k/nixos_configs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: k:cf4133344f466f07d9dc56b2b9dfa81b464184f9
Branches Tags
k:master
...
compare: k:6de1df0772783567e0377b9b4c62b65137a3eeac
Branches Tags
k:master

2 Commits
cf4133344f ... 6de1df0772

Author SHA1 Message Date
k
6de1df0772 cleanup server config 2024-09-07 13:35:10 -04:00
k
61dadbb51a clean up laptophome 2024-09-07 13:17:36 -04:00
5 changed files with 222 additions and 261 deletions
Show Stats Expand all files Collapse all files

43
hosts/laptop/home.nix
View File

@ -8,22 +8,20 @@
homeDirectory = "/home/k";
stateVersion = "23.11";
enableNixpkgsReleaseCheck = false;
packages = [
pkgs.nerdfonts
pkgs.firefox
pkgs.keepassxc
pkgs.syncthing
pkgs.thunderbird
pkgs.blender
pkgs.vesktop
pkgs.btop
pkgs.zip
pkgs.spotify
pkgs.distrobox
packages = with pkgs;[
nerdfonts
firefox
keepassxc
thunderbird
blender
vesktop
btop
zip
spotify
distrobox
pkgs.modrinth-app
pkgs.emacs
pkgs.direnv
modrinth-app
direnv
];
};
@ -34,6 +32,12 @@
userEmail = "markers711@gmail.com";
};
direnv = {
enable = true;
enableZshIntegration = true;
nix-direnv.enable = true;
};
starship.enable = true;
zsh = {
enable = true;
@ -54,5 +58,12 @@
};
};
services = { syncthing.enable = true; };
services = {
syncthing.enable = true;
activitywatch.enable = true;
emacs = {
enable = true;
defaultEditor = true;
};
};
}

72
hosts/server/configuration.nix
View File

@ -1,78 +1,32 @@
# Edit this configuration file to define what should be installed on
# your system. Help is available in the configuration.nix(5) man page
# and in the NixOS manual (accessible by running nixos-help).
{ config, pkgs, inputs, ... }:
{
imports =
[ # Include the results of the hardware scan.
./hardware-configuration.nix
./service.nix
];
nix.settings.experimental-features = ["nix-command" "flakes"];
nixpkgs.config.allowUnfree = true;
imports = [ ./hardware-configuration.nix ./service.nix ];
powerManagement.enable = true;
system.autoUpgrade.enable = true;
# networking.wireless.enable = true; # Enables wireless support via wpa_supplicant.
# Configure network proxy if necessary
# networking.proxy.default = "http://user:password@proxy:port/";
# networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain";
# Enable networking
networking.networkmanager.enable = true;
# Set your time zone.
time.timeZone = "America/New_York";
# Select internationalisation properties.
i18n.defaultLocale = "en_US.UTF-8";
i18n.extraLocaleSettings = {
LC_ADDRESS = "en_US.UTF-8";
LC_IDENTIFICATION = "en_US.UTF-8";
LC_MEASUREMENT = "en_US.UTF-8";
LC_MONETARY = "en_US.UTF-8";
LC_NAME = "en_US.UTF-8";
LC_NUMERIC = "en_US.UTF-8";
LC_PAPER = "en_US.UTF-8";
LC_TELEPHONE = "en_US.UTF-8";
LC_TIME = "en_US.UTF-8";
nix = {
settings.experimental-features = [ "nix-command" "flakes" ];
gc.automatic = true;
};
programs = {
nix-ld.enable = true;
nix-ld.libraries = with pkgs; [ glibc glib ];
zsh.enable = true;
};
# Enable CUPS to print documents.
services.auto-cpufreq.enable = true;
services.thermald.enable = true;
powerManagement.powertop.enable = true;
powerManagement.enable = true;
programs.nix-ld.enable = true;
programs.nix-ld.libraries = with pkgs; [
];
programs.zsh.enable = true;
users.users.k = {
isNormalUser = true;
description = "k";
extraGroups = [ "networkmanager" "wheel" ];
packages = with pkgs; [zsh];
packages = with pkgs; [ zsh ];
shell = pkgs.zsh;
};
home-manager = {
users = {
"k" = import ./home.nix;
};
};
system.autoUpgrade.enable = true;
nix.gc.automatic = true;
home-manager = { users = { "k" = import ./home.nix; }; };
# List packages installed in system profile. To search, run:
# $ nix search wget
environment.systemPackages = with pkgs; [
docker-compose
intel-vaapi-driver
intel-compute-runtime
intel-media-driver

22
hosts/server/hardware-configuration.nix
View File

@ -4,11 +4,10 @@
{ config, lib, pkgs, modulesPath, ... }:
{
imports =
[ (modulesPath + "/installer/scan/not-detected.nix")
];
imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
boot.initrd.availableKernelModules = [ "xhci_pci" "thunderbolt" "nvme" "usb_storage" "sd_mod" "rtsx_pci_sdmmc" ];
boot.initrd.availableKernelModules =
[ "xhci_pci" "thunderbolt" "nvme" "usb_storage" "sd_mod" "rtsx_pci_sdmmc" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ];
@ -18,20 +17,18 @@
networking.hostName = "nixserver"; # Define your hostname.
fileSystems."/" =
{ device = "/dev/disk/by-uuid/aaf4a4be-fed2-42b2-be79-4ca920bb7292";
fileSystems."/" = {
device = "/dev/disk/by-uuid/aaf4a4be-fed2-42b2-be79-4ca920bb7292";
fsType = "ext4";
};
fileSystems."/boot" =
{ device = "/dev/disk/by-uuid/150F-09C6";
fileSystems."/boot" = {
device = "/dev/disk/by-uuid/150F-09C6";
fsType = "vfat";
};
swapDevices =
[ { device = "/dev/disk/by-uuid/ecde85bd-abea-4926-80d5-810b01d0e364"; }
];
[{ device = "/dev/disk/by-uuid/ecde85bd-abea-4926-80d5-810b01d0e364"; }];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
@ -41,5 +38,6 @@
# networking.interfaces.wlp0s20f3.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
hardware.cpu.intel.updateMicrocode =
lib.mkDefault config.hardware.enableRedistributableFirmware;
}

31
hosts/server/home.nix
View File

@ -1,34 +1,32 @@
{ config, pkgs, inputs, ... }:
{
home.enableNixpkgsReleaseCheck = false;
nixpkgs.config.allowUnfree = true;
home.username = "k";
home.homeDirectory = "/home/k";
home.stateVersion = "23.11";
home = {
username = "k";
homeDirectory = "/home/k";
stateVersion = "23.11";
enableNixpkgsReleaseCheck = false;
home.packages = [
pkgs.syncthing
pkgs.neovim
pkgs.btop
];
packages = [ pkgs.neovim pkgs.btop ];
};
programs.git = {
programs = {
git = {
enable = true;
userName = "k";
userEmail = "markers711@gmail.com";
};
programs.starship.enable = true;
programs.zsh = {
starship.enable = true;
zsh = {
enable = true;
autosuggestion.enable = true;
enableCompletion = true;
syntaxHighlighting.enable = true;
autocd = true;
plugins = [
{
plugins = [{
name = "zsh-nix-shell";
file = "nix-shell.plugin.zsh";
src = pkgs.fetchFromGitHub {
@ -37,8 +35,9 @@
rev = "v0.8.0";
sha256 = "1lzrn0n4fxfcgg65v0qhnj7wnybybqzs4adz7xsrkgmcsr0ii8b7";
};
}
];
}];
};
};
services.syncthing.enable = true;
}

75
hosts/server/service.nix
View File

@ -1,21 +1,25 @@
{pkgs,lib,...}:
{
{ pkgs, lib, ... }: {
networking.firewall = {
enable = true;
allowedTCPPorts = [80 443 22 ];
allowedTCPPorts = [ 80 443 22 ];
};
services.openssh = {
enable = true;
security.acme = {
acceptTerms = true;
defaults.email = "markers711@gmail.com";
};
services.jellyfin = {
enable = true;
};
virtualisation.docker = { enable = true; };
services.gitea = {
services = {
openssh = { enable = true; };
jellyfin = { enable = true; };
fail2ban = { enable = true; };
gitea = {
enable = true;
settings = {
service.DISABLE_REGISTRATION = true;
@ -28,30 +32,35 @@
};
};
services.gitea-actions-runner.instances.home = {
gitea-actions-runner.instances.home = {
enable = true;
url = "https://git.dhilton.xyz";
name = "nixsrv";
token = "LaqTWUDidsm510TGBglGvcphsUxYmCzMjrZbEtJj";
labels = ["ubuntu-latest:docker://catthehacker/ubuntu:act-latest" "ubuntu-22.04:docker://catthehacker/ubuntu:act-22.04" "ubuntu-20.04:docker://catthehacker/ubuntu:act-20.04" "ubuntu-18.04:docker://catthehacker/ubuntu:act-18.04" "native:host"];
labels = [
"ubuntu-latest:docker://catthehacker/ubuntu:act-latest"
"ubuntu-22.04:docker://catthehacker/ubuntu:act-22.04"
"ubuntu-20.04:docker://catthehacker/ubuntu:act-20.04"
"ubuntu-18.04:docker://catthehacker/ubuntu:act-18.04"
"native:host"
];
};
services.home-assistant = {
home-assistant = {
enable = true;
extraComponents = ["wiz" "fail2ban"];
extraComponents = [ "wiz" "fail2ban" ];
config = {
default_config={};
default_config = { };
"automation ui" = "!include automations.yaml";
http = {
use_x_forwarded_for="true";
trusted_proxies=["127.0.0.1"];
server_port=8003;
use_x_forwarded_for = "true";
trusted_proxies = [ "127.0.0.1" ];
server_port = 8003;
};
};
};
services.ntfy-sh = {
ntfy-sh = {
enable = true;
settings = {
listen-http = ":8004";
@ -61,26 +70,20 @@
};
};
services.searx = {
enable=true;
settings = { server.port = 8005; server.secret_key = "secretlol";};
};
services.fail2ban = {
enable=true;
};
virtualisation.docker = {
searx = {
enable = true;
settings = {
server.port = 8005;
server.secret_key = "secretlol";
};
};
services.nginx = {
nginx = {
enable = true;
recommendedProxySettings = true;
recommendedTlsSettings = true;
};
services.nginx.virtualHosts = {
virtualHosts = {
"dhilton.xyz" = {
enableACME = true;
@ -142,10 +145,6 @@
};
};
};
security.acme = {
acceptTerms = true;
defaults.email = "markers711@gmail.com";
};
};
}