mjallen/nix-config
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

cleanup

Browse Source
This commit is contained in:
mjallen18
2026-03-18 21:15:20 -05:00
parent 5466c59dde
commit c1028fc0f0
5 changed files with 27 additions and 478 deletions
Download Patch File Download Diff File Expand all files Collapse all files

214
homes/aarch64-darwin/mattjallen@macbook-pro/default.nix
View File

@@ -43,220 +43,6 @@ in
}; };
}; };
# programs.nix-plist-manager = {
# enable = true;
# options = {
# applications = {
# finder = {
# settings = {
# general = {
# showTheseItemsOnTheDesktop = {
# hardDisks = false;
# externalDisks = true;
# cdsDvdsAndiPods = false;
# connectedServers = false;
# };
# openFoldersInTabsInsteadOfNewWindows = true;
# };
# sidebar = {
# recentTags = true;
# };
# advanced = {
# removeItemsFromTheTrashAfter30Days = true;
# showAllFilenameExtensions = true;
# showWarningBeforeChangingAnExtension = true;
# showWarningBeforeRemovingFromiCloudDrive = true;
# showWarningBeforeEmptyingTheTrash = true;
# keepFoldersOnTop = {
# inWindowsWhenSortingByName = true;
# onDesktop = true;
# };
# whenPerformingASearch = "Search This Mac";
# };
# };
# menuBar = {
# view = {
# showTabBar = true;
# showSidebar = true;
# showPathBar = true;
# showStatusBar = true;
# };
# };
# };
# systemSettings = {
# appearance = {
# appearance = "Dark";
# accentColor = "Multicolor";
# # clickInTheScrollBarTo = "Jump to the next page";
# sidebarIconSize = "Medium";
# showScrollBars = "When scrolling";
# };
# controlCenter = {
# wifi = true;
# bluetooth = true;
# airdrop = true;
# stageManager = true;
# focusModes = "active";
# screenMirroring = "active";
# display = "never";
# sound = "always";
# nowPlaying = "active";
# accessibilityShortcuts = "unset";
# musicRecognition = {
# showInMenuBar = false;
# showInControlCenter = true;
# };
# hearing = "unset";
# fastUserSwitching = {
# showInMenuBar = false;
# showInControlCenter = true;
# };
# keyboardBrightness = {
# showInMenuBar = false;
# showInControlCenter = true;
# };
# battery = {
# showInMenuBar = false;
# showInControlCenter = false;
# };
# batteryShowPercentage = true;
# # menuBarOnly = {
# # spotlight = false;
# # siri = true;
# # };
# # automaticallyHideAndShowTheMenuBar = "In Full Screen Only";
# };
# desktopAndDock = {
# desktopAndStageManager = {
# showItems = {
# onDesktop = true;
# inStageManager = true;
# };
# clickWallpaperToRevealDesktop = "Always";
# stageManager = false;
# showRecentAppsInStageManager = true;
# showWindowsFromAnApplication = "All at Once";
# };
# dock = {
# animateOpeningApplications = true;
# automaticallyHideAndShowTheDock = enabled;
# doubleClickAWindowsTitleBarTo = "Minimize";
# magnification = disabled;
# minimizeWindowsIntoApplicationIcon = true;
# minimizeWindowsUsing = "Genie Effect";
# positionOnScreen = "Bottom";
# showIndicatorsForOpenApplications = true;
# showSuggestedAndRecentAppsInDock = false;
# size = 64; # 16 - 128
# # persistentApps = [
# # { app = "/Applications/Clock.app"; }
# # { folder = "/Applications"; }
# # { app = "/Applications/Safari.app"; }
# # { app = "/Applications/Firefox.app"; }
# # { app = "/Applications/Tabby.app"; }
# # { app = "/Applications/Termius.app"; }
# # { app = "/Applications/Muic.app"; }
# # { app = "/Applications/Vesktop.app"; }
# # { app = "/Applications/Messages.app"; }
# # { app = "/Applications/Calendar.app"; }
# # { app = "/Applications/Reminders.app"; }
# # { app = "/Applications/Notes.app"; }
# # { app = "/Applications/Weather.app"; }
# # { app = "/Applications/Maps.app"; }
# # { app = "/Applications/App Store.app"; }
# # { app = "/Applications/System Settings.app"; }
# # { app = "/Applications/ChatGPT.app"; }
# # { app = "/Applications/Nextcloud.app"; }
# # { app = "/Applications/VSCodium.app"; }
# # { app = "/Applications/Omnissa Horizon Client.app"; }
# # { app = "/Applications/Proton Pass.app"; }
# # { app = "/Applications/OrcaSlicer.app"; }
# # { app = "/Applications/AlDente.app"; }
# # ];
# # persistentOthers = [
# # "~/Downloads"
# # ];
# };
# hotCorners = {
# # ["-" "Mission Control" "Application Windows" "Desktop" "Start Screen Saver" "Disable Screen Saver" "Dashboard" "Put Display to Sleep" "Launchpad" "Notification Center" "Lock Screen" "Quick Note"]
# topLeft = "-";
# topRight = "-";
# bottomLeft = "-";
# bottomRight = "-";
# };
# missionControl = {
# automaticallyRearrangeSpacesBasedOnMostRecentUse = true;
# displaysHaveSeparateSpaces = true;
# dragWindowsToTopOfScreenToEnterMissionControl = true;
# groupWindowsByApplication = true;
# whenSwitchingToAnApplicationSwitchToAspaceWithOpenWindowsForTheApplication = true;
# };
# widgets = {
# showWidgets = {
# onDesktop = true;
# inStageManager = true;
# };
# widgetStyle = "Automatic";
# useIphoneWidgets = true;
# };
# windows = {
# askToKeepChangesWhenClosingDocuments = true;
# closeWindowsWhenQuittingAnApplication = true;
# dragWindowsToScreenEdgesToTile = true;
# dragWindowsToMenuBarToFillScreen = true;
# holdOptionKeyWhileDraggingWindowsToTile = true;
# preferTabsWhenOpeningDocuments = "In Full Screen";
# tiledWindowsHaveMargin = false;
# };
# };
# focus = {
# shareAcrossDevices = true;
# };
# # general.dateAndTime."24HourTime" = false;
# notifications = {
# notificationCenter = {
# showPreviews = "When Unlocked";
# summarizeNotifications = true;
# };
# };
# sound = {
# soundEffects = {
# alertSound = "Boop";
# alertVolume = 0.7;
# playFeedbackWhenVolumeIsChanged = true;
# playUserInterfaceSoundEffects = true;
# };
# };
# spotlight = {
# helpAppleImproveSearch = false;
# # searchResults = {
# # applications = true;
# # calculator = true;
# # contacts = true;
# # conversion = true;
# # definition = true;
# # developer = true;
# # documents = true;
# # eventsAndReminders = true;
# # folders = true;
# # fonts = false;
# # images = true;
# # mailAndMessages = true;
# # movies = true;
# # music = true;
# # other = false;
# # pdfDocuments = true;
# # presentations = true;
# # siriSuggestions = false;
# # systemSettings = true;
# # tips = false;
# # websites = true;
# };
# };
# };
# };
# };
# Manage bug in compilations - who uses manpages in 2024 anyways? :P # Manage bug in compilations - who uses manpages in 2024 anyways? :P
manual.manpages = enabled; manual.manpages = enabled;

55
modules/nixos/hardware/raspberry-pi/default.nix
View File

@@ -260,7 +260,6 @@ in
] ]
); );
loader = { loader = {
# kernelFile = pkgs.stdenv.hostPlatform.linux-kernel.target;
generic-extlinux-compatible = { generic-extlinux-compatible = {
enable = lib.mkDefault (if cfg.bootType == "uefi" then false else true); enable = lib.mkDefault (if cfg.bootType == "uefi" then false else true);
useGenerationDeviceTree = lib.mkOverride 60 (if cfg.bootType == "uefi" then false else true); useGenerationDeviceTree = lib.mkOverride 60 (if cfg.bootType == "uefi" then false else true);
@@ -347,38 +346,28 @@ in
deviceTree = { deviceTree = {
filter = lib.mkDefault (if (cfg.variant == "5") then "bcm2712*.dtb" else "bcm2711*.dtb"); filter = lib.mkDefault (if (cfg.variant == "5") then "bcm2712*.dtb" else "bcm2711*.dtb");
package = lib.mkOverride 80 config.boot.kernelPackages.kernel; package = lib.mkOverride 80 config.boot.kernelPackages.kernel;
overlays = ( overlays = lib.optionals (cfg.variant == "4") [
if (cfg.variant == "4") then {
[ name = "rpi4-cpu-revision";
{ dtsText = ''
name = "rpi4-cpu-revision"; /dts-v1/;
dtsText = '' /plugin/;
/dts-v1/;
/plugin/;
/ { / {
compatible = "brcm,bcm2711"; compatible = "brcm,bcm2711";
fragment@0 { fragment@0 {
target-path = "/"; target-path = "/";
__overlay__ { __overlay__ {
system { system {
linux,revision = <0x00d03114>; linux,revision = <0x00d03114>;
};
};
}; };
}; };
''; };
} };
] '';
else }
[ ];
# {
# name = "bcm2712d0-overlay";
# dtsFile = "${pkgs.${namespace}.raspberrypi-overlays}/dtbs/raspberrypi-overlays/bcm2712d0-overlay.dts";
# }
]
);
}; };
firmware = [ pkgs.${namespace}.raspberryPiWirelessFirmware ]; firmware = [ pkgs.${namespace}.raspberryPiWirelessFirmware ];
graphics.enable32Bit = lib.mkForce false; graphics.enable32Bit = lib.mkForce false;
@@ -386,14 +375,6 @@ in
}; };
system = { system = {
#build.installBootLoader = lib.mkOverride 60 (if cfg.bootType == "uefi" then (builder."uefi") else (builder."uboot")); # todo
#boot = {
# loader = {
# id = lib.mkOverride 60 (if cfg.bootType == "uefi" then "raspberrypi-uefi" else "raspberrypi-uboot"); # todo
# kernelFile = pkgs.stdenv.hostPlatform.linux-kernel.target;
# };
#};
# Pi specific system tags
nixos.tags = [ nixos.tags = [
"raspberry-pi-${cfg.variant}" "raspberry-pi-${cfg.variant}"
# config.boot.loader.raspberry-pi.bootloader # config.boot.loader.raspberry-pi.bootloader

66
modules/nixos/services/opencloud/default.nix
View File

@@ -9,61 +9,6 @@ let
name = "opencloud"; name = "opencloud";
cfg = config.${namespace}.services.${name}; cfg = config.${namespace}.services.${name};
# # Create an environment file from the configuration
# envFile = pkgs.writeText "opencloud-environment" ''
# OC_JWT_SECRET=${config.sops.placeholder."jallen-nas/onlyoffice-key"}
# OC_TRANSFER_SECRET=${config.sops.placeholder."jallen-nas/onlyoffice-key"}
# OC_MACHINE_AUTH_API_KEY=${config.sops.placeholder."jallen-nas/onlyoffice-key"}
# OC_ADD_RUN_SERVICES=collaboration,app-provider
# OC_REVA_GATEWAY=eu.opencloud.api.gateway
# APP_PROVIDER_WOPI_APP_NAME=Collabora
# APP_PROVIDER_ENABLE=true
# APP_PROVIDER_SERVICE_NAME=app-provider-collabora
# COLLABORATION_APP_NAME=Collabora
# COLLABORATION_APP_PRODUCT=Collabora
# COLLABORATION_WOPI_DISCOVERY_URL=https://office.mjallen.dev/hosting/discovery
# COLLABORATION_WOPI_SRC=https://office.mjallen.dev
# OC_COLLABORATION_WOPI_URL=https://office.mjallen.dev
# COLLABORATION_APP_ADDR=https://office.mjallen.dev
# COLLABORATION_APP_INSECURE=false
# COLLABORATION_APP_PROOF_DISABLE=true
# COLLABORATION_WOPI_SHORTTOKENS=false
# MICRO_REGISTRY=nats-js-kv
# MICRO_REGISTRY_ADDRESS=127.0.0.1:9233
# OC_SYSTEM_USER_ID=${cfg.puid}
# OC_LOG_LEVEL=info
# APP_PROVIDER_PROVIDERS=collabora
# APP_PROVIDER_COLLABORA_NAME=Collabora
# APP_PROVIDER_COLLABORA_PRODUCT=Collabora Online
# APP_PROVIDER_COLLABORA_ADDR=https://office.mjallen.dev
# APP_PROVIDER_COLLABORA_ICON=https://office.mjallen.dev/favicon.ico
# APP_PROVIDER_COLLABORA_MIME_TYPES=application/vnd.openxmlformats-officedocument.wordprocessingml.document application/vnd.openxmlformats-officedocument.spreadsheetml.sheet application/vnd.openxmlformats-officedocument.presentationml.presentation application/msword application/vnd.ms-excel application/vnd.ms-powerpoint text/plain
# NATS_NATS_HOST=${cfg.listenAddress}
# GATEWAY_GRPC_ADDR=${cfg.listenAddress}:9142
# OC_DB_TYPE=postgres
# OC_DB_HOST=10.0.1.3
# OC_DB_PORT=5432
# OC_DB_USER=opencloud
# OC_DB_NAME=opencloud
# OC_INSECURE=true
# PROXY_TLS=false
# PROXY_HTTP_ADDR=${cfg.listenAddress}:9200
# OC_URL=https://cloud.mjallen.dev
# OC_PUBLIC_URL=https://cloud.mjallen.dev
# PUID=${cfg.puid}
# PGID=${cfg.pgid}
# TZ=${cfg.timeZone}
# '';
opencloudConfig = lib.${namespace}.mkModule { opencloudConfig = lib.${namespace}.mkModule {
inherit config name; inherit config name;
serviceName = "opencloud"; serviceName = "opencloud";
@@ -87,11 +32,6 @@ let
OC_DB_NAME = "opencloud"; OC_DB_NAME = "opencloud";
OC_INSECURE = "true"; OC_INSECURE = "true";
OC_LOG_LEVEL = "debug"; OC_LOG_LEVEL = "debug";
# PROXY_TLS = "false";
# PROXY_HTTP_ADDR= "${cfg.listenAddress}:9200";
# OC_URL = "https://cloud.mjallen.dev"
# OC_PUBLIC_URL = "https://cloud.mjallen.dev"
}; };
}; };
# Create the secret template # Create the secret template
@@ -104,12 +44,6 @@ let
''; '';
}; };
}; };
# # Create directories
# systemd.tmpfiles.rules = [
# "d '${cfg.dataDir}/opencloud' 0750 ${cfg.user} ${cfg.group} - -"
# "d '${cfg.configDir}/opencloud' 0750 ${cfg.user} ${cfg.group} - -"
# ];
}; };
}; };
in in

89
systems/aarch64-linux/pi5/boot.nix
View File

@@ -6,10 +6,6 @@
}: }:
{ {
boot = { boot = {
# loader.raspberry-pi = {
# bootloader = "kernel";
# firmwarePackage = pkgs.raspberrypifw;
# };
kernelPackages = pkgs.${namespace}.linuxPackages_rpi5-latest; kernelPackages = pkgs.${namespace}.linuxPackages_rpi5-latest;
initrd = { initrd = {
availableKernelModules = lib.mkForce [ ]; availableKernelModules = lib.mkForce [ ];
@@ -43,84 +39,17 @@
specialisation = { specialisation = {
"linux-stable".configuration = { "linux-stable".configuration = {
boot = { boot.kernelPackages = lib.mkOverride 90 pkgs.${namespace}.linuxPackages_rpi5-lts;
kernelPackages = lib.mkOverride 90 pkgs.${namespace}.linuxPackages_rpi5-lts;
# loader.systemd-boot.installDeviceTree = true;
};
# hardware.deviceTree = {
# enable = true;
# package = lib.mkForce pkgs.${namespace}.linuxPackages_rpi5-lts.kernel;
# name = "bcm2712-rpi-5-b.dtb";
# filter = "bcm2712*";
# };
# boot.bootspec.extensions."org.nixos.systemd-boot" = lib.mkForce {
# inherit (config.boot.loader.systemd-boot) sortKey;
# devicetree = "./bcm2712-rpi-5-b.dtb";
# };
}; };
}; };
${namespace}.hardware.raspberry-pi.config = { ${namespace}.hardware.raspberry-pi.config.all.base-dt-params = {
# extra-config = { # https://www.raspberrypi.com/documentation/computers/raspberry-pi.html#enable-pcie
# armstub = "RPI_EFI.fd"; pciex1.enable = true;
# }; pciex1.value = "on";
all = { # PCIe Gen 3.0
# # [all] conditional filter, https://www.raspberrypi.com/documentation/computers/config_txt.html#conditional-filters # https://www.raspberrypi.com/documentation/computers/raspberry-pi.html#pcie-gen-3-0
pciex1_gen.enable = true;
# options = { pciex1_gen.value = "3";
# # https://www.raspberrypi.com/documentation/computers/config_txt.html#enable_uart
# # in conjunction with `console=serial0,115200` in kernel command line (`cmdline.txt`)
# # creates a serial console, accessible using GPIOs 14 and 15 (pins
# # 8 and 10 on the 40-pin header)
# enable_uart = {
# enable = true;
# value = true;
# };
# # https://www.raspberrypi.com/documentation/computers/config_txt.html#uart_2ndstage
# # enable debug logging to the UART, also automatically enables
# # UART logging in `start.elf`
# uart_2ndstage = {
# enable = true;
# value = true;
# };
# };
# Base DTB parameters
# https://github.com/raspberrypi/linux/blob/a1d3defcca200077e1e382fe049ca613d16efd2b/arch/arm/boot/dts/overlays/README#L132
base-dt-params = {
# https://www.raspberrypi.com/documentation/computers/raspberry-pi.html#enable-pcie
pciex1 = {
enable = true;
value = "on";
};
# PCIe Gen 3.0
# https://www.raspberrypi.com/documentation/computers/raspberry-pi.html#pcie-gen-3-0
pciex1_gen = {
enable = true;
value = "3";
};
};
# extra-config = ''
# armstub=RPI_EFI.fd
# device_tree_address=0x1f0000
# device_tree_end=0x210000
# # Force 32 bpp framebuffer allocation.
# framebuffer_depth=32
# # Disable compensation for displays with overscan.
# disable_overscan=1
# # Force maximum USB power regardless of the power supply.
# usb_max_current_enable=1
# # Force maximum CPU speed.
# force_turbo=1
# '';
};
}; };
} }

81
systems/x86_64-linux/jallen-nas/vpn.nix
View File

@@ -3,13 +3,6 @@
lib, lib,
... ...
}: }:
# let
# configFile = pkgs.writeText "openvpn-config-us.protonvpn.udp" ''
# errors-to-stderr
# ${config.services.openvpn.servers."us.protonvpn.udp".config}
# auth-user-pass ${config.services.openvpn.servers."us.protonvpn.udp".authUserPass}
# '';
# in
{ {
boot.kernel.sysctl."net.ipv4.ip_forward" = true; boot.kernel.sysctl."net.ipv4.ip_forward" = true;
sops = { sops = {
@@ -31,80 +24,6 @@
}; };
}; };
# networking.nftables = {
# enable = true;
# ruleset = ''
# table ip nat {
# chain postrouting {
# type nat hook postrouting priority 100;
# oifname "enp197s0" ip saddr 10.200.0.0/30 masquerade
# }
# }
# '';
# };
# systemd.services = {
# vpn-netns =
# let
# ip = "${pkgs.iproute2}/bin/ip";
# in {
# description = "Create VPN network namespace";
# wantedBy = [ "multi-user.target" ];
# before = [ "openvpn-us.protonvpn.udp.service" ];
# serviceConfig = {
# Type = "oneshot";
# RemainAfterExit = true;
# ExecStart = pkgs.writeShellScript "vpn-netns-up" ''
# set -euxo pipefail
# # Ensure namespace exists
# ${ip} netns add vpn 2>/dev/null || true
# # Clean up any previous veth (deleting one end deletes the peer too)
# ${ip} link del veth-host 2>/dev/null || true
# # Create veth pair
# ${ip} link add veth-host type veth peer name veth-vpn
# # Move peer into namespace
# ${ip} link set veth-vpn netns vpn
# # Host side
# ${ip} addr add 10.200.0.1/30 dev veth-host 2>/dev/null || true
# ${ip} link set veth-host up
# # Namespace side
# ${ip} -n vpn addr add 10.200.0.2/30 dev veth-vpn 2>/dev/null || true
# ${ip} -n vpn link set veth-vpn up
# ${ip} -n vpn link set lo up
# # Default route in namespace via host
# ${ip} -n vpn route replace default via 10.200.0.1
# ${ip} -n vpn route replace 10.0.1.0/24 via 10.200.0.1 dev veth-vpn
# '';
# ExecStop = pkgs.writeShellScript "vpn-netns-down" ''
# set -eux
# ${ip} link del veth-host 2>/dev/null || true
# '';
# };
# };
# "openvpn-us.protonvpn.udp" = {
# after = [ "network-online.target" "vpn-netns.service" ];
# wants = [ "network-online.target" ];
# serviceConfig = {
# ExecStart = lib.mkOverride 90 ''
# ${pkgs.iproute2}/bin/ip netns exec vpn \
# ${pkgs.openvpn}/sbin/openvpn --config ${configFile}
# '';
# };
# };
# };
# Services configs
services = { services = {
openvpn = { openvpn = {
servers = { servers = {