will-holdsworth/dots
1
1
Fork 0
Code Issues 22 Pull requests Projects 1 Releases Packages Wiki Activity Actions 1

Compare commits

merge into: will-holdsworth:enhancement/6
Branches Tags
will-holdsworth:main
will-holdsworth:100
will-holdsworth:update_flake_lock_action
will-holdsworth:71
will-holdsworth:enhancement/32
will-holdsworth:enhancement/6
...
pull from: will-holdsworth:main
Branches Tags
will-holdsworth:main
will-holdsworth:100
will-holdsworth:update_flake_lock_action
will-holdsworth:71
will-holdsworth:enhancement/32
will-holdsworth:enhancement/6
Sign in to create a new pull request.

154 commits
enhancemen ... main

Author SHA1 Message Date
Will Holdsworth
81bf6d1c45
feat(tailscale): disable for now, ssh works without 2026-03-12 20:02:34 +11:00
Will Holdsworth
9d3c2336dc Merge pull request 'Install LibreWolf' (#137) from 99 into main 
Reviewed-on: #137
 2026-03-12 20:01:30 +11:00
Will Holdsworth
7483af690a
feat(firefox): remove for now in favour of librewolf 2026-03-12 19:49:14 +11:00
Will Holdsworth
d7196bb746
feat(firefox): update config based on librewolf config 2026-03-12 19:49:00 +11:00
Will Holdsworth
5acabc9745
feat(librewolf): install 2026-03-12 19:48:50 +11:00
Will Holdsworth
f98b6fe4a7
fix(syncthing): alternative config should be empty set, not null 2026-03-12 19:01:05 +11:00
Will Holdsworth
6328d80bdf
fix(lazygit): allow rewording signed commits 2026-03-09 14:36:45 +11:00
Will Holdsworth
a2d43c4dd9
feat(borgbackup): replace borgmatic 2026-03-09 14:09:06 +11:00
github-actions[bot]
d26b436626 flake.lock: Update 
Flake lock file updates:

• Updated input 'copyparty':
    'github:9001/copyparty/ab8bd01' (2026-02-23)
  → 'github:9001/copyparty/981a7cd' (2026-03-08)
• Updated input 'home-manager':
    'github:nix-community/home-manager/9a4b494' (2026-02-23)
  → 'github:nix-community/home-manager/5be5d82' (2026-03-08)
• Updated input 'nix-citizen':
    'github:LovingMelody/nix-citizen/bebdc04' (2026-02-20)
  → 'github:LovingMelody/nix-citizen/73c8d04' (2026-03-06)
• Updated input 'nix-citizen/flake-parts':
    'github:hercules-ci/flake-parts/5792860' (2026-02-02)
  → 'github:hercules-ci/flake-parts/f20dc5d' (2026-03-01)
• Updated input 'nix-citizen/nixpkgs':
    'github:NixOS/nixpkgs/0182a36' (2026-02-17)
  → 'github:NixOS/nixpkgs/80bdc1e' (2026-03-04)
• Updated input 'nix-citizen/treefmt-nix':
    'github:numtide/treefmt-nix/337a4fe' (2026-02-04)
  → 'github:numtide/treefmt-nix/3710e0e' (2026-03-04)
• Updated input 'nix-gaming':
    'github:fufexan/nix-gaming/e70ef85' (2026-02-23)
  → 'github:fufexan/nix-gaming/d2b0b28' (2026-03-08)
• Updated input 'nix-gaming/flake-parts':
    'github:hercules-ci/flake-parts/5792860' (2026-02-02)
  → 'github:hercules-ci/flake-parts/f20dc5d' (2026-03-01)
• Updated input 'nix-gaming/flake-parts/nixpkgs-lib':
    'github:nix-community/nixpkgs.lib/7271616' (2026-02-01)
  → 'github:nix-community/nixpkgs.lib/c185c7a' (2026-03-01)
• Added input 'nix-gaming/git-hooks':
    'github:cachix/git-hooks.nix/8baab58' (2026-03-07)
• Added input 'nix-gaming/git-hooks/flake-compat':
    'github:NixOS/flake-compat/5edf11c' (2025-12-29)
• Added input 'nix-gaming/git-hooks/gitignore':
    'github:hercules-ci/gitignore.nix/637db32' (2024-02-28)
• Added input 'nix-gaming/git-hooks/gitignore/nixpkgs':
    follows 'nix-gaming/git-hooks/nixpkgs'
• Added input 'nix-gaming/git-hooks/nixpkgs':
    follows 'nix-gaming/nixpkgs'
• Updated input 'nix-gaming/nixpkgs':
    'github:NixOS/nixpkgs/d1c15b7' (2026-02-16)
  → 'github:NixOS/nixpkgs/917fec9' (2026-03-05)
• Updated input 'nixpkgs':
    'github:nixos/nixpkgs/0182a36' (2026-02-17)
  → 'github:nixos/nixpkgs/aca4d95' (2026-03-06)
• Updated input 'nixvim':
    'github:nix-community/nixvim/ed0424f' (2026-02-15)
  → 'github:nix-community/nixvim/21ae25e' (2026-03-01)
• Updated input 'nur':
    'github:nix-community/NUR/c5fa7a8' (2026-02-23)
  → 'github:nix-community/NUR/407db2f' (2026-03-08)
 2026-03-08 16:07:14 +00:00
Will
adba178f3d
Merge pull request #134 from wi11-holdsworth/111 
feat(mealie): install
 2026-03-07 16:54:55 +11:00
Will Holdsworth
1b86bc33db
feat(homepage-dashboard): add mealie 2026-03-07 16:54:55 +11:00
Will Holdsworth
2548046985
feat(mealie): install 2026-03-07 16:54:55 +11:00
Will
e71dd7e87d
Merge pull request #133 from wi11-holdsworth/101 
feat(fi33.buzz): host personal website
 2026-03-07 14:34:48 +11:00
Will Holdsworth
5a6da0744b
feat(fi33.buzz): host personal website 2026-03-07 14:34:23 +11:00
Will
ebf47820a0
Merge pull request #132 from wi11-holdsworth/123 
feat(gatus): add ntfy alerting for all services
 2026-03-07 13:39:56 +11:00
Will Holdsworth
3ac81e38e8
feat: add gatus config to web-feature template 2026-03-07 13:39:16 +11:00
Will Holdsworth
c41995561a
feat(gatus): add ntfy alerting for all services 2026-03-07 13:39:05 +11:00
Will Holdsworth
9a7169c1cb
feat(ntfy): add user for gatus with token 2026-03-07 13:38:39 +11:00
Will
a89d9a1952
Merge pull request #131 from wi11-holdsworth/129 
feat(gatus): add custom appearance
 2026-03-07 13:35:41 +11:00
Will Holdsworth
a7b5995e01
feat(gatus): add custom appearance 2026-03-07 13:35:14 +11:00
Will
c30348d810
Merge pull request #122 from wi11-holdsworth/95 
Host gatus
 2026-03-04 21:27:32 +11:00
Will Holdsworth
48315cfb8e
feat: add gatus entry for each subdomain 2026-03-04 21:26:18 +11:00
Will Holdsworth
fe11ecea2a
feat(gatus): install 2026-03-04 18:53:49 +11:00
Will Holdsworth
663b39451c
feat(laptop): update hardware uuids and ssh keys 2026-03-04 18:17:22 +11:00
Will Holdsworth
c96f08c3f1
feat(homepage-dashboard): initially collapse utilities section, and hide app version 2026-03-02 23:35:01 +11:00
Will Holdsworth
7a4898b4db
feat(homepage-dashboard): add status monitoring 2026-03-02 23:21:50 +11:00
Will
81c741f5da
Merge pull request #121 from wi11-holdsworth/116 
Host LibreTranslate
 2026-03-02 04:08:19 -08:00
Will Holdsworth
a9ac65f3f7
feat(homepage-dashboard): add libretranslate 2026-03-02 23:07:50 +11:00
Will Holdsworth
d4118655df
feat(libretranslate): install 2026-03-02 23:07:50 +11:00
Will Holdsworth
de21c82acb
style(homepage-dashboard): update service taglines by taking inspiration from repository taglines 2026-03-02 22:51:55 +11:00
Will
e032370b99
Merge pull request #120 from wi11-holdsworth/114 
Host CryptPad
 2026-03-02 03:51:14 -08:00
Will
c545418355
Merge branch 'main' into 114 2026-03-02 03:51:06 -08:00
Will Holdsworth
036e775835
feat(homepage-dashboard): add cryptpad 2026-03-02 22:46:03 +11:00
Will Holdsworth
2551f74ca4
feat(cryptpad): install 2026-03-02 22:46:03 +11:00
Will
522c9fc253
Merge pull request #119 from wi11-holdsworth/113 
Install send
 2026-03-02 21:54:50 +11:00
Will Holdsworth
7f0f92dcf2
feat(homepage-dashboard): add send 2026-03-02 21:54:50 +11:00
Will
bd1de92aea
Merge pull request #119 from wi11-holdsworth/113 
Install send
 2026-03-02 02:46:46 -08:00
Will Holdsworth
0c8fb875c3
feat(homepage-dashboard): add send 2026-03-02 21:46:11 +11:00
Will Holdsworth
143f1dafac
feat(send): install 2026-03-02 21:46:01 +11:00
Will
cea5fc1df7
Merge pull request #110 from wi11-holdsworth/79 
fix(prowlarr): data dir doesn't seem to be supported properly
 2026-03-02 21:18:08 +11:00
Will Holdsworth
afa8f669c9
fix(prowlarr): data dir doesn't seem to be supported properly, just use default data dir at /var/lib 2026-03-02 21:18:08 +11:00
Will Holdsworth
cab4e8fd57
fix(borgmatic): revert #2197490b 2026-03-01 13:16:31 +11:00
Will Holdsworth
927428224f
refactor(agenix): remove unused keys 2026-02-24 23:38:12 +11:00
wi11-holdsworth
b1369d9233
feat(git): add signing key to secrets store and sign all commits by default 2026-02-24 23:15:49 +11:00
wi11-holdsworth
e3c18152d5 fix(homepage-dashboard): for some bizzare reason, the "bazarr" key wasn't working but I changed the name to "subtitles" and it works so yay 2026-02-24 22:25:00 +11:00
github-actions[bot]
9ce15bc963 flake.lock: Update 
Flake lock file updates:

• Updated input 'copyparty':
    'github:9001/copyparty/d067d2a' (2026-02-14)
  → 'github:9001/copyparty/ab8bd01' (2026-02-23)
• Updated input 'home-manager':
    'github:nix-community/home-manager/ae8003d' (2026-02-15)
  → 'github:nix-community/home-manager/9a4b494' (2026-02-23)
• Updated input 'nix-citizen':
    'github:LovingMelody/nix-citizen/2affbcd' (2026-02-13)
  → 'github:LovingMelody/nix-citizen/bebdc04' (2026-02-20)
• Updated input 'nix-citizen/nixpkgs':
    'github:NixOS/nixpkgs/ec7c70d' (2026-02-11)
  → 'github:NixOS/nixpkgs/0182a36' (2026-02-17)
• Updated input 'nix-gaming':
    'github:fufexan/nix-gaming/0c4bf3a' (2026-02-15)
  → 'github:fufexan/nix-gaming/e70ef85' (2026-02-23)
• Updated input 'nix-gaming/nixpkgs':
    'github:NixOS/nixpkgs/2343bbb' (2026-02-11)
  → 'github:NixOS/nixpkgs/d1c15b7' (2026-02-16)
• Updated input 'nixpkgs':
    'github:nixos/nixpkgs/a82ccc3' (2026-02-13)
  → 'github:nixos/nixpkgs/0182a36' (2026-02-17)
• Updated input 'nur':
    'github:nix-community/NUR/76daea0' (2026-02-16)
  → 'github:nix-community/NUR/c5fa7a8' (2026-02-23)
 2026-02-24 22:08:31 +11:00
wi11-holdsworth
3c46d9e066 feat: prepare for exposure to the internet 
* open ports 80 and 443
* password-protect copyparty and ntfy-sh
* randomise usernames for radicale and copyparty
 2026-02-24 22:08:31 +11:00
wi11-holdsworth
fbd4da91c0 fix(copyparty): disable read access for all non-users 2026-02-22 16:47:53 +11:00
wi11-holdsworth
9bdffc9a3a fix(copyparty): support reverse proxies 2026-02-22 16:47:53 +11:00
wi11-holdsworth
b6dafe4908 fix(yazi): update shell wrapper name 2026-02-22 16:47:53 +11:00
wi11-holdsworth
3323c6ba7a fix(syncthing): only needs to be defined in the default module, not also the server module 2026-02-22 16:47:53 +11:00
wi11-holdsworth
a54857c365 refactor: remove software associated with llms 2026-02-22 16:47:53 +11:00
wi11-holdsworth
c0e7f6f649 fix: nexus mods app is no longer maintained 2026-02-18 19:22:10 +11:00
github-actions[bot]
ce72f5129a flake.lock: Update 
Flake lock file updates:

• Updated input 'agenix':
    'github:ryantm/agenix/fcdea22' (2025-11-08)
  → 'github:ryantm/agenix/b027ee2' (2026-02-04)
• Updated input 'copyparty':
    'github:9001/copyparty/d5a8a34' (2026-01-12)
  → 'github:9001/copyparty/d067d2a' (2026-02-14)
• Updated input 'home-manager':
    'github:nix-community/home-manager/8bc5473' (2026-01-10)
  → 'github:nix-community/home-manager/ae8003d' (2026-02-15)
• Updated input 'nix-citizen':
    'github:LovingMelody/nix-citizen/7b5ad5f' (2026-01-10)
  → 'github:LovingMelody/nix-citizen/2affbcd' (2026-02-13)
• Updated input 'nix-citizen/flake-parts':
    'github:hercules-ci/flake-parts/250481a' (2026-01-05)
  → 'github:hercules-ci/flake-parts/5792860' (2026-02-02)
• Updated input 'nix-citizen/nixpkgs':
    'github:NixOS/nixpkgs/3497aa5' (2026-01-08)
  → 'github:NixOS/nixpkgs/ec7c70d' (2026-02-11)
• Updated input 'nix-citizen/treefmt-nix':
    'github:numtide/treefmt-nix/778a1d6' (2026-01-07)
  → 'github:numtide/treefmt-nix/337a4fe' (2026-02-04)
• Updated input 'nix-gaming':
    'github:fufexan/nix-gaming/c104472' (2026-01-13)
  → 'github:fufexan/nix-gaming/0c4bf3a' (2026-02-15)
• Updated input 'nix-gaming/flake-parts':
    'github:hercules-ci/flake-parts/250481a' (2026-01-05)
  → 'github:hercules-ci/flake-parts/5792860' (2026-02-02)
• Updated input 'nix-gaming/flake-parts/nixpkgs-lib':
    'github:nix-community/nixpkgs.lib/2075416' (2025-12-14)
  → 'github:nix-community/nixpkgs.lib/7271616' (2026-02-01)
• Updated input 'nix-gaming/nixpkgs':
    'github:NixOS/nixpkgs/3146c6a' (2026-01-10)
  → 'github:NixOS/nixpkgs/2343bbb' (2026-02-11)
• Updated input 'nixpkgs':
    'github:nixos/nixpkgs/ffbc9f8' (2026-01-11)
  → 'github:nixos/nixpkgs/a82ccc3' (2026-02-13)
• Updated input 'nixvim':
    'github:nix-community/nixvim/7eb8f36' (2026-01-08)
  → 'github:nix-community/nixvim/ed0424f' (2026-02-15)
• Updated input 'nixvim/flake-parts':
    'github:hercules-ci/flake-parts/a34fae9' (2025-12-15)
  → 'github:hercules-ci/flake-parts/5792860' (2026-02-02)
• Updated input 'nur':
    'github:nix-community/NUR/ecccc8e' (2026-01-12)
  → 'github:nix-community/NUR/76daea0' (2026-02-16)
 2026-02-16 16:15:54 +00:00
wi11-holdsworth
b9ec41d462 refactor(homepage-dashboard): remove unnecessary quotes around non-spaced words 2026-01-20 15:43:57 +11:00
wi11-holdsworth
3f069b9391 feat(homepage-dashboard): use equal heights in all sections 2026-01-20 15:43:54 +11:00
wi11-holdsworth
69c335dc2f feat(shell-aliases): break out to separate module to ensure aliases can be used over all shells 2026-01-20 13:13:57 +11:00
wi11-holdsworth
2197490b63 feat(borgmatic): ensure that all sqlite databases are backed up separately from the services they store data for 2026-01-20 13:13:57 +11:00
wi11-holdsworth
48b0a2325d fix(tailscale): exposing the network interface is not necessary 2026-01-15 00:54:42 +11:00
Will
585885f28d Merge pull request #80 from wi11-holdsworth/55 
Switch to caddy
 2026-01-15 00:54:19 +11:00
wi11-holdsworth
33af7eaadf feat(caddy): install and replace nginx 2026-01-15 00:54:19 +11:00
wi11-holdsworth
500c704cf4 feat(homepage-dashboard): add firefly 2026-01-15 00:33:50 +11:00
wi11-holdsworth
c9dc8d54ac fix(localisation): consolidate host-specific settings into single module 2026-01-15 00:33:50 +11:00
wi11-holdsworth
ab95710e1f refactor(syncthing): new phone, new syncthing client id 2026-01-14 23:57:40 +11:00
Will
15a3fbc455 Merge pull request #78 from wi11-holdsworth/71 
Set up upbank2firefly
 2026-01-14 22:25:29 +11:00
wi11-holdsworth
d9785dcd05 feat(upbank2firefly): install as a docker container 2026-01-14 21:33:09 +11:00
Will
4200f49728
Merge pull request #77 from wi11-holdsworth/68 
Install firefly
 2026-01-14 15:29:17 +11:00
wi11-holdsworth
f793bee495 feat(firefly): install 2026-01-14 15:28:18 +11:00
wi11-holdsworth
4ec5efa5ac refactor(gaming): remove lutris as star citizen is installed separetely now 2026-01-14 14:27:56 +11:00
wi11-holdsworth
a9b65fc1fc feat(star-citizen): install 2026-01-14 14:27:38 +11:00
wi11-holdsworth
394bf7519e feat: install snitch 2026-01-14 12:22:43 +11:00
wi11-holdsworth
fa31cbd29d refactor(fish): prefix aliases that replace a command with a comma 2026-01-14 12:22:28 +11:00
wi11-holdsworth
a729f8b6ea feat(fd): create package module 2026-01-14 11:57:32 +11:00
wi11-holdsworth
4bb49ae510 feat(bottom): create package module with theme 2026-01-14 11:57:28 +11:00
wi11-holdsworth
ec0d6928b0 feat(llm): install to desktop with some basic models 2026-01-14 01:32:36 +11:00
wi11-holdsworth
b20f8db92f refactor(kitty): deprecate in favour of alacritty 2026-01-13 14:24:36 +11:00
wi11-holdsworth
6a12889354 feat(alacritty): install and enable in gui bundle 2026-01-13 14:23:56 +11:00
wi11-holdsworth
46770f6e10 feat(gaming): no longer need latest kernel for optimal performance 2026-01-13 13:51:35 +11:00
wi11-holdsworth
a5c57fa4e7 refactor(default): nixfmt-rfc-style has been replaced with nixfmt 2026-01-13 13:50:44 +11:00
github-actions[bot]
bae532c1b1 flake.lock: Update 
Flake lock file updates:

• Updated input 'copyparty':
    'github:9001/copyparty/364f74a' (2026-01-04)
  → 'github:9001/copyparty/d5a8a34' (2026-01-12)
• Updated input 'home-manager':
    'github:nix-community/home-manager/7d5927b' (2026-01-04)
  → 'github:nix-community/home-manager/8bc5473' (2026-01-10)
• Updated input 'nixpkgs':
    'github:nixos/nixpkgs/fb7944c' (2026-01-02)
  → 'github:nixos/nixpkgs/ffbc9f8' (2026-01-11)
• Updated input 'nixvim':
    'github:nix-community/nixvim/d61584c' (2026-01-02)
  → 'github:nix-community/nixvim/7eb8f36' (2026-01-08)
• Updated input 'nur':
    'github:nix-community/NUR/3b2e3c6' (2026-01-04)
  → 'github:nix-community/NUR/ecccc8e' (2026-01-12)
 2026-01-13 13:50:44 +11:00
Will
74a6ea5c76
Merge pull request #75 from wi11-holdsworth/73 
Install qui
 2026-01-13 13:10:55 +11:00
wi11-holdsworth
8ab2740c3f feat(homepage-dashboard): add link to qui 2026-01-13 13:06:40 +11:00
wi11-holdsworth
489a5b5f26 feat(qui): install 2026-01-13 13:06:24 +11:00
wi11-holdsworth
a56efefe1e fix(homepage-dashboard): update login credentials for nzbget 2026-01-13 13:06:06 +11:00
Will
64761c9e89
Merge pull request #74 from wi11-holdsworth/56 
Install NZBget
 2026-01-12 17:18:52 +11:00
wi11-holdsworth
b3eaee27c9 feat(nzbget): install unrar to enable nzbget to extract rar arhcives 2026-01-12 17:17:41 +11:00
wi11-holdsworth
6552269081 fix(borgmatic): moving backup repo to another drive disabled backup momentarily 2026-01-07 18:54:44 +11:00
wi11-holdsworth
2517ff6067 fix(homepage-dashboard): prowlarr api key changed 2026-01-07 18:54:08 +11:00
wi11-holdsworth
8683f1838b feat(nzbget): install 2026-01-07 18:53:29 +11:00
wi11-holdsworth
2f5065d610 feat(server): remove unneccesary media group and add *arr apps to srv group 2026-01-07 18:02:29 +11:00
wi11-holdsworth
ee83c94cf9 fix(flaresolverr): unlikely to ever work again, cloudflare team always monitoring 2026-01-07 18:02:29 +11:00
Will
813d71eea4
Merge pull request #72 from wi11-holdsworth/enhancement/57 
enhancement/57
 2026-01-07 15:50:37 +11:00
wi11-holdsworth
9ee61d787a feat: add bazarr to homepage dashboard 2026-01-07 15:50:00 +11:00
wi11-holdsworth
f7d138dd19 feat: install bazarr 2026-01-07 15:03:44 +11:00
wi11-holdsworth
a314b1022f feat(git): rebase branch by default when pulling 2026-01-07 15:03:33 +11:00
wi11-holdsworth
070305fe6e feat: move /media directory on host to external drive under /mnt/external 2026-01-07 15:03:33 +11:00
wi11-holdsworth
bcc0914e32 fix: deprecate zen in favour of vanilla firefox 
firefox has vertical tabs now, tab grouping, and soon split view
 2026-01-07 15:03:33 +11:00
wi11-holdsworth
f2b6808c93 refactor: move graphical applications to a separate bundle 
this facilitates lean clients, e.g. a laptop with only a virutal console
 2026-01-06 13:29:42 +11:00
wi11-holdsworth
20372363f5 Merge branch 'main' of github.com:wi11-holdsworth/dots 2026-01-06 13:18:57 +11:00
wi11-holdsworth
671284abc1 refactor: re-classify home manager modules 2026-01-06 13:18:57 +11:00
wi11-holdsworth
371cb76021 fix: dogdns is unmaintained, recommended to switch to doggo 2026-01-05 20:50:38 +11:00
wi11-holdsworth
c148b813eb Merge remote-tracking branch 'origin/update_flake_lock_action' 2026-01-05 20:47:28 +11:00
wi11-holdsworth
3e02dccb0d feat: install jellyfin desktop client 2026-01-05 20:46:49 +11:00
github-actions[bot]
5bed4291c8 flake.lock: Update 
Flake lock file updates:

• Updated input 'copyparty':
    'github:9001/copyparty/4642d32' (2025-12-26)
  → 'github:9001/copyparty/364f74a' (2026-01-04)
• Updated input 'home-manager':
    'github:nix-community/home-manager/80cca72' (2025-12-28)
  → 'github:nix-community/home-manager/7d5927b' (2026-01-04)
• Updated input 'nixpkgs':
    'github:nixos/nixpkgs/3e2499d' (2025-12-25)
  → 'github:nixos/nixpkgs/fb7944c' (2026-01-02)
• Updated input 'nixvim':
    'github:nix-community/nixvim/51ae991' (2025-12-28)
  → 'github:nix-community/nixvim/d61584c' (2026-01-02)
• Updated input 'nur':
    'github:nix-community/NUR/6580345' (2025-12-28)
  → 'github:nix-community/NUR/3b2e3c6' (2026-01-04)
• Updated input 'zen-browser':
    'github:0xc000022070/zen-browser-flake/fe8d1a6' (2025-12-28)
  → 'github:0xc000022070/zen-browser-flake/e3efa5e' (2026-01-04)
• Updated input 'zen-browser/home-manager':
    'github:nix-community/home-manager/58bf3ec' (2025-12-14)
  → 'github:nix-community/home-manager/e4e78a2' (2025-12-30)
 2026-01-04 16:05:55 +00:00
wi11-holdsworth
afe85b158c feat: add karakeep to homepage 2026-01-02 20:37:11 +11:00
wi11-holdsworth
c15cdd66d9 Merge branch 'main' of github.com:wi11-holdsworth/dots 2026-01-01 20:11:04 +11:00
wi11-holdsworth
c9c81b4036 fix: web-feature template now includes a more fleshed-out backup section 2026-01-01 20:11:00 +11:00
Will
aa28e4bcf8
Merge pull request #64 from wi11-holdsworth/enhancement/61 
enhancement/61
 2025-12-29 18:47:47 +13:00
wi11-holdsworth
ea62d69060 feat: add kavita to dashboard 2025-12-29 16:47:09 +11:00
wi11-holdsworth
3d2a47ec79 feat: install kavita 2025-12-29 16:41:09 +11:00
Will
d167466d68
Merge pull request #63 from wi11-holdsworth/enhancement/62 
feat: install readarr
 2025-12-29 18:40:37 +13:00
wi11-holdsworth
7af587d546 feat: install readarr 2025-12-29 16:39:52 +11:00
wi11-holdsworth
b5c3d6419c feat: re-order services on homepage dashboard 2025-12-29 15:26:32 +11:00
wi11-holdsworth
6130f543b9 fix: web-feature template now includes a more fleshed-out backup section 2025-12-29 14:19:31 +11:00
wi11-holdsworth
4502e197bf refactor: store port as integer 2025-12-29 14:19:31 +11:00
github-actions[bot]
0f2801f823 flake.lock: Update 
Flake lock file updates:

• Updated input 'copyparty':
    'github:9001/copyparty/519bfe1' (2025-12-17)
  → 'github:9001/copyparty/4642d32' (2025-12-26)
• Updated input 'home-manager':
    'github:nix-community/home-manager/89c9508' (2025-12-17)
  → 'github:nix-community/home-manager/80cca72' (2025-12-28)
• Updated input 'nixpkgs':
    'github:nixos/nixpkgs/1306659' (2025-12-15)
  → 'github:nixos/nixpkgs/3e2499d' (2025-12-25)
• Updated input 'nixvim':
    'github:nix-community/nixvim/51bbde5' (2025-12-17)
  → 'github:nix-community/nixvim/51ae991' (2025-12-28)
• Updated input 'nur':
    'github:nix-community/NUR/285245c' (2025-12-18)
  → 'github:nix-community/NUR/6580345' (2025-12-28)
• Updated input 'zen-browser':
    'github:0xc000022070/zen-browser-flake/7db019a' (2025-12-17)
  → 'github:0xc000022070/zen-browser-flake/fe8d1a6' (2025-12-28)
 2025-12-29 14:49:49 +13:00
wi11-holdsworth
ee33853420 feat: install firefox 2025-12-18 16:38:16 +11:00
github-actions[bot]
2f2cd68d76 flake.lock: Update 
Flake lock file updates:

• Updated input 'copyparty':
    'github:9001/copyparty/c5c5f9b' (2025-12-04)
  → 'github:9001/copyparty/519bfe1' (2025-12-17)
• Updated input 'home-manager':
    'github:nix-community/home-manager/e5b1f87' (2025-12-08)
  → 'github:nix-community/home-manager/89c9508' (2025-12-17)
• Updated input 'nixpkgs':
    'github:nixos/nixpkgs/addf7cf' (2025-12-08)
  → 'github:nixos/nixpkgs/1306659' (2025-12-15)
• Updated input 'nixvim':
    'github:nix-community/nixvim/ba8f6d4' (2025-12-09)
  → 'github:nix-community/nixvim/51bbde5' (2025-12-17)
• Updated input 'nixvim/flake-parts':
    'github:hercules-ci/flake-parts/2cccadc' (2025-11-21)
  → 'github:hercules-ci/flake-parts/a34fae9' (2025-12-15)
• Updated input 'zen-browser':
    'github:0xc000022070/zen-browser-flake/e7f4849' (2025-12-09)
  → 'github:0xc000022070/zen-browser-flake/7db019a' (2025-12-17)
• Updated input 'zen-browser/home-manager':
    'github:nix-community/home-manager/827f2a2' (2025-11-12)
  → 'github:nix-community/home-manager/58bf3ec' (2025-12-14)
 2025-12-17 16:07:17 +00:00
Will
e211bca3ff
Merge pull request #54 from wi11-holdsworth/enhancement/52 
enhancement/52
 2025-12-15 21:34:45 +11:00
wi11-holdsworth
bf13c50f4c feat: install karakeep 2025-12-15 21:33:01 +11:00
wi11-holdsworth
d3868b69c4 fix: options have been renamed in latest release 2025-12-15 19:55:58 +11:00
wi11-holdsworth
b834611bcb feat: install radicale for caldav and carddav support 2025-12-15 19:55:58 +11:00
wi11-holdsworth
63774a34f5 fix: options have been renamed in latest release 2025-12-10 20:22:33 +11:00
wi11-holdsworth
ea0b2ebbfd feat: install radicale for caldav and carddav support 2025-12-10 19:47:06 +11:00
github-actions[bot]
078c58831f flake.lock: Update 
Flake lock file updates:

• Updated input 'copyparty':
    'github:9001/copyparty/ac085b8' (2025-11-02)
  → 'github:9001/copyparty/c5c5f9b' (2025-12-04)
• Updated input 'home-manager':
    'github:nix-community/home-manager/37a3d97' (2025-11-10)
  → 'github:nix-community/home-manager/e5b1f87' (2025-12-08)
• Updated input 'nixpkgs':
    'github:nixos/nixpkgs/b6a8526' (2025-11-08)
  → 'github:nixos/nixpkgs/addf7cf' (2025-12-08)
• Updated input 'nixvim':
    'github:nix-community/nixvim/9e556e7' (2025-11-11)
  → 'github:nix-community/nixvim/ba8f6d4' (2025-12-09)
• Updated input 'nixvim/flake-parts':
    'github:hercules-ci/flake-parts/0bdadb1' (2025-11-10)
  → 'github:hercules-ci/flake-parts/2cccadc' (2025-11-21)
• Removed input 'nixvim/nuschtosSearch'
• Removed input 'nixvim/nuschtosSearch/flake-utils'
• Removed input 'nixvim/nuschtosSearch/flake-utils/systems'
• Removed input 'nixvim/nuschtosSearch/ixx'
• Removed input 'nixvim/nuschtosSearch/ixx/flake-utils'
• Removed input 'nixvim/nuschtosSearch/ixx/nixpkgs'
• Removed input 'nixvim/nuschtosSearch/nixpkgs'
• Updated input 'zen-browser':
    'github:0xc000022070/zen-browser-flake/51f5194' (2025-11-11)
  → 'github:0xc000022070/zen-browser-flake/e7f4849' (2025-12-09)
• Updated input 'zen-browser/home-manager':
    'github:nix-community/home-manager/b959c67' (2025-11-05)
  → 'github:nix-community/home-manager/827f2a2' (2025-11-12)
 2025-12-09 16:07:06 +00:00
wi11-holdsworth
1b5f71f2b7 fix: backup drive failing should not prevent server startup 2025-12-01 16:30:23 +11:00
github-actions[bot]
358986970c flake.lock: Update 
Flake lock file updates:

• Updated input 'nixvim':
    'github:nix-community/nixvim/2dc09e09cc65026f0899cc50291e244ee24835d3?narHash=sha256-z0VQRaEARqF5eARuAFhDixV%2Bg5B%2B5IJ1iDKSUM%2B5EIY%3D' (2025-11-10)
  → 'github:nix-community/nixvim/9e556e752505263eef8c0d0f982e2ab9029cc512?narHash=sha256-2hkqfvY2wH%2B78M85X/ZApyZURnFc926b2mAHiyHcGDE%3D' (2025-11-11)
• Updated input 'nixvim/flake-parts':
    'github:hercules-ci/flake-parts/26d05891e14c88eb4a5d5bee659c0db5afb609d8?narHash=sha256-xxdepIcb39UJ94%2BYydGP221rjnpkDZUlykKuF54PsqI%3D' (2025-11-06)
  → 'github:hercules-ci/flake-parts/0bdadb1b265fb4143a75bd1ec7d8c915898a9923?narHash=sha256-dxFVgQPG%2BR72dkhXTtqUm7KpxElw3u6E%2BYlQ2WaDgt8%3D' (2025-11-10)
• Updated input 'zen-browser':
    'github:0xc000022070/zen-browser-flake/02bb5919dab81a3fea4d8d4663ea67922a463cd3?narHash=sha256-YgQ80R6TW9GxS0Ozaqe9mTVewuOWqwRmMUhRUpKsoCs%3D' (2025-11-10)
  → 'github:0xc000022070/zen-browser-flake/51f5194aff34d130d07f684df2a85b10a3933558?narHash=sha256-qwUWaKy%2BkmTBk6xxMI0yfkD5IU2gcxXOXNPJ2T%2BEnys%3D' (2025-11-11)
 2025-11-12 14:08:47 +11:00
wi11-holdsworth
c88d609d34 feat: add spellchecking to neovim installation 2025-11-11 17:34:10 +11:00
wi11-holdsworth
5a2c07942c fix: aerc mark as read shortcut clashes with replies, so change to I instead of R 2025-11-11 11:51:45 +11:00
github-actions[bot]
5f03991133 flake.lock: Update 
Flake lock file updates:

• Updated input 'agenix':
    'github:ryantm/agenix/9ba0d85de3eaa7afeab493fed622008b6e4924f5?narHash=sha256-lsNWuj4Z%2BpE7s0bd2OKicOFq9bK86JE0ZGeKJbNqb94%3D' (2025-10-28)
  → 'github:ryantm/agenix/fcdea223397448d35d9b31f798479227e80183f6?narHash=sha256-wyT7Pl6tMFbFrs8Lk/TlEs81N6L%2BVSybPfiIgzU8lbQ%3D' (2025-11-08)
• Updated input 'home-manager':
    'github:nix-community/home-manager/43e205606aeb253bfcee15fd8a4a01d8ce8384ca?narHash=sha256-hpbPma1eUKwLAmiVRoMgIHbHiIKFkcACobJLbDt6ABw%3D' (2025-11-02)
  → 'github:nix-community/home-manager/37a3d97f2873e0f68711117c34d04b7c7ead8f4e?narHash=sha256-t2U/GLLXHa2%2BkJkwnFNRVc2fEJ/lUfyZXBE5iKzJdcs%3D' (2025-11-10)
• Updated input 'nixpkgs':
    'github:nixos/nixpkgs/2fb006b87f04c4d3bdf08cfdbc7fab9c13d94a15?narHash=sha256-kJ8lIZsiPOmbkJypG%2BB5sReDXSD1KGu2VEPNqhRa/ew%3D' (2025-10-31)
  → 'github:nixos/nixpkgs/b6a8526db03f735b89dd5ff348f53f752e7ddc8e?narHash=sha256-rXXuz51Bq7DHBlfIjN7jO8Bu3du5TV%2B3DSADBX7/9YQ%3D' (2025-11-08)
• Updated input 'nixvim':
    'github:nix-community/nixvim/660fba984fe25ded6fa2e32016c05aebf4290273?narHash=sha256-XwLZC%2B5T3gJJWVVAZ9atpRPopyXXlHfF5fvkhTigs0E%3D' (2025-11-02)
  → 'github:nix-community/nixvim/2dc09e09cc65026f0899cc50291e244ee24835d3?narHash=sha256-z0VQRaEARqF5eARuAFhDixV%2Bg5B%2B5IJ1iDKSUM%2B5EIY%3D' (2025-11-10)
• Updated input 'nixvim/flake-parts':
    'github:hercules-ci/flake-parts/864599284fc7c0ba6357ed89ed5e2cd5040f0c04?narHash=sha256-TmWcdiUUaWk8J4lpjzu4gCGxWY6/Ok7mOK4fIFfBuU4%3D' (2025-10-20)
  → 'github:hercules-ci/flake-parts/26d05891e14c88eb4a5d5bee659c0db5afb609d8?narHash=sha256-xxdepIcb39UJ94%2BYydGP221rjnpkDZUlykKuF54PsqI%3D' (2025-11-06)
• Updated input 'zen-browser':
    'github:0xc000022070/zen-browser-flake/68b3775543b442b06a76e498fd342b16a8619757?narHash=sha256-Q7o8NTYIbGMmMrgrx9PTmmaj/GM/DWJjM6U%2Bdaaiiyk%3D' (2025-11-02)
  → 'github:0xc000022070/zen-browser-flake/02bb5919dab81a3fea4d8d4663ea67922a463cd3?narHash=sha256-YgQ80R6TW9GxS0Ozaqe9mTVewuOWqwRmMUhRUpKsoCs%3D' (2025-11-10)
• Updated input 'zen-browser/home-manager':
    'github:nix-community/home-manager/e8c19a3cec2814c754f031ab3ae7316b64da085b?narHash=sha256-S%2BwmHhwNQ5Ru689L2Gu8n1OD6s9eU9n9mD827JNR%2Bkw%3D' (2025-07-15)
  → 'github:nix-community/home-manager/b959c67241cae17fc9e4ee7eaf13dfa8512477ea?narHash=sha256-0ptUDbYwxv1kk/uzEX4%2BNJjY2e16MaAhtzAOJ6K0TG0%3D' (2025-11-05)
 2025-11-11 11:37:31 +11:00
github-actions[bot]
d200cc6511 flake.lock: Update 
Flake lock file updates:

• Updated input 'agenix':
    'github:ryantm/agenix/2f0f812f69f3eb4140157fe15e12739adf82e32a?narHash=sha256-wyT7Pl6tMFbFrs8Lk/TlEs81N6L%2BVSybPfiIgzU8lbQ%3D' (2025-10-19)
  → 'github:ryantm/agenix/9ba0d85de3eaa7afeab493fed622008b6e4924f5?narHash=sha256-lsNWuj4Z%2BpE7s0bd2OKicOFq9bK86JE0ZGeKJbNqb94%3D' (2025-10-28)
• Updated input 'copyparty':
    'github:9001/copyparty/547a7ab1cc7777f3452f441628339850511c8563?narHash=sha256-omBsQXwVWw%2BQmXo9T4Nazv2xcMEQ9VjB/61tnV3xKQQ%3D' (2025-10-19)
  → 'github:9001/copyparty/ac085b8149ff50e03d260128596dd130ed1c7cae?narHash=sha256-7Q8LtcvKWHbP8znARRTOY2tpU5WoV6FHwp5TZJOI8Us%3D' (2025-11-02)
• Updated input 'home-manager':
    'github:nix-community/home-manager/84e1adb0cdd13f5f29886091c7234365e12b1e7f?narHash=sha256-r6qbieh8iC1q1eCaWv15f4UIp8SeGffwswhNSA1Qk3s%3D' (2025-10-21)
  → 'github:nix-community/home-manager/43e205606aeb253bfcee15fd8a4a01d8ce8384ca?narHash=sha256-hpbPma1eUKwLAmiVRoMgIHbHiIKFkcACobJLbDt6ABw%3D' (2025-11-02)
• Updated input 'nixpkgs':
    'github:nixos/nixpkgs/5e2a59a5b1a82f89f2c7e598302a9cacebb72a67?narHash=sha256-K5Osef2qexezUfs0alLvZ7nQFTGS9DL2oTVsIXsqLgs%3D' (2025-10-19)
  → 'github:nixos/nixpkgs/2fb006b87f04c4d3bdf08cfdbc7fab9c13d94a15?narHash=sha256-kJ8lIZsiPOmbkJypG%2BB5sReDXSD1KGu2VEPNqhRa/ew%3D' (2025-10-31)
• Updated input 'nixvim':
    'github:nix-community/nixvim/e3b77e803b2350b72f4d72c8f175ab0fbfe5a642?narHash=sha256-UP1v%2BsEkHuvD2%2BqyhxbkQpBR%2Bdl9U0ljml3/dMI2jeU%3D' (2025-10-20)
  → 'github:nix-community/nixvim/660fba984fe25ded6fa2e32016c05aebf4290273?narHash=sha256-XwLZC%2B5T3gJJWVVAZ9atpRPopyXXlHfF5fvkhTigs0E%3D' (2025-11-02)
• Updated input 'nixvim/flake-parts':
    'github:hercules-ci/flake-parts/758cf7296bee11f1706a574c77d072b8a7baa881?narHash=sha256-wfG0S7pltlYyZTM%2BqqlhJ7GMw2fTF4mLKCIVhLii/4M%3D' (2025-10-01)
  → 'github:hercules-ci/flake-parts/864599284fc7c0ba6357ed89ed5e2cd5040f0c04?narHash=sha256-TmWcdiUUaWk8J4lpjzu4gCGxWY6/Ok7mOK4fIFfBuU4%3D' (2025-10-20)
• Updated input 'nixvim/nuschtosSearch':
    'github:NuschtOS/search/7d4c0fc4ffe3bd64e5630417162e9e04e64b27a4?narHash=sha256-igrxT%2B/MnmcftPOHEb%2BXDwAMq3Xg1Xy7kVYQaHhPlAg%3D' (2025-09-23)
  → 'github:NuschtOS/search/e29de6db0cb3182e9aee75a3b1fd1919d995d85b?narHash=sha256-t1i5p/vSWwueZSC0Z2BImxx3BjoUDNKyC2mk24krcMY%3D' (2025-10-29)
• Updated input 'zen-browser':
    'github:0xc000022070/zen-browser-flake/637cb6167da4dbf8ef7f5a50e69933c4f9796095?narHash=sha256-XdDpTJHjFqZJ3ss6xzTWYyi3PEObX2fs%2BkW0Wg/rNDk%3D' (2025-10-21)
  → 'github:0xc000022070/zen-browser-flake/68b3775543b442b06a76e498fd342b16a8619757?narHash=sha256-Q7o8NTYIbGMmMrgrx9PTmmaj/GM/DWJjM6U%2Bdaaiiyk%3D' (2025-11-02)
 2025-11-03 18:55:08 +11:00
wi11-holdsworth
73740ab091 Merge branch 'main' of github.com:wi11-holdsworth/dots 2025-10-29 12:55:43 +11:00
wi11-holdsworth
9793215fed fix: miniflux host specified wrong 2025-10-22 18:02:12 +11:00
Will
ca3a986b4d Merge pull request #44 from wi11-holdsworth/enhancement/37 
enhancement/37
 2025-10-22 17:46:09 +11:00
wi11-holdsworth
77225f2fa1 feat: harden sshd on server 2025-10-22 17:46:09 +11:00
wi11-holdsworth
2652248bc3 feat: rip out default packages 2025-10-22 17:46:09 +11:00
wi11-holdsworth
ef927bcfda feat: restrict nix package manager to wheel group 2025-10-22 17:46:09 +11:00
Will
c39fd0fb9f Merge pull request #43 from wi11-holdsworth/enhancement/35 
feat: move lazygit to home manager module
 2025-10-22 17:38:35 +11:00
wi11-holdsworth
f4c10a0a0b refactor: combine nix-settings and nixpkgs modules into one nix module 2025-10-22 17:38:35 +11:00
wi11-holdsworth
f2568c2a78 fix: aerc D bind now moves email to trash folder and not just all mail 2025-10-22 17:38:35 +11:00
wi11-holdsworth
6a9ee249d9 feat: move lazygit to home manager module 2025-10-22 17:38:35 +11:00
wi11-holdsworth
a62a9b6990 feat: confine sudo access to users with the wheel group only 2025-10-22 17:38:35 +11:00
wi11-holdsworth
96e1951ecf feat: enable firewall on all systems 2025-10-22 17:38:35 +11:00
wi11-holdsworth
2d9b057c3a build: git settings have been tidied up 2025-10-22 15:13:13 +11:00
wi11-holdsworth
80bda6662e build: aerc stylesheets are strings now 2025-10-22 15:13:13 +11:00
wi11-holdsworth
ae6af79439 build: git settings have been tidied up 2025-10-22 01:55:30 +11:00
wi11-holdsworth
4dc85c014e build: aerc stylesheets are strings now 2025-10-22 01:55:21 +11:00
wi11-holdsworth
79144c44e5 build: delta has been moved from programs.git.delta to programs.delta 2025-10-22 01:55:11 +11:00
wi11-holdsworth
8f4041dd68 build: 'amdvlk' has been removed since it was deprecated by AMD. Its replacement, RADV, is enabled by default. 2025-10-22 01:33:27 +11:00
github-actions[bot]
5e9fa6e6ba flake.lock: Update 
Flake lock file updates:

• Updated input 'agenix':
    'github:ryantm/agenix/9edb1787864c4f59ae5074ad498b6272b3ec308d?narHash=sha256-NA/FT2hVhKDftbHSwVnoRTFhes62%2B7dxZbxj5Gxvghs%3D' (2025-08-05)
  → 'github:ryantm/agenix/2f0f812f69f3eb4140157fe15e12739adf82e32a?narHash=sha256-wyT7Pl6tMFbFrs8Lk/TlEs81N6L%2BVSybPfiIgzU8lbQ%3D' (2025-10-19)
• Updated input 'copyparty':
    'github:9001/copyparty/1923a258797285ac75487d3d53665063a5bd67df?narHash=sha256-A1xuSrELZIZhoKejIME0yemc9KlxZp/tKNxrF4LHrcw%3D' (2025-09-21)
  → 'github:9001/copyparty/547a7ab1cc7777f3452f441628339850511c8563?narHash=sha256-omBsQXwVWw%2BQmXo9T4Nazv2xcMEQ9VjB/61tnV3xKQQ%3D' (2025-10-19)
• Updated input 'home-manager':
    'github:nix-community/home-manager/939e91e1cff1f99736c5b02529658218ed819a2a?narHash=sha256-i56XRXqjwJRdVYmpzVUQ0ktqBBHqNzQHQMQvFRF/acQ%3D' (2025-09-21)
  → 'github:nix-community/home-manager/84e1adb0cdd13f5f29886091c7234365e12b1e7f?narHash=sha256-r6qbieh8iC1q1eCaWv15f4UIp8SeGffwswhNSA1Qk3s%3D' (2025-10-21)
• Updated input 'nixpkgs':
    'github:nixos/nixpkgs/8eaee110344796db060382e15d3af0a9fc396e0e?narHash=sha256-iCGWf/LTy%2BaY0zFu8q12lK8KuZp7yvdhStehhyX1v8w%3D' (2025-09-19)
  → 'github:nixos/nixpkgs/5e2a59a5b1a82f89f2c7e598302a9cacebb72a67?narHash=sha256-K5Osef2qexezUfs0alLvZ7nQFTGS9DL2oTVsIXsqLgs%3D' (2025-10-19)
• Updated input 'nixvim':
    'github:nix-community/nixvim/92ba37a3e8c25d470f9affe8d5f36f2cfb21e5dd?narHash=sha256-r2VA33WYfxDJyWmJeo0TmPPrk9yGS9WWb/kld0e7X%2BI%3D' (2025-09-21)
  → 'github:nix-community/nixvim/e3b77e803b2350b72f4d72c8f175ab0fbfe5a642?narHash=sha256-UP1v%2BsEkHuvD2%2BqyhxbkQpBR%2Bdl9U0ljml3/dMI2jeU%3D' (2025-10-20)
• Updated input 'nixvim/flake-parts':
    'github:hercules-ci/flake-parts/4524271976b625a4a605beefd893f270620fd751?narHash=sha256-%2BuWLQZccFHwqpGqr2Yt5VsW/PbeJVTn9Dk6SHWhNRPw%3D' (2025-09-01)
  → 'github:hercules-ci/flake-parts/758cf7296bee11f1706a574c77d072b8a7baa881?narHash=sha256-wfG0S7pltlYyZTM%2BqqlhJ7GMw2fTF4mLKCIVhLii/4M%3D' (2025-10-01)
• Updated input 'nixvim/nuschtosSearch':
    'github:NuschtOS/search/aa975a3757f28ce862812466c5848787b868e116?narHash=sha256-1u3xTH%2B3kaHhztPmWtLAD8LF5pTYLR2CpsPFWTFnVtQ%3D' (2025-09-19)
  → 'github:NuschtOS/search/7d4c0fc4ffe3bd64e5630417162e9e04e64b27a4?narHash=sha256-igrxT%2B/MnmcftPOHEb%2BXDwAMq3Xg1Xy7kVYQaHhPlAg%3D' (2025-09-23)
• Updated input 'zen-browser':
    'github:0xc000022070/zen-browser-flake/480746c469a2e14551c73940bd096aa9a9cc7cbd?narHash=sha256-g3%2B737nvjYu3WrxLOiW6Wwtu4Ncdsy1KW9AGSTfzGOM%3D' (2025-10-01)
  → 'github:0xc000022070/zen-browser-flake/637cb6167da4dbf8ef7f5a50e69933c4f9796095?narHash=sha256-XdDpTJHjFqZJ3ss6xzTWYyi3PEObX2fs%2BkW0Wg/rNDk%3D' (2025-10-21)
 2025-10-22 01:30:12 +11:00
Will
c0fe082af4
Add workflow for updating Nix dependencies 2025-10-22 01:26:26 +11:00
Will
c852bc2676
Merge pull request #40 from wi11-holdsworth/enhancement/38 
refactor: switch from modules to import arrays
 2025-10-22 01:23:08 +11:00
wi11-holdsworth
41eaa38d31 refactor: switch from modules to import arrays 2025-10-22 01:22:05 +11:00
wi11-holdsworth
d893750c09 feat: configure zen browser to use vertical tab bar on the right 2025-10-20 14:33:52 +11:00
134 changed files with 4383 additions and 2688 deletions
Download patch file Download diff file Expand all files Collapse all files

24
.github/workflows/main.yml vendored Normal file
View file

@ -0,0 +1,24 @@
name: "Flake.lock: update Nix dependencies"
on:
workflow_dispatch: # allows manual triggering
schedule:
- cron: '0 16 * * *' # runs weekly on Sunday at 00:00
jobs:
nix-flake-update:
permissions:
contents: write
id-token: write
issues: write
pull-requests: write
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: DeterminateSystems/determinate-nix-action@v3
- uses: DeterminateSystems/update-flake-lock@main
with:
pr-title: "Update Nix flake inputs"
pr-labels: |
dependencies
automated

340
flake.lock generated
View file

@ -10,11 +10,11 @@
"systems": "systems" "systems": "systems"
}, },
"locked": { "locked": {
"lastModified": 1754433428, "lastModified": 1770165109,
"narHash": "sha256-NA/FT2hVhKDftbHSwVnoRTFhes62+7dxZbxj5Gxvghs=", "narHash": "sha256-9VnK6Oqai65puVJ4WYtCTvlJeXxMzAp/69HhQuTdl/I=",
"owner": "ryantm", "owner": "ryantm",
"repo": "agenix", "repo": "agenix",
"rev": "9edb1787864c4f59ae5074ad498b6272b3ec308d", "rev": "b027ee29d959fda4b60b57566d64c98a202e0feb",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -29,11 +29,11 @@
"nixpkgs": "nixpkgs" "nixpkgs": "nixpkgs"
}, },
"locked": { "locked": {
"lastModified": 1758493304, "lastModified": 1772965444,
"narHash": "sha256-A1xuSrELZIZhoKejIME0yemc9KlxZp/tKNxrF4LHrcw=", "narHash": "sha256-VjcI4CozsowxGkZBzxQ6LYe49e9T1qfT1BzNrnc96y0=",
"owner": "9001", "owner": "9001",
"repo": "copyparty", "repo": "copyparty",
"rev": "1923a258797285ac75487d3d53665063a5bd67df", "rev": "981a7cd9dda0acedbc7f53b2c44adb241c38cb84",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -64,7 +64,62 @@
"type": "github" "type": "github"
} }
}, },
"flake-compat": {
"flake": false,
"locked": {
"lastModified": 1767039857,
"narHash": "sha256-vNpUSpF5Nuw8xvDLj2KCwwksIbjua2LZCqhV1LNRDns=",
"owner": "NixOS",
"repo": "flake-compat",
"rev": "5edf11c44bc78a0d334f6334cdaf7d60d732daab",
"type": "github"
},
"original": {
"owner": "NixOS",
"repo": "flake-compat",
"type": "github"
}
},
"flake-parts": { "flake-parts": {
"inputs": {
"nixpkgs-lib": [
"nix-citizen",
"nixpkgs"
]
},
"locked": {
"lastModified": 1772408722,
"narHash": "sha256-rHuJtdcOjK7rAHpHphUb1iCvgkU3GpfvicLMwwnfMT0=",
"owner": "hercules-ci",
"repo": "flake-parts",
"rev": "f20dc5d9b8027381c474144ecabc9034d6a839a3",
"type": "github"
},
"original": {
"owner": "hercules-ci",
"repo": "flake-parts",
"type": "github"
}
},
"flake-parts_2": {
"inputs": {
"nixpkgs-lib": "nixpkgs-lib"
},
"locked": {
"lastModified": 1772408722,
"narHash": "sha256-rHuJtdcOjK7rAHpHphUb1iCvgkU3GpfvicLMwwnfMT0=",
"owner": "hercules-ci",
"repo": "flake-parts",
"rev": "f20dc5d9b8027381c474144ecabc9034d6a839a3",
"type": "github"
},
"original": {
"owner": "hercules-ci",
"repo": "flake-parts",
"type": "github"
}
},
"flake-parts_3": {
"inputs": { "inputs": {
"nixpkgs-lib": [ "nixpkgs-lib": [
"nixvim", "nixvim",
@ -72,11 +127,32 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1756770412, "lastModified": 1769996383,
"narHash": "sha256-+uWLQZccFHwqpGqr2Yt5VsW/PbeJVTn9Dk6SHWhNRPw=", "narHash": "sha256-AnYjnFWgS49RlqX7LrC4uA+sCCDBj0Ry/WOJ5XWAsa0=",
"owner": "hercules-ci", "owner": "hercules-ci",
"repo": "flake-parts", "repo": "flake-parts",
"rev": "4524271976b625a4a605beefd893f270620fd751", "rev": "57928607ea566b5db3ad13af0e57e921e6b12381",
"type": "github"
},
"original": {
"owner": "hercules-ci",
"repo": "flake-parts",
"type": "github"
}
},
"flake-parts_4": {
"inputs": {
"nixpkgs-lib": [
"nur",
"nixpkgs"
]
},
"locked": {
"lastModified": 1733312601,
"narHash": "sha256-4pDvzqnegAfRkPwO3wmwBhVi/Sye1mzps0zHWYnP88c=",
"owner": "hercules-ci",
"repo": "flake-parts",
"rev": "205b12d8b7cd4802fbcb8e8ef6a0f1408781a4f9",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -100,21 +176,48 @@
"type": "github" "type": "github"
} }
}, },
"flake-utils_2": { "git-hooks": {
"inputs": { "inputs": {
"systems": "systems_2" "flake-compat": "flake-compat",
"gitignore": "gitignore",
"nixpkgs": [
"nix-gaming",
"nixpkgs"
]
}, },
"locked": { "locked": {
"lastModified": 1731533236, "lastModified": 1772893680,
"narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=", "narHash": "sha256-JDqZMgxUTCq85ObSaFw0HhE+lvdOre1lx9iI6vYyOEs=",
"owner": "numtide", "owner": "cachix",
"repo": "flake-utils", "repo": "git-hooks.nix",
"rev": "11707dc2f618dd54ca8739b309ec4fc024de578b", "rev": "8baab586afc9c9b57645a734c820e4ac0a604af9",
"type": "github" "type": "github"
}, },
"original": { "original": {
"owner": "numtide", "owner": "cachix",
"repo": "flake-utils", "repo": "git-hooks.nix",
"type": "github"
}
},
"gitignore": {
"inputs": {
"nixpkgs": [
"nix-gaming",
"git-hooks",
"nixpkgs"
]
},
"locked": {
"lastModified": 1709087332,
"narHash": "sha256-HG2cCnktfHsKV0s4XW83gU3F57gaTljL9KNSuG6bnQs=",
"owner": "hercules-ci",
"repo": "gitignore.nix",
"rev": "637db329424fd7e46cf4185293b9cc8c88c95394",
"type": "github"
},
"original": {
"owner": "hercules-ci",
"repo": "gitignore.nix",
"type": "github" "type": "github"
} }
}, },
@ -146,11 +249,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1758464306, "lastModified": 1772985285,
"narHash": "sha256-i56XRXqjwJRdVYmpzVUQ0ktqBBHqNzQHQMQvFRF/acQ=", "narHash": "sha256-wEEmvfqJcl9J0wyMgMrj1TixOgInBW/6tLPhWGoZE3s=",
"owner": "nix-community", "owner": "nix-community",
"repo": "home-manager", "repo": "home-manager",
"rev": "939e91e1cff1f99736c5b02529658218ed819a2a", "rev": "5be5d8245cbc7bc0c09fbb5f38f23f223c543f85",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -159,52 +262,69 @@
"type": "github" "type": "github"
} }
}, },
"home-manager_3": { "nix-citizen": {
"inputs": { "inputs": {
"nixpkgs": [ "flake-parts": "flake-parts",
"zen-browser", "nix-gaming": [
"nixpkgs" "nix-gaming"
]
},
"locked": {
"lastModified": 1752603129,
"narHash": "sha256-S+wmHhwNQ5Ru689L2Gu8n1OD6s9eU9n9mD827JNR+kw=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "e8c19a3cec2814c754f031ab3ae7316b64da085b",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "home-manager",
"type": "github"
}
},
"ixx": {
"inputs": {
"flake-utils": [
"nixvim",
"nuschtosSearch",
"flake-utils"
], ],
"nix-github-actions": "nix-github-actions",
"nixpkgs": "nixpkgs_2",
"systems": "systems_2",
"treefmt-nix": "treefmt-nix"
},
"locked": {
"lastModified": 1772840927,
"narHash": "sha256-WdIuEJpH7eUP3ya8laJAYf71WilE4x7xetgMferL5Ko=",
"owner": "LovingMelody",
"repo": "nix-citizen",
"rev": "73c8d04ba69fb0bb5c4521c4b91a930a0ce283a5",
"type": "github"
},
"original": {
"owner": "LovingMelody",
"repo": "nix-citizen",
"type": "github"
}
},
"nix-gaming": {
"inputs": {
"flake-parts": "flake-parts_2",
"git-hooks": "git-hooks",
"nixpkgs": "nixpkgs_3"
},
"locked": {
"lastModified": 1772937574,
"narHash": "sha256-Yw1tP/ASebNYuW2GcYDTgWf2Mg9qcUYo6MTagXyeFCs=",
"owner": "fufexan",
"repo": "nix-gaming",
"rev": "d2b0b283deb24cdbb2750e658fa7001fee5ad586",
"type": "github"
},
"original": {
"owner": "fufexan",
"repo": "nix-gaming",
"type": "github"
}
},
"nix-github-actions": {
"inputs": {
"nixpkgs": [ "nixpkgs": [
"nixvim", "nix-citizen",
"nuschtosSearch",
"nixpkgs" "nixpkgs"
] ]
}, },
"locked": { "locked": {
"lastModified": 1754860581, "lastModified": 1737420293,
"narHash": "sha256-EM0IE63OHxXCOpDHXaTyHIOk2cNvMCGPqLt/IdtVxgk=", "narHash": "sha256-F1G5ifvqTpJq7fdkT34e/Jy9VCyzd5XfJ9TO8fHhJWE=",
"owner": "NuschtOS", "owner": "nix-community",
"repo": "ixx", "repo": "nix-github-actions",
"rev": "babfe85a876162c4acc9ab6fb4483df88fa1f281", "rev": "f4158fa080ef4503c8f4c820967d946c2af31ec9",
"type": "github" "type": "github"
}, },
"original": { "original": {
"owner": "NuschtOS", "owner": "nix-community",
"ref": "v0.1.1", "repo": "nix-github-actions",
"repo": "ixx",
"type": "github" "type": "github"
} }
}, },
@ -223,13 +343,60 @@
"type": "indirect" "type": "indirect"
} }
}, },
"nixpkgs-lib": {
"locked": {
"lastModified": 1772328832,
"narHash": "sha256-e+/T/pmEkLP6BHhYjx6GmwP5ivonQQn0bJdH9YrRB+Q=",
"owner": "nix-community",
"repo": "nixpkgs.lib",
"rev": "c185c7a5e5dd8f9add5b2f8ebeff00888b070742",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "nixpkgs.lib",
"type": "github"
}
},
"nixpkgs_2": { "nixpkgs_2": {
"locked": { "locked": {
"lastModified": 1758277210, "lastModified": 1772624091,
"narHash": "sha256-iCGWf/LTy+aY0zFu8q12lK8KuZp7yvdhStehhyX1v8w=", "narHash": "sha256-QKyJ0QGWBn6r0invrMAK8dmJoBYWoOWy7lN+UHzW1jc=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "80bdc1e5ce51f56b19791b52b2901187931f5353",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_3": {
"locked": {
"lastModified": 1772736753,
"narHash": "sha256-au/m3+EuBLoSzWUCb64a/MZq6QUtOV8oC0D9tY2scPQ=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "917fec990948658ef1ccd07cef2a1ef060786846",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixpkgs-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_4": {
"locked": {
"lastModified": 1772773019,
"narHash": "sha256-E1bxHxNKfDoQUuvriG71+f+s/NT0qWkImXsYZNFFfCs=",
"owner": "nixos", "owner": "nixos",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "8eaee110344796db060382e15d3af0a9fc396e0e", "rev": "aca4d95fce4914b3892661bcb80b8087293536c6",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -241,19 +408,18 @@
}, },
"nixvim": { "nixvim": {
"inputs": { "inputs": {
"flake-parts": "flake-parts", "flake-parts": "flake-parts_3",
"nixpkgs": [ "nixpkgs": [
"nixpkgs" "nixpkgs"
], ],
"nuschtosSearch": "nuschtosSearch",
"systems": "systems_3" "systems": "systems_3"
}, },
"locked": { "locked": {
"lastModified": 1758459270, "lastModified": 1772402258,
"narHash": "sha256-r2VA33WYfxDJyWmJeo0TmPPrk9yGS9WWb/kld0e7X+I=", "narHash": "sha256-3DmCFOdmbkFML1/G9gj8Wb+rCCZFPOQtNoMCpqOF8SA=",
"owner": "nix-community", "owner": "nix-community",
"repo": "nixvim", "repo": "nixvim",
"rev": "92ba37a3e8c25d470f9affe8d5f36f2cfb21e5dd", "rev": "21ae25e13b01d3b4cdc750b5f9e7bad68b150c10",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -262,26 +428,24 @@
"type": "github" "type": "github"
} }
}, },
"nuschtosSearch": { "nur": {
"inputs": { "inputs": {
"flake-utils": "flake-utils_2", "flake-parts": "flake-parts_4",
"ixx": "ixx",
"nixpkgs": [ "nixpkgs": [
"nixvim",
"nixpkgs" "nixpkgs"
] ]
}, },
"locked": { "locked": {
"lastModified": 1758272005, "lastModified": 1772985100,
"narHash": "sha256-1u3xTH+3kaHhztPmWtLAD8LF5pTYLR2CpsPFWTFnVtQ=", "narHash": "sha256-EXFbJvUZrElVq839MnMgJEDnyXWn84Zx+MiHcZiCQmg=",
"owner": "NuschtOS", "owner": "nix-community",
"repo": "search", "repo": "NUR",
"rev": "aa975a3757f28ce862812466c5848787b868e116", "rev": "407db2f6f4ba94992815f872ffce9a9d99ccc13c",
"type": "github" "type": "github"
}, },
"original": { "original": {
"owner": "NuschtOS", "owner": "nix-community",
"repo": "search", "repo": "NUR",
"type": "github" "type": "github"
} }
}, },
@ -290,9 +454,11 @@
"agenix": "agenix", "agenix": "agenix",
"copyparty": "copyparty", "copyparty": "copyparty",
"home-manager": "home-manager_2", "home-manager": "home-manager_2",
"nixpkgs": "nixpkgs_2", "nix-citizen": "nix-citizen",
"nix-gaming": "nix-gaming",
"nixpkgs": "nixpkgs_4",
"nixvim": "nixvim", "nixvim": "nixvim",
"zen-browser": "zen-browser" "nur": "nur"
} }
}, },
"systems": { "systems": {
@ -340,24 +506,24 @@
"type": "github" "type": "github"
} }
}, },
"zen-browser": { "treefmt-nix": {
"inputs": { "inputs": {
"home-manager": "home-manager_3",
"nixpkgs": [ "nixpkgs": [
"nix-citizen",
"nixpkgs" "nixpkgs"
] ]
}, },
"locked": { "locked": {
"lastModified": 1759353433, "lastModified": 1772660329,
"narHash": "sha256-g3+737nvjYu3WrxLOiW6Wwtu4Ncdsy1KW9AGSTfzGOM=", "narHash": "sha256-IjU1FxYqm+VDe5qIOxoW+pISBlGvVApRjiw/Y/ttJzY=",
"owner": "0xc000022070", "owner": "numtide",
"repo": "zen-browser-flake", "repo": "treefmt-nix",
"rev": "480746c469a2e14551c73940bd096aa9a9cc7cbd", "rev": "3710e0e1218041bbad640352a0440114b1e10428",
"type": "github" "type": "github"
}, },
"original": { "original": {
"owner": "0xc000022070", "owner": "numtide",
"repo": "zen-browser-flake", "repo": "treefmt-nix",
"type": "github" "type": "github"
} }
} }

48
flake.nix
View file

@ -12,24 +12,36 @@
url = "github:nix-community/home-manager"; url = "github:nix-community/home-manager";
inputs.nixpkgs.follows = "nixpkgs"; inputs.nixpkgs.follows = "nixpkgs";
}; };
nix-citizen = {
url = "github:LovingMelody/nix-citizen";
inputs.nix-gaming.follows = "nix-gaming";
};
nix-gaming.url = "github:fufexan/nix-gaming";
nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable"; nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable";
nixvim = { nixvim = {
url = "github:nix-community/nixvim"; url = "github:nix-community/nixvim";
inputs.nixpkgs.follows = "nixpkgs"; inputs.nixpkgs.follows = "nixpkgs";
}; };
zen-browser = { nur = {
url = "github:0xc000022070/zen-browser-flake"; url = "github:nix-community/NUR";
inputs.nixpkgs.follows = "nixpkgs"; inputs.nixpkgs.follows = "nixpkgs";
}; };
# zen-browser = {
# url = "github:0xc000022070/zen-browser-flake";
# inputs.nixpkgs.follows = "nixpkgs";
# };
# keep-sorted end # keep-sorted end
}; };
outputs = outputs =
{ {
nixpkgs, # keep-sorted start
home-manager,
agenix, agenix,
zen-browser, home-manager,
nixpkgs,
nur,
# zen-browser,
# keep-sorted end
... ...
}@inputs: }@inputs:
let let
@ -39,21 +51,30 @@
userName ? "will", userName ? "will",
system ? "x86_64-linux", system ? "x86_64-linux",
}: }:
let
util = import ./util.nix;
in
nixpkgs.lib.nixosSystem { nixpkgs.lib.nixosSystem {
modules = [ modules = [
./hosts/${hostName}/configuration.nix ./hosts/${hostName}/configuration.nix
nur.modules.nixos.default
home-manager.nixosModules.home-manager home-manager.nixosModules.home-manager
{ {
home-manager = { home-manager = {
users.${userName}.imports = [ users.${userName}.imports = [
./hosts/${hostName}/home.nix ./hosts/${hostName}/home.nix
agenix.homeManagerModules.default agenix.homeManagerModules.default
zen-browser.homeModules.twilight # zen-browser.homeModules.twilight
]; ];
backupFileExtension = "backup"; backupFileExtension = "backup";
extraSpecialArgs = { extraSpecialArgs = {
inherit userName; inherit
inherit hostName; inputs
hostName
userName
system
util
;
}; };
useGlobalPkgs = true; useGlobalPkgs = true;
useUserPackages = true; useUserPackages = true;
@ -61,10 +82,13 @@
} }
]; ];
specialArgs = { specialArgs = {
inherit inputs; inherit
inherit hostName; inputs
inherit userName; hostName
inherit system; userName
system
util
;
}; };
inherit system; inherit system;
}; };

37
hosts/desktop/configuration.nix
View file

@ -1,25 +1,34 @@
{ {
# keep-sorted start
userName, userName,
util,
# keep-sorted end
... ...
}: }:
{ {
imports = [ imports = [
# keep-sorted start
../../modules/nixos/default.nix ../../modules/nixos/default.nix
./hardware-configuration.nix ./hardware-configuration.nix
];
# reusable modules
# keep-sorted start
amd-gpu.enable = true;
desktop.enable = true;
dev.enable = true;
external-speakers.enable = true;
gaming.enable = true;
link2c.enable = true;
plasma.enable = true;
# keep-sorted end # keep-sorted end
# config ]
++ (util.toImports ../../modules/nixos/features [
# keep-sorted start
"amd-gpu"
"external-speakers"
"gaming"
"link2c"
"plasma"
"star-citizen"
# keep-sorted end
])
++ (util.toImports ../../modules/nixos/bundles [
# keep-sorted start
"desktop"
"dev"
"gui"
# keep-sorted end
]);
boot.initrd.luks.devices."luks-b164af31-c1c3-4b4e-83c8-eb39802c2027".device = boot.initrd.luks.devices."luks-b164af31-c1c3-4b4e-83c8-eb39802c2027".device =
"/dev/disk/by-uuid/b164af31-c1c3-4b4e-83c8-eb39802c2027"; "/dev/disk/by-uuid/b164af31-c1c3-4b4e-83c8-eb39802c2027";
@ -30,8 +39,6 @@
system.stateVersion = "24.11"; system.stateVersion = "24.11";
i18n.extraLocaleSettings.LC_ALL = "en_AU.UTF-8";
users.users.${userName} = { users.users.${userName} = {
extraGroups = [ extraGroups = [
# keep-sorted start # keep-sorted start

19
hosts/desktop/home.nix
View file

@ -1,18 +1,21 @@
{ {
# keep-sorted start
userName, userName,
util,
# keep-sorted end
... ...
}: }:
{ {
imports = [ ../../modules/home-manager/default.nix ]; imports = [
../../modules/home-manager/default.nix
# reusable modules ]
++ (util.toImports ../../modules/home-manager/bundles [
# keep-sorted start # keep-sorted start
desktop.enable = true; "desktop"
dev.enable = true; "dev"
"gui"
# keep-sorted end # keep-sorted end
]);
# config
age.secrets."protonmail-desktop-password".file = ../../secrets/protonmail-desktop-password.age; age.secrets."protonmail-desktop-password".file = ../../secrets/protonmail-desktop-password.age;

38
hosts/laptop/configuration.nix
View file

@ -1,31 +1,35 @@
{ {
# keep-sorted start
userName, userName,
util,
# keep-sorted end
... ...
}: }:
{ {
imports = [ imports = [
# keep-sorted start
../../modules/nixos/default.nix ../../modules/nixos/default.nix
./hardware-configuration.nix ./hardware-configuration.nix
];
# reusable modules
# keep-sorted start
amd-gpu.enable = true;
desktop.enable = true;
dev.enable = true;
gnome.enable = true;
tlp.enable = true;
# keep-sorted end # keep-sorted end
]
++ (util.toImports ../../modules/nixos/features [
# keep-sorted start
"amd-gpu"
"gnome"
"tlp"
# keep-sorted end
])
++ (util.toImports ../../modules/nixos/bundles [
# keep-sorted start
"desktop"
"dev"
"gui"
# keep-sorted end
]);
# config boot.initrd.luks.devices."luks-c2f5123c-0be0-4357-b383-b3f422e99a34".device = "/dev/disk/by-uuid/c2f5123c-0be0-4357-b383-b3f422e99a34";
boot.initrd.luks.devices."luks-a7726a9d-535f-44bc-9c0e-adc501fad371".device = system.stateVersion = "25.05";
"/dev/disk/by-uuid/a7726a9d-535f-44bc-9c0e-adc501fad371";
system.stateVersion = "24.11";
i18n.extraLocaleSettings.LC_ALL = "en_AU.UTF-8";
users.users.${userName} = { users.users.${userName} = {
extraGroups = [ extraGroups = [

8
hosts/laptop/hardware-configuration.nix
View file

@ -14,20 +14,20 @@
boot.extraModulePackages = [ ]; boot.extraModulePackages = [ ];
fileSystems."/" = fileSystems."/" =
{ device = "/dev/disk/by-uuid/b772799b-5434-4d5e-b0f9-ab425e36b9a1"; { device = "/dev/disk/by-uuid/a240787a-6cc8-4c03-8a01-742adf305b1e";
fsType = "ext4"; fsType = "ext4";
}; };
boot.initrd.luks.devices."luks-de6f14d8-8c7e-4e77-bfe5-264a39ef0bea".device = "/dev/disk/by-uuid/de6f14d8-8c7e-4e77-bfe5-264a39ef0bea"; boot.initrd.luks.devices."luks-f7d7a54f-d217-4260-8754-3cac7022e7d5".device = "/dev/disk/by-uuid/f7d7a54f-d217-4260-8754-3cac7022e7d5";
fileSystems."/boot" = fileSystems."/boot" =
{ device = "/dev/disk/by-uuid/3730-5237"; { device = "/dev/disk/by-uuid/B3C9-7C0A";
fsType = "vfat"; fsType = "vfat";
options = [ "fmask=0077" "dmask=0077" ]; options = [ "fmask=0077" "dmask=0077" ];
}; };
swapDevices = swapDevices =
[ { device = "/dev/disk/by-uuid/081de704-5e9a-4e6d-ae8d-df492d0f662c"; } [ { device = "/dev/disk/by-uuid/b07c858a-2bd7-4b9a-aec3-3f9593c461c9"; }
]; ];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking # Enables DHCP on each ethernet and wireless interface. In case of scripted networking

19
hosts/laptop/home.nix
View file

@ -1,18 +1,21 @@
{ {
# keep-sorted start
userName, userName,
util,
# keep-sorted end
... ...
}: }:
{ {
imports = [ ../../modules/home-manager/default.nix ]; imports = [
../../modules/home-manager/default.nix
# reusable modules ]
++ (util.toImports ../../modules/home-manager/bundles [
# keep-sorted start # keep-sorted start
desktop.enable = true; "desktop"
dev.enable = true; "dev"
"gui"
# keep-sorted end # keep-sorted end
]);
# config
age.secrets."protonmail-laptop-password".file = ../../secrets/protonmail-laptop-password.age; age.secrets."protonmail-laptop-password".file = ../../secrets/protonmail-laptop-password.age;

56
hosts/server/configuration.nix
View file

@ -1,27 +1,61 @@
{ {
# keep-sorted start
hostName, hostName,
userName, userName,
util,
# keep-sorted end
... ...
}: }:
{ {
imports = [ imports = [
# keep-sorted start
../../modules/nixos/default.nix ../../modules/nixos/default.nix
./hardware-configuration.nix ./hardware-configuration.nix
];
# reusable modules
# keep-sorted start
borgmatic.enable = true;
intel-gpu.enable = true;
server.enable = true;
# keep-sorted end # keep-sorted end
]
++ (util.toImports ../../modules/nixos/features [
# keep-sorted start
"borgbackup"
"intel-gpu"
# keep-sorted end
])
++ (util.toImports ../../modules/nixos/bundles [
"server"
]);
# config # external drive
services.udisks2.enable = true;
fileSystems."/mnt/external" = {
device = "/dev/disk/by-uuid/d3b3d7dc-d634-4327-9ea2-9d8daa4ecf4e";
fsType = "ext4";
options = [
"nofail"
];
};
networking.hostName = "${hostName}"; networking = {
hostName = "${hostName}";
firewall.interfaces."enp2s0".allowedTCPPorts = [
80
443
];
};
services.openssh.enable = true; # hardened openssh
services.openssh = {
allowSFTP = false;
extraConfig = ''
AllowTcpForwarding yes
X11Forwarding no
AllowAgentForwarding no
AllowStreamLocalForwarding no
AuthenticationMethods publickey
'';
settings = {
KbdInteractiveAuthentication = false;
PasswordAuthentication = false;
};
};
system.stateVersion = "24.11"; system.stateVersion = "24.11";

4
hosts/server/home.nix
View file

@ -3,7 +3,9 @@
... ...
}: }:
{ {
imports = [ ../../modules/home-manager/default.nix ]; imports = [
../../modules/home-manager/default.nix
];
home = { home = {
username = "${userName}"; username = "${userName}";

23
modules/home-manager/bundles/desktop.nix
View file

@ -1,24 +1,13 @@
{ {
config, util,
lib,
... ...
}: }:
let
feature = "desktop";
in
{ {
config = lib.mkIf config.${feature}.enable { imports = util.toImports ../features [
# keep-sorted start # keep-sorted start
aerc.enable = true; "aerc"
kitty.enable = true; "mail"
mail.enable = true; "zellij"
obsidian.enable = true;
zellij.enable = true;
zen-browser.enable = true;
# keep-sorted end # keep-sorted end
}; ];
imports = [ ];
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
} }

16
modules/home-manager/bundles/dev.nix
View file

@ -1,19 +1,11 @@
{ {
config, util,
lib,
... ...
}: }:
let
feature = "dev";
in
{ {
config = lib.mkIf config.${feature}.enable { imports = util.toImports ../features [
# keep-sorted start # keep-sorted start
zed-editor.enable = lib.mkDefault true; "direnv"
# keep-sorted end # keep-sorted end
}; ];
imports = [ ];
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
} }

14
modules/home-manager/bundles/gui.nix Normal file
View file

@ -0,0 +1,14 @@
{
util,
...
}:
{
imports = util.toImports ../features [
# keep-sorted start
"alacritty"
"librewolf"
"obsidian"
# "zen-browser"
# keep-sorted end
];
}

37
modules/home-manager/default.nix
View file

@ -1,22 +1,23 @@
{ lib, ... }:
let
featureBundler =
featuresDir:
map (name: featuresDir + "/${name}") (builtins.attrNames (builtins.readDir featuresDir));
in
{ {
imports = (featureBundler ./bundles) ++ (featureBundler ./features); util,
...
}:
{
imports = util.toImports ./features [
# keep-sorted start # keep-sorted start
agenix.enable = lib.mkDefault true; "agenix"
bat.enable = lib.mkDefault true; "bash"
direnv.enable = lib.mkDefault true; "bat"
eza.enable = lib.mkDefault true; "bottom"
fish.enable = lib.mkDefault true; "delta"
gh.enable = lib.mkDefault true; "eza"
git.enable = lib.mkDefault true; "fd"
starship.enable = lib.mkDefault true; "git"
yazi.enable = lib.mkDefault true; "lazygit"
zoxide.enable = lib.mkDefault true; "shell-aliases"
"starship"
"yazi"
"zoxide"
# keep-sorted end # keep-sorted end
];
} }

200
modules/home-manager/features/aerc.nix
View file

@ -1,13 +1,4 @@
{ {
config,
lib,
...
}:
let
feature = "aerc";
in
{
config = lib.mkIf config.${feature}.enable {
accounts.email.accounts.personal.aerc.enable = true; accounts.email.accounts.personal.aerc.enable = true;
programs.aerc = { programs.aerc = {
enable = true; enable = true;
@ -27,41 +18,164 @@ in
sort = "-r date"; sort = "-r date";
}; };
}; };
stylesets = { extraBinds = {
catppuccin-mocha = { global = {
"*.default" = true; # keep-sorted start
"*.normal" = true; "<C-n>" = ":next-tab <Enter>";
"default.fg" = "#cdd6f4"; "<C-p>" = ":prev-tab<Enter>";
"error.fg" = "#f38ba8"; "<C-t>" = ":term<Enter>";
"warning.fg" = "#fab387"; "?" = ":help keys<Enter>";
"success.fg" = "#a6e3a1"; # keep-sorted end
"tab.fg" = "#6c7086"; };
"tab.bg" = "#181825"; messages = {
"tab.selected.fg" = "#cdd6f4"; # keep-sorted start
"tab.selected.bg" = "#1e1e2e"; "!" = ":term<space>";
"tab.selected.bold" = true; "$" = ":term<space>";
"border.fg" = "#11111b"; "/" = ":search<space>-a<space>";
"border.bold" = true; "<C-b>" = ":prev 100%<Enter>";
"msglist_unread.bold" = true; "<C-d>" = ":next 50%<Enter>";
"msglist_flagged.fg" = "#f9e2af"; "<C-f>" = ":next 100%<Enter>";
"msglist_flagged.bold" = true; "<C-u>" = ":prev 50%<Enter>";
"msglist_result.fg" = "#89b4fa"; "<Down>" = ":next<Enter>";
"msglist_result.bold" = true; "<Enter>" = ":view<Enter>";
"msglist_*.selected.bold" = true; "<Esc>" = ":clear<Enter>";
"msglist_*.selected.bg" = "#313244"; "<PgDn>" = ":next 100%<Enter>";
"dirlist_*.selected.bold" = true; "<PgUp>" = ":prev 100%<Enter>";
"dirlist_*.selected.bg" = "#313244"; "<Up>" = ":prev<Enter>";
"statusline_default.fg" = "#9399b2"; "\\" = ":filter <space>";
"statusline_default.bg" = "#313244"; "|" = ":pipe<space>";
"statusline_error.bold" = true; A = ":archive flat<Enter>";
"statusline_success.bold" = true; C = ":compose<Enter>";
"completion_default.selected.bg" = "#313244"; D = ":move Trash<Enter>";
G = ":select -1<Enter>";
H = ":collapse-folder<Enter>";
I = ":read<Enter>";
J = ":next-folder <Enter>";
K = ":prev-folder<Enter>";
L = ":expand-folder<Enter>";
N = ":prev-result<Enter>";
Rq = ":reply -q<Enter>";
Rr = ":reply<Enter>";
T = ":toggle-threads<Enter>";
U = ":unread<Enter>";
V = ":mark -v<Enter>";
c = ":cf<space>";
d = ":prompt 'Really delete this message?' 'delete-message'<Enter>";
g = ":select 0 <Enter>";
j = ":next <Enter>";
k = ":prev <Enter>";
n = ":next-result<Enter>";
q = ":quit<Enter>";
rq = ":reply -aq<Enter>";
rr = ":reply -a<Enter>";
v = ":mark -t<Enter>";
# keep-sorted end
};
"messages:folder=Drafts" = {
"<Enter>" = ":recall<Enter>";
};
view = {
# keep-sorted start
"/" = ":toggle-key-passthrough <Enter> /";
"<C-j>" = ":next-part<Enter>";
"<C-k>" = ":prev-part<Enter>";
"<C-l>" = ":open-link <space>";
"|" = ":pipe<space>";
A = ":archive flat<Enter>";
D = ":move Trash<Enter>";
H = ":toggle-headers<Enter>";
J = ":next <Enter>";
K = ":prev<Enter>";
O = ":open<Enter>";
R = ":read<Enter>";
Rq = ":reply -q<Enter>";
Rr = ":reply<Enter>";
S = ":save<space>";
U = ":unread<Enter>";
f = ":forward <Enter>";
q = ":close<Enter>";
rq = ":reply -aq<Enter>";
rr = ":reply -a<Enter>";
# keep-sorted end
};
"view::passthrough" = {
# keep-sorted start
"$ex" = "<C-x>";
"$noinherit" = "true";
"<Esc>" = ":toggle-key-passthrough<Enter>";
# keep-sorted end
};
compose = {
# keep-sorted start
"$ex" = "<C-x>";
"$noinherit" = "true";
"<A-n>" = ":switch-account -n<Enter>";
"<A-p>" = ":switch-account -p<Enter>";
"<C-j>" = ":next-field<Enter>";
"<C-k>" = ":prev-field<Enter>";
"<C-n>" = ":next-tab<Enter>";
"<C-p>" = ":prev-tab<Enter>";
"<tab>" = ":next-field<Enter>";
# keep-sorted end
};
"compose::editor" = {
# keep-sorted start
"$ex" = "<C-x>";
"$noinherit" = "true";
"<C-j>" = ":next-field<Enter>";
"<C-k>" = ":prev-field<Enter>";
"<C-n>" = ":next-tab<Enter>";
"<C-p>" = ":prev-tab<Enter>";
# keep-sorted end
};
"compose::review" = {
# keep-sorted start
a = ":attach<space>";
d = ":detach<space>";
e = ":edit<Enter>";
n = ":abort<Enter>";
p = ":postpone<Enter>";
q = ":choose -o d discard abort -o p postpone postpone<Enter>";
y = ":send <Enter>";
# keep-sorted end
};
terminal = {
# keep-sorted start
"$ex" = "<C-x>";
"$noinherit" = "true";
"<C-n>" = ":next-tab<Enter>";
"<C-p>" = ":prev-tab<Enter>";
# keep-sorted end
}; };
}; };
stylesets.catppuccin-mocha = ''
"*.default" = true
"*.normal" = true
"default.fg" = "#cdd6f4"
"error.fg" = "#f38ba8"
"warning.fg" = "#fab387"
"success.fg" = "#a6e3a1"
"tab.fg" = "#6c7086"
"tab.bg" = "#181825"
"tab.selected.fg" = "#cdd6f4"
"tab.selected.bg" = "#1e1e2e"
"tab.selected.bold" = true
"border.fg" = "#11111b"
"border.bold" = true
"msglist_unread.bold" = true
"msglist_flagged.fg" = "#f9e2af"
"msglist_flagged.bold" = true
"msglist_result.fg" = "#89b4fa"
"msglist_result.bold" = true
"msglist_*.selected.bold" = true
"msglist_*.selected.bg" = "#313244"
"dirlist_*.selected.bold" = true
"dirlist_*.selected.bg" = "#313244"
"statusline_default.fg" = "#9399b2"
"statusline_default.bg" = "#313244"
"statusline_error.bold" = true
"statusline_success.bold" = true
"completion_default.selected.bg" = "#313244"
'';
}; };
};
imports = [ ];
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
} }

8
modules/home-manager/features/agenix.nix
View file

@ -1,16 +1,8 @@
{ {
config,
lib,
userName, userName,
... ...
}: }:
let
feature = "agenix";
in
{ {
config = lib.mkIf config.${feature}.enable {
age.identityPaths = [ "/home/${userName}/.ssh/id_ed25519" ]; age.identityPaths = [ "/home/${userName}/.ssh/id_ed25519" ];
};
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
} }

27
modules/home-manager/features/alacritty.nix Normal file
View file

@ -0,0 +1,27 @@
{
# keep-sorted start
lib,
pkgs,
# keep-sorted end
...
}:
{
programs.alacritty = {
enable = true;
settings = {
font = {
normal = {
family = "JetBrainsMono Nerd Font";
style = "Regular";
};
size = 13;
};
window.startup_mode = "Maximized";
terminal.shell = {
program = "${lib.getExe pkgs.zellij}";
args = [ "-l=welcome" ];
};
};
theme = "catppuccin_mocha";
};
}

4
modules/home-manager/features/bash.nix Normal file
View file

@ -0,0 +1,4 @@
{
home.shell.enableBashIntegration = true;
programs.bash.enable = true;
}

14
modules/home-manager/features/bat.nix
View file

@ -1,22 +1,8 @@
{ {
config,
lib,
...
}:
let
feature = "bat";
in
{
config = lib.mkIf config.${feature}.enable {
programs.bat = { programs.bat = {
enable = true; enable = true;
config = { config = {
theme = "Dracula"; theme = "Dracula";
}; };
}; };
};
imports = [ ];
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
} }

78
modules/home-manager/features/bottom.nix Normal file
View file

@ -0,0 +1,78 @@
{
programs.bottom = {
enable = true;
settings = {
flags = {
group_processes = true;
process_memory_as_value = true;
};
styles = {
cpu = {
all_entry_color = "#f5e0dc";
avg_entry_color = "#eba0ac";
cpu_core_colors = [
"#f38ba8"
"#fab387"
"#f9e2af"
"#a6e3a1"
"#74c7ec"
"#cba6f7"
];
};
memory = {
ram_color = "#a6e3a1";
cache_color = "#f38ba8";
swap_color = "#fab387";
gpu_colors = [
"#74c7ec"
"#cba6f7"
"#f38ba8"
"#fab387"
"#f9e2af"
"#a6e3a1"
];
arc_color = "#89dceb";
};
network = {
rx_color = "#a6e3a1";
tx_color = "#f38ba8";
rx_total_color = "#89dceb";
tx_total_color = "#a6e3a1";
};
battery = {
high_battery_color = "#a6e3a1";
medium_battery_color = "#f9e2af";
low_battery_color = "#f38ba8";
};
tables = {
headers = {
color = "#f5e0dc";
};
};
graphs = {
graph_color = "#a6adc8";
legend_text = {
color = "#a6adc8";
};
};
widgets = {
border_color = "#585b70";
selected_border_color = "#f5c2e7";
widget_title = {
color = "#f2cdcd";
};
text = {
color = "#cdd6f4";
};
selected_text = {
color = "#11111b";
bg_color = "#cba6f7";
};
disabled_text = {
color = "#1e1e2e";
};
};
};
};
};
}

6
modules/home-manager/features/delta.nix Normal file
View file

@ -0,0 +1,6 @@
{
programs.delta = {
enable = true;
options.theme = "Dracula";
};
}

12
modules/home-manager/features/direnv.nix
View file

@ -1,13 +1,3 @@
{ {
config, programs.direnv.enable = true;
lib,
...
}:
let
feature = "direnv";
in
{
config = lib.mkIf config.${feature}.enable { programs.direnv.enable = true; };
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
} }

14
modules/home-manager/features/espanso.nix
View file

@ -1,20 +1,6 @@
{ {
config,
lib,
...
}:
let
feature = "espanso";
in
{
config = lib.mkIf config.${feature}.enable {
services.espanso = { services.espanso = {
enable = true; enable = true;
configs = { }; configs = { };
}; };
};
imports = [ ];
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
} }

14
modules/home-manager/features/eza.nix
View file

@ -1,13 +1,4 @@
{ {
config,
lib,
...
}:
let
feature = "eza";
in
{
config = lib.mkIf config.${feature}.enable {
programs.eza = { programs.eza = {
enable = true; enable = true;
extraOptions = [ extraOptions = [
@ -289,9 +280,4 @@ in
}; };
}; };
}; };
};
imports = [ ];
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
} }

6
modules/home-manager/features/fd.nix Normal file
View file

@ -0,0 +1,6 @@
{
programs.fd = {
enable = true;
hidden = true;
};
}

254
modules/home-manager/features/firefox.nix Normal file
View file

@ -0,0 +1,254 @@
{
pkgs,
...
}:
{
programs.firefox = {
enable = true;
languagePacks = [ "en-GB" ];
profiles.will = {
settings = {
# keep-sorted start
"browser.aboutwelcome.enabled" = false;
"browser.bookmarks.addedImportButton" = false;
"browser.bookmarks.restore_default_bookmarks" = false;
"browser.download.useDownloadDir" = true;
"browser.newtabpage.enabled" = false;
"browser.safebrowsing.downloads.enabled" = false;
"browser.safebrowsing.malware.enabled" = false;
"browser.safebrowsing.phishing.enabled" = false;
"browser.safebrowsing.remote.block_potentially_unwanted" = false;
"browser.safebrowsing.remote.block_uncommon" = false;
"browser.search.suggest.enabled" = false;
"browser.startup.homepage" = "chrome://browser/content/blanktab.html";
"browser.startup.page" = 3;
"browser.tabs.groups.smart.userEnabled" = false;
"browser.tabs.warnOnClose" = true;
"browser.tabs.warnOnOpen" = false;
"browser.toolbars.bookmarks.visibility" = "never";
"browser.urlbar.suggest.searches" = false;
"datareporting.healthreport.uploadEnabled" = false;
"datareporting.usage.uploadEnabled" = false;
"dom.security.https_only_mode" = true;
"dom.security.https_only_mode_ever_enabled" = true;
"extensions.formautofill.creditCards.enabled" = false;
"general.autoScroll" = true;
"intl.locale.requested" = "en-GB";
"network.trr.mode" = 3;
"network.trr.uri" = "https://firefox.dns.nextdns.io/";
"privacy.annotate_channels.strict_list.enabled" = true;
"privacy.bounceTrackingProtection.mode" = 1;
"privacy.fingerprintingProtection" = true;
"privacy.globalprivacycontrol.enabled" = true;
"privacy.globalprivacycontrol.was_ever_enabled" = true;
"privacy.history.custom" = false;
"privacy.query_stripping.enabled " = true;
"privacy.query_stripping.enabled.pbmode" = true;
"privacy.sanitize.sanitizeOnShutdown" = false;
"privacy.trackingprotection.allow_list.baseline.enabled" = true;
"privacy.trackingprotection.allow_list.convenience.enabled" = false;
"privacy.trackingprotection.consentmanager.skip.pbmode.enabled" = false;
"privacy.trackingprotection.emailtracking.enabled" = true;
"privacy.trackingprotection.enabled" = true;
"privacy.trackingprotection.socialtracking.enabled" = true;
"services.sync.engine.passwords" = false;
"sidebar.main.tools" = "syncedtabs,history,bookmarks";
"sidebar.new-sidebar.has-used" = true;
"sidebar.position_start" = false;
"sidebar.revamp" = true;
"sidebar.verticalTabs" = true;
"sidebar.verticalTabs.dragToPinPromo.dismissed" = true;
"signon.autofillForms" = false;
"signon.firefoxRelay.feature" = "disabled";
"signon.generation.enabled" = false;
"signon.management.page.breach-alerts.enabled" = false;
"signon.rememberSignons" = false;
"toolkit.telemetry.reportingpolicy.firstRun" = false;
# keep-sorted end
};
search = {
default = "ddg";
privateDefault = "ddg";
engines = { };
order = [ ];
force = true;
};
extensions = {
force = true;
packages = with pkgs.nur.repos.rycee.firefox-addons; [
# keep-sorted start sticky_comments=no
# detect-cloudflare
bitwarden
dearrow
nixpkgs-pr-tracker
react-devtools
return-youtube-dislikes
sponsorblock
ublock-origin
# keep-sorted end
];
settings = {
# keep-sorted start block=yes
# sponsorblock
"sponsorBlocker@ajay.app".settings = {
hideSegmentCreationInPopup = false;
autoSkipOnMusicVideosUpdate = true;
changeChapterColor = true;
autoSkipOnMusicVideos = false;
hideVideoPlayerControls = false;
useVirtualTime = true;
categoryPillColors = { };
payments = {
chaptersAllowed = false;
freeAccess = false;
lastCheck = 0;
lastFreeCheck = 0;
licenseKey = null;
};
allowExpirements = true;
allowScrollingToEdit = true;
audioNotificationOnSkip = false;
autoHideInfoButton = true;
categoryPillUpdate = true;
chapterCategoryAdded = true;
checkForUnlistedVideos = false;
cleanPopup = false;
darkMode = true;
deArrowInstalled = true;
defaultCategory = "chooseACategory";
disableSkipping = false;
donateClicked = 0;
dontShowNotice = false;
forceChannelCheck = false;
fullVideoLabelsOnThumbnails = true;
fullVideoSegments = true;
hideDeleteButtonPlayerControls = false;
hideDiscordLaunches = 0;
hideDiscordLink = false;
hideInfoButtonPlayerControls = false;
hideSkipButtonPlayerControls = false;
hideUploadButtonPlayerControls = false;
categorySelections = [
{
name = "sponsor";
option = 2;
}
{
name = "poi_highlight";
option = 1;
}
{
name = "exclusive_access";
option = 0;
}
{
name = "chapter";
option = 0;
}
{
name = "selfpromo";
option = 1;
}
{
name = "interaction";
option = 1;
}
{
name = "intro";
option = 1;
}
{
name = "outro";
option = 1;
}
{
name = "preview";
option = 1;
}
{
name = "filler";
option = 1;
}
{
name = "music_offtopic";
option = 2;
}
{
name = "hook";
option = 1;
}
];
manualSkipOnFullVideo = false;
minDuration = 0;
isVip = false;
muteSegments = false;
noticeVisibilityMode = 3;
renderSegmentsAsChapters = false;
scrollToEditTimeUpdate = false;
serverAddress = "https://sponsor.ajay.app";
showAutogeneratedChapters = false;
showCategoryGuidelines = true;
showCategoryWithoutPermission = false;
showChapterInfoMessage = true;
showDeArrowInSettings = true;
showDeArrowPromotion = true;
showDonationLink = false;
showNewFeaturePopups = false;
showSegmentFailedToFetchWarning = true;
showSegmentNameInChapterBar = true;
showTimeWithSkips = true;
showUpcomingNotice = false;
showUpsells = false;
minutesSaved = 67.630516;
shownDeArrowPromotion = false;
showZoomToFillError2 = false;
skipNoticeDuration = 4;
sponsorTimesContributed = 0;
testingServer = false;
trackDownvotes = false;
trackDownvotesInPrivate = false;
trackViewCount = false;
trackViewCountInPrivate = false;
ytInfoPermissionGranted = false;
skipNonMusicOnlyOnYoutubeMusic = false;
hookUpdate = false;
permissions = {
sponsor = true;
selfpromo = true;
exclusive_access = true;
interaction = true;
intro = true;
outro = true;
preview = true;
hook = true;
music_offtopic = true;
filler = true;
poi_highlight = true;
chapter = false;
};
segmentListDefaultTab = 0;
prideTheme = false;
};
# ublock-origin
"uBlock0@raymondhill.net".settings = {
advancedUserEnabled = true;
selectedFilterLists = [
"user-filters"
"ublock-filters"
"ublock-badware"
"ublock-privacy"
"ublock-quick-fixes"
"ublock-unbreak"
"easylist"
"easyprivacy"
"adguard-spyware-url"
"urlhaus-1"
"plowe-0"
];
};
# keep-sorted end
};
};
};
};
}

35
modules/home-manager/features/fish.nix
View file

@ -1,44 +1,14 @@
{ {
config,
lib,
pkgs, pkgs,
... ...
}: }:
let
feature = "fish";
in
{ {
config = lib.mkIf config.${feature}.enable {
home.shell.enableFishIntegration = true; home.shell.enableFishIntegration = true;
programs.fish = { programs.fish = {
enable = true; enable = true;
interactiveShellInit = '' interactiveShellInit = ''
set fish_greeting set fish_greeting
''; '';
shellAliases = {
# keep-sorted start
cat = "bat";
# cd = "j";
cut = "choose";
df = "duf";
du = "dua";
# find = "fd";
g = "lazygit";
l = "eza";
la = "eza -a";
ls = "eza";
ns = "nh os switch";
# curl = "xh";
ping = "gping";
ps = "procs";
# sed = "sd";
# grep = "rga";
top = "btm";
unzip = "ripunzip";
vi = "nvim";
vim = "nvim";
# keep-sorted end
};
plugins = [ plugins = [
# INFO: Using this to get shell completion for programs added to the path through nix+direnv. # INFO: Using this to get shell completion for programs added to the path through nix+direnv.
# Issue to upstream into direnv:Add commentMore actions # Issue to upstream into direnv:Add commentMore actions
@ -66,9 +36,4 @@ in
fi fi
''; '';
}; };
};
imports = [ ];
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
} }

14
modules/home-manager/features/gh.nix
View file

@ -1,13 +1,4 @@
{ {
config,
lib,
...
}:
let
feature = "gh";
in
{
config = lib.mkIf config.${feature}.enable {
programs.gh = { programs.gh = {
enable = true; enable = true;
settings = { settings = {
@ -15,9 +6,4 @@ in
editor = "nvim"; editor = "nvim";
}; };
}; };
};
imports = [ ];
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
} }

42
modules/home-manager/features/git.nix
View file

@ -1,24 +1,12 @@
{ {
config, userName,
lib,
... ...
}: }:
let
feature = "git";
in
{ {
config = lib.mkIf config.${feature}.enable { programs.git = {
programs.${feature} = {
enable = true; enable = true;
settings = {
delta = { # keep-sorted start block=yes
enable = true;
options.theme = "Dracula";
};
userName = "wi11-holdsworth";
userEmail = "83637728+wi11-holdsworth@users.noreply.github.com";
aliases = { aliases = {
# keep-sorted start # keep-sorted start
a = "add"; a = "add";
@ -39,18 +27,20 @@ in
s = "status -s"; s = "status -s";
# keep-sorted end # keep-sorted end
}; };
extraConfig = {
init.defaultBranch = "main";
core.editor = "nvim"; core.editor = "nvim";
init.defaultBranch = "main";
pull.rebase = true;
push.autoSetupRemote = true; push.autoSetupRemote = true;
user = {
pull.rebase = false; name = "Will Holdsworth";
email = "me@fi33.buzz";
};
# keep-sorted end
};
signing = {
key = "/home/${userName}/.ssh/git_signature.pub";
format = "ssh";
signByDefault = true;
}; };
}; };
};
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
} }

11
modules/home-manager/features/kitty.nix
View file

@ -1,14 +1,8 @@
{ {
config,
lib,
pkgs, pkgs,
... ...
}: }:
let
feature = "kitty";
in
{ {
config = lib.mkIf config.${feature}.enable {
programs.kitty = { programs.kitty = {
enable = true; enable = true;
enableGitIntegration = true; enableGitIntegration = true;
@ -24,9 +18,4 @@ in
confirm_os_window_close = 0; confirm_os_window_close = 0;
}; };
}; };
};
imports = [ ];
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
} }

15
modules/home-manager/features/lazygit.nix Normal file
View file

@ -0,0 +1,15 @@
{
...
}:
{
programs.lazygit = {
enable = true;
settings = {
git.overrideGpg = true;
log = {
localBranchSortOrder = "recency";
remoteBranchSortOrder = "recency";
};
};
};
}

255
modules/home-manager/features/librewolf.nix Normal file
View file

@ -0,0 +1,255 @@
{
pkgs,
...
}:
{
programs.librewolf = {
enable = true;
languagePacks = [ "en-GB" ];
profiles.will = {
settings = {
# keep-sorted start
"browser.aboutwelcome.enabled" = false;
"browser.bookmarks.addedImportButton" = false;
"browser.bookmarks.restore_default_bookmarks" = false;
"browser.download.useDownloadDir" = true;
"browser.newtabpage.enabled" = false;
"browser.safebrowsing.downloads.enabled" = false;
"browser.safebrowsing.malware.enabled" = false;
"browser.safebrowsing.phishing.enabled" = false;
"browser.safebrowsing.remote.block_potentially_unwanted" = false;
"browser.safebrowsing.remote.block_uncommon" = false;
"browser.search.suggest.enabled" = false;
"browser.startup.homepage" = "chrome://browser/content/blanktab.html";
"browser.startup.page" = 3;
"browser.tabs.groups.smart.userEnabled" = false;
"browser.tabs.warnOnClose" = true;
"browser.tabs.warnOnOpen" = false;
"browser.toolbars.bookmarks.visibility" = "never";
"browser.urlbar.suggest.searches" = false;
"datareporting.healthreport.uploadEnabled" = false;
"datareporting.usage.uploadEnabled" = false;
"dom.security.https_only_mode" = true;
"dom.security.https_only_mode_ever_enabled" = true;
"extensions.formautofill.creditCards.enabled" = false;
"general.autoScroll" = true;
"identity.fxaccounts.enabled" = true;
"intl.locale.requested" = "en-GB";
"network.trr.mode" = 3;
"network.trr.uri" = "https://firefox.dns.nextdns.io/";
"privacy.annotate_channels.strict_list.enabled" = true;
"privacy.bounceTrackingProtection.mode" = 1;
"privacy.fingerprintingProtection" = true;
"privacy.globalprivacycontrol.enabled" = true;
"privacy.globalprivacycontrol.was_ever_enabled" = true;
"privacy.history.custom" = false;
"privacy.query_stripping.enabled " = true;
"privacy.query_stripping.enabled.pbmode" = true;
"privacy.sanitize.sanitizeOnShutdown" = false;
"privacy.trackingprotection.allow_list.baseline.enabled" = true;
"privacy.trackingprotection.allow_list.convenience.enabled" = false;
"privacy.trackingprotection.consentmanager.skip.pbmode.enabled" = false;
"privacy.trackingprotection.emailtracking.enabled" = true;
"privacy.trackingprotection.enabled" = true;
"privacy.trackingprotection.socialtracking.enabled" = true;
"services.sync.engine.passwords" = false;
"sidebar.main.tools" = "syncedtabs,history,bookmarks";
"sidebar.new-sidebar.has-used" = true;
"sidebar.position_start" = false;
"sidebar.revamp" = true;
"sidebar.verticalTabs" = true;
"sidebar.verticalTabs.dragToPinPromo.dismissed" = true;
"signon.autofillForms" = false;
"signon.firefoxRelay.feature" = "disabled";
"signon.generation.enabled" = false;
"signon.management.page.breach-alerts.enabled" = false;
"signon.rememberSignons" = false;
"toolkit.telemetry.reportingpolicy.firstRun" = false;
# keep-sorted end
};
search = {
default = "ddg";
privateDefault = "ddg";
engines = { };
order = [ ];
force = true;
};
extensions = {
force = true;
packages = with pkgs.nur.repos.rycee.firefox-addons; [
# keep-sorted start sticky_comments=no
# detect-cloudflare
bitwarden
dearrow
nixpkgs-pr-tracker
react-devtools
return-youtube-dislikes
sponsorblock
ublock-origin
# keep-sorted end
];
settings = {
# keep-sorted start block=yes
# sponsorblock
"sponsorBlocker@ajay.app".settings = {
hideSegmentCreationInPopup = false;
autoSkipOnMusicVideosUpdate = true;
changeChapterColor = true;
autoSkipOnMusicVideos = false;
hideVideoPlayerControls = false;
useVirtualTime = true;
categoryPillColors = { };
payments = {
chaptersAllowed = false;
freeAccess = false;
lastCheck = 0;
lastFreeCheck = 0;
licenseKey = null;
};
allowExpirements = true;
allowScrollingToEdit = true;
audioNotificationOnSkip = false;
autoHideInfoButton = true;
categoryPillUpdate = true;
chapterCategoryAdded = true;
checkForUnlistedVideos = false;
cleanPopup = false;
darkMode = true;
deArrowInstalled = true;
defaultCategory = "chooseACategory";
disableSkipping = false;
donateClicked = 0;
dontShowNotice = false;
forceChannelCheck = false;
fullVideoLabelsOnThumbnails = true;
fullVideoSegments = true;
hideDeleteButtonPlayerControls = false;
hideDiscordLaunches = 0;
hideDiscordLink = false;
hideInfoButtonPlayerControls = false;
hideSkipButtonPlayerControls = false;
hideUploadButtonPlayerControls = false;
categorySelections = [
{
name = "sponsor";
option = 2;
}
{
name = "poi_highlight";
option = 1;
}
{
name = "exclusive_access";
option = 0;
}
{
name = "chapter";
option = 0;
}
{
name = "selfpromo";
option = 1;
}
{
name = "interaction";
option = 1;
}
{
name = "intro";
option = 1;
}
{
name = "outro";
option = 1;
}
{
name = "preview";
option = 1;
}
{
name = "filler";
option = 1;
}
{
name = "music_offtopic";
option = 2;
}
{
name = "hook";
option = 1;
}
];
manualSkipOnFullVideo = false;
minDuration = 0;
isVip = false;
muteSegments = false;
noticeVisibilityMode = 3;
renderSegmentsAsChapters = false;
scrollToEditTimeUpdate = false;
serverAddress = "https://sponsor.ajay.app";
showAutogeneratedChapters = false;
showCategoryGuidelines = true;
showCategoryWithoutPermission = false;
showChapterInfoMessage = true;
showDeArrowInSettings = true;
showDeArrowPromotion = true;
showDonationLink = false;
showNewFeaturePopups = false;
showSegmentFailedToFetchWarning = true;
showSegmentNameInChapterBar = true;
showTimeWithSkips = true;
showUpcomingNotice = false;
showUpsells = false;
minutesSaved = 67.630516;
shownDeArrowPromotion = false;
showZoomToFillError2 = false;
skipNoticeDuration = 4;
sponsorTimesContributed = 0;
testingServer = false;
trackDownvotes = false;
trackDownvotesInPrivate = false;
trackViewCount = false;
trackViewCountInPrivate = false;
ytInfoPermissionGranted = false;
skipNonMusicOnlyOnYoutubeMusic = false;
hookUpdate = false;
permissions = {
sponsor = true;
selfpromo = true;
exclusive_access = true;
interaction = true;
intro = true;
outro = true;
preview = true;
hook = true;
music_offtopic = true;
filler = true;
poi_highlight = true;
chapter = false;
};
segmentListDefaultTab = 0;
prideTheme = false;
};
# ublock-origin
"uBlock0@raymondhill.net".settings = {
advancedUserEnabled = true;
selectedFilterLists = [
"user-filters"
"ublock-filters"
"ublock-badware"
"ublock-privacy"
"ublock-quick-fixes"
"ublock-unbreak"
"easylist"
"easyprivacy"
"adguard-spyware-url"
"urlhaus-1"
"plowe-0"
];
};
# keep-sorted end
};
};
};
};
}

12
modules/home-manager/features/mail.nix
View file

@ -1,14 +1,11 @@
{ {
# keep-sorted start
config, config,
lib,
hostName, hostName,
# keep-sorted end
... ...
}: }:
let
feature = "mail";
in
{ {
config = lib.mkIf config.${feature}.enable {
accounts.email = accounts.email =
let let
certificatesFile = config.age.secrets.protonmail-cert.path; certificatesFile = config.age.secrets.protonmail-cert.path;
@ -54,9 +51,4 @@ in
}; };
}; };
age.secrets."protonmail-cert".file = ../../../secrets/protonmail-cert.age; age.secrets."protonmail-cert".file = ../../../secrets/protonmail-cert.age;
};
imports = [ ];
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
} }

10
modules/home-manager/features/obsidian.nix
View file

@ -1,9 +1,4 @@
{ config, lib, ... }:
let
feature = "obsidian";
in
{ {
config = lib.mkIf config.${feature}.enable {
programs.obsidian = { programs.obsidian = {
enable = true; enable = true;
defaultSettings = { defaultSettings = {
@ -118,9 +113,4 @@ in
}; };
}; };
}; };
};
imports = [ ];
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
} }

27
modules/home-manager/features/shell-aliases.nix Normal file
View file

@ -0,0 +1,27 @@
{
home.shellAliases = {
# keep-sorted start
",cat" = "bat";
",curl" = "xh";
",cut" = "choose";
",df" = "duf";
",diff" = "delta";
",du" = "dua";
",find" = "fd";
",grep" = "rga";
",ping" = "gping";
",ps" = "procs";
",sed" = "sd";
",ss" = "snitch";
",top" = "btm";
",unzip" = "ripunzip";
"g" = "lazygit";
"l" = "eza";
"la" = "eza -a";
"ls" = "eza";
"ns" = "nh os switch";
"vi" = "nvim";
"vim" = "nvim";
# keep-sorted end
};
}

12
modules/home-manager/features/starship.nix
View file

@ -1,13 +1,4 @@
{ {
config,
lib,
...
}:
let
feature = "starship";
in
{
config = lib.mkIf config.${feature}.enable {
programs.starship = { programs.starship = {
enable = true; enable = true;
settings.character = { settings.character = {
@ -15,7 +6,4 @@ in
error_symbol = "[%](bold red) "; error_symbol = "[%](bold red) ";
}; };
}; };
};
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
} }

12
modules/home-manager/features/yazi.nix
View file

@ -1,16 +1,11 @@
{ {
config,
lib,
pkgs, pkgs,
... ...
}: }:
let
feature = "yazi";
in
{ {
config = lib.mkIf config.${feature}.enable {
programs.yazi = { programs.yazi = {
enable = true; enable = true;
shellWrapperName = "y";
plugins = { plugins = {
# keep-sorted start # keep-sorted start
diff = pkgs.yaziPlugins.diff; diff = pkgs.yaziPlugins.diff;
@ -27,9 +22,4 @@ in
# keep-sorted end # keep-sorted end
}; };
}; };
};
imports = [ ];
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
} }

12
modules/home-manager/features/zed-editor.nix
View file

@ -1,14 +1,11 @@
{ {
config, # keep-sorted start
lib, lib,
pkgs, pkgs,
# keep-sorted end
... ...
}: }:
let
feature = "zed-editor";
in
{ {
config = lib.mkIf config.${feature}.enable {
programs.zed-editor = { programs.zed-editor = {
enable = true; enable = true;
package = pkgs.zed-editor-fhs; package = pkgs.zed-editor-fhs;
@ -89,9 +86,4 @@ in
# keep-sorted end # keep-sorted end
}; };
}; };
};
imports = [ ];
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
} }

15
modules/home-manager/features/zellij.nix
View file

@ -1,24 +1,9 @@
{ {
config,
lib,
...
}:
let
feature = "zellij";
in
{
config = lib.mkIf config.${feature}.enable {
programs.zellij = { programs.zellij = {
enable = true; enable = true;
settings = { settings = {
theme = "catppuccin-mocha"; theme = "catppuccin-mocha";
show_startup_tips = false; show_startup_tips = false;
default_shell = "fish";
}; };
}; };
};
imports = [ ];
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
} }

15
modules/home-manager/features/zen-browser.nix
View file

@ -1,15 +1,13 @@
{ {
config, programs.zen-browser =
lib,
...
}:
let let
feature = "zen-browser"; profileName = "fmnikwnj.Default Profile";
in in
{ {
config = lib.mkIf config.${feature}.enable {
programs.zen-browser = {
enable = true; enable = true;
profiles.${profileName}.settings = {
zen.tabs.vertical.right-side = true;
};
policies = policies =
let let
mkLockedAttrs = builtins.mapAttrs ( mkLockedAttrs = builtins.mapAttrs (
@ -66,7 +64,4 @@ in
# keep-sorted end # keep-sorted end
}; };
}; };
};
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
} }

15
modules/home-manager/features/zoxide.nix
View file

@ -1,23 +1,8 @@
{ {
config,
lib,
...
}:
let
feature = "zoxide";
in
{
config = lib.mkIf config.${feature}.enable {
programs.zoxide = { programs.zoxide = {
enable = true; enable = true;
enableBashIntegration = true;
options = [ options = [
"--cmd j" "--cmd j"
]; ];
}; };
};
imports = [ ];
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
} }

31
modules/nixos/bundles/desktop.nix
View file

@ -1,34 +1,13 @@
{ {
config, util,
lib,
pkgs,
... ...
}: }:
let
feature = "desktop";
in
{ {
config = lib.mkIf config.${feature}.enable { imports = util.toImports ../features [
# keep-sorted start # keep-sorted start
pipewire.enable = true; "pipewire"
print-and-scan.enable = true; "print-and-scan"
protonmail-bridge.enable = true; "protonmail-bridge"
# keep-sorted end
environment.systemPackages = with pkgs; [
# keep-sorted start
beeper
calibre
cameractrls-gtk3
# https://github.com/NixOS/nixpkgs/issues/437865
# jellyfin-media-player
onlyoffice-desktopeditors
textsnatcher
# keep-sorted end # keep-sorted end
]; ];
};
imports = [ ];
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
} }

13
modules/nixos/bundles/dev.nix
View file

@ -1,26 +1,13 @@
{ {
config,
lib,
pkgs, pkgs,
... ...
}: }:
let
feature = "dev";
in
{ {
config = lib.mkIf config.${feature}.enable {
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
# keep-sorted start # keep-sorted start
bacon bacon
cargo-info cargo-info
devenv
just
mask mask
rusty-man
vscode
# keep-sorted end # keep-sorted end
]; ];
};
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
} }

24
modules/nixos/bundles/gui.nix Normal file
View file

@ -0,0 +1,24 @@
{
# keep-sorted start
pkgs,
util,
# keep-sorted end
...
}:
{
imports = util.toImports ../features [
# keep-sorted start
"fonts"
# keep-sorted end
];
environment.systemPackages = with pkgs; [
# keep-sorted start
cameractrls-gtk3
jellyfin-desktop
libreoffice
signal-desktop
textsnatcher
# keep-sorted end
];
}

62
modules/nixos/bundles/server.nix
View file

@ -1,39 +1,41 @@
{ {
config, util,
lib,
... ...
}: }:
let
feature = "server";
in
{ {
config = lib.mkIf config.${feature}.enable { imports = util.toImports ../features [
# keep-sorted start # keep-sorted start
copyparty.enable = true; "bazarr"
couchdb.enable = true; "caddy"
flaresolverr.enable = true; "copyparty"
homepage-dashboard.enable = true; "couchdb"
immich.enable = true; "cryptpad"
jellyfin.enable = true; "fi33.buzz"
lidarr.enable = true; "gatus"
miniflux.enable = true; "homepage-dashboard"
nginx.enable = true; "immich"
ntfy-sh.enable = true; "jellyfin"
paperless.enable = true; "kavita"
prowlarr.enable = true; "libretranslate"
qbittorrent.enable = true; "lidarr"
radarr.enable = true; "mealie"
sonarr.enable = true; "miniflux"
syncthing.enable = true; "ntfy-sh"
vaultwarden.enable = true; "nzbget"
"paperless"
"prowlarr"
"qbittorrent"
"radarr"
"radicale"
"readarr"
"send"
"sonarr"
"vaultwarden"
# keep-sorted end # keep-sorted end
];
users.groups.media = { }; services.borgbackup.jobs = {
onsite.paths = [ "/srv" ];
services.borgmatic.settings.source_directories = [ "/srv" ]; offsite.paths = [ "/srv" ];
}; };
imports = [ ];
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
} }

43
modules/nixos/default.nix
View file

@ -1,44 +1,35 @@
{ {
lib, # keep-sorted start
pkgs, pkgs,
util,
# keep-sorted end
... ...
}: }:
let
featureBundler =
featuresDir:
map (name: featuresDir + "/${name}") (builtins.attrNames (builtins.readDir featuresDir));
in
{ {
imports = (featureBundler ./bundles) ++ (featureBundler ./features); imports = util.toImports ./features [
# keep-sorted start # keep-sorted start
agenix.enable = lib.mkDefault true; "agenix"
fonts.enable = lib.mkDefault true; "localisation"
localisation.enable = lib.mkDefault true; "network"
network.enable = lib.mkDefault true; "nh"
nh.enable = lib.mkDefault true; "nix"
nix-settings.enable = lib.mkDefault true; "nixvim"
nixpkgs.enable = lib.mkDefault true; "syncthing"
nixvim.enable = lib.mkDefault true; "systemd-boot"
syncthing.enable = lib.mkDefault true;
systemd-boot.enable = lib.mkDefault true;
tailscale.enable = lib.mkDefault true;
# keep-sorted end # keep-sorted end
];
environment.systemPackages = environment.systemPackages =
with pkgs; with pkgs;
[ [
# keep-sorted start # keep-sorted start
bottom # top
broot # large directory browser broot # large directory browser
choose # cut choose # cut
circumflex # hacker news browsing
cointop # crypto ticker
ddgr # web search ddgr # web search
dogdns # dns doggo # dns
dua # du dua # du
duf # df duf # df
epy # ebook reading epy # ebook reading
fd # find
fselect # find with sql syntax fselect # find with sql syntax
fx # json processor and viewer fx # json processor and viewer
fzf # fuzzy finder fzf # fuzzy finder
@ -48,13 +39,12 @@ in
hexyl # hexadecimal viewer hexyl # hexadecimal viewer
hyperfine # benchmarking tool hyperfine # benchmarking tool
keep-sorted # alphabetical formatter keep-sorted # alphabetical formatter
lazygit # git tui
mprocs # run long running commands and monitor output mprocs # run long running commands and monitor output
navi # cheatsheet browser navi # cheatsheet browser
nb # note taking nb # note taking
nil # nix language server nil # nix language server
nixd # nix language server nixd # nix language server
nixfmt-rfc-style # nix file formatting nixfmt # nix file formatting
nom # stylistic nix dependency graphs nom # stylistic nix dependency graphs
pastel # colour generation pastel # colour generation
pdd # datetime calculations pdd # datetime calculations
@ -66,10 +56,11 @@ in
ripunzip # unzip ripunzip # unzip
sd # sed sd # sed
slides # presentations slides # presentations
snitch # netstat
ticker # stock ticker ticker # stock ticker
tldr # cheat sheets tldr # cheat sheets
tmpmail # temporary email address tmpmail # temporary email address
topydo # todo.txt helper tool # topydo # todo.txt helper tool
tt # typing test tt # typing test
wtfutil # terminal homepage wtfutil # terminal homepage
xh # curl xh # curl

11
modules/nixos/features/agenix.nix
View file

@ -1,21 +1,14 @@
{ {
config, # keep-sorted start
inputs, inputs,
lib,
system, system,
userName, userName,
# keep-sorted end
... ...
}: }:
let
feature = "agenix";
in
{ {
config = lib.mkIf config.${feature}.enable {
environment.systemPackages = [ inputs.agenix.packages.${system}.default ]; environment.systemPackages = [ inputs.agenix.packages.${system}.default ];
age.identityPaths = [ "/home/${userName}/.ssh/id_ed25519" ]; age.identityPaths = [ "/home/${userName}/.ssh/id_ed25519" ];
};
imports = [ inputs.agenix.nixosModules.default ]; imports = [ inputs.agenix.nixosModules.default ];
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
} }

15
modules/nixos/features/amd-gpu.nix
View file

@ -1,26 +1,11 @@
{ {
config,
lib,
pkgs,
...
}:
let
feature = "amd-gpu";
in
{
config = lib.mkIf config.${feature}.enable {
# load graphics drivers before anything else # load graphics drivers before anything else
boot.initrd.kernelModules = [ "amdgpu" ]; boot.initrd.kernelModules = [ "amdgpu" ];
hardware.graphics = { hardware.graphics = {
enable = true; enable = true;
enable32Bit = true; enable32Bit = true;
extraPackages = with pkgs; [ amdvlk ];
}; };
services.xserver.videoDrivers = [ "amdgpu" ]; services.xserver.videoDrivers = [ "amdgpu" ];
};
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
} }

38
modules/nixos/features/bazarr.nix Normal file
View file

@ -0,0 +1,38 @@
let
port = 5017;
certloc = "/var/lib/acme/fi33.buzz";
hostname = "subtitles.fi33.buzz";
url = "https://${hostname}";
in
{
services = {
bazarr = {
enable = true;
dataDir = "/srv/bazarr";
group = "srv";
listenPort = port;
};
gatus.settings.endpoints = [
{
name = "Bazarr";
group = "Media Management";
inherit url;
interval = "5m";
conditions = [
"[STATUS] == 200"
"[CONNECTED] == true"
"[RESPONSE_TIME] < 500"
];
alerts = [ { type = "ntfy"; } ];
}
];
caddy.virtualHosts.${hostname}.extraConfig = ''
reverse_proxy localhost:${toString port}
tls ${certloc}/cert.pem ${certloc}/key.pem {
protocols tls1.3
}
'';
};
}

57
modules/nixos/features/borgbackup.nix Normal file
View file

@ -0,0 +1,57 @@
{
config,
pkgs,
...
}:
let
jobConfig = {
compression = "auto,zlib";
doInit = false;
preHook = ''
/run/wrappers/bin/sudo -u postgres ${pkgs.postgresql}/bin/pg_dumpall > /srv/backup/database/postgres/dump.sql
'';
postHook = ''
rm /srv/backup/database/postgres/dump.sql
'';
prune.keep = {
daily = 7;
weekly = 4;
monthly = 6;
yearly = 1;
};
readWritePaths = [
"/srv/backup"
];
startAt = "*-*-* 03:00:00";
extraCreateArgs = [ "-v" ];
};
in
{
services.borgbackup = {
jobs = {
onsite = {
encryption = {
passCommand = "cat ${config.age.secrets.borgbackup-onsite.path}";
mode = "repokey-blake2";
};
removableDevice = true;
repo = "/mnt/external/backup/take2";
}
// jobConfig;
offsite = {
encryption = {
passCommand = "cat ${config.age.secrets.borgbackup-offsite.path}";
mode = "repokey-blake2";
};
environment.BORG_RSH = "ssh -i /home/srv/.ssh/id_ed25519";
repo = "ssh://vuc5c3xq@vuc5c3xq.repo.borgbase.com/./repo";
}
// jobConfig;
};
};
age.secrets = {
borgbackup-onsite.file = ../../../secrets/borgbackup-onsite.age;
borgbackup-offsite.file = ../../../secrets/borgbackup-offsite.age;
};
}

24
modules/nixos/features/borgmatic.nix
View file

@ -1,13 +1,11 @@
{ {
# keep-sorted start
config, config,
lib, lib,
# keep-sorted end
... ...
}: }:
let
feature = "borgmatic";
in
{ {
config = lib.mkIf config.${feature}.enable {
# service # service
services.borgmatic = { services.borgmatic = {
enable = true; enable = true;
@ -22,6 +20,8 @@ in
ntfy = { ntfy = {
topic = "backups"; topic = "backups";
server = config.services.ntfy-sh.settings.base-url; server = config.services.ntfy-sh.settings.base-url;
username = "borgmatic";
password = "{credential file ${config.age.secrets.borgmatic-ntfy.path}}";
finish = { finish = {
title = "Ping!"; title = "Ping!";
message = "Your backups have succeeded :)"; message = "Your backups have succeeded :)";
@ -37,16 +37,15 @@ in
"fail" "fail"
]; ];
}; };
relocated_repo_access_is_ok = true;
repositories = [ repositories = [
{ {
path = "/backup/repo"; path = "/mnt/external/backup/repo";
label = "onsite"; label = "onsite";
# encryption = "repokey-blake2";
} }
{ {
path = "ssh://vuc5c3xq@vuc5c3xq.repo.borgbase.com/./repo"; path = "ssh://vuc5c3xq@vuc5c3xq.repo.borgbase.com/./repo";
label = "offsite"; label = "offsite";
# encryption = "repokey-blake2";
} }
]; ];
retries = 3; retries = 3;
@ -74,19 +73,10 @@ in
"borgmatic-pg:${config.age.secrets.borgmatic-pg.path}" "borgmatic-pg:${config.age.secrets.borgmatic-pg.path}"
]; ];
# onsite drive
services.udisks2.enable = true;
fileSystems."/backup" = {
device = "/dev/disk/by-uuid/d3b3d7dc-d634-4327-9ea2-9d8daa4ecf4e";
fsType = "ext4";
};
# secrets # secrets
age.secrets = { age.secrets = {
"borgmatic".file = ../../../secrets/borgmatic.age; "borgmatic".file = ../../../secrets/borgmatic.age;
"borgmatic-ntfy".file = ../../../secrets/borgmatic-ntfy.age;
"borgmatic-pg".file = ../../../secrets/borgmatic-pg.age; "borgmatic-pg".file = ../../../secrets/borgmatic-pg.age;
}; };
};
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
} }

29
modules/nixos/features/caddy.nix Normal file
View file

@ -0,0 +1,29 @@
{
config,
...
}:
{
services.caddy = {
enable = true;
dataDir = "/srv/caddy";
globalConfig = ''
auto_https disable_redirects
'';
openFirewall = true;
};
security.acme = {
acceptTerms = true;
defaults.email = "festive-steed-fit@duck.com";
certs."fi33.buzz" = {
group = config.services.caddy.group;
domain = "fi33.buzz";
extraDomainNames = [ "*.fi33.buzz" ];
dnsProvider = "porkbun";
dnsPropagationCheck = true;
credentialsFile = config.age.secrets."porkbun-api".path;
};
};
age.secrets."porkbun-api".file = ../../../secrets/porkbun-api.age;
}

67
modules/nixos/features/copyparty.nix
View file

@ -1,19 +1,20 @@
{ {
# keep-sorted start
config, config,
lib,
inputs, inputs,
# keep-sorted end
... ...
}: }:
let let
feature = "copyparty"; port = 5000;
port = "5000"; certloc = "/var/lib/acme/fi33.buzz";
hostname = "files.fi33.buzz";
url = "https://${hostname}";
in in
{ {
imports = [ inputs.copyparty.nixosModules.default ]; imports = [ inputs.copyparty.nixosModules.default ];
config = lib.mkIf config.${feature}.enable {
services = { services = {
# service
copyparty = { copyparty = {
enable = true; enable = true;
settings = { settings = {
@ -21,47 +22,49 @@ in
e2dsa = true; e2dsa = true;
e2ts = true; e2ts = true;
e2vu = true; e2vu = true;
p = lib.toInt port; p = port;
xff-hdr = "x-forwarded-for";
rproxy = 1;
}; };
accounts = { accounts.Impatient7119.passwordFile = config.age.secrets.copyparty.path;
will = {
passwordFile = config.age.secrets.copyparty-will.path;
};
};
volumes = { volumes."/" = {
"/" = {
path = "/srv/copyparty"; path = "/srv/copyparty";
access = { access = {
r = "*"; A = [ "Impatient7119" ];
A = [ "will" ];
};
}; };
}; };
}; };
# reverse proxy gatus.settings.endpoints = [
nginx = { {
virtualHosts."${feature}.fi33.buzz" = { name = "copyparty";
forceSSL = true; group = "Private Services";
useACMEHost = "fi33.buzz"; inherit url;
locations."/" = { interval = "5m";
proxyPass = "http://localhost:${port}"; conditions = [
# proxyWebsockets = true; "[STATUS] == 200"
}; "[CONNECTED] == true"
}; "[RESPONSE_TIME] < 500"
}; ];
alerts = [ { type = "ntfy"; } ];
}
];
caddy.virtualHosts.${hostname}.extraConfig = ''
reverse_proxy localhost:${toString port}
tls ${certloc}/cert.pem ${certloc}/key.pem {
protocols tls1.3
}
'';
}; };
# secrets # secrets
age.secrets."copyparty-will" = { age.secrets."copyparty" = {
file = ../../../secrets/copyparty-will.age; file = ../../../secrets/copyparty.age;
owner = "copyparty"; owner = "copyparty";
}; };
nixpkgs.overlays = [ inputs.copyparty.overlays.default ]; nixpkgs.overlays = [ inputs.copyparty.overlays.default ];
};
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
} }

54
modules/nixos/features/couchdb.nix
View file

@ -1,22 +1,17 @@
{
config,
lib,
...
}:
let let
feature = "couchdb"; port = 5984;
port = "5984"; certloc = "/var/lib/acme/fi33.buzz";
hostname = "couchdb.fi33.buzz";
url = "https://${hostname}";
in in
{ {
config = lib.mkIf config.${feature}.enable {
services = { services = {
# service
couchdb = { couchdb = {
enable = true; enable = true;
databaseDir = "/srv/couchdb"; databaseDir = "/srv/couchdb";
viewIndexDir = "/srv/couchdb"; viewIndexDir = "/srv/couchdb";
configFile = "/srv/couchdb"; configFile = "/srv/couchdb";
port = lib.toInt port; inherit port;
extraConfig = { extraConfig = {
chttpd = { chttpd = {
require_valid_user = true; require_valid_user = true;
@ -36,25 +31,32 @@ in
cors = { cors = {
credentials = true; credentials = true;
origins = '' origins = ''
app://obsidian.md,capacitor://localhost,http://localhost,https://localhost,capacitor://couchdb.fi33.buzz,http://couchdb.fi33.buzz,https://couchdb.fi33.buzz app://obsidian.md,capacitor://localhost,http://localhost,https://localhost,capacitor://${hostname},http://${hostname},${url}
''; '';
}; };
}; };
}; };
# reverse proxy gatus.settings.endpoints = [
nginx = { {
virtualHosts."${feature}.fi33.buzz" = { name = "CouchDB";
forceSSL = true; group = "Private Services";
useACMEHost = "fi33.buzz"; inherit url;
locations."/" = { interval = "5m";
proxyPass = "http://localhost:${port}"; conditions = [
# proxyWebsockets = true; "[STATUS] == 401"
}; "[CONNECTED] == true"
}; "[RESPONSE_TIME] < 500"
}; ];
}; alerts = [ { type = "ntfy"; } ];
}; }
];
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
caddy.virtualHosts.${hostname}.extraConfig = ''
reverse_proxy localhost:${toString port}
tls ${certloc}/cert.pem ${certloc}/key.pem {
protocols tls1.3
}
'';
};
} }

66
modules/nixos/features/cryptpad.nix Normal file
View file

@ -0,0 +1,66 @@
let
httpPort = 5022;
websocketPort = 5024;
certloc = "/var/lib/acme/fi33.buzz";
hostname = "cryptpad.fi33.buzz";
url = "https://${hostname}";
in
{
services = {
cryptpad = {
enable = true;
settings = {
inherit httpPort;
inherit websocketPort;
httpUnsafeOrigin = url;
httpSafeOrigin = "https://cryptpad-ui.fi33.buzz";
inactiveTime = 7;
archiveRetentionTime = 7;
accountRetentionTime = 7;
};
};
gatus.settings.endpoints = [
{
name = "CryptPad";
group = "Public Services";
inherit url;
interval = "5m";
conditions = [
"[STATUS] == 200"
"[CONNECTED] == true"
"[RESPONSE_TIME] < 500"
];
alerts = [ { type = "ntfy"; } ];
}
];
caddy.virtualHosts."${hostname} cryptpad-ui.fi33.buzz".extraConfig = ''
header Strict-Transport-Security "includeSubDomains; preload"
handle /cryptpad_websocket* {
reverse_proxy localhost:${toString websocketPort} {
header_up Host {host}
header_up X-Real-IP {remote_host}
}
}
handle {
reverse_proxy localhost:${toString httpPort} {
header_up Host {host}
header_up X-Real-IP {remote_host}
}
}
@register {
host ${hostname}
path /register*
}
respond @register 403
tls ${certloc}/cert.pem ${certloc}/key.pem {
protocols tls1.3
}
'';
};
}

12
modules/nixos/features/external-speakers.nix
View file

@ -1,17 +1,5 @@
{ {
config,
lib,
...
}:
let
feature = "external-speakers";
in
{
config = lib.mkIf config.${feature}.enable {
boot.extraModprobeConfig = '' boot.extraModprobeConfig = ''
options snd_hda_intel power_save=0 options snd_hda_intel power_save=0
''; '';
};
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
} }

19
modules/nixos/features/fi33.buzz.nix Normal file
View file

@ -0,0 +1,19 @@
let
certloc = "/var/lib/acme/fi33.buzz";
hostname = "www.fi33.buzz";
in
{
# TODO why can't I serve content on fi33.buzz? dns propagation issue?
services.caddy.virtualHosts = {
"fi33.buzz".extraConfig = ''
redir https://www.fi33.buzz{uri} permanent
'';
${hostname}.extraConfig = ''
root * /srv/fi33.buzz/public
file_server
tls ${certloc}/cert.pem ${certloc}/key.pem {
protocols tls1.3
}
'';
};
}

50
modules/nixos/features/firefly.nix Normal file
View file

@ -0,0 +1,50 @@
{
config,
...
}:
let
certloc = "/var/lib/acme/fi33.buzz";
in
{
services = {
firefly-iii = {
enable = true;
dataDir = "/srv/firefly";
group = config.services.caddy.group;
settings = {
# keep-sorted start
ALLOW_WEBHOOKS = "true";
APP_KEY_FILE = config.age.secrets.firefly.path;
APP_URL = "https://firefly.fi33.buzz";
DEFAULT_LANGUAGE = "en_GB";
REPORT_ERRORS_ONLINE = "false";
TRUSTED_PROXIES = "**";
TZ = "Australia/Melbourne";
# keep-sorted end
};
};
caddy.virtualHosts."firefly.fi33.buzz".extraConfig = ''
root * ${config.services.firefly-iii.package}/public
php_fastcgi unix//${config.services.phpfpm.pools.firefly-iii.socket}
try_files {path} {path}/ /index.php?{query}
file_server {
index index.php
}
tls ${certloc}/cert.pem ${certloc}/key.pem {
protocols tls1.3
}
'';
};
age.secrets = {
firefly = {
file = ../../../secrets/firefly.age;
owner = "firefly-iii";
};
firefly-db = {
file = ../../../secrets/firefly-db.age;
owner = "firefly-iii";
};
};
}

34
modules/nixos/features/flaresolverr.nix
View file

@ -1,34 +0,0 @@
{
config,
lib,
...
}:
let
feature = "flaresolverr";
port = "5011";
in
{
config = lib.mkIf config.${feature}.enable {
services = {
# service
flaresolverr = {
enable = true;
port = lib.toInt port;
};
# reverse proxy
nginx = {
virtualHosts."${feature}.fi33.buzz" = {
forceSSL = true;
useACMEHost = "fi33.buzz";
locations."/" = {
proxyPass = "http://localhost:${port}";
# proxyWebsockets = true;
};
};
};
};
};
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
}

11
modules/nixos/features/fonts.nix
View file

@ -1,21 +1,10 @@
{ {
config,
lib,
pkgs, pkgs,
... ...
}: }:
let
feature = "fonts";
in
{ {
config = lib.mkIf config.${feature}.enable {
fonts.packages = with pkgs; [ fonts.packages = with pkgs; [
nerd-fonts.jetbrains-mono nerd-fonts.jetbrains-mono
inter-nerdfont inter-nerdfont
]; ];
};
imports = [ ];
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
} }

14
modules/nixos/features/gaming.nix
View file

@ -1,20 +1,12 @@
{ {
config,
lib,
pkgs, pkgs,
... ...
}: }:
let
feature = "gaming";
in
{ {
config = lib.mkIf config.${feature}.enable {
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
# keep-sorted start # keep-sorted start
heroic heroic
lutris
mangohud mangohud
nexusmods-app
prismlauncher prismlauncher
protonup-qt protonup-qt
wine wine
@ -25,6 +17,7 @@ in
programs = { programs = {
gamemode.enable = true; gamemode.enable = true;
gamescope.enable = true;
steam = { steam = {
enable = true; enable = true;
gamescopeSession.enable = true; gamescopeSession.enable = true;
@ -37,8 +30,5 @@ in
}; };
# latest kernel # latest kernel
boot.kernelPackages = pkgs.linuxPackages_latest; # boot.kernelPackages = pkgs.linuxPackages_latest;
};
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
} }

55
modules/nixos/features/gatus.nix Normal file
View file

@ -0,0 +1,55 @@
{
config,
...
}:
let
port = 5025;
certloc = "/var/lib/acme/fi33.buzz";
hostname = "status.fi33.buzz";
url = "https://${hostname}";
in
{
services = {
gatus = {
enable = true;
environmentFile = config.age.secrets.gatus.path;
settings = {
alerting = {
ntfy = {
topic = "services";
url = config.services.ntfy-sh.settings.base-url;
token = "$NTFY_TOKEN";
click = url;
default-alert = {
description = "Health Check Failed";
send-on-resolved = true;
};
};
};
connectivity.checker = {
target = "1.1.1.1:53";
interval = "60s";
};
ui = {
title = "Health Dashboard | Fi33Buzz";
description = "Fi33Buzz health dashboard";
dashboard-heading = "";
dashboard-subheading = "";
header = "Fi33Buzz Status";
link = "https://home.fi33.buzz/";
default-sort-by = "group";
};
web.port = port;
};
};
caddy.virtualHosts.${hostname}.extraConfig = ''
reverse_proxy localhost:${toString port}
tls ${certloc}/cert.pem ${certloc}/key.pem {
protocols tls1.3
}
'';
};
age.secrets.gatus.file = ../../../secrets/gatus.age;
}

9
modules/nixos/features/gnome.nix
View file

@ -1,14 +1,8 @@
{ {
config,
lib,
pkgs, pkgs,
... ...
}: }:
let
feature = "gnome";
in
{ {
config = lib.mkIf config.${feature}.enable {
services = { services = {
desktopManager.gnome.enable = true; desktopManager.gnome.enable = true;
displayManager.gdm.enable = true; displayManager.gdm.enable = true;
@ -53,7 +47,4 @@ in
bibata-cursors bibata-cursors
]; ];
}; };
};
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
} }

446
modules/nixos/features/homepage-dashboard.nix
View file

@ -1,12 +1,13 @@
{ {
# keep-sorted start
config, config,
lib, lib,
pkgs, pkgs,
# keep-sorted end
... ...
}: }:
let let
feature = "homepage-dashboard"; port = 5004;
port = "5004";
genSecrets = genSecrets =
secrets: secrets:
lib.genAttrs secrets (secret: { lib.genAttrs secrets (secret: {
@ -24,67 +25,54 @@ let
# keep-sorted start # keep-sorted start
"immich" "immich"
"jellyfin" "jellyfin"
"kavita-api"
"lidarr" "lidarr"
"mealie"
"miniflux" "miniflux"
"nzbget"
"paperless" "paperless"
"prowlarr" "prowlarr"
"radarr" "radarr"
"readarr"
"sonarr" "sonarr"
"subtitles"
# keep-sorted end # keep-sorted end
]; ];
certloc = "/var/lib/acme/fi33.buzz";
hostname = "home.fi33.buzz";
url = "https://${hostname}";
in in
{ {
config = lib.mkIf config.${feature}.enable {
services = { services = {
# service
homepage-dashboard = { homepage-dashboard = {
enable = true; enable = true;
listenPort = lib.toInt port; listenPort = port;
allowedHosts = "homepage-dashboard.fi33.buzz"; allowedHosts = hostname;
services = [ services = [
# keep-sorted start block=yes
{ {
"Cloud Services" = [ "Public Services" = [
{ {
"copyparty" = { CryptPad = {
"description" = "Cloud file manager"; description = "Collaborative office suite";
"icon" = "sh-copyparty.svg"; icon = "cryptpad.svg";
"href" = "https://copyparty.fi33.buzz/"; href = "https://cryptpad.fi33.buzz/";
siteMonitor = "https://cryptpad.fi33.buzz/";
}; };
} }
{ {
"CouchDB" = { LibreTranslate = {
"description" = "Obsidian sync database"; description = "Machine Translation API";
"icon" = "couchdb.svg"; icon = "libretranslate.svg";
"href" = "https://couchdb.fi33.buzz/_utils/"; href = "https://translate.fi33.buzz/";
siteMonitor = "https://translate.fi33.buzz/";
}; };
} }
{ {
"ntfy" = { Send = {
"description" = "Notification service"; description = "Simple, private file sharing";
"icon" = "ntfy.svg"; icon = "send.svg";
"href" = "https://ntfy-sh.fi33.buzz/"; href = "https://send.fi33.buzz/";
}; siteMonitor = "https://send.fi33.buzz/";
}
{
"Syncthing" = {
"description" = "Decentralised file synchronisation";
"icon" = "syncthing.svg";
"href" = "https://syncthing.fi33.buzz/";
};
}
{
"qBittorrent" = {
"description" = "BitTorrent client";
"icon" = "qbittorrent.svg";
"href" = "https://qbittorrent.fi33.buzz/";
};
}
{
"Vaultwarden" = {
"description" = "Password manager";
"icon" = "vaultwarden.svg";
"href" = "https://vaultwarden.fi33.buzz/";
}; };
} }
]; ];
@ -92,173 +80,330 @@ in
{ {
"Media Management" = [ "Media Management" = [
{ {
"Lidarr" = { Radarr = {
"description" = "Music collection manager"; description = "Movie organizer/manager";
"icon" = "lidarr.svg"; icon = "radarr.svg";
"href" = "https://lidarr.fi33.buzz/"; href = "https://movies.fi33.buzz/";
"widget" = { siteMonitor = "https://movies.fi33.buzz/";
"type" = "lidarr"; widget = {
"url" = "https://lidarr.fi33.buzz/"; type = "radarr";
"key" = "@lidarr@"; url = "https://movies.fi33.buzz/";
"enableQueue" = true; key = "@radarr@";
enableQueue = true;
}; };
}; };
} }
{ {
"Prowlarr" = { Sonarr = {
"description" = "Indexer management tool"; description = "Smart PVR";
"icon" = "prowlarr.svg"; icon = "sonarr.svg";
"href" = "https://prowlarr.fi33.buzz/"; href = "https://shows.fi33.buzz/";
"widget" = { siteMonitor = "https://shows.fi33.buzz/";
"type" = "prowlarr"; widget = {
"url" = "https://prowlarr.fi33.buzz/"; type = "sonarr";
"key" = "@prowlarr@"; url = "https://shows.fi33.buzz/";
key = "@sonarr@";
enableQueue = true;
}; };
}; };
} }
{ {
"Radarr" = { Lidarr = {
"description" = "Movie collection manager"; description = "Like Sonarr but made for music";
"icon" = "radarr.svg"; icon = "lidarr.svg";
"href" = "https://radarr.fi33.buzz/"; href = "https://music.fi33.buzz/";
"widget" = { siteMonitor = "https://music.fi33.buzz/";
"type" = "radarr"; widget = {
"url" = "https://radarr.fi33.buzz/"; type = "lidarr";
"key" = "@radarr@"; url = "https://music.fi33.buzz/";
"enableQueue" = true; key = "@lidarr@";
enableQueue = true;
}; };
}; };
} }
{ {
"Sonarr" = { Readarr = {
"description" = "TV show collection manager"; description = "Book Manager and Automation";
"icon" = "sonarr.svg"; icon = "readarr.svg";
"href" = "https://sonarr.fi33.buzz/"; href = "https://books.fi33.buzz/";
"widget" = { siteMonitor = "https://books.fi33.buzz/";
"type" = "sonarr"; widget = {
"url" = "https://sonarr.fi33.buzz/"; type = "readarr";
"key" = "@sonarr@"; url = "https://books.fi33.buzz/";
"enableQueue" = true; key = "@readarr@";
enableQueue = true;
}; };
}; };
} }
{
Bazarr = {
description = "Subtitle manager and downloader";
icon = "bazarr.svg";
href = "https://subtitles.fi33.buzz/";
siteMonitor = "https://subtitles.fi33.buzz/";
widget = {
type = "bazarr";
url = "https://subtitles.fi33.buzz/";
key = "@subtitles@";
};
};
}
{
Prowlarr = {
description = "Indexer manager/proxy";
icon = "prowlarr.svg";
href = "https://prowlarr.fi33.buzz/";
siteMonitor = "https://prowlarr.fi33.buzz/";
widget = {
type = "prowlarr";
url = "https://prowlarr.fi33.buzz/";
key = "@prowlarr@";
};
};
}
{
NZBget = {
description = "Usenet Downloader";
icon = "nzbget.svg";
href = "https://usenet.fi33.buzz/";
siteMonitor = "https://usenet.fi33.buzz/";
widget = {
type = "nzbget";
url = "https://usenet.fi33.buzz/";
username = "nzbget";
password = "@nzbget@";
};
};
}
{
qBittorrent = {
description = "BitTorrent client";
icon = "qbittorrent.svg";
href = "https://bittorrent.fi33.buzz/";
siteMonitor = "https://bittorrent.fi33.buzz/";
};
}
];
}
{
"Private Services" = [
{
copyparty = {
description = "Portable file server";
icon = "sh-copyparty.svg";
href = "https://files.fi33.buzz/";
siteMonitor = "https://files.fi33.buzz/";
};
}
{
CouchDB = {
description = "Syncing database";
icon = "couchdb.svg";
href = "https://couchdb.fi33.buzz/_utils/";
siteMonitor = "https://couchdb.fi33.buzz/_utils/";
};
}
{
Mealie = {
description = "Recipe manager and meal planner";
icon = "mealie.svg";
href = "https://mealie.fi33.buzz/";
siteMonitor = "https://mealie.fi33.buzz/";
widget = {
type = "mealie";
url = "https://mealie.fi33.buzz/";
version = 2;
key = "@mealie@";
};
};
}
{
ntfy = {
description = "Send push notifications using PUT/POST";
icon = "ntfy.svg";
href = "https://notify.fi33.buzz/";
siteMonitor = "https://notify.fi33.buzz/";
};
}
{
Radicale = {
description = "A simple CalDAV (calendar) and CardDAV (contact) server";
icon = "radicale.svg";
href = "https://caldav.fi33.buzz";
siteMonitor = "https://caldav.fi33.buzz";
};
}
{
Syncthing = {
description = "Open Source Continuous File Synchronization";
icon = "syncthing.svg";
href = "https://sync.fi33.buzz/";
siteMonitor = "https://sync.fi33.buzz/";
};
}
{
Vaultwarden = {
description = "Unofficial Bitwarden compatible server";
icon = "vaultwarden.svg";
href = "https://vault.fi33.buzz/";
siteMonitor = "https://vault.fi33.buzz/";
};
}
]; ];
} }
{ {
"Media Streaming" = [ "Media Streaming" = [
{ {
"Immich" = { Immich = {
"description" = "Photo backup"; description = "Photo and video management solution";
"icon" = "immich.svg"; icon = "immich.svg";
"href" = "https://immich.fi33.buzz/"; href = "https://photos.fi33.buzz/";
"widget" = { siteMonitor = "https://photos.fi33.buzz/";
"type" = "immich"; widget = {
"fields" = [ type = "immich";
fields = [
"users" "users"
"photos" "photos"
"videos" "videos"
"storage" "storage"
]; ];
"url" = "https://immich.fi33.buzz/"; url = "https://photos.fi33.buzz/";
"version" = 2; version = 2;
"key" = "@immich@"; key = "@immich@";
}; };
}; };
} }
{ {
"Jellyfin" = { Jellyfin = {
"description" = "Media streaming"; description = "Media System";
"icon" = "jellyfin.svg"; icon = "jellyfin.svg";
"href" = "https://jellyfin.fi33.buzz/"; href = "https://media.fi33.buzz/";
"widget" = { siteMonitor = "https://media.fi33.buzz/";
"type" = "jellyfin"; widget = {
"url" = "https://jellyfin.fi33.buzz/"; type = "jellyfin";
"key" = "@jellyfin@"; url = "https://media.fi33.buzz/";
"enableBlocks" = true; key = "@jellyfin@";
"enableNowPlaying" = true; enableBlocks = true;
"enableUser" = true; enableNowPlaying = true;
"showEpisodeNumber" = true; enableUser = true;
"expandOneStreamToTwoRows" = false; showEpisodeNumber = true;
expandOneStreamToTwoRows = false;
}; };
}; };
} }
{ {
"Miniflux" = { Kavita = {
"description" = "RSS aggregator"; description = "Reading server";
"icon" = "miniflux.svg"; icon = "kavita.svg";
"href" = "https://miniflux.fi33.buzz/"; href = "https://library.fi33.buzz/";
"widget" = { siteMonitor = "https://library.fi33.buzz/";
"type" = "miniflux"; widget = {
"url" = "https://miniflux.fi33.buzz/"; type = "kavita";
"key" = "@miniflux@"; url = "https://library.fi33.buzz/";
key = "@kavita-api@";
}; };
}; };
} }
{ {
"Paperless" = { Miniflux = {
"description" = "Digital filing cabinet"; description = "Feed reader";
"icon" = "paperless.svg"; icon = "miniflux.svg";
"href" = "https://paperless.fi33.buzz/"; href = "https://feeds.fi33.buzz/";
"widget" = { siteMonitor = "https://feeds.fi33.buzz/";
"type" = "paperlessngx"; widget = {
"url" = "https://paperless.fi33.buzz/"; type = "miniflux";
"username" = "admin"; url = "https://feeds.fi33.buzz/";
"password" = "@paperless@"; key = "@miniflux@";
};
};
}
{
Paperless = {
description = "Document management system";
icon = "paperless.svg";
href = "https://documents.fi33.buzz/";
siteMonitor = "https://documents.fi33.buzz/";
widget = {
type = "paperlessngx";
url = "https://documents.fi33.buzz/";
username = "admin";
password = "@paperless@";
}; };
}; };
} }
]; ];
} }
{ {
"Utilities" = [ Utilities = [
{ {
"NanoKVM" = { Gatus = {
"description" = "Remote KVM switch"; description = "Status page";
"icon" = "mdi-console.svg"; icon = "gatus.svg";
"href" = "http://nano-kvm/"; href = "https://status.fi33.buzz/";
siteMonitor = "https://status.fi33.buzz/";
widget = {
type = "gatus";
url = "https://status.fi33.buzz/";
};
};
}
{
NanoKVM = {
description = "Remote KVM switch";
icon = "mdi-console.svg";
href = "http://nano-kvm/";
}; };
} }
]; ];
} }
# keep-sorted end
]; ];
settings = { settings = {
title = "Mission Control"; title = "Mission Control";
theme = "dark"; theme = "dark";
color = "neutral"; color = "neutral";
headerStyle = "clean"; headerStyle = "clean";
hideVersion = true;
layout = [ layout = [
{
"Public Services" = {
style = "row";
columns = 3;
useEqualHeights = true;
};
}
{
"Private Services" = {
style = "row";
columns = 3;
useEqualHeights = true;
};
}
{ {
"Media Streaming" = { "Media Streaming" = {
style = "row"; style = "row";
columns = 4; columns = 3;
useEqualHeights = true; useEqualHeights = true;
}; };
} }
{ {
"Media Management" = { "Media Management" = {
style = "row"; style = "row";
columns = 4; columns = 3;
useEqualHeights = true; useEqualHeights = true;
}; };
} }
{ {
"Cloud Services" = { Utilities = {
style = "row";
columns = 3;
};
}
{
"Utilities" = {
style = "row"; style = "row";
columns = 3; columns = 3;
useEqualHeights = true;
initiallyCollapsed = true;
}; };
} }
]; ];
quicklaunch.searchDescriptions = true; quicklaunch.searchDescriptions = true;
disableUpdateCheck = true; disableUpdateCheck = true;
showStats = true; showStats = true;
statusStyle = "dot";
}; };
widgets = [ widgets = [
{ {
@ -278,7 +423,7 @@ in
memory = true; memory = true;
disk = [ disk = [
"/" "/"
"/backup" "/mnt/external"
]; ];
cputemp = true; cputemp = true;
tempmin = 0; tempmin = 0;
@ -291,23 +436,30 @@ in
]; ];
}; };
# reverse proxy gatus.settings.endpoints = [
nginx = { {
virtualHosts."${feature}.fi33.buzz" = { name = "Homepage Dashboard";
forceSSL = true; group = "Utilities";
useACMEHost = "fi33.buzz"; inherit url;
locations."/" = { interval = "5m";
proxyPass = "http://localhost:${port}"; conditions = [
# proxyWebsockets = true; "[STATUS] == 200"
}; "[CONNECTED] == true"
}; "[RESPONSE_TIME] < 500"
}; ];
alerts = [ { type = "ntfy"; } ];
}
];
caddy.virtualHosts.${hostname}.extraConfig = ''
reverse_proxy localhost:${toString port}
tls ${certloc}/cert.pem ${certloc}/key.pem {
protocols tls1.3
}
'';
}; };
# secrets # secrets
age.secrets = genSecrets secrets; age.secrets = genSecrets secrets;
system.activationScripts = insertSecrets secrets; system.activationScripts = insertSecrets secrets;
};
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
} }

55
modules/nixos/features/immich.nix
View file

@ -1,46 +1,37 @@
{
config,
lib,
...
}:
let let
feature = "immich"; port = 2283;
port = "2283"; certloc = "/var/lib/acme/fi33.buzz";
hostname = "photos.fi33.buzz";
url = "https://${hostname}";
in in
{ {
config = lib.mkIf config.${feature}.enable {
services = { services = {
immich = { immich = {
enable = true; enable = true;
port = builtins.fromJSON "${port}"; inherit port;
mediaLocation = "/srv/immich"; mediaLocation = "/srv/immich";
}; };
# database backup gatus.settings.endpoints = [
borgmatic.settings = {
postgresql_databases = [
{ {
name = "immich"; name = "Immich";
hostname = "localhost"; group = "Media Streaming";
username = "root"; inherit url;
password = "{credential systemd borgmatic-pg}"; interval = "5m";
conditions = [
"[STATUS] == 200"
"[CONNECTED] == true"
"[RESPONSE_TIME] < 500"
];
alerts = [ { type = "ntfy"; } ];
} }
]; ];
};
nginx = { caddy.virtualHosts.${hostname}.extraConfig = ''
clientMaxBodySize = "50000M"; reverse_proxy localhost:${toString port}
virtualHosts."${feature}.fi33.buzz" = { tls ${certloc}/cert.pem ${certloc}/key.pem {
forceSSL = true; protocols tls1.3
useACMEHost = "fi33.buzz"; }
locations."/" = { '';
proxyPass = "http://[::1]:${port}"; };
proxyWebsockets = true;
};
};
};
};
};
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
} }

11
modules/nixos/features/intel-gpu.nix
View file

@ -1,14 +1,8 @@
{ {
config,
lib,
pkgs, pkgs,
... ...
}: }:
let
feature = "intel-gpu";
in
{ {
config = lib.mkIf config.${feature}.enable {
hardware = { hardware = {
enableAllFirmware = true; enableAllFirmware = true;
graphics = { graphics = {
@ -24,9 +18,4 @@ in
]; ];
}; };
}; };
};
imports = [ ];
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
} }

45
modules/nixos/features/jellyfin.nix
View file

@ -1,28 +1,38 @@
{
config,
lib,
...
}:
let let
feature = "jellyfin"; port = 8096;
port = "8096"; certloc = "/var/lib/acme/fi33.buzz";
hostname = "media.fi33.buzz";
url = "https://${hostname}";
in in
{ {
config = lib.mkIf config.${feature}.enable {
services = { services = {
# service
jellyfin = { jellyfin = {
enable = true; enable = true;
dataDir = "/srv/jellyfin"; dataDir = "/srv/jellyfin";
group = "media"; group = "srv";
}; };
# reverse proxy gatus.settings.endpoints = [
nginx.virtualHosts."${feature}.fi33.buzz" = { {
forceSSL = true; name = "Jellyfin";
useACMEHost = "fi33.buzz"; group = "Media Streaming";
locations."/".proxyPass = "http://localhost:${port}"; inherit url;
}; interval = "5m";
conditions = [
"[STATUS] == 200"
"[CONNECTED] == true"
"[RESPONSE_TIME] < 500"
];
alerts = [ { type = "ntfy"; } ];
}
];
caddy.virtualHosts.${hostname}.extraConfig = ''
reverse_proxy localhost:${toString port}
tls ${certloc}/cert.pem ${certloc}/key.pem {
protocols tls1.3
}
'';
}; };
# use intel iGP # use intel iGP
@ -30,7 +40,4 @@ in
environment.sessionVariables = { environment.sessionVariables = {
LIBVA_DRIVER_NAME = "iHD"; LIBVA_DRIVER_NAME = "iHD";
}; };
};
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
} }

22
modules/nixos/features/karakeep.nix Normal file
View file

@ -0,0 +1,22 @@
let
port = 5014;
certloc = "/var/lib/acme/fi33.buzz";
in
{
services = {
karakeep = {
enable = true;
extraEnvironment = {
PORT = toString port;
DISABLE_NEW_RELEASE_CHECK = "true";
};
};
caddy.virtualHosts."karakeep.fi33.buzz".extraConfig = ''
reverse_proxy localhost:${toString port}
tls ${certloc}/cert.pem ${certloc}/key.pem {
protocols tls1.3
}
'';
};
}

44
modules/nixos/features/kavita.nix Normal file
View file

@ -0,0 +1,44 @@
{
config,
...
}:
let
port = 5015;
certloc = "/var/lib/acme/fi33.buzz";
hostname = "library.fi33.buzz";
url = "https://${hostname}";
in
{
services = {
kavita = {
enable = true;
dataDir = "/srv/kavita";
settings.Port = port;
tokenKeyFile = config.age.secrets.kavita.path;
};
gatus.settings.endpoints = [
{
name = "Kavita";
group = "Media Streaming";
inherit url;
interval = "5m";
conditions = [
"[STATUS] == 200"
"[CONNECTED] == true"
"[RESPONSE_TIME] < 500"
];
alerts = [ { type = "ntfy"; } ];
}
];
caddy.virtualHosts.${hostname}.extraConfig = ''
reverse_proxy localhost:${toString port}
tls ${certloc}/cert.pem ${certloc}/key.pem {
protocols tls1.3
}
'';
};
age.secrets.kavita.file = ../../../secrets/kavita.age;
}

37
modules/nixos/features/libretranslate.nix Normal file
View file

@ -0,0 +1,37 @@
let
port = 5023;
certloc = "/var/lib/acme/fi33.buzz";
hostname = "translate.fi33.buzz";
url = "https://${hostname}";
in
{
services = {
libretranslate = {
enable = true;
inherit port;
updateModels = true;
};
gatus.settings.endpoints = [
{
name = "LibreTranslate";
group = "Public Services";
inherit url;
interval = "5m";
conditions = [
"[STATUS] == 200"
"[CONNECTED] == true"
"[RESPONSE_TIME] < 500"
];
alerts = [ { type = "ntfy"; } ];
}
];
caddy.virtualHosts.${hostname}.extraConfig = ''
reverse_proxy localhost:${toString port}
tls ${certloc}/cert.pem ${certloc}/key.pem {
protocols tls1.3
}
'';
};
}

56
modules/nixos/features/lidarr.nix
View file

@ -1,36 +1,40 @@
{
config,
lib,
...
}:
let let
feature = "lidarr"; port = 5012;
port = "5012"; certloc = "/var/lib/acme/fi33.buzz";
hostname = "music.fi33.buzz";
url = "https://${hostname}";
in in
{ {
config = lib.mkIf config.${feature}.enable {
services = { services = {
# service
lidarr = { lidarr = {
enable = true; enable = true;
dataDir = "/srv/lidarr"; dataDir = "/srv/lidarr";
settings.server.port = lib.toInt port; settings.server = {
group = "media"; inherit port;
};
group = "srv";
}; };
# reverse proxy gatus.settings.endpoints = [
nginx = { {
virtualHosts."${feature}.fi33.buzz" = { name = "Lidarr";
forceSSL = true; group = "Media Management";
useACMEHost = "fi33.buzz"; inherit url;
locations."/" = { interval = "5m";
proxyPass = "http://localhost:${port}"; conditions = [
# proxyWebsockets = true; "[STATUS] == 200"
}; "[CONNECTED] == true"
}; "[RESPONSE_TIME] < 500"
}; ];
}; alerts = [ { type = "ntfy"; } ];
}; }
];
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
caddy.virtualHosts.${hostname}.extraConfig = ''
reverse_proxy localhost:${toString port}
tls ${certloc}/cert.pem ${certloc}/key.pem {
protocols tls1.3
}
'';
};
} }

12
modules/nixos/features/link2c.nix
View file

@ -1,17 +1,5 @@
{ {
config,
lib,
...
}:
let
feature = "link2c";
in
{
config = lib.mkIf config.${feature}.enable {
services.udev.extraRules = '' services.udev.extraRules = ''
ACTION=="add", SUBSYSTEM=="usb", ATTR{idVendor}=="2e1a", ATTR{idProduct}=="4c03", TEST=="power/control", ATTR{power/control}="on" ACTION=="add", SUBSYSTEM=="usb", ATTR{idVendor}=="2e1a", ATTR{idProduct}=="4c03", TEST=="power/control", ATTR{power/control}="on"
''; '';
};
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
} }

46
modules/nixos/features/llm.nix Normal file
View file

@ -0,0 +1,46 @@
{
pkgs,
...
}:
{
environment.systemPackages = [ pkgs.ollama-rocm ];
services = {
open-webui.enable = true;
ollama = {
enable = true;
package = pkgs.ollama-rocm;
loadModels = [
# small
# keep-sorted start
"deepseek-r1:1.5b"
"gemma3:1b"
"gemma3:270m"
"gemma3:4b"
"llama3.2:1b"
"llama3.2:3b"
"ministral-3:3b"
"qwen3:0.6b"
"qwen3:1.7b"
"qwen3:4b"
# keep-sorted end
# medium
# keep-sorted start
"deepseek-r1:7b"
"deepseek-r1:8b"
"llama3.1:8b"
"ministral-3:8b"
"qwen3:8b"
# keep-sorted end
# large
# keep-sorted start
"deepseek-r1:14b"
"gemma3:12b"
"ministral-3:14b"
"qwen3:14b"
# keep-sorted end
];
};
};
}

15
modules/nixos/features/localisation.nix
View file

@ -1,21 +1,12 @@
{ config, lib, ... }:
let
feature = "localisation";
in
{ {
config = lib.mkIf config.${feature}.enable {
i18n = { i18n = {
defaultLocale = "en_AU.UTF-8"; defaultLocale = "en_AU.UTF-8";
supportedLocales = [ extraLocales = [
"en_GB.UTF-8/UTF-8"
"en_US.UTF-8/UTF-8" "en_US.UTF-8/UTF-8"
"en_AU.UTF-8/UTF-8"
]; ];
extraLocaleSettings.LC_ALL = "en_GB.UTF-8";
}; };
time.timeZone = "Australia/Melbourne"; time.timeZone = "Australia/Melbourne";
};
imports = [ ];
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
} }

53
modules/nixos/features/mealie.nix Normal file
View file

@ -0,0 +1,53 @@
{
pkgs,
...
}:
let
port = 5026;
certloc = "/var/lib/acme/fi33.buzz";
hostname = "mealie.fi33.buzz";
url = "https://${hostname}";
in
{
services = {
mealie = {
enable = true;
inherit port;
settings = {
TZ = "Australia/Melbourne";
ALLOW_SIGNUP = "false";
};
};
gatus.settings.endpoints = [
{
name = "Mealie";
group = "Private Services";
inherit url;
interval = "5m";
conditions = [
"[STATUS] == 200"
"[CONNECTED] == true"
"[RESPONSE_TIME] < 500"
];
alerts = [ { type = "ntfy"; } ];
}
];
borgbackup.jobs = {
onsite = {
paths = [ "/var/lib/mealie" ];
};
offsite = {
paths = [ "/var/lib/mealie" ];
};
};
caddy.virtualHosts.${hostname}.extraConfig = ''
reverse_proxy localhost:${toString port}
tls ${certloc}/cert.pem ${certloc}/key.pem {
protocols tls1.3
}
'';
};
}

60
modules/nixos/features/miniflux.nix
View file

@ -1,54 +1,46 @@
{ {
config, config,
lib,
... ...
}: }:
let let
feature = "miniflux"; port = 5010;
port = "5010"; certloc = "/var/lib/acme/fi33.buzz";
hostname = "feeds.fi33.buzz";
url = "https://${hostname}";
in in
{ {
config = lib.mkIf config.${feature}.enable {
services = { services = {
# service
miniflux = { miniflux = {
enable = true; enable = true;
adminCredentialsFile = config.age.secrets.miniflux-creds.path; adminCredentialsFile = config.age.secrets.miniflux-creds.path;
config = { config = {
BASE_URL = "https://miniflux.fi33.buzz"; BASE_URL = url;
LISTEN_ADDR = "localhost:${port}"; LISTEN_ADDR = "localhost:${toString port}";
}; };
}; };
# database backup gatus.settings.endpoints = [
borgmatic.settings = {
postgresql_databases = [
{ {
name = "miniflux"; name = "Miniflux";
hostname = "localhost"; group = "Media Streaming";
username = "root"; inherit url;
password = "{credential systemd borgmatic-pg}"; interval = "5m";
conditions = [
"[STATUS] == 200"
"[CONNECTED] == true"
"[RESPONSE_TIME] < 500"
];
alerts = [ { type = "ntfy"; } ];
} }
]; ];
};
# reverse proxy caddy.virtualHosts.${hostname}.extraConfig = ''
nginx = { reverse_proxy localhost:${toString port}
virtualHosts."${feature}.fi33.buzz" = { tls ${certloc}/cert.pem ${certloc}/key.pem {
forceSSL = true; protocols tls1.3
useACMEHost = "fi33.buzz"; }
locations."/" = { '';
proxyPass = "http://localhost:${port}"; };
# proxyWebsockets = true;
}; age.secrets."miniflux-creds".file = ../../../secrets/miniflux-creds.age;
};
};
};
# secrets
age.secrets."miniflux-creds".file = ../../../secrets/miniflux-creds.age;
};
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
} }

12
modules/nixos/features/network.nix
View file

@ -1,21 +1,11 @@
{ {
config,
lib,
hostName, hostName,
... ...
}: }:
let
feature = "network";
in
{ {
config = lib.mkIf config.${feature}.enable {
networking = { networking = {
hostName = "${hostName}"; hostName = "${hostName}";
networkmanager.enable = true; networkmanager.enable = true;
firewall.enable = true;
}; };
};
imports = [ ];
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
} }

13
modules/nixos/features/nginx.nix
View file

@ -1,13 +1,8 @@
{ {
config, config,
lib,
... ...
}: }:
let
feature = "nginx";
in
{ {
config = lib.mkIf config.${feature}.enable {
services.nginx = { services.nginx = {
enable = true; enable = true;
@ -36,13 +31,7 @@ in
}; };
}; };
# secrets age.secrets."porkbun-api".file = ../../../secrets/porkbun-api.age;
age.secrets."porkbun-api" = {
file = ../../../secrets/porkbun-api.age;
};
users.users.nginx.extraGroups = [ "acme" ]; users.users.nginx.extraGroups = [ "acme" ];
};
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
} }

9
modules/nixos/features/nh.nix
View file

@ -1,20 +1,11 @@
{ {
config,
lib,
userName, userName,
... ...
}: }:
let
feature = "nh";
in
{ {
config = lib.mkIf config.${feature}.enable {
programs.nh = { programs.nh = {
enable = true; enable = true;
# clean.enable = true; # clean.enable = true;
flake = "/home/${userName}/.dots"; flake = "/home/${userName}/.dots";
}; };
};
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
} }

34
modules/nixos/features/nix-settings.nix
View file

@ -1,34 +0,0 @@
{ config, lib, ... }:
let
feature = "nix-settings";
in
{
config = lib.mkIf config.${feature}.enable {
nix = {
gc = {
automatic = true;
dates = "weekly";
options = "--delete-older-than 20d";
persistent = true;
};
optimise = {
automatic = true;
persistent = true;
};
settings = {
experimental-features = [
"nix-command"
"flakes"
];
trusted-users = [
"will"
"srv"
];
};
};
};
imports = [ ];
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
}

35
modules/nixos/features/nix.nix Normal file
View file

@ -0,0 +1,35 @@
{
lib,
...
}:
{
# rip out default packages
environment.defaultPackages = lib.mkForce [ ];
# allow packages with non-free licenses
nixpkgs.config.allowUnfree = true;
nix = {
gc = {
automatic = true;
dates = "weekly";
options = "--delete-older-than 20d";
persistent = true;
};
optimise = {
automatic = true;
persistent = true;
};
settings = {
allowed-users = [ "@wheel" ];
experimental-features = [
"nix-command"
"flakes"
];
trusted-users = [
"will"
"srv"
];
};
};
}

13
modules/nixos/features/nixpkgs.nix
View file

@ -1,13 +0,0 @@
{ config, lib, ... }:
let
feature = "nixpkgs";
in
{
config = lib.mkIf config.${feature}.enable {
nixpkgs.config.allowUnfree = true;
};
imports = [ ];
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
}

18
modules/nixos/features/nixvim.nix
View file

@ -1,14 +1,8 @@
{ {
config,
inputs, inputs,
lib,
... ...
}: }:
let
feature = "nixvim";
in
{ {
config = lib.mkIf config.${feature}.enable {
environment.variables.EDITOR = "nvim"; environment.variables.EDITOR = "nvim";
programs.nixvim = { programs.nixvim = {
enable = true; enable = true;
@ -26,13 +20,18 @@ in
}; };
diagnostic.settings.virtual_lines = true; diagnostic.settings.virtual_lines = true;
opts = { opts = {
# keep-sorted start
autoindent = true; autoindent = true;
colorcolumn = "80";
expandtab = true; expandtab = true;
number = true; number = true;
relativenumber = true; relativenumber = true;
shiftwidth = 2; shiftwidth = 2;
# get suggestions by typing z=
spell = true;
spelllang = "en_au";
tabstop = 2; tabstop = 2;
colorcolumn = "80"; # keep-sorted end
}; };
plugins = { plugins = {
# auto close brackets # auto close brackets
@ -72,8 +71,6 @@ in
inlayHints = true; inlayHints = true;
servers = { servers = {
nixd.enable = true; nixd.enable = true;
}
// lib.optionalAttrs config.dev.enable {
rust_analyzer = { rust_analyzer = {
enable = true; enable = true;
installCargo = true; installCargo = true;
@ -100,9 +97,6 @@ in
treesitter.enable = true; treesitter.enable = true;
}; };
}; };
};
imports = [ inputs.nixvim.nixosModules.nixvim ]; imports = [ inputs.nixvim.nixosModules.nixvim ];
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
} }

65
modules/nixos/features/ntfy-sh.nix
View file

@ -1,38 +1,59 @@
{ {
config, config,
lib,
... ...
}: }:
let let
feature = "ntfy-sh"; port = 5002;
port = "5002"; certloc = "/var/lib/acme/fi33.buzz";
hostname = "notify.fi33.buzz";
url = "https://${hostname}";
in in
{ {
config = lib.mkIf config.${feature}.enable {
services = { services = {
# service
ntfy-sh = { ntfy-sh = {
enable = true; enable = true;
environmentFile = config.age.secrets.ntfy.path;
settings = { settings = {
base-url = "https://ntfy-sh.fi33.buzz"; base-url = url;
listen-http = ":${port}"; listen-http = ":${toString port}";
behind-proxy = true; behind-proxy = true;
auth-default-access = "deny-all";
auth-users = [
"Debit3885:$2a$12$ZeFimzdifNFSmf0W2oi.vuZfsqae75md9nhC/Q2BcKMyvDO8T.uEK:admin"
"gatus:$2a$12$OswG3sB8oDaB.KpawKM3P.78dID.Tj/0y5qeVD5BE6EH5bpGKe.na:user"
];
auth-access = [
"gatus:services:wo"
];
}; };
}; };
# reverse proxy gatus.settings.endpoints = [
nginx = { {
virtualHosts."${feature}.fi33.buzz" = { name = "ntfy";
forceSSL = true; group = "Private Services";
useACMEHost = "fi33.buzz"; inherit url;
locations."/" = { interval = "5m";
proxyPass = "http://localhost:${port}"; conditions = [
proxyWebsockets = true; "[STATUS] == 200"
}; "[CONNECTED] == true"
}; "[RESPONSE_TIME] < 500"
}; ];
}; }
}; ];
options.${feature}.enable = lib.mkEnableOption "enables ${feature}"; borgbackup.jobs = {
onsite.paths = [ "/var/lib/ntfy-sh" ];
offsite.paths = [ "/var/lib/ntfy-sh" ];
};
caddy.virtualHosts.${hostname}.extraConfig = ''
reverse_proxy localhost:${toString port}
tls ${certloc}/cert.pem ${certloc}/key.pem {
protocols tls1.3
}
'';
};
age.secrets.ntfy.file = ../../../secrets/ntfy.age;
} }

46
modules/nixos/features/nzbget.nix Normal file
View file

@ -0,0 +1,46 @@
{
pkgs,
...
}:
let
port = 5018;
certloc = "/var/lib/acme/fi33.buzz";
hostname = "usenet.fi33.buzz";
url = "https://${hostname}";
in
{
services = {
nzbget = {
enable = true;
settings = {
MainDir = "/srv/nzbget";
ControlPort = port;
};
group = "srv";
};
gatus.settings.endpoints = [
{
name = "NZBget";
group = "Media Management";
inherit url;
interval = "5m";
conditions = [
"[STATUS] == 401"
"[CONNECTED] == true"
"[RESPONSE_TIME] < 500"
];
alerts = [ { type = "ntfy"; } ];
}
];
caddy.virtualHosts.${hostname}.extraConfig = ''
reverse_proxy localhost:${toString port}
tls ${certloc}/cert.pem ${certloc}/key.pem {
protocols tls1.3
}
'';
};
environment.systemPackages = with pkgs; [ unrar ];
}

52
modules/nixos/features/paperless.nix
View file

@ -1,57 +1,51 @@
{ {
config, config,
lib,
... ...
}: }:
let let
feature = "paperless"; port = 5013;
port = "5013"; certloc = "/var/lib/acme/fi33.buzz";
hostname = "documents.fi33.buzz";
url = "https://${hostname}";
in in
{ {
config = lib.mkIf config.${feature}.enable {
services = { services = {
# service
paperless = { paperless = {
enable = true; enable = true;
dataDir = "/srv/paperless"; dataDir = "/srv/paperless";
database.createLocally = true; database.createLocally = true;
passwordFile = config.age.secrets.paperless.path; passwordFile = config.age.secrets.paperless.path;
port = lib.toInt port; inherit port;
settings = { settings = {
PAPERLESS_URL = "https://paperless.fi33.buzz"; PAPERLESS_URL = url;
}; };
}; };
# database backup gatus.settings.endpoints = [
borgmatic.settings = {
postgresql_databases = [
{ {
name = "paperless"; name = "Paperless";
hostname = "localhost"; group = "Media Streaming";
username = "root"; inherit url;
password = "{credential systemd borgmatic-pg}"; interval = "5m";
conditions = [
"[STATUS] == 200"
"[CONNECTED] == true"
"[RESPONSE_TIME] < 500"
];
alerts = [ { type = "ntfy"; } ];
} }
]; ];
};
# reverse proxy caddy.virtualHosts.${hostname}.extraConfig = ''
nginx = { reverse_proxy localhost:${toString port}
virtualHosts."${feature}.fi33.buzz" = { tls ${certloc}/cert.pem ${certloc}/key.pem {
forceSSL = true; protocols tls1.3
useACMEHost = "fi33.buzz"; }
locations."/" = { '';
proxyPass = "http://localhost:${port}";
# proxyWebsockets = true;
};
};
};
}; };
age.secrets."paperless" = { age.secrets."paperless" = {
file = ../../../secrets/paperless.age; file = ../../../secrets/paperless.age;
owner = "paperless"; owner = "paperless";
}; };
};
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
} }

8
modules/nixos/features/pipewire.nix
View file

@ -1,9 +1,4 @@
{ config, lib, ... }:
let
feature = "pipewire";
in
{ {
config = lib.mkIf config.${feature}.enable {
security.rtkit.enable = true; security.rtkit.enable = true;
services.pipewire = { services.pipewire = {
@ -13,7 +8,4 @@ in
jack.enable = true; jack.enable = true;
pulse.enable = true; pulse.enable = true;
}; };
};
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
} }

9
modules/nixos/features/plasma.nix
View file

@ -1,14 +1,8 @@
{ {
config,
lib,
pkgs, pkgs,
... ...
}: }:
let
feature = "plasma";
in
{ {
config = lib.mkIf config.${feature}.enable {
services = { services = {
desktopManager.plasma6.enable = true; desktopManager.plasma6.enable = true;
displayManager.sddm = { displayManager.sddm = {
@ -30,7 +24,4 @@ in
haruna haruna
# keep-sorted end # keep-sorted end
]); ]);
};
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
} }

9
modules/nixos/features/print-and-scan.nix
View file

@ -1,14 +1,8 @@
{ {
config,
lib,
pkgs, pkgs,
... ...
}: }:
let
feature = "print-and-scan";
in
{ {
config = lib.mkIf config.${feature}.enable {
hardware.sane = { hardware.sane = {
enable = true; enable = true;
extraBackends = [ pkgs.hplip ]; extraBackends = [ pkgs.hplip ];
@ -24,7 +18,4 @@ in
drivers = [ pkgs.hplip ]; drivers = [ pkgs.hplip ];
}; };
}; };
};
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
} }

14
modules/nixos/features/protonmail-bridge.nix
View file

@ -1,17 +1,3 @@
{ {
config,
lib,
...
}:
let
feature = "protonmail-bridge";
in
{
config = lib.mkIf config.${feature}.enable {
services.protonmail-bridge.enable = true; services.protonmail-bridge.enable = true;
};
imports = [ ];
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
} }

60
modules/nixos/features/prowlarr.nix
View file

@ -1,35 +1,51 @@
{ {
config, pkgs,
lib,
... ...
}: }:
let let
feature = "prowlarr"; port = 5009;
port = "5009"; certloc = "/var/lib/acme/fi33.buzz";
hostname = "prowlarr.fi33.buzz";
url = "https://${hostname}";
in in
{ {
config = lib.mkIf config.${feature}.enable {
services = { services = {
# service
prowlarr = { prowlarr = {
enable = true; enable = true;
dataDir = "/srv/prowlarr"; settings.server = {
settings.server.port = lib.toInt port; inherit port;
};
# reverse proxy
nginx = {
virtualHosts."${feature}.fi33.buzz" = {
forceSSL = true;
useACMEHost = "fi33.buzz";
locations."/" = {
proxyPass = "http://localhost:${port}";
# proxyWebsockets = true;
};
};
};
}; };
}; };
options.${feature}.enable = lib.mkEnableOption "enables ${feature}"; gatus.settings.endpoints = [
{
name = "Prowlarr";
group = "Media Management";
inherit url;
interval = "5m";
conditions = [
"[STATUS] == 200"
"[CONNECTED] == true"
"[RESPONSE_TIME] < 500"
];
alerts = [ { type = "ntfy"; } ];
}
];
borgbackup.jobs = {
onsite = {
paths = [ "/var/lib/prowlarr" ];
};
offsite = {
paths = [ "/var/lib/prowlarr" ];
};
};
caddy.virtualHosts.${hostname}.extraConfig = ''
reverse_proxy localhost:${toString port}
tls ${certloc}/cert.pem ${certloc}/key.pem {
protocols tls1.3
}
'';
};
} }

52
modules/nixos/features/qbittorrent.nix
View file

@ -1,37 +1,41 @@
{ config, lib, ... }:
let let
feature = "qbittorrent"; port = 5005;
port = "5005"; certloc = "/var/lib/acme/fi33.buzz";
hostname = "bittorrent.fi33.buzz";
url = "https://${hostname}";
in in
{ {
config = lib.mkIf config.${feature}.enable {
users.users.qbittorrent.extraGroups = [ "media" ];
services = { services = {
# service
qbittorrent = { qbittorrent = {
enable = true; enable = true;
webuiPort = lib.toInt port; webuiPort = port;
profileDir = "/srv"; profileDir = "/srv";
group = "media"; group = "srv";
extraArgs = [ extraArgs = [
"--confirm-legal-notice" "--confirm-legal-notice"
]; ];
}; };
# reverse proxy gatus.settings.endpoints = [
nginx = { {
virtualHosts."${feature}.fi33.buzz" = { name = "qBittorrent";
forceSSL = true; group = "Media Management";
useACMEHost = "fi33.buzz"; inherit url;
locations."/" = { interval = "5m";
proxyPass = "http://localhost:${port}"; conditions = [
# proxyWebsockets = true; "[STATUS] == 200"
}; "[CONNECTED] == true"
}; "[RESPONSE_TIME] < 500"
}; ];
}; alerts = [ { type = "ntfy"; } ];
}; }
];
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
caddy.virtualHosts.${hostname}.extraConfig = ''
reverse_proxy localhost:${toString port}
tls ${certloc}/cert.pem ${certloc}/key.pem {
protocols tls1.3
}
'';
};
} }

32
modules/nixos/features/qui.nix Normal file
View file

@ -0,0 +1,32 @@
{
# keep-sorted start
lib,
pkgs,
# keep-sorted end
...
}:
let
port = 5019;
certloc = "/var/lib/acme/fi33.buzz";
in
{
environment.systemPackages = [ pkgs.qui ];
systemd.user.services.qui = {
after = [ "network.target" ];
wantedBy = [ "multi-user.target" ];
serviceConfig.ExecStart = "${lib.getExe pkgs.qui} serve";
environment = {
QUI__PORT = toString port;
QUI__DATA_DIR = "/srv/qui";
};
};
services.caddy.virtualHosts."qui.fi33.buzz".extraConfig = ''
reverse_proxy localhost:${toString port}
tls ${certloc}/cert.pem ${certloc}/key.pem {
protocols tls1.3
}
'';
}

57
modules/nixos/features/radarr.nix
View file

@ -1,37 +1,40 @@
{
config,
lib,
...
}:
let let
feature = "radarr"; port = 5007;
port = "5007"; certloc = "/var/lib/acme/fi33.buzz";
hostname = "movies.fi33.buzz";
url = "https://${hostname}";
in in
{ {
config = lib.mkIf config.${feature}.enable {
services = { services = {
# service
radarr = { radarr = {
enable = true; enable = true;
dataDir = "/srv/radarr"; dataDir = "/srv/radarr";
settings.server.port = lib.toInt port; settings.server = {
group = "media"; inherit port;
};
group = "srv";
}; };
# reverse proxy gatus.settings.endpoints = [
nginx = { {
virtualHosts."${feature}.fi33.buzz" = { name = "Radarr";
forceSSL = true; group = "Media Management";
useACMEHost = "fi33.buzz"; inherit url;
locations."/" = { interval = "5m";
proxyPass = "http://localhost:${port}"; conditions = [
# proxyWebsockets = true; "[STATUS] == 200"
}; "[CONNECTED] == true"
}; "[RESPONSE_TIME] < 500"
}; ];
}; alerts = [ { type = "ntfy"; } ];
}; }
];
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
caddy.virtualHosts.${hostname}.extraConfig = ''
reverse_proxy localhost:${toString port}
tls ${certloc}/cert.pem ${certloc}/key.pem {
protocols tls1.3
}
'';
};
} }

61
modules/nixos/features/radicale.nix Normal file
View file

@ -0,0 +1,61 @@
{
config,
...
}:
let
port = 5003;
certloc = "/var/lib/acme/fi33.buzz";
hostname = "caldav.fi33.buzz";
url = "https://${hostname}";
in
{
services = {
radicale = {
enable = true;
settings = {
server = {
hosts = [
"0.0.0.0:${toString port}"
"[::]:${toString port}"
];
};
auth = {
type = "htpasswd";
htpasswd_filename = config.age.secrets.radicale.path;
htpasswd_encryption = "plain";
};
storage = {
filesystem_folder = "/srv/radicale";
};
};
};
gatus.settings.endpoints = [
{
name = "Radicale";
group = "Private Services";
inherit url;
interval = "5m";
conditions = [
"[STATUS] == 200"
"[CONNECTED] == true"
"[RESPONSE_TIME] < 500"
];
alerts = [ { type = "ntfy"; } ];
}
];
caddy.virtualHosts.${hostname}.extraConfig = ''
reverse_proxy localhost:${toString port}
tls ${certloc}/cert.pem ${certloc}/key.pem {
protocols tls1.3
}
'';
};
# secrets
age.secrets."radicale" = {
file = ../../../secrets/radicale.age;
owner = "radicale";
};
}

40
modules/nixos/features/readarr.nix Normal file
View file

@ -0,0 +1,40 @@
let
port = 5016;
certloc = "/var/lib/acme/fi33.buzz";
hostname = "books.fi33.buzz";
url = "https://${hostname}";
in
{
services = {
readarr = {
enable = true;
dataDir = "/srv/readarr";
settings.server = {
inherit port;
};
group = "srv";
};
gatus.settings.endpoints = [
{
name = "Readarr";
group = "Media Management";
inherit url;
interval = "5m";
conditions = [
"[STATUS] == 200"
"[CONNECTED] == true"
"[RESPONSE_TIME] < 500"
];
alerts = [ { type = "ntfy"; } ];
}
];
caddy.virtualHosts.${hostname}.extraConfig = ''
reverse_proxy localhost:${toString port}
tls ${certloc}/cert.pem ${certloc}/key.pem {
protocols tls1.3
}
'';
};
}

45
modules/nixos/features/send.nix Normal file
View file

@ -0,0 +1,45 @@
let
port = 5020;
certloc = "/var/lib/acme/fi33.buzz";
hostname = "send.fi33.buzz";
url = "https://${hostname}";
in
{
services = {
send = {
enable = true;
inherit port;
baseUrl = url;
environment = {
DEFAULT_EXPIRE_SECONDS = 360;
EXPIRE_TIMES_SECONDS = "360";
DOWNLOAD_COUNTS = "1";
MAX_DOWNLOADS = 1;
MAX_EXPIRE_SECONDS = 1024;
MAX_FILE_SIZE = 134217728;
};
};
gatus.settings.endpoints = [
{
name = "Send";
group = "Public Services";
inherit url;
interval = "5m";
conditions = [
"[STATUS] == 200"
"[CONNECTED] == true"
"[RESPONSE_TIME] < 500"
];
alerts = [ { type = "ntfy"; } ];
}
];
caddy.virtualHosts.${hostname}.extraConfig = ''
reverse_proxy localhost:${toString port}
tls ${certloc}/cert.pem ${certloc}/key.pem {
protocols tls1.3
}
'';
};
}

57
modules/nixos/features/sonarr.nix
View file

@ -1,37 +1,40 @@
{
config,
lib,
...
}:
let let
feature = "sonarr"; port = 5006;
port = "5006"; certloc = "/var/lib/acme/fi33.buzz";
hostname = "shows.fi33.buzz";
url = "https://${hostname}";
in in
{ {
config = lib.mkIf config.${feature}.enable {
services = { services = {
# service
sonarr = { sonarr = {
enable = true; enable = true;
dataDir = "/srv/sonarr"; dataDir = "/srv/sonarr";
settings.server.port = lib.toInt port; settings.server = {
group = "media"; inherit port;
};
group = "srv";
}; };
# reverse proxy gatus.settings.endpoints = [
nginx = { {
virtualHosts."${feature}.fi33.buzz" = { name = "Sonarr";
forceSSL = true; group = "Media Management";
useACMEHost = "fi33.buzz"; inherit url;
locations."/" = { interval = "5m";
proxyPass = "http://localhost:${port}"; conditions = [
# proxyWebsockets = true; "[STATUS] == 200"
}; "[CONNECTED] == true"
}; "[RESPONSE_TIME] < 500"
}; ];
}; alerts = [ { type = "ntfy"; } ];
}; }
];
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
caddy.virtualHosts.${hostname}.extraConfig = ''
reverse_proxy localhost:${toString port}
tls ${certloc}/cert.pem ${certloc}/key.pem {
protocols tls1.3
}
'';
};
} }

23
modules/nixos/features/star-citizen.nix Normal file
View file

@ -0,0 +1,23 @@
{
# keep-sorted start
inputs,
system,
# keep-sorted end
...
}:
{
nix.settings = {
substituters = [ "https://nix-citizen.cachix.org" ];
trusted-public-keys = [ "nix-citizen.cachix.org-1:lPMkWc2X8XD4/7YPEEwXKKBg+SVbYTVrAaLA2wQTKCo=" ];
};
environment.systemPackages = [
inputs.nix-citizen.packages.${system}.rsi-launcher
];
zramSwap = {
enable = true;
memoryPercent = 100;
writebackDevice = "/dev/sda1";
};
}

6
modules/nixos/features/sudo.nix Normal file
View file

@ -0,0 +1,6 @@
{
...
}:
{
security.sudo.execWheelOnly = true;
}

Some files were not shown because too many files have changed in this diff Show more