chore: merge remote-tracking branch 'refs/remotes/origin/master'

2025-12-04 15:00:13 +01:00 · 2025-03-24 10:03:27 +01:00 · 2025-03-24 10:03:27 +01:00 · 52fc1baf12
commit 52fc1baf12
parent e07111322d 54f4fef027
27 changed files with 310 additions and 120 deletions
--- a/README.md
+++ b/README.md
@ -44,8 +44,9 @@
 - [hosts](hosts): per-host configurations that contain machine specific configurations
  - [desktop](hosts/yoshino/): Desktop (yoshino) specific configuration
  - [sakura](hosts/sakura/): Laptop (sakura) specific configuration
-  - [sakura](hosts/ichiyo/): Laptop (ichiyo) specific configuration
+  - [ichiyo](hosts/ichiyo/): Laptop (ichiyo) specific configuration
  - [violet](hosts/violet/): Server (violet) specific configuration
  - [dandelion](hosts/dandelion/): Server (dandelion) specific configuration
 - [modules](modules): modularized NixOS configurations
  - [core](modules/core/): core NixOS configuration
  - [homes](modules/home/): my [Home-Manager](https://github.com/nix-community/home-manager) config
@ -56,25 +57,22 @@
 ### Components
 |                             | NixOS + Hyprland                                                                              |
 | --------------------------- | :---------------------------------------------------------------------------------------------:
-| **Window Manager**          | [Hyprland][Hyprland] |
+| **Compositor**          | [hyprland][hyprland] |
-| **Bar**                     | [Waybar][waybar] |
+| **Bar**                     | [waybar][waybar] |
-| **Application Launcher**    | [bemenu][bemenu] |
+| **Application launcher**    | [bemenu][bemenu] |
-| **Notification Daemon**     | [Mako][mako] |
+| **Notification daemon**     | [swaync][swaync] |
-| **Terminal Emulator**       | [Kitty][kitty] |
+| **Terminal emulator**       | [kitty][kitty] |
 | **Shell**                   | [zsh][zsh] |
-| **Text Editor**             | [Neovim][Neovim] + [VSCodium][VSCodium] |
+| **Text editor**             | [neovim][neovim] |
-| **network management tool** | [NetworkManager][NetworkManager] + [network-manager-applet][network-manager-applet] |
+| **Network management tool** | [networkmanager][networkmanager] |
-| **System resource monitor** | [htop][htop] |
+| **File manager**            | [thunar][thunar]
-| **File Manager**            | [thunar][thunar]
+| **Fonts**                   | [nerd fonts][nerd fonts] |
 | **Fonts**                   | [nerd fonts][Nerd fonts] |
 | **Color Scheme**            | [catppuccin][Catppuccin] |
 | **Icons**                   | [catppuccin-papirus-folders][catppuccin-papirus-folders] |
 | **Lockscreen**              | [swaylock][swaylock] |
-| **Image Viewer**            | [nsxiv][nsxiv] |
+| **Image viewer**            | [nsxiv][nsxiv] + [imv] |
-| **Media Player**            | [mpv][mpv] |
+| **Media player**            | [mpv][mpv] |
-| **Screenshot Software**     | [grimblast][grimblast] |
+| **Screenshot software**     | [grimblast][grimblast] |
 | **Clipboard**               | [wl-clip-persist][wl-clip-persist] |
-| **Color Picker**            | [hyprpicker][hyprpicker] |
+| **Color picker**            | [hyprpicker][hyprpicker] |
 ### Shell aliases
@ -221,24 +219,22 @@ Other dotfiles that I learned / copy from:
 - [mrusme/dotfiles](https://github.com/mrusme/dotfiles)
 <!-- Links -->
-[Hyprland]: https://github.com/hyprwm/Hyprland
+[hyprland]: https://github.com/hyprwm/Hyprland
-[Kitty]: https://github.com/kovidgoyal/kitty
+[kitty]: https://github.com/kovidgoyal/kitty
-[Waybar]: https://github.com/Alexays/Waybar
+[waybar]: https://github.com/Alexays/Waybar
 [bemenu]: https://github.com/Cloudef/bemenu
 [zsh]: https://ohmyz.sh/
 [swaylock]: https://github.com/swaywm/swaylock
 [mpv]: https://github.com/mpv-player/mpv
 [VSCodium]:https://vscodium.com/
-[Neovim]: https://github.com/neovim/neovim
+[neovim]: https://github.com/neovim/neovim
 [grimblast]: https://github.com/hyprwm/contrib
 [htop]: https://github.com/htop-dev/htop
 [thunar]: https://docs.xfce.org/xfce/thunar/start
 [nsxiv]: https://nsxiv.codeberg.page
-[mako]: https://github.com/emersion/mako
+[swaync]: https://github.com/ErikReider/SwayNotificationCenter
 [nerd fonts]: https://github.com/ryanoasis/nerd-fonts
-[NetworkManager]: https://wiki.gnome.org/Projects/NetworkManager
+[networkmanager]: https://wiki.gnome.org/Projects/NetworkManager
 [network-manager-applet]: https://gitlab.gnome.org/GNOME/network-manager-applet/
 [wl-clip-persist]: https://github.com/Linus789/wl-clip-persist
 [hyprpicker]: https://github.com/hyprwm/hyprpicker
 [catppuccin]: https://github.com/catppuccin/catppuccin
 [catppuccin-papirus-folders]: https://github.com/catppuccin/papirus-folders
--- a/flake.nix
+++ b/flake.nix
@ -84,6 +84,14 @@
        ];
        specialArgs = { host="violet"; inherit self inputs username; };
      };
      dandelion = nixpkgs.lib.nixosSystem {
        inherit system;
        modules = [
          (import ./hosts/dandelion)
          agenix.nixosModules.default
        ];
        specialArgs = { host="dandelion"; inherit self inputs username; };
      };
      vm = nixpkgs.lib.nixosSystem {
        inherit system;
--- a/hosts/dandelion/default.nix
+++ b/hosts/dandelion/default.nix
@ -0,0 +1,45 @@
 { pkgs, config, ... }: 
 {
  imports = [
    ./hardware-configuration.nix
    ./variables.nix
    ./../../modules/core/default.server.nix
    ./../../modules/services/dandelion.nix
  ];
  networking.hostName = "dandelion";
  nixpkgs.config.permittedInsecurePackages = [
    "jitsi-meet-1.0.8043"
    "olm-3.2.16"
  ];
  time.timeZone = "Europe/Amsterdam";
  environment.systemPackages = with pkgs; [
    kitty.terminfo
    zfs
  ];
  boot = {
    loader = {
      systemd-boot.enable = true;
      efi.canTouchEfiVariables = true;
    };
    supportedFilesystems = [ "zfs" ];
  };
  networking.hostId = "8a6b2565";
  services.zfs = {
    autoScrub.enable = true;
    trim.enable = true;
  };
  boot.zfs.extraPools = [ "terrabite" ];
  # fileSystems."/terrabite/main" = {
  #   device = "terrabite/main";
  #   fsType = "zfs";
  # };
 }
--- a/hosts/dandelion/hardware-configuration.nix
+++ b/hosts/dandelion/hardware-configuration.nix
@ -0,0 +1,39 @@
 # Do not modify this file!  It was generated by ‘nixos-generate-config’
 # and may be overwritten by future invocations.  Please make changes
 # to /etc/nixos/configuration.nix instead.
 { config, lib, pkgs, modulesPath, ... }:
 {
  imports =
    [ (modulesPath + "/installer/scan/not-detected.nix")
    ];
  boot = {
    initrd = {
      availableKernelModules = [ "ahci" "xhci_pci" "usbhid" "usb_storage" "sd_mod" ]; # "uhci_pci"
      kernelModules = [ ];
    };
    kernelModules = [ "kvm-intel" ];
    extraModulePackages = [ ];
  };
  fileSystems."/" =
    { device = "/dev/disk/by-uuid/adb2894c-18f5-466a-b340-70b71b479f51";
      fsType = "ext4";
    };
  fileSystems."/boot" =
    { device = "/dev/disk/by-uuid/D8DA-9F5E";
      fsType = "vfat";
      options = [ "fmask=0077" "dmask=0077" ];
    };
  swapDevices = [ ];
  networking.useDHCP = lib.mkDefault true;
  # networking.interfaces.eno1.useDHCP = lib.mkDefault true;
  # networking.interfaces.eno2.useDHCP = lib.mkDefault true;
  nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
  hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
 }
--- a/hosts/dandelion/variables.nix
+++ b/hosts/dandelion/variables.nix
@ -0,0 +1,17 @@
 {
  lib,
  config,
  ...
 }: let
  inherit (lib) mkOption types;
  inherit (config.liv) variables;
 in {
  options.liv.variables.dandelion = {
    thisMachine = mkOption {
      default = "dandelion.srv.${variables.primaryDomain}";
      type = types.str;
      readOnly = true;
      description = "Domain of this specific machine";
    };
  };
 }
--- a/hosts/sakura/default.nix
+++ b/hosts/sakura/default.nix
@ -24,6 +24,7 @@
    laptop.enable = true;
    desktop.enable = true;
    creative.enable = true;
    amdgpu.enable = true;
  };
  services.hardware.bolt.enable = true;
--- a/hosts/violet/default.nix
+++ b/hosts/violet/default.nix
@ -2,7 +2,7 @@
 {
  imports = [
    ./hardware-configuration.nix
-    ./../../modules/core/default.violet.nix
+    ./../../modules/core/default.server.nix
    ./../../modules/services/violet.nix
  ];
@ -25,6 +25,8 @@
    nvidia.open = false; # Set to false/true for proprietary/open drivers
  };
  liv.nvidia.enable = true;
  services.xserver.videoDrivers = [ "nvidia" ];
  boot = {
--- a/hosts/yoshino/default.nix
+++ b/hosts/yoshino/default.nix
@ -16,6 +16,7 @@
  liv = {
    desktop.enable = true;
    creative.enable = true;
    amdgpu.enable = true;
  };
  networking = {
--- a/modules/core/default.nix
+++ b/modules/core/default.nix
@ -1,7 +1,8 @@
 { ... }:
 {
  imports =
-       [(import ./docker.nix)]
+       [(import ./../../variables.nix)] # Does not really fit here but I have no clue where else
    ++ [(import ./docker.nix)]
    ++ [(import ./hardware.nix)]
    ++ [(import ./displaylink.nix)]
    # ++ [(import ./printing.nix)]
--- a/modules/core/default.server.nix
+++ b/modules/core/default.server.nix
@ -1,7 +1,8 @@
 { ... }:
 {
  imports =
-       [(import ./hardware.nix)]
+       [(import ./../../variables.nix)]
    ++ [(import ./hardware.nix)]
    ++ [(import ./network.nix)]
    ++ [(import ./program.nix)]
    ++ [(import ./sshd.nix)]
--- a/modules/core/hardware.nix
+++ b/modules/core/hardware.nix
@ -1,20 +1,7 @@
 { pkgs, ... }:
 {  
-  hardware = {
+  services.smartd = {
    graphics = {
    enable = true;
-      # driSupport = true; # Has no effect anymore, as of 2024-06-21
+    autodetect = true;
      # driSupport32Bit = true;
    };
    enableRedistributableFirmware = true;
    opengl = {
      extraPackages = with pkgs; [
        amdvlk
      ];
      # For 32 bit applications as well
      extraPackages32 = with pkgs; [
        driversi686Linux.amdvlk
      ];
    };
  };
 }
--- a/modules/core/user.nix
+++ b/modules/core/user.nix
@ -10,7 +10,9 @@
        if (host == "desktop") then 
          [ ./../home/default.desktop.nix ] 
        else if (host == "violet") then
-          [ ./../home/default.violet.nix ]
+          [ ./../home/default.server.nix ]
        else if (host == "dandelion") then
          [ ./../home/default.server.nix ]
        else if (host == "yoshino") then
          [ ./../home/default.yoshino.nix ]
        else [ ./../home ];
--- a/modules/core/wireguard.nix
+++ b/modules/core/wireguard.nix
@ -2,15 +2,15 @@
 {
  networking.wg-quick.interfaces = {
    wg0 = {
-      address = [ "10.7.0.2/24" "fddd:2c4:2c4:2c4::2/64" ];
+      address = [ "10.7.0.4/24" ];
      dns = [ "9.9.9.9" "149.112.112.112" ];
      privateKeyFile = "/root/wireguard-keys/privatekey";
      peers = [{
-        publicKey = "GfrFhe2JV8FS/711WAdx6CLF/QIEj1KoOGP/ErxBHkg=";
+        publicKey = "uE40chWhiPpnNHcgnLhMfOUfzotS6hK+dWwI1sIFcUw=";
        presharedKeyFile = "/root/wireguard-keys/preshared_from_peer0_key";
        allowedIPs = [ "0.0.0.0/0" "::/0" ];
-        endpoint = "57.129.46.171:51820";
+        endpoint = "213.210.34.27:58192";
        persistentKeepalive = 25;
      }];
    };
--- a/modules/home/default.server.nix
+++ b/modules/home/default.server.nix
@ -2,7 +2,7 @@
  imports =
       [(import ./git.nix)]                       # version control
    ++ [(import ./nvim.nix)]                      # neovim editor
-    ++ [(import ./packages.violet.nix)]           # other packages
+    ++ [(import ./packages.server.nix)]           # other packages
    ++ [(import ./scripts/scripts.nix)]           # personal scripts
    ++ [(import ./zsh.nix)]                       # shell
    ++ [(import ./tmux.nix)];                     # terminal multiplexer
--- a/modules/home/hyprland/config.nix
+++ b/modules/home/hyprland/config.nix
@ -28,18 +28,18 @@
        color = "black";
      };
    };
-    # cursorTheme = {
+    cursorTheme = {
-    #   name = "Bibata-Modern-Ice";
+      name = "Bibata-Modern-Ice";
-    #   package = pkgs.bibata-cursors;
+      package = pkgs.bibata-cursors;
-    #   size = 24;
+      size = 24;
-    # };
+    };
  };
-  # home.pointerCursor = {
+  home.pointerCursor = {
-  #   name = "Bibata-Modern-Ice";
+    name = "Bibata-Modern-Ice";
-  #   package = pkgs.bibata-cursors;
+    package = pkgs.bibata-cursors;
-  #   size = 24;
+    size = 24;
-  # };
+  };
  # gtk = {
  #   enable = true;
@ -84,7 +84,7 @@
      source = "~/nixos-config/modules/home/hyprland/displays.conf";
      "debug:disable_scale_checks" = true;
-      monitor = "eDP-1, 2256x1504@60, 0x0, 1.5";
+      monitor = "eDP-1, 2256x1504@60, 0x0, 1.5"; # this works as I only have one computer using eDP-1 as a display, I could also add LVDS or DP-1 since that'd also be machine-specific.
      # autostart
      exec-once = [
@ -226,6 +226,8 @@
        "$mainMod SHIFT, V, exec, cliphist list | bemenu -l 5 --ignorecase | cliphist decode | wl-copy"
        "$mainMod SHIFT, F, exec, librewolf"
        "$mainMod SHIFT, C, exec, chromium"
        "$mainMod SHIFT, Q, exec, qutebrowser"
        "$mainMod SHIFT, W, exec, wdisplays"
        "$mainMod SHIFT, T, exec, thunderbird"
        "$mainMod SHIFT, E, exec, element-desktop"
--- a/modules/home/packages.nix
+++ b/modules/home/packages.nix
@ -61,8 +61,9 @@
    anki-bin
    obs-studio
    wdisplays
-    librewolf
+    librewolf # main
-    ungoogled-chromium
+    ungoogled-chromium # for things that don't work with librewolf
    qutebrowser # focus
    nsxiv
    libreoffice
    xfce.thunar
--- a/modules/home/packages.server.nix
+++ b/modules/home/packages.server.nix
@ -14,11 +14,6 @@
    ripgrep
    yt-dlp
    neofetch
    yarn
    # C / C++
    gcc
    gnumake
    # Python
    python3
--- a/modules/services/dandelion.nix
+++ b/modules/services/dandelion.nix
@ -0,0 +1,6 @@
 { ... }: {
  imports =
       [(import ./docker.nix)]
    ++ [(import ./immich.nix)];
    # ++ [(import ./scrutiny.nix)];
 }
--- a/modules/services/immich.nix
+++ b/modules/services/immich.nix
@ -0,0 +1,22 @@
 { config, ... }: {
  services.immich = {
    enable = true;
    port = 2283;
  };
  # services.nginx.virtualHosts."" = {
  #   enableACME = true;
  #   forceSSL = true;
  #   locations."/" = {
  #     proxyPass = "http://localhost:${toString config.services.immich.port}";
  #     proxyWebsockets = true;
  #     recommendedProxySettings = true;
  #     extraConfig = ''
  #       client_max_body_size 50000M;
  #       proxy_read_timeout   600s;
  #       proxy_send_timeout   600s;
  #       send_timeout         600s;
  #     '';
  #   };
  # };
 }
--- a/modules/services/nextcloud.nix
+++ b/modules/services/nextcloud.nix
@ -1,41 +0,0 @@
 { lib, config, ... }:
 {
  security.acme = {
    acceptTerms = true;
    preliminarySelfsigned = false;
    # defaults.email = config.security.acme.defaults.email;
  };
  services.nextcloud = {
    enable = true;
    home = "/var/nextcloud/home";
    https = true;
    configureRedis = false; # caching
    maxUploadSize = "10G";
    hostName = "cloud.liv.town";
    config = {
      adminuser = "liv";
      adminpassFile = "/var/nextcloud/AdminPass";
    };
    settings = {
      trusted_domains = [
        "cloud.liv.town"
      ];
      enabledPreviewProviders = [
        "OC\\Preview\\BMP"
        "OC\\Preview\\GIF"
        "OC\\Preview\\JPEG"
        "OC\\Preview\\Krita"
        "OC\\Preview\\MarkDown"
        "OC\\Preview\\MP3"
        "OC\\Preview\\OpenDocument"
        "OC\\Preview\\PNG"
        "OC\\Preview\\TXT"
        "OC\\Preview\\XBitmap"
        "OC\\Preview\\HEIC"
      ];
    };
  };
 }
--- a/modules/services/nginx.nix
+++ b/modules/services/nginx.nix
@ -44,10 +44,9 @@
      #   # proxy_cookie_path / "/; secure; HttpOnly; SameSite=strict";
      # Most important headers
-      add_header meow "nya!";
+      add_header meow "nyaa";
-      add_header matrix "https://matrix.to/#/@liv:liv.town"
+      add_header matrix "@liv:liv.town";
      add_header pronouns "any but neopronouns";
      add_header gender "maybe";
      add_header locale "[en_US, nl_NL]";
    '';
  };
--- a/modules/services/scrutiny.nix
+++ b/modules/services/scrutiny.nix
@ -1,18 +1,16 @@
-{ ... }:
+{ config, ... }: {
 {
  services.scrutiny = {
    enable = true;
    collector.enable = true;
    settings.web.listen.port = 8181;
    settings.notify.urls = [
-      "ntfy://notify.liv.town/violet"
+      "ntfy://${config.liv.variables.ntfyURL}/${config.networking.hostName}"
    ];
  };
-  services.nginx.virtualHosts."scrutiny.liv.town" = {
+  # services.nginx.virtualHosts."" = {
-    locations."/" = {
+  #   locations."/" = {
-      proxyPass = "http://localhost:8181/";
+  #     proxyPass = "http://localhost:8181/";
-    };
+  #   };
-  };
+  # };
 }
--- a/modules/services/sharkey-proxy.nix
+++ b/modules/services/sharkey-proxy.nix
@ -7,6 +7,26 @@
      locations."/" = {
        proxyPass = "http://localhost:3000";
        proxyWebsockets = true;
        extraConfig = ''
          proxy_set_header Host $host;
          proxy_set_header X-Real-IP $remote_addr;
          proxy_set_header X-Forwarded-Proto https;
          proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
          proxy_set_header X-Forwarded-Host $remote_addr;
        '';
      };
      locations."/wiki/" = {
        # Nepenthis
        proxyPass = "http://localhost:8893";
        extraConfig = ''
          proxy_set_header X-Prefix '/wiki';
          proxy_set_header Host $host;
          proxy_set_header X-Real-IP $remote_addr;
          proxy_set_header X-Forwarded-Proto https;
          proxy_set_header X-Forwarded-For $remote_addr;
          proxy_set_header X-Forwarded-Host $remote_addr;
          proxy_buffering off;
        '';
      };
    };
  };
--- a/roles/amdgpu.nix
+++ b/roles/amdgpu.nix
@ -0,0 +1,31 @@
 { lib, pkgs, config, ... }:
 with lib;
 let
  cfg = config.liv.amdgpu;
 in {
  options.liv.amdgpu = {
    enable = mkEnableOption "Enable amdgpu drivers";
  };
  config = mkIf cfg.enable {
    hardware = {
      graphics = {
        enable = true;
      };
      enableRedistributableFirmware = true;
      opengl = {
        extraPackages = with pkgs; [
          amdvlk
        ];
        # For 32 bit applications as well
        extraPackages32 = with pkgs; [
          driversi686Linux.amdvlk
        ];
      };
    };
    environment.systemPackages = with pkgs; [
      amdvlk
    ];
  };
 }
--- a/roles/default.nix
+++ b/roles/default.nix
@ -2,6 +2,8 @@
 {
  imports =
       [(import ./laptop.nix)]
    ++ [(import ./amdgpu.nix)]
    ++ [(import ./nvidia.nix)]
    ++ [(import ./desktop.nix)]
    ++ [(import ./creative.nix)];
 }
--- a/roles/nvidia.nix
+++ b/roles/nvidia.nix
@ -0,0 +1,31 @@
 { lib, pkgs, config, ... }:
 with lib;
 let
  cfg = config.liv.nvidia;
 in {
  options.liv.nvidia = {
    enable = mkEnableOption "Enable NVIDIA drivers";
  };
  config = mkIf cfg.enable {
    hardware = {
      graphics = {
        enable = true;
      };
      enableRedistributableFirmware = true;
      opengl = {
        extraPackages = with pkgs; [
          # amdvlk
        ];
        # For 32 bit applications as well
        extraPackages32 = with pkgs; [
          # driversi686Linux.amdvlk
        ];
      };
    };
    environment.systemPackages = with pkgs; [
      # amdvlk
    ];
  };
 }
--- a/variables.nix
+++ b/variables.nix
@ -0,0 +1,24 @@
 {
  lib,
  config,
  ...
 }: let
  inherit (lib) mkOption types;
  inherit (config.liv) variables;
 in {
  options.liv.variables = {
    primaryDomain = mkOption {
      default = "liv.town";
      type = types.str;
      readOnly = true;
      description = "My primary domain";
    };
    ntfyURL = mkOption {
      default = "notify.${variables.liv.primaryDomain}";
      type = types.str;
      readOnly = true;
      description = "Notification service";
    };
  };
 }