miloignis/nix_config
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: miloignis/nix_config:panam
Branches Tags
miloignis/nix_config:main miloignis/nix_config:panam
...
compare: miloignis/nix_config:12e00be90c47cfade6a334403d3e6c8580fe14e3
Branches Tags
miloignis/nix_config:panam miloignis/nix_config:main

36 Commits
panam ... 12e00be90c

Author SHA1 Message Date
miloignis 12e00be90c updates 2025-01-12 17:32:33 -05:00
miloignis 606855aedd Merge branch 'main' of https://forge.room409.xyz/miloignis/nix_config 2024-08-21 00:42:21 -04:00
miloignis 1eb58fae21 add wayfarer 2024-08-21 00:42:07 -04:00
miloignis 9acd1e0f48 merge 2024-07-26 13:24:36 -04:00
miloignis 4bc99c40d3 upgrade trying to get that sshd fix, I don't think I did... 2024-07-02 00:30:32 -04:00
miloignis d7b6e6b944 Post media moved to 4800h, postgresql upgrade 2024-07-02 00:25:02 -04:00
miloignis 8189ea60fc updates 2024-04-02 11:19:17 -04:00
miloignis e8428e0487 Merge branch 'main' of https://forge.room409.xyz/miloignis/nix_config 2023-12-28 20:50:39 -05:00
miloignis c37126a731 headset tests 2023-12-28 20:49:04 -05:00
miloignis a7029d0f46 Merge branch 'main' of forge.room409.xyz:miloignis/nix_config 2023-12-18 00:45:05 -05:00
miloignis 85050715fc add marcus 2023-12-18 00:45:02 -05:00
miloignis 41b9279bc9 Updates, running jellyfin with fuse 2023-12-18 00:44:23 -05:00
miloignis ea04829c71 better size 2023-11-11 16:46:01 -05:00
miloignis bcc9a7bf6e lotusronin website 2023-11-11 16:40:09 -05:00
miloignis d66a6f9895 Working framework config post bios 2023-11-06 13:03:42 -05:00
miloignis 4b2685f7e1 inital framework 2023-10-18 18:08:08 -04:00
miloignis 275b054746 Setup Sliding-Sync V3! Element X does seem to be a bit early, but still nice 2023-10-13 00:11:52 -04:00
miloignis 90113aa08e Merge branch 'main' of forge.room409.xyz:miloignis/nix_config 2023-09-26 20:11:40 -04:00
miloignis 96a283f505 format old windows partition and mount by default. Gonna use it for Cyberpunk2.0/PhantomLiberty 2023-09-26 20:11:37 -04:00
miloignis d5ac189e66 fix most warnings 2023-09-26 15:16:42 -04:00
miloignis 233f3341bf add waypipe 2023-09-17 18:04:22 -04:00
miloignis 866bd86ea3 Merge branch 'main' of forge.room409.xyz:miloignis/nix_config 2023-09-17 17:21:58 -04:00
miloignis 35e4745ec0 Merge branch 'main' of forge.room409.xyz:miloignis/nix_config 2023-09-17 17:19:41 -04:00
miloignis f169c425ef jellyfin, removing big_disk 2023-09-17 17:19:39 -04:00
miloignis f01eb7d39c update 2023-09-17 17:19:12 -04:00
miloignis 49f4498fa4 updates 2023-09-17 17:14:31 -04:00
miloignis 86516997ec merge 2023-08-01 13:23:14 -04:00
miloignis aeafa5bbe9 reactivate big disk 2023-08-01 13:22:19 -04:00
miloignis b65bc1696b Updates 2023-08-01 13:21:43 -04:00
miloignis 1ce125327d Updates 2023-07-24 23:53:37 -04:00
miloignis 66cca6bc2f add ttyd to vps 2023-04-08 15:30:38 -04:00
miloignis 087a160601 Add font install & config for foot, using recursive for now 2023-03-28 21:34:55 -04:00
miloignis 7ba91ab1a4 Upgrade 2023-03-26 01:33:37 -04:00
miloignis fceb70c5e5 remove old wireguard config 2023-03-14 19:34:21 -04:00
miloignis c344e97678 updates, try glusterfs 2023-03-02 20:09:04 -05:00
miloignis 6fbb14e637 update 2023-02-28 00:08:43 -05:00
6 changed files with 473 additions and 99 deletions
Expand all files Collapse all files
condoserver_activate_flake.sh
+1 -1
View File
@@ -1,3 +1,3 @@
#!/usr/bin/env sh #!/usr/bin/env sh
nixos-rebuild switch --fast --flake .#condoserver --target-host root@192.168.86.21 --build-host root@192.168.86.21 nixos-rebuild switch --fast --flake .#condoserver --target-host root@condoserver.room409.wg.test --build-host root@condoserver.room409.wg.test
flake.lock
Generated
+25 -40
View File
@@ -4,15 +4,14 @@
"inputs": { "inputs": {
"nixpkgs": [ "nixpkgs": [
"nixpkgs" "nixpkgs"
], ]
"utils": "utils"
}, },
"locked": { "locked": {
"lastModified": 1676367705, "lastModified": 1735925111,
"narHash": "sha256-un5UbRat9TwruyImtwUGcKF823rCEp4fQxnsaLFL7CM=", "narHash": "sha256-/NptDI4njO5hH0ZVQ2yzbvTXmBOabZaGYkjhnMJ37TY=",
"owner": "nix-community", "owner": "nix-community",
"repo": "home-manager", "repo": "home-manager",
"rev": "da72e6fc6b7dc0c3f94edbd310aae7cd95c678b5", "rev": "ef64efdbaca99f9960f75efab991e4c49e79a5f1",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -21,13 +20,29 @@
"type": "github" "type": "github"
} }
}, },
"nixos-hardware": {
"locked": {
"lastModified": 1735388221,
"narHash": "sha256-e5IOgjQf0SZcFCEV/gMGrsI0gCJyqOKShBQU0iiM3Kg=",
"owner": "NixOS",
"repo": "nixos-hardware",
"rev": "7c674c6734f61157e321db595dbfcd8523e04e19",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "master",
"repo": "nixos-hardware",
"type": "github"
}
},
"nixpkgs": { "nixpkgs": {
"locked": { "locked": {
"lastModified": 1676569297, "lastModified": 1735834308,
"narHash": "sha256-2n4C4H3/U+3YbDrQB6xIw7AaLdFISCCFwOkcETAigqU=", "narHash": "sha256-dklw3AXr3OGO4/XT1Tu3Xz9n/we8GctZZ75ZWVqAVhk=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "ac1f5b72a9e95873d1de0233fddcb56f99884b37", "rev": "6df24922a1400241dae323af55f30e4318a6ca65",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -39,38 +54,8 @@
"root": { "root": {
"inputs": { "inputs": {
"home-manager": "home-manager", "home-manager": "home-manager",
"nixpkgs": "nixpkgs", "nixos-hardware": "nixos-hardware",
"vps_nixpkgs": "vps_nixpkgs" "nixpkgs": "nixpkgs"
}
},
"utils": {
"locked": {
"lastModified": 1667395993,
"narHash": "sha256-nuEHfE/LcWyuSWnS8t12N1wc105Qtau+/OdUAjtQ0rA=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "5aed5285a952e0b949eb3ba02c12fa4fcfef535f",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"vps_nixpkgs": {
"locked": {
"lastModified": 1673410828,
"narHash": "sha256-xAggTjXt7iqOe4lNRtq+B31cjxchvJOr9zIJJ4JmfY8=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "9852294f15c380cd61fd441538982426f8ee8ccc",
"type": "github"
},
"original": {
"id": "nixpkgs",
"ref": "master",
"type": "indirect"
} }
} }
}, },
flake.lock_bac
+47
View File
@@ -0,0 +1,47 @@
{
"nodes": {
"home-manager": {
"inputs": {
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1697662575,
"narHash": "sha256-fVtd4Le9edB831xyGWu0aqSfg6YVbkCNMX/IE3SUIdk=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "3433206e51766b4164dad368a81325efbf343fbe",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "home-manager",
"type": "github"
}
},
"nixpkgs": {
"locked": {
"lastModified": 1697456312,
"narHash": "sha256-roiSnrqb5r+ehnKCauPLugoU8S36KgmWraHgRqVYndo=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "ca012a02bf8327be9e488546faecae5e05d7d749",
"type": "github"
},
"original": {
"id": "nixpkgs",
"ref": "nixos-unstable",
"type": "indirect"
}
},
"root": {
"inputs": {
"home-manager": "home-manager",
"nixpkgs": "nixpkgs"
}
}
},
"root": "root",
"version": 7
}
flake.nix
+392 -56
View File
@@ -3,14 +3,14 @@
inputs = { inputs = {
nixpkgs.url = "nixpkgs/nixos-unstable"; nixpkgs.url = "nixpkgs/nixos-unstable";
vps_nixpkgs.url = "nixpkgs/master";
home-manager = { home-manager = {
url = "github:nix-community/home-manager"; url = "github:nix-community/home-manager";
inputs.nixpkgs.follows = "nixpkgs"; inputs.nixpkgs.follows = "nixpkgs";
}; };
nixos-hardware.url = "github:NixOS/nixos-hardware/master";
}; };
outputs = { self, nixpkgs, vps_nixpkgs, home-manager }@attrs: outputs = { self, nixpkgs, home-manager, nixos-hardware }@attrs:
let let
system = "x86_64-linux"; system = "x86_64-linux";
homeManagerSharedModule = { homeManagerSharedModule = {
@@ -26,7 +26,102 @@
# changes in each release. # changes in each release.
home.stateVersion = "22.11"; home.stateVersion = "22.11";
home.packages = with pkgs; [ ]; fonts.fontconfig.enable = true;
home.packages = with pkgs; [ fira-code jetbrains-mono iosevka monoid recursive ];
systemd.user.services.mpris-proxy = {
Unit.Description = "Mpris proxy";
Unit.After = [ "network.target" "sound.target" ];
Service.ExecStart = "${pkgs.bluez}/bin/mpris-proxy";
Install.WantedBy = [ "default.target" ];
};
programs.ghostty = {
enable = true;
settings = {
window-decoration = false;
font-family = "Recursive Mono Linear Static";
font-size = 16;
#theme = "GruvboxDarkHard";
#theme = "Horizon";
#theme = "IC_Green_PPL";
#theme = "IC_Orange_PPL";
#theme = "iceberg-dark";
#theme = "Kanagawa Dragon";
#theme = "Kanagawa Wave";
#theme = "kanagawabones";
#theme = "kurokula";
#theme = "Later This Evening";
#theme = "MaterialDarker";
#theme = "MaterialOcean";
#theme = "matrix";
#theme = "Medallion";
#theme = "Mellifluous";
#theme = "Molokai";
#theme = "MonaLisa";
#theme = "Monokai Remastered";
#theme = "Monokai Soda";
theme = "NightLion v2";
#theme = "niji";
#theme = "Nocturnal Winter";
#theme = "nord";
#theme = "NvimDark";
#theme = "Oceanic-Next";
#theme = "OneHalfDark";
#theme = "Paraiso Dark";
#theme = "PaulMillr";
#theme = "PencilDark";
#theme = "Peppermint";
#theme = "Pnevma";
#theme = "Popping and Locking";
#theme = "Red Planet";
#theme = "rose-pine";
#theme = "Ryuuko";
#theme = "SeaShells";
#theme = "Seti";
#theme = "Shaman";
#theme = "Slate";
#theme = "Smyck";
#theme = "Snazzy";
#theme = "SoftServer";
#theme = "Solarized Dark - Patched";
#theme = "Solarized Dark Higher Contrast";
#theme = "SpaceGray Bright";
#theme = "SpaceGray Eighties";
#theme = "SpaceGray Eighties Dull";
#theme = "terafox";
#theme = "Thayer Bright";
#theme = "Tinacious Design (Dark)";
#theme = "tokyonight";
#theme = "tokyonight-storm";
#theme = "Tomorrow Night Burns";
#theme = "UltraViolent";
#theme = "Violet Dark";
#theme = "Whimsy";
#theme = "WildCherry";
#theme = "wilmersdorf";
#theme = "Wombat";
#theme = "xcodewwdc";
#theme = "zenbones_dark";
#theme = "zenwritten_dark";
};
};
programs.foot = {
enable = true;
settings = {
main = {
#font = "Fira Code:size=8";
#font = "JetBrainsMono:size=8";
#font = "Iosevka:size=18";
#font = "Monoid:size=6";
font = "Recursive:size=16"; # seems to be Recursive Mono Linear Static in Ghostty
#dpi-aware = "yes";
};
mouse = {
hide-when-typing = "yes";
};
};
};
programs.starship = { programs.starship = {
enable = true; enable = true;
enableBashIntegration = true; enableBashIntegration = true;
@@ -58,6 +153,12 @@
profileExtra = '' profileExtra = ''
if [ -e /home/nathan/.nix-profile/etc/profile.d/nix.sh ]; then . /home/nathan/.nix-profile/etc/profile.d/nix.sh; fi # added by Nix installer if [ -e /home/nathan/.nix-profile/etc/profile.d/nix.sh ]; then . /home/nathan/.nix-profile/etc/profile.d/nix.sh; fi # added by Nix installer
''; '';
shellAliases = {
ng ="nmcli c up NETGEAR97";
ng24="nmcli c up NETGEAR97_24_2Ghz";
ng58="nmcli c up NETGEAR97_28_5Ghz";
ng5c="nmcli c up NETGEAR97_2C_5Ghz";
};
}; };
programs.git = { programs.git = {
enable = true; enable = true;
@@ -212,8 +313,8 @@
shell = "/run/current-system/sw/bin/bash"; shell = "/run/current-system/sw/bin/bash";
}; };
# testing #fonts.fonts = with pkgs; [ fira-code jetbrains-mono iosevka ];
services.jellyfin.enable = false;
services.pipewire = { services.pipewire = {
enable = true; enable = true;
alsa.enable = true; alsa.enable = true;
@@ -224,8 +325,10 @@
enable = true; enable = true;
wlr.enable = true; wlr.enable = true;
extraPortals = [pkgs.xdg-desktop-portal-gtk ]; extraPortals = [pkgs.xdg-desktop-portal-gtk ];
gtkUsePortal = true; #gtkUsePortal = true;
}; };
hardware.bluetooth.enable = true;
services.blueman.enable = true; services.blueman.enable = true;
services.printing.enable = true; services.printing.enable = true;
@@ -252,16 +355,22 @@
}; };
}; };
# For steam, and Vulkan in general # For steam, and Vulkan in general
hardware.opengl.driSupport = true; #hardware.opengl.driSupport = true;
hardware.opengl.driSupport32Bit = true; hardware.opengl.driSupport32Bit = true;
hardware.steam-hardware.enable = true;
programs.steam.enable = true;
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
tmux vim wget curl git w3m iftop iotop killall file unzip zip ripgrep imv killall gomuks htop tmux vim wget curl git w3m iftop iotop killall file unzip zip p7zip ripgrep imv killall
firefox-wayland chromium gnome.nautilus btop htop python3
vlc steam calibre foliate transmission-gtk mupdf waypipe firefox-wayland chromium nautilus
vlc mpv wayfarer libreoffice calibre foliate #transmission-gtk mupdf
gimp gimp
foot pavucontrol pywal pavucontrol pywal
sway wayland glib dracula-theme gnome.adwaita-icon-theme swaylock swayidle wl-clipboard sway wayland glib dracula-theme adwaita-icon-theme swaylock swayidle wl-clipboard
circumflex
#monado openxr-loader xrgears
#lean4 blas elan vscode
(pkgs.writeTextFile { (pkgs.writeTextFile {
name = "dbus-sway-environment"; name = "dbus-sway-environment";
destination = "/bin/dbus-sway-environment"; destination = "/bin/dbus-sway-environment";
@@ -315,25 +424,85 @@
networking.firewall.enable = false; networking.firewall.enable = false;
})); }));
in { in {
nixosConfigurations.nixos-framework = nixpkgs.lib.nixosSystem {
inherit system;
specialArgs = attrs;
modules = [
nixos-hardware.nixosModules.framework-13-7040-amd
home-manager.nixosModules.home-manager
homeManagerSharedModule
({ config, lib, pkgs, modulesPath, ... }@innerArgs: (lib.recursiveUpdate (commonConfigFunc innerArgs [ pkgs.light pkgs.gpodder pkgs.evince pkgs.wezterm pkgs.vulkan-tools pkgs.discord]) {
# HARDWARE
imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "thunderbolt" "usb_storage" "sd_mod" ];
boot.initrd.kernelModules = [ "amdgpu" ];
hardware.opengl.extraPackages = with pkgs; [ amdvlk ];
boot.kernelModules = [ "kvm-amd" ];
boot.extraModulePackages = [ ];
fileSystems."/" =
{ device = "/dev/disk/by-uuid/427e2f6d-d42d-4d49-be35-713bf9526dc9";
fsType = "ext4";
};
fileSystems."/boot" =
{ device = "/dev/disk/by-uuid/2A78-5373";
fsType = "vfat";
};
swapDevices =
[ { device = "/dev/disk/by-uuid/9b0357e8-f721-4a06-aae0-97b6efc19209"; }
];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true;
# networking.interfaces.enp195s0f3u1c2.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
# END HARDWARE
boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true;
boot.kernelPackages = pkgs.linuxPackages_latest;
#boot.kernelPackages = pkgs.linuxPackages_testing;
#boot.kernelParams = [ "amdgpu.sg_display=0" ];
networking.hostName = "nixos-framework"; # Define your hostname.
system.stateVersion = "22.11"; # Did you read the comment?
programs.fuse.userAllowOther = true;
services.jellyfin.enable = true;
services.fwupd.enable = true;
#services.xserver = {
# enable = true;
# displayManager.gdm.enable = true;
# desktopManager.gnome.enable = true;
#};
}))
];
};
nixosConfigurations.nixos4800H = nixpkgs.lib.nixosSystem { nixosConfigurations.nixos4800H = nixpkgs.lib.nixosSystem {
inherit system; inherit system;
specialArgs = attrs; specialArgs = attrs;
modules = [ modules = [
home-manager.nixosModules.home-manager home-manager.nixosModules.home-manager
homeManagerSharedModule homeManagerSharedModule
({ config, lib, pkgs, modulesPath, ... }@innerArgs: (lib.recursiveUpdate (commonConfigFunc innerArgs [ pkgs.light ]) { ({ config, lib, pkgs, modulesPath, ... }@innerArgs: (lib.recursiveUpdate (commonConfigFunc innerArgs [ pkgs.light pkgs.gpodder pkgs.evince ]) {
# HARDWARE # HARDWARE
imports = [ (modulesPath + "/installer/scan/not-detected.nix") ]; imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "ahci" "usb_storage" "sd_mod" "rtsx_usb_sdmmc" ]; boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "ahci" "usb_storage" "sd_mod" "rtsx_usb_sdmmc" ];
boot.initrd.kernelModules = [ ]; boot.initrd.kernelModules = [ "amdgpu" ];
hardware.opengl.extraPackages = with pkgs; [ amdvlk ];
boot.kernelModules = [ "kvm-amd" ]; boot.kernelModules = [ "kvm-amd" ];
boot.extraModulePackages = [ ]; boot.extraModulePackages = [ ];
fileSystems."/" = { device = "/dev/disk/by-uuid/ae8e4a92-53dd-49b5-bf3a-aeb9a109c01e"; fsType = "ext4"; }; fileSystems."/" = { device = "/dev/disk/by-uuid/ae8e4a92-53dd-49b5-bf3a-aeb9a109c01e"; fsType = "ext4"; };
fileSystems."/boot" = { device = "/dev/disk/by-uuid/28E9-0409"; fsType = "vfat"; }; fileSystems."/boot" = { device = "/dev/disk/by-uuid/28E9-0409"; fsType = "vfat"; };
fileSystems."/nas_disk1" = { device = "/dev/disk/by-uuid/d7907ed2-2aff-4cfc-bb4d-fa46b3f1af57"; fsType = "ext4"; };
swapDevices = [ ]; swapDevices = [ ];
nix.maxJobs = lib.mkDefault 16;
# END HARDWARE # END HARDWARE
boot.loader.systemd-boot.enable = true; boot.loader.systemd-boot.enable = true;
@@ -341,6 +510,9 @@
boot.kernelPackages = pkgs.linuxPackages_latest; boot.kernelPackages = pkgs.linuxPackages_latest;
networking.hostName = "nixos4800H"; # Define your hostname. networking.hostName = "nixos4800H"; # Define your hostname.
programs.fuse.userAllowOther = true;
services.jellyfin.enable = true;
# THIS SEEMS CONTRADICTORY # THIS SEEMS CONTRADICTORY
# The global useDHCP flag is deprecated, therefore explicitly set to false here. # The global useDHCP flag is deprecated, therefore explicitly set to false here.
# Per-interface useDHCP will be mandatory in the future, so this generated config # Per-interface useDHCP will be mandatory in the future, so this generated config
@@ -348,23 +520,16 @@
networking.useDHCP = false; networking.useDHCP = false;
networking.interfaces.eno1.useDHCP = true; networking.interfaces.eno1.useDHCP = true;
networking.interfaces.wlp1s0.useDHCP = true; networking.interfaces.wlp1s0.useDHCP = true;
networking.wireguard.interfaces = {
wg0 = {
ips = [ "10.100.0.7/24" ];
privateKeyFile = "/home/nathan/wireguard-keys/private";
peers = [
{
publicKey = "WXx7XXJzerPJBPMTvZ454iQhx5Q5bFvBgF6NsPPX9nk=";
allowedIPs = [ "10.100.0.0/24" ];
#allowedIPs = [ "0.0.0.0/0" ];
## Then sudo ip route add 104.238.179.164 via 10.0.0.1 dev enp30s0
endpoint = "104.238.179.164:51820";
persistentKeepalive = 25;
}
];
};
};
system.stateVersion = "20.03"; system.stateVersion = "20.03";
users.extraUsers.marcus = {
name = "marcus";
isNormalUser = true;
group = "users";
extraGroups = [ "wheel" "disk" "audio" "video" "networkmanager" "systemd-journal" "networkmanager" "sway" "plugdev" "adbusers"];
createHome = true;
home = "/home/marcus";
shell = "/run/current-system/sw/bin/bash";
};
})) }))
]; ];
}; };
@@ -384,7 +549,9 @@
boot.supportedFilesystems = [ "ntfs" ]; boot.supportedFilesystems = [ "ntfs" ];
fileSystems."/" = { device = "/dev/disk/by-uuid/163c1731-2f66-436b-a74f-20f84ec628dd"; fsType = "ext4"; }; fileSystems."/" = { device = "/dev/disk/by-uuid/163c1731-2f66-436b-a74f-20f84ec628dd"; fsType = "ext4"; };
fileSystems."/boot" = { device = "/dev/disk/by-uuid/9C44-5411"; fsType = "vfat"; }; fileSystems."/boot" = { device = "/dev/disk/by-uuid/9C44-5411"; fsType = "vfat"; };
fileSystems."/reborn" = { device = "/dev/disk/by-label/reborn"; fsType = "ext4"; };
#fileSystems."/big_disk" = { device = "/dev/disk/by-uuid/B610D69310D65A47"; fsType = "ntfs3"; options = ["rw" "uid=1000"]; }; #fileSystems."/big_disk" = { device = "/dev/disk/by-uuid/B610D69310D65A47"; fsType = "ntfs3"; options = ["rw" "uid=1000"]; };
#fileSystems."/big_disk" = { device = "/dev/sdb1"; fsType = "ntfs3"; options = ["rw" "uid=1000"]; };
swapDevices = [ ]; swapDevices = [ ];
networking.useDHCP = lib.mkDefault true; networking.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
@@ -395,6 +562,8 @@
boot.loader.efi.canTouchEfiVariables = true; boot.loader.efi.canTouchEfiVariables = true;
networking.hostName = "nixos-desktop"; # Define your hostname. networking.hostName = "nixos-desktop"; # Define your hostname.
system.stateVersion = "22.11"; system.stateVersion = "22.11";
services.jellyfin.enable = true;
})) }))
]; ];
}; };
@@ -415,21 +584,21 @@
swapDevices = [ { device = "/dev/disk/by-uuid/20cc65f9-f35e-419a-b00f-252cd576b2ce"; } ]; swapDevices = [ { device = "/dev/disk/by-uuid/20cc65f9-f35e-419a-b00f-252cd576b2ce"; } ];
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
# high-resolution display
hardware.video.hidpi.enable = lib.mkDefault true;
boot.loader.systemd-boot.enable = true; boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true; boot.loader.efi.canTouchEfiVariables = true;
# don't suspend on lid close # don't suspend on lid close
services.logind.lidSwitch = "ignore"; services.logind.lidSwitch = "ignore";
services.glusterfs.enable = true;
networking.hostName = "condoserver"; # Define your hostname. networking.hostName = "condoserver"; # Define your hostname.
system.stateVersion = "22.11"; # Did you read the comment? system.stateVersion = "22.11"; # Did you read the comment?
})) }))
]; ];
}; };
nixosConfigurations.vps = vps_nixpkgs.lib.nixosSystem { nixosConfigurations.vps = nixpkgs.lib.nixosSystem {
inherit system; inherit system;
specialArgs = attrs; specialArgs = attrs;
modules = [ modules = [
@@ -442,9 +611,24 @@
{ device = "/dev/disk/by-uuid/b9470789-6d82-4ad4-9a4a-7e19b8fcc8dc"; { device = "/dev/disk/by-uuid/b9470789-6d82-4ad4-9a4a-7e19b8fcc8dc";
fsType = "ext4"; fsType = "ext4";
}; };
nix.maxJobs = lib.mkDefault 1;
# END HARDWARE # END HARDWARE
fileSystems."/var/lib/matrix-synapse/media" = {
device = "nathan@100.64.0.1:/home/nathan/synapse_media/media/";
fsType = "sshfs";
options = [
# Filesystem Options
"allow_other" # non-root access
"_netdev" # this is a network fs
"x-systemd.automount" # mount on demand
# SSH options
"reconnect" # handle connection drops
"ServerAliveInterval=15" # Keep connections alive
"IdentityFile=/var/lib/private/sshfs-key"
];
};
nix.gc.automatic = true; nix.gc.automatic = true;
imports = [ ]; imports = [ ];
@@ -463,11 +647,19 @@
python-olm pycryptodome unpaddedbase64 python-olm pycryptodome unpaddedbase64
]); ]);
}); });
#lemmy-server = super.lemmy-server.overrideAttrs (old: {
# patches = (old.patches or []) ++ [(super.fetchpatch {
# name = "fix-db-migrations.patch";
# url = "https://gist.githubusercontent.com/matejc/9be474fa581c1a29592877ede461f1f2/raw/83886917153fcba127b43d9a94a49b3d90e635b3/fix-db-migrations.patch";
# hash = "sha256-BvoA4K9v84n60lG96j1+91e8/ERn9WlVTGk4Z6Fj4iA=";
# })];
#});
}) ]; }) ];
# Use the GRUB 2 boot loader. # Use the GRUB 2 boot loader.
boot.loader.grub.enable = true; boot.loader.grub.enable = true;
boot.loader.grub.version = 2;
boot.loader.grub.device = "/dev/vda"; # or "nodev" for efi only boot.loader.grub.device = "/dev/vda"; # or "nodev" for efi only
swapDevices = [{ swapDevices = [{
@@ -484,8 +676,8 @@
networking.firewall = { networking.firewall = {
#allowedTCPPorts = [ 22 80 443 3478 3479 ]; #allowedTCPPorts = [ 22 80 443 3478 3479 ];
#allowedUDPPorts = [ 22 80 443 5349 5350 51820 ]; #allowedUDPPorts = [ 22 80 443 5349 5350 51820 ];
allowedTCPPorts = [ 22 80 443 ]; allowedTCPPorts = [ 22 80 443 30000 ]; #30000 is minetest
allowedUDPPorts = [ 22 80 443 51820 ]; allowedUDPPorts = [ 22 80 443 51820 30000 ];
#extraCommands = '' #extraCommands = ''
# iptables -A FORWARD -i %i -j ACCEPT; iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE # iptables -A FORWARD -i %i -j ACCEPT; iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
#''; #'';
@@ -525,17 +717,19 @@
#}; #};
services.openssh.enable = true; services.openssh.enable = true;
services.openssh.passwordAuthentication = false; services.openssh.settings = {
services.openssh.kbdInteractiveAuthentication = false; PasswordAuthentication = false;
services.openssh.permitRootLogin = "prohibit-password"; KbdInteractiveAuthentication = false;
PermitRootLogin = "prohibit-password";
services.mastodon = {
enable = true;
localDomain = "mastodon.room409.xyz";
configureNginx = true;
smtp.fromAddress = "notifications@mastodon.room409.xyz";
}; };
#services.mastodon = {
# enable = true;
# localDomain = "mastodon.room409.xyz";
# configureNginx = true;
# smtp.fromAddress = "notifications@mastodon.room409.xyz";
#};
services.mautrix-telegram = { services.mautrix-telegram = {
enable = true; enable = true;
settings = { settings = {
@@ -568,6 +762,7 @@
public_baseurl = "https://synapse.room409.xyz/"; public_baseurl = "https://synapse.room409.xyz/";
enable_registration = false; enable_registration = false;
#enable_registration_without_verification = true;
#registration_shared_secret = null; #registration_shared_secret = null;
database.name = "psycopg2"; database.name = "psycopg2";
url_preview_enabled = true; url_preview_enabled = true;
@@ -595,14 +790,28 @@
services.gitea = { services.gitea = {
enable = true; enable = true;
disableRegistration = true; settings.service.DISABLE_REGISTRATION = true;
appName = "Room409.xyz Forge"; appName = "Room409.xyz Forge";
domain = "forge.room409.xyz"; settings.server = {
rootUrl = "https://forge.room409.xyz/"; DOMAIN = "forge.room409.xyz";
httpPort = 3001; ROOT_URL = "https://forge.room409.xyz/";
HTTP_PORT = 3001;
};
}; };
#systemd.services.lemmy.environment.RUST_BACKTRACE = "full";
#systemd.services.lemmy.environment.LEMMY_DATABASE_URL = pkgs.lib.mkForce "postgres:///lemmy?host=/run/postgresql&user=lemmy";
#services.lemmy = {
# enable = true;
# database.createLocally = true;
# settings = {
# hostname = "lemmy.room409.xyz";
# };
# nginx.enable = true;
#};
services.postgresql = { services.postgresql = {
package = pkgs.postgresql_16;
enable = true; enable = true;
# postgresql user and db name in the service.matrix-synapse.databse_args setting is default # postgresql user and db name in the service.matrix-synapse.databse_args setting is default
initialScript = pkgs.writeText "synapse-init.sql" '' initialScript = pkgs.writeText "synapse-init.sql" ''
@@ -618,13 +827,24 @@
enable = true; enable = true;
address = "0.0.0.0"; address = "0.0.0.0";
port = 8789; port = 8789;
serverUrl = "https://headscale.room409.xyz"; settings.serverUrl = "https://headscale.room409.xyz";
dns.baseDomain = "wg.test"; settings.dns.base_domain = "wg.test";
settings.logtail.enabled = false; settings.logtail.enabled = false;
}; };
security.acme.email = "miloignis@gmail.com"; services.ttyd = {
security.acme.acceptTerms = true; enable = true;
port = 9134;
writeable = true;
username = "miloignis";
passwordFile = /var/lib/ttyd/secrets;
clientOptions.fontFamily="Recursive";
};
security.acme = {
acceptTerms = true;
defaults.email = "miloignis@gmail.com";
};
services.nginx = { services.nginx = {
enable = true; enable = true;
recommendedGzipSettings = true; recommendedGzipSettings = true;
@@ -641,6 +861,12 @@
}; };
}; };
## the rest is defined by the lemmy service
#virtualHosts."lemmy.room409.xyz" = {
# forceSSL = true;
# enableACME = true;
#};
virtualHosts."forge.room409.xyz" = { virtualHosts."forge.room409.xyz" = {
forceSSL = true; forceSSL = true;
enableACME = true; enableACME = true;
@@ -657,7 +883,7 @@
locations."/.well-known/matrix/client".extraConfig = '' locations."/.well-known/matrix/client".extraConfig = ''
add_header Content-Type application/json; add_header Content-Type application/json;
add_header Access-Control-Allow-Origin *; add_header Access-Control-Allow-Origin *;
return 200 '{ "m.homeserver": {"base_url": "https://synapse.room409.xyz"}, "m.identity_server": { "base_url": "https://vector.im"} }'; return 200 '{ "m.homeserver": {"base_url": "https://synapse.room409.xyz"}, "org.matrix.msc3575.proxy": { "url": "https://syncv3.room409.xyz" }, "m.identity_server": { "base_url": "https://vector.im"} }';
''; '';
locations."/".proxyPass = "http://localhost:8008"; locations."/".proxyPass = "http://localhost:8008";
locations."/".extraConfig = '' locations."/".extraConfig = ''
@@ -690,6 +916,25 @@
enableACME = true; enableACME = true;
root = "/var/www/faint.room409.xyz"; root = "/var/www/faint.room409.xyz";
}; };
virtualHosts."shell.room409.xyz" = {
forceSSL = true;
enableACME = true;
locations."/" = {
proxyPass = "http://localhost:9134";
proxyWebsockets = true;
};
};
virtualHosts."drop.room409.xyz" = {
forceSSL = true;
enableACME = true;
locations."/" = {
proxyPass = "http://localhost:9009";
proxyWebsockets = true;
extraConfig = ''
client_max_body_size 500M;
'';
};
};
#virtualHosts."www.kraken-lang.org" = { #virtualHosts."www.kraken-lang.org" = {
# forceSSL = true; # forceSSL = true;
# enableACME = true; # enableACME = true;
@@ -731,6 +976,53 @@
#locations."/bookclub/".proxyPass = "http://localhost:8888/room/!xSMgeFJYbuYTOGAGga:synapse.room409.xyz/"; #locations."/bookclub/".proxyPass = "http://localhost:8888/room/!xSMgeFJYbuYTOGAGga:synapse.room409.xyz/";
}; };
virtualHosts."lotusronin.room409.xyz" = {
forceSSL = true;
enableACME = true;
locations."/" = {
root = pkgs.writeTextDir "index.html" ''<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<title>LotusRonin's Website</title>
<style>
h1, h2 ,h3 { line-height:1.2; }
.bodyStuff {
max-width: 45em;
margin: 1em auto;
padding: 0 .62em;
font: 1.2em/1.62 sans-serif;
}
.floatLeft {
float: left;
max-width: 55em;
margin: 1em auto;
padding: 0 .62em;
font: 1.2em/1.62 sans-serif;
}
</style>
</head>
<body>
<div class="bodyStuff">
<header><h1>Main Page</h1></header>
<br> <br>
Take control of your tools, break from the system. Less is more.
</div>
<div class="floatLeft">
<ol>
<li><a href="">📜 Blog</a></li>
<li><a href="">👨💻 Code</a></li>
<li><a href="">🕹 Games</a></li>
<li><a href="">(.)(.) MLKRs.shop signup</a></li>
<li><a href="">📄 Resume/About Me</a></li>
</ol>
</div>
</body>
</html>
'';
};
};
virtualHosts."miloignis.room409.xyz" = { virtualHosts."miloignis.room409.xyz" = {
forceSSL = true; forceSSL = true;
enableACME = true; enableACME = true;
@@ -800,11 +1092,23 @@
}; };
}; };
virtualHosts."batou.room409.xyz" = {
forceSSL = true;
enableACME = true;
locations."/".proxyPass = "http://100.64.0.1:8090";
};
#virtualHosts."4800H.room409.xyz" = { #virtualHosts."4800H.room409.xyz" = {
# forceSSL = true; # forceSSL = true;
# enableACME = true; # enableACME = true;
# locations."/".proxyPass = "http://10.100.0.7:80"; # locations."/".proxyPass = "http://10.100.0.7:80";
#}; #};
virtualHosts."neel.room409.xyz" = {
forceSSL = true;
enableACME = true;
basicAuth = { neel = "el_psy_congroo"; };
locations."/".proxyPass = "http://100.64.0.1:8080";
};
}; };
services.journald.extraConfig = "SystemMaxUse=50M"; services.journald.extraConfig = "SystemMaxUse=50M";
@@ -815,6 +1119,38 @@
iftop ripgrep iftop ripgrep
config.services.headscale.package config.services.headscale.package
#wireguard #wireguard
droopy
sshfs
# (let
# # XXX specify the postgresql package you'd like to upgrade to.
# # Do not forget to list the extensions you need.
# newPostgres = pkgs.postgresql_16.withPackages (pp: [
# # pp.plv8
# ]);
#in pkgs.writeScriptBin "upgrade-pg-cluster" ''
# set -eux
# # XXX it's perhaps advisable to stop all services that depend on postgresql
# systemctl stop postgresql
# export NEWDATA="/var/lib/postgresql/${newPostgres.psqlSchema}"
# export NEWBIN="${newPostgres}/bin"
# export OLDDATA="${config.services.postgresql.dataDir}"
# export OLDBIN="${config.services.postgresql.package}/bin"
# install -d -m 0700 -o postgres -g postgres "$NEWDATA"
# cd "$NEWDATA"
# sudo -u postgres $NEWBIN/initdb -D "$NEWDATA"
# sudo -u postgres $NEWBIN/pg_upgrade \
# --old-datadir "$OLDDATA" --new-datadir "$NEWDATA" \
# --old-bindir $OLDBIN --new-bindir $NEWBIN \
# "$@"
#'')
]; ];
users.extraUsers.nathan = { users.extraUsers.nathan = {
name = "nathan"; name = "nathan";
sway_config
+7 -1
View File
@@ -17,11 +17,16 @@ exec configure-gtk
exec sleep 5; systemctl --user start kanshi.service exec sleep 5; systemctl --user start kanshi.service
#When everything's wayland, maybe #When everything's wayland, maybe
#output eDP-1 scale 2 output eDP-1 scale 1
#Output HDMI-A-1 'Goldstar Company Ltd LG TV SSCR2 0x00000101' #Output HDMI-A-1 'Goldstar Company Ltd LG TV SSCR2 0x00000101'
output HDMI-A-1 mode 1920x1080@60Hz output HDMI-A-1 mode 1920x1080@60Hz
#Output DP-4 'LG Electronics LG TV SSCR2 0x00000101'
output DP-3 mode 1280x720@60Hz
#output DP-4 mode 1280x720@60Hz
#output DP-4 mode 3840x2160@60Hz
# reload the configuration file # reload the configuration file
bindsym $mod+Shift+q reload bindsym $mod+Shift+q reload
# restart i3 inplace (preserves your layout/session, can be used to upgrade i3) # restart i3 inplace (preserves your layout/session, can be used to upgrade i3)
@@ -49,6 +54,7 @@ floating_modifier $mod
#bindsym $mod+Return exec st #bindsym $mod+Return exec st
#bindsym $mod+Return exec sakura #bindsym $mod+Return exec sakura
bindsym $mod+Return exec foot bindsym $mod+Return exec foot
bindsym $mod+Shift+Return exec ghostty
# kill focused window # kill focused window
bindsym $mod+Shift+c kill bindsym $mod+Shift+c kill
vps_activate_flake.sh
+1 -1
View File
@@ -1,3 +1,3 @@
#!/usr/bin/env sh #!/usr/bin/env sh
nixos-rebuild switch --fast --flake .#vps --target-host root@room409.xyz NIXPKGS_ALLOW_INSECURE=1 nixos-rebuild switch --fast --flake .#vps --target-host root@room409.xyz --impure