desktop-2024-11-10-19-33-49

2024-11-10 19:33:49 +01:00
parent ed7833b3e9
commit a0e47fea0e
15 changed files with 359 additions and 216 deletions
--- a/machine/desktop/configuration.nix
+++ b/machine/desktop/configuration.nix
@ -73,6 +73,8 @@ in {
    };
  };

+  #  stylix.enable = true;
+
  nix.settings = {
    system-features = [
      "nixos-test"
@ -308,6 +310,11 @@ in {
      };
    };

+    duplicati = {
+      enable = true;
+      user = "alex";
+    };
+
    # jellyfin = {
    #   enable = true;
    #   user = "alex";
@ -324,43 +331,18 @@ in {
          passCommand = "cat ${config.sops.secrets.borg-key.path}";
        };
        extraCreateArgs = "--checkpoint-interval 600 --exclude-caches";
-        environment.BORG_RSH = "ssh -i ~/.ssh/id_borg_ed25519";
-        paths = "/home/alex";
+        environment.BORG_RSH = "ssh -i /home/alex/.ssh/id_borg_ed25519";
+        paths = ["/home/alex" "/persist"];
        repo = "ssh://u278697-sub2@u278697.your-storagebox.de:23/./borg";
        startAt = "daily";
-        user = "alex";
        prune.keep = {
          daily = 7;
          weekly = 4;
          monthly = 6;
        };
        extraPruneArgs = "--save-space --list --stats";
-        exclude = map (x: paths + "/" + x) be.borg-exclude;
+        exclude = map (x: "/home/alex/" + x) be.borg-exclude;
      };
-
-      # home-external = rec {
-      #   compression = "auto,zstd";
-      #   encryption = {
-      #     mode = "repokey-blake2";
-      #     passCommand = "cat ${config.sops.secrets.borg-key.path}";
-      #   };
-      #   extraCreateArgs = "--checkpoint-interval 600 --exclude-caches";
-      #   paths = "/home/alex";
-      #   repo = "/run/media/alex/b6c33623-fc23-47ed-b6f5-e99455d5534a/borg";
-      #   startAt = [ ];
-      #   user = "alex";
-      #   prune.keep = {
-      #     daily = 7;
-      #     weekly = 4;
-      #     monthly = 6;
-      #   };
-      #   extraPruneArgs = "--save-space --list --stats";
-      #   exclude = map (x: paths + "/" + x) [
-      #     ".cache"
-      #     ".config/Nextcloud/logs"
-      #     ".local/share/baloo"
-      #   ];
-      # };
    };
  };

--- a/machine/homeserver.nix
+++ b/machine/homeserver.nix
@ -1,6 +1,9 @@
-{ config, pkgs, ... }:
-
-let secrets = import ../configs/secrets.nix;
+{
+  config,
+  pkgs,
+  ...
+}: let
+  secrets = import ../configs/secrets.nix;
 in {
  imports = [
    <nixos-hardware/common/cpu/intel>
@ -22,14 +25,14 @@ in {
    firewall.enable = false;
    nat = {
      enable = true;
-      internalInterfaces = [ "br0" ];
+      internalInterfaces = ["br0"];
      externalInterface = "enp3s0";
    };

    wireless = {
      enable = true;
      networks.Skynet_5G.psk = secrets.wifipassword;
-      interfaces = [ "wlp1s0" ];
+      interfaces = ["wlp1s0"];
    };

    interfaces.enp3s0.useDHCP = true;
@ -45,16 +48,17 @@ in {
  ];

  systemd = {
-    mounts = [{
-      requires = [ "mnt-disk1.mount" "mnt-disk2.mount" "mnt-disk3.mount" ];
-      after = [ "mnt-disk1.mount" "mnt-disk2.mount" "mnt-disk3.mount" ];
-      what = "/mnt/disk1:/mnt/disk2:/mnt/disk3";
-      where = "/mnt/storage";
-      type = "fuse.mergerfs";
-      options =
-        "defaults,allow_other,use_ino,fsname=mergerfs,minfreespace=50G,func.getattr=newest,noforget";
-      wantedBy = [ "multi-user.target" ];
-    }];
+    mounts = [
+      {
+        requires = ["mnt-disk1.mount" "mnt-disk2.mount" "mnt-disk3.mount"];
+        after = ["mnt-disk1.mount" "mnt-disk2.mount" "mnt-disk3.mount"];
+        what = "/mnt/disk1:/mnt/disk2:/mnt/disk3";
+        where = "/mnt/storage";
+        type = "fuse.mergerfs";
+        options = "defaults,allow_other,use_ino,fsname=mergerfs,minfreespace=50G,func.getattr=newest,noforget";
+        wantedBy = ["multi-user.target"];
+      }
+    ];

    services.snapraid-sync = {
      description = "Snapraid Sync and Diff";
@ -78,8 +82,8 @@ in {
    };

    timers.snapraid-sync = {
-      wantedBy = [ "timers.target" ];
-      timerConfig = { OnCalendar = "Mon-Sun, 23:00"; };
+      wantedBy = ["timers.target"];
+      timerConfig = {OnCalendar = "Mon-Sun, 23:00";};
    };
  };

@ -149,18 +153,22 @@ in {

  security.sudo.extraRules = [
    {
-      users = [ "alex" ];
-      commands = [{
-        command = "${pkgs.hdparm}/bin/hdparm";
-        options = [ "SETENV" "NOPASSWD" ];
-      }];
+      users = ["alex"];
+      commands = [
+        {
+          command = "${pkgs.hdparm}/bin/hdparm";
+          options = ["SETENV" "NOPASSWD"];
+        }
+      ];
    }
    {
-      users = [ "alex" ];
-      commands = [{
-        command = "${pkgs.snapraid}/bin/snapraid";
-        options = [ "SETENV" "NOPASSWD" ];
-      }];
+      users = ["alex"];
+      commands = [
+        {
+          command = "${pkgs.snapraid}/bin/snapraid";
+          options = ["SETENV" "NOPASSWD"];
+        }
+      ];
    }
  ];

--- a/machine/raspberrypi.nix
+++ b/machine/raspberrypi.nix
@ -1,5 +1,10 @@
-{ config, pkgs, lib, ... }:
-let secrets = import ../configs/secrets.nix;
+{
+  config,
+  pkgs,
+  lib,
+  ...
+}: let
+  secrets = import ../configs/secrets.nix;
 in {
  imports = [
    "${
@ -15,7 +20,7 @@ in {
    "/" = {
      device = "/dev/disk/by-label/NIXOS_SD";
      fsType = "ext4";
-      options = [ "noatime" ];
+      options = ["noatime"];
    };
  };

@ -25,11 +30,11 @@ in {
    wireless = {
      enable = true;
      networks.Skynet.psk = secrets.wifipassword;
-      interfaces = [ "wlan0" ];
+      interfaces = ["wlan0"];
    };
  };

-  environment.systemPackages = with pkgs; [ vim nano git rsync ];
+  environment.systemPackages = with pkgs; [vim nano git rsync];

  # Enable GPU acceleration
  # hardware.raspberry-pi."4".fkms-3d.enable = true;
--- a/machine/thinkpad.nix
+++ b/machine/thinkpad.nix
@ -1,20 +1,22 @@
-{ config, pkgs, lib, ... }:
-let
+{
+  config,
+  pkgs,
+  lib,
+  ...
+}: let
  secrets = import ../configs/secrets.nix;
  be = import ../configs/borg-exclude.nix;
-in
-{
-  imports =
-    [
-      <nixos-hardware/lenovo/thinkpad/x1-extreme>
-      /etc/nixos/hardware-configuration.nix
-      ../configs/common.nix
-      ../configs/docker.nix
-      ../configs/virtualisation.nix
-      ../configs/plasma.nix
-      ../configs/user-gui.nix
-      ../configs/user.nix
-    ];
+in {
+  imports = [
+    <nixos-hardware/lenovo/thinkpad/x1-extreme>
+    /etc/nixos/hardware-configuration.nix
+    ../configs/common.nix
+    ../configs/docker.nix
+    ../configs/virtualisation.nix
+    ../configs/plasma.nix
+    ../configs/user-gui.nix
+    ../configs/user.nix
+  ];

  boot = {
    # initrd = {
@ -51,7 +53,7 @@ in
      systemd-boot = {
        enable = true;
        configurationLimit = 10;
-      	editor = false;
+        editor = false;
      };
      efi = {
        canTouchEfiVariables = false;
@ -71,20 +73,22 @@ in
  networking = {
    hostName = "thinkpad";
    useDHCP = false;
-    firewall = { enable = false; };
+    firewall = {enable = false;};
    interfaces.enp0s31f6.useDHCP = true;
    wireguard.interfaces = {
      wg0 = {
-        ips = [ "10.100.0.8/24" ];
+        ips = ["10.100.0.8/24"];
        privateKey = secrets.wireguard-thinkpad-private;

-        peers = [{
-          publicKey = secrets.wireguard-vps-public;
-          presharedKey = secrets.wireguard-preshared;
-          allowedIPs = [ "10.100.0.0/24" ];
-          endpoint = "207.180.220.97:51820";
-          persistentKeepalive = 25;
-        }];
+        peers = [
+          {
+            publicKey = secrets.wireguard-vps-public;
+            presharedKey = secrets.wireguard-preshared;
+            allowedIPs = ["10.100.0.0/24"];
+            endpoint = "207.180.220.97:51820";
+            persistentKeepalive = 25;
+          }
+        ];
      };
    };
  };
@ -132,13 +136,13 @@ in
    thinkfan = {
      enable = true;
      levels = [
-        [ 0 0 67 ]
-        [ 1 65 75 ]
-        [ 2 73 80 ]
-        [ 3 78 85 ]
-        [ 4 83 90 ]
-        [ 6 88 95 ]
-        [ 7 93 32767 ]
+        [0 0 67]
+        [1 65 75]
+        [2 73 80]
+        [3 78 85]
+        [4 83 90]
+        [6 88 95]
+        [7 93 32767]
      ];
    };
    # xserver = {