will-holdsworth/dots
1
1
Fork 0
Code Issues 22 Pull requests Projects 1 Releases Packages Wiki Activity Actions 1

refactor: switch from modules to import arrays

Browse source
This commit is contained in:
wi11-holdsworth 2025-10-22 01:22:05 +11:00
parent d893750c09
commit 41eaa38d31
75 changed files with 1870 additions and 2541 deletions
Download patch file Download diff file Expand all files Collapse all files

17
flake.nix
View file

@ -39,6 +39,9 @@
userName ? "will",
system ? "x86_64-linux",
}:
let
util = import ./util.nix;
in
nixpkgs.lib.nixosSystem {
modules = [
./hosts/${hostName}/configuration.nix
@ -52,8 +55,7 @@
];
backupFileExtension = "backup";
extraSpecialArgs = {
inherit userName;
inherit hostName;
inherit userName hostName util;
};
useGlobalPkgs = true;
useUserPackages = true;
@ -61,10 +63,13 @@
}
];
specialArgs = {
inherit inputs;
inherit hostName;
inherit userName;
inherit system;
inherit
inputs
hostName
userName
system
util
;
};
inherit system;
};

35
hosts/desktop/configuration.nix
View file

@ -1,25 +1,32 @@
{
# keep-sorted start
userName,
util,
# keep-sorted end
...
}:
{
imports = [
# keep-sorted start
../../modules/nixos/default.nix
./hardware-configuration.nix
];
# reusable modules
# keep-sorted start
amd-gpu.enable = true;
desktop.enable = true;
dev.enable = true;
external-speakers.enable = true;
gaming.enable = true;
link2c.enable = true;
plasma.enable = true;
# keep-sorted end
# config
# keep-sorted end
]
++ (util.toImports ../../modules/nixos/features [
# keep-sorted start
"amd-gpu"
"external-speakers"
"gaming"
"link2c"
"plasma"
# keep-sorted end
])
++ (util.toImports ../../modules/nixos/bundles [
# keep-sorted start
"desktop"
"dev"
# keep-sorted end
]);
boot.initrd.luks.devices."luks-b164af31-c1c3-4b4e-83c8-eb39802c2027".device =
"/dev/disk/by-uuid/b164af31-c1c3-4b4e-83c8-eb39802c2027";

22
hosts/desktop/home.nix
View file

@ -1,18 +1,20 @@
{
# keep-sorted start
userName,
util,
# keep-sorted end
...
}:
{
imports = [ ../../modules/home-manager/default.nix ];
# reusable modules
# keep-sorted start
desktop.enable = true;
dev.enable = true;
# keep-sorted end
# config
imports = [
../../modules/home-manager/default.nix
]
++ (util.toImports ../../modules/home-manager/bundles [
# keep-sorted start
"desktop"
"dev"
# keep-sorted end
]);
age.secrets."protonmail-desktop-password".file = ../../secrets/protonmail-desktop-password.age;

32
hosts/laptop/configuration.nix
View file

@ -1,24 +1,30 @@
{
# keep-sorted start
userName,
util,
# keep-sorted end
...
}:
{
imports = [
# keep-sorted start
../../modules/nixos/default.nix
./hardware-configuration.nix
];
# reusable modules
# keep-sorted start
amd-gpu.enable = true;
desktop.enable = true;
dev.enable = true;
gnome.enable = true;
tlp.enable = true;
# keep-sorted end
# config
# keep-sorted end
]
++ (util.toImports ../../modules/nixos/features [
# keep-sorted start
"amd-gpu"
"gnome"
"tlp"
# keep-sorted end
])
++ (util.toImports ../../modules/nixos/bundles [
# keep-sorted start
"desktop"
"dev"
# keep-sorted end
]);
boot.initrd.luks.devices."luks-a7726a9d-535f-44bc-9c0e-adc501fad371".device =
"/dev/disk/by-uuid/a7726a9d-535f-44bc-9c0e-adc501fad371";

22
hosts/laptop/home.nix
View file

@ -1,18 +1,20 @@
{
# keep-sorted start
userName,
util,
# keep-sorted end
...
}:
{
imports = [ ../../modules/home-manager/default.nix ];
# reusable modules
# keep-sorted start
desktop.enable = true;
dev.enable = true;
# keep-sorted end
# config
imports = [
../../modules/home-manager/default.nix
]
++ (util.toImports ../../modules/home-manager/bundles [
# keep-sorted start
"desktop"
"dev"
# keep-sorted end
]);
age.secrets."protonmail-laptop-password".file = ../../secrets/protonmail-laptop-password.age;

26
hosts/server/configuration.nix
View file

@ -1,23 +1,27 @@
{
# keep-sorted start
hostName,
userName,
util,
# keep-sorted end
...
}:
{
imports = [
# keep-sorted start
../../modules/nixos/default.nix
./hardware-configuration.nix
];
# reusable modules
# keep-sorted start
borgmatic.enable = true;
intel-gpu.enable = true;
server.enable = true;
# keep-sorted end
# config
# keep-sorted end
]
++ (util.toImports ../../modules/nixos/features [
# keep-sorted start
"borgmatic"
"intel-gpu"
# keep-sorted end
])
++ (util.toImports ../../modules/nixos/bundles [
"server"
]);
networking.hostName = "${hostName}";

4
hosts/server/home.nix
View file

@ -3,7 +3,9 @@
...
}:
{
imports = [ ../../modules/home-manager/default.nix ];
imports = [
../../modules/home-manager/default.nix
];
home = {
username = "${userName}";

26
modules/home-manager/bundles/desktop.nix
View file

@ -1,24 +1,16 @@
{
config,
lib,
util,
...
}:
let
feature = "desktop";
in
{
config = lib.mkIf config.${feature}.enable {
imports = util.toImports ../features [
# keep-sorted start
aerc.enable = true;
kitty.enable = true;
mail.enable = true;
obsidian.enable = true;
zellij.enable = true;
zen-browser.enable = true;
"aerc"
"kitty"
"mail"
"obsidian"
"zellij"
"zen-browser"
# keep-sorted end
};
imports = [ ];
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
];
}

18
modules/home-manager/bundles/dev.nix
View file

@ -1,19 +1,9 @@
{
config,
lib,
util,
...
}:
let
feature = "dev";
in
{
config = lib.mkIf config.${feature}.enable {
# keep-sorted start
zed-editor.enable = lib.mkDefault true;
# keep-sorted end
};
imports = [ ];
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
imports = util.toImports ../features [
"zed-editor"
];
}

38
modules/home-manager/default.nix
View file

@ -1,22 +1,20 @@
{ lib, ... }:
let
featureBundler =
featuresDir:
map (name: featuresDir + "/${name}") (builtins.attrNames (builtins.readDir featuresDir));
in
{
imports = (featureBundler ./bundles) ++ (featureBundler ./features);
# keep-sorted start
agenix.enable = lib.mkDefault true;
bat.enable = lib.mkDefault true;
direnv.enable = lib.mkDefault true;
eza.enable = lib.mkDefault true;
fish.enable = lib.mkDefault true;
gh.enable = lib.mkDefault true;
git.enable = lib.mkDefault true;
starship.enable = lib.mkDefault true;
yazi.enable = lib.mkDefault true;
zoxide.enable = lib.mkDefault true;
# keep-sorted end
util,
...
}:
{
imports = util.toImports ./features [
# keep-sorted start
"agenix"
"bat"
"direnv"
"eza"
"fish"
"gh"
"git"
"starship"
"yazi"
"zoxide"
# keep-sorted end
];
}

106
modules/home-manager/features/aerc.nix
View file

@ -1,67 +1,53 @@
{
config,
lib,
...
}:
let
feature = "aerc";
in
{
config = lib.mkIf config.${feature}.enable {
accounts.email.accounts.personal.aerc.enable = true;
programs.aerc = {
enable = true;
extraAccounts.personal = {
default = "INBOX";
folders-sort = "INBOX, Starred, Drafts, Sent, Trash, Archive, Spam";
accounts.email.accounts.personal.aerc.enable = true;
programs.aerc = {
enable = true;
extraAccounts.personal = {
default = "INBOX";
folders-sort = "INBOX, Starred, Drafts, Sent, Trash, Archive, Spam";
};
extraConfig = {
general.unsafe-accounts-conf = true;
filters = {
"text/plain" = "colorize";
"text/calendar" = "calendar | colorize";
"text/html" = "html | colorize";
};
extraConfig = {
general.unsafe-accounts-conf = true;
filters = {
"text/plain" = "colorize";
"text/calendar" = "calendar | colorize";
"text/html" = "html | colorize";
};
ui = {
styleset-name = "catppuccin-mocha";
sort = "-r date";
};
ui = {
styleset-name = "catppuccin-mocha";
sort = "-r date";
};
stylesets = {
catppuccin-mocha = {
"*.default" = true;
"*.normal" = true;
"default.fg" = "#cdd6f4";
"error.fg" = "#f38ba8";
"warning.fg" = "#fab387";
"success.fg" = "#a6e3a1";
"tab.fg" = "#6c7086";
"tab.bg" = "#181825";
"tab.selected.fg" = "#cdd6f4";
"tab.selected.bg" = "#1e1e2e";
"tab.selected.bold" = true;
"border.fg" = "#11111b";
"border.bold" = true;
"msglist_unread.bold" = true;
"msglist_flagged.fg" = "#f9e2af";
"msglist_flagged.bold" = true;
"msglist_result.fg" = "#89b4fa";
"msglist_result.bold" = true;
"msglist_*.selected.bold" = true;
"msglist_*.selected.bg" = "#313244";
"dirlist_*.selected.bold" = true;
"dirlist_*.selected.bg" = "#313244";
"statusline_default.fg" = "#9399b2";
"statusline_default.bg" = "#313244";
"statusline_error.bold" = true;
"statusline_success.bold" = true;
"completion_default.selected.bg" = "#313244";
};
};
stylesets = {
catppuccin-mocha = {
"*.default" = true;
"*.normal" = true;
"default.fg" = "#cdd6f4";
"error.fg" = "#f38ba8";
"warning.fg" = "#fab387";
"success.fg" = "#a6e3a1";
"tab.fg" = "#6c7086";
"tab.bg" = "#181825";
"tab.selected.fg" = "#cdd6f4";
"tab.selected.bg" = "#1e1e2e";
"tab.selected.bold" = true;
"border.fg" = "#11111b";
"border.bold" = true;
"msglist_unread.bold" = true;
"msglist_flagged.fg" = "#f9e2af";
"msglist_flagged.bold" = true;
"msglist_result.fg" = "#89b4fa";
"msglist_result.bold" = true;
"msglist_*.selected.bold" = true;
"msglist_*.selected.bg" = "#313244";
"dirlist_*.selected.bold" = true;
"dirlist_*.selected.bg" = "#313244";
"statusline_default.fg" = "#9399b2";
"statusline_default.bg" = "#313244";
"statusline_error.bold" = true;
"statusline_success.bold" = true;
"completion_default.selected.bg" = "#313244";
};
};
};
imports = [ ];
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
}

10
modules/home-manager/features/agenix.nix
View file

@ -1,16 +1,8 @@
{
config,
lib,
userName,
...
}:
let
feature = "agenix";
in
{
config = lib.mkIf config.${feature}.enable {
age.identityPaths = [ "/home/${userName}/.ssh/id_ed25519" ];
};
age.identityPaths = [ "/home/${userName}/.ssh/id_ed25519" ];
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
}

22
modules/home-manager/features/bat.nix
View file

@ -1,22 +1,8 @@
{
config,
lib,
...
}:
let
feature = "bat";
in
{
config = lib.mkIf config.${feature}.enable {
programs.bat = {
enable = true;
config = {
theme = "Dracula";
};
programs.bat = {
enable = true;
config = {
theme = "Dracula";
};
};
imports = [ ];
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
}

12
modules/home-manager/features/direnv.nix
View file

@ -1,13 +1,3 @@
{
config,
lib,
...
}:
let
feature = "direnv";
in
{
config = lib.mkIf config.${feature}.enable { programs.direnv.enable = true; };
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
programs.direnv.enable = true;
}

20
modules/home-manager/features/espanso.nix
View file

@ -1,20 +1,6 @@
{
config,
lib,
...
}:
let
feature = "espanso";
in
{
config = lib.mkIf config.${feature}.enable {
services.espanso = {
enable = true;
configs = { };
};
services.espanso = {
enable = true;
configs = { };
};
imports = [ ];
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
}

552
modules/home-manager/features/eza.nix
View file

@ -1,297 +1,283 @@
{
config,
lib,
...
}:
let
feature = "eza";
in
{
config = lib.mkIf config.${feature}.enable {
programs.eza = {
enable = true;
extraOptions = [
"--long"
"--header"
"--group-directories-first"
];
git = true;
icons = "always";
theme = {
colourful = true;
programs.eza = {
enable = true;
extraOptions = [
"--long"
"--header"
"--group-directories-first"
];
git = true;
icons = "always";
theme = {
colourful = true;
filekinds = {
normal = {
foreground = "#BAC2DE";
};
directory = {
foreground = "#89B4FA";
};
symlink = {
foreground = "#89DCEB";
};
pipe = {
foreground = "#7F849C";
};
block_device = {
foreground = "#EBA0AC";
};
char_device = {
foreground = "#EBA0AC";
};
socket = {
foreground = "#585B70";
};
special = {
foreground = "#CBA6F7";
};
executable = {
foreground = "#A6E3A1";
};
mount_point = {
foreground = "#74C7EC";
};
filekinds = {
normal = {
foreground = "#BAC2DE";
};
perms = {
user_read = {
foreground = "#CDD6F4";
};
user_write = {
foreground = "#F9E2AF";
};
user_execute_file = {
foreground = "#A6E3A1";
};
user_execute_other = {
foreground = "#A6E3A1";
};
group_read = {
foreground = "#BAC2DE";
};
group_write = {
foreground = "#F9E2AF";
};
group_execute = {
foreground = "#A6E3A1";
};
other_read = {
foreground = "#A6ADC8";
};
other_write = {
foreground = "#F9E2AF";
};
other_execute = {
foreground = "#A6E3A1";
};
special_user_file = {
foreground = "#CBA6F7";
};
special_other = {
foreground = "#585B70";
};
attribute = {
foreground = "#A6ADC8";
};
directory = {
foreground = "#89B4FA";
};
size = {
major = {
foreground = "#A6ADC8";
};
minor = {
foreground = "#89DCEB";
};
number_byte = {
foreground = "#CDD6F4";
};
number_kilo = {
foreground = "#BAC2DE";
};
number_mega = {
foreground = "#89B4FA";
};
number_giga = {
foreground = "#CBA6F7";
};
number_huge = {
foreground = "#CBA6F7";
};
unit_byte = {
foreground = "#A6ADC8";
};
unit_kilo = {
foreground = "#89B4FA";
};
unit_mega = {
foreground = "#CBA6F7";
};
unit_giga = {
foreground = "#CBA6F7";
};
unit_huge = {
foreground = "#74C7EC";
};
};
users = {
user_you = {
foreground = "#CDD6F4";
};
user_root = {
foreground = "#F38BA8";
};
user_other = {
foreground = "#CBA6F7";
};
group_yours = {
foreground = "#BAC2DE";
};
group_other = {
foreground = "#7F849C";
};
group_root = {
foreground = "#F38BA8";
};
};
links = {
normal = {
foreground = "#89DCEB";
};
multi_link_file = {
foreground = "#74C7EC";
};
};
git = {
new = {
foreground = "#A6E3A1";
};
modified = {
foreground = "#F9E2AF";
};
deleted = {
foreground = "#F38BA8";
};
renamed = {
foreground = "#94E2D5";
};
typechange = {
foreground = "#F5C2E7";
};
ignored = {
foreground = "#7F849C";
};
conflicted = {
foreground = "#EBA0AC";
};
};
git_repo = {
branch_main = {
foreground = "#CDD6F4";
};
branch_other = {
foreground = "#CBA6F7";
};
git_clean = {
foreground = "#A6E3A1";
};
git_dirty = {
foreground = "#F38BA8";
};
};
security_context = {
colon = {
foreground = "#7F849C";
};
user = {
foreground = "#BAC2DE";
};
role = {
foreground = "#CBA6F7";
};
typ = {
foreground = "#585B70";
};
range = {
foreground = "#CBA6F7";
};
};
file_type = {
image = {
foreground = "#F9E2AF";
};
video = {
foreground = "#F38BA8";
};
music = {
foreground = "#A6E3A1";
};
lossless = {
foreground = "#94E2D5";
};
crypto = {
foreground = "#585B70";
};
document = {
foreground = "#CDD6F4";
};
compressed = {
foreground = "#F5C2E7";
};
temp = {
foreground = "#EBA0AC";
};
compiled = {
foreground = "#74C7EC";
};
build = {
foreground = "#585B70";
};
source = {
foreground = "#89B4FA";
};
};
punctuation = {
foreground = "#7F849C";
};
date = {
foreground = "#F9E2AF";
};
inode = {
foreground = "#A6ADC8";
};
blocks = {
foreground = "#9399B2";
};
header = {
foreground = "#CDD6F4";
};
octal = {
foreground = "#94E2D5";
};
flags = {
foreground = "#CBA6F7";
};
symlink_path = {
symlink = {
foreground = "#89DCEB";
};
control_char = {
foreground = "#74C7EC";
pipe = {
foreground = "#7F849C";
};
broken_symlink = {
foreground = "#F38BA8";
block_device = {
foreground = "#EBA0AC";
};
broken_path_overlay = {
char_device = {
foreground = "#EBA0AC";
};
socket = {
foreground = "#585B70";
};
special = {
foreground = "#CBA6F7";
};
executable = {
foreground = "#A6E3A1";
};
mount_point = {
foreground = "#74C7EC";
};
};
perms = {
user_read = {
foreground = "#CDD6F4";
};
user_write = {
foreground = "#F9E2AF";
};
user_execute_file = {
foreground = "#A6E3A1";
};
user_execute_other = {
foreground = "#A6E3A1";
};
group_read = {
foreground = "#BAC2DE";
};
group_write = {
foreground = "#F9E2AF";
};
group_execute = {
foreground = "#A6E3A1";
};
other_read = {
foreground = "#A6ADC8";
};
other_write = {
foreground = "#F9E2AF";
};
other_execute = {
foreground = "#A6E3A1";
};
special_user_file = {
foreground = "#CBA6F7";
};
special_other = {
foreground = "#585B70";
};
attribute = {
foreground = "#A6ADC8";
};
};
size = {
major = {
foreground = "#A6ADC8";
};
minor = {
foreground = "#89DCEB";
};
number_byte = {
foreground = "#CDD6F4";
};
number_kilo = {
foreground = "#BAC2DE";
};
number_mega = {
foreground = "#89B4FA";
};
number_giga = {
foreground = "#CBA6F7";
};
number_huge = {
foreground = "#CBA6F7";
};
unit_byte = {
foreground = "#A6ADC8";
};
unit_kilo = {
foreground = "#89B4FA";
};
unit_mega = {
foreground = "#CBA6F7";
};
unit_giga = {
foreground = "#CBA6F7";
};
unit_huge = {
foreground = "#74C7EC";
};
};
users = {
user_you = {
foreground = "#CDD6F4";
};
user_root = {
foreground = "#F38BA8";
};
user_other = {
foreground = "#CBA6F7";
};
group_yours = {
foreground = "#BAC2DE";
};
group_other = {
foreground = "#7F849C";
};
group_root = {
foreground = "#F38BA8";
};
};
links = {
normal = {
foreground = "#89DCEB";
};
multi_link_file = {
foreground = "#74C7EC";
};
};
git = {
new = {
foreground = "#A6E3A1";
};
modified = {
foreground = "#F9E2AF";
};
deleted = {
foreground = "#F38BA8";
};
renamed = {
foreground = "#94E2D5";
};
typechange = {
foreground = "#F5C2E7";
};
ignored = {
foreground = "#7F849C";
};
conflicted = {
foreground = "#EBA0AC";
};
};
git_repo = {
branch_main = {
foreground = "#CDD6F4";
};
branch_other = {
foreground = "#CBA6F7";
};
git_clean = {
foreground = "#A6E3A1";
};
git_dirty = {
foreground = "#F38BA8";
};
};
security_context = {
colon = {
foreground = "#7F849C";
};
user = {
foreground = "#BAC2DE";
};
role = {
foreground = "#CBA6F7";
};
typ = {
foreground = "#585B70";
};
range = {
foreground = "#CBA6F7";
};
};
file_type = {
image = {
foreground = "#F9E2AF";
};
video = {
foreground = "#F38BA8";
};
music = {
foreground = "#A6E3A1";
};
lossless = {
foreground = "#94E2D5";
};
crypto = {
foreground = "#585B70";
};
document = {
foreground = "#CDD6F4";
};
compressed = {
foreground = "#F5C2E7";
};
temp = {
foreground = "#EBA0AC";
};
compiled = {
foreground = "#74C7EC";
};
build = {
foreground = "#585B70";
};
source = {
foreground = "#89B4FA";
};
};
punctuation = {
foreground = "#7F849C";
};
date = {
foreground = "#F9E2AF";
};
inode = {
foreground = "#A6ADC8";
};
blocks = {
foreground = "#9399B2";
};
header = {
foreground = "#CDD6F4";
};
octal = {
foreground = "#94E2D5";
};
flags = {
foreground = "#CBA6F7";
};
symlink_path = {
foreground = "#89DCEB";
};
control_char = {
foreground = "#74C7EC";
};
broken_symlink = {
foreground = "#F38BA8";
};
broken_path_overlay = {
foreground = "#585B70";
};
};
};
imports = [ ];
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
}

119
modules/home-manager/features/fish.nix
View file

@ -1,74 +1,63 @@
{
config,
lib,
pkgs,
...
}:
let
feature = "fish";
in
{
config = lib.mkIf config.${feature}.enable {
home.shell.enableFishIntegration = true;
programs.fish = {
enable = true;
interactiveShellInit = ''
set fish_greeting
'';
shellAliases = {
# keep-sorted start
cat = "bat";
# cd = "j";
cut = "choose";
df = "duf";
du = "dua";
# find = "fd";
g = "lazygit";
l = "eza";
la = "eza -a";
ls = "eza";
ns = "nh os switch";
# curl = "xh";
ping = "gping";
ps = "procs";
# sed = "sd";
# grep = "rga";
top = "btm";
unzip = "ripunzip";
vi = "nvim";
vim = "nvim";
# keep-sorted end
};
plugins = [
# INFO: Using this to get shell completion for programs added to the path through nix+direnv.
# Issue to upstream into direnv:Add commentMore actions
# https://github.com/direnv/direnv/issues/443
{
name = "completion-sync";
src = pkgs.fetchFromGitHub {
owner = "iynaix";
repo = "fish-completion-sync";
rev = "4f058ad2986727a5f510e757bc82cbbfca4596f0";
sha256 = "sha256-kHpdCQdYcpvi9EFM/uZXv93mZqlk1zCi2DRhWaDyK5g=";
};
}
];
};
# https://nixos.wiki/wiki/Fish#Setting_fish_as_your_shell
programs.bash = {
enable = true;
initExtra = ''
if [[ $(${pkgs.procps}/bin/ps --no-header --pid=$PPID --format=comm) != "fish" && -z ''${BASH_EXECUTION_STRING} ]]
then
shopt -q login_shell && LOGIN_OPTION='--login' || LOGIN_OPTION=""
exec ${pkgs.fish}/bin/fish $LOGIN_OPTION
fi
'';
home.shell.enableFishIntegration = true;
programs.fish = {
enable = true;
interactiveShellInit = ''
set fish_greeting
'';
shellAliases = {
# keep-sorted start
cat = "bat";
# cd = "j";
cut = "choose";
df = "duf";
du = "dua";
# find = "fd";
g = "lazygit";
l = "eza";
la = "eza -a";
ls = "eza";
ns = "nh os switch";
# curl = "xh";
ping = "gping";
ps = "procs";
# sed = "sd";
# grep = "rga";
top = "btm";
unzip = "ripunzip";
vi = "nvim";
vim = "nvim";
# keep-sorted end
};
plugins = [
# INFO: Using this to get shell completion for programs added to the path through nix+direnv.
# Issue to upstream into direnv:Add commentMore actions
# https://github.com/direnv/direnv/issues/443
{
name = "completion-sync";
src = pkgs.fetchFromGitHub {
owner = "iynaix";
repo = "fish-completion-sync";
rev = "4f058ad2986727a5f510e757bc82cbbfca4596f0";
sha256 = "sha256-kHpdCQdYcpvi9EFM/uZXv93mZqlk1zCi2DRhWaDyK5g=";
};
}
];
};
imports = [ ];
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
# https://nixos.wiki/wiki/Fish#Setting_fish_as_your_shell
programs.bash = {
enable = true;
initExtra = ''
if [[ $(${pkgs.procps}/bin/ps --no-header --pid=$PPID --format=comm) != "fish" && -z ''${BASH_EXECUTION_STRING} ]]
then
shopt -q login_shell && LOGIN_OPTION='--login' || LOGIN_OPTION=""
exec ${pkgs.fish}/bin/fish $LOGIN_OPTION
fi
'';
};
}

24
modules/home-manager/features/gh.nix
View file

@ -1,23 +1,9 @@
{
config,
lib,
...
}:
let
feature = "gh";
in
{
config = lib.mkIf config.${feature}.enable {
programs.gh = {
enable = true;
settings = {
git_protocol = "ssh";
editor = "nvim";
};
programs.gh = {
enable = true;
settings = {
git_protocol = "ssh";
editor = "nvim";
};
};
imports = [ ];
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
}

78
modules/home-manager/features/git.nix
View file

@ -1,56 +1,44 @@
{
config,
lib,
...
}:
let
feature = "git";
in
{
config = lib.mkIf config.${feature}.enable {
programs.${feature} = {
programs.git = {
enable = true;
delta = {
enable = true;
options.theme = "Dracula";
};
delta = {
enable = true;
options.theme = "Dracula";
};
userName = "wi11-holdsworth";
userEmail = "83637728+wi11-holdsworth@users.noreply.github.com";
userName = "wi11-holdsworth";
userEmail = "83637728+wi11-holdsworth@users.noreply.github.com";
aliases = {
# keep-sorted start
a = "add";
aa = "add .";
ap = "add -p";
c = "commit --verbose";
ca = "commit -a --verbose";
cam = "commit -a -m";
cm = "commit -m";
co = "checkout";
cob = "checkout -b";
d = "diff";
dc = "diff --cached";
ds = "diff --stat";
m = "commit --amend --verbose";
pl = "pull";
ps = "push";
s = "status -s";
# keep-sorted end
};
aliases = {
# keep-sorted start
a = "add";
aa = "add .";
ap = "add -p";
c = "commit --verbose";
ca = "commit -a --verbose";
cam = "commit -a -m";
cm = "commit -m";
co = "checkout";
cob = "checkout -b";
d = "diff";
dc = "diff --cached";
ds = "diff --stat";
m = "commit --amend --verbose";
pl = "pull";
ps = "push";
s = "status -s";
# keep-sorted end
};
extraConfig = {
init.defaultBranch = "main";
extraConfig = {
init.defaultBranch = "main";
core.editor = "nvim";
core.editor = "nvim";
push.autoSetupRemote = true;
push.autoSetupRemote = true;
pull.rebase = false;
};
pull.rebase = false;
};
};
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
}

37
modules/home-manager/features/kitty.nix
View file

@ -1,32 +1,21 @@
{
config,
lib,
pkgs,
...
}:
let
feature = "kitty";
in
{
config = lib.mkIf config.${feature}.enable {
programs.kitty = {
enable = true;
enableGitIntegration = true;
font = {
package = pkgs.nerd-fonts.jetbrains-mono;
name = "JetBrainsMono Nerd Font";
size = 13;
};
themeFile = "Catppuccin-Mocha";
settings = {
shell = "zellij -l welcome";
remember_window_size = true;
confirm_os_window_close = 0;
};
programs.kitty = {
enable = true;
enableGitIntegration = true;
font = {
package = pkgs.nerd-fonts.jetbrains-mono;
name = "JetBrainsMono Nerd Font";
size = 13;
};
themeFile = "Catppuccin-Mocha";
settings = {
shell = "zellij -l welcome";
remember_window_size = true;
confirm_os_window_close = 0;
};
};
imports = [ ];
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
}

100
modules/home-manager/features/mail.nix
View file

@ -1,62 +1,54 @@
{
# keep-sorted start
config,
lib,
hostName,
# keep-sorted end
...
}:
let
feature = "mail";
in
{
config = lib.mkIf config.${feature}.enable {
accounts.email =
let
certificatesFile = config.age.secrets.protonmail-cert.path;
in
{
inherit certificatesFile;
accounts =
let
# keep-sorted start block=yes
address = "willholdsworth@pm.me";
authentication = "login";
host = "127.0.0.1";
tls = {
enable = false;
useStartTls = true;
inherit certificatesFile;
};
# keep-sorted end
in
{
personal = {
enable = true;
# keep-sorted start block=yes
imap = {
port = 1143;
inherit tls;
inherit authentication;
inherit host;
};
inherit address;
passwordCommand = "cat ${config.age.secrets."protonmail-${hostName}-password".path}";
primary = true;
realName = "Will Holdsworth";
smtp = {
port = 1025;
inherit tls;
inherit authentication;
inherit host;
};
userName = address;
# keep-sorted end
};
accounts.email =
let
certificatesFile = config.age.secrets.protonmail-cert.path;
in
{
inherit certificatesFile;
accounts =
let
# keep-sorted start block=yes
address = "willholdsworth@pm.me";
authentication = "login";
host = "127.0.0.1";
tls = {
enable = false;
useStartTls = true;
inherit certificatesFile;
};
};
age.secrets."protonmail-cert".file = ../../../secrets/protonmail-cert.age;
};
imports = [ ];
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
# keep-sorted end
in
{
personal = {
enable = true;
# keep-sorted start block=yes
imap = {
port = 1143;
inherit tls;
inherit authentication;
inherit host;
};
inherit address;
passwordCommand = "cat ${config.age.secrets."protonmail-${hostName}-password".path}";
primary = true;
realName = "Will Holdsworth";
smtp = {
port = 1025;
inherit tls;
inherit authentication;
inherit host;
};
userName = address;
# keep-sorted end
};
};
};
age.secrets."protonmail-cert".file = ../../../secrets/protonmail-cert.age;
}

228
modules/home-manager/features/obsidian.nix
View file

@ -1,126 +1,116 @@
{ config, lib, ... }:
let
feature = "obsidian";
in
{
config = lib.mkIf config.${feature}.enable {
programs.obsidian = {
enable = true;
defaultSettings = {
app = {
tabSize = 2;
trashOption = "local";
alwaysUpdateLinks = true;
attachmentFolderPath = "/";
defaultViewMode = "preview";
vimMode = true;
showLineNumber = true;
};
appearance = {
monospaceFontFamily = "JetBrainsMono Nerd Font";
interfaceFontFamily = "JetBrainsMono Nerd Font";
textFontFamily = "JetBrainsMono Nerd Font";
nativeMenus = false;
cssTheme = "Catppuccin";
showRibbon = false;
};
communityPlugins = [
# keep-sorted start
"obsidian-editor-shortcuts"
"obsidian-excalidraw-plugin"
"obsidian-livesync"
"obsidian-relative-line-numbers"
"oz-clear-unused-images"
"pdf-plus"
"tag-wrangler"
"virtual-linker"
# keep-sorted end
programs.obsidian = {
enable = true;
defaultSettings = {
app = {
tabSize = 2;
trashOption = "local";
alwaysUpdateLinks = true;
attachmentFolderPath = "/";
defaultViewMode = "preview";
vimMode = true;
showLineNumber = true;
};
appearance = {
monospaceFontFamily = "JetBrainsMono Nerd Font";
interfaceFontFamily = "JetBrainsMono Nerd Font";
textFontFamily = "JetBrainsMono Nerd Font";
nativeMenus = false;
cssTheme = "Catppuccin";
showRibbon = false;
};
communityPlugins = [
# keep-sorted start
"obsidian-editor-shortcuts"
"obsidian-excalidraw-plugin"
"obsidian-livesync"
"obsidian-relative-line-numbers"
"oz-clear-unused-images"
"pdf-plus"
"tag-wrangler"
"virtual-linker"
# keep-sorted end
];
corePlugins = [
# keep-sorted start
"backlink"
"bases"
"bookmarks"
"canvas"
"command-palette"
"daily-notes"
"editor-status"
"file-explorer"
"file-recovery"
"global-search"
"graph"
"markdown-importer"
"note-composer"
"outgoing-link"
"outline"
"page-preview"
"properties"
"random-note"
"slash-command"
"slides"
"switcher"
"tag-pane"
"templates"
"word-count"
"workspaces"
"zk-prefixer"
# keep-sorted end
];
hotkeys = {
"editor:swap-line-down" = [
{
"modifiers" = [ "Alt" ];
"key" = "ArrowDown";
}
];
corePlugins = [
# keep-sorted start
"backlink"
"bases"
"bookmarks"
"canvas"
"command-palette"
"daily-notes"
"editor-status"
"file-explorer"
"file-recovery"
"global-search"
"graph"
"markdown-importer"
"note-composer"
"outgoing-link"
"outline"
"page-preview"
"properties"
"random-note"
"slash-command"
"slides"
"switcher"
"tag-pane"
"templates"
"word-count"
"workspaces"
"zk-prefixer"
# keep-sorted end
"editor:swap-line-up" = [
{
"modifiers" = [ "Alt" ];
"key" = "ArrowUp";
}
];
"app:toggle-left-sidebar" = [
{
"modifiers" = [
"Mod"
"Shift"
];
"key" = "/";
}
];
"app:toggle-right-sidebar" = [
{
"modifiers" = [
"Mod"
"Shift"
];
"key" = "\\";
}
];
"window:reset-zoom" = [
{
"modifiers" = [ "Mod" ];
"key" = "0";
}
];
"app:go-back" = [
{
"modifiers" = [ "Alt" ];
"key" = "ArrowLeft";
}
];
"app:go-forward" = [
{
"modifiers" = [ "Alt" ];
"key" = "ArrowRight";
}
];
hotkeys = {
"editor:swap-line-down" = [
{
"modifiers" = [ "Alt" ];
"key" = "ArrowDown";
}
];
"editor:swap-line-up" = [
{
"modifiers" = [ "Alt" ];
"key" = "ArrowUp";
}
];
"app:toggle-left-sidebar" = [
{
"modifiers" = [
"Mod"
"Shift"
];
"key" = "/";
}
];
"app:toggle-right-sidebar" = [
{
"modifiers" = [
"Mod"
"Shift"
];
"key" = "\\";
}
];
"window:reset-zoom" = [
{
"modifiers" = [ "Mod" ];
"key" = "0";
}
];
"app:go-back" = [
{
"modifiers" = [ "Alt" ];
"key" = "ArrowLeft";
}
];
"app:go-forward" = [
{
"modifiers" = [ "Alt" ];
"key" = "ArrowRight";
}
];
};
};
};
};
imports = [ ];
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
}

22
modules/home-manager/features/starship.nix
View file

@ -1,21 +1,9 @@
{
config,
lib,
...
}:
let
feature = "starship";
in
{
config = lib.mkIf config.${feature}.enable {
programs.starship = {
enable = true;
settings.character = {
success_symbol = "[%](bold green) ";
error_symbol = "[%](bold red) ";
};
programs.starship = {
enable = true;
settings.character = {
success_symbol = "[%](bold green) ";
error_symbol = "[%](bold red) ";
};
};
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
}

43
modules/home-manager/features/yazi.nix
View file

@ -1,35 +1,24 @@
{
config,
lib,
pkgs,
...
}:
let
feature = "yazi";
in
{
config = lib.mkIf config.${feature}.enable {
programs.yazi = {
enable = true;
plugins = {
# keep-sorted start
diff = pkgs.yaziPlugins.diff;
git = pkgs.yaziPlugins.git;
mediainfo = pkgs.yaziPlugins.mediainfo;
mount = pkgs.yaziPlugins.mount;
ouch = pkgs.yaziPlugins.ouch;
relative-motions = pkgs.yaziPlugins.relative-motions;
restore = pkgs.yaziPlugins.restore;
rich-preview = pkgs.yaziPlugins.rich-preview;
starship = pkgs.yaziPlugins.starship;
vcs-files = pkgs.yaziPlugins.vcs-files;
yatline-githead = pkgs.yaziPlugins.yatline-githead;
# keep-sorted end
};
programs.yazi = {
enable = true;
plugins = {
# keep-sorted start
diff = pkgs.yaziPlugins.diff;
git = pkgs.yaziPlugins.git;
mediainfo = pkgs.yaziPlugins.mediainfo;
mount = pkgs.yaziPlugins.mount;
ouch = pkgs.yaziPlugins.ouch;
relative-motions = pkgs.yaziPlugins.relative-motions;
restore = pkgs.yaziPlugins.restore;
rich-preview = pkgs.yaziPlugins.rich-preview;
starship = pkgs.yaziPlugins.starship;
vcs-files = pkgs.yaziPlugins.vcs-files;
yatline-githead = pkgs.yaziPlugins.yatline-githead;
# keep-sorted end
};
};
imports = [ ];
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
}

164
modules/home-manager/features/zed-editor.nix
View file

@ -1,97 +1,89 @@
{
config,
# keep-sorted start
lib,
pkgs,
# keep-sorted end
...
}:
let
feature = "zed-editor";
in
{
config = lib.mkIf config.${feature}.enable {
programs.zed-editor = {
enable = true;
package = pkgs.zed-editor-fhs;
extensions = [
# keep-sorted start
"catppuccin"
"catppuccin-icons"
"codebook"
"emmet"
"git-firefly"
"haskell"
"html"
"nix"
# keep-sorted end
];
extraPackages = with pkgs; [
# keep-sorted start
haskell-language-server
nil
nixd
package-version-server
rust-analyzer
# keep-sorted end
];
installRemoteServer = true;
userSettings = {
# keep-sorted start block=yes
base_keymap = "VSCode";
buffer_font_family = "JetBrainsMono Nerd Font";
buffer_font_size = 15;
disable_ai = true;
icon_theme = "Catppuccin Mocha";
inlay_hints = {
enabled = true;
show_value_hints = true;
show_type_hints = true;
show_parameter_hints = true;
show_other_hints = true;
show_background = false;
edit_debounce_ms = 700;
scroll_debounce_ms = 50;
toggle_on_modifiers_press = {
control = false;
alt = false;
shift = false;
platform = false;
function = false;
};
programs.zed-editor = {
enable = true;
package = pkgs.zed-editor-fhs;
extensions = [
# keep-sorted start
"catppuccin"
"catppuccin-icons"
"codebook"
"emmet"
"git-firefly"
"haskell"
"html"
"nix"
# keep-sorted end
];
extraPackages = with pkgs; [
# keep-sorted start
haskell-language-server
nil
nixd
package-version-server
rust-analyzer
# keep-sorted end
];
installRemoteServer = true;
userSettings = {
# keep-sorted start block=yes
base_keymap = "VSCode";
buffer_font_family = "JetBrainsMono Nerd Font";
buffer_font_size = 15;
disable_ai = true;
icon_theme = "Catppuccin Mocha";
inlay_hints = {
enabled = true;
show_value_hints = true;
show_type_hints = true;
show_parameter_hints = true;
show_other_hints = true;
show_background = false;
edit_debounce_ms = 700;
scroll_debounce_ms = 50;
toggle_on_modifiers_press = {
control = false;
alt = false;
shift = false;
platform = false;
function = false;
};
# https://wiki.nixos.org/wiki/Zed#rust-analyzer
lsp.rust-analyzer.binary.path = lib.getExe pkgs.rust-analyzer;
minimap = {
show = "auto";
};
preferred_line_length = 80;
relative_line_numbers = true;
soft_wrap = "preferred_line_length";
tab_bar = {
show_nav_history_buttons = false;
};
tab_size = 2;
tabs = {
file_icons = true;
git_status = true;
};
telemetry = {
diagnostics = false;
metrics = false;
};
theme = {
mode = "system";
light = "One Light";
dark = "Catppuccin Mocha";
};
ui_font_family = "JetBrainsMono Nerd Font";
ui_font_size = 16;
vim_mode = true;
# keep-sorted end
};
# https://wiki.nixos.org/wiki/Zed#rust-analyzer
lsp.rust-analyzer.binary.path = lib.getExe pkgs.rust-analyzer;
minimap = {
show = "auto";
};
preferred_line_length = 80;
relative_line_numbers = true;
soft_wrap = "preferred_line_length";
tab_bar = {
show_nav_history_buttons = false;
};
tab_size = 2;
tabs = {
file_icons = true;
git_status = true;
};
telemetry = {
diagnostics = false;
metrics = false;
};
theme = {
mode = "system";
light = "One Light";
dark = "Catppuccin Mocha";
};
ui_font_family = "JetBrainsMono Nerd Font";
ui_font_size = 16;
vim_mode = true;
# keep-sorted end
};
};
imports = [ ];
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
}

26
modules/home-manager/features/zellij.nix
View file

@ -1,24 +1,10 @@
{
config,
lib,
...
}:
let
feature = "zellij";
in
{
config = lib.mkIf config.${feature}.enable {
programs.zellij = {
enable = true;
settings = {
theme = "catppuccin-mocha";
show_startup_tips = false;
default_shell = "fish";
};
programs.zellij = {
enable = true;
settings = {
theme = "catppuccin-mocha";
show_startup_tips = false;
default_shell = "fish";
};
};
imports = [ ];
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
}

140
modules/home-manager/features/zen-browser.nix
View file

@ -1,79 +1,67 @@
{
config,
lib,
...
}:
let
feature = "zen-browser";
in
{
config = lib.mkIf config.${feature}.enable {
programs.zen-browser =
let
profileName = "fmnikwnj.Default Profile";
in
{
enable = true;
profiles.${profileName}.settings = {
zen.tabs.vertical.right-side = true;
};
policies =
let
mkLockedAttrs = builtins.mapAttrs (
_: value: {
Value = value;
Status = "locked";
}
);
mkExtensionSettings = builtins.mapAttrs (
_: pluginId: {
install_url = "https://addons.mozilla.org/firefox/downloads/latest/${pluginId}/latest.xpi";
installation_mode = "force_installed";
}
);
in
{
# keep-sorted start block=yes
AutofillCreditCardEnabled = false;
EnableTrackingProtection = {
Value = true;
Category = "strict";
};
ExtensionSettings = mkExtensionSettings {
"uBlock0@raymondhill.net" = "ublock-origin";
"{446900e4-71c2-419f-a6a7-df9c091e268b}" = "bitwarden-password-manager";
"sponsorBlocker@ajay.app" = "sponsor-block";
"{762f9885-5a13-4abd-9c77-433dcd38b8fd}" = "return-youtube-dislikes";
"deArrow@ajay.app" = "dearrow";
};
HttpsOnlyMode = "enabled";
NoDefaultBookmarks = true;
OfferToSaveLogins = false;
Preferences = mkLockedAttrs {
"intl.accept_languages" = "en-AU,en-GB,en-US,en";
"general.autoScroll" = true;
# disable google safebrowsing
"browser.safebrowsing.malware.enabled" = false;
"browser.safebrowsing.phishing.enabled" = false;
"browser.warnOnQuit" = false;
"browser.tabs.warnOnClose" = false;
# continue where you left off
"browser.startup.page" = 3;
};
RequestedLocales = [
"en-AU"
"en-GB"
"en-US"
];
SearchEngines = {
Default = "duckduckgo";
DefaultPrivate = "duckduckgo";
};
SearchSuggestEnabled = true;
# keep-sorted end
};
programs.zen-browser =
let
profileName = "fmnikwnj.Default Profile";
in
{
enable = true;
profiles.${profileName}.settings = {
zen.tabs.vertical.right-side = true;
};
};
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
policies =
let
mkLockedAttrs = builtins.mapAttrs (
_: value: {
Value = value;
Status = "locked";
}
);
mkExtensionSettings = builtins.mapAttrs (
_: pluginId: {
install_url = "https://addons.mozilla.org/firefox/downloads/latest/${pluginId}/latest.xpi";
installation_mode = "force_installed";
}
);
in
{
# keep-sorted start block=yes
AutofillCreditCardEnabled = false;
EnableTrackingProtection = {
Value = true;
Category = "strict";
};
ExtensionSettings = mkExtensionSettings {
"uBlock0@raymondhill.net" = "ublock-origin";
"{446900e4-71c2-419f-a6a7-df9c091e268b}" = "bitwarden-password-manager";
"sponsorBlocker@ajay.app" = "sponsor-block";
"{762f9885-5a13-4abd-9c77-433dcd38b8fd}" = "return-youtube-dislikes";
"deArrow@ajay.app" = "dearrow";
};
HttpsOnlyMode = "enabled";
NoDefaultBookmarks = true;
OfferToSaveLogins = false;
Preferences = mkLockedAttrs {
"intl.accept_languages" = "en-AU,en-GB,en-US,en";
"general.autoScroll" = true;
# disable google safebrowsing
"browser.safebrowsing.malware.enabled" = false;
"browser.safebrowsing.phishing.enabled" = false;
"browser.warnOnQuit" = false;
"browser.tabs.warnOnClose" = false;
# continue where you left off
"browser.startup.page" = 3;
};
RequestedLocales = [
"en-AU"
"en-GB"
"en-US"
];
SearchEngines = {
Default = "duckduckgo";
DefaultPrivate = "duckduckgo";
};
SearchSuggestEnabled = true;
# keep-sorted end
};
};
}

26
modules/home-manager/features/zoxide.nix
View file

@ -1,23 +1,9 @@
{
config,
lib,
...
}:
let
feature = "zoxide";
in
{
config = lib.mkIf config.${feature}.enable {
programs.zoxide = {
enable = true;
enableBashIntegration = true;
options = [
"--cmd j"
];
};
programs.zoxide = {
enable = true;
enableBashIntegration = true;
options = [
"--cmd j"
];
};
imports = [ ];
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
}

44
modules/nixos/bundles/desktop.nix
View file

@ -1,34 +1,28 @@
{
config,
lib,
# keep-sorted start
pkgs,
util,
# keep-sorted end
...
}:
let
feature = "desktop";
in
{
config = lib.mkIf config.${feature}.enable {
imports = util.toImports ../features [
# keep-sorted start
pipewire.enable = true;
print-and-scan.enable = true;
protonmail-bridge.enable = true;
"pipewire"
"print-and-scan"
"protonmail-bridge"
# keep-sorted end
];
environment.systemPackages = with pkgs; [
# keep-sorted start
beeper
calibre
cameractrls-gtk3
# https://github.com/NixOS/nixpkgs/issues/437865
# jellyfin-media-player
onlyoffice-desktopeditors
textsnatcher
# keep-sorted end
];
};
imports = [ ];
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
environment.systemPackages = with pkgs; [
# keep-sorted start
beeper
calibre
cameractrls-gtk3
# https://github.com/NixOS/nixpkgs/issues/437865
# jellyfin-media-player
onlyoffice-desktopeditors
textsnatcher
# keep-sorted end
];
}

30
modules/nixos/bundles/dev.nix
View file

@ -1,26 +1,18 @@
{
config,
lib,
pkgs,
...
}:
let
feature = "dev";
in
{
config = lib.mkIf config.${feature}.enable {
environment.systemPackages = with pkgs; [
# keep-sorted start
bacon
cargo-info
devenv
just
mask
rusty-man
vscode
# keep-sorted end
];
};
environment.systemPackages = with pkgs; [
# keep-sorted start
bacon
cargo-info
devenv
just
mask
rusty-man
vscode
# keep-sorted end
];
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
}

52
modules/nixos/bundles/server.nix
View file

@ -1,39 +1,31 @@
{
config,
lib,
util,
...
}:
let
feature = "server";
in
{
config = lib.mkIf config.${feature}.enable {
imports = util.toImports ../features [
# keep-sorted start
copyparty.enable = true;
couchdb.enable = true;
flaresolverr.enable = true;
homepage-dashboard.enable = true;
immich.enable = true;
jellyfin.enable = true;
lidarr.enable = true;
miniflux.enable = true;
nginx.enable = true;
ntfy-sh.enable = true;
paperless.enable = true;
prowlarr.enable = true;
qbittorrent.enable = true;
radarr.enable = true;
sonarr.enable = true;
syncthing.enable = true;
vaultwarden.enable = true;
"copyparty"
"couchdb"
"flaresolverr"
"homepage-dashboard"
"immich"
"jellyfin"
"lidarr"
"miniflux"
"nginx"
"ntfy-sh"
"paperless"
"prowlarr"
"qbittorrent"
"radarr"
"sonarr"
"syncthing"
"vaultwarden"
# keep-sorted end
];
users.groups.media = { };
users.groups.media = { };
services.borgmatic.settings.source_directories = [ "/srv" ];
};
imports = [ ];
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
services.borgmatic.settings.source_directories = [ "/srv" ];
}

38
modules/nixos/default.nix
View file

@ -1,28 +1,26 @@
{
lib,
# keep-sorted start
pkgs,
util,
# keep-sorted end
...
}:
let
featureBundler =
featuresDir:
map (name: featuresDir + "/${name}") (builtins.attrNames (builtins.readDir featuresDir));
in
{
imports = (featureBundler ./bundles) ++ (featureBundler ./features);
# keep-sorted start
agenix.enable = lib.mkDefault true;
fonts.enable = lib.mkDefault true;
localisation.enable = lib.mkDefault true;
network.enable = lib.mkDefault true;
nh.enable = lib.mkDefault true;
nix-settings.enable = lib.mkDefault true;
nixpkgs.enable = lib.mkDefault true;
nixvim.enable = lib.mkDefault true;
syncthing.enable = lib.mkDefault true;
systemd-boot.enable = lib.mkDefault true;
tailscale.enable = lib.mkDefault true;
# keep-sorted end
imports = util.toImports ./features [
# keep-sorted start
"agenix"
"fonts"
"localisation"
"network"
"nh"
"nix-settings"
"nixpkgs"
"nixvim"
"syncthing"
"systemd-boot"
"tailscale"
# keep-sorted end
];
environment.systemPackages =
with pkgs;

15
modules/nixos/features/agenix.nix
View file

@ -1,21 +1,14 @@
{
config,
# keep-sorted start
inputs,
lib,
system,
userName,
# keep-sorted end
...
}:
let
feature = "agenix";
in
{
config = lib.mkIf config.${feature}.enable {
environment.systemPackages = [ inputs.agenix.packages.${system}.default ];
age.identityPaths = [ "/home/${userName}/.ssh/id_ed25519" ];
};
environment.systemPackages = [ inputs.agenix.packages.${system}.default ];
age.identityPaths = [ "/home/${userName}/.ssh/id_ed25519" ];
imports = [ inputs.agenix.nixosModules.default ];
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
}

24
modules/nixos/features/amd-gpu.nix
View file

@ -1,26 +1,16 @@
{
config,
lib,
pkgs,
...
}:
let
feature = "amd-gpu";
in
{
config = lib.mkIf config.${feature}.enable {
# load graphics drivers before anything else
boot.initrd.kernelModules = [ "amdgpu" ];
# load graphics drivers before anything else
boot.initrd.kernelModules = [ "amdgpu" ];
hardware.graphics = {
enable = true;
enable32Bit = true;
extraPackages = with pkgs; [ amdvlk ];
};
services.xserver.videoDrivers = [ "amdgpu" ];
hardware.graphics = {
enable = true;
enable32Bit = true;
extraPackages = with pkgs; [ amdvlk ];
};
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
services.xserver.videoDrivers = [ "amdgpu" ];
}

153
modules/nixos/features/borgmatic.nix
View file

@ -1,92 +1,87 @@
{
# keep-sorted start
config,
lib,
# keep-sorted end
...
}:
let
feature = "borgmatic";
in
{
config = lib.mkIf config.${feature}.enable {
# service
services.borgmatic = {
enable = true;
settings = {
# keep-sorted start block=yes
compression = "auto,zlib";
encryption_passcommand = "cat ${config.age.secrets.borgmatic.path}";
keep_daily = 7;
keep_monthly = 6;
keep_weekly = 4;
keep_yearly = 1;
ntfy = {
topic = "backups";
server = config.services.ntfy-sh.settings.base-url;
finish = {
title = "Ping!";
message = "Your backups have succeeded :)";
tags = "tada,BorgBackup,Server";
};
fail = {
title = "Ping!";
message = "Your backups have failed :(";
tags = "rotating_light,BorgBackup,Server";
};
states = [
"finish"
"fail"
];
# service
services.borgmatic = {
enable = true;
settings = {
# keep-sorted start block=yes
compression = "auto,zlib";
encryption_passcommand = "cat ${config.age.secrets.borgmatic.path}";
keep_daily = 7;
keep_monthly = 6;
keep_weekly = 4;
keep_yearly = 1;
ntfy = {
topic = "backups";
server = config.services.ntfy-sh.settings.base-url;
finish = {
title = "Ping!";
message = "Your backups have succeeded :)";
tags = "tada,BorgBackup,Server";
};
repositories = [
{
path = "/backup/repo";
label = "onsite";
# encryption = "repokey-blake2";
}
{
path = "ssh://vuc5c3xq@vuc5c3xq.repo.borgbase.com/./repo";
label = "offsite";
# encryption = "repokey-blake2";
}
fail = {
title = "Ping!";
message = "Your backups have failed :(";
tags = "rotating_light,BorgBackup,Server";
};
states = [
"finish"
"fail"
];
retries = 3;
retry_wait = 10;
ssh_command = "ssh -i /home/srv/.ssh/id_ed25519";
# keep-sorted end
};
};
# postgres
services.postgresql.ensureUsers = [
{
name = "root";
}
];
systemd.services.postgresql.postStart = lib.mkAfter ''
/run/current-system/sw/bin/psql postgres -c "GRANT pg_read_all_data TO root"
'';
systemd.services.borgmatic.path = [
config.services.postgresql.package
];
# credentials
systemd.services.borgmatic.serviceConfig.LoadCredential = [
"borgmatic-pg:${config.age.secrets.borgmatic-pg.path}"
];
# onsite drive
services.udisks2.enable = true;
fileSystems."/backup" = {
device = "/dev/disk/by-uuid/d3b3d7dc-d634-4327-9ea2-9d8daa4ecf4e";
fsType = "ext4";
};
# secrets
age.secrets = {
"borgmatic".file = ../../../secrets/borgmatic.age;
"borgmatic-pg".file = ../../../secrets/borgmatic-pg.age;
repositories = [
{
path = "/backup/repo";
label = "onsite";
# encryption = "repokey-blake2";
}
{
path = "ssh://vuc5c3xq@vuc5c3xq.repo.borgbase.com/./repo";
label = "offsite";
# encryption = "repokey-blake2";
}
];
retries = 3;
retry_wait = 10;
ssh_command = "ssh -i /home/srv/.ssh/id_ed25519";
# keep-sorted end
};
};
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
# postgres
services.postgresql.ensureUsers = [
{
name = "root";
}
];
systemd.services.postgresql.postStart = lib.mkAfter ''
/run/current-system/sw/bin/psql postgres -c "GRANT pg_read_all_data TO root"
'';
systemd.services.borgmatic.path = [
config.services.postgresql.package
];
# credentials
systemd.services.borgmatic.serviceConfig.LoadCredential = [
"borgmatic-pg:${config.age.secrets.borgmatic-pg.path}"
];
# onsite drive
services.udisks2.enable = true;
fileSystems."/backup" = {
device = "/dev/disk/by-uuid/d3b3d7dc-d634-4327-9ea2-9d8daa4ecf4e";
fsType = "ext4";
};
# secrets
age.secrets = {
"borgmatic".file = ../../../secrets/borgmatic.age;
"borgmatic-pg".file = ../../../secrets/borgmatic-pg.age;
};
}

76
modules/nixos/features/copyparty.nix
View file

@ -1,67 +1,51 @@
{
# keep-sorted start
config,
lib,
inputs,
lib,
# keep-sorted end
...
}:
let
feature = "copyparty";
port = "5000";
in
{
imports = [ inputs.copyparty.nixosModules.default ];
config = lib.mkIf config.${feature}.enable {
services = {
# service
copyparty = {
enable = true;
settings = {
z = true;
e2dsa = true;
e2ts = true;
e2vu = true;
p = lib.toInt port;
};
accounts = {
will = {
passwordFile = config.age.secrets.copyparty-will.path;
};
};
volumes = {
"/" = {
path = "/srv/copyparty";
access = {
r = "*";
A = [ "will" ];
};
};
};
services = {
copyparty = {
enable = true;
settings = {
z = true;
e2dsa = true;
e2ts = true;
e2vu = true;
p = lib.toInt port;
};
# reverse proxy
nginx = {
virtualHosts."${feature}.fi33.buzz" = {
forceSSL = true;
useACMEHost = "fi33.buzz";
locations."/" = {
proxyPass = "http://localhost:${port}";
# proxyWebsockets = true;
};
accounts.will.passwordFile = config.age.secrets.copyparty-will.path;
volumes."/" = {
path = "/srv/copyparty";
access = {
r = "*";
A = [ "will" ];
};
};
};
# secrets
age.secrets."copyparty-will" = {
file = ../../../secrets/copyparty-will.age;
owner = "copyparty";
nginx.virtualHosts."copyparty.fi33.buzz" = {
forceSSL = true;
useACMEHost = "fi33.buzz";
locations."/".proxyPass = "http://localhost:${port}";
};
nixpkgs.overlays = [ inputs.copyparty.overlays.default ];
};
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
# secrets
age.secrets."copyparty-will" = {
file = ../../../secrets/copyparty-will.age;
owner = "copyparty";
};
nixpkgs.overlays = [ inputs.copyparty.overlays.default ];
}

77
modules/nixos/features/couchdb.nix
View file

@ -1,60 +1,47 @@
{
config,
lib,
...
}:
let
feature = "couchdb";
port = "5984";
in
{
config = lib.mkIf config.${feature}.enable {
services = {
# service
couchdb = {
enable = true;
databaseDir = "/srv/couchdb";
viewIndexDir = "/srv/couchdb";
configFile = "/srv/couchdb";
port = lib.toInt port;
extraConfig = {
chttpd = {
require_valid_user = true;
enable_cors = true;
max_http_request_size = 4294967296;
};
chttpd_auth.require_valid_user = true;
httpd = {
WWW-Authenticate = ''Basic realm="couchdb"'';
enable_cors = true;
};
couchdb.max_document_size = 50000000;
cors = {
credentials = true;
origins = ''
app://obsidian.md,capacitor://localhost,http://localhost,https://localhost,capacitor://couchdb.fi33.buzz,http://couchdb.fi33.buzz,https://couchdb.fi33.buzz
'';
};
services = {
couchdb = {
enable = true;
databaseDir = "/srv/couchdb";
viewIndexDir = "/srv/couchdb";
configFile = "/srv/couchdb";
port = lib.toInt port;
extraConfig = {
chttpd = {
require_valid_user = true;
enable_cors = true;
max_http_request_size = 4294967296;
};
};
# reverse proxy
nginx = {
virtualHosts."${feature}.fi33.buzz" = {
forceSSL = true;
useACMEHost = "fi33.buzz";
locations."/" = {
proxyPass = "http://localhost:${port}";
# proxyWebsockets = true;
};
chttpd_auth.require_valid_user = true;
httpd = {
WWW-Authenticate = ''Basic realm="couchdb"'';
enable_cors = true;
};
couchdb.max_document_size = 50000000;
cors = {
credentials = true;
origins = ''
app://obsidian.md,capacitor://localhost,http://localhost,https://localhost,capacitor://couchdb.fi33.buzz,http://couchdb.fi33.buzz,https://couchdb.fi33.buzz
'';
};
};
};
};
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
nginx.virtualHosts."couchdb.fi33.buzz" = {
forceSSL = true;
useACMEHost = "fi33.buzz";
locations."/".proxyPass = "http://localhost:${port}";
};
};
}

18
modules/nixos/features/external-speakers.nix
View file

@ -1,17 +1,5 @@
{
config,
lib,
...
}:
let
feature = "external-speakers";
in
{
config = lib.mkIf config.${feature}.enable {
boot.extraModprobeConfig = ''
options snd_hda_intel power_save=0
'';
};
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
boot.extraModprobeConfig = ''
options snd_hda_intel power_save=0
'';
}

31
modules/nixos/features/flaresolverr.nix
View file

@ -1,34 +1,21 @@
{
config,
lib,
...
}:
let
feature = "flaresolverr";
port = "5011";
in
{
config = lib.mkIf config.${feature}.enable {
services = {
# service
flaresolverr = {
enable = true;
port = lib.toInt port;
};
services = {
flaresolverr = {
enable = true;
port = lib.toInt port;
};
# reverse proxy
nginx = {
virtualHosts."${feature}.fi33.buzz" = {
forceSSL = true;
useACMEHost = "fi33.buzz";
locations."/" = {
proxyPass = "http://localhost:${port}";
# proxyWebsockets = true;
};
};
};
nginx.virtualHosts."flaresolverr.fi33.buzz" = {
forceSSL = true;
useACMEHost = "fi33.buzz";
locations."/".proxyPass = "http://localhost:${port}";
};
};
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
}

19
modules/nixos/features/fonts.nix
View file

@ -1,21 +1,10 @@
{
config,
lib,
pkgs,
...
}:
let
feature = "fonts";
in
{
config = lib.mkIf config.${feature}.enable {
fonts.packages = with pkgs; [
nerd-fonts.jetbrains-mono
inter-nerdfont
];
};
imports = [ ];
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
fonts.packages = with pkgs; [
nerd-fonts.jetbrains-mono
inter-nerdfont
];
}

57
modules/nixos/features/gaming.nix
View file

@ -1,44 +1,35 @@
{
config,
lib,
pkgs,
...
}:
let
feature = "gaming";
in
{
config = lib.mkIf config.${feature}.enable {
environment.systemPackages = with pkgs; [
# keep-sorted start
heroic
lutris
mangohud
nexusmods-app
prismlauncher
protonup-qt
wine
wine64
winetricks
# keep-sorted end
];
environment.systemPackages = with pkgs; [
# keep-sorted start
heroic
lutris
mangohud
nexusmods-app
prismlauncher
protonup-qt
wine
wine64
winetricks
# keep-sorted end
];
programs = {
gamemode.enable = true;
steam = {
enable = true;
gamescopeSession.enable = true;
};
};
services.lact = {
programs = {
gamemode.enable = true;
steam = {
enable = true;
settings = { };
gamescopeSession.enable = true;
};
# latest kernel
boot.kernelPackages = pkgs.linuxPackages_latest;
};
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
services.lact = {
enable = true;
settings = { };
};
# latest kernel
boot.kernelPackages = pkgs.linuxPackages_latest;
}

93
modules/nixos/features/gnome.nix
View file

@ -1,59 +1,50 @@
{
config,
lib,
pkgs,
...
}:
let
feature = "gnome";
in
{
config = lib.mkIf config.${feature}.enable {
services = {
desktopManager.gnome.enable = true;
displayManager.gdm.enable = true;
};
environment = {
# https://discourse.nixos.org/t/howto-disable-most-gnome-default-applications-and-what-they-are/13505
gnome.excludePackages = with pkgs; [
# keep-sorted start
# baobab # disk usage analyzer
# cheese # photo booth
# eog # image viewer
epiphany # web browser
evince # document viewer
# file-roller # archive manager
geary # email client
gedit # text editor
gnome-calculator
gnome-calendar
gnome-characters
gnome-clocks
# gnome-disk-utility
gnome-connections
gnome-contacts
gnome-font-viewer
gnome-logs
gnome-maps
gnome-music
gnome-photos
# gnome-screenshot
# gnome-system-monitor
gnome-terminal
gnome-weather
seahorse # password manager
# simple-scan # document scanner
totem # video player
yelp # help viewer
# keep-sorted end
];
systemPackages = with pkgs; [
gnome-tweaks
bibata-cursors
];
};
services = {
desktopManager.gnome.enable = true;
displayManager.gdm.enable = true;
};
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
environment = {
# https://discourse.nixos.org/t/howto-disable-most-gnome-default-applications-and-what-they-are/13505
gnome.excludePackages = with pkgs; [
# keep-sorted start
# baobab # disk usage analyzer
# cheese # photo booth
# eog # image viewer
epiphany # web browser
evince # document viewer
# file-roller # archive manager
geary # email client
gedit # text editor
gnome-calculator
gnome-calendar
gnome-characters
gnome-clocks
# gnome-disk-utility
gnome-connections
gnome-contacts
gnome-font-viewer
gnome-logs
gnome-maps
gnome-music
gnome-photos
# gnome-screenshot
# gnome-system-monitor
gnome-terminal
gnome-weather
seahorse # password manager
# simple-scan # document scanner
totem # video player
yelp # help viewer
# keep-sorted end
];
systemPackages = with pkgs; [
gnome-tweaks
bibata-cursors
];
};
}

492
modules/nixos/features/homepage-dashboard.nix
View file

@ -1,11 +1,12 @@
{
# keep-sorted start
config,
lib,
pkgs,
# keep-sorted end
...
}:
let
feature = "homepage-dashboard";
port = "5004";
genSecrets =
secrets:
@ -34,280 +35,269 @@ let
];
in
{
config = lib.mkIf config.${feature}.enable {
services = {
# service
homepage-dashboard = {
enable = true;
listenPort = lib.toInt port;
allowedHosts = "homepage-dashboard.fi33.buzz";
services = [
# keep-sorted start block=yes
{
"Cloud Services" = [
{
"copyparty" = {
"description" = "Cloud file manager";
"icon" = "sh-copyparty.svg";
"href" = "https://copyparty.fi33.buzz/";
};
}
{
"CouchDB" = {
"description" = "Obsidian sync database";
"icon" = "couchdb.svg";
"href" = "https://couchdb.fi33.buzz/_utils/";
};
}
{
"ntfy" = {
"description" = "Notification service";
"icon" = "ntfy.svg";
"href" = "https://ntfy-sh.fi33.buzz/";
};
}
{
"Syncthing" = {
"description" = "Decentralised file synchronisation";
"icon" = "syncthing.svg";
"href" = "https://syncthing.fi33.buzz/";
};
}
{
"qBittorrent" = {
"description" = "BitTorrent client";
"icon" = "qbittorrent.svg";
"href" = "https://qbittorrent.fi33.buzz/";
};
}
{
"Vaultwarden" = {
"description" = "Password manager";
"icon" = "vaultwarden.svg";
"href" = "https://vaultwarden.fi33.buzz/";
};
}
];
}
{
"Media Management" = [
{
"Lidarr" = {
"description" = "Music collection manager";
"icon" = "lidarr.svg";
"href" = "https://lidarr.fi33.buzz/";
"widget" = {
"type" = "lidarr";
"url" = "https://lidarr.fi33.buzz/";
"key" = "@lidarr@";
"enableQueue" = true;
};
};
}
{
"Prowlarr" = {
"description" = "Indexer management tool";
"icon" = "prowlarr.svg";
"href" = "https://prowlarr.fi33.buzz/";
"widget" = {
"type" = "prowlarr";
"url" = "https://prowlarr.fi33.buzz/";
"key" = "@prowlarr@";
};
};
}
{
"Radarr" = {
"description" = "Movie collection manager";
"icon" = "radarr.svg";
"href" = "https://radarr.fi33.buzz/";
"widget" = {
"type" = "radarr";
"url" = "https://radarr.fi33.buzz/";
"key" = "@radarr@";
"enableQueue" = true;
};
};
}
{
"Sonarr" = {
"description" = "TV show collection manager";
"icon" = "sonarr.svg";
"href" = "https://sonarr.fi33.buzz/";
"widget" = {
"type" = "sonarr";
"url" = "https://sonarr.fi33.buzz/";
"key" = "@sonarr@";
"enableQueue" = true;
};
};
}
];
}
{
"Media Streaming" = [
{
"Immich" = {
"description" = "Photo backup";
"icon" = "immich.svg";
"href" = "https://immich.fi33.buzz/";
"widget" = {
"type" = "immich";
"fields" = [
"users"
"photos"
"videos"
"storage"
];
"url" = "https://immich.fi33.buzz/";
"version" = 2;
"key" = "@immich@";
};
};
}
{
"Jellyfin" = {
"description" = "Media streaming";
"icon" = "jellyfin.svg";
"href" = "https://jellyfin.fi33.buzz/";
"widget" = {
"type" = "jellyfin";
"url" = "https://jellyfin.fi33.buzz/";
"key" = "@jellyfin@";
"enableBlocks" = true;
"enableNowPlaying" = true;
"enableUser" = true;
"showEpisodeNumber" = true;
"expandOneStreamToTwoRows" = false;
};
};
}
{
"Miniflux" = {
"description" = "RSS aggregator";
"icon" = "miniflux.svg";
"href" = "https://miniflux.fi33.buzz/";
"widget" = {
"type" = "miniflux";
"url" = "https://miniflux.fi33.buzz/";
"key" = "@miniflux@";
};
};
}
{
"Paperless" = {
"description" = "Digital filing cabinet";
"icon" = "paperless.svg";
"href" = "https://paperless.fi33.buzz/";
"widget" = {
"type" = "paperlessngx";
"url" = "https://paperless.fi33.buzz/";
"username" = "admin";
"password" = "@paperless@";
};
};
}
];
}
{
"Utilities" = [
{
"NanoKVM" = {
"description" = "Remote KVM switch";
"icon" = "mdi-console.svg";
"href" = "http://nano-kvm/";
};
}
];
}
# keep-sorted end
];
settings = {
title = "Mission Control";
theme = "dark";
color = "neutral";
headerStyle = "clean";
layout = [
services = {
homepage-dashboard = {
enable = true;
listenPort = lib.toInt port;
allowedHosts = "homepage-dashboard.fi33.buzz";
services = [
# keep-sorted start block=yes
{
"Cloud Services" = [
{
"Media Streaming" = {
style = "row";
columns = 4;
useEqualHeights = true;
"copyparty" = {
"description" = "Cloud file manager";
"icon" = "sh-copyparty.svg";
"href" = "https://copyparty.fi33.buzz/";
};
}
{
"Media Management" = {
style = "row";
columns = 4;
useEqualHeights = true;
"CouchDB" = {
"description" = "Obsidian sync database";
"icon" = "couchdb.svg";
"href" = "https://couchdb.fi33.buzz/_utils/";
};
}
{
"Cloud Services" = {
style = "row";
columns = 3;
"ntfy" = {
"description" = "Notification service";
"icon" = "ntfy.svg";
"href" = "https://ntfy-sh.fi33.buzz/";
};
}
{
"Utilities" = {
style = "row";
columns = 3;
"Syncthing" = {
"description" = "Decentralised file synchronisation";
"icon" = "syncthing.svg";
"href" = "https://syncthing.fi33.buzz/";
};
}
{
"qBittorrent" = {
"description" = "BitTorrent client";
"icon" = "qbittorrent.svg";
"href" = "https://qbittorrent.fi33.buzz/";
};
}
{
"Vaultwarden" = {
"description" = "Password manager";
"icon" = "vaultwarden.svg";
"href" = "https://vaultwarden.fi33.buzz/";
};
}
];
quicklaunch.searchDescriptions = true;
disableUpdateCheck = true;
showStats = true;
statusStyle = "dot";
};
widgets = [
}
{
"Media Management" = [
{
"Lidarr" = {
"description" = "Music collection manager";
"icon" = "lidarr.svg";
"href" = "https://lidarr.fi33.buzz/";
"widget" = {
"type" = "lidarr";
"url" = "https://lidarr.fi33.buzz/";
"key" = "@lidarr@";
"enableQueue" = true;
};
};
}
{
"Prowlarr" = {
"description" = "Indexer management tool";
"icon" = "prowlarr.svg";
"href" = "https://prowlarr.fi33.buzz/";
"widget" = {
"type" = "prowlarr";
"url" = "https://prowlarr.fi33.buzz/";
"key" = "@prowlarr@";
};
};
}
{
"Radarr" = {
"description" = "Movie collection manager";
"icon" = "radarr.svg";
"href" = "https://radarr.fi33.buzz/";
"widget" = {
"type" = "radarr";
"url" = "https://radarr.fi33.buzz/";
"key" = "@radarr@";
"enableQueue" = true;
};
};
}
{
"Sonarr" = {
"description" = "TV show collection manager";
"icon" = "sonarr.svg";
"href" = "https://sonarr.fi33.buzz/";
"widget" = {
"type" = "sonarr";
"url" = "https://sonarr.fi33.buzz/";
"key" = "@sonarr@";
"enableQueue" = true;
};
};
}
];
}
{
"Media Streaming" = [
{
"Immich" = {
"description" = "Photo backup";
"icon" = "immich.svg";
"href" = "https://immich.fi33.buzz/";
"widget" = {
"type" = "immich";
"fields" = [
"users"
"photos"
"videos"
"storage"
];
"url" = "https://immich.fi33.buzz/";
"version" = 2;
"key" = "@immich@";
};
};
}
{
"Jellyfin" = {
"description" = "Media streaming";
"icon" = "jellyfin.svg";
"href" = "https://jellyfin.fi33.buzz/";
"widget" = {
"type" = "jellyfin";
"url" = "https://jellyfin.fi33.buzz/";
"key" = "@jellyfin@";
"enableBlocks" = true;
"enableNowPlaying" = true;
"enableUser" = true;
"showEpisodeNumber" = true;
"expandOneStreamToTwoRows" = false;
};
};
}
{
"Miniflux" = {
"description" = "RSS aggregator";
"icon" = "miniflux.svg";
"href" = "https://miniflux.fi33.buzz/";
"widget" = {
"type" = "miniflux";
"url" = "https://miniflux.fi33.buzz/";
"key" = "@miniflux@";
};
};
}
{
"Paperless" = {
"description" = "Digital filing cabinet";
"icon" = "paperless.svg";
"href" = "https://paperless.fi33.buzz/";
"widget" = {
"type" = "paperlessngx";
"url" = "https://paperless.fi33.buzz/";
"username" = "admin";
"password" = "@paperless@";
};
};
}
];
}
{
"Utilities" = [
{
"NanoKVM" = {
"description" = "Remote KVM switch";
"icon" = "mdi-console.svg";
"href" = "http://nano-kvm/";
};
}
];
}
# keep-sorted end
];
settings = {
title = "Mission Control";
theme = "dark";
color = "neutral";
headerStyle = "clean";
layout = [
{
search = {
provider = [
"duckduckgo"
"brave"
];
focus = true;
showSearchSuggestions = true;
target = "_blank";
"Media Streaming" = {
style = "row";
columns = 4;
useEqualHeights = true;
};
}
{
resources = {
cpu = true;
memory = true;
disk = [
"/"
"/backup"
];
cputemp = true;
tempmin = 0;
tempmax = 100;
units = "metric";
network = true;
uptime = true;
"Media Management" = {
style = "row";
columns = 4;
useEqualHeights = true;
};
}
{
"Cloud Services" = {
style = "row";
columns = 3;
};
}
{
"Utilities" = {
style = "row";
columns = 3;
};
}
];
quicklaunch.searchDescriptions = true;
disableUpdateCheck = true;
showStats = true;
statusStyle = "dot";
};
# reverse proxy
nginx = {
virtualHosts."${feature}.fi33.buzz" = {
forceSSL = true;
useACMEHost = "fi33.buzz";
locations."/" = {
proxyPass = "http://localhost:${port}";
# proxyWebsockets = true;
widgets = [
{
search = {
provider = [
"duckduckgo"
"brave"
];
focus = true;
showSearchSuggestions = true;
target = "_blank";
};
};
};
}
{
resources = {
cpu = true;
memory = true;
disk = [
"/"
"/backup"
];
cputemp = true;
tempmin = 0;
tempmax = 100;
units = "metric";
network = true;
uptime = true;
};
}
];
};
# secrets
age.secrets = genSecrets secrets;
system.activationScripts = insertSecrets secrets;
nginx.virtualHosts."homepage-dashboard.fi33.buzz" = {
forceSSL = true;
useACMEHost = "fi33.buzz";
locations."/".proxyPass = "http://localhost:${port}";
};
};
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
# secrets
age.secrets = genSecrets secrets;
system.activationScripts = insertSecrets secrets;
}

53
modules/nixos/features/immich.nix
View file

@ -1,46 +1,37 @@
{
config,
lib,
...
}:
let
feature = "immich";
port = "2283";
in
{
config = lib.mkIf config.${feature}.enable {
services = {
immich = {
enable = true;
port = builtins.fromJSON "${port}";
mediaLocation = "/srv/immich";
};
services = {
immich = {
enable = true;
port = lib.toInt "${port}";
mediaLocation = "/srv/immich";
};
# database backup
borgmatic.settings = {
postgresql_databases = [
{
name = "immich";
hostname = "localhost";
username = "root";
password = "{credential systemd borgmatic-pg}";
}
];
};
borgmatic.settings.postgresql_databases = [
{
name = "immich";
hostname = "localhost";
username = "root";
password = "{credential systemd borgmatic-pg}";
}
];
nginx = {
clientMaxBodySize = "50000M";
virtualHosts."${feature}.fi33.buzz" = {
forceSSL = true;
useACMEHost = "fi33.buzz";
locations."/" = {
proxyPass = "http://[::1]:${port}";
proxyWebsockets = true;
};
nginx = {
clientMaxBodySize = "50000M";
virtualHosts."immich.fi33.buzz" = {
forceSSL = true;
useACMEHost = "fi33.buzz";
locations."/" = {
proxyPass = "http://[::1]:${port}";
proxyWebsockets = true;
};
};
};
};
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
}

37
modules/nixos/features/intel-gpu.nix
View file

@ -1,32 +1,21 @@
{
config,
lib,
pkgs,
...
}:
let
feature = "intel-gpu";
in
{
config = lib.mkIf config.${feature}.enable {
hardware = {
enableAllFirmware = true;
graphics = {
enable = true;
extraPackages = with pkgs; [
# keep-sorted start
intel-compute-runtime
intel-media-driver
intel-ocl
libva-vdpau-driver
vpl-gpu-rt
# keep-sorted end
];
};
hardware = {
enableAllFirmware = true;
graphics = {
enable = true;
extraPackages = with pkgs; [
# keep-sorted start
intel-compute-runtime
intel-media-driver
intel-ocl
libva-vdpau-driver
vpl-gpu-rt
# keep-sorted end
];
};
};
imports = [ ];
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
}

40
modules/nixos/features/jellyfin.nix
View file

@ -1,36 +1,24 @@
{
config,
lib,
...
}:
let
feature = "jellyfin";
port = "8096";
in
{
config = lib.mkIf config.${feature}.enable {
services = {
# service
jellyfin = {
enable = true;
dataDir = "/srv/jellyfin";
group = "media";
};
# reverse proxy
nginx.virtualHosts."${feature}.fi33.buzz" = {
forceSSL = true;
useACMEHost = "fi33.buzz";
locations."/".proxyPass = "http://localhost:${port}";
};
services = {
jellyfin = {
enable = true;
dataDir = "/srv/jellyfin";
group = "media";
};
# use intel iGP
systemd.services.jellyfin.environment.LIBVA_DRIVER_NAME = "iHD";
environment.sessionVariables = {
LIBVA_DRIVER_NAME = "iHD";
nginx.virtualHosts."jellyfin.fi33.buzz" = {
forceSSL = true;
useACMEHost = "fi33.buzz";
locations."/".proxyPass = "http://localhost:${port}";
};
};
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
# use intel iGP
systemd.services.jellyfin.environment.LIBVA_DRIVER_NAME = "iHD";
environment.sessionVariables = {
LIBVA_DRIVER_NAME = "iHD";
};
}

35
modules/nixos/features/lidarr.nix
View file

@ -1,36 +1,23 @@
{
config,
lib,
...
}:
let
feature = "lidarr";
port = "5012";
in
{
config = lib.mkIf config.${feature}.enable {
services = {
# service
lidarr = {
enable = true;
dataDir = "/srv/lidarr";
settings.server.port = lib.toInt port;
group = "media";
};
services = {
lidarr = {
enable = true;
dataDir = "/srv/lidarr";
settings.server.port = lib.toInt port;
group = "media";
};
# reverse proxy
nginx = {
virtualHosts."${feature}.fi33.buzz" = {
forceSSL = true;
useACMEHost = "fi33.buzz";
locations."/" = {
proxyPass = "http://localhost:${port}";
# proxyWebsockets = true;
};
};
};
nginx.virtualHosts."lidarr.fi33.buzz" = {
forceSSL = true;
useACMEHost = "fi33.buzz";
locations."/".proxyPass = "http://localhost:${port}";
};
};
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
}

18
modules/nixos/features/link2c.nix
View file

@ -1,17 +1,5 @@
{
config,
lib,
...
}:
let
feature = "link2c";
in
{
config = lib.mkIf config.${feature}.enable {
services.udev.extraRules = ''
ACTION=="add", SUBSYSTEM=="usb", ATTR{idVendor}=="2e1a", ATTR{idProduct}=="4c03", TEST=="power/control", ATTR{power/control}="on"
'';
};
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
services.udev.extraRules = ''
ACTION=="add", SUBSYSTEM=="usb", ATTR{idVendor}=="2e1a", ATTR{idProduct}=="4c03", TEST=="power/control", ATTR{power/control}="on"
'';
}

24
modules/nixos/features/localisation.nix
View file

@ -1,21 +1,11 @@
{ config, lib, ... }:
let
feature = "localisation";
in
{
config = lib.mkIf config.${feature}.enable {
i18n = {
defaultLocale = "en_AU.UTF-8";
supportedLocales = [
"en_US.UTF-8/UTF-8"
"en_AU.UTF-8/UTF-8"
];
};
time.timeZone = "Australia/Melbourne";
i18n = {
defaultLocale = "en_AU.UTF-8";
supportedLocales = [
"en_US.UTF-8/UTF-8"
"en_AU.UTF-8/UTF-8"
];
};
imports = [ ];
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
time.timeZone = "Australia/Melbourne";
}

60
modules/nixos/features/miniflux.nix
View file

@ -1,54 +1,36 @@
{
config,
lib,
...
}:
let
feature = "miniflux";
port = "5010";
in
{
config = lib.mkIf config.${feature}.enable {
services = {
# service
miniflux = {
enable = true;
adminCredentialsFile = config.age.secrets.miniflux-creds.path;
config = {
BASE_URL = "https://miniflux.fi33.buzz";
LISTEN_ADDR = "localhost:${port}";
};
};
# database backup
borgmatic.settings = {
postgresql_databases = [
{
name = "miniflux";
hostname = "localhost";
username = "root";
password = "{credential systemd borgmatic-pg}";
}
];
};
# reverse proxy
nginx = {
virtualHosts."${feature}.fi33.buzz" = {
forceSSL = true;
useACMEHost = "fi33.buzz";
locations."/" = {
proxyPass = "http://localhost:${port}";
# proxyWebsockets = true;
};
};
services = {
miniflux = {
enable = true;
adminCredentialsFile = config.age.secrets.miniflux-creds.path;
config = {
BASE_URL = "https://miniflux.fi33.buzz";
LISTEN_ADDR = "localhost:${port}";
};
};
# secrets
age.secrets."miniflux-creds".file = ../../../secrets/miniflux-creds.age;
borgmatic.settings.postgresql_databases = [
{
name = "miniflux";
hostname = "localhost";
username = "root";
password = "{credential systemd borgmatic-pg}";
}
];
nginx.virtualHosts."miniflux.fi33.buzz" = {
forceSSL = true;
useACMEHost = "fi33.buzz";
locations."/".proxyPass = "http://localhost:${port}";
};
};
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
age.secrets."miniflux-creds".file = ../../../secrets/miniflux-creds.age;
}

17
modules/nixos/features/network.nix
View file

@ -1,21 +1,10 @@
{
config,
lib,
hostName,
...
}:
let
feature = "network";
in
{
config = lib.mkIf config.${feature}.enable {
networking = {
hostName = "${hostName}";
networkmanager.enable = true;
};
networking = {
hostName = "${hostName}";
networkmanager.enable = true;
};
imports = [ ];
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
}

63
modules/nixos/features/nginx.nix
View file

@ -1,48 +1,37 @@
{
config,
lib,
...
}:
let
feature = "nginx";
in
{
config = lib.mkIf config.${feature}.enable {
services.nginx = {
enable = true;
services.nginx = {
enable = true;
recommendedProxySettings = true;
recommendedTlsSettings = true;
recommendedGzipSettings = true;
recommendedOptimisation = true;
recommendedProxySettings = true;
recommendedTlsSettings = true;
recommendedGzipSettings = true;
recommendedOptimisation = true;
virtualHosts."*.fi33.buzz" = {
forceSSL = true;
useACMEHost = "fi33.buzz";
locations."/".index = "index.html";
};
virtualHosts."*.fi33.buzz" = {
forceSSL = true;
useACMEHost = "fi33.buzz";
locations."/".index = "index.html";
};
security.acme = {
acceptTerms = true;
defaults.email = "wi11@duck.com";
certs."fi33.buzz" = {
domain = "fi33.buzz";
extraDomainNames = [ "*.fi33.buzz" ];
group = "nginx";
dnsProvider = "porkbun";
dnsPropagationCheck = true;
credentialsFile = config.age.secrets."porkbun-api".path;
};
};
# secrets
age.secrets."porkbun-api" = {
file = ../../../secrets/porkbun-api.age;
};
users.users.nginx.extraGroups = [ "acme" ];
};
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
security.acme = {
acceptTerms = true;
defaults.email = "wi11@duck.com";
certs."fi33.buzz" = {
domain = "fi33.buzz";
extraDomainNames = [ "*.fi33.buzz" ];
group = "nginx";
dnsProvider = "porkbun";
dnsPropagationCheck = true;
credentialsFile = config.age.secrets."porkbun-api".path;
};
};
age.secrets."porkbun-api".file = ../../../secrets/porkbun-api.age;
users.users.nginx.extraGroups = [ "acme" ];
}

17
modules/nixos/features/nh.nix
View file

@ -1,20 +1,11 @@
{
config,
lib,
userName,
...
}:
let
feature = "nh";
in
{
config = lib.mkIf config.${feature}.enable {
programs.nh = {
enable = true;
# clean.enable = true;
flake = "/home/${userName}/.dots";
};
programs.nh = {
enable = true;
# clean.enable = true;
flake = "/home/${userName}/.dots";
};
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
}

50
modules/nixos/features/nix-settings.nix
View file

@ -1,34 +1,24 @@
{ config, lib, ... }:
let
feature = "nix-settings";
in
{
config = lib.mkIf config.${feature}.enable {
nix = {
gc = {
automatic = true;
dates = "weekly";
options = "--delete-older-than 20d";
persistent = true;
};
optimise = {
automatic = true;
persistent = true;
};
settings = {
experimental-features = [
"nix-command"
"flakes"
];
trusted-users = [
"will"
"srv"
];
};
nix = {
gc = {
automatic = true;
dates = "weekly";
options = "--delete-older-than 20d";
persistent = true;
};
optimise = {
automatic = true;
persistent = true;
};
settings = {
experimental-features = [
"nix-command"
"flakes"
];
trusted-users = [
"will"
"srv"
];
};
};
imports = [ ];
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
}

12
modules/nixos/features/nixpkgs.nix
View file

@ -1,13 +1,3 @@
{ config, lib, ... }:
let
feature = "nixpkgs";
in
{
config = lib.mkIf config.${feature}.enable {
nixpkgs.config.allowUnfree = true;
};
imports = [ ];
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
nixpkgs.config.allowUnfree = true;
}

171
modules/nixos/features/nixvim.nix
View file

@ -1,108 +1,97 @@
{
config,
inputs,
lib,
...
}:
let
feature = "nixvim";
in
{
config = lib.mkIf config.${feature}.enable {
environment.variables.EDITOR = "nvim";
programs.nixvim = {
environment.variables.EDITOR = "nvim";
programs.nixvim = {
enable = true;
clipboard = {
providers.wl-copy.enable = true;
register = "unnamedplus";
};
colorschemes.catppuccin = {
enable = true;
clipboard = {
providers.wl-copy.enable = true;
register = "unnamedplus";
};
colorschemes.catppuccin = {
settings.background.dark = "mocha";
};
dependencies = {
tree-sitter.enable = true;
gcc.enable = true;
};
diagnostic.settings.virtual_lines = true;
opts = {
autoindent = true;
expandtab = true;
number = true;
relativenumber = true;
shiftwidth = 2;
tabstop = 2;
colorcolumn = "80";
};
plugins = {
# autoclose brackets
autoclose.enable = true;
# completion window
cmp = {
enable = true;
settings.background.dark = "mocha";
autoEnableSources = true;
settings = {
mapping = {
"<C-Space>" = "cmp.mapping.complete()";
"<C-d>" = "cmp.mapping.scroll_docs(-4)";
"<C-e>" = "cmp.mapping.close()";
"<C-f>" = "cmp.mapping.scroll_docs(4)";
"<CR>" = "cmp.mapping.confirm({ select = true })";
"<S-Tab>" = "cmp.mapping(cmp.mapping.select_prev_item(), {'i', 's'})";
"<Tab>" = "cmp.mapping(cmp.mapping.select_next_item(), {'i', 's'})";
};
sources = [
{ name = "nvim_lsp"; }
{ name = "path"; }
{ name = "buffer"; }
];
};
};
dependencies = {
tree-sitter.enable = true;
gcc.enable = true;
};
diagnostic.settings.virtual_lines = true;
opts = {
autoindent = true;
expandtab = true;
number = true;
relativenumber = true;
shiftwidth = 2;
tabstop = 2;
colorcolumn = "80";
};
plugins = {
# autoclose brackets
autoclose.enable = true;
# completion window
cmp = {
enable = true;
autoEnableSources = true;
settings = {
mapping = {
"<C-Space>" = "cmp.mapping.complete()";
"<C-d>" = "cmp.mapping.scroll_docs(-4)";
"<C-e>" = "cmp.mapping.close()";
"<C-f>" = "cmp.mapping.scroll_docs(4)";
"<CR>" = "cmp.mapping.confirm({ select = true })";
"<S-Tab>" = "cmp.mapping(cmp.mapping.select_prev_item(), {'i', 's'})";
"<Tab>" = "cmp.mapping(cmp.mapping.select_next_item(), {'i', 's'})";
};
sources = [
{ name = "nvim_lsp"; }
{ name = "path"; }
{ name = "buffer"; }
];
# git changes in margin
gitsigns.enable = true;
# opens last edit position
lastplace.enable = true;
# lsp servers
lsp = {
enable = true;
inlayHints = true;
servers = {
nixd.enable = true;
rust_analyzer = {
enable = true;
installCargo = true;
installRustc = true;
};
hls = {
enable = true;
installGhc = true;
};
};
# git changes in margin
gitsigns.enable = true;
# opens last edit position
lastplace.enable = true;
# lsp servers
lsp = {
enable = true;
inlayHints = true;
servers = {
nixd.enable = true;
}
// lib.optionalAttrs config.dev.enable {
rust_analyzer = {
enable = true;
installCargo = true;
installRustc = true;
};
hls = {
enable = true;
installGhc = true;
};
};
};
lsp-format.enable = true;
lsp-lines.enable = true;
lsp-signature.enable = true;
lspkind.enable = true;
# status bar
lualine.enable = true;
# perform file system operations inside of neovim
oil.enable = true;
# syntax highlighting
treesitter.enable = true;
};
lsp-format.enable = true;
lsp-lines.enable = true;
lsp-signature.enable = true;
lspkind.enable = true;
# status bar
lualine.enable = true;
# perform file system operations inside of neovim
oil.enable = true;
# syntax highlighting
treesitter.enable = true;
};
};
imports = [ inputs.nixvim.nixosModules.nixvim ];
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
}

42
modules/nixos/features/ntfy-sh.nix
View file

@ -1,38 +1,24 @@
{
config,
lib,
...
}:
let
feature = "ntfy-sh";
port = "5002";
in
{
config = lib.mkIf config.${feature}.enable {
services = {
# service
ntfy-sh = {
enable = true;
settings = {
base-url = "https://ntfy-sh.fi33.buzz";
listen-http = ":${port}";
behind-proxy = true;
};
services = {
ntfy-sh = {
enable = true;
settings = {
base-url = "https://ntfy-sh.fi33.buzz";
listen-http = ":${port}";
behind-proxy = true;
};
};
# reverse proxy
nginx = {
virtualHosts."${feature}.fi33.buzz" = {
forceSSL = true;
useACMEHost = "fi33.buzz";
locations."/" = {
proxyPass = "http://localhost:${port}";
proxyWebsockets = true;
};
};
nginx.virtualHosts."ntfy-sh.fi33.buzz" = {
forceSSL = true;
useACMEHost = "fi33.buzz";
locations."/" = {
proxyPass = "http://localhost:${port}";
proxyWebsockets = true;
};
};
};
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
}

69
modules/nixos/features/paperless.nix
View file

@ -4,54 +4,41 @@
...
}:
let
feature = "paperless";
port = "5013";
in
{
config = lib.mkIf config.${feature}.enable {
services = {
# service
paperless = {
enable = true;
dataDir = "/srv/paperless";
database.createLocally = true;
passwordFile = config.age.secrets.paperless.path;
port = lib.toInt port;
settings = {
PAPERLESS_URL = "https://paperless.fi33.buzz";
};
};
# database backup
borgmatic.settings = {
postgresql_databases = [
{
name = "paperless";
hostname = "localhost";
username = "root";
password = "{credential systemd borgmatic-pg}";
}
];
};
# reverse proxy
nginx = {
virtualHosts."${feature}.fi33.buzz" = {
forceSSL = true;
useACMEHost = "fi33.buzz";
locations."/" = {
proxyPass = "http://localhost:${port}";
# proxyWebsockets = true;
};
};
services = {
paperless = {
enable = true;
dataDir = "/srv/paperless";
database.createLocally = true;
passwordFile = config.age.secrets.paperless.path;
port = lib.toInt port;
settings = {
PAPERLESS_URL = "https://paperless.fi33.buzz";
};
};
age.secrets."paperless" = {
file = ../../../secrets/paperless.age;
owner = "paperless";
borgmatic.settings = {
postgresql_databases = [
{
name = "paperless";
hostname = "localhost";
username = "root";
password = "{credential systemd borgmatic-pg}";
}
];
};
nginx.virtualHosts."miniflux.fi33.buzz" = {
forceSSL = true;
useACMEHost = "fi33.buzz";
locations."/".proxyPass = "http://localhost:${port}";
};
};
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
age.secrets."paperless" = {
file = ../../../secrets/paperless.age;
owner = "paperless";
};
}

22
modules/nixos/features/pipewire.nix
View file

@ -1,19 +1,11 @@
{ config, lib, ... }:
let
feature = "pipewire";
in
{
config = lib.mkIf config.${feature}.enable {
security.rtkit.enable = true;
security.rtkit.enable = true;
services.pipewire = {
alsa.enable = true;
alsa.support32Bit = true;
enable = true;
jack.enable = true;
pulse.enable = true;
};
services.pipewire = {
alsa.enable = true;
alsa.support32Bit = true;
enable = true;
jack.enable = true;
pulse.enable = true;
};
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
}

45
modules/nixos/features/plasma.nix
View file

@ -1,36 +1,27 @@
{
config,
lib,
pkgs,
...
}:
let
feature = "plasma";
in
{
config = lib.mkIf config.${feature}.enable {
services = {
desktopManager.plasma6.enable = true;
displayManager.sddm = {
enable = true;
wayland.enable = true;
};
services = {
desktopManager.plasma6.enable = true;
displayManager.sddm = {
enable = true;
wayland.enable = true;
};
environment.systemPackages =
with pkgs.kdePackages;
[
# keep-sorted start
ktorrent
kzones
# keep-sorted end
]
++ (with pkgs; [
# keep-sorted start
haruna
# keep-sorted end
]);
};
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
environment.systemPackages =
with pkgs.kdePackages;
[
# keep-sorted start
ktorrent
kzones
# keep-sorted end
]
++ (with pkgs; [
# keep-sorted start
haruna
# keep-sorted end
]);
}

31
modules/nixos/features/print-and-scan.nix
View file

@ -1,30 +1,21 @@
{
config,
lib,
pkgs,
...
}:
let
feature = "print-and-scan";
in
{
config = lib.mkIf config.${feature}.enable {
hardware.sane = {
hardware.sane = {
enable = true;
extraBackends = [ pkgs.hplip ];
};
services = {
avahi = {
enable = true;
extraBackends = [ pkgs.hplip ];
nssmdns4 = true;
openFirewall = true;
};
services = {
avahi = {
enable = true;
nssmdns4 = true;
openFirewall = true;
};
printing = {
enable = true;
drivers = [ pkgs.hplip ];
};
printing = {
enable = true;
drivers = [ pkgs.hplip ];
};
};
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
}

16
modules/nixos/features/protonmail-bridge.nix
View file

@ -1,17 +1,3 @@
{
config,
lib,
...
}:
let
feature = "protonmail-bridge";
in
{
config = lib.mkIf config.${feature}.enable {
services.protonmail-bridge.enable = true;
};
imports = [ ];
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
services.protonmail-bridge.enable = true;
}

34
modules/nixos/features/prowlarr.nix
View file

@ -1,35 +1,27 @@
{
config,
lib,
...
}:
let
feature = "prowlarr";
port = "5009";
in
{
config = lib.mkIf config.${feature}.enable {
services = {
# service
prowlarr = {
enable = true;
dataDir = "/srv/prowlarr";
settings.server.port = lib.toInt port;
};
services = {
prowlarr = {
enable = true;
dataDir = "/srv/prowlarr";
settings.server.port = lib.toInt port;
};
# reverse proxy
nginx = {
virtualHosts."${feature}.fi33.buzz" = {
forceSSL = true;
useACMEHost = "fi33.buzz";
locations."/" = {
proxyPass = "http://localhost:${port}";
# proxyWebsockets = true;
};
nginx = {
virtualHosts."prowlarr.fi33.buzz" = {
forceSSL = true;
useACMEHost = "fi33.buzz";
locations."/" = {
proxyPass = "http://localhost:${port}";
# proxyWebsockets = true;
};
};
};
};
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
}

47
modules/nixos/features/qbittorrent.nix
View file

@ -1,37 +1,28 @@
{ config, lib, ... }:
{
lib,
...
}:
let
feature = "qbittorrent";
port = "5005";
in
{
config = lib.mkIf config.${feature}.enable {
users.users.qbittorrent.extraGroups = [ "media" ];
services = {
qbittorrent = {
enable = true;
webuiPort = lib.toInt port;
profileDir = "/srv";
group = "media";
extraArgs = [
"--confirm-legal-notice"
];
};
services = {
# service
qbittorrent = {
enable = true;
webuiPort = lib.toInt port;
profileDir = "/srv";
group = "media";
extraArgs = [
"--confirm-legal-notice"
];
};
# reverse proxy
nginx = {
virtualHosts."${feature}.fi33.buzz" = {
forceSSL = true;
useACMEHost = "fi33.buzz";
locations."/" = {
proxyPass = "http://localhost:${port}";
# proxyWebsockets = true;
};
};
};
nginx.virtualHosts."qbittorrent.fi33.buzz" = {
forceSSL = true;
useACMEHost = "fi33.buzz";
locations."/".proxyPass = "http://localhost:${port}";
};
};
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
users.users.qbittorrent.extraGroups = [ "media" ];
}

36
modules/nixos/features/radarr.nix
View file

@ -1,37 +1,23 @@
{
config,
lib,
...
}:
let
feature = "radarr";
port = "5007";
in
{
config = lib.mkIf config.${feature}.enable {
services = {
# service
radarr = {
enable = true;
dataDir = "/srv/radarr";
settings.server.port = lib.toInt port;
group = "media";
services = {
radarr = {
enable = true;
dataDir = "/srv/radarr";
settings.server.port = lib.toInt port;
group = "media";
};
};
# reverse proxy
nginx = {
virtualHosts."${feature}.fi33.buzz" = {
forceSSL = true;
useACMEHost = "fi33.buzz";
locations."/" = {
proxyPass = "http://localhost:${port}";
# proxyWebsockets = true;
};
};
};
nginx.virtualHosts."radarr.fi33.buzz" = {
forceSSL = true;
useACMEHost = "fi33.buzz";
locations."/".proxyPass = "http://localhost:${port}";
};
};
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
}

36
modules/nixos/features/sonarr.nix
View file

@ -1,37 +1,23 @@
{
config,
lib,
...
}:
let
feature = "sonarr";
port = "5006";
in
{
config = lib.mkIf config.${feature}.enable {
services = {
# service
sonarr = {
enable = true;
dataDir = "/srv/sonarr";
settings.server.port = lib.toInt port;
group = "media";
services = {
sonarr = {
enable = true;
dataDir = "/srv/sonarr";
settings.server.port = lib.toInt port;
group = "media";
};
};
# reverse proxy
nginx = {
virtualHosts."${feature}.fi33.buzz" = {
forceSSL = true;
useACMEHost = "fi33.buzz";
locations."/" = {
proxyPass = "http://localhost:${port}";
# proxyWebsockets = true;
};
};
};
nginx.virtualHosts."sonarr.fi33.buzz" = {
forceSSL = true;
useACMEHost = "fi33.buzz";
locations."/".proxyPass = "http://localhost:${port}";
};
};
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
}

71
modules/nixos/features/syncthing.nix
View file

@ -1,15 +1,10 @@
{
config,
lib,
pkgs,
userName,
hostName,
...
}:
let
feature = "syncthing";
port = "5008";
devicesList = [
# keep-sorted start block=yes
{
@ -30,7 +25,6 @@ let
}
# keep-sorted end
];
devices = builtins.listToAttrs (
map (
{ device, id }:
@ -48,45 +42,34 @@ let
);
in
{
config = lib.mkIf config.${feature}.enable {
services = {
# service
syncthing = {
enable = true;
guiAddress = "0.0.0.0:${port}";
openDefaultPorts = true;
user = "${userName}";
dataDir = "/home/${userName}";
overrideDevices = true;
settings = {
inherit devices;
};
};
borgmatic.settings =
if userName == "srv" then
{
source_directories = [
"/home/srv/.config/syncthing"
"/home/srv/Sync"
];
}
else
null;
# reverse proxy
nginx = {
virtualHosts."${feature}.fi33.buzz" = {
forceSSL = true;
useACMEHost = "fi33.buzz";
locations."/" = {
proxyPass = "http://localhost:${port}";
# proxyWebsockets = true;
};
};
services = {
syncthing = {
enable = true;
guiAddress = "0.0.0.0:${port}";
openDefaultPorts = true;
user = "${userName}";
dataDir = "/home/${userName}";
overrideDevices = true;
settings = {
inherit devices;
};
};
};
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
borgmatic.settings =
if userName == "srv" then
{
source_directories = [
"/home/srv/.config/syncthing"
"/home/srv/Sync"
];
}
else
null;
nginx.virtualHosts."syncthing.fi33.buzz" = {
forceSSL = true;
useACMEHost = "fi33.buzz";
locations."/".proxyPass = "http://localhost:${port}";
};
};
}

14
modules/nixos/features/systemd-boot.nix
View file

@ -1,14 +1,6 @@
{ config, lib, ... }:
let
feature = "systemd-boot";
in
{
config = lib.mkIf config.${feature}.enable {
boot.loader = {
systemd-boot.enable = true;
efi.canTouchEfiVariables = true;
};
boot.loader = {
systemd-boot.enable = true;
efi.canTouchEfiVariables = true;
};
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
}

24
modules/nixos/features/tailscale.nix
View file

@ -1,22 +1,10 @@
{
config,
lib,
...
}:
let
feature = "tailscale";
in
{
config = lib.mkIf config.${feature}.enable {
services.tailscale = {
enable = true;
extraSetFlags = [
"--accept-dns=true"
];
};
networking.firewall.trustedInterfaces = [ "tailscale0" ];
services.tailscale = {
enable = true;
extraSetFlags = [
"--accept-dns=true"
];
};
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
networking.firewall.trustedInterfaces = [ "tailscale0" ];
}

38
modules/nixos/features/tlp.nix
View file

@ -1,29 +1,19 @@
{ config, lib, ... }:
let
feature = "tlp";
in
{
config = lib.mkIf config.${feature}.enable {
# Disable if devices take long to unsuspend (keyboard, mouse, etc)
powerManagement.powertop.enable = true;
services = {
power-profiles-daemon.enable = false;
tlp = {
enable = true;
settings = {
# keep-sorted start
CPU_BOOST_ON_AC = 1;
CPU_BOOST_ON_BAT = 0;
CPU_SCALING_GOVERNOR_ON_AC = "performance";
CPU_SCALING_GOVERNOR_ON_BAT = "powersave";
STOP_CHARGE_THRESH_BAT0 = 95;
# keep-sorted end
};
# Disable if devices take long to unsuspend (keyboard, mouse, etc)
powerManagement.powertop.enable = true;
services = {
power-profiles-daemon.enable = false;
tlp = {
enable = true;
settings = {
# keep-sorted start
CPU_BOOST_ON_AC = 1;
CPU_BOOST_ON_BAT = 0;
CPU_SCALING_GOVERNOR_ON_AC = "performance";
CPU_SCALING_GOVERNOR_ON_BAT = "powersave";
STOP_CHARGE_THRESH_BAT0 = 95;
# keep-sorted end
};
};
};
imports = [ ];
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
}

44
modules/nixos/features/vaultwarden.nix
View file

@ -1,33 +1,28 @@
{
config,
lib,
...
}:
let
feature = "vaultwarden";
port = "5001";
in
{
config = lib.mkIf config.${feature}.enable {
services = {
vaultwarden = {
enable = true;
backupDir = "/srv/vaultwarden";
config = {
rocketPort = "${port}";
domain = "https://vaultwarden.fi33.buzz";
signupsAllowed = false;
invitationsAllowed = false;
showPasswordHint = false;
useSyslog = true;
extendedLogging = true;
adminTokenFile = "${config.age.secrets.vaultwarden-admin.path}";
};
services = {
vaultwarden = {
enable = true;
backupDir = "/srv/vaultwarden";
config = {
rocketPort = "${port}";
domain = "https://vaultwarden.fi33.buzz";
signupsAllowed = false;
invitationsAllowed = false;
showPasswordHint = false;
useSyslog = true;
extendedLogging = true;
adminTokenFile = "${config.age.secrets.vaultwarden-admin.path}";
};
};
# reverse proxy
services.nginx.virtualHosts."${feature}.fi33.buzz" = {
nginx.virtualHosts."vaultwarden.fi33.buzz" = {
forceSSL = true;
useACMEHost = "fi33.buzz";
locations."/" = {
@ -35,13 +30,10 @@ in
proxyWebsockets = true;
};
};
# secrets
age.secrets."vaultwarden-admin" = {
file = ../../../secrets/vaultwarden-admin.age;
owner = "vaultwarden";
};
};
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
age.secrets."vaultwarden-admin" = {
file = ../../../secrets/vaultwarden-admin.age;
owner = "vaultwarden";
};
}

9
modules/templates/bundle.nix Normal file
View file

@ -0,0 +1,9 @@
{
util,
...
}:
{
imports = util.toImports ./features [
];
}

11
modules/templates/feature.nix
View file

@ -1,17 +1,6 @@
{
config,
lib,
...
}:
let
feature = "replace";
in
{
config = lib.mkIf config.${feature}.enable {
};
imports = [ ];
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
}

34
modules/templates/web-feature.nix
View file

@ -1,34 +1,18 @@
{
config,
lib,
...
}:
let
feature = "replace";
port = "port";
in
{
config = lib.mkIf config.${feature}.enable {
services = {
# service
replace = {
enable = true;
};
services = {
feature = {
enable = true;
};
# backup
borgbackup.jobs = feature { };
borgbackup.jobs = feature { };
# reverse proxy
nginx.virtualHosts."${feature}.fi33.buzz" = {
forceSSL = true;
useACMEHost = "fi33.buzz";
locations."/" = {
proxyPass = "http://localhost:${port}";
# proxyWebsockets = true;
};
};
nginx.virtualHosts."feature.fi33.buzz" = {
forceSSL = true;
useACMEHost = "fi33.buzz";
locations."/".proxyPass = "http://localhost:${port}";
};
};
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
}

3
util.nix Normal file
View file

@ -0,0 +1,3 @@
{
toImports = basedir: modules: map (module: basedir + "/${module}.nix") modules;
}