k/nixos_configs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: k:cf4133344f466f07d9dc56b2b9dfa81b464184f9
Branches Tags
k:master
...
compare: k:6de1df0772783567e0377b9b4c62b65137a3eeac
Branches Tags
k:master

2 Commits
cf4133344f ... 6de1df0772

Author SHA1 Message Date
k
6de1df0772 cleanup server config 2024-09-07 13:35:10 -04:00
k
61dadbb51a clean up laptophome 2024-09-07 13:17:36 -04:00
5 changed files with 222 additions and 261 deletions
Show Stats Expand all files Collapse all files

43
hosts/laptop/home.nix
View File

@ -8,22 +8,20 @@
homeDirectory = "/home/k"; homeDirectory = "/home/k";
stateVersion = "23.11"; stateVersion = "23.11";
enableNixpkgsReleaseCheck = false; enableNixpkgsReleaseCheck = false;
packages = [ packages = with pkgs;[
pkgs.nerdfonts nerdfonts
pkgs.firefox firefox
pkgs.keepassxc keepassxc
pkgs.syncthing thunderbird
pkgs.thunderbird blender
pkgs.blender vesktop
pkgs.vesktop btop
pkgs.btop zip
pkgs.zip spotify
pkgs.spotify distrobox
pkgs.distrobox
pkgs.modrinth-app modrinth-app
pkgs.emacs direnv
pkgs.direnv
]; ];
}; };
@ -34,6 +32,12 @@
userEmail = "markers711@gmail.com"; userEmail = "markers711@gmail.com";
}; };
direnv = {
enable = true;
enableZshIntegration = true;
nix-direnv.enable = true;
};
starship.enable = true; starship.enable = true;
zsh = { zsh = {
enable = true; enable = true;
@ -54,5 +58,12 @@
}; };
}; };
services = { syncthing.enable = true; }; services = {
syncthing.enable = true;
activitywatch.enable = true;
emacs = {
enable = true;
defaultEditor = true;
};
};
} }

70
hosts/server/configuration.nix
View File

@ -1,57 +1,21 @@
# Edit this configuration file to define what should be installed on
# your system. Help is available in the configuration.nix(5) man page
# and in the NixOS manual (accessible by running nixos-help).
{ config, pkgs, inputs, ... }: { config, pkgs, inputs, ... }:
{ {
imports = imports = [ ./hardware-configuration.nix ./service.nix ];
[ # Include the results of the hardware scan. powerManagement.enable = true;
./hardware-configuration.nix system.autoUpgrade.enable = true;
./service.nix
];
nix.settings.experimental-features = ["nix-command" "flakes"];
nixpkgs.config.allowUnfree = true;
# networking.wireless.enable = true; # Enables wireless support via wpa_supplicant. nix = {
settings.experimental-features = [ "nix-command" "flakes" ];
# Configure network proxy if necessary gc.automatic = true;
# networking.proxy.default = "http://user:password@proxy:port/";
# networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain";
# Enable networking
networking.networkmanager.enable = true;
# Set your time zone.
time.timeZone = "America/New_York";
# Select internationalisation properties.
i18n.defaultLocale = "en_US.UTF-8";
i18n.extraLocaleSettings = {
LC_ADDRESS = "en_US.UTF-8";
LC_IDENTIFICATION = "en_US.UTF-8";
LC_MEASUREMENT = "en_US.UTF-8";
LC_MONETARY = "en_US.UTF-8";
LC_NAME = "en_US.UTF-8";
LC_NUMERIC = "en_US.UTF-8";
LC_PAPER = "en_US.UTF-8";
LC_TELEPHONE = "en_US.UTF-8";
LC_TIME = "en_US.UTF-8";
}; };
programs = {
nix-ld.enable = true;
nix-ld.libraries = with pkgs; [ glibc glib ];
zsh.enable = true;
};
# Enable CUPS to print documents.
services.auto-cpufreq.enable = true;
services.thermald.enable = true;
powerManagement.powertop.enable = true;
powerManagement.enable = true;
programs.nix-ld.enable = true;
programs.nix-ld.libraries = with pkgs; [
];
programs.zsh.enable = true;
users.users.k = { users.users.k = {
isNormalUser = true; isNormalUser = true;
description = "k"; description = "k";
@ -59,20 +23,10 @@
packages = with pkgs; [ zsh ]; packages = with pkgs; [ zsh ];
shell = pkgs.zsh; shell = pkgs.zsh;
}; };
home-manager = {
users = {
"k" = import ./home.nix;
};
};
system.autoUpgrade.enable = true; home-manager = { users = { "k" = import ./home.nix; }; };
nix.gc.automatic = true;
# List packages installed in system profile. To search, run:
# $ nix search wget
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
docker-compose
intel-vaapi-driver intel-vaapi-driver
intel-compute-runtime intel-compute-runtime
intel-media-driver intel-media-driver

22
hosts/server/hardware-configuration.nix
View File

@ -4,11 +4,10 @@
{ config, lib, pkgs, modulesPath, ... }: { config, lib, pkgs, modulesPath, ... }:
{ {
imports = imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
[ (modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = [ "xhci_pci" "thunderbolt" "nvme" "usb_storage" "sd_mod" "rtsx_pci_sdmmc" ]; boot.initrd.availableKernelModules =
[ "xhci_pci" "thunderbolt" "nvme" "usb_storage" "sd_mod" "rtsx_pci_sdmmc" ];
boot.initrd.kernelModules = [ ]; boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-intel" ]; boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ]; boot.extraModulePackages = [ ];
@ -18,20 +17,18 @@
networking.hostName = "nixserver"; # Define your hostname. networking.hostName = "nixserver"; # Define your hostname.
fileSystems."/" = {
fileSystems."/" = device = "/dev/disk/by-uuid/aaf4a4be-fed2-42b2-be79-4ca920bb7292";
{ device = "/dev/disk/by-uuid/aaf4a4be-fed2-42b2-be79-4ca920bb7292";
fsType = "ext4"; fsType = "ext4";
}; };
fileSystems."/boot" = fileSystems."/boot" = {
{ device = "/dev/disk/by-uuid/150F-09C6"; device = "/dev/disk/by-uuid/150F-09C6";
fsType = "vfat"; fsType = "vfat";
}; };
swapDevices = swapDevices =
[ { device = "/dev/disk/by-uuid/ecde85bd-abea-4926-80d5-810b01d0e364"; } [{ device = "/dev/disk/by-uuid/ecde85bd-abea-4926-80d5-810b01d0e364"; }];
];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's # (the default) this is the recommended approach. When using systemd-networkd it's
@ -41,5 +38,6 @@
# networking.interfaces.wlp0s20f3.useDHCP = lib.mkDefault true; # networking.interfaces.wlp0s20f3.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; hardware.cpu.intel.updateMicrocode =
lib.mkDefault config.hardware.enableRedistributableFirmware;
} }

31
hosts/server/home.nix
View File

@ -1,34 +1,32 @@
{ config, pkgs, inputs, ... }: { config, pkgs, inputs, ... }:
{ {
home.enableNixpkgsReleaseCheck = false;
nixpkgs.config.allowUnfree = true; nixpkgs.config.allowUnfree = true;
home.username = "k"; home = {
home.homeDirectory = "/home/k"; username = "k";
home.stateVersion = "23.11"; homeDirectory = "/home/k";
stateVersion = "23.11";
enableNixpkgsReleaseCheck = false;
home.packages = [ packages = [ pkgs.neovim pkgs.btop ];
pkgs.syncthing };
pkgs.neovim
pkgs.btop
];
programs.git = { programs = {
git = {
enable = true; enable = true;
userName = "k"; userName = "k";
userEmail = "markers711@gmail.com"; userEmail = "markers711@gmail.com";
}; };
programs.starship.enable = true; starship.enable = true;
programs.zsh = { zsh = {
enable = true; enable = true;
autosuggestion.enable = true; autosuggestion.enable = true;
enableCompletion = true; enableCompletion = true;
syntaxHighlighting.enable = true; syntaxHighlighting.enable = true;
autocd = true; autocd = true;
plugins = [ plugins = [{
{
name = "zsh-nix-shell"; name = "zsh-nix-shell";
file = "nix-shell.plugin.zsh"; file = "nix-shell.plugin.zsh";
src = pkgs.fetchFromGitHub { src = pkgs.fetchFromGitHub {
@ -37,8 +35,9 @@
rev = "v0.8.0"; rev = "v0.8.0";
sha256 = "1lzrn0n4fxfcgg65v0qhnj7wnybybqzs4adz7xsrkgmcsr0ii8b7"; sha256 = "1lzrn0n4fxfcgg65v0qhnj7wnybybqzs4adz7xsrkgmcsr0ii8b7";
}; };
} }];
];
}; };
};
services.syncthing.enable = true; services.syncthing.enable = true;
} }

63
hosts/server/service.nix
View File

@ -1,21 +1,25 @@
{pkgs,lib,...}: { pkgs, lib, ... }: {
{
networking.firewall = { networking.firewall = {
enable = true; enable = true;
allowedTCPPorts = [ 80 443 22 ]; allowedTCPPorts = [ 80 443 22 ];
}; };
services.openssh = { security.acme = {
enable = true; acceptTerms = true;
defaults.email = "markers711@gmail.com";
}; };
services.jellyfin = { virtualisation.docker = { enable = true; };
enable = true;
};
services.gitea = { services = {
openssh = { enable = true; };
jellyfin = { enable = true; };
fail2ban = { enable = true; };
gitea = {
enable = true; enable = true;
settings = { settings = {
service.DISABLE_REGISTRATION = true; service.DISABLE_REGISTRATION = true;
@ -28,15 +32,21 @@
}; };
}; };
services.gitea-actions-runner.instances.home = { gitea-actions-runner.instances.home = {
enable = true; enable = true;
url = "https://git.dhilton.xyz"; url = "https://git.dhilton.xyz";
name = "nixsrv"; name = "nixsrv";
token = "LaqTWUDidsm510TGBglGvcphsUxYmCzMjrZbEtJj"; token = "LaqTWUDidsm510TGBglGvcphsUxYmCzMjrZbEtJj";
labels = ["ubuntu-latest:docker://catthehacker/ubuntu:act-latest" "ubuntu-22.04:docker://catthehacker/ubuntu:act-22.04" "ubuntu-20.04:docker://catthehacker/ubuntu:act-20.04" "ubuntu-18.04:docker://catthehacker/ubuntu:act-18.04" "native:host"]; labels = [
"ubuntu-latest:docker://catthehacker/ubuntu:act-latest"
"ubuntu-22.04:docker://catthehacker/ubuntu:act-22.04"
"ubuntu-20.04:docker://catthehacker/ubuntu:act-20.04"
"ubuntu-18.04:docker://catthehacker/ubuntu:act-18.04"
"native:host"
];
}; };
services.home-assistant = { home-assistant = {
enable = true; enable = true;
extraComponents = [ "wiz" "fail2ban" ]; extraComponents = [ "wiz" "fail2ban" ];
config = { config = {
@ -50,8 +60,7 @@
}; };
}; };
ntfy-sh = {
services.ntfy-sh = {
enable = true; enable = true;
settings = { settings = {
listen-http = ":8004"; listen-http = ":8004";
@ -61,26 +70,20 @@
}; };
}; };
services.searx = { searx = {
enable = true; enable = true;
settings = { server.port = 8005; server.secret_key = "secretlol";}; settings = {
server.port = 8005;
server.secret_key = "secretlol";
};
}; };
services.fail2ban = { nginx = {
enable=true;
};
virtualisation.docker = {
enable = true;
};
services.nginx = {
enable = true; enable = true;
recommendedProxySettings = true; recommendedProxySettings = true;
recommendedTlsSettings = true; recommendedTlsSettings = true;
};
services.nginx.virtualHosts = { virtualHosts = {
"dhilton.xyz" = { "dhilton.xyz" = {
enableACME = true; enableACME = true;
@ -142,10 +145,6 @@
}; };
}; };
}; };
};
security.acme = {
acceptTerms = true;
defaults.email = "markers711@gmail.com";
}; };
} }