updates and stuff

2025-01-13 17:13:44 -06:00
parent 280518e260
commit a774f7eb41
14 changed files with 200 additions and 163 deletions
--- a/flake.lock
+++ b/flake.lock
@@ -238,11 +238,11 @@
        ]
      },
      "locked": {
-        "lastModified": 1735381016,
+        "lastModified": 1736785676,
-        "narHash": "sha256-CyCZFhMUkuYbSD6bxB/r43EdmDE7hYeZZPTCv0GudO4=",
+        "narHash": "sha256-TY0jUwR3EW0fnS0X5wXMAVy6h4Z7Y6a3m+Yq++C9AyE=",
        "owner": "nix-community",
        "repo": "home-manager",
-        "rev": "10e99c43cdf4a0713b4e81d90691d22c6a58bdf2",
+        "rev": "fc52a210b60f2f52c74eac41a8647c1573d2071d",
        "type": "github"
      },
      "original": {
@@ -258,11 +258,11 @@
        ]
      },
      "locked": {
-        "lastModified": 1735344290,
+        "lastModified": 1736373539,
-        "narHash": "sha256-oJDtWPH1oJT34RJK1FSWjwX4qcGOBRkcNQPD0EbSfNM=",
+        "narHash": "sha256-dinzAqCjenWDxuy+MqUQq0I4zUSfaCvN9rzuCmgMZJY=",
        "owner": "nix-community",
        "repo": "home-manager",
-        "rev": "613691f285dad87694c2ba1c9e6298d04736292d",
+        "rev": "bd65bc3cde04c16755955630b344bc9e35272c56",
        "type": "github"
      },
      "original": {
@@ -274,11 +274,11 @@
    },
    "impermanence": {
      "locked": {
-        "lastModified": 1734945620,
+        "lastModified": 1736688610,
-        "narHash": "sha256-olIfsfJK4/GFmPH8mXMmBDAkzVQ1TWJmeGT3wBGfQPY=",
+        "narHash": "sha256-1Zl9xahw399UiZSJ9Vxs1W4WRFjO1SsNdVZQD4nghz0=",
        "owner": "nix-community",
        "repo": "impermanence",
-        "rev": "d000479f4f41390ff7cf9204979660ad5dd16176",
+        "rev": "c64bed13b562fc3bb454b48773d4155023ac31b7",
        "type": "github"
      },
      "original": {
@@ -364,11 +364,11 @@
        "nixpkgs": "nixpkgs_2"
      },
      "locked": {
-        "lastModified": 1735478292,
+        "lastModified": 1736631212,
-        "narHash": "sha256-Ys9pSP9ch0SthhpbjnkCSJ9ZLfaNKnt/dcy7swjmS1A=",
+        "narHash": "sha256-mG9lRZBcPiAGiVJ9B97BJoIGQcSBWIVlBiN30QYCtG0=",
        "owner": "LnL7",
        "repo": "nix-darwin",
-        "rev": "71a3a075e3229a7518d76636bb762aef2bcb73ac",
+        "rev": "6ace2f2d12bdf74235d5cbf9fbd34a71c9716685",
        "type": "github"
      },
      "original": {
@@ -421,11 +421,11 @@
    },
    "nixos-hardware": {
      "locked": {
-        "lastModified": 1735388221,
+        "lastModified": 1736441705,
-        "narHash": "sha256-e5IOgjQf0SZcFCEV/gMGrsI0gCJyqOKShBQU0iiM3Kg=",
+        "narHash": "sha256-OL7leZ6KBhcDF3nEKe4aZVfIm6xQpb1Kb+mxySIP93o=",
        "owner": "NixOS",
        "repo": "nixos-hardware",
-        "rev": "7c674c6734f61157e321db595dbfcd8523e04e19",
+        "rev": "8870dcaff63dfc6647fb10648b827e9d40b0a337",
        "type": "github"
      },
      "original": {
@@ -481,11 +481,11 @@
    },
    "nixpkgs-stable_2": {
      "locked": {
-        "lastModified": 1735531152,
+        "lastModified": 1736684107,
-        "narHash": "sha256-As8I+ebItDKtboWgDXYZSIjGlKeqiLBvjxsQHUmAf1Q=",
+        "narHash": "sha256-vH5mXxEvZeoGNkqKoCluhTGfoeXCZ1seYhC2pbMN0sg=",
        "owner": "NixOS",
        "repo": "nixpkgs",
-        "rev": "3ffbbdbac0566a0977da3d2657b89cbcfe9a173b",
+        "rev": "635e887b48521e912a516625eee7df6cf0eba9c1",
        "type": "github"
      },
      "original": {
@@ -497,11 +497,11 @@
    },
    "nixpkgs-unstable": {
      "locked": {
-        "lastModified": 1735471104,
+        "lastModified": 1736701207,
-        "narHash": "sha256-0q9NGQySwDQc7RhAV2ukfnu7Gxa5/ybJ2ANT8DQrQrs=",
+        "narHash": "sha256-jG/+MvjVY7SlTakzZ2fJ5dC3V1PrKKrUEOEE30jrOKA=",
        "owner": "NixOS",
        "repo": "nixpkgs",
-        "rev": "88195a94f390381c6afcdaa933c2f6ff93959cb4",
+        "rev": "ed4a395ea001367c1f13d34b1e01aa10290f67d6",
        "type": "github"
      },
      "original": {
@@ -541,22 +541,6 @@
        "type": "github"
      }
    },
    "nixpkgs_4": {
      "locked": {
        "lastModified": 1731763621,
        "narHash": "sha256-ddcX4lQL0X05AYkrkV2LMFgGdRvgap7Ho8kgon3iWZk=",
        "owner": "NixOS",
        "repo": "nixpkgs",
        "rev": "c69a9bffbecde46b4b939465422ddc59493d3e4d",
        "type": "github"
      },
      "original": {
        "owner": "NixOS",
        "ref": "nixpkgs-unstable",
        "repo": "nixpkgs",
        "type": "github"
      }
    },
    "poetry2nix": {
      "inputs": {
        "flake-utils": [
@@ -674,14 +658,16 @@
    },
    "sops-nix": {
      "inputs": {
-        "nixpkgs": "nixpkgs_4"
+        "nixpkgs": [
          "nixpkgs-stable"
        ]
      },
      "locked": {
-        "lastModified": 1735468296,
+        "lastModified": 1736777442,
-        "narHash": "sha256-ZjUjbvS06jf4fElOF4ve8EHjbpbRVHHypStoY8HGzk8=",
+        "narHash": "sha256-eON7amRmBl59QH6K9uypewkKveaNbosY6CtUgRcv7YU=",
        "owner": "Mic92",
        "repo": "sops-nix",
-        "rev": "bcb8b65aa596866eb7e5c3e1a6cccbf5d1560b27",
+        "rev": "0f4744b5a95151a85c4f35010dd2d748228f7f53",
        "type": "github"
      },
      "original": {
--- a/flake.nix
+++ b/flake.nix
@@ -45,7 +45,10 @@
    nixos-hardware.url = "github:NixOS/nixos-hardware/master";
    # Sops-nix
-    sops-nix.url = "github:Mic92/sops-nix";
+    sops-nix = {
      url = "github:Mic92/sops-nix";
      inputs.nixpkgs.follows = "nixpkgs-stable";
    };
    #Apple
    nixos-apple-silicon.url = "github:tpwrules/nixos-apple-silicon";
--- a/hosts/default.nix
+++ b/hosts/default.nix
@@ -35,9 +35,6 @@ in
    # Enable all firmware
    enableAllFirmware = lib.mkForce true;
    # Disable pulse audio in favor of pipewire
    pulseaudio.enable = lib.mkForce false;
  };
  # Services configs
@@ -61,6 +58,9 @@ in
      alsa.support32Bit = lib.mkDefault true;
      pulse.enable = lib.mkDefault true;
    };
    # Disable pulse audio in favor of pipewire
    # pulseaudio.enable = lib.mkForce false;
  };
  # Time config
--- a/hosts/desktop/boot.nix
+++ b/hosts/desktop/boot.nix
@@ -31,7 +31,7 @@ in
      enable = true;
      pkiBundle = "/etc/secureboot";
      settings = {
-        default = default;
+#        default = default;
        console-mode = "max";
      };
      configurationLimit = configLimit;
--- a/hosts/desktop/configuration.nix
+++ b/hosts/desktop/configuration.nix
@@ -103,7 +103,6 @@ in
    # specialisations
    # ./cosmic
    # ./hyprland
    ./gnome
  ];
  apps.discover-wrapped.enable = lib.mkDefault false;
@@ -115,34 +114,17 @@ in
  services = {
    # Enable Desktop Environment.
-    displayManager = {
+    xserver = {
-      sddm.enable = lib.mkDefault true;
+      desktopManager.gnome.enable = true;
-      sddm.wayland.enable = lib.mkDefault true;
+      # Enable Desktop Environment.
-      sddm.theme = lib.mkDefault "breeze";
+      displayManager = {
-      defaultSession = lib.mkDefault "plasma";
+        gdm.enable = lib.mkForce true;
        gdm.wayland = lib.mkForce true;
      };
    };
    desktopManager.plasma6.enable = lib.mkDefault true;
    # Enable Flatpak
-    flatpak.enable = lib.mkDefault true;
+    flatpak.enable = lib.mkDefault false;
  };
  # xdg.portal.extraPortals = [ pkgs.xdg-desktop-portal-kde ];
  share.hardware.amd = {
    enable = lib.mkDefault true;
    lact.enable = lib.mkDefault true;
  };
  share.gaming.enable = true;
  # Services configs
  services = {
    # Enable the X11 windowing system.
    xserver = {
      enable = lib.mkDefault true;
    };
    # enable auto discovery of printers
    avahi = {
@@ -179,6 +161,15 @@ in
    ratbagd.enable = lib.mkDefault true;
  };
  # xdg.portal.extraPortals = [ pkgs.xdg-desktop-portal-kde ];
  share.hardware.amd = {
    enable = lib.mkDefault true;
    lact.enable = lib.mkDefault true;
  };
  share.gaming.enable = true;
  systemd = {
    services = {
      fix-wifi = {
@@ -263,7 +254,6 @@ in
      borgbackup
      brscan5
      clinfo
      deja-dup
      direnv
      efibootmgr
      fixWifiScript
@@ -284,7 +274,7 @@ in
      pciutils
      # python3
      # python3Packages.requests
-      qemu_full
+      stable.qemu_full
      rclone
      rclone-browser
      rsync
@@ -337,7 +327,7 @@ in
  # Configure nixpkgs
  nixpkgs = {
-    overlays = [ outputs.overlays.nixpkgs-unstable ];
+    overlays = [ outputs.overlays.nixpkgs-unstable outputs.overlays.nixpkgs-stable ];
    config.permittedInsecurePackages = [
      # ...
    ];
--- a/hosts/desktop/gnome/default.nix
+++ b/hosts/desktop/gnome/default.nix
@@ -1,42 +0,0 @@
 { pkgs, ... }:
 {
  specialisation.gnome.configuration = {
    home-manager.users.matt = import ./home.nix;
    services = {
      xserver = {
        desktopManager.gnome.enable = true;
        # Enable Desktop Environment.
        displayManager = {
          gdm.enable = true;
          gdm.wayland = true;
        };
      };
      displayManager.defaultSession = "gnome";
      # Enable Flatpak
      flatpak.enable = false;
      # disable plasma
      displayManager.sddm.enable = false;
      desktopManager.plasma6.enable = false;
    };
    environment = {
      systemPackages = with pkgs; [
        colloid-gtk-theme
        unstable.gnome-tweaks
        gnomeExtensions.appindicator
        gnomeExtensions.arcmenu
        gnomeExtensions.dash-to-dock
        gnomeExtensions.dash-to-panel
        gnomeExtensions.tiling-assistant
      ];
    };
    # xdg.portal.extraPortals = [ pkgs.xdg-desktop-portal-gtk ];
  };
 }
--- a/hosts/desktop/gnome/home.nix
+++ b/hosts/desktop/gnome/home.nix
@@ -1,35 +0,0 @@
 { lib, ... }:
 {
  dconf = {
    enable = true;
    settings = {
      "org/gnome/desktop/interface".clock-format = "12h";
      "org/gnome/desktop/interface".color-scheme = "prefer-dark";
      "org/gnome/desktop/interface".cursor-theme = lib.mkDefault "macOS";
      "org/gnome/desktop/interface".enable-hot-corners = false;
      "org/gnome/desktop/interface".font-antialiasing = "grayscale";
      "org/gnome/desktop/interface".font-hinting = "slight";
      "org/gnome/desktop/interface".gtk-theme = lib.mkDefault "Colloid-Dark";
      "org/gnome/desktop/interface".icon-theme = lib.mkDefault "Colloid-Dark";
      "org/gnome/desktop/peripherals/mouse".accel-profile = "flat";
      "org/gnome/desktop/peripherals/touchpad".two-finger-scrolling-enabled = true;
      "org/gnome/desktop/peripherals/touchpad".tap-to-click = true;
      "org/gnome/mutter".experimental-features = [
        "scale-monitor-framebuffer"
        "variable-refresh-rate"
      ];
      "org/gnome/tweaks".show-extensions-notice = false;
      "org/gnome/shell".enabled-extensions = [
        "appindicatorsupport@rgcjonas.gmail.com"
        # "arcmenu@arcmenu.com"
        "user-theme@gnome-shell-extensions.gcampax.github.com"
        "tiling-assistant@leleat-on-github"
        "dash-to-dock@micxgx.gmail.com"
      ];
      "org/gnome/shell/extensions/dash-to-panel".primary-monitor = 1;
      "org/gnome/shell/extensions/dash-to-panel".multi-monitors = false;
      "org/gnome/shell/extensions/user-theme".name = lib.mkDefault "Colloid-Dark";
      "org/gtk/settings/file-chooser".clock-format = "12h";
    };
  };
 }
--- a/hosts/desktop/home.nix
+++ b/hosts/desktop/home.nix
@@ -1,4 +1,4 @@
-{ pkgs, ... }:
+{ lib, pkgs, ... }:
 let
  shellAliases = {
    ll = "ls -alh";
@@ -63,7 +63,7 @@ in
    bottles
    chromium
    colloid-icon-theme
-    colloid-kde
+    colloid-gtk-theme
    unstable.compose2nix
    coolercontrol.coolercontrol-gui
    deadnix
@@ -73,6 +73,12 @@ in
    freerdp
    gamescope
    gamescope-wsi
    gnome-tweaks
    gnomeExtensions.appindicator
    gnomeExtensions.arcmenu
    gnomeExtensions.dash-to-dock
    gnomeExtensions.dash-to-panel
    gnomeExtensions.tiling-assistant
    goverlay
    heroic
    home-manager
@@ -84,7 +90,7 @@ in
    morph
    nextcloud-client
    nixfmt-rfc-style
-    orca-slicer
+    stable.orca-slicer
    papirus-icon-theme
    piper
    pop-gtk-theme
@@ -113,4 +119,37 @@ in
    vorta
    vscode
  ];
  dconf = {
    enable = true;
    settings = {
      "org/gnome/desktop/interface".clock-format = "12h";
      "org/gnome/desktop/interface".color-scheme = "prefer-dark";
      "org/gnome/desktop/interface".cursor-theme = lib.mkDefault "macOS";
      "org/gnome/desktop/interface".enable-hot-corners = false;
      "org/gnome/desktop/interface".font-antialiasing = "grayscale";
      "org/gnome/desktop/interface".font-hinting = "slight";
      "org/gnome/desktop/interface".gtk-theme = lib.mkDefault "Colloid-Dark";
      "org/gnome/desktop/interface".icon-theme = lib.mkDefault "Colloid-Dark";
      "org/gnome/desktop/peripherals/mouse".accel-profile = "flat";
      "org/gnome/desktop/peripherals/touchpad".two-finger-scrolling-enabled = true;
      "org/gnome/desktop/peripherals/touchpad".tap-to-click = true;
      "org/gnome/mutter".experimental-features = [
        "scale-monitor-framebuffer"
        "variable-refresh-rate"
      ];
      "org/gnome/tweaks".show-extensions-notice = false;
      "org/gnome/shell".enabled-extensions = [
        "appindicatorsupport@rgcjonas.gmail.com"
        # "arcmenu@arcmenu.com"
        "user-theme@gnome-shell-extensions.gcampax.github.com"
        "tiling-assistant@leleat-on-github"
        "dash-to-dock@micxgx.gmail.com"
      ];
      "org/gnome/shell/extensions/dash-to-panel".primary-monitor = 1;
      "org/gnome/shell/extensions/dash-to-panel".multi-monitors = false;
      "org/gnome/shell/extensions/user-theme".name = lib.mkDefault "Colloid-Dark";
      "org/gtk/settings/file-chooser".clock-format = "12h";
    };
  };
 }
--- a/hosts/nas/apps.nix
+++ b/hosts/nas/apps.nix
@@ -7,6 +7,7 @@
    ./apps/nextcloud
    ./apps/ollama
    ./apps/paperless
    ./apps/paperless-ai
    ./apps/traefik
    ../../modules
  ];
@@ -42,6 +43,8 @@
    open-webui.enable = false;
    paperless-ai.enable = true;
    tdarr.enable = true;
    your_spotify.enable = true;
--- a/hosts/nas/apps/paperless-ai/default.nix
+++ b/hosts/nas/apps/paperless-ai/default.nix
@@ -0,0 +1,28 @@
 { lib, config, ... }:
 with lib;
 let
  cfg = config.nas-apps.paperless-ai;
 in
 {
  imports = [ ./options.nix ];
  config = mkIf cfg.enable {
    virtualisation.oci-containers.containers.${cfg.name} = {
      autoStart = true;
      image = cfg.image;
      extraOptions = [ "--device=nvidia.com/gpu=0" "--network=bridge" "--add-host=host.docker.internal:host-gateway" ];
      volumes = [ "${cfg.configPath}:/app/data" ];
      ports = [ "${cfg.port}:3000" ];
      environment = {
        NVIDIA_VISIBLE_DEVICES = "all";
        NVIDIA_DRIVER_CAPABILITIES = "all";
        PAPERLESS_API_URL = "http://10.0.1.20:28981";
        PAPERLESS_API_TOKEN = "6f26e1a4632f23bc2da5b74c799ccbda18fa8022";
        PUID = cfg.puid;
        PGID = cfg.pgid;
        TZ = cfg.timeZone;
      };
    };
  };
 }
--- a/hosts/nas/apps/paperless-ai/options.nix
+++ b/hosts/nas/apps/paperless-ai/options.nix
@@ -0,0 +1,47 @@
 { lib, ... }:
 with lib;
 {
  options.nas-apps.paperless-ai = {
    enable = mkEnableOption "paperless-ai docker service";
    autoStart = mkOption {
      type = types.bool;
      default = true;
    };
    port = mkOption {
      type = types.str;
      default = "3000";
    };
    name = mkOption {
      type = types.str;
      default = "paperless-ai";
    };
    image = mkOption {
      type = types.str;
      default = "clusterzx/paperless-ai";
    };
    configPath = mkOption {
      type = types.str;
      default = "/media/nas/ssd/nix-app-data/paperless-ai";
    };
    puid = mkOption {
      type = types.str;
      default = "911";
    };
    pgid = mkOption {
      type = types.str;
      default = "1000";
    };
    timeZone = mkOption {
      type = types.str;
      default = "America/Chicago";
    };
  };
 }
--- a/hosts/nas/apps/paperless/default.nix
+++ b/hosts/nas/apps/paperless/default.nix
@@ -35,14 +35,13 @@ in
          user = "paperless";
          address = "0.0.0.0";
          passwordFile = "/var/lib/paperless/paperless-password";
-          # settings = {
+          settings = {
-          #   PAPERLESS_APPS="allauth.socialaccount.providers.openid_connect";
+            PAPERLESS_URL = "https://paperless.jallen.dev";
-          #   PAPERLESS_SOCIALACCOUNT_PROVIDERS = {
+            PAPERLESS_SECRET = "Luciferthecat03092024";
-          #     "openid_connect" = {
+            PAPERLESS_ENABLE_ALLAUTH = true;
-          #       "OAUTH_PKCE_ENABLED":true,
+            PAPERLESS_APPS = "allauth.socialaccount.providers.openid_connect";
-          #       "APPS":[
+            PAPERLESS_SOCIALACCOUNT_PROVIDERS=''{"openid_connect":{"OAUTH_PKCE_ENABLED":true,"APPS":[{"provider_id":"authentik","name":"authentik","client_id":"OZhMnBUxwJvpjkUhs4ISgA0iAWA7etgTXaohLCED","secret":"UrwdWObeyoEI1AogXcjV8SwYsJ585Wkh5YxDH5wFPXZxp8IVV9QNsn32PIAv6h9BdjaiiMrOFayaW3uXyZYg71olG5OQ1qGaD6WYn0EijYBwxoEuvp7LIdMJ4lImhVR1","settings":{"server_url":"https://authentik.mjallen.dev/application/o/paperless/.well-known/openid-configuration"}}]}}'';
-          #         {"provider_id":"authentik","name":"Authentik","client_id":"<Client ID>","secret":<Client Secret>","settings":{"server_url":"https://authentik.mjallen.dev/application/o/paperless/.well-known/openid-configuration"}}]}}
+          };
          # }
        };
        # Create required users and groups
--- a/hosts/nas/apps/traefik/default.nix
+++ b/hosts/nas/apps/traefik/default.nix
@@ -10,6 +10,7 @@ let
  jellyseerrUrl = "http://10.0.1.52:5055";
  hassUrl       = "http://10.0.1.183:8123";
  openWebUIUrl  = "http://10.0.1.18:8888";
  paperlessUrl  = "http://10.0.1.20:28981";
 in
 {
  networking.firewall = {
@@ -147,6 +148,11 @@ in
              url = openWebUIUrl;
            }
          ];
          paperless.loadBalancer.servers = [
            {
              url = paperlessUrl;
            }
          ];
        };
        routers = {
@@ -203,6 +209,12 @@ in
            priority = 10;
            tls.certResolver = "letsencrypt";
          };
          # paperless = {
          #   entryPoints = ["websecure"];
          #   rule = "Host(`paperless.${domain}`)";
          #   service = "paperless";
          #   tls.certResolver = "letsencrypt";
          # };
        };
      };
    };
--- a/modules/apps/free-games-claimer/default.nix
+++ b/modules/apps/free-games-claimer/default.nix
@@ -16,6 +16,13 @@ in
        PUID = cfg.puid;
        PGID = cfg.pgid;
        TZ = cfg.timeZone;
        EG_EMAIL = "matt.l.jallen@gmail.com";
        EG_PASSWORD = "NSu@nn^XeVHVjxRxWT2B";
        EG_OTPKEY = "KRKU2UKDJBDE6R2JGRLFKRKEJ5DFKTCWKVEUUQSGKVKFSTKTKBDQ";
        PG_EMAIL = "jalle008@proton.me";
        PG_PASSWORD = "BogieDudie1";
        GOG_EMAIL = "matt.l.jallen@gmail.com";
        GOG_PASSWORD = "BogieDudie1";
        # NOTIFY = "mailto://myemail:mypass@gmail.com";
      };
    };