From a5b9c56276a0e971d86f2d1bbdcecf5ec7e6224c Mon Sep 17 00:00:00 2001 From: Ahwx Date: Mon, 24 Feb 2025 13:59:33 +0100 Subject: [PATCH 01/34] chore: cleanup old code --- modules/services/nextcloud.nix | 41 ---------------------------------- 1 file changed, 41 deletions(-) delete mode 100644 modules/services/nextcloud.nix diff --git a/modules/services/nextcloud.nix b/modules/services/nextcloud.nix deleted file mode 100644 index 959f9ad..0000000 --- a/modules/services/nextcloud.nix +++ /dev/null @@ -1,41 +0,0 @@ -{ lib, config, ... }: -{ - security.acme = { - acceptTerms = true; - preliminarySelfsigned = false; - # defaults.email = config.security.acme.defaults.email; - }; - - services.nextcloud = { - enable = true; - home = "/var/nextcloud/home"; - https = true; - configureRedis = false; # caching - maxUploadSize = "10G"; - hostName = "cloud.liv.town"; - - config = { - adminuser = "liv"; - adminpassFile = "/var/nextcloud/AdminPass"; - }; - - settings = { - trusted_domains = [ - "cloud.liv.town" - ]; - enabledPreviewProviders = [ - "OC\\Preview\\BMP" - "OC\\Preview\\GIF" - "OC\\Preview\\JPEG" - "OC\\Preview\\Krita" - "OC\\Preview\\MarkDown" - "OC\\Preview\\MP3" - "OC\\Preview\\OpenDocument" - "OC\\Preview\\PNG" - "OC\\Preview\\TXT" - "OC\\Preview\\XBitmap" - "OC\\Preview\\HEIC" - ]; - }; - }; -} From 2a771587a69284a65a08caab0d665f6aefff005f Mon Sep 17 00:00:00 2001 From: Ahwx Date: Wed, 26 Feb 2025 23:42:37 +0100 Subject: [PATCH 02/34] chore: remove some legacy commented out code --- modules/core/hardware.nix | 2 -- 1 file changed, 2 deletions(-) diff --git a/modules/core/hardware.nix b/modules/core/hardware.nix index 036f833..c727176 100644 --- a/modules/core/hardware.nix +++ b/modules/core/hardware.nix @@ -3,8 +3,6 @@ hardware = { graphics = { enable = true; - # driSupport = true; # Has no effect anymore, as of 2024-06-21 - # driSupport32Bit = true; }; enableRedistributableFirmware = true; opengl = { From 9f7542a5ab64479f12ab1cce6c32e885189da1a5 Mon Sep 17 00:00:00 2001 From: Ahwx Date: Sat, 1 Mar 2025 23:16:21 +0100 Subject: [PATCH 03/34] fix: missed a semicollon so nginx didn't work --- modules/services/nginx.nix | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/modules/services/nginx.nix b/modules/services/nginx.nix index 982072a..bef0680 100644 --- a/modules/services/nginx.nix +++ b/modules/services/nginx.nix @@ -44,10 +44,9 @@ # # proxy_cookie_path / "/; secure; HttpOnly; SameSite=strict"; # Most important headers - add_header meow "nya!"; - add_header matrix "https://matrix.to/#/@liv:liv.town" + add_header meow "nyaa"; + add_header matrix "@liv:liv.town"; add_header pronouns "any but neopronouns"; - add_header gender "maybe"; add_header locale "[en_US, nl_NL]"; ''; }; From 840a4679bb8d74762e179ec4feff465fb5a00f32 Mon Sep 17 00:00:00 2001 From: Ahwx Date: Sat, 1 Mar 2025 23:16:32 +0100 Subject: [PATCH 04/34] feat: adds headers so quack might work better; adds nepenthis --- modules/services/sharkey-proxy.nix | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/modules/services/sharkey-proxy.nix b/modules/services/sharkey-proxy.nix index b06dcc4..dff4f9d 100644 --- a/modules/services/sharkey-proxy.nix +++ b/modules/services/sharkey-proxy.nix @@ -7,6 +7,22 @@ locations."/" = { proxyPass = "http://localhost:3000"; proxyWebsockets = true; + extraConfig = '' + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-Proto https; + proxy_set_header X-Forwarded-For $remote_addr; + proxy_set_header X-Forwarded-Host $remote_addr; + ''; + }; + locations."/wiki/" = { + # Nepenthis + proxyPass = "http://localhost:8893"; + extraConfig = '' + proxy_set_header X-Prefix '/wiki'; + proxy_set_header X-Forwarded-For $remote_addr; + proxy_buffering off; + ''; }; }; }; From 3fbc341b84970fe8321ce1322a4003152a7b9b3a Mon Sep 17 00:00:00 2001 From: Ahwx Date: Mon, 3 Mar 2025 13:19:18 +0100 Subject: [PATCH 05/34] chore: move to other wireguard instance --- modules/core/wireguard.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/modules/core/wireguard.nix b/modules/core/wireguard.nix index 7ca3965..efcbb09 100644 --- a/modules/core/wireguard.nix +++ b/modules/core/wireguard.nix @@ -2,15 +2,15 @@ { networking.wg-quick.interfaces = { wg0 = { - address = [ "10.7.0.2/24" "fddd:2c4:2c4:2c4::2/64" ]; + address = [ "10.7.0.4/24" ]; dns = [ "9.9.9.9" "149.112.112.112" ]; privateKeyFile = "/root/wireguard-keys/privatekey"; peers = [{ - publicKey = "GfrFhe2JV8FS/711WAdx6CLF/QIEj1KoOGP/ErxBHkg="; + publicKey = "uE40chWhiPpnNHcgnLhMfOUfzotS6hK+dWwI1sIFcUw="; presharedKeyFile = "/root/wireguard-keys/preshared_from_peer0_key"; allowedIPs = [ "0.0.0.0/0" "::/0" ]; - endpoint = "57.129.46.171:51820"; + endpoint = "213.210.34.27:58192"; persistentKeepalive = 25; }]; }; From 99ac38374054fcaecd76b769b5eab854998b54a6 Mon Sep 17 00:00:00 2001 From: Ahwx Date: Mon, 3 Mar 2025 13:19:53 +0100 Subject: [PATCH 06/34] feat: adds more proxy headers for sharkey to hopefully fix the issue with timeouts --- modules/services/sharkey-proxy.nix | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/modules/services/sharkey-proxy.nix b/modules/services/sharkey-proxy.nix index dff4f9d..d81bb23 100644 --- a/modules/services/sharkey-proxy.nix +++ b/modules/services/sharkey-proxy.nix @@ -20,7 +20,11 @@ proxyPass = "http://localhost:8893"; extraConfig = '' proxy_set_header X-Prefix '/wiki'; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-Proto https; proxy_set_header X-Forwarded-For $remote_addr; + proxy_set_header X-Forwarded-Host $remote_addr; proxy_buffering off; ''; }; From 3f45fc330ae22d33100da1d47b899a1b987f67a7 Mon Sep 17 00:00:00 2001 From: Ahwx Date: Wed, 5 Mar 2025 16:42:01 +0100 Subject: [PATCH 07/34] fix: apparently this is the correct setting, we'll see if it helps --- modules/services/sharkey-proxy.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/services/sharkey-proxy.nix b/modules/services/sharkey-proxy.nix index d81bb23..1fed4ce 100644 --- a/modules/services/sharkey-proxy.nix +++ b/modules/services/sharkey-proxy.nix @@ -11,7 +11,7 @@ proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-Proto https; - proxy_set_header X-Forwarded-For $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Host $remote_addr; ''; }; From 2907300f6c313084a4211166add94e46c949351c Mon Sep 17 00:00:00 2001 From: Ahwx Date: Tue, 18 Mar 2025 11:36:23 +0100 Subject: [PATCH 08/34] fix: cursor, hopefully; feat: adds shortcuts for qutebrowser/ungoogled-chromium --- modules/home/hyprland/config.nix | 24 +++++++++++++----------- 1 file changed, 13 insertions(+), 11 deletions(-) diff --git a/modules/home/hyprland/config.nix b/modules/home/hyprland/config.nix index 1e559df..2758c9b 100644 --- a/modules/home/hyprland/config.nix +++ b/modules/home/hyprland/config.nix @@ -28,18 +28,18 @@ color = "black"; }; }; - # cursorTheme = { - # name = "Bibata-Modern-Ice"; - # package = pkgs.bibata-cursors; - # size = 24; - # }; + cursorTheme = { + name = "Bibata-Modern-Ice"; + package = pkgs.bibata-cursors; + size = 24; + }; }; - # home.pointerCursor = { - # name = "Bibata-Modern-Ice"; - # package = pkgs.bibata-cursors; - # size = 24; - # }; + home.pointerCursor = { + name = "Bibata-Modern-Ice"; + package = pkgs.bibata-cursors; + size = 24; + }; # gtk = { # enable = true; @@ -84,7 +84,7 @@ source = "~/nixos-config/modules/home/hyprland/displays.conf"; "debug:disable_scale_checks" = true; - monitor = "eDP-1, 2256x1504@60, 0x0, 1.5"; + monitor = "eDP-1, 2256x1504@60, 0x0, 1.5"; # this works as I only have one computer using eDP-1 as a display, I could also add LVDS or DP-1 since that'd also be machine-specific. # autostart exec-once = [ @@ -227,6 +227,8 @@ "$mainMod SHIFT, V, exec, cliphist list | bemenu -l 5 --ignorecase | cliphist decode | wl-copy" "$mainMod SHIFT, F, exec, librewolf" + "$mainMod SHIFT, C, exec, chromium" + "$mainMod SHIFT, Q, exec, qutebrowser" "$mainMod SHIFT, W, exec, wdisplays" "$mainMod SHIFT, T, exec, thunderbird" "$mainMod SHIFT, E, exec, element-desktop" From cad1185c81a1bb199a86b6f4100d2c51fcb54ce8 Mon Sep 17 00:00:00 2001 From: Ahwx Date: Tue, 18 Mar 2025 11:36:30 +0100 Subject: [PATCH 09/34] feat: adds qutebrowser --- modules/home/packages.nix | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/modules/home/packages.nix b/modules/home/packages.nix index 783fb4d..8165cad 100644 --- a/modules/home/packages.nix +++ b/modules/home/packages.nix @@ -61,8 +61,9 @@ anki-bin obs-studio wdisplays - librewolf - ungoogled-chromium + librewolf # main + ungoogled-chromium # for things that don't work with librewolf + qutebrowser # focus nsxiv libreoffice xfce.thunar From a1d5447787668f381bf97ad5fbac8aaf20e399e6 Mon Sep 17 00:00:00 2001 From: Ahwx Date: Tue, 18 Mar 2025 18:05:52 +0100 Subject: [PATCH 10/34] chore: comply with *yet another* hyprland change --- modules/home/hyprland/config.nix | 1 - 1 file changed, 1 deletion(-) diff --git a/modules/home/hyprland/config.nix b/modules/home/hyprland/config.nix index 2758c9b..344db6c 100644 --- a/modules/home/hyprland/config.nix +++ b/modules/home/hyprland/config.nix @@ -124,7 +124,6 @@ border_size = 2; "col.active_border" = "rgb(cda5ef) rgb(cda5ef) 45deg"; "col.inactive_border" = "0x00000000"; - border_part_of_window = false; no_border_on_floating = false; }; From e656ae52e0f62d375f9763e2b6d9c8cb05eb1eb4 Mon Sep 17 00:00:00 2001 From: Ahwx Date: Thu, 20 Mar 2025 14:26:45 +0100 Subject: [PATCH 11/34] feat: adds server-specific components, rename violet-specifics to server specifics --- modules/core/user.nix | 4 +++- modules/home/{default.violet.nix => default.server.nix} | 2 +- modules/home/{packages.violet.nix => packages.server.nix} | 5 ----- 3 files changed, 4 insertions(+), 7 deletions(-) rename modules/home/{default.violet.nix => default.server.nix} (84%) rename modules/home/{packages.violet.nix => packages.server.nix} (92%) diff --git a/modules/core/user.nix b/modules/core/user.nix index 931b456..c2d0f06 100644 --- a/modules/core/user.nix +++ b/modules/core/user.nix @@ -10,7 +10,9 @@ if (host == "desktop") then [ ./../home/default.desktop.nix ] else if (host == "violet") then - [ ./../home/default.violet.nix ] + [ ./../home/default.server.nix ] + else if (host == "dandelion") then + [ ./../home/default.server.nix ] else if (host == "yoshino") then [ ./../home/default.yoshino.nix ] else [ ./../home ]; diff --git a/modules/home/default.violet.nix b/modules/home/default.server.nix similarity index 84% rename from modules/home/default.violet.nix rename to modules/home/default.server.nix index 357a630..54cdaab 100644 --- a/modules/home/default.violet.nix +++ b/modules/home/default.server.nix @@ -2,7 +2,7 @@ imports = [(import ./git.nix)] # version control ++ [(import ./nvim.nix)] # neovim editor - ++ [(import ./packages.violet.nix)] # other packages + ++ [(import ./packages.server.nix)] # other packages ++ [(import ./scripts/scripts.nix)] # personal scripts ++ [(import ./zsh.nix)] # shell ++ [(import ./tmux.nix)]; # terminal multiplexer diff --git a/modules/home/packages.violet.nix b/modules/home/packages.server.nix similarity index 92% rename from modules/home/packages.violet.nix rename to modules/home/packages.server.nix index 6516855..c743637 100644 --- a/modules/home/packages.violet.nix +++ b/modules/home/packages.server.nix @@ -14,11 +14,6 @@ ripgrep yt-dlp neofetch - yarn - - # C / C++ - gcc - gnumake # Python python3 From fe6e5d4c57daa4f56efaf518c3686918c69c59e7 Mon Sep 17 00:00:00 2001 From: Ahwx Date: Thu, 20 Mar 2025 14:27:04 +0100 Subject: [PATCH 12/34] feat: adds `dandelion` host --- hosts/dandelion/default.nix | 27 +++++++++++++++ hosts/dandelion/hardware-configuration.nix | 39 ++++++++++++++++++++++ 2 files changed, 66 insertions(+) create mode 100644 hosts/dandelion/default.nix create mode 100644 hosts/dandelion/hardware-configuration.nix diff --git a/hosts/dandelion/default.nix b/hosts/dandelion/default.nix new file mode 100644 index 0000000..9f60ae9 --- /dev/null +++ b/hosts/dandelion/default.nix @@ -0,0 +1,27 @@ +{ pkgs, config, ... }: +{ + imports = [ + ./hardware-configuration.nix + ./../../modules/core/default.dandelion.nix + ]; + + networking.hostName = "dandelion"; + + nixpkgs.config.permittedInsecurePackages = [ + "jitsi-meet-1.0.8043" + "olm-3.2.16" + ]; + + time.timeZone = "Europe/Amsterdam"; + + environment.systemPackages = with pkgs; [ + pkgs.kitty.terminfo + ]; + + boot = { + loader.systemd-boot = { + enable = true; + canTouchEfiVariables = true; + }; + }; +} diff --git a/hosts/dandelion/hardware-configuration.nix b/hosts/dandelion/hardware-configuration.nix new file mode 100644 index 0000000..6b43eb0 --- /dev/null +++ b/hosts/dandelion/hardware-configuration.nix @@ -0,0 +1,39 @@ +# Do not modify this file! It was generated by ‘nixos-generate-config’ +# and may be overwritten by future invocations. Please make changes +# to /etc/nixos/configuration.nix instead. +{ config, lib, pkgs, modulesPath, ... }: + +{ + imports = + [ (modulesPath + "/installer/scan/not-detected.nix") + ]; + + boot = { + initrd = { + availableKernelModules = [ "ahci" "xhci_pci" "uhci_pci" "usbhid" "usb_storage" "sd_mod" ]; + kernelModules = [ ]; + }; + kernelModules = [ "kvm-intel" ]; + extraModulePackages = [ ]; + }; + + fileSystems."/" = + { device = "/dev/disk/by-uuid/adb2894c-18f5-466a-b340-70b71b479f51"; + fsType = "ext4"; + }; + + fileSystems."/boot" = + { device = "/dev/disk/by-uuid/D8DA-9F5E"; + fsType = "vfat"; + options = [ "fmask=0077" "dmask=0077" ]; + }; + + swapDevices = [ ]; + + networking.useDHCP = lib.mkDefault true; + # networking.interfaces.eno1.useDHCP = lib.mkDefault true; + # networking.interfaces.eno2.useDHCP = lib.mkDefault true; + + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; + hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; +} From 817b9756f434dcca03b2075dd574ea494bcdbfcb Mon Sep 17 00:00:00 2001 From: Ahwx Date: Thu, 20 Mar 2025 14:28:57 +0100 Subject: [PATCH 13/34] feat: move to server-specific defaults --- hosts/dandelion/default.nix | 2 +- hosts/violet/default.nix | 2 +- modules/core/default.server.nix | 12 ++++++++++++ 3 files changed, 14 insertions(+), 2 deletions(-) create mode 100644 modules/core/default.server.nix diff --git a/hosts/dandelion/default.nix b/hosts/dandelion/default.nix index 9f60ae9..bb2c56c 100644 --- a/hosts/dandelion/default.nix +++ b/hosts/dandelion/default.nix @@ -2,7 +2,7 @@ { imports = [ ./hardware-configuration.nix - ./../../modules/core/default.dandelion.nix + ./../../modules/core/default.server.nix ]; networking.hostName = "dandelion"; diff --git a/hosts/violet/default.nix b/hosts/violet/default.nix index df62967..2d9b649 100644 --- a/hosts/violet/default.nix +++ b/hosts/violet/default.nix @@ -2,7 +2,7 @@ { imports = [ ./hardware-configuration.nix - ./../../modules/core/default.violet.nix + ./../../modules/core/default.server.nix ./../../modules/services/violet.nix ]; diff --git a/modules/core/default.server.nix b/modules/core/default.server.nix new file mode 100644 index 0000000..118f8a3 --- /dev/null +++ b/modules/core/default.server.nix @@ -0,0 +1,12 @@ +{ ... }: +{ + imports = + [(import ./hardware.nix)] + ++ [(import ./network.nix)] + ++ [(import ./program.nix)] + ++ [(import ./sshd.nix)] + ++ [(import ./security.nix)] + ++ [(import ./services.nix)] + ++ [(import ./system.nix)] + ++ [(import ./user.nix)]; +} From 46e111d9cff8b7310ddcd560b4756d402dc8899e Mon Sep 17 00:00:00 2001 From: Ahwx Date: Thu, 20 Mar 2025 14:32:11 +0100 Subject: [PATCH 14/34] feat: adds `dandelion` to readme; fix: typo --- README.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 2d255db..9f52045 100644 --- a/README.md +++ b/README.md @@ -44,8 +44,9 @@ - [hosts](hosts): per-host configurations that contain machine specific configurations - [desktop](hosts/yoshino/): Desktop (yoshino) specific configuration - [sakura](hosts/sakura/): Laptop (sakura) specific configuration - - [sakura](hosts/ichiyo/): Laptop (ichiyo) specific configuration + - [ichiyo](hosts/ichiyo/): Laptop (ichiyo) specific configuration - [violet](hosts/violet/): Server (violet) specific configuration + - [dandelion](hosts/dandelion/): Server (dandelion) specific configuration - [modules](modules): modularized NixOS configurations - [core](modules/core/): core NixOS configuration - [homes](modules/home/): my [Home-Manager](https://github.com/nix-community/home-manager) config From d21ace82b088bb6d85a7056ea4f41e40131dd6e0 Mon Sep 17 00:00:00 2001 From: Ahwx Date: Thu, 20 Mar 2025 14:32:30 +0100 Subject: [PATCH 15/34] feat: adds host `dandelion` to `flake.nix` --- flake.nix | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/flake.nix b/flake.nix index 9d79e92..8db7ef7 100644 --- a/flake.nix +++ b/flake.nix @@ -84,6 +84,14 @@ ]; specialArgs = { host="violet"; inherit self inputs username; }; }; + dandelion = nixpkgs.lib.nixosSystem { + inherit system; + modules = [ + (import ./hosts/dandelion) + agenix.nixosModules.default + ]; + specialArgs = { host="dandelion"; inherit self inputs username; }; + }; vm = nixpkgs.lib.nixosSystem { inherit system; From 6cc6a3b6c0cc0bca96e7b33e7f7d571f955ae917 Mon Sep 17 00:00:00 2001 From: Ahwx Date: Thu, 20 Mar 2025 14:34:53 +0100 Subject: [PATCH 16/34] fix: adds `efi` prefix so that nix can build :p --- hosts/dandelion/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hosts/dandelion/default.nix b/hosts/dandelion/default.nix index bb2c56c..de12750 100644 --- a/hosts/dandelion/default.nix +++ b/hosts/dandelion/default.nix @@ -21,7 +21,7 @@ boot = { loader.systemd-boot = { enable = true; - canTouchEfiVariables = true; + efi.canTouchEfiVariables = true; }; }; } From d52c3c9da207cf0f9311da497d4c978a9d4b33b3 Mon Sep 17 00:00:00 2001 From: Ahwx Date: Thu, 20 Mar 2025 14:38:20 +0100 Subject: [PATCH 17/34] fix: issue with `dandelion`, really this time? --- hosts/dandelion/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/hosts/dandelion/default.nix b/hosts/dandelion/default.nix index de12750..80bee25 100644 --- a/hosts/dandelion/default.nix +++ b/hosts/dandelion/default.nix @@ -19,8 +19,8 @@ ]; boot = { - loader.systemd-boot = { - enable = true; + loader = { + systemd-boot.enable = true; efi.canTouchEfiVariables = true; }; }; From 4fcf563b4b85c81b2a593d57d6ea7987126ba62c Mon Sep 17 00:00:00 2001 From: Ahwx Date: Sat, 22 Mar 2025 22:45:36 +0100 Subject: [PATCH 18/34] feat: adds system-wide variables --- variables.nix | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) create mode 100644 variables.nix diff --git a/variables.nix b/variables.nix new file mode 100644 index 0000000..3727a99 --- /dev/null +++ b/variables.nix @@ -0,0 +1,17 @@ +{ + lib, + config, + ... +}: let + inherit (lib) mkOption types; + inherit (config.liv) variables; +in { + options.liv.variables = { + primaryDomain = mkOption { + default = "liv.town"; + type = types.str; + readOnly = true; + description = "My primary domain"; + }; + }; +} From 018442bbc380afe8e46f66ddfd8896fd221bc3a2 Mon Sep 17 00:00:00 2001 From: Ahwx Date: Sat, 22 Mar 2025 22:46:18 +0100 Subject: [PATCH 19/34] feat: adds services for dandelion --- modules/services/dandelion.nix | 5 +++++ 1 file changed, 5 insertions(+) create mode 100644 modules/services/dandelion.nix diff --git a/modules/services/dandelion.nix b/modules/services/dandelion.nix new file mode 100644 index 0000000..cb31ebf --- /dev/null +++ b/modules/services/dandelion.nix @@ -0,0 +1,5 @@ +{ ... }: { + imports = + [(import ./docker.nix)] + ++ [(import ./scrutiny.nix)]; +} From cdf68775f8792e1c0980c9b177453087800b2574 Mon Sep 17 00:00:00 2001 From: Ahwx Date: Sat, 22 Mar 2025 22:46:55 +0100 Subject: [PATCH 20/34] feat: adds zfs pool to boot, adds zfs to pkgs, adds dandelion-specific services, adds machine-specific variables --- hosts/dandelion/default.nix | 20 +++++++++++++++++++- 1 file changed, 19 insertions(+), 1 deletion(-) diff --git a/hosts/dandelion/default.nix b/hosts/dandelion/default.nix index 80bee25..156210c 100644 --- a/hosts/dandelion/default.nix +++ b/hosts/dandelion/default.nix @@ -2,7 +2,9 @@ { imports = [ ./hardware-configuration.nix + ./variables.nix ./../../modules/core/default.server.nix + ./../../modules/services/dandelion.nix ]; networking.hostName = "dandelion"; @@ -15,7 +17,8 @@ time.timeZone = "Europe/Amsterdam"; environment.systemPackages = with pkgs; [ - pkgs.kitty.terminfo + kitty.terminfo + zfs ]; boot = { @@ -23,5 +26,20 @@ systemd-boot.enable = true; efi.canTouchEfiVariables = true; }; + supportedFilesystems = [ "zfs" ]; }; + + networking.hostId = "8a6b2565"; + + services.zfs = { + autoScrub.enable = true; + trim.enable = true; + }; + + boot.zfs.extraPools = [ "terrabite" ]; + + # fileSystems."/terrabite/main" = { + # device = "terrabite/main"; + # fsType = "zfs"; + # }; } From dee7e2e5e9eed9dcacdadbe1ec0266cb8a0c4cea Mon Sep 17 00:00:00 2001 From: Ahwx Date: Sat, 22 Mar 2025 22:47:09 +0100 Subject: [PATCH 21/34] feat: defines machine-specific variables --- hosts/dandelion/variables.nix | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) create mode 100644 hosts/dandelion/variables.nix diff --git a/hosts/dandelion/variables.nix b/hosts/dandelion/variables.nix new file mode 100644 index 0000000..241d088 --- /dev/null +++ b/hosts/dandelion/variables.nix @@ -0,0 +1,17 @@ +{ + lib, + config, + ... +}: let + inherit (lib) mkOption types; + inherit (config.liv) variables; +in { + options.liv.variables.dandelion = { + thisMachine = mkOption { + default = "dandelion.srv.${variables.primaryDomain}"; + type = types.str; + readOnly = true; + description = "Domain of this specific machine"; + }; + }; +} From 000cf926d26eaefb1d745a7d1e62c1d59b01f270 Mon Sep 17 00:00:00 2001 From: Ahwx Date: Sat, 22 Mar 2025 22:47:42 +0100 Subject: [PATCH 22/34] chore: remove legacy code --- modules/core/default.violet.nix | 12 ------------ 1 file changed, 12 deletions(-) delete mode 100644 modules/core/default.violet.nix diff --git a/modules/core/default.violet.nix b/modules/core/default.violet.nix deleted file mode 100644 index 118f8a3..0000000 --- a/modules/core/default.violet.nix +++ /dev/null @@ -1,12 +0,0 @@ -{ ... }: -{ - imports = - [(import ./hardware.nix)] - ++ [(import ./network.nix)] - ++ [(import ./program.nix)] - ++ [(import ./sshd.nix)] - ++ [(import ./security.nix)] - ++ [(import ./services.nix)] - ++ [(import ./system.nix)] - ++ [(import ./user.nix)]; -} From 8339d9cd793f92494a591fa7125ab0d7dfc4e3a8 Mon Sep 17 00:00:00 2001 From: Ahwx Date: Sat, 22 Mar 2025 22:48:09 +0100 Subject: [PATCH 23/34] chore: remove `uhci_pci` kernel module since otherwise it won't rebuild correctly, have not found issues so far --- hosts/dandelion/hardware-configuration.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hosts/dandelion/hardware-configuration.nix b/hosts/dandelion/hardware-configuration.nix index 6b43eb0..a42c81a 100644 --- a/hosts/dandelion/hardware-configuration.nix +++ b/hosts/dandelion/hardware-configuration.nix @@ -10,7 +10,7 @@ boot = { initrd = { - availableKernelModules = [ "ahci" "xhci_pci" "uhci_pci" "usbhid" "usb_storage" "sd_mod" ]; + availableKernelModules = [ "ahci" "xhci_pci" "usbhid" "usb_storage" "sd_mod" ]; # "uhci_pci" kernelModules = [ ]; }; kernelModules = [ "kvm-intel" ]; From e220e6904d683386eb34aa7da67d257b11ebfe7e Mon Sep 17 00:00:00 2001 From: Ahwx Date: Sat, 22 Mar 2025 22:49:56 +0100 Subject: [PATCH 24/34] feat: import `variables.nix` globally --- modules/core/default.nix | 3 ++- modules/core/default.server.nix | 3 ++- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/modules/core/default.nix b/modules/core/default.nix index 6f160d3..d776c75 100644 --- a/modules/core/default.nix +++ b/modules/core/default.nix @@ -1,7 +1,8 @@ { ... }: { imports = - [(import ./docker.nix)] + [(import ./../../variables.nix)] # Does not really fit here but I have no clue where else + ++ [(import ./docker.nix)] ++ [(import ./hardware.nix)] ++ [(import ./displaylink.nix)] # ++ [(import ./printing.nix)] diff --git a/modules/core/default.server.nix b/modules/core/default.server.nix index 118f8a3..72a0f86 100644 --- a/modules/core/default.server.nix +++ b/modules/core/default.server.nix @@ -1,7 +1,8 @@ { ... }: { imports = - [(import ./hardware.nix)] + [(import ./../../variables.nix)] + ++ [(import ./hardware.nix)] ++ [(import ./network.nix)] ++ [(import ./program.nix)] ++ [(import ./sshd.nix)] From ee8aceb56e23b3b04be86c5ad740a87af5216af3 Mon Sep 17 00:00:00 2001 From: Ahwx Date: Sat, 22 Mar 2025 23:00:00 +0100 Subject: [PATCH 25/34] feat: adds `ntfyURL` variable --- variables.nix | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/variables.nix b/variables.nix index 3727a99..19dce5c 100644 --- a/variables.nix +++ b/variables.nix @@ -13,5 +13,12 @@ in { readOnly = true; description = "My primary domain"; }; + + ntfyURL = mkOption { + default = "notify.${variables.liv.primaryDomain}"; + type = types.str; + readOnly = true; + description = "Notification service"; + }; }; } From b9977ffc6b4f2455050ad078a37d14ffc1cfc485 Mon Sep 17 00:00:00 2001 From: Ahwx Date: Sat, 22 Mar 2025 23:02:00 +0100 Subject: [PATCH 26/34] fix: make scrutiny available for all machines by using variables --- modules/services/scrutiny.nix | 16 +++++++--------- 1 file changed, 7 insertions(+), 9 deletions(-) diff --git a/modules/services/scrutiny.nix b/modules/services/scrutiny.nix index ebe64d8..d249682 100644 --- a/modules/services/scrutiny.nix +++ b/modules/services/scrutiny.nix @@ -1,18 +1,16 @@ -{ ... }: - -{ +{ config, ... }: { services.scrutiny = { enable = true; collector.enable = true; settings.web.listen.port = 8181; settings.notify.urls = [ - "ntfy://notify.liv.town/violet" + "ntfy://${config.liv.variables.ntfyURL}/${config.networking.hostName}" ]; }; - services.nginx.virtualHosts."scrutiny.liv.town" = { - locations."/" = { - proxyPass = "http://localhost:8181/"; - }; - }; + # services.nginx.virtualHosts."" = { + # locations."/" = { + # proxyPass = "http://localhost:8181/"; + # }; + # }; } From 23670bf1db12e12d71bf68467275d8e8d458769a Mon Sep 17 00:00:00 2001 From: Ahwx Date: Sun, 23 Mar 2025 00:05:19 +0100 Subject: [PATCH 27/34] chore: temporarily disable scrunity as it's flooding my notifications; enable immich --- modules/services/dandelion.nix | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/modules/services/dandelion.nix b/modules/services/dandelion.nix index cb31ebf..6bb537b 100644 --- a/modules/services/dandelion.nix +++ b/modules/services/dandelion.nix @@ -1,5 +1,6 @@ { ... }: { imports = [(import ./docker.nix)] - ++ [(import ./scrutiny.nix)]; + ++ [(import ./immich.nix)]; + # ++ [(import ./scrutiny.nix)]; } From df1ba52d7db0e843b7c5b8721c65282000c5796f Mon Sep 17 00:00:00 2001 From: Ahwx Date: Sun, 23 Mar 2025 00:05:36 +0100 Subject: [PATCH 28/34] feat: adds immich configuration to services --- modules/services/immich.nix | 23 +++++++++++++++++++++++ 1 file changed, 23 insertions(+) create mode 100644 modules/services/immich.nix diff --git a/modules/services/immich.nix b/modules/services/immich.nix new file mode 100644 index 0000000..89c67a3 --- /dev/null +++ b/modules/services/immich.nix @@ -0,0 +1,23 @@ +{ config, ... }: { + services.immich = { + enable = true; + port = 2283; + accelerationDevices = /dev/dri/card0; + }; + + # services.nginx.virtualHosts."" = { + # enableACME = true; + # forceSSL = true; + # locations."/" = { + # proxyPass = "http://localhost:${toString config.services.immich.port}"; + # proxyWebsockets = true; + # recommendedProxySettings = true; + # extraConfig = '' + # client_max_body_size 50000M; + # proxy_read_timeout 600s; + # proxy_send_timeout 600s; + # send_timeout 600s; + # ''; + # }; + # }; +} From 2a03321fa706f3fa8db06e0b23ffc86924eeb088 Mon Sep 17 00:00:00 2001 From: Ahwx Date: Mon, 24 Mar 2025 09:23:16 +0100 Subject: [PATCH 29/34] feat: enable required (amdgpu/nvidia) modules per host --- hosts/sakura/default.nix | 1 + hosts/violet/default.nix | 2 ++ hosts/yoshino/default.nix | 1 + 3 files changed, 4 insertions(+) diff --git a/hosts/sakura/default.nix b/hosts/sakura/default.nix index b349bb1..8b47543 100644 --- a/hosts/sakura/default.nix +++ b/hosts/sakura/default.nix @@ -24,6 +24,7 @@ laptop.enable = true; desktop.enable = true; creative.enable = true; + amdgpu.enable = true; }; services.hardware.bolt.enable = true; diff --git a/hosts/violet/default.nix b/hosts/violet/default.nix index 2d9b649..44c7b20 100644 --- a/hosts/violet/default.nix +++ b/hosts/violet/default.nix @@ -25,6 +25,8 @@ nvidia.open = false; # Set to false/true for proprietary/open drivers }; + liv.nvidia.enable = true; + services.xserver.videoDrivers = [ "nvidia" ]; boot = { diff --git a/hosts/yoshino/default.nix b/hosts/yoshino/default.nix index 08dfdb7..1098a2d 100644 --- a/hosts/yoshino/default.nix +++ b/hosts/yoshino/default.nix @@ -16,6 +16,7 @@ liv = { desktop.enable = true; creative.enable = true; + amdgpu.enable = true; }; networking = { From 5da047a5c92ef17737365bc767b482553a88f0ad Mon Sep 17 00:00:00 2001 From: Ahwx Date: Mon, 24 Mar 2025 09:24:17 +0100 Subject: [PATCH 30/34] feat: move `amdgpu`-specific config to its own role, since i now also have nvidia systems --- modules/core/hardware.nix | 15 --------------- roles/amdgpu.nix | 31 +++++++++++++++++++++++++++++++ roles/default.nix | 2 ++ 3 files changed, 33 insertions(+), 15 deletions(-) create mode 100644 roles/amdgpu.nix diff --git a/modules/core/hardware.nix b/modules/core/hardware.nix index c727176..1f1523c 100644 --- a/modules/core/hardware.nix +++ b/modules/core/hardware.nix @@ -1,18 +1,3 @@ { pkgs, ... }: { - hardware = { - graphics = { - enable = true; - }; - enableRedistributableFirmware = true; - opengl = { - extraPackages = with pkgs; [ - amdvlk - ]; - # For 32 bit applications as well - extraPackages32 = with pkgs; [ - driversi686Linux.amdvlk - ]; - }; - }; } diff --git a/roles/amdgpu.nix b/roles/amdgpu.nix new file mode 100644 index 0000000..8d017f1 --- /dev/null +++ b/roles/amdgpu.nix @@ -0,0 +1,31 @@ +{ lib, pkgs, config, ... }: +with lib; +let + cfg = config.liv.amdgpu; +in { + options.liv.amdgpu = { + enable = mkEnableOption "Enable amdgpu drivers"; + }; + + config = mkIf cfg.enable { + hardware = { + graphics = { + enable = true; + }; + enableRedistributableFirmware = true; + opengl = { + extraPackages = with pkgs; [ + amdvlk + ]; + # For 32 bit applications as well + extraPackages32 = with pkgs; [ + driversi686Linux.amdvlk + ]; + }; + }; + + environment.systemPackages = with pkgs; [ + amdvlk + ]; + }; +} diff --git a/roles/default.nix b/roles/default.nix index 48842f5..b89d962 100644 --- a/roles/default.nix +++ b/roles/default.nix @@ -2,6 +2,8 @@ { imports = [(import ./laptop.nix)] + ++ [(import ./amdgpu.nix)] + ++ [(import ./nvidia.nix)] ++ [(import ./desktop.nix)] ++ [(import ./creative.nix)]; } From df4fc5e04d08d5115bc8e18dbba6205be2736868 Mon Sep 17 00:00:00 2001 From: Ahwx Date: Mon, 24 Mar 2025 09:24:30 +0100 Subject: [PATCH 31/34] feat: also create nvidia role, empty for now --- roles/nvidia.nix | 31 +++++++++++++++++++++++++++++++ 1 file changed, 31 insertions(+) create mode 100644 roles/nvidia.nix diff --git a/roles/nvidia.nix b/roles/nvidia.nix new file mode 100644 index 0000000..e6c2aba --- /dev/null +++ b/roles/nvidia.nix @@ -0,0 +1,31 @@ +{ lib, pkgs, config, ... }: +with lib; +let + cfg = config.liv.nvidia; +in { + options.liv.nvidia = { + enable = mkEnableOption "Enable NVIDIA drivers"; + }; + + config = mkIf cfg.enable { + hardware = { + graphics = { + enable = true; + }; + enableRedistributableFirmware = true; + opengl = { + extraPackages = with pkgs; [ + # amdvlk + ]; + # For 32 bit applications as well + extraPackages32 = with pkgs; [ + # driversi686Linux.amdvlk + ]; + }; + }; + + environment.systemPackages = with pkgs; [ + # amdvlk + ]; + }; +} From b3e71a780996857937168d4931c9882a6cf620f4 Mon Sep 17 00:00:00 2001 From: Ahwx Date: Mon, 24 Mar 2025 09:24:52 +0100 Subject: [PATCH 32/34] chore: remove `accelerationDevices` since it doesn't work --- modules/services/immich.nix | 1 - 1 file changed, 1 deletion(-) diff --git a/modules/services/immich.nix b/modules/services/immich.nix index 89c67a3..301f192 100644 --- a/modules/services/immich.nix +++ b/modules/services/immich.nix @@ -2,7 +2,6 @@ services.immich = { enable = true; port = 2283; - accelerationDevices = /dev/dri/card0; }; # services.nginx.virtualHosts."" = { From 21c403a75d32fbd84384ae87f3fd41d1490c9574 Mon Sep 17 00:00:00 2001 From: Ahwx Date: Mon, 24 Mar 2025 09:25:31 +0100 Subject: [PATCH 33/34] feat: enable smartd for all machines, local mail soon-ish? thanks openbsd for the idea of local mail --- modules/core/hardware.nix | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/modules/core/hardware.nix b/modules/core/hardware.nix index 1f1523c..ca598dc 100644 --- a/modules/core/hardware.nix +++ b/modules/core/hardware.nix @@ -1,3 +1,7 @@ { pkgs, ... }: { + services.smartd = { + enable = true; + autodetect = true; + }; } From 54f4fef027eb0a002b6272a7ce38be2f6aa30841 Mon Sep 17 00:00:00 2001 From: Ahwx Date: Mon, 24 Mar 2025 09:59:26 +0100 Subject: [PATCH 34/34] chore: make readme betterer:tm: --- README.md | 43 +++++++++++++++++++------------------------ 1 file changed, 19 insertions(+), 24 deletions(-) diff --git a/README.md b/README.md index 9f52045..a8c2f87 100644 --- a/README.md +++ b/README.md @@ -57,25 +57,22 @@ ### Components | | NixOS + Hyprland | | --------------------------- | :---------------------------------------------------------------------------------------------: -| **Window Manager** | [Hyprland][Hyprland] | -| **Bar** | [Waybar][waybar] | -| **Application Launcher** | [bemenu][bemenu] | -| **Notification Daemon** | [Mako][mako] | -| **Terminal Emulator** | [Kitty][kitty] | +| **Compositor** | [hyprland][hyprland] | +| **Bar** | [waybar][waybar] | +| **Application launcher** | [bemenu][bemenu] | +| **Notification daemon** | [swaync][swaync] | +| **Terminal emulator** | [kitty][kitty] | | **Shell** | [zsh][zsh] | -| **Text Editor** | [Neovim][Neovim] + [VSCodium][VSCodium] | -| **network management tool** | [NetworkManager][NetworkManager] + [network-manager-applet][network-manager-applet] | -| **System resource monitor** | [htop][htop] | -| **File Manager** | [thunar][thunar] -| **Fonts** | [nerd fonts][Nerd fonts] | -| **Color Scheme** | [catppuccin][Catppuccin] | -| **Icons** | [catppuccin-papirus-folders][catppuccin-papirus-folders] | +| **Text editor** | [neovim][neovim] | +| **Network management tool** | [networkmanager][networkmanager] | +| **File manager** | [thunar][thunar] +| **Fonts** | [nerd fonts][nerd fonts] | | **Lockscreen** | [swaylock][swaylock] | -| **Image Viewer** | [nsxiv][nsxiv] | -| **Media Player** | [mpv][mpv] | -| **Screenshot Software** | [grimblast][grimblast] | +| **Image viewer** | [nsxiv][nsxiv] + [imv] | +| **Media player** | [mpv][mpv] | +| **Screenshot software** | [grimblast][grimblast] | | **Clipboard** | [wl-clip-persist][wl-clip-persist] | -| **Color Picker** | [hyprpicker][hyprpicker] | +| **Color picker** | [hyprpicker][hyprpicker] | ### Shell aliases @@ -222,24 +219,22 @@ Other dotfiles that I learned / copy from: - [mrusme/dotfiles](https://github.com/mrusme/dotfiles) -[Hyprland]: https://github.com/hyprwm/Hyprland -[Kitty]: https://github.com/kovidgoyal/kitty -[Waybar]: https://github.com/Alexays/Waybar +[hyprland]: https://github.com/hyprwm/Hyprland +[kitty]: https://github.com/kovidgoyal/kitty +[waybar]: https://github.com/Alexays/Waybar [bemenu]: https://github.com/Cloudef/bemenu [zsh]: https://ohmyz.sh/ [swaylock]: https://github.com/swaywm/swaylock [mpv]: https://github.com/mpv-player/mpv [VSCodium]:https://vscodium.com/ -[Neovim]: https://github.com/neovim/neovim +[neovim]: https://github.com/neovim/neovim [grimblast]: https://github.com/hyprwm/contrib [htop]: https://github.com/htop-dev/htop [thunar]: https://docs.xfce.org/xfce/thunar/start [nsxiv]: https://nsxiv.codeberg.page -[mako]: https://github.com/emersion/mako +[swaync]: https://github.com/ErikReider/SwayNotificationCenter [nerd fonts]: https://github.com/ryanoasis/nerd-fonts -[NetworkManager]: https://wiki.gnome.org/Projects/NetworkManager +[networkmanager]: https://wiki.gnome.org/Projects/NetworkManager [network-manager-applet]: https://gitlab.gnome.org/GNOME/network-manager-applet/ [wl-clip-persist]: https://github.com/Linus789/wl-clip-persist [hyprpicker]: https://github.com/hyprwm/hyprpicker -[catppuccin]: https://github.com/catppuccin/catppuccin -[catppuccin-papirus-folders]: https://github.com/catppuccin/papirus-folders