diff --git a/nixpkgs/flake.lock b/nixpkgs/flake.lock index 366063a..6677ac5 100644 --- a/nixpkgs/flake.lock +++ b/nixpkgs/flake.lock @@ -23,11 +23,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1640077788, - "narHash": "sha256-YMSDk3hlucJTTARaHNOeQEF6zEW3A/x4sXgrz94VbS0=", + "lastModified": 1640798027, + "narHash": "sha256-1e7bsxWJW0ugkA95AMGL3Da9sHugkz+J4kfYB9fTWZc=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "9ab7d12287ced0e1b4c03b61c781901f178d9d77", + "rev": "8588b14a397e045692d0a87192810b6dddf53003", "type": "github" }, "original": { @@ -50,11 +50,11 @@ ] }, "locked": { - "lastModified": 1640231944, - "narHash": "sha256-nb743xTN5n7LRmiTzfKgknTe+R68FKXIQX/8ERU5JS4=", + "lastModified": 1640831004, + "narHash": "sha256-3so6H4ZRaDWM156t/3OctRcsPkV80hPewmZNwevbA48=", "ref": "main", - "rev": "a489b4a3b5ec636da65886226102a8372c40dcc4", - "revCount": 1, + "rev": "eb04c0aac6d7d8aaf55fc63e6da58c373b401eb9", + "revCount": 7, "type": "git", "url": "file:///home/h7x4/git/nix-secrets" }, diff --git a/nixpkgs/flake.nix b/nixpkgs/flake.nix index 6a2c788..548d6d1 100644 --- a/nixpkgs/flake.nix +++ b/nixpkgs/flake.nix @@ -75,12 +75,12 @@ inherit specialArgs; modules = [ - ./hosts/${name} + ./hosts/${name}/configuration.nix ]; } // extraOpts; in { - # Tsuki = nixSys "tsuki" {}; + Tsuki = nixSys "tsuki" {}; Eisei = nixSys "eisei" {}; }; diff --git a/nixpkgs/hosts/eisei/default.nix b/nixpkgs/hosts/eisei/configuration.nix similarity index 99% rename from nixpkgs/hosts/eisei/default.nix rename to nixpkgs/hosts/eisei/configuration.nix index 6bad48c..4e5e7c2 100644 --- a/nixpkgs/hosts/eisei/default.nix +++ b/nixpkgs/hosts/eisei/configuration.nix @@ -1,6 +1,8 @@ { pkgs, config, ... }: let # FIXME: lib should be imported directly as a module argument. inherit (pkgs) lib; + +# TODO: Split this file in { imports = [ ./hardware-configuration.nix diff --git a/nixpkgs/hosts/tsuki/configuration.nix b/nixpkgs/hosts/tsuki/configuration.nix new file mode 100644 index 0000000..adbe5e3 --- /dev/null +++ b/nixpkgs/hosts/tsuki/configuration.nix @@ -0,0 +1,243 @@ +{ config, lib, pkgs, ... }: +{ + imports = + [ + ./hardware-configuration.nix + ./services/nginx.nix + + ../../pluggables/server/dokuwiki.nix + ../../pluggables/server/gitlab + # ../../pluggables/server/minecraft.nix + ../../pluggables/server/plex.nix + ../../pluggables/server/hydra.nix + # ../../pluggables/server/matrix.nix + # ../../pluggables/server/libvirt.nix + # ../../pluggables/server/grafana.nix + # ../../pluggables/server/discord-bot.nix + # ../../pluggables/server/calibre.nix + # ../../pluggables/server/openvpn.nix + # ../../pluggables/server/samba.nix + # ../../pluggables/server/searx.nix + # ../../pluggables/server/syncthing.nix + ]; + + systemd.targets = { + sleep.enable = false; + suspend.enable = false; + hibernate.enable = false; + hybrid-sleep.enable = false; + }; + + nix.package = pkgs.nixFlakes; + nix.extraOptions = '' + experimental-features = nix-command flakes + ''; + + boot.loader = { + grub = { + enable = true; + version = 2; + efiSupport = true; + fsIdentifier = "label"; + device = "nodev"; + efiInstallAsRemovable = true; + }; + # efi.efiSysMountPoint = "/boot/efi"; + # efi.canTouchEfiVariables = true; + }; + + time.timeZone = "Europe/Oslo"; + + networking = { + hostName = "Tsuki"; + networkmanager.enable = true; + useDHCP = false; + interfaces.ens18.useDHCP = true; + # firewall = { + # allowedTCPPorts = [ ... ]; + # allowedUDPPorts = [ ... ]; + # enable = false; + # }; + }; + + i18n.defaultLocale = "en_US.UTF-8"; + console = { + font = "Lat2-Terminus16"; + keyMap = "us"; + }; + + services = { + openssh.enable = true; + printing.enable = true; + cron = { + enable = true; + systemCronJobs = [ + # "*/5 * * * * root date >> /tmp/cron.log" + ]; + }; + }; + + users.users.h7x4 = { + isNormalUser = true; + extraGroups = [ + "wheel" + "networkmanager" + "docker" + "disk" + "libvirtd" + "input" + ]; + shell = pkgs.zsh; + }; + + environment = { + variables = { + EDITOR = "nvim"; + VISUAL = "nvim"; + }; + + systemPackages = with pkgs; [ + wget + ]; + + shells = with pkgs; [ + bashInteractive + zsh + dash + ]; + + etc = { + sudoLecture = { + target = "sudo.lecture"; + text = "Be careful or something, idk...\n"; + }; + + currentSystemPackages = { + target = "current-system-packages"; + text = let + inherit (lib.strings) concatStringsSep; + inherit (lib.lists) sort; + inherit (lib.trivial) lessThan; + packages = map (p: "${p.name}") config.environment.systemPackages; + sortedUnique = sort lessThan (lib.unique packages); + in concatStringsSep "\n" sortedUnique; + }; + }; + }; + + fonts = { + enableDefaultFonts = true; + + fonts = with pkgs; [ + cm_unicode + dejavu_fonts + fira-code + fira-code-symbols + powerline-fonts + iosevka + symbola + corefonts + ipaexfont + ipafont + liberation_ttf + migmix + noto-fonts + noto-fonts-cjk + noto-fonts-emoji + open-sans + source-han-sans + source-sans + ubuntu_font_family + victor-mono + (nerdfonts.override { fonts = [ "FiraCode" "DroidSansMono" ]; }) + ]; + + fontconfig = { + defaultFonts = { + serif = [ "Droid Sans Serif" "Ubuntu" ]; + sansSerif = [ "Droid Sans" "Ubuntu" ]; + monospace = [ "Fira Code" "Ubuntu" ]; + emoji = [ "Noto Sans Emoji" ]; + }; + }; + }; + + programs = { + git.enable = true; + npm.enable = true; + tmux.enable = true; + neovim = { + enable = true; + defaultEditor = true; + viAlias = true; + vimAlias = true; + configure = { + packages.myVimPackage = with pkgs.vimPlugins; { + start = [ + direnv-vim + vim-nix + vim-polyglot + ]; + + opt = [ + vim-monokai + ]; + }; + + customRC = '' + set number relativenumber + set undofile + set undodir=~/.cache/vim/undodir + + packadd! vim-monokai + colorscheme monokai + ''; + }; + }; + }; + + security.sudo.extraConfig = '' + Defaults lecture = always + Defaults lecture_file = /etc/${config.environment.etc.sudoLecture.target} + ''; + + virtualisation = { + docker.enable = true; + libvirtd.enable = true; + }; + + # system.extraDependencies = with pkgs; [ + # asciidoc + # asciidoctor + # cabal2nix + # clang + # dart + # dotnet-sdk + # dotnet-sdk_3 + # dotnet-sdk_5 + # dotnetPackages.Nuget + # elm2nix + # elmPackages.elm + # flutter + # gcc + # ghc + # ghcid + # haskellPackages.Cabal_3_6_2_0 + # maven + # nodePackages.node2nix + # nodePackages.npm + # nodePackages.sass + # nodePackages.typescript + # nodePackages.yarn + # nodejs + # plantuml + # python3 + # rustc + # rustc + # rustup + # ]; + + system.stateVersion = "21.11"; +} + + diff --git a/nixpkgs/hosts/tsuki/hardware-configuration.nix b/nixpkgs/hosts/tsuki/hardware-configuration.nix new file mode 100644 index 0000000..5cc02f9 --- /dev/null +++ b/nixpkgs/hosts/tsuki/hardware-configuration.nix @@ -0,0 +1,36 @@ +# Do not modify this file! It was generated by ‘nixos-generate-config’ +# and may be overwritten by future invocations. Please make changes +# to /etc/nixos/configuration.nix instead. +{ config, lib, pkgs, modulesPath, ... }: + +{ + imports = + [ (modulesPath + "/profiles/qemu-guest.nix") + ]; + + boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "virtio_pci" "virtio_scsi" "sd_mod" "sr_mod" ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ ]; + boot.extraModulePackages = [ ]; + + fileSystems."/" = + { device = "/dev/disk/by-uuid/54b9fd58-0df5-410c-ab87-766860967653"; + fsType = "btrfs"; + }; + + fileSystems."/boot" = + { device = "/dev/disk/by-uuid/0A60-2885"; + fsType = "vfat"; + }; + + fileSystems."/data" = + { device = "/dev/disk/by-uuid/87354b26-4f7f-4b94-96fd-4bbeb834a03b"; + fsType = "btrfs"; + }; + + swapDevices = + [ { device = "/dev/disk/by-uuid/92a1a33f-89a8-45de-a45e-6c303172cd7f"; } + ]; + + hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; +} diff --git a/nixpkgs/hosts/tsuki/services/nginx.nix b/nixpkgs/hosts/tsuki/services/nginx.nix new file mode 100644 index 0000000..1424414 --- /dev/null +++ b/nixpkgs/hosts/tsuki/services/nginx.nix @@ -0,0 +1,79 @@ +{ pkgs, config, secrets, ... }: + # TODO: fix lib + let lib = pkgs.lib; in +{ + services.nginx = let + generateServerAliases = + domains: subdomains: + lib.lists.flatten (map (s: map (d: "${s}.${d}") domains) subdomains); + in { + enable = true; + + recommendedGzipSettings = true; recommendedOptimisation = true; + recommendedProxySettings = true; + recommendedTlsSettings = true; + + virtualHosts = let + inherit (lib.attrsets) nameValuePair listToAttrs; + inherit (lib.lists) head drop; + inherit (secrets) domains ips ports keys; + + makeHost = + subdomains: extraSettings: + nameValuePair "${head subdomains}.${head domains}" ({ + serverAliases = drop 1 (generateServerAliases domains subdomains); + + # TODO: fix ACME + # enableACME = true; + forceSSL = true; + sslCertificate = keys.certificates.default.cert; + sslCertificateKey = keys.certificates.default.key; + + } // extraSettings); + + makePassHost = + subdomains: extraSettings: + makeHost subdomains ({ basicAuthFile = keys.htpasswds.default; } // extraSettings); + + makeProxy = + subdomains: url: extraSettings: + makeHost subdomains ({ locations."/".proxyPass = url; } // extraSettings); + + makePassProxy = + subdomains: url: extraSettings: + makeProxy subdomains url ({basicAuthFile = keys.htpasswds.default;} // extraSettings); + + s = toString; + + in listToAttrs [ + (makeProxy ["git" "gitlab"] "http://unix:/run/gitlab/gitlab-workhorse.socket" {}) + (makePassProxy ["plex"] "http://localhost:${s ports.plex}" {}) + (makeHost ["www"] { root = "/var/www/blog"; }) + (makePassHost ["cache"] { root = "/var/lib/nix-cache"; }) + (makePassProxy ["px1"] "https://${ips.px1}:${s ports.proxmox}" {}) + (makePassProxy ["idrac"] "https://${ips.idrac}" {}) + # (makePassProxy ["log"] "https://localhost:${s ports.grafana}" { proxyWebsockets = true; }) + # (makeProxy ["wiki"] "" {}) + # (makeHost ["vpn"] "" {}) + (makePassProxy ["hydra"] "http://localhost:${s ports.hydra}" {}) + # (makePassProxy ["sync" "drive"] "" {}) + # (makePassProxy ["music" "mpd"] "" {}) + ]; + + upstreams = {}; + + streamConfig = '' + upstream minecraft { + server 10.0.0.206:25565; + } + + server { + listen 0.0.0.0:25565; + listen [::0]:25565; + proxy_pass minecraft; + } + ''; + }; + + networking.firewall.allowedTCPPorts = [ 80 443 25565 ]; +} diff --git a/nixpkgs/pluggables/server/calibre.nix b/nixpkgs/pluggables/server/calibre.nix new file mode 100644 index 0000000..94f05fd --- /dev/null +++ b/nixpkgs/pluggables/server/calibre.nix @@ -0,0 +1,12 @@ +{ ... }: +{ + services.calibre-server = { + # user = "" + # group = "" + enable = true; + # libraries = [ + # /etc/abc + # ]; + # libraryDir = ???? + }; +} diff --git a/nixpkgs/pluggables/server/discord-bot.nix b/nixpkgs/pluggables/server/discord-bot.nix new file mode 100644 index 0000000..e69de29 diff --git a/nixpkgs/pluggables/server/dokuwiki.nix b/nixpkgs/pluggables/server/dokuwiki.nix new file mode 100644 index 0000000..ae656f0 --- /dev/null +++ b/nixpkgs/pluggables/server/dokuwiki.nix @@ -0,0 +1,9 @@ +{ ... }: +{ + services.dokuwiki.sites = { + # TODO: research? + wiki = { + enable = false; + }; + }; +} diff --git a/nixpkgs/pluggables/server/gitlab/default.nix b/nixpkgs/pluggables/server/gitlab/default.nix new file mode 100644 index 0000000..ebfb71b --- /dev/null +++ b/nixpkgs/pluggables/server/gitlab/default.nix @@ -0,0 +1,87 @@ +{ pkgs, lib, config, secrets, ... }: +let + gitlab-port = secrets.ports.gitlab; + gitlab-host = "git.nani.wtf"; + + # TODO: this should optimally be extracted out to nix-secrets completely. + gitlab-keydir = secrets.hosts.${config.networking.hostName}.keydir + "/gitlab"; +in +{ + # TODO: Set up gitlab-runner + # imports = [ ./runner.nix ]; + + services.gitlab = { + enable = true; + + host = "git.nani.wtf"; + port = gitlab-port + 1; + + user = "git"; + group = "git"; + + databaseUsername = "git"; + + statePath = "${secrets.hosts.${config.networking.hostName}.dataStatePath}/gitlab"; + + # A file containing the initial password of the root gitlab-account. + # This file should be readable to the user defined in `services.gitlab.user`, + # optimally having only read write permissions for that user. + initialRootPasswordFile = secrets.keys.gitlab.root_password; + + secrets = { inherit (secrets.keys.gitlab) secretFile dbFile otpFile jwsFile; }; + + smtp = { + tls = true; + # address = gitlab-host; + port = gitlab-port + 2; + }; + + # TODO: Set up registry + # registry = { + # enable = true; + # # host = gitlab-host; + # port = gitlab-port + 3; + # externalPort = gitlab-port + 3; + # certFile = /var/cert.pem; + # keyFile = /var/key.pem; + # }; + + pagesExtraArgs = [ + "-gitlab-server" "http://${gitlab-host}" + "-listen-proxy" "127.0.0.1:8090" + "-log-format" "text" + ]; + + # https://github.com/NixOS/nixpkgs/blob/master/nixos/modules/services/misc/gitlab.nix + # https://gitlab.com/gitlab-org/gitlab/blob/master/config/gitlab.yml.example + extraConfig = { + # gitlab = {}; + gravatar.enabled = false; + + # TODO: Fix pages API connection + # pages = { + # enabled = true; + # host = gitlab-host; + # secret_file = "${toString gitlab-keydir}/pages_secret"; + # local_store.enabled = true; + # }; + }; + + }; + + # TODO: Set up registry + # services.dockerRegistry = { + # enable = true; + # }; + + # TODO: Connect plantuml to gitlab + services.plantuml-server = { + enable = true; + listenPort = gitlab-port + 4; + }; + + # TODO: Make module for kroki, and connect to gitlab + # services.kroki = { + # + # }; +} diff --git a/nixpkgs/pluggables/server/gitlab/genfiles.sh b/nixpkgs/pluggables/server/gitlab/genfiles.sh new file mode 100755 index 0000000..6d470f9 --- /dev/null +++ b/nixpkgs/pluggables/server/gitlab/genfiles.sh @@ -0,0 +1,25 @@ +#!/usr/bin/env bash + +if [ "$EUID" -ne 0 ]; then + echo "Please run as root" + exit 1 +fi + +KEYDIR='/var/keys/gitlab' + +umask u=rwx,g=,o= + +mkdir -p $KEYDIR +chmod 755 '/var/keys' + +for FILE in secretFile dbFile otpFile pages_secret; do + tr -dc A-Za-z0-9 < /dev/random | head -c 128 > $KEYDIR/$FILE +done + +nix-shell -p openssl --run "openssl genrsa 2048 > $KEYDIR/jwsFile" +chmod 600 $KEYDIR/jwsFile + +read -s -p "Root password: " ROOTPASS +echo $ROOTPASS > $KEYDIR/root_password + +chown -R git:git $KEYDIR diff --git a/nixpkgs/pluggables/server/gitlab/runner.nix b/nixpkgs/pluggables/server/gitlab/runner.nix new file mode 100644 index 0000000..9d15b42 --- /dev/null +++ b/nixpkgs/pluggables/server/gitlab/runner.nix @@ -0,0 +1,51 @@ +{ ... }: +{ + + # See https://nixos.wiki/wiki/Gitlab_runner + # boot.kernel.sysctl."net.ipv4.ip_forward" = true; # 1 + # virtualisation.docker.enable = true; + # services.gitlab-runner = { + # enable = true; + # services= { + # # runner for building in docker via host's nix-daemon + # # nix store will be readable in runner, might be insecure + # nix = with lib;{ + # # File should contain at least these two variables: + # # `CI_SERVER_URL` + # # `REGISTRATION_TOKEN` + # registrationConfigFile = toString ./path/to/ci-env; # 2 + # dockerImage = "alpine"; + # dockerVolumes = [ + # "/nix/store:/nix/store:ro" + # "/nix/var/nix/db:/nix/var/nix/db:ro" + # "/nix/var/nix/daemon-socket:/nix/var/nix/daemon-socket:ro" + # ]; + # dockerDisableCache = true; + # preBuildScript = pkgs.writeScript "setup-container" '' + # mkdir -p -m 0755 /nix/var/log/nix/drvs + # mkdir -p -m 0755 /nix/var/nix/gcroots + # mkdir -p -m 0755 /nix/var/nix/profiles + # mkdir -p -m 0755 /nix/var/nix/temproots + # mkdir -p -m 0755 /nix/var/nix/userpool + # mkdir -p -m 1777 /nix/var/nix/gcroots/per-user + # mkdir -p -m 1777 /nix/var/nix/profiles/per-user + # mkdir -p -m 0755 /nix/var/nix/profiles/per-user/root + # mkdir -p -m 0700 "$HOME/.nix-defexpr" + # . ${pkgs.nix}/etc/profile.d/nix.sh + # ${pkgs.nix}/bin/nix-channel --add https://nixos.org/channels/nixos-20.09 nixpkgs # 3 + # ${pkgs.nix}/bin/nix-channel --update nixpkgs + # ${pkgs.nix}/bin/nix-env -i ${concatStringsSep " " (with pkgs; [ nix cacert git openssh ])} + # ''; + # environmentVariables = { + # ENV = "/etc/profile"; + # USER = "root"; + # NIX_REMOTE = "daemon"; + # PATH = "/nix/var/nix/profiles/default/bin:/nix/var/nix/profiles/default/sbin:/bin:/sbin:/usr/bin:/usr/sbin"; + # NIX_SSL_CERT_FILE = "/nix/var/nix/profiles/default/etc/ssl/certs/ca-bundle.crt"; + # }; + # tagList = [ "nix" ]; + # }; + # }; + # }; + +} diff --git a/nixpkgs/pluggables/server/grafana.nix b/nixpkgs/pluggables/server/grafana.nix new file mode 100644 index 0000000..1583336 --- /dev/null +++ b/nixpkgs/pluggables/server/grafana.nix @@ -0,0 +1,24 @@ +{ ... }: +{ + services.grafana = { + enable = true; + domain = "log.nani.wtf"; + port = 9000; + addr = "127.0.0.1"; + }; + + services.prometheus = { + enable = true; + port = 9001; + + exporters = { + + }; + }; + + services.loki = { + enable = true; + # configFile = ./loki-local-config.yaml; + }; + +} diff --git a/nixpkgs/pluggables/server/hydra.nix b/nixpkgs/pluggables/server/hydra.nix new file mode 100644 index 0000000..37c6b8a --- /dev/null +++ b/nixpkgs/pluggables/server/hydra.nix @@ -0,0 +1,9 @@ +{ secrets, ... }: +{ + services.hydra = { + enable = true; + hydraURL = "http://hydra.nani.wtf"; + notificationSender = "hydra@nani.wtf"; + port = secrets.ports.hydra; + }; +} diff --git a/nixpkgs/pluggables/server/libvirt.nix b/nixpkgs/pluggables/server/libvirt.nix new file mode 100644 index 0000000..e69de29 diff --git a/nixpkgs/pluggables/server/matrix.nix b/nixpkgs/pluggables/server/matrix.nix new file mode 100644 index 0000000..e69de29 diff --git a/nixpkgs/pluggables/server/minecraft.nix b/nixpkgs/pluggables/server/minecraft.nix new file mode 100644 index 0000000..7514ab3 --- /dev/null +++ b/nixpkgs/pluggables/server/minecraft.nix @@ -0,0 +1,64 @@ +{ pkgs, lib, ... }: + +# See https://github.com/InfinityGhost/nixos-workstation/blob/master/minecraft-server.nix + +let + allocatedMemory = "4096M"; +in { + services.minecraft-server = let + version = "1.18.1"; + + spigot = pkgs.minecraft-server.overrideAttrs (old: { + src = pkgs.fetchurl { + url = "https://hub.spigotmc.org/jenkins/job/BuildTools/141/artifact/target/BuildTools.jar"; + sha1 = "?"; + }; + + buildPhase = '' + cat > minecraft-server << EOF + + #!${pkgs.bash}/bin/sh + exec ${pkgs.adoptopenjdk-jre-hotspot-bin-17}/bin/java \$@ -jar $out/bin/spigot-${version}.jar nogui + + java -jar $src --rev ${version} + ''; + + installPhase = '' + mkdir -p $out/bin $out/lib/minecraft + cp -v spigot-${version}.jar $out/lib/minecraft + cp -v minecraft-server $out/bin + + chmod +x $out/bin/minecraft-server + ''; + }); + in { + enable = true; + eula = true; + package = pkgs.spigot; + declarative = true; + dataDir = "/home/h7x4/minecraft"; + openFirewall = true; + + jvmOpts = lib.concatStringsSep " " [ + "-Xmx${allocatedMemory}" + "-Xms${allocatedMemory}" + "-XX:+UseG1GC" + "-XX:ParallelGCThreads=2" + "-XX:MinHeapFreeRatio=5" + "-XX:MaxHeapFreeRatio=10" + ]; + + serverProperties = { + motd = "NixOS Minecraft Server"; + server-port = 25565; + difficulty = 2; + gamemode = 0; + max-players = 5; + white-list = false; + enable-rcon = false; + allow-flight = true; + }; + + # whitelist = {}; + }; +} diff --git a/nixpkgs/pluggables/server/openvpn.nix b/nixpkgs/pluggables/server/openvpn.nix new file mode 100644 index 0000000..e69de29 diff --git a/nixpkgs/pluggables/server/plex.nix b/nixpkgs/pluggables/server/plex.nix new file mode 100644 index 0000000..6109758 --- /dev/null +++ b/nixpkgs/pluggables/server/plex.nix @@ -0,0 +1,20 @@ +{ services, ... }: +{ + services.plex = { + enable = true; + openFirewall = true; + dataDir = "/data/var/plex"; + }; + + # TODO: make default directories. + services.samba.shares.plex = { + path = "/data/media"; + browseable = "yes"; + "read only" = "no"; + "guest ok" = "no"; + "create mode" = 0664; + "directory mode" = 2775; + comment = "Movies, Series and other stuff for Plex"; + }; + +} diff --git a/nixpkgs/pluggables/server/reverse-proxy.nix b/nixpkgs/pluggables/server/reverse-proxy.nix new file mode 100644 index 0000000..e69de29 diff --git a/nixpkgs/pluggables/server/samba.nix b/nixpkgs/pluggables/server/samba.nix new file mode 100644 index 0000000..6416a04 --- /dev/null +++ b/nixpkgs/pluggables/server/samba.nix @@ -0,0 +1,2 @@ +{}: +{} diff --git a/nixpkgs/pluggables/server/searx.nix b/nixpkgs/pluggables/server/searx.nix new file mode 100644 index 0000000..72c0b1b --- /dev/null +++ b/nixpkgs/pluggables/server/searx.nix @@ -0,0 +1,28 @@ +{ ... }: +{ + # TODO: Make secret keys. + services.searx = { + enable = false; + settings = { + server.port = 8080; + server.bind_address = "0.0.0.0"; + server.secret_key = "@SEARX_SECRET_KEY@"; + + engines = [ + { + name = "wolframalpha"; + shortcut = "wa"; + api_key = "@WOLFRAM_API_KEY@"; + engine = "wolframalpha_api"; + }; + ]; + }; + + # runInUwsgi = true; + # uwsgiConfig = { + # disable-logging = false; + # http = ":11000"; + # socket = "/run/searx/searx.sock"; + # }; + }; +} diff --git a/nixpkgs/pluggables/server/syncthing.nix b/nixpkgs/pluggables/server/syncthing.nix new file mode 100644 index 0000000..e69de29 diff --git a/nixpkgs/shellOptions.nix b/nixpkgs/shellOptions.nix index 285daec..1cb8cfb 100644 --- a/nixpkgs/shellOptions.nix +++ b/nixpkgs/shellOptions.nix @@ -133,10 +133,14 @@ in rec { # Nix related aliases "Nix Stuff" = { - # This for some reason uses an outdated version of hm + + # FIXME: This for some reason uses an outdated version of home-manager and nixos-rebuild # hs = "${pkgs.home-manager}/bin/home-manager switch"; + # nxr = "sudo ${nixos-rebuild}/bin/nixos-rebuild switch"; + hms = "home-manager switch"; - nxr = "sudo ${nixos-rebuild}/bin/nixos-rebuild switch"; + nxr = "sudo nixos-rebuild switch"; + nxc = "sudoedit /etc/nixos/configuration.nix"; nxh = "vim ~/.config/nixpkgs/home.nix"; ns = "nix-shell";