mjallen/nix-config
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

temp and updates

Browse Source
This commit is contained in:
mjallen18
2024-11-27 09:53:18 -06:00
parent f5e6943e9d
commit b7c85a7a56
16 changed files with 179 additions and 71 deletions
Download Patch File Download Diff File Expand all files Collapse all files

106
flake.lock generated
View File

@@ -8,17 +8,17 @@
"flake-utils": "flake-utils",
"napalm": "napalm",
"nixpkgs": [
"nixpkgs-stable"
"nixpkgs-unstable"
],
"poetry2nix": "poetry2nix",
"systems": "systems"
},
"locked": {
"lastModified": 1731622832,
"narHash": "sha256-uTdeXrKRhkBaDAGSxw7s8YYvbU2JN6bbWh2ngUjmnUM=",
"lastModified": 1732215451,
"narHash": "sha256-P2VVlzRGKBNsiHsN1yMZcSMXpwtIx9ysMFZAqKFJ14o=",
"owner": "nix-community",
"repo": "authentik-nix",
"rev": "91ff8d93f089104d3d75c85758832252989c6a04",
"rev": "9d9c0a3a94a91cfed654a18239e27cf56970daa4",
"type": "github"
},
"original": {
@@ -30,16 +30,16 @@
"authentik-src": {
"flake": false,
"locked": {
"lastModified": 1731600340,
"narHash": "sha256-7uQteE+Ywiu04Ymhl3G8IRH6JJXPyd0mg61tJJMeGvg=",
"lastModified": 1732213300,
"narHash": "sha256-4Pv35cnZGiTxe6j2O0F9L9sHzxVIC1SazeAUD5kWeBs=",
"owner": "goauthentik",
"repo": "authentik",
"rev": "66a4970014da49ceec0715e5dec8c9aa032a3146",
"rev": "527e584699abc93712114b05f70f59c5187caa66",
"type": "github"
},
"original": {
"owner": "goauthentik",
"ref": "version/2024.10.2",
"ref": "version/2024.10.4",
"repo": "authentik",
"type": "github"
}
@@ -52,11 +52,11 @@
"nixpkgs": "nixpkgs"
},
"locked": {
"lastModified": 1731866540,
"narHash": "sha256-wAz/S5GLm+9Vp0kmUPsva3Mxp+VUnbEUZ8aBM1aEhhY=",
"lastModified": 1732400024,
"narHash": "sha256-uf1QzIl0Jj5dr7+erWjHWiCUEvywLaR7ir1jcqGgjeQ=",
"owner": "chaotic-cx",
"repo": "nyx",
"rev": "0857914b69d90ba758e614298452636c6fdc9c7c",
"rev": "376a2e022a5d8fa21cecb5bb0fef0cb54db5cdfc",
"type": "github"
},
"original": {
@@ -76,11 +76,11 @@
"rust-overlay": "rust-overlay"
},
"locked": {
"lastModified": 1731712317,
"narHash": "sha256-NpkSAwLFTFRZx+C2yL0JCBnjnZQRs8PsWRqZ0S08Bc8=",
"lastModified": 1732412226,
"narHash": "sha256-Eb7LqtaCVgZy5Kp3pMrRTAmcnFO7HGj6lpAM2TrQzTA=",
"owner": "lilyinstarlight",
"repo": "nixos-cosmic",
"rev": "0b0e62252fb3b4e6b0a763190413513be499c026",
"rev": "44c9057ebbf4eb41cff08b8fc9c952b3f977656a",
"type": "github"
},
"original": {
@@ -295,11 +295,11 @@
]
},
"locked": {
"lastModified": 1731535640,
"narHash": "sha256-2EckCJn4wxran/TsRiCOFcmVpep2m9EBKl99NBh2GnM=",
"lastModified": 1732303962,
"narHash": "sha256-5Umjb5AdtxV5jSJd5jxoCckh5mlg+FBQDsyAilu637g=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "35b055009afd0107b69c286fca34d2ad98940d57",
"rev": "8cf9cb2ee78aa129e5b8220135a511a2be254c0c",
"type": "github"
},
"original": {
@@ -315,11 +315,11 @@
]
},
"locked": {
"lastModified": 1731880681,
"narHash": "sha256-FmYTkIyPBUxSWgA7DPIVTsCCMvSSbs56yOtHpLNSnKg=",
"lastModified": 1732466619,
"narHash": "sha256-T1e5oceypZu3Q8vzICjv1X/sGs9XfJRMW5OuXHgpB3c=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "aecd341dfead1c3ef7a3c15468ecd71e8343b7c6",
"rev": "f3111f62a23451114433888902a55cf0692b408d",
"type": "github"
},
"original": {
@@ -336,11 +336,11 @@
]
},
"locked": {
"lastModified": 1731887066,
"narHash": "sha256-uw7K/RsYioJicV79Nl39yjtfhdfTDU2aRxnBgvFhkZ8=",
"lastModified": 1732482255,
"narHash": "sha256-GUffLwzawz5WRVfWaWCg78n/HrBJrOG7QadFY6rtV8A=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "f3a2ff69586f3a54b461526e5702b1a2f81e740a",
"rev": "a9953635d7f34e7358d5189751110f87e3ac17da",
"type": "github"
},
"original": {
@@ -373,11 +373,11 @@
]
},
"locked": {
"lastModified": 1731227601,
"narHash": "sha256-aGUQ6W/Oxd9xjH9RQbnUtC61sTK2fWlKr+J7kavT/RQ=",
"lastModified": 1732032028,
"narHash": "sha256-NjyfJQQxs/a2a/KwTmXM44K7XjeJwGsf4YFtebueQzo=",
"owner": "Jovian-Experiments",
"repo": "Jovian-NixOS",
"rev": "7691d0ac1deb6ac7482c5a22fe1a14a34ca608b0",
"rev": "65dc04371cf914c9af4f073638821e4787303005",
"type": "github"
},
"original": {
@@ -444,11 +444,11 @@
"nixpkgs": "nixpkgs_2"
},
"locked": {
"lastModified": 1731885500,
"narHash": "sha256-ZrztYfSOS33J+ewq5alBOSdnIyZ0/sr1iy7FyBe9zIg=",
"lastModified": 1732603785,
"narHash": "sha256-AEjWTJwOmSnVYsSJCojKgoguGfFfwel6z/6ud6UFMU8=",
"owner": "LnL7",
"repo": "nix-darwin",
"rev": "c60b5c924c6188a0b3ca2e139ead3d0f92ae5db5",
"rev": "6ab87b7c84d4ee873e937108c4ff80c015a40c7a",
"type": "github"
},
"original": {
@@ -524,11 +524,11 @@
},
"nixos-hardware": {
"locked": {
"lastModified": 1731797098,
"narHash": "sha256-UhWmEZhwJZmVZ1jfHZFzCg+ZLO9Tb/v3Y6LC0UNyeTo=",
"lastModified": 1732483221,
"narHash": "sha256-kF6rDeCshoCgmQz+7uiuPdREVFuzhIorGOoPXMalL2U=",
"owner": "NixOS",
"repo": "nixos-hardware",
"rev": "672ac2ac86f7dff2f6f3406405bddecf960e0db6",
"rev": "45348ad6fb8ac0e8415f6e5e96efe47dd7f39405",
"type": "github"
},
"original": {
@@ -540,11 +540,11 @@
},
"nixpkgs": {
"locked": {
"lastModified": 1731676054,
"narHash": "sha256-OZiZ3m8SCMfh3B6bfGC/Bm4x3qc1m2SVEAlkV6iY7Yg=",
"lastModified": 1732014248,
"narHash": "sha256-y/MEyuJ5oBWrWAic/14LaIr/u5E0wRVzyYsouYY3W6w=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "5e4fbfb6b3de1aa2872b76d49fafc942626e2add",
"rev": "23e89b7da85c3640bbc2173fe04f4bd114342367",
"type": "github"
},
"original": {
@@ -568,11 +568,11 @@
},
"nixpkgs-stable": {
"locked": {
"lastModified": 1731386116,
"narHash": "sha256-lKA770aUmjPHdTaJWnP3yQ9OI1TigenUqVC3wweqZuI=",
"lastModified": 1731797254,
"narHash": "sha256-df3dJApLPhd11AlueuoN0Q4fHo/hagP75LlM5K1sz9g=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "689fed12a013f56d4c4d3f612489634267d86529",
"rev": "e8c38b73aeb218e27163376a2d617e61a2ad9b59",
"type": "github"
},
"original": {
@@ -600,11 +600,11 @@
},
"nixpkgs-stable_3": {
"locked": {
"lastModified": 1731755305,
"narHash": "sha256-v5P3dk5JdiT+4x69ZaB18B8+Rcu3TIOrcdG4uEX7WZ8=",
"lastModified": 1732350895,
"narHash": "sha256-GcOQbOgmwlsRhpLGSwZJwLbo3pu9ochMETuRSS1xpz4=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "057f63b6dc1a2c67301286152eb5af20747a9cb4",
"rev": "0c582677378f2d9ffcb01490af2f2c678dcb29d3",
"type": "github"
},
"original": {
@@ -616,11 +616,11 @@
},
"nixpkgs-unstable": {
"locked": {
"lastModified": 1731676054,
"narHash": "sha256-OZiZ3m8SCMfh3B6bfGC/Bm4x3qc1m2SVEAlkV6iY7Yg=",
"lastModified": 1732521221,
"narHash": "sha256-2ThgXBUXAE1oFsVATK1ZX9IjPcS4nKFOAjhPNKuiMn0=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "5e4fbfb6b3de1aa2872b76d49fafc942626e2add",
"rev": "4633a7c72337ea8fd23a4f2ba3972865e3ec685d",
"type": "github"
},
"original": {
@@ -632,11 +632,11 @@
},
"nixpkgs-unstable-small": {
"locked": {
"lastModified": 1731919951,
"narHash": "sha256-vOM6ETpl1yu9KLi/icTmLJIPbbdJCdAVYUXZceO/Ce4=",
"lastModified": 1732632041,
"narHash": "sha256-3nnq3M2rsGu9doFG9pj2kFKgVv8S19kd68EQkwuCwSI=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "04386ac325a813047fc314d4b4d838a5b1e3c7fe",
"rev": "bd4d2031f34254e597eaee1ad618749acb33ad86",
"type": "github"
},
"original": {
@@ -776,11 +776,11 @@
]
},
"locked": {
"lastModified": 1731551344,
"narHash": "sha256-wr8OOqgw7M1pWfe4W7WA5lErzOVMg3zvrrxx/dy/nPo=",
"lastModified": 1732328983,
"narHash": "sha256-RHt12f/slrzDpSL7SSkydh8wUE4Nr4r23HlpWywed9E=",
"owner": "oxalica",
"repo": "rust-overlay",
"rev": "27570abfd3461875f11fc07c9b01c141a6332b4f",
"rev": "ed8aa5b64f7d36d9338eb1d0a3bb60cf52069a72",
"type": "github"
},
"original": {
@@ -835,11 +835,11 @@
"nixpkgs": "nixpkgs_4"
},
"locked": {
"lastModified": 1731862312,
"narHash": "sha256-NVUTFxKrJp/hjehlF1IvkPnlRYg/O9HFVutbxOM8zNM=",
"lastModified": 1732575825,
"narHash": "sha256-xtt95+c7OUMoqZf4OvA/7AemiH3aVuWHQbErYQoPwFk=",
"owner": "Mic92",
"repo": "sops-nix",
"rev": "472741cf3fee089241ac9ea705bb2b9e0bfa2978",
"rev": "3433ea14fbd9e6671d0ff0dd45ed15ee4c156ffa",
"type": "github"
},
"original": {

6
flake.nix
View File

@@ -14,7 +14,7 @@
# Authentik
authentik-nix = {
url = "github:nix-community/authentik-nix";
inputs.nixpkgs.follows = "nixpkgs-stable";
inputs.nixpkgs.follows = "nixpkgs-unstable";
};
# Chaotic-nix
@@ -115,7 +115,7 @@
};
# NAS
"jallen-nas" = nixpkgs-stable.lib.nixosSystem {
"jallen-nas" = nixpkgs-unstable.lib.nixosSystem {
system = "x86_64-linux";
specialArgs = {
inherit inputs outputs;
@@ -124,7 +124,7 @@
impermanence.nixosModules.impermanence
./hosts/nas/configuration.nix
./hosts/nas/impermanence.nix
home-manager-stable.nixosModules.home-manager
home-manager.nixosModules.home-manager
{
home-manager.useGlobalPkgs = false;
home-manager.useUserPackages = true;

2
hosts/desktop/boot.nix
View File

@@ -2,7 +2,7 @@
let
configLimit = 5;
default = "@saved";
kernel = pkgs.unstable.linuxPackages_latest;
kernel = pkgs.linuxPackages_latest;
in
{
# Configure bootloader with lanzaboot and secureboot

13
hosts/desktop/configuration.nix
View File

@@ -272,6 +272,7 @@ in
aspellDicts.en-computers
aspellDicts.en-science
borgbackup
brscan5
clinfo
deja-dup
direnv
@@ -298,8 +299,10 @@ in
rclone
rclone-browser
rsync
sane-frontends
sbctl
smartmontools
usbutils
udisks2
vim
vulkan-tools
@@ -360,11 +363,21 @@ in
"networkmanager"
"ratbagd"
"input"
"scanner"
"lp"
]; # Enable sudo for the user.
hashedPasswordFile = passwordFile;
shell = pkgs.zsh;
};
hardware.sane = {
enable = true;
brscan5.enable = true;
dsseries.enable = false;
# backends-package = pkgs.brscan5;
extraBackends = [ pkgs.brscan5 ];
};
# This option defines the first version of NixOS you have installed on this particular machine,
# and is used to maintain compatibility with application data (e.g. databases) created on older NixOS versions.
#

3
hosts/desktop/gnome/home.nix
View File

@@ -5,11 +5,12 @@
settings = {
"org/gnome/desktop/interface".clock-format = "12h";
"org/gnome/desktop/interface".color-scheme = "prefer-dark";
"org/gnome/desktop/interface".cursor-theme = lib.mkDefault "macOS";
"org/gnome/desktop/interface".enable-hot-corners = false;
"org/gnome/desktop/interface".font-antialiasing = "grayscale";
"org/gnome/desktop/interface".font-hinting = "slight";
"org/gnome/desktop/interface".gtk-theme = lib.mkDefault "Colloid-Dark";
"org/gnome/desktop/interface".icon-theme = lib.mkDefault "Colloid-dark";
"org/gnome/desktop/interface".icon-theme = lib.mkDefault "Colloid-Dark";
"org/gnome/desktop/peripherals/mouse".accel-profile = "flat";
"org/gnome/desktop/peripherals/touchpad".two-finger-scrolling-enabled = true;
"org/gnome/desktop/peripherals/touchpad".tap-to-click = true;

7
hosts/nas/apps.nix
View File

@@ -1,6 +1,7 @@
{ config, ... }:
{
imports = [
../../modules/apps/paperless
../../modules/apps/jellyseerr/jellyseerr.nix
../../modules/apps/radarr/radarr.nix
../../modules/apps/sonarr/sonarr.nix
@@ -26,7 +27,7 @@
jellyfin.enable = true;
jellyseerr.enable = false;
# jellyseerr.enable = false;
manyfold.enable = true;
@@ -65,11 +66,11 @@
httpsPort = "3301";
};
radarr.enable = false;
# radarr.enable = false;
sabnzbd.enable = true;
sonarr.enable = false;
# sonarr.enable = false;
swag.enable = true;

2
hosts/nas/boot.nix
View File

@@ -1,7 +1,7 @@
{ pkgs,... }:
let
configLimit = 5;
kernel = pkgs.unstable.linuxPackages_latest;
kernel = pkgs.linuxPackages_latest;
in
{
# Configure bootloader with lanzaboot and secureboot

2
hosts/nas/configuration.nix
View File

@@ -48,7 +48,7 @@ in
share.hardware.nvidia = {
enable = true;
enableBeta = false;
enableBeta = true;
enableOpen = true;
nvidiaSettings = true;
enableNvidiaDocker = true;

1
hosts/nas/impermanence.nix
View File

@@ -8,6 +8,7 @@
directories = [
"/var/lib/bluetooth"
"/var/lib/nixos"
"/var/lib/tailscale"
"/var/lib/systemd/coredump"
"/etc/NetworkManager/system-connections"
"/etc/secureboot"

2
hosts/nas/services.nix
View File

@@ -160,7 +160,7 @@ in
"--hostname=jallen-nas"
"--webclient"
];
authKeyFile = "/media/nas/ssd/nix-app-data/tailscale/auth";
# authKeyFile = "/media/nas/ssd/nix-app-data/tailscale/auth";
};
btrfs = {

2
modules/apps/jellyseerr/jellyseerr.nix
View File

@@ -7,7 +7,7 @@ let
mediaDir = "/media";
jellyseerrUserId = config.users.users.nix-apps.uid;
jellyseerrGroupId = config.users.groups.jallen-nas.gid;
package = pkgs.unstable.jellyseerr;
package = pkgs.jellyseerr;
in
{
containers.jellyseerr = {

92
modules/apps/paperless/default.nix Normal file
View File

@@ -0,0 +1,92 @@
{ config, pkgs, lib, ... }:
let
paperlessPort = 28981;
paperlessUserId = config.users.users.nix-apps.uid;
paperlessGroupId = config.users.groups.jallen-nas.gid;
passwordFile = config.sops.secrets."jallen-nas/admin_password".path;
in
{
containers.paperless = {
autoStart = true;
privateNetwork = true;
hostAddress = "10.0.1.18";
localAddress = "10.0.1.20";
hostAddress6 = "fc00::1";
localAddress6 = "fc00::20";
config = { config, pkgs, lib, ... }: {
# Enable paperless service
services.paperless = {
enable = true;
port = paperlessPort;
user = "paperless";
address = "0.0.0.0";
passwordFile = "/var/lib/paperless/paperless-password";
# settings = {
# PAPERLESS_APPS="allauth.socialaccount.providers.openid_connect";
# PAPERLESS_SOCIALACCOUNT_PROVIDERS = {
# "openid_connect" = {
# "OAUTH_PKCE_ENABLED":true,
# "APPS":[
# {"provider_id":"authentik","name":"Authentik","client_id":"<Client ID>","secret":<Client Secret>","settings":{"server_url":"https://authentik.mjallen.dev/application/o/paperless/.well-known/openid-configuration"}}]}}
# }
};
# Create required users and groups
users.groups = {
documents = { gid = lib.mkForce paperlessGroupId; };
};
users.users.paperless = {
isSystemUser = true;
uid = lib.mkForce paperlessUserId;
group = lib.mkForce "documents";
};
# Create and set permissions for required directories
system.activationScripts.paperless-dirs = ''
mkdir -p /var/lib/paperless
chown -R paperless:documents /var/lib/paperless
chmod -R 775 /var/lib/paperless
'';
networking = {
firewall = {
enable = true;
allowedTCPPorts = [ paperlessPort ];
};
# Use systemd-resolved inside the container
# Workaround for bug https://github.com/NixOS/nixpkgs/issues/162686
useHostResolvConf = lib.mkForce false;
};
services.resolved.enable = true;
system.stateVersion = "23.11";
};
# Bind mount directories from host
bindMounts = {
"/var/lib/paperless" = {
hostPath = "/media/nas/ssd/nix-app-data/paperless";
isReadOnly = false;
};
# "/run/keys/paperless-password" = {
# hostPath = passwordFile;
# isReadOnly = true;
# };
};
};
networking.nat = {
forwardPorts = [
{
destination = "10.0.1.20:28981";
sourcePort = paperlessPort;
}
];
};
}

2
modules/apps/radarr/radarr.nix
View File

@@ -7,7 +7,7 @@ let
mediaDir = "/media";
radarrUserId = config.users.users.nix-apps.uid;
radarrGroupId = config.users.groups.jallen-nas.gid;
package = pkgs.unstable.radarr;
package = pkgs.radarr;
in
{
containers.radarr = {

4
share/amd/default.nix
View File

@@ -28,8 +28,8 @@ in
graphics = {
enable = true;
enable32Bit = true;
extraPackages = [ pkgs.unstable.mesa ];
extraPackages32 = [ pkgs.unstable.pkgsi686Linux.mesa ];
# extraPackages = [ pkgs.unstable.mesa ];
# extraPackages32 = [ pkgs.unstable.pkgsi686Linux.mesa ];
};
};

2
share/gaming/default.nix
View File

@@ -38,7 +38,7 @@ in
# Hardware configs
hardware = {
# Xbox controllers
xpadneo.enable = true;
xpadneo.enable = false;
# Steam udev rules for remote play
steam-hardware.enable = true;

4
share/nvidia/default.nix
View File

@@ -18,10 +18,10 @@ in
package =
if cfg.enableBeta then
config.boot.kernelPackages.nvidiaPackages.beta
# pkgs.unstable.kernelPackages.nvidiaPackages.beta
# pkgs.unstable.linuxPackages.nvidiaPackages.beta
else
config.boot.kernelPackages.nvidiaPackages.latest;
# pkgs.unstable.kernelPackages.nvidiaPackages.latest;
# pkgs.unstable.linuxPackages.nvidiaPackages.latest;
# Modesetting is required.
modesetting.enable = true;