fuckwit/nix-config
1
0
Fork 0
Code Issues Pull Requests 1 Actions Activity

much stuff

Browse Source
This commit is contained in:
fuckwit 2024-03-25 21:25:44 +01:00
parent 053958a2ac
commit e711e0cbc0
7 changed files with 729 additions and 230 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

774
flake.lock generated
View File

File diff suppressed because it is too large Load Diff

108
nixos/celestia/configuration.nix
View File

@ -11,8 +11,7 @@
name = "${subdomain}.fuckwit.dev";
value = {
forceSSL = true;
enableACME = true;
acmeRoot = null;
useACMEHost = "fuckwit.dev";
locations."/" = {
proxyPass = "http://127.0.0.1:${builtins.toString port}";
proxyWebsockets = true;
@ -90,6 +89,8 @@ in {
];
users.groups.nas.gid = 2000;
users.users.nginx.extraGroups = [ "acme" ];
environment = {
etc = {
@ -111,6 +112,10 @@ in {
environmentFile = config.sops.secrets."acme.env".path;
dnsPropagationCheck = true;
};
certs."fuckwit.dev" = {
extraDomainNames = ["*.fuckwit.dev"];
};
};
services = {
@ -204,6 +209,10 @@ in {
subdomain = "paperless";
port = 28981;
}
{
subdomain = "homepage";
port = 8082;
}
];
};
@ -254,6 +263,101 @@ in {
};
jellyfin.enable = true;
homepage-dashboard = {
enable = true;
settings = {
title = "Homelab";
theme = "dark";
layout = [
{
Media = {
style = "row";
columns = 4;
};
}
];
};
widgets = [
{
resources = {
cpu = true;
memory = true;
disk = "/tank";
};
}
{
search = {
provider = "duckduckgo";
target = "_blank";
};
}
];
services = [
{
Media = [
{
Jellyfin = {
icon = "jellyfin.png";
href = "https://jellyfin.fuckwit.dev";
siteMonitor = "https://jellyfin.fuckwit.dev";
description = "Media library";
widget = {
type = "jellyfin";
url = "https://jellyfin.fuckwit.dev";
key = "d6e4766cda6c412cb4a96626c0f0b51a";
enableBlocks = true;
enableNowPlaying = false;
};
};
}
{
Radarr = {
icon = "radarr.png";
href = "https://radarr.fuckwit.dev";
siteMonitor = "https://radarr.fuckwit.dev";
description = "Media library";
widget = {
type = "radarr";
url = "https://radarr.fuckwit.dev";
key = "01d93b03f6c64a0f9786598b611e58f9";
};
};
}
{
Sonarr = {
icon = "sonarr.png";
href = "https://sonarr.fuckwit.dev";
siteMonitor = "https://sonarr.fuckwit.dev";
description = "Media library";
widget = {
type = "sonarr";
url = "https://sonarr.fuckwit.dev";
key = "c6be6b2d78104a97a2c7df560b27bb5c";
};
};
}
{
Lidarr = {
icon = "lidarr.png";
href = "https://lidarr.fuckwit.dev";
siteMonitor = "https://lidarr.fuckwit.dev";
description = "Media library";
widget = {
type = "lidarr";
url = "https://lidarr.fuckwit.dev";
key = "e95e25ccd6f04ffe8e8ad0ff488231a8";
};
};
}
];
}
];
};
};
hardware = {

4
nixos/configurations.nix
View File

@ -88,10 +88,10 @@ in {
};
celestia = myNixosSystem {
np = nixpkgs-stable;
np = nixpkgs;
system = "x86_64-linux";
ip = "192.168.1.11";
remoteBuild = false;
# remoteBuild = false;
file = ./celestia/configuration.nix;
};

2
nixos/framework/configuration.nix
View File

@ -39,7 +39,7 @@
services = {
illum.enable = true;
fwupd.enable = true;
fprintd.enable = true;
fprintd.enable = false; # currently broken
pcscd.enable = true;
tlp = {
enable = true;

37
nixos/framework/home.nix
View File

@ -3,12 +3,12 @@
helix
firefox-devedition
git
eww-wayland
pinentry
acpi
sops
moonlight-qt
discord
vesktop
telegram-desktop
obs-studio
];
@ -16,19 +16,30 @@
programs.bash.enable = true;
programs.swaylock.enable = true;
wayland.windowManager.hyprland = {
wayland.windowManager.hyprland = let
locker = "${pkgs.swaylock}/bin/swaylock";
set-dpms = "${pkgs.hyprland}/bin/hyprctl dispatcher dpms";
idle-script = pkgs.writeShellScript "idle-lock.sh" ''
${pkgs.swayidle}/bin/swayidle -w \
timeout 600 ${locker} \
timeout 300 '${set-dpms} off' \
timeout 15 'if pgrep -x swaylock; then ${set-dpms} off; fi' \
resume '${set-dpms} on' \
before-sleep '${locker}'
'';
in {
enable = true;
settings = {
"$mod" = "SUPER";
monitor = [
"eDP-1,2256x1504,0x0,1.566667"
"DP-9,2560x1080,2256x0,1"
"DP-11,1680x1050,4816x0,1"
",preferred,auto,1.5"
"desc:LG Electronics LG ULTRAWIDE 0x000219F2,2560x1080,1440x0,1"
"desc:Fujitsu Siemens Computers GmbH B22W-6 LED YV3U164923,1680x1050,4000x0,1"
",preferred,auto,1"
];
exec-once = ["waybar"];
exec-once = ["waybar" idle-script];
input = {
kb_layout = "us,de";
@ -75,11 +86,12 @@
bind =
[
"$mod, return, exec, ${pkgs.alacritty.outPath}/bin/alacritty"
", PRINT, exec, ${pkgs.hyprshot}/bin/hyprshot -m region --clipboard-only"
"$mod, return, exec, ${pkgs.alacritty}/bin/alacritty"
"$mod, D, exec, ${pkgs.rofi-wayland}/bin/rofi -show drun"
"$mod SHIFT, Q, killactive, "
"$mod, L, exec, swaylock"
"$mod, L, exec, ${locker}"
"$mod, V, togglefloating, "
"$mod, D, exec, ${pkgs.rofi-wayland.outPath}/bin/rofi -show drun"
"$mod, P, pseudo, # dwindle"
"$mod, J, togglesplit, # dwindle"
"$mod, left, movefocus, l"
@ -107,6 +119,11 @@
"device:razer-razer-blackwidow-chroma" = {
kb_layout = "de";
};
misc = {
mouse_move_enables_dpms = true;
key_press_enables_dpms = true;
};
};
};
@ -123,6 +140,8 @@
};
};
programs.starship.enable = true;
programs.helix = {
enable = true;
defaultEditor = true;

29
nixos/primordial/configuration.nix
View File

@ -11,6 +11,7 @@
in {
sops.defaultSopsFile = ./secrets.yaml;
sops.secrets."gitea.env" = {};
sops.secrets."keycloak_db_pw" = {};
imports = [
./mail.nix
@ -73,6 +74,7 @@ in {
authentication = pkgs.lib.mkOverride 10 ''
#type database DBuser auth-method
local all all trust
host all all 127.0.0.1/32 md5
'';
};
@ -181,6 +183,16 @@ in {
};
};
virtualHosts."sso.fuckwit.dev" = {
enableACME = true;
addSSL = true;
locations."/" = {
proxyPass = "http://127.0.0.1:8004";
proxyWebsockets = true;
};
};
# virtualHosts."drone.fuckwit.dev" = {
# enableACME = true;
# addSSL = true;
@ -235,6 +247,23 @@ in {
};
};
keycloak = {
enable = true;
database = {
type = "postgresql";
createLocally = true;
passwordFile = config.sops.secrets."keycloak_db_pw".path;
};
settings = {
hostname = "sso.fuckwit.dev";
http-host = "127.0.0.1";
http-port = 8004;
proxy = "edge";
};
};
# drone-server = {
# enable = true;
# config = {

5
nixos/primordial/secrets.yaml
View File

@ -1,4 +1,5 @@
gitea.env: ENC[AES256_GCM,data:wkSPzLQtL3vGNIjG+jG6I3+R7wLBBdXeaCHbKxMbpVOldo8zrPLu8HdoryneRro58d7D9Cao9x+n5SvYNfGwHPgDJG8saXTeyEffIWIKNC+5+8fjiWwIkAvstckmZjSLitVxcwhifs49jmZgW/xQBPEPiAHzVkjeueV7p/Jm9WgyD2ycPrKUvNEYJ6DWZqQq9r10Y/KsRZsvRzF2cp6YeX7YGjW7E2wuQz9yy8gOFHxmoJxAc4zM7XaKZWKtow1UPCjTtxiY7qRkWK7KQt21Xf3FCsU=,iv:qQv7hbqh3Kl6sE/XW37D9AbYt4gLJw5BnfbbLIkzOd4=,tag:g6Cecvdb67W01HvIULNzsQ==,type:str]
keycloak_db_pw: ENC[AES256_GCM,data:1oBqzpFokAmjkT770YKYwzCllaGTprtDR9W4B/+V6ZUXPhJ1R9DNWZHqpQ==,iv:dK36GBiDj12HVjUkZqTVk/rR6s1sf6dmQTk1ZJQwi+I=,tag:6Ix9QSf+A0U82sG0z8wSmw==,type:str]
sops:
kms: []
gcp_kms: []
@ -14,8 +15,8 @@ sops:
V1h2NGxyNVc3WnF2ZFBpQm1oK1AzeGcK4GoD2E8nwOl/WKtgMgs0Y1Q8abRX4mpy
GdHGDQUWvySCisJo4JXsooYkLjOyKvir+vcVbX4nDd4L1W2OMULkrg==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2024-01-25T11:12:39Z"
mac: ENC[AES256_GCM,data:pMO0zLANiwXfcKaZT8lrQ6Wcy+CgmNW755hOdHTM6jREKJOoEC9QmrrsSA3dCAwAXR89TImY5IxrM929d8DD3zbBLnSU42ivuZqkWtgm4/sWjUvW4R9kUKZXiTwe2YhaNlsyLJN7JOMPEU4eaj2a3V6PecQ2IaJJmnww+Et2RNg=,iv:8+Y7k4GUMHZGLctHpWOaNj6ibPy1hyf36ckncnZbIlo=,tag:JUyJrYwXuvT9SncdlKfbBw==,type:str]
lastmodified: "2024-03-25T19:17:29Z"
mac: ENC[AES256_GCM,data:Qnou0/umwMX2XD7gDF6SceFI5tLjOO30OVhFSXhxc2yuFj/gB0R1bPplLm5j/wmxfRQDvvm2zLgGFMqt+8i4Z+6OYgbuwFcv4FR2E001aWVj1zh+F8pRZVTxqnsvegoKWQwoXkhZe5S/fjX9N09SMYhBkjLUh9fboGXajEpDws8=,iv:hTQgeyli/MPaUVxJSzhDK+ssxv78w7hRBtQ1pnZGASg=,tag:HDKQ2duHMYvGa74Vp0fIjw==,type:str]
pgp:
- created_at: "2024-01-25T11:10:44Z"
enc: |-