + addresses = [ "tcp://192.168.2.22" ]; + }; + phone = { + id = + "XFQ7MV6-MKBYQXH-WGYVQUB-BYJJPFJ-HJTNZEP-PXWAMYY-DMADWSU-PQOTVAI"; + addresses = [ "tcp://192.168.0.15" "tcp://192.168.2.20" ]; + }; + }; + folders."default" = { + id = "default"; + path = "${cfg.basePath}/default"; + devices = + [ "kop-pc" "server" "laptop" "mini-pc" "mini-pc-proxmox" "phone" ]; + ignorePerms = false; + }; + + folders."books" = { + id = "books"; + path = "${cfg.basePath}/books"; + devices = [ "kop-pc" "server" "laptop" "mini-pc" "mini-pc-proxmox" ]; + }; + + folders."fh" = { + id = "fh"; + path = "${cfg.basePath}/fh"; + devices = [ "kop-pc" "server" "laptop" "mini-pc" "mini-pc-proxmox" ]; + }; + + folders."work_drive" = { + id = "work_drive"; + path = "${cfg.basePath}/work_drive"; + devices = [ "kop-pc" "server" "laptop" "mini-pc" "mini-pc-proxmox" ]; + }; + + folders."no_backup" = { + id = "no_backup"; + path = "${cfg.basePath}/no_backup"; + devices = [ "kop-pc" "server" "laptop" "mini-pc" "mini-pc-proxmox" ]; + }; + }; + }; + + networking.firewall.allowedTCPPorts = [ 8384 22000 ]; + networking.firewall.allowedUDPPorts = [ 22000 21027 ]; + }; } diff --git a/systems/mini-pc-proxmox/configuration.nix b/systems/mini-pc-proxmox/configuration.nix index c2a9d99..cc11b22 100644 --- a/systems/mini-pc-proxmox/configuration.nix +++ b/systems/mini-pc-proxmox/configuration.nix @@ -9,7 +9,6 @@ ./hardware-configuration.nix ../../modules/services/ssh.nix ../../modules/services/step-ca.nix - ../../modules/services/syncthing.nix ../../modules/fail2ban.nix ../../modules/logging.nix ../../modules/motd.nix @@ -86,6 +85,10 @@ ip = "192.168.2.1"; }; adguard.enable = true; + syncthing = { + enable = true; + basePath = "/data/synced"; + }; }; nftables.enable = true; cli-tools.enable = true; diff --git a/systems/pc/configuration.nix b/systems/pc/configuration.nix index ac4c523..268a728 100644 --- a/systems/pc/configuration.nix +++ b/systems/pc/configuration.nix @@ -37,6 +37,7 @@ # server = [ "192.168.0.10" ]; #}; misc = { docker.enable = true; }; + services = { syncthing = { enable = true; }; }; hardware = { android.enable = true; nvidia.enable = true; @@ -65,7 +66,7 @@ i3.enable = true; #hyprland.enable = true; #gnome.enable = true; - cosmic.enable = true; + #cosmic.enable = true; shared.enable = true; stylix.enable = true; };