miloignis/nix_config
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: miloignis/nix_config:panam
Branches Tags
miloignis/nix_config:main miloignis/nix_config:panam
...
compare: miloignis/nix_config:12e00be90c47cfade6a334403d3e6c8580fe14e3
Branches Tags
miloignis/nix_config:panam miloignis/nix_config:main

36 Commits
panam ... 12e00be90c

Author SHA1 Message Date
miloignis 12e00be90c updates 2025-01-12 17:32:33 -05:00
miloignis 606855aedd Merge branch 'main' of https://forge.room409.xyz/miloignis/nix_config 2024-08-21 00:42:21 -04:00
miloignis 1eb58fae21 add wayfarer 2024-08-21 00:42:07 -04:00
miloignis 9acd1e0f48 merge 2024-07-26 13:24:36 -04:00
miloignis 4bc99c40d3 upgrade trying to get that sshd fix, I don't think I did... 2024-07-02 00:30:32 -04:00
miloignis d7b6e6b944 Post media moved to 4800h, postgresql upgrade 2024-07-02 00:25:02 -04:00
miloignis 8189ea60fc updates 2024-04-02 11:19:17 -04:00
miloignis e8428e0487 Merge branch 'main' of https://forge.room409.xyz/miloignis/nix_config 2023-12-28 20:50:39 -05:00
miloignis c37126a731 headset tests 2023-12-28 20:49:04 -05:00
miloignis a7029d0f46 Merge branch 'main' of forge.room409.xyz:miloignis/nix_config 2023-12-18 00:45:05 -05:00
miloignis 85050715fc add marcus 2023-12-18 00:45:02 -05:00
miloignis 41b9279bc9 Updates, running jellyfin with fuse 2023-12-18 00:44:23 -05:00
miloignis ea04829c71 better size 2023-11-11 16:46:01 -05:00
miloignis bcc9a7bf6e lotusronin website 2023-11-11 16:40:09 -05:00
miloignis d66a6f9895 Working framework config post bios 2023-11-06 13:03:42 -05:00
miloignis 4b2685f7e1 inital framework 2023-10-18 18:08:08 -04:00
miloignis 275b054746 Setup Sliding-Sync V3! Element X does seem to be a bit early, but still nice 2023-10-13 00:11:52 -04:00
miloignis 90113aa08e Merge branch 'main' of forge.room409.xyz:miloignis/nix_config 2023-09-26 20:11:40 -04:00
miloignis 96a283f505 format old windows partition and mount by default. Gonna use it for Cyberpunk2.0/PhantomLiberty 2023-09-26 20:11:37 -04:00
miloignis d5ac189e66 fix most warnings 2023-09-26 15:16:42 -04:00
miloignis 233f3341bf add waypipe 2023-09-17 18:04:22 -04:00
miloignis 866bd86ea3 Merge branch 'main' of forge.room409.xyz:miloignis/nix_config 2023-09-17 17:21:58 -04:00
miloignis 35e4745ec0 Merge branch 'main' of forge.room409.xyz:miloignis/nix_config 2023-09-17 17:19:41 -04:00
miloignis f169c425ef jellyfin, removing big_disk 2023-09-17 17:19:39 -04:00
miloignis f01eb7d39c update 2023-09-17 17:19:12 -04:00
miloignis 49f4498fa4 updates 2023-09-17 17:14:31 -04:00
miloignis 86516997ec merge 2023-08-01 13:23:14 -04:00
miloignis aeafa5bbe9 reactivate big disk 2023-08-01 13:22:19 -04:00
miloignis b65bc1696b Updates 2023-08-01 13:21:43 -04:00
miloignis 1ce125327d Updates 2023-07-24 23:53:37 -04:00
miloignis 66cca6bc2f add ttyd to vps 2023-04-08 15:30:38 -04:00
miloignis 087a160601 Add font install & config for foot, using recursive for now 2023-03-28 21:34:55 -04:00
miloignis 7ba91ab1a4 Upgrade 2023-03-26 01:33:37 -04:00
miloignis fceb70c5e5 remove old wireguard config 2023-03-14 19:34:21 -04:00
miloignis c344e97678 updates, try glusterfs 2023-03-02 20:09:04 -05:00
miloignis 6fbb14e637 update 2023-02-28 00:08:43 -05:00
6 changed files with 473 additions and 99 deletions
Expand all files Collapse all files
condoserver_activate_flake.sh
+1 -1
View File
@@ -1,3 +1,3 @@
#!/usr/bin/env sh
nixos-rebuild switch --fast --flake .#condoserver --target-host root@192.168.86.21 --build-host root@192.168.86.21
nixos-rebuild switch --fast --flake .#condoserver --target-host root@condoserver.room409.wg.test --build-host root@condoserver.room409.wg.test
flake.lock
Generated
+25 -40
View File
@@ -4,15 +4,14 @@
"inputs": {
"nixpkgs": [
"nixpkgs"
],
"utils": "utils"
]
},
"locked": {
"lastModified": 1676367705,
"narHash": "sha256-un5UbRat9TwruyImtwUGcKF823rCEp4fQxnsaLFL7CM=",
"lastModified": 1735925111,
"narHash": "sha256-/NptDI4njO5hH0ZVQ2yzbvTXmBOabZaGYkjhnMJ37TY=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "da72e6fc6b7dc0c3f94edbd310aae7cd95c678b5",
"rev": "ef64efdbaca99f9960f75efab991e4c49e79a5f1",
"type": "github"
},
"original": {
@@ -21,13 +20,29 @@
"type": "github"
}
},
"nixos-hardware": {
"locked": {
"lastModified": 1735388221,
"narHash": "sha256-e5IOgjQf0SZcFCEV/gMGrsI0gCJyqOKShBQU0iiM3Kg=",
"owner": "NixOS",
"repo": "nixos-hardware",
"rev": "7c674c6734f61157e321db595dbfcd8523e04e19",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "master",
"repo": "nixos-hardware",
"type": "github"
}
},
"nixpkgs": {
"locked": {
"lastModified": 1676569297,
"narHash": "sha256-2n4C4H3/U+3YbDrQB6xIw7AaLdFISCCFwOkcETAigqU=",
"lastModified": 1735834308,
"narHash": "sha256-dklw3AXr3OGO4/XT1Tu3Xz9n/we8GctZZ75ZWVqAVhk=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "ac1f5b72a9e95873d1de0233fddcb56f99884b37",
"rev": "6df24922a1400241dae323af55f30e4318a6ca65",
"type": "github"
},
"original": {
@@ -39,38 +54,8 @@
"root": {
"inputs": {
"home-manager": "home-manager",
"nixpkgs": "nixpkgs",
"vps_nixpkgs": "vps_nixpkgs"
}
},
"utils": {
"locked": {
"lastModified": 1667395993,
"narHash": "sha256-nuEHfE/LcWyuSWnS8t12N1wc105Qtau+/OdUAjtQ0rA=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "5aed5285a952e0b949eb3ba02c12fa4fcfef535f",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"vps_nixpkgs": {
"locked": {
"lastModified": 1673410828,
"narHash": "sha256-xAggTjXt7iqOe4lNRtq+B31cjxchvJOr9zIJJ4JmfY8=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "9852294f15c380cd61fd441538982426f8ee8ccc",
"type": "github"
},
"original": {
"id": "nixpkgs",
"ref": "master",
"type": "indirect"
"nixos-hardware": "nixos-hardware",
"nixpkgs": "nixpkgs"
}
}
},
flake.lock_bac
+47
View File
@@ -0,0 +1,47 @@
{
"nodes": {
"home-manager": {
"inputs": {
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1697662575,
"narHash": "sha256-fVtd4Le9edB831xyGWu0aqSfg6YVbkCNMX/IE3SUIdk=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "3433206e51766b4164dad368a81325efbf343fbe",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "home-manager",
"type": "github"
}
},
"nixpkgs": {
"locked": {
"lastModified": 1697456312,
"narHash": "sha256-roiSnrqb5r+ehnKCauPLugoU8S36KgmWraHgRqVYndo=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "ca012a02bf8327be9e488546faecae5e05d7d749",
"type": "github"
},
"original": {
"id": "nixpkgs",
"ref": "nixos-unstable",
"type": "indirect"
}
},
"root": {
"inputs": {
"home-manager": "home-manager",
"nixpkgs": "nixpkgs"
}
}
},
"root": "root",
"version": 7
}
flake.nix
+392 -56
View File
@@ -3,14 +3,14 @@
inputs = {
nixpkgs.url = "nixpkgs/nixos-unstable";
vps_nixpkgs.url = "nixpkgs/master";
home-manager = {
url = "github:nix-community/home-manager";
inputs.nixpkgs.follows = "nixpkgs";
};
nixos-hardware.url = "github:NixOS/nixos-hardware/master";
};
outputs = { self, nixpkgs, vps_nixpkgs, home-manager }@attrs:
outputs = { self, nixpkgs, home-manager, nixos-hardware }@attrs:
let
system = "x86_64-linux";
homeManagerSharedModule = {
@@ -26,7 +26,102 @@
# changes in each release.
home.stateVersion = "22.11";
home.packages = with pkgs; [ ];
fonts.fontconfig.enable = true;
home.packages = with pkgs; [ fira-code jetbrains-mono iosevka monoid recursive ];
systemd.user.services.mpris-proxy = {
Unit.Description = "Mpris proxy";
Unit.After = [ "network.target" "sound.target" ];
Service.ExecStart = "${pkgs.bluez}/bin/mpris-proxy";
Install.WantedBy = [ "default.target" ];
};
programs.ghostty = {
enable = true;
settings = {
window-decoration = false;
font-family = "Recursive Mono Linear Static";
font-size = 16;
#theme = "GruvboxDarkHard";
#theme = "Horizon";
#theme = "IC_Green_PPL";
#theme = "IC_Orange_PPL";
#theme = "iceberg-dark";
#theme = "Kanagawa Dragon";
#theme = "Kanagawa Wave";
#theme = "kanagawabones";
#theme = "kurokula";
#theme = "Later This Evening";
#theme = "MaterialDarker";
#theme = "MaterialOcean";
#theme = "matrix";
#theme = "Medallion";
#theme = "Mellifluous";
#theme = "Molokai";
#theme = "MonaLisa";
#theme = "Monokai Remastered";
#theme = "Monokai Soda";
theme = "NightLion v2";
#theme = "niji";
#theme = "Nocturnal Winter";
#theme = "nord";
#theme = "NvimDark";
#theme = "Oceanic-Next";
#theme = "OneHalfDark";
#theme = "Paraiso Dark";
#theme = "PaulMillr";
#theme = "PencilDark";
#theme = "Peppermint";
#theme = "Pnevma";
#theme = "Popping and Locking";
#theme = "Red Planet";
#theme = "rose-pine";
#theme = "Ryuuko";
#theme = "SeaShells";
#theme = "Seti";
#theme = "Shaman";
#theme = "Slate";
#theme = "Smyck";
#theme = "Snazzy";
#theme = "SoftServer";
#theme = "Solarized Dark - Patched";
#theme = "Solarized Dark Higher Contrast";
#theme = "SpaceGray Bright";
#theme = "SpaceGray Eighties";
#theme = "SpaceGray Eighties Dull";
#theme = "terafox";
#theme = "Thayer Bright";
#theme = "Tinacious Design (Dark)";
#theme = "tokyonight";
#theme = "tokyonight-storm";
#theme = "Tomorrow Night Burns";
#theme = "UltraViolent";
#theme = "Violet Dark";
#theme = "Whimsy";
#theme = "WildCherry";
#theme = "wilmersdorf";
#theme = "Wombat";
#theme = "xcodewwdc";
#theme = "zenbones_dark";
#theme = "zenwritten_dark";
};
};
programs.foot = {
enable = true;
settings = {
main = {
#font = "Fira Code:size=8";
#font = "JetBrainsMono:size=8";
#font = "Iosevka:size=18";
#font = "Monoid:size=6";
font = "Recursive:size=16"; # seems to be Recursive Mono Linear Static in Ghostty
#dpi-aware = "yes";
};
mouse = {
hide-when-typing = "yes";
};
};
};
programs.starship = {
enable = true;
enableBashIntegration = true;
@@ -58,6 +153,12 @@
profileExtra = ''
if [ -e /home/nathan/.nix-profile/etc/profile.d/nix.sh ]; then . /home/nathan/.nix-profile/etc/profile.d/nix.sh; fi # added by Nix installer
'';
shellAliases = {
ng ="nmcli c up NETGEAR97";
ng24="nmcli c up NETGEAR97_24_2Ghz";
ng58="nmcli c up NETGEAR97_28_5Ghz";
ng5c="nmcli c up NETGEAR97_2C_5Ghz";
};
};
programs.git = {
enable = true;
@@ -212,8 +313,8 @@
shell = "/run/current-system/sw/bin/bash";
};
# testing
services.jellyfin.enable = false;
#fonts.fonts = with pkgs; [ fira-code jetbrains-mono iosevka ];
services.pipewire = {
enable = true;
alsa.enable = true;
@@ -224,8 +325,10 @@
enable = true;
wlr.enable = true;
extraPortals = [pkgs.xdg-desktop-portal-gtk ];
gtkUsePortal = true;
#gtkUsePortal = true;
};
hardware.bluetooth.enable = true;
services.blueman.enable = true;
services.printing.enable = true;
@@ -252,16 +355,22 @@
};
};
# For steam, and Vulkan in general
hardware.opengl.driSupport = true;
#hardware.opengl.driSupport = true;
hardware.opengl.driSupport32Bit = true;
hardware.steam-hardware.enable = true;
programs.steam.enable = true;
environment.systemPackages = with pkgs; [
tmux vim wget curl git w3m iftop iotop killall file unzip zip ripgrep imv killall gomuks htop
firefox-wayland chromium gnome.nautilus
vlc steam calibre foliate transmission-gtk mupdf
tmux vim wget curl git w3m iftop iotop killall file unzip zip p7zip ripgrep imv killall
btop htop python3
waypipe firefox-wayland chromium nautilus
vlc mpv wayfarer libreoffice calibre foliate #transmission-gtk mupdf
gimp
foot pavucontrol pywal
sway wayland glib dracula-theme gnome.adwaita-icon-theme swaylock swayidle wl-clipboard
pavucontrol pywal
sway wayland glib dracula-theme adwaita-icon-theme swaylock swayidle wl-clipboard
circumflex
#monado openxr-loader xrgears
#lean4 blas elan vscode
(pkgs.writeTextFile {
name = "dbus-sway-environment";
destination = "/bin/dbus-sway-environment";
@@ -315,25 +424,85 @@
networking.firewall.enable = false;
}));
in {
nixosConfigurations.nixos-framework = nixpkgs.lib.nixosSystem {
inherit system;
specialArgs = attrs;
modules = [
nixos-hardware.nixosModules.framework-13-7040-amd
home-manager.nixosModules.home-manager
homeManagerSharedModule
({ config, lib, pkgs, modulesPath, ... }@innerArgs: (lib.recursiveUpdate (commonConfigFunc innerArgs [ pkgs.light pkgs.gpodder pkgs.evince pkgs.wezterm pkgs.vulkan-tools pkgs.discord]) {
# HARDWARE
imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "thunderbolt" "usb_storage" "sd_mod" ];
boot.initrd.kernelModules = [ "amdgpu" ];
hardware.opengl.extraPackages = with pkgs; [ amdvlk ];
boot.kernelModules = [ "kvm-amd" ];
boot.extraModulePackages = [ ];
fileSystems."/" =
{ device = "/dev/disk/by-uuid/427e2f6d-d42d-4d49-be35-713bf9526dc9";
fsType = "ext4";
};
fileSystems."/boot" =
{ device = "/dev/disk/by-uuid/2A78-5373";
fsType = "vfat";
};
swapDevices =
[ { device = "/dev/disk/by-uuid/9b0357e8-f721-4a06-aae0-97b6efc19209"; }
];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true;
# networking.interfaces.enp195s0f3u1c2.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
# END HARDWARE
boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true;
boot.kernelPackages = pkgs.linuxPackages_latest;
#boot.kernelPackages = pkgs.linuxPackages_testing;
#boot.kernelParams = [ "amdgpu.sg_display=0" ];
networking.hostName = "nixos-framework"; # Define your hostname.
system.stateVersion = "22.11"; # Did you read the comment?
programs.fuse.userAllowOther = true;
services.jellyfin.enable = true;
services.fwupd.enable = true;
#services.xserver = {
# enable = true;
# displayManager.gdm.enable = true;
# desktopManager.gnome.enable = true;
#};
}))
];
};
nixosConfigurations.nixos4800H = nixpkgs.lib.nixosSystem {
inherit system;
specialArgs = attrs;
modules = [
home-manager.nixosModules.home-manager
homeManagerSharedModule
({ config, lib, pkgs, modulesPath, ... }@innerArgs: (lib.recursiveUpdate (commonConfigFunc innerArgs [ pkgs.light ]) {
({ config, lib, pkgs, modulesPath, ... }@innerArgs: (lib.recursiveUpdate (commonConfigFunc innerArgs [ pkgs.light pkgs.gpodder pkgs.evince ]) {
# HARDWARE
imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "ahci" "usb_storage" "sd_mod" "rtsx_usb_sdmmc" ];
boot.initrd.kernelModules = [ ];
boot.initrd.kernelModules = [ "amdgpu" ];
hardware.opengl.extraPackages = with pkgs; [ amdvlk ];
boot.kernelModules = [ "kvm-amd" ];
boot.extraModulePackages = [ ];
fileSystems."/" = { device = "/dev/disk/by-uuid/ae8e4a92-53dd-49b5-bf3a-aeb9a109c01e"; fsType = "ext4"; };
fileSystems."/boot" = { device = "/dev/disk/by-uuid/28E9-0409"; fsType = "vfat"; };
fileSystems."/nas_disk1" = { device = "/dev/disk/by-uuid/d7907ed2-2aff-4cfc-bb4d-fa46b3f1af57"; fsType = "ext4"; };
swapDevices = [ ];
nix.maxJobs = lib.mkDefault 16;
# END HARDWARE
boot.loader.systemd-boot.enable = true;
@@ -341,6 +510,9 @@
boot.kernelPackages = pkgs.linuxPackages_latest;
networking.hostName = "nixos4800H"; # Define your hostname.
programs.fuse.userAllowOther = true;
services.jellyfin.enable = true;
# THIS SEEMS CONTRADICTORY
# The global useDHCP flag is deprecated, therefore explicitly set to false here.
# Per-interface useDHCP will be mandatory in the future, so this generated config
@@ -348,23 +520,16 @@
networking.useDHCP = false;
networking.interfaces.eno1.useDHCP = true;
networking.interfaces.wlp1s0.useDHCP = true;
networking.wireguard.interfaces = {
wg0 = {
ips = [ "10.100.0.7/24" ];
privateKeyFile = "/home/nathan/wireguard-keys/private";
peers = [
{
publicKey = "WXx7XXJzerPJBPMTvZ454iQhx5Q5bFvBgF6NsPPX9nk=";
allowedIPs = [ "10.100.0.0/24" ];
#allowedIPs = [ "0.0.0.0/0" ];
## Then sudo ip route add 104.238.179.164 via 10.0.0.1 dev enp30s0
endpoint = "104.238.179.164:51820";
persistentKeepalive = 25;
}
];
};
};
system.stateVersion = "20.03";
users.extraUsers.marcus = {
name = "marcus";
isNormalUser = true;
group = "users";
extraGroups = [ "wheel" "disk" "audio" "video" "networkmanager" "systemd-journal" "networkmanager" "sway" "plugdev" "adbusers"];
createHome = true;
home = "/home/marcus";
shell = "/run/current-system/sw/bin/bash";
};
}))
];
};
@@ -384,7 +549,9 @@
boot.supportedFilesystems = [ "ntfs" ];
fileSystems."/" = { device = "/dev/disk/by-uuid/163c1731-2f66-436b-a74f-20f84ec628dd"; fsType = "ext4"; };
fileSystems."/boot" = { device = "/dev/disk/by-uuid/9C44-5411"; fsType = "vfat"; };
fileSystems."/reborn" = { device = "/dev/disk/by-label/reborn"; fsType = "ext4"; };
#fileSystems."/big_disk" = { device = "/dev/disk/by-uuid/B610D69310D65A47"; fsType = "ntfs3"; options = ["rw" "uid=1000"]; };
#fileSystems."/big_disk" = { device = "/dev/sdb1"; fsType = "ntfs3"; options = ["rw" "uid=1000"]; };
swapDevices = [ ];
networking.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
@@ -395,6 +562,8 @@
boot.loader.efi.canTouchEfiVariables = true;
networking.hostName = "nixos-desktop"; # Define your hostname.
system.stateVersion = "22.11";
services.jellyfin.enable = true;
}))
];
};
@@ -415,21 +584,21 @@
swapDevices = [ { device = "/dev/disk/by-uuid/20cc65f9-f35e-419a-b00f-252cd576b2ce"; } ];
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
# high-resolution display
hardware.video.hidpi.enable = lib.mkDefault true;
boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true;
# don't suspend on lid close
services.logind.lidSwitch = "ignore";
services.glusterfs.enable = true;
networking.hostName = "condoserver"; # Define your hostname.
system.stateVersion = "22.11"; # Did you read the comment?
}))
];
};
nixosConfigurations.vps = vps_nixpkgs.lib.nixosSystem {
nixosConfigurations.vps = nixpkgs.lib.nixosSystem {
inherit system;
specialArgs = attrs;
modules = [
@@ -442,9 +611,24 @@
{ device = "/dev/disk/by-uuid/b9470789-6d82-4ad4-9a4a-7e19b8fcc8dc";
fsType = "ext4";
};
nix.maxJobs = lib.mkDefault 1;
# END HARDWARE
fileSystems."/var/lib/matrix-synapse/media" = {
device = "nathan@100.64.0.1:/home/nathan/synapse_media/media/";
fsType = "sshfs";
options = [
# Filesystem Options
"allow_other" # non-root access
"_netdev" # this is a network fs
"x-systemd.automount" # mount on demand
# SSH options
"reconnect" # handle connection drops
"ServerAliveInterval=15" # Keep connections alive
"IdentityFile=/var/lib/private/sshfs-key"
];
};
nix.gc.automatic = true;
imports = [ ];
@@ -463,11 +647,19 @@
python-olm pycryptodome unpaddedbase64
]);
});
#lemmy-server = super.lemmy-server.overrideAttrs (old: {
# patches = (old.patches or []) ++ [(super.fetchpatch {
# name = "fix-db-migrations.patch";
# url = "https://gist.githubusercontent.com/matejc/9be474fa581c1a29592877ede461f1f2/raw/83886917153fcba127b43d9a94a49b3d90e635b3/fix-db-migrations.patch";
# hash = "sha256-BvoA4K9v84n60lG96j1+91e8/ERn9WlVTGk4Z6Fj4iA=";
# })];
#});
}) ];
# Use the GRUB 2 boot loader.
boot.loader.grub.enable = true;
boot.loader.grub.version = 2;
boot.loader.grub.device = "/dev/vda"; # or "nodev" for efi only
swapDevices = [{
@@ -484,8 +676,8 @@
networking.firewall = {
#allowedTCPPorts = [ 22 80 443 3478 3479 ];
#allowedUDPPorts = [ 22 80 443 5349 5350 51820 ];
allowedTCPPorts = [ 22 80 443 ];
allowedUDPPorts = [ 22 80 443 51820 ];
allowedTCPPorts = [ 22 80 443 30000 ]; #30000 is minetest
allowedUDPPorts = [ 22 80 443 51820 30000 ];
#extraCommands = ''
# iptables -A FORWARD -i %i -j ACCEPT; iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
#'';
@@ -525,17 +717,19 @@
#};
services.openssh.enable = true;
services.openssh.passwordAuthentication = false;
services.openssh.kbdInteractiveAuthentication = false;
services.openssh.permitRootLogin = "prohibit-password";
services.mastodon = {
enable = true;
localDomain = "mastodon.room409.xyz";
configureNginx = true;
smtp.fromAddress = "notifications@mastodon.room409.xyz";
services.openssh.settings = {
PasswordAuthentication = false;
KbdInteractiveAuthentication = false;
PermitRootLogin = "prohibit-password";
};
#services.mastodon = {
# enable = true;
# localDomain = "mastodon.room409.xyz";
# configureNginx = true;
# smtp.fromAddress = "notifications@mastodon.room409.xyz";
#};
services.mautrix-telegram = {
enable = true;
settings = {
@@ -568,6 +762,7 @@
public_baseurl = "https://synapse.room409.xyz/";
enable_registration = false;
#enable_registration_without_verification = true;
#registration_shared_secret = null;
database.name = "psycopg2";
url_preview_enabled = true;
@@ -595,14 +790,28 @@
services.gitea = {
enable = true;
disableRegistration = true;
settings.service.DISABLE_REGISTRATION = true;
appName = "Room409.xyz Forge";
domain = "forge.room409.xyz";
rootUrl = "https://forge.room409.xyz/";
httpPort = 3001;
settings.server = {
DOMAIN = "forge.room409.xyz";
ROOT_URL = "https://forge.room409.xyz/";
HTTP_PORT = 3001;
};
};
#systemd.services.lemmy.environment.RUST_BACKTRACE = "full";
#systemd.services.lemmy.environment.LEMMY_DATABASE_URL = pkgs.lib.mkForce "postgres:///lemmy?host=/run/postgresql&user=lemmy";
#services.lemmy = {
# enable = true;
# database.createLocally = true;
# settings = {
# hostname = "lemmy.room409.xyz";
# };
# nginx.enable = true;
#};
services.postgresql = {
package = pkgs.postgresql_16;
enable = true;
# postgresql user and db name in the service.matrix-synapse.databse_args setting is default
initialScript = pkgs.writeText "synapse-init.sql" ''
@@ -618,13 +827,24 @@
enable = true;
address = "0.0.0.0";
port = 8789;
serverUrl = "https://headscale.room409.xyz";
dns.baseDomain = "wg.test";
settings.serverUrl = "https://headscale.room409.xyz";
settings.dns.base_domain = "wg.test";
settings.logtail.enabled = false;
};
security.acme.email = "miloignis@gmail.com";
security.acme.acceptTerms = true;
services.ttyd = {
enable = true;
port = 9134;
writeable = true;
username = "miloignis";
passwordFile = /var/lib/ttyd/secrets;
clientOptions.fontFamily="Recursive";
};
security.acme = {
acceptTerms = true;
defaults.email = "miloignis@gmail.com";
};
services.nginx = {
enable = true;
recommendedGzipSettings = true;
@@ -641,6 +861,12 @@
};
};
## the rest is defined by the lemmy service
#virtualHosts."lemmy.room409.xyz" = {
# forceSSL = true;
# enableACME = true;
#};
virtualHosts."forge.room409.xyz" = {
forceSSL = true;
enableACME = true;
@@ -657,7 +883,7 @@
locations."/.well-known/matrix/client".extraConfig = ''
add_header Content-Type application/json;
add_header Access-Control-Allow-Origin *;
return 200 '{ "m.homeserver": {"base_url": "https://synapse.room409.xyz"}, "m.identity_server": { "base_url": "https://vector.im"} }';
return 200 '{ "m.homeserver": {"base_url": "https://synapse.room409.xyz"}, "org.matrix.msc3575.proxy": { "url": "https://syncv3.room409.xyz" }, "m.identity_server": { "base_url": "https://vector.im"} }';
'';
locations."/".proxyPass = "http://localhost:8008";
locations."/".extraConfig = ''
@@ -690,6 +916,25 @@
enableACME = true;
root = "/var/www/faint.room409.xyz";
};
virtualHosts."shell.room409.xyz" = {
forceSSL = true;
enableACME = true;
locations."/" = {
proxyPass = "http://localhost:9134";
proxyWebsockets = true;
};
};
virtualHosts."drop.room409.xyz" = {
forceSSL = true;
enableACME = true;
locations."/" = {
proxyPass = "http://localhost:9009";
proxyWebsockets = true;
extraConfig = ''
client_max_body_size 500M;
'';
};
};
#virtualHosts."www.kraken-lang.org" = {
# forceSSL = true;
# enableACME = true;
@@ -731,6 +976,53 @@
#locations."/bookclub/".proxyPass = "http://localhost:8888/room/!xSMgeFJYbuYTOGAGga:synapse.room409.xyz/";
};
virtualHosts."lotusronin.room409.xyz" = {
forceSSL = true;
enableACME = true;
locations."/" = {
root = pkgs.writeTextDir "index.html" ''<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<title>LotusRonin's Website</title>
<style>
h1, h2 ,h3 { line-height:1.2; }
.bodyStuff {
max-width: 45em;
margin: 1em auto;
padding: 0 .62em;
font: 1.2em/1.62 sans-serif;
}
.floatLeft {
float: left;
max-width: 55em;
margin: 1em auto;
padding: 0 .62em;
font: 1.2em/1.62 sans-serif;
}
</style>
</head>
<body>
<div class="bodyStuff">
<header><h1>Main Page</h1></header>
<br> <br>
Take control of your tools, break from the system. Less is more.
</div>
<div class="floatLeft">
<ol>
<li><a href="">📜 Blog</a></li>
<li><a href="">👨💻 Code</a></li>
<li><a href="">🕹 Games</a></li>
<li><a href="">(.)(.) MLKRs.shop signup</a></li>
<li><a href="">📄 Resume/About Me</a></li>
</ol>
</div>
</body>
</html>
'';
};
};
virtualHosts."miloignis.room409.xyz" = {
forceSSL = true;
enableACME = true;
@@ -800,11 +1092,23 @@
};
};
virtualHosts."batou.room409.xyz" = {
forceSSL = true;
enableACME = true;
locations."/".proxyPass = "http://100.64.0.1:8090";
};
#virtualHosts."4800H.room409.xyz" = {
# forceSSL = true;
# enableACME = true;
# locations."/".proxyPass = "http://10.100.0.7:80";
#};
virtualHosts."neel.room409.xyz" = {
forceSSL = true;
enableACME = true;
basicAuth = { neel = "el_psy_congroo"; };
locations."/".proxyPass = "http://100.64.0.1:8080";
};
};
services.journald.extraConfig = "SystemMaxUse=50M";
@@ -815,6 +1119,38 @@
iftop ripgrep
config.services.headscale.package
#wireguard
droopy
sshfs
# (let
# # XXX specify the postgresql package you'd like to upgrade to.
# # Do not forget to list the extensions you need.
# newPostgres = pkgs.postgresql_16.withPackages (pp: [
# # pp.plv8
# ]);
#in pkgs.writeScriptBin "upgrade-pg-cluster" ''
# set -eux
# # XXX it's perhaps advisable to stop all services that depend on postgresql
# systemctl stop postgresql
# export NEWDATA="/var/lib/postgresql/${newPostgres.psqlSchema}"
# export NEWBIN="${newPostgres}/bin"
# export OLDDATA="${config.services.postgresql.dataDir}"
# export OLDBIN="${config.services.postgresql.package}/bin"
# install -d -m 0700 -o postgres -g postgres "$NEWDATA"
# cd "$NEWDATA"
# sudo -u postgres $NEWBIN/initdb -D "$NEWDATA"
# sudo -u postgres $NEWBIN/pg_upgrade \
# --old-datadir "$OLDDATA" --new-datadir "$NEWDATA" \
# --old-bindir $OLDBIN --new-bindir $NEWBIN \
# "$@"
#'')
];
users.extraUsers.nathan = {
name = "nathan";
sway_config
+7 -1
View File
@@ -17,11 +17,16 @@ exec configure-gtk
exec sleep 5; systemctl --user start kanshi.service
#When everything's wayland, maybe
#output eDP-1 scale 2
output eDP-1 scale 1
#Output HDMI-A-1 'Goldstar Company Ltd LG TV SSCR2 0x00000101'
output HDMI-A-1 mode 1920x1080@60Hz
#Output DP-4 'LG Electronics LG TV SSCR2 0x00000101'
output DP-3 mode 1280x720@60Hz
#output DP-4 mode 1280x720@60Hz
#output DP-4 mode 3840x2160@60Hz
# reload the configuration file
bindsym $mod+Shift+q reload
# restart i3 inplace (preserves your layout/session, can be used to upgrade i3)
@@ -49,6 +54,7 @@ floating_modifier $mod
#bindsym $mod+Return exec st
#bindsym $mod+Return exec sakura
bindsym $mod+Return exec foot
bindsym $mod+Shift+Return exec ghostty
# kill focused window
bindsym $mod+Shift+c kill
vps_activate_flake.sh
+1 -1
View File
@@ -1,3 +1,3 @@
#!/usr/bin/env sh
nixos-rebuild switch --fast --flake .#vps --target-host root@room409.xyz
NIXPKGS_ALLOW_INSECURE=1 nixos-rebuild switch --fast --flake .#vps --target-host root@room409.xyz --impure