diff --git a/flake.lock b/flake.lock index b337ffd..48d69ef 100644 --- a/flake.lock +++ b/flake.lock @@ -63,22 +63,6 @@ "type": "github" } }, - "dotfiles": { - "flake": false, - "locked": { - "lastModified": 1713941143, - "narHash": "sha256-xkjxhTUToZ5KOT46te2q+59k7hgMmVxlhomvYrWCD+Y=", - "ref": "refs/heads/master", - "rev": "9c79f4672bee385c7ae0c69153a60103627e12c2", - "revCount": 12, - "type": "git", - "url": "https://code.m3tam3re.com/m3tam3re/dotfiles.git" - }, - "original": { - "type": "git", - "url": "https://code.m3tam3re.com/m3tam3re/dotfiles.git" - } - }, "fenix": { "inputs": { "nixpkgs": [ @@ -289,7 +273,6 @@ "inputs": { "agenix": "agenix", "deploy-rs": "deploy-rs", - "dotfiles": "dotfiles", "fh": "fh", "home-manager": "home-manager_2", "nixpkgs": "nixpkgs_4", diff --git a/flake.nix b/flake.nix index 625b06b..13c40ba 100644 --- a/flake.nix +++ b/flake.nix @@ -13,121 +13,72 @@ nixpkgs-stable.url = "github:nixos/nixpkgs/nixos-23.11"; fh.url = "https://flakehub.com/f/DeterminateSystems/fh/*.tar.gz"; deploy-rs.url = "github:serokell/deploy-rs"; - dotfiles.url = "git+https://code.m3tam3re.com/m3tam3re/dotfiles.git"; - dotfiles.flake = false; # Use this if your dotfiles repo is not a flake }; - outputs = { - self, - dotfiles, - nixpkgs, - fh, - home-manager, - agenix, - deploy-rs, - ... - } @ inputs: let - inherit (self) outputs; - lib = nixpkgs.lib; - systems = [ - "aarch64-linux" - "i686-linux" - "x86_64-linux" - "aarch64-darwin" - "x86_64-darwin" - ]; - forAllSystems = nixpkgs.lib.genAttrs systems; - in { - packages = - forAllSystems (system: import ./pkgs nixpkgs.legacyPackages.${system}); - formatter = - forAllSystems (system: nixpkgs.legacyPackages.${system}.alejandra); - overlays = import ./overlays {inherit inputs;}; - nixosConfigurations = { - lkk-nix-1 = lib.nixosSystem rec { - specialArgs = {inherit inputs outputs;}; - modules = [./hosts/lkk-nix-1 agenix.nixosModules.default]; - }; - m3-r1 = lib.nixosSystem { - specialArgs = {inherit inputs outputs;}; - modules = [./hosts/m3-r1 agenix.nixosModules.default]; - }; - lkk-prod-1 = lib.nixosSystem { - specialArgs = {inherit inputs outputs;}; - modules = [./hosts/lkk-prod-1 agenix.nixosModules.default]; - }; - lkk-prod-2 = lib.nixosSystem { - specialArgs = {inherit inputs outputs;}; - modules = [./hosts/lkk-prod-2 agenix.nixosModules.default]; - }; - m3-nix = lib.nixosSystem { - specialArgs = {inherit inputs outputs;}; - modules = [./hosts/m3-nix agenix.nixosModules.default]; - }; - }; - homeConfigurations = { - # Laptop - "m3tam3re@m3-nix" = home-manager.lib.homeManagerConfiguration { - pkgs = nixpkgs.legacyPackages."x86_64-linux"; - extraSpecialArgs = {inherit inputs outputs;}; - modules = [./home/users/m3tam3re/m3-nix.nix]; - }; - "m3tam3re@lkk-nix-1" = home-manager.lib.homeManagerConfiguration { - pkgs = nixpkgs.legacyPackages."x86_64-linux"; - extraSpecialArgs = { - # pass things to t + outputs = { self, nixpkgs, fh, home-manager, agenix, deploy-rs, ... }@inputs: + let + inherit (self) outputs; + lib = nixpkgs.lib; + systems = [ + "aarch64-linux" + "i686-linux" + "x86_64-linux" + "aarch64-darwin" + "x86_64-darwin" + ]; + in { + overlays = import ./overlays { inherit inputs; }; + nixosConfigurations = { + lkk-nix-1 = lib.nixosSystem rec { + specialArgs = { inherit inputs outputs; }; + modules = [ ./hosts/lkk-nix-1 agenix.nixosModules.default ]; }; - modules = [./home/users/m3tam3re/lkk-nix-1.nix]; - }; - "m3tam3re@m3-r1" = home-manager.lib.homeManagerConfiguration { - pkgs = nixpkgs.legacyPackages."x86_64-linux"; - extraSpecialArgs = { - # pass things to t + lkk-prod-1 = lib.nixosSystem { + specialArgs = { inherit inputs outputs; }; + modules = [ ./hosts/lkk-prod-1 agenix.nixosModules.default ]; + }; + lkk-prod-2 = lib.nixosSystem { + specialArgs = { inherit inputs outputs; }; + modules = [ ./hosts/lkk-prod-2 agenix.nixosModules.default ]; }; - modules = [./home/users/m3tam3re/m3-r1.nix]; }; - }; - deploy.nodes.lkk-nix-1 = { - hostname = "lkk-nix-1"; - sshUser = "root"; - profiles.system = { - user = "root"; - path = - deploy-rs.lib.x86_64-linux.activate.nixos - self.nixosConfigurations.lkk-nix-1; + homeConfigurations = { + # Laptop + "lkk-admin@lkk-nix-1" = home-manager.lib.homeManagerConfiguration { + pkgs = nixpkgs.legacyPackages."x86_64-linux"; + extraSpecialArgs = { + # pass things to t + }; + modules = [ ./home/users/lkk-admin/lkk-nix-1.nix ]; + }; }; - }; - deploy.nodes.m3-r1 = { - hostname = "m3-r1"; - sshUser = "root"; - activationTimeout = 600; - profiles.system = { - user = "root"; - path = - deploy-rs.lib.x86_64-linux.activate.nixos - self.nixosConfigurations.m3-r1; + deploy.nodes.lkk-nix-1 = { + hostname = "lkk-nix-1"; + sshUser = "root"; + profiles.system = { + user = "root"; + path = deploy-rs.lib.x86_64-linux.activate.nixos + self.nixosConfigurations.lkk-nix-1; + }; }; - }; - deploy.nodes.lkk-prod-1 = { - hostname = "lkk-prod-1"; - sshUser = "root"; - profiles.system = { - user = "root"; - path = - deploy-rs.lib.x86_64-linux.activate.nixos - self.nixosConfigurations.lkk-prod-1; + deploy.nodes.lkk-prod-1 = { + hostname = "lkk-prod-1"; + sshUser = "root"; + profiles.system = { + user = "root"; + path = deploy-rs.lib.x86_64-linux.activate.nixos + self.nixosConfigurations.lkk-prod-1; + }; }; - }; - deploy.nodes.lkk-prod-2 = { - hostname = "lkk-prod-2"; - sshUser = "root"; - profiles.system = { - user = "root"; - path = - deploy-rs.lib.x86_64-linux.activate.nixos - self.nixosConfigurations.lkk-prod-2; + deploy.nodes.lkk-prod-2 = { + hostname = "lkk-prod-2"; + sshUser = "root"; + profiles.system = { + user = "root"; + path = deploy-rs.lib.x86_64-linux.activate.nixos + self.nixosConfigurations.lkk-prod-2; + }; }; + deploy.remoteBuild = true; }; - deploy.remoteBuild = true; - }; } diff --git a/home/features/cli/default.nix b/home/features/cli/default.nix index c0591d2..0d5585b 100644 --- a/home/features/cli/default.nix +++ b/home/features/cli/default.nix @@ -1,12 +1,5 @@ { pkgs, ... }: { - imports = [ - ./fish.nix - ./neofetch.nix - ./secrets.nix - ./scripts.nix - ./starship.nix - ./zellij.nix - ]; + imports = [ ./fish.nix ./starship.nix ]; programs.zoxide = { enable = true; @@ -53,7 +46,6 @@ just lf nix-index - open-interpreter procs progress ripgrep @@ -61,7 +53,6 @@ trash-cli tree unzip - wttrbar zip ]; } diff --git a/home/features/cli/neofetch.nix b/home/features/cli/neofetch.nix deleted file mode 100644 index e4123da..0000000 --- a/home/features/cli/neofetch.nix +++ /dev/null @@ -1,15 +0,0 @@ -{ - config, - lib, - pkgs, - ... -}: -with lib; let - cfg = config.features.cli.neofetch; -in { - options.features.cli.neofetch.enable = mkEnableOption "enable neofetch"; - - config = mkIf cfg.enable { - home.packages = with pkgs; [neofetch]; - }; -} diff --git a/home/features/cli/scripts.nix b/home/features/cli/scripts.nix deleted file mode 100644 index acf64bb..0000000 --- a/home/features/cli/scripts.nix +++ /dev/null @@ -1 +0,0 @@ -{pkgs, ...}: {home.packages = [pkgs.zellij-ps];} diff --git a/home/features/cli/secrets.nix b/home/features/cli/secrets.nix deleted file mode 100644 index df4ca6f..0000000 --- a/home/features/cli/secrets.nix +++ /dev/null @@ -1,21 +0,0 @@ -{ - config, - lib, - pkgs, - ... -}: -with lib; let - cfg = config.features.cli.secrets; -in { - options.features.cli.secrets.enable = mkEnableOption "enable secrets"; - - config = mkIf cfg.enable { - programs.password-store = { - enable = true; - package = - pkgs.pass-wayland.withExtensions - (exts: [exts.pass-otp exts.pass-import]); - }; - home.packages = with pkgs; [pinentry]; - }; -} diff --git a/home/features/cli/zellij.nix b/home/features/cli/zellij.nix deleted file mode 100644 index e5c3d62..0000000 --- a/home/features/cli/zellij.nix +++ /dev/null @@ -1,17 +0,0 @@ -{ - config, - lib, - pkgs, - ... -}: -with lib; let - cfg = config.features.cli.zellij; -in { - options.features.cli.zellij.enable = mkEnableOption "enable tmux"; - - config = mkIf cfg.enable { - programs.zellij = { - enable = true; - }; - }; -} diff --git a/home/features/coding/default.nix b/home/features/coding/default.nix deleted file mode 100644 index 0f48295..0000000 --- a/home/features/coding/default.nix +++ /dev/null @@ -1,13 +0,0 @@ -{pkgs, ...}: { - imports = [./emacs.nix ./golang.nix ./nix.nix ./nodejs.nix ./rust.nix ./tools.nix]; - - home.packages = with pkgs; [ - cachix - cmake - gcc - ispell - guile_3_0 - tinyscheme - python3 - ]; -} diff --git a/home/features/coding/emacs.nix b/home/features/coding/emacs.nix deleted file mode 100644 index 27ff711..0000000 --- a/home/features/coding/emacs.nix +++ /dev/null @@ -1,8 +0,0 @@ -{pkgs, ...}: { - services.emacs.enable = true; - programs.emacs = { - enable = true; - package = pkgs.emacs29; - extraPackages = epkgs: [epkgs.vterm]; - }; -} diff --git a/home/features/coding/golang.nix b/home/features/coding/golang.nix deleted file mode 100644 index 59df1a0..0000000 --- a/home/features/coding/golang.nix +++ /dev/null @@ -1,5 +0,0 @@ -{pkgs, ...}: { - home.packages = with pkgs; [ - gopls - ]; -} diff --git a/home/features/coding/nix.nix b/home/features/coding/nix.nix deleted file mode 100644 index ea98a2b..0000000 --- a/home/features/coding/nix.nix +++ /dev/null @@ -1,9 +0,0 @@ -{pkgs, ...}: { - home.packages = with pkgs; [ - appimage-run - deploy-rs - nil - nix-prefetch-git - nixfmt - ]; -} diff --git a/home/features/coding/nodejs.nix b/home/features/coding/nodejs.nix deleted file mode 100644 index 4319bef..0000000 --- a/home/features/coding/nodejs.nix +++ /dev/null @@ -1 +0,0 @@ -{pkgs, ...}: {home.packages = with pkgs; [nodejs];} diff --git a/home/features/coding/rust.nix b/home/features/coding/rust.nix deleted file mode 100644 index 9c8c9eb..0000000 --- a/home/features/coding/rust.nix +++ /dev/null @@ -1 +0,0 @@ -{pkgs, ...}: {home.packages = with pkgs; [];} diff --git a/home/features/coding/tools.nix b/home/features/coding/tools.nix deleted file mode 100644 index 540b54e..0000000 --- a/home/features/coding/tools.nix +++ /dev/null @@ -1,10 +0,0 @@ -{pkgs, ...}: { - programs = { - direnv = { - enable = true; - nix-direnv.enable = true; - }; - }; - - home.packages = with pkgs; [insomnia hugo pandoc]; -} diff --git a/home/features/desktop/crypto.nix b/home/features/desktop/crypto.nix deleted file mode 100644 index 4b7e6eb..0000000 --- a/home/features/desktop/crypto.nix +++ /dev/null @@ -1,15 +0,0 @@ -{ - config, - lib, - pkgs, - ... -}: -with lib; let - cfg = config.features.desktop.crypto; -in { - options.features.desktop.crypto.enable = mkEnableOption "Enable Crypto"; - - config = mkIf cfg.enable { - home.packages = with pkgs; [bisq-desktop monero-gui trezor-suite]; - }; -} diff --git a/home/features/desktop/default.nix b/home/features/desktop/default.nix deleted file mode 100644 index a77105a..0000000 --- a/home/features/desktop/default.nix +++ /dev/null @@ -1,153 +0,0 @@ -{ pkgs, ... }: { - imports = [ - ./crypto.nix - ./design.nix - ./extrafonts.nix - ./media.nix - ./office.nix - ./theme.nix - ./syncthing.nix - ./wayland.nix - ./wofi.nix - ]; - - xdg = { - enable = true; - configFile."mimeapps.list".force = true; - mimeApps = { - enable = true; - associations.added = { - "application/zip" = [ "org.gnome.FileRoller.desktop" ]; - "application/csv" = [ "calc.desktop" ]; - "application/pdf" = [ "okularApplication_pdf.desktop" ]; - "x-scheme-handler/org-protocol" = [ "org-protocol.desktop" ]; - }; - defaultApplications = { - "application/zip" = [ "org.gnome.FileRoller.desktop" ]; - "application/csv" = [ "calc.desktop" ]; - "application/pdf" = [ "okularApplication_pdf.desktop" ]; - "x-scheme-handler/org-protocol" = [ "org-protocol.desktop" ]; - }; - }; - userDirs = { - enable = true; - createDirectories = true; - }; - }; - - home.sessionVariables = { - WEBKIT_DISABLE_COMPOSITING_MODE = "1"; - NIXOS_OZONE_WL = "1"; - TERMINAL = "alacritty"; - QT_QPA_PLATFORM = "wayland"; - }; - home.sessionPath = - [ "\${XDG_BIN_HOME}" "\${HOME}/.cargo/bin" "$HOME/.npm-global/bin" ]; - - fonts.fontconfig.enable = true; - - services.mako = { - enable = true; - backgroundColor = "#282a36"; - textColor = "#80FFEA"; - borderColor = "#9742b5"; - width = 400; - height = 150; - padding = "10,20"; - borderRadius = 8; - borderSize = 1; - margin = "20,20"; - }; - - programs.alacritty = { - enable = true; - settings = { - env.TERM = "xterm-256color"; - font = { - size = 12; - #draw_bold_text_with_bright_colors = true; - }; - scrolling.multiplier = 5; - selection.save_to_clipboard = true; - colors = { - primary = { - background = "0x22212c"; - #foregound = "0xf8f8f2"; - }; - cursor = { - text = "0x454158"; - cursor = "0xf8f8f2"; - }; - selection = { - text = "0xf8f8f2"; - background = "0x454158"; - }; - normal = { - black = "0x22212c"; - red = "0xff9580"; - green = "0x8aff80"; - yellow = "0xffff80"; - blue = "0x9580ff"; - magenta = "0xff80bf"; - cyan = "0x80ffea"; - white = "0xf8f8f2"; - }; - bright = { - black = "0x22212c"; - red = "0xffaa99"; - green = "0xa2ff99"; - yellow = "0xffff99"; - blue = "0xaa99ff"; - magenta = "0xff99cc"; - cyan = "0x99ffee"; - white = "0xffffff"; - }; - }; - }; - }; - home.pointerCursor = { - gtk.enable = true; - package = pkgs.bibata-cursors; - name = "Bibata-Modern-Ice"; - size = 20; - }; - home.packages = with pkgs; [ - appimage-run - anytype - blueberry - brave - brightnessctl - clipman - distrobox - eww - gnome.file-roller - gnome.seahorse - gnome.sushi - glib - gsettings-desktop-schemas - graphviz - hyprpaper - ksnip - nwg-look - pamixer - pavucontrol - libsForQt5.qtstyleplugins - nyxt - pcmanfm - qt5ct - qt6.qtwayland - rustdesk - socat - unrar - unzip - usbutils - v4l-utils - remmina - wl-clipboard - wlogout - wtype - xdg-utils - ydotool - zip - ]; -} diff --git a/home/features/desktop/design.nix b/home/features/desktop/design.nix deleted file mode 100644 index 9a72765..0000000 --- a/home/features/desktop/design.nix +++ /dev/null @@ -1,25 +0,0 @@ -{ - config, - lib, - pkgs, - ... -}: -with lib; let - cfg = config.features.desktop.design; -in { - options.features.desktop.design.enable = mkEnableOption "enable design tools"; - - config = mkIf cfg.enable { - home.packages = with pkgs; [ - argyllcms - cyan - gimp - gimpPlugins.gmic - gmic - gmic-qt - imagemagick - inkscape - lcms2 - ]; - }; -} diff --git a/home/features/desktop/extrafonts.nix b/home/features/desktop/extrafonts.nix deleted file mode 100644 index 33f51e8..0000000 --- a/home/features/desktop/extrafonts.nix +++ /dev/null @@ -1,23 +0,0 @@ -{ - config, - lib, - pkgs, - ... -}: -with lib; let - cfg = config.features.desktop.extrafonts; -in { - options.features.desktop.extrafonts.enable = mkEnableOption "install additional fonts for desktop apps"; - - config = mkIf cfg.enable { - home.packages = with pkgs; [ - emacs-all-the-icons-fonts - fira-code - fira-code-symbols - fira-code-nerdfont - font-manager - font-awesome_5 - noto-fonts - ]; - }; -} diff --git a/home/features/desktop/media.nix b/home/features/desktop/media.nix index 6e30b82..0f3191a 100644 --- a/home/features/desktop/media.nix +++ b/home/features/desktop/media.nix @@ -9,19 +9,10 @@ in { home.packages = with pkgs; [ audacity ffmpeg_6-full - gphoto2 - handbrake - stable.libsForQt5.kdenlive - makemkv mediainfo mpv - plexamp - spotify uxplay vlc - webcord - youtube-dl - unimatrix ]; programs.obs-studio = { diff --git a/home/features/desktop/office.nix b/home/features/desktop/office.nix deleted file mode 100644 index 41be21a..0000000 --- a/home/features/desktop/office.nix +++ /dev/null @@ -1,16 +0,0 @@ -{ - config, - lib, - pkgs, - ... -}: -with lib; let - cfg = config.features.desktop.office; -in { - options.features.desktop.office.enable = - mkEnableOption "enable office features"; - - config = mkIf cfg.enable { - home.packages = with pkgs; [libreoffice neomutt pdftk okular zathura]; - }; -} diff --git a/home/features/desktop/plasma.nix b/home/features/desktop/plasma.nix index 34bf484..9c8c735 100644 --- a/home/features/desktop/plasma.nix +++ b/home/features/desktop/plasma.nix @@ -1,21 +1,7 @@ -{ - pkgs, - lib, - outputs, - ... -}: { +{ pkgs, lib, outputs, ... }: { imports = [ # ]; - home.packages = with pkgs; [ - alacritty - brave - libreoffice - nextcloud-client - xclip - libnotify - espanso - firefox - ]; + home.packages = with pkgs; [ alacritty brave libreoffice libnotify firefox ]; } diff --git a/home/features/desktop/syncthing.nix b/home/features/desktop/syncthing.nix deleted file mode 100644 index 3a8a041..0000000 --- a/home/features/desktop/syncthing.nix +++ /dev/null @@ -1,4 +0,0 @@ -{pkgs, ...}: { - services.syncthing = {enable = true;}; - home.packages = with pkgs; [syncthingtray-minimal]; -} diff --git a/home/features/desktop/theme.nix b/home/features/desktop/theme.nix deleted file mode 100644 index d6f8874..0000000 --- a/home/features/desktop/theme.nix +++ /dev/null @@ -1,17 +0,0 @@ -{pkgs, ...}: { - qt = { - enable = true; - platformTheme = "gtk"; - }; - gtk = { - enable = true; - theme = { - name = "Dracula"; - package = pkgs.dracula-theme; - }; - iconTheme = { - name = "Dracula"; - package = pkgs.dracula-icon-theme; - }; - }; -} diff --git a/home/features/desktop/wayland.nix b/home/features/desktop/wayland.nix deleted file mode 100644 index b88956c..0000000 --- a/home/features/desktop/wayland.nix +++ /dev/null @@ -1,15 +0,0 @@ -{ inputs, config, lib, pkgs, ... }: { - programs.waybar = { enable = true; }; - home.packages = with pkgs; [ - grim - hypridle - hyprlock - mimeo - pulseaudio - slurp - waypipe - wf-recorder - wl-mirror - ydotool - ]; -} diff --git a/home/features/desktop/wofi.nix b/home/features/desktop/wofi.nix deleted file mode 100644 index 88b10c0..0000000 --- a/home/features/desktop/wofi.nix +++ /dev/null @@ -1,7 +0,0 @@ -{ - pkgs, - outputs, - ... -}: { - home.packages = [pkgs.wofi pkgs.bemoji pkgs.wofi-pass]; -} diff --git a/home/features/gaming/default.nix b/home/features/gaming/default.nix deleted file mode 100644 index 6cae595..0000000 --- a/home/features/gaming/default.nix +++ /dev/null @@ -1,11 +0,0 @@ -{pkgs, ...}: { - imports = [./sunshine.nix]; - home.packages = with pkgs; [ - gamemode - gamescope - goverlay - mangohud - ryujinx - protonup-ng - ]; -} diff --git a/home/features/gaming/sunshine.nix b/home/features/gaming/sunshine.nix deleted file mode 100644 index c0bcee5..0000000 --- a/home/features/gaming/sunshine.nix +++ /dev/null @@ -1,15 +0,0 @@ -{ - config, - lib, - pkgs, - ... -}: -with lib; let - cfg = config.features.gaming.sunshine; -in { - options.features.gaming.sunshine.enable = mkEnableOption "enable Sunshine"; - - config = mkIf cfg.enable { - home.packages = with pkgs; [sunshine]; - }; -} diff --git a/home/features/privacy/default.nix b/home/features/privacy/default.nix deleted file mode 100644 index b5d380c..0000000 --- a/home/features/privacy/default.nix +++ /dev/null @@ -1,5 +0,0 @@ -{pkgs, ...}: { - home.packages = with pkgs; [ - i2p - ]; -} diff --git a/home/features/virtualization/default.nix b/home/features/virtualization/default.nix deleted file mode 100644 index c43eb43..0000000 --- a/home/features/virtualization/default.nix +++ /dev/null @@ -1 +0,0 @@ -{imports = [./podman.nix ./qemu.nix];} diff --git a/home/features/virtualization/podman.nix b/home/features/virtualization/podman.nix deleted file mode 100644 index 711678d..0000000 --- a/home/features/virtualization/podman.nix +++ /dev/null @@ -1,14 +0,0 @@ -{ - config, - lib, - pkgs, - ... -}: -with lib; let - cfg = config.features.virtualization.podman; -in { - options.features.virtualization.podman.enable = - mkEnableOption "install podman"; - - config = mkIf cfg.enable {home.packages = with pkgs; [fuse-overlayfs];}; -} diff --git a/home/features/virtualization/qemu.nix b/home/features/virtualization/qemu.nix deleted file mode 100644 index ca0088d..0000000 --- a/home/features/virtualization/qemu.nix +++ /dev/null @@ -1,14 +0,0 @@ -{ - config, - lib, - pkgs, - ... -}: -with lib; let - cfg = config.features.virtualization.qemu; -in { - options.features.virtualization.qemu.enable = - mkEnableOption "install qemu tools"; - config = - mkIf cfg.enable {home.packages = with pkgs; [virt-manager virtiofsd];}; -} diff --git a/home/users/m3tam3re/dotfiles/default.nix b/home/users/m3tam3re/dotfiles/default.nix deleted file mode 100644 index 5430ee6..0000000 --- a/home/users/m3tam3re/dotfiles/default.nix +++ /dev/null @@ -1,22 +0,0 @@ -{ pkgs, inputs, ... }: { - home.file.".config/bat" = { - source = "${inputs.dotfiles}/bat"; - recursive = true; - }; - home.file.".config/nyxt" = { - source = "${inputs.dotfiles}/nyxt"; - recursive = true; - }; - home.file.".config/hypr" = { - source = "${inputs.dotfiles}/hypr"; - recursive = true; - }; - home.file.".config/nvim" = { - source = "${inputs.dotfiles}/nvim"; - recursive = true; - }; - home.file.".config/zellij" = { - source = "${inputs.dotfiles}/zellij"; - recursive = true; - }; -} diff --git a/home/users/m3tam3re/dotfiles/hyprland.nix b/home/users/m3tam3re/dotfiles/hyprland.nix deleted file mode 100644 index a4e4a41..0000000 --- a/home/users/m3tam3re/dotfiles/hyprland.nix +++ /dev/null @@ -1,227 +0,0 @@ -{ config, ... }: { - home.file.".config/hypr/hyprland.conf".text = '' - - # See https://wiki.hyprland.org/Configuring/Monitors/ - monitor=eDP-1,preferred,2560x0,1.25 - monitor=DP-1,preferred,0x0,1 - - # See https://wiki.hyprland.org/Configuring/Keywords/ for more - xwayland { - force_zero_scaling = true - } - # Execute your favorite apps at launch - # exec-once = waybar & hyprpaper & firefox - exec-once = waybar - exec-once = hyprpaper - exec-once = wl-paste -p -t text --watch clipman store -P --histpath="~/.local/share/clipman-primary.json" - # Source a file (multi-file configs) - # source = ~/.config/hypr/myColors.conf - - # Some default env vars. - env = LIBVA_DRIVER_NAME,nvidia - env = XDG_SESSION_TYPE,wayland - env = GBM_BACKEND,nvidia-drm - env = __GLX_VENDOR_LIBRARY_NAME,nvidia - env = XCURSOR_SIZE,32 - env = WLR_NO_HARDWARE_CURSORS,1 - env = GTK_THEME,Dracula - # For all categories, see https://wiki.hyprland.org/Configuring/Variables/ - input { - kb_layout = de,us - kb_variant = - kb_model = - kb_rules = - kb_options=ctrl:nocaps - follow_mouse = 1 - - touchpad { - natural_scroll = yes - } - - sensitivity = 0 # -1.0 - 1.0, 0 means no modification. - } - - device { - name = zsa-technology-labs-moonlander-mark-i - kb_layout = us - } - - general { - # See https://wiki.hyprland.org/Configuring/Variables/ for more - #col.active_border = rgb(44475a) rgb(bd93f9) 90deg - #col.inactive_border = rgba(44475aaa) - #col.group_border = rgba(282a36dd) - #col.group_border_active = rgb(bd93f9) rgb(44475a) 90deg - - gaps_in = 5 - gaps_out = 5 - border_size = 1 - col.active_border = rgba(9742b5ee) rgba(9742b5ee) 45deg - col.inactive_border = rgba(595959aa) - - layout = dwindle - } - - decoration { - # See https://wiki.hyprland.org/Configuring/Variables/ for more - col.shadow = rgba(1E202966) - drop_shadow = yes - shadow_range = 60 - shadow_offset = 1 2 - shadow_render_power = 3 - shadow_scale = 0.97 - rounding = 8 - blur { - enabled = yes - size = 3 - passes = 3 - } - active_opacity = 0.9 - inactive_opacity = 0.5 - drop_shadow = yes - shadow_range = 4 - shadow_render_power = 3 - } - - animations { - enabled = yes - - # Some default animations, see https://wiki.hyprland.org/Configuring/Animations/ for more - - bezier = myBezier, 0.05, 0.9, 0.1, 1.05 - - animation = windows, 1, 7, myBezier - animation = windowsOut, 1, 7, default, popin 80% - animation = border, 1, 10, default - animation = borderangle, 1, 8, default - animation = fade, 1, 7, default - animation = workspaces, 1, 6, default - } - - dwindle { - # See https://wiki.hyprland.org/Configuring/Dwindle-Layout/ for more - pseudotile = yes # master switch for pseudotiling. Enabling is bound to mainMod + P in the keybinds section below - preserve_split = yes # you probably want this - } - - master { - # See https://wiki.hyprland.org/Configuring/Master-Layout/ for more - new_is_master = true - } - - gestures { - # See https://wiki.hyprland.org/Configuring/Variables/ for more - workspace_swipe = off - } - - # Example per-device config - # See https://wiki.hyprland.org/Configuring/Keywords/#executing for more - device { - name = epic-mouse-v1 - sensitivity = -0.5 - } - - # Example windowrule v1 - # windowrule = float, ^(kitty)$ - # Example windowrule v2 - # windowrulev2 = float,class:^(kitty)$,title:^(kitty)$ - # See https://wiki.hyprland.org/Configuring/Window-Rules/ for more - windowrule = float, file_progress - windowrule = float, confirm - windowrule = float, dialog - windowrule = float, download - windowrule = float, notification - windowrule = float, error - windowrule = float, splash - windowrule = float, confirmreset - windowrule = float, title:Open File - windowrule = float, title:branchdialog - windowrule = float, Lxappearance - windowrule = float, Wofi - windowrule = float, dunst - windowrule = animation none,Wofi - windowrule = float,viewnior - windowrule = float,feh - windowrule = float, pavucontrol-qt - windowrule = float, pavucontrol - windowrule = float, file-roller - windowrule = fullscreen, wlogout - windowrule = float, title:wlogout - windowrule = fullscreen, title:wlogout - windowrule = idleinhibit focus, mpv - windowrule = idleinhibit fullscreen, firefox - windowrule = float, title:^(Media viewer)$ - windowrule = float, title:^(Volume Control)$ - windowrule = float, title:^(Picture-in-Picture)$ - windowrule = size 800 600, title:^(Volume Control)$ - windowrule = move 75 44%, title:^(Volume Control)$ - - # See https://wiki.hyprland.org/Configuring/Keywords/ for more - $mainMod = SUPER - - # Example binds, see https://wiki.hyprland.org/Configuring/Binds/ for more - bind = $mainMod, return, exec, alacritty -e zellij-ps - bind = $mainMod, t, exec, alacritty - bind = $mainMod SHIFT, e, exec, alacritty -e zellij_nvim - bind = $mainMod, o, exec, thunar - bind = $mainMod, Escape, exec, wlogout -p layer-shell - bind = $mainMod, Space, togglefloating - bind = $mainMod, q, killactive, - bind = $mainMod, M, exit, - bind= $mainMod, F, fullscreen - bind = $mainMod, V, togglefloating, - bind = $mainMod, D, exec, wofi --show drun --allow-images - bind = $mainMod SHIFT, S, exec, bemoji - bind = $mainMod, P, exec, wofi-pass - bind = $mainMod SHIFT, P, pseudo, # dwindle - bind = $mainMod, J, togglesplit, # dwindle - - # Move focus with mainMod + arrow keys - bind = $mainMod, left, movefocus, l - bind = $mainMod, right, movefocus, r - bind = $mainMod, up, movefocus, u - bind = $mainMod, down, movefocus, d - - workspace = 1, monitor:DP-1, default:true - workspace = 2, monitor:DP-1 - workspace = 3, monitor:DP-1 - workspace = 4, monitor:eDP-1 - workspace = 5, monitor:eDP-1 - - windowrulev2 = workspace 1,class:(Emacs) - windowrulev2 = workspace 3,opacity 1.0, class:(brave-browser) - windowrulev2 = workspace 4,class:(com.obsproject.Studio) - - # Switch workspaces with mainMod + [0-9] - bind = $mainMod, 1, workspace, 1 - bind = $mainMod, 2, workspace, 2 - bind = $mainMod, 3, workspace, 3 - bind = $mainMod, 4, workspace, 4 - bind = $mainMod, 5, workspace, 5 - bind = $mainMod, 6, workspace, 6 - bind = $mainMod, 7, workspace, 7 - bind = $mainMod, 8, workspace, 8 - bind = $mainMod, 9, workspace, 9 - bind = $mainMod, 0, workspace, 10 - - # Move active window to a workspace with mainMod + SHIFT + [0-9] - bind = $mainMod SHIFT, 1, movetoworkspace, 1 - bind = $mainMod SHIFT, 2, movetoworkspace, 2 - bind = $mainMod SHIFT, 3, movetoworkspace, 3 - bind = $mainMod SHIFT, 4, movetoworkspace, 4 - bind = $mainMod SHIFT, 5, movetoworkspace, 5 - bind = $mainMod SHIFT, 6, movetoworkspace, 6 - bind = $mainMod SHIFT, 7, movetoworkspace, 7 - bind = $mainMod SHIFT, 8, movetoworkspace, 8 - bind = $mainMod SHIFT, 9, movetoworkspace, 9 - bind = $mainMod SHIFT, 0, movetoworkspace, 10 - - # Scroll through existing workspaces with mainMod + scroll - bind = $mainMod, mouse_down, workspace, e+1 - bind = $mainMod, mouse_up, workspace, e-1 - - # Move/resize windows with mainMod + LMB/RMB and dragging - bindm = $mainMod, mouse:272, movewindow - bindm = $mainMod, mouse:273, resizewindow - ''; -} diff --git a/home/users/m3tam3re/m3-nix.nix b/home/users/m3tam3re/m3-nix.nix deleted file mode 100644 index ed348f2..0000000 --- a/home/users/m3tam3re/m3-nix.nix +++ /dev/null @@ -1,38 +0,0 @@ -{ - config, - pkgs, - ... -}: { - imports = [ - ./base - ./dotfiles - ../../features/cli - ../../features/coding - ../../features/desktop - ../../features/gaming - ../../features/virtualization - ]; - - features = { - cli = { - fish.enable = true; - neofetch.enable = true; - secrets.enable = true; - starship.enable = true; - zellij.enable = true; - }; - gaming = {sunshine.enable = true;}; - desktop = { - crypto.enable = true; - design.enable = true; - extrafonts.enable = true; - media.enable = true; - office.enable = true; - }; - virtualization = { - podman.enable = true; - qemu.enable = true; - }; - }; - home.stateVersion = "24.05"; -} diff --git a/home/users/m3tam3re/m3-r1.nix b/home/users/m3tam3re/m3-r1.nix deleted file mode 100644 index fcdfd71..0000000 --- a/home/users/m3tam3re/m3-r1.nix +++ /dev/null @@ -1,16 +0,0 @@ -{ - config, - pkgs, - ... -}: { - imports = [./base ../../features/cli]; - - features = { - cli = { - fish.enable = true; - starship.enable = true; - }; - }; - - home.stateVersion = "22.11"; -} diff --git a/hosts/lkk-nix-1/default.nix b/hosts/lkk-nix-1/default.nix index 9d96458..d9f4d72 100644 --- a/hosts/lkk-nix-1/default.nix +++ b/hosts/lkk-nix-1/default.nix @@ -59,11 +59,6 @@ owner = "traefik"; }; - minio-root-cred = { - file = ../../secrets/minio-root-cred.age; - mode = "770"; - }; - baserow-env = { file = ../../secrets/baserow-env.age; mode = "770"; diff --git a/hosts/m3-nix/default.nix b/hosts/m3-nix/default.nix deleted file mode 100644 index 1335169..0000000 --- a/hosts/m3-nix/default.nix +++ /dev/null @@ -1,148 +0,0 @@ -{ config, inputs, outputs, pkgs, lib, ... }: -with pkgs; { - imports = [ - ./hardware.nix - ./hardware-configuration.nix # Include the results of the hardware scan. - ../common/users/m3tam3re - ../common/base - ./services - ]; - - specialisation = { - "NVIDIA".configuration = { - boot.kernelParams = [ "nvidia.NVreg_PreserveVideoMemoryAllocations=1" ]; - system.nixos.tags = [ "NVIDIA" ]; - services.xserver.videoDrivers = [ "nvidia" ]; - }; - }; - # Bootloader. - boot.loader.systemd-boot.enable = true; - boot.loader.systemd-boot.memtest86.enable = true; - - boot.extraModulePackages = with config.boot.kernelPackages; [ v4l2loopback ]; - boot.kernelModules = [ "v4l2loopback" ]; - - boot.extraModprobeConfig = '' - options kvm_intel nested=1 - options kvm_intel emulate_invalid_guest_state=0 - options kvm ignore_msrs=1 - options v4l2loopback exclusive_caps=1 max_buffers=2 - ''; - - networking = { - hostName = "m3-nix"; - firewall.extraCommands = - "iptables -t raw -A OUTPUT -p udp -m udp --dport 137 -j CT --helper netbios-ns"; - networkmanager.enable = true; - }; - - services.openssh = { - enable = true; - settings.PermitRootLogin = "no"; - allowSFTP = true; - }; - - services.avahi = { - enable = true; - nssmdns4 = true; - publish = { - addresses = true; - workstation = true; - userServices = true; - }; - }; - - programs.nix-ld.enable = true; - programs.nix-ld.libraries = with pkgs; - [ - # Add any missing dynamic libraries for unpackaged programs - # here, NOT in environment.systemPackages - ]; - programs.hyprland = { - enable = true; - xwayland.enable = true; - }; - programs.steam = { - enable = true; - remotePlay.openFirewall = true; - dedicatedServer.openFirewall = true; - }; - programs.fish.enable = true; - programs.thunar = { - enable = true; - plugins = with pkgs.xfce; [ thunar-archive-plugin thunar-volman ]; - }; - age = { - secrets = { - tailscale-key.file = ../../secrets/tailscale-key.age; - wg-key.file = ../../secrets/wg-key.age; - m3tam3re-secrets = { - file = ../../secrets/m3tam3re-secrets.age; - owner = "m3tam3re"; - }; - }; - identityPaths = [ "/root/.ssh/lkk-nix-1" ]; - }; - - time.timeZone = "Europe/Berlin"; - i18n.defaultLocale = "de_DE.utf8"; - console.keyMap = "de"; - - # NOTE: NIX related config - - programs.nh = { - enable = true; - clean.enable = true; - clean.extraArgs = "--keep-since 4d --keep 3"; - flake = "/home/m3tam3re/projects/nix-configurations"; - }; - nix.extraOptions = '' - experimental-features = nix-command - keep-outputs = true - keep-derivations = true - ''; - nix = { - settings = { - experimental-features = "nix-command flakes"; - trusted-users = [ "root" "m3tam3re" ]; - }; - gc = { - automatic = true; - options = "--delete-older-than 30d"; - }; - optimise.automatic = true; - registry = (lib.mapAttrs (_: flake: { inherit flake; })) - ((lib.filterAttrs (_: lib.isType "flake")) inputs); - nixPath = [ "/etc/nix/path" ]; - }; - - environment.etc = lib.mapAttrs' (name: value: { - name = "nix/path/${name}"; - value.source = value.flake; - }) config.nix.registry; - environment.systemPackages = - [ neovim nvd nix-output-monitor wally-cli nfs-utils restic sshfs ]; - - systemd.extraConfig = '' - DefaultTimeoutStopSec=10s - ''; - nixpkgs = { - overlays = [ - outputs.overlays.additions - outputs.overlays.modifications - outputs.overlays.stable-packages - ]; - config = { - allowUnfree = true; - nvidia.acceptLicense = true; - }; - }; - - # This value determines the NixOS release from which the default - # settings for stateful data, like file locations and database versions - # on your system were taken. It‘s perfectly fine and recommended to leavecatenate(variables, "bootdev", bootdev) - # this value at the release version of the first install of this system. - # Before changing this value read the documentation for this option - # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html). - system.stateVersion = "24.05"; # Did you read the comment? -} diff --git a/hosts/m3-nix/hardware-configuration.nix b/hosts/m3-nix/hardware-configuration.nix deleted file mode 100644 index 4d6ac18..0000000 --- a/hosts/m3-nix/hardware-configuration.nix +++ /dev/null @@ -1,67 +0,0 @@ -# Do not modify this file! It was generated by ‘nixos-generate-config’ -# and may be overwritten by future invocations. Please make changes -# to /etc/nixos/configuration.nix instead. -{ - config, - lib, - pkgs, - modulesPath, - ... -}: { - imports = [(modulesPath + "/installer/scan/not-detected.nix")]; - - boot.initrd.availableKernelModules = ["xhci_pci" "thunderbolt" "ahci" "nvme" "usb_storage" "sd_mod"]; - boot.initrd.kernelModules = []; - boot.kernelModules = ["kvm-intel"]; - boot.extraModulePackages = []; - - fileSystems."/" = { - device = "/dev/disk/by-uuid/3a50bf0a-024b-488b-aa11-56b32f2fb54d"; - fsType = "btrfs"; - options = ["subvol=root" "compress=zstd"]; - }; - - fileSystems."/home" = { - device = "/dev/disk/by-uuid/3a50bf0a-024b-488b-aa11-56b32f2fb54d"; - fsType = "btrfs"; - options = ["subvol=home" "compress=zstd"]; - }; - - fileSystems."/nix" = { - device = "/dev/disk/by-uuid/3a50bf0a-024b-488b-aa11-56b32f2fb54d"; - fsType = "btrfs"; - options = ["subvol=home" "compress=zstd" "noatime"]; - }; - - fileSystems."/boot" = { - device = "/dev/disk/by-uuid/4811-EA6E"; - fsType = "vfat"; - }; - - fileSystems."/opt" = { - device = "/dev/disk/by-uuid/3574df3a-2a90-4b54-9c21-128f1d01ff8f"; - fsType = "btrfs"; - options = ["noatime" "compress=zstd"]; - }; - - fileSystems."/mnt/skynet-bkg" = { - device = "100.94.135.99:/volume3/bkg"; - fsType = "nfs"; - options = ["noauto" "x-systemd.automount"]; - }; - - swapDevices = []; - - # Enables DHCP on each ethernet and wireless interface. In case of scripted networking - # (the default) this is the recommended approach. When using systemd-networkd it's - # still possible to use this option, but it's recommended to use it in conjunction - # with explicit per-interface declarations with `networking.interfaces..useDHCP`. - networking.useDHCP = lib.mkDefault true; - # networking.interfaces.enp46s0.useDHCP = lib.mkDefault true; - # networking.interfaces.wlo1.useDHCP = lib.mkDefault true; - - nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; - powerManagement.cpuFreqGovernor = lib.mkDefault "powersave"; - hardware.cpu.intel.updateMicrocode = - lib.mkDefault config.hardware.enableRedistributableFirmware; -} diff --git a/hosts/m3-nix/hardware.nix b/hosts/m3-nix/hardware.nix deleted file mode 100644 index 8a7787e..0000000 --- a/hosts/m3-nix/hardware.nix +++ /dev/null @@ -1,54 +0,0 @@ -{ config, pkgs, ... }: { - hardware.nvidia = { - package = let - rcu_patch = pkgs.fetchpatch { - url = - "https://github.com/gentoo/gentoo/raw/c64caf53/x11-drivers/nvidia-drivers/files/nvidia-drivers-470.223.02-gpl-pfn_valid.patch"; - hash = "sha256-eZiQQp2S/asE7MfGvfe6dA/kdCvek9SYa/FFGp24dVg="; - }; - in config.boot.kernelPackages.nvidiaPackages.mkDriver { - version = "535.154.05"; - sha256_64bit = "sha256-fpUGXKprgt6SYRDxSCemGXLrEsIA6GOinp+0eGbqqJg="; - sha256_aarch64 = "sha256-G0/GiObf/BZMkzzET8HQjdIcvCSqB1uhsinro2HLK9k="; - openSha256 = "sha256-wvRdHguGLxS0mR06P5Qi++pDJBCF8pJ8hr4T8O6TJIo="; - settingsSha256 = "sha256-9wqoDEWY4I7weWW05F4igj1Gj9wjHsREFMztfEmqm10="; - persistencedSha256 = - "sha256-d0Q3Lk80JqkS1B54Mahu2yY/WocOqFFbZVBh+ToGhaE="; - - #version = "550.40.07"; - #sha256_64bit = "sha256-KYk2xye37v7ZW7h+uNJM/u8fNf7KyGTZjiaU03dJpK0="; - #sha256_aarch64 = "sha256-AV7KgRXYaQGBFl7zuRcfnTGr8rS5n13nGUIe3mJTXb4="; - #openSha256 = "sha256-mRUTEWVsbjq+psVe+kAT6MjyZuLkG2yRDxCMvDJRL1I="; - #settingsSha256 = "sha256-c30AQa4g4a1EHmaEu1yc05oqY01y+IusbBuq+P6rMCs="; - #persistencedSha256 = "sha256-11tLSY8uUIl4X/roNnxf5yS2PQvHvoNjnd2CB67e870="; - - patches = [ rcu_patch ]; - }; - prime = { - offload.enable = false; - - # Bus ID of the Intel GPU. You can find it using lspci, either under 3D or VGA - intelBusId = "PCI:0:2:0"; - - # Bus ID of the NVIDIA GPU. You can find it using lspci, either under 3D or VGA - nvidiaBusId = "PCI:1:0:0"; - }; - modesetting.enable = true; - powerManagement.finegrained = false; - powerManagement.enable = true; - open = false; - dynamicBoost.enable = true; - nvidiaSettings = true; - }; - hardware.opengl.enable = true; - hardware.opengl.driSupport32Bit = true; - services.hardware.bolt.enable = true; - services.auto-cpufreq.enable = true; - services.tlp.enable = true; - services.fstrim.enable = true; - hardware.bluetooth.enable = true; - hardware.keyboard.zsa.enable = true; - hardware.tuxedo-rs.enable = true; - hardware.tuxedo-rs.tailor-gui.enable = true; - hardware.tuxedo-keyboard.enable = true; -} diff --git a/hosts/m3-nix/services/cron.nix b/hosts/m3-nix/services/cron.nix deleted file mode 100644 index 0820c0d..0000000 --- a/hosts/m3-nix/services/cron.nix +++ /dev/null @@ -1,6 +0,0 @@ -{ - services.cron = { - enable = true; - systemCronJobs = [""]; - }; -} diff --git a/hosts/m3-nix/services/default.nix b/hosts/m3-nix/services/default.nix deleted file mode 100644 index a14cb15..0000000 --- a/hosts/m3-nix/services/default.nix +++ /dev/null @@ -1,32 +0,0 @@ -{pkgs, ...}: { - imports = [ - ./cron.nix - ./flatpak.nix - ./prometheus-node.nix - ./ollama.nix - ./sound.nix - ./udev.nix - ./restic.nix - ./tailscale.nix - ./virtualization.nix - ./wireguard.nix - #./xserver.nix - ]; - - # services.gvfs = { - # enable = true; - # package = pkgs.gnome3.gvfs; - # }; - # services.kubo = { enable = true; }; # IPFS - programs.gnupg.agent = { - enable = true; - enableSSHSupport = true; - pinentryPackage = pkgs.pinentry-gnome3; - }; - services.printing.enable = true; - services.sabnzbd.enable = true; - services.i2p.enable = true; - services.gvfs.enable = true; - services.trezord.enable = true; - services.logind.lidSwitchExternalPower = "ignore"; -} diff --git a/hosts/m3-nix/services/flatpak.nix b/hosts/m3-nix/services/flatpak.nix deleted file mode 100644 index eb6ea2e..0000000 --- a/hosts/m3-nix/services/flatpak.nix +++ /dev/null @@ -1,8 +0,0 @@ -{pkgs, ...}: { - services.flatpak.enable = true; - xdg.portal = { - # xdg desktop intergration (required for flatpak) - enable = true; - extraPortals = [pkgs.xdg-desktop-portal-gtk]; - }; -} diff --git a/hosts/m3-nix/services/ollama.nix b/hosts/m3-nix/services/ollama.nix deleted file mode 100644 index 7b28157..0000000 --- a/hosts/m3-nix/services/ollama.nix +++ /dev/null @@ -1,7 +0,0 @@ -{ - config, - pkgs, - ... -}: { - services.ollama = {enable = true;}; -} diff --git a/hosts/m3-nix/services/prometheus-node.nix b/hosts/m3-nix/services/prometheus-node.nix deleted file mode 100644 index 30aa66a..0000000 --- a/hosts/m3-nix/services/prometheus-node.nix +++ /dev/null @@ -1,10 +0,0 @@ -{ - services.prometheus.exporters.node = { - enable = true; - port = 8081; - enabledCollectors = ["logind" "systemd"]; - disabledCollectors = ["textfile"]; - openFirewall = true; - firewallFilter = "-i br0 -p tcp -m tcp --dport 8081"; - }; -} diff --git a/hosts/m3-nix/services/restic.nix b/hosts/m3-nix/services/restic.nix deleted file mode 100644 index 3111a3a..0000000 --- a/hosts/m3-nix/services/restic.nix +++ /dev/null @@ -1,25 +0,0 @@ -{ - services.restic.backups = { - skynet = { - repository = "/mnt/skynet-bkg/m3-nix"; - passwordFile = "/etc/nixos/restic-pass"; - initialize = true; - paths = ["/home/m3tam3re"]; - exclude = [ - "/home/m3tam3re/.cache" - "/home/m3tam3re/Bilder/" - "/home/m3tam3re/Videos/" - "/home/m3tam3re/Downloads" - "/home/m3tam3re/Library" - "/home/m3tam3re/Projekte" - "/home/m3tam3re/Sync" - "/home/m3tam3re/.local/share/Trash" - ]; - timerConfig = { - OnCalendar = "09:30"; - RandomizedDelaySec = "2h"; - Persistent = true; - }; - }; - }; -} diff --git a/hosts/m3-nix/services/sound.nix b/hosts/m3-nix/services/sound.nix deleted file mode 100644 index 207fe01..0000000 --- a/hosts/m3-nix/services/sound.nix +++ /dev/null @@ -1,14 +0,0 @@ -{ pkgs, ... }: { - sound.enable = true; - sound.mediaKeys.enable = true; - security.rtkit.enable = true; - services.pipewire = { - enable = true; - alsa.enable = true; - alsa.support32Bit = true; - pulse.enable = true; - jack.enable = false; - wireplumber.enable = true; - wireplumber.package = pkgs.stable.wireplumber; - }; -} diff --git a/hosts/m3-nix/services/tailscale.nix b/hosts/m3-nix/services/tailscale.nix deleted file mode 100644 index 7910806..0000000 --- a/hosts/m3-nix/services/tailscale.nix +++ /dev/null @@ -1,40 +0,0 @@ -{ - config, - pkgs, - ... -}: { - services.tailscale = { - enable = true; - useRoutingFeatures = "client"; - }; - - systemd.services.tailscale-autoconnect = { - description = "Automatic connection to Tailscale"; - - # make sure tailscale is running before trying to connect to tailscale - after = ["network-pre.target" "tailscale.service"]; - wants = ["network-pre.target" "tailscale.service"]; - wantedBy = ["multi-user.target"]; - - # set this service as a oneshot job - serviceConfig = { - Type = "oneshot"; - EnvironmentFile = "${config.age.secrets.tailscale-key.path}"; - }; - - # have the job run this shell script - script = with pkgs; '' - # wait for tailscaled to settle - sleep 2 - - # check if we are already authenticated to tailscale - status="$(${tailscale}/bin/tailscale status -json | ${jq}/bin/jq -r .BackendState)" - if [ $status = "Running" ]; then # if so, then do nothing - exit 0 - fi - - # otherwise authenticate with tailscale - ${tailscale}/bin/tailscale up --exit-node 100.88.96.77 --authkey $TAILSCALE_KEY - ''; - }; -} diff --git a/hosts/m3-nix/services/udev.nix b/hosts/m3-nix/services/udev.nix deleted file mode 100644 index 13a692d..0000000 --- a/hosts/m3-nix/services/udev.nix +++ /dev/null @@ -1,5 +0,0 @@ -{pkgs, ...}: { - services.udev.extraRules = '' - SUBSYSTEM=="usb", MODE="0666 - ''; -} diff --git a/hosts/m3-nix/services/virtualization.nix b/hosts/m3-nix/services/virtualization.nix deleted file mode 100644 index 7e7661b..0000000 --- a/hosts/m3-nix/services/virtualization.nix +++ /dev/null @@ -1,19 +0,0 @@ -{pkgs, ...}: { - virtualisation = { - libvirtd = { - enable = true; - qemu = { - swtpm.enable = true; - ovmf = { - enable = true; - packages = [pkgs.OVMFFull]; - }; - }; - }; - containers.cdi.dynamic.nvidia.enable = true; - podman = { - enable = true; - defaultNetwork.settings.dns_enabled = true; - }; - }; -} diff --git a/hosts/m3-nix/services/wireguard.nix b/hosts/m3-nix/services/wireguard.nix deleted file mode 100644 index f3a0603..0000000 --- a/hosts/m3-nix/services/wireguard.nix +++ /dev/null @@ -1,8 +0,0 @@ -{config, ...}: { - networking.wg-quick.interfaces = { - wg0 = { - configFile = config.age.secrets.wg-key.path; - autostart = false; - }; - }; -} diff --git a/hosts/m3-nix/services/xserver.nix b/hosts/m3-nix/services/xserver.nix deleted file mode 100644 index 17bff04..0000000 --- a/hosts/m3-nix/services/xserver.nix +++ /dev/null @@ -1,19 +0,0 @@ -{pkgs, ...}: { - services.xserver.videoDrivers = ["nvidia"]; - # services.xserver = { - # enable = true; - # videoDrivers = [ "nvidia" ]; - # displayManager = { - # defaultSession = "hyprland"; - # sddm = { enable = true; }; - # }; - # libinput.enable = true; # touchpad support - # layout = "de"; - # xkbOptions = "ctrl:nocaps"; - # }; - # services.xserver.screenSection = '' - # Option "metamodes" "nvidia-auto-select +0+0 {ForceFullCompositionPipeline=On}" - # Option "AllowIndirectGLXProtocol" "off" - # Option "TripleBuffer" "on" - # ''; -} diff --git a/hosts/m3-nix/vfio.nix b/hosts/m3-nix/vfio.nix deleted file mode 100644 index 34b14c9..0000000 --- a/hosts/m3-nix/vfio.nix +++ /dev/null @@ -1,40 +0,0 @@ -let - gpuIDs = [ - "10de:249d" # Graphics - "10de:228b" # Audio - ]; -in - { - pkgs, - lib, - config, - ... - }: { - options.vfio.enable = with lib; - mkEnableOption "Configure the machine for VFIO"; - - config = let - cfg = config.vfio; - in { - boot = { - initrd.kernelModules = [ - "vfio_pci" - "vfio" - "vfio_iommu_type1" - "vfio_virqfd" - ]; - - kernelParams = - [ - # enable IOMMU - "intel_iommu=on" - ] - ++ lib.optional cfg.enable - # isolate the GPU - ("vfio-pci.ids=" + lib.concatStringsSep "," gpuIDs); - }; - - hardware.opengl.enable = true; - virtualisation.spiceUSBRedirection.enable = true; - }; - } diff --git a/hosts/m3-r1/default.nix b/hosts/m3-r1/default.nix deleted file mode 100644 index b1d5a98..0000000 --- a/hosts/m3-r1/default.nix +++ /dev/null @@ -1,104 +0,0 @@ -{ inputs, outputs, lib, config, pkgs, ... }: { - imports = [ - ./hardware-configuration.nix - ../common/users/m3tam3re - ../common/base - ./services - ]; - - boot.loader.systemd-boot.enable = true; - boot.loader.efi.canTouchEfiVariables = true; - - services.openssh.enable = true; - services.openssh.settings.PasswordAuthentication = false; - networking = { - hostName = "m3-r1"; - firewall.enable = true; - firewall.allowedTCPPortRanges = [{ - from = 3000; - to = 3100; - }]; - firewall.allowedTCPPorts = [ 53 80 443 5432 3306 3478 ]; - firewall.allowedUDPPorts = [ 53 51820 41641 ]; - firewall.allowedUDPPortRanges = [{ - from = 3478; - to = 3481; - }]; - }; - programs.fish.enable = true; - age = { - secrets = { - mj-smtp-user.file = ../../secrets/mj-smtp-user.age; - mj-smtp-pass.file = ../../secrets/mj-smtp-pass.age; - openai.file = ../../secrets/openai.age; - tailscale-key.file = ../../secrets/tailscale-key.age; - - vaultwarden-env = { - file = ../../secrets/vaultwarden-env.age; - mode = "770"; - }; - n8n-env = { - file = ../../secrets/n8n-m3r1.age; - mode = "770"; - }; - - traefik-env = { - file = ../../secrets/traefik-env.age; - mode = "770"; - owner = "traefik"; - }; - - searx-environmentFile = { - file = ../../secrets/searx-environmentFile.age; - mode = "770"; - owner = "searx"; - }; - - littlelink-m3tam3re-env = { - file = ../../secrets/littlelink-m3tam3re-env.age; - mode = "770"; - }; - }; - identityPaths = [ "/root/.ssh/lkk-nix-1" ]; - }; - - nix = { - extraOptions = '' - experimental-features = nix-command - keep-outputs = true - keep-derivations = true - ''; - - settings = { - experimental-features = "nix-command flakes"; - trusted-users = [ "root" "m3tam3re" ]; - }; - gc = { - automatic = true; - options = "--delete-older-than 30d"; - }; - optimise.automatic = true; - registry = (lib.mapAttrs (_: flake: { inherit flake; })) - ((lib.filterAttrs (_: lib.isType "flake")) inputs); - nixPath = [ "/etc/nix/path" ]; - }; - - environment.etc = lib.mapAttrs' (name: value: { - name = "nix/path/${name}"; - value.source = value.flake; - }) config.nix.registry; - - systemd.extraConfig = '' - DefaultTimeoutStopSec=10s - ''; - nixpkgs = { - overlays = [ - outputs.overlays.additions - outputs.overlays.modifications - outputs.overlays.stable-packages - ]; - config = { allowUnfree = true; }; - }; - - system.stateVersion = "23.05"; # Did you read the comment? -} diff --git a/hosts/m3-r1/hardware-configuration.nix b/hosts/m3-r1/hardware-configuration.nix deleted file mode 100644 index 2d69ed8..0000000 --- a/hosts/m3-r1/hardware-configuration.nix +++ /dev/null @@ -1,53 +0,0 @@ -# Do not modify this file! It was generated by ‘nixos-generate-config’ -# and may be overwritten by future invocations. Please make changes -# to /etc/nixos/configuration.nix instead. -{ - config, - lib, - pkgs, - modulesPath, - ... -}: { - imports = [ - (modulesPath + "/profiles/qemu-guest.nix") - ]; - - boot.initrd.availableKernelModules = ["ata_piix" "uhci_hcd" "virtio_pci" "sr_mod" "virtio_blk"]; - boot.initrd.kernelModules = []; - boot.kernelModules = []; - boot.extraModulePackages = []; - - fileSystems."/" = { - device = "/dev/disk/by-uuid/5e3a0875-005c-49c4-9dbf-86e471e7e881"; - fsType = "btrfs"; - options = ["subvol=root" "compress=zstd"]; - }; - - fileSystems."/home" = { - device = "/dev/disk/by-uuid/5e3a0875-005c-49c4-9dbf-86e471e7e881"; - fsType = "btrfs"; - options = ["subvol=home" "compress=zstd"]; - }; - - fileSystems."/nix" = { - device = "/dev/disk/by-uuid/5e3a0875-005c-49c4-9dbf-86e471e7e881"; - fsType = "btrfs"; - options = ["subvol=nix" "compress=zstd"]; - }; - - fileSystems."/boot" = { - device = "/dev/disk/by-uuid/A79C-4B9F"; - fsType = "vfat"; - }; - - swapDevices = []; - - # Enables DHCP on each ethernet and wireless interface. In case of scripted networking - # (the default) this is the recommended approach. When using systemd-networkd it's - # still possible to use this option, but it's recommended to use it in conjunction - # with explicit per-interface declarations with `networking.interfaces..useDHCP`. - networking.useDHCP = lib.mkDefault true; - # networking.interfaces.ens3.useDHCP = lib.mkDefault true; - - nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; -} diff --git a/hosts/m3-r1/services/container.nix b/hosts/m3-r1/services/container.nix deleted file mode 100644 index 3790e64..0000000 --- a/hosts/m3-r1/services/container.nix +++ /dev/null @@ -1,13 +0,0 @@ -{ - config, - pkgs, - ... -}: { - imports = [./containers]; - - virtualisation.podman = { - enable = true; - defaultNetwork.settings = {dns_enabled = true;}; - }; - virtualisation.oci-containers.backend = "podman"; -} diff --git a/hosts/m3-r1/services/containers/baserow.nix b/hosts/m3-r1/services/containers/baserow.nix deleted file mode 100644 index 1659668..0000000 --- a/hosts/m3-r1/services/containers/baserow.nix +++ /dev/null @@ -1,25 +0,0 @@ -{ config, outputs, ... }: { - virtualisation.oci-containers.containers."baserow" = { - image = "docker.io/baserow/baserow:1.24.2"; - environment = { - BASEROW_PUBLIC_URL = "https://br.m3tam3re.com"; - - POSTGRES_USER = "baserow"; - POSTGRES_PASSWORD = "baserow"; - POSTGRES_DB = "baserow"; - DATABASE_HOST = "postgres"; - DATABASE_NAME = "baserow"; - DATABASE_USER = "baserow"; - DATABASE_PASSWORD = "baserow"; - - EMAIL_SMTP = "in-v3.mailjet.com"; - EMAIL_SMTP_HOST = "in-v3.mailjet.com"; - EMAIL_SMTP_PORT = "587"; - EMAIL_SMTP_USER = config.age.secrets.mj-smtp-user.path; - EMAIL_SMTP_PASSWORD = config.age.secrets.mj-smtp-pass.path; - }; - ports = [ "3001:80" ]; - volumes = [ "baserow_data:/baserow/data" ]; - extraOptions = [ "--add-host=postgres:10.88.0.1" "--ip=10.88.0.11" ]; - }; -} diff --git a/hosts/m3-r1/services/containers/briefkasten.nix b/hosts/m3-r1/services/containers/briefkasten.nix deleted file mode 100644 index 2671ab9..0000000 --- a/hosts/m3-r1/services/containers/briefkasten.nix +++ /dev/null @@ -1,12 +0,0 @@ -{ - config, - outputs, - ... -}: { - virtualisation.oci-containers.containers."briefkasten" = { - image = "docker.io/ndom91/briefkasten"; - environmentFiles = [config.age.secrets.briefkasten-env.path]; - ports = ["3009:3000"]; - extraOptions = ["--add-host=postgres:10.88.0.1" "--ip=10.88.0.19"]; - }; -} diff --git a/hosts/m3-r1/services/containers/default.nix b/hosts/m3-r1/services/containers/default.nix deleted file mode 100644 index 76edb8c..0000000 --- a/hosts/m3-r1/services/containers/default.nix +++ /dev/null @@ -1,12 +0,0 @@ -{ - imports = [ - ./baserow.nix - # ./briefkasten.nix - ./little-link.nix - ./matomo.nix - ./mautic.nix - # ./nextcloud.nix - ./nginx.nix - # ./wordpress.nix - ]; -} diff --git a/hosts/m3-r1/services/containers/little-link.nix b/hosts/m3-r1/services/containers/little-link.nix deleted file mode 100644 index 126c3b6..0000000 --- a/hosts/m3-r1/services/containers/little-link.nix +++ /dev/null @@ -1,12 +0,0 @@ -{ - config, - outputs, - ... -}: { - virtualisation.oci-containers.containers."littlelink_m3tam3re" = { - image = "ghcr.io/techno-tim/littlelink-server"; - environmentFiles = [config.age.secrets.littlelink-m3tam3re-env.path]; - ports = ["3011:3000"]; - extraOptions = ["--ip=10.88.0.21"]; - }; -} diff --git a/hosts/m3-r1/services/containers/matomo.nix b/hosts/m3-r1/services/containers/matomo.nix deleted file mode 100644 index 326ee12..0000000 --- a/hosts/m3-r1/services/containers/matomo.nix +++ /dev/null @@ -1,19 +0,0 @@ -{ - config, - outputs, - ... -}: { - virtualisation.oci-containers.containers."matomo" = { - image = "docker.io/matomo"; - environment = { - MATOMO_DATABASE_HOST = "mysql"; - MATOMO_DATABASE_USERNAME = "matomo"; - MATOMO_DATABASE_PASSWORD = "matomo"; - MATOMO_DATABASE_DBNAME = "matomo"; - PHP_MEMORY_LIMIT = "2048M"; - }; - ports = ["3003:80"]; - volumes = ["matomo_data:/var/www/html"]; - extraOptions = ["--add-host=mysql:10.88.0.1" "--ip=10.88.0.13"]; - }; -} diff --git a/hosts/m3-r1/services/containers/mautic.nix b/hosts/m3-r1/services/containers/mautic.nix deleted file mode 100644 index 73b9639..0000000 --- a/hosts/m3-r1/services/containers/mautic.nix +++ /dev/null @@ -1,20 +0,0 @@ -{ - config, - outputs, - ... -}: { - virtualisation.oci-containers.containers."mautic" = { - image = "docker.io/mautic/mautic:v4-apache"; - environment = { - MAUTIC_DB_HOST = "mysql"; - MAUTIC_DB_USER = "mautic"; - MAUTIC_DB_PASSWORD = "mautic"; - MAUTIC_DB_DBNAME = "mautic"; - PHP_MEMORY_LIMIT = "2048M"; - MAUTIC_RUN_CRON_JOBS = "true"; - }; - ports = ["127.0.0.1:3008:80"]; - volumes = ["mautic_data:/var/www/html"]; - extraOptions = ["--add-host=mysql:10.88.0.1" "--ip=10.88.0.23"]; - }; -} diff --git a/hosts/m3-r1/services/containers/nextcloud.nix b/hosts/m3-r1/services/containers/nextcloud.nix deleted file mode 100644 index e61191c..0000000 --- a/hosts/m3-r1/services/containers/nextcloud.nix +++ /dev/null @@ -1,18 +0,0 @@ -{ - config, - outputs, - ... -}: { - virtualisation.oci-containers.containers."nextcloud" = { - image = "docker.io/nextcloud"; - environment = { - TRUSTED_PROXIES = "10.88.0.1/16"; - OVERWRITEPROTOCOL = "https"; - OVERWRITECLIURL = "https://cloud.lanakk.com"; - OVERWRITEHOST = "cloud.lanakk.com"; - }; - ports = ["3005:80"]; - volumes = ["nextcloud_data:/var/www/html"]; - extraOptions = ["--add-host=mysql:10.88.0.1" "--ip=10.88.0.15"]; - }; -} diff --git a/hosts/m3-r1/services/containers/nginx.nix b/hosts/m3-r1/services/containers/nginx.nix deleted file mode 100644 index c2da3d3..0000000 --- a/hosts/m3-r1/services/containers/nginx.nix +++ /dev/null @@ -1,8 +0,0 @@ -{ config, outputs, ... }: { - virtualisation.oci-containers.containers."http-images" = { - image = "docker.io/nginx:alpine"; - ports = [ "3012:80" ]; - volumes = [ "/var/www/m3tam3re.com/www:/usr/share/nginx/html" ]; - extraOptions = [ "--ip=10.88.0.22" ]; - }; -} diff --git a/hosts/m3-r1/services/containers/wireguard.nix b/hosts/m3-r1/services/containers/wireguard.nix deleted file mode 100644 index 29d5b8b..0000000 --- a/hosts/m3-r1/services/containers/wireguard.nix +++ /dev/null @@ -1,22 +0,0 @@ -{ - config, - outputs, - ... -}: { - virtualisation.oci-containers.containers."wireguard" = { - image = "docker.io/weejewel/wg-easy"; - environment = { - WG_HOST = "wg.lanakk.com"; - WG_DEFAULT_DNS = "10.88.0.1:5353"; - }; - ports = ["3007:51821/tcp" "51820:51820/udp"]; - volumes = ["wireguard_data:/etc/wireguard"]; - extraOptions = [ - "--cap-add=NET_ADMIN" - "--cap-add=SYS_MODULE" - "--sysctl=net.ipv4.conf.all.src_valid_mark=1" - "--sysctl=net.ipv4.ip_forward=1" - "--ip=10.88.0.17" - ]; - }; -} diff --git a/hosts/m3-r1/services/containers/wordpress.nix b/hosts/m3-r1/services/containers/wordpress.nix deleted file mode 100644 index 45bcdd1..0000000 --- a/hosts/m3-r1/services/containers/wordpress.nix +++ /dev/null @@ -1,18 +0,0 @@ -{ - config, - outputs, - ... -}: { - virtualisation.oci-containers.containers."lanakk_blog" = { - image = "docker.io/wordpress"; - environment = { - WORDPRESS_DB_HOST = "mysql"; - WORDPRESS_DB_USER = "wp"; - WORDPRESS_DB_PASSWORD = "wp"; - WORDPRESS_DB_NAME = "lanakk_blog"; - }; - ports = ["3002:80"]; - volumes = ["lanakk_blog_data:/var/www/html"]; - extraOptions = ["--add-host=mysql:10.88.0.1" "--ip=10.88.0.12"]; - }; -} diff --git a/hosts/m3-r1/services/default.nix b/hosts/m3-r1/services/default.nix deleted file mode 100644 index bad37e3..0000000 --- a/hosts/m3-r1/services/default.nix +++ /dev/null @@ -1,14 +0,0 @@ -{ - imports = [ - ./container.nix - ./gitea.nix - ./mariadb.nix - # ./n8n.nix - ./postgres.nix - ./searx.nix - ./syncthing.nix - # ./tailscale.nix - ./traefik.nix - # ./vaultwarden.nix - ]; -} diff --git a/hosts/m3-r1/services/gitea.nix b/hosts/m3-r1/services/gitea.nix deleted file mode 100644 index 47fdd45..0000000 --- a/hosts/m3-r1/services/gitea.nix +++ /dev/null @@ -1,16 +0,0 @@ -{ - config, - pkgs, - ... -}: { - services.gitea = { - enable = true; - settings.server.ROOT_URL = "https://code.m3tam3re.com"; - lfs.enable = true; - dump = { - enable = true; - interval = "03:30:00"; - backupDir = "/var/backup/gitea"; - }; - }; -} diff --git a/hosts/m3-r1/services/mariadb.nix b/hosts/m3-r1/services/mariadb.nix deleted file mode 100644 index 2930f5e..0000000 --- a/hosts/m3-r1/services/mariadb.nix +++ /dev/null @@ -1,15 +0,0 @@ -{ - pkgs, - config, - ... -}: { - services.mysql = { - enable = true; - package = pkgs.mariadb; - }; - services.mysqlBackup = { - enable = true; - calendar = "03:00:00"; - databases = ["matomo"]; - }; -} diff --git a/hosts/m3-r1/services/n8n.nix b/hosts/m3-r1/services/n8n.nix deleted file mode 100644 index 46e76c3..0000000 --- a/hosts/m3-r1/services/n8n.nix +++ /dev/null @@ -1,18 +0,0 @@ -{ - config, - pkgs, - ... -}: { - services.n8n = { - enable = true; - openFirewall = true; - settings = { - host = "wf.lanakk.com"; - protocol = "https"; - editorBaseUrl = "https://wf.lanakk.com"; - }; - }; - systemd.services.n8n.serviceConfig = { - EnvironmentFile = "${config.age.secrets.n8n-env.path}"; - }; -} diff --git a/hosts/m3-r1/services/postgres.nix b/hosts/m3-r1/services/postgres.nix deleted file mode 100644 index 1a5c584..0000000 --- a/hosts/m3-r1/services/postgres.nix +++ /dev/null @@ -1,28 +0,0 @@ -{ - pkgs, - config, - ... -}: { - services.postgresql = { - enable = true; - enableTCPIP = true; - package = pkgs.postgresql_15; - authentication = pkgs.lib.mkOverride 10 '' - local all all trust - host all all 127.0.0.1/32 trust - host all all ::1/128 trust - host all all 10.88.0.1/16 trust - ''; - initialScript = pkgs.writeText "backend-initScript" '' - CREATE USER baserow WITH ENCRYPTED PASSWORD 'baserow'; - CREATE DATABASE baserow; - GRANT ALL PRIVILEGES ON DATABASE baserow TO baserow; - ALTER DATABASE baserow OWNER to baserow; - ''; - }; - services.postgresqlBackup = { - enable = true; - startAt = "03:10:00"; - databases = ["baserow"]; - }; -} diff --git a/hosts/m3-r1/services/searx.nix b/hosts/m3-r1/services/searx.nix deleted file mode 100644 index 00795f0..0000000 --- a/hosts/m3-r1/services/searx.nix +++ /dev/null @@ -1,10 +0,0 @@ -{pkgs, ...}: { - services.searx = { - enable = true; - package = pkgs.searxng; - settings = { - server.port = 3004; - server.secret_key = "@SEARX_SECRET_KEY@"; - }; - }; -} diff --git a/hosts/m3-r1/services/syncthing.nix b/hosts/m3-r1/services/syncthing.nix deleted file mode 100644 index c49d16e..0000000 --- a/hosts/m3-r1/services/syncthing.nix +++ /dev/null @@ -1,26 +0,0 @@ -{ - config, - pkgs, - ... -}: { - services.syncthing = { - enable = true; - openDefaultPorts = true; - guiAddress = "0.0.0.0:8384"; - overrideDevices = true; - overrideFolders = true; - settings = { - devices = { - "LK-DATA" = { - id = "BI7CMZF-2SGQMXW-RG47HRG-FEH454J-ZTCE544-BXNSCSJ-PXCE7A7-R4CX2Q3"; - }; - }; - folders = { - "Bildvorschauen" = { - path = "/opt/service-data/http-images"; - devices = ["LK-DATA"]; - }; - }; - }; - }; -} diff --git a/hosts/m3-r1/services/tailscale.nix b/hosts/m3-r1/services/tailscale.nix deleted file mode 100644 index cbb3cee..0000000 --- a/hosts/m3-r1/services/tailscale.nix +++ /dev/null @@ -1,42 +0,0 @@ -{ - config, - pkgs, - ... -}: { - services.tailscale = { - enable = true; - useRoutingFeatures = "both"; - }; - networking.firewall = { - trustedInterfaces = ["tailscale0"]; - }; - systemd.services.tailscale-autoconnect = { - description = "Automatic connection to Tailscale"; - - # make sure tailscale is running before trying to connect to tailscale - after = ["network-pre.target" "tailscale.service"]; - wants = ["network-pre.target" "tailscale.service"]; - wantedBy = ["multi-user.target"]; - - # set this service as a oneshot job - serviceConfig = { - Type = "oneshot"; - EnvironmentFile = "${config.age.secrets.tailscale-key.path}"; - }; - - # have the job run this shell script - script = with pkgs; '' - # wait for tailscaled to settle - sleep 2 - - # check if we are already authenticated to tailscale - status="$(${tailscale}/bin/tailscale status -json | ${jq}/bin/jq -r .BackendState)" - if [ $status = "Running" ]; then # if so, then do nothing - exit 0 - fi - - # otherwise authenticate with tailscale - ${tailscale}/bin/tailscale up --advertise-exit-node --authkey $TAILSCALE_KEY - ''; - }; -} diff --git a/hosts/m3-r1/services/traefik.nix b/hosts/m3-r1/services/traefik.nix deleted file mode 100644 index a10085c..0000000 --- a/hosts/m3-r1/services/traefik.nix +++ /dev/null @@ -1,171 +0,0 @@ -{ config, ... }: { - services.traefik = { - enable = true; - staticConfigOptions = { - log = { level = "WARN"; }; - certificatesResolvers = { - lets-encrypt = { - acme = { - email = "acc@m3tam3re.com"; - storage = "/var/lib/traefik/acme.json"; - tlsChallenge = { }; - }; - }; - }; - api = { }; - entryPoints = { - web = { - address = ":80"; - http.redirections.entryPoint = { - to = "websecure"; - scheme = "https"; - }; - }; - websecure = { address = ":443"; }; - }; - }; - dynamicConfigOptions = { - http = { - middlewares = { - auth = { - basicAuth = { - users = [ "m3tam3re:$apr1$1xqdta2b$DIVNvvp5iTUGNccJjguKh." ]; - }; - }; - nextcloud_redirectregex = { - redirectRegex = { - permanent = true; - regex = "https://(.*)/.well-known/(?:card|cal)dav"; - replacement = "https://\${1}/remote.php/dav"; - }; - }; - nextcloud_headers = { - headers = { - referrerPolicy = "no-referrer"; - stsSeconds = "31536000"; - forceSTSHeader = true; - stsPreload = true; - stsIncludeSubdomains = true; - }; - }; - }; - services = { - baserow.loadBalancer.servers = [{ url = "http://localhost:3001/"; }]; - gitea.loadBalancer.servers = [{ url = "http://localhost:3000/"; }]; - n8n.loadBalancer.servers = [{ url = "http://localhost:5678/"; }]; - littlelink-m3tam3re.loadBalancer.servers = - [{ url = "http://localhost:3011/"; }]; - matomo.loadBalancer.servers = [{ url = "http://localhost:3003/"; }]; - searx.loadBalancer.servers = [{ url = "http://localhost:3004/"; }]; - mautic.loadBalancer.servers = [{ url = "http://localhost:3008/"; }]; - m3tam3re.loadBalancer.servers = [{ url = "http://localhost:3012/"; }]; - syncthing.loadBalancer.servers = - [{ url = "http://localhost:8384/"; }]; - vaultwarden.loadBalancer.servers = - [{ url = "http://localhost:3014/"; }]; - }; - routers = { - api = { - rule = "Host(`r.m3tam3re.com`)"; - tls = { certResolver = "lets-encrypt"; }; - service = "api@internal"; - middlewares = "auth"; - entrypoints = "websecure"; - }; - baserow = { - rule = "Host(`br.m3tam3re.com`)"; - tls = { certResolver = "lets-encrypt"; }; - service = "baserow"; - entrypoints = "websecure"; - }; - gitea = { - rule = "Host(`code.m3tam3re.com`)"; - tls = { - certResolver = "lets-encrypt"; - domains = "code.m3tam3re.com"; - }; - service = "gitea"; - entrypoints = "websecure"; - }; - littlelink-m3tm3re = { - rule = "Host(`links.m3tam3re.com`)"; - tls = { - certResolver = "lets-encrypt"; - domains = "links.m3tam3re.com"; - }; - service = "littlelink-m3tam3re"; - entrypoints = "websecure"; - }; - n8n = { - rule = "Host(`io.m3tam3re.com`)"; - tls = { - certResolver = "lets-encrypt"; - domains = "io.m3tam3re.com"; - }; - service = "n8n"; - entrypoints = "websecure"; - }; - m3tam3re = { - rule = "Host(`www.m3tam3re.com`)"; - tls = { - certResolver = "lets-encrypt"; - domains = "www.m3tam3re.com"; - }; - service = "m3tam3re"; - entrypoints = "websecure"; - }; - matomo-m3tam3re = { - rule = "Host(`stats.m3tam3re.com`)"; - tls = { - certResolver = "lets-encrypt"; - domains = "stats.m3tam3re.com"; - }; - service = "matomo"; - entrypoints = "websecure"; - }; - searx = { - rule = "Host(`search.m3tam3re.com`)"; - tls = { - certResolver = "lets-encrypt"; - domains = "search.m3tam3re.com"; - }; - service = "searx"; - entrypoints = "websecure"; - }; - mautic = { - rule = "Host(`ma.m3tam3re.com`)"; - tls = { - certResolver = "lets-encrypt"; - domains = "ma.m3tam3re.com"; - }; - service = "mautic"; - entrypoints = "websecure"; - }; - syncthing = { - rule = "Host(`sync.m3tam3re.com`)"; - tls = { - certResolver = "lets-encrypt"; - domains = "sync.m3tam3re.com"; - }; - service = "syncthing"; - entrypoints = "websecure"; - }; - vaultwarden = { - rule = "Host(`vw.m3tam3re.com`)"; - tls = { - certResolver = "lets-encrypt"; - domains = "vw.m3tam3re.com"; - }; - service = "vaultwarden"; - middlewares = "auth"; - entrypoints = "websecure"; - }; - }; - }; - }; - }; - - systemd.services.traefik.serviceConfig = { - EnvironmentFile = [ "${config.age.secrets.traefik-env.path}" ]; - }; -} diff --git a/hosts/m3-r1/services/vaultwarden.nix b/hosts/m3-r1/services/vaultwarden.nix deleted file mode 100644 index 8f0ef03..0000000 --- a/hosts/m3-r1/services/vaultwarden.nix +++ /dev/null @@ -1,11 +0,0 @@ -{ - config, - pkgs, - ... -}: { - services.vaultwarden = { - enable = true; - backupDir = "/var/backup/vaultwarden"; - environmentFile = "${config.age.secrets.vaultwarden-env.path}"; - }; -} diff --git a/modules/nixos/default.nix b/modules/nixos/default.nix deleted file mode 100644 index ab08ee4..0000000 --- a/modules/nixos/default.nix +++ /dev/null @@ -1 +0,0 @@ -{ordercollect = import ./ordercollect.nix;} diff --git a/modules/nixos/ordercollect.nix b/modules/nixos/ordercollect.nix deleted file mode 100644 index cc7c72a..0000000 --- a/modules/nixos/ordercollect.nix +++ /dev/null @@ -1,32 +0,0 @@ -{ - config, - lib, - ... -}: -with lib; let - cfg = config.services.ordercollect; -in { - options.services.ordercollect = { - enable = mkEnableOption "Enable Ordercollect"; - port = mkOption { - type = types.str; - description = "The http port to run on"; - default = ""; - }; - package = mkOption { - type = types.package; - default = pkgs.ordercollect; - description = '' - The package for ordercollect - ''; - }; - }; - config = mkIf cfg.enable { - environment.systemPackages = [cfg.package]; - - systemd.services.ordercollect = { - ExecStart = "${cfg.package}/bin/ordercollect --port ${cfg.port}"; - Restart = "on-failure"; - }; - }; -} diff --git a/pkgs/default.nix b/pkgs/default.nix index 08af3e7..b77cc96 100644 --- a/pkgs/default.nix +++ b/pkgs/default.nix @@ -1,5 +1,4 @@ -{pkgs, ...}: { - wofi-pass = pkgs.callPackage ./wofi-pass {}; - ordercollect = pkgs.callPackage ./ordercollect {}; - zellij-ps = pkgs.callPackage ./zellij-ps {}; +{ pkgs, ... }: +{ + # ordercollect = pkgs.callPackage ./ordercollect {}; } diff --git a/pkgs/ordercollect/default.nix b/pkgs/ordercollect/default.nix deleted file mode 100644 index 4517eb9..0000000 --- a/pkgs/ordercollect/default.nix +++ /dev/null @@ -1,26 +0,0 @@ -{ - buildGoModule, - fetchFromGitea, - lib, -}: -buildGoModule rec { - pname = "ordercollect"; - version = "0.1.0"; - - src = fetchFromGitea { - domain = "code.lanakk.com"; - owner = "LANAKK"; - repo = "ordercollect"; - rev = "9ecbfa46f6758214aa2fcee7ad96aa7730301a06"; - hash = "sha256-n4njl7LwG6GuoTj7x3rWOjErZ/a1Fog0qAymYxvsR2w="; - }; - - vendorHash = "sha256-G6k331XRuVN/cM4sNcdUV9/BzdISQI7Ljc4tesJnmH0="; - - meta = with lib; { - description = "A simple Api for creating orders, written in Go"; - homepage = "https://code.lanakk.com/LANAKK/ordercollect"; - license = licenses.mit; - maintainers = with maintainers; [m3tam3re]; - }; -} diff --git a/pkgs/wofi-pass/default.nix b/pkgs/wofi-pass/default.nix deleted file mode 100644 index ab77c5b..0000000 --- a/pkgs/wofi-pass/default.nix +++ /dev/null @@ -1,29 +0,0 @@ -{ - stdenv, - lib, - fetchFromGitHub, - bash, - pkgs, - makeWrapper, -}: -with lib; -with pkgs; - stdenv.mkDerivation { - pname = "wofi-pass"; - version = "0.1"; - src = fetchFromGitHub { - owner = "TinfoilSubmarine"; - repo = "wofi-pass"; - rev = "869c545"; - sha256 = "gcfW8E/3/dqv0P3S4z9fDv8k4R7czcIKwpo/OHFFWj0="; - }; - buildInputs = [bash coreutils wl-clipboard wofi wtype]; - - nativeBuildInputs = [makeWrapper]; - installPhase = '' - mkdir -p $out/bin - cp wofi-pass $out/bin/wofi-pass - wrapProgram $out/bin/wofi-pass \ - --prefix PATH : ${makeBinPath [bash coreutils wl-clipboard wofi wtype]} - ''; - } diff --git a/pkgs/zellij-ps/default.nix b/pkgs/zellij-ps/default.nix deleted file mode 100644 index 2918fe6..0000000 --- a/pkgs/zellij-ps/default.nix +++ /dev/null @@ -1,33 +0,0 @@ -{ lib, stdenv, fetchFromGitea, fish, fd, fzf, pkgs, zellij, }: -with lib; -with pkgs; -stdenv.mkDerivation rec { - pname = "zellij-ps"; - version = "0.1.0"; - - src = fetchFromGitea { - domain = "code.m3tam3re.com"; - owner = "m3tam3re"; - repo = "helper-scripts"; - rev = "25cd4f662c2a7d1a5091ad30810c458627fdba5a"; - sha256 = "0lw1qmn18i1s21ljmsdy2x034x19gad8krml9iggksn3c31haz9m"; - }; - - buildInputs = [ fish fd fzf zellij ]; - - nativeBuildInputs = [ makeWrapper ]; - installPhase = '' - mkdir -p $out/bin - cp zellij-ps.fish $out/bin/zellij-ps - wrapProgram $out/bin/zellij-ps \ - --prefix PATH : ${lib.makeBinPath [ fish fd fzf zellij ]} - ''; - - meta = with lib; { - description = "A small project script for zellij"; - homepage = "https://code.m3tam3re.com/m3tam3re/helper-scripts"; - license = licenses.mit; - maintainers = with maintainers; [ m3tam3re ]; - platforms = platforms.unix; - }; -} diff --git a/secrets.nix b/secrets.nix index d7c9327..5df7ed3 100644 --- a/secrets.nix +++ b/secrets.nix @@ -6,23 +6,17 @@ in { "secrets/mj-smtp-pass.age".publicKeys = [ system ]; "secrets/n8n-env.age".publicKeys = [ system ]; - "secrets/n8n-m3r1.age".publicKeys = [ system ]; "secrets/godaddy-api-key.age".publicKeys = [ system ]; "secrets/godaddy-api-secret.age".publicKeys = [ system ]; - "secrets/searx-environmentFile.age".publicKeys = [ system ]; - "secrets/tailscale-key.age".publicKeys = [ system ]; - "secrets/wg-key.age".publicKeys = [ system ]; "secrets/briefkasten-env.age".publicKeys = [ system ]; "secrets/littlelink-lanakk-env.age".publicKeys = [ system ]; "secrets/littlelink-m3tam3re-env.age".publicKeys = [ system ]; - "secrets/m3tam3re-secrets.age".publicKeys = [ system ]; - "secrets/traefik-env.age".publicKeys = [ system ]; "secrets/metabase-env.age".publicKeys = [ system ]; @@ -32,8 +26,5 @@ in { "secrets/pgadmin.age".publicKeys = [ system ]; - "secrets/minio-system-cred.age".publicKeys = [ system ]; - "secrets/openai.age".publicKeys = [ system ]; - "secrets/vaultwarden-env.age".publicKeys = [ system ]; } diff --git a/secrets/briefkasten-env.age b/secrets/briefkasten-env.age deleted file mode 100644 index d434672..0000000 Binary files a/secrets/briefkasten-env.age and /dev/null differ diff --git a/secrets/littlelink-m3tam3re-env.age b/secrets/littlelink-m3tam3re-env.age deleted file mode 100644 index 17fba3c..0000000 Binary files a/secrets/littlelink-m3tam3re-env.age and /dev/null differ diff --git a/secrets/minio-root-cred.age b/secrets/minio-root-cred.age deleted file mode 100644 index db79f28..0000000 Binary files a/secrets/minio-root-cred.age and /dev/null differ diff --git a/secrets/n8n-m3r1.age b/secrets/n8n-m3r1.age deleted file mode 100644 index 29a776b..0000000 Binary files a/secrets/n8n-m3r1.age and /dev/null differ diff --git a/secrets/openai.age b/secrets/openai.age deleted file mode 100644 index eab6f28..0000000 Binary files a/secrets/openai.age and /dev/null differ diff --git a/secrets/searx-environmentFile.age b/secrets/searx-environmentFile.age deleted file mode 100644 index 8ba1974..0000000 Binary files a/secrets/searx-environmentFile.age and /dev/null differ diff --git a/secrets/wg-key.age b/secrets/wg-key.age deleted file mode 100644 index 368419a..0000000 Binary files a/secrets/wg-key.age and /dev/null differ