BeiNacht/nixos-config
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

MacBook.local-2024-12-09-06-28-39

Browse Source
This commit is contained in:
Alexander Szczepanski
2024-12-09 06:28:39 +01:00
parent 324c1545fd
commit 5b6bdd88b7
19 changed files with 10 additions and 557 deletions
Download Patch File Download Diff File Expand all files Collapse all files

65
backup/gnome.nix
View File

@ -1,65 +0,0 @@
{
config,
pkgs,
lib,
...
}: {
programs.evolution.enable = true;
services = {
xserver = {
enable = true;
excludePackages = [pkgs.xterm];
displayManager = {
gdm = {
enable = true;
};
};
desktopManager.gnome.enable = true;
xkb.layout = "us";
updateDbusEnvironment = true;
};
# Enable touchpad support.
libinput.enable = true;
};
environment.systemPackages = with pkgs; [
# blackbox-terminal
gnome.gnome-power-manager
gnome.gnome-tweaks
gnomeExtensions.appindicator
gnomeExtensions.blur-my-shell
gnomeExtensions.vitals
gnomeExtensions.dash-to-dock
gnomeExtensions.caffeine
gnomeExtensions.user-themes
pantheon.elementary-icon-theme
# flat-remix-icon-theme
# flat-remix-gtk
# flat-remix-gnome
# juno-theme
trayscale
];
environment.gnome.excludePackages =
(with pkgs; [gnome-tour gedit])
++ (with pkgs.gnome; [
cheese # webcam tool
gnome-music
epiphany # web browser
gnome-characters
totem # video player
iagno # go game
hitori # sudoku game
atomix # puzzle game
]);
services.udev.packages = with pkgs; [gnome.gnome-settings-daemon];
# services.gpg-agent.pinentryFlavor = lib.mkDefault "gnome3";
}

176
backup/homeserver.nix
View File

@ -1,176 +0,0 @@
{
config,
pkgs,
...
}: let
secrets = import ../configs/secrets.nix;
in {
imports = [
<nixos-hardware/common/cpu/intel>
/etc/nixos/hardware-configuration.nix
../configs/common.nix
../configs/docker.nix
../configs/virtualisation.nix
../configs/user.nix
];
# Use the systemd-boot EFI boot loader.
boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true;
# Set your time zone.
time.timeZone = "Europe/Berlin";
networking = {
hostName = "homeserver"; # Define your hostname.
useDHCP = false;
firewall.enable = false;
nat = {
enable = true;
internalInterfaces = ["br0"];
externalInterface = "enp3s0";
};
wireless = {
enable = true;
networks.Skynet_5G.psk = secrets.wifipassword;
interfaces = ["wlp1s0"];
};
interfaces.enp3s0.useDHCP = true;
interfaces.wlp1s0.useDHCP = true;
};
environment.systemPackages = with pkgs; [
snapraid
mergerfs
samba
openssl
smartmontools
];
systemd = {
mounts = [
{
requires = ["mnt-disk1.mount" "mnt-disk2.mount" "mnt-disk3.mount"];
after = ["mnt-disk1.mount" "mnt-disk2.mount" "mnt-disk3.mount"];
what = "/mnt/disk1:/mnt/disk2:/mnt/disk3";
where = "/mnt/storage";
type = "fuse.mergerfs";
options = "defaults,allow_other,use_ino,fsname=mergerfs,minfreespace=50G,func.getattr=newest,noforget";
wantedBy = ["multi-user.target"];
}
];
services.snapraid-sync = {
description = "Snapraid Sync and Diff";
serviceConfig = {
Type = "oneshot";
User = "alex";
};
path = [
pkgs.bash
pkgs.snapraid
pkgs.curl
pkgs.smartmontools
pkgs.hdparm
pkgs.exfatprogs
pkgs.exfat
];
script = ''
/home/alex/snapraid-sync
'';
};
timers.snapraid-sync = {
wantedBy = ["timers.target"];
timerConfig = {OnCalendar = "Mon-Sun, 23:00";};
};
};
powerManagement = {
enable = true;
powertop.enable = true;
cpuFreqGovernor = "powersave";
powerUpCommands = ''
${pkgs.hdparm}/sbin/hdparm -S 241 /dev/disk/by-uuid/0301db98-264f-4b18-9423-15691063f73d
${pkgs.hdparm}/sbin/hdparm -S 241 /dev/disk/by-uuid/3c4b5d00-43c0-48be-81b8-c2b3977e015b
${pkgs.hdparm}/sbin/hdparm -S 241 /dev/disk/by-uuid/3e1731d7-f17e-4f6d-9197-84e0492bf4ee
${pkgs.hdparm}/sbin/hdparm -S 241 /dev/disk/by-uuid/6cce037c-d2d4-4940-bb69-6d2b84fd41aa
${pkgs.hdparm}/sbin/hdparm -y /dev/disk/by-uuid/0301db98-264f-4b18-9423-15691063f73d
${pkgs.hdparm}/sbin/hdparm -y /dev/disk/by-uuid/3c4b5d00-43c0-48be-81b8-c2b3977e015b
${pkgs.hdparm}/sbin/hdparm -y /dev/disk/by-uuid/3e1731d7-f17e-4f6d-9197-84e0492bf4ee
${pkgs.hdparm}/sbin/hdparm -y /dev/disk/by-uuid/6cce037c-d2d4-4940-bb69-6d2b84fd41aa
'';
};
# nixpkgs.config.packageOverrides = pkgs: {
# vaapiIntel = pkgs.vaapiIntel.override { enableHybridCodec = true; };
# };
# hardware.opengl = {
# enable = true;
# # extraPackages = with pkgs; [
# # #intel-media-driver # LIBVA_DRIVER_NAME=iHD
# # vaapiIntel # LIBVA_DRIVER_NAME=i965 (older but works better for Firefox/Chromium)
# # vaapiVdpau
# # libvdpau-va-gl
# # ];
# };
services = {
jellyfin = {
enable = true;
user = "alex";
group = "users";
};
samba = {
enable = true;
securityType = "user";
extraConfig = ''
workgroup = WORKGROUP
server string = server
netbios name = server
security = user
guest account = nobody
map to guest = bad user
logging = systemd
max log size = 50
'';
shares = {
storage = {
path = "/mnt/storage";
browseable = "yes";
"read only" = "no";
"guest ok" = "no";
"create mask" = "0644";
"directory mask" = "0755";
};
};
};
};
security.sudo.extraRules = [
{
users = ["alex"];
commands = [
{
command = "${pkgs.hdparm}/bin/hdparm";
options = ["SETENV" "NOPASSWD"];
}
];
}
{
users = ["alex"];
commands = [
{
command = "${pkgs.snapraid}/bin/snapraid";
options = ["SETENV" "NOPASSWD"];
}
];
}
];
system.stateVersion = "23.11";
}

75
backup/pantheon.nix
View File

@ -1,75 +0,0 @@
{
config,
pkgs,
lib,
...
}: {
programs = {
# pantheon-tweaks.enable = true;
evolution.enable = true;
};
services = {
xserver = {
enable = true;
excludePackages = [pkgs.xterm];
displayManager = {
lightdm = {
enable = true;
greeters.pantheon.enable = true;
};
};
desktopManager.pantheon = {
enable = true;
extraWingpanelIndicators = with pkgs; [
monitor
wingpanel-indicator-ayatana
];
};
xkb.layout = "us";
updateDbusEnvironment = true;
};
# Enable touchpad support.
libinput.enable = true;
};
systemd.user.services = {
# monitor = {
# description = "indicator-monitor";
# wantedBy = [ "graphical-session.target" ];
# partOf = [ "graphical-session.target" ];
# serviceConfig = {
# ExecStart = "${pkgs.monitor}/bin/com.github.stsdc.monitor";
# };
# };
indicatorapp = {
description = "indicator-application-gtk3";
wantedBy = ["graphical-session.target"];
partOf = ["graphical-session.target"];
serviceConfig = {
ExecStart = "${pkgs.indicator-application-gtk3}/libexec/indicator-application/indicator-application-service";
};
};
};
# App indicator
environment.pathsToLink = ["/libexec"];
environment.systemPackages = with pkgs; [
gnome-online-accounts
gnome-control-center
gnome-system-monitor
indicator-application-gtk3
monitor
pantheon-tweaks
eog
];
environment.pantheon.excludePackages = with pkgs.pantheon; [
elementary-code
];
}

50
backup/raspberrypi.nix
View File

@ -1,50 +0,0 @@
{
config,
pkgs,
lib,
...
}: let
secrets = import ../configs/secrets.nix;
in {
imports = [
"${
fetchTarball
"https://github.com/NixOS/nixos-hardware/archive/936e4649098d6a5e0762058cb7687be1b2d90550.tar.gz"
}/raspberry-pi/4"
../configs/docker.nix
../configs/common.nix
../configs/user.nix
];
fileSystems = {
"/" = {
device = "/dev/disk/by-label/NIXOS_SD";
fsType = "ext4";
options = ["noatime"];
};
};
time.timeZone = "Europe/Berlin";
networking = {
hostName = "raspberrypi";
wireless = {
enable = true;
networks.Skynet.psk = secrets.wifipassword;
interfaces = ["wlan0"];
};
};
environment.systemPackages = with pkgs; [vim nano git rsync];
# Enable GPU acceleration
# hardware.raspberry-pi."4".fkms-3d.enable = true;
# services.xserver = {
# enable = true;
# displayManager.lightdm.enable = true;
# desktopManager.xfce.enable = true;
# };
# hardware.pulseaudio.enable = true;
system.stateVersion = "22.05";
}

180
backup/thinkpad.nix
View File

@ -1,180 +0,0 @@
{
config,
pkgs,
lib,
...
}: let
secrets = import ../configs/secrets.nix;
be = import ../configs/borg-exclude.nix;
in {
imports = [
<nixos-hardware/lenovo/thinkpad/x1-extreme>
/etc/nixos/hardware-configuration.nix
../configs/common.nix
../configs/docker.nix
../configs/virtualisation.nix
../configs/plasma.nix
../configs/user-gui.nix
../configs/user.nix
];
boot = {
# initrd = {
# preLVMCommands = lib.mkBefore 400 "sleep 1";
# availableKernelModules = [ "e1000e" ];
# systemd.enable = true;
# luks.forceLuksSupportInInitrd = true;
# network = {
# enable = true;
# ssh = {
# enable = true;
# port = 22;
# authorizedKeys = [
# "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDPSzeNjfkz7/B/18TcJxxmNFUhvTKoieBcexdzebWH7oncvyBXNRJp8vAqSIVFLzz5UUFQNFuilggs8/N48U84acmFOxlbUmxlkf8KZgeB/G6uQ8ncQh6M1HNNPH+9apTURgfctr7eEZe9seLIEBISQLXB2Sf3F1ogfDj25S8kH9RM4wM1/jDFK5IecWHScKxwQPmCoXeGE1LEJq6nkQLXMDsWhSihtWouaTxSR0p7/wp/Rqt/hzLEWj8e3+qLMc5JrrdaWksupUCysme7CnSfGSzNUv9RKiRCTFofYPT9tbRn5JzdpQ55v22S6OvmmXUHjST1MOzI8MpVPZCCqd/ZQ1E+gErFiMwjG4sn/xxdPK9/jbQaXMjLklbKtR+C5090Ew2u2kj78jqGk/8COhF1MXh/9qjcG+C51uD1AS9d410kfjPwkaUt4U2KktDMQ942nWywrvIWM0Gt2kgDLYotsy/70q/aTJ8bvaCoWoDOGmpWcyNNBalz4OYYGI2Z0WHrVTs0FpzSk/XeQz0OLkmueoh5GDGd8zrfO6Nf5LWI17aWGRePTpQP5mJIg6jC3j8/QVrthEP6QyIIkZsnfsmvSiMWVfXqEy1BxVlu3T6aLffaj679KCsxY+mx5mTH2hwd4ZdbSI4F0GCIt+WGaFhHs2V3ZQitoEZuraRPEc4HGw== alexander@szczepan.ski"
# "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOYEaT0gH9yJM2Al0B+VGXdZB/b2qjZK7n01Weq0TcmQ alex@framework"
# ];
# hostKeys = [ "/etc/secrets/initrd/ssh_host_ed25519_key" ];
# };
# postCommands = let
# # I use a LUKS 2 label. Replace this with your disk device's path.
# disk = "/dev/disk/by-label/nixos";
# in ''
# echo 'cryptsetup open ${disk} root --type luks && echo > /tmp/continue' >> /root/.profile
# echo 'starting sshd...'
# '';
# };
# postDeviceCommands = ''
# echo 'waiting for root device to be opened...'
# mkfifo /tmp/continue
# cat /tmp/continue
# '';
# };
loader = {
systemd-boot = {
enable = true;
configurationLimit = 10;
editor = false;
};
efi = {
canTouchEfiVariables = false;
};
};
plymouth.enable = true;
};
# boot.initrd.luks.devices."nixos".preLVM = true;
time.timeZone = "Europe/Berlin";
# The global useDHCP flag is deprecated, therefore explicitly set to false here.
# Per-interface useDHCP will be mandatory in the future, so this generated config
# replicates the default behaviour.
networking = {
hostName = "thinkpad";
useDHCP = false;
firewall = {enable = false;};
interfaces.enp0s31f6.useDHCP = true;
wireguard.interfaces = {
wg0 = {
ips = ["10.100.0.8/24"];
privateKey = secrets.wireguard-thinkpad-private;
peers = [
{
publicKey = secrets.wireguard-vps-public;
presharedKey = secrets.wireguard-preshared;
allowedIPs = ["10.100.0.0/24"];
endpoint = "207.180.220.97:51820";
persistentKeepalive = 25;
}
];
};
};
};
# Select internationalisation properties.
# i18n.defaultLocale = "en_US.UTF-8";
console = {
font = "latarcyrheb-sun32";
keyMap = "us";
};
# Enable sound.
# hardware.pulseaudio = {
# enable = true;
# support32Bit = true;
# daemon = {
# config = {
# avoid-resampling = "yes";
# };
# };
# configFile = pkgs.runCommand "default.pa" { } ''
# sed 's/module-udev-detect$/module-udev-detect tsched=0/' \
# ${pkgs.pulseaudio}/etc/pulse/default.pa > $out
# '';
# };
sound.enable = true;
hardware.pulseaudio.enable = false;
security.rtkit.enable = true;
services.pipewire = {
enable = true;
alsa.enable = true;
alsa.support32Bit = true;
pulse.enable = true;
# If you want to use JACK applications, uncomment this
#jack.enable = true;
# use the example session manager (no others are packaged yet so this is enabled by default,
# no need to redefine it in your config for now)
#media-session.enable = true;
};
services = {
thinkfan = {
enable = true;
levels = [
[0 0 67]
[1 65 75]
[2 73 80]
[3 78 85]
[4 83 90]
[6 88 95]
[7 93 32767]
];
};
# xserver = {
# enable = true;
# displayManager.sddm.enable = true;
# desktopManager.plasma5.enable = true;
# };
# xrdp = {
# enable = true;
# defaultWindowManager = "startplasma-x11";
# };
power-profiles-daemon.enable = false;
auto-cpufreq.enable = true;
tlp.enable = false;
# tlp = {
# enable = true;
# settings = {
# START_CHARGE_THRESH_BAT0 = 80;
# STOP_CHARGE_THRESH_BAT0 = 90;
# };
# };
};
systemd.extraConfig = ''
DefaultTimeoutStopSec=10s
'';
environment.systemPackages = with pkgs; [
intel-gpu-tools
];
powerManagement.powertop.enable = true;
system.stateVersion = "23.11";
}

0
configs/home-manager/default.nix Normal file
View File

0
services/adguardhome.nix → configs/services/adguardhome.nix
View File

0
services/atuin.nix → configs/services/atuin.nix
View File

0
services/firefox-syncserver.nix → configs/services/firefox-syncserver.nix
View File

0
services/frigate.nix → configs/services/frigate.nix
View File

0
services/gitea.nix → configs/services/gitea.nix
View File

0
services/goaccess.nix → configs/services/goaccess.nix
View File

0
services/headscale.nix → configs/services/headscale.nix
View File

0
services/immich.nix → configs/services/immich.nix
View File

0
services/nextcloud.nix → configs/services/nextcloud.nix
View File

0
services/rustdesk-server.nix → configs/services/rustdesk-server.nix
View File

0
services/uptime-kuma.nix → configs/services/uptime-kuma.nix
View File

1
flake.nix
View File

@ -57,7 +57,6 @@
"i686-linux" "i686-linux"
"x86_64-linux" "x86_64-linux"
"aarch64-darwin" "aarch64-darwin"
"x86_64-darwin"
]; ];
# This is a function that generates an attribute by calling a function you # This is a function that generates an attribute by calling a function you

20
machine/vps-arm/configuration.nix
View File

@ -12,16 +12,16 @@
../../configs/docker.nix ../../configs/docker.nix
../../configs/user.nix ../../configs/user.nix
../../services/adguardhome.nix ../../configs/services/adguardhome.nix
../../services/atuin.nix ../../configs/services/atuin.nix
../../services/firefox-syncserver.nix ../../configs/services/firefox-syncserver.nix
../../services/frigate.nix ../../configs/services/frigate.nix
../../services/gitea.nix ../../configs/services/gitea.nix
../../services/goaccess.nix ../../configs/services/goaccess.nix
../../services/headscale.nix ../../configs/services/headscale.nix
../../services/immich.nix ../../configs/services/immich.nix
../../services/nextcloud.nix ../../configs/services/nextcloud.nix
../../services/uptime-kuma.nix ../../configs/services/uptime-kuma.nix
]; ];
sops = { sops = {