nettika/nixos
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

merge into: nettika:file-server
Branches Tags
nettika:master nettika:samba nettika:memos nettika:mautrix-telegram nettika:romraider nettika:file-server
...
pull from: nettika:mautrix-telegram
Branches Tags
nettika:samba nettika:memos nettika:master nettika:mautrix-telegram nettika:romraider nettika:file-server

33 Commits
file-serve ... mautrix-te

Author SHA1 Message Date
Nettika
3b143d9467 WIP mautrix-telegram 2024-09-27 21:35:23 -07:00
Nettika
0ebe8d1121 Serve Synapse Admin from quasar 2024-09-27 21:01:31 -07:00
Nettika
d80ae92464 Add system-control-printer to marauder 2024-09-27 21:01:31 -07:00
Nettika
883204e90e Set synapse secrets 2024-09-27 21:01:31 -07:00
Nettika
0172e6af2b Configure synapse on quasar 2024-09-26 00:40:56 -07:00
Nettika
66786c2455 Move zerotier out of the common module 2024-09-25 21:05:05 -07:00
Nettika
e30a5830ef Add quasar host 2024-09-25 19:44:47 -07:00
Nettika
572cca2dd9 Configure printing on marauder 2024-09-25 16:20:21 -07:00
Nettika
09a1cc5a26 Move ffcheck into a separate package 2024-09-23 16:46:50 -07:00
Nettika
8ef9e1b0be Use Shelvacu's cache 2024-09-23 16:29:02 -07:00
Nettika
2e956f2ddd Move lightweight editor config to common module 2024-09-23 16:20:51 -07:00
Nettika
d3f46bf7c5 Move Marauder dev configs into a separate module 2024-09-23 16:15:42 -07:00
Nettika
e22915119e Set default editors 2024-09-23 15:57:54 -07:00
Nettika
e79ec922d1 Only backup critical Marauder directories 2024-09-23 15:55:37 -07:00
Nettika
4eff26d69d Update flake 2024-09-20 21:46:18 -07:00
Nettika
b714df956c Add Super Mario 64 Co-op Deluxe 2024-09-15 15:49:06 -07:00
Nettika
4e905ba555 Set Marauder time zone to Pacific 2024-09-05 20:01:17 -07:00
Nettika
19089fd683 Add art software 2024-09-02 17:10:31 -06:00
Nettika
ee94662fd1 Add mullvad 2024-08-11 21:32:33 -06:00
Nettika
0992eba4dc Format nix files 2024-08-06 14:58:30 -06:00
Nettika
57049fe511 Add nixpkgs-fmt 2024-08-06 14:54:48 -06:00
Nettika
b5e8cd89dd Add nixd 2024-08-04 23:40:42 -06:00
Nettika
f9e8704fce Add nix-direnv 2024-08-04 23:26:33 -06:00
Nettika
1b62fee835 Add pyenv 2024-08-04 23:18:01 -06:00
Nettika
821b3a00ed Add slack 2024-08-01 15:31:08 -06:00
Nettika
050f2ded35 Add GCC 2024-07-31 10:41:59 -06:00
Nettika
7deda2a385 Add rustup 2024-07-31 10:24:49 -06:00
Nettika
066d21cf66 Add kotlin 2024-07-29 12:15:10 -06:00
Nettika
2e90f3455a Set Marauder time zone to Denver 2024-07-29 10:16:27 -06:00
Nettika
1ccbd013f8 Add ffmpeg and ffcheck helper script 2024-07-28 17:13:05 -07:00
Nettika
705a9f840b Add filezilla 2024-07-28 17:00:53 -07:00
Nettika
81651492ca Set prompt emoji for Monolith 2024-07-23 20:57:43 -07:00
Nettika
eade86cef6 Create prompt module 2024-07-23 20:53:57 -07:00
13 changed files with 1877 additions and 74 deletions
Expand all files Collapse all files

1674
flake.lock generated
View File

File diff suppressed because it is too large Load Diff

45
flake.nix
View File

@@ -3,28 +3,37 @@
inputs = { inputs = {
nixpkgs.url = "github:nixos/nixpkgs/nixos-24.05"; nixpkgs.url = "github:nixos/nixpkgs/nixos-24.05";
shelvacu.url = "git+https://git.uninsane.org/shelvacu/nix-stuff";
}; };
outputs = { self, nixpkgs, ... }@inputs: outputs = { self, nixpkgs, ... }@inputs:
let let
secrets = builtins.fromJSON (builtins.readFile ./secrets.json); secrets = builtins.fromJSON (builtins.readFile ./secrets.json);
in { in
nixosModules = { {
common = import ./modules/common.nix; nixosModules = {
server = import ./modules/server.nix; common = import ./modules/common.nix;
}; prompt = import ./modules/prompt.nix;
server = import ./modules/server.nix;
zerotier = import ./modules/zerotier.nix;
};
nixosConfigurations = { nixosConfigurations = {
marauder = nixpkgs.lib.nixosSystem { marauder = nixpkgs.lib.nixosSystem {
system = "x86_64-linux"; system = "x86_64-linux";
modules = [ ./hosts/marauder ]; modules = [ ./hosts/marauder ];
specialArgs = { inherit self inputs secrets; }; specialArgs = { inherit self inputs secrets; };
}; };
monolith = nixpkgs.lib.nixosSystem { monolith = nixpkgs.lib.nixosSystem {
system = "x86_64-linux"; system = "x86_64-linux";
modules = [ ./hosts/monolith ]; modules = [ ./hosts/monolith ];
specialArgs = { inherit self inputs secrets; }; specialArgs = { inherit self inputs secrets; };
};
quasar = nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
modules = [ ./hosts/quasar ];
specialArgs = { inherit self inputs secrets; };
};
}; };
}; };
};
} }

9
hosts/marauder/backup.nix
View File

@@ -20,7 +20,7 @@
script = "notify-send -u critical \"Backup to B2 failed\" \"$(journalctl -u restic-backups-b2 -n 5 -o cat)\""; script = "notify-send -u critical \"Backup to B2 failed\" \"$(journalctl -u restic-backups-b2 -n 5 -o cat)\"";
}; };
restic-backups-b2 = { restic-backups-b2 = {
onFailure = ["notify-backup-b2-failed.service"]; onFailure = [ "notify-backup-b2-failed.service" ];
}; };
}; };
@@ -39,14 +39,9 @@
repository = "b2:marauder-backup"; repository = "b2:marauder-backup";
passwordFile = "/etc/restic-password"; passwordFile = "/etc/restic-password";
paths = [ paths = [
"${config.users.users.nettika.home}/Desktop"
"${config.users.users.nettika.home}/Documents" "${config.users.users.nettika.home}/Documents"
"${config.users.users.nettika.home}/Music" "${config.users.users.nettika.home}/Artwork"
"${config.users.users.nettika.home}/Pictures"
"${config.users.users.nettika.home}/Projects" "${config.users.users.nettika.home}/Projects"
"${config.users.users.nettika.home}/Public"
"${config.users.users.nettika.home}/Templates"
"${config.users.users.nettika.home}/Videos"
]; ];
pruneOpts = [ pruneOpts = [
"--keep-daily 7" "--keep-daily 7"

76
hosts/marauder/default.nix
View File

@@ -1,8 +1,12 @@
{ self, pkgs, inputs, secrets, ... }: { self, pkgs, inputs, ... }:
{ {
imports = [ imports = [
self.nixosModules.common self.nixosModules.common
self.nixosModules.prompt
self.nixosModules.zerotier
./backup.nix ./backup.nix
./dev.nix
./printing.nix
]; ];
networking.hostName = "marauder"; networking.hostName = "marauder";
@@ -34,7 +38,7 @@
"sd_mod" "sd_mod"
]; ];
}; };
kernelModules = ["kvm-amd"]; kernelModules = [ "kvm-amd" ];
kernelParams = [ "amd_pstate=active" ]; kernelParams = [ "amd_pstate=active" ];
}; };
@@ -44,7 +48,7 @@
opengl = { opengl = {
enable = true; enable = true;
driSupport32Bit = true; driSupport32Bit = true;
extraPackages = [pkgs.vaapiVdpau]; extraPackages = [ pkgs.vaapiVdpau ];
}; };
nvidia.prime = { nvidia.prime = {
offload = { offload = {
@@ -56,41 +60,35 @@
}; };
}; };
environment.systemPackages = with pkgs; [ environment = {
# Chat clients systemPackages = [
discord inputs.shelvacu.packages.x86_64-linux.sm64coopdx
element-desktop ] ++ (with pkgs; [
telegram-desktop # Chat clients
discord
slack
element-desktop
telegram-desktop
# Browsers # Browsers
firefox firefox
filezilla
# Coding # Art and 3D
vscode inkscape
gimp
krita
openscad-unstable
bambu-studio
# Art and 3D # Multimedia
inkscape vlc
openscad-unstable ffmpeg
bambu-studio (callPackage ./ffcheck.nix { })
# Multimedia # Productivity
vlc obsidian
]);
# Productivity
obsidian
];
programs.bash = {
promptInit = ''
PS1="\[\e]0;\u@\h: \w\a\]" # window title
PS1+="\n"
PS1+="\$(printf \"%*s\" \$((\$COLUMNS + 9)) \"\[\e[1;33m\]\$(git branch --show-current 2>/dev/null)\")" # git branch
PS1+="\[\e[1G\]" # move cursor to beginning of line
PS1+="💜" # prompt symbol
PS1+="\[\033[1;$((UID ? 32 : 31))m\]" # prompt color
PS1+="[\u@\h:\w]\\$"
PS1+="\[\033[0m\] " # reset color
'';
}; };
programs.steam = { programs.steam = {
@@ -101,7 +99,7 @@
services.xserver = { services.xserver = {
enable = true; enable = true;
videoDrivers = ["nvidia"]; videoDrivers = [ "nvidia" ];
desktopManager = { desktopManager = {
cinnamon.enable = true; cinnamon.enable = true;
xterm.enable = false; xterm.enable = false;
@@ -120,8 +118,14 @@
enable = true; enable = true;
}; };
services.mullvad-vpn = {
enable = true;
package = pkgs.mullvad-vpn; # Include GUI
};
promptEmoji = "💜";
time.timeZone = "America/Los_Angeles"; time.timeZone = "America/Los_Angeles";
system.stateVersion = "24.05"; system.stateVersion = "24.05";
} }

20
hosts/marauder/dev.nix Executable file
View File

@@ -0,0 +1,20 @@
{ pkgs, ... }:
{
environment.variables = {
VISUAL = "code --wait";
};
environment.systemPackages = with pkgs; [
vscode
kotlin
rustup
pyenv
gcc
nixd
nixpkgs-fmt
];
programs.direnv = {
enable = true;
};
}

3
hosts/marauder/ffcheck.nix Executable file
View File

@@ -0,0 +1,3 @@
{ writeShellScriptBin, ffmpeg }: writeShellScriptBin "ffcheck" ''
${ffmpeg}/bin/ffmpeg -v error -stats -hide_banner -i "$1" -c copy -f null -
''

16
hosts/marauder/printing.nix Executable file
View File

@@ -0,0 +1,16 @@
{ pkgs, ... }:
{
environment.systemPackages = with pkgs; [
system-config-printer
];
services.printing = {
enable = true;
};
services.avahi = {
enable = true;
nssmdns4 = true;
openFirewall = true;
};
}

6
hosts/monolith/default.nix
View File

@@ -1,8 +1,10 @@
{ self, pkgs, secrets, ... }: { self, ... }:
{ {
imports = [ imports = [
self.nixosModules.common self.nixosModules.common
self.nixosModules.prompt
self.nixosModules.server self.nixosModules.server
self.nixosModules.zerotier
./dns.nix ./dns.nix
]; ];
@@ -37,6 +39,8 @@
supportedFilesystems = [ "zfs" ]; supportedFilesystems = [ "zfs" ];
}; };
promptEmoji = "🏰";
time.timeZone = "America/Los_Angeles"; time.timeZone = "America/Los_Angeles";
system.stateVersion = "24.05"; system.stateVersion = "24.05";

68
hosts/quasar/default.nix Executable file
View File

@@ -0,0 +1,68 @@
{ self, modulesPath, pkgs, config, secrets, ... }:
{
imports = [
"${modulesPath}/virtualisation/amazon-image.nix"
self.nixosModules.common
self.nixosModules.prompt
self.nixosModules.server
];
networking = {
hostName = "quasar";
domain = "consortium.chat";
firewall.allowedTCPPorts = [ 80 443 ];
};
services.postgresql = {
enable = true;
};
services.caddy = {
enable = true;
virtualHosts = {
"${config.networking.domain}".extraConfig = ''
reverse_proxy localhost:8008
header Strict-Transport-Security "max-age=63072000; includeSubDomains;"
'';
"matrix.${config.networking.domain}".extraConfig = ''
reverse_proxy /_matrix/* localhost:8008
reverse_proxy /_synapse/client/* localhost:8008
'';
"admin.${config.networking.domain}".extraConfig = ''
root * ${pkgs.synapse-admin}
file_server
'';
};
};
services.matrix-synapse = {
enable = true;
settings = {
server_name = config.networking.domain;
serve_server_wellknown = true;
# app_service_config_files = [ ];
registration_shared_secret = secrets.synapse."consortium.chat".registration-shared-secret;
macaroon_secret_key = secrets.synapse."consortium.chat".macaroon-secret-key;
form_secret = secrets.synapse."consortium.chat".form-secret;
};
};
services.mautrix-telegram = {
enable = true;
settings = {
homeserver = {
address = "http://localhost:8008";
domain = config.networking.domain;
};
appservice = {
id = "telegram";
};
};
};
promptEmoji = "🌟";
time.timeZone = "America/Los_Angeles";
system.stateVersion = "24.05";
}

13
modules/common.nix
View File

@@ -1,9 +1,11 @@
{ pkgs, secrets, ... }: { pkgs, ... }:
{ {
nixpkgs.config.allowUnfree = true; nixpkgs.config.allowUnfree = true;
nix.settings = { nix.settings = {
experimental-features = [ "nix-command" "flakes" ]; experimental-features = [ "nix-command" "flakes" ];
substituters = [ "https://nixcache.shelvacu.com" ];
trusted-public-keys = [ "nixcache.shelvacu.com:73u5ZGBpPRoVZfgNJQKYYBt9K9Io/jPwgUfuOLsJbsM=" ];
trusted-users = [ "@wheel" ]; trusted-users = [ "@wheel" ];
}; };
@@ -14,6 +16,10 @@
security.sudo.wheelNeedsPassword = false; security.sudo.wheelNeedsPassword = false;
environment.variables = {
EDITOR = "nano";
};
programs.git = { programs.git = {
enable = true; enable = true;
lfs.enable = true; lfs.enable = true;
@@ -35,11 +41,6 @@
''; '';
}; };
services.zerotierone = {
enable = true;
joinNetworks = secrets.zerotier.networks;
};
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
git-crypt git-crypt
jq jq

10
modules/prompt.nix Executable file
View File

@@ -0,0 +1,10 @@
{ lib, config, ... }:
{
options.promptEmoji = lib.mkOption {
type = lib.types.str;
};
config.programs.bash.promptInit = ''
PS1="\[\e]0;\u@\h: \w\a\]\n${config.promptEmoji} \[\033[1;$((UID ? 32 : 31))m\]\w \\$\[\033[0m\] "
'';
}

7
modules/zerotier.nix Executable file
View File

@@ -0,0 +1,7 @@
{ secrets, ... }:
{
services.zerotierone = {
enable = true;
joinNetworks = secrets.zerotier.networks;
};
}

BIN
secrets.json
View File

Binary file not shown.