willifan/nix-config
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Compare commits

base: willifan:79022428c3699cd6a1bd4e1f8603c6dd31dfeb4d
Branches Tags
willifan:main
..
compare: willifan:89f576dc4b78d6289c072a29a54e979e4ea5344b
Branches Tags
willifan:main

No commits in common. "79022428c3699cd6a1bd4e1f8603c6dd31dfeb4d" and "89f576dc4b78d6289c072a29a54e979e4ea5344b" have entirely different histories.
79022428c3 ... 89f576dc4b

17 changed files with 56 additions and 171 deletions
Download patch file Download diff file Expand all files Collapse all files

20
flake.nix
View file

@ -30,10 +30,13 @@
outputs = { self, nixpkgs, nixpkgs-unstable, ... }@attrs:
let
system = "x86_64-linux";
lib = nixpkgs.lib;
pkgs = nixpkgs.legacyPackages.${system};
pkgs-unstable = nixpkgs-unstable.legacyPackages.${system};
supportedSystems = [ "x86_64-linux" ];
forAllSystems = nixpkgs.lib.genAttrs supportedSystems;
forAllSystemsUnstable = nixpkgs-unstable.lib.genAttrs supportedSystems;
pkgs = forAllSystems (system: import nixpkgs { inherit system; });
pkgs-unstable = forAllSystemsUnstable (system: import nixpkgs-unstable { inherit system; });
in
{
nixosConfigurations = {
@ -41,12 +44,11 @@
Lenni = let
system = "x86_64-linux";
in
lib.nixosSystem {
nixpkgs.lib.nixosSystem {
specialArgs = {
hostname = "Lenni";
type = "desktop";
inherit pkgs-unstable;
inherit system;
};
@ -67,12 +69,11 @@
Puenktchen = let
system = "x86_64-linux";
in
lib.nixosSystem {
nixpkgs.lib.nixosSystem {
specialArgs = {
hostname = "Puenktchen";
type = "desktop";
inherit pkgs-unstable;
inherit system;
};
@ -96,12 +97,11 @@
Anton = let
system = "x86_64-linux";
in
lib.nixosSystem {
nixpkgs.lib.nixosSystem {
specialArgs = {
hostname = "Anton";
type = "server";
inherit pkgs-unstable;
inherit system;
};

20
hosts/Anton/caddy.nix
View file

@ -1,20 +0,0 @@
{ pkgs, ... }:
{
services.caddy = {
enable = true;
configFile = pkgs.writeText "Caddyfile" ''
https://git.huwe.mooo.com {
reverse_proxy localhost:3000
}
https://files.huwe.mooo.com {
reverse_proxy localhost:444
}
https://cal.huwe.mooo.com {
reverse_proxy localhost:5232
}
'';
};
}

14
hosts/Anton/data.nix
View file

@ -1,14 +0,0 @@
{ pkgs, ... }:
{
# environment.systemPackages = with pkgs; [
# mergerfs
# ];
fileSystems."/mnt/data" = {
device = "/dev/disk/by-id/wwn-0x500a0751e6b6c60f-part1";
fsType = "btrfs";
options = [" noatime=true compress=zstd:12 "];
};
}

8
hosts/Anton/firewall.nix
View file

@ -1,8 +0,0 @@
{ pkgs, ... }:
{
networking.firewall = {
enable = true;
allowedTCPPorts = [ 22 80 443 3000 ];
allowedUDPPorts = [ 22 80 443 ];
};
}

19
hosts/Anton/gitea.nix
View file

@ -1,19 +0,0 @@
{ pkgs, pkgs-unstable, ... }:
{
services.gitea = {
enable = true;
package = pkgs-unstable.gitea;
stateDir = "/mnt/data/services/gitea";
appName = "My low quality unfinished Projects";
settings = {
server = {
DOMAIN = "git.huwe.mooo.com";
HTTP_PORT = 3000;
};
};
};
}

26
hosts/Anton/hardware-configuration.nix
View file

@ -1,26 +0,0 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
imports =
[ (modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "nvme" "usb_storage" "sd_mod" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-amd" ];
boot.extraModulePackages = [ ];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true;
# networking.interfaces.enp6s0.useDHCP = lib.mkDefault true;
# networking.interfaces.enp7s0.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
}

21
hosts/Anton/radicale.nix
View file

@ -1,21 +0,0 @@
{ pkgs, ... }:
{
services.radicale = {
enable = true;
settings = {
server = {
hosts = [ "0.0.0.0:5232" "[::]:5232" ];
};
auth = {
type = "htpasswd";
htpasswd_filename = "/etc/radicale/users";
htpasswd_encryption = "bcrypt";
};
storage = {
filesystem_folder = "/mnt/data/services/radicale/collections";
};
};
};
}

7
hosts/common/default.nix
View file

@ -5,10 +5,5 @@
./garbage-collect.nix
./optimise.nix
];
networking.networkmanager.enable = true;
console.keyMap = "de";
nixpkgs.config.allowUnfree = true;
nix.settings.experimental-features = [ "nix-command" "flakes" ];
system.stateVersion = "23.11";
}
}

6
hosts/desktop/default.nix
View file

@ -10,4 +10,8 @@
hardware.bluetooth.enable = true;
services.hardware.bolt.enable = true;
}
networking.networkmanager.enable = true;
console.keyMap = "de";
nixpkgs.config.allowUnfree = true;
nix.settings.experimental-features = [ "nix-command" "flakes" ];
}

19
hosts/server/Anton/data.nix Normal file
View file

@ -0,0 +1,19 @@
{ pkgs, ... }:
{
environment.systemPackages = with pkgs; [
mergerfs
];
fileSystems."/storage" = {
fsType = "fuse.mergerfs";
device = "/mnt/disks/*";
options = ["cache.files=partial" "dropcacheonclose=true" "category.create=mfs"];
};
services.snapraid = {
enable = true;
};
}

7
hosts/Anton/default.nix → hosts/server/Anton/default.nix
View file

@ -3,14 +3,9 @@
imports = [
./caddy.nix
./disko.nix
./data.nix
./firewall.nix
./gitea.nix
./hardware-configuration.nix
./radicale.nix
];
}
}

2
hosts/Anton/disko.nix → hosts/server/Anton/disko.nix
View file

@ -3,7 +3,7 @@
disk = {
root-drive = {
type = "disk";
device = "/dev/disk/by-id/nvme-Patriot_M.2_P300_128GB_P300HHBB240118004095";
device = "/dev/disk/by-id/wwn-0x5001b44ebc0b613a";
content = {
type = "gpt";
partitions = {

8
hosts/server/boot.nix
View file

@ -1,8 +0,0 @@
{ pkgs, ... }:
{
boot = {
loader.systemd-boot.enable = true;
loader.efi.canTouchEfiVariables = true;
initrd.systemd.enable = true;
};
}

8
hosts/server/default.nix
View file

@ -1,8 +0,0 @@
{ pkgs, ... }:
{
imports = [
./boot.nix
./ssh-server.nix
];
}

20
hosts/server/ssh-server.nix
View file

@ -1,20 +0,0 @@
{ pkgs, ... }:
{
services.openssh = {
enable = true;
ports = [ 22 ];
settings = {
PasswordAuthentication = false;
AllowUsers = null; # Allows all users by default. Can be [ "user1" "user2" ]
UseDns = true;
X11Forwarding = false;
PermitRootLogin = "prohibit-password"; # "yes", "without-password", "prohibit-password", "forced-commands-only", "no"
};
};
users.users.willifan.openssh.authorizedKeys.keys = [
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDMRriQfw3pusl04fGhCNVoRRpye71ZwkDXAtKB/FP1DLXA4cYrwjLzv/fG1hXi7lAMp2vLiABAg/UaTE8roGzlt62XsFNwc1TI5M8m67J0kLkCtz3MkIixe/3GOFXr03g80DPncLyoIYPvvNd/TftTBK4yrrZPvMJaRrZhW/QdLPQpdHalcNRZ4bnBOCtCoqQ6RGrRi2EeKaJDYIFNl13b9FxrXEJcXnbSDdr1KI3q7a+vkefI2knUf2Uk7ufOWTQ1aqc0heGtCNlHzwZUzW/dfrpPmoVPq3Fqxqd9uXqxMk1Z3VnOwWcK3VXfzzBXKTsX0MaUgF1EqxibkYs9bDZqLEXoRucBqk3wwMPy8RJXqQOupoqa2xEOoduBf1qDHEEm69coHCpPm2mQVUrwsPrmTHmOjh9ir0mkVBDRgHvhq/ctQTVO5/SE2NCgPdlvUV5s44LLsUyxBp5JWwXZWlVys+7Dhil6mtRDcH4CXceJn0VZ61Zv2jrCTxQjKsroitSkNbpAkKajQ9moLMAblsSwJzl3uvJJ3ydlxjZefwTO/GjyuJMY2sIU2Tu0YbIVgMyq5L782LduVlyWj+RLWoEu19OfMqQvTWhJnQPAbR82qGzlfTGRLUxoY+G5MYipJwgrBQ2TnpWvfpTrZxFrglSfekz0v54lWzNZpW+irImh4w== willifan@proton.me"
];
}

6
users/willifan/default.nix
View file

@ -2,7 +2,7 @@
{
imports = [
./common
# ./${type}
# ./${hostname}
./${type}
./${hostname}
];
}
}

16
users/willifan/desktop/web/thunderbird.nix
View file

@ -17,6 +17,22 @@
"calendar.registry.1fc1e3ed-8ed4-4ec8-8b15-e7b2fbc810a8.type" = "caldav";
"calendar.registry.1fc1e3ed-8ed4-4ec8-8b15-e7b2fbc810a8.uri" = "https://cal.huwe.mooo.com/willifan/4381be3e-3453-cf20-ec8a-f9e1dc17dfc4/";
"calendar.registry.1fc1e3ed-8ed4-4ec8-8b15-e7b2fbc810a8.username" = "willifan";
"calendar.registry.60a1da39-91e8-4f71-a3f2-366182049c9f.cache.enabled" = true;
"calendar.registry.60a1da39-91e8-4f71-a3f2-366182049c9f.calendar-main-in-composite" = true;
"calendar.registry.60a1da39-91e8-4f71-a3f2-366182049c9f.color" = "#a8c2e1";
"calendar.registry.60a1da39-91e8-4f71-a3f2-366182049c9f.name" = "Abgelehnt";
"calendar.registry.60a1da39-91e8-4f71-a3f2-366182049c9f.readOnly" = false;
"calendar.registry.60a1da39-91e8-4f71-a3f2-366182049c9f.type" = "caldav";
"calendar.registry.60a1da39-91e8-4f71-a3f2-366182049c9f.uri" = "https://cal.huwe.mooo.com/willifan/3ef93cc0-40f5-2b0e-a27c-e41d19bf22ab/";
"calendar.registry.60a1da39-91e8-4f71-a3f2-366182049c9f.username" = "willifan";
"calendar.registry.7da634d4-bbd5-4148-908c-42c1ad15423a.cache.enabled" = true;
"calendar.registry.7da634d4-bbd5-4148-908c-42c1ad15423a.calendar-main-in-composite" = true;
"calendar.registry.7da634d4-bbd5-4148-908c-42c1ad15423a.color" = "#8855a8";
"calendar.registry.7da634d4-bbd5-4148-908c-42c1ad15423a.name" = "Roberta";
"calendar.registry.7da634d4-bbd5-4148-908c-42c1ad15423a.readOnly" = false;
"calendar.registry.7da634d4-bbd5-4148-908c-42c1ad15423a.type" = "caldav";
"calendar.registry.7da634d4-bbd5-4148-908c-42c1ad15423a.uri" = "https://cal.huwe.mooo.com/willifan/39af6f18-99b4-547a-906c-836f26a5cfa6/";
"calendar.registry.7da634d4-bbd5-4148-908c-42c1ad15423a.username" = "willifan";
"calendar.timezone.local" = "Europe/Berlin";
"calendar.timezone.useSystemTimezone" = true;