marty/config.nix
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

server and other shit

Browse source
This commit is contained in:
martyTF 2026-04-11 17:21:28 +02:00
parent 270e1a0be4
commit 804371bf96
65 changed files with 1428 additions and 619 deletions
Download patch file Download diff file Expand all files Collapse all files

1
configuration.nix
View file

@ -14,7 +14,6 @@
nixpkgs.config.allowUnfree = true;
imports = [
./modules
# ./options.nix
];
environment.pathsToLink = [

60
flake.lock generated
View file

@ -216,11 +216,11 @@
]
},
"locked": {
"lastModified": 1774738535,
"narHash": "sha256-2jfBEZUC67IlnxO5KItFCAd7Oc+1TvyV/jQlR+2ykGQ=",
"lastModified": 1775268934,
"narHash": "sha256-Sa5tW5kYPJornQEkFVD43F/0d4/WP+/GLTNktTFe2qU=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "769e07ef8f4cf7b1ec3b96ef015abec9bc6b1e2a",
"rev": "9dc93220c1c9a410ef6277d6dc55c571d9e592d0",
"type": "github"
},
"original": {
@ -304,11 +304,11 @@
"xdph": "xdph"
},
"locked": {
"lastModified": 1774734105,
"narHash": "sha256-kO22x+rIp1SckR3Gi3+Nk0J9AP+kNcEgXikkE8bA04g=",
"lastModified": 1775307976,
"narHash": "sha256-s7tT69WTAX8CdZg1Gr1L4n2W/IgyPCfFXJFllXS5A5g=",
"owner": "hyprwm",
"repo": "Hyprland",
"rev": "38a7f03cf0e5ee116794a78581634ba3dab508fa",
"rev": "13fec3de9b40dbd075ce0ec5c88ef86117e25443",
"type": "github"
},
"original": {
@ -586,11 +586,11 @@
"optnix": "optnix"
},
"locked": {
"lastModified": 1774427328,
"narHash": "sha256-KtGThScvwNbCm+6XwUKRfpTjJVKV9SHswm29px3m4pw=",
"lastModified": 1775272181,
"narHash": "sha256-9Y3ASONdIdYtTbZCg7Nv+jntkXo9m1VMpxlMvvNhHWI=",
"owner": "nix-community",
"repo": "nixos-cli",
"rev": "23e7540706eb5271f4ab37b9e52532637d57c63b",
"rev": "14dab96159beab052bf04be41c8e5cd486807042",
"type": "github"
},
"original": {
@ -664,11 +664,11 @@
},
"nixpkgs_4": {
"locked": {
"lastModified": 1772956932,
"narHash": "sha256-M0yS4AafhKxPPmOHGqIV0iKxgNO8bHDWdl1kOwGBwRY=",
"lastModified": 1774855581,
"narHash": "sha256-YkreHeMgTCYvJ5fESV0YyqQK49bHGe2B51tH6claUh4=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "608d0cadfed240589a7eea422407a547ad626a14",
"rev": "15c6719d8c604779cf59e03c245ea61d3d7ab69b",
"type": "github"
},
"original": {
@ -680,11 +680,11 @@
},
"nixpkgs_5": {
"locked": {
"lastModified": 1774386573,
"narHash": "sha256-4hAV26quOxdC6iyG7kYaZcM3VOskcPUrdCQd/nx8obc=",
"lastModified": 1775036866,
"narHash": "sha256-ZojAnPuCdy657PbTq5V0Y+AHKhZAIwSIT2cb8UgAz/U=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "46db2e09e1d3f113a13c0d7b81e2f221c63b8ce9",
"rev": "6201e203d09599479a3b3450ed24fa81537ebc4e",
"type": "github"
},
"original": {
@ -718,11 +718,11 @@
"noctalia-qs": "noctalia-qs"
},
"locked": {
"lastModified": 1774747057,
"narHash": "sha256-D/W/pgyH9+50fMbyh839j3NIOyf9X8VJCKrsMpRnqAI=",
"lastModified": 1775309721,
"narHash": "sha256-yZIMJhv1Jg2I1bsag/chncl4nb/5pkrEKVwpkOqJqpI=",
"owner": "noctalia-dev",
"repo": "noctalia-shell",
"rev": "3b9e93a8b1e748df9329a97eb8d7ee58d02977da",
"rev": "819b2d33b04b2180b6ef19dab7f86af7d3603a52",
"type": "github"
},
"original": {
@ -741,11 +741,11 @@
"treefmt-nix": "treefmt-nix"
},
"locked": {
"lastModified": 1774734782,
"narHash": "sha256-rq/8sJPI8wD4P3CXSyvW/dPuAa+qXGdqzAKM3eunZ+4=",
"lastModified": 1775135550,
"narHash": "sha256-79JP2QTdvp1jg7HGxAW+xzhzhLnlKUi8yGXq9nDCeH0=",
"owner": "noctalia-dev",
"repo": "noctalia-qs",
"rev": "8e216ba101d761b8a71f359246941d50e22bad3f",
"rev": "e7224b756dcd10eec040df818a4c7a0fda5d6eff",
"type": "github"
},
"original": {
@ -766,11 +766,11 @@
]
},
"locked": {
"lastModified": 1770000117,
"narHash": "sha256-kZ1eLvCxfN+6RYQdcWUdIf+2WuiNiAfbJq+VetT+kos=",
"lastModified": 1774559664,
"narHash": "sha256-a8FWQZgqaS7o484iH7dFK+F9t7oMahKbcH2piIwUwFc=",
"owner": "water-sucks",
"repo": "optnix",
"rev": "e3a8a63d8a9dcad01f499b2ece87db3545443f05",
"rev": "853323ece22fb1ffed19cea4ae22804032034a8e",
"type": "github"
},
"original": {
@ -980,11 +980,11 @@
]
},
"locked": {
"lastModified": 1772660329,
"narHash": "sha256-IjU1FxYqm+VDe5qIOxoW+pISBlGvVApRjiw/Y/ttJzY=",
"lastModified": 1773297127,
"narHash": "sha256-6E/yhXP7Oy/NbXtf1ktzmU8SdVqJQ09HC/48ebEGBpk=",
"owner": "numtide",
"repo": "treefmt-nix",
"rev": "3710e0e1218041bbad640352a0440114b1e10428",
"rev": "71b125cd05fbfd78cab3e070b73544abe24c5016",
"type": "github"
},
"original": {
@ -1063,11 +1063,11 @@
]
},
"locked": {
"lastModified": 1774759885,
"narHash": "sha256-Y3D2GnZTO6BhGWeVcO6qUkiO5g0dDL2tmokLVWNC1WY=",
"lastModified": 1775277437,
"narHash": "sha256-zCi04nIBNwTMt8n35w9cBgNUqnyhbjivsGlx6/Qhqug=",
"owner": "youwen5",
"repo": "zen-browser-flake",
"rev": "16e3f4cd221a030186a96015d82dcb3fb4afa4d6",
"rev": "de6d9094822a8f87fc380d1638f34d6cc6fa68ca",
"type": "github"
},
"original": {

2
home/apps/default.nix
View file

@ -7,6 +7,8 @@
{
imports = [
./internet
./sync
./terminal
];
}

6
home/modules/connectivity/internet/default.nix → home/apps/internet/default.nix
View file

@ -7,10 +7,8 @@
{
imports = [
./librewolf.nix
./zen-browser.nix
./tor.nix
./mail.nix
./rss.nix
./messaging.nix
./zen-browser.nix
];
}

35
home/apps/internet/mail.nix Normal file
View file

@ -0,0 +1,35 @@
{
config,
lib,
pkgs,
osConfig,
...
}:
{
programs = {
thunderbird =
if osConfig.apps.internet.mail.enable then
{
enable = true;
profiles."default" = {
isDefault = true;
};
}
else
{ };
};
services = {
protonmail-bridge =
if osConfig.apps.internet.mail.providers.protonmail.enable then
{
enable = true;
package = pkgs.protonmail-bridge;
extraPackages = with pkgs; [
gnome-keyring
];
}
else
{ };
};
}

47
home/apps/internet/messaging.nix Normal file
View file

@ -0,0 +1,47 @@
{
config,
lib,
pkgs,
osConfig,
...
}:
{
programs = {
element-desktop =
if osConfig.apps.messaging.element.enable then
{
enable = true;
settings = {
default_server_config = {
"m.homeserver" = {
base_url =
if osConfig.apps.messaging.element.selfhosted then
"https://${osConfig.server.synapse.subdomain}.${osConfig.networking.domain}"
else
"https://matrix-client.matrix.org";
server_name =
if osConfig.apps.messaging.element.selfhosted then
"${osConfig.server.synapse.subdomain}.${osConfig.networking.domain}"
else
"matrix.org";
};
"m.identity_server" = {
base_url = "https://vector.im";
};
};
default_theme = "dark";
disable_custom_urls = false;
disable_guests = false;
disable_login_language_selector = false;
disable_3pid_login = false;
force_verification = false;
brand = "Element";
integrations_ui_url = "https://scalar.vector.im/";
integrations_rest_url = "https://scalar.vector.im/api";
};
}
else
{ };
};
}

26
home/modules/connectivity/internet/zen-browser.nix → home/apps/internet/zen-browser.nix
View file

@ -3,6 +3,7 @@
lib,
pkgs,
inputs,
osConfig,
...
}:
let
@ -58,21 +59,16 @@ let
in
{
options = {
internet.browsers = {
zen-browser = {
enable = lib.mkEnableOption "enable zen-browser";
};
};
};
config = lib.mkIf config.internet.browsers.zen-browser.enable {
config =
if osConfig.apps.internet.browsers.zen-browser.enable then
{
home.packages = [
(pkgs.wrapFirefox
inputs.zen-browser.packages.${pkgs.stdenv.hostPlatform.system}.zen-browser-unwrapped
{
extraPrefs = lib.concatLines (
lib.mapAttrsToList (
name: value: ''lockPref(${lib.strings.toJSON name}, ${lib.strings.toJSON value});''
name: value: "lockPref(${lib.strings.toJSON name}, ${lib.strings.toJSON value});"
) prefs
);
extraPolicies = {
@ -80,7 +76,7 @@ in
ExtensionSettings = builtins.listToAttrs extensions;
SearchEngines = {
Default = "MartyTF's Series of Tubes";
Default = "kagi";
Add = [
{
Name = "MartyTF's Series of Tubes";
@ -88,11 +84,19 @@ in
IconURL = "https://wiki.nixos.org/favicon.ico";
Alias = "@sgx";
}
{
Name = "kagi";
URLTemplate = "https://kagi.com/search?q={searchTerms}";
IconURL = "https://kagi.com/asset/597c5c3/kagi_assets/logos/search.png?v=679b1c5d38deac3ff084fc704aa36694454572a2";
Alias = "@k";
}
];
};
};
}
)
];
};
}
else
{ };
}

20
home/apps/sync/default.nix Normal file
View file

@ -0,0 +1,20 @@
{
config,
lib,
pkgs,
osConfig,
...
}:
{
services = {
kdeconnect = {
enable = osConfig.apps.sync.kde-connect.enable;
indicator = osConfig.apps.sync.kde-connect.enable;
};
nextcloud-client = {
enable = osConfig.apps.sync.nextcloud.enable;
startInBackground = osConfig.apps.sync.nextcloud.enable;
};
};
}

6
home/apps/terminal/kitty.nix
View file

@ -13,9 +13,9 @@
enable = true;
enableGitIntegration = true;
shellIntegration = {
enableFishIntegration = true;
enableBashIntegration = true;
enableZshIntegration = true;
enableFishIntegration = osConfig.programs.fish.enable;
enableBashIntegration = osConfig.programs.bash.enable;
enableZshIntegration = osConfig.programs.zsh.enable;
};
font = {
name = "FiraCode Nerd Font";

2
home/apps/terminal/ranger.nix
View file

@ -26,7 +26,7 @@
vcs_backend_git = "enabled";
vcs_msg_length = 50;
preview_images = true;
preview_images_method = lib.mkIf config.terminal.kitty.enable "kitty";
preview_images_method = lib.mkIf osConfig.apps.terminal.kitty.enable "kitty";
preview_files = true;
preview_directories = true;
collapse_preview = false;

28
home/desktop/shell/noctalia.nix
View file

@ -20,6 +20,34 @@
if osConfig.desktop.shell.noctalia.enable then
{
enable = true;
settings = {
bar = {
density = "compact";
position = "center";
showCapsule = true;
widgets = {
left = [
{
id = "ControlCenter";
useDistroLogo = true;
}
{
id = "Network";
}
{
id = "Bluetooth";
}
];
center = [
{
id = "Workspace";
labelMode = "none";
hideUnoccupied = false;
}
];
};
};
};
}
else
{ };

10
home/desktop/window-managers/default.nix
View file

@ -6,6 +6,16 @@
}:
{
options = {
desktop.window-managers = {
monitors = {
name = lib.mkOption {
default = "";
};
};
};
};
imports = [
./hyprland.nix
./niri.nix

8
home/desktop/window-managers/hyprland.nix
View file

@ -11,7 +11,6 @@
options = {
desktop = {
hyprland = {
enable = lib.mkEnableOption "enable hyprland";
monitors = lib.mkOption {
default = [
",preferred,auto,1"
@ -81,12 +80,13 @@
];
exec-once = [
(lib.mkIf (osConfig.desktop.shell.walker.enable) "elephant")
(lib.mkIf (osConfig.desktop.shell.walker.enable) "walker --gapplication-service")
(lib.mkIf (osConfig.desktop.shell.waybar.enable) "waybar")
(lib.mkIf (osConfig.desktop.shell.noctalia.enable) "noctalia-shell")
(lib.mkIf (osConfig.desktop.shell.noctalia.enable) "noctalia-shell ipc call wallpaper random")
(lib.mkIf (osConfig.desktop.shell.swww.enable) "waypaper --restore --random")
(lib.mkIf (osConfig.gaming.steam.enable) "adwaita-steam-gtk -u; steam -silent")
(lib.mkIf (osConfig.internet.mail.providers.protonmail.enable) "protonmail-bridge -n")
(lib.mkIf (osConfig.apps.gaming.steam.enable) "adwaita-steam-gtk -u; steam -silent")
(lib.mkIf (osConfig.apps.internet.mail.providers.protonmail.enable) "protonmail-bridge -n")
"echo $HYPRLAND_INSTANCE_SIGNATURE > ~/.config/hypr/instance_signature"
];
"$mod" = "SUPER";
@ -98,7 +98,7 @@
(lib.mkIf (osConfig.desktop.shell.rofi.enable) "$mod, D, exec, rofi -show drun")
"$mod, return, exec, ${osConfig.apps.terminal.binary}"
(lib.mkIf (osConfig.desktop.utilities.grimblast.enable) ", print, exec, GRIMBLAST_EDITOR=gradia grimblast edit area")
(lib.mkIf (osConfig.desktop.shell.walker.enable && osConfig.misc.bitwarden.enable)
(lib.mkIf (osConfig.desktop.shell.walker.enable && osConfig.apps.misc.bitwarden.enable)
"$mod, B, exec, rbw unlocked || kitty --class kitty-floating -e rbw unlock; selected=$(rbw list | walker -d); wl-copy $(rbw get \"$selected\"); sleep 30; rbw lock"
)
"$mod, F, fullscreen, 1"

13
home/desktop/window-managers/niri.nix
View file

@ -17,7 +17,9 @@ in
if osConfig.desktop.window-managers.niri.enable then
{
home.file = {
"~/.config/niri/config.kdl" = ''
"~/.config/niri/config.kdl" = {
target = ".config/niri/config.kdl";
text = ''
input {
keyboard {
@ -67,11 +69,11 @@ in
binds {
${modifier}+Down cooldown-ms=150 { focus-workspace-down; }
${modifier}+Up cooldown-ms=150 { focus-workspace-up; }
${modifier}+${osConfig.keybinds.hotkeys.terminal} { spawn "${osConfig.terminal.binary}";}
${modifier}+${osConfig.keybinds.hotkeys.terminal} { spawn "${osConfig.apps.terminal.binary}";}
${modifier}+Left {focus-column-left; }
${modifier}+Right {focus-column-right; }
${modifier}+${osConfig.keybinds.hotkeys.browser} { spawn "${osConfig.apps.browser.default}";}
${modifier}+${osConfig.keybinds.hotkeys.launcher} { spawn "${osConfig.desktop.window-managers.shell.launcher.default}";}
${modifier}+${osConfig.keybinds.hotkeys.browser} { spawn "${osConfig.apps.internet.browsers.default}";}
${modifier}+${osConfig.keybinds.hotkeys.launcher} { spawn "${osConfig.desktop.shell.launcher}";}
Print { screenshot;}
${modifier}+Shift+${osConfig.keybinds.hotkeys.close-window} { close-window; }
${modifier}+Shift+${osConfig.keybinds.hotkeys.editor} { spawn "${osConfig.apps.development.editor.default}";}
@ -79,7 +81,7 @@ in
spawn-at-startup "elephant"
spawn-at-startup "noctalia-shell"
spawn-at-startup "walker --gapplication-service"
layout {
gaps 20
@ -103,6 +105,7 @@ in
'';
};
};
}
else
{ };

2
home/desktop/window-managers/sway.nix
View file

@ -60,7 +60,7 @@
};
};
defaultWorkspace = "workspace number 1";
terminal = osConfig.desktop.defaults.terminal.binary;
terminal = osConfig.apps.terminal.binary;
};
checkConfig = false;
};

20
home/modules/connectivity/bluetooth/default.nix
View file

@ -1,20 +0,0 @@
{
config,
lib,
pkgs,
...
}:
{
options = {
bluetooth = {
enable = lib.mkEnableOption "enable bluetooth";
};
};
config = lib.mkIf config.bluetooth.enable {
home.packages = with pkgs; [
bluez
bluetuith
];
};
}

21
home/modules/connectivity/internet/librewolf.nix
View file

@ -1,21 +0,0 @@
{
config,
lib,
pkgs,
...
}:
{
options = {
internet.browsers = {
librewolf = {
enable = lib.mkEnableOption "enable librewolf";
};
};
};
config = lib.mkIf config.internet.browsers.librewolf.enable {
home.packages = with pkgs; [
librewolf
];
};
}

34
home/modules/connectivity/internet/mail.nix
View file

@ -1,34 +0,0 @@
{
config,
lib,
pkgs,
...
}:
{
options = {
internet = {
mail.enable = lib.mkEnableOption "enable e-mail";
mail.providers.protonmail.enable = lib.mkEnableOption "enable protonmail";
};
};
config = {
programs = {
thunderbird = lib.mkIf config.internet.mail.enable {
enable = true;
profiles."default" = {
isDefault = true;
};
};
};
services = {
protonmail-bridge = lib.mkIf config.internet.mail.providers.protonmail.enable {
enable = true;
package = pkgs.protonmail-bridge;
extraPackages = with pkgs; [
gnome-keyring
];
};
};
};
}

19
home/modules/connectivity/internet/rss.nix
View file

@ -1,19 +0,0 @@
{
config,
lib,
pkgs,
...
}:
{
options = {
internet = {
rss.enable = lib.mkEnableOption "enable rss";
};
};
config = {
home.packages = with pkgs; [
(lib.mkIf (config.internet.rss.enable) newsflash)
];
};
}

21
home/modules/connectivity/internet/tor.nix
View file

@ -1,21 +0,0 @@
{
config,
lib,
pkgs,
...
}:
{
options = {
internet = {
tor.enable = lib.mkEnableOption "enable tor";
browsers.tor-browser.enable = lib.mkEnableOption "enable tor-browser";
};
};
config = {
home.packages = with pkgs; [
(lib.mkIf (config.internet.browsers.tor-browser.enable) tor-browser)
(lib.mkIf (config.internet.tor.enable) oniux)
];
};
}

15
home/modules/connectivity/social-media/default.nix
View file

@ -1,15 +0,0 @@
{
config,
lib,
pkgs,
...
}:
{
imports = [
./messaging
];
home.packages = with pkgs; [
fedistar
];
}

31
home/modules/connectivity/social-media/messaging/default.nix
View file

@ -1,31 +0,0 @@
{
config,
lib,
pkgs,
...
}:
{
options = {
messaging = {
enable = lib.mkEnableOption "enable all messaging";
element.enable = lib.mkEnableOption "enable element";
signal.enable = lib.mkEnableOption "enable signal";
};
};
config = {
messaging = lib.mkIf config.messaging.enable {
element.enable = lib.mkDefault true;
signal.enable = lib.mkDefault true;
};
home.packages = with pkgs; [
(lib.mkIf (config.messaging.signal.enable) signal-desktop)
];
programs = {
element-desktop = lib.mkIf config.messaging.element.enable {
enable = true;
};
};
};
}

10
hosts/marty-pc/custom.nix
View file

@ -6,6 +6,16 @@
}:
{
networking = {
interfaces = {
enp42s0 = {
wakeOnLan = {
enable = true;
policy = [ "magic" ];
};
};
};
};
services.flatpak.enable = true;
virtualisation.docker.enable = true;
security.polkit = {

18
hosts/marty-pc/default.nix
View file

@ -8,33 +8,19 @@
...
}:
let
hostname = "marty-pc";
in
{
networking = {
hostName = hostname;
interfaces = {
enp42s0 = {
wakeOnLan = {
enable = true;
policy = [ "magic" ];
};
};
};
};
home-manager = {
extraSpecialArgs = { inherit inputs; };
useGlobalPkgs = true;
useUserPackages = true;
users = {
marty = import ./home.nix;
"${config.user.userName}" = import ./home.nix;
};
};
imports = [
./hardware.nix
./custom.nix
./options.nix
];
system.stateVersion = "25.05"; # Did you read the comment?
}

26
hosts/marty-pc/home.nix
View file

@ -13,32 +13,6 @@
home.homeDirectory = "/home/${osConfig.user.userName}";
home.stateVersion = "25.11";
desktop = {
hyprland = {
enable = true;
numlock = true;
monitors = [
"desc:AOC Q27G2WG4 0x00005F45, 2560x1440@144, 3840x0, 1 # main monitor"
"desc:Samsung Electric Company S24D330 0x5A5A5131, 1920x1080@60, 3840x1440, 1 # side monitor"
"desc:Panasonic Industry Company Panasonic-TV, 3840x2160@30, 0x0, 1 # tv"
"desc:Valve Corporation Index HMD 0x3DEBE38D, preffered, auto, 1"
];
workspaces.workspaces = [
"1, monitor:DP-1, persistent:true"
"2, monitor:DP-1, persistent:true"
"3, monitor:DP-1, persistent:true"
"4, monitor:DP-1, persistent:true"
"5, monitor:HDMI-A-1, persistent:true"
"6, monitor:HDMI-A-1, persistent:true"
"7, monitor:HDMI-A-1, persistent:true"
"8, monitor:HDMI-A-1, persistent:true"
"9, monitor:DP-3, persistent:true"
"special:magic"
];
};
};
imports = [
./../../home
];

157
hosts/marty-pc/options.nix Normal file
View file

@ -0,0 +1,157 @@
{
config,
pkgs,
lib,
...
}:
{
config = {
user = {
userName = "marty";
shell = pkgs.fish;
};
system = {
timezone = "Europe/Berlin";
language = "en_GB.UTF-8";
locale = "de_DE.UTF-8";
hostname = "marty-pc";
};
apps = {
audio = {
base.enable = true;
media.enable = true;
editing.enable = true;
};
development = {
editor = {
vscodium.enable = true;
emacs.enable = true;
default = "vscodium";
};
languages = {
python.enable = true;
};
godot.enable = true;
};
gaming = {
enable = true;
steam.enable = true;
minecraft.enable = true;
};
image = {
base.enable = true;
editing.enable = true;
};
internet = {
browsers = {
zen-browser.enable = true;
tor-browser.enable = true;
default = "zen";
};
mail = {
enable = true;
providers = {
protonmail.enable = true;
};
};
};
messaging = {
signal.enable = true;
element = {
enable = true;
selfhosted = true;
};
};
misc = {
obsidian.enable = true;
bitwarden.enable = true;
blender.enable = true;
};
sync = {
kde-connect.enable = true;
nextcloud.enable = true;
syncthing = {
devices = {
marty-pc = {
id = "6PJZD52-EEWIO7U-MZMJJ5B-33DGNSU-O7DJVRT-GAE7QZG-ZY3VIMV-VSMBDQP";
autoAcceptFolder = true;
};
marty-server = {
id = "UDMXEKZ-HYIFI5S-VAKE75O-K3C65QV-LS43QA5-3JTHWKL-CI5C3Y6-P4NSQQM";
autoAcceptFolders = true;
};
marty-latitude = {
id = "SOAWHKA-BCQGO5G-IJ24WTO-RDETP5M-LNTVO66-MHIOUU2-NNQ57P6-FFKNSA6";
autoAcceptFolders = true;
};
marty-thinkpad = {
id = "NWHFQSW-FOBGFLV-YMZR77Q-KNRR3YC-4C6PKXT-TTPDCOL-CDB6QX4-3QJE2AN";
autoAcceptFolders = true;
};
marty-pixel = {
id = "GSBXOGW-6SYLDUQ-HPH7FBJ-CKHWQIK-K5YORB4-CYKGYT6-DLCVSAK-LA2RMAK";
autoAcceptFolders = true;
};
marty-fairphone = {
id = "2ISVWQV-4USY5IA-2OU55CE-Q7VLPD7-4RVQ5WX-FXQSJMY-2ES4EZG-IGFB7QG";
autoAcceptFolders = true;
};
};
};
};
terminal = {
kitty = {
enable = true;
};
default = "kitty";
tui = {
ranger.enable = true;
};
toys = true;
};
video = {
base.enable = true;
media.enable = true;
editing.enable = true;
};
};
desktop = {
window-managers = {
hyprland = {
enable = true;
};
niri = {
enable = true;
};
sway = {
enable = true;
};
};
shell = {
noctalia = {
enable = true;
};
swww = {
enable = false;
};
walker = {
enable = true;
};
waybar = {
enable = false;
};
};
utilities = {
grimblast = {
enable = true;
};
};
};
server = {
synapse = {
subdomain = "yap";
};
};
};
}

14
hosts/marty-thinkpad/custom.nix Normal file
View file

@ -0,0 +1,14 @@
{
config,
lib,
pkgs,
...
}:
{
services.flatpak.enable = true;
services.xserver.videoDrivers = [ "nvidia" ];
hardware.nvidia.modesetting.enable = true;
hardware.nvidia.open = true;
}

23
hosts/marty-thinkpad/default.nix
View file

@ -8,37 +8,20 @@
}:
{
networking = {
hostName = "marty-thinkpad";
};
home-manager = {
extraSpecialArgs = { inherit inputs; };
useGlobalPkgs = true;
useUserPackages = true;
users = {
marty = import ./home.nix;
"${config.user.userName}" = import ./home.nix;
};
};
main-user = {
userName = "marty";
shell = pkgs.fish;
};
imports = [
./hardware.nix
# ../../modules/server/nginx.nix
./custom.nix
./options.nix
];
desktop.niri.enable = true;
programs = {
light.enable = true;
};
services.flatpak.enable = true;
services.xserver.videoDrivers = [ "nvidia" ];
hardware.nvidia.modesetting.enable = true;
hardware.nvidia.open = true;
system.stateVersion = "24.11"; # Did you read the comment?
}

85
hosts/marty-thinkpad/home.nix
View file

@ -3,95 +3,18 @@
pkgs,
inputs,
lib,
osConfig,
...
}:
{
# Home Manager needs a bit of information about you and the paths it should
# manage.
home.username = "marty";
home.homeDirectory = "/home/marty";
# This value determines the Home Manager release that your configuration is
# compatible with. This helps avoid breakage when a new Home Manager release
# introduces backwards incompatible changes.
#
# You should not change this value, even if you update Home Manager. If you do
# want to update the value, then make sure to first check the Home Manager
# release notes.
home.stateVersion = "24.11"; # Please read the comment before changing.
# The home.packages option allows you to install Nix packages into your
# environment.
programs.fish.enable = true;
home.packages = with pkgs; [
# # Adds the 'hello' command to your environment. It prints a friendly
# # "Hello, world!" when run.
# hello
# # It is sometimes useful to fine-tune packages, for example, by applying
# # overrides. You can do that directly here, just don't forget the
# # parentheses. Maybe you want to install Nerd Fonts with a limited number of
# # fonts?
# (pkgs.nerdfonts.override { fonts = [ "FantasqueSansMono" ]; })
# # You can also create simple shell scripts directly inside your
# # configuration. For example, this adds a command 'my-hello' to your
# # environment:
# (pkgs.writeShellScriptBin "my-hello" ''
# echo "Hello, ${config.home.username}!"
# '')
];
# Home Manager is pretty good at managing dotfiles. The primary way to manage
# plain files is through 'home.file'.
home.file = {
# # Building this configuration will create a copy of 'dotfiles/screenrc' in
# # the Nix store. Activating the configuration will then make '~/.screenrc' a
# # symlink to the Nix store copy.
# ".screenrc".source = dotfiles/screenrc;
# # You can also set the file content immediately.
# ".gradle/gradle.properties".text = ''
# org.gradle.console=verbose
# org.gradle.daemon.idletimeout=3600000
# '';
};
# Home Manager can also manage your environment variables through
# 'home.sessionVariables'. These will be explicitly sourced when using a
# shell provided by Home Manager. If you don't want to manage your shell
# through Home Manager then you have to manually source 'hm-session-vars.sh'
# located at either
#
# ~/.nix-profile/etc/profile.d/hm-session-vars.sh
#
# or
#
# ~/.local/state/nix/profiles/profile/etc/profile.d/hm-session-vars.sh
#
# or
#
# /etc/profiles/per-user/marty/etc/profile.d/hm-session-vars.sh
#
device.type.laptop = true;
desktop.hyprland = {
monitors = [
"desc:AU Optronics 0x313E,1600x900@60,0x0,1"
];
};
home.username = osConfig.user.userName;
home.homeDirectory = "/home/${osConfig.user.userName}";
home.stateVersion = "24.11";
imports = [
inputs.walker.homeManagerModules.default
inputs.noctalia.homeModules.default
./../../modules
./../../home
];
# Let Home Manager install and manage itself.
programs.home-manager.enable = true;
}

74
options.nix → hosts/marty-thinkpad/options.nix
View file

@ -6,9 +6,6 @@
}:
{
options = {
};
config = {
user = {
userName = "marty";
@ -18,6 +15,7 @@
timezone = "Europe/Berlin";
language = "en_GB.UTF-8";
locale = "de_DE.UTF-8";
hostname = "marty-thinkpad";
};
apps = {
audio = {
@ -25,26 +23,54 @@
media.enable = true;
editing.enable = true;
};
video = {
base.enable = true;
media.enable = true;
editing.enable = true;
development = {
editor = {
vscodium.enable = true;
emacs.enable = true;
default = "vscodium";
};
languages = {
python.enable = true;
};
godot.enable = true;
};
gaming = {
enable = true;
steam.enable = true;
minecraft.enable = true;
};
image = {
base.enable = true;
editing.enable = true;
};
gaming = {
steam.enable = true;
internet = {
browsers = {
zen-browser.enable = true;
tor-browser.enable = true;
default = "zen";
};
terminal = {
kitty = {
mail = {
enable = true;
providers = {
protonmail.enable = true;
};
default = "kitty";
toys = true;
};
};
messaging = {
signal.enable = true;
element = {
enable = true;
selfhosted = true;
};
};
misc = {
obsidian.enable = true;
bitwarden.enable = true;
blender.enable = true;
};
sync = {
kde-connect.enable = true;
nextcloud.enable = true;
syncthing = {
devices = {
marty-pc = {
@ -74,11 +100,26 @@
};
};
};
terminal = {
kitty = {
enable = true;
};
default = "kitty";
tui = {
ranger.enable = true;
};
toys = true;
};
video = {
base.enable = true;
media.enable = true;
editing.enable = true;
};
};
desktop = {
window-managers = {
hyprland = {
enable = true;
enable = false;
};
niri = {
enable = true;
@ -107,5 +148,10 @@
};
};
};
server = {
synapse = {
subdomain = "yap";
};
};
};
}

1
modules/apps/audio/default.nix
View file

@ -24,6 +24,7 @@
[
pavucontrol
playerctl
streamrip
]
else
[ ]

2
modules/apps/default.nix
View file

@ -11,6 +11,8 @@
./development
./gaming
./image
./internet
./messaging
./misc
./peripherals
./video

12
modules/apps/development/editor.nix
View file

@ -7,7 +7,7 @@
{
options = {
development = {
apps.development = {
editor = {
vscodium.enable = lib.mkEnableOption "enable vscodium";
emacs.enable = lib.mkEnableOption "enable emacs";
@ -25,15 +25,15 @@
[
nixfmt
]
++ (if config.development.editor.vscodium.enable then [ vscodium ] else [ ]);
++ (if config.apps.development.editor.vscodium.enable then [ vscodium ] else [ ]);
programs = {
vscode =
if config.development.editor.vscodium.enable then
if config.apps.development.editor.vscodium.enable then
{
enable = true;
package = pkgs.vscodium;
defaultEditor = if (config.development.editor.default == "vscodium") then true else false;
defaultEditor = if (config.apps.development.editor.default == "vscodium") then true else false;
# profiles.default.extensions = with pkgs.vscode-extensions; [
# catppuccin.catppuccin-vsc
# catppuccin.catppuccin-vsc-icons
@ -51,11 +51,11 @@
};
services = {
emacs =
if config.development.editor.emacs.enable then
if config.apps.development.editor.emacs.enable then
{
enable = true;
install = true;
defaultEditor = if (config.development.editor.default == "emacs") then true else false;
defaultEditor = if (config.apps.development.editor.default == "emacs") then true else false;
}
else
{ };

21
modules/apps/internet/browser.nix
View file

@ -2,6 +2,7 @@
config,
lib,
pkgs,
inputs,
...
}:
@ -10,13 +11,25 @@
apps.internet.browsers = {
zen-browser = {
enable = lib.mkEnableOption "enable zen browser";
package = inputs.zen-browser.packages.${pkgs.stdenv.hostPlatform.system}.default;
binary = "${config.apps.internet.browsers.zen-browser.package}/bin/zen";
package = lib.mkOption {
default = inputs.zen-browser.packages.${pkgs.stdenv.hostPlatform.system}.default;
description = "zen browser package";
};
binary = lib.mkOption {
default = "${config.apps.internet.browsers.zen-browser.package}/bin/zen";
description = "zen browser binary";
};
};
tor-browser = {
enable = lib.mkEnableOption "enable tor browser";
package = pkgs.tor-browser;
binary = "${config.apps.internet.browsers.tor-browser.package}/bin/tor-browser";
package = lib.mkOption {
default = pkgs.tor-browser;
description = "zen browser package";
};
binary = lib.mkOption {
default = "${config.apps.internet.browsers.tor-browser.package}/bin/tor-browser";
description = "zen browser binary";
};
};
default = lib.mkOption {
default = "zen";

35
modules/apps/internet/mail.nix Normal file
View file

@ -0,0 +1,35 @@
{
config,
lib,
pkgs,
...
}:
{
options = {
apps.internet = {
mail.enable = lib.mkEnableOption "enable e-mail";
mail.providers.protonmail.enable = lib.mkEnableOption "enable protonmail";
};
};
config = {
programs = {
thunderbird =
if config.apps.internet.mail.enable then
{
enable = true;
}
else
{ };
};
services = {
protonmail-bridge =
if config.apps.internet.mail.providers.protonmail.enable then
{
enable = true;
}
else
{ };
};
};
}

26
modules/apps/messaging/default.nix Normal file
View file

@ -0,0 +1,26 @@
{
config,
lib,
pkgs,
inputs,
...
}:
{
options = {
apps.messaging = {
signal.enable = lib.mkEnableOption "enable signal";
element = {
enable = lib.mkEnableOption "enable element";
selfhosted = lib.mkEnableOption "selfhosted matrix server?";
};
};
};
config = {
environment.systemPackages =
with pkgs;
[ ]
++ (if config.apps.messaging.element.enable then [ element-desktop ] else [ ])
++ (if config.apps.messaging.signal.enable then [ signal-desktop ] else [ ]);
};
}

6
modules/apps/misc/default.nix
View file

@ -33,11 +33,13 @@
++ (
if (config.apps.misc.bitwarden.enable) then
[ rbw ]
[
rbw
pinentry-curses
]
++ (
if (config.desktop.shell.rofi.enable) then
[
pinentry-curses
rofi-rbw
]
else

14
modules/apps/sync/default.nix
View file

@ -12,6 +12,9 @@
kde-connect = {
enable = lib.mkEnableOption "enable kde-connect";
};
nextcloud = {
enable = lib.mkEnableOption "enable nextcloud client";
};
syncthing = {
enable = lib.mkEnableOption "enable syncthing";
devices = lib.mkOption {
@ -30,6 +33,17 @@
};
};
config = {
environment.systemPackages =
with pkgs;
[ ]
++ (
if config.apps.sync.nextcloud.enable then
[
nextcloud-client
]
else
[ ]
);
programs = {
kdeconnect =
if config.apps.sync.kde-connect.enable then

12
modules/apps/terminal/kitty.nix
View file

@ -14,14 +14,10 @@
};
config = {
# apps.terminal =
# if (config.apps.terminal.default == "kitty") then
# {
# package = pkgs.kitty;
# binary = "${pkgs.kitty}/bin/kitty";
# }
# else
# { };
apps.terminal = {
package = pkgs.kitty;
binary = "${pkgs.kitty}/bin/kitty";
};
environment.systemPackages =
with pkgs;
[ ]

5
modules/apps/video/default.nix
View file

@ -22,7 +22,10 @@
++ (
if config.apps.video.base.enable then
[ mpv ]
[
mpv
yt-dlp
]
else
[ ]
)

1
modules/default.nix
View file

@ -9,6 +9,7 @@
imports = [
./apps
./desktop
./server
./system
./user
];

22
modules/desktop/display-manager.nix
View file

@ -29,36 +29,36 @@
};
programs = {
uwsm = {
waylandCompositors = {
hyprland =
enable = true;
waylandCompositors =
if config.desktop.window-managers.hyprland.enable then
{
hyprland = {
prettyName = "Hyprland";
comment = "Hyprland";
binPath = "${config.programs.hyprland.package}/bin/start-hyprland";
};
}
else
{ };
sway =
if config.desktop.window-managers.sway.enable then
else if config.desktop.window-managers.sway.enable then
{
sway = {
prettyName = "Sway";
comment = "Sway";
binPath = "${config.programs.sway.package}/bin/sway --session";
};
}
else
{ };
niri =
if config.desktop.window-managers.niri.enable then
else if config.desktop.window-managers.niri.enable then
{
niri = {
prettyName = "Niri";
comment = "Niri";
binPath = "${config.programs.niri.package}/bin/niri-session";
};
}
else
{ };
};
};
};
xdg.portal.enable = true;
}

4
modules/desktop/window-managers/default.nix
View file

@ -29,6 +29,10 @@
default = "E";
description = "editor hotkey";
};
close-window = lib.mkOption {
default = "Q";
description = "close window hotkey";
};
};
};
};

2
modules/desktop/window-managers/sway.nix
View file

@ -19,7 +19,7 @@
{
enable = true;
wrapperFeatures.gtk = true;
package = null;
package = pkgs.swayfx;
}
else
{ };

14
modules/server/arr/default.nix
View file

@ -42,13 +42,13 @@
default = 8088;
};
password = lib.mkOption {
default = "EO3HgIK+QJNQN53efrF6zQ==:Ju6k++dsM4pLLgYjP9sLbUWOiNuQMrUH/g6QArdtKXzYisuzaR+XeJL4hEC9Zo3ekVa8EVnPnQu/mJoHxxkLOA==";
}
default = "";
};
};
};
};
config = {
config.server.arr = lib.mkIf config.server.arr.enable {
server.arr = lib.mkIf config.server.arr.enable {
prowlarr.enable = lib.mkDefault true;
radarr.enable = lib.mkDefault true;
sonarr.enable = lib.mkDefault true;
@ -58,28 +58,28 @@
services = {
prowlarr = lib.mkIf config.server.arr.prowlarr.enable {
enable = true;
server = {
settings.server = {
bindaddress = "0.0.0.0";
port = config.server.arr.prowlarr.port;
};
};
radarr = lib.mkIf config.server.arr.radarr.enable {
enable = true;
server = {
settings.server = {
bindaddress = "0.0.0.0";
port = config.server.arr.radarr.port;
};
};
sonarr = lib.mkIf config.server.arr.sonarr.enable {
enable = true;
server = {
settings.server = {
bindaddress = "0.0.0.0";
port = config.server.arr.sonarr.port;
};
};
lidarr = lib.mkIf config.server.arr.lidarr.enable {
enable = true;
server = {
settings.server = {
bindaddress = "0.0.0.0";
port = config.server.arr.lidarr.port;
};

13
modules/server/cloud/default.nix Normal file
View file

@ -0,0 +1,13 @@
{
config,
lib,
pkgs,
...
}:
{
imports = [
./immich.nix
./nextcloud.nix
];
}

70
modules/server/cloud/immich.nix Normal file
View file

@ -0,0 +1,70 @@
{
config,
lib,
pkgs,
...
}:
{
options = {
server.cloud.immich = {
enable = lib.mkEnableOption "enable immich";
port = lib.mkOption {
default = 2283;
description = "immich port";
};
public = lib.mkEnableOption "public immich";
subdomain = lib.mkOption {
default = "photos";
description = "immich subdomain";
};
};
};
config = {
users =
if config.server.cloud.immich.enable then
{
users.immich = {
isSystemUser = true;
createHome = true;
home = "/var/lib/immich";
group = "immich";
extraGroups = [
"video"
"render"
];
};
groups.immich = { };
}
else
{ };
services = {
immich = {
enable = config.server.cloud.immich.enable;
port = config.server.cloud.immich.port;
host = "127.0.0.1";
machine-learning = {
enable = true;
environment = {
MACHINE_LEARNING_MODEL_TTL = "600";
MACHINE_LEARNING_REQUEST_THREADS = "4";
MACHINE_LEARNING_MODEL_INTER_OP_THREADS = "2";
};
};
};
nginx =
if config.server.cloud.immich.enable && config.server.cloud.immich.public then
{
virtualHosts."${config.server.cloud.immich.subdomain}.${config.networking.domain}" = {
enableACME = true;
forceSSL = true;
locations."/" = {
proxyPass = "http://127.0.0.1:${toString config.server.cloud.immich.port}";
};
};
}
else
{ };
};
};
}

93
modules/server/cloud/nextcloud.nix Normal file
View file

@ -0,0 +1,93 @@
{
config,
lib,
pkgs,
...
}:
{
options = {
server.cloud.nextcloud = {
enable = lib.mkEnableOption "enable nextcloud";
port = lib.mkOption {
default = 8009;
description = "nextcloud port";
};
public = lib.mkEnableOption "make nextcloud public";
subdomain = lib.mkOption {
default = "nextcloud";
description = "nextcloud subdomain";
};
};
};
config = {
services = {
nextcloud = {
enable = config.server.cloud.nextcloud.enable;
configureRedis = true;
package = pkgs.nextcloud33;
hostName = "nextcloud-net";
config = {
dbtype = "pgsql";
dbuser = "nextcloud";
dbhost = "/run/postgresql"; # nextcloud will add /.s.PGSQL.5432 by itself
dbname = "nextcloud";
adminpassFile = "/home/marty/secrets/nextcloud";
adminuser = "admin";
};
settings = {
trusted_proxies = [
"localhost"
"127.0.0.1"
"${config.server.cloud.nextcloud.subdomain}.${config.networking.domain}"
config.networking.hostName
];
trusted_domains = [
"${config.server.cloud.nextcloud.subdomain}.${config.networking.domain}"
config.networking.hostName
];
skeletondirectory = "";
preview_ffmpeg_path = "${pkgs.ffmpeg}/bin/ffmpeg";
log_type = "file";
logfile = "nextcloud.log";
loglevel = 0;
};
};
postgresql = {
enable = true;
ensureDatabases = [ "nextcloud" ];
ensureUsers = [
{
name = "nextcloud";
ensureDBOwnership = true;
}
];
};
nginx = {
virtualHosts = {
"nextcloud-net".listen = [
{
addr = "0.0.0.0";
port = config.server.cloud.nextcloud.port;
}
];
"${config.server.cloud.nextcloud.subdomain}.${config.networking.domain}" =
if config.server.cloud.nextcloud.public then
{
enableACME = true;
forceSSL = true;
locations."/" = {
proxyPass = "http://127.0.0.1:${toString config.server.cloud.nextcloud.port}";
};
}
else
{ };
};
};
};
systemd.services."nextcloud-setup" = {
requires = [ "postgresql.service" ];
after = [ "postgresql.service" ];
};
};
}

7
modules/server/default.nix
View file

@ -7,6 +7,11 @@
{
imports = [
./docker
./arr
./cloud
./media
./misc
./social
./nginx.nix
];
}

14
modules/server/docker/default.nix
View file

@ -1,14 +0,0 @@
{
config,
lib,
pkgs,
...
}:
{
programs = {
lazydocker = {
enable = true;
};
};
}

13
modules/server/media/default.nix Normal file
View file

@ -0,0 +1,13 @@
{
config,
lib,
pkgs,
...
}:
{
imports = [
./jellyfin.nix
./navidrome.nix
];
}

35
modules/server/media/jellyfin.nix
View file

@ -11,48 +11,51 @@
enable = lib.mkEnableOption "enable jelyfin";
port = lib.mkOption {
default = 8096;
description = "set jellyfin port"
description = "set jellyfin port";
};
public = {
enable = lib.mkEnableOption "make jellyfin public";
public = lib.mkEnableOption "make jellyfin public";
subdomain = lib.mkOption {
default = "watch";
description = "set jellyfin subdomain";
};
};
};
jellyseer = {
enable = lib.mkEnableOption "enable jellyseer";
port = lib.mkOption {
default = 8097;
description = "set jellyseer port"
description = "set jellyseer port";
};
public = {
enable = lib.mkEnableOption "make jellyseer public";
public = lib.mkEnableOption "make jellyseer public";
subdomain = lib.mkOption {
default = "jellyseer";
description = "set jellyseer subdomain";
};
};
};
};
config = {
environment.systemPackages = config.server.jellyfin.enable [
environment.systemPackages =
[ ]
++ (
if config.server.jellyfin.enable then
[
pkgs.jellyfin
pkgs.jellyfin-web
pkgs.jellyfin-ffmpeg
];
]
else
[ ]
);
services = {
jellyfin = lib.mkIf config.server.jellyfin.enable {
enable = true;
};
jellyseer = lib.mkIf config.server-jellyseer.enable {
seerr = lib.mkIf config.server.jellyseer.enable {
enable = true;
};
nginx.virtualHosts = {
"${config.server.jellyfin.public.subdomain}.${config.domain}" =
lib.mkIf config.server.jellyfin.public.enable
"${config.server.jellyfin.subdomain}.${config.networking.domain}" =
lib.mkIf config.server.jellyfin.public
{
enableACME = true;
forceSSL = true;
@ -60,7 +63,9 @@
proxyPass = "http://127.0.0.1:${config.server.jellyfin.port}";
};
};
"${config.server.jellyseer.public.subdomain}.${config.domain}" = lib.mkIf config.server.jellyfin.public.enable {
"${config.server.jellyseer.subdomain}.${config.networking.domain}" =
lib.mkIf config.server.jellyfin.public
{
enableACME = true;
forceSSL = true;
locations."/" = {
@ -70,6 +75,4 @@
};
};
};
};
};
}

66
modules/server/media/navidrome.nix Normal file
View file

@ -0,0 +1,66 @@
{
config,
lib,
pkgs,
...
}:
{
options = {
server.media.navidrome = {
enable = lib.mkEnableOption "enable navidrome";
port = lib.mkOption {
default = 4533;
description = "navidrome port";
};
public = lib.mkEnableOption "make navidrome public";
subdomain = lib.mkOption {
default = "music";
description = "navidrome subdomain";
};
};
};
config = {
services = {
navidrome = {
enable = config.server.media.navidrome.enable;
user = config.user.userName;
group = "users";
settings = {
Address = "0.0.0.0";
Port = config.server.media.navidrome.port;
MusicFolder = "/mnt/Data/Media/Music";
Agents = "lastfm";
AlbumPlayCountMode = "normalized";
EnableDownloads = true;
EnableFavourites = true;
EnableNowPlaying = true;
EnableStarRating = true;
EnableUserEditing = true;
LastFM.Enabled = true;
LastFM.Language = "en";
LastFM.ScrobbleFirstArtistOnly = false;
ListenBrainz.Enabled = true;
Scanner.Enabled = true;
Scanner.Schedule = "1h";
Subsonic.ArtistParticipations = true;
};
};
nginx = {
virtualHosts = {
"${config.server.media.navidrome.subdomain}.${config.networking.domain}" =
if config.server.media.navidrome.public then
{
enableACME = true;
forceSSL = true;
locations."/" = {
proxyPass = "http://127.0.0.1:${toString config.server.media.navidrome.port}";
};
}
else
{ };
};
};
};
};
}

34
modules/server/misc/dawarich.nix Normal file
View file

@ -0,0 +1,34 @@
{
config,
lib,
pkgs,
...
}:
{
options = {
server.misc.dawarich = {
enable = lib.mkEnableOption "enable dawarich";
port = lib.mkOption {
default = 2975;
description = "dawarich port";
};
public = lib.mkEnableOption "make dawarich public";
subdomain = lib.mkOption {
default = "dawarich";
description = "dawarich subdomain";
};
};
};
config = {
services.dawarich = {
enable = config.server.misc.dawarich.enable;
webPort = config.server.misc.dawarich.port;
localDomain =
if config.server.misc.dawarich.public then
"${config.server.misc.dawarich.subdomain}.${config.networking.domain}"
else
config.networking.hostName;
};
};
}

14
modules/server/misc/default.nix Normal file
View file

@ -0,0 +1,14 @@
{
config,
lib,
pkgs,
...
}:
{
imports = [
./dawarich.nix
./forgejo.nix
./lauti.nix
];
}

72
modules/server/misc/forgejo.nix Normal file
View file

@ -0,0 +1,72 @@
{
config,
lib,
pkgs,
...
}:
{
options = {
server.misc.forgejo = {
enable = lib.mkEnableOption "enable forgejo";
port = lib.mkOption {
default = 2934;
description = "forgejo port";
};
public = lib.mkEnableOption "public forgejo";
subdomain = lib.mkOption {
default = "git";
description = "forgejo subdomain";
};
settings = {
app_name = lib.mkOption {
default = "${config.user.userName}'s code dump";
description = "forgejo app name";
};
app_slogan = lib.mkOption {
default = "if code could talk, mine would cry";
description = "forgejo app slogan";
};
};
};
};
config = {
services = {
forgejo = {
enable = config.server.misc.forgejo.enable;
database.type = "postgres";
settings = {
server = {
DOMAIN = "${config.server.misc.forgejo.subdomain}.${config.networking.domain}";
ROOT_URL = "https://${config.server.misc.forgejo.subdomain}.${config.networking.domain}";
HTTP_PORT = config.server.misc.forgejo.port;
};
DEFAULT = {
APP_NAME = config.server.misc.forgejo.settings.app_name;
APP_SLOGAN = config.server.misc.forgejo.settings.app_slogan;
};
REPOSITORY = {
ENABLE_PUSH_CREATE_USER = true;
ENABLE_PUSH_CREATE_ORG = true;
};
service.DISABLE_REGISTRATION = true;
};
};
nginx = {
virtualHosts = {
"${config.server.misc.forgejo.subdomain}.${config.networking.domain}" =
if config.server.misc.forgejo.public then
{
enableACME = true;
forceSSL = true;
locations."/" = {
proxyPass = "http://127.0.0.1:${toString config.server.misc.forgejo.port}";
};
}
else
{ };
};
};
};
};
}

54
modules/server/misc/lauti.nix Normal file
View file

@ -0,0 +1,54 @@
{
config,
lib,
pkgs,
...
}:
{
options = {
server.misc.lauti = {
enable = lib.mkEnableOption "enable lauti";
port = lib.mkOption {
default = 3333;
description = "lauti port";
};
public = lib.mkEnableOption "make lauti public";
subdomain = lib.mkOption {
default = "lauti";
description = "lauti subdomain";
};
};
};
config = {
services = {
lauti = {
enable = config.server.misc.lauti.enable;
settings = {
LAUTI_ADMIN_EMAIL = "lauti@${config.networking.domain}";
LAUTI_BASE_URL = "https://${config.server.misc.lauti.subdomain}.${config.networking.domain}";
LAUTI_OSM_TILE_CACHE_DIR = "/var/lib/lauti/osm";
LAUTI_OSM_TILE_SERVER = "https://tile.openstreetmap.org/{z}/{x}/{y}.png";
LAUTI_TIMEZONE = "Europe/Berlin";
LAUTI_LANGUAGE = config.console.keyMap;
};
secrets = [ /home/${config.user.userName}/secrets/lauti ];
};
nginx = {
virtualHosts = {
"${config.server.misc.lauti.subdomain}.${config.networking.domain}" =
if config.server.misc.lauti.public then
{
enableACME = true;
forceSSL = true;
locations."/" = {
proxyPass = "http://127.0.0.1:${toString config.server.misc.lauti.port}";
};
}
else
{ };
};
};
};
};
}

16
modules/server/nginx.nix
View file

@ -6,20 +6,6 @@
}:
{
options = {
domain = lib.mkOption {
default = "marty.tf";
description = "set domain name";
};
email = lib.mkOption {
default = "${config.user.userName}@${config.domain}";
description = "set email";
};
nginx = {
};
};
config = {
users = {
users = {
@ -50,7 +36,7 @@
security = {
acme = {
acceptTerms = true;
defaults.email = config.email;
defaults.email = config.user.email;
};
};
};

13
modules/server/social/default.nix Normal file
View file

@ -0,0 +1,13 @@
{
config,
lib,
pkgs,
...
}:
{
imports = [
./gotosocial.nix
./synapse.nix
];
}

64
modules/server/social/gotosocial.nix Normal file
View file

@ -0,0 +1,64 @@
{
config,
pkgs,
inputs,
lib,
...
}:
{
options = {
server.social.gotosocial = {
enable = lib.mkEnableOption "enable gotosocial";
port = lib.mkOption {
default = 8008;
description = "gotosocial port";
};
public = lib.mkOption {
default = true;
description = "public gotosocial";
};
subdomain = lib.mkOption {
default = "fedi";
description = "gotosocial subdomain";
};
};
};
config = {
services = {
gotosocial = {
enable = config.server.social.gotosocial.enable;
settings = {
application_name = "The Martyverse";
host = "${config.server.social.gotosocial.subdomain}.${config.networking.domain}";
bind-address = "127.0.0.1";
port = config.server.social.gotosocial.port;
protocol = "https";
landing-page-user = "${config.user.userName}";
db-address = "/home/${config.user.userName}/gotosocial/storage/sqlite.db";
storage-local-base-path = "/home/${config.user.userName}/gotosocial/storage";
db-type = "sqlite";
accounts-allow-custom-css = true;
accounts-registration-open = true;
accounts-reason-required = true;
accounts-registration-backlog-limit = 20;
};
};
nginx = {
virtualHosts = {
"${config.server.social.gotosocial.subdomain}.${config.networking.domain}" =
if config.server.social.gotosocial.public && config.server.social.gotosocial.enable then
{
enableACME = true;
forceSSL = true;
locations."/" = {
proxyPass = "http://127.0.0.1:${toString config.server.social.gotosocial.port}";
proxyWebsockets = true;
};
}
else
{ };
};
};
};
};
}

117
modules/server/social/synapse.nix Normal file
View file

@ -0,0 +1,117 @@
{
config,
lib,
pkgs,
...
}:
let
fqdn = "${config.server.synapse.subdomain}.${config.networking.domain}";
baseUrl = "https://${fqdn}";
clientConfig."m.homeserver".base_url = baseUrl;
serverConfig."m.server" = "${fqdn}:443";
mkWellKnown = data: ''
default_type application/json;
add_header Access-Control-Allow-Origin *;
return 200 '${builtins.toJSON data}';
'';
in
{
options = {
server.synapse = {
enable = lib.mkEnableOption "enable synapse";
subdomain = lib.mkOption {
default = "yap";
description = "synapse subdomain";
};
port = lib.mkOption {
default = 8008;
description = "synapse port";
};
};
};
config = {
services =
if config.server.synapse.enable then
{
postgresql.enable = true;
matrix-synapse = {
enable = true;
configureRedisLocally = true;
extras = [
"cache-memory" # Provide statistics about caching memory consumption
"jwt" # JSON Web Token authentication
"oidc" # OpenID Connect authentication
"postgres" # PostgreSQL database backend
"redis" # Redis support for the replication stream between worker processes
#"saml2" # SAML2 authentication
"sentry" # Error tracking and performance metrics
"systemd" # Provide the JournalHandler used in the default log_config
"url-preview" # Support for oEmbed URL previews
];
settings = {
url_preview_enabled = true;
server_name = "${config.networking.domain}";
public_baseurl = baseUrl;
media_store_path = "/mnt/Data/Matrix/Media";
max_upload_size = "10G";
enable_registration = false;
registration_shared_secret = "";
generic = {
enabled = true;
outbound = true;
urlPrefix = "https://https://yap.marty.tf/webhooks/";
allowJsTransformationFunctions = false;
waitForComplete = false;
enableHttpGet = false;
};
listeners = [
{
port = config.server.synapse.port;
bind_addresses = [ "127.0.0.1" ];
type = "http";
tls = false;
x_forwarded = true;
resources = [
{
names = [
"client"
"federation"
];
compress = true;
}
];
}
];
};
};
nginx = {
virtualHosts = {
"${config.networking.domain}" = {
enableACME = true;
forceSSL = true;
locations."= /.well-known/matrix/server".extraConfig = mkWellKnown serverConfig;
locations."= /.well-known/matrix/client".extraConfig = mkWellKnown clientConfig;
};
"${config.server.synapse.subdomain}.${config.networking.domain}" = {
enableACME = true;
forceSSL = true;
locations = {
"~ ^(/_matrix|/_synapse/client|/)" = {
proxyPass = "http://127.0.0.1:${toString config.server.synapse.port}";
proxyWebsockets = true;
extraConfig =
"proxy_set_header X-Forwarded-For $remote_addr;"
+ "proxy_set_header X-Forwarded-Proto $scheme;"
+ "proxy_set_header Host $host:$server_port;";
};
};
};
};
};
}
else
{ };
};
}

13
modules/system/bluetooth.nix Normal file
View file

@ -0,0 +1,13 @@
{
config,
lib,
pkgs,
...
}:
{
environment.systemPackages = with pkgs; [
bluez
bluetuith
];
}

3
modules/system/default.nix
View file

@ -7,12 +7,13 @@
{
imports = [
./bluetooth.nix
./boot.nix
./git.nix
./shell.nix
./networking.nix
./localization.nix
./fira-code.nix
./fonts.nix
./nixos-cli.nix
./ssh.nix
];

0
modules/system/fira-code.nix → modules/system/fonts.nix
View file

21
modules/system/networking.nix
View file

@ -1,8 +1,21 @@
{ config, pkgs, ... }:
{
config,
pkgs,
lib,
...
}:
{
options = {
system.hostname = lib.mkOption {
default = "${config.user.userName}-device";
description = "hostname";
};
};
config = {
networking = {
domain = "maty.tf";
domain = "marty.tf";
hostName = config.system.hostname;
networkmanager.enable = true;
firewall = {
enable = true;
@ -39,4 +52,8 @@
};
};
};
environment.systemPackages = with pkgs; [
oniux
];
};
}