mjallen/nix-config
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: mjallen:c97e96f2da3b097a6e3dde48276744a972d698f5
Branches Tags
mjallen:main mjallen:stylix mjallen:bcfs mjallen:snowfall mjallen:macbook-hyprland
...
compare: mjallen:0aa9a0f994401a42610fa8bd112a69f839868ebb
Branches Tags
mjallen:main mjallen:stylix mjallen:bcfs mjallen:snowfall mjallen:macbook-hyprland

2 Commits
c97e96f2da ... 0aa9a0f994

Author SHA1 Message Date
mjallen18
0aa9a0f994 fmt 2026-03-30 19:34:40 -05:00
mjallen18
9728f49e42 fmt 2026-03-30 19:16:09 -05:00
9 changed files with 580 additions and 225 deletions
Expand all files Collapse all files

2
flake.nix
View File

@@ -138,7 +138,7 @@
# variable assignments for simple strings (e.g. username=admin).
# shellcheck SC2209 flags this as a warning, breaking the build when
# the value matches a command name. Exclude SC2209 globally.
(final: prev: {
(_final: prev: {
writeShellApplication =
args:
prev.writeShellApplication (

1
homes/x86_64-linux/matt@matt-nixos/default.nix
View File

@@ -31,6 +31,7 @@ in
desktop.plasma = enabled;
programs = {
opencode = enabled;
thunderbird = enabled;
hyprland = {
enable = false;

17
lib/module/default.nix
View File

@@ -147,6 +147,21 @@ rec {
"Extra environment variables passed to the service";
reverseProxy = mkReverseProxyOpt name;
hostedService = {
enable = mkOpt types.bool (cfg.reverseProxy.enable
) "Expose this service in Glance dashboard (auto-enabled when reverseProxy is on)";
title = mkOpt types.str name "Display title in Glance";
icon = mkOpt types.str "si:glance" "Icon identifier for Glance (e.g. si:actualbudget)";
group = mkOpt types.str "Services" "Glance group/category for this service";
url = mkOpt types.str (
if cfg.reverseProxy.enable then
"https://${cfg.reverseProxy.subdomain}.${cfg.reverseProxy.domain}"
else
"http://127.0.0.1:${toString cfg.port}"
) "Service URL for Glance (auto-derived from reverseProxy if enabled)";
basicAuth = mkOpt types.bool false "Require basic auth for this service in Glance";
};
}
// options;
};
@@ -298,6 +313,8 @@ rec {
# ---------------------------------------------------------------------------
# Option creation helpers
# ---------------------------------------------------------------------------
# Option creation helpers
# ---------------------------------------------------------------------------
mkOpt =
type: default: description:

3
modules/home/home/default.nix
View File

@@ -69,7 +69,8 @@ in
mission-center
parted
vesktop
] ++ (
]
++ (
if isArm then
[ ]
else

4
modules/nixos/network/options.nix
View File

@@ -92,9 +92,7 @@ in
type = mkOpt types.str "wifi" "type of the network.(wifi/ethernet)";
interface =
mkOpt types.str ""
"Interface for this profile (defaults to global ipv4.interface).";
interface = mkOpt types.str "" "Interface for this profile (defaults to global ipv4.interface).";
autoconnect = mkBoolOpt true "autoconnect to this connection";

506
modules/nixos/services/glance/default.nix
View File

@@ -4,10 +4,62 @@
namespace,
...
}:
with lib;
let
name = "glance";
cfg = config.${namespace}.services.${name};
net = lib.${namespace}.network;
hostedServiceSites =
let
servicesCfg = config.${namespace}.services;
serviceNames = builtins.attrNames servicesCfg;
in
builtins.concatMap (
serviceName:
let
serviceCfg = servicesCfg.${serviceName};
hosted = serviceCfg.hostedService or null;
in
if hosted != null && hosted.enable then
[
(
{
title = hosted.title;
url = hosted.url;
icon = hosted.icon;
}
// optionalAttrs hosted.basicAuth {
basic-auth = {
username = "\${ARR_USER}";
password = "\${ARR_PASS}";
};
}
)
]
else
[ ]
) serviceNames;
hostedServicesByGroup = builtins.groupBy (svc: svc.hostedService.group) (
builtins.filter (svc: svc.hostedService.enable) (
builtins.map (
serviceName:
let
serviceCfg = config.${namespace}.services.${serviceName};
in
{
inherit (serviceCfg) hostedService;
}
) (builtins.attrNames config.${namespace}.services)
)
);
makeMonitorWidget = title: sites: {
type = "monitor";
cache = "1m";
inherit title;
inherit sites;
};
glanceConfig = lib.${namespace}.mkModule {
inherit config name;
@@ -18,174 +70,117 @@ let
default = cfg.dataDir;
description = "Path to the NAS pool mount to display in server-stats.";
};
enableHostedServices = lib.mkOption {
type = lib.types.bool;
default = true;
description = "Auto-discover services with hostedService.enable and add them to the monitor widget";
};
moduleConfig = {
services.glance = {
enable = true;
openFirewall = true;
environmentFile = config.sops.templates."glance.env".path;
settings = {
server = {
host = "0.0.0.0";
port = cfg.port;
hostedServiceGroups = lib.mkOption {
type = lib.types.bool;
default = false;
description = "Create separate monitor widgets for each hostedService group instead of one combined widget";
};
pages = [
{
name = "Startpage";
width = "default";
# tab = "First";
hide-desktop-navigation = true;
center-vertically = true;
columns = [
{
size = "small";
widgets = [
{
type = "calendar";
first-day-of-week = "sunday";
}
{
type = "weather";
units = "imperial";
hour-format = "12h";
location = "Saint Paul, Minnesota, United States";
}
{
type = "server-stats";
servers = [
{
type = "local";
name = "Jallen-NAS";
cpu-temp-sensor = "/sys/devices/pci0000:00/0000:00:08.1/0000:cd:00.0/hwmon/hwmon*/temp1_input"; # Tctl
mountpoints = {
"/home" = {
name = "Home";
extraSites = lib.mkOption {
type = lib.types.listOf (
lib.types.submodule {
options = {
title = lib.mkOption {
type = lib.types.str;
description = "Display title";
};
"${cfg.nasPoolPath}" = {
name = "nas_pool";
url = lib.mkOption {
type = lib.types.str;
description = "Service URL";
};
icon = lib.mkOption {
type = lib.types.str;
default = "si:glance";
description = "Icon identifier (e.g. si:servicename)";
};
allow-insecure = lib.mkOption {
type = lib.types.bool;
default = false;
description = "Allow insecure connections";
};
basic-auth = lib.mkOption {
type = lib.types.bool;
default = false;
description = "Require basic auth (uses ARR credentials)";
};
};
}
);
default = [ ];
description = "Extra sites to display in the monitor widget";
};
weather = lib.mkOption {
type = lib.types.submodule {
options = {
enable = lib.mkOption {
type = lib.types.bool;
default = true;
description = "Enable weather widget";
};
location = lib.mkOption {
type = lib.types.str;
default = "Saint Paul, Minnesota, United States";
description = "Weather location";
};
units = lib.mkOption {
type = lib.types.enum [
"imperial"
"metric"
];
}
default = "imperial";
description = "Temperature units";
};
hour-format = lib.mkOption {
type = lib.types.enum [
"12h"
"24h"
];
}
{
size = "full";
# tab = "First";
widgets = [
{
type = "search";
autofocus = true;
search-engine = "google";
bangs = [
{
title = "YouTube";
shortcut = "!yt";
url = "https://www.youtube.com/results?search_query={QUERY}";
}
];
}
{
type = "monitor";
cache = "1m";
title = "Services";
sites = [
{
title = "Actual";
url = "https://actual.mjallen.dev/";
icon = "si:actualbudget";
}
{
title = "Jellyfin";
url = "https://jellyfin.mjallen.dev/";
icon = "si:jellyfin";
}
{
title = "Gitea";
url = "https://gitea.mjallen.dev/";
icon = "si:gitea";
}
{
title = "Nextcloud";
url = "https://cloud.mjallen.dev/";
icon = "si:nextcloud";
}
{
title = "Immich";
url = "https://immich.mjallen.dev/";
icon = "si:immich";
}
{
title = "AdGuard Home";
url = "http://${net.hosts.pi5.lan}:${toString net.ports.pi5.adguard}/";
icon = "si:adguard";
allow-insecure = true;
}
{
title = "Home Assistant";
url = "https://hass.mjallen.dev/";
icon = "si:homeassistant";
}
{
title = "Manyfold";
url = "http://${net.hosts.nas.lan}:${toString net.ports.nas.manyfold}/collections";
icon = "sh:manyfold";
allow-insecure = true;
}
{
title = "Code Server";
url = "http://${net.hosts.nas.lan}:${toString net.ports.nas.codeServer}/";
icon = "si:vscodium";
allow-insecure = true;
}
{
title = "NAS KVM";
url = "http://nas-kvm.local/";
icon = "si:nanokvm";
allow-insecure = true;
}
{
title = "Sonarr";
url = "http://${net.hosts.nas.lan}:${toString net.ports.nas.sonarr}/";
icon = "si:sonarr";
allow-insecure = true;
basic-auth = {
username = "\${ARR_USER}";
password = "\${ARR_PASS}";
default = "12h";
description = "Hour format";
};
};
};
default = { };
description = "Weather widget settings";
};
bookmarks = lib.mkOption {
type = lib.types.listOf (
lib.types.submodule {
options = {
title = lib.mkOption {
type = lib.types.str;
description = "Group title";
};
links = lib.mkOption {
type = lib.types.listOf (
lib.types.submodule {
options = {
title = lib.mkOption {
type = lib.types.str;
description = "Link title";
};
url = lib.mkOption {
type = lib.types.str;
description = "Link URL";
};
};
}
{
title = "Radarr";
url = "http://${net.hosts.nas.lan}:${toString net.ports.nas.radarr}/";
icon = "si:radarr";
allow-insecure = true;
basic-auth = {
username = "\${ARR_USER}";
password = "\${ARR_PASS}";
);
description = "List of links";
};
};
}
{
title = "Sabnzbd";
url = "http://${net.hosts.nas.lan}:${toString net.ports.nas.sabnzbd}/";
icon = "si:sabnzbd";
allow-insecure = true;
basic-auth = {
username = "\${ARR_USER}";
password = "\${ARR_PASS}";
};
}
# {
# title = "";
# url = "";
# icon = "si:";
# }
];
}
{
type = "bookmarks";
# tab = "First";
groups = [
);
default = [
{
title = "General";
links = [
@@ -242,39 +237,185 @@ let
];
}
];
description = "Bookmark groups";
};
reddit = lib.mkOption {
type = lib.types.listOf lib.types.str;
default = [
"hockey"
"formula1"
];
description = "Subreddits to show in Reddit widgets";
};
search = lib.mkOption {
type = lib.types.listOf (
lib.types.submodule {
options = {
title = lib.mkOption {
type = lib.types.str;
description = "Search engine title";
};
shortcut = lib.mkOption {
type = lib.types.str;
description = "Bang shortcut (e.g. !yt)";
};
url = lib.mkOption {
type = lib.types.str;
description = "Search URL with {QUERY} placeholder";
};
};
}
);
default = [
{
title = "YouTube";
shortcut = "!yt";
url = "https://www.youtube.com/results?search_query={QUERY}";
}
];
description = "Custom search engine bangs";
};
servers = lib.mkOption {
type = lib.types.listOf (
lib.types.submodule {
options = {
name = lib.mkOption {
type = lib.types.str;
description = "Server name";
};
cpu-temp-sensor = lib.mkOption {
type = lib.types.str;
default = "";
description = "CPU temp sensor path";
};
mountpoints = lib.mkOption {
type = lib.types.attrsOf (
lib.types.submodule {
options = {
name = lib.mkOption {
type = lib.types.str;
description = "Display name for mountpoint";
};
};
}
);
description = "Mountpoints to display";
};
};
}
);
default = [
{
name = "Jallen-NAS";
cpu-temp-sensor = "/sys/devices/pci0000:00/0000:00:08.1/0000:cd:00.0/hwmon/hwmon*/temp1_input";
mountpoints = {
"/home" = {
name = "Home";
};
"${cfg.nasPoolPath}" = {
name = "nas_pool";
};
};
}
];
description = "Servers for server-stats widget";
};
};
moduleConfig = {
services.glance = {
enable = true;
openFirewall = true;
environmentFile = config.sops.templates."glance.env".path;
settings = {
server = {
host = "0.0.0.0";
port = cfg.port;
};
pages = [
{
name = "Startpage";
width = "default";
hide-desktop-navigation = true;
center-vertically = true;
columns = [
{
size = "small";
widgets = [
{
type = "calendar";
first-day-of-week = "sunday";
}
]
++ (lib.mkIf cfg.weather.enable {
type = "weather";
units = cfg.weather.units;
hour-format = cfg.weather.hour-format;
location = cfg.weather.location;
})
++ (lib.mkIf (cfg.servers != [ ]) {
type = "server-stats";
servers = cfg.servers;
});
}
{
type = "reddit";
subreddit = "hockey";
}
size = "full";
widgets = [
{
type = "search";
autofocus = true;
search-engine = "google";
bangs = cfg.search;
}
]
++ (lib.mkIf cfg.hostedServiceGroups (
builtins.map (
groupName:
makeMonitorWidget groupName (
builtins.map (svc: {
title = svc.hostedService.title;
url = svc.hostedService.url;
icon = svc.hostedService.icon;
}) (hostedServicesByGroup.${groupName} or [ ])
)
) (builtins.attrNames hostedServicesByGroup)
))
++ (lib.mkIf (!cfg.hostedServiceGroups && cfg.enableHostedServices) [
(makeMonitorWidget "Services" hostedServiceSites)
])
++ (lib.mkIf (cfg.extraSites != [ ]) (
builtins.map (site: {
type = "monitor";
cache = "1m";
title = site.title;
sites = [
(
{
title = site.title;
url = site.url;
icon = site.icon;
}
// optionalAttrs site.allow-insecure { allow-insecure = true; }
)
];
}) cfg.extraSites
))
++ (lib.mkIf (cfg.bookmarks != [ ]) {
type = "bookmarks";
groups = cfg.bookmarks;
})
++ (lib.mkIf (cfg.reddit != [ ]) (
builtins.map (subreddit: {
type = "reddit";
subreddit = "formula1";
inherit subreddit;
}) cfg.reddit
));
}
];
}
];
}
# {
# name = "test";
# width = "default";
# hide-desktop-navigation = true;
# center-vertically = true;
# columns = [
# {
# size = "small";
# widgets = [
# {
# type = "adguard";
# url = "http://pi4.local:3000";
# username = "mjallen";
# password = "BogieDudie1";
# }
# ];
# }
# ];
# }
];
};
};
};
@@ -284,7 +425,6 @@ in
imports = [
glanceConfig
# Sops env-file for arr credentials (gated behind glance.enable)
{
config = lib.mkIf cfg.enable (
lib.${namespace}.mkSopsEnvFile {

1
modules/nixos/services/kavita/default.nix
View File

@@ -8,7 +8,6 @@ with lib;
let
name = "kavita";
cfg = config.${namespace}.services.${name};
rootUrl = "https://kavita.${namespace}.dev/";
kavitaConfig = lib.${namespace}.mkModule {
inherit config name;

2
overlays/homeassistant/default.nix
View File

@@ -1,5 +1,5 @@
{ ... }:
final: prev: {
_final: prev: {
home-assistant = prev.home-assistant.override {
packageOverrides = _self: super: {
psnawp = super.psnawp.overridePythonAttrs (old: {

199
systems/x86_64-linux/jallen-nas/apps.nix
View File

@@ -6,6 +6,7 @@
}:
let
inherit (lib.${namespace}) enabled disabled;
net = lib.${namespace}.network;
in
{
${namespace} = {
@@ -15,6 +16,10 @@ in
port = 3333;
createUser = true;
reverseProxy = enabled;
hostedService = {
group = "Finance";
icon = "si:actualbudget";
};
};
ai = {
enable = true;
@@ -29,6 +34,9 @@ in
enable = true;
subdomain = "cache";
};
hostedService = {
group = "Dev";
};
};
authentik = {
enable = true;
@@ -36,6 +44,9 @@ in
port = 9000;
reverseProxy = enabled;
environmentFile = "/run/secrets/jallen-nas/authentik-env";
hostedService = {
group = "Infrastructure";
};
redis = {
enable = true;
port = 6379;
@@ -104,6 +115,10 @@ in
enable = true;
port = 3000;
reverseProxy = enabled;
hostedService = {
group = "Dev";
icon = "si:gitea";
};
};
guacd = {
enable = true;
@@ -112,6 +127,165 @@ in
glance = {
enable = true;
port = 5555;
hostedServiceGroups = true;
weather = {
enable = true;
location = "Saint Paul, Minnesota, United States";
units = "imperial";
hour-format = "12h";
};
servers = [
{
name = "NAS";
mountpoints."/media/nas/main" = {
name = "Main Pool";
};
}
{
name = "Pi5";
mountpoints."/" = {
name = "Root";
};
}
];
bookmarks = [
{
title = "General";
links = [
{
title = "Gmail";
url = "https://mail.google.com/mail/u/0/";
}
{
title = "Proton Mail";
url = "https://mail.proton.me/u/0/inbox";
}
{
title = "MyNixOS";
url = "https://www.mynixos.com/";
}
{
title = "Github";
url = "https://github.com/";
}
];
}
{
title = "Entertainment";
links = [
{
title = "YouTube";
url = "https://www.youtube.com/";
}
{
title = "Prime Video";
url = "https://www.primevideo.com/";
}
{
title = "Disney+";
url = "https://www.disneyplus.com/";
}
];
}
{
title = "Social";
links = [
{
title = "Reddit";
url = "https://www.reddit.com/";
}
{
title = "Twitter";
url = "https://twitter.com/";
}
{
title = "Instagram";
url = "https://www.instagram.com/";
}
];
}
];
reddit = [
"hockey"
"formula1"
];
search = [
{
title = "YouTube";
shortcut = "!yt";
url = "https://www.youtube.com/results?search_query={QUERY}";
}
{
title = "Wikipedia";
shortcut = "!w";
url = "https://en.wikipedia.org/wiki/{QUERY}";
}
];
extraSites = [
{
title = "Home Assistant";
url = "http://${net.hosts.nuc.lan}:${toString net.ports.nuc.homeAssistant}/";
icon = "si:vscodium";
allow-insecure = true;
}
{
title = "ESPHome";
url = "http://${net.hosts.nuc.lan}:${toString net.ports.nuc.esphome}/";
icon = "si:vscodium";
allow-insecure = true;
}
{
title = "Sonarr";
url = "http://${net.hosts.nas.lan}:${toString net.ports.nas.sonarr}/";
icon = "si:sonarr";
allow-insecure = true;
basic-auth = true;
}
{
title = "Radarr";
url = "http://${net.hosts.nas.lan}:${toString net.ports.nas.radarr}/";
icon = "si:radarr";
allow-insecure = true;
basic-auth = true;
}
{
title = "Sabnzbd";
url = "http://${net.hosts.nas.lan}:${toString net.ports.nas.sabnzbd}/";
icon = "si:sabnzbd";
allow-insecure = true;
basic-auth = true;
}
{
title = "AdGuard";
url = "http://${net.hosts.pi5.lan}:${toString net.ports.pi5.adguard}/";
icon = "si:adguard";
allow-insecure = true;
}
{
title = "Manyfold";
url = "http://${net.hosts.nas.lan}:${toString net.ports.nas.manyfold}/collections";
icon = "sh:manyfold";
allow-insecure = true;
}
{
title = "Code Server";
url = "http://${net.hosts.nas.lan}:${toString net.ports.nas.codeServer}/";
icon = "si:vscodium";
allow-insecure = true;
}
{
title = "NAS KVM";
url = "http://nas-kvm.local/";
icon = "si:iterm2";
allow-insecure = true;
}
{
title = "NUC KVM";
url = "http://pikvm.local/";
icon = "si:raspberrypi";
allow-insecure = true;
}
];
};
glances = {
enable = true;
@@ -131,17 +305,28 @@ in
enable = true;
port = 2283;
reverseProxy = enabled;
hostedService = {
group = "Media";
icon = "si:immich";
};
};
jellyfin = {
enable = true;
port = 8096;
reverseProxy = enabled;
hostedService = {
group = "Media";
icon = "si:jellyfin";
};
};
jellyseerr = {
enable = true;
port = 5055;
createUser = true;
reverseProxy = enabled;
hostedService = {
group = "Media";
};
};
kavita = {
enable = true;
@@ -158,6 +343,9 @@ in
enable = true;
port = 6754;
reverseProxy = enabled;
hostedService = {
group = "Finance";
};
};
manyfold = {
enable = true;
@@ -167,6 +355,10 @@ in
enable = true;
port = 8448;
reverseProxy = enabled;
hostedService = {
group = "Infrastructure";
icon = "si:element";
};
};
minecraft = disabled;
mongodb = disabled;
@@ -192,12 +384,19 @@ in
enable = true;
subdomain = "cloud";
};
hostedService = {
group = "Infrastructure";
icon = "si:nextcloud";
};
};
ntfy = {
enable = true;
port = 2586;
createUser = true;
reverseProxy = enabled;
hostedService = {
group = "Infrastructure";
};
};
ocis = disabled;
onlyoffice = {