diff --git a/backup/gnome.nix b/backup/gnome.nix deleted file mode 100644 index da15605..0000000 --- a/backup/gnome.nix +++ /dev/null @@ -1,65 +0,0 @@ -{ - config, - pkgs, - lib, - ... -}: { - programs.evolution.enable = true; - - services = { - xserver = { - enable = true; - excludePackages = [pkgs.xterm]; - displayManager = { - gdm = { - enable = true; - }; - }; - - desktopManager.gnome.enable = true; - xkb.layout = "us"; - - updateDbusEnvironment = true; - }; - - # Enable touchpad support. - libinput.enable = true; - }; - - environment.systemPackages = with pkgs; [ - # blackbox-terminal - gnome.gnome-power-manager - gnome.gnome-tweaks - gnomeExtensions.appindicator - gnomeExtensions.blur-my-shell - gnomeExtensions.vitals - gnomeExtensions.dash-to-dock - gnomeExtensions.caffeine - gnomeExtensions.user-themes - - pantheon.elementary-icon-theme - - # flat-remix-icon-theme - # flat-remix-gtk - # flat-remix-gnome - # juno-theme - - trayscale - ]; - - environment.gnome.excludePackages = - (with pkgs; [gnome-tour gedit]) - ++ (with pkgs.gnome; [ - cheese # webcam tool - gnome-music - epiphany # web browser - gnome-characters - totem # video player - iagno # go game - hitori # sudoku game - atomix # puzzle game - ]); - services.udev.packages = with pkgs; [gnome.gnome-settings-daemon]; - - # services.gpg-agent.pinentryFlavor = lib.mkDefault "gnome3"; -} diff --git a/backup/homeserver.nix b/backup/homeserver.nix deleted file mode 100644 index c1c6253..0000000 --- a/backup/homeserver.nix +++ /dev/null @@ -1,176 +0,0 @@ -{ - config, - pkgs, - ... -}: let - secrets = import ../configs/secrets.nix; -in { - imports = [ - - /etc/nixos/hardware-configuration.nix - ../configs/common.nix - ../configs/docker.nix - ../configs/virtualisation.nix - ../configs/user.nix - ]; - - # Use the systemd-boot EFI boot loader. - boot.loader.systemd-boot.enable = true; - boot.loader.efi.canTouchEfiVariables = true; - # Set your time zone. - time.timeZone = "Europe/Berlin"; - networking = { - hostName = "homeserver"; # Define your hostname. - useDHCP = false; - firewall.enable = false; - nat = { - enable = true; - internalInterfaces = ["br0"]; - externalInterface = "enp3s0"; - }; - - wireless = { - enable = true; - networks.Skynet_5G.psk = secrets.wifipassword; - interfaces = ["wlp1s0"]; - }; - - interfaces.enp3s0.useDHCP = true; - interfaces.wlp1s0.useDHCP = true; - }; - - environment.systemPackages = with pkgs; [ - snapraid - mergerfs - samba - openssl - smartmontools - ]; - - systemd = { - mounts = [ - { - requires = ["mnt-disk1.mount" "mnt-disk2.mount" "mnt-disk3.mount"]; - after = ["mnt-disk1.mount" "mnt-disk2.mount" "mnt-disk3.mount"]; - what = "/mnt/disk1:/mnt/disk2:/mnt/disk3"; - where = "/mnt/storage"; - type = "fuse.mergerfs"; - options = "defaults,allow_other,use_ino,fsname=mergerfs,minfreespace=50G,func.getattr=newest,noforget"; - wantedBy = ["multi-user.target"]; - } - ]; - - services.snapraid-sync = { - description = "Snapraid Sync and Diff"; - serviceConfig = { - Type = "oneshot"; - User = "alex"; - }; - path = [ - pkgs.bash - pkgs.snapraid - pkgs.curl - pkgs.smartmontools - pkgs.hdparm - pkgs.exfatprogs - pkgs.exfat - ]; - - script = '' - /home/alex/snapraid-sync - ''; - }; - - timers.snapraid-sync = { - wantedBy = ["timers.target"]; - timerConfig = {OnCalendar = "Mon-Sun, 23:00";}; - }; - }; - - powerManagement = { - enable = true; - powertop.enable = true; - cpuFreqGovernor = "powersave"; - - powerUpCommands = '' - ${pkgs.hdparm}/sbin/hdparm -S 241 /dev/disk/by-uuid/0301db98-264f-4b18-9423-15691063f73d - ${pkgs.hdparm}/sbin/hdparm -S 241 /dev/disk/by-uuid/3c4b5d00-43c0-48be-81b8-c2b3977e015b - ${pkgs.hdparm}/sbin/hdparm -S 241 /dev/disk/by-uuid/3e1731d7-f17e-4f6d-9197-84e0492bf4ee - ${pkgs.hdparm}/sbin/hdparm -S 241 /dev/disk/by-uuid/6cce037c-d2d4-4940-bb69-6d2b84fd41aa - ${pkgs.hdparm}/sbin/hdparm -y /dev/disk/by-uuid/0301db98-264f-4b18-9423-15691063f73d - ${pkgs.hdparm}/sbin/hdparm -y /dev/disk/by-uuid/3c4b5d00-43c0-48be-81b8-c2b3977e015b - ${pkgs.hdparm}/sbin/hdparm -y /dev/disk/by-uuid/3e1731d7-f17e-4f6d-9197-84e0492bf4ee - ${pkgs.hdparm}/sbin/hdparm -y /dev/disk/by-uuid/6cce037c-d2d4-4940-bb69-6d2b84fd41aa - ''; - }; - - # nixpkgs.config.packageOverrides = pkgs: { - # vaapiIntel = pkgs.vaapiIntel.override { enableHybridCodec = true; }; - # }; - - # hardware.opengl = { - # enable = true; - # # extraPackages = with pkgs; [ - # # #intel-media-driver # LIBVA_DRIVER_NAME=iHD - # # vaapiIntel # LIBVA_DRIVER_NAME=i965 (older but works better for Firefox/Chromium) - # # vaapiVdpau - # # libvdpau-va-gl - # # ]; - # }; - - services = { - jellyfin = { - enable = true; - user = "alex"; - group = "users"; - }; - - samba = { - enable = true; - securityType = "user"; - extraConfig = '' - workgroup = WORKGROUP - server string = server - netbios name = server - security = user - guest account = nobody - map to guest = bad user - logging = systemd - max log size = 50 - ''; - shares = { - storage = { - path = "/mnt/storage"; - browseable = "yes"; - "read only" = "no"; - "guest ok" = "no"; - "create mask" = "0644"; - "directory mask" = "0755"; - }; - }; - }; - }; - - security.sudo.extraRules = [ - { - users = ["alex"]; - commands = [ - { - command = "${pkgs.hdparm}/bin/hdparm"; - options = ["SETENV" "NOPASSWD"]; - } - ]; - } - { - users = ["alex"]; - commands = [ - { - command = "${pkgs.snapraid}/bin/snapraid"; - options = ["SETENV" "NOPASSWD"]; - } - ]; - } - ]; - - system.stateVersion = "23.11"; -} diff --git a/backup/pantheon.nix b/backup/pantheon.nix deleted file mode 100644 index 1f5e0fe..0000000 --- a/backup/pantheon.nix +++ /dev/null @@ -1,75 +0,0 @@ -{ - config, - pkgs, - lib, - ... -}: { - programs = { - # pantheon-tweaks.enable = true; - evolution.enable = true; - }; - - services = { - xserver = { - enable = true; - excludePackages = [pkgs.xterm]; - displayManager = { - lightdm = { - enable = true; - greeters.pantheon.enable = true; - }; - }; - - desktopManager.pantheon = { - enable = true; - extraWingpanelIndicators = with pkgs; [ - monitor - wingpanel-indicator-ayatana - ]; - }; - - xkb.layout = "us"; - - updateDbusEnvironment = true; - }; - - # Enable touchpad support. - libinput.enable = true; - }; - - systemd.user.services = { - # monitor = { - # description = "indicator-monitor"; - # wantedBy = [ "graphical-session.target" ]; - # partOf = [ "graphical-session.target" ]; - # serviceConfig = { - # ExecStart = "${pkgs.monitor}/bin/com.github.stsdc.monitor"; - # }; - # }; - - indicatorapp = { - description = "indicator-application-gtk3"; - wantedBy = ["graphical-session.target"]; - partOf = ["graphical-session.target"]; - serviceConfig = { - ExecStart = "${pkgs.indicator-application-gtk3}/libexec/indicator-application/indicator-application-service"; - }; - }; - }; - - # App indicator - environment.pathsToLink = ["/libexec"]; - environment.systemPackages = with pkgs; [ - gnome-online-accounts - gnome-control-center - gnome-system-monitor - indicator-application-gtk3 - monitor - pantheon-tweaks - eog - ]; - - environment.pantheon.excludePackages = with pkgs.pantheon; [ - elementary-code - ]; -} diff --git a/backup/raspberrypi.nix b/backup/raspberrypi.nix deleted file mode 100644 index f886f5d..0000000 --- a/backup/raspberrypi.nix +++ /dev/null @@ -1,50 +0,0 @@ -{ - config, - pkgs, - lib, - ... -}: let - secrets = import ../configs/secrets.nix; -in { - imports = [ - "${ - fetchTarball - "https://github.com/NixOS/nixos-hardware/archive/936e4649098d6a5e0762058cb7687be1b2d90550.tar.gz" - }/raspberry-pi/4" - ../configs/docker.nix - ../configs/common.nix - ../configs/user.nix - ]; - - fileSystems = { - "/" = { - device = "/dev/disk/by-label/NIXOS_SD"; - fsType = "ext4"; - options = ["noatime"]; - }; - }; - - time.timeZone = "Europe/Berlin"; - networking = { - hostName = "raspberrypi"; - wireless = { - enable = true; - networks.Skynet.psk = secrets.wifipassword; - interfaces = ["wlan0"]; - }; - }; - - environment.systemPackages = with pkgs; [vim nano git rsync]; - - # Enable GPU acceleration - # hardware.raspberry-pi."4".fkms-3d.enable = true; - - # services.xserver = { - # enable = true; - # displayManager.lightdm.enable = true; - # desktopManager.xfce.enable = true; - # }; - - # hardware.pulseaudio.enable = true; - system.stateVersion = "22.05"; -} diff --git a/backup/thinkpad.nix b/backup/thinkpad.nix deleted file mode 100644 index 0dbdb1a..0000000 --- a/backup/thinkpad.nix +++ /dev/null @@ -1,180 +0,0 @@ -{ - config, - pkgs, - lib, - ... -}: let - secrets = import ../configs/secrets.nix; - be = import ../configs/borg-exclude.nix; -in { - imports = [ - - /etc/nixos/hardware-configuration.nix - ../configs/common.nix - ../configs/docker.nix - ../configs/virtualisation.nix - ../configs/plasma.nix - ../configs/user-gui.nix - ../configs/user.nix - ]; - - boot = { - # initrd = { - # preLVMCommands = lib.mkBefore 400 "sleep 1"; - # availableKernelModules = [ "e1000e" ]; - # systemd.enable = true; - # luks.forceLuksSupportInInitrd = true; - # network = { - # enable = true; - # ssh = { - # enable = true; - # port = 22; - # authorizedKeys = [ - # "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDPSzeNjfkz7/B/18TcJxxmNFUhvTKoieBcexdzebWH7oncvyBXNRJp8vAqSIVFLzz5UUFQNFuilggs8/N48U84acmFOxlbUmxlkf8KZgeB/G6uQ8ncQh6M1HNNPH+9apTURgfctr7eEZe9seLIEBISQLXB2Sf3F1ogfDj25S8kH9RM4wM1/jDFK5IecWHScKxwQPmCoXeGE1LEJq6nkQLXMDsWhSihtWouaTxSR0p7/wp/Rqt/hzLEWj8e3+qLMc5JrrdaWksupUCysme7CnSfGSzNUv9RKiRCTFofYPT9tbRn5JzdpQ55v22S6OvmmXUHjST1MOzI8MpVPZCCqd/ZQ1E+gErFiMwjG4sn/xxdPK9/jbQaXMjLklbKtR+C5090Ew2u2kj78jqGk/8COhF1MXh/9qjcG+C51uD1AS9d410kfjPwkaUt4U2KktDMQ942nWywrvIWM0Gt2kgDLYotsy/70q/aTJ8bvaCoWoDOGmpWcyNNBalz4OYYGI2Z0WHrVTs0FpzSk/XeQz0OLkmueoh5GDGd8zrfO6Nf5LWI17aWGRePTpQP5mJIg6jC3j8/QVrthEP6QyIIkZsnfsmvSiMWVfXqEy1BxVlu3T6aLffaj679KCsxY+mx5mTH2hwd4ZdbSI4F0GCIt+WGaFhHs2V3ZQitoEZuraRPEc4HGw== alexander@szczepan.ski" - # "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOYEaT0gH9yJM2Al0B+VGXdZB/b2qjZK7n01Weq0TcmQ alex@framework" - # ]; - # hostKeys = [ "/etc/secrets/initrd/ssh_host_ed25519_key" ]; - # }; - # postCommands = let - # # I use a LUKS 2 label. Replace this with your disk device's path. - # disk = "/dev/disk/by-label/nixos"; - # in '' - # echo 'cryptsetup open ${disk} root --type luks && echo > /tmp/continue' >> /root/.profile - # echo 'starting sshd...' - # ''; - # }; - # postDeviceCommands = '' - # echo 'waiting for root device to be opened...' - # mkfifo /tmp/continue - # cat /tmp/continue - # ''; - # }; - loader = { - systemd-boot = { - enable = true; - configurationLimit = 10; - editor = false; - }; - efi = { - canTouchEfiVariables = false; - }; - }; - plymouth.enable = true; - }; - - # boot.initrd.luks.devices."nixos".preLVM = true; - - time.timeZone = "Europe/Berlin"; - - # The global useDHCP flag is deprecated, therefore explicitly set to false here. - # Per-interface useDHCP will be mandatory in the future, so this generated config - # replicates the default behaviour. - - networking = { - hostName = "thinkpad"; - useDHCP = false; - firewall = {enable = false;}; - interfaces.enp0s31f6.useDHCP = true; - wireguard.interfaces = { - wg0 = { - ips = ["10.100.0.8/24"]; - privateKey = secrets.wireguard-thinkpad-private; - - peers = [ - { - publicKey = secrets.wireguard-vps-public; - presharedKey = secrets.wireguard-preshared; - allowedIPs = ["10.100.0.0/24"]; - endpoint = "207.180.220.97:51820"; - persistentKeepalive = 25; - } - ]; - }; - }; - }; - - # Select internationalisation properties. - # i18n.defaultLocale = "en_US.UTF-8"; - console = { - font = "latarcyrheb-sun32"; - keyMap = "us"; - }; - - # Enable sound. - - # hardware.pulseaudio = { - # enable = true; - # support32Bit = true; - # daemon = { - # config = { - # avoid-resampling = "yes"; - # }; - # }; - # configFile = pkgs.runCommand "default.pa" { } '' - # sed 's/module-udev-detect$/module-udev-detect tsched=0/' \ - # ${pkgs.pulseaudio}/etc/pulse/default.pa > $out - # ''; - # }; - - sound.enable = true; - hardware.pulseaudio.enable = false; - security.rtkit.enable = true; - services.pipewire = { - enable = true; - alsa.enable = true; - alsa.support32Bit = true; - pulse.enable = true; - # If you want to use JACK applications, uncomment this - #jack.enable = true; - - # use the example session manager (no others are packaged yet so this is enabled by default, - # no need to redefine it in your config for now) - #media-session.enable = true; - }; - - services = { - thinkfan = { - enable = true; - levels = [ - [0 0 67] - [1 65 75] - [2 73 80] - [3 78 85] - [4 83 90] - [6 88 95] - [7 93 32767] - ]; - }; - # xserver = { - # enable = true; - # displayManager.sddm.enable = true; - # desktopManager.plasma5.enable = true; - # }; - # xrdp = { - # enable = true; - # defaultWindowManager = "startplasma-x11"; - # }; - power-profiles-daemon.enable = false; - auto-cpufreq.enable = true; - tlp.enable = false; - # tlp = { - # enable = true; - # settings = { - # START_CHARGE_THRESH_BAT0 = 80; - # STOP_CHARGE_THRESH_BAT0 = 90; - # }; - # }; - }; - - systemd.extraConfig = '' - DefaultTimeoutStopSec=10s - ''; - - environment.systemPackages = with pkgs; [ - intel-gpu-tools - ]; - - powerManagement.powertop.enable = true; - - system.stateVersion = "23.11"; -} diff --git a/configs/home-manager/default.nix b/configs/home-manager/default.nix new file mode 100644 index 0000000..e69de29 diff --git a/services/adguardhome.nix b/configs/services/adguardhome.nix similarity index 100% rename from services/adguardhome.nix rename to configs/services/adguardhome.nix diff --git a/services/atuin.nix b/configs/services/atuin.nix similarity index 100% rename from services/atuin.nix rename to configs/services/atuin.nix diff --git a/services/firefox-syncserver.nix b/configs/services/firefox-syncserver.nix similarity index 100% rename from services/firefox-syncserver.nix rename to configs/services/firefox-syncserver.nix diff --git a/services/frigate.nix b/configs/services/frigate.nix similarity index 100% rename from services/frigate.nix rename to configs/services/frigate.nix diff --git a/services/gitea.nix b/configs/services/gitea.nix similarity index 100% rename from services/gitea.nix rename to configs/services/gitea.nix diff --git a/services/goaccess.nix b/configs/services/goaccess.nix similarity index 100% rename from services/goaccess.nix rename to configs/services/goaccess.nix diff --git a/services/headscale.nix b/configs/services/headscale.nix similarity index 100% rename from services/headscale.nix rename to configs/services/headscale.nix diff --git a/services/immich.nix b/configs/services/immich.nix similarity index 100% rename from services/immich.nix rename to configs/services/immich.nix diff --git a/services/nextcloud.nix b/configs/services/nextcloud.nix similarity index 100% rename from services/nextcloud.nix rename to configs/services/nextcloud.nix diff --git a/services/rustdesk-server.nix b/configs/services/rustdesk-server.nix similarity index 100% rename from services/rustdesk-server.nix rename to configs/services/rustdesk-server.nix diff --git a/services/uptime-kuma.nix b/configs/services/uptime-kuma.nix similarity index 100% rename from services/uptime-kuma.nix rename to configs/services/uptime-kuma.nix diff --git a/flake.nix b/flake.nix index 3aa5afe..4268789 100644 --- a/flake.nix +++ b/flake.nix @@ -57,7 +57,6 @@ "i686-linux" "x86_64-linux" "aarch64-darwin" - "x86_64-darwin" ]; # This is a function that generates an attribute by calling a function you diff --git a/machine/vps-arm/configuration.nix b/machine/vps-arm/configuration.nix index 20534f5..c88b12a 100644 --- a/machine/vps-arm/configuration.nix +++ b/machine/vps-arm/configuration.nix @@ -12,16 +12,16 @@ ../../configs/docker.nix ../../configs/user.nix - ../../services/adguardhome.nix - ../../services/atuin.nix - ../../services/firefox-syncserver.nix - ../../services/frigate.nix - ../../services/gitea.nix - ../../services/goaccess.nix - ../../services/headscale.nix - ../../services/immich.nix - ../../services/nextcloud.nix - ../../services/uptime-kuma.nix + ../../configs/services/adguardhome.nix + ../../configs/services/atuin.nix + ../../configs/services/firefox-syncserver.nix + ../../configs/services/frigate.nix + ../../configs/services/gitea.nix + ../../configs/services/goaccess.nix + ../../configs/services/headscale.nix + ../../configs/services/immich.nix + ../../configs/services/nextcloud.nix + ../../configs/services/uptime-kuma.nix ]; sops = {