will-holdsworth/dots
1
1
Fork 0
Code Issues 22 Pull requests Projects 1 Releases Packages Wiki Activity Actions 1

Compare commits

base: will-holdsworth:main
Branches Tags
will-holdsworth:main
will-holdsworth:100
will-holdsworth:update_flake_lock_action
will-holdsworth:71
will-holdsworth:enhancement/32
will-holdsworth:enhancement/6
..
compare: will-holdsworth:enhancement/6
Branches Tags
will-holdsworth:main
will-holdsworth:100
will-holdsworth:update_flake_lock_action
will-holdsworth:71
will-holdsworth:enhancement/32
will-holdsworth:enhancement/6

3 commits
main ... enhancemen

Author SHA1 Message Date
wi11-holdsworth
306bf3ddb8 Merge branch 'enhancement/6' of github.com:wi11-holdsworth/dots into enhancement/6 2025-10-20 14:33:18 +11:00
wi11-holdsworth
13efb5b6f0 docs: add some todos describing program replacements 2025-10-20 14:33:07 +11:00
wi11-holdsworth
66df1182b1 docs: add some todos describing program replacements 2025-10-08 00:57:45 +11:00
134 changed files with 2687 additions and 4377 deletions
Download patch file Download diff file Expand all files Collapse all files

24
.github/workflows/main.yml vendored
View file

@ -1,24 +0,0 @@
name: "Flake.lock: update Nix dependencies"
on:
workflow_dispatch: # allows manual triggering
schedule:
- cron: '0 16 * * *' # runs weekly on Sunday at 00:00
jobs:
nix-flake-update:
permissions:
contents: write
id-token: write
issues: write
pull-requests: write
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: DeterminateSystems/determinate-nix-action@v3
- uses: DeterminateSystems/update-flake-lock@main
with:
pr-title: "Update Nix flake inputs"
pr-labels: |
dependencies
automated

338
flake.lock generated
View file

@ -10,11 +10,11 @@
"systems": "systems" "systems": "systems"
}, },
"locked": { "locked": {
"lastModified": 1770165109, "lastModified": 1754433428,
"narHash": "sha256-9VnK6Oqai65puVJ4WYtCTvlJeXxMzAp/69HhQuTdl/I=", "narHash": "sha256-NA/FT2hVhKDftbHSwVnoRTFhes62+7dxZbxj5Gxvghs=",
"owner": "ryantm", "owner": "ryantm",
"repo": "agenix", "repo": "agenix",
"rev": "b027ee29d959fda4b60b57566d64c98a202e0feb", "rev": "9edb1787864c4f59ae5074ad498b6272b3ec308d",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -29,11 +29,11 @@
"nixpkgs": "nixpkgs" "nixpkgs": "nixpkgs"
}, },
"locked": { "locked": {
"lastModified": 1772965444, "lastModified": 1758493304,
"narHash": "sha256-VjcI4CozsowxGkZBzxQ6LYe49e9T1qfT1BzNrnc96y0=", "narHash": "sha256-A1xuSrELZIZhoKejIME0yemc9KlxZp/tKNxrF4LHrcw=",
"owner": "9001", "owner": "9001",
"repo": "copyparty", "repo": "copyparty",
"rev": "981a7cd9dda0acedbc7f53b2c44adb241c38cb84", "rev": "1923a258797285ac75487d3d53665063a5bd67df",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -64,62 +64,7 @@
"type": "github" "type": "github"
} }
}, },
"flake-compat": {
"flake": false,
"locked": {
"lastModified": 1767039857,
"narHash": "sha256-vNpUSpF5Nuw8xvDLj2KCwwksIbjua2LZCqhV1LNRDns=",
"owner": "NixOS",
"repo": "flake-compat",
"rev": "5edf11c44bc78a0d334f6334cdaf7d60d732daab",
"type": "github"
},
"original": {
"owner": "NixOS",
"repo": "flake-compat",
"type": "github"
}
},
"flake-parts": { "flake-parts": {
"inputs": {
"nixpkgs-lib": [
"nix-citizen",
"nixpkgs"
]
},
"locked": {
"lastModified": 1772408722,
"narHash": "sha256-rHuJtdcOjK7rAHpHphUb1iCvgkU3GpfvicLMwwnfMT0=",
"owner": "hercules-ci",
"repo": "flake-parts",
"rev": "f20dc5d9b8027381c474144ecabc9034d6a839a3",
"type": "github"
},
"original": {
"owner": "hercules-ci",
"repo": "flake-parts",
"type": "github"
}
},
"flake-parts_2": {
"inputs": {
"nixpkgs-lib": "nixpkgs-lib"
},
"locked": {
"lastModified": 1772408722,
"narHash": "sha256-rHuJtdcOjK7rAHpHphUb1iCvgkU3GpfvicLMwwnfMT0=",
"owner": "hercules-ci",
"repo": "flake-parts",
"rev": "f20dc5d9b8027381c474144ecabc9034d6a839a3",
"type": "github"
},
"original": {
"owner": "hercules-ci",
"repo": "flake-parts",
"type": "github"
}
},
"flake-parts_3": {
"inputs": { "inputs": {
"nixpkgs-lib": [ "nixpkgs-lib": [
"nixvim", "nixvim",
@ -127,32 +72,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1769996383, "lastModified": 1756770412,
"narHash": "sha256-AnYjnFWgS49RlqX7LrC4uA+sCCDBj0Ry/WOJ5XWAsa0=", "narHash": "sha256-+uWLQZccFHwqpGqr2Yt5VsW/PbeJVTn9Dk6SHWhNRPw=",
"owner": "hercules-ci", "owner": "hercules-ci",
"repo": "flake-parts", "repo": "flake-parts",
"rev": "57928607ea566b5db3ad13af0e57e921e6b12381", "rev": "4524271976b625a4a605beefd893f270620fd751",
"type": "github"
},
"original": {
"owner": "hercules-ci",
"repo": "flake-parts",
"type": "github"
}
},
"flake-parts_4": {
"inputs": {
"nixpkgs-lib": [
"nur",
"nixpkgs"
]
},
"locked": {
"lastModified": 1733312601,
"narHash": "sha256-4pDvzqnegAfRkPwO3wmwBhVi/Sye1mzps0zHWYnP88c=",
"owner": "hercules-ci",
"repo": "flake-parts",
"rev": "205b12d8b7cd4802fbcb8e8ef6a0f1408781a4f9",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -176,48 +100,21 @@
"type": "github" "type": "github"
} }
}, },
"git-hooks": { "flake-utils_2": {
"inputs": { "inputs": {
"flake-compat": "flake-compat", "systems": "systems_2"
"gitignore": "gitignore",
"nixpkgs": [
"nix-gaming",
"nixpkgs"
]
}, },
"locked": { "locked": {
"lastModified": 1772893680, "lastModified": 1731533236,
"narHash": "sha256-JDqZMgxUTCq85ObSaFw0HhE+lvdOre1lx9iI6vYyOEs=", "narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=",
"owner": "cachix", "owner": "numtide",
"repo": "git-hooks.nix", "repo": "flake-utils",
"rev": "8baab586afc9c9b57645a734c820e4ac0a604af9", "rev": "11707dc2f618dd54ca8739b309ec4fc024de578b",
"type": "github" "type": "github"
}, },
"original": { "original": {
"owner": "cachix", "owner": "numtide",
"repo": "git-hooks.nix", "repo": "flake-utils",
"type": "github"
}
},
"gitignore": {
"inputs": {
"nixpkgs": [
"nix-gaming",
"git-hooks",
"nixpkgs"
]
},
"locked": {
"lastModified": 1709087332,
"narHash": "sha256-HG2cCnktfHsKV0s4XW83gU3F57gaTljL9KNSuG6bnQs=",
"owner": "hercules-ci",
"repo": "gitignore.nix",
"rev": "637db329424fd7e46cf4185293b9cc8c88c95394",
"type": "github"
},
"original": {
"owner": "hercules-ci",
"repo": "gitignore.nix",
"type": "github" "type": "github"
} }
}, },
@ -249,11 +146,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1772985285, "lastModified": 1758464306,
"narHash": "sha256-wEEmvfqJcl9J0wyMgMrj1TixOgInBW/6tLPhWGoZE3s=", "narHash": "sha256-i56XRXqjwJRdVYmpzVUQ0ktqBBHqNzQHQMQvFRF/acQ=",
"owner": "nix-community", "owner": "nix-community",
"repo": "home-manager", "repo": "home-manager",
"rev": "5be5d8245cbc7bc0c09fbb5f38f23f223c543f85", "rev": "939e91e1cff1f99736c5b02529658218ed819a2a",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -262,69 +159,52 @@
"type": "github" "type": "github"
} }
}, },
"nix-citizen": { "home-manager_3": {
"inputs": {
"flake-parts": "flake-parts",
"nix-gaming": [
"nix-gaming"
],
"nix-github-actions": "nix-github-actions",
"nixpkgs": "nixpkgs_2",
"systems": "systems_2",
"treefmt-nix": "treefmt-nix"
},
"locked": {
"lastModified": 1772840927,
"narHash": "sha256-WdIuEJpH7eUP3ya8laJAYf71WilE4x7xetgMferL5Ko=",
"owner": "LovingMelody",
"repo": "nix-citizen",
"rev": "73c8d04ba69fb0bb5c4521c4b91a930a0ce283a5",
"type": "github"
},
"original": {
"owner": "LovingMelody",
"repo": "nix-citizen",
"type": "github"
}
},
"nix-gaming": {
"inputs": {
"flake-parts": "flake-parts_2",
"git-hooks": "git-hooks",
"nixpkgs": "nixpkgs_3"
},
"locked": {
"lastModified": 1772937574,
"narHash": "sha256-Yw1tP/ASebNYuW2GcYDTgWf2Mg9qcUYo6MTagXyeFCs=",
"owner": "fufexan",
"repo": "nix-gaming",
"rev": "d2b0b283deb24cdbb2750e658fa7001fee5ad586",
"type": "github"
},
"original": {
"owner": "fufexan",
"repo": "nix-gaming",
"type": "github"
}
},
"nix-github-actions": {
"inputs": { "inputs": {
"nixpkgs": [ "nixpkgs": [
"nix-citizen", "zen-browser",
"nixpkgs" "nixpkgs"
] ]
}, },
"locked": { "locked": {
"lastModified": 1737420293, "lastModified": 1752603129,
"narHash": "sha256-F1G5ifvqTpJq7fdkT34e/Jy9VCyzd5XfJ9TO8fHhJWE=", "narHash": "sha256-S+wmHhwNQ5Ru689L2Gu8n1OD6s9eU9n9mD827JNR+kw=",
"owner": "nix-community", "owner": "nix-community",
"repo": "nix-github-actions", "repo": "home-manager",
"rev": "f4158fa080ef4503c8f4c820967d946c2af31ec9", "rev": "e8c19a3cec2814c754f031ab3ae7316b64da085b",
"type": "github" "type": "github"
}, },
"original": { "original": {
"owner": "nix-community", "owner": "nix-community",
"repo": "nix-github-actions", "repo": "home-manager",
"type": "github"
}
},
"ixx": {
"inputs": {
"flake-utils": [
"nixvim",
"nuschtosSearch",
"flake-utils"
],
"nixpkgs": [
"nixvim",
"nuschtosSearch",
"nixpkgs"
]
},
"locked": {
"lastModified": 1754860581,
"narHash": "sha256-EM0IE63OHxXCOpDHXaTyHIOk2cNvMCGPqLt/IdtVxgk=",
"owner": "NuschtOS",
"repo": "ixx",
"rev": "babfe85a876162c4acc9ab6fb4483df88fa1f281",
"type": "github"
},
"original": {
"owner": "NuschtOS",
"ref": "v0.1.1",
"repo": "ixx",
"type": "github" "type": "github"
} }
}, },
@ -343,60 +223,13 @@
"type": "indirect" "type": "indirect"
} }
}, },
"nixpkgs-lib": {
"locked": {
"lastModified": 1772328832,
"narHash": "sha256-e+/T/pmEkLP6BHhYjx6GmwP5ivonQQn0bJdH9YrRB+Q=",
"owner": "nix-community",
"repo": "nixpkgs.lib",
"rev": "c185c7a5e5dd8f9add5b2f8ebeff00888b070742",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "nixpkgs.lib",
"type": "github"
}
},
"nixpkgs_2": { "nixpkgs_2": {
"locked": { "locked": {
"lastModified": 1772624091, "lastModified": 1758277210,
"narHash": "sha256-QKyJ0QGWBn6r0invrMAK8dmJoBYWoOWy7lN+UHzW1jc=", "narHash": "sha256-iCGWf/LTy+aY0zFu8q12lK8KuZp7yvdhStehhyX1v8w=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "80bdc1e5ce51f56b19791b52b2901187931f5353",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_3": {
"locked": {
"lastModified": 1772736753,
"narHash": "sha256-au/m3+EuBLoSzWUCb64a/MZq6QUtOV8oC0D9tY2scPQ=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "917fec990948658ef1ccd07cef2a1ef060786846",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixpkgs-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_4": {
"locked": {
"lastModified": 1772773019,
"narHash": "sha256-E1bxHxNKfDoQUuvriG71+f+s/NT0qWkImXsYZNFFfCs=",
"owner": "nixos", "owner": "nixos",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "aca4d95fce4914b3892661bcb80b8087293536c6", "rev": "8eaee110344796db060382e15d3af0a9fc396e0e",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -408,18 +241,19 @@
}, },
"nixvim": { "nixvim": {
"inputs": { "inputs": {
"flake-parts": "flake-parts_3", "flake-parts": "flake-parts",
"nixpkgs": [ "nixpkgs": [
"nixpkgs" "nixpkgs"
], ],
"nuschtosSearch": "nuschtosSearch",
"systems": "systems_3" "systems": "systems_3"
}, },
"locked": { "locked": {
"lastModified": 1772402258, "lastModified": 1758459270,
"narHash": "sha256-3DmCFOdmbkFML1/G9gj8Wb+rCCZFPOQtNoMCpqOF8SA=", "narHash": "sha256-r2VA33WYfxDJyWmJeo0TmPPrk9yGS9WWb/kld0e7X+I=",
"owner": "nix-community", "owner": "nix-community",
"repo": "nixvim", "repo": "nixvim",
"rev": "21ae25e13b01d3b4cdc750b5f9e7bad68b150c10", "rev": "92ba37a3e8c25d470f9affe8d5f36f2cfb21e5dd",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -428,24 +262,26 @@
"type": "github" "type": "github"
} }
}, },
"nur": { "nuschtosSearch": {
"inputs": { "inputs": {
"flake-parts": "flake-parts_4", "flake-utils": "flake-utils_2",
"ixx": "ixx",
"nixpkgs": [ "nixpkgs": [
"nixvim",
"nixpkgs" "nixpkgs"
] ]
}, },
"locked": { "locked": {
"lastModified": 1772985100, "lastModified": 1758272005,
"narHash": "sha256-EXFbJvUZrElVq839MnMgJEDnyXWn84Zx+MiHcZiCQmg=", "narHash": "sha256-1u3xTH+3kaHhztPmWtLAD8LF5pTYLR2CpsPFWTFnVtQ=",
"owner": "nix-community", "owner": "NuschtOS",
"repo": "NUR", "repo": "search",
"rev": "407db2f6f4ba94992815f872ffce9a9d99ccc13c", "rev": "aa975a3757f28ce862812466c5848787b868e116",
"type": "github" "type": "github"
}, },
"original": { "original": {
"owner": "nix-community", "owner": "NuschtOS",
"repo": "NUR", "repo": "search",
"type": "github" "type": "github"
} }
}, },
@ -454,11 +290,9 @@
"agenix": "agenix", "agenix": "agenix",
"copyparty": "copyparty", "copyparty": "copyparty",
"home-manager": "home-manager_2", "home-manager": "home-manager_2",
"nix-citizen": "nix-citizen", "nixpkgs": "nixpkgs_2",
"nix-gaming": "nix-gaming",
"nixpkgs": "nixpkgs_4",
"nixvim": "nixvim", "nixvim": "nixvim",
"nur": "nur" "zen-browser": "zen-browser"
} }
}, },
"systems": { "systems": {
@ -506,24 +340,24 @@
"type": "github" "type": "github"
} }
}, },
"treefmt-nix": { "zen-browser": {
"inputs": { "inputs": {
"home-manager": "home-manager_3",
"nixpkgs": [ "nixpkgs": [
"nix-citizen",
"nixpkgs" "nixpkgs"
] ]
}, },
"locked": { "locked": {
"lastModified": 1772660329, "lastModified": 1759353433,
"narHash": "sha256-IjU1FxYqm+VDe5qIOxoW+pISBlGvVApRjiw/Y/ttJzY=", "narHash": "sha256-g3+737nvjYu3WrxLOiW6Wwtu4Ncdsy1KW9AGSTfzGOM=",
"owner": "numtide", "owner": "0xc000022070",
"repo": "treefmt-nix", "repo": "zen-browser-flake",
"rev": "3710e0e1218041bbad640352a0440114b1e10428", "rev": "480746c469a2e14551c73940bd096aa9a9cc7cbd",
"type": "github" "type": "github"
}, },
"original": { "original": {
"owner": "numtide", "owner": "0xc000022070",
"repo": "treefmt-nix", "repo": "zen-browser-flake",
"type": "github" "type": "github"
} }
} }

48
flake.nix
View file

@ -12,36 +12,24 @@
url = "github:nix-community/home-manager"; url = "github:nix-community/home-manager";
inputs.nixpkgs.follows = "nixpkgs"; inputs.nixpkgs.follows = "nixpkgs";
}; };
nix-citizen = {
url = "github:LovingMelody/nix-citizen";
inputs.nix-gaming.follows = "nix-gaming";
};
nix-gaming.url = "github:fufexan/nix-gaming";
nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable"; nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable";
nixvim = { nixvim = {
url = "github:nix-community/nixvim"; url = "github:nix-community/nixvim";
inputs.nixpkgs.follows = "nixpkgs"; inputs.nixpkgs.follows = "nixpkgs";
}; };
nur = { zen-browser = {
url = "github:nix-community/NUR"; url = "github:0xc000022070/zen-browser-flake";
inputs.nixpkgs.follows = "nixpkgs"; inputs.nixpkgs.follows = "nixpkgs";
}; };
# zen-browser = {
# url = "github:0xc000022070/zen-browser-flake";
# inputs.nixpkgs.follows = "nixpkgs";
# };
# keep-sorted end # keep-sorted end
}; };
outputs = outputs =
{ {
# keep-sorted start
agenix,
home-manager,
nixpkgs, nixpkgs,
nur, home-manager,
# zen-browser, agenix,
# keep-sorted end zen-browser,
... ...
}@inputs: }@inputs:
let let
@ -51,30 +39,21 @@
userName ? "will", userName ? "will",
system ? "x86_64-linux", system ? "x86_64-linux",
}: }:
let
util = import ./util.nix;
in
nixpkgs.lib.nixosSystem { nixpkgs.lib.nixosSystem {
modules = [ modules = [
./hosts/${hostName}/configuration.nix ./hosts/${hostName}/configuration.nix
nur.modules.nixos.default
home-manager.nixosModules.home-manager home-manager.nixosModules.home-manager
{ {
home-manager = { home-manager = {
users.${userName}.imports = [ users.${userName}.imports = [
./hosts/${hostName}/home.nix ./hosts/${hostName}/home.nix
agenix.homeManagerModules.default agenix.homeManagerModules.default
# zen-browser.homeModules.twilight zen-browser.homeModules.twilight
]; ];
backupFileExtension = "backup"; backupFileExtension = "backup";
extraSpecialArgs = { extraSpecialArgs = {
inherit inherit userName;
inputs inherit hostName;
hostName
userName
system
util
;
}; };
useGlobalPkgs = true; useGlobalPkgs = true;
useUserPackages = true; useUserPackages = true;
@ -82,13 +61,10 @@
} }
]; ];
specialArgs = { specialArgs = {
inherit inherit inputs;
inputs inherit hostName;
hostName inherit userName;
userName inherit system;
system
util
;
}; };
inherit system; inherit system;
}; };

39
hosts/desktop/configuration.nix
View file

@ -1,34 +1,25 @@
{ {
# keep-sorted start
userName, userName,
util,
# keep-sorted end
... ...
}: }:
{ {
imports = [ imports = [
# keep-sorted start
../../modules/nixos/default.nix ../../modules/nixos/default.nix
./hardware-configuration.nix ./hardware-configuration.nix
# keep-sorted end ];
]
++ (util.toImports ../../modules/nixos/features [ # reusable modules
# keep-sorted start
"amd-gpu" # keep-sorted start
"external-speakers" amd-gpu.enable = true;
"gaming" desktop.enable = true;
"link2c" dev.enable = true;
"plasma" external-speakers.enable = true;
"star-citizen" gaming.enable = true;
# keep-sorted end link2c.enable = true;
]) plasma.enable = true;
++ (util.toImports ../../modules/nixos/bundles [ # keep-sorted end
# keep-sorted start # config
"desktop"
"dev"
"gui"
# keep-sorted end
]);
boot.initrd.luks.devices."luks-b164af31-c1c3-4b4e-83c8-eb39802c2027".device = boot.initrd.luks.devices."luks-b164af31-c1c3-4b4e-83c8-eb39802c2027".device =
"/dev/disk/by-uuid/b164af31-c1c3-4b4e-83c8-eb39802c2027"; "/dev/disk/by-uuid/b164af31-c1c3-4b4e-83c8-eb39802c2027";
@ -39,6 +30,8 @@
system.stateVersion = "24.11"; system.stateVersion = "24.11";
i18n.extraLocaleSettings.LC_ALL = "en_AU.UTF-8";
users.users.${userName} = { users.users.${userName} = {
extraGroups = [ extraGroups = [
# keep-sorted start # keep-sorted start

23
hosts/desktop/home.nix
View file

@ -1,21 +1,18 @@
{ {
# keep-sorted start
userName, userName,
util,
# keep-sorted end
... ...
}: }:
{ {
imports = [ imports = [ ../../modules/home-manager/default.nix ];
../../modules/home-manager/default.nix
] # reusable modules
++ (util.toImports ../../modules/home-manager/bundles [
# keep-sorted start # keep-sorted start
"desktop" desktop.enable = true;
"dev" dev.enable = true;
"gui" # keep-sorted end
# keep-sorted end
]); # config
age.secrets."protonmail-desktop-password".file = ../../secrets/protonmail-desktop-password.age; age.secrets."protonmail-desktop-password".file = ../../secrets/protonmail-desktop-password.age;

40
hosts/laptop/configuration.nix
View file

@ -1,35 +1,31 @@
{ {
# keep-sorted start
userName, userName,
util,
# keep-sorted end
... ...
}: }:
{ {
imports = [ imports = [
# keep-sorted start
../../modules/nixos/default.nix ../../modules/nixos/default.nix
./hardware-configuration.nix ./hardware-configuration.nix
# keep-sorted end ];
]
++ (util.toImports ../../modules/nixos/features [
# keep-sorted start
"amd-gpu"
"gnome"
"tlp"
# keep-sorted end
])
++ (util.toImports ../../modules/nixos/bundles [
# keep-sorted start
"desktop"
"dev"
"gui"
# keep-sorted end
]);
boot.initrd.luks.devices."luks-c2f5123c-0be0-4357-b383-b3f422e99a34".device = "/dev/disk/by-uuid/c2f5123c-0be0-4357-b383-b3f422e99a34"; # reusable modules
system.stateVersion = "25.05"; # keep-sorted start
amd-gpu.enable = true;
desktop.enable = true;
dev.enable = true;
gnome.enable = true;
tlp.enable = true;
# keep-sorted end
# config
boot.initrd.luks.devices."luks-a7726a9d-535f-44bc-9c0e-adc501fad371".device =
"/dev/disk/by-uuid/a7726a9d-535f-44bc-9c0e-adc501fad371";
system.stateVersion = "24.11";
i18n.extraLocaleSettings.LC_ALL = "en_AU.UTF-8";
users.users.${userName} = { users.users.${userName} = {
extraGroups = [ extraGroups = [

8
hosts/laptop/hardware-configuration.nix
View file

@ -14,20 +14,20 @@
boot.extraModulePackages = [ ]; boot.extraModulePackages = [ ];
fileSystems."/" = fileSystems."/" =
{ device = "/dev/disk/by-uuid/a240787a-6cc8-4c03-8a01-742adf305b1e"; { device = "/dev/disk/by-uuid/b772799b-5434-4d5e-b0f9-ab425e36b9a1";
fsType = "ext4"; fsType = "ext4";
}; };
boot.initrd.luks.devices."luks-f7d7a54f-d217-4260-8754-3cac7022e7d5".device = "/dev/disk/by-uuid/f7d7a54f-d217-4260-8754-3cac7022e7d5"; boot.initrd.luks.devices."luks-de6f14d8-8c7e-4e77-bfe5-264a39ef0bea".device = "/dev/disk/by-uuid/de6f14d8-8c7e-4e77-bfe5-264a39ef0bea";
fileSystems."/boot" = fileSystems."/boot" =
{ device = "/dev/disk/by-uuid/B3C9-7C0A"; { device = "/dev/disk/by-uuid/3730-5237";
fsType = "vfat"; fsType = "vfat";
options = [ "fmask=0077" "dmask=0077" ]; options = [ "fmask=0077" "dmask=0077" ];
}; };
swapDevices = swapDevices =
[ { device = "/dev/disk/by-uuid/b07c858a-2bd7-4b9a-aec3-3f9593c461c9"; } [ { device = "/dev/disk/by-uuid/081de704-5e9a-4e6d-ae8d-df492d0f662c"; }
]; ];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking # Enables DHCP on each ethernet and wireless interface. In case of scripted networking

23
hosts/laptop/home.nix
View file

@ -1,21 +1,18 @@
{ {
# keep-sorted start
userName, userName,
util,
# keep-sorted end
... ...
}: }:
{ {
imports = [ imports = [ ../../modules/home-manager/default.nix ];
../../modules/home-manager/default.nix
] # reusable modules
++ (util.toImports ../../modules/home-manager/bundles [
# keep-sorted start # keep-sorted start
"desktop" desktop.enable = true;
"dev" dev.enable = true;
"gui" # keep-sorted end
# keep-sorted end
]); # config
age.secrets."protonmail-laptop-password".file = ../../secrets/protonmail-laptop-password.age; age.secrets."protonmail-laptop-password".file = ../../secrets/protonmail-laptop-password.age;

58
hosts/server/configuration.nix
View file

@ -1,61 +1,27 @@
{ {
# keep-sorted start
hostName, hostName,
userName, userName,
util,
# keep-sorted end
... ...
}: }:
{ {
imports = [ imports = [
# keep-sorted start
../../modules/nixos/default.nix ../../modules/nixos/default.nix
./hardware-configuration.nix ./hardware-configuration.nix
# keep-sorted end ];
]
++ (util.toImports ../../modules/nixos/features [
# keep-sorted start
"borgbackup"
"intel-gpu"
# keep-sorted end
])
++ (util.toImports ../../modules/nixos/bundles [
"server"
]);
# external drive # reusable modules
services.udisks2.enable = true;
fileSystems."/mnt/external" = {
device = "/dev/disk/by-uuid/d3b3d7dc-d634-4327-9ea2-9d8daa4ecf4e";
fsType = "ext4";
options = [
"nofail"
];
};
networking = { # keep-sorted start
hostName = "${hostName}"; borgmatic.enable = true;
firewall.interfaces."enp2s0".allowedTCPPorts = [ intel-gpu.enable = true;
80 server.enable = true;
443 # keep-sorted end
];
};
# hardened openssh # config
services.openssh = {
allowSFTP = false; networking.hostName = "${hostName}";
extraConfig = ''
AllowTcpForwarding yes services.openssh.enable = true;
X11Forwarding no
AllowAgentForwarding no
AllowStreamLocalForwarding no
AuthenticationMethods publickey
'';
settings = {
KbdInteractiveAuthentication = false;
PasswordAuthentication = false;
};
};
system.stateVersion = "24.11"; system.stateVersion = "24.11";

4
hosts/server/home.nix
View file

@ -3,9 +3,7 @@
... ...
}: }:
{ {
imports = [ imports = [ ../../modules/home-manager/default.nix ];
../../modules/home-manager/default.nix
];
home = { home = {
username = "${userName}"; username = "${userName}";

23
modules/home-manager/bundles/desktop.nix
View file

@ -1,13 +1,24 @@
{ {
util, config,
lib,
... ...
}: }:
let
feature = "desktop";
in
{ {
imports = util.toImports ../features [ config = lib.mkIf config.${feature}.enable {
# keep-sorted start # keep-sorted start
"aerc" aerc.enable = true;
"mail" kitty.enable = true;
"zellij" mail.enable = true;
obsidian.enable = true;
zellij.enable = true;
zen-browser.enable = true;
# keep-sorted end # keep-sorted end
]; };
imports = [ ];
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
} }

16
modules/home-manager/bundles/dev.nix
View file

@ -1,11 +1,19 @@
{ {
util, config,
lib,
... ...
}: }:
let
feature = "dev";
in
{ {
imports = util.toImports ../features [ config = lib.mkIf config.${feature}.enable {
# keep-sorted start # keep-sorted start
"direnv" zed-editor.enable = lib.mkDefault true;
# keep-sorted end # keep-sorted end
]; };
imports = [ ];
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
} }

14
modules/home-manager/bundles/gui.nix
View file

@ -1,14 +0,0 @@
{
util,
...
}:
{
imports = util.toImports ../features [
# keep-sorted start
"alacritty"
"librewolf"
"obsidian"
# "zen-browser"
# keep-sorted end
];
}

41
modules/home-manager/default.nix
View file

@ -1,23 +1,22 @@
{ lib, ... }:
let
featureBundler =
featuresDir:
map (name: featuresDir + "/${name}") (builtins.attrNames (builtins.readDir featuresDir));
in
{ {
util, imports = (featureBundler ./bundles) ++ (featureBundler ./features);
...
}: # keep-sorted start
{ agenix.enable = lib.mkDefault true;
imports = util.toImports ./features [ bat.enable = lib.mkDefault true;
# keep-sorted start direnv.enable = lib.mkDefault true;
"agenix" eza.enable = lib.mkDefault true;
"bash" fish.enable = lib.mkDefault true;
"bat" gh.enable = lib.mkDefault true;
"bottom" git.enable = lib.mkDefault true;
"delta" starship.enable = lib.mkDefault true;
"eza" yazi.enable = lib.mkDefault true;
"fd" zoxide.enable = lib.mkDefault true;
"git" # keep-sorted end
"lazygit"
"shell-aliases"
"starship"
"yazi"
"zoxide"
# keep-sorted end
];
} }

236
modules/home-manager/features/aerc.nix
View file

@ -1,181 +1,67 @@
{ {
accounts.email.accounts.personal.aerc.enable = true; config,
programs.aerc = { lib,
enable = true; ...
extraAccounts.personal = { }:
default = "INBOX"; let
folders-sort = "INBOX, Starred, Drafts, Sent, Trash, Archive, Spam"; feature = "aerc";
}; in
extraConfig = { {
general.unsafe-accounts-conf = true; config = lib.mkIf config.${feature}.enable {
filters = { accounts.email.accounts.personal.aerc.enable = true;
"text/plain" = "colorize"; programs.aerc = {
"text/calendar" = "calendar | colorize"; enable = true;
"text/html" = "html | colorize"; extraAccounts.personal = {
default = "INBOX";
folders-sort = "INBOX, Starred, Drafts, Sent, Trash, Archive, Spam";
}; };
ui = { extraConfig = {
styleset-name = "catppuccin-mocha"; general.unsafe-accounts-conf = true;
sort = "-r date"; filters = {
"text/plain" = "colorize";
"text/calendar" = "calendar | colorize";
"text/html" = "html | colorize";
};
ui = {
styleset-name = "catppuccin-mocha";
sort = "-r date";
};
};
stylesets = {
catppuccin-mocha = {
"*.default" = true;
"*.normal" = true;
"default.fg" = "#cdd6f4";
"error.fg" = "#f38ba8";
"warning.fg" = "#fab387";
"success.fg" = "#a6e3a1";
"tab.fg" = "#6c7086";
"tab.bg" = "#181825";
"tab.selected.fg" = "#cdd6f4";
"tab.selected.bg" = "#1e1e2e";
"tab.selected.bold" = true;
"border.fg" = "#11111b";
"border.bold" = true;
"msglist_unread.bold" = true;
"msglist_flagged.fg" = "#f9e2af";
"msglist_flagged.bold" = true;
"msglist_result.fg" = "#89b4fa";
"msglist_result.bold" = true;
"msglist_*.selected.bold" = true;
"msglist_*.selected.bg" = "#313244";
"dirlist_*.selected.bold" = true;
"dirlist_*.selected.bg" = "#313244";
"statusline_default.fg" = "#9399b2";
"statusline_default.bg" = "#313244";
"statusline_error.bold" = true;
"statusline_success.bold" = true;
"completion_default.selected.bg" = "#313244";
};
}; };
}; };
extraBinds = {
global = {
# keep-sorted start
"<C-n>" = ":next-tab <Enter>";
"<C-p>" = ":prev-tab<Enter>";
"<C-t>" = ":term<Enter>";
"?" = ":help keys<Enter>";
# keep-sorted end
};
messages = {
# keep-sorted start
"!" = ":term<space>";
"$" = ":term<space>";
"/" = ":search<space>-a<space>";
"<C-b>" = ":prev 100%<Enter>";
"<C-d>" = ":next 50%<Enter>";
"<C-f>" = ":next 100%<Enter>";
"<C-u>" = ":prev 50%<Enter>";
"<Down>" = ":next<Enter>";
"<Enter>" = ":view<Enter>";
"<Esc>" = ":clear<Enter>";
"<PgDn>" = ":next 100%<Enter>";
"<PgUp>" = ":prev 100%<Enter>";
"<Up>" = ":prev<Enter>";
"\\" = ":filter <space>";
"|" = ":pipe<space>";
A = ":archive flat<Enter>";
C = ":compose<Enter>";
D = ":move Trash<Enter>";
G = ":select -1<Enter>";
H = ":collapse-folder<Enter>";
I = ":read<Enter>";
J = ":next-folder <Enter>";
K = ":prev-folder<Enter>";
L = ":expand-folder<Enter>";
N = ":prev-result<Enter>";
Rq = ":reply -q<Enter>";
Rr = ":reply<Enter>";
T = ":toggle-threads<Enter>";
U = ":unread<Enter>";
V = ":mark -v<Enter>";
c = ":cf<space>";
d = ":prompt 'Really delete this message?' 'delete-message'<Enter>";
g = ":select 0 <Enter>";
j = ":next <Enter>";
k = ":prev <Enter>";
n = ":next-result<Enter>";
q = ":quit<Enter>";
rq = ":reply -aq<Enter>";
rr = ":reply -a<Enter>";
v = ":mark -t<Enter>";
# keep-sorted end
};
"messages:folder=Drafts" = {
"<Enter>" = ":recall<Enter>";
};
view = {
# keep-sorted start
"/" = ":toggle-key-passthrough <Enter> /";
"<C-j>" = ":next-part<Enter>";
"<C-k>" = ":prev-part<Enter>";
"<C-l>" = ":open-link <space>";
"|" = ":pipe<space>";
A = ":archive flat<Enter>";
D = ":move Trash<Enter>";
H = ":toggle-headers<Enter>";
J = ":next <Enter>";
K = ":prev<Enter>";
O = ":open<Enter>";
R = ":read<Enter>";
Rq = ":reply -q<Enter>";
Rr = ":reply<Enter>";
S = ":save<space>";
U = ":unread<Enter>";
f = ":forward <Enter>";
q = ":close<Enter>";
rq = ":reply -aq<Enter>";
rr = ":reply -a<Enter>";
# keep-sorted end
};
"view::passthrough" = {
# keep-sorted start
"$ex" = "<C-x>";
"$noinherit" = "true";
"<Esc>" = ":toggle-key-passthrough<Enter>";
# keep-sorted end
};
compose = {
# keep-sorted start
"$ex" = "<C-x>";
"$noinherit" = "true";
"<A-n>" = ":switch-account -n<Enter>";
"<A-p>" = ":switch-account -p<Enter>";
"<C-j>" = ":next-field<Enter>";
"<C-k>" = ":prev-field<Enter>";
"<C-n>" = ":next-tab<Enter>";
"<C-p>" = ":prev-tab<Enter>";
"<tab>" = ":next-field<Enter>";
# keep-sorted end
};
"compose::editor" = {
# keep-sorted start
"$ex" = "<C-x>";
"$noinherit" = "true";
"<C-j>" = ":next-field<Enter>";
"<C-k>" = ":prev-field<Enter>";
"<C-n>" = ":next-tab<Enter>";
"<C-p>" = ":prev-tab<Enter>";
# keep-sorted end
};
"compose::review" = {
# keep-sorted start
a = ":attach<space>";
d = ":detach<space>";
e = ":edit<Enter>";
n = ":abort<Enter>";
p = ":postpone<Enter>";
q = ":choose -o d discard abort -o p postpone postpone<Enter>";
y = ":send <Enter>";
# keep-sorted end
};
terminal = {
# keep-sorted start
"$ex" = "<C-x>";
"$noinherit" = "true";
"<C-n>" = ":next-tab<Enter>";
"<C-p>" = ":prev-tab<Enter>";
# keep-sorted end
};
};
stylesets.catppuccin-mocha = ''
"*.default" = true
"*.normal" = true
"default.fg" = "#cdd6f4"
"error.fg" = "#f38ba8"
"warning.fg" = "#fab387"
"success.fg" = "#a6e3a1"
"tab.fg" = "#6c7086"
"tab.bg" = "#181825"
"tab.selected.fg" = "#cdd6f4"
"tab.selected.bg" = "#1e1e2e"
"tab.selected.bold" = true
"border.fg" = "#11111b"
"border.bold" = true
"msglist_unread.bold" = true
"msglist_flagged.fg" = "#f9e2af"
"msglist_flagged.bold" = true
"msglist_result.fg" = "#89b4fa"
"msglist_result.bold" = true
"msglist_*.selected.bold" = true
"msglist_*.selected.bg" = "#313244"
"dirlist_*.selected.bold" = true
"dirlist_*.selected.bg" = "#313244"
"statusline_default.fg" = "#9399b2"
"statusline_default.bg" = "#313244"
"statusline_error.bold" = true
"statusline_success.bold" = true
"completion_default.selected.bg" = "#313244"
'';
}; };
imports = [ ];
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
} }

10
modules/home-manager/features/agenix.nix
View file

@ -1,8 +1,16 @@
{ {
config,
lib,
userName, userName,
... ...
}: }:
let
feature = "agenix";
in
{ {
age.identityPaths = [ "/home/${userName}/.ssh/id_ed25519" ]; config = lib.mkIf config.${feature}.enable {
age.identityPaths = [ "/home/${userName}/.ssh/id_ed25519" ];
};
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
} }

27
modules/home-manager/features/alacritty.nix
View file

@ -1,27 +0,0 @@
{
# keep-sorted start
lib,
pkgs,
# keep-sorted end
...
}:
{
programs.alacritty = {
enable = true;
settings = {
font = {
normal = {
family = "JetBrainsMono Nerd Font";
style = "Regular";
};
size = 13;
};
window.startup_mode = "Maximized";
terminal.shell = {
program = "${lib.getExe pkgs.zellij}";
args = [ "-l=welcome" ];
};
};
theme = "catppuccin_mocha";
};
}

4
modules/home-manager/features/bash.nix
View file

@ -1,4 +0,0 @@
{
home.shell.enableBashIntegration = true;
programs.bash.enable = true;
}

22
modules/home-manager/features/bat.nix
View file

@ -1,8 +1,22 @@
{ {
programs.bat = { config,
enable = true; lib,
config = { ...
theme = "Dracula"; }:
let
feature = "bat";
in
{
config = lib.mkIf config.${feature}.enable {
programs.bat = {
enable = true;
config = {
theme = "Dracula";
};
}; };
}; };
imports = [ ];
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
} }

78
modules/home-manager/features/bottom.nix
View file

@ -1,78 +0,0 @@
{
programs.bottom = {
enable = true;
settings = {
flags = {
group_processes = true;
process_memory_as_value = true;
};
styles = {
cpu = {
all_entry_color = "#f5e0dc";
avg_entry_color = "#eba0ac";
cpu_core_colors = [
"#f38ba8"
"#fab387"
"#f9e2af"
"#a6e3a1"
"#74c7ec"
"#cba6f7"
];
};
memory = {
ram_color = "#a6e3a1";
cache_color = "#f38ba8";
swap_color = "#fab387";
gpu_colors = [
"#74c7ec"
"#cba6f7"
"#f38ba8"
"#fab387"
"#f9e2af"
"#a6e3a1"
];
arc_color = "#89dceb";
};
network = {
rx_color = "#a6e3a1";
tx_color = "#f38ba8";
rx_total_color = "#89dceb";
tx_total_color = "#a6e3a1";
};
battery = {
high_battery_color = "#a6e3a1";
medium_battery_color = "#f9e2af";
low_battery_color = "#f38ba8";
};
tables = {
headers = {
color = "#f5e0dc";
};
};
graphs = {
graph_color = "#a6adc8";
legend_text = {
color = "#a6adc8";
};
};
widgets = {
border_color = "#585b70";
selected_border_color = "#f5c2e7";
widget_title = {
color = "#f2cdcd";
};
text = {
color = "#cdd6f4";
};
selected_text = {
color = "#11111b";
bg_color = "#cba6f7";
};
disabled_text = {
color = "#1e1e2e";
};
};
};
};
};
}

6
modules/home-manager/features/delta.nix
View file

@ -1,6 +0,0 @@
{
programs.delta = {
enable = true;
options.theme = "Dracula";
};
}

12
modules/home-manager/features/direnv.nix
View file

@ -1,3 +1,13 @@
{ {
programs.direnv.enable = true; config,
lib,
...
}:
let
feature = "direnv";
in
{
config = lib.mkIf config.${feature}.enable { programs.direnv.enable = true; };
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
} }

20
modules/home-manager/features/espanso.nix
View file

@ -1,6 +1,20 @@
{ {
services.espanso = { config,
enable = true; lib,
configs = { }; ...
}:
let
feature = "espanso";
in
{
config = lib.mkIf config.${feature}.enable {
services.espanso = {
enable = true;
configs = { };
};
}; };
imports = [ ];
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
} }

530
modules/home-manager/features/eza.nix
View file

@ -1,283 +1,297 @@
{ {
programs.eza = { config,
enable = true; lib,
extraOptions = [ ...
"--long" }:
"--header" let
"--group-directories-first" feature = "eza";
]; in
git = true; {
icons = "always"; config = lib.mkIf config.${feature}.enable {
theme = { programs.eza = {
colourful = true; enable = true;
extraOptions = [
"--long"
"--header"
"--group-directories-first"
];
git = true;
icons = "always";
theme = {
colourful = true;
filekinds = { filekinds = {
normal = { normal = {
foreground = "#BAC2DE"; foreground = "#BAC2DE";
};
directory = {
foreground = "#89B4FA";
};
symlink = {
foreground = "#89DCEB";
};
pipe = {
foreground = "#7F849C";
};
block_device = {
foreground = "#EBA0AC";
};
char_device = {
foreground = "#EBA0AC";
};
socket = {
foreground = "#585B70";
};
special = {
foreground = "#CBA6F7";
};
executable = {
foreground = "#A6E3A1";
};
mount_point = {
foreground = "#74C7EC";
};
}; };
directory = {
foreground = "#89B4FA"; perms = {
user_read = {
foreground = "#CDD6F4";
};
user_write = {
foreground = "#F9E2AF";
};
user_execute_file = {
foreground = "#A6E3A1";
};
user_execute_other = {
foreground = "#A6E3A1";
};
group_read = {
foreground = "#BAC2DE";
};
group_write = {
foreground = "#F9E2AF";
};
group_execute = {
foreground = "#A6E3A1";
};
other_read = {
foreground = "#A6ADC8";
};
other_write = {
foreground = "#F9E2AF";
};
other_execute = {
foreground = "#A6E3A1";
};
special_user_file = {
foreground = "#CBA6F7";
};
special_other = {
foreground = "#585B70";
};
attribute = {
foreground = "#A6ADC8";
};
}; };
symlink = {
foreground = "#89DCEB"; size = {
major = {
foreground = "#A6ADC8";
};
minor = {
foreground = "#89DCEB";
};
number_byte = {
foreground = "#CDD6F4";
};
number_kilo = {
foreground = "#BAC2DE";
};
number_mega = {
foreground = "#89B4FA";
};
number_giga = {
foreground = "#CBA6F7";
};
number_huge = {
foreground = "#CBA6F7";
};
unit_byte = {
foreground = "#A6ADC8";
};
unit_kilo = {
foreground = "#89B4FA";
};
unit_mega = {
foreground = "#CBA6F7";
};
unit_giga = {
foreground = "#CBA6F7";
};
unit_huge = {
foreground = "#74C7EC";
};
}; };
pipe = {
users = {
user_you = {
foreground = "#CDD6F4";
};
user_root = {
foreground = "#F38BA8";
};
user_other = {
foreground = "#CBA6F7";
};
group_yours = {
foreground = "#BAC2DE";
};
group_other = {
foreground = "#7F849C";
};
group_root = {
foreground = "#F38BA8";
};
};
links = {
normal = {
foreground = "#89DCEB";
};
multi_link_file = {
foreground = "#74C7EC";
};
};
git = {
new = {
foreground = "#A6E3A1";
};
modified = {
foreground = "#F9E2AF";
};
deleted = {
foreground = "#F38BA8";
};
renamed = {
foreground = "#94E2D5";
};
typechange = {
foreground = "#F5C2E7";
};
ignored = {
foreground = "#7F849C";
};
conflicted = {
foreground = "#EBA0AC";
};
};
git_repo = {
branch_main = {
foreground = "#CDD6F4";
};
branch_other = {
foreground = "#CBA6F7";
};
git_clean = {
foreground = "#A6E3A1";
};
git_dirty = {
foreground = "#F38BA8";
};
};
security_context = {
colon = {
foreground = "#7F849C";
};
user = {
foreground = "#BAC2DE";
};
role = {
foreground = "#CBA6F7";
};
typ = {
foreground = "#585B70";
};
range = {
foreground = "#CBA6F7";
};
};
file_type = {
image = {
foreground = "#F9E2AF";
};
video = {
foreground = "#F38BA8";
};
music = {
foreground = "#A6E3A1";
};
lossless = {
foreground = "#94E2D5";
};
crypto = {
foreground = "#585B70";
};
document = {
foreground = "#CDD6F4";
};
compressed = {
foreground = "#F5C2E7";
};
temp = {
foreground = "#EBA0AC";
};
compiled = {
foreground = "#74C7EC";
};
build = {
foreground = "#585B70";
};
source = {
foreground = "#89B4FA";
};
};
punctuation = {
foreground = "#7F849C"; foreground = "#7F849C";
}; };
block_device = { date = {
foreground = "#EBA0AC"; foreground = "#F9E2AF";
}; };
char_device = { inode = {
foreground = "#EBA0AC"; foreground = "#A6ADC8";
}; };
socket = { blocks = {
foreground = "#585B70"; foreground = "#9399B2";
}; };
special = { header = {
foreground = "#CBA6F7";
};
executable = {
foreground = "#A6E3A1";
};
mount_point = {
foreground = "#74C7EC";
};
};
perms = {
user_read = {
foreground = "#CDD6F4"; foreground = "#CDD6F4";
}; };
user_write = { octal = {
foreground = "#F9E2AF";
};
user_execute_file = {
foreground = "#A6E3A1";
};
user_execute_other = {
foreground = "#A6E3A1";
};
group_read = {
foreground = "#BAC2DE";
};
group_write = {
foreground = "#F9E2AF";
};
group_execute = {
foreground = "#A6E3A1";
};
other_read = {
foreground = "#A6ADC8";
};
other_write = {
foreground = "#F9E2AF";
};
other_execute = {
foreground = "#A6E3A1";
};
special_user_file = {
foreground = "#CBA6F7";
};
special_other = {
foreground = "#585B70";
};
attribute = {
foreground = "#A6ADC8";
};
};
size = {
major = {
foreground = "#A6ADC8";
};
minor = {
foreground = "#89DCEB";
};
number_byte = {
foreground = "#CDD6F4";
};
number_kilo = {
foreground = "#BAC2DE";
};
number_mega = {
foreground = "#89B4FA";
};
number_giga = {
foreground = "#CBA6F7";
};
number_huge = {
foreground = "#CBA6F7";
};
unit_byte = {
foreground = "#A6ADC8";
};
unit_kilo = {
foreground = "#89B4FA";
};
unit_mega = {
foreground = "#CBA6F7";
};
unit_giga = {
foreground = "#CBA6F7";
};
unit_huge = {
foreground = "#74C7EC";
};
};
users = {
user_you = {
foreground = "#CDD6F4";
};
user_root = {
foreground = "#F38BA8";
};
user_other = {
foreground = "#CBA6F7";
};
group_yours = {
foreground = "#BAC2DE";
};
group_other = {
foreground = "#7F849C";
};
group_root = {
foreground = "#F38BA8";
};
};
links = {
normal = {
foreground = "#89DCEB";
};
multi_link_file = {
foreground = "#74C7EC";
};
};
git = {
new = {
foreground = "#A6E3A1";
};
modified = {
foreground = "#F9E2AF";
};
deleted = {
foreground = "#F38BA8";
};
renamed = {
foreground = "#94E2D5"; foreground = "#94E2D5";
}; };
typechange = { flags = {
foreground = "#F5C2E7";
};
ignored = {
foreground = "#7F849C";
};
conflicted = {
foreground = "#EBA0AC";
};
};
git_repo = {
branch_main = {
foreground = "#CDD6F4";
};
branch_other = {
foreground = "#CBA6F7"; foreground = "#CBA6F7";
}; };
git_clean = {
foreground = "#A6E3A1"; symlink_path = {
foreground = "#89DCEB";
}; };
git_dirty = { control_char = {
foreground = "#F38BA8";
};
};
security_context = {
colon = {
foreground = "#7F849C";
};
user = {
foreground = "#BAC2DE";
};
role = {
foreground = "#CBA6F7";
};
typ = {
foreground = "#585B70";
};
range = {
foreground = "#CBA6F7";
};
};
file_type = {
image = {
foreground = "#F9E2AF";
};
video = {
foreground = "#F38BA8";
};
music = {
foreground = "#A6E3A1";
};
lossless = {
foreground = "#94E2D5";
};
crypto = {
foreground = "#585B70";
};
document = {
foreground = "#CDD6F4";
};
compressed = {
foreground = "#F5C2E7";
};
temp = {
foreground = "#EBA0AC";
};
compiled = {
foreground = "#74C7EC"; foreground = "#74C7EC";
}; };
build = { broken_symlink = {
foreground = "#F38BA8";
};
broken_path_overlay = {
foreground = "#585B70"; foreground = "#585B70";
}; };
source = {
foreground = "#89B4FA";
};
};
punctuation = {
foreground = "#7F849C";
};
date = {
foreground = "#F9E2AF";
};
inode = {
foreground = "#A6ADC8";
};
blocks = {
foreground = "#9399B2";
};
header = {
foreground = "#CDD6F4";
};
octal = {
foreground = "#94E2D5";
};
flags = {
foreground = "#CBA6F7";
};
symlink_path = {
foreground = "#89DCEB";
};
control_char = {
foreground = "#74C7EC";
};
broken_symlink = {
foreground = "#F38BA8";
};
broken_path_overlay = {
foreground = "#585B70";
}; };
}; };
}; };
imports = [ ];
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
} }

6
modules/home-manager/features/fd.nix
View file

@ -1,6 +0,0 @@
{
programs.fd = {
enable = true;
hidden = true;
};
}

254
modules/home-manager/features/firefox.nix
View file

@ -1,254 +0,0 @@
{
pkgs,
...
}:
{
programs.firefox = {
enable = true;
languagePacks = [ "en-GB" ];
profiles.will = {
settings = {
# keep-sorted start
"browser.aboutwelcome.enabled" = false;
"browser.bookmarks.addedImportButton" = false;
"browser.bookmarks.restore_default_bookmarks" = false;
"browser.download.useDownloadDir" = true;
"browser.newtabpage.enabled" = false;
"browser.safebrowsing.downloads.enabled" = false;
"browser.safebrowsing.malware.enabled" = false;
"browser.safebrowsing.phishing.enabled" = false;
"browser.safebrowsing.remote.block_potentially_unwanted" = false;
"browser.safebrowsing.remote.block_uncommon" = false;
"browser.search.suggest.enabled" = false;
"browser.startup.homepage" = "chrome://browser/content/blanktab.html";
"browser.startup.page" = 3;
"browser.tabs.groups.smart.userEnabled" = false;
"browser.tabs.warnOnClose" = true;
"browser.tabs.warnOnOpen" = false;
"browser.toolbars.bookmarks.visibility" = "never";
"browser.urlbar.suggest.searches" = false;
"datareporting.healthreport.uploadEnabled" = false;
"datareporting.usage.uploadEnabled" = false;
"dom.security.https_only_mode" = true;
"dom.security.https_only_mode_ever_enabled" = true;
"extensions.formautofill.creditCards.enabled" = false;
"general.autoScroll" = true;
"intl.locale.requested" = "en-GB";
"network.trr.mode" = 3;
"network.trr.uri" = "https://firefox.dns.nextdns.io/";
"privacy.annotate_channels.strict_list.enabled" = true;
"privacy.bounceTrackingProtection.mode" = 1;
"privacy.fingerprintingProtection" = true;
"privacy.globalprivacycontrol.enabled" = true;
"privacy.globalprivacycontrol.was_ever_enabled" = true;
"privacy.history.custom" = false;
"privacy.query_stripping.enabled " = true;
"privacy.query_stripping.enabled.pbmode" = true;
"privacy.sanitize.sanitizeOnShutdown" = false;
"privacy.trackingprotection.allow_list.baseline.enabled" = true;
"privacy.trackingprotection.allow_list.convenience.enabled" = false;
"privacy.trackingprotection.consentmanager.skip.pbmode.enabled" = false;
"privacy.trackingprotection.emailtracking.enabled" = true;
"privacy.trackingprotection.enabled" = true;
"privacy.trackingprotection.socialtracking.enabled" = true;
"services.sync.engine.passwords" = false;
"sidebar.main.tools" = "syncedtabs,history,bookmarks";
"sidebar.new-sidebar.has-used" = true;
"sidebar.position_start" = false;
"sidebar.revamp" = true;
"sidebar.verticalTabs" = true;
"sidebar.verticalTabs.dragToPinPromo.dismissed" = true;
"signon.autofillForms" = false;
"signon.firefoxRelay.feature" = "disabled";
"signon.generation.enabled" = false;
"signon.management.page.breach-alerts.enabled" = false;
"signon.rememberSignons" = false;
"toolkit.telemetry.reportingpolicy.firstRun" = false;
# keep-sorted end
};
search = {
default = "ddg";
privateDefault = "ddg";
engines = { };
order = [ ];
force = true;
};
extensions = {
force = true;
packages = with pkgs.nur.repos.rycee.firefox-addons; [
# keep-sorted start sticky_comments=no
# detect-cloudflare
bitwarden
dearrow
nixpkgs-pr-tracker
react-devtools
return-youtube-dislikes
sponsorblock
ublock-origin
# keep-sorted end
];
settings = {
# keep-sorted start block=yes
# sponsorblock
"sponsorBlocker@ajay.app".settings = {
hideSegmentCreationInPopup = false;
autoSkipOnMusicVideosUpdate = true;
changeChapterColor = true;
autoSkipOnMusicVideos = false;
hideVideoPlayerControls = false;
useVirtualTime = true;
categoryPillColors = { };
payments = {
chaptersAllowed = false;
freeAccess = false;
lastCheck = 0;
lastFreeCheck = 0;
licenseKey = null;
};
allowExpirements = true;
allowScrollingToEdit = true;
audioNotificationOnSkip = false;
autoHideInfoButton = true;
categoryPillUpdate = true;
chapterCategoryAdded = true;
checkForUnlistedVideos = false;
cleanPopup = false;
darkMode = true;
deArrowInstalled = true;
defaultCategory = "chooseACategory";
disableSkipping = false;
donateClicked = 0;
dontShowNotice = false;
forceChannelCheck = false;
fullVideoLabelsOnThumbnails = true;
fullVideoSegments = true;
hideDeleteButtonPlayerControls = false;
hideDiscordLaunches = 0;
hideDiscordLink = false;
hideInfoButtonPlayerControls = false;
hideSkipButtonPlayerControls = false;
hideUploadButtonPlayerControls = false;
categorySelections = [
{
name = "sponsor";
option = 2;
}
{
name = "poi_highlight";
option = 1;
}
{
name = "exclusive_access";
option = 0;
}
{
name = "chapter";
option = 0;
}
{
name = "selfpromo";
option = 1;
}
{
name = "interaction";
option = 1;
}
{
name = "intro";
option = 1;
}
{
name = "outro";
option = 1;
}
{
name = "preview";
option = 1;
}
{
name = "filler";
option = 1;
}
{
name = "music_offtopic";
option = 2;
}
{
name = "hook";
option = 1;
}
];
manualSkipOnFullVideo = false;
minDuration = 0;
isVip = false;
muteSegments = false;
noticeVisibilityMode = 3;
renderSegmentsAsChapters = false;
scrollToEditTimeUpdate = false;
serverAddress = "https://sponsor.ajay.app";
showAutogeneratedChapters = false;
showCategoryGuidelines = true;
showCategoryWithoutPermission = false;
showChapterInfoMessage = true;
showDeArrowInSettings = true;
showDeArrowPromotion = true;
showDonationLink = false;
showNewFeaturePopups = false;
showSegmentFailedToFetchWarning = true;
showSegmentNameInChapterBar = true;
showTimeWithSkips = true;
showUpcomingNotice = false;
showUpsells = false;
minutesSaved = 67.630516;
shownDeArrowPromotion = false;
showZoomToFillError2 = false;
skipNoticeDuration = 4;
sponsorTimesContributed = 0;
testingServer = false;
trackDownvotes = false;
trackDownvotesInPrivate = false;
trackViewCount = false;
trackViewCountInPrivate = false;
ytInfoPermissionGranted = false;
skipNonMusicOnlyOnYoutubeMusic = false;
hookUpdate = false;
permissions = {
sponsor = true;
selfpromo = true;
exclusive_access = true;
interaction = true;
intro = true;
outro = true;
preview = true;
hook = true;
music_offtopic = true;
filler = true;
poi_highlight = true;
chapter = false;
};
segmentListDefaultTab = 0;
prideTheme = false;
};
# ublock-origin
"uBlock0@raymondhill.net".settings = {
advancedUserEnabled = true;
selectedFilterLists = [
"user-filters"
"ublock-filters"
"ublock-badware"
"ublock-privacy"
"ublock-quick-fixes"
"ublock-unbreak"
"easylist"
"easyprivacy"
"adguard-spyware-url"
"urlhaus-1"
"plowe-0"
];
};
# keep-sorted end
};
};
};
};
}

97
modules/home-manager/features/fish.nix
View file

@ -1,39 +1,74 @@
{ {
config,
lib,
pkgs, pkgs,
... ...
}: }:
let
feature = "fish";
in
{ {
home.shell.enableFishIntegration = true; config = lib.mkIf config.${feature}.enable {
programs.fish = { home.shell.enableFishIntegration = true;
enable = true; programs.fish = {
interactiveShellInit = '' enable = true;
set fish_greeting interactiveShellInit = ''
''; set fish_greeting
plugins = [ '';
# INFO: Using this to get shell completion for programs added to the path through nix+direnv. shellAliases = {
# Issue to upstream into direnv:Add commentMore actions # keep-sorted start
# https://github.com/direnv/direnv/issues/443 cat = "bat";
{ # cd = "j";
name = "completion-sync"; cut = "choose";
src = pkgs.fetchFromGitHub { df = "duf";
owner = "iynaix"; du = "dua";
repo = "fish-completion-sync"; # find = "fd";
rev = "4f058ad2986727a5f510e757bc82cbbfca4596f0"; g = "lazygit";
sha256 = "sha256-kHpdCQdYcpvi9EFM/uZXv93mZqlk1zCi2DRhWaDyK5g="; l = "eza";
}; la = "eza -a";
} ls = "eza";
]; ns = "nh os switch";
# curl = "xh";
ping = "gping";
ps = "procs";
# sed = "sd";
# grep = "rga";
top = "btm";
unzip = "ripunzip";
vi = "nvim";
vim = "nvim";
# keep-sorted end
};
plugins = [
# INFO: Using this to get shell completion for programs added to the path through nix+direnv.
# Issue to upstream into direnv:Add commentMore actions
# https://github.com/direnv/direnv/issues/443
{
name = "completion-sync";
src = pkgs.fetchFromGitHub {
owner = "iynaix";
repo = "fish-completion-sync";
rev = "4f058ad2986727a5f510e757bc82cbbfca4596f0";
sha256 = "sha256-kHpdCQdYcpvi9EFM/uZXv93mZqlk1zCi2DRhWaDyK5g=";
};
}
];
};
# https://nixos.wiki/wiki/Fish#Setting_fish_as_your_shell
programs.bash = {
enable = true;
initExtra = ''
if [[ $(${pkgs.procps}/bin/ps --no-header --pid=$PPID --format=comm) != "fish" && -z ''${BASH_EXECUTION_STRING} ]]
then
shopt -q login_shell && LOGIN_OPTION='--login' || LOGIN_OPTION=""
exec ${pkgs.fish}/bin/fish $LOGIN_OPTION
fi
'';
};
}; };
# https://nixos.wiki/wiki/Fish#Setting_fish_as_your_shell imports = [ ];
programs.bash = {
enable = true; options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
initExtra = ''
if [[ $(${pkgs.procps}/bin/ps --no-header --pid=$PPID --format=comm) != "fish" && -z ''${BASH_EXECUTION_STRING} ]]
then
shopt -q login_shell && LOGIN_OPTION='--login' || LOGIN_OPTION=""
exec ${pkgs.fish}/bin/fish $LOGIN_OPTION
fi
'';
};
} }

24
modules/home-manager/features/gh.nix
View file

@ -1,9 +1,23 @@
{ {
programs.gh = { config,
enable = true; lib,
settings = { ...
git_protocol = "ssh"; }:
editor = "nvim"; let
feature = "gh";
in
{
config = lib.mkIf config.${feature}.enable {
programs.gh = {
enable = true;
settings = {
git_protocol = "ssh";
editor = "nvim";
};
}; };
}; };
imports = [ ];
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
} }

46
modules/home-manager/features/git.nix
View file

@ -1,12 +1,24 @@
{ {
userName, config,
lib,
... ...
}: }:
let
feature = "git";
in
{ {
programs.git = { config = lib.mkIf config.${feature}.enable {
enable = true; programs.${feature} = {
settings = { enable = true;
# keep-sorted start block=yes
delta = {
enable = true;
options.theme = "Dracula";
};
userName = "wi11-holdsworth";
userEmail = "83637728+wi11-holdsworth@users.noreply.github.com";
aliases = { aliases = {
# keep-sorted start # keep-sorted start
a = "add"; a = "add";
@ -27,20 +39,18 @@
s = "status -s"; s = "status -s";
# keep-sorted end # keep-sorted end
}; };
core.editor = "nvim";
init.defaultBranch = "main"; extraConfig = {
pull.rebase = true; init.defaultBranch = "main";
push.autoSetupRemote = true;
user = { core.editor = "nvim";
name = "Will Holdsworth";
email = "me@fi33.buzz"; push.autoSetupRemote = true;
pull.rebase = false;
}; };
# keep-sorted end
};
signing = {
key = "/home/${userName}/.ssh/git_signature.pub";
format = "ssh";
signByDefault = true;
}; };
}; };
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
} }

37
modules/home-manager/features/kitty.nix
View file

@ -1,21 +1,32 @@
{ {
config,
lib,
pkgs, pkgs,
... ...
}: }:
let
feature = "kitty";
in
{ {
programs.kitty = { config = lib.mkIf config.${feature}.enable {
enable = true; programs.kitty = {
enableGitIntegration = true; enable = true;
font = { enableGitIntegration = true;
package = pkgs.nerd-fonts.jetbrains-mono; font = {
name = "JetBrainsMono Nerd Font"; package = pkgs.nerd-fonts.jetbrains-mono;
size = 13; name = "JetBrainsMono Nerd Font";
}; size = 13;
themeFile = "Catppuccin-Mocha"; };
settings = { themeFile = "Catppuccin-Mocha";
shell = "zellij -l welcome"; settings = {
remember_window_size = true; shell = "zellij -l welcome";
confirm_os_window_close = 0; remember_window_size = true;
confirm_os_window_close = 0;
};
}; };
}; };
imports = [ ];
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
} }

15
modules/home-manager/features/lazygit.nix
View file

@ -1,15 +0,0 @@
{
...
}:
{
programs.lazygit = {
enable = true;
settings = {
git.overrideGpg = true;
log = {
localBranchSortOrder = "recency";
remoteBranchSortOrder = "recency";
};
};
};
}

255
modules/home-manager/features/librewolf.nix
View file

@ -1,255 +0,0 @@
{
pkgs,
...
}:
{
programs.librewolf = {
enable = true;
languagePacks = [ "en-GB" ];
profiles.will = {
settings = {
# keep-sorted start
"browser.aboutwelcome.enabled" = false;
"browser.bookmarks.addedImportButton" = false;
"browser.bookmarks.restore_default_bookmarks" = false;
"browser.download.useDownloadDir" = true;
"browser.newtabpage.enabled" = false;
"browser.safebrowsing.downloads.enabled" = false;
"browser.safebrowsing.malware.enabled" = false;
"browser.safebrowsing.phishing.enabled" = false;
"browser.safebrowsing.remote.block_potentially_unwanted" = false;
"browser.safebrowsing.remote.block_uncommon" = false;
"browser.search.suggest.enabled" = false;
"browser.startup.homepage" = "chrome://browser/content/blanktab.html";
"browser.startup.page" = 3;
"browser.tabs.groups.smart.userEnabled" = false;
"browser.tabs.warnOnClose" = true;
"browser.tabs.warnOnOpen" = false;
"browser.toolbars.bookmarks.visibility" = "never";
"browser.urlbar.suggest.searches" = false;
"datareporting.healthreport.uploadEnabled" = false;
"datareporting.usage.uploadEnabled" = false;
"dom.security.https_only_mode" = true;
"dom.security.https_only_mode_ever_enabled" = true;
"extensions.formautofill.creditCards.enabled" = false;
"general.autoScroll" = true;
"identity.fxaccounts.enabled" = true;
"intl.locale.requested" = "en-GB";
"network.trr.mode" = 3;
"network.trr.uri" = "https://firefox.dns.nextdns.io/";
"privacy.annotate_channels.strict_list.enabled" = true;
"privacy.bounceTrackingProtection.mode" = 1;
"privacy.fingerprintingProtection" = true;
"privacy.globalprivacycontrol.enabled" = true;
"privacy.globalprivacycontrol.was_ever_enabled" = true;
"privacy.history.custom" = false;
"privacy.query_stripping.enabled " = true;
"privacy.query_stripping.enabled.pbmode" = true;
"privacy.sanitize.sanitizeOnShutdown" = false;
"privacy.trackingprotection.allow_list.baseline.enabled" = true;
"privacy.trackingprotection.allow_list.convenience.enabled" = false;
"privacy.trackingprotection.consentmanager.skip.pbmode.enabled" = false;
"privacy.trackingprotection.emailtracking.enabled" = true;
"privacy.trackingprotection.enabled" = true;
"privacy.trackingprotection.socialtracking.enabled" = true;
"services.sync.engine.passwords" = false;
"sidebar.main.tools" = "syncedtabs,history,bookmarks";
"sidebar.new-sidebar.has-used" = true;
"sidebar.position_start" = false;
"sidebar.revamp" = true;
"sidebar.verticalTabs" = true;
"sidebar.verticalTabs.dragToPinPromo.dismissed" = true;
"signon.autofillForms" = false;
"signon.firefoxRelay.feature" = "disabled";
"signon.generation.enabled" = false;
"signon.management.page.breach-alerts.enabled" = false;
"signon.rememberSignons" = false;
"toolkit.telemetry.reportingpolicy.firstRun" = false;
# keep-sorted end
};
search = {
default = "ddg";
privateDefault = "ddg";
engines = { };
order = [ ];
force = true;
};
extensions = {
force = true;
packages = with pkgs.nur.repos.rycee.firefox-addons; [
# keep-sorted start sticky_comments=no
# detect-cloudflare
bitwarden
dearrow
nixpkgs-pr-tracker
react-devtools
return-youtube-dislikes
sponsorblock
ublock-origin
# keep-sorted end
];
settings = {
# keep-sorted start block=yes
# sponsorblock
"sponsorBlocker@ajay.app".settings = {
hideSegmentCreationInPopup = false;
autoSkipOnMusicVideosUpdate = true;
changeChapterColor = true;
autoSkipOnMusicVideos = false;
hideVideoPlayerControls = false;
useVirtualTime = true;
categoryPillColors = { };
payments = {
chaptersAllowed = false;
freeAccess = false;
lastCheck = 0;
lastFreeCheck = 0;
licenseKey = null;
};
allowExpirements = true;
allowScrollingToEdit = true;
audioNotificationOnSkip = false;
autoHideInfoButton = true;
categoryPillUpdate = true;
chapterCategoryAdded = true;
checkForUnlistedVideos = false;
cleanPopup = false;
darkMode = true;
deArrowInstalled = true;
defaultCategory = "chooseACategory";
disableSkipping = false;
donateClicked = 0;
dontShowNotice = false;
forceChannelCheck = false;
fullVideoLabelsOnThumbnails = true;
fullVideoSegments = true;
hideDeleteButtonPlayerControls = false;
hideDiscordLaunches = 0;
hideDiscordLink = false;
hideInfoButtonPlayerControls = false;
hideSkipButtonPlayerControls = false;
hideUploadButtonPlayerControls = false;
categorySelections = [
{
name = "sponsor";
option = 2;
}
{
name = "poi_highlight";
option = 1;
}
{
name = "exclusive_access";
option = 0;
}
{
name = "chapter";
option = 0;
}
{
name = "selfpromo";
option = 1;
}
{
name = "interaction";
option = 1;
}
{
name = "intro";
option = 1;
}
{
name = "outro";
option = 1;
}
{
name = "preview";
option = 1;
}
{
name = "filler";
option = 1;
}
{
name = "music_offtopic";
option = 2;
}
{
name = "hook";
option = 1;
}
];
manualSkipOnFullVideo = false;
minDuration = 0;
isVip = false;
muteSegments = false;
noticeVisibilityMode = 3;
renderSegmentsAsChapters = false;
scrollToEditTimeUpdate = false;
serverAddress = "https://sponsor.ajay.app";
showAutogeneratedChapters = false;
showCategoryGuidelines = true;
showCategoryWithoutPermission = false;
showChapterInfoMessage = true;
showDeArrowInSettings = true;
showDeArrowPromotion = true;
showDonationLink = false;
showNewFeaturePopups = false;
showSegmentFailedToFetchWarning = true;
showSegmentNameInChapterBar = true;
showTimeWithSkips = true;
showUpcomingNotice = false;
showUpsells = false;
minutesSaved = 67.630516;
shownDeArrowPromotion = false;
showZoomToFillError2 = false;
skipNoticeDuration = 4;
sponsorTimesContributed = 0;
testingServer = false;
trackDownvotes = false;
trackDownvotesInPrivate = false;
trackViewCount = false;
trackViewCountInPrivate = false;
ytInfoPermissionGranted = false;
skipNonMusicOnlyOnYoutubeMusic = false;
hookUpdate = false;
permissions = {
sponsor = true;
selfpromo = true;
exclusive_access = true;
interaction = true;
intro = true;
outro = true;
preview = true;
hook = true;
music_offtopic = true;
filler = true;
poi_highlight = true;
chapter = false;
};
segmentListDefaultTab = 0;
prideTheme = false;
};
# ublock-origin
"uBlock0@raymondhill.net".settings = {
advancedUserEnabled = true;
selectedFilterLists = [
"user-filters"
"ublock-filters"
"ublock-badware"
"ublock-privacy"
"ublock-quick-fixes"
"ublock-unbreak"
"easylist"
"easyprivacy"
"adguard-spyware-url"
"urlhaus-1"
"plowe-0"
];
};
# keep-sorted end
};
};
};
};
}

94
modules/home-manager/features/mail.nix
View file

@ -1,54 +1,62 @@
{ {
# keep-sorted start
config, config,
lib,
hostName, hostName,
# keep-sorted end
... ...
}: }:
let
feature = "mail";
in
{ {
accounts.email = config = lib.mkIf config.${feature}.enable {
let accounts.email =
certificatesFile = config.age.secrets.protonmail-cert.path; let
in certificatesFile = config.age.secrets.protonmail-cert.path;
{ in
inherit certificatesFile; {
accounts = inherit certificatesFile;
let accounts =
# keep-sorted start block=yes let
address = "willholdsworth@pm.me";
authentication = "login";
host = "127.0.0.1";
tls = {
enable = false;
useStartTls = true;
inherit certificatesFile;
};
# keep-sorted end
in
{
personal = {
enable = true;
# keep-sorted start block=yes # keep-sorted start block=yes
imap = { address = "willholdsworth@pm.me";
port = 1143; authentication = "login";
inherit tls; host = "127.0.0.1";
inherit authentication; tls = {
inherit host; enable = false;
useStartTls = true;
inherit certificatesFile;
}; };
inherit address;
passwordCommand = "cat ${config.age.secrets."protonmail-${hostName}-password".path}";
primary = true;
realName = "Will Holdsworth";
smtp = {
port = 1025;
inherit tls;
inherit authentication;
inherit host;
};
userName = address;
# keep-sorted end # keep-sorted end
in
{
personal = {
enable = true;
# keep-sorted start block=yes
imap = {
port = 1143;
inherit tls;
inherit authentication;
inherit host;
};
inherit address;
passwordCommand = "cat ${config.age.secrets."protonmail-${hostName}-password".path}";
primary = true;
realName = "Will Holdsworth";
smtp = {
port = 1025;
inherit tls;
inherit authentication;
inherit host;
};
userName = address;
# keep-sorted end
};
}; };
}; };
}; age.secrets."protonmail-cert".file = ../../../secrets/protonmail-cert.age;
age.secrets."protonmail-cert".file = ../../../secrets/protonmail-cert.age; };
imports = [ ];
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
} }

228
modules/home-manager/features/obsidian.nix
View file

@ -1,116 +1,126 @@
{ config, lib, ... }:
let
feature = "obsidian";
in
{ {
programs.obsidian = { config = lib.mkIf config.${feature}.enable {
enable = true; programs.obsidian = {
defaultSettings = { enable = true;
app = { defaultSettings = {
tabSize = 2; app = {
trashOption = "local"; tabSize = 2;
alwaysUpdateLinks = true; trashOption = "local";
attachmentFolderPath = "/"; alwaysUpdateLinks = true;
defaultViewMode = "preview"; attachmentFolderPath = "/";
vimMode = true; defaultViewMode = "preview";
showLineNumber = true; vimMode = true;
}; showLineNumber = true;
appearance = { };
monospaceFontFamily = "JetBrainsMono Nerd Font"; appearance = {
interfaceFontFamily = "JetBrainsMono Nerd Font"; monospaceFontFamily = "JetBrainsMono Nerd Font";
textFontFamily = "JetBrainsMono Nerd Font"; interfaceFontFamily = "JetBrainsMono Nerd Font";
nativeMenus = false; textFontFamily = "JetBrainsMono Nerd Font";
cssTheme = "Catppuccin"; nativeMenus = false;
showRibbon = false; cssTheme = "Catppuccin";
}; showRibbon = false;
communityPlugins = [ };
# keep-sorted start communityPlugins = [
"obsidian-editor-shortcuts" # keep-sorted start
"obsidian-excalidraw-plugin" "obsidian-editor-shortcuts"
"obsidian-livesync" "obsidian-excalidraw-plugin"
"obsidian-relative-line-numbers" "obsidian-livesync"
"oz-clear-unused-images" "obsidian-relative-line-numbers"
"pdf-plus" "oz-clear-unused-images"
"tag-wrangler" "pdf-plus"
"virtual-linker" "tag-wrangler"
# keep-sorted end "virtual-linker"
]; # keep-sorted end
corePlugins = [
# keep-sorted start
"backlink"
"bases"
"bookmarks"
"canvas"
"command-palette"
"daily-notes"
"editor-status"
"file-explorer"
"file-recovery"
"global-search"
"graph"
"markdown-importer"
"note-composer"
"outgoing-link"
"outline"
"page-preview"
"properties"
"random-note"
"slash-command"
"slides"
"switcher"
"tag-pane"
"templates"
"word-count"
"workspaces"
"zk-prefixer"
# keep-sorted end
];
hotkeys = {
"editor:swap-line-down" = [
{
"modifiers" = [ "Alt" ];
"key" = "ArrowDown";
}
]; ];
"editor:swap-line-up" = [ corePlugins = [
{ # keep-sorted start
"modifiers" = [ "Alt" ]; "backlink"
"key" = "ArrowUp"; "bases"
} "bookmarks"
]; "canvas"
"app:toggle-left-sidebar" = [ "command-palette"
{ "daily-notes"
"modifiers" = [ "editor-status"
"Mod" "file-explorer"
"Shift" "file-recovery"
]; "global-search"
"key" = "/"; "graph"
} "markdown-importer"
]; "note-composer"
"app:toggle-right-sidebar" = [ "outgoing-link"
{ "outline"
"modifiers" = [ "page-preview"
"Mod" "properties"
"Shift" "random-note"
]; "slash-command"
"key" = "\\"; "slides"
} "switcher"
]; "tag-pane"
"window:reset-zoom" = [ "templates"
{ "word-count"
"modifiers" = [ "Mod" ]; "workspaces"
"key" = "0"; "zk-prefixer"
} # keep-sorted end
];
"app:go-back" = [
{
"modifiers" = [ "Alt" ];
"key" = "ArrowLeft";
}
];
"app:go-forward" = [
{
"modifiers" = [ "Alt" ];
"key" = "ArrowRight";
}
]; ];
hotkeys = {
"editor:swap-line-down" = [
{
"modifiers" = [ "Alt" ];
"key" = "ArrowDown";
}
];
"editor:swap-line-up" = [
{
"modifiers" = [ "Alt" ];
"key" = "ArrowUp";
}
];
"app:toggle-left-sidebar" = [
{
"modifiers" = [
"Mod"
"Shift"
];
"key" = "/";
}
];
"app:toggle-right-sidebar" = [
{
"modifiers" = [
"Mod"
"Shift"
];
"key" = "\\";
}
];
"window:reset-zoom" = [
{
"modifiers" = [ "Mod" ];
"key" = "0";
}
];
"app:go-back" = [
{
"modifiers" = [ "Alt" ];
"key" = "ArrowLeft";
}
];
"app:go-forward" = [
{
"modifiers" = [ "Alt" ];
"key" = "ArrowRight";
}
];
};
}; };
}; };
}; };
imports = [ ];
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
} }

27
modules/home-manager/features/shell-aliases.nix
View file

@ -1,27 +0,0 @@
{
home.shellAliases = {
# keep-sorted start
",cat" = "bat";
",curl" = "xh";
",cut" = "choose";
",df" = "duf";
",diff" = "delta";
",du" = "dua";
",find" = "fd";
",grep" = "rga";
",ping" = "gping";
",ps" = "procs";
",sed" = "sd";
",ss" = "snitch";
",top" = "btm";
",unzip" = "ripunzip";
"g" = "lazygit";
"l" = "eza";
"la" = "eza -a";
"ls" = "eza";
"ns" = "nh os switch";
"vi" = "nvim";
"vim" = "nvim";
# keep-sorted end
};
}

22
modules/home-manager/features/starship.nix
View file

@ -1,9 +1,21 @@
{ {
programs.starship = { config,
enable = true; lib,
settings.character = { ...
success_symbol = "[%](bold green) "; }:
error_symbol = "[%](bold red) "; let
feature = "starship";
in
{
config = lib.mkIf config.${feature}.enable {
programs.starship = {
enable = true;
settings.character = {
success_symbol = "[%](bold green) ";
error_symbol = "[%](bold red) ";
};
}; };
}; };
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
} }

44
modules/home-manager/features/yazi.nix
View file

@ -1,25 +1,35 @@
{ {
config,
lib,
pkgs, pkgs,
... ...
}: }:
let
feature = "yazi";
in
{ {
programs.yazi = { config = lib.mkIf config.${feature}.enable {
enable = true; programs.yazi = {
shellWrapperName = "y"; enable = true;
plugins = { plugins = {
# keep-sorted start # keep-sorted start
diff = pkgs.yaziPlugins.diff; diff = pkgs.yaziPlugins.diff;
git = pkgs.yaziPlugins.git; git = pkgs.yaziPlugins.git;
mediainfo = pkgs.yaziPlugins.mediainfo; mediainfo = pkgs.yaziPlugins.mediainfo;
mount = pkgs.yaziPlugins.mount; mount = pkgs.yaziPlugins.mount;
ouch = pkgs.yaziPlugins.ouch; ouch = pkgs.yaziPlugins.ouch;
relative-motions = pkgs.yaziPlugins.relative-motions; relative-motions = pkgs.yaziPlugins.relative-motions;
restore = pkgs.yaziPlugins.restore; restore = pkgs.yaziPlugins.restore;
rich-preview = pkgs.yaziPlugins.rich-preview; rich-preview = pkgs.yaziPlugins.rich-preview;
starship = pkgs.yaziPlugins.starship; starship = pkgs.yaziPlugins.starship;
vcs-files = pkgs.yaziPlugins.vcs-files; vcs-files = pkgs.yaziPlugins.vcs-files;
yatline-githead = pkgs.yaziPlugins.yatline-githead; yatline-githead = pkgs.yaziPlugins.yatline-githead;
# keep-sorted end # keep-sorted end
};
}; };
}; };
imports = [ ];
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
} }

164
modules/home-manager/features/zed-editor.nix
View file

@ -1,89 +1,97 @@
{ {
# keep-sorted start config,
lib, lib,
pkgs, pkgs,
# keep-sorted end
... ...
}: }:
let
feature = "zed-editor";
in
{ {
programs.zed-editor = { config = lib.mkIf config.${feature}.enable {
enable = true; programs.zed-editor = {
package = pkgs.zed-editor-fhs; enable = true;
extensions = [ package = pkgs.zed-editor-fhs;
# keep-sorted start extensions = [
"catppuccin" # keep-sorted start
"catppuccin-icons" "catppuccin"
"codebook" "catppuccin-icons"
"emmet" "codebook"
"git-firefly" "emmet"
"haskell" "git-firefly"
"html" "haskell"
"nix" "html"
# keep-sorted end "nix"
]; # keep-sorted end
extraPackages = with pkgs; [ ];
# keep-sorted start extraPackages = with pkgs; [
haskell-language-server # keep-sorted start
nil haskell-language-server
nixd nil
package-version-server nixd
rust-analyzer package-version-server
# keep-sorted end rust-analyzer
]; # keep-sorted end
installRemoteServer = true; ];
userSettings = { installRemoteServer = true;
# keep-sorted start block=yes userSettings = {
base_keymap = "VSCode"; # keep-sorted start block=yes
buffer_font_family = "JetBrainsMono Nerd Font"; base_keymap = "VSCode";
buffer_font_size = 15; buffer_font_family = "JetBrainsMono Nerd Font";
disable_ai = true; buffer_font_size = 15;
icon_theme = "Catppuccin Mocha"; disable_ai = true;
inlay_hints = { icon_theme = "Catppuccin Mocha";
enabled = true; inlay_hints = {
show_value_hints = true; enabled = true;
show_type_hints = true; show_value_hints = true;
show_parameter_hints = true; show_type_hints = true;
show_other_hints = true; show_parameter_hints = true;
show_background = false; show_other_hints = true;
edit_debounce_ms = 700; show_background = false;
scroll_debounce_ms = 50; edit_debounce_ms = 700;
toggle_on_modifiers_press = { scroll_debounce_ms = 50;
control = false; toggle_on_modifiers_press = {
alt = false; control = false;
shift = false; alt = false;
platform = false; shift = false;
function = false; platform = false;
function = false;
};
}; };
# https://wiki.nixos.org/wiki/Zed#rust-analyzer
lsp.rust-analyzer.binary.path = lib.getExe pkgs.rust-analyzer;
minimap = {
show = "auto";
};
preferred_line_length = 80;
relative_line_numbers = true;
soft_wrap = "preferred_line_length";
tab_bar = {
show_nav_history_buttons = false;
};
tab_size = 2;
tabs = {
file_icons = true;
git_status = true;
};
telemetry = {
diagnostics = false;
metrics = false;
};
theme = {
mode = "system";
light = "One Light";
dark = "Catppuccin Mocha";
};
ui_font_family = "JetBrainsMono Nerd Font";
ui_font_size = 16;
vim_mode = true;
# keep-sorted end
}; };
# https://wiki.nixos.org/wiki/Zed#rust-analyzer
lsp.rust-analyzer.binary.path = lib.getExe pkgs.rust-analyzer;
minimap = {
show = "auto";
};
preferred_line_length = 80;
relative_line_numbers = true;
soft_wrap = "preferred_line_length";
tab_bar = {
show_nav_history_buttons = false;
};
tab_size = 2;
tabs = {
file_icons = true;
git_status = true;
};
telemetry = {
diagnostics = false;
metrics = false;
};
theme = {
mode = "system";
light = "One Light";
dark = "Catppuccin Mocha";
};
ui_font_family = "JetBrainsMono Nerd Font";
ui_font_size = 16;
vim_mode = true;
# keep-sorted end
}; };
}; };
imports = [ ];
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
} }

25
modules/home-manager/features/zellij.nix
View file

@ -1,9 +1,24 @@
{ {
programs.zellij = { config,
enable = true; lib,
settings = { ...
theme = "catppuccin-mocha"; }:
show_startup_tips = false; let
feature = "zellij";
in
{
config = lib.mkIf config.${feature}.enable {
programs.zellij = {
enable = true;
settings = {
theme = "catppuccin-mocha";
show_startup_tips = false;
default_shell = "fish";
};
}; };
}; };
imports = [ ];
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
} }

21
modules/home-manager/features/zen-browser.nix
View file

@ -1,13 +1,15 @@
{ {
programs.zen-browser = config,
let lib,
profileName = "fmnikwnj.Default Profile"; ...
in }:
{ let
feature = "zen-browser";
in
{
config = lib.mkIf config.${feature}.enable {
programs.zen-browser = {
enable = true; enable = true;
profiles.${profileName}.settings = {
zen.tabs.vertical.right-side = true;
};
policies = policies =
let let
mkLockedAttrs = builtins.mapAttrs ( mkLockedAttrs = builtins.mapAttrs (
@ -64,4 +66,7 @@
# keep-sorted end # keep-sorted end
}; };
}; };
};
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
} }

25
modules/home-manager/features/zoxide.nix
View file

@ -1,8 +1,23 @@
{ {
programs.zoxide = { config,
enable = true; lib,
options = [ ...
"--cmd j" }:
]; let
feature = "zoxide";
in
{
config = lib.mkIf config.${feature}.enable {
programs.zoxide = {
enable = true;
enableBashIntegration = true;
options = [
"--cmd j"
];
};
}; };
imports = [ ];
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
} }

35
modules/nixos/bundles/desktop.nix
View file

@ -1,13 +1,36 @@
{ {
util, config,
lib,
pkgs,
... ...
}: }:
let
feature = "desktop";
in
{ {
imports = util.toImports ../features [ config = lib.mkIf config.${feature}.enable {
# keep-sorted start # keep-sorted start
"pipewire" pipewire.enable = true;
"print-and-scan" print-and-scan.enable = true;
"protonmail-bridge" protonmail-bridge.enable = true;
# keep-sorted end # keep-sorted end
];
environment.systemPackages = with pkgs; [
# keep-sorted start
beeper
# TODO: replace with lue/epy
calibre
cameractrls-gtk3
# https://github.com/NixOS/nixpkgs/issues/437865
# jellyfin-media-player
# TODO: replace with sc-im/visidata
onlyoffice-desktopeditors
textsnatcher
# keep-sorted end
];
};
imports = [ ];
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
} }

27
modules/nixos/bundles/dev.nix
View file

@ -1,13 +1,26 @@
{ {
config,
lib,
pkgs, pkgs,
... ...
}: }:
let
feature = "dev";
in
{ {
environment.systemPackages = with pkgs; [ config = lib.mkIf config.${feature}.enable {
# keep-sorted start environment.systemPackages = with pkgs; [
bacon # keep-sorted start
cargo-info bacon
mask cargo-info
# keep-sorted end devenv
]; just
mask
rusty-man
vscode
# keep-sorted end
];
};
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
} }

24
modules/nixos/bundles/gui.nix
View file

@ -1,24 +0,0 @@
{
# keep-sorted start
pkgs,
util,
# keep-sorted end
...
}:
{
imports = util.toImports ../features [
# keep-sorted start
"fonts"
# keep-sorted end
];
environment.systemPackages = with pkgs; [
# keep-sorted start
cameractrls-gtk3
jellyfin-desktop
libreoffice
signal-desktop
textsnatcher
# keep-sorted end
];
}

62
modules/nixos/bundles/server.nix
View file

@ -1,41 +1,39 @@
{ {
util, config,
lib,
... ...
}: }:
let
feature = "server";
in
{ {
imports = util.toImports ../features [ config = lib.mkIf config.${feature}.enable {
# keep-sorted start # keep-sorted start
"bazarr" copyparty.enable = true;
"caddy" couchdb.enable = true;
"copyparty" flaresolverr.enable = true;
"couchdb" homepage-dashboard.enable = true;
"cryptpad" immich.enable = true;
"fi33.buzz" jellyfin.enable = true;
"gatus" lidarr.enable = true;
"homepage-dashboard" miniflux.enable = true;
"immich" nginx.enable = true;
"jellyfin" ntfy-sh.enable = true;
"kavita" paperless.enable = true;
"libretranslate" prowlarr.enable = true;
"lidarr" qbittorrent.enable = true;
"mealie" radarr.enable = true;
"miniflux" sonarr.enable = true;
"ntfy-sh" syncthing.enable = true;
"nzbget" vaultwarden.enable = true;
"paperless"
"prowlarr"
"qbittorrent"
"radarr"
"radicale"
"readarr"
"send"
"sonarr"
"vaultwarden"
# keep-sorted end # keep-sorted end
];
services.borgbackup.jobs = { users.groups.media = { };
onsite.paths = [ "/srv" ];
offsite.paths = [ "/srv" ]; services.borgmatic.settings.source_directories = [ "/srv" ];
}; };
imports = [ ];
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
} }

47
modules/nixos/default.nix
View file

@ -1,35 +1,44 @@
{ {
# keep-sorted start lib,
pkgs, pkgs,
util,
# keep-sorted end
... ...
}: }:
let
featureBundler =
featuresDir:
map (name: featuresDir + "/${name}") (builtins.attrNames (builtins.readDir featuresDir));
in
{ {
imports = util.toImports ./features [ imports = (featureBundler ./bundles) ++ (featureBundler ./features);
# keep-sorted start # keep-sorted start
"agenix" agenix.enable = lib.mkDefault true;
"localisation" fonts.enable = lib.mkDefault true;
"network" localisation.enable = lib.mkDefault true;
"nh" network.enable = lib.mkDefault true;
"nix" nh.enable = lib.mkDefault true;
"nixvim" nix-settings.enable = lib.mkDefault true;
"syncthing" nixpkgs.enable = lib.mkDefault true;
"systemd-boot" nixvim.enable = lib.mkDefault true;
# keep-sorted end syncthing.enable = lib.mkDefault true;
]; systemd-boot.enable = lib.mkDefault true;
tailscale.enable = lib.mkDefault true;
# keep-sorted end
environment.systemPackages = environment.systemPackages =
with pkgs; with pkgs;
[ [
# keep-sorted start # keep-sorted start
bottom # top
broot # large directory browser broot # large directory browser
choose # cut choose # cut
circumflex # hacker news browsing
cointop # crypto ticker
ddgr # web search ddgr # web search
doggo # dns dogdns # dns
dua # du dua # du
duf # df duf # df
epy # ebook reading epy # ebook reading
fd # find
fselect # find with sql syntax fselect # find with sql syntax
fx # json processor and viewer fx # json processor and viewer
fzf # fuzzy finder fzf # fuzzy finder
@ -39,12 +48,13 @@
hexyl # hexadecimal viewer hexyl # hexadecimal viewer
hyperfine # benchmarking tool hyperfine # benchmarking tool
keep-sorted # alphabetical formatter keep-sorted # alphabetical formatter
lazygit # git tui
mprocs # run long running commands and monitor output mprocs # run long running commands and monitor output
navi # cheatsheet browser navi # cheatsheet browser
nb # note taking nb # note taking
nil # nix language server nil # nix language server
nixd # nix language server nixd # nix language server
nixfmt # nix file formatting nixfmt-rfc-style # nix file formatting
nom # stylistic nix dependency graphs nom # stylistic nix dependency graphs
pastel # colour generation pastel # colour generation
pdd # datetime calculations pdd # datetime calculations
@ -56,11 +66,10 @@
ripunzip # unzip ripunzip # unzip
sd # sed sd # sed
slides # presentations slides # presentations
snitch # netstat
ticker # stock ticker ticker # stock ticker
tldr # cheat sheets tldr # cheat sheets
tmpmail # temporary email address tmpmail # temporary email address
# topydo # todo.txt helper tool topydo # todo.txt helper tool
tt # typing test tt # typing test
wtfutil # terminal homepage wtfutil # terminal homepage
xh # curl xh # curl

15
modules/nixos/features/agenix.nix
View file

@ -1,14 +1,21 @@
{ {
# keep-sorted start config,
inputs, inputs,
lib,
system, system,
userName, userName,
# keep-sorted end
... ...
}: }:
let
feature = "agenix";
in
{ {
environment.systemPackages = [ inputs.agenix.packages.${system}.default ]; config = lib.mkIf config.${feature}.enable {
age.identityPaths = [ "/home/${userName}/.ssh/id_ed25519" ]; environment.systemPackages = [ inputs.agenix.packages.${system}.default ];
age.identityPaths = [ "/home/${userName}/.ssh/id_ed25519" ];
};
imports = [ inputs.agenix.nixosModules.default ]; imports = [ inputs.agenix.nixosModules.default ];
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
} }

27
modules/nixos/features/amd-gpu.nix
View file

@ -1,11 +1,26 @@
{ {
# load graphics drivers before anything else config,
boot.initrd.kernelModules = [ "amdgpu" ]; lib,
pkgs,
...
}:
let
feature = "amd-gpu";
in
{
config = lib.mkIf config.${feature}.enable {
hardware.graphics = { # load graphics drivers before anything else
enable = true; boot.initrd.kernelModules = [ "amdgpu" ];
enable32Bit = true;
hardware.graphics = {
enable = true;
enable32Bit = true;
extraPackages = with pkgs; [ amdvlk ];
};
services.xserver.videoDrivers = [ "amdgpu" ];
}; };
services.xserver.videoDrivers = [ "amdgpu" ]; options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
} }

38
modules/nixos/features/bazarr.nix
View file

@ -1,38 +0,0 @@
let
port = 5017;
certloc = "/var/lib/acme/fi33.buzz";
hostname = "subtitles.fi33.buzz";
url = "https://${hostname}";
in
{
services = {
bazarr = {
enable = true;
dataDir = "/srv/bazarr";
group = "srv";
listenPort = port;
};
gatus.settings.endpoints = [
{
name = "Bazarr";
group = "Media Management";
inherit url;
interval = "5m";
conditions = [
"[STATUS] == 200"
"[CONNECTED] == true"
"[RESPONSE_TIME] < 500"
];
alerts = [ { type = "ntfy"; } ];
}
];
caddy.virtualHosts.${hostname}.extraConfig = ''
reverse_proxy localhost:${toString port}
tls ${certloc}/cert.pem ${certloc}/key.pem {
protocols tls1.3
}
'';
};
}

57
modules/nixos/features/borgbackup.nix
View file

@ -1,57 +0,0 @@
{
config,
pkgs,
...
}:
let
jobConfig = {
compression = "auto,zlib";
doInit = false;
preHook = ''
/run/wrappers/bin/sudo -u postgres ${pkgs.postgresql}/bin/pg_dumpall > /srv/backup/database/postgres/dump.sql
'';
postHook = ''
rm /srv/backup/database/postgres/dump.sql
'';
prune.keep = {
daily = 7;
weekly = 4;
monthly = 6;
yearly = 1;
};
readWritePaths = [
"/srv/backup"
];
startAt = "*-*-* 03:00:00";
extraCreateArgs = [ "-v" ];
};
in
{
services.borgbackup = {
jobs = {
onsite = {
encryption = {
passCommand = "cat ${config.age.secrets.borgbackup-onsite.path}";
mode = "repokey-blake2";
};
removableDevice = true;
repo = "/mnt/external/backup/take2";
}
// jobConfig;
offsite = {
encryption = {
passCommand = "cat ${config.age.secrets.borgbackup-offsite.path}";
mode = "repokey-blake2";
};
environment.BORG_RSH = "ssh -i /home/srv/.ssh/id_ed25519";
repo = "ssh://vuc5c3xq@vuc5c3xq.repo.borgbase.com/./repo";
}
// jobConfig;
};
};
age.secrets = {
borgbackup-onsite.file = ../../../secrets/borgbackup-onsite.age;
borgbackup-offsite.file = ../../../secrets/borgbackup-offsite.age;
};
}

148
modules/nixos/features/borgmatic.nix
View file

@ -1,82 +1,92 @@
{ {
# keep-sorted start
config, config,
lib, lib,
# keep-sorted end
... ...
}: }:
let
feature = "borgmatic";
in
{ {
# service config = lib.mkIf config.${feature}.enable {
services.borgmatic = { # service
enable = true; services.borgmatic = {
settings = { enable = true;
# keep-sorted start block=yes settings = {
compression = "auto,zlib"; # keep-sorted start block=yes
encryption_passcommand = "cat ${config.age.secrets.borgmatic.path}"; compression = "auto,zlib";
keep_daily = 7; encryption_passcommand = "cat ${config.age.secrets.borgmatic.path}";
keep_monthly = 6; keep_daily = 7;
keep_weekly = 4; keep_monthly = 6;
keep_yearly = 1; keep_weekly = 4;
ntfy = { keep_yearly = 1;
topic = "backups"; ntfy = {
server = config.services.ntfy-sh.settings.base-url; topic = "backups";
username = "borgmatic"; server = config.services.ntfy-sh.settings.base-url;
password = "{credential file ${config.age.secrets.borgmatic-ntfy.path}}"; finish = {
finish = { title = "Ping!";
title = "Ping!"; message = "Your backups have succeeded :)";
message = "Your backups have succeeded :)"; tags = "tada,BorgBackup,Server";
tags = "tada,BorgBackup,Server"; };
fail = {
title = "Ping!";
message = "Your backups have failed :(";
tags = "rotating_light,BorgBackup,Server";
};
states = [
"finish"
"fail"
];
}; };
fail = { repositories = [
title = "Ping!"; {
message = "Your backups have failed :("; path = "/backup/repo";
tags = "rotating_light,BorgBackup,Server"; label = "onsite";
}; # encryption = "repokey-blake2";
states = [ }
"finish" {
"fail" path = "ssh://vuc5c3xq@vuc5c3xq.repo.borgbase.com/./repo";
label = "offsite";
# encryption = "repokey-blake2";
}
]; ];
retries = 3;
retry_wait = 10;
ssh_command = "ssh -i /home/srv/.ssh/id_ed25519";
# keep-sorted end
}; };
relocated_repo_access_is_ok = true; };
repositories = [
{ # postgres
path = "/mnt/external/backup/repo"; services.postgresql.ensureUsers = [
label = "onsite"; {
} name = "root";
{ }
path = "ssh://vuc5c3xq@vuc5c3xq.repo.borgbase.com/./repo"; ];
label = "offsite"; systemd.services.postgresql.postStart = lib.mkAfter ''
} /run/current-system/sw/bin/psql postgres -c "GRANT pg_read_all_data TO root"
]; '';
retries = 3; systemd.services.borgmatic.path = [
retry_wait = 10; config.services.postgresql.package
ssh_command = "ssh -i /home/srv/.ssh/id_ed25519"; ];
# keep-sorted end
# credentials
systemd.services.borgmatic.serviceConfig.LoadCredential = [
"borgmatic-pg:${config.age.secrets.borgmatic-pg.path}"
];
# onsite drive
services.udisks2.enable = true;
fileSystems."/backup" = {
device = "/dev/disk/by-uuid/d3b3d7dc-d634-4327-9ea2-9d8daa4ecf4e";
fsType = "ext4";
};
# secrets
age.secrets = {
"borgmatic".file = ../../../secrets/borgmatic.age;
"borgmatic-pg".file = ../../../secrets/borgmatic-pg.age;
}; };
}; };
# postgres options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
services.postgresql.ensureUsers = [
{
name = "root";
}
];
systemd.services.postgresql.postStart = lib.mkAfter ''
/run/current-system/sw/bin/psql postgres -c "GRANT pg_read_all_data TO root"
'';
systemd.services.borgmatic.path = [
config.services.postgresql.package
];
# credentials
systemd.services.borgmatic.serviceConfig.LoadCredential = [
"borgmatic-pg:${config.age.secrets.borgmatic-pg.path}"
];
# secrets
age.secrets = {
"borgmatic".file = ../../../secrets/borgmatic.age;
"borgmatic-ntfy".file = ../../../secrets/borgmatic-ntfy.age;
"borgmatic-pg".file = ../../../secrets/borgmatic-pg.age;
};
} }

29
modules/nixos/features/caddy.nix
View file

@ -1,29 +0,0 @@
{
config,
...
}:
{
services.caddy = {
enable = true;
dataDir = "/srv/caddy";
globalConfig = ''
auto_https disable_redirects
'';
openFirewall = true;
};
security.acme = {
acceptTerms = true;
defaults.email = "festive-steed-fit@duck.com";
certs."fi33.buzz" = {
group = config.services.caddy.group;
domain = "fi33.buzz";
extraDomainNames = [ "*.fi33.buzz" ];
dnsProvider = "porkbun";
dnsPropagationCheck = true;
credentialsFile = config.age.secrets."porkbun-api".path;
};
};
age.secrets."porkbun-api".file = ../../../secrets/porkbun-api.age;
}

97
modules/nixos/features/copyparty.nix
View file

@ -1,70 +1,67 @@
{ {
# keep-sorted start
config, config,
lib,
inputs, inputs,
# keep-sorted end
... ...
}: }:
let let
port = 5000; feature = "copyparty";
certloc = "/var/lib/acme/fi33.buzz"; port = "5000";
hostname = "files.fi33.buzz";
url = "https://${hostname}";
in in
{ {
imports = [ inputs.copyparty.nixosModules.default ]; imports = [ inputs.copyparty.nixosModules.default ];
services = { config = lib.mkIf config.${feature}.enable {
copyparty = { services = {
enable = true; # service
settings = { copyparty = {
z = true; enable = true;
e2dsa = true; settings = {
e2ts = true; z = true;
e2vu = true; e2dsa = true;
p = port; e2ts = true;
xff-hdr = "x-forwarded-for"; e2vu = true;
rproxy = 1; p = lib.toInt port;
};
accounts = {
will = {
passwordFile = config.age.secrets.copyparty-will.path;
};
};
volumes = {
"/" = {
path = "/srv/copyparty";
access = {
r = "*";
A = [ "will" ];
};
};
};
}; };
accounts.Impatient7119.passwordFile = config.age.secrets.copyparty.path; # reverse proxy
nginx = {
volumes."/" = { virtualHosts."${feature}.fi33.buzz" = {
path = "/srv/copyparty"; forceSSL = true;
access = { useACMEHost = "fi33.buzz";
A = [ "Impatient7119" ]; locations."/" = {
proxyPass = "http://localhost:${port}";
# proxyWebsockets = true;
};
}; };
}; };
}; };
gatus.settings.endpoints = [ # secrets
{ age.secrets."copyparty-will" = {
name = "copyparty"; file = ../../../secrets/copyparty-will.age;
group = "Private Services"; owner = "copyparty";
inherit url; };
interval = "5m";
conditions = [
"[STATUS] == 200"
"[CONNECTED] == true"
"[RESPONSE_TIME] < 500"
];
alerts = [ { type = "ntfy"; } ];
}
];
caddy.virtualHosts.${hostname}.extraConfig = '' nixpkgs.overlays = [ inputs.copyparty.overlays.default ];
reverse_proxy localhost:${toString port}
tls ${certloc}/cert.pem ${certloc}/key.pem {
protocols tls1.3
}
'';
}; };
# secrets options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
age.secrets."copyparty" = {
file = ../../../secrets/copyparty.age;
owner = "copyparty";
};
nixpkgs.overlays = [ inputs.copyparty.overlays.default ];
} }

102
modules/nixos/features/couchdb.nix
View file

@ -1,62 +1,60 @@
{
config,
lib,
...
}:
let let
port = 5984; feature = "couchdb";
certloc = "/var/lib/acme/fi33.buzz"; port = "5984";
hostname = "couchdb.fi33.buzz";
url = "https://${hostname}";
in in
{ {
services = { config = lib.mkIf config.${feature}.enable {
couchdb = { services = {
enable = true; # service
databaseDir = "/srv/couchdb"; couchdb = {
viewIndexDir = "/srv/couchdb"; enable = true;
configFile = "/srv/couchdb"; databaseDir = "/srv/couchdb";
inherit port; viewIndexDir = "/srv/couchdb";
extraConfig = { configFile = "/srv/couchdb";
chttpd = { port = lib.toInt port;
require_valid_user = true; extraConfig = {
enable_cors = true; chttpd = {
max_http_request_size = 4294967296; require_valid_user = true;
enable_cors = true;
max_http_request_size = 4294967296;
};
chttpd_auth.require_valid_user = true;
httpd = {
WWW-Authenticate = ''Basic realm="couchdb"'';
enable_cors = true;
};
couchdb.max_document_size = 50000000;
cors = {
credentials = true;
origins = ''
app://obsidian.md,capacitor://localhost,http://localhost,https://localhost,capacitor://couchdb.fi33.buzz,http://couchdb.fi33.buzz,https://couchdb.fi33.buzz
'';
};
}; };
};
chttpd_auth.require_valid_user = true; # reverse proxy
nginx = {
httpd = { virtualHosts."${feature}.fi33.buzz" = {
WWW-Authenticate = ''Basic realm="couchdb"''; forceSSL = true;
enable_cors = true; useACMEHost = "fi33.buzz";
}; locations."/" = {
proxyPass = "http://localhost:${port}";
couchdb.max_document_size = 50000000; # proxyWebsockets = true;
};
cors = {
credentials = true;
origins = ''
app://obsidian.md,capacitor://localhost,http://localhost,https://localhost,capacitor://${hostname},http://${hostname},${url}
'';
}; };
}; };
}; };
gatus.settings.endpoints = [
{
name = "CouchDB";
group = "Private Services";
inherit url;
interval = "5m";
conditions = [
"[STATUS] == 401"
"[CONNECTED] == true"
"[RESPONSE_TIME] < 500"
];
alerts = [ { type = "ntfy"; } ];
}
];
caddy.virtualHosts.${hostname}.extraConfig = ''
reverse_proxy localhost:${toString port}
tls ${certloc}/cert.pem ${certloc}/key.pem {
protocols tls1.3
}
'';
}; };
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
} }

66
modules/nixos/features/cryptpad.nix
View file

@ -1,66 +0,0 @@
let
httpPort = 5022;
websocketPort = 5024;
certloc = "/var/lib/acme/fi33.buzz";
hostname = "cryptpad.fi33.buzz";
url = "https://${hostname}";
in
{
services = {
cryptpad = {
enable = true;
settings = {
inherit httpPort;
inherit websocketPort;
httpUnsafeOrigin = url;
httpSafeOrigin = "https://cryptpad-ui.fi33.buzz";
inactiveTime = 7;
archiveRetentionTime = 7;
accountRetentionTime = 7;
};
};
gatus.settings.endpoints = [
{
name = "CryptPad";
group = "Public Services";
inherit url;
interval = "5m";
conditions = [
"[STATUS] == 200"
"[CONNECTED] == true"
"[RESPONSE_TIME] < 500"
];
alerts = [ { type = "ntfy"; } ];
}
];
caddy.virtualHosts."${hostname} cryptpad-ui.fi33.buzz".extraConfig = ''
header Strict-Transport-Security "includeSubDomains; preload"
handle /cryptpad_websocket* {
reverse_proxy localhost:${toString websocketPort} {
header_up Host {host}
header_up X-Real-IP {remote_host}
}
}
handle {
reverse_proxy localhost:${toString httpPort} {
header_up Host {host}
header_up X-Real-IP {remote_host}
}
}
@register {
host ${hostname}
path /register*
}
respond @register 403
tls ${certloc}/cert.pem ${certloc}/key.pem {
protocols tls1.3
}
'';
};
}

18
modules/nixos/features/external-speakers.nix
View file

@ -1,5 +1,17 @@
{ {
boot.extraModprobeConfig = '' config,
options snd_hda_intel power_save=0 lib,
''; ...
}:
let
feature = "external-speakers";
in
{
config = lib.mkIf config.${feature}.enable {
boot.extraModprobeConfig = ''
options snd_hda_intel power_save=0
'';
};
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
} }

19
modules/nixos/features/fi33.buzz.nix
View file

@ -1,19 +0,0 @@
let
certloc = "/var/lib/acme/fi33.buzz";
hostname = "www.fi33.buzz";
in
{
# TODO why can't I serve content on fi33.buzz? dns propagation issue?
services.caddy.virtualHosts = {
"fi33.buzz".extraConfig = ''
redir https://www.fi33.buzz{uri} permanent
'';
${hostname}.extraConfig = ''
root * /srv/fi33.buzz/public
file_server
tls ${certloc}/cert.pem ${certloc}/key.pem {
protocols tls1.3
}
'';
};
}

50
modules/nixos/features/firefly.nix
View file

@ -1,50 +0,0 @@
{
config,
...
}:
let
certloc = "/var/lib/acme/fi33.buzz";
in
{
services = {
firefly-iii = {
enable = true;
dataDir = "/srv/firefly";
group = config.services.caddy.group;
settings = {
# keep-sorted start
ALLOW_WEBHOOKS = "true";
APP_KEY_FILE = config.age.secrets.firefly.path;
APP_URL = "https://firefly.fi33.buzz";
DEFAULT_LANGUAGE = "en_GB";
REPORT_ERRORS_ONLINE = "false";
TRUSTED_PROXIES = "**";
TZ = "Australia/Melbourne";
# keep-sorted end
};
};
caddy.virtualHosts."firefly.fi33.buzz".extraConfig = ''
root * ${config.services.firefly-iii.package}/public
php_fastcgi unix//${config.services.phpfpm.pools.firefly-iii.socket}
try_files {path} {path}/ /index.php?{query}
file_server {
index index.php
}
tls ${certloc}/cert.pem ${certloc}/key.pem {
protocols tls1.3
}
'';
};
age.secrets = {
firefly = {
file = ../../../secrets/firefly.age;
owner = "firefly-iii";
};
firefly-db = {
file = ../../../secrets/firefly-db.age;
owner = "firefly-iii";
};
};
}

34
modules/nixos/features/flaresolverr.nix Normal file
View file

@ -0,0 +1,34 @@
{
config,
lib,
...
}:
let
feature = "flaresolverr";
port = "5011";
in
{
config = lib.mkIf config.${feature}.enable {
services = {
# service
flaresolverr = {
enable = true;
port = lib.toInt port;
};
# reverse proxy
nginx = {
virtualHosts."${feature}.fi33.buzz" = {
forceSSL = true;
useACMEHost = "fi33.buzz";
locations."/" = {
proxyPass = "http://localhost:${port}";
# proxyWebsockets = true;
};
};
};
};
};
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
}

19
modules/nixos/features/fonts.nix
View file

@ -1,10 +1,21 @@
{ {
config,
lib,
pkgs, pkgs,
... ...
}: }:
let
feature = "fonts";
in
{ {
fonts.packages = with pkgs; [ config = lib.mkIf config.${feature}.enable {
nerd-fonts.jetbrains-mono fonts.packages = with pkgs; [
inter-nerdfont nerd-fonts.jetbrains-mono
]; inter-nerdfont
];
};
imports = [ ];
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
} }

58
modules/nixos/features/gaming.nix
View file

@ -1,34 +1,44 @@
{ {
config,
lib,
pkgs, pkgs,
... ...
}: }:
let
feature = "gaming";
in
{ {
environment.systemPackages = with pkgs; [ config = lib.mkIf config.${feature}.enable {
# keep-sorted start environment.systemPackages = with pkgs; [
heroic # keep-sorted start
mangohud heroic
prismlauncher lutris
protonup-qt mangohud
wine nexusmods-app
wine64 prismlauncher
winetricks protonup-qt
# keep-sorted end wine
]; wine64
winetricks
# keep-sorted end
];
programs = { programs = {
gamemode.enable = true; gamemode.enable = true;
gamescope.enable = true; steam = {
steam = { enable = true;
enable = true; gamescopeSession.enable = true;
gamescopeSession.enable = true; };
}; };
services.lact = {
enable = true;
settings = { };
};
# latest kernel
boot.kernelPackages = pkgs.linuxPackages_latest;
}; };
services.lact = { options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
enable = true;
settings = { };
};
# latest kernel
# boot.kernelPackages = pkgs.linuxPackages_latest;
} }

55
modules/nixos/features/gatus.nix
View file

@ -1,55 +0,0 @@
{
config,
...
}:
let
port = 5025;
certloc = "/var/lib/acme/fi33.buzz";
hostname = "status.fi33.buzz";
url = "https://${hostname}";
in
{
services = {
gatus = {
enable = true;
environmentFile = config.age.secrets.gatus.path;
settings = {
alerting = {
ntfy = {
topic = "services";
url = config.services.ntfy-sh.settings.base-url;
token = "$NTFY_TOKEN";
click = url;
default-alert = {
description = "Health Check Failed";
send-on-resolved = true;
};
};
};
connectivity.checker = {
target = "1.1.1.1:53";
interval = "60s";
};
ui = {
title = "Health Dashboard | Fi33Buzz";
description = "Fi33Buzz health dashboard";
dashboard-heading = "";
dashboard-subheading = "";
header = "Fi33Buzz Status";
link = "https://home.fi33.buzz/";
default-sort-by = "group";
};
web.port = port;
};
};
caddy.virtualHosts.${hostname}.extraConfig = ''
reverse_proxy localhost:${toString port}
tls ${certloc}/cert.pem ${certloc}/key.pem {
protocols tls1.3
}
'';
};
age.secrets.gatus.file = ../../../secrets/gatus.age;
}

93
modules/nixos/features/gnome.nix
View file

@ -1,50 +1,59 @@
{ {
config,
lib,
pkgs, pkgs,
... ...
}: }:
let
feature = "gnome";
in
{ {
services = { config = lib.mkIf config.${feature}.enable {
desktopManager.gnome.enable = true; services = {
displayManager.gdm.enable = true; desktopManager.gnome.enable = true;
displayManager.gdm.enable = true;
};
environment = {
# https://discourse.nixos.org/t/howto-disable-most-gnome-default-applications-and-what-they-are/13505
gnome.excludePackages = with pkgs; [
# keep-sorted start
# baobab # disk usage analyzer
# cheese # photo booth
# eog # image viewer
epiphany # web browser
evince # document viewer
# file-roller # archive manager
geary # email client
gedit # text editor
gnome-calculator
gnome-calendar
gnome-characters
gnome-clocks
# gnome-disk-utility
gnome-connections
gnome-contacts
gnome-font-viewer
gnome-logs
gnome-maps
gnome-music
gnome-photos
# gnome-screenshot
# gnome-system-monitor
gnome-terminal
gnome-weather
seahorse # password manager
# simple-scan # document scanner
totem # video player
yelp # help viewer
# keep-sorted end
];
systemPackages = with pkgs; [
gnome-tweaks
bibata-cursors
];
};
}; };
environment = { options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
# https://discourse.nixos.org/t/howto-disable-most-gnome-default-applications-and-what-they-are/13505
gnome.excludePackages = with pkgs; [
# keep-sorted start
# baobab # disk usage analyzer
# cheese # photo booth
# eog # image viewer
epiphany # web browser
evince # document viewer
# file-roller # archive manager
geary # email client
gedit # text editor
gnome-calculator
gnome-calendar
gnome-characters
gnome-clocks
# gnome-disk-utility
gnome-connections
gnome-contacts
gnome-font-viewer
gnome-logs
gnome-maps
gnome-music
gnome-photos
# gnome-screenshot
# gnome-system-monitor
gnome-terminal
gnome-weather
seahorse # password manager
# simple-scan # document scanner
totem # video player
yelp # help viewer
# keep-sorted end
];
systemPackages = with pkgs; [
gnome-tweaks
bibata-cursors
];
};
} }

682
modules/nixos/features/homepage-dashboard.nix
View file

@ -1,13 +1,12 @@
{ {
# keep-sorted start
config, config,
lib, lib,
pkgs, pkgs,
# keep-sorted end
... ...
}: }:
let let
port = 5004; feature = "homepage-dashboard";
port = "5004";
genSecrets = genSecrets =
secrets: secrets:
lib.genAttrs secrets (secret: { lib.genAttrs secrets (secret: {
@ -25,441 +24,290 @@ let
# keep-sorted start # keep-sorted start
"immich" "immich"
"jellyfin" "jellyfin"
"kavita-api"
"lidarr" "lidarr"
"mealie"
"miniflux" "miniflux"
"nzbget"
"paperless" "paperless"
"prowlarr" "prowlarr"
"radarr" "radarr"
"readarr"
"sonarr" "sonarr"
"subtitles"
# keep-sorted end # keep-sorted end
]; ];
certloc = "/var/lib/acme/fi33.buzz";
hostname = "home.fi33.buzz";
url = "https://${hostname}";
in in
{ {
services = { config = lib.mkIf config.${feature}.enable {
homepage-dashboard = { services = {
enable = true; # service
listenPort = port; homepage-dashboard = {
allowedHosts = hostname; enable = true;
services = [ listenPort = lib.toInt port;
{ allowedHosts = "homepage-dashboard.fi33.buzz";
"Public Services" = [ services = [
{ # keep-sorted start block=yes
CryptPad = {
description = "Collaborative office suite";
icon = "cryptpad.svg";
href = "https://cryptpad.fi33.buzz/";
siteMonitor = "https://cryptpad.fi33.buzz/";
};
}
{
LibreTranslate = {
description = "Machine Translation API";
icon = "libretranslate.svg";
href = "https://translate.fi33.buzz/";
siteMonitor = "https://translate.fi33.buzz/";
};
}
{
Send = {
description = "Simple, private file sharing";
icon = "send.svg";
href = "https://send.fi33.buzz/";
siteMonitor = "https://send.fi33.buzz/";
};
}
];
}
{
"Media Management" = [
{
Radarr = {
description = "Movie organizer/manager";
icon = "radarr.svg";
href = "https://movies.fi33.buzz/";
siteMonitor = "https://movies.fi33.buzz/";
widget = {
type = "radarr";
url = "https://movies.fi33.buzz/";
key = "@radarr@";
enableQueue = true;
};
};
}
{
Sonarr = {
description = "Smart PVR";
icon = "sonarr.svg";
href = "https://shows.fi33.buzz/";
siteMonitor = "https://shows.fi33.buzz/";
widget = {
type = "sonarr";
url = "https://shows.fi33.buzz/";
key = "@sonarr@";
enableQueue = true;
};
};
}
{
Lidarr = {
description = "Like Sonarr but made for music";
icon = "lidarr.svg";
href = "https://music.fi33.buzz/";
siteMonitor = "https://music.fi33.buzz/";
widget = {
type = "lidarr";
url = "https://music.fi33.buzz/";
key = "@lidarr@";
enableQueue = true;
};
};
}
{
Readarr = {
description = "Book Manager and Automation";
icon = "readarr.svg";
href = "https://books.fi33.buzz/";
siteMonitor = "https://books.fi33.buzz/";
widget = {
type = "readarr";
url = "https://books.fi33.buzz/";
key = "@readarr@";
enableQueue = true;
};
};
}
{
Bazarr = {
description = "Subtitle manager and downloader";
icon = "bazarr.svg";
href = "https://subtitles.fi33.buzz/";
siteMonitor = "https://subtitles.fi33.buzz/";
widget = {
type = "bazarr";
url = "https://subtitles.fi33.buzz/";
key = "@subtitles@";
};
};
}
{
Prowlarr = {
description = "Indexer manager/proxy";
icon = "prowlarr.svg";
href = "https://prowlarr.fi33.buzz/";
siteMonitor = "https://prowlarr.fi33.buzz/";
widget = {
type = "prowlarr";
url = "https://prowlarr.fi33.buzz/";
key = "@prowlarr@";
};
};
}
{
NZBget = {
description = "Usenet Downloader";
icon = "nzbget.svg";
href = "https://usenet.fi33.buzz/";
siteMonitor = "https://usenet.fi33.buzz/";
widget = {
type = "nzbget";
url = "https://usenet.fi33.buzz/";
username = "nzbget";
password = "@nzbget@";
};
};
}
{
qBittorrent = {
description = "BitTorrent client";
icon = "qbittorrent.svg";
href = "https://bittorrent.fi33.buzz/";
siteMonitor = "https://bittorrent.fi33.buzz/";
};
}
];
}
{
"Private Services" = [
{
copyparty = {
description = "Portable file server";
icon = "sh-copyparty.svg";
href = "https://files.fi33.buzz/";
siteMonitor = "https://files.fi33.buzz/";
};
}
{
CouchDB = {
description = "Syncing database";
icon = "couchdb.svg";
href = "https://couchdb.fi33.buzz/_utils/";
siteMonitor = "https://couchdb.fi33.buzz/_utils/";
};
}
{
Mealie = {
description = "Recipe manager and meal planner";
icon = "mealie.svg";
href = "https://mealie.fi33.buzz/";
siteMonitor = "https://mealie.fi33.buzz/";
widget = {
type = "mealie";
url = "https://mealie.fi33.buzz/";
version = 2;
key = "@mealie@";
};
};
}
{
ntfy = {
description = "Send push notifications using PUT/POST";
icon = "ntfy.svg";
href = "https://notify.fi33.buzz/";
siteMonitor = "https://notify.fi33.buzz/";
};
}
{
Radicale = {
description = "A simple CalDAV (calendar) and CardDAV (contact) server";
icon = "radicale.svg";
href = "https://caldav.fi33.buzz";
siteMonitor = "https://caldav.fi33.buzz";
};
}
{
Syncthing = {
description = "Open Source Continuous File Synchronization";
icon = "syncthing.svg";
href = "https://sync.fi33.buzz/";
siteMonitor = "https://sync.fi33.buzz/";
};
}
{
Vaultwarden = {
description = "Unofficial Bitwarden compatible server";
icon = "vaultwarden.svg";
href = "https://vault.fi33.buzz/";
siteMonitor = "https://vault.fi33.buzz/";
};
}
];
}
{
"Media Streaming" = [
{
Immich = {
description = "Photo and video management solution";
icon = "immich.svg";
href = "https://photos.fi33.buzz/";
siteMonitor = "https://photos.fi33.buzz/";
widget = {
type = "immich";
fields = [
"users"
"photos"
"videos"
"storage"
];
url = "https://photos.fi33.buzz/";
version = 2;
key = "@immich@";
};
};
}
{
Jellyfin = {
description = "Media System";
icon = "jellyfin.svg";
href = "https://media.fi33.buzz/";
siteMonitor = "https://media.fi33.buzz/";
widget = {
type = "jellyfin";
url = "https://media.fi33.buzz/";
key = "@jellyfin@";
enableBlocks = true;
enableNowPlaying = true;
enableUser = true;
showEpisodeNumber = true;
expandOneStreamToTwoRows = false;
};
};
}
{
Kavita = {
description = "Reading server";
icon = "kavita.svg";
href = "https://library.fi33.buzz/";
siteMonitor = "https://library.fi33.buzz/";
widget = {
type = "kavita";
url = "https://library.fi33.buzz/";
key = "@kavita-api@";
};
};
}
{
Miniflux = {
description = "Feed reader";
icon = "miniflux.svg";
href = "https://feeds.fi33.buzz/";
siteMonitor = "https://feeds.fi33.buzz/";
widget = {
type = "miniflux";
url = "https://feeds.fi33.buzz/";
key = "@miniflux@";
};
};
}
{
Paperless = {
description = "Document management system";
icon = "paperless.svg";
href = "https://documents.fi33.buzz/";
siteMonitor = "https://documents.fi33.buzz/";
widget = {
type = "paperlessngx";
url = "https://documents.fi33.buzz/";
username = "admin";
password = "@paperless@";
};
};
}
];
}
{
Utilities = [
{
Gatus = {
description = "Status page";
icon = "gatus.svg";
href = "https://status.fi33.buzz/";
siteMonitor = "https://status.fi33.buzz/";
widget = {
type = "gatus";
url = "https://status.fi33.buzz/";
};
};
}
{
NanoKVM = {
description = "Remote KVM switch";
icon = "mdi-console.svg";
href = "http://nano-kvm/";
};
}
];
}
];
settings = {
title = "Mission Control";
theme = "dark";
color = "neutral";
headerStyle = "clean";
hideVersion = true;
layout = [
{ {
"Public Services" = { "Cloud Services" = [
style = "row"; {
columns = 3; "copyparty" = {
useEqualHeights = true; "description" = "Cloud file manager";
"icon" = "sh-copyparty.svg";
"href" = "https://copyparty.fi33.buzz/";
};
}
{
"CouchDB" = {
"description" = "Obsidian sync database";
"icon" = "couchdb.svg";
"href" = "https://couchdb.fi33.buzz/_utils/";
};
}
{
"ntfy" = {
"description" = "Notification service";
"icon" = "ntfy.svg";
"href" = "https://ntfy-sh.fi33.buzz/";
};
}
{
"Syncthing" = {
"description" = "Decentralised file synchronisation";
"icon" = "syncthing.svg";
"href" = "https://syncthing.fi33.buzz/";
};
}
{
"qBittorrent" = {
"description" = "BitTorrent client";
"icon" = "qbittorrent.svg";
"href" = "https://qbittorrent.fi33.buzz/";
};
}
{
"Vaultwarden" = {
"description" = "Password manager";
"icon" = "vaultwarden.svg";
"href" = "https://vaultwarden.fi33.buzz/";
};
}
];
}
{
"Media Management" = [
{
"Lidarr" = {
"description" = "Music collection manager";
"icon" = "lidarr.svg";
"href" = "https://lidarr.fi33.buzz/";
"widget" = {
"type" = "lidarr";
"url" = "https://lidarr.fi33.buzz/";
"key" = "@lidarr@";
"enableQueue" = true;
};
};
}
{
"Prowlarr" = {
"description" = "Indexer management tool";
"icon" = "prowlarr.svg";
"href" = "https://prowlarr.fi33.buzz/";
"widget" = {
"type" = "prowlarr";
"url" = "https://prowlarr.fi33.buzz/";
"key" = "@prowlarr@";
};
};
}
{
"Radarr" = {
"description" = "Movie collection manager";
"icon" = "radarr.svg";
"href" = "https://radarr.fi33.buzz/";
"widget" = {
"type" = "radarr";
"url" = "https://radarr.fi33.buzz/";
"key" = "@radarr@";
"enableQueue" = true;
};
};
}
{
"Sonarr" = {
"description" = "TV show collection manager";
"icon" = "sonarr.svg";
"href" = "https://sonarr.fi33.buzz/";
"widget" = {
"type" = "sonarr";
"url" = "https://sonarr.fi33.buzz/";
"key" = "@sonarr@";
"enableQueue" = true;
};
};
}
];
}
{
"Media Streaming" = [
{
"Immich" = {
"description" = "Photo backup";
"icon" = "immich.svg";
"href" = "https://immich.fi33.buzz/";
"widget" = {
"type" = "immich";
"fields" = [
"users"
"photos"
"videos"
"storage"
];
"url" = "https://immich.fi33.buzz/";
"version" = 2;
"key" = "@immich@";
};
};
}
{
"Jellyfin" = {
"description" = "Media streaming";
"icon" = "jellyfin.svg";
"href" = "https://jellyfin.fi33.buzz/";
"widget" = {
"type" = "jellyfin";
"url" = "https://jellyfin.fi33.buzz/";
"key" = "@jellyfin@";
"enableBlocks" = true;
"enableNowPlaying" = true;
"enableUser" = true;
"showEpisodeNumber" = true;
"expandOneStreamToTwoRows" = false;
};
};
}
{
"Miniflux" = {
"description" = "RSS aggregator";
"icon" = "miniflux.svg";
"href" = "https://miniflux.fi33.buzz/";
"widget" = {
"type" = "miniflux";
"url" = "https://miniflux.fi33.buzz/";
"key" = "@miniflux@";
};
};
}
{
"Paperless" = {
"description" = "Digital filing cabinet";
"icon" = "paperless.svg";
"href" = "https://paperless.fi33.buzz/";
"widget" = {
"type" = "paperlessngx";
"url" = "https://paperless.fi33.buzz/";
"username" = "admin";
"password" = "@paperless@";
};
};
}
];
}
{
"Utilities" = [
{
"NanoKVM" = {
"description" = "Remote KVM switch";
"icon" = "mdi-console.svg";
"href" = "http://nano-kvm/";
};
}
];
}
# keep-sorted end
];
settings = {
title = "Mission Control";
theme = "dark";
color = "neutral";
headerStyle = "clean";
layout = [
{
"Media Streaming" = {
style = "row";
columns = 4;
useEqualHeights = true;
};
}
{
"Media Management" = {
style = "row";
columns = 4;
useEqualHeights = true;
};
}
{
"Cloud Services" = {
style = "row";
columns = 3;
};
}
{
"Utilities" = {
style = "row";
columns = 3;
};
}
];
quicklaunch.searchDescriptions = true;
disableUpdateCheck = true;
showStats = true;
statusStyle = "dot";
};
widgets = [
{
search = {
provider = [
"duckduckgo"
"brave"
];
focus = true;
showSearchSuggestions = true;
target = "_blank";
}; };
} }
{ {
"Private Services" = { resources = {
style = "row"; cpu = true;
columns = 3; memory = true;
useEqualHeights = true; disk = [
}; "/"
} "/backup"
{ ];
"Media Streaming" = { cputemp = true;
style = "row"; tempmin = 0;
columns = 3; tempmax = 100;
useEqualHeights = true; units = "metric";
}; network = true;
} uptime = true;
{
"Media Management" = {
style = "row";
columns = 3;
useEqualHeights = true;
};
}
{
Utilities = {
style = "row";
columns = 3;
useEqualHeights = true;
initiallyCollapsed = true;
}; };
} }
]; ];
quicklaunch.searchDescriptions = true;
disableUpdateCheck = true;
showStats = true;
}; };
widgets = [
{ # reverse proxy
search = { nginx = {
provider = [ virtualHosts."${feature}.fi33.buzz" = {
"duckduckgo" forceSSL = true;
"brave" useACMEHost = "fi33.buzz";
]; locations."/" = {
focus = true; proxyPass = "http://localhost:${port}";
showSearchSuggestions = true; # proxyWebsockets = true;
target = "_blank";
}; };
} };
{ };
resources = {
cpu = true;
memory = true;
disk = [
"/"
"/mnt/external"
];
cputemp = true;
tempmin = 0;
tempmax = 100;
units = "metric";
network = true;
uptime = true;
};
}
];
}; };
gatus.settings.endpoints = [ # secrets
{ age.secrets = genSecrets secrets;
name = "Homepage Dashboard"; system.activationScripts = insertSecrets secrets;
group = "Utilities";
inherit url;
interval = "5m";
conditions = [
"[STATUS] == 200"
"[CONNECTED] == true"
"[RESPONSE_TIME] < 500"
];
alerts = [ { type = "ntfy"; } ];
}
];
caddy.virtualHosts.${hostname}.extraConfig = ''
reverse_proxy localhost:${toString port}
tls ${certloc}/cert.pem ${certloc}/key.pem {
protocols tls1.3
}
'';
}; };
# secrets options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
age.secrets = genSecrets secrets;
system.activationScripts = insertSecrets secrets;
} }

67
modules/nixos/features/immich.nix
View file

@ -1,37 +1,46 @@
{
config,
lib,
...
}:
let let
port = 2283; feature = "immich";
certloc = "/var/lib/acme/fi33.buzz"; port = "2283";
hostname = "photos.fi33.buzz";
url = "https://${hostname}";
in in
{ {
services = { config = lib.mkIf config.${feature}.enable {
immich = { services = {
enable = true; immich = {
inherit port; enable = true;
mediaLocation = "/srv/immich"; port = builtins.fromJSON "${port}";
}; mediaLocation = "/srv/immich";
};
gatus.settings.endpoints = [ # database backup
{ borgmatic.settings = {
name = "Immich"; postgresql_databases = [
group = "Media Streaming"; {
inherit url; name = "immich";
interval = "5m"; hostname = "localhost";
conditions = [ username = "root";
"[STATUS] == 200" password = "{credential systemd borgmatic-pg}";
"[CONNECTED] == true" }
"[RESPONSE_TIME] < 500"
]; ];
alerts = [ { type = "ntfy"; } ]; };
}
];
caddy.virtualHosts.${hostname}.extraConfig = '' nginx = {
reverse_proxy localhost:${toString port} clientMaxBodySize = "50000M";
tls ${certloc}/cert.pem ${certloc}/key.pem { virtualHosts."${feature}.fi33.buzz" = {
protocols tls1.3 forceSSL = true;
} useACMEHost = "fi33.buzz";
''; locations."/" = {
proxyPass = "http://[::1]:${port}";
proxyWebsockets = true;
};
};
};
};
}; };
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
} }

37
modules/nixos/features/intel-gpu.nix
View file

@ -1,21 +1,32 @@
{ {
config,
lib,
pkgs, pkgs,
... ...
}: }:
let
feature = "intel-gpu";
in
{ {
hardware = { config = lib.mkIf config.${feature}.enable {
enableAllFirmware = true; hardware = {
graphics = { enableAllFirmware = true;
enable = true; graphics = {
extraPackages = with pkgs; [ enable = true;
# keep-sorted start extraPackages = with pkgs; [
intel-compute-runtime # keep-sorted start
intel-media-driver intel-compute-runtime
intel-ocl intel-media-driver
libva-vdpau-driver intel-ocl
vpl-gpu-rt libva-vdpau-driver
# keep-sorted end vpl-gpu-rt
]; # keep-sorted end
];
};
}; };
}; };
imports = [ ];
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
} }

63
modules/nixos/features/jellyfin.nix
View file

@ -1,43 +1,36 @@
{
config,
lib,
...
}:
let let
port = 8096; feature = "jellyfin";
certloc = "/var/lib/acme/fi33.buzz"; port = "8096";
hostname = "media.fi33.buzz";
url = "https://${hostname}";
in in
{ {
services = { config = lib.mkIf config.${feature}.enable {
jellyfin = { services = {
enable = true; # service
dataDir = "/srv/jellyfin"; jellyfin = {
group = "srv"; enable = true;
dataDir = "/srv/jellyfin";
group = "media";
};
# reverse proxy
nginx.virtualHosts."${feature}.fi33.buzz" = {
forceSSL = true;
useACMEHost = "fi33.buzz";
locations."/".proxyPass = "http://localhost:${port}";
};
}; };
gatus.settings.endpoints = [ # use intel iGP
{ systemd.services.jellyfin.environment.LIBVA_DRIVER_NAME = "iHD";
name = "Jellyfin"; environment.sessionVariables = {
group = "Media Streaming"; LIBVA_DRIVER_NAME = "iHD";
inherit url; };
interval = "5m";
conditions = [
"[STATUS] == 200"
"[CONNECTED] == true"
"[RESPONSE_TIME] < 500"
];
alerts = [ { type = "ntfy"; } ];
}
];
caddy.virtualHosts.${hostname}.extraConfig = ''
reverse_proxy localhost:${toString port}
tls ${certloc}/cert.pem ${certloc}/key.pem {
protocols tls1.3
}
'';
}; };
# use intel iGP options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
systemd.services.jellyfin.environment.LIBVA_DRIVER_NAME = "iHD";
environment.sessionVariables = {
LIBVA_DRIVER_NAME = "iHD";
};
} }

22
modules/nixos/features/karakeep.nix
View file

@ -1,22 +0,0 @@
let
port = 5014;
certloc = "/var/lib/acme/fi33.buzz";
in
{
services = {
karakeep = {
enable = true;
extraEnvironment = {
PORT = toString port;
DISABLE_NEW_RELEASE_CHECK = "true";
};
};
caddy.virtualHosts."karakeep.fi33.buzz".extraConfig = ''
reverse_proxy localhost:${toString port}
tls ${certloc}/cert.pem ${certloc}/key.pem {
protocols tls1.3
}
'';
};
}

44
modules/nixos/features/kavita.nix
View file

@ -1,44 +0,0 @@
{
config,
...
}:
let
port = 5015;
certloc = "/var/lib/acme/fi33.buzz";
hostname = "library.fi33.buzz";
url = "https://${hostname}";
in
{
services = {
kavita = {
enable = true;
dataDir = "/srv/kavita";
settings.Port = port;
tokenKeyFile = config.age.secrets.kavita.path;
};
gatus.settings.endpoints = [
{
name = "Kavita";
group = "Media Streaming";
inherit url;
interval = "5m";
conditions = [
"[STATUS] == 200"
"[CONNECTED] == true"
"[RESPONSE_TIME] < 500"
];
alerts = [ { type = "ntfy"; } ];
}
];
caddy.virtualHosts.${hostname}.extraConfig = ''
reverse_proxy localhost:${toString port}
tls ${certloc}/cert.pem ${certloc}/key.pem {
protocols tls1.3
}
'';
};
age.secrets.kavita.file = ../../../secrets/kavita.age;
}

37
modules/nixos/features/libretranslate.nix
View file

@ -1,37 +0,0 @@
let
port = 5023;
certloc = "/var/lib/acme/fi33.buzz";
hostname = "translate.fi33.buzz";
url = "https://${hostname}";
in
{
services = {
libretranslate = {
enable = true;
inherit port;
updateModels = true;
};
gatus.settings.endpoints = [
{
name = "LibreTranslate";
group = "Public Services";
inherit url;
interval = "5m";
conditions = [
"[STATUS] == 200"
"[CONNECTED] == true"
"[RESPONSE_TIME] < 500"
];
alerts = [ { type = "ntfy"; } ];
}
];
caddy.virtualHosts.${hostname}.extraConfig = ''
reverse_proxy localhost:${toString port}
tls ${certloc}/cert.pem ${certloc}/key.pem {
protocols tls1.3
}
'';
};
}

62
modules/nixos/features/lidarr.nix
View file

@ -1,40 +1,36 @@
{
config,
lib,
...
}:
let let
port = 5012; feature = "lidarr";
certloc = "/var/lib/acme/fi33.buzz"; port = "5012";
hostname = "music.fi33.buzz";
url = "https://${hostname}";
in in
{ {
services = { config = lib.mkIf config.${feature}.enable {
lidarr = { services = {
enable = true; # service
dataDir = "/srv/lidarr"; lidarr = {
settings.server = { enable = true;
inherit port; dataDir = "/srv/lidarr";
settings.server.port = lib.toInt port;
group = "media";
};
# reverse proxy
nginx = {
virtualHosts."${feature}.fi33.buzz" = {
forceSSL = true;
useACMEHost = "fi33.buzz";
locations."/" = {
proxyPass = "http://localhost:${port}";
# proxyWebsockets = true;
};
};
}; };
group = "srv";
}; };
gatus.settings.endpoints = [
{
name = "Lidarr";
group = "Media Management";
inherit url;
interval = "5m";
conditions = [
"[STATUS] == 200"
"[CONNECTED] == true"
"[RESPONSE_TIME] < 500"
];
alerts = [ { type = "ntfy"; } ];
}
];
caddy.virtualHosts.${hostname}.extraConfig = ''
reverse_proxy localhost:${toString port}
tls ${certloc}/cert.pem ${certloc}/key.pem {
protocols tls1.3
}
'';
}; };
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
} }

18
modules/nixos/features/link2c.nix
View file

@ -1,5 +1,17 @@
{ {
services.udev.extraRules = '' config,
ACTION=="add", SUBSYSTEM=="usb", ATTR{idVendor}=="2e1a", ATTR{idProduct}=="4c03", TEST=="power/control", ATTR{power/control}="on" lib,
''; ...
}:
let
feature = "link2c";
in
{
config = lib.mkIf config.${feature}.enable {
services.udev.extraRules = ''
ACTION=="add", SUBSYSTEM=="usb", ATTR{idVendor}=="2e1a", ATTR{idProduct}=="4c03", TEST=="power/control", ATTR{power/control}="on"
'';
};
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
} }

46
modules/nixos/features/llm.nix
View file

@ -1,46 +0,0 @@
{
pkgs,
...
}:
{
environment.systemPackages = [ pkgs.ollama-rocm ];
services = {
open-webui.enable = true;
ollama = {
enable = true;
package = pkgs.ollama-rocm;
loadModels = [
# small
# keep-sorted start
"deepseek-r1:1.5b"
"gemma3:1b"
"gemma3:270m"
"gemma3:4b"
"llama3.2:1b"
"llama3.2:3b"
"ministral-3:3b"
"qwen3:0.6b"
"qwen3:1.7b"
"qwen3:4b"
# keep-sorted end
# medium
# keep-sorted start
"deepseek-r1:7b"
"deepseek-r1:8b"
"llama3.1:8b"
"ministral-3:8b"
"qwen3:8b"
# keep-sorted end
# large
# keep-sorted start
"deepseek-r1:14b"
"gemma3:12b"
"ministral-3:14b"
"qwen3:14b"
# keep-sorted end
];
};
};
}

25
modules/nixos/features/localisation.nix
View file

@ -1,12 +1,21 @@
{ config, lib, ... }:
let
feature = "localisation";
in
{ {
i18n = { config = lib.mkIf config.${feature}.enable {
defaultLocale = "en_AU.UTF-8"; i18n = {
extraLocales = [ defaultLocale = "en_AU.UTF-8";
"en_GB.UTF-8/UTF-8" supportedLocales = [
"en_US.UTF-8/UTF-8" "en_US.UTF-8/UTF-8"
]; "en_AU.UTF-8/UTF-8"
extraLocaleSettings.LC_ALL = "en_GB.UTF-8"; ];
};
time.timeZone = "Australia/Melbourne";
}; };
time.timeZone = "Australia/Melbourne"; imports = [ ];
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
} }

53
modules/nixos/features/mealie.nix
View file

@ -1,53 +0,0 @@
{
pkgs,
...
}:
let
port = 5026;
certloc = "/var/lib/acme/fi33.buzz";
hostname = "mealie.fi33.buzz";
url = "https://${hostname}";
in
{
services = {
mealie = {
enable = true;
inherit port;
settings = {
TZ = "Australia/Melbourne";
ALLOW_SIGNUP = "false";
};
};
gatus.settings.endpoints = [
{
name = "Mealie";
group = "Private Services";
inherit url;
interval = "5m";
conditions = [
"[STATUS] == 200"
"[CONNECTED] == true"
"[RESPONSE_TIME] < 500"
];
alerts = [ { type = "ntfy"; } ];
}
];
borgbackup.jobs = {
onsite = {
paths = [ "/var/lib/mealie" ];
};
offsite = {
paths = [ "/var/lib/mealie" ];
};
};
caddy.virtualHosts.${hostname}.extraConfig = ''
reverse_proxy localhost:${toString port}
tls ${certloc}/cert.pem ${certloc}/key.pem {
protocols tls1.3
}
'';
};
}

72
modules/nixos/features/miniflux.nix
View file

@ -1,46 +1,54 @@
{ {
config, config,
lib,
... ...
}: }:
let let
port = 5010; feature = "miniflux";
certloc = "/var/lib/acme/fi33.buzz"; port = "5010";
hostname = "feeds.fi33.buzz";
url = "https://${hostname}";
in in
{ {
services = { config = lib.mkIf config.${feature}.enable {
miniflux = { services = {
enable = true; # service
adminCredentialsFile = config.age.secrets.miniflux-creds.path; miniflux = {
config = { enable = true;
BASE_URL = url; adminCredentialsFile = config.age.secrets.miniflux-creds.path;
LISTEN_ADDR = "localhost:${toString port}"; config = {
BASE_URL = "https://miniflux.fi33.buzz";
LISTEN_ADDR = "localhost:${port}";
};
};
# database backup
borgmatic.settings = {
postgresql_databases = [
{
name = "miniflux";
hostname = "localhost";
username = "root";
password = "{credential systemd borgmatic-pg}";
}
];
};
# reverse proxy
nginx = {
virtualHosts."${feature}.fi33.buzz" = {
forceSSL = true;
useACMEHost = "fi33.buzz";
locations."/" = {
proxyPass = "http://localhost:${port}";
# proxyWebsockets = true;
};
};
}; };
}; };
gatus.settings.endpoints = [ # secrets
{ age.secrets."miniflux-creds".file = ../../../secrets/miniflux-creds.age;
name = "Miniflux";
group = "Media Streaming";
inherit url;
interval = "5m";
conditions = [
"[STATUS] == 200"
"[CONNECTED] == true"
"[RESPONSE_TIME] < 500"
];
alerts = [ { type = "ntfy"; } ];
}
];
caddy.virtualHosts.${hostname}.extraConfig = ''
reverse_proxy localhost:${toString port}
tls ${certloc}/cert.pem ${certloc}/key.pem {
protocols tls1.3
}
'';
}; };
age.secrets."miniflux-creds".file = ../../../secrets/miniflux-creds.age; options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
} }

18
modules/nixos/features/network.nix
View file

@ -1,11 +1,21 @@
{ {
config,
lib,
hostName, hostName,
... ...
}: }:
let
feature = "network";
in
{ {
networking = { config = lib.mkIf config.${feature}.enable {
hostName = "${hostName}"; networking = {
networkmanager.enable = true; hostName = "${hostName}";
firewall.enable = true; networkmanager.enable = true;
};
}; };
imports = [ ];
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
} }

63
modules/nixos/features/nginx.nix
View file

@ -1,37 +1,48 @@
{ {
config, config,
lib,
... ...
}: }:
let
feature = "nginx";
in
{ {
services.nginx = { config = lib.mkIf config.${feature}.enable {
enable = true; services.nginx = {
enable = true;
recommendedProxySettings = true; recommendedProxySettings = true;
recommendedTlsSettings = true; recommendedTlsSettings = true;
recommendedGzipSettings = true; recommendedGzipSettings = true;
recommendedOptimisation = true; recommendedOptimisation = true;
virtualHosts."*.fi33.buzz" = { virtualHosts."*.fi33.buzz" = {
forceSSL = true; forceSSL = true;
useACMEHost = "fi33.buzz"; useACMEHost = "fi33.buzz";
locations."/".index = "index.html"; locations."/".index = "index.html";
};
}; };
security.acme = {
acceptTerms = true;
defaults.email = "wi11@duck.com";
certs."fi33.buzz" = {
domain = "fi33.buzz";
extraDomainNames = [ "*.fi33.buzz" ];
group = "nginx";
dnsProvider = "porkbun";
dnsPropagationCheck = true;
credentialsFile = config.age.secrets."porkbun-api".path;
};
};
# secrets
age.secrets."porkbun-api" = {
file = ../../../secrets/porkbun-api.age;
};
users.users.nginx.extraGroups = [ "acme" ];
}; };
security.acme = { options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
acceptTerms = true;
defaults.email = "wi11@duck.com";
certs."fi33.buzz" = {
domain = "fi33.buzz";
extraDomainNames = [ "*.fi33.buzz" ];
group = "nginx";
dnsProvider = "porkbun";
dnsPropagationCheck = true;
credentialsFile = config.age.secrets."porkbun-api".path;
};
};
age.secrets."porkbun-api".file = ../../../secrets/porkbun-api.age;
users.users.nginx.extraGroups = [ "acme" ];
} }

17
modules/nixos/features/nh.nix
View file

@ -1,11 +1,20 @@
{ {
config,
lib,
userName, userName,
... ...
}: }:
let
feature = "nh";
in
{ {
programs.nh = { config = lib.mkIf config.${feature}.enable {
enable = true; programs.nh = {
# clean.enable = true; enable = true;
flake = "/home/${userName}/.dots"; # clean.enable = true;
flake = "/home/${userName}/.dots";
};
}; };
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
} }

34
modules/nixos/features/nix-settings.nix Normal file
View file

@ -0,0 +1,34 @@
{ config, lib, ... }:
let
feature = "nix-settings";
in
{
config = lib.mkIf config.${feature}.enable {
nix = {
gc = {
automatic = true;
dates = "weekly";
options = "--delete-older-than 20d";
persistent = true;
};
optimise = {
automatic = true;
persistent = true;
};
settings = {
experimental-features = [
"nix-command"
"flakes"
];
trusted-users = [
"will"
"srv"
];
};
};
};
imports = [ ];
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
}

35
modules/nixos/features/nix.nix
View file

@ -1,35 +0,0 @@
{
lib,
...
}:
{
# rip out default packages
environment.defaultPackages = lib.mkForce [ ];
# allow packages with non-free licenses
nixpkgs.config.allowUnfree = true;
nix = {
gc = {
automatic = true;
dates = "weekly";
options = "--delete-older-than 20d";
persistent = true;
};
optimise = {
automatic = true;
persistent = true;
};
settings = {
allowed-users = [ "@wheel" ];
experimental-features = [
"nix-command"
"flakes"
];
trusted-users = [
"will"
"srv"
];
};
};
}

13
modules/nixos/features/nixpkgs.nix Normal file
View file

@ -0,0 +1,13 @@
{ config, lib, ... }:
let
feature = "nixpkgs";
in
{
config = lib.mkIf config.${feature}.enable {
nixpkgs.config.allowUnfree = true;
};
imports = [ ];
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
}

178
modules/nixos/features/nixvim.nix
View file

@ -1,102 +1,108 @@
{ {
config,
inputs, inputs,
lib,
... ...
}: }:
let
feature = "nixvim";
in
{ {
environment.variables.EDITOR = "nvim"; config = lib.mkIf config.${feature}.enable {
programs.nixvim = { environment.variables.EDITOR = "nvim";
enable = true; programs.nixvim = {
clipboard = {
providers.wl-copy.enable = true;
register = "unnamedplus";
};
colorschemes.catppuccin = {
enable = true; enable = true;
settings.background.dark = "mocha"; clipboard = {
}; providers.wl-copy.enable = true;
dependencies = { register = "unnamedplus";
tree-sitter.enable = true;
gcc.enable = true;
};
diagnostic.settings.virtual_lines = true;
opts = {
# keep-sorted start
autoindent = true;
colorcolumn = "80";
expandtab = true;
number = true;
relativenumber = true;
shiftwidth = 2;
# get suggestions by typing z=
spell = true;
spelllang = "en_au";
tabstop = 2;
# keep-sorted end
};
plugins = {
# auto close brackets
autoclose.enable = true;
# completion window
cmp = {
enable = true;
autoEnableSources = true;
settings = {
mapping = {
"<C-Space>" = "cmp.mapping.complete()";
"<C-d>" = "cmp.mapping.scroll_docs(-4)";
"<C-e>" = "cmp.mapping.close()";
"<C-f>" = "cmp.mapping.scroll_docs(4)";
"<CR>" = "cmp.mapping.confirm({ select = true })";
"<S-Tab>" = "cmp.mapping(cmp.mapping.select_prev_item(), {'i', 's'})";
"<Tab>" = "cmp.mapping(cmp.mapping.select_next_item(), {'i', 's'})";
};
sources = [
{ name = "nvim_lsp"; }
{ name = "path"; }
{ name = "buffer"; }
];
};
}; };
colorschemes.catppuccin = {
# git changes in margin
gitsigns.enable = true;
# opens last edit position
lastplace.enable = true;
# lsp servers
lsp = {
enable = true; enable = true;
inlayHints = true; settings.background.dark = "mocha";
servers = { };
nixd.enable = true; dependencies = {
rust_analyzer = { tree-sitter.enable = true;
enable = true; gcc.enable = true;
installCargo = true; };
installRustc = true; diagnostic.settings.virtual_lines = true;
}; opts = {
hls = { autoindent = true;
enable = true; expandtab = true;
installGhc = true; number = true;
relativenumber = true;
shiftwidth = 2;
tabstop = 2;
colorcolumn = "80";
};
plugins = {
# autoclose brackets
autoclose.enable = true;
# completion window
cmp = {
enable = true;
autoEnableSources = true;
settings = {
mapping = {
"<C-Space>" = "cmp.mapping.complete()";
"<C-d>" = "cmp.mapping.scroll_docs(-4)";
"<C-e>" = "cmp.mapping.close()";
"<C-f>" = "cmp.mapping.scroll_docs(4)";
"<CR>" = "cmp.mapping.confirm({ select = true })";
"<S-Tab>" = "cmp.mapping(cmp.mapping.select_prev_item(), {'i', 's'})";
"<Tab>" = "cmp.mapping(cmp.mapping.select_next_item(), {'i', 's'})";
};
sources = [
{ name = "nvim_lsp"; }
{ name = "path"; }
{ name = "buffer"; }
];
}; };
}; };
# git changes in margin
gitsigns.enable = true;
# opens last edit position
lastplace.enable = true;
# lsp servers
lsp = {
enable = true;
inlayHints = true;
servers = {
nixd.enable = true;
}
// lib.optionalAttrs config.dev.enable {
rust_analyzer = {
enable = true;
installCargo = true;
installRustc = true;
};
hls = {
enable = true;
installGhc = true;
};
};
};
lsp-format.enable = true;
lsp-lines.enable = true;
lsp-signature.enable = true;
lspkind.enable = true;
# status bar
lualine.enable = true;
# perform file system operations inside of neovim
oil.enable = true;
# syntax highlighting
treesitter.enable = true;
}; };
lsp-format.enable = true;
lsp-lines.enable = true;
lsp-signature.enable = true;
lspkind.enable = true;
# status bar
lualine.enable = true;
# perform file system operations inside of neovim
oil.enable = true;
# syntax highlighting
treesitter.enable = true;
}; };
}; };
imports = [ inputs.nixvim.nixosModules.nixvim ]; imports = [ inputs.nixvim.nixosModules.nixvim ];
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
} }

73
modules/nixos/features/ntfy-sh.nix
View file

@ -1,59 +1,38 @@
{ {
config, config,
lib,
... ...
}: }:
let let
port = 5002; feature = "ntfy-sh";
certloc = "/var/lib/acme/fi33.buzz"; port = "5002";
hostname = "notify.fi33.buzz";
url = "https://${hostname}";
in in
{ {
services = { config = lib.mkIf config.${feature}.enable {
ntfy-sh = { services = {
enable = true; # service
environmentFile = config.age.secrets.ntfy.path; ntfy-sh = {
settings = { enable = true;
base-url = url; settings = {
listen-http = ":${toString port}"; base-url = "https://ntfy-sh.fi33.buzz";
behind-proxy = true; listen-http = ":${port}";
auth-default-access = "deny-all"; behind-proxy = true;
auth-users = [ };
"Debit3885:$2a$12$ZeFimzdifNFSmf0W2oi.vuZfsqae75md9nhC/Q2BcKMyvDO8T.uEK:admin" };
"gatus:$2a$12$OswG3sB8oDaB.KpawKM3P.78dID.Tj/0y5qeVD5BE6EH5bpGKe.na:user"
]; # reverse proxy
auth-access = [ nginx = {
"gatus:services:wo" virtualHosts."${feature}.fi33.buzz" = {
]; forceSSL = true;
useACMEHost = "fi33.buzz";
locations."/" = {
proxyPass = "http://localhost:${port}";
proxyWebsockets = true;
};
};
}; };
}; };
gatus.settings.endpoints = [
{
name = "ntfy";
group = "Private Services";
inherit url;
interval = "5m";
conditions = [
"[STATUS] == 200"
"[CONNECTED] == true"
"[RESPONSE_TIME] < 500"
];
}
];
borgbackup.jobs = {
onsite.paths = [ "/var/lib/ntfy-sh" ];
offsite.paths = [ "/var/lib/ntfy-sh" ];
};
caddy.virtualHosts.${hostname}.extraConfig = ''
reverse_proxy localhost:${toString port}
tls ${certloc}/cert.pem ${certloc}/key.pem {
protocols tls1.3
}
'';
}; };
age.secrets.ntfy.file = ../../../secrets/ntfy.age; options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
} }

46
modules/nixos/features/nzbget.nix
View file

@ -1,46 +0,0 @@
{
pkgs,
...
}:
let
port = 5018;
certloc = "/var/lib/acme/fi33.buzz";
hostname = "usenet.fi33.buzz";
url = "https://${hostname}";
in
{
services = {
nzbget = {
enable = true;
settings = {
MainDir = "/srv/nzbget";
ControlPort = port;
};
group = "srv";
};
gatus.settings.endpoints = [
{
name = "NZBget";
group = "Media Management";
inherit url;
interval = "5m";
conditions = [
"[STATUS] == 401"
"[CONNECTED] == true"
"[RESPONSE_TIME] < 500"
];
alerts = [ { type = "ntfy"; } ];
}
];
caddy.virtualHosts.${hostname}.extraConfig = ''
reverse_proxy localhost:${toString port}
tls ${certloc}/cert.pem ${certloc}/key.pem {
protocols tls1.3
}
'';
};
environment.systemPackages = with pkgs; [ unrar ];
}

82
modules/nixos/features/paperless.nix
View file

@ -1,51 +1,57 @@
{ {
config, config,
lib,
... ...
}: }:
let let
port = 5013; feature = "paperless";
certloc = "/var/lib/acme/fi33.buzz"; port = "5013";
hostname = "documents.fi33.buzz";
url = "https://${hostname}";
in in
{ {
services = { config = lib.mkIf config.${feature}.enable {
paperless = { services = {
enable = true; # service
dataDir = "/srv/paperless"; paperless = {
database.createLocally = true; enable = true;
passwordFile = config.age.secrets.paperless.path; dataDir = "/srv/paperless";
inherit port; database.createLocally = true;
settings = { passwordFile = config.age.secrets.paperless.path;
PAPERLESS_URL = url; port = lib.toInt port;
settings = {
PAPERLESS_URL = "https://paperless.fi33.buzz";
};
};
# database backup
borgmatic.settings = {
postgresql_databases = [
{
name = "paperless";
hostname = "localhost";
username = "root";
password = "{credential systemd borgmatic-pg}";
}
];
};
# reverse proxy
nginx = {
virtualHosts."${feature}.fi33.buzz" = {
forceSSL = true;
useACMEHost = "fi33.buzz";
locations."/" = {
proxyPass = "http://localhost:${port}";
# proxyWebsockets = true;
};
};
}; };
}; };
gatus.settings.endpoints = [ age.secrets."paperless" = {
{ file = ../../../secrets/paperless.age;
name = "Paperless"; owner = "paperless";
group = "Media Streaming"; };
inherit url;
interval = "5m";
conditions = [
"[STATUS] == 200"
"[CONNECTED] == true"
"[RESPONSE_TIME] < 500"
];
alerts = [ { type = "ntfy"; } ];
}
];
caddy.virtualHosts.${hostname}.extraConfig = ''
reverse_proxy localhost:${toString port}
tls ${certloc}/cert.pem ${certloc}/key.pem {
protocols tls1.3
}
'';
}; };
age.secrets."paperless" = { options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
file = ../../../secrets/paperless.age;
owner = "paperless";
};
} }

22
modules/nixos/features/pipewire.nix
View file

@ -1,11 +1,19 @@
{ config, lib, ... }:
let
feature = "pipewire";
in
{ {
security.rtkit.enable = true; config = lib.mkIf config.${feature}.enable {
security.rtkit.enable = true;
services.pipewire = { services.pipewire = {
alsa.enable = true; alsa.enable = true;
alsa.support32Bit = true; alsa.support32Bit = true;
enable = true; enable = true;
jack.enable = true; jack.enable = true;
pulse.enable = true; pulse.enable = true;
};
}; };
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
} }

48
modules/nixos/features/plasma.nix
View file

@ -1,27 +1,39 @@
{ {
config,
lib,
pkgs, pkgs,
... ...
}: }:
let
feature = "plasma";
in
{ {
services = { config = lib.mkIf config.${feature}.enable {
desktopManager.plasma6.enable = true; services = {
displayManager.sddm = { desktopManager.plasma6.enable = true;
enable = true; displayManager.sddm = {
wayland.enable = true; enable = true;
wayland.enable = true;
};
}; };
environment.systemPackages =
with pkgs.kdePackages;
[
# keep-sorted start
kget
kontact
# TODO: replace with transmission
ktorrent
kzones
# keep-sorted end
]
++ (with pkgs; [
# keep-sorted start
haruna
# keep-sorted end
]);
}; };
environment.systemPackages = options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
with pkgs.kdePackages;
[
# keep-sorted start
ktorrent
kzones
# keep-sorted end
]
++ (with pkgs; [
# keep-sorted start
haruna
# keep-sorted end
]);
} }

31
modules/nixos/features/print-and-scan.nix
View file

@ -1,21 +1,30 @@
{ {
config,
lib,
pkgs, pkgs,
... ...
}: }:
let
feature = "print-and-scan";
in
{ {
hardware.sane = { config = lib.mkIf config.${feature}.enable {
enable = true; hardware.sane = {
extraBackends = [ pkgs.hplip ];
};
services = {
avahi = {
enable = true; enable = true;
nssmdns4 = true; extraBackends = [ pkgs.hplip ];
openFirewall = true;
}; };
printing = { services = {
enable = true; avahi = {
drivers = [ pkgs.hplip ]; enable = true;
nssmdns4 = true;
openFirewall = true;
};
printing = {
enable = true;
drivers = [ pkgs.hplip ];
};
}; };
}; };
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
} }

16
modules/nixos/features/protonmail-bridge.nix
View file

@ -1,3 +1,17 @@
{ {
services.protonmail-bridge.enable = true; config,
lib,
...
}:
let
feature = "protonmail-bridge";
in
{
config = lib.mkIf config.${feature}.enable {
services.protonmail-bridge.enable = true;
};
imports = [ ];
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
} }

66
modules/nixos/features/prowlarr.nix
View file

@ -1,51 +1,35 @@
{ {
pkgs, config,
lib,
... ...
}: }:
let let
port = 5009; feature = "prowlarr";
certloc = "/var/lib/acme/fi33.buzz"; port = "5009";
hostname = "prowlarr.fi33.buzz";
url = "https://${hostname}";
in in
{ {
services = { config = lib.mkIf config.${feature}.enable {
prowlarr = { services = {
enable = true; # service
settings.server = { prowlarr = {
inherit port; enable = true;
dataDir = "/srv/prowlarr";
settings.server.port = lib.toInt port;
};
# reverse proxy
nginx = {
virtualHosts."${feature}.fi33.buzz" = {
forceSSL = true;
useACMEHost = "fi33.buzz";
locations."/" = {
proxyPass = "http://localhost:${port}";
# proxyWebsockets = true;
};
};
}; };
}; };
gatus.settings.endpoints = [
{
name = "Prowlarr";
group = "Media Management";
inherit url;
interval = "5m";
conditions = [
"[STATUS] == 200"
"[CONNECTED] == true"
"[RESPONSE_TIME] < 500"
];
alerts = [ { type = "ntfy"; } ];
}
];
borgbackup.jobs = {
onsite = {
paths = [ "/var/lib/prowlarr" ];
};
offsite = {
paths = [ "/var/lib/prowlarr" ];
};
};
caddy.virtualHosts.${hostname}.extraConfig = ''
reverse_proxy localhost:${toString port}
tls ${certloc}/cert.pem ${certloc}/key.pem {
protocols tls1.3
}
'';
}; };
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
} }

62
modules/nixos/features/qbittorrent.nix
View file

@ -1,41 +1,37 @@
{ config, lib, ... }:
let let
port = 5005; feature = "qbittorrent";
certloc = "/var/lib/acme/fi33.buzz"; port = "5005";
hostname = "bittorrent.fi33.buzz";
url = "https://${hostname}";
in in
{ {
services = { config = lib.mkIf config.${feature}.enable {
qbittorrent = { users.users.qbittorrent.extraGroups = [ "media" ];
enable = true;
webuiPort = port;
profileDir = "/srv";
group = "srv";
extraArgs = [
"--confirm-legal-notice"
];
};
gatus.settings.endpoints = [ services = {
{ # service
name = "qBittorrent"; qbittorrent = {
group = "Media Management"; enable = true;
inherit url; webuiPort = lib.toInt port;
interval = "5m"; profileDir = "/srv";
conditions = [ group = "media";
"[STATUS] == 200" extraArgs = [
"[CONNECTED] == true" "--confirm-legal-notice"
"[RESPONSE_TIME] < 500"
]; ];
alerts = [ { type = "ntfy"; } ]; };
}
];
caddy.virtualHosts.${hostname}.extraConfig = '' # reverse proxy
reverse_proxy localhost:${toString port} nginx = {
tls ${certloc}/cert.pem ${certloc}/key.pem { virtualHosts."${feature}.fi33.buzz" = {
protocols tls1.3 forceSSL = true;
} useACMEHost = "fi33.buzz";
''; locations."/" = {
proxyPass = "http://localhost:${port}";
# proxyWebsockets = true;
};
};
};
};
}; };
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
} }

32
modules/nixos/features/qui.nix
View file

@ -1,32 +0,0 @@
{
# keep-sorted start
lib,
pkgs,
# keep-sorted end
...
}:
let
port = 5019;
certloc = "/var/lib/acme/fi33.buzz";
in
{
environment.systemPackages = [ pkgs.qui ];
systemd.user.services.qui = {
after = [ "network.target" ];
wantedBy = [ "multi-user.target" ];
serviceConfig.ExecStart = "${lib.getExe pkgs.qui} serve";
environment = {
QUI__PORT = toString port;
QUI__DATA_DIR = "/srv/qui";
};
};
services.caddy.virtualHosts."qui.fi33.buzz".extraConfig = ''
reverse_proxy localhost:${toString port}
tls ${certloc}/cert.pem ${certloc}/key.pem {
protocols tls1.3
}
'';
}

63
modules/nixos/features/radarr.nix
View file

@ -1,40 +1,37 @@
{
config,
lib,
...
}:
let let
port = 5007; feature = "radarr";
certloc = "/var/lib/acme/fi33.buzz"; port = "5007";
hostname = "movies.fi33.buzz";
url = "https://${hostname}";
in in
{ {
services = { config = lib.mkIf config.${feature}.enable {
radarr = { services = {
enable = true; # service
dataDir = "/srv/radarr"; radarr = {
settings.server = { enable = true;
inherit port; dataDir = "/srv/radarr";
settings.server.port = lib.toInt port;
group = "media";
};
# reverse proxy
nginx = {
virtualHosts."${feature}.fi33.buzz" = {
forceSSL = true;
useACMEHost = "fi33.buzz";
locations."/" = {
proxyPass = "http://localhost:${port}";
# proxyWebsockets = true;
};
};
}; };
group = "srv";
}; };
gatus.settings.endpoints = [
{
name = "Radarr";
group = "Media Management";
inherit url;
interval = "5m";
conditions = [
"[STATUS] == 200"
"[CONNECTED] == true"
"[RESPONSE_TIME] < 500"
];
alerts = [ { type = "ntfy"; } ];
}
];
caddy.virtualHosts.${hostname}.extraConfig = ''
reverse_proxy localhost:${toString port}
tls ${certloc}/cert.pem ${certloc}/key.pem {
protocols tls1.3
}
'';
}; };
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
} }

61
modules/nixos/features/radicale.nix
View file

@ -1,61 +0,0 @@
{
config,
...
}:
let
port = 5003;
certloc = "/var/lib/acme/fi33.buzz";
hostname = "caldav.fi33.buzz";
url = "https://${hostname}";
in
{
services = {
radicale = {
enable = true;
settings = {
server = {
hosts = [
"0.0.0.0:${toString port}"
"[::]:${toString port}"
];
};
auth = {
type = "htpasswd";
htpasswd_filename = config.age.secrets.radicale.path;
htpasswd_encryption = "plain";
};
storage = {
filesystem_folder = "/srv/radicale";
};
};
};
gatus.settings.endpoints = [
{
name = "Radicale";
group = "Private Services";
inherit url;
interval = "5m";
conditions = [
"[STATUS] == 200"
"[CONNECTED] == true"
"[RESPONSE_TIME] < 500"
];
alerts = [ { type = "ntfy"; } ];
}
];
caddy.virtualHosts.${hostname}.extraConfig = ''
reverse_proxy localhost:${toString port}
tls ${certloc}/cert.pem ${certloc}/key.pem {
protocols tls1.3
}
'';
};
# secrets
age.secrets."radicale" = {
file = ../../../secrets/radicale.age;
owner = "radicale";
};
}

40
modules/nixos/features/readarr.nix
View file

@ -1,40 +0,0 @@
let
port = 5016;
certloc = "/var/lib/acme/fi33.buzz";
hostname = "books.fi33.buzz";
url = "https://${hostname}";
in
{
services = {
readarr = {
enable = true;
dataDir = "/srv/readarr";
settings.server = {
inherit port;
};
group = "srv";
};
gatus.settings.endpoints = [
{
name = "Readarr";
group = "Media Management";
inherit url;
interval = "5m";
conditions = [
"[STATUS] == 200"
"[CONNECTED] == true"
"[RESPONSE_TIME] < 500"
];
alerts = [ { type = "ntfy"; } ];
}
];
caddy.virtualHosts.${hostname}.extraConfig = ''
reverse_proxy localhost:${toString port}
tls ${certloc}/cert.pem ${certloc}/key.pem {
protocols tls1.3
}
'';
};
}

45
modules/nixos/features/send.nix
View file

@ -1,45 +0,0 @@
let
port = 5020;
certloc = "/var/lib/acme/fi33.buzz";
hostname = "send.fi33.buzz";
url = "https://${hostname}";
in
{
services = {
send = {
enable = true;
inherit port;
baseUrl = url;
environment = {
DEFAULT_EXPIRE_SECONDS = 360;
EXPIRE_TIMES_SECONDS = "360";
DOWNLOAD_COUNTS = "1";
MAX_DOWNLOADS = 1;
MAX_EXPIRE_SECONDS = 1024;
MAX_FILE_SIZE = 134217728;
};
};
gatus.settings.endpoints = [
{
name = "Send";
group = "Public Services";
inherit url;
interval = "5m";
conditions = [
"[STATUS] == 200"
"[CONNECTED] == true"
"[RESPONSE_TIME] < 500"
];
alerts = [ { type = "ntfy"; } ];
}
];
caddy.virtualHosts.${hostname}.extraConfig = ''
reverse_proxy localhost:${toString port}
tls ${certloc}/cert.pem ${certloc}/key.pem {
protocols tls1.3
}
'';
};
}

63
modules/nixos/features/sonarr.nix
View file

@ -1,40 +1,37 @@
{
config,
lib,
...
}:
let let
port = 5006; feature = "sonarr";
certloc = "/var/lib/acme/fi33.buzz"; port = "5006";
hostname = "shows.fi33.buzz";
url = "https://${hostname}";
in in
{ {
services = { config = lib.mkIf config.${feature}.enable {
sonarr = { services = {
enable = true; # service
dataDir = "/srv/sonarr"; sonarr = {
settings.server = { enable = true;
inherit port; dataDir = "/srv/sonarr";
settings.server.port = lib.toInt port;
group = "media";
};
# reverse proxy
nginx = {
virtualHosts."${feature}.fi33.buzz" = {
forceSSL = true;
useACMEHost = "fi33.buzz";
locations."/" = {
proxyPass = "http://localhost:${port}";
# proxyWebsockets = true;
};
};
}; };
group = "srv";
}; };
gatus.settings.endpoints = [
{
name = "Sonarr";
group = "Media Management";
inherit url;
interval = "5m";
conditions = [
"[STATUS] == 200"
"[CONNECTED] == true"
"[RESPONSE_TIME] < 500"
];
alerts = [ { type = "ntfy"; } ];
}
];
caddy.virtualHosts.${hostname}.extraConfig = ''
reverse_proxy localhost:${toString port}
tls ${certloc}/cert.pem ${certloc}/key.pem {
protocols tls1.3
}
'';
}; };
options.${feature}.enable = lib.mkEnableOption "enables ${feature}";
} }

23
modules/nixos/features/star-citizen.nix
View file

@ -1,23 +0,0 @@
{
# keep-sorted start
inputs,
system,
# keep-sorted end
...
}:
{
nix.settings = {
substituters = [ "https://nix-citizen.cachix.org" ];
trusted-public-keys = [ "nix-citizen.cachix.org-1:lPMkWc2X8XD4/7YPEEwXKKBg+SVbYTVrAaLA2wQTKCo=" ];
};
environment.systemPackages = [
inputs.nix-citizen.packages.${system}.rsi-launcher
];
zramSwap = {
enable = true;
memoryPercent = 100;
writebackDevice = "/dev/sda1";
};
}

6
modules/nixos/features/sudo.nix
View file

@ -1,6 +0,0 @@
{
...
}:
{
security.sudo.execWheelOnly = true;
}

Some files were not shown because too many files have changed in this diff Show more