jordan/nix-config
1
1
Fork 0
Code Issues 11 Pull Requests Actions Projects 3 Wiki Activity

Compare commits

base: jordan:42b35cb7ae125cefc09432c2e5f7cdff1753531d
Branches Tags
jordan:master jordan:hass jordan:immich jordan:zitadel jordan:skycam jordan:24.05 jordan:lunarvim jordan:matrix jordan:docs jordan:vps1 jordan:wallpapers jordan:fix-odyssey-nix-store
..
compare: jordan:lunarvim
Branches Tags
jordan:master jordan:hass jordan:immich jordan:zitadel jordan:skycam jordan:24.05 jordan:lunarvim jordan:matrix jordan:docs jordan:vps1 jordan:wallpapers jordan:fix-odyssey-nix-store

3 Commits
42b35cb7ae ... lunarvim

Author SHA1 Message Date
Jordan Holt
a1d4948bb3 Add nerdfonts 2024-03-09 21:35:42 +00:00
Jordan Holt
5d21d262fa Remove unused variable 2024-03-09 21:17:54 +00:00
Jordan Holt
1926dda49d Switch to lunarvim 2024-03-03 23:17:42 +00:00
16 changed files with 49 additions and 478 deletions
Expand all files Collapse all files

39
README.md
View File

@ -9,47 +9,16 @@ System and user configuration for NixOS-based systems.
| **Theme:** | adwaita | | **Theme:** | adwaita |
| **Terminal:** | Console | | **Terminal:** | Console |
## Provisioning a new host ## Provisioning
> [nixos-anywhere](https://github.com/nix-community/nixos-anywhere) is the module used > [nixos-anywhere](https://github.com/nix-community/nixos-anywhere) is the module used for provisioning
> for provisioning
Generate a new SSH host key in "$temp/etc/ssh" as per [this guide](https://nix-community.github.io/nixos-anywhere/howtos/secrets.html#example-decrypting-an-openssh-host-key-with-pass). Generate a new SSH host key in "$temp/etc/ssh" as per [this guide](https://nix-community.github.io/nixos-anywhere/howtos/secrets.html#example-decrypting-an-openssh-host-key-with-pass).
```
ssh-keygen -t ed25519 -f /tmp/ssh_host_ed25519_key
```
Update [nix-secrets](/jordan/nix-secrets) with the new host key to enable the system to decrypt Then run;
any relevant secrets.
In order to use the borgmatic module for backups, go to [borgbase.com](https://borgbase.com).
Add the generated SSH host key and create a new repository for the system.
Create a new directory under `hosts/` with a system configuration and disk layout.
Boot the NixOS installer (or any Linux distribution) on the target.
Then run:
``` ```
nix run github:nix-community/nixos-anywhere -- \ nix run github:nix-community/nixos-anywhere -- \
--disk-encryption-keys /tmp/secret.key /tmp/secret.key \ --disk-encryption-keys /tmp/secret.key /tmp/secret.key \
--extra-files "$temp" \ --extra-files "$temp" \
--flake .#<hostname> \ --flake .#<hostname> \
root@<target-ip> root@<ip>
``` ```
### Post install
If backups are configured, you'll need to run:
```
borgmatic init --encryption repokey-blake2
```
then restart `borgmatic`.
To join the Tailscale network, run:
```
tailscale up --login-server https://headscale.vimium.net
```
then visit the URL, SSH onto `vps1` and run `headscale --user mesh nodes register --key <key>`.
The new node can optionally be given a friendly name with `headscale node rename -i <index> <hostname>`.

166
flake.lock generated
View File

@ -8,11 +8,11 @@
"systems": "systems" "systems": "systems"
}, },
"locked": { "locked": {
"lastModified": 1712079060, "lastModified": 1707830867,
"narHash": "sha256-/JdiT9t+zzjChc5qQiF+jhrVhRt8figYH29rZO7pFe4=", "narHash": "sha256-PAdwm5QqdlwIqGrfzzvzZubM+FXtilekQ/FA0cI49/o=",
"owner": "ryantm", "owner": "ryantm",
"repo": "agenix", "repo": "agenix",
"rev": "1381a759b205dff7a6818733118d02253340fd5e", "rev": "8cb01a0e717311680e0cbca06a76cbceba6f3ed6",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -21,22 +21,6 @@
"type": "github" "type": "github"
} }
}, },
"blobs": {
"flake": false,
"locked": {
"lastModified": 1604995301,
"narHash": "sha256-wcLzgLec6SGJA8fx1OEN1yV/Py5b+U5iyYpksUY/yLw=",
"owner": "simple-nixos-mailserver",
"repo": "blobs",
"rev": "2cccdf1ca48316f2cfd1c9a0017e8de5a7156265",
"type": "gitlab"
},
"original": {
"owner": "simple-nixos-mailserver",
"repo": "blobs",
"type": "gitlab"
}
},
"darwin": { "darwin": {
"inputs": { "inputs": {
"nixpkgs": [ "nixpkgs": [
@ -66,11 +50,11 @@
"utils": "utils" "utils": "utils"
}, },
"locked": { "locked": {
"lastModified": 1711973905, "lastModified": 1708091384,
"narHash": "sha256-UFKME/N1pbUtn+2Aqnk+agUt8CekbpuqwzljivfIme8=", "narHash": "sha256-dTGGw2y8wvfjr+J9CjQbfdulOq72hUG17HXVNxpH1yE=",
"owner": "serokell", "owner": "serokell",
"repo": "deploy-rs", "repo": "deploy-rs",
"rev": "88b3059b020da69cbe16526b8d639bd5e0b51c8b", "rev": "0a0187794ac7f7a1e62cda3dabf8dc041f868790",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -86,11 +70,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1712947906, "lastModified": 1709439398,
"narHash": "sha256-T0eT2lMbcK7RLelkx0qx4SiFpOS/0dt0aSfLB+WsGV8=", "narHash": "sha256-MW0zp3ta7SvdpjvhVCbtP20ewRwQZX2vRFn14gTc4Kg=",
"owner": "nix-community", "owner": "nix-community",
"repo": "disko", "repo": "disko",
"rev": "8d4ae698eaac8bd717e23507da2ca8b345bec4b5", "rev": "1f76b318aa11170c8ca8c225a9b4c458a5fcbb57",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -102,11 +86,11 @@
"firefox-gnome-theme": { "firefox-gnome-theme": {
"flake": false, "flake": false,
"locked": { "locked": {
"lastModified": 1712590130, "lastModified": 1708965002,
"narHash": "sha256-NOfsWKOLifmRLIySbjlJFFLuRT8UVyLeZItuLCjvIno=", "narHash": "sha256-gIBZCPB0sA8Gagrxd8w4+y9uUkWBnXJBmq9Ur5BYTQU=",
"owner": "rafaelmardojai", "owner": "rafaelmardojai",
"repo": "firefox-gnome-theme", "repo": "firefox-gnome-theme",
"rev": "a95be99b28fdf1c33f1399a387eb594cf9bffc99", "rev": "4e966509c180f93ba8665cd73cad8456bf44baab",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -131,22 +115,6 @@
"type": "github" "type": "github"
} }
}, },
"flake-compat_2": {
"flake": false,
"locked": {
"lastModified": 1668681692,
"narHash": "sha256-Ht91NGdewz8IQLtWZ9LCeNXMSXHUss+9COoqu6JLmXU=",
"owner": "edolstra",
"repo": "flake-compat",
"rev": "009399224d5e398d03b22badca40a37ac85412a1",
"type": "github"
},
"original": {
"owner": "edolstra",
"repo": "flake-compat",
"type": "github"
}
},
"home-manager": { "home-manager": {
"inputs": { "inputs": {
"nixpkgs": [ "nixpkgs": [
@ -175,11 +143,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1712386041, "lastModified": 1706981411,
"narHash": "sha256-dA82pOMQNnCJMAsPG7AXG35VmCSMZsJHTFlTHizpKWQ=", "narHash": "sha256-cLbLPTL1CDmETVh4p0nQtvoF+FSEjsnJTFpTxhXywhQ=",
"owner": "nix-community", "owner": "nix-community",
"repo": "home-manager", "repo": "home-manager",
"rev": "d6bb9f934f2870e5cbc5b94c79e9db22246141ff", "rev": "652fda4ca6dafeb090943422c34ae9145787af37",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -191,11 +159,11 @@
}, },
"nixos-hardware": { "nixos-hardware": {
"locked": { "locked": {
"lastModified": 1712909959, "lastModified": 1709410583,
"narHash": "sha256-7/5ubuwdEbQ7Z+Vqd4u0mM5L2VMNDsBh54visp27CtQ=", "narHash": "sha256-esOSUoQ7mblwcsSea0K17McZuwAIjoS6dq/4b83+lvw=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixos-hardware", "repo": "nixos-hardware",
"rev": "f58b25254be441cd2a9b4b444ed83f1e51244f1f", "rev": "59e37017b9ed31dee303dbbd4531c594df95cfbc",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -204,32 +172,6 @@
"type": "github" "type": "github"
} }
}, },
"nixos-mailserver": {
"inputs": {
"blobs": "blobs",
"flake-compat": "flake-compat_2",
"nixpkgs": [
"nixpkgs"
],
"nixpkgs-23_05": "nixpkgs-23_05",
"nixpkgs-23_11": "nixpkgs-23_11",
"utils": "utils_2"
},
"locked": {
"lastModified": 1706219574,
"narHash": "sha256-qO+8UErk+bXCq2ybHU4GzXG4Ejk4Tk0rnnTPNyypW4g=",
"owner": "simple-nixos-mailserver",
"repo": "nixos-mailserver",
"rev": "e47f3719f1db3e0961a4358d4cb234a0acaa7baf",
"type": "gitlab"
},
"original": {
"owner": "simple-nixos-mailserver",
"ref": "nixos-23.11",
"repo": "nixos-mailserver",
"type": "gitlab"
}
},
"nixpkgs": { "nixpkgs": {
"locked": { "locked": {
"lastModified": 1703013332, "lastModified": 1703013332,
@ -246,43 +188,13 @@
"type": "github" "type": "github"
} }
}, },
"nixpkgs-23_05": {
"locked": {
"lastModified": 1704290814,
"narHash": "sha256-LWvKHp7kGxk/GEtlrGYV68qIvPHkU9iToomNFGagixU=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "70bdadeb94ffc8806c0570eb5c2695ad29f0e421",
"type": "github"
},
"original": {
"id": "nixpkgs",
"ref": "nixos-23.05",
"type": "indirect"
}
},
"nixpkgs-23_11": {
"locked": {
"lastModified": 1706098335,
"narHash": "sha256-r3dWjT8P9/Ah5m5ul4WqIWD8muj5F+/gbCdjiNVBKmU=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "a77ab169a83a4175169d78684ddd2e54486ac651",
"type": "github"
},
"original": {
"id": "nixpkgs",
"ref": "nixos-23.11",
"type": "indirect"
}
},
"nixpkgs-unstable": { "nixpkgs-unstable": {
"locked": { "locked": {
"lastModified": 1712791164, "lastModified": 1709237383,
"narHash": "sha256-3sbWO1mbpWsLepZGbWaMovSO7ndZeFqDSdX0hZ9nVyw=", "narHash": "sha256-cy6ArO4k5qTx+l5o+0mL9f5fa86tYUX3ozE1S+Txlds=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "1042fd8b148a9105f3c0aca3a6177fd1d9360ba5", "rev": "1536926ef5621b09bba54035ae2bb6d806d72ac8",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -309,11 +221,11 @@
}, },
"nixpkgs_3": { "nixpkgs_3": {
"locked": { "locked": {
"lastModified": 1712867921, "lastModified": 1709309926,
"narHash": "sha256-edTFV4KldkCMdViC/rmpJa7oLIU8SE/S35lh/ukC7bg=", "narHash": "sha256-VZFBtXGVD9LWTecGi6eXrE0hJ/mVB3zGUlHImUs2Qak=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "51651a540816273b67bc4dedea2d37d116c5f7fe", "rev": "79baff8812a0d68e24a836df0a364c678089e2c7",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -330,7 +242,6 @@
"firefox-gnome-theme": "firefox-gnome-theme", "firefox-gnome-theme": "firefox-gnome-theme",
"home-manager": "home-manager_2", "home-manager": "home-manager_2",
"nixos-hardware": "nixos-hardware", "nixos-hardware": "nixos-hardware",
"nixos-mailserver": "nixos-mailserver",
"nixpkgs": "nixpkgs_3", "nixpkgs": "nixpkgs_3",
"nixpkgs-unstable": "nixpkgs-unstable", "nixpkgs-unstable": "nixpkgs-unstable",
"secrets": "secrets", "secrets": "secrets",
@ -340,11 +251,11 @@
"secrets": { "secrets": {
"flake": false, "flake": false,
"locked": { "locked": {
"lastModified": 1712006510, "lastModified": 1709495020,
"narHash": "sha256-JQ3ZcSwIB6d3gDcx/nZCUlSfZGwaI55WNmD9mK2uTPA=", "narHash": "sha256-eiz0qUjUbdeb6m28XPY7OVnrGMZ45JiT2dZZ0Bmq2X0=",
"ref": "refs/heads/master", "ref": "refs/heads/master",
"rev": "f350d35d7651c415fa4c0d6a7cff378ba5650f93", "rev": "d135b4d6d5f0079999188895f8b5f35e821b0d4b",
"revCount": 17, "revCount": 14,
"type": "git", "type": "git",
"url": "ssh://git@git.vimium.com/jordan/nix-secrets.git" "url": "ssh://git@git.vimium.com/jordan/nix-secrets.git"
}, },
@ -386,11 +297,11 @@
"thunderbird-gnome-theme": { "thunderbird-gnome-theme": {
"flake": false, "flake": false,
"locked": { "locked": {
"lastModified": 1710774977, "lastModified": 1701889124,
"narHash": "sha256-nQBz2PW3YF3+RTflPzDoAcs6vH1PTozESIYUGAwvSdA=", "narHash": "sha256-K+6oh7+J6RDBFkxphY/pzf0B+q5+IY54ZMKZrFSKXlc=",
"owner": "rafaelmardojai", "owner": "rafaelmardojai",
"repo": "thunderbird-gnome-theme", "repo": "thunderbird-gnome-theme",
"rev": "65d5c03fc9172d549a3ea72fd366d544981a002b", "rev": "966e9dd54bd2ce9d36d51cd6af8c3bac7a764a68",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -416,21 +327,6 @@
"repo": "flake-utils", "repo": "flake-utils",
"type": "github" "type": "github"
} }
},
"utils_2": {
"locked": {
"lastModified": 1605370193,
"narHash": "sha256-YyMTf3URDL/otKdKgtoMChu4vfVL3vCMkRqpGifhUn0=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "5021eac20303a61fafe17224c087f5519baed54d",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
} }
}, },
"root": "root", "root": "root",

16
flake.nix
View File

@ -20,10 +20,6 @@
flake = false; flake = false;
}; };
nixos-hardware.url = "github:NixOS/nixos-hardware"; nixos-hardware.url = "github:NixOS/nixos-hardware";
nixos-mailserver = {
url = "gitlab:simple-nixos-mailserver/nixos-mailserver/nixos-23.11";
inputs.nixpkgs.follows = "nixpkgs";
};
secrets = { secrets = {
url = "git+ssh://git@git.vimium.com/jordan/nix-secrets.git"; url = "git+ssh://git@git.vimium.com/jordan/nix-secrets.git";
flake = false; flake = false;
@ -34,7 +30,7 @@
}; };
}; };
outputs = inputs @ { self, nixpkgs, nixpkgs-unstable, agenix, deploy-rs, disko, home-manager, nixos-hardware, nixos-mailserver, secrets, ... }: outputs = inputs @ { self, nixpkgs, nixpkgs-unstable, agenix, deploy-rs, disko, home-manager, nixos-hardware, secrets, ... }:
let let
mkPkgsForSystem = system: inputs.nixpkgs; mkPkgsForSystem = system: inputs.nixpkgs;
overlays = [ overlays = [
@ -50,7 +46,6 @@
commonModules = [ commonModules = [
agenix.nixosModules.age agenix.nixosModules.age
disko.nixosModules.disko disko.nixosModules.disko
nixos-mailserver.nixosModule
home-manager.nixosModule home-manager.nixosModule
./modules ./modules
]; ];
@ -83,7 +78,6 @@
helios = mkNixosSystem { system = "x86_64-linux"; name = "helios"; }; helios = mkNixosSystem { system = "x86_64-linux"; name = "helios"; };
hypnos = mkNixosSystem { system = "x86_64-linux"; name = "hypnos"; }; hypnos = mkNixosSystem { system = "x86_64-linux"; name = "hypnos"; };
library = mkNixosSystem { system = "x86_64-linux"; name = "library"; }; library = mkNixosSystem { system = "x86_64-linux"; name = "library"; };
mail = mkNixosSystem { system = "x86_64-linux"; name = "mail"; };
odyssey = mkNixosSystem { system = "x86_64-linux"; name = "odyssey"; }; odyssey = mkNixosSystem { system = "x86_64-linux"; name = "odyssey"; };
pi = mkNixosSystem { system = "aarch64-linux"; name = "pi"; extraModules = [ nixos-hardware.nixosModules.raspberry-pi-4 ]; }; pi = mkNixosSystem { system = "aarch64-linux"; name = "pi"; extraModules = [ nixos-hardware.nixosModules.raspberry-pi-4 ]; };
vps1 = mkNixosSystem { system = "x86_64-linux"; name = "vps1"; }; vps1 = mkNixosSystem { system = "x86_64-linux"; name = "vps1"; };
@ -100,14 +94,6 @@
autoRollback = true; autoRollback = true;
sshUser = "root"; sshUser = "root";
nodes = { nodes = {
mail = {
hostname = "mail.mesh.vimium.net";
profiles.system = {
user = "root";
path = deploy-rs.lib.x86_64-linux.activate.nixos self.nixosConfigurations.mail;
};
};
vps1 = { vps1 = {
hostname = "vps1.mesh.vimium.net"; hostname = "vps1.mesh.vimium.net";

1
hosts/atlas/default.nix
View File

@ -36,6 +36,7 @@
}; };
editors = { editors = {
neovim.enable = true; neovim.enable = true;
vscode.enable = true;
}; };
security = { security = {
gpg.enable = true; gpg.enable = true;

1
hosts/common.nix
View File

@ -49,7 +49,6 @@
max-free = 1000000000; max-free = 1000000000;
fallback = true; fallback = true;
allowed-users = [ "@wheel" ]; allowed-users = [ "@wheel" ];
trusted-users = [ "@wheel" ];
auto-optimise-store = true; auto-optimise-store = true;
substituters = [ substituters = [
"http://odyssey.mesh.vimium.net" "http://odyssey.mesh.vimium.net"

18
hosts/mail/README.md
View File

@ -1,18 +0,0 @@
# Mail server
## Overview
Mail server hosted in OVH.
## Specs
* CPU - ??
* Memory - ??
### Disks
Device | Partitions _(filesystem, usage)_
--- | ---
NVMe | `/dev/sda1` (ext4, NixOS Root)
### Networks
- DHCP on `10.0.1.0/24` subnet.
- Tailscale on `100.64.0.0/10` subnet. FQDN: `mail.mesh.vimium.net`.

55
hosts/mail/default.nix
View File

@ -1,55 +0,0 @@
{ config, lib, pkgs, inputs, ... }:
{
imports = [
./hardware-configuration.nix
./disko-config.nix
../server.nix
];
networking = {
hostId = "08ac2f14";
domain = "mesh.vimium.net";
firewall = {
enable = true;
allowedTCPPorts = [
22 # SSH
];
};
};
users = {
users = {
root = {
openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILVHTjsyMIV4THNw6yz0OxAxGnC+41gX72UrPqTzR+OS jordan@vimium.com"
];
};
};
};
services.openssh.settings.PermitRootLogin = lib.mkForce "prohibit-password";
security.acme.defaults = {
email = "hostmaster@vimium.com";
group = "nginx";
webroot = "/var/lib/acme/acme-challenge";
};
modules = {
services = {
borgmatic = {
enable = true;
directories = [
"/var/dkim"
"/var/lib"
"/var/vmail"
];
repoPath = "ssh://kg2mpt28@kg2mpt28.repo.borgbase.com/./repo";
};
mail.enable = true;
};
};
system.stateVersion = "22.11";
}

55
hosts/mail/disko-config.nix
View File

@ -1,55 +0,0 @@
{ lib, ... }:
{
disko.devices = {
disk.disk1 = {
device = lib.mkDefault "/dev/sda";
type = "disk";
content = {
type = "gpt";
partitions = {
boot = {
name = "boot";
size = "2M";
type = "EF02";
};
esp = {
name = "ESP";
size = "300M";
type = "EF00";
content = {
type = "filesystem";
format = "vfat";
mountpoint = "/boot";
};
};
root = {
name = "root";
size = "100%";
content = {
type = "lvm_pv";
vg = "pool";
};
};
};
};
};
lvm_vg = {
pool = {
type = "lvm_vg";
lvs = {
root = {
size = "100%FREE";
content = {
type = "filesystem";
format = "ext4";
mountpoint = "/";
mountOptions = [
"defaults"
];
};
};
};
};
};
};
}

22
hosts/mail/hardware-configuration.nix
View File

@ -1,22 +0,0 @@
{ config, lib, pkgs, modulesPath, ... }:
{
imports = [
(modulesPath + "/profiles/qemu-guest.nix")
];
boot = {
initrd = {
availableKernelModules = [ "ata_piix" "uhci_hcd" "xen_blkfront" "vmw_pvscsi" ];
kernelModules = [ "nvme" ];
};
loader.grub = {
efiSupport = true;
efiInstallAsRemovable = true;
};
tmp.cleanOnBoot = true;
};
zramSwap.enable = true;
}

1
hosts/odyssey/default.nix
View File

@ -70,6 +70,7 @@
}; };
editors = { editors = {
neovim.enable = true; neovim.enable = true;
vscode.enable = true;
}; };
hardware.presonus-studio.enable = true; hardware.presonus-studio.enable = true;
security = { security = {

1
hosts/vps1/default.nix
View File

@ -62,7 +62,6 @@
headscale.enable = true; headscale.enable = true;
matrix-synapse.enable = true; matrix-synapse.enable = true;
nginx.enable = true; nginx.enable = true;
photoprism.enable = true;
}; };
}; };

2
modules/default.nix
View File

@ -34,10 +34,8 @@
./services/coturn ./services/coturn
./services/gitea ./services/gitea
./services/headscale ./services/headscale
./services/mail
./services/matrix-synapse ./services/matrix-synapse
./services/nginx ./services/nginx
./services/photoprism
./shell/git ./shell/git
./shell/zsh ./shell/zsh
]; ];

8
modules/desktop/gaming/emulators.nix
View File

@ -54,11 +54,11 @@ in {
}; };
config = { config = {
user.packages = with pkgs; [ user.packages = with pkgs.unstable; [
(lib.mkIf cfg.ps1.enable duckstation) (lib.mkIf cfg.ps1.enable duckstation)
(lib.mkIf cfg.ps2.enable unstable.pcsx2) (lib.mkIf cfg.ps2.enable pcsx2)
(lib.mkIf cfg.ps3.enable rpcs3) (lib.mkIf cfg.ps3.enable rpcs3)
(lib.mkIf cfg.psp.enable unstable.ppsspp) (lib.mkIf cfg.psp.enable ppsspp)
(lib.mkIf cfg.ds.enable desmume) (lib.mkIf cfg.ds.enable desmume)
(lib.mkIf (cfg.gba.enable || (lib.mkIf (cfg.gba.enable ||
cfg.gb.enable || cfg.gb.enable ||
@ -68,7 +68,7 @@ in {
(lib.mkIf (cfg.wii.enable || (lib.mkIf (cfg.wii.enable ||
cfg.gamecube.enable) cfg.gamecube.enable)
dolphin-emu) dolphin-emu)
(lib.mkIf cfg.xbox.enable unstable.xemu) (lib.mkIf cfg.xbox.enable xemu)
]; ];
}; };
} }

17
modules/desktop/gnome.nix
View File

@ -135,8 +135,6 @@ in {
}; };
"org/gnome/Console" = { "org/gnome/Console" = {
font-scale = 1.4; font-scale = 1.4;
use-system-font = false;
custom-font = "ComicShannsMono Nerd Font 10";
}; };
"org/gnome/mutter" = { "org/gnome/mutter" = {
center-new-windows = true; center-new-windows = true;
@ -164,23 +162,23 @@ in {
user.packages = with pkgs; [ user.packages = with pkgs; [
authenticator authenticator
# bottles bottles
# bustle bustle
celluloid celluloid
# d-spy d-spy
# drawing drawing
# fragments fragments
gnome.ghex gnome.ghex
# gnome-builder # gnome-builder
gnome-decoder gnome-decoder
gnome-firmware gnome-firmware
gnome-frog gnome-frog
# gnome-obfuscate gnome-obfuscate
gnome-podcasts gnome-podcasts
identity identity
mission-center mission-center
newsflash newsflash
# schemes schemes
shortwave shortwave
]; ];
@ -222,7 +220,6 @@ in {
# gnomeExtensions.workspace-matrix # gnomeExtensions.workspace-matrix
iotop iotop
unstable.morewaita-icon-theme unstable.morewaita-icon-theme
unstable.nix-tree
ripgrep ripgrep
rsync rsync
tcpdump tcpdump

68
modules/services/mail/default.nix
View File

@ -1,68 +0,0 @@
{ config, lib, pkgs, ... }:
let
cfg = config.modules.services.mail;
domains = [
"h0lt.com"
"jdholt.com"
"jordanholt.xyz"
"vimium.co"
"vimium.co.uk"
"vimium.info"
"vimium.net"
"vimium.org"
"vimium.xyz"
];
in {
options.modules.services.mail = {
enable = lib.mkOption {
default = false;
example = true;
};
};
config = lib.mkIf cfg.enable {
services.roundcube = {
enable = true;
hostName = config.mailserver.fqdn;
extraConfig = ''
$config['smtp_server'] = "tls://${config.mailserver.fqdn}";
$config['smtp_user'] = "%u";
$config['smtp_pass'] = "%p";
'';
};
services.nginx.enable = true;
networking.firewall.allowedTCPPorts = [ 80 443 ];
mailserver = {
enable = true;
fqdn = "mail.vimium.com";
domains = domains;
indexDir = "/var/lib/dovecot/indices";
certificateDomains = [
"imap.vimium.com"
"smtp.vimium.com"
];
certificateScheme = "acme-nginx";
fullTextSearch.enable = true;
loginAccounts = {
"jordan@vimium.com" = {
hashedPasswordFile = config.users.users.jordan.hashedPasswordFile;
catchAll = domains;
};
};
extraVirtualAliases = {
"hostmaster@vimium.com" = "jordan@vimium.com";
"postmaster@vimium.com" = "jordan@vimium.com";
"webmaster@vimium.com" = "jordan@vimium.com";
"abuse@vimium.com" = "jordan@vimium.com";
};
};
};
}

57
modules/services/photoprism/default.nix
View File

@ -1,57 +0,0 @@
{ config, lib, pkgs, inputs, ... }:
with lib;
let cfg = config.modules.services.photoprism;
in {
options.modules.services.photoprism = {
enable = mkOption {
default = false;
example = true;
};
};
config = mkIf cfg.enable {
services.nginx = {
virtualHosts = {
"gallery.vimium.com" = {
forceSSL = true;
enableACME = true;
locations."/" = {
proxyPass = "http://localhost:${toString config.services.photoprism.port}";
extraConfig = ''
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
proxy_buffering off;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
'';
};
};
};
};
age.secrets."passwords/services/photoprism/admin" = {
file = "${inputs.secrets}/passwords/services/photoprism/admin.age";
};
services.photoprism = {
enable = true;
address = "localhost";
passwordFile = config.age.secrets."passwords/services/photoprism/admin".path;
originalsPath = "${config.services.photoprism.storagePath}/originals";
settings = {
PHOTOPRISM_APP_NAME = "Vimium Gallery";
PHOTOPRISM_SITE_AUTHOR = "Vimium";
PHOTOPRISM_SITE_TITLE = "Vimium Gallery";
PHOTOPRISM_SITE_CAPTION = "See your photos and videos on gallery.vimium.com";
PHOTOPRISM_DISABLE_TLS = "true";
PHOTOPRISM_SPONSOR = "true";
};
};
};
}