miloignis/nix_config
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: miloignis/nix_config:panam
Branches Tags
miloignis/nix_config:main miloignis/nix_config:panam
...
compare: miloignis/nix_config:b65bc1696b4c881fd4b407ea726ac0b52293aa8b
Branches Tags
miloignis/nix_config:panam miloignis/nix_config:main

7 Commits
panam ... b65bc1696b

Author SHA1 Message Date
miloignis b65bc1696b Updates 2023-08-01 13:21:43 -04:00
miloignis 66cca6bc2f add ttyd to vps 2023-04-08 15:30:38 -04:00
miloignis 087a160601 Add font install & config for foot, using recursive for now 2023-03-28 21:34:55 -04:00
miloignis 7ba91ab1a4 Upgrade 2023-03-26 01:33:37 -04:00
miloignis fceb70c5e5 remove old wireguard config 2023-03-14 19:34:21 -04:00
miloignis c344e97678 updates, try glusterfs 2023-03-02 20:09:04 -05:00
miloignis 6fbb14e637 update 2023-02-28 00:08:43 -05:00
3 changed files with 101 additions and 65 deletions
Expand all files Collapse all files
condoserver_activate_flake.sh
+1 -1
View File
@@ -1,3 +1,3 @@
#!/usr/bin/env sh #!/usr/bin/env sh
nixos-rebuild switch --fast --flake .#condoserver --target-host root@192.168.86.21 --build-host root@192.168.86.21 nixos-rebuild switch --fast --flake .#condoserver --target-host root@condoserver.room409.wg.test --build-host root@condoserver.room409.wg.test
flake.lock
Generated
+8 -40
View File
@@ -4,15 +4,14 @@
"inputs": { "inputs": {
"nixpkgs": [ "nixpkgs": [
"nixpkgs" "nixpkgs"
], ]
"utils": "utils"
}, },
"locked": { "locked": {
"lastModified": 1676367705, "lastModified": 1690887397,
"narHash": "sha256-un5UbRat9TwruyImtwUGcKF823rCEp4fQxnsaLFL7CM=", "narHash": "sha256-ckasuN7MgAiDgLkUo1IdEq8FEKymcUWKzmY6/R9KOOo=",
"owner": "nix-community", "owner": "nix-community",
"repo": "home-manager", "repo": "home-manager",
"rev": "da72e6fc6b7dc0c3f94edbd310aae7cd95c678b5", "rev": "4542db605602898fe0c431e19f01e1af2865dae8",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -23,11 +22,11 @@
}, },
"nixpkgs": { "nixpkgs": {
"locked": { "locked": {
"lastModified": 1676569297, "lastModified": 1690881714,
"narHash": "sha256-2n4C4H3/U+3YbDrQB6xIw7AaLdFISCCFwOkcETAigqU=", "narHash": "sha256-h/nXluEqdiQHs1oSgkOOWF+j8gcJMWhwnZ9PFabN6q0=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "ac1f5b72a9e95873d1de0233fddcb56f99884b37", "rev": "9e1960bc196baf6881340d53dccb203a951745a2",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -39,38 +38,7 @@
"root": { "root": {
"inputs": { "inputs": {
"home-manager": "home-manager", "home-manager": "home-manager",
"nixpkgs": "nixpkgs", "nixpkgs": "nixpkgs"
"vps_nixpkgs": "vps_nixpkgs"
}
},
"utils": {
"locked": {
"lastModified": 1667395993,
"narHash": "sha256-nuEHfE/LcWyuSWnS8t12N1wc105Qtau+/OdUAjtQ0rA=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "5aed5285a952e0b949eb3ba02c12fa4fcfef535f",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"vps_nixpkgs": {
"locked": {
"lastModified": 1673410828,
"narHash": "sha256-xAggTjXt7iqOe4lNRtq+B31cjxchvJOr9zIJJ4JmfY8=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "9852294f15c380cd61fd441538982426f8ee8ccc",
"type": "github"
},
"original": {
"id": "nixpkgs",
"ref": "master",
"type": "indirect"
} }
} }
}, },
flake.nix
+92 -24
View File
@@ -3,14 +3,13 @@
inputs = { inputs = {
nixpkgs.url = "nixpkgs/nixos-unstable"; nixpkgs.url = "nixpkgs/nixos-unstable";
vps_nixpkgs.url = "nixpkgs/master";
home-manager = { home-manager = {
url = "github:nix-community/home-manager"; url = "github:nix-community/home-manager";
inputs.nixpkgs.follows = "nixpkgs"; inputs.nixpkgs.follows = "nixpkgs";
}; };
}; };
outputs = { self, nixpkgs, vps_nixpkgs, home-manager }@attrs: outputs = { self, nixpkgs, home-manager }@attrs:
let let
system = "x86_64-linux"; system = "x86_64-linux";
homeManagerSharedModule = { homeManagerSharedModule = {
@@ -26,7 +25,32 @@
# changes in each release. # changes in each release.
home.stateVersion = "22.11"; home.stateVersion = "22.11";
home.packages = with pkgs; [ ]; fonts.fontconfig.enable = true;
home.packages = with pkgs; [ fira-code jetbrains-mono iosevka monoid recursive ];
systemd.user.services.mpris-proxy = {
Unit.Description = "Mpris proxy";
Unit.After = [ "network.target" "sound.target" ];
Service.ExecStart = "${pkgs.bluez}/bin/mpris-proxy";
Install.WantedBy = [ "default.target" ];
};
programs.foot = {
enable = true;
settings = {
main = {
#font = "Fira Code:size=8";
#font = "JetBrainsMono:size=8";
#font = "Iosevka:size=8";
#font = "Monoid:size=6";
font = "Recursive:size=8";
#dpi-aware = "yes";
};
mouse = {
hide-when-typing = "yes";
};
};
};
programs.starship = { programs.starship = {
enable = true; enable = true;
enableBashIntegration = true; enableBashIntegration = true;
@@ -212,8 +236,10 @@
shell = "/run/current-system/sw/bin/bash"; shell = "/run/current-system/sw/bin/bash";
}; };
#fonts.fonts = with pkgs; [ fira-code jetbrains-mono iosevka ];
# testing # testing
services.jellyfin.enable = false; #services.jellyfin.enable = false;
services.pipewire = { services.pipewire = {
enable = true; enable = true;
alsa.enable = true; alsa.enable = true;
@@ -226,6 +252,8 @@
extraPortals = [pkgs.xdg-desktop-portal-gtk ]; extraPortals = [pkgs.xdg-desktop-portal-gtk ];
gtkUsePortal = true; gtkUsePortal = true;
}; };
hardware.bluetooth.enable = true;
services.blueman.enable = true; services.blueman.enable = true;
services.printing.enable = true; services.printing.enable = true;
@@ -256,11 +284,11 @@
hardware.opengl.driSupport32Bit = true; hardware.opengl.driSupport32Bit = true;
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
tmux vim wget curl git w3m iftop iotop killall file unzip zip ripgrep imv killall gomuks htop tmux vim wget curl git w3m iftop iotop killall file unzip zip ripgrep imv killall gomuks htop python3
firefox-wayland chromium gnome.nautilus firefox-wayland chromium gnome.nautilus
vlc steam calibre foliate transmission-gtk mupdf vlc steam calibre foliate transmission-gtk mupdf
gimp gimp
foot pavucontrol pywal pavucontrol pywal
sway wayland glib dracula-theme gnome.adwaita-icon-theme swaylock swayidle wl-clipboard sway wayland glib dracula-theme gnome.adwaita-icon-theme swaylock swayidle wl-clipboard
(pkgs.writeTextFile { (pkgs.writeTextFile {
name = "dbus-sway-environment"; name = "dbus-sway-environment";
@@ -321,7 +349,7 @@
modules = [ modules = [
home-manager.nixosModules.home-manager home-manager.nixosModules.home-manager
homeManagerSharedModule homeManagerSharedModule
({ config, lib, pkgs, modulesPath, ... }@innerArgs: (lib.recursiveUpdate (commonConfigFunc innerArgs [ pkgs.light ]) { ({ config, lib, pkgs, modulesPath, ... }@innerArgs: (lib.recursiveUpdate (commonConfigFunc innerArgs [ pkgs.light pkgs.gpodder ]) {
# HARDWARE # HARDWARE
imports = [ (modulesPath + "/installer/scan/not-detected.nix") ]; imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
@@ -348,22 +376,6 @@
networking.useDHCP = false; networking.useDHCP = false;
networking.interfaces.eno1.useDHCP = true; networking.interfaces.eno1.useDHCP = true;
networking.interfaces.wlp1s0.useDHCP = true; networking.interfaces.wlp1s0.useDHCP = true;
networking.wireguard.interfaces = {
wg0 = {
ips = [ "10.100.0.7/24" ];
privateKeyFile = "/home/nathan/wireguard-keys/private";
peers = [
{
publicKey = "WXx7XXJzerPJBPMTvZ454iQhx5Q5bFvBgF6NsPPX9nk=";
allowedIPs = [ "10.100.0.0/24" ];
#allowedIPs = [ "0.0.0.0/0" ];
## Then sudo ip route add 104.238.179.164 via 10.0.0.1 dev enp30s0
endpoint = "104.238.179.164:51820";
persistentKeepalive = 25;
}
];
};
};
system.stateVersion = "20.03"; system.stateVersion = "20.03";
})) }))
]; ];
@@ -423,13 +435,14 @@
# don't suspend on lid close # don't suspend on lid close
services.logind.lidSwitch = "ignore"; services.logind.lidSwitch = "ignore";
services.glusterfs.enable = true;
networking.hostName = "condoserver"; # Define your hostname. networking.hostName = "condoserver"; # Define your hostname.
system.stateVersion = "22.11"; # Did you read the comment? system.stateVersion = "22.11"; # Did you read the comment?
})) }))
]; ];
}; };
nixosConfigurations.vps = vps_nixpkgs.lib.nixosSystem { nixosConfigurations.vps = nixpkgs.lib.nixosSystem {
inherit system; inherit system;
specialArgs = attrs; specialArgs = attrs;
modules = [ modules = [
@@ -463,6 +476,15 @@
python-olm pycryptodome unpaddedbase64 python-olm pycryptodome unpaddedbase64
]); ]);
}); });
#lemmy-server = super.lemmy-server.overrideAttrs (old: {
# patches = (old.patches or []) ++ [(super.fetchpatch {
# name = "fix-db-migrations.patch";
# url = "https://gist.githubusercontent.com/matejc/9be474fa581c1a29592877ede461f1f2/raw/83886917153fcba127b43d9a94a49b3d90e635b3/fix-db-migrations.patch";
# hash = "sha256-BvoA4K9v84n60lG96j1+91e8/ERn9WlVTGk4Z6Fj4iA=";
# })];
#});
}) ]; }) ];
# Use the GRUB 2 boot loader. # Use the GRUB 2 boot loader.
@@ -568,6 +590,7 @@
public_baseurl = "https://synapse.room409.xyz/"; public_baseurl = "https://synapse.room409.xyz/";
enable_registration = false; enable_registration = false;
#enable_registration_without_verification = true;
#registration_shared_secret = null; #registration_shared_secret = null;
database.name = "psycopg2"; database.name = "psycopg2";
url_preview_enabled = true; url_preview_enabled = true;
@@ -602,6 +625,17 @@
httpPort = 3001; httpPort = 3001;
}; };
#systemd.services.lemmy.environment.RUST_BACKTRACE = "full";
#systemd.services.lemmy.environment.LEMMY_DATABASE_URL = pkgs.lib.mkForce "postgres:///lemmy?host=/run/postgresql&user=lemmy";
#services.lemmy = {
# enable = true;
# database.createLocally = true;
# settings = {
# hostname = "lemmy.room409.xyz";
# };
# nginx.enable = true;
#};
services.postgresql = { services.postgresql = {
enable = true; enable = true;
# postgresql user and db name in the service.matrix-synapse.databse_args setting is default # postgresql user and db name in the service.matrix-synapse.databse_args setting is default
@@ -623,6 +657,14 @@
settings.logtail.enabled = false; settings.logtail.enabled = false;
}; };
services.ttyd = {
enable = true;
port = 9134;
username = "miloignis";
passwordFile = /var/lib/ttyd/secrets;
clientOptions.fontFamily="Recursive";
};
security.acme.email = "miloignis@gmail.com"; security.acme.email = "miloignis@gmail.com";
security.acme.acceptTerms = true; security.acme.acceptTerms = true;
services.nginx = { services.nginx = {
@@ -641,6 +683,12 @@
}; };
}; };
## the rest is defined by the lemmy service
#virtualHosts."lemmy.room409.xyz" = {
# forceSSL = true;
# enableACME = true;
#};
virtualHosts."forge.room409.xyz" = { virtualHosts."forge.room409.xyz" = {
forceSSL = true; forceSSL = true;
enableACME = true; enableACME = true;
@@ -690,6 +738,25 @@
enableACME = true; enableACME = true;
root = "/var/www/faint.room409.xyz"; root = "/var/www/faint.room409.xyz";
}; };
virtualHosts."shell.room409.xyz" = {
forceSSL = true;
enableACME = true;
locations."/" = {
proxyPass = "http://localhost:9134";
proxyWebsockets = true;
};
};
virtualHosts."drop.room409.xyz" = {
forceSSL = true;
enableACME = true;
locations."/" = {
proxyPass = "http://localhost:9009";
proxyWebsockets = true;
extraConfig = ''
client_max_body_size 500M;
'';
};
};
#virtualHosts."www.kraken-lang.org" = { #virtualHosts."www.kraken-lang.org" = {
# forceSSL = true; # forceSSL = true;
# enableACME = true; # enableACME = true;
@@ -815,6 +882,7 @@
iftop ripgrep iftop ripgrep
config.services.headscale.package config.services.headscale.package
#wireguard #wireguard
droopy
]; ];
users.extraUsers.nathan = { users.extraUsers.nathan = {
name = "nathan"; name = "nathan";