WIP

Enable automatic nix garbage collection
Re-enable shelvacu's substituter
2025-05-31 15:51:58 -07:00 · 2025-05-31 15:51:01 -07:00 · 2025-05-31 15:49:50 -07:00 · 2025-05-31 15:46:09 -07:00 · 2025-05-26 16:38:15 -07:00 · 2025-05-26 15:23:29 -07:00
12 changed files with 728 additions and 289 deletions
--- a/flake.lock
+++ b/flake.lock
--- a/flake.nix
+++ b/flake.nix
@@ -2,8 +2,9 @@
  description = "Nettika's NixOS Configurations";
  inputs = {
-    nixpkgs.url = "github:nixos/nixpkgs/nixos-24.05";
+    nixpkgs.url = "github:nixos/nixpkgs/nixos-24.11";
    shelvacu.url = "git+https://git.uninsane.org/shelvacu/nix-stuff";
    phps.url = "github:fossar/nix-phps";
  };
  outputs = { self, nixpkgs, ... }@inputs:
--- a/hosts/marauder/backup.nix
+++ b/hosts/marauder/backup.nix
@@ -33,9 +33,12 @@
      repository = "b2:marauder-backup";
      passwordFile = "/etc/restic-password";
      paths = [
        "${config.users.users.nettika.home}/Documents"
        "${config.users.users.nettika.home}/Artwork"
        "${config.users.users.nettika.home}/Documents"
        "${config.users.users.nettika.home}/Music"
        "${config.users.users.nettika.home}/Pictures"
        "${config.users.users.nettika.home}/Projects"
        "${config.users.users.nettika.home}/Videos"
      ];
      pruneOpts = [
        "--keep-daily 7"
--- a/hosts/marauder/default.nix
+++ b/hosts/marauder/default.nix
@@ -6,6 +6,7 @@
    self.nixosModules.zerotier
    ./backup.nix
    ./dev.nix
    ./www.nix
    ./printing.nix
  ];
@@ -48,12 +49,14 @@
  hardware = {
    enableRedistributableFirmware = true;
    cpu.amd.updateMicrocode = true;
-    opengl = {
+    graphics = {
      enable = true;
-      driSupport32Bit = true;
+      enable32Bit = true;
      extraPackages = [ pkgs.vaapiVdpau ];
    };
-    nvidia.prime = {
+    nvidia = {
      open = true;
      prime = {
        offload = {
          enable = true;
          enableOffloadCmd = true;
@@ -62,6 +65,7 @@
        nvidiaBusId = "PCI:01:00:0";
      };
    };
  };
  environment = {
    systemPackages = [
@@ -72,12 +76,13 @@
      slack
      element-desktop
      telegram-desktop
      signal-desktop
      # Browsers
      firefox
      filezilla
-      # Art and 3D
+      # Creative
      inkscape
      gimp
      krita
@@ -94,6 +99,8 @@
      intiface-central
      prismlauncher
      blender
      mullvad-vpn
      qbittorrent
    ]);
  };
--- a/hosts/marauder/dev.nix
+++ b/hosts/marauder/dev.nix
@@ -5,16 +5,30 @@
  };
  environment.systemPackages = with pkgs; [
    # Code Editors
    vscode
-    kotlin
+    arduino-ide
-    rustup
+
-    pyenv
+    # Dev Tools
    gcc
    nixd
    nixpkgs-fmt
    pyenv
    rustup
    electron-fiddle
    electron
    # Languages
    gcc
    kotlin
    nodejs
    php
  ];
  programs.direnv = {
    enable = true;
  };
  nixpkgs.config.permittedInsecurePackages = [
    "electron-24.8.6"
  ];
 }
--- a/hosts/marauder/www.nix
+++ b/hosts/marauder/www.nix
@@ -0,0 +1,26 @@
 { pkgs, inputs, ... }:
 let
  fortune = pkgs.writeShellScript "cgi" ''
    echo "Content-type: text/html"
    echo ""
    ${pkgs.fortune}/bin/fortune
  '';
 in {
  services.mysql = {
    enable = true;
    package = pkgs.mariadb;
  };
  services.httpd = {
    enable = true;
    enablePHP = true;
    phpPackage = inputs.phps.packages.x86_64-linux.php80;
    extraConfig = ''
      ScriptAlias /fortune ${fortune}/bin/fortune
    '';
    virtualHosts."localhost" = {
      documentRoot = "/var/www";
      locations."/".index = "index.html index.php";
    };
  };
 }
--- a/hosts/monolith/default.nix
+++ b/hosts/monolith/default.nix
@@ -6,6 +6,8 @@
    self.nixosModules.server
    self.nixosModules.zerotier
    ./dns.nix
    ./memos.nix
    ./vault.nix
  ];
  networking = {
@@ -48,6 +50,7 @@
    rustup
    gcc
    (callPackage ../marauder/ffcheck.nix { })
    mp3val
  ];
  services.jellyfin = {
@@ -66,6 +69,24 @@
    };
  };
  systemd = {
    services.reboot = {
      description = "Reboot the system";
      serviceConfig = {
        Type = "oneshot";
        ExecStart = "${pkgs.systemd}/bin/systemctl reboot";
      };
    };
    timers.reboot = {
      description = "Reboot the system every two hours";
      wantedBy = [ "timers.target" ];
      timerConfig = {
        OnBootSec = "6h";
        Persistent = true;
      };
    };
  };
  promptEmoji = "🏰";
  time.timeZone = "America/Los_Angeles";
--- a/hosts/monolith/memos.nix
+++ b/hosts/monolith/memos.nix
@@ -0,0 +1,45 @@
 { pkgs, ... }:
 {
  users.users = {
    memos = {
      isSystemUser = true;
      group = "memos";
    };
  };
  users.groups = {
    memos = { };
  };
  environment.systemPackages = [ pkgs.memos ];
  systemd.tmpfiles.settings = {
    memosDirs = {
      "/var/opt/memos".d = {
        mode = "700";
        user = "memos";
        group = "memos";
      };
    };
  };
  # systemd.services = {
  #   memos = {
  #     description = "Memos Note-taking Server";
  #     wantedBy = [ "multi-user.target" ];
  #     after = [ "network.target" ];
  #     serviceConfig = {
  #       Type = "simple";
  #       User = "memos";
  #       WorkingDirectory = "/var/opt/memos";
  #       ExecStart = "${pkgs.memos}/bin/memos --data /var/opt/memos --port 5230";
  #       Restart = "on-failure";
  #       TimeoutSec = 15;
  #     };
  #   };
  # };
  networking.firewall = {
    allowedTCPPorts = [ 5230 ];
  };
 }
--- a/hosts/monolith/vault.nix
+++ b/hosts/monolith/vault.nix
@@ -0,0 +1,20 @@
 { secrets, ... }:
 {
  services.vaultwarden = {
    enable = true;
    config = {
      domain = "https://vault.leaf.ninja";
      signupsAllowed = false;
      rocketAddress = "0.0.0.0";
      rocketPort = 8222;
      smtpHost = "smtp.migadu.com";
      smtpFrom = "vaultwarden@leaf.ninja";
      smtpPort = 587;
      smtpSecurity = "starttls";
      smtpUsername = "vaultwarden@leaf.ninja";
      smtpPassword = secrets.vaultwarden.smtpPassword;
    };
  };
  networking.firewall.allowedTCPPorts = [ 8222 ];
 }
--- a/modules/common.nix
+++ b/modules/common.nix
@@ -4,14 +4,27 @@
  nix.settings = {
    experimental-features = [ "nix-command" "flakes" ];
-    substituters = [ "https://nixcache.shelvacu.com" ];
+    substituters = [
-    trusted-public-keys = [ "nixcache.shelvacu.com:73u5ZGBpPRoVZfgNJQKYYBt9K9Io/jPwgUfuOLsJbsM=" ];
+      "https://nixcache.shelvacu.com"
      "https://fossar.cachix.org"
    ];
    trusted-public-keys = [
      "fossar.cachix.org-1:Zv6FuqIboeHPWQS7ysLCJ7UT7xExb4OE8c4LyGb5AsE="
      "nixcache.shelvacu.com:73u5ZGBpPRoVZfgNJQKYYBt9K9Io/jPwgUfuOLsJbsM="
    ];
    trusted-users = [ "@wheel" ];
  };
  nix.gc = {
    automatic = true;
    dates = "weekly";
    options = "--delete-older-than 30d";
  };
  users.users.nettika = {
    isNormalUser = true;
    extraGroups = [ "wheel" "networkmanager" ];
    shell = pkgs.fish;
  };
  security.sudo.wheelNeedsPassword = false;
@@ -41,8 +54,13 @@
    '';
  };
  programs.fish = {
    enable = true;
  };
  environment.systemPackages = with pkgs; [
    git-crypt
    htop
    jq
  ];
 }
--- a/modules/prompt.nix
+++ b/modules/prompt.nix
@@ -7,4 +7,24 @@
  config.programs.bash.promptInit = ''
    PS1="\[\e]0;\u@\h: \w\a\]\n${config.promptEmoji} \[\033[1;$((UID ? 32 : 31))m\]\w \\$\[\033[0m\] "
  '';
  config.programs.fish = {
    promptInit = ''
      function fish_prompt
        echo -n '${config.promptEmoji} '
        set_color brgreen
        echo -n (prompt_pwd)
        set_color normal
        echo -n ' > '
      end
      function fish_right_prompt
        set_color bryellow
        echo -n (git branch --show-current 2>/dev/null)
      end
    '';
    shellInit = ''
      set -g fish_greeting
      set -g fish_prompt_pwd_full_dirs 999
    '';
  };
 }
--- a/secrets.json
+++ b/secrets.json
Author	SHA1	Message	Date
Nettika	05fdf726a3	WIP	2025-05-31 15:51:58 -07:00
Nettika	5eab965637	Enable automatic nix garbage collection	2025-05-31 15:51:01 -07:00
Nettika	a42a8ba871	Re-enable shelvacu's substituter	2025-05-31 15:49:50 -07:00
Nettika	a9e74478c9	Configure apache to use php 8.0	2025-05-31 15:46:09 -07:00
Nettika	dbfe474299	Use fish	2025-05-26 16:38:15 -07:00
Nettika	455a36f0d1	Use apache and mod_php in www services	2025-05-26 15:23:29 -07:00
Nettika	f21f543976	Configure www services	2025-05-25 21:52:10 -07:00
Nettika	fc28b23995	Add electron tools	2025-05-25 21:11:31 -07:00
Nettika	d9b0d8d4cb	Make htop a globally common package	2025-04-22 15:34:08 -07:00
Nettika	e40f929abe	Add cachix substituter and disable shelvacu's	2025-04-22 14:21:01 -07:00
Nettika	493d9962ef	Setup php7.2 dev tools	2025-04-19 01:18:00 -07:00
Nettika	3ee2d1dd84	Use cachix	2025-04-19 01:17:15 -07:00
Nettika	1ac3895177	Install Arduino IDE on Marauder	2025-04-05 20:57:20 -07:00
Nettika	3bc1357bb1	Uninstall orca-slicer from Marauder	2025-02-26 18:03:37 -08:00
Nettika	46fbfbf8ca	Install Signal desktop on Marauder	2025-02-26 17:59:38 -08:00
Nettika	ebc1fce8f4	Update restic backup paths on marauder	2024-12-27 00:55:25 -08:00
Nettika	a6acaf9b17	Setup vaultwarden on monolith	2024-12-27 00:55:25 -08:00
Nettika	42a9998b54	Add Orca Slicer to marauder	2024-12-27 00:55:25 -08:00
Nettika	36f3d3b66b	Update hardware settings on marauder	2024-12-27 00:55:25 -08:00
Nettika	fda44a9cc8	Add mp3val to monolith	2024-12-23 12:27:55 -08:00
Nettika	8cdb64ed65	Add htop to monolith	2024-12-23 12:12:45 -08:00
Nettika	5fd8e803b1	Update flake to NixOS 24.11	2024-12-18 22:15:49 -08:00
Nettika	ac916d8305	Add reboot service to monolith	2024-12-18 22:04:49 -08:00
Nettika	0de7e50ffa	Add mullvad and qbittorrent to Marauder	2024-12-11 20:12:32 -08:00