make it snow!
This commit is contained in:
parent
9b599adc07
commit
71ac683efa
2
.gitignore
vendored
2
.gitignore
vendored
@ -1 +1,3 @@
|
||||
result
|
||||
/configuration.nix
|
||||
/hardware-configuration.nix
|
||||
|
65
base.nix
Normal file
65
base.nix
Normal file
@ -0,0 +1,65 @@
|
||||
{ config, pkgs, lib, ... }:
|
||||
{
|
||||
imports = [
|
||||
./cachix.nix
|
||||
(if builtins.pathExists ./hardware-configuration.nix
|
||||
then ./hardware-configuration.nix # results of hardware scan
|
||||
else {}
|
||||
)
|
||||
];
|
||||
|
||||
nixpkgs.config.allowUnfree = true;
|
||||
nixpkgs.config.allowUnfreePredicate = (pkg: true);
|
||||
|
||||
system.autoUpgrade.enable = true; # daily nixos-rebuild switch, no reboot by default
|
||||
|
||||
nix.settings.trusted-users = [ "root" ];
|
||||
nix.settings.auto-optimise-store = true; # deduplicate with hardlinks, expensive. Alternative: nix-store --optimise
|
||||
#nix.optimize.automatic = true; # periodic optimization
|
||||
nix.gc.automatic = true;
|
||||
nix.gc.dates = "weekly";
|
||||
nix.gc.options = "--delete-older-than 30d";
|
||||
# TODO: can i make this non-string?
|
||||
nix.extraOptions = ''
|
||||
experimental-features = nix-command flakes
|
||||
'';
|
||||
|
||||
# TODO: only if x86_64?
|
||||
services.thermald.enable = true;
|
||||
|
||||
# Bootloader
|
||||
boot.loader.grub.enable = true;
|
||||
boot.loader.grub.device = "/dev/sda"; # TODO: host-specific
|
||||
boot.loader.grub.useOSProber = true;
|
||||
|
||||
# firewall
|
||||
services.fail2ban.enable = config.services.openssh.enable;
|
||||
networking.firewall.enable = true; # default
|
||||
|
||||
# Time zone and internationalisation properties.
|
||||
time.timeZone = "Europe/Oslo";
|
||||
i18n.defaultLocale = "en_US.utf8";
|
||||
i18n.extraLocaleSettings.LC_ADDRESS = "nb_NO.utf8";
|
||||
i18n.extraLocaleSettings.LC_IDENTIFICATION = "nb_NO.utf8";
|
||||
i18n.extraLocaleSettings.LC_MEASUREMENT = "nb_NO.utf8";
|
||||
i18n.extraLocaleSettings.LC_MONETARY = "nb_NO.utf8";
|
||||
i18n.extraLocaleSettings.LC_NAME = "nb_NO.utf8";
|
||||
i18n.extraLocaleSettings.LC_NUMERIC = "nb_NO.utf8";
|
||||
i18n.extraLocaleSettings.LC_PAPER = "nb_NO.utf8";
|
||||
i18n.extraLocaleSettings.LC_TELEPHONE = "nb_NO.utf8";
|
||||
i18n.extraLocaleSettings.LC_TIME = "nb_NO.utf8";
|
||||
console.keyMap = "no";
|
||||
services.xserver.layout = "no";
|
||||
services.xserver.xkbVariant = "";
|
||||
|
||||
# System fonts
|
||||
# Nice to have when X-forwading on headless machines
|
||||
# TODO: move?
|
||||
fonts.fonts = with pkgs; [
|
||||
noto-fonts # includes Cousine
|
||||
noto-fonts-cjk
|
||||
noto-fonts-emoji
|
||||
noto-fonts-extra
|
||||
dejavu_fonts
|
||||
];
|
||||
}
|
@ -1,340 +1,6 @@
|
||||
{ config, pkgs, lib, ... }:
|
||||
|
||||
{
|
||||
#nixpkgs.overlays = overlays;
|
||||
nixpkgs.config.allowUnfreePredicate = (pkg: true);
|
||||
nixpkgs.config.allowUnfree = true;
|
||||
system.autoUpgrade.enable = true; # daily nixos-rebuild switch, no reboot by default
|
||||
|
||||
# TODO: can i make this non-string?
|
||||
nix.extraOptions = ''
|
||||
experimental-features = nix-command flakes
|
||||
'';
|
||||
|
||||
# TODO: move to pbsds home
|
||||
programs.ssh.extraConfig = ''
|
||||
Host *.ntnu.no *.pvv.org
|
||||
User pederbs
|
||||
'';
|
||||
|
||||
# deduplicate with hardlinks, expensive. Alternative: nix-store --optimise
|
||||
nix.settings.auto-optimise-store = true;
|
||||
#nix.optimize.automatic = true; # periodic optimization
|
||||
nix.gc.automatic = true;
|
||||
nix.gc.dates = "weekly";
|
||||
nix.gc.options = "--delete-older-than 30d";
|
||||
|
||||
imports = [
|
||||
./cachix.nix
|
||||
(if builtins.pathExists ./hardware-configuration.nix
|
||||
then ./hardware-configuration.nix # results of hardware scan
|
||||
else {}
|
||||
)
|
||||
|
||||
./profiles/web
|
||||
./profiles/web/index
|
||||
./profiles/web/cinny
|
||||
./profiles/web/element
|
||||
./profiles/web/flexget
|
||||
./profiles/web/gitea
|
||||
./profiles/web/hydra
|
||||
./profiles/web/invidious
|
||||
./profiles/web/jellyfin
|
||||
./profiles/web/libreddit
|
||||
./profiles/web/mattermost
|
||||
./profiles/web/navidrome
|
||||
./profiles/web/netdata
|
||||
./profiles/web/nitter
|
||||
./profiles/web/ntopng
|
||||
./profiles/web/owncast
|
||||
./profiles/web/paperless
|
||||
./profiles/web/polaris
|
||||
./profiles/web/resilio
|
||||
./profiles/web/roundcube
|
||||
./profiles/web/thelounge
|
||||
./profiles/web/vaultwarden
|
||||
./profiles/web/webdav-zotero
|
||||
#./profiles/web/convos
|
||||
#./profiles/web/cryptpad
|
||||
#./profiles/web/galene
|
||||
#./profiles/web/graphana
|
||||
#./profiles/web/hedgedoc
|
||||
#./profiles/web/home-assistant
|
||||
#./profiles/web/jitsi-meet
|
||||
#./profiles/web/kukkee
|
||||
#./profiles/web/matrix-synapse
|
||||
#./profiles/web/shlink
|
||||
#./profiles/web/sourcegraph
|
||||
|
||||
./profiles/web/pdoc
|
||||
./profiles/web/linktree-pbsds
|
||||
./profiles/web/refleksjon-no
|
||||
./profiles/web/roroslyd-no
|
||||
#./profiles/web/trivial-gradios
|
||||
#./profiles/web/censordodge
|
||||
#./profiles/web/openspeedtest
|
||||
|
||||
./profiles/domeneshop-dyndns # TODO: olavtr is hardcoded...
|
||||
./profiles/code-remote
|
||||
./profiles/remote-builders #
|
||||
./profiles/nfs/reidun.nix # NFS mounts
|
||||
./profiles/autossh-reverse-tunnels
|
||||
#./profiles/xrdp
|
||||
|
||||
./users
|
||||
#./users/pbsds
|
||||
./users/all.nix
|
||||
import = [
|
||||
./base.nix
|
||||
./hosts/noximilien.nix
|
||||
];
|
||||
|
||||
# TODO: remove? Move to where relevant
|
||||
nixpkgs.overlays = [
|
||||
/** /
|
||||
(final: prev: {
|
||||
mapcrafter = prev.callPackage /home/pbsds/repos/nixpkgs-mapcrafter/pkgs/tools/games/minecraft/mapcrafter/default.nix { };
|
||||
mapcrafter-world112 = prev.callPackage /home/pbsds/repos/nixpkgs-mapcrafter/pkgs/tools/games/minecraft/mapcrafter/default.nix { world="world112"; };
|
||||
})
|
||||
/**/
|
||||
];
|
||||
|
||||
# Allow unstable packages.
|
||||
nixpkgs.config.packageOverrides = pkgs: {
|
||||
unstable = import <nixos-unstable> {
|
||||
config = config.nixpkgs.config;
|
||||
};
|
||||
# TODO: nur
|
||||
};
|
||||
|
||||
# enable opengl (headless)
|
||||
hardware.opengl.enable = true;
|
||||
#hardware.opengl.extraPackages = [ pkgs.mesa.drivers ];
|
||||
hardware.opengl.extraPackages = with pkgs; [ mesa.drivers vaapiIntel libvdpau-va-gl vaapiVdpau intel-ocl ];
|
||||
|
||||
# run/build weird binaries
|
||||
boot.binfmt.emulatedSystems = [
|
||||
"wasm32-wasi"
|
||||
"wasm64-wasi"
|
||||
"x86_64-windows"
|
||||
"aarch64-linux"
|
||||
"riscv64-linux"
|
||||
#"x86_64-darwin"
|
||||
#"aarch64-darwin"
|
||||
];
|
||||
|
||||
services.thermald.enable = true;
|
||||
|
||||
# Bootloader
|
||||
|
||||
boot.loader.grub.enable = true;
|
||||
boot.loader.grub.device = "/dev/sda";
|
||||
boot.loader.grub.useOSProber = true;
|
||||
|
||||
|
||||
# Virtualization
|
||||
|
||||
virtualisation.podman.enable = true;
|
||||
# TODO: are these default since 22.11?
|
||||
virtualisation.podman.dockerCompat = true; # alias docker to podman
|
||||
virtualisation.oci-containers.backend = "podman";
|
||||
|
||||
|
||||
# Networking
|
||||
|
||||
networking = {
|
||||
# Enable networking
|
||||
networkmanager.enable = true;
|
||||
#wireless.enable = true; # Enables wireless support via wpa_supplicant.
|
||||
#iwd.enable = true
|
||||
|
||||
hostName = "noximilien"; # Define your hostname.
|
||||
domain = "pbsds.net";
|
||||
|
||||
interfaces.eno1.ipv4.addresses = [
|
||||
{ address = "192.168.1.9"; prefixLength = 24; }
|
||||
];
|
||||
|
||||
nameservers = [
|
||||
"192.168.1.254"
|
||||
"8.8.8.8"
|
||||
];
|
||||
defaultGateway = {
|
||||
address = "192.168.1.254";
|
||||
interface = "eno1";
|
||||
};
|
||||
|
||||
#useDHCP = true;
|
||||
};
|
||||
|
||||
# firewall
|
||||
services.fail2ban.enable = true;
|
||||
networking.firewall.enable = true; # default
|
||||
#networking.firewall.allowedTCPPorts = [ ... ];
|
||||
#networking.firewall.allowedUDPPorts = [ ... ];
|
||||
|
||||
|
||||
# Time zone and internationalisation properties.
|
||||
|
||||
time.timeZone = "Europe/Oslo";
|
||||
i18n.defaultLocale = "en_US.utf8";
|
||||
i18n.extraLocaleSettings.LC_ADDRESS = "nb_NO.utf8";
|
||||
i18n.extraLocaleSettings.LC_IDENTIFICATION = "nb_NO.utf8";
|
||||
i18n.extraLocaleSettings.LC_MEASUREMENT = "nb_NO.utf8";
|
||||
i18n.extraLocaleSettings.LC_MONETARY = "nb_NO.utf8";
|
||||
i18n.extraLocaleSettings.LC_NAME = "nb_NO.utf8";
|
||||
i18n.extraLocaleSettings.LC_NUMERIC = "nb_NO.utf8";
|
||||
i18n.extraLocaleSettings.LC_PAPER = "nb_NO.utf8";
|
||||
i18n.extraLocaleSettings.LC_TELEPHONE = "nb_NO.utf8";
|
||||
i18n.extraLocaleSettings.LC_TIME = "nb_NO.utf8";
|
||||
console.keyMap = "no";
|
||||
services.xserver.layout = "no";
|
||||
services.xserver.xkbVariant = "";
|
||||
|
||||
|
||||
# Installed system packages
|
||||
# $ nix search FOOBAR
|
||||
|
||||
# TODO: prune this, make home-manager deal with the majority
|
||||
environment.systemPackages = with pkgs; [
|
||||
lsof
|
||||
lshw
|
||||
htop
|
||||
file
|
||||
tmux
|
||||
#parallel # already provided by moreutils
|
||||
pwgen
|
||||
git
|
||||
nmap
|
||||
rsync
|
||||
bind.dnsutils
|
||||
graphviz
|
||||
dialog
|
||||
cowsay
|
||||
gnused
|
||||
gnumake
|
||||
coreutils-full
|
||||
moreutils
|
||||
binutils
|
||||
diffutils
|
||||
findutils
|
||||
usbutils
|
||||
bash-completion
|
||||
curl
|
||||
wget
|
||||
strace
|
||||
killall
|
||||
|
||||
zip
|
||||
unrar
|
||||
unzip
|
||||
atool
|
||||
p7zip
|
||||
bzip2
|
||||
gzip
|
||||
atool
|
||||
|
||||
micro
|
||||
aspell
|
||||
aspellDicts.en
|
||||
aspellDicts.nb
|
||||
vimv
|
||||
dos2unix
|
||||
#rmate # TODO: add to nixpkgs
|
||||
pandoc
|
||||
cargo
|
||||
cargo-edit
|
||||
sqlite
|
||||
#sshuttle
|
||||
visidata
|
||||
|
||||
weston
|
||||
cage
|
||||
vimix-gtk-themes
|
||||
flat-remix-icon-theme
|
||||
xclip
|
||||
feh
|
||||
|
||||
sshfs
|
||||
|
||||
glances
|
||||
zenith
|
||||
fzf
|
||||
tealdeer # tldr
|
||||
entr
|
||||
axel aria
|
||||
bat
|
||||
xe # xargs alternative
|
||||
sd # sed alternative
|
||||
fd # find alternative
|
||||
silver-searcher # `ag`
|
||||
ripgrep
|
||||
jq
|
||||
yq
|
||||
htmlq
|
||||
sysz
|
||||
du-dust # du alternative
|
||||
ncdu # Disk usage analyzer with an ncurses interface
|
||||
|
||||
gh
|
||||
hub
|
||||
|
||||
cachix
|
||||
nix-output-monitor
|
||||
nix-prefetch
|
||||
nix-top
|
||||
#nix-index
|
||||
nix-tree
|
||||
nixfmt
|
||||
alejandra
|
||||
|
||||
];
|
||||
|
||||
# TODO: somehow make this root only?
|
||||
# TODO: zsh
|
||||
programs.bash.shellInit = ''
|
||||
if command -v fzf-share >/dev/null; then
|
||||
source "$(fzf-share)/key-bindings.bash"
|
||||
source "$(fzf-share)/completion.bash"
|
||||
fi
|
||||
'';
|
||||
|
||||
# TODO: make this root only?
|
||||
programs.bash.shellAliases."ed" = "micro"; # TODO: ${EDITOR:-micro}
|
||||
environment.variables."EDITOR" = "micro";
|
||||
|
||||
# TODO: remove? Move?
|
||||
programs.dconf.enable = true;
|
||||
|
||||
# System fonts
|
||||
# Nice to have when X-forwading on headless machines
|
||||
|
||||
fonts.fonts = with pkgs; [
|
||||
noto-fonts # includes Cousine
|
||||
noto-fonts-cjk
|
||||
noto-fonts-emoji
|
||||
noto-fonts-extra
|
||||
dejavu_fonts
|
||||
];
|
||||
|
||||
# Some programs need SUID wrappers, can be configured further or are
|
||||
# started in user sessions.
|
||||
#programs.mtr.enable = true;
|
||||
#programs.gnupg.agent = {
|
||||
# enable = true;
|
||||
# enableSSHSupport = true;
|
||||
#};
|
||||
|
||||
|
||||
# OpenSSH
|
||||
|
||||
services.openssh.enable = true;
|
||||
services.openssh.forwardX11 = true;
|
||||
|
||||
|
||||
|
||||
# This value determines the NixOS release from which the default
|
||||
# settings for stateful data, like file locations and database versions
|
||||
# on your system were taken. It‘s perfectly fine and recommended to leave
|
||||
# this value at the release version of the first install of this system.
|
||||
# Before changing this value read the documentation for this option
|
||||
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
|
||||
system.stateVersion = "22.11"; # Did you read the comment?
|
||||
}
|
||||
|
81
flake.lock
generated
Normal file
81
flake.lock
generated
Normal file
@ -0,0 +1,81 @@
|
||||
{
|
||||
"nodes": {
|
||||
"home-manager": {
|
||||
"inputs": {
|
||||
"nixpkgs": [
|
||||
"nixpkgs"
|
||||
],
|
||||
"utils": "utils"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1677276957,
|
||||
"narHash": "sha256-/vhdNhQj2CWgqdfD2KLEZWDleOfen0t2EiaGiyivnJU=",
|
||||
"owner": "nix-community",
|
||||
"repo": "home-manager",
|
||||
"rev": "664945b3e09b4551c4e63e16efebd493cf5eac74",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "nix-community",
|
||||
"repo": "home-manager",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"nixpkgs": {
|
||||
"locked": {
|
||||
"lastModified": 1677249740,
|
||||
"narHash": "sha256-1Pt/IeBLGAfr5KNankKociYxF6eIo6KfMOQLCY+CBjE=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "38f87b67bc320feeedeeb4e6912a3905f176b9ab",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "NixOS",
|
||||
"ref": "nixos-22.11-small",
|
||||
"repo": "nixpkgs",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"root": {
|
||||
"inputs": {
|
||||
"home-manager": "home-manager",
|
||||
"nixpkgs": "nixpkgs",
|
||||
"unstable": "unstable"
|
||||
}
|
||||
},
|
||||
"unstable": {
|
||||
"locked": {
|
||||
"lastModified": 1677268764,
|
||||
"narHash": "sha256-2LvGFFqkFLTyC8/CzMAkOgYGQPLZ6SyRJCDfIDqbVhM=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "5798b8c569396eca709a18d5391d4e18fc5124db",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "NixOS",
|
||||
"ref": "nixos-unstable-small",
|
||||
"repo": "nixpkgs",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"utils": {
|
||||
"locked": {
|
||||
"lastModified": 1667395993,
|
||||
"narHash": "sha256-nuEHfE/LcWyuSWnS8t12N1wc105Qtau+/OdUAjtQ0rA=",
|
||||
"owner": "numtide",
|
||||
"repo": "flake-utils",
|
||||
"rev": "5aed5285a952e0b949eb3ba02c12fa4fcfef535f",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "numtide",
|
||||
"repo": "flake-utils",
|
||||
"type": "github"
|
||||
}
|
||||
}
|
||||
},
|
||||
"root": "root",
|
||||
"version": 7
|
||||
}
|
52
flake.nix
Normal file
52
flake.nix
Normal file
@ -0,0 +1,52 @@
|
||||
{
|
||||
description = "pbsds' nix system/home profile flake";
|
||||
|
||||
# TODO: NUR
|
||||
inputs.nixpkgs.url = "github:NixOS/nixpkgs/nixos-22.11-small";
|
||||
inputs.unstable.url = "github:NixOS/nixpkgs/nixos-unstable-small";
|
||||
inputs.home-manager.url = "github:nix-community/home-manager";
|
||||
inputs.home-manager.inputs.nixpkgs.follows = "nixpkgs";
|
||||
|
||||
# temp stuff
|
||||
inputs.pbsds-polaris-pr = "github:pbsds/nixpkgs/polaris-14";
|
||||
|
||||
outputs = { self, nixpkgs, unstable, home-manager, ... }@inputs:
|
||||
let
|
||||
systems = [
|
||||
"x86_64-linux"
|
||||
"aarch64-linux"
|
||||
#"riscv64-linux"
|
||||
];
|
||||
forAllSystems = f: nixpkgs.lib.genAttrs systems (system: f system);
|
||||
nixosOverrides = {
|
||||
disabledModules = [ "services/misc/polaris.nix" ];
|
||||
imports = [ inputs.pbsds-polaris-14 + "/nixos/modules/services/misc/polaris.nix" ];
|
||||
nixpkgs.overlays = [(final: prev: {
|
||||
polaris = prev.callPackage (inputs.pbsds-polaris-14 + /pkgs/servers/polaris) { };
|
||||
polaris-web = prev.callPackage (inputs.pbsds-polaris-14 + /pkgs/servers/polaris/web.nix) { };
|
||||
})];
|
||||
};
|
||||
mkConfig = system: modules: nixpkgs.lib.nixosSystem {
|
||||
inherit system;
|
||||
specialArgs = { inherit unstable inputs; };
|
||||
modules = modules ++ [ ./base.nix nixosOverrides ({
|
||||
# This makes commandline tools like 'nix run nixpkgs#hello'
|
||||
# and 'nix-shell -p hello' use the same channel the system was built with
|
||||
nix.registry.nixpkgs.flake = inputs.nixpkgs;
|
||||
nix.registry.unstable.flake = inputs.unstable;
|
||||
nix.nixPath = [
|
||||
"nixpkgs=${inputs.nixpkgs}"
|
||||
"unstable=${inputs.unstable}"
|
||||
];
|
||||
})];
|
||||
};
|
||||
in {
|
||||
nixosConfigurations.noximilien = mkConfig "x86_64-linux" [ ./hosts/noximilien.nix ];
|
||||
homeConfigurations = forAllSystems (system: {
|
||||
pbsds = home-manager.lib.homeManagerConfiguration {
|
||||
pkgs = nixpkgs.legacyPackages.${system};
|
||||
modules = [ ./users/pbsds/home ];
|
||||
};
|
||||
});
|
||||
};
|
||||
}
|
9
hardware/opengl-intel.nix
Normal file
9
hardware/opengl-intel.nix
Normal file
@ -0,0 +1,9 @@
|
||||
{ config, pkgs, lib, ... }:
|
||||
{
|
||||
# enable opengl (headless)
|
||||
|
||||
hardware.opengl.enable = true;
|
||||
#hardware.opengl.extraPackages = [ pkgs.mesa.drivers ];
|
||||
hardware.opengl.extraPackages = with pkgs; [ mesa.drivers vaapiIntel libvdpau-va-gl vaapiVdpau intel-ocl ];
|
||||
|
||||
}
|
0
hosts/asgaut.nix
Normal file
0
hosts/asgaut.nix
Normal file
233
hosts/noximilien.nix
Normal file
233
hosts/noximilien.nix
Normal file
@ -0,0 +1,233 @@
|
||||
{ config, pkgs, lib, ... }:
|
||||
{
|
||||
imports = [
|
||||
../users
|
||||
../users/pbsds
|
||||
../users/jornane
|
||||
#../users/all.nix # TODO: does not work?
|
||||
|
||||
../hardware/opengl-intel.nix
|
||||
|
||||
../profiles/web
|
||||
../profiles/web/index
|
||||
../profiles/web/cinny
|
||||
../profiles/web/element
|
||||
../profiles/web/flexget
|
||||
../profiles/web/gitea
|
||||
../profiles/web/hydra
|
||||
../profiles/web/invidious
|
||||
../profiles/web/jellyfin
|
||||
../profiles/web/libreddit
|
||||
../profiles/web/mattermost
|
||||
../profiles/web/navidrome
|
||||
../profiles/web/netdata
|
||||
../profiles/web/nitter
|
||||
../profiles/web/ntopng
|
||||
../profiles/web/owncast
|
||||
../profiles/web/paperless
|
||||
../profiles/web/polaris
|
||||
../profiles/web/resilio
|
||||
../profiles/web/roundcube
|
||||
../profiles/web/thelounge
|
||||
../profiles/web/vaultwarden
|
||||
../profiles/web/webdav-zotero
|
||||
#../profiles/web/convos
|
||||
#../profiles/web/cryptpad
|
||||
#../profiles/web/galene
|
||||
#../profiles/web/graphana
|
||||
#../profiles/web/hedgedoc
|
||||
#../profiles/web/home-assistant
|
||||
#../profiles/web/jitsi-meet
|
||||
#../profiles/web/kukkee
|
||||
#../profiles/web/matrix-synapse
|
||||
#../profiles/web/shlink
|
||||
#../profiles/web/sourcegraph
|
||||
|
||||
../profiles/web/pdoc
|
||||
../profiles/web/linktree-pbsds
|
||||
../profiles/web/refleksjon-no
|
||||
../profiles/web/roroslyd-no
|
||||
#../profiles/web/trivial-gradios
|
||||
#../profiles/web/censordodge
|
||||
#../profiles/web/openspeedtest
|
||||
|
||||
../profiles/domeneshop-dyndns # TODO: olavtr is hardcoded...
|
||||
../profiles/code-remote
|
||||
../profiles/remote-builders #
|
||||
../profiles/nfs/reidun.nix # NFS mounts
|
||||
../profiles/autossh-reverse-tunnels
|
||||
#../profiles/xrdp
|
||||
];
|
||||
|
||||
# TODO: remove? Move to where relevant=
|
||||
nixpkgs.overlays = [
|
||||
/** /
|
||||
(final: prev: {
|
||||
mapcrafter = prev.callPackage /home/pbsds/repos/nixpkgs-mapcrafter/pkgs/tools/games/minecraft/mapcrafter/default.nix { };
|
||||
mapcrafter-world112 = prev.callPackage /home/pbsds/repos/nixpkgs-mapcrafter/pkgs/tools/games/minecraft/mapcrafter/default.nix { world="world112"; };
|
||||
})
|
||||
/**/
|
||||
];
|
||||
|
||||
# run/build weird binaries
|
||||
boot.binfmt.emulatedSystems = [
|
||||
"wasm32-wasi"
|
||||
"wasm64-wasi"
|
||||
"x86_64-windows"
|
||||
"aarch64-linux"
|
||||
"riscv64-linux"
|
||||
#"x86_64-darwin"
|
||||
#"aarch64-darwin"
|
||||
];
|
||||
|
||||
services.thermald.enable = true;
|
||||
|
||||
# Virtualization
|
||||
virtualisation.podman.enable = true;
|
||||
# TODO: are these default since 22.11?
|
||||
virtualisation.podman.dockerCompat = true; # alias docker to podman
|
||||
virtualisation.oci-containers.backend = "podman";
|
||||
|
||||
# Networking
|
||||
networking.networkmanager.enable = true;
|
||||
#networking.wireless.enable = true; # Enables wireless support via wpa_supplicant.
|
||||
#networking.iwd.enable = true
|
||||
networking.hostName = "noximilien";
|
||||
networking.domain = "pbsds.net";
|
||||
networking.interfaces.eno1.ipv4.addresses = [
|
||||
{ address = "192.168.1.9"; prefixLength = 24; }
|
||||
];
|
||||
networking.nameservers = [
|
||||
"192.168.1.254"
|
||||
"8.8.8.8"
|
||||
"1.1.1.1"
|
||||
];
|
||||
networking.defaultGateway = {
|
||||
address = "192.168.1.254";
|
||||
interface = "eno1";
|
||||
};
|
||||
#networking.useDHCP = true;
|
||||
#TODO: avahi?
|
||||
|
||||
# Installed system packages
|
||||
# TODO: prune this, make home-manager deal with the majority
|
||||
environment.systemPackages = with pkgs; [
|
||||
lsof
|
||||
lshw
|
||||
htop
|
||||
file
|
||||
tmux
|
||||
#parallel # already provided by moreutils
|
||||
pwgen
|
||||
git
|
||||
nmap
|
||||
rsync
|
||||
bind.dnsutils
|
||||
graphviz
|
||||
dialog
|
||||
cowsay
|
||||
gnused
|
||||
gnumake
|
||||
coreutils-full
|
||||
moreutils
|
||||
binutils
|
||||
diffutils
|
||||
findutils
|
||||
usbutils
|
||||
bash-completion
|
||||
curl
|
||||
wget
|
||||
strace
|
||||
killall
|
||||
|
||||
zip
|
||||
unrar
|
||||
unzip
|
||||
atool
|
||||
p7zip
|
||||
bzip2
|
||||
gzip
|
||||
atool
|
||||
|
||||
micro
|
||||
aspell aspellDicts.en aspellDicts.nb
|
||||
vimv
|
||||
dos2unix
|
||||
#rmate # TODO: add to nixpkgs
|
||||
pandoc
|
||||
cargo
|
||||
cargo-edit
|
||||
sqlite
|
||||
#sshuttle
|
||||
visidata
|
||||
|
||||
weston
|
||||
cage
|
||||
vimix-gtk-themes
|
||||
flat-remix-icon-theme
|
||||
xclip
|
||||
feh
|
||||
|
||||
sshfs
|
||||
|
||||
glances
|
||||
zenith
|
||||
tealdeer # tldr
|
||||
entr
|
||||
axel aria
|
||||
bat
|
||||
xe # xargs alternative
|
||||
sd # sed alternative
|
||||
fd # find alternative
|
||||
silver-searcher # `ag`
|
||||
ripgrep
|
||||
jq
|
||||
yq
|
||||
htmlq
|
||||
sysz
|
||||
du-dust # du alternative
|
||||
ncdu # Disk usage analyzer with an ncurses interface
|
||||
|
||||
gh
|
||||
hub
|
||||
|
||||
cachix
|
||||
nix-output-monitor
|
||||
nix-prefetch
|
||||
nix-top
|
||||
#nix-index
|
||||
nix-tree
|
||||
nix-diff
|
||||
nixfmt
|
||||
alejandra
|
||||
];
|
||||
|
||||
# TODO: remove? Move?
|
||||
programs.dconf.enable = true;
|
||||
|
||||
# Some programs need SUID wrappers, can be configured further or are
|
||||
# started in user sessions.
|
||||
#programs.mtr.enable = true;
|
||||
#programs.gnupg.agent = {
|
||||
# enable = true;
|
||||
# enableSSHSupport = true;
|
||||
#};
|
||||
|
||||
# OpenSSH
|
||||
services.openssh.enable = true;
|
||||
services.openssh.forwardX11 = true;
|
||||
|
||||
# TODO: should not be system-wide
|
||||
#programs.ssh.extraConfig = ''
|
||||
# Host *.ntnu.no *.pvv.org
|
||||
# User pederbs
|
||||
#'';
|
||||
|
||||
# This value determines the NixOS release from which the default
|
||||
# settings for stateful data, like file locations and database versions
|
||||
# on your system were taken. It‘s perfectly fine and recommended to leave
|
||||
# this value at the release version of the first install of this system.
|
||||
# Before changing this value read the documentation for this option
|
||||
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
|
||||
system.stateVersion = "22.11"; # Did you read the comment?
|
||||
}
|
@ -1,4 +1,4 @@
|
||||
{ config, pkgs, lib, mkDomain, ... }:
|
||||
{ config, pkgs, lib, unstable, mkDomain, ... }:
|
||||
{
|
||||
# Invidious
|
||||
# An open source alternative front-end to YouTube
|
||||
@ -6,8 +6,9 @@
|
||||
/**/
|
||||
imports = [
|
||||
({ disabledModules = [ "services/web-apps/invidious.nix" ]; })
|
||||
<nixos-unstable/nixos/modules/services/web-apps/invidious.nix>
|
||||
({ services.invidious.package = pkgs.unstable.invidious; })
|
||||
#<nixos-unstable/nixos/modules/services/web-apps/invidious.nix>
|
||||
(unstable + "/nixos/modules/services/web-apps/invidious.nix")
|
||||
({ services.invidious.package = unstable.invidious; })
|
||||
];
|
||||
/**/
|
||||
|
||||
|
@ -1,12 +1,13 @@
|
||||
{ config, pkgs, lib, mkDomain, ... }:
|
||||
{ config, pkgs, lib, unstable, mkDomain, ... }:
|
||||
{
|
||||
# Jellyfin
|
||||
|
||||
/**/
|
||||
imports = [
|
||||
({ disabledModules = [ "services/misc/jellyfin.nix" ]; })
|
||||
<nixos-unstable/nixos/modules/services/misc/jellyfin.nix>
|
||||
({ services.jellyfin.package = pkgs.unstable.jellyfin; })
|
||||
#<nixos-unstable/nixos/modules/services/misc/jellyfin.nix>
|
||||
(unstable + "/nixos/modules/services/misc/jellyfin.nix")
|
||||
({ services.jellyfin.package = unstable.jellyfin; })
|
||||
];
|
||||
/**/
|
||||
|
||||
|
@ -3,21 +3,6 @@
|
||||
# Polaris
|
||||
# Self-host your music collection, and access it from any computer and mobile device
|
||||
|
||||
/**/
|
||||
disabledModules = [
|
||||
"services/misc/polaris.nix"
|
||||
];
|
||||
imports = [
|
||||
/home/pbsds/repos/nixpkgs/polaris-14/nixos/modules/services/misc/polaris.nix
|
||||
];
|
||||
nixpkgs.overlays = [
|
||||
(final: prev: {
|
||||
polaris = prev.callPackage /home/pbsds/repos/nixpkgs/polaris-14/pkgs/servers/polaris { };
|
||||
polaris-web = prev.callPackage /home/pbsds/repos/nixpkgs/polaris-14/pkgs/servers/polaris/web.nix { };
|
||||
})
|
||||
];
|
||||
/**/
|
||||
|
||||
|
||||
services.polaris = {
|
||||
enable = true;
|
||||
|
@ -5,5 +5,6 @@ let
|
||||
imports = lib.mapAttrsToList to-import (lib.filterAttrs filter-users (builtins.readDir ./.));
|
||||
in
|
||||
{
|
||||
# TODO: does not work?
|
||||
inherit imports;
|
||||
}
|
||||
|
@ -1,6 +1,9 @@
|
||||
{ config, pkgs, lib, ... }:
|
||||
{ config, pkgs, lib, inputs, ... }:
|
||||
{
|
||||
imports = [ <home-manager/nixos> ];
|
||||
#imports = [ <home-manager/nixos> ];
|
||||
imports = [ inputs.home-manager.nixosModule ];
|
||||
home-manager.useGlobalPkgs = true; # brrr
|
||||
#home-manager.useUserPackages = true # needed if VM
|
||||
|
||||
# When adding a new user accounts: Don't forget to set a password with ‘passwd’!
|
||||
}
|
||||
|
@ -1,5 +1,21 @@
|
||||
{ config, pkgs, lib, ... }:
|
||||
{
|
||||
# system-wide shit
|
||||
|
||||
environment.systemPackages = with pkgs; [
|
||||
fzf
|
||||
];
|
||||
# TODO: fzf for zsh
|
||||
programs.bash.shellInit = ''
|
||||
source "$(${pkgs.fzf}/bin/fzf-share)/key-bindings.bash"
|
||||
source "$(${pkgs.fzf}/bin/fzf-share)/completion.bash"
|
||||
'';
|
||||
programs.bash.shellAliases."ed" = "micro"; # TODO: ${EDITOR:-micro}
|
||||
environment.variables."EDITOR" = "micro";
|
||||
|
||||
# user and home-manager
|
||||
|
||||
#nix.trusted-users = [ "pbsds" ];
|
||||
home-manager.users.pbsds = import ./home;
|
||||
users.groups.pbsds.gid = 1001;
|
||||
users.users.pbsds = {
|
||||
|
Loading…
Reference in New Issue
Block a user