mjallen/nix-config
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

finally fixing the ups, plus tons of formatting

Browse Source
This commit is contained in:
mjallen18
2024-08-23 12:00:51 -05:00
parent a8dfd2b7da
commit cd809e4156
59 changed files with 321 additions and 641 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
hosts/default.nix
View File

@@ -1,11 +1,4 @@
{
config,
lib,
pkgs,
inputs,
globals,
...
}:
{ lib, pkgs, ... }:
let
timezone = "America/Chicago";
in
@@ -99,7 +92,10 @@ in
};
};
environment.systemPackages = with pkgs; [ pinentry-curses ];
environment.systemPackages = with pkgs; [
nixd
pinentry-curses
];
# users.mutableUsers = lib.mkDefault false;

20
hosts/desktop/configuration.nix
View File

@@ -43,7 +43,10 @@ in
apps.discover-wrapped.enable = lib.mkDefault false;
nix.settings.trusted-users = lib.mkDefault [ "root" user ];
nix.settings.trusted-users = lib.mkDefault [
"root"
user
];
services = {
# Enable Desktop Environment.
@@ -132,7 +135,10 @@ in
user.services = {
rclone-home-proton = {
enable = lib.mkDefault true;
path = [ pkgs.bash pkgs.rclone ];
path = [
pkgs.bash
pkgs.rclone
];
script = ''
rclone sync /home/matt proton-drive:backup-nix --exclude '/home/matt/Games/**' --exclude '/home/matt/1TB/**' --exclude '/home/matt/Downloads/**'
'';
@@ -140,7 +146,11 @@ in
rsync-home = {
enable = lib.mkDefault true;
path = [ pkgs.bash pkgs.rsync pkgs.openssh ];
path = [
pkgs.bash
pkgs.rsync
pkgs.openssh
];
script = ''
rsync -rtpogvPlHzs --ignore-existing --exclude={'/home/matt/Games', '/home/matt/1TB', '/home/matt/Downloads/*', '/home/matt/.cache'} -e ssh /home/matt admin@10.0.1.18:/media/nas/main/backup/desktop-nix/home
'';
@@ -207,9 +217,7 @@ in
wineWowPackages.waylandFull
];
sessionVariables = lib.mkDefault {
STEAM_FORCE_DESKTOPUI_SCALING = "1";
};
sessionVariables = lib.mkDefault { STEAM_FORCE_DESKTOPUI_SCALING = "1"; };
};

4
hosts/desktop/cosmic/default.nix
View File

@@ -1,4 +1,4 @@
{ pkgs, ... }:
{ ... }:
{
specialisation.cosmic.configuration = {
services = {
@@ -10,4 +10,4 @@
desktopManager.plasma6.enable = false;
};
};
}
}

8
hosts/desktop/filesystems.nix
View File

@@ -1,10 +1,4 @@
{
config,
lib,
outputs,
pkgs,
...
}:
{ ... }:
{
fileSystems."/media/nas/backup" = {
device = "//10.0.1.18/Backup";

4
hosts/desktop/gnome/default.nix
View File

@@ -3,7 +3,7 @@
specialisation.gnome.configuration = {
home-manager.users.matt = import ./home.nix;
services = {
xserver = {
desktopManager.gnome.enable = true;
@@ -37,4 +37,4 @@
# xdg.portal.extraPortals = [ pkgs.xdg-desktop-portal-gtk ];
};
}
}

2
hosts/desktop/gnome/home.nix
View File

@@ -29,4 +29,4 @@
"org/gtk/settings/file-chooser".clock-format = "12h";
};
};
}
}

2
hosts/desktop/hardware-configuration.nix
View File

@@ -4,11 +4,9 @@
{
config,
lib,
pkgs,
modulesPath,
...
}:
{
imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];

2
hosts/desktop/home.nix
View File

@@ -1,4 +1,4 @@
{ pkgs, lib, ... }:
{ pkgs, ... }:
let
shellAliases = {
ll = "ls -alh";

4
hosts/desktop/hyprland/config/btop/default.nix
View File

@@ -7,7 +7,7 @@
truecolor = true;
force_tty = false;
presets = "cpu:1:default,proc:0:default cpu:0:default,mem:0:default,net:0:default cpu:0:block,net:0:tty";
vim_keys = true;
vim_keys = true;
rounded_corners = true;
graph_symbol = "braille";
graph_symbol_cpu = "default";
@@ -68,4 +68,4 @@
log_level = "WARNING";
};
};
}
}

31
hosts/desktop/hyprland/config/hypr/default.nix
View File

@@ -35,8 +35,8 @@
"$mod, E, exec, nautilus"
"$mod, V, togglefloating, "
"$mod, D, exec, nwg-drawer -fm nautilus -term kitty"
"$mod, P, pseudo, "# dwindle
"$mod, S, togglesplit, "# dwindle
"$mod, P, pseudo, " # dwindle
"$mod, S, togglesplit, " # dwindle
"$mod SHIFT, Q, exec, hyprlock"
", PRINT, exec, hyprshot -m region --clipboard-only"
"$mod,F,exec,hyprctl dispatch fullscreen active"
@@ -93,7 +93,7 @@
", mouse:274, movewindow"
];
bindel =[
bindel = [
", XF86AudioRaiseVolume, exec, wpctl set-volume -l 1.5 @DEFAULT_AUDIO_SINK@ 5%+"
", XF86AudioLowerVolume, exec, wpctl set-volume @DEFAULT_AUDIO_SINK@ 5%-"
];
@@ -123,11 +123,11 @@
decoration = {
rounding = 10;
blur = {
enabled = true;
size = 2;
passes = 2;
new_optimizations = true;
xray = false;
enabled = true;
size = 2;
passes = 2;
new_optimizations = true;
xray = false;
};
drop_shadow = "yes";
shadow_range = 4;
@@ -154,16 +154,16 @@
};
dwindle = {
pseudotile = "yes";
preserve_split = "yes";
pseudotile = "yes";
preserve_split = "yes";
};
gestures = {
workspace_swipe = "off";
workspace_swipe = "off";
};
misc = {
force_default_wallpaper = 0;
force_default_wallpaper = 0;
};
workspace = [
@@ -203,7 +203,8 @@
"nodim, class:Remote Desktop Connection"
"nomaxsize, class:Remote Desktop Connection"
"minsize 3840 2160, class:Remote Desktop Connection"
];
];
windowrulev2 = [
"float, class:Vmware-view,title:VMware Horizon Client"
"size 3840 2160, class:Remote Desktop Connection"
@@ -250,7 +251,7 @@
follow_mouse = 1;
touchpad = {
natural_scroll = "no";
natural_scroll = "no";
};
sensitivity = 0; # -1.0 - 1.0, 0 means no modification.
@@ -268,4 +269,4 @@
exec-once = [silent] steam
'';
};
}
}

2
hosts/desktop/hyprland/config/mako/default.nix
View File

@@ -18,4 +18,4 @@
borderColor = "#8aadf4";
progressColor = "over #363a4f";
};
}
}

128
hosts/desktop/hyprland/config/waybar/default.nix
View File

@@ -1,8 +1,8 @@
{
# https://github.com/Alexays/Waybar/wiki/Module:-Hyprland
programs.waybar = {
enable = true;
enable = true;
systemd.enable = true;
settings = {
mainBar = {
@@ -13,94 +13,94 @@
passthrough = false;
gtk-layer-shell = true;
height = 0;
modules-left = [
"hyprland/workspaces"
];
modules-left = [ "hyprland/workspaces" ];
modules-center = [
"hyprland/window"
];
modules-center = [ "hyprland/window" ];
modules-right = [
"tray"
"custom/updates"
"keyboard-state#capslock"
"keyboard-state#numlock"
"pulseaudio"
"pulseaudio#microphone"
"network"
"clock"
"custom/weather"
"tray"
"custom/updates"
"keyboard-state#capslock"
"keyboard-state#numlock"
"pulseaudio"
"pulseaudio#microphone"
"network"
"clock"
"custom/weather"
];
"hyprland/window" = {
format = {};
format = { };
};
"hyprland/workspaces" = {
disable-scroll = true;
all-outputs = true;
on-click = "activate";
persistent_workspaces = {
"1" = [];
};
disable-scroll = true;
all-outputs = true;
on-click = "activate";
persistent_workspaces = {
"1" = [ ];
};
};
"custom/weather" = {
tooltip = true;
format = {};
interval = 30;
exec = "sudo waybar-weather";
return-type = "json";
tooltip = true;
format = { };
interval = 30;
exec = "sudo waybar-weather";
return-type = "json";
};
"custom/updates" = {
tooltip = true;
format = {};
interval = 60;
exec = "sudo waybar-updates";
return-type = "json";
tooltip = true;
format = { };
interval = 60;
exec = "sudo waybar-updates";
return-type = "json";
};
tray = {
icon-size = 16;
spacing = 10;
icon-size = 16;
spacing = 10;
};
clock = {
format = "{:%I:%M %p}";
tooltip-format = "<big>{:%Y %B}</big>\n<tt><small>{calendar}</small></tt>";
format = "{:%I:%M %p}";
tooltip-format = "<big>{:%Y %B}</big>\n<tt><small>{calendar}</small></tt>";
};
pulseaudio = {
format = "{icon} {volume}%";
tooltip = false;
format-muted = " Muted";
on-click = "pamixer -t";
on-click-right = "pavucontrol -t 1";
on-scroll-up = "pamixer -i 5";
on-scroll-down = "pamixer -d 5";
scroll-step = 5;
format-icons = {
headphone = "";
hands-free = "";
headset = "";
phone = "";
portable = "";
car = "";
default = ["" "" ""];
};
format = "{icon} {volume}%";
tooltip = false;
format-muted = " Muted";
on-click = "pamixer -t";
on-click-right = "pavucontrol -t 1";
on-scroll-up = "pamixer -i 5";
on-scroll-down = "pamixer -d 5";
scroll-step = 5;
format-icons = {
headphone = "";
hands-free = "";
headset = "";
phone = "";
portable = "";
car = "";
default = [
""
""
""
];
};
};
"pulseaudio#microphone" = {
format = "{format_source}";
format-source = "🎙{volume}%";
format-source-muted = "🎙Muted";
on-click = "pamixer --default-source -t";
on-click-right = "pavucontrol -t 2";
on-scroll-up = "pamixer --default-source -i 5";
on-scroll-down = "pamixer --default-source -d 5";
scroll-step = 5;
format = "{format_source}";
format-source = "🎙{volume}%";
format-source-muted = "🎙Muted";
on-click = "pamixer --default-source -t";
on-click-right = "pavucontrol -t 2";
on-scroll-up = "pamixer --default-source -i 5";
on-scroll-down = "pamixer --default-source -d 5";
scroll-step = 5;
};
network = {
@@ -299,4 +299,4 @@
}
'';
};
}
}

2
hosts/desktop/hyprland/config/wofi/default.nix
View File

@@ -142,4 +142,4 @@
}
'';
};
}
}

10
hosts/desktop/sops.nix
View File

@@ -1,12 +1,10 @@
{
...
}:
{ ... }:
{
sops.defaultSopsFile = ../../secrets/secrets.yaml;
sops.age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
sops.secrets."desktop/matt_password" = {};
sops.secrets."desktop/matt_password" = { };
sops.secrets."desktop/matt_password".neededForUsers = true;
sops.secrets."wifi" = {};
}
sops.secrets."wifi" = { };
}

10
hosts/mac-nixos/configuration.nix
View File

@@ -2,13 +2,7 @@
# your system. Help is available in the configuration.nix(5) man page, on
# https://search.nixos.org/options and in the NixOS manual (`nixos-help`).
{
config,
lib,
pkgs,
...
}:
{ pkgs, ... }:
{
imports = [
# Include the results of the hardware scan.
@@ -91,7 +85,7 @@
wget
];
environment.sessionVariables = rec {
environment.sessionVariables = {
DBX_CONTAINER_MANAGER = "podman";
};

8
hosts/mac-nixos/hardware-configuration.nix
View File

@@ -1,13 +1,7 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{
config,
lib,
pkgs,
modulesPath,
...
}:
{ lib, modulesPath, ... }:
{
imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];

7
hosts/mac/home.nix
View File

@@ -1,9 +1,4 @@
{
config,
pkgs,
inputs,
...
}:
{ ... }:
{
imports = [ ./trampoline-apps ];

15
hosts/nas/apps.nix
View File

@@ -1,17 +1,10 @@
{
inputs,
outputs,
config,
lib,
pkgs,
...
}:
{ config, ... }:
{
nas-apps = {
beszel.enable = true;
beszel-agent.enable = true;
collabora = {
enable = true;
environmentFiles = [ config.sops.secrets."jallen-nas/collabora".path ];
@@ -27,10 +20,10 @@
mariadb = {
enable = true;
environmentFiles = [
environmentFiles = [
config.sops.secrets."jallen-nas/mariadb/db_pass".path
config.sops.secrets."jallen-nas/mariadb/root_pass".path
];
];
};
mealie = {

9
hosts/nas/boot.nix
View File

@@ -1,11 +1,4 @@
{
inputs,
outputs,
config,
lib,
pkgs,
...
}:
{ pkgs, ... }:
let
configLimit = 5;
kernel = pkgs.linuxPackages_latest;

8
hosts/nas/configuration.nix
View File

@@ -3,10 +3,8 @@
# https://search.nixos.org/options and in the NixOS manual (`nixos-help`).
{
inputs,
outputs,
config,
lib,
pkgs,
...
}:
@@ -62,10 +60,6 @@ in
# Configure environment
environment = {
# etc."nut/upsd.conf".source = /home/matt/upsd.conf;
# etc."nut/upsd.users".source = /home/matt/upsd.users;
# etc."nut/upsmon.conf".source = /home/matt/upsmon.conf;
etc.crypttab.text = ''
ssd1 UUID=eff4b19c-aba7-41ab-b452-a8c6654d8754 none tpm2-device=auto
ssd2 UUID=c8640e19-6cd9-49d0-a355-bac09d17ea0d none tpm2-device=auto
@@ -79,7 +73,7 @@ in
# List packages installed in system profile. To search, run:
# $ nix search wget
sessionVariables = rec {
sessionVariables = {
CACHIX_AGENT_TOKEN = "eyJhbGciOiJIUzI1NiJ9.eyJqdGkiOiJlY2RjYjJiNi05YWQ4LTRiYmMtYWEwYS1mNGU5Yzk1ODM2OTMiLCJzY29wZXMiOiJhZ2VudCJ9.8SENqsNZ-UIFV4atm-cZnMT6LR08Iz_raAZi5QVsppo";
};

93
hosts/nas/filesystems.nix
View File

@@ -1,159 +1,102 @@
{
inputs,
config,
lib,
outputs,
pkgs,
...
}:
{ ... }:
let
defaultOptions = [
"compress=zstd"
];
defaultOptions = [ "compress=zstd" ];
in
{
fileSystems."/media/nas/ssd/nix-app-data" = {
device = "/dev/disk/by-uuid/09ac8b6b-e553-4cd8-ae62-8d8c17fe8b0c";
fsType = "btrfs";
options = [
"subvol=nix-app-data"
]
++ defaultOptions;
options = [ "subvol=nix-app-data" ] ++ defaultOptions;
};
fileSystems."/media/nas/ssd/ssd_app_data" = {
device = "/dev/disk/by-uuid/09ac8b6b-e553-4cd8-ae62-8d8c17fe8b0c";
fsType = "btrfs";
options = [
"subvol=ssd_app_data"
]
++ defaultOptions;
options = [ "subvol=ssd_app_data" ] ++ defaultOptions;
};
fileSystems."/media/nas/ssd/mariadb" = {
device = "/dev/disk/by-uuid/09ac8b6b-e553-4cd8-ae62-8d8c17fe8b0c";
fsType = "btrfs";
options = [
"subvol=mariadb"
]
++ defaultOptions;
options = [ "subvol=mariadb" ] ++ defaultOptions;
};
fileSystems."/media/nas/ssd/VMs" = {
device = "/dev/disk/by-uuid/09ac8b6b-e553-4cd8-ae62-8d8c17fe8b0c";
fsType = "btrfs";
options = [
"subvol=VMs"
]
++ defaultOptions;
options = [ "subvol=VMs" ] ++ defaultOptions;
};
fileSystems."/media/nas/main/3d_printer" = {
device = "/dev/disk/by-uuid/76e7cd98-3145-4cff-b78d-bab0206aae28";
fsType = "btrfs";
options = [
"subvol=3d_printer"
]
++ defaultOptions;
options = [ "subvol=3d_printer" ] ++ defaultOptions;
};
fileSystems."/media/nas/main/backup" = {
device = "/dev/disk/by-uuid/76e7cd98-3145-4cff-b78d-bab0206aae28";
fsType = "btrfs";
options = [
"subvol=backup"
]
++ defaultOptions;
options = [ "subvol=backup" ] ++ defaultOptions;
};
fileSystems."/media/nas/main/books" = {
device = "/dev/disk/by-uuid/76e7cd98-3145-4cff-b78d-bab0206aae28";
fsType = "btrfs";
options = [
"subvol=books"
]
++ defaultOptions;
options = [ "subvol=books" ] ++ defaultOptions;
};
fileSystems."/media/nas/main/documents" = {
device = "/dev/disk/by-uuid/76e7cd98-3145-4cff-b78d-bab0206aae28";
fsType = "btrfs";
options = [
"subvol=documents"
]
++ defaultOptions;
options = [ "subvol=documents" ] ++ defaultOptions;
};
fileSystems."/media/nas/main/homeassistant" = {
device = "/dev/disk/by-uuid/76e7cd98-3145-4cff-b78d-bab0206aae28";
fsType = "btrfs";
options = [
"subvol=homeassistant"
]
++ defaultOptions;
options = [ "subvol=homeassistant" ] ++ defaultOptions;
};
fileSystems."/media/nas/main/isos" = {
device = "/dev/disk/by-uuid/76e7cd98-3145-4cff-b78d-bab0206aae28";
fsType = "btrfs";
options = [
"subvol=isos"
]
++ defaultOptions;
options = [ "subvol=isos" ] ++ defaultOptions;
};
fileSystems."/media/nas/main/movies" = {
device = "/dev/disk/by-uuid/76e7cd98-3145-4cff-b78d-bab0206aae28";
fsType = "btrfs";
options = [
"subvol=movies"
]
++ defaultOptions;
options = [ "subvol=movies" ] ++ defaultOptions;
};
fileSystems."/media/nas/main/nextcloud" = {
device = "/dev/disk/by-uuid/76e7cd98-3145-4cff-b78d-bab0206aae28";
fsType = "btrfs";
options = [
"subvol=nextcloud"
]
++ defaultOptions;
options = [ "subvol=nextcloud" ] ++ defaultOptions;
};
fileSystems."/media/nas/main/photos" = {
device = "/dev/disk/by-uuid/76e7cd98-3145-4cff-b78d-bab0206aae28";
fsType = "btrfs";
options = [
"subvol=photos"
]
++ defaultOptions;
options = [ "subvol=photos" ] ++ defaultOptions;
};
fileSystems."/media/nas/main/switch" = {
device = "/dev/disk/by-uuid/76e7cd98-3145-4cff-b78d-bab0206aae28";
fsType = "btrfs";
options = [
"subvol=switch"
]
++ defaultOptions;
options = [ "subvol=switch" ] ++ defaultOptions;
};
fileSystems."/media/nas/main/tv" = {
device = "/dev/disk/by-uuid/76e7cd98-3145-4cff-b78d-bab0206aae28";
fsType = "btrfs";
options = [
"subvol=tv"
]
++ defaultOptions;
options = [ "subvol=tv" ] ++ defaultOptions;
};
fileSystems."/media/nas/main/timemachine" = {
device = "/dev/disk/by-uuid/76e7cd98-3145-4cff-b78d-bab0206aae28";
fsType = "btrfs";
options = [
"subvol=timemachine"
]
++ defaultOptions;
options = [ "subvol=timemachine" ] ++ defaultOptions;
};
# fileSystems."/media/nas/junk/nextcloud-backup" = {

13
hosts/nas/hardware-configuration.nix
View File

@@ -4,7 +4,6 @@
{
config,
lib,
pkgs,
modulesPath,
...
}:
@@ -88,15 +87,15 @@
];
};
swapDevices = [
{
device = "/dev/disk/by-id/ata-Samsung_SSD_860_EVO_500GB_S3Z1NW0KA10457X-part2";
swapDevices = [
{
device = "/dev/disk/by-id/ata-Samsung_SSD_860_EVO_500GB_S3Z1NW0KA10457X-part2";
randomEncryption.enable = true;
}
{
device = "/dev/disk/by-id/ata-SSD2SC240G1SA754D117-820_PNY29140000558890457";
{
device = "/dev/disk/by-id/ata-SSD2SC240G1SA754D117-820_PNY29140000558890457";
randomEncryption.enable = true;
}
}
];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking

31
hosts/nas/home.nix
View File

@@ -1,4 +1,4 @@
{ pkgs, ... }:
{ ... }:
{
home.username = "admin";
@@ -46,33 +46,4 @@
};
programs.command-not-found.enable = true;
home.packages = with pkgs; [
# homepage-dashboard
];
# # Configure homepage-dashboard
# home.file.".homepage-dashboard/config.json".text = ''
# {
# "modules": [
# {
# "type": "greeting",
# "config": {
# "greetings": [
# "Welcome to My Dashboard!"
# ]
# }
# },
# {
# "type": "clock"
# },
# {
# "type": "weather",
# "config": {
# "location": "St. Paul, MN"
# }
# }
# ]
# }
# '';
}

10
hosts/nas/impermanence.nix
View File

@@ -1,12 +1,4 @@
{
pkgs,
lib,
LT,
config,
utils,
inputs,
...
}@args:
{ ... }@args:
{
# Set up impernance configuration for things like bluetooth
# In this configuration with /etc and /var/log being persistent, only directories outside of that need to be done here. See hardware configuration for all mountpoints.

11
hosts/nas/networking.nix
View File

@@ -1,11 +1,4 @@
{
inputs,
outputs,
config,
lib,
pkgs,
...
}:
{ config, ... }:
let
hostname = "jallen-nas";
ipAddress = "10.0.1.18";
@@ -65,7 +58,7 @@ in
enable = true;
environmentFile = config.sops.secrets."wifi".path;
networks = {
"Joey's Jungle 5G" = {
"Joey's Jungle 5G" = {
psk = "@PSK@";
};
};

9
hosts/nas/samba.nix
View File

@@ -1,11 +1,4 @@
{
inputs,
outputs,
config,
lib,
pkgs,
...
}:
{ ... }:
{
nas-samba = {
enable = true;

19
hosts/nas/services.nix
View File

@@ -1,11 +1,4 @@
{
inputs,
outputs,
config,
lib,
pkgs,
...
}:
{ config, pkgs, ... }:
let
enableDisplayManager = false;
hostname = "jallen-nas";
@@ -195,7 +188,10 @@ in
description = "Protonmail Bridge";
enable = true;
script = "${pkgs.protonmail-bridge}/bin/protonmail-bridge --noninteractive";
path = [ pkgs.pass pkgs.protonmail-bridge ];
path = [
pkgs.pass
pkgs.protonmail-bridge
];
wantedBy = [ "multi-user.target" ];
partOf = [ "multi-user.target" ];
};
@@ -204,7 +200,10 @@ in
systemd.services = {
rsync-ssd = {
path = [ pkgs.bash pkgs.rsync ];
path = [
pkgs.bash
pkgs.rsync
];
script = ''
rsync -rtpogvPlHzs --ignore-existing /media/nas/ssd /media/nas/main/backup/ssd
'';

14
hosts/nas/sops.nix
View File

@@ -1,14 +1,16 @@
{
config, ...
}:
{ config, ... }:
{
sops.defaultSopsFile = ../../secrets/secrets.yaml;
sops.age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
sops.secrets."jallen-nas/admin_password" = {};
sops.secrets."jallen-nas/admin_password" = { };
sops.secrets."jallen-nas/admin_password".neededForUsers = true;
sops.secrets."wifi" = {};
sops.secrets."wifi" = { };
sops.secrets."jallen-nas/ups_password" = {
# restartUnits = [ "ups stuff lol" ];
};
sops.secrets."jallen-nas/collabora" = {
restartUnits = [ "podman-collabora.service" ];
@@ -60,4 +62,4 @@
sops.secrets."jallen-nas/nextcloud/smtppassword".mode = "0777";
# sops.secrets."jallen-nas/nextcloud/smtppassword".owner = config.users.users.nix-apps.name;
# sops.secrets."jallen-nas/nextcloud/smtppassword".group = config.users.users.jallen-nas.group;
}
}

73
hosts/nas/ups.nix
View File

@@ -1,59 +1,46 @@
{
inputs,
outputs,
config,
lib,
pkgs,
...
}:
{ config, ... }:
let
enableUps = true;
upsmonCmd = "nasups@localhost 1 upsuser BogieDudie1 primary";
upsName = "nasups";
upsName = "nas-ups";
upsUser = "nas-admin";
in
{
power.ups = {
enable = enableUps;
openFirewall = enableUps;
mode = "netserver";
ups = {
enable = enableUps;
mode = "netserver";
ups.upsName = {
"${upsName}" = {
description = "NAS UPS";
driver = "usbhid-ups";
port = "auto";
description = "NAS UPS";
};
upsmon = {
monitor = upsmonCmd;
};
upsd = {
enable = enableUps;
listen = {
address = 0.0 0.0 0.0;
port = 3493;
};
};
# users = {
# actions = [ "SET" ];
# instcmds = [ "ALL" ];
##* upsmon = "primary";
# passwordFile = "/home/matt/ups.conf";
# };
};
# Add UPS monitoring service
users."${upsUser}" = {
passwordFile = config.sops.secrets."jallen-nas/ups_password".path;
actions = [ "ALL" ];
instcmds = [ "ALL" ];
upsmon = "primary";
};
upsmon = {
enable = true;
# Configure UPS device
device = "/dev/usb/hiddev1"; # Change this to your UPS device
driver = "usbhid-ups"; # Change this if your UPS uses a different driver
# Set UPS monitoring options
options = {
# NOTIFYCMD = "/path/to/notify-script.sh"; # Path to your notification script
POLLFREQ = 5;
POLLFREQALERT = 5;
HOSTSYNC = "on";
DEADTIME = 15;
FINALDELAY = 5;
enable = enableUps;
monitor."${upsName}" = {
passwordFile = config.sops.secrets."jallen-nas/ups_password".path;
user = upsUser;
};
};
upsd = {
enable = enableUps;
listen = [
{
address = "0.0.0.0";
port = 3493;
}
];
};
};
}

9
hosts/pi4/configuration.nix
View File

@@ -2,17 +2,12 @@
# your system. Help is available in the configuration.nix(5) man page, on
# https://search.nixos.org/options and in the NixOS manual (`nixos-help`).
{
config,
lib,
pkgs,
...
}:
{ lib, pkgs, ... }:
let
user = "matt";
password = "$y$j9T$EkPXmsmIMFFZ.WRrBYCxS1$P0kwo6e4.WM5DsqUcEqWC3MrZp5KfCjxffraMFZWu06";
SSID = "Joeys Jungle";
SSID = "Joey's Jungle 5G";
SSIDpassword = "kR8v&3Qd";
interface = "wlan0";
timezone = "America/Chicago";

35
hosts/pi4/docker-pi4.nix
View File

@@ -1,35 +0,0 @@
{ config, pkgs, ... }:
{
# Portainer
virtualisation.oci-containers.containers."portainer" = {
autoStart = true;
image = "portainer/portainer-ce";
ports = [
"8000:8000"
"9443:9443"
];
volumes = [
"/var/run/docker.sock:/var/run/docker.sock"
"/media/T5/docker/config/portainer:/data"
];
};
# Jellyfin
virtualisation.oci-containers.containers."jellyfin" = {
autoStart = true;
image = "jellyfin/jellyfin";
volumes = [
"/media/T5/containers/jellyfin/config:/config"
"/media/T5/containers/jellyfin/cache:/cache"
"/media/T5/containers/jellyfin/log:/log"
"/media/T5/movies:/movies"
"/media/T5/tv:/tv"
];
ports = [ "8096:8096" ];
environment = {
JELLYFIN_LOG_DIR = "/log";
};
};
}

8
hosts/pi4/hardware-configuration.nix
View File

@@ -1,13 +1,7 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{
config,
lib,
pkgs,
modulesPath,
...
}:
{ lib, modulesPath, ... }:
{
imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];

5
hosts/pi4/home.nix
View File

@@ -1,7 +1,4 @@
{ pkgs, ... }:
# let
# gnome = false;
# in
{ ... }:
{
home.username = "matt";

11
modules/apps/beszel-agent/default.nix
View File

@@ -1,9 +1,4 @@
{
lib,
pkgs,
config,
...
}:
{ lib, config, ... }:
with lib;
let
cfg = config.nas-apps.beszel-agent;
@@ -16,9 +11,7 @@ in
autoStart = cfg.autoStart;
image = cfg.image;
ports = [ "${cfg.port}:45876" ];
volumes = [
"${cfg.podmanSock}:/var/run/docker.sock:ro"
];
volumes = [ "${cfg.podmanSock}:/var/run/docker.sock:ro" ];
environment = {
PORT = cfg.port;
KEY = cfg.key;

2
modules/apps/beszel-agent/options.nix
View File

@@ -54,4 +54,4 @@ with lib;
default = "America/Chicago";
};
};
}
}

11
modules/apps/beszel/default.nix
View File

@@ -1,9 +1,4 @@
{
lib,
pkgs,
config,
...
}:
{ lib, config, ... }:
with lib;
let
cfg = config.nas-apps.beszel;
@@ -16,9 +11,7 @@ in
autoStart = cfg.autoStart;
image = cfg.image;
ports = [ "${cfg.httpPort}:8090" ];
volumes = [
"${cfg.configPath}:/beszel_data"
];
volumes = [ "${cfg.configPath}:/beszel_data" ];
environment = {
PUID = cfg.puid;
PGID = cfg.pgid;

7
modules/apps/collabora/default.nix
View File

@@ -1,9 +1,4 @@
{
lib,
pkgs,
config,
...
}:
{ lib, config, ... }:
with lib;
let
cfg = config.nas-apps.collabora;

2
modules/apps/collabora/options.nix
View File

@@ -46,7 +46,7 @@ with lib;
environmentFiles = mkOption {
type = with types; listOf path;
default = [];
default = [ ];
};
dontGenSslCert = mkOption {

15
modules/apps/deluge/default.nix
View File

@@ -1,9 +1,4 @@
{
lib,
pkgs,
config,
...
}:
{ lib, config, ... }:
with lib;
let
cfg = config.nas-apps.deluge;
@@ -22,15 +17,13 @@ in
"${toString cfg.port3}:58846"
"${toString cfg.port4}:58966"
];
extraOptions = [
"--cap-add=NET_ADMIN"
];
volumes = [
extraOptions = [ "--cap-add=NET_ADMIN" ];
volumes = [
"${cfg.configPath}:/config"
"${cfg.moviesPath}:/data/downloads"
"${cfg.tvPath}:/data/downloads-icomplete"
"/etc/localtime:/etc/localtime:ro"
];
];
environment = {
PUID = cfg.puid;
PGID = cfg.pgid;

7
modules/apps/jackett/default.nix
View File

@@ -1,9 +1,4 @@
{
lib,
pkgs,
config,
...
}:
{ lib, config, ... }:
with lib;
let
cfg = config.nas-apps.jackett;

7
modules/apps/jellyfin/default.nix
View File

@@ -1,9 +1,4 @@
{
lib,
pkgs,
config,
...
}:
{ lib, config, ... }:
with lib;
let
cfg = config.nas-apps.jellyfin;

7
modules/apps/jellyseerr/default.nix
View File

@@ -1,9 +1,4 @@
{
lib,
pkgs,
config,
...
}:
{ lib, config, ... }:
with lib;
let
cfg = config.nas-apps.jellyseerr;

7
modules/apps/mariadb/default.nix
View File

@@ -1,9 +1,4 @@
{
lib,
pkgs,
config,
...
}:
{ lib, config, ... }:
with lib;
let
cfg = config.nas-apps.mariadb;

2
modules/apps/mariadb/options.nix
View File

@@ -56,7 +56,7 @@ with lib;
environmentFiles = mkOption {
type = with types; listOf path;
default = [];
default = [ ];
};
};
}

7
modules/apps/mealie/default.nix
View File

@@ -1,9 +1,4 @@
{
lib,
pkgs,
config,
...
}:
{ lib, config, ... }:
with lib;
let
cfg = config.nas-apps.mealie;

161
modules/apps/nextcloud/default-nix.nix
View File

@@ -35,89 +35,94 @@ in
};
};
config = { config, pkgs, lib, ... }: {
services = {
nextcloud = {
enable = true;
package = pkgs.nextcloud29;
datadir = "/data";
hostName = "localhost";
appstoreEnable = true;
caching.redis = true;
configureRedis = true;
config = {
adminuser = "mjallen";
adminpassFile = adminpass;
dbhost = "10.0.1.18:3306";
dbtype = "mysql";
dbname = "jallen_nextcloud";
dbuser = "nextcloud";
dbpassFile = dbpass;
config =
{ pkgs, lib, ... }:
{
services = {
nextcloud = {
enable = true;
package = pkgs.nextcloud29;
datadir = "/data";
hostName = "localhost";
appstoreEnable = true;
caching.redis = true;
configureRedis = true;
config = {
adminuser = "mjallen";
adminpassFile = adminpass;
dbhost = "10.0.1.18:3306";
dbtype = "mysql";
dbname = "jallen_nextcloud";
dbuser = "nextcloud";
dbpassFile = dbpass;
};
settings = {
trusted_domains = [
"10.0.1.18:9980"
"10.0.1.18:9943"
"cloud.mjallen.dev"
];
trusted_proxies = [ "10.0.1.18" ];
maintenance_window_start = 6;
default_phone_region = "US";
mail_from_address = "matt.l.jallen";
mail_smtpmode = "smtp";
mail_sendmailmode = "smtp";
mail_domain = "gmail.com";
mail_smtpauth = 1;
mail_smtpname = "matt.l.jallen";
mail_smtppassword = smtppassword;
mail_smtpsecure = "ssl";
mail_smtphost = "smtp.gmail.com";
mail_smtpport = 465;
enable_previews = true;
enabledPreviewProviders = [
"OC\\\\Preview\\\\PNG"
"OC\\\\Preview\\\\JPEG"
"OC\\\\Preview\\\\GIF"
"OC\\\\Preview\\\\BMP"
"OC\\\\Preview\\\\XBitmap"
"OC\\\\Preview\\\\MP3"
"OC\\\\Preview\\\\TXT"
"OC\\\\Preview\\\\MarkDown"
"OC\\\\Preview\\\\OpenDocument"
"OC\\\\Preview\\\\Krita"
"OC\\\\Preview\\\\HEIC"
];
};
};
settings = {
trusted_domains = [
"10.0.1.18:9980"
"10.0.1.18:9943"
"cloud.mjallen.dev"
];
trusted_proxies = [
"10.0.1.18"
];
maintenance_window_start = 6;
default_phone_region = "US";
mail_from_address = "matt.l.jallen";
mail_smtpmode = "smtp";
mail_sendmailmode = "smtp";
mail_domain = "gmail.com";
mail_smtpauth = 1;
mail_smtpname = "matt.l.jallen";
mail_smtppassword = smtppassword;
mail_smtpsecure = "ssl";
mail_smtphost = "smtp.gmail.com";
mail_smtpport = 465;
enable_previews = true;
enabledPreviewProviders = [
"OC\\\\Preview\\\\PNG"
"OC\\\\Preview\\\\JPEG"
"OC\\\\Preview\\\\GIF"
"OC\\\\Preview\\\\BMP"
"OC\\\\Preview\\\\XBitmap"
"OC\\\\Preview\\\\MP3"
"OC\\\\Preview\\\\TXT"
"OC\\\\Preview\\\\MarkDown"
"OC\\\\Preview\\\\OpenDocument"
"OC\\\\Preview\\\\Krita"
"OC\\\\Preview\\\\HEIC"
];
};
};
nginx = {
enable = true;
virtualHosts = {
"nextcloud-container.local" = {
# Change this to the desired port number
listen = [{ addr = "0.0.0.0"; port = 9943; }];
root = "/var/www/nextcloud";
# You may need to adjust other options for your specific setup
nginx = {
enable = true;
virtualHosts = {
"nextcloud-container.local" = {
# Change this to the desired port number
listen = [
{
addr = "0.0.0.0";
port = 9943;
}
];
root = "/var/www/nextcloud";
# You may need to adjust other options for your specific setup
};
};
};
};
};
system.stateVersion = "23.11";
networking = {
firewall = {
enable = true;
allowedTCPPorts = [ 9943 ];
system.stateVersion = "23.11";
networking = {
firewall = {
enable = true;
allowedTCPPorts = [ 9943 ];
};
# Use systemd-resolved inside the container
# Workaround for bug https://github.com/NixOS/nixpkgs/issues/162686
useHostResolvConf = lib.mkForce false;
};
# Use systemd-resolved inside the container
# Workaround for bug https://github.com/NixOS/nixpkgs/issues/162686
useHostResolvConf = lib.mkForce false;
};
services.resolved.enable = true;
services.resolved.enable = true;
};
};
};
}
}

6
modules/apps/nextcloud/default.nix
View File

@@ -1,8 +1,4 @@
{
lib,
config,
...
}:
{ lib, config, ... }:
with lib;
let
cfg = config.nas-apps.nextcloud;

7
modules/apps/ollama/default.nix
View File

@@ -1,9 +1,4 @@
{
lib,
pkgs,
config,
...
}:
{ lib, config, ... }:
with lib;
let
cfg = config.nas-apps.ollama;

7
modules/apps/open-webui/default.nix
View File

@@ -1,9 +1,4 @@
{
lib,
pkgs,
config,
...
}:
{ lib, config, ... }:
with lib;
let
cfg = config.nas-apps.open-webui;

7
modules/apps/orca-slicer/default.nix
View File

@@ -1,9 +1,4 @@
{
lib,
pkgs,
config,
...
}:
{ lib, config, ... }:
with lib;
let
cfg = config.nas-apps.orca-slicer;

7
modules/apps/radarr/default.nix
View File

@@ -1,9 +1,4 @@
{
lib,
pkgs,
config,
...
}:
{ lib, config, ... }:
with lib;
let
cfg = config.nas-apps.radarr;

7
modules/apps/sabnzbd/default.nix
View File

@@ -1,9 +1,4 @@
{
lib,
pkgs,
config,
...
}:
{ lib, config, ... }:
with lib;
let
cfg = config.nas-apps.sabnzbd;

7
modules/apps/sonarr/default.nix
View File

@@ -1,9 +1,4 @@
{
lib,
pkgs,
config,
...
}:
{ lib, config, ... }:
with lib;
let
cfg = config.nas-apps.sonarr;

11
modules/apps/swag/default.nix
View File

@@ -1,9 +1,4 @@
{
lib,
pkgs,
config,
...
}:
{ lib, config, ... }:
with lib;
let
cfg = config.nas-apps.swag;
@@ -34,9 +29,7 @@ in
"${toString cfg.httpsPort}:443"
"81:81"
];
extraOptions = [
"--cap-add=NET_ADMIN"
];
extraOptions = [ "--cap-add=NET_ADMIN" ];
volumes = [ "${cfg.configPath}:/config" ];
environment = {
PUID = cfg.puid;

7
modules/apps/tdarr/default.nix
View File

@@ -1,9 +1,4 @@
{
lib,
pkgs,
config,
...
}:
{ lib, config, ... }:
with lib;
let
cfg = config.nas-apps.tdarr;

7
modules/apps/vscode/default.nix
View File

@@ -1,9 +1,4 @@
{
lib,
pkgs,
config,
...
}:
{ lib, config, ... }:
with lib;
let
cfg = config.nas-apps.vscode;

11
modules/apps/wireguard/default.nix
View File

@@ -1,9 +1,4 @@
{
lib,
pkgs,
config,
...
}:
{ lib, config, ... }:
with lib;
let
cfg = config.nas-apps.wireguard;
@@ -20,9 +15,7 @@ in
"--cap-add=NET_ADMIN"
"--sysctl=\"net.ipv4.conf.all.src_valid_mark=1\""
];
volumes = [
"${cfg.configPath}:/config"
];
volumes = [ "${cfg.configPath}:/config" ];
environment = {
PUID = cfg.puid;
PGID = cfg.pgid;

7
modules/samba/default.nix
View File

@@ -1,9 +1,4 @@
{
lib,
pkgs,
config,
...
}:
{ lib, config, ... }:
with lib;
let
cfg = config.nas-samba;

5
secrets/secrets.yaml
View File

@@ -2,6 +2,7 @@
wifi: ENC[AES256_GCM,data:Rs+4Km4DogO7XatA,iv:JUv9HkNWsv/l4Fli5sFeUeYuWG1Yju95G59FJ/Q5W50=,tag:gRFCG4d5OBMRx1QayRV8Zg==,type:str]
jallen-nas:
admin_password: ENC[AES256_GCM,data:RGb0UQkLhqfBWflIc5r8yWgYvc0EZuM49uhnXH1r6o9d7Ya7eAoTn2DHdWmYnd9/LpTXPmLF07Nf8s1+/odYx8RBmaji56yWbQ==,iv:dGlvZtZFB8jsI33Qkmmb3iHTXqpVWfbd0EfNK0uX3i4=,tag:z6THeY0UmG64VwOdwnL/AA==,type:str]
ups_password: ENC[AES256_GCM,data:yHCwM7XbbhQZwxE=,iv:m4dD6VlrplHbZB5hnV1fk5N8IOsc+fA5qhTcrqiTxDM=,tag:41EaB9z2jlNTfPw5wlWQ3g==,type:str]
collabora: ENC[AES256_GCM,data:A01H7FzgSplAEn0dsENgllyWza4=,iv:L9bPHKdeIHn7caYn78XOkdmuSk1RIuSVcIW5HFQL8PY=,tag:h0kiClGAwGB6iP327flWew==,type:str]
mariadb:
root_pass: ENC[AES256_GCM,data:YLPfEG4/6FeCnrKdfXv9z4hHwtpM/KtBCYqlm4IUvA==,iv:pc9Ljasy76bfkmFRJ4M+wfEtjXBUD7Kb0S0WQZhCmOs=,tag:Wk/7gpKidirhRqw4+Pu96g==,type:str]
@@ -46,8 +47,8 @@ sops:
UGhsN2N0Mjl3UEJvUVlGRlJiN05WaUkKW37lU4G4CLTo6JoHC2OyhKsG/FuO+BiN
pzlVJwzRnmAqwklRbc6RMbQLl2EQrp6KQcgYsUxCMH9OQ/9WJ98dxQ==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2024-08-08T02:00:25Z"
mac: ENC[AES256_GCM,data:IVfBgo6DeJ4WPwF5Uzol1F/ORaWehP6Ax5NvBInQAelHV3wLWIwj+BnPqtJfWIHdUxNqPZCOmEjZ4DskYRAvxWvF+GyOJZ34tkxBMkASl76l9OmCf2KZtGERyUI+JmDh3qJ1K6KP6Mc/3p0xketrndm1mz42lc42VsL6Id2NUcY=,iv:+XiyBL5slouhfK4iOhS51IoWthdsEZ6HYJd8nHlCLT4=,tag:jZ2ISWYE/aA0OF6IORgVZQ==,type:str]
lastmodified: "2024-08-23T16:35:44Z"
mac: ENC[AES256_GCM,data:gVu0zOwEB/Mup8fXdlFxg8qRMHULMmQeDAsoFw8dlZpFe2IOAHOdemiV1T4oVhhZ78Or+c4PHO0a0M1piscLoHeAVnwPURe5t8tu+8BlwmKRu0+B618ekMXnDs8OYeNvRkA0DcsBr7lF08dbVSLdjfOqrT72XIuCm8XWnPnLPyE=,iv:MoThEq02i+G4BFbHzi6B2QgF7o0TlX3Ew1pB9SUaBRc=,tag:11/5WaAfx9731mo07Vi/ZQ==,type:str]
pgp: []
unencrypted_suffix: _unencrypted
version: 3.9.0