fuckwit/nix-config
1
0
Fork 0
Code Issues Pull Requests 1 Actions Activity

much stuff

Browse Source
This commit is contained in:
fuckwit 2024-03-25 21:25:44 +01:00
parent 053958a2ac
commit e711e0cbc0
7 changed files with 729 additions and 230 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

774
flake.lock generated
View File

File diff suppressed because it is too large Load Diff

108
nixos/celestia/configuration.nix
View File

@ -11,8 +11,7 @@
name = "${subdomain}.fuckwit.dev"; name = "${subdomain}.fuckwit.dev";
value = { value = {
forceSSL = true; forceSSL = true;
enableACME = true; useACMEHost = "fuckwit.dev";
acmeRoot = null;
locations."/" = { locations."/" = {
proxyPass = "http://127.0.0.1:${builtins.toString port}"; proxyPass = "http://127.0.0.1:${builtins.toString port}";
proxyWebsockets = true; proxyWebsockets = true;
@ -90,6 +89,8 @@ in {
]; ];
users.groups.nas.gid = 2000; users.groups.nas.gid = 2000;
users.users.nginx.extraGroups = [ "acme" ];
environment = { environment = {
etc = { etc = {
@ -111,6 +112,10 @@ in {
environmentFile = config.sops.secrets."acme.env".path; environmentFile = config.sops.secrets."acme.env".path;
dnsPropagationCheck = true; dnsPropagationCheck = true;
}; };
certs."fuckwit.dev" = {
extraDomainNames = ["*.fuckwit.dev"];
};
}; };
services = { services = {
@ -204,6 +209,10 @@ in {
subdomain = "paperless"; subdomain = "paperless";
port = 28981; port = 28981;
} }
{
subdomain = "homepage";
port = 8082;
}
]; ];
}; };
@ -254,6 +263,101 @@ in {
}; };
jellyfin.enable = true; jellyfin.enable = true;
homepage-dashboard = {
enable = true;
settings = {
title = "Homelab";
theme = "dark";
layout = [
{
Media = {
style = "row";
columns = 4;
};
}
];
};
widgets = [
{
resources = {
cpu = true;
memory = true;
disk = "/tank";
};
}
{
search = {
provider = "duckduckgo";
target = "_blank";
};
}
];
services = [
{
Media = [
{
Jellyfin = {
icon = "jellyfin.png";
href = "https://jellyfin.fuckwit.dev";
siteMonitor = "https://jellyfin.fuckwit.dev";
description = "Media library";
widget = {
type = "jellyfin";
url = "https://jellyfin.fuckwit.dev";
key = "d6e4766cda6c412cb4a96626c0f0b51a";
enableBlocks = true;
enableNowPlaying = false;
};
};
}
{
Radarr = {
icon = "radarr.png";
href = "https://radarr.fuckwit.dev";
siteMonitor = "https://radarr.fuckwit.dev";
description = "Media library";
widget = {
type = "radarr";
url = "https://radarr.fuckwit.dev";
key = "01d93b03f6c64a0f9786598b611e58f9";
};
};
}
{
Sonarr = {
icon = "sonarr.png";
href = "https://sonarr.fuckwit.dev";
siteMonitor = "https://sonarr.fuckwit.dev";
description = "Media library";
widget = {
type = "sonarr";
url = "https://sonarr.fuckwit.dev";
key = "c6be6b2d78104a97a2c7df560b27bb5c";
};
};
}
{
Lidarr = {
icon = "lidarr.png";
href = "https://lidarr.fuckwit.dev";
siteMonitor = "https://lidarr.fuckwit.dev";
description = "Media library";
widget = {
type = "lidarr";
url = "https://lidarr.fuckwit.dev";
key = "e95e25ccd6f04ffe8e8ad0ff488231a8";
};
};
}
];
}
];
};
}; };
hardware = { hardware = {

4
nixos/configurations.nix
View File

@ -88,10 +88,10 @@ in {
}; };
celestia = myNixosSystem { celestia = myNixosSystem {
np = nixpkgs-stable; np = nixpkgs;
system = "x86_64-linux"; system = "x86_64-linux";
ip = "192.168.1.11"; ip = "192.168.1.11";
remoteBuild = false; # remoteBuild = false;
file = ./celestia/configuration.nix; file = ./celestia/configuration.nix;
}; };

2
nixos/framework/configuration.nix
View File

@ -39,7 +39,7 @@
services = { services = {
illum.enable = true; illum.enable = true;
fwupd.enable = true; fwupd.enable = true;
fprintd.enable = true; fprintd.enable = false; # currently broken
pcscd.enable = true; pcscd.enable = true;
tlp = { tlp = {
enable = true; enable = true;

37
nixos/framework/home.nix
View File

@ -3,12 +3,12 @@
helix helix
firefox-devedition firefox-devedition
git git
eww-wayland
pinentry pinentry
acpi acpi
sops sops
moonlight-qt moonlight-qt
discord discord
vesktop
telegram-desktop telegram-desktop
obs-studio obs-studio
]; ];
@ -16,19 +16,30 @@
programs.bash.enable = true; programs.bash.enable = true;
programs.swaylock.enable = true; programs.swaylock.enable = true;
wayland.windowManager.hyprland = { wayland.windowManager.hyprland = let
locker = "${pkgs.swaylock}/bin/swaylock";
set-dpms = "${pkgs.hyprland}/bin/hyprctl dispatcher dpms";
idle-script = pkgs.writeShellScript "idle-lock.sh" ''
${pkgs.swayidle}/bin/swayidle -w \
timeout 600 ${locker} \
timeout 300 '${set-dpms} off' \
timeout 15 'if pgrep -x swaylock; then ${set-dpms} off; fi' \
resume '${set-dpms} on' \
before-sleep '${locker}'
'';
in {
enable = true; enable = true;
settings = { settings = {
"$mod" = "SUPER"; "$mod" = "SUPER";
monitor = [ monitor = [
"eDP-1,2256x1504,0x0,1.566667" "eDP-1,2256x1504,0x0,1.566667"
"DP-9,2560x1080,2256x0,1" "desc:LG Electronics LG ULTRAWIDE 0x000219F2,2560x1080,1440x0,1"
"DP-11,1680x1050,4816x0,1" "desc:Fujitsu Siemens Computers GmbH B22W-6 LED YV3U164923,1680x1050,4000x0,1"
",preferred,auto,1.5" ",preferred,auto,1"
]; ];
exec-once = ["waybar"]; exec-once = ["waybar" idle-script];
input = { input = {
kb_layout = "us,de"; kb_layout = "us,de";
@ -75,11 +86,12 @@
bind = bind =
[ [
"$mod, return, exec, ${pkgs.alacritty.outPath}/bin/alacritty" ", PRINT, exec, ${pkgs.hyprshot}/bin/hyprshot -m region --clipboard-only"
"$mod, return, exec, ${pkgs.alacritty}/bin/alacritty"
"$mod, D, exec, ${pkgs.rofi-wayland}/bin/rofi -show drun"
"$mod SHIFT, Q, killactive, " "$mod SHIFT, Q, killactive, "
"$mod, L, exec, swaylock" "$mod, L, exec, ${locker}"
"$mod, V, togglefloating, " "$mod, V, togglefloating, "
"$mod, D, exec, ${pkgs.rofi-wayland.outPath}/bin/rofi -show drun"
"$mod, P, pseudo, # dwindle" "$mod, P, pseudo, # dwindle"
"$mod, J, togglesplit, # dwindle" "$mod, J, togglesplit, # dwindle"
"$mod, left, movefocus, l" "$mod, left, movefocus, l"
@ -107,6 +119,11 @@
"device:razer-razer-blackwidow-chroma" = { "device:razer-razer-blackwidow-chroma" = {
kb_layout = "de"; kb_layout = "de";
}; };
misc = {
mouse_move_enables_dpms = true;
key_press_enables_dpms = true;
};
}; };
}; };
@ -123,6 +140,8 @@
}; };
}; };
programs.starship.enable = true;
programs.helix = { programs.helix = {
enable = true; enable = true;
defaultEditor = true; defaultEditor = true;

29
nixos/primordial/configuration.nix
View File

@ -11,6 +11,7 @@
in { in {
sops.defaultSopsFile = ./secrets.yaml; sops.defaultSopsFile = ./secrets.yaml;
sops.secrets."gitea.env" = {}; sops.secrets."gitea.env" = {};
sops.secrets."keycloak_db_pw" = {};
imports = [ imports = [
./mail.nix ./mail.nix
@ -73,6 +74,7 @@ in {
authentication = pkgs.lib.mkOverride 10 '' authentication = pkgs.lib.mkOverride 10 ''
#type database DBuser auth-method #type database DBuser auth-method
local all all trust local all all trust
host all all 127.0.0.1/32 md5
''; '';
}; };
@ -181,6 +183,16 @@ in {
}; };
}; };
virtualHosts."sso.fuckwit.dev" = {
enableACME = true;
addSSL = true;
locations."/" = {
proxyPass = "http://127.0.0.1:8004";
proxyWebsockets = true;
};
};
# virtualHosts."drone.fuckwit.dev" = { # virtualHosts."drone.fuckwit.dev" = {
# enableACME = true; # enableACME = true;
# addSSL = true; # addSSL = true;
@ -235,6 +247,23 @@ in {
}; };
}; };
keycloak = {
enable = true;
database = {
type = "postgresql";
createLocally = true;
passwordFile = config.sops.secrets."keycloak_db_pw".path;
};
settings = {
hostname = "sso.fuckwit.dev";
http-host = "127.0.0.1";
http-port = 8004;
proxy = "edge";
};
};
# drone-server = { # drone-server = {
# enable = true; # enable = true;
# config = { # config = {

5
nixos/primordial/secrets.yaml
View File

@ -1,4 +1,5 @@
gitea.env: ENC[AES256_GCM,data:wkSPzLQtL3vGNIjG+jG6I3+R7wLBBdXeaCHbKxMbpVOldo8zrPLu8HdoryneRro58d7D9Cao9x+n5SvYNfGwHPgDJG8saXTeyEffIWIKNC+5+8fjiWwIkAvstckmZjSLitVxcwhifs49jmZgW/xQBPEPiAHzVkjeueV7p/Jm9WgyD2ycPrKUvNEYJ6DWZqQq9r10Y/KsRZsvRzF2cp6YeX7YGjW7E2wuQz9yy8gOFHxmoJxAc4zM7XaKZWKtow1UPCjTtxiY7qRkWK7KQt21Xf3FCsU=,iv:qQv7hbqh3Kl6sE/XW37D9AbYt4gLJw5BnfbbLIkzOd4=,tag:g6Cecvdb67W01HvIULNzsQ==,type:str] gitea.env: ENC[AES256_GCM,data:wkSPzLQtL3vGNIjG+jG6I3+R7wLBBdXeaCHbKxMbpVOldo8zrPLu8HdoryneRro58d7D9Cao9x+n5SvYNfGwHPgDJG8saXTeyEffIWIKNC+5+8fjiWwIkAvstckmZjSLitVxcwhifs49jmZgW/xQBPEPiAHzVkjeueV7p/Jm9WgyD2ycPrKUvNEYJ6DWZqQq9r10Y/KsRZsvRzF2cp6YeX7YGjW7E2wuQz9yy8gOFHxmoJxAc4zM7XaKZWKtow1UPCjTtxiY7qRkWK7KQt21Xf3FCsU=,iv:qQv7hbqh3Kl6sE/XW37D9AbYt4gLJw5BnfbbLIkzOd4=,tag:g6Cecvdb67W01HvIULNzsQ==,type:str]
keycloak_db_pw: ENC[AES256_GCM,data:1oBqzpFokAmjkT770YKYwzCllaGTprtDR9W4B/+V6ZUXPhJ1R9DNWZHqpQ==,iv:dK36GBiDj12HVjUkZqTVk/rR6s1sf6dmQTk1ZJQwi+I=,tag:6Ix9QSf+A0U82sG0z8wSmw==,type:str]
sops: sops:
kms: [] kms: []
gcp_kms: [] gcp_kms: []
@ -14,8 +15,8 @@ sops:
V1h2NGxyNVc3WnF2ZFBpQm1oK1AzeGcK4GoD2E8nwOl/WKtgMgs0Y1Q8abRX4mpy V1h2NGxyNVc3WnF2ZFBpQm1oK1AzeGcK4GoD2E8nwOl/WKtgMgs0Y1Q8abRX4mpy
GdHGDQUWvySCisJo4JXsooYkLjOyKvir+vcVbX4nDd4L1W2OMULkrg== GdHGDQUWvySCisJo4JXsooYkLjOyKvir+vcVbX4nDd4L1W2OMULkrg==
-----END AGE ENCRYPTED FILE----- -----END AGE ENCRYPTED FILE-----
lastmodified: "2024-01-25T11:12:39Z" lastmodified: "2024-03-25T19:17:29Z"
mac: ENC[AES256_GCM,data:pMO0zLANiwXfcKaZT8lrQ6Wcy+CgmNW755hOdHTM6jREKJOoEC9QmrrsSA3dCAwAXR89TImY5IxrM929d8DD3zbBLnSU42ivuZqkWtgm4/sWjUvW4R9kUKZXiTwe2YhaNlsyLJN7JOMPEU4eaj2a3V6PecQ2IaJJmnww+Et2RNg=,iv:8+Y7k4GUMHZGLctHpWOaNj6ibPy1hyf36ckncnZbIlo=,tag:JUyJrYwXuvT9SncdlKfbBw==,type:str] mac: ENC[AES256_GCM,data:Qnou0/umwMX2XD7gDF6SceFI5tLjOO30OVhFSXhxc2yuFj/gB0R1bPplLm5j/wmxfRQDvvm2zLgGFMqt+8i4Z+6OYgbuwFcv4FR2E001aWVj1zh+F8pRZVTxqnsvegoKWQwoXkhZe5S/fjX9N09SMYhBkjLUh9fboGXajEpDws8=,iv:hTQgeyli/MPaUVxJSzhDK+ssxv78w7hRBtQ1pnZGASg=,tag:HDKQ2duHMYvGa74Vp0fIjw==,type:str]
pgp: pgp:
- created_at: "2024-01-25T11:10:44Z" - created_at: "2024-01-25T11:10:44Z"
enc: |- enc: |-