kopatz/nix-config
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

format

Browse Source
This commit is contained in:
Kopatz
2025-03-18 16:27:20 +01:00
parent 923ab37209
commit cc32af7b80
131 changed files with 2383 additions and 2224 deletions
Download Patch File Download Diff File Expand all files Collapse all files

178
modules/misc/backup.nix
View File

@@ -4,75 +4,77 @@ let
cfg = config.custom.misc.backup;
in
{
options.custom.misc.backup = {
enable = mkEnableOption "Enables backup";
small = lib.mkOption {
type = types.listOf types.str;
description = "paths to include in the small backup";
};
medium = lib.mkOption {
type = types.listOf types.str;
default = cfg.small;
description = "paths to include in the medium backup";
};
large = lib.mkOption {
type = types.listOf types.str;
default = cfg.small // cfg.medium;
description = "paths to include in the large backup";
};
excludePaths = lib.mkOption {
type = types.listOf types.str;
default = [ "**/Cache" "**/.cache" "**/__pycache__" "**/node_modules" "**/venv" "*.o" "*.out"];
description = "paths to exclude from the backup";
};
excludePathsRemote = lib.mkOption {
type = types.listOf types.str;
default = cfg.excludePaths ++ [ "**/dont_remotebackup"];
description = "paths to exclude from the remote backup";
};
};
config = let
checkStorageSpace = pkgs.writeShellApplication {
name = "checkBackupStorageSpace";
text = ''
# Check how much space is used by the backup paths
echo "Checking storage space (small) with excluded paths..."
du -sch ${builtins.concatStringsSep " " (map (x: "--exclude=" + x) cfg.excludePaths)} ${builtins.concatStringsSep " " cfg.small}
echo "Checking storage space (small) with excluded paths (remote)..."
du -sch ${builtins.concatStringsSep " " (map (x: "--exclude=" + x) cfg.excludePathsRemote)} ${builtins.concatStringsSep " " cfg.small}
echo "Checking storage space (medium) with excluded paths..."
du -sch ${builtins.concatStringsSep " " (map (x: "--exclude=" + x) cfg.excludePaths)} ${builtins.concatStringsSep " " cfg.medium}
echo "Checking storage space (medium) with excluded paths (remote)..."
du -sch ${builtins.concatStringsSep " " (map (x: "--exclude=" + x) cfg.excludePathsRemote)} ${builtins.concatStringsSep " " cfg.medium}
echo "Checking storage space (full) with excluded paths..."
du -sch ${builtins.concatStringsSep " " (map (x: "--exclude=" + x) cfg.excludePaths)} ${builtins.concatStringsSep " " cfg.large}
echo "Checking storage space (full) with excluded paths (remote)..."
du -sch ${builtins.concatStringsSep " " (map (x: "--exclude=" + x) cfg.excludePathsRemote)} ${builtins.concatStringsSep " " cfg.large}
'';
options.custom.misc.backup = {
enable = mkEnableOption "Enables backup";
small = lib.mkOption {
type = types.listOf types.str;
description = "paths to include in the small backup";
};
medium = lib.mkOption {
type = types.listOf types.str;
default = cfg.small;
description = "paths to include in the medium backup";
};
large = lib.mkOption {
type = types.listOf types.str;
default = cfg.small // cfg.medium;
description = "paths to include in the large backup";
};
excludePaths = lib.mkOption {
type = types.listOf types.str;
default = [ "**/Cache" "**/.cache" "**/__pycache__" "**/node_modules" "**/venv" "*.o" "*.out" ];
description = "paths to exclude from the backup";
};
excludePathsRemote = lib.mkOption {
type = types.listOf types.str;
default = cfg.excludePaths ++ [ "**/dont_remotebackup" ];
description = "paths to exclude from the remote backup";
};
in mkIf cfg.enable {
environment.systemPackages = with pkgs; [ checkStorageSpace ];
age.secrets.restic-pw = {
file = ../../secrets/restic-pw.age;
};
age.secrets.restic-s3 = {
file = ../../secrets/restic-s3.age;
};
age.secrets.restic-gdrive = {
file = ../../secrets/restic-gdrive.age;
};
services.restic = {
backups = {
#localbackup = {
# initialize = true;
# passwordFile = config.age.secrets.restic-pw.path;
# exclude = cfg.excludePaths;
# paths = cfg.large;
# pruneOpts = [ "--keep-daily 7" "--keep-weekly 3" "--keep-monthly 3" "--keep-yearly 3" ];
# repository = "/mnt/2tb/restic";
#};
localbackup-1tb-ssd = {
config =
let
checkStorageSpace = pkgs.writeShellApplication {
name = "checkBackupStorageSpace";
text = ''
# Check how much space is used by the backup paths
echo "Checking storage space (small) with excluded paths..."
du -sch ${builtins.concatStringsSep " " (map (x: "--exclude=" + x) cfg.excludePaths)} ${builtins.concatStringsSep " " cfg.small}
echo "Checking storage space (small) with excluded paths (remote)..."
du -sch ${builtins.concatStringsSep " " (map (x: "--exclude=" + x) cfg.excludePathsRemote)} ${builtins.concatStringsSep " " cfg.small}
echo "Checking storage space (medium) with excluded paths..."
du -sch ${builtins.concatStringsSep " " (map (x: "--exclude=" + x) cfg.excludePaths)} ${builtins.concatStringsSep " " cfg.medium}
echo "Checking storage space (medium) with excluded paths (remote)..."
du -sch ${builtins.concatStringsSep " " (map (x: "--exclude=" + x) cfg.excludePathsRemote)} ${builtins.concatStringsSep " " cfg.medium}
echo "Checking storage space (full) with excluded paths..."
du -sch ${builtins.concatStringsSep " " (map (x: "--exclude=" + x) cfg.excludePaths)} ${builtins.concatStringsSep " " cfg.large}
echo "Checking storage space (full) with excluded paths (remote)..."
du -sch ${builtins.concatStringsSep " " (map (x: "--exclude=" + x) cfg.excludePathsRemote)} ${builtins.concatStringsSep " " cfg.large}
'';
};
in
mkIf cfg.enable {
environment.systemPackages = with pkgs; [ checkStorageSpace ];
age.secrets.restic-pw = {
file = ../../secrets/restic-pw.age;
};
age.secrets.restic-s3 = {
file = ../../secrets/restic-s3.age;
};
age.secrets.restic-gdrive = {
file = ../../secrets/restic-gdrive.age;
};
services.restic = {
backups = {
#localbackup = {
# initialize = true;
# passwordFile = config.age.secrets.restic-pw.path;
# exclude = cfg.excludePaths;
# paths = cfg.large;
# pruneOpts = [ "--keep-daily 7" "--keep-weekly 3" "--keep-monthly 3" "--keep-yearly 3" ];
# repository = "/mnt/2tb/restic";
#};
localbackup-1tb-ssd = {
initialize = true;
passwordFile = config.age.secrets.restic-pw.path;
exclude = cfg.excludePaths;
@@ -83,33 +85,33 @@ in mkIf cfg.enable {
};
pruneOpts = [ "--keep-daily 7" "--keep-weekly 3" "--keep-monthly 3" "--keep-yearly 3" ];
repository = "/1tbssd/restic";
};
#localbackup-1tb = {
# initialize = true;
# passwordFile = config.age.secrets.restic-pw.path;
# exclude = cfg.excludePaths;
# paths = cfg.large;
# repository = "/mnt/1tb/restic";
# pruneOpts = [ "--keep-daily 5" "--keep-weekly 3" "--keep-monthly 3" "--keep-yearly 3" ];
# timerConfig = {
# OnCalendar = "*-*-03,06,09,12,15,18,21,24,27,30 02:00:00";
# Persistent = true;
# };
#};
remotebackup-gdrive = {
};
#localbackup-1tb = {
# initialize = true;
# passwordFile = config.age.secrets.restic-pw.path;
# exclude = cfg.excludePaths;
# paths = cfg.large;
# repository = "/mnt/1tb/restic";
# pruneOpts = [ "--keep-daily 5" "--keep-weekly 3" "--keep-monthly 3" "--keep-yearly 3" ];
# timerConfig = {
# OnCalendar = "*-*-03,06,09,12,15,18,21,24,27,30 02:00:00";
# Persistent = true;
# };
#};
remotebackup-gdrive = {
initialize = true;
passwordFile = config.age.secrets.restic-pw.path;
exclude = cfg.excludePathsRemote;
paths = cfg.medium;
rcloneConfigFile = config.age.secrets.restic-gdrive.path;
rcloneConfigFile = config.age.secrets.restic-gdrive.path;
repository = "rclone:it-experts:backup";
pruneOpts = [ "--keep-daily 5" "--keep-weekly 3" "--keep-monthly 3" "--keep-yearly 3" ];
timerConfig = {
OnCalendar = "*-*-03,06,09,12,15,18,21,24,27,30 02:00:00";
Persistent = true;
OnCalendar = "*-*-03,06,09,12,15,18,21,24,27,30 02:00:00";
Persistent = true;
};
};
remotebackup = {
};
remotebackup = {
initialize = true;
passwordFile = config.age.secrets.restic-pw.path;
environmentFile = config.age.secrets.restic-s3.path;
@@ -121,8 +123,8 @@ in mkIf cfg.enable {
Persistent = true;
};
repository = "s3:s3.us-west-002.backblazeb2.com/kop-bucket";
};
};
};
};
};
};
}

4
modules/misc/btrfs.nix
View File

@@ -1,4 +1,4 @@
{config, lib, ...}:
{ config, lib, ... }:
with lib;
let
cfg = config.custom.misc.btrfs;
@@ -7,7 +7,7 @@ in
options.custom.misc.btrfs = {
enable = mkEnableOption "Enables btrfs scrubbing";
};
config = mkIf cfg.enable {
services.btrfs.autoScrub.enable = true;
};

154
modules/misc/cli-tools.nix
View File

@@ -4,83 +4,85 @@ let cfg = config.custom.cli-tools;
in {
options.custom.cli-tools = { enable = mkEnableOption "Enables cli-tools"; };
config = let
getTotalPowerUsed = pkgs.writeShellScriptBin "total-power" ''
echo "$(sudo cat /sys/class/powercap/*/energy_uj | awk 'BEGIN { sum = 0; } { sum += $1; } END { print sum; }' "$@") / 1000000" | bc | xargs -I _ echo "_ W"
'';
watchCurrentPowerUsed = pkgs.writeShellScriptBin "watch-current-power" ''
function getCurrentPowerUsed() {
local energy_uj=$(sudo cat $energy_path | awk 'BEGIN { sum = 0; } { sum += $1; } END { print sum; }' "$@")
echo "scale=2; $energy_uj / 1000000" | bc
}
config =
let
getTotalPowerUsed = pkgs.writeShellScriptBin "total-power" ''
echo "$(sudo cat /sys/class/powercap/*/energy_uj | awk 'BEGIN { sum = 0; } { sum += $1; } END { print sum; }' "$@") / 1000000" | bc | xargs -I _ echo "_ W"
'';
watchCurrentPowerUsed = pkgs.writeShellScriptBin "watch-current-power" ''
function getCurrentPowerUsed() {
local energy_uj=$(sudo cat $energy_path | awk 'BEGIN { sum = 0; } { sum += $1; } END { print sum; }' "$@")
echo "scale=2; $energy_uj / 1000000" | bc
}
energy_path=$(grep package /sys/class/powercap/*/name | sed 's/name.*$/energy_uj/')
power_prev=0
power_curr=$(getCurrentPowerUsed)
while true; do
power_prev=$power_curr
sleep 1
energy_path=$(grep package /sys/class/powercap/*/name | sed 's/name.*$/energy_uj/')
power_prev=0
power_curr=$(getCurrentPowerUsed)
echo "scale=2; ($power_curr - $power_prev) / 1" | bc | xargs -I _ echo "_ W"
done
'';
in mkIf cfg.enable {
environment.systemPackages = with pkgs; [
getTotalPowerUsed
watchCurrentPowerUsed
(if lib.versionOlder lib.version "25.05" then
while true; do
power_prev=$power_curr
sleep 1
power_curr=$(getCurrentPowerUsed)
echo "scale=2; ($power_curr - $power_prev) / 1" | bc | xargs -I _ echo "_ W"
done
'';
in
mkIf cfg.enable {
environment.systemPackages = with pkgs; [
getTotalPowerUsed
watchCurrentPowerUsed
(if lib.versionOlder lib.version "25.05" then
wget
else
powerjoular) # monitor power usage
fzf # fuzzy finder
bat # fancy cat
fd # nicer find
duf # nicer du
eza # nicer ls
ripgrep # faster grep
gdu
wget
else
powerjoular) # monitor power usage
fzf # fuzzy finder
bat # fancy cat
fd # nicer find
duf # nicer du
eza # nicer ls
ripgrep # faster grep
gdu
wget
pciutils
rippkgs # faster nixpkgs search, init with `rippkgs-index nixpkgs && mv rippkgs-index.sqlite ~/.local/share/`;
nixos-option
btop
git
gh # github
killall
xclip
usbutils
inputs.agenix.packages."x86_64-linux".default
fastfetch
pdfgrep
glxinfo
vulkan-tools
ffmpeg
nethogs
dig
smartmontools
bc
xxd
tldr
file
unzip
lsof
lshw
screen
tmux
fatrace # monitor filesystem events
nh
nix-output-monitor # nom
nvd # nix diff, example: nvd diff /nix/var/nix/profiles/system-389-link /nix/var/nix/profiles/system-390-link
compsize
trashy # move files to trash
shell-gpt
libheif # convert heic to jpg with `heif-convert something.heic something.jpg`
imagemagick # convert images
tree
kop-newproject # creates a shell.nix and .envrc
nix-tree # show nix derivations
binwalk # show what's inside a binary
iotop
];
};
pciutils
rippkgs # faster nixpkgs search, init with `rippkgs-index nixpkgs && mv rippkgs-index.sqlite ~/.local/share/`;
nixos-option
btop
git
gh # github
killall
xclip
usbutils
inputs.agenix.packages."x86_64-linux".default
fastfetch
pdfgrep
glxinfo
vulkan-tools
ffmpeg
nethogs
dig
smartmontools
bc
xxd
tldr
file
unzip
lsof
lshw
screen
tmux
fatrace # monitor filesystem events
nh
nix-output-monitor # nom
nvd # nix diff, example: nvd diff /nix/var/nix/profiles/system-389-link /nix/var/nix/profiles/system-390-link
compsize
trashy # move files to trash
shell-gpt
libheif # convert heic to jpg with `heif-convert something.heic something.jpg`
imagemagick # convert images
tree
kop-newproject # creates a shell.nix and .envrc
nix-tree # show nix derivations
binwalk # show what's inside a binary
iotop
];
};
}

2
modules/misc/default.nix
View File

@@ -1,4 +1,4 @@
{ pkgs, config, ...}:
{ pkgs, config, ... }:
{
imports = [
./packages-list.nix

2
modules/misc/docker.nix
View File

@@ -11,7 +11,7 @@ in
virtualisation.docker.enable = true;
virtualisation.docker.daemon.settings = { ip = "127.0.0.1"; };
environment.systemPackages = with pkgs; [
docker-compose
docker-compose
];
hardware.nvidia-container-toolkit.enable = lib.mkIf config.custom.hardware.nvidia.enable true;
};

2
modules/misc/faster-boot-time.nix
View File

@@ -1,4 +1,4 @@
{ lib, pkgs, config, ... }: {
{ lib, pkgs, config, ... }: {
# before: Startup finished in 18.830s (firmware) + 5.844s (loader) + 4.422s (kernel) + 7.616s (userspace) = 36.713s
# after: Startup finished in 14.115s (firmware) + 789ms (loader) + 4.312s (kernel) + 5.777s (userspace) = 24.995s
systemd = {

18
modules/misc/nftables.nix
View File

@@ -1,15 +1,15 @@
{config, lib, ...}:
{ config, lib, ... }:
with lib;
let
cfg = config.custom.nftables;
cfg = config.custom.nftables;
in
{
options.custom.nftables = {
enable = mkEnableOption "Enables nftables";
};
config = mkIf cfg.enable {
networking.nftables.enable = true;
};
options.custom.nftables = {
enable = mkEnableOption "Enables nftables";
};
config = mkIf cfg.enable {
networking.nftables.enable = true;
};
}

14
modules/misc/packages-list.nix
View File

@@ -1,8 +1,10 @@
{ config, pkgs, ... }: {
environment.etc."current-system-packages".text = let
packages = builtins.map (p: "${p.name}") config.environment.systemPackages;
sortedUnique =
builtins.sort builtins.lessThan (pkgs.lib.lists.unique packages);
formatted = builtins.concatStringsSep "\n" sortedUnique;
in formatted;
environment.etc."current-system-packages".text =
let
packages = builtins.map (p: "${p.name}") config.environment.systemPackages;
sortedUnique =
builtins.sort builtins.lessThan (pkgs.lib.lists.unique packages);
formatted = builtins.concatStringsSep "\n" sortedUnique;
in
formatted;
}

39
modules/misc/static-ip.nix
View File

@@ -22,27 +22,28 @@ in {
description = "Default gateway";
};
};
config = let fallback = "1.1.1.1";
in mkIf cfg.enable {
networking = {
defaultGateway = cfg.gateway;
useDHCP = false;
nameservers = [ cfg.dns ]
++ lib.lists.optionals (!config.services.resolved.enable) [ fallback ];
interfaces = {
${cfg.interface} = {
name = "eth0";
ipv4.addresses = [{
address = cfg.ip;
prefixLength = 24;
}];
config =
let fallback = "1.1.1.1";
in mkIf cfg.enable {
networking = {
defaultGateway = cfg.gateway;
useDHCP = false;
nameservers = [ cfg.dns ]
++ lib.lists.optionals (!config.services.resolved.enable) [ fallback ];
interfaces = {
${cfg.interface} = {
name = "eth0";
ipv4.addresses = [{
address = cfg.ip;
prefixLength = 24;
}];
};
};
};
};
services.resolved = lib.mkIf config.services.resolved.enable {
llmnr = "false";
fallbackDns = [ "1.1.1.1" ];
services.resolved = lib.mkIf config.services.resolved.enable {
llmnr = "false";
fallbackDns = [ "1.1.1.1" ];
};
};
};
}

18
modules/misc/tmpfs.nix
View File

@@ -1,15 +1,15 @@
{config, lib, ...}:
{ config, lib, ... }:
with lib;
let
cfg = config.custom.tmpfs;
cfg = config.custom.tmpfs;
in
{
options.custom.tmpfs = {
enable = mkEnableOption "Enables tmpfs";
};
config = mkIf cfg.enable {
boot.tmp.useTmpfs = true;
};
options.custom.tmpfs = {
enable = mkEnableOption "Enables tmpfs";
};
config = mkIf cfg.enable {
boot.tmp.useTmpfs = true;
};
}

24
modules/misc/wireshark.nix
View File

@@ -1,18 +1,18 @@
{lib, config, pkgs, ... }:
{ lib, config, pkgs, ... }:
with lib;
let
cfg = config.custom.wireshark;
cfg = config.custom.wireshark;
in
{
options.custom.wireshark = {
enable = mkEnableOption "Enables wireshark";
};
config = mkIf cfg.enable {
programs.wireshark.enable = true;
programs.wireshark.package = pkgs.wireshark;
users.users.${config.mainUser.name}.extraGroups = [ "wireshark" ];
};
options.custom.wireshark = {
enable = mkEnableOption "Enables wireshark";
};
config = mkIf cfg.enable {
programs.wireshark.enable = true;
programs.wireshark.package = pkgs.wireshark;
users.users.${config.mainUser.name}.extraGroups = [ "wireshark" ];
};
}