lytedev/nix
1
0
Fork 1
Code Issues Pull requests 1 Actions Packages Projects Releases Wiki Activity

Merge remote-tracking branch 'origin/main'

Browse source
This commit is contained in:
Daniel Flanagan 2024-02-16 16:54:25 -06:00
parent f9c274f61a 014ed7f199
commit 2c783aaa7f
Signed by: lytedev
GPG key ID: 5B2020A0F9921EF4
21 changed files with 266 additions and 218 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

127
flake.lock
View file

@ -50,11 +50,11 @@
]
},
"locked": {
"lastModified": 1705075138,
"narHash": "sha256-0slYsXoR1Sd5FwTfFZLYxAsI015+J4lvgvo55u4Gw1A=",
"lastModified": 1708029101,
"narHash": "sha256-FPlAle/nl4sJRfd8eILe5M20aRJh/z2KY8ji2yBBwaI=",
"owner": "nix-community",
"repo": "disko",
"rev": "f78b6498f69e04514cb84393e5daba669198c1c1",
"rev": "810eccbad22cc50323b27161033399eb87658932",
"type": "github"
},
"original": {
@ -120,11 +120,11 @@
},
"hardware": {
"locked": {
"lastModified": 1706085157,
"narHash": "sha256-0pTbYwn9qubaZLtuN0Ouj0neEfrir1wSNyH8gL1BzB0=",
"lastModified": 1708091350,
"narHash": "sha256-o28BJYi68qqvHipT7V2jkWxDiMS1LF9nxUsou+eFUPQ=",
"owner": "nixos",
"repo": "nixos-hardware",
"rev": "e756ff62c2e9db4f7c197bc1849a02024a7bfb2e",
"rev": "106d3fec43bcea19cb2e061ca02531d54b542ce3",
"type": "github"
},
"original": {
@ -137,17 +137,15 @@
"inputs": {
"crane": "crane",
"flake-utils": "flake-utils_3",
"nixpkgs": [
"nixpkgs"
],
"nixpkgs": "nixpkgs",
"rust-overlay": "rust-overlay"
},
"locked": {
"lastModified": 1704986785,
"narHash": "sha256-h0/pFRsnFesY+u+0EmeOXcReN8uF6Z3ok+eByZIks8E=",
"lastModified": 1708094594,
"narHash": "sha256-vAVKC8DdyQx/XngWV95FRvE+wAtf0f9bqKm3tFipiyE=",
"owner": "helix-editor",
"repo": "helix",
"rev": "17dd102e5cccbb2a9a0f0224af63e52f3dab846b",
"rev": "76e512f9445b2a26655248b46cf13413f9a6bbba",
"type": "github"
},
"original": {
@ -164,11 +162,11 @@
]
},
"locked": {
"lastModified": 1705169127,
"narHash": "sha256-j9OEtNxOIPWZWjbECVMkI1TO17SzlpHMm0LnVWKOR/g=",
"lastModified": 1708031129,
"narHash": "sha256-EH20hJfNnc1/ODdDVat9B7aKm0B95L3YtkIRwKLvQG8=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "f2942f3385f1b35cc8a1abb03a45e29c9cb4d3c8",
"rev": "3d6791b3897b526c82920a2ab5f61d71985b3cf8",
"type": "github"
},
"original": {
@ -189,11 +187,11 @@
"xdph": "xdph"
},
"locked": {
"lastModified": 1705070596,
"narHash": "sha256-Xq3JOddIH7AnACEHGaSKg71IF8CATE1zSTzdgR4pnlo=",
"lastModified": 1708018354,
"narHash": "sha256-MlbqBzAjiz4Va2M/AvLN96Wq+jsCbEedhfMs5wW1yFM=",
"owner": "hyprwm",
"repo": "Hyprland",
"rev": "c4da4b026deefd58f532353b64e9f17130e760ca",
"rev": "fbf5ba87ce57752653f3bebf6e2be090c702836e",
"type": "github"
},
"original": {
@ -229,7 +227,11 @@
},
"hyprlang": {
"inputs": {
"nixpkgs": "nixpkgs"
"nixpkgs": [
"hyprland",
"xdph",
"nixpkgs"
]
},
"locked": {
"lastModified": 1704287638,
@ -269,27 +271,43 @@
},
"nixpkgs": {
"locked": {
"lastModified": 1702645756,
"narHash": "sha256-qKI6OR3TYJYQB3Q8mAZ+DG4o/BR9ptcv9UnRV2hzljc=",
"lastModified": 1700794826,
"narHash": "sha256-RyJTnTNKhO0yqRpDISk03I/4A67/dp96YRxc86YOPgU=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "40c3c94c241286dd2243ea34d3aef8a488f9e4d0",
"rev": "5a09cb4b393d58f9ed0d9ca1555016a8543c2ac8",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs-stable": {
"locked": {
"lastModified": 1708105575,
"narHash": "sha256-sS4AItZeUnAei6v8FqxNlm+/27MPlfoGym/TZP0rmH0=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "1d1817869c47682a6bee85b5b0a6537b6c0fba26",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-unstable",
"ref": "release-23.11",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_2": {
"locked": {
"lastModified": 1704722960,
"narHash": "sha256-mKGJ3sPsT6//s+Knglai5YflJUF2DGj7Ai6Ynopz0kI=",
"lastModified": 1707956935,
"narHash": "sha256-ZL2TrjVsiFNKOYwYQozpbvQSwvtV/3Me7Zwhmdsfyu4=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "317484b1ead87b9c1b8ac5261a8d2dd748a0492d",
"rev": "a4d4fe8c5002202493e87ec8dbc91335ff55552c",
"type": "github"
},
"original": {
@ -299,6 +317,22 @@
"type": "github"
}
},
"nixpkgs_3": {
"locked": {
"lastModified": 1708093448,
"narHash": "sha256-gohEm3/NVyu7WINFhRf83yJH8UM2ie/KY9Iw3VN6fiE=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "c7763249f02b7786b4ca36e13a4d7365cfba162f",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixpkgs-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"root": {
"inputs": {
"api-lyte-dev": "api-lyte-dev",
@ -340,11 +374,11 @@
"slippi-desktop": {
"flake": false,
"locked": {
"lastModified": 1607036060,
"narHash": "sha256-TUYsiVvKAws3N3roZYDwkLB0obyl6zwvh8CAk2RwHrY=",
"lastModified": 1707981080,
"narHash": "sha256-Qd1jLAXWvxA5SHcafgHFRs1+XYz8yXLdQ27+qZ8MYxk=",
"owner": "project-slippi",
"repo": "slippi-desktop-app",
"rev": "3ca39ba6bbd02157515b12a79aa01e5d669ad1b1",
"rev": "16ab255406f7ab86846a7786ff15e3543501397c",
"type": "github"
},
"original": {
@ -355,19 +389,15 @@
},
"sops-nix": {
"inputs": {
"nixpkgs": [
"nixpkgs"
],
"nixpkgs-stable": [
"nixpkgs"
]
"nixpkgs": "nixpkgs_3",
"nixpkgs-stable": "nixpkgs-stable"
},
"locked": {
"lastModified": 1705201153,
"narHash": "sha256-y0/a4IMDZrc7lAkR7Gcm5R3W2iCBiARHnYZe6vkmiNE=",
"lastModified": 1707842202,
"narHash": "sha256-3dTBbCzHJBinwhsisGJHW1HLBsLbj91+a5ZDXt7ttW0=",
"owner": "Mic92",
"repo": "sops-nix",
"rev": "70dd0d521f7849338e487a219c1a07c429a66d77",
"rev": "48afd3264ec52bee85231a7122612e2c5202fa74",
"type": "github"
},
"original": {
@ -384,16 +414,15 @@
"slippi-desktop": "slippi-desktop"
},
"locked": {
"lastModified": 1704561657,
"narHash": "sha256-2IOPvEgMW9TlEi74NKRbhtZzY414t77lfHxxl2ixUlM=",
"lastModified": 1708119120,
"narHash": "sha256-SuZbD4eGwS9OYeGL0V9uPVsW2SyL7MbLXBd5rngZB4c=",
"owner": "lytedev",
"repo": "ssbm-nix",
"rev": "75c62f692154172a9fc4bc4658b7597741a5b49f",
"rev": "041f495ab6446e6edd22c1a5fbd48dd704c5b9a6",
"type": "github"
},
"original": {
"owner": "lytedev",
"ref": "my-nixpkgs",
"repo": "ssbm-nix",
"type": "github"
}
@ -462,18 +491,18 @@
"flake": false,
"locked": {
"host": "gitlab.freedesktop.org",
"lastModified": 1703963193,
"narHash": "sha256-ke8drv6PTrdQDruWbajrRJffP9A9PU6FRyjJGNZRTs4=",
"lastModified": 1706359063,
"narHash": "sha256-5HUTG0p+nCJv3cn73AmFHRZdfRV5AD5N43g8xAePSKM=",
"owner": "wlroots",
"repo": "wlroots",
"rev": "f81c3d93cd6f61b20ae784297679283438def8df",
"rev": "00b869c1a96f300a8f25da95d624524895e0ddf2",
"type": "gitlab"
},
"original": {
"host": "gitlab.freedesktop.org",
"owner": "wlroots",
"repo": "wlroots",
"rev": "f81c3d93cd6f61b20ae784297679283438def8df",
"rev": "00b869c1a96f300a8f25da95d624524895e0ddf2",
"type": "gitlab"
}
},
@ -494,11 +523,11 @@
]
},
"locked": {
"lastModified": 1704400467,
"narHash": "sha256-IsEAKBCorRlN53FwFAMbyGLRsPVu/ZrWEJtCwykPds8=",
"lastModified": 1706521509,
"narHash": "sha256-AInZ50acOJ3wzUwGzNr1TmxGTMx+8j6oSTzz4E7Vbp8=",
"owner": "hyprwm",
"repo": "xdg-desktop-portal-hyprland",
"rev": "1c802128f6cc3db29a8ef01552b1a22f894eeefd",
"rev": "c06fd88b3da492b8f9067be021b9184f7012b5a8",
"type": "github"
},
"original": {

11
flake.nix
View file

@ -6,7 +6,8 @@
home-manager.inputs.nixpkgs.follows = "nixpkgs";
helix.url = "github:helix-editor/helix/master";
helix.inputs.nixpkgs.follows = "nixpkgs";
# I think if I force this to follow nixpkgs, I won't get caching benefits
# helix.inputs.nixpkgs.follows = "nixpkgs";
disko.url = "github:nix-community/disko/master";
disko.inputs.nixpkgs.follows = "nixpkgs";
@ -24,10 +25,11 @@
api-lyte-dev.url = "git+ssh://gitea@git.lyte.dev/lytedev/api.lyte.dev.git";
api-lyte-dev.inputs.nixpkgs.follows = "nixpkgs";
ssbm.url = "github:lytedev/ssbm-nix/my-nixpkgs";
ssbm.url = "github:lytedev/ssbm-nix";
# I think if I force this to follow nixpkgs, I won't get caching benefits
ssbm.inputs.nixpkgs.follows = "nixpkgs";
# TODO: doesn't support the forge mod loader yet
# TODO: doesn't (can't?) support the forge mod loader yet
# nix-minecraft.url = "github:Infinidoge/nix-minecraft";
};
@ -86,7 +88,6 @@
inherit system;
specialArgs = {
inherit inputs outputs system;
flake = self;
};
modules =
[
@ -156,6 +157,7 @@
extra-substituters = [
"https://cache.nixos.org/"
"https://helix.cachix.org"
"https://ssbm-nix.cachix.org"
"https://nix-community.cachix.org"
"https://nix.h.lyte.dev"
];
@ -163,6 +165,7 @@
extra-trusted-public-keys = [
"cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY="
"helix.cachix.org-1:ejp9KQpR1FBI2onstMQ34yogDm4OgU2ru6lIwPvuCVs="
"ssbm-nix.cachix.org-1:YN104LKAWaKQIecOphkftXgXlYZVK/IRHM1UD7WAIew="
"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
"h.lyte.dev:HeVWtne31ZG8iMf+c15VY3/Mky/4ufXlfTpT8+4Xbs0="
];

1
modules/home-manager/firefox.nix
View file

@ -16,6 +16,7 @@
id = 0;
settings = {
"general.smoothScroll" = true;
"browser.zoom.siteSpecific" = false;
};
extraConfig = ''

26
modules/home-manager/helix.nix
View file

@ -1,9 +1,11 @@
{
pkgs,
inputs,
colors,
system,
...
}: {
}: let
inherit (pkgs) system;
in {
programs.helix = {
enable = true;
package = inputs.helix.packages.${system}.helix;
@ -69,6 +71,26 @@
unit = "\t";
};
}
{
name = "javascript";
auto-format = true;
}
{
name = "typescript";
auto-format = true;
}
{
name = "jsx";
auto-format = true;
}
{
name = "tsx";
auto-format = true;
}
{
name = "jsonc";
auto-format = true;
}
# {
# name = "javascript";

14
modules/home-manager/melee.nix
View file

@ -1,13 +1,13 @@
{inputs, ...}: {
imports = [
{nixpkgs.overlays = [inputs.ssbm.overlay];}
inputs.ssbm.homeManagerModule
# inputs.ssbm.homeManagerModules.default
];
ssbm = {
slippi-launcher = {
enable = true;
launchMeleeOnPlay = false;
};
};
# ssbm = {
# slippi-launcher = {
# enable = false;
# launchMeleeOnPlay = false;
# };
# };
}

18
modules/nixos/common.nix
View file

@ -3,11 +3,12 @@
lib,
inputs,
outputs,
system,
pkgs,
modulesPath,
...
}: {
}: let
inherit (pkgs) system;
in {
networking.hostName = lib.mkDefault "nixoslyte";
imports =
@ -122,9 +123,9 @@
};
services = {
xserver = {
xserver.xkb = {
layout = "us";
xkbOptions = "ctrl:nocaps";
options = "ctrl:nocaps";
};
openssh = {
@ -261,14 +262,15 @@
};
nix = {
# This will additionally add your inputs to the system's legacy channels
# Making legacy nix commands consistent as well, awesome!
# Not sure why I would need this...
# nixPath = lib.mapAttrsToList (key: value: "${key}=${value.to.path}") config.nix.registry;
# This will add each flake input as a registry
# To make nix3 commands consistent with your flake
registry = lib.mapAttrs (_: value: {flake = value;}) inputs;
# This will additionally add your inputs to the system's legacy channels
# Making legacy nix commands consistent as well, awesome!
nixPath = lib.mapAttrsToList (key: value: "${key}=${value.to.path}") config.nix.registry;
settings = {
trusted-users = ["root" "daniel"];
experimental-features = lib.mkDefault ["nix-command" "flakes"];

5
modules/nixos/daniel.nix
View file

@ -1,10 +1,11 @@
{
pkgs,
inputs,
system,
outputs,
...
}: {
}: let
inherit (pkgs) system;
in {
home-manager = {
extraSpecialArgs = {
inherit inputs outputs system;

8
modules/nixos/desktop-usage.nix
View file

@ -1,10 +1,4 @@
{
pkgs,
inputs,
outputs,
system,
...
}: {
imports = [
./sway.nix
# ./hyprland.nix
@ -15,8 +9,6 @@
./kde-connect.nix
];
nixpkgs.overlays = [outputs.overlays.modifications];
hardware = {
opengl = {
enable = true;

11
modules/nixos/hyprland.nix
View file

@ -1,9 +1,8 @@
{
outputs,
pkgs,
...
}: {
imports = [outputs.nixosModules.ewwbar outputs.nixosModules.pipewire];
{pkgs, ...}: {
imports = [
./ewwbar.nix
./pipewire.nix
];
programs.hyprland.enable = true;
environment.systemPackages = with pkgs; [hyprpaper];
}

4
modules/nixos/melee.nix
View file

@ -1,12 +1,12 @@
{inputs, ...}: {
imports = [
{nixpkgs.overlays = [inputs.ssbm.overlay];}
inputs.ssbm.nixosModule
inputs.ssbm.nixosModules.default
];
ssbm = {
cache.enable = true;
# overlay.enabled = true;
# overlay.enable = true;
gcc = {
rules.enable = true;

10
modules/nixos/sway.nix
View file

@ -1,9 +1,7 @@
{
pkgs,
outputs,
...
}: {
imports = with outputs.nixosModules; [pipewire];
{pkgs, ...}: {
imports = [
./pipewire.nix
];
# services.xserver.libinput.enable = true;

11
modules/nixos/wifi.nix
View file

@ -1,9 +1,10 @@
{lib, ...}: {
networking.networkmanager.enable = lib.mkDefault true;
systemd.services.NetworkManager-wait-online.enable = lib.mkDefault false;
{pkgs, ...}: let
inherit (pkgs.lib) mkDefault;
in {
networking.networkmanager.enable = mkDefault true;
systemd.services.NetworkManager-wait-online.enable = mkDefault false;
# TODO: networking.networkmanager.wifi.backend = "iwd"; ?
# TODO: powersave?
# TODO: can I pre-configure my usual wifi networks with SSIDs and PSKs loaded from secrets?
}

6
nixos/base.nix
View file

@ -1,16 +1,18 @@
{
config,
outputs,
flake,
...
}: {
# a minimal, familiar setup that I can bootstrap atop
imports = with outputs.nixosModules; [
# may need to be tweaked based on the machine's paritioning scheme
flake.diskoConfigurations.standard
outputs.diskoConfigurations.standard
desktop-usage
wifi
];
networking.hostName = config.home-manager.users.daniel.home.username;
# TODO: may not work for non-UEFI?
boot.loader.systemd-boot.enable = true;
}

185
nixos/beefcake.nix
View file

@ -8,19 +8,23 @@ sudo nix run nixpkgs#ipmitool -- raw 0x30 0x30 0x01 0x00
sudo nix run nixpkgs#ipmitool -- raw 0x30 0x30 0x02 0xff 0x00
*/
{
inputs,
outputs,
config,
# inputs,
# outputs,
# config,
pkgs,
system,
...
}: {
imports = with outputs.nixosModules; [
intel
fonts # so that it gets cached to the nix store
inputs.api-lyte-dev.nixosModules.${system}.api-lyte-dev
# inputs.nix-minecraft.nixosModules.minecraft-servers
];
}: let
inherit (pkgs) system;
in {
imports =
[
../modules/nixos/intel.nix
../modules/nixos/fonts.nix
]
++ [
# inputs.api-lyte-dev.nixosModules.${system}.api-lyte-dev
# inputs.nix-minecraft.nixosModules.minecraft-servers
];
nixpkgs.overlays = [
# inputs.nix-minecraft.overlay
@ -56,16 +60,16 @@ sudo nix run nixpkgs#ipmitool -- raw 0x30 0x30 0x02 0xff 0x00
secretKeyFile = "/var/cache-priv-key.pem";
};
services.api-lyte-dev = rec {
enable = true;
port = 5757;
stateDir = "/var/lib/api-lyte-dev";
configFile = config.sops.secrets."api.lyte.dev".path;
user = "api-lyte-dev";
group = user;
};
# services.api-lyte-dev = rec {
# enable = true;
# port = 5757;
# stateDir = "/var/lib/api-lyte-dev";
# # configFile = config.sops.secrets."api.lyte.dev".path;
# user = "api-lyte-dev";
# group = user;
# };
systemd.services.api-lyte-dev.environment.LOG_LEVEL = "debug";
# systemd.services.api-lyte-dev.environment.LOG_LEVEL = "debug";
sops = {
defaultSopsFile = ../secrets/beefcake/secrets.yml;
@ -98,33 +102,33 @@ sudo nix run nixpkgs#ipmitool -- raw 0x30 0x30 0x02 0xff 0x00
# "myservice/my_subdir/my_secret" = { };
"api.lyte.dev" = {
path = "${config.services.api-lyte-dev.stateDir}/secrets.json";
# path = "${config.services.api-lyte-dev.stateDir}/secrets.json";
# TODO: would be cool to assert that it's correctly-formatted JSON? probably should be done in a pre-commit hook?
mode = "0440";
owner = config.services.api-lyte-dev.user;
group = config.services.api-lyte-dev.group;
# owner = config.services.api-lyte-dev.user;
# group = config.services.api-lyte-dev.group;
};
"jland.env" = {
path = "/var/lib/jland/jland.env";
# TODO: would be cool to assert that it's correctly-formatted JSON? probably should be done in a pre-commit hook?
mode = "0440";
owner = config.users.users.jland.name;
group = config.users.groups.jland.name;
# owner = config.users.users.jland.name;
# group = config.users.groups.jland.name;
};
plausible-admin-password = {
# TODO: path = "${config.systemd.services.plausible.serviceConfig.WorkingDirectory}/plausible-admin-password.txt";
path = "/var/lib/plausible/plausible-admin-password";
mode = "0440";
owner = config.systemd.services.plausible.serviceConfig.User;
group = config.systemd.services.plausible.serviceConfig.Group;
# owner = config.systemd.services.plausible.serviceConfig.User;
# group = config.systemd.services.plausible.serviceConfig.Group;
};
plausible-secret-key-base = {
path = "/var/lib/plausible/plausible-secret-key-base";
mode = "0440";
owner = config.systemd.services.plausible.serviceConfig.User;
group = config.systemd.services.plausible.serviceConfig.Group;
# owner = config.systemd.services.plausible.serviceConfig.User;
# group = config.systemd.services.plausible.serviceConfig.Group;
};
nextcloud-admin-password = {
path = "/var/lib/nextcloud/admin-password";
@ -186,7 +190,7 @@ sudo nix run nixpkgs#ipmitool -- raw 0x30 0x30 0x02 0xff 0x00
users.users.lytedev = {
# for running my services and applications and stuff
isNormalUser = true;
openssh.authorizedKeys.keys = config.users.users.daniel.openssh.authorizedKeys.keys;
# openssh.authorizedKeys.keys = config.users.users.daniel.openssh.authorizedKeys.keys;
group = "lytedev";
};
@ -213,7 +217,8 @@ sudo nix run nixpkgs#ipmitool -- raw 0x30 0x30 0x02 0xff 0x00
[
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJbPqzKB09U+i4Kqu136yOjflLZ/J7pYsNulTAd4x903 root@chromebox.h.lyte.dev"
]
++ config.users.users.daniel.openssh.authorizedKeys.keys;
# ++ config.users.users.daniel.openssh.authorizedKeys.keys;
;
};
users.users.guest = {
@ -280,72 +285,72 @@ sudo nix run nixpkgs#ipmitool -- raw 0x30 0x30 0x02 0xff 0x00
# TODO: there are some hardcoded ports here!
# https://github.com/NixOS/nixpkgs/blob/04af42f3b31dba0ef742d254456dc4c14eedac86/nixos/modules/services/misc/lidarr.nix#L72
# TODO: customize the files.lyte.dev template?
configFile = pkgs.writeText "Caddyfile" ''
video.lyte.dev {
reverse_proxy :8096
}
# configFile = pkgs.writeText "Caddyfile" ''
# video.lyte.dev {
# reverse_proxy :8096
# }
dev.h.lyte.dev {
reverse_proxy :8000
}
# dev.h.lyte.dev {
# reverse_proxy :8000
# }
# lidarr.h.lyte.dev {
# reverse_proxy :8686
# }
# # lidarr.h.lyte.dev {
# # reverse_proxy :8686
# # }
# radarr.h.lyte.dev {
# reverse_proxy :7878
# }
# # radarr.h.lyte.dev {
# # reverse_proxy :7878
# # }
# sonarr.h.lyte.dev {
# reverse_proxy :8989
# }
# # sonarr.h.lyte.dev {
# # reverse_proxy :8989
# # }
# bazarr.h.lyte.dev {
# reverse_proxy :${toString config.services.bazarr.listenPort}
# }
# # bazarr.h.lyte.dev {
# # reverse_proxy :$${toString config.services.bazarr.listenPort}
# # }
bw.lyte.dev {
reverse_proxy :${toString config.services.vaultwarden.config.ROCKET_PORT}
}
# bw.lyte.dev {
# reverse_proxy :${toString config.services.vaultwarden.config.ROCKET_PORT}
# }
api.lyte.dev {
reverse_proxy :${toString config.services.api-lyte-dev.port}
}
# api.lyte.dev {
# reverse_proxy :${toString config.services.api-lyte-dev.port}
# }
a.lyte.dev {
reverse_proxy :${toString config.services.plausible.server.port}
}
# a.lyte.dev {
# reverse_proxy :${toString config.services.plausible.server.port}
# }
nextcloud.lyte.dev {
reverse_proxy :${toString 9999}
}
# nextcloud.lyte.dev {
# reverse_proxy :${toString 9999}
# }
git.lyte.dev {
reverse_proxy :${toString config.services.gitea.settings.server.HTTP_PORT}
}
# git.lyte.dev {
# reverse_proxy :${toString config.services.gitea.settings.server.HTTP_PORT}
# }
files.lyte.dev {
file_server browse {
# browse template
# hide .*
root /storage/files.lyte.dev
}
}
# files.lyte.dev {
# file_server browse {
# # browse template
# # hide .*
# root /storage/files.lyte.dev
# }
# }
nix.h.lyte.dev {
reverse_proxy :${toString config.services.nix-serve.port}
}
# nix.h.lyte.dev {
# reverse_proxy :${toString config.services.nix-serve.port}
# }
# proxy everything else to chromebox
:80 {
reverse_proxy 10.0.0.5:80
}
# # proxy everything else to chromebox
# :80 {
# reverse_proxy 10.0.0.5:80
# }
:443 {
reverse_proxy 10.0.0.5:443
}
'';
# :443 {
# reverse_proxy 10.0.0.5:443
# }
# '';
};
services.vaultwarden = {
@ -425,12 +430,12 @@ sudo nix run nixpkgs#ipmitool -- raw 0x30 0x30 0x02 0xff 0x00
baseUrl = "http://beefcake.hare-cod.ts.net:8899";
disableRegistration = true;
port = 8899;
secretKeybaseFile = config.sops.secrets.plausible-secret-key-base.path;
# secretKeybaseFile = config.sops.secrets.plausible-secret-key-base.path;
};
adminUser = {
activate = false;
email = "daniel@lyte.dev";
passwordFile = config.sops.secrets.plausible-admin-password.path;
# passwordFile = config.sops.secrets.plausible-admin-password.path;
};
};
@ -691,17 +696,19 @@ sudo nix run nixpkgs#ipmitool -- raw 0x30 0x30 0x02 0xff 0x00
virtualisation.oci-containers.backend = "podman";
virtualisation.oci-containers.containers = {
minecraft-jland = {
autoStart = false;
# sending commands: https://docker-minecraft-server.readthedocs.io/en/latest/commands/
image = "docker.io/itzg/minecraft-server";
user = "${toString config.users.users.jland.uid}:${toString config.users.groups.jland.gid}";
# user = "${toString config.users.users.jland.uid}:${toString config.users.groups.jland.gid}";
extraOptions = [
"--tty"
"--interactive"
];
environment = {
EULA = "true";
UID = toString config.users.users.jland.uid;
GID = toString config.users.groups.jland.gid;
# UID = toString config.users.users.jland.uid;
# GID = toString config.users.groups.jland.gid;
STOP_SERVER_ANNOUNCE_DELAY = "20";
TZ = "America/Chicago";
VERSION = "1.20.1";
@ -728,7 +735,7 @@ sudo nix run nixpkgs#ipmitool -- raw 0x30 0x30 0x02 0xff 0x00
# https://docker-minecraft-server.readthedocs.io/en/latest/misc/autopause-autostop/autopause/
};
environmentFiles = [
config.sops.secrets."jland.env".path
# config.sops.secrets."jland.env".path
];
ports = ["26965:25565"];
volumes = [

18
nixos/dragon.nix
View file

@ -1,6 +1,5 @@
{
config,
flake,
# config,
inputs,
outputs,
lib,
@ -13,7 +12,7 @@
boot.supportedFilesystems = ["ntfs"];
imports = with outputs.nixosModules; [
flake.diskoConfigurations.standard
outputs.diskoConfigurations.standard
inputs.hardware.nixosModules.common-cpu-amd
inputs.hardware.nixosModules.common-pc-ssd
outputs.nixosModules.pipewire-low-latency
@ -37,15 +36,14 @@
pass
firefox-no-tabs
melee
# sway-laptop
hyprland
# hyprland
];
ssbm = {
slippi-launcher = {
isoPath = "${config.home-manager.users.daniel.home.homeDirectory}/../games/roms/dolphin/melee.iso";
};
};
# ssbm = {
# slippi-launcher = {
# isoPath = "${config.home-manager.users.daniel.home.homeDirectory}/../games/roms/dolphin/melee.iso";
# };
# };
wayland.windowManager.hyprland = {
settings = {

2
nixos/foxtrot.nix
View file

@ -9,7 +9,7 @@ in {
networking.hostName = "foxtrot";
imports = with outputs.nixosModules; [
flake.diskoConfigurations.standard
outputs.diskoConfigurations.standard
inputs.hardware.nixosModules.framework-13-7040-amd
desktop-usage
# gnome

3
nixos/htpc.nix
View file

@ -34,7 +34,6 @@
services.gnome.gnome-remote-desktop.enable = true;
networking.networkmanager.enable = true;
nix.settings.experimental-features = ["nix-command" "flakes"];
home-manager.users.daniel = {
imports = with outputs.homeManagerModules; [linux-desktop];
@ -85,7 +84,7 @@
powerManagement.enable = false;
boot.loader.grub.enable = true;
# boot.loader.grub.enable = true;
boot.loader.grub.device = "/dev/sda";
boot.initrd.availableKernelModules = ["xhci_pci" "ahci" "usbhid" "usb_storage" "sd_mod" "sdhci_pci"];

14
nixos/musicbox.nix
View file

@ -1,5 +1,4 @@
{
flake,
outputs,
# lib,
# config,
@ -8,14 +7,11 @@
}: {
networking.hostName = "musicbox";
imports =
[
flake.diskoConfigurations.unencrypted
]
++ (with outputs.nixosModules; [
desktop-usage
wifi
]);
imports = with outputs.nixosModules; [
outputs.diskoConfigurations.unencrypted
desktop-usage
wifi
];
boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true;

4
nixos/router.nix
View file

@ -1,5 +1,5 @@
{
flake,
outputs,
lib,
# outputs,
# config,
@ -35,7 +35,7 @@ in {
networking.useDHCP = false;
imports = [
flake.diskoConfigurations.unencrypted
outputs.diskoConfigurations.unencrypted
];
# TODO: perform a hardware scan

3
nixos/thablet.nix
View file

@ -1,5 +1,4 @@
{
flake,
inputs,
outputs,
lib,
@ -11,7 +10,7 @@
imports = with outputs.nixosModules; [
(modulesPath + "/installer/scan/not-detected.nix")
flake.diskoConfigurations.standard
outputs.diskoConfigurations.standard
inputs.hardware.nixosModules.lenovo-thinkpad-x1-yoga
desktop-usage
fonts

3
nixos/thinker.nix
View file

@ -1,5 +1,4 @@
{
flake,
inputs,
outputs,
lib,
@ -10,7 +9,7 @@
networking.hostName = "thinker";
imports = with outputs.nixosModules; [
flake.diskoConfigurations.thinker
outputs.diskoConfigurations.thinker
inputs.hardware.nixosModules.lenovo-thinkpad-t480
inputs.hardware.nixosModules.common-pc-laptop-ssd
desktop-usage