dp/nixcfg
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Activity

Compare commits

base: dp:bd54abed0b9caa26481dcf1b2d741b66066a2850
Branches Tags
dp:main dp:gitea
..
compare: dp:main
Branches Tags
dp:main dp:gitea

30 Commits
bd54abed0b ... main

Author SHA1 Message Date
Daniel Patterson
6cc089cea8 update 2026-01-16 22:44:53 +00:00
Daniel Patterson
842aea64f1 pingbox backups 2026-01-06 22:16:19 +00:00
Daniel Patterson
c048ce696a some shit 2026-01-06 22:16:04 +00:00
Daniel Patterson
81684c7650 update 2025-12-19 21:19:25 +00:00
Daniel Patterson
d1d2a6f0e2 fixes 2025-12-19 21:19:25 +00:00
Daniel Patterson
4eac39f381 idk 2025-12-01 22:45:42 +00:00
Daniel Patterson
195d2042ca fs idk 2025-11-24 23:35:25 +00:00
Daniel Patterson
d9ec914402 update 2025-11-10 21:08:41 +00:00
Daniel Patterson
d218fc2b06 alsdkjf 2025-11-10 20:22:40 +00:00
Daniel Patterson
42c6f9aa68 Stuff 2025-11-10 20:20:57 +00:00
Daniel Patterson
8367b03304 Add leviathan 2025-10-26 18:29:58 +00:00
Daniel Patterson
fdf7719a4e Niri stuff 2025-08-19 22:41:03 +01:00
Daniel Patterson
8959111f3e Update 2025-08-19 22:40:42 +01:00
Daniel Patterson
7b6b65cd1d make zed work 2025-08-04 00:11:49 +01:00
Daniel Patterson
888ce3e9d3 updates 2025-08-01 16:14:23 +01:00
Daniel Patterson
0929e6a15a Staf 2025-08-01 16:12:43 +01:00
Daniel Patterson
7a9083d0ef Update and stuff 2025-08-01 16:09:40 +01:00
Daniel Patterson
1409e3b988 laptop stuff 2025-05-28 23:29:47 +01:00
Daniel Patterson
f1ae7a7f08 Lidarr etc 2025-05-28 23:21:28 +01:00
Daniel Patterson
27047ed38f music 2025-05-24 18:30:01 +01:00
Daniel Patterson
23a653ad1c cool 2025-05-13 01:08:52 +01:00
Daniel Patterson
fb2370516e Kickstart Ranni 2025-05-12 22:31:34 +01:00
Daniel Patterson
dd5d771387 Rekey secrets 2025-05-10 00:40:10 +01:00
Daniel Patterson
0252a728d9 Ranni 2025-05-10 00:34:47 +01:00
Daniel Patterson
03011c7617 fuck devenv 2025-05-09 00:43:53 +01:00
Daniel Patterson
1f137c2f0c Loadsamoney 2025-05-09 00:22:34 +01:00
Daniel Patterson
a3afa8eb2c Stuff 2025-05-01 00:16:28 +01:00
Daniel Patterson
bebe8ddc78 Some stuff 2025-04-21 15:00:48 +01:00
Daniel Patterson
5b9f5bb9c7 some stuff 2025-04-15 20:12:39 +01:00
Daniel Patterson
4e43f7a0ef idk 2025-03-23 14:45:56 +00:00
48 changed files with 2122 additions and 417 deletions
Expand all files Collapse all files

395
flake.lock generated
View File

@@ -10,11 +10,11 @@
"systems": "systems"
},
"locked": {
"lastModified": 1736955230,
"narHash": "sha256-uenf8fv2eG5bKM8C/UvFaiJMZ4IpUFaQxk9OH5t/1gA=",
"lastModified": 1762618334,
"narHash": "sha256-wyT7Pl6tMFbFrs8Lk/TlEs81N6L+VSybPfiIgzU8lbQ=",
"owner": "ryantm",
"repo": "agenix",
"rev": "e600439ec4c273cf11e06fe4d9d906fb98fa097c",
"rev": "fcdea223397448d35d9b31f798479227e80183f6",
"type": "github"
},
"original": {
@@ -29,19 +29,24 @@
"devenv"
],
"flake-compat": [
"devenv"
"devenv",
"flake-compat"
],
"git-hooks": [
"devenv"
"devenv",
"git-hooks"
],
"nixpkgs": "nixpkgs"
"nixpkgs": [
"devenv",
"nixpkgs"
]
},
"locked": {
"lastModified": 1737621947,
"narHash": "sha256-8HFvG7fvIFbgtaYAY2628Tb89fA55nPm2jSiNs0/Cws=",
"lastModified": 1760971495,
"narHash": "sha256-IwnNtbNVrlZIHh7h4Wz6VP0Furxg9Hh0ycighvL5cZc=",
"owner": "cachix",
"repo": "cachix",
"rev": "f65a3cd5e339c223471e64c051434616e18cc4f5",
"rev": "c5bfd933d1033672f51a863c47303fc0e093c2d2",
"type": "github"
},
"original": {
@@ -51,6 +56,27 @@
"type": "github"
}
},
"copyparty": {
"inputs": {
"flake-utils": "flake-utils",
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1768598221,
"narHash": "sha256-09F+4yMnno3yI1us7t0Gt/wEbyZNk5U8EW9IE9HGXg8=",
"owner": "9001",
"repo": "copyparty",
"rev": "72c59405e7a49686389414913787245aa8e66164",
"type": "github"
},
"original": {
"owner": "9001",
"repo": "copyparty",
"type": "github"
}
},
"darwin": {
"inputs": {
"nixpkgs": [
@@ -59,11 +85,11 @@
]
},
"locked": {
"lastModified": 1700795494,
"narHash": "sha256-gzGLZSiOhf155FW7262kdHo2YDeugp3VuIFb4/GGng0=",
"lastModified": 1744478979,
"narHash": "sha256-dyN+teG9G82G+m+PX/aSAagkC+vUv0SgUw3XkPhQodQ=",
"owner": "lnl7",
"repo": "nix-darwin",
"rev": "4b9b83d5a92e8c1fbfd8eb27eda375908c11ec4d",
"rev": "43975d782b418ebf4969e9ccba82466728c2851b",
"type": "github"
},
"original": {
@@ -77,18 +103,20 @@
"inputs": {
"cachix": "cachix",
"flake-compat": "flake-compat",
"flake-parts": "flake-parts",
"git-hooks": "git-hooks",
"nix": "nix",
"nixd": "nixd",
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1741953770,
"narHash": "sha256-MTMEe69JXo7pSyoz1J+WgcSHZy991yhIz5GCsLf4M1g=",
"lastModified": 1768597968,
"narHash": "sha256-WdkoFB2QyMkZOmsi/08394clBRyEtNseH+jYGUs9eDU=",
"owner": "cachix",
"repo": "devenv",
"rev": "984272189d4c23e3663a4d7e83b3cf3a532aa53d",
"rev": "92ad9c70fad164e8f4a3656dec91717a5c42cd98",
"type": "github"
},
"original": {
@@ -100,11 +128,11 @@
"flake-compat": {
"flake": false,
"locked": {
"lastModified": 1733328505,
"narHash": "sha256-NeCCThCEP3eCl2l/+27kNNK7QrwZB1IJCrXfrbv5oqU=",
"lastModified": 1761588595,
"narHash": "sha256-XKUZz9zewJNUj46b4AJdiRZJAvSZ0Dqj2BNfXvFlJC4=",
"owner": "edolstra",
"repo": "flake-compat",
"rev": "ff81ac966bb2cae68946d5ed5fc4994f96d0ffec",
"rev": "f387cd2afec9419c8ee37694406ca490c3f34ee5",
"type": "github"
},
"original": {
@@ -133,16 +161,15 @@
"inputs": {
"nixpkgs-lib": [
"devenv",
"nix",
"nixpkgs"
]
},
"locked": {
"lastModified": 1712014858,
"narHash": "sha256-sB4SWl2lX95bExY2gMFG5HIzvva5AVMJd4Igm+GpZNw=",
"lastModified": 1760948891,
"narHash": "sha256-TmWcdiUUaWk8J4lpjzu4gCGxWY6/Ok7mOK4fIFfBuU4=",
"owner": "hercules-ci",
"repo": "flake-parts",
"rev": "9126214d0a59633752a136528f5f3b9aa8565b7d",
"rev": "864599284fc7c0ba6357ed89ed5e2cd5040f0c04",
"type": "github"
},
"original": {
@@ -151,7 +178,37 @@
"type": "github"
}
},
"flake-root": {
"locked": {
"lastModified": 1723604017,
"narHash": "sha256-rBtQ8gg+Dn4Sx/s+pvjdq3CB2wQNzx9XGFq/JVGCB6k=",
"owner": "srid",
"repo": "flake-root",
"rev": "b759a56851e10cb13f6b8e5698af7b59c44be26e",
"type": "github"
},
"original": {
"owner": "srid",
"repo": "flake-root",
"type": "github"
}
},
"flake-utils": {
"locked": {
"lastModified": 1678901627,
"narHash": "sha256-U02riOqrKKzwjsxc/400XnElV+UtPUQWpANPlyazjH0=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "93a2b84fc4b70d9e089d029deacc3583435c2ed6",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"flake-utils_2": {
"locked": {
"lastModified": 1649676176,
"narHash": "sha256-OWKJratjt2RW151VUlJPRALb7OU2S5s+f0vLj4o1bHM=",
@@ -166,13 +223,16 @@
"type": "github"
}
},
"flake-utils_2": {
"flake-utils_3": {
"inputs": {
"systems": "systems_3"
},
"locked": {
"lastModified": 1659877975,
"narHash": "sha256-zllb8aq3YO3h8B/U0/J1WBgAL8EX5yWf5pMj3G0NAmc=",
"lastModified": 1731533236,
"narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "c0e246b9b83f637f4681389ecabcb2681b4f3af0",
"rev": "11707dc2f618dd54ca8739b309ec4fc024de578b",
"type": "github"
},
"original": {
@@ -181,9 +241,9 @@
"type": "github"
}
},
"flake-utils_3": {
"flake-utils_4": {
"inputs": {
"systems": "systems_3"
"systems": "systems_4"
},
"locked": {
"lastModified": 1705309234,
@@ -202,7 +262,8 @@
"git-hooks": {
"inputs": {
"flake-compat": [
"devenv"
"devenv",
"flake-compat"
],
"gitignore": "gitignore",
"nixpkgs": [
@@ -211,11 +272,11 @@
]
},
"locked": {
"lastModified": 1740849354,
"narHash": "sha256-oy33+t09FraucSZ2rZ6qnD1Y1c8azKKmQuCvF2ytUko=",
"lastModified": 1760663237,
"narHash": "sha256-BflA6U4AM1bzuRMR8QqzPXqh8sWVCNDzOdsxXEguJIc=",
"owner": "cachix",
"repo": "git-hooks.nix",
"rev": "4a709a8ce9f8c08fa7ddb86761fe488ff7858a07",
"rev": "ca5b894d3e3e151ffc1db040b6ce4dcc75d31c37",
"type": "github"
},
"original": {
@@ -251,15 +312,14 @@
"nixpkgs": [
"nixpkgs"
],
"parts": "parts",
"systems": "systems_2"
},
"locked": {
"lastModified": 1741890415,
"narHash": "sha256-sDth10S5bzq1iVJs950x+haFL/CP9xTOEQsgkscIwlE=",
"lastModified": 1766068170,
"narHash": "sha256-gsG+gYgr9GJX+RAAACK+46nWoJzcAtcrrjPZKd9mbbs=",
"owner": "tailscale",
"repo": "golink",
"rev": "6826e7057912f9c0e01b8cfa5c81ec875a0aba41",
"rev": "e6795d11f3b2d7a90678e1ea471967e8137b36ef",
"type": "github"
},
"original": {
@@ -276,11 +336,11 @@
]
},
"locked": {
"lastModified": 1703113217,
"narHash": "sha256-7ulcXOk63TIT2lVDSExj7XzFx09LpdSAPtvgtM7yQPE=",
"lastModified": 1745494811,
"narHash": "sha256-YZCh2o9Ua1n9uCvrvi5pRxtuVNml8X2a03qIFfRKpFs=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "3bfaacf46133c037bb356193bd2f1765d9dc82c1",
"rev": "abfad3d2958c9e6300a883bd443512c55dfeb1be",
"type": "github"
},
"original": {
@@ -296,11 +356,11 @@
]
},
"locked": {
"lastModified": 1741955947,
"narHash": "sha256-2lbURKclgKqBNm7hVRtWh0A7NrdsibD0EaWhahUVhhY=",
"lastModified": 1768598210,
"narHash": "sha256-kkgA32s/f4jaa4UG+2f8C225Qvclxnqs76mf8zvTVPg=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "4e12151c9e014e2449e0beca2c0e9534b96a26b4",
"rev": "c47b2cc64a629f8e075de52e4742de688f930dc6",
"type": "github"
},
"original": {
@@ -310,9 +370,30 @@
"type": "github"
}
},
"home-manager_3": {
"inputs": {
"nixpkgs": [
"zen-browser",
"nixpkgs"
]
},
"locked": {
"lastModified": 1767104570,
"narHash": "sha256-GKgwu5//R+cLdKysZjGqvUEEOGXXLdt93sNXeb2M/Lk=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "e4e78a2cbeaddd07ab7238971b16468cc1d14daf",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "home-manager",
"type": "github"
}
},
"i3utils": {
"inputs": {
"flake-utils": "flake-utils",
"flake-utils": "flake-utils_2",
"nixpkgs": [
"nixpkgs"
]
@@ -332,68 +413,86 @@
"url": "https://git.sr.ht/~dpatterbee/i3utils"
}
},
"libgit2": {
"flake": false,
"locked": {
"lastModified": 1697646580,
"narHash": "sha256-oX4Z3S9WtJlwvj0uH9HlYcWv+x1hqp8mhXl7HsLu2f0=",
"owner": "libgit2",
"repo": "libgit2",
"rev": "45fd9ed7ae1a9b74b957ef4f337bc3c8b3df01b5",
"type": "github"
},
"original": {
"owner": "libgit2",
"repo": "libgit2",
"type": "github"
}
},
"nix": {
"inputs": {
"flake-compat": [
"devenv"
"devenv",
"flake-compat"
],
"flake-parts": [
"devenv",
"flake-parts"
],
"git-hooks-nix": [
"devenv",
"git-hooks"
],
"nixpkgs": [
"devenv",
"nixpkgs"
],
"flake-parts": "flake-parts",
"libgit2": "libgit2",
"nixpkgs": "nixpkgs_2",
"nixpkgs-23-11": [
"devenv"
],
"nixpkgs-regression": [
"devenv"
],
"pre-commit-hooks": [
"devenv"
]
},
"locked": {
"lastModified": 1734114420,
"narHash": "sha256-n52PUzub5jZWc8nI/sR7UICOheU8rNA+YZ73YaHeCBg=",
"owner": "domenkozar",
"lastModified": 1768491252,
"narHash": "sha256-ZlIPlKCYXwQJsw9WYVeyCapF5Y8JZL2Hctf22+IbHqo=",
"owner": "cachix",
"repo": "nix",
"rev": "bde6a1a0d1f2af86caa4d20d23eca019f3d57eee",
"rev": "9f0da1cd90b271569752a4c83f3ff700b8fcbe12",
"type": "github"
},
"original": {
"owner": "domenkozar",
"ref": "devenv-2.24",
"owner": "cachix",
"ref": "devenv-2.32",
"repo": "nix",
"type": "github"
}
},
"nixd": {
"inputs": {
"flake-parts": [
"devenv",
"flake-parts"
],
"flake-root": "flake-root",
"nixpkgs": [
"devenv",
"nixpkgs"
],
"treefmt-nix": "treefmt-nix"
},
"locked": {
"lastModified": 1763964548,
"narHash": "sha256-JTRoaEWvPsVIMFJWeS4G2isPo15wqXY/otsiHPN0zww=",
"owner": "nix-community",
"repo": "nixd",
"rev": "d4bf15e56540422e2acc7bc26b20b0a0934e3f5e",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "nixd",
"type": "github"
}
},
"nixgl": {
"inputs": {
"flake-utils": "flake-utils_2",
"flake-utils": "flake-utils_3",
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1713543440,
"narHash": "sha256-lnzZQYG0+EXl/6NkGpyIz+FEOc/DSEG57AP1VsdeNrM=",
"lastModified": 1762090880,
"narHash": "sha256-fbRQzIGPkjZa83MowjbD2ALaJf9y6KMDdJBQMKFeY/8=",
"owner": "guibou",
"repo": "nixGL",
"rev": "310f8e49a149e4c9ea52f1adf70cdc768ec53f8a",
"rev": "b6105297e6f0cd041670c3e8628394d4ee247ed5",
"type": "github"
},
"original": {
@@ -404,55 +503,11 @@
},
"nixpkgs": {
"locked": {
"lastModified": 1733212471,
"narHash": "sha256-M1+uCoV5igihRfcUKrr1riygbe73/dzNnzPsmaLCmpo=",
"lastModified": 1768564909,
"narHash": "sha256-Kell/SpJYVkHWMvnhqJz/8DqQg2b6PguxVWOuadbHCc=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "55d15ad12a74eb7d4646254e13638ad0c4128776",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs-lib": {
"locked": {
"lastModified": 1733096140,
"narHash": "sha256-1qRH7uAUsyQI7R1Uwl4T+XvdNv778H0Nb5njNrqvylY=",
"type": "tarball",
"url": "https://github.com/NixOS/nixpkgs/archive/5487e69da40cbd611ab2cadee0b4637225f7cfae.tar.gz"
},
"original": {
"type": "tarball",
"url": "https://github.com/NixOS/nixpkgs/archive/5487e69da40cbd611ab2cadee0b4637225f7cfae.tar.gz"
}
},
"nixpkgs_2": {
"locked": {
"lastModified": 1717432640,
"narHash": "sha256-+f9c4/ZX5MWDOuB1rKoWj+lBNm0z0rs4CK47HBLxy1o=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "88269ab3044128b7c2f4c7d68448b2fb50456870",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "release-24.05",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_3": {
"locked": {
"lastModified": 1741851582,
"narHash": "sha256-cPfs8qMccim2RBgtKGF+x9IBCduRvd/N5F4nYpU0TVE=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "6607cf789e541e7873d40d3a8f7815ea92204f32",
"rev": "e4bae1bd10c9c57b2cf517953ab70060a828ee6f",
"type": "github"
},
"original": {
@@ -461,7 +516,23 @@
"type": "indirect"
}
},
"nixpkgs_4": {
"nixpkgs-stable": {
"locked": {
"lastModified": 1751274312,
"narHash": "sha256-/bVBlRpECLVzjV19t5KMdMFWSwKLtb5RyXdjz3LJT+g=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "50ab793786d9de88ee30ec4e4c24fb4236fc2674",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "nixos-24.11",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_2": {
"locked": {
"lastModified": 1708161998,
"narHash": "sha256-6KnemmUorCvlcAvGziFosAVkrlWZGIc6UNT9GUYr0jQ=",
@@ -477,33 +548,17 @@
"type": "github"
}
},
"parts": {
"inputs": {
"nixpkgs-lib": "nixpkgs-lib"
},
"locked": {
"lastModified": 1733312601,
"narHash": "sha256-4pDvzqnegAfRkPwO3wmwBhVi/Sye1mzps0zHWYnP88c=",
"owner": "hercules-ci",
"repo": "flake-parts",
"rev": "205b12d8b7cd4802fbcb8e8ef6a0f1408781a4f9",
"type": "github"
},
"original": {
"owner": "hercules-ci",
"repo": "flake-parts",
"type": "github"
}
},
"root": {
"inputs": {
"agenix": "agenix",
"copyparty": "copyparty",
"devenv": "devenv",
"golink": "golink",
"home-manager": "home-manager_2",
"i3utils": "i3utils",
"nixgl": "nixgl",
"nixpkgs": "nixpkgs_3",
"nixpkgs": "nixpkgs",
"nixpkgs-stable": "nixpkgs-stable",
"zen-browser": "zen-browser",
"zig": "zig"
}
@@ -553,18 +608,56 @@
"type": "github"
}
},
"systems_4": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
},
"treefmt-nix": {
"inputs": {
"nixpkgs": [
"devenv",
"nixd",
"nixpkgs"
]
},
"locked": {
"lastModified": 1734704479,
"narHash": "sha256-MMi74+WckoyEWBRcg/oaGRvXC9BVVxDZNRMpL+72wBI=",
"owner": "numtide",
"repo": "treefmt-nix",
"rev": "65712f5af67234dad91a5a4baee986a8b62dbf8f",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "treefmt-nix",
"type": "github"
}
},
"zen-browser": {
"inputs": {
"home-manager": "home-manager_3",
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1741554872,
"narHash": "sha256-A/Iim9o0hHJjDJVynwtLzkox7NquvPc8CsJ/8OB4dDw=",
"lastModified": 1768379550,
"narHash": "sha256-z94S29l5V86h11LZbPIMbHTJyksDG63aqISsZkTTuJY=",
"owner": "0xc000022070",
"repo": "zen-browser-flake",
"rev": "a4408170c5a2168bb79abcf587c5072e2ee5fb90",
"rev": "06f61b4e4f4f6ba8027c96a5611c63dc0db12b90",
"type": "github"
},
"original": {
@@ -576,15 +669,15 @@
"zig": {
"inputs": {
"flake-compat": "flake-compat_2",
"flake-utils": "flake-utils_3",
"nixpkgs": "nixpkgs_4"
"flake-utils": "flake-utils_4",
"nixpkgs": "nixpkgs_2"
},
"locked": {
"lastModified": 1741825901,
"narHash": "sha256-aeopo+aXg5I2IksOPFN79usw7AeimH1+tjfuMzJHFdk=",
"lastModified": 1768565720,
"narHash": "sha256-PUDjT7pkY4WaKjS7flnjfwd8Q2piVsrNH/t/D+iYQ0g=",
"owner": "mitchellh",
"repo": "zig-overlay",
"rev": "0b14285e283f5a747f372fb2931835dd937c4383",
"rev": "27fb45c107ca8c2eda2b6f255bdd33bb82f3026c",
"type": "github"
},
"original": {

73
flake.nix
View File

@@ -4,9 +4,14 @@
inputs = {
nixpkgs.url = "nixpkgs/nixos-unstable";
nixpkgs-stable.url = "github:nixos/nixpkgs/nixos-24.11";
agenix.url = "github:ryantm/agenix";
agenix.inputs.nixpkgs.follows = "nixpkgs";
copyparty.url = "github:9001/copyparty";
copyparty.inputs.nixpkgs.follows = "nixpkgs";
devenv.url = "github:cachix/devenv";
devenv.inputs.nixpkgs.follows = "nixpkgs";
@@ -30,7 +35,9 @@
outputs = {
nixpkgs,
nixpkgs-stable,
agenix,
copyparty,
devenv,
golink,
home-manager,
@@ -43,12 +50,10 @@
system = "x86_64-linux";
overlays = [
copyparty.overlays.default
golink.overlays.default
nixgl.overlay
zig.overlays.default
(final: prev: {
zen-browser = zen-browser.packages.${prev.system}.default;
})
];
pkgs =
@@ -80,10 +85,19 @@
hostSystem = {
hostname,
headless,
np,
}:
lib.nixosSystem {
np.lib.nixosSystem {
inherit system;
inherit pkgs;
pkgs = import np {
inherit system;
config.allowUnfree = true;
overlays = overlays;
config.permittedInsecurePackages = [
"electron-25.9.0"
"jujutsu-0.23.0"
];
};
modules = [
{nixpkgs.overlays = overlays;}
@@ -92,6 +106,8 @@
agenix.nixosModules.default
copyparty.nixosModules.default
golink.nixosModules.default
home-manager.nixosModules.home-manager
@@ -102,6 +118,7 @@
extraSpecialArgs = {
inherit hostname;
inherit headless;
inherit inputs;
};
};
}
@@ -112,30 +129,47 @@
dingbox = hostSystem {
hostname = "dingbox";
headless = false;
np = nixpkgs;
};
elderbug = hostSystem {
hostname = "elderbug";
headless = false;
np = nixpkgs;
};
miniding = hostSystem {
hostname = "miniding";
headless = false;
np = nixpkgs;
};
pingbox = hostSystem {
hostname = "pingbox";
headless = false;
np = nixpkgs;
};
dingserver = hostSystem {
hostname = "dingserver";
headless = true;
np = nixpkgs;
};
bigding = hostSystem {
hostname = "bigding";
headless = true;
np = nixpkgs;
};
sidon = hostSystem {
hostname = "sidon";
headless = false;
np = nixpkgs;
};
ranni = hostSystem {
hostname = "ranni";
headless = false;
np = nixpkgs;
};
leviathan = hostSystem {
hostname = "leviathan";
headless = true;
np = nixpkgs;
};
};
homeConfigurations = {
@@ -144,27 +178,14 @@
};
};
devShell.${system} = devenv.lib.mkShell {
inherit inputs pkgs;
modules = [
{
# https://devenv.sh/reference/options/
packages = with pkgs; [
alejandra
];
enterShell = ''
'';
env = {
};
scripts = {
tidy.exec = ''
alejandra .
'';
};
}
devShell.${system} = pkgs.mkShell {
packages = [
pkgs.alejandra
(
pkgs.writeScriptBin "tidy" ''
alejandra .
''
)
];
};
};

126
hosts/bigding/configuration.nix
View File

@@ -3,7 +3,29 @@
pkgs,
lib,
...
}: {
}: let
mkVHost = baseUrl: {
service,
port,
}: {
name = "${service}.${baseUrl}";
value = {
listenAddresses = ["100.91.249.54"];
extraConfig = ''
tls {
dns porkbun {
api_key {env.PORKBUN_API_KEY}
api_secret_key {env.PORKBUN_SECRET_KEY}
}
}
reverse_proxy localhost:${builtins.toString port}
'';
};
};
mkVHosts = baseUrl: hosts: builtins.listToAttrs (builtins.map (mkVHost baseUrl) hosts);
in {
imports = [
../common
./hardware-configuration.nix
@@ -26,6 +48,7 @@
interfaces.ens3.useDHCP = true;
firewall = {
allowedTCPPorts = [80 8448 443];
allowedTCPPortRanges = [
{
from = 12500;
@@ -46,6 +69,8 @@
};
};
services.tailscale.permitCertUid = "caddy";
services.syncthing = {
settings = {
gui = {
@@ -55,6 +80,105 @@
guiAddress = "localhost:8387";
};
users.groups."media".name = "media";
age.secrets = {
caddy_porkbun_api_env.file = ../../secrets/caddy_porkbun_api_env.age;
};
services.sabnzbd = {
enable = true;
group = "media";
};
services.radarr = {
enable = true;
group = "media";
};
services.caddy = {
enable = true;
enableReload = false;
environmentFile = config.age.secrets.caddy_porkbun_api_env.path;
package = pkgs.caddy.withPlugins {
plugins = ["github.com/caddy-dns/porkbun@v0.2.1"];
hash = "sha256-X8QbRc2ahW1B5niV8i3sbfpe1OPYoaQ4LwbfeaWvfjg=";
};
logFormat = "level INFO";
virtualHosts =
(mkVHosts "broccoli.town" [
{
service = "radarr";
port = 7878;
}
{
service = "sonarr";
port = 8989;
}
{
service = "sab";
port = 8085;
}
{
service = "transmission";
port = 9091;
}
])
// {
"danielpatterson.dev" = {
extraConfig = ''
header {
proof proven.lol/de4a14
}
root * /srv/site/danielpatterson.dev
encode zstd gzip
file_server
'';
};
"movies.danielpatterson.dev" = {
extraConfig = ''
reverse_proxy localhost:8096
'';
};
"git.broccoli.town" = {
extraConfig = ''
reverse_proxy localhost:3030
'';
};
};
};
# containers.radarr = {
# autoStart = false;
# bindMounts = {
# "/data" = {
# hostPath = "/var/media";
# mountPoint = "/data";
# isReadOnly = false;
# };
# };
# forwardPorts = [
# {
# containerPort = 7878;
# hostPort = 7979;
# }
# ];
# config = {config, pkgs, lib, ...}: {
# services.radarr = {
# enable = true;
# };
# };
# };
services.sonarr = {
enable = true;
group = "media";
};
services.prowlarr = {
enable = true;
};
environment.systemPackages = with pkgs; [
helix
kitty # For terminfo

8
hosts/common/default.nix
View File

@@ -11,7 +11,7 @@
isNormalUser = true;
home = "/home/${userName}";
initialPassword = "password";
extraGroups = ["wheel" "networkmanager" "docker" "video" "syncthing"];
extraGroups = ["wheel" "networkmanager" "docker" "video" "syncthing" "audio" "media"];
uid = uid;
group = "users";
shell = pkgs.zsh;
@@ -39,6 +39,8 @@ in {
'';
};
security.sudo.wheelNeedsPassword = false;
# Set time zone.
time.timeZone = "Europe/London";
@@ -51,6 +53,7 @@ in {
};
virtualisation.docker.enable = true;
virtualisation.podman.enable = true;
hardware.cpu.intel.updateMicrocode = true;
@@ -80,7 +83,6 @@ in {
nnn
ripgrep
wget
zen-browser
zsh
];
@@ -107,7 +109,7 @@ in {
};
tailscale = {
enable = true;
enable = lib.mkDefault true;
};
};
}

16
hosts/common/graphical/default.nix
View File

@@ -10,7 +10,7 @@
hardware.graphics.enable32Bit = true;
hardware.bluetooth.enable = true;
services.pulseaudio.enable = false;
services.blueman.enable = true;
services.blueman.enable = lib.mkDefault true;
programs.partition-manager.enable = true;
networking = {
@@ -43,11 +43,11 @@
fraunces
noto-fonts
noto-fonts-cjk-sans
noto-fonts-emoji
noto-fonts-color-emoji
nerd-fonts.iosevka
monocraft
source-code-pro
ubuntu_font_family
ubuntu-classic
];
fontDir.enable = true;
@@ -59,6 +59,8 @@
steam = {
enable = true;
};
thunar.enable = true;
};
services = {
@@ -73,12 +75,16 @@
displayManager.sddm = {
enable = true;
package = pkgs.kdePackages.sddm;
package = lib.mkDefault pkgs.kdePackages.sddm;
wayland.enable = true;
# extraPackages = with pkgs; [(catppuccin-sddm.override {flavor = "macchiato";})];
theme = "maldives";
};
# desktopManager.plasma6 = {
# enable = true;
# };
pipewire = {
enable = true;
pulse.enable = true;
@@ -97,7 +103,7 @@
];
extraRules = ''
# Raspberry Pi Picoprobe
SUBSYSTEM="usb", ATTRS{idVendor}=="2e8a", ATTRS{idProduct}=="0003", MODE="0666"
# SUBSYSTEM="usb", ATTRS{idVendor}=="2e8a", ATTRS{idProduct}=="0003", MODE="0666"
'';
};

181
hosts/leviathan/configuration.nix Normal file
View File

@@ -0,0 +1,181 @@
{
config,
lib,
pkgs,
...
}: let
zfsCompatibleKernelPackages =
lib.filterAttrs (
name: kernelPackages:
(builtins.match "linux_[0-9]+_[0-9]+" name)
!= null
&& (builtins.tryEval kernelPackages).success
&& (!kernelPackages.${config.boot.zfs.package.kernelModuleAttribute}.meta.broken)
)
pkgs.linuxKernel.packages;
latestKernelPackage = lib.last (
lib.sort (a: b: (lib.versionOlder a.kernel.version b.kernel.version)) (
builtins.attrValues zfsCompatibleKernelPackages
)
);
in {
imports = [
# Include the results of the hardware scan.
./hardware-configuration.nix
../common
(import ../../modules).leviathan
];
boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true;
boot.kernelPackages = lib.mkForce latestKernelPackage;
boot.supportedFilesystems = ["zfs"];
networking = {
useDHCP = false;
hostName = "leviathan";
hostId = "abcd1234";
interfaces.enp1s0.useDHCP = true;
nameservers = [
"1.1.1.1"
];
firewall.allowedTCPPorts = [8000 8123 8095];
};
environment.systemPackages = with pkgs; [
helix
kitty # For terminfo
lazygit
];
containers.radarr = {
autoStart = true;
bindMounts = {
"/data" = {
hostPath = "/store/media";
mountPoint = "/store/media";
isReadOnly = false;
};
};
config = {
config,
pkgs,
lib,
...
}: {
services.radarr = {
enable = true;
user = "root";
group = "root";
};
system.stateVersion = "24.11";
};
};
services.openssh.settings.PermitRootLogin = "yes";
security.rtkit.enable = true;
users.groups."media".name = "media";
services = {
copyparty = {
enable = true;
settings = {
i = "100.64.214.3";
};
accounts = {
};
volumes = {
"/" = {
path = "/srv/copyparty";
access = {
rw = "*";
};
};
};
};
jellyfin = {
enable = true;
group = "media";
};
music-assistant = {
enable = true;
providers = [
"builtin_player"
"chromecast"
"hass"
"hass_players"
"soundcloud"
"spotify"
"spotify_connect"
"ytmusic"
];
};
pipewire = {
enable = true;
pulse.enable = true;
alsa.enable = true;
alsa.support32Bit = true;
wireplumber.enable = true;
};
};
programs.virt-manager.enable = true;
virtualisation = {
libvirtd = {
enable = true;
allowedBridges = ["br0"];
};
oci-containers = {
backend = "podman";
containers.homeassistant = {
volumes = ["home-assistant:/config"];
environment.TZ = "Europe/Berlin";
image = "ghcr.io/home-assistant/home-assistant:2025.10.2";
extraOptions = [
# Use the host network namespace for all sockets
"--network=host"
# Pass devices into the container, so Home Assistant can discover and make use of them
"--device=/dev/ttyUSB0:/dev/ttyUSB0"
];
};
};
};
# systemd.services.libvirt-default-network = {
# description = "Start libvirt bridge network";
# after = ["libvirtd.service"];
# wantedBy = ["multi-user.target"];
# serviceConfig = {
# Type = "oneshot";
# RemainAfterExit = true;
# ExecStart = "${pkgs.libvirt}/bin/virsh net-start bridged-network";
# ExecStop = "${pkgs.libvirt}/bin/virsh net-destroy bridged-network";
# User = "root";
# };
# };
# systemd.services.libvirt-home-assistant = {
# description = "Start home assistant VM";
# after = ["libvirt-default-network.service"];
# wantedBy = ["multi-user.target"];
# serviceConfig = {
# Type = "oneshot";
# RemainAfterExit = true;
# ExecStart = "${pkgs.libvirt}/bin/virsh start hass";
# ExecStop = "${pkgs.libvirt}/bin/virsh destroy hass";
# User = "root";
# };
# };
system.stateVersion = "25.05"; # Did you read the comment?
}

67
hosts/leviathan/hardware-configuration.nix Normal file
View File

@@ -0,0 +1,67 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{
config,
lib,
pkgs,
modulesPath,
...
}: {
imports = [
(modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = ["xhci_pci" "ahci" "usb_storage" "usbhid" "sd_mod"];
boot.initrd.kernelModules = [];
boot.kernelModules = ["kvm-intel"];
boot.extraModulePackages = [];
fileSystems."/" = {
device = "zpool/root";
fsType = "zfs";
options = ["zfsutil"];
};
fileSystems."/nix" = {
device = "zpool/nix";
fsType = "zfs";
options = ["zfsutil"];
};
fileSystems."/var" = {
device = "zpool/var";
fsType = "zfs";
options = ["zfsutil"];
};
fileSystems."/home" = {
device = "zpool/home";
fsType = "zfs";
options = ["zfsutil"];
};
fileSystems."/boot" = {
device = "/dev/disk/by-uuid/95BF-1B15";
fsType = "vfat";
options = ["fmask=0022" "dmask=0022"];
};
swapDevices = [
{
device = "/dev/disk/by-partuuid/db6bcd05-29fb-470a-aeba-f9f2648564af";
randomEncryption = true;
}
];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true;
# networking.interfaces.enp1s0.useDHCP = lib.mkDefault true;
# networking.interfaces.wlo1.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
}

21
hosts/pingbox/configuration.nix
View File

@@ -26,17 +26,29 @@
enable = true;
extraPackages = with pkgs; [
intel-media-driver
vaapiIntel
intel-vaapi-driver
];
};
programs.kdeconnect.enable = true;
programs.niri.enable = true;
# programs.virt-manager.enable = true;
# users.groups.libvirtd.members = ["daniel"];
# virtualisation.libvirtd.enable = true;
# virtualisation.spiceUSBRedirection.enable = true;
networking = {
hostName = "pingbox";
interfaces.wlp170s0.useDHCP = true;
};
environment.pathsToLink = ["/share/xdg-desktop-portal" "/share/applications"];
services = {
fprintd.enable = true;
@@ -68,6 +80,13 @@
logind = {
lidSwitch = "suspend-then-hibernate";
};
avahi = {
enable = true;
nssmdns4 = true;
openFirewall = true;
};
printing.enable = true;
};
systemd.sleep.extraConfig = ''

346
hosts/ranni/configuration.nix Normal file
View File

@@ -0,0 +1,346 @@
{
config,
pkgs,
lib,
...
}: let
mkVHost = baseUrl: {
service,
port,
}: {
name = "${service}.${baseUrl}";
value = {
listenAddresses = ["100.76.159.53"];
extraConfig = ''
tls {
dns porkbun {
api_key {env.PORKBUN_API_KEY}
api_secret_key {env.PORKBUN_SECRET_KEY}
}
}
reverse_proxy localhost:${builtins.toString port}
'';
};
};
mkVHosts = baseUrl: hosts: builtins.listToAttrs (builtins.map (mkVHost baseUrl) hosts);
zfsCompatibleKernelPackages =
lib.filterAttrs (
name: kernelPackages:
(builtins.match "linux_[0-9]+_[0-9]+" name)
!= null
&& (builtins.tryEval kernelPackages).success
&& (!kernelPackages.${config.boot.zfs.package.kernelModuleAttribute}.meta.broken)
)
pkgs.linuxKernel.packages;
latestKernelPackage = lib.last (
lib.sort (a: b: (lib.versionOlder a.kernel.version b.kernel.version)) (
builtins.attrValues zfsCompatibleKernelPackages
)
);
in {
imports = [
../common
./hardware-configuration.nix
(import ../../modules).ranni
];
boot.kernelPackages = lib.mkForce latestKernelPackage;
boot.loader.systemd-boot.enable = false;
boot.loader.grub = {
enable = true;
efiSupport = false;
devices = ["/dev/disk/by-id/ata-ST4000NM0245-1Z2107_ZC1A059L" "/dev/disk/by-id/ata-ST4000NM0245-1Z2107_ZC19X508"];
copyKernels = true;
};
boot.supportedFilesystems = ["zfs"];
boot.swraid.enable = true;
boot.kernelParams = ["boot.shell_on_fail"];
hardware.graphics = {
enable = true;
extraPackages = with pkgs; [
intel-media-driver
vaapiIntel
];
};
networking = {
hostName = "ranni";
hostId = "00000001";
useDHCP = false;
interfaces."enp0s31f6" = {
ipv4.addresses = [
{
address = "95.216.12.238";
# Hetzner requires /32, see:
# https://docs.hetzner.com/robot/dedicated-server/network/net-config-debian-ubuntu/#ipv4.
# NixOS automatically sets up a route to the gateway
# (but only because we set "networking.defaultGateway.interface" below), see
# https://github.com/NixOS/nixops/pull/1032#issuecomment-2763497444
prefixLength = 32;
}
];
ipv6.addresses = [
{
address = "2a01:4f9:2a:d05::1";
prefixLength = 64;
}
];
};
defaultGateway = {
address = "95.216.12.193";
# Interface must be given for Hetzner networking to work, see comment above.
interface = "enp0s31f6";
};
defaultGateway6 = {
address = "fe80::1";
interface = "enp0s31f6";
};
nameservers = [
# cloudflare
"1.1.1.1"
"2606:4700:4700::1111"
"2606:4700:4700::1001"
# google
"8.8.8.8"
"2001:4860:4860::8888"
"2001:4860:4860::8844"
];
firewall = {
allowedTCPPorts = [80 8448 443];
allowedTCPPortRanges = [
{
from = 12500;
to = 12515;
}
];
allowedUDPPortRanges = [
{
from = 12500;
to = 12515;
}
];
interfaces = {
"tailscale0" = {
allowedUDPPorts = [41641];
};
};
};
};
services.tailscale.permitCertUid = "caddy";
services.syncthing = {
settings = {
gui = {
insecureSkipHostcheck = true;
};
};
guiAddress = "localhost:8387";
};
services = {
jellyfin.enable = true;
jellyfin.group = "media";
};
users.groups."media".name = "media";
age.secrets = {
caddy_porkbun_api_env.file = ../../secrets/caddy_porkbun_api_env.age;
danflix_hetzner_storage_box_pub_key.file = ../../secrets/danflix_hetzner_storage_box_pub_key.age;
danflix_rclone_config.file = ../../secrets/danflix_rclone_config.age;
};
services.sabnzbd = {
enable = true;
group = "media";
};
containers.radarr = {
autoStart = true;
bindMounts = {
"/data" = {
hostPath = "/var/media";
mountPoint = "/var/media";
isReadOnly = false;
};
};
config = {
config,
pkgs,
lib,
...
}: {
services.radarr = {
enable = true;
user = "root";
group = "root";
};
system.stateVersion = "24.11";
};
};
# containers.radarr-small = {
# autoStart = true;
# bindMounts = {
# "/data" = {
# hostPath = "/var/media";
# mountPoint = "/var/media";
# isReadOnly = false;
# };
# };
# forwardPorts = [
# {
# containerPort = 7878;
# hostPort = 7979;
# }
# ];
# config = {
# config,
# pkgs,
# lib,
# ...
# }: {
# environment.systemPackages = with pkgs; [
# ghostty
# helix
# ];
# services.radarr = {
# enable = true;
# user = "root";
# group = "root";
# };
# system.stateVersion = "24.11";
# };
# };
containers.sonarr = {
autoStart = true;
bindMounts = {
"/data" = {
hostPath = "/var/media";
mountPoint = "/var/media";
isReadOnly = false;
};
};
config = {
config,
pkgs,
lib,
...
}: {
services.sonarr = {
enable = true;
user = "root";
group = "root";
};
system.stateVersion = "24.11";
};
};
containers.lidarr = {
autoStart = true;
bindMounts = {
"/var/media" = {
hostPath = "/var/media";
mountPoint = "/var/media";
isReadOnly = false;
};
};
config = {
config,
pkgs,
lib,
...
}: {
services.lidarr = {
enable = true;
user = "root";
group = "root";
};
system.stateVersion = "24.11";
};
};
services.prowlarr = {
enable = true;
};
services.caddy = {
enable = true;
enableReload = false;
environmentFile = config.age.secrets.caddy_porkbun_api_env.path;
package = pkgs.caddy.withPlugins {
plugins = ["github.com/caddy-dns/porkbun@v0.3.1"];
hash = "sha256-sa+L2YoTM1ZfhfowoCZwmggrUsqw0NmGWRK45TevxFo=";
};
logFormat = "level INFO";
virtualHosts =
(mkVHosts "broccoli.town" [
{
service = "radarr";
port = 7878;
}
{
service = "sonarr";
port = 8989;
}
{
service = "sab";
port = 8085;
}
{
service = "lidarr";
port = 8686;
}
])
// {
"http://ranni:8085" = {
listenAddresses = ["100.76.159.53"];
extraConfig = ''
reverse_proxy localhost:8085
'';
};
"http://ranni:8384" = {
listenAddresses = ["100.76.159.53"];
extraConfig = ''
reverse_proxy localhost:8387
'';
};
"movies.danielpatterson.dev" = {
extraConfig = ''
reverse_proxy localhost:8096
'';
};
"git.broccoli.town" = {
extraConfig = ''
reverse_proxy localhost:3030
'';
};
};
};
environment.systemPackages = with pkgs; [
helix
kitty # For terminfo
lazygit
];
system.stateVersion = "24.11"; # Did you read the comment?
}

58
hosts/ranni/hardware-configuration.nix Normal file
View File

@@ -0,0 +1,58 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{
config,
lib,
pkgs,
modulesPath,
...
}: {
imports = [
(modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = ["ahci" "sd_mod"];
boot.initrd.kernelModules = [];
boot.kernelModules = ["kvm-intel"];
boot.extraModulePackages = [];
fileSystems."/" = {
device = "root_pool/root/nixos";
fsType = "zfs";
};
fileSystems."/home" = {
device = "root_pool/home";
fsType = "zfs";
};
fileSystems."/var/lib/postgres" = {
device = "root_pool/postgres";
fsType = "zfs";
};
fileSystems."/var/media" = {
device = "root_pool/media";
fsType = "zfs";
};
fileSystems."/boot/efi" = {
device = "/dev/disk/by-uuid/555A-CAFA";
fsType = "vfat";
options = ["fmask=0022" "dmask=0022"];
};
swapDevices = [];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true;
# networking.interfaces.eth0.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
boot.swraid.enable = true;
}

11
hosts/sidon/configuration.nix
View File

@@ -38,6 +38,17 @@
wlr-randr
];
specialisation = {
niri.configuration = {
programs.niri.enable = true;
};
plasma.configuration = {
boot.loader.systemd-boot.sortKey = "default";
services.blueman.enable = false;
services.desktopManager.plasma6.enable = true;
};
};
security.pam.u2f = {
enable = true;
};

58
modules/backups/pingbox/default.nix Normal file
View File

@@ -0,0 +1,58 @@
{
pkgs,
config,
...
}: {
age.secrets = {
pingbox_backup_s3_creds.file = ../../../secrets/pingbox_backup_s3_creds.age;
pingbox_backup_repo_password.file = ../../../secrets/pingbox_backup_repo_password.age;
};
services.restic.backups = {
"system" = {
initialize = true;
passwordFile = config.age.secrets.pingbox_backup_repo_password.path;
timerConfig = {
OnCalendar = "daily";
Persistent = true;
RandomizedDelaySec = "15m";
};
repository = "s3:s3.eu-central-003.backblazeb2.com/pingbox-backup";
environmentFile = config.age.secrets.pingbox_backup_s3_creds.path;
progressFps = 0.1;
paths = [
"/etc/ssh"
"/etc/NetworkManager/system-connections"
"/home"
"/var/backup"
];
exclude = [
"/home/*/.cache"
"/home/*/.local/share/Trash"
"/var/cache"
"/var/tmp"
"/home/*/.nix-profile"
"/home/*/.nix-defexpr"
"/home/*/.rustup"
"/home/*/.cargo/registry"
"/home/*/.cargo/git"
"/home/*/.npm"
"/home/*/.bun"
"/home/*/.hex"
"/home/*/.go/pkg"
"/home/*/.android/avd"
"/home/*/.steam/root/steamapps"
"/home/*/.local/share/Steam/steamapps"
"/home/*/.steam/steam/steamapps"
];
backupPrepareCommand = ''
'';
};
};
}

79
modules/caddy/Caddyfile
View File

@@ -2,16 +2,12 @@
log {
level ERROR
}
admin off
# admin off
servers {
metrics
}
}
http://localhost:2019 {
metrics /metrics
}
matrix.broccoli.town {
reverse_proxy /_matrix/* http://localhost:8008
reverse_proxy /_synapse/client/* http://localhost:8008
@@ -25,26 +21,56 @@ broccoli.town:8448 {
reverse_proxy http://localhost:8008
}
broccoli.town {
header /.well-known/* "Access-Control-Allow-Origin" "*"
radarr.broccoli.town {
bind 100.91.249.54
respond /.well-known/matrix/client `{ "m.homeserver": { "base_url": "https://broccoli.town" } }`
tls {
dns porkbun {
api_key {env.PORKBUN_API_KEY}
api_secret_key {env.PORKBUN_SECRET_KEY}
}
}
reverse_proxy /_matrix/* http://localhost:8008
reverse_proxy /_synapse/client/* http://localhost:8008
redir / https://chat.broccoli.town
reverse_proxy http://localhost:7878
}
chat.broccoli.town {
header {
X-Frame-Options "SAMEORIGIN"
X-XSS-Protection "1; mode=block"
X-Content-Type-Options "nosniff"
X-Robots-Tag "noindex, noarchive, nofollow"
sab.broccoli.town {
bind 100.91.249.54
tls {
dns porkbun {
api_key {env.PORKBUN_API_KEY}
api_secret_key {env.PORKBUN_SECRET_KEY}
}
}
root * @element@
file_server
reverse_proxy http://localhost:8085
}
sonarr.broccoli.town {
bind 100.91.249.54
tls {
dns porkbun {
api_key {env.PORKBUN_API_KEY}
api_secret_key {env.PORKBUN_SECRET_KEY}
}
}
reverse_proxy localhost:8989
}
transmission.broccoli.town {
bind 100.91.249.54
tls {
dns porkbun {
api_key {env.PORKBUN_API_KEY}
api_secret_key {env.PORKBUN_SECRET_KEY}
}
}
reverse_proxy localhost:9091
}
danielpatterson.dev {
@@ -69,19 +95,14 @@ git.broccoli.town {
}
http://bigding:8384 {
bind 100.91.249.54
reverse_proxy localhost:8387
}
bigding.squirrel-clownfish.ts.net {
tls {
get_certificate tailscale
}
reverse_proxy localhost:9091
}
http://bigding {
reverse_proxy /transmission localhost:9091
reverse_proxy /transmission/* localhost:9091
bind 100.91.249.54
handle_path /prometheus/* {
reverse_proxy localhost:9090
}

32
modules/caddy/default.nix
View File

@@ -1,36 +1,20 @@
{
pkgs,
lib,
config,
...
}: {
networking.firewall.allowedTCPPorts = [80 8448 443];
services.tailscale.permitCertUid = "caddy";
services.caddy = let
catppuccin = builtins.fromJSON (builtins.readFile (pkgs.fetchurl {
url = "https://raw.githubusercontent.com/catppuccin/element/main/config.json";
hash = "sha256-jaH6E2YO2np3Ewv6JQWbGRiRqsL75rIEJuKfXv95W6Y=";
}));
element = pkgs.element-web.override {
conf =
{
default_server_config."m.homeserver" = {
"base_url" = "https://broccoli.town";
"server_name" = "broccoli.town";
};
}
// catppuccin;
services.caddy = {
package = pkgs.caddy.withPlugins {
plugins = ["github.com/caddy-dns/porkbun@v0.2.1"];
hash = "sha256-X8QbRc2ahW1B5niV8i3sbfpe1OPYoaQ4LwbfeaWvfjg=";
};
config = pkgs.substituteAll {
inherit element;
src = ./Caddyfile;
};
in {
enable = true;
configFile = config;
enableReload = false;
adapter = "caddyfile";
environmentFile = config.age.secrets.caddy_porkbun_api_env.path;
configFile = ./Caddyfile;
};
}

13
modules/default.nix
View File

@@ -2,7 +2,7 @@
bigding = {
imports = [
./backups/bigding
./caddy
# ./caddy
./dungflix
./fail2ban
./gitea
@@ -24,5 +24,16 @@
sidon = {};
pingbox = {
imports = [
./backups/pingbox
];
};
ranni = {
imports = [
./gitea
];
};
leviathan = {};
}

20
modules/dungflix/default.nix
View File

@@ -4,26 +4,15 @@
...
}: let
mountdir = "/var/media/danflix";
rclone_config = pkgs.writeText "" ''
[danflix-storage-box]
type = sftp
sftp_md5sum_command = md5sum
sftp_sha1sum_command = sha1sum
[danflix-crypto]
type = crypt
remote = danflix-storage-box:danflix
'';
in {
age.secrets = {
danflix_storage_box_crypt_obscured_pw.file = ../../secrets/danflix_storage_box_crypt_obscured_pw.age;
danflix_hetzner_storage_box_pub_key.file = ../../secrets/danflix_hetzner_storage_box_pub_key.age;
danflix_env_file.file = ../../secrets/danflix_env_file.age;
danflix_rclone_config.file = ../../secrets/danflix_rclone_config.age;
};
services = {
jellyfin.enable = true;
jellyfin.group = "media";
transmission = {
enable = true;
@@ -55,7 +44,7 @@ in {
"RCLONE_SFTP_KEY_FILE" = config.age.secrets.danflix_hetzner_storage_box_pub_key.path;
};
script = ''
${pkgs.rclone}/bin/rclone --config="${rclone_config}" mount danflix-crypto: ${mountdir} \
${pkgs.rclone}/bin/rclone --config="${config.age.secrets.danflix_rclone_config.path}" mount danflix-union: ${mountdir} \
--vfs-cache-mode full \
--vfs-cache-max-age 336h \
--vfs-cache-max-size 60G \
@@ -70,14 +59,13 @@ in {
'';
postStart = ''
sleep 5
${pkgs.rclone}/bin/rclone --config="${rclone_config}" rc vfs/refresh recursive=true _async=true
${pkgs.rclone}/bin/rclone --config="${config.age.secrets.danflix_rclone_config.path}" rc vfs/refresh recursive=true _async=true
'';
postStop = ''
sleep 3
${pkgs.fuse3}/bin/fusermount -u ${mountdir}
'';
serviceConfig = {
EnvironmentFile = config.age.secrets.danflix_env_file.path;
Restart = "on-failure";
};
};

24
modules/gitea/default.nix
View File

@@ -9,24 +9,6 @@
owner = "gitea";
group = "gitea";
};
gitea_actions_runner_token = {
file = ../../secrets/gitea_actions_runner_token.age;
};
};
services.gitea-actions-runner = {
instances = {
primary = {
enable = true;
name = "actions-runner";
url = config.services.gitea.settings.server.ROOT_URL;
tokenFile = config.age.secrets.gitea_actions_runner_token.path;
labels = [
"ubuntu-latest:docker://node:16-bullseye"
];
};
};
};
services.gitea = {
@@ -38,7 +20,7 @@
dump = {
enable = true;
type = "tar.zst";
file = "gitea.zip";
file = "gitea.tar.zst";
backupDir = "/var/backup";
interval = "01:30";
};
@@ -46,6 +28,7 @@
server = {
ROOT_URL = "https://git.broccoli.town/";
HTTP_PORT = 3030;
HTTP_ADDR = "127.0.0.1";
DOMAIN = "git.broccoli.town";
};
service = {
@@ -64,9 +47,6 @@
SMTP_PORT = 587;
USER = "apikey";
};
actions = {
ENABLED = true;
};
};
mailerPasswordFile = config.age.secrets.sendmail_email_key_gitea.path;
};

4
modules/synapse/default.nix
View File

@@ -7,7 +7,7 @@
fqdn = "matrix.broccoli.town";
in {
services.postgresql = {
enable = true;
enable = false;
package = pkgs.postgresql_16;
ensureUsers = [
];
@@ -20,7 +20,7 @@ in {
};
services.matrix-synapse = {
enable = true;
enable = false;
settings = {
enable_metrics = true;
server_name = "broccoli.town";

BIN
secrets/age_identity.age
View File

Binary file not shown.

33
secrets/bigding_backup_repo_password.age
View File

@@ -1,18 +1,17 @@
age-encryption.org/v1
-> ssh-ed25519 eYYv1Q p2lKm8m7/Kqkcv2OAa1QJ30SmpMRcPE2JIVVMMAapyI
rxFk8qX5U2tFVMOnC5bwPbkn67DbZ+rrx4577/2YN3o
-> ssh-ed25519 Bp5IaA B4MihkBHyFOLAoTCrma189xstle91PIP1llXfcXw/xA
EtOgYylN6wGcOzeXGd+t4rMAtwuzAJPsXU2EorBGKMw
-> ssh-ed25519 T/DpgA B7QEsjY0SXgZLD9Tlzy1JcZXVLX6OOnXosgTOtsisRw
yzanbQl1c1gBXToGO3trFiAYjj4XJPg/X2U5RdxRXrU
-> ssh-ed25519 qMgRFg WsKoCC0piMrxNzlcYRFDqpSDOULXCSY9ymBhHjfwyj0
f4+/oTEqO2Fx8/O1rKy+1aGw2uatIJNpZFCwz8f9WAw
-> ssh-ed25519 dMZXNw 1jYYtlUP/8no2KjB5No9aIPQwm1u+6ySv+tYdIn0W2I
mvDqK645jo7zPjRLuhCyy9nz7GAK+LVa/6Er5yfuPKQ
-> ssh-ed25519 70Nt2Q ux4w1776iy3VxBmjGQKA+3Y14FJ8ByGhaGpezPMdrlk
iWTL1amQzDBzKRM4mKY2wOgdDwi1OhwNAY7raSesFx8
-> \7].}^Ee-grease lKlBD]z~ @ pzb#Y
KUqMwST0vaSIY314aYy2zXzCHzMOzbJT4v3yQltQ1UgmmgfFgbYUKTBfqKICcfFx
Y3zNnJGXadK8fP2z8phy
--- +s2dxNBUCXWaM/gHSDOnaOTDnC0IXTdz79lIdmuDE68
&<26>d<EFBFBD>>ϼ*\ZA<5A><41><EFBFBD><EFBFBD>1=<3D><><EFBFBD><EFBFBD><EFBFBD>w<>?Y<><16>n
-> ssh-ed25519 eYYv1Q oXddewWnllLv73h4eMljoP35QKuQ1rUsAMoE6tu8XTg
zgoOxEdZQ7feixPSzcLWKS5T+23wfGrCSr19s891sJc
-> ssh-ed25519 Bp5IaA NxT+LEXxDV++CYL973CsB2Tt2pBFjkvs6kOnxmHQ+AQ
AH1OmpmY899Ov3j4texm96/tIIxCYzdtb/HoZ1pXVuk
-> ssh-ed25519 T/DpgA FgKrOJEI+YlBfxagb9YOu1feBXtZvGUnescAP5pKITA
FAvD1d87Ne66a75LmkEIUG7UKV6bIsRs4an8IFeh3MQ
-> ssh-ed25519 qMgRFg Q5VNMErDZucmpQnLDKzssklxNpaGXBN4pfEOiheFL2Y
cN4D/lzi44MdP5IsWG8o0fB5a06FCuJ8fUyF7fHLAao
-> ssh-ed25519 dMZXNw qqUxq8I5jwKflFaLQ3T2qyIM2eQKTTMxIqg+hmTYsXU
ezU+fnbRxzkwu1ws7YwYU+ZLERGeiqIXyBZPe786RaE
-> ssh-ed25519 +shbwg uIAE/ULfFSDjeCdw3Cfk/sov6prSBTsBT8SY7XHQhDU
umVDIXt7lDjUYMszoi2ti48la1Hqh3LfKgfXwx2rH8I
-> ssh-ed25519 70Nt2Q kyQVdOCOGR/IFyG67cQQyH2j3YPv8R5Y5JNb09XFuwU
5mUcmoAiO3XgZXxHTqRg02IBz9eejCYro6O07uoflQc
--- 3y+/TDRrG+APpNJSBYzci5s2WtjUHsc8lGvtISn/gcg
<EFBFBD><4A>f<EFBFBD>8uBj<42>F <0C>yU<79><55>W<EFBFBD>ZĆC<C486><43><EFBFBD>5M<>5S<35><69>ߎ*<1B>S<1B>/<10>

BIN
secrets/bigding_backup_s3_creds.age
View File

Binary file not shown.

19
secrets/caddy_porkbun_api_env.age Normal file
View File

@@ -0,0 +1,19 @@
age-encryption.org/v1
-> ssh-ed25519 eYYv1Q mCtMgzmP7HxB46ER6twUtUi3SJKK66DHQP77otrg2XU
sTXftZwgeZk+KDP/l5fXR9Og/3AcYPLGBg1AzuVxkRw
-> ssh-ed25519 Bp5IaA czaqh5ZgiSd4h2Oe3PNIfDwsPWVft8ZP1Cc6o7fTRU0
bQ6r4M37tDjhD4s9LcPonsmbLlU/cgO7nSQrUi+rUSk
-> ssh-ed25519 T/DpgA v1wZ6YO0cwtuN1mrxW8/axRKpAPa+V5g79KNMxrELWU
MS6NZMHViOzib4RT06Bz3TgL+/gJk/hUzdzMljqJhKQ
-> ssh-ed25519 qMgRFg BCzcZk3UlZV1EQQtP/na+Ed8lQ2mFKFIA29zX2Wsw3k
psdMhWStulJ+heqvyFER4zpuXp8i84PJIJWZnKlEvrs
-> ssh-ed25519 dMZXNw VabNLOAFFZK5bNzQ85co2/7NNHal5SjhktCWLoWWznY
hHB671B0Q5gqktZ7BTq4Ny+KUXZ1EHQGuffzusJVSPI
-> ssh-ed25519 +shbwg UfJ2qk6tN65rOiSUIATVbPYD+kDCrJVKMrZBSeOtqlI
2CVDA0/ag1PS8ANLRXQ1WvX5Nzd8FLM7d4qX+jXCsZ8
-> ssh-ed25519 70Nt2Q ambd6Z2wkhMxyCFAuFZjtp+QSMPyeSrfyACJlxTh7EQ
ONURlDlrO9bdnCFm+We0733DgKBhfUyZRXwIOS5Jed8
-> ssh-ed25519 YAvvLw RWhx1m4FF5mMfx41RkatBH9HfBFcWCXTkmWCHGCWk2c
lKmFwwsqtF0lL+EIDzwUW+P+gqEi/d4fd+qQZ5P8A1g
--- FcmYlyW5nSD7yAY0lJYWnemJZIujuy0yRK25GJcG1M4
<0B><><EFBFBD>

BIN
secrets/danflix_env_file.age
View File

Binary file not shown.

BIN
secrets/danflix_hetzner_storage_box_pub_key.age
View File

Binary file not shown.

BIN
secrets/danflix_rclone_config.age Normal file
View File

Binary file not shown.

BIN
secrets/danflix_storage_box_crypt_obscured_pw.age
View File

Binary file not shown.

BIN
secrets/danflix_storage_box_crypt_pw.age
View File

Binary file not shown.

BIN
secrets/gitea_actions_runner_token.age
View File

Binary file not shown.

BIN
secrets/minisign_private_key.age
View File

Binary file not shown.

17
secrets/pingbox_backup_repo_password.age Normal file
View File

@@ -0,0 +1,17 @@
age-encryption.org/v1
-> ssh-ed25519 eYYv1Q MOnAF1gIBzvuitiC6Nw4/SJppyOQff9j4gHPAcKmO1o
+G3RsKGN09DVOmQ7ma4lRoRFiYYCiCY2WoV6l5JKucM
-> ssh-ed25519 Bp5IaA 1ftyP4x5WfRsZvOVYLUpiR5Q1hQgRU78j0Yuwv07OGw
wtVAKEglVVu9B1yQwBp4AutzjDiTAAHbsrJJSMQPjLI
-> ssh-ed25519 T/DpgA x/1vUD1VHZYBWwXzBO4c7P6WtLkTYu6KD8RglBtrsl8
PRM6akgeJ64OHBV94jLojVJlHjwWiv0tLpJF2QnqXX4
-> ssh-ed25519 qMgRFg fBlwYeWq+XwRgOclr/IK18QHbdwXr0kD+/b9HnQZ2yY
52mokhUVu1AjcHBrWvJ3AS8Zr4o19ijhHxdo+tYQiuk
-> ssh-ed25519 dMZXNw SobQAY/O2iJ4MKMtbDXyDEbwQpTvuoKvG8UKYWoEEF8
eueMl+WoEMJOUSJ9hnt80w4lZXiWxPNJ1jXtGudFXVQ
-> ssh-ed25519 +shbwg 0EPWn6B2GVHrw/eXWC9ugGIDFvXSCPfhFrg5F8GgeEA
ql8+axPwSj9eQuGp4J9UjuK70TZqGsCXhFSczsQQUg8
-> ssh-ed25519 RD8X/A nZXLx5Ujbu+h+odPK5kpLJUlegn117xQSEdiEDHWx14
O/ftoh0wTit0RvlW+176vTE8r7yIrXK8GfL81pn1epk
--- G1sqmtJfli22DKFmP90EzmGJNqkcxeFQlQ3WskR9dkQ
<EFBFBD><EFBFBD>.<2E><><EFBFBD><14>D<<3C><>Q(JA<4A>}qOZ<4F><5A><EFBFBD>+t<>D<EFBFBD><44>im<69>]<5D>ޛj4<10>ڿ @s (EfF<18><>4#<23>dnޠ<6E><DEA0>4<EFBFBD><34><EFBFBD>n<EFBFBD>4eL{

18
secrets/pingbox_backup_s3_creds.age Normal file
View File

@@ -0,0 +1,18 @@
age-encryption.org/v1
-> ssh-ed25519 eYYv1Q 4CKDsgu9sWc8ndynGaeVn5pGi00Q7MH1d10B+u/y6V4
xoV29lRzNuiuUGb53LmAEtLAZqVPuasHhkAsYDV1vHI
-> ssh-ed25519 Bp5IaA T/KQa0GccaU4+VWz6RkaJYy+xW64TtTrWmwTZaQhnSs
M6Xeo00CnoTS2S0fxro3cR1jmMhhAgRYkUBvERVPDdg
-> ssh-ed25519 T/DpgA RXD/DvpKiRAroiIHzeGvEvxu0Wqo9OTVEzGb7rALhQQ
QMLi3YvEgcQnX3wbdvOMepxFFv8fVYV6gAT9xDgtlZk
-> ssh-ed25519 qMgRFg gRd/ujAUy3cwfhOxqPG43g78C0JoanVeuTNgqkWdrGQ
6jrqVbZVnJjfLt9Gty2W46uAXe1I1zRB8hZUYlT4f4U
-> ssh-ed25519 dMZXNw Hi5EgfUVrLKEDk1X0dKw/E45wPnp/8m3AArlx6uVMAE
cFNiWQc7l08OmyB92WEAiJBq81EwXrBahPF0Obra+iU
-> ssh-ed25519 +shbwg HHQj8eV9/oX9bPfhdHGNqIs+/0PpdHZaqOtbddKqEV4
cWja5Ik+cqWZEprdNsdYQX4bBLIr0SSlIvIq7E1Swa4
-> ssh-ed25519 RD8X/A S0Ye1A3tg4oJxVOFYl7FCnx0M1WxV+KUYT2iJHvL7mA
9eEP5uRWpkIfpnhzaAyYnXn7Mh6VlqsBVfbp+ojPOfk
--- t8POWURQ6sCpE3t9cG6EdGlp4kymFepstZYyj07JWnI
<EFBFBD>pj<EFBFBD><EFBFBD>t<EFBFBD>sr<><1E><><EFBFBD>T<EFBFBD><54>W<EFBFBD>PM<50><4D><EFBFBD><EFBFBD>]<0E><17><><EFBFBD>Nd7<64>&`<60><>bCɴ
u<EFBFBD>a<EFBFBD><EFBFBD>)c9d<39><64>j<17>dɬK<C9AC><4B><EFBFBD>i@L<><4C><EFBFBD><EFBFBD><EFBFBD><EFBFBD>`<1D>`<60><>S<EFBFBD>zs<><73><EFBFBD>|<7C><>C0pG<70><13>.Ǭx<C7AC>e.<2E><>j

39
secrets/rclone_password1.age
View File

@@ -1,20 +1,21 @@
age-encryption.org/v1
-> ssh-ed25519 eYYv1Q 6I/C6kd0F8pPX1bIZ8f5ZTyddBqnLz835S/Q3o4ocVE
/dhM7FwPWEzyQCcUCw0CdCyt1J5oz0Ly7em7yZGxs2k
-> ssh-ed25519 Bp5IaA bnm7aVEatMbr76zpxqUCyCzEqn9ArmdwkjteA+auAQc
pLVxYtYdBVeCp3dMp9LTTLX/CLDUyBAv23hi7Aj4pD8
-> ssh-ed25519 T/DpgA mE97Fpws6KenlNQ8Hs/Csi0dY4GvB0z8LcwCmsM7PDA
N9Ap8u8qeeukvDM30pxwRok+pjs5i9Z/lQylOkaNTAs
-> ssh-ed25519 qMgRFg G0qEsVQNj0Z7rCglx81fmUr09AGbjJpgxW9UWmjGZh4
sgLx9+u+JAP9dH0F+xptRUQWJxRzL0ACTW/fbxyJ9ZE
-> ssh-ed25519 dMZXNw 8OuNPpD/GBa/UnxLTyTbiH02GTl+ZgL2/X9m8fR/FHg
M+Qaldh0wGRFO4kiNyuw/ui0LsaNBqORfmbbuPFQcpA
-> ssh-ed25519 GzHGXw jNvSCxiYW4psZhdiFk36jXQigcFijAqfhjSi0YUT6y4
SqHCmEEUseX8XjOEH/QdFi8jX/6DyNGgm6yOHf5tEJM
-> ssh-ed25519 70Nt2Q D9lDPhjAJ6ntkg2VAys7MU3honDEAFzk+n3FPsjoARs
8F4p2DcD/JyxKZuzLMuuumY+0yAQjsAQfQhqvtbn/CY
-> j6O-grease v A$M=
l9GAg+AXTZEc44390C60kR5df+XK283KeRlPR+JAthfe7MvF/NJ4cqF5TlqZo0AU
AHmkD0k
--- mUKNXFOZ36jA7vuAB+7CbAVrV6lYuUeKnOt8TJz/QR8
<EFBFBD><EFBFBD>Ė:<3A>1<EFBFBD><11>&9İ<39><C4B0>-<15><>?<3F><>4.<2E><><EFBFBD> <0B>!ex<><78>I<EFBFBD>%<25>j<EFBFBD>O<EFBFBD> C5e%p<>N<EFBFBD>I<18><><EFBFBD>G<EFBFBD><47><EFBFBD><10><><EFBFBD>;<3B><><EFBFBD>`6
-> ssh-ed25519 eYYv1Q 6vOBCYYulq/yMgZcE4pKNSWpkO615wAyBqCDcCvS7Qc
rX/Kw5qtZFSpAncxWVhG/LUzFuFiuEOuHcYUdBfkst8
-> ssh-ed25519 Bp5IaA EtR1cN2DPBgy+r6hpat+jKSisbdCuLRm1gTLDE1KM0c
EVaQdf804QSqpAXrV82kL2XwHmqNXihLT42bzv5uIVo
-> ssh-ed25519 T/DpgA nKRA3fgCa2+8SdLVqI4m6untb8aBlAuNf3zKJmQBAkY
MEd6efWFuqUtDJPDBgZqkTG2neZQZwA5HzIC7uElyIU
-> ssh-ed25519 qMgRFg sAuPesGJ54EnRowUbFhAPRgOQxDr/TBPyqsJNcJ3j0A
DgEouiS8UjzAaQSVKFDObfxM0WijQtCQLzsSu7pFRwM
-> ssh-ed25519 dMZXNw DBchChRMA5hszqtjJvwvsNGZk9Z0HlvmNHMdx+OFVV4
U+LIDwbuKFGvuULEDuOPhyiTIcEjwpY9EA+HBes/Y6o
-> ssh-ed25519 +shbwg hgFratZl3KxZDK08F1CWIMv7JwlDVNIByMAG/JJbjyI
YBnnlVasOTVYJmes/vchGK9FEWLGe/SS4ZHdwGcE79k
-> ssh-ed25519 GzHGXw lHxuRl5gM+DPABDkiDhaArSgRFkNWV4qbsa+0HGzKU0
8nZbH5sJI6CGFD7K51xJ2MKr8DHqRrGEe+lQVH4plWY
-> ssh-ed25519 70Nt2Q 45n/rUffOJu3bzrTBymPToB8aTXcvQWOeFPVmLzB9WY
QyewneIRy7KXqCXWZpzt9bTL65dtM41BPDx8bedZcUU
--- LWbHHVWdceA60roQicg72sJxBWPNvu4s8K1WNcorMpU
<EFBFBD>CP? ̮<>Dͳ˚<CDB3>V<EFBFBD><56>d<EFBFBD>{<16>-<2D><> <0C><>fk9<6B><39>"<22><>٢'<27>\<5C>#̊<>eN`Ẉ
<EFBFBD><EFBFBD><03>.1<EFBFBD><EFBFBD>
<EFBFBD><EFBFBD><EFBFBD>I<EFBFBD>z<07><>

37
secrets/rclone_password2.age
View File

@@ -1,20 +1,19 @@
age-encryption.org/v1
-> ssh-ed25519 eYYv1Q LZwJmlO0K8OZBQcBp2KiirS6dOi0MI4QL3KZJAbSlSA
VN9IF2McXP7T576+HMnC/H8rBQPeuiFViCXKYVTYGxM
-> ssh-ed25519 Bp5IaA V9hkpjVVQlfB7jHbxHWcrDtXBAFsQdZM+wq8XB8hrHM
40DsgVRpRxwnhTuc+KY9W5DAP2er4f4gwUS3XFSsP1Y
-> ssh-ed25519 T/DpgA YyovZ4r5p2Y0b0YMB3ybtj7RGa6YJIaCQvS4N8ACy30
bdWFxWQcgIbNspUSwtiytErZ105fQtvTmNazsprzVpU
-> ssh-ed25519 qMgRFg I3+nfZVN7qNUUDpoLt7/lrlhH1dacQAoMyTeLbypD1s
SJspcVYfX6HuRH9lsAsnt8FR/n3J99Bax1dj/CC4dnA
-> ssh-ed25519 dMZXNw 8rZ8Z/3IM9mkI2K/SuHsga96jsZ50Mw1nGiR3IGQVwc
CDzSdHl+xQktP8p5enfaKS9zxJaTdf6YcgXbVbQMrmc
-> ssh-ed25519 GzHGXw dP0X4HBhvAMw+6JoA0jT76jyjyykrzHwSvYub6Rskmg
2wgzuGKxv8SFz1DrMfAsHcvtprOqWEo8mporTPwhrVE
-> ssh-ed25519 70Nt2Q 5FfUOwKURR9Zv/uXaqWDzQF7Ms0xkdINA1Rz02tZ4Cs
+MqPawyZvwCZUEcN2/5nZt/Zwf59jm8h0BFsHyWUX9k
-> n<90Kr$R-grease 2
uQ51BhliS5bfdIO2YS68nlf4lS5oVSfqXFIGoVhHO0cwuh6cckL4aqNim/S3uNRf
/J/a482wMBY2gchhnG2qyhH/UF8
--- 3UkEGyyoK/ejTo6/0rB8BvzBt0P/JnqubGZUIIjF+eY
<EFBFBD>A9Q}<>[<5B><><EFBFBD><EFBFBD><EFBFBD>,Hf<>-<2D>{^<5E><>@^<5E><><EFBFBD><EFBFBD>nb@<40><><EFBFBD><EFBFBD>C<EFBFBD><43>#d<>}X1<58><31><EFBFBD><EFBFBD>n<EFBFBD>+
-> ssh-ed25519 eYYv1Q x9YHnQrHk/+xuNB3Dgds2YXl6snJw0BF/vy7h6+0USk
b3VaHkqpDOJlAahOx6zaKLaTouJqJ45tubz/jf05s38
-> ssh-ed25519 Bp5IaA Vz/hj6Ghlec3tRUY5tZ3is/uE+AT9GMPl93o0LppBiw
guTE7llA2Y4MT+v6bHT7nmqrKdxDeyvAdJMfbk4aUXM
-> ssh-ed25519 T/DpgA tWDjI6k2AcEFPqX8K4Zwf5jtpvRDDCVSM4g+12cZOEI
bqq3UGc0tHm0OO8Y+rmUX38iN685BKz0F719DZo/plA
-> ssh-ed25519 qMgRFg fRuc+LYFQnHG9zhu6uK4aGdWu/crjXl27tnTE98bLiA
JFkTAqDWygs8UXnYeZ05MXJ35lgtRy4LTOLLS0STkXQ
-> ssh-ed25519 dMZXNw sdLzOdQ7R+0AFpjb3CSH2djvdT7qedS1io7LxcbHeCM
tPWjCR+sim3lJmIBbRBdjZ/5WCQWZ5OlMA8Rere2GHY
-> ssh-ed25519 +shbwg JzFxfwYd2EHJklt1edx21IKPkBwNIEXekVPm0CtFTXw
SVYAq6wZm+HqL+zRLkkQETaUrgaq6UCKmai1+AIQ2mU
-> ssh-ed25519 GzHGXw G8XbVaclLKQmpg0rcz5NjJoREpBqkfZSIJ1BXmUOwQ0
xNwiO1Mo6WdfCEgAYtUHbC9oRhaKzXCuARazCHc93gU
-> ssh-ed25519 70Nt2Q WNZK+p/no7glfDohKMmi6fGXC2TikrnyvvkvBORRXyw
7Gu0e2jzECq21S8djgW1YRTK98EmU03Gk0cRtF0/pgo
--- 14oASxLoERqbPTjBVECRCgo6bTG5MXb1WR5NTGB41UU
<EFBFBD>.ÝVi<11><>f\<5C><>7<EFBFBD><14>Z<EFBFBD><5A>i <09><07>rVayZ"<22>p<EFBFBD>Խ<EFBFBD>fp<66>a<18><><EFBFBD>ji<08><><EFBFBD>

19
secrets/secrets.nix
View File

@@ -4,7 +4,8 @@ let
user3 = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIP0Ps8eEFIkLe863bisGvSIVXZqedp9z5AC8RKyvZtcA me@danielpatterson.dev";
user4 = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOjVwYfjyZ7kd7idwfGNtS62VKAc34WIsjQvypMe0d8N dingserver";
user5 = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMZKWq5v1xkK2d7D4lmwDKjdAHbWd+agXQCuMyjkzDEh daniel@dingserver";
users = [user1 user2 user3 user4 user5];
user6 = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIISn5FKNwsQtesuWbxSu8k+3o5inlDphDahq8URyGxzc daniel@ranni";
users = [user1 user2 user3 user4 user5 user6];
# dingbox
system1 = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKvWmwFd0xZcF0HcyhmemvT5Q8rHOW/fQ56IoLSVAljv root@nixos";
@@ -14,7 +15,9 @@ let
system3 = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMzy0KqakqljVqgA4lvfTt65cikgPOKFvBXF0WS0LxGP root@pingbox";
# bigding
system4 = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINxzzoExkmb0kP+6OS2omcoa8xe1ETc+FAhU5gBuBUDR root@bigding";
systems = [system1 system2 system3 system4];
# ranni
system5 = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAII8aTDf4ue+ug3acFaN/3oU2UddC2WKFdj/QV/78b5jB root@ranni";
systems = [system1 system2 system3 system4 system5];
in {
"rclone_password1.age".publicKeys = users ++ [system2 system4];
"rclone_password2.age".publicKeys = users ++ [system2 system4];
@@ -26,10 +29,14 @@ in {
"minisign_private_key.age".publicKeys = users ++ [system1 system3];
"bigding_backup_s3_creds.age".publicKeys = users ++ [system4];
"bigding_backup_repo_password.age".publicKeys = users ++ [system4];
"sendmail_email_key_gitea.age".publicKeys = users ++ [system4];
"gitea_actions_runner_token.age".publicKeys = users ++ [system4];
"danflix_hetzner_storage_box_pub_key.age".publicKeys = users ++ [system4];
"sendmail_email_key_gitea.age".publicKeys = users ++ [system4 system5];
"gitea_actions_runner_token.age".publicKeys = users ++ [system4 system5];
"danflix_hetzner_storage_box_pub_key.age".publicKeys = users ++ [system4 system5];
"danflix_storage_box_crypt_pw.age".publicKeys = users ++ [system4];
"danflix_storage_box_crypt_obscured_pw.age".publicKeys = users ++ [system4];
"danflix_env_file.age".publicKeys = users ++ [system4];
"danflix_env_file.age".publicKeys = users ++ [system4 system5];
"danflix_rclone_config.age".publicKeys = users ++ [system4 system5];
"caddy_porkbun_api_env.age".publicKeys = users ++ [system4 system5];
"pingbox_backup_s3_creds.age".publicKeys = users ++ [system3];
"pingbox_backup_repo_password.age".publicKeys = users ++ [system3];
}

34
secrets/sendmail_email_key_gitea.age
View File

@@ -1,17 +1,19 @@
age-encryption.org/v1
-> ssh-ed25519 eYYv1Q XtRSlxUK8enDmGPLuaNTtRLfPcAw2adI0rg7tyrIsVg
wqS2sot8VBkg8AEIVT+8nqp/zQrgx60aO5+EDKAS6Eo
-> ssh-ed25519 Bp5IaA xxKUriiEdSH1oG9/vdyjEtyOq7b1zSBY6RyDr13OVUE
sWVBSJtX/TNBxINHv4NqmN4yPjNteoMyPH9vZRHp9t4
-> ssh-ed25519 T/DpgA MnEwHXMOJIX6EL4j24QX1GD047lQvCLHKSDPvwEXYj0
bMVQvcub7BE5kQ7nipQGAg0DLsHhA6y9pQxjG0vLDYo
-> ssh-ed25519 qMgRFg nLCDG0cPUGw0EHebVawxraulglOVEdwUWh/c5CFf6CM
MagTjYCuIyNF895Kk0Y2uDxZf3u9X5ZKatNPSfENZOA
-> ssh-ed25519 dMZXNw FZ2sXIfl1yxkvfuNC6njE/OrH8IptIo7MOwNeHeSrWQ
YBC1LUbStFBKX/rHIgtb70+W6mmdk7XOBDnrZBTeEyU
-> ssh-ed25519 70Nt2Q hUwnRFHLeArYMmIKh0ObeL+rh3PKgvIOZJjfhXH+fwU
vFasj2ysflk5M+KyGfoAkBrk+X0GcphlK8uQFFTvwB0
-> C"2am-grease e )q x;Ej
gbqZ94TuSRUzfQ
--- o0NjU4u5RB1RSAeOGhud8VJSLLpbZSoU7suslTA3rbs
<EFBFBD><EFBFBD><EFBFBD>i<EFBFBD>$׼<>`<60>B<EFBFBD>p<EFBFBD><70><EFBFBD><EFBFBD> J<>n,<2C><>Cu<43>t<EFBFBD>iW<69>l<EFBFBD>e<EFBFBD><65><EFBFBD><EFBFBD><EFBFBD>$/}p<>CU<43><55>n{*Cf<43><66><EFBFBD>>oʁ<6F><17><08><><EFBFBD><EFBFBD><EFBFBD><EFBFBD>L<17><><EFBFBD>'<02>}å8 R9<52><39><EFBFBD><EFBFBD><08>I6
-> ssh-ed25519 eYYv1Q OGeyEGxBaBdO/OMw2rnbZMbvgu1GmxjRc0OcaGsXqHA
8SxjgqBQ+uD1b/3yCMoAuUcX+U3uFqzAa9O9VAuRM/8
-> ssh-ed25519 Bp5IaA u0nqQmA5OvzR5eS18S1WEMwaMxMl115aF/acae3aVEQ
YzlRQlmJ2zr2ntnBEBI1RS2WT6yWttiuHYoq10SvfL0
-> ssh-ed25519 T/DpgA JXdZdHnYWFkVpz9RvGGILNhLpCztjw39NDWTm/I95Vc
aO2g/U3cE46wg7KIS4npecWDJEqI1OIhGPYCJtFxw7U
-> ssh-ed25519 qMgRFg pTXyeSTn4ufyeg1vfDObEInWkWaSb9PDkCTn/Jeb6jw
puaX0JfWVvR4K4PtjRPR6bVi8v98suhsXeNYbiA+QNg
-> ssh-ed25519 dMZXNw ZugtCtUmbCDeh/QGs59FwKzwdlOfWE1xyXMxte6wy1E
8TM0XeCA858GxjGtdMwqsx2TPsIWTwoqRR1Hp3lN79c
-> ssh-ed25519 +shbwg UjMILXZ6WqAi6b7Uwf0JopS3X5NISIvXNOq+F3pViCg
coMXaPiy/jUF1PS6ZbI6+x5jlXiMnVv1aJtNDAf9okc
-> ssh-ed25519 70Nt2Q ZAvqEfCS21ZezlSfbuGTpaIMdyOJaUC+RpVfnYwjk18
+uZTQX7AgjGPipBJEAH1UozEvXDEu76y01wQiiSvxoM
-> ssh-ed25519 YAvvLw YuuGWJrwt+X3rpXhdo+w2bU1jeIaIsmoUC7A9VE1ETE
PTjzWHZkCXjwK3NGfM5piqeBfsC9l6hIZJcSg2jP7C0
--- WfX1dHrqbOaOVlKg+Jx9q2lLLYljOAWhDqVo5idwO5U
īQ<EFBFBD><EFBFBD><EFBFBD>< <17><>]<5D><><EFBFBD><EFBFBD><EFBFBD>"}C[<5B>S1"<22><><11><1E>?yPV"<22><><EFBFBD>*q<><71>k<EFBFBD>0<EFBFBD><10><><EFBFBD>o<EFBFBD>Cf<<3C><18>6<EFBFBD><36>B<EFBFBD><42><EFBFBD><EFBFBD><EFBFBD><EFBFBD>0ıB<C4B1>j<12><>Z\f<>%8<><38>[V<>=]<5D>`<60><>gFw

4
users/configs/desktop/default.nix
View File

@@ -3,9 +3,13 @@
# ./i3
# ./i3status-rust
# ./polybar
./fuzzel
./niri
./river
./sway
./tofi
./waybar
];
programs.zen-browser.enable = true;
}

19
users/configs/desktop/fuzzel/default.nix Normal file
View File

@@ -0,0 +1,19 @@
{pkgs, ...}: {
programs.fuzzel = {
enable = true;
settings = {
main = {
include = "${./green.ini}";
font = "Iosevka Nerd Font Propo:size=16";
width = 60;
lines = 15;
};
border = {
width = 3;
radius = 15;
};
};
};
}

12
users/configs/desktop/fuzzel/green.ini Normal file
View File

@@ -0,0 +1,12 @@
[colors]
background=24273add
text=cad3f5ff
prompt=b8c0e0ff
placeholder=8087a2ff
input=cad3f5ff
match=a6da95ff
selection=5b6078ff
selection-text=cad3f5ff
selection-match=a6da95ff
counter=8087a2ff
border=a6da95ff

539
users/configs/desktop/niri/config.kdl Normal file
View File

@@ -0,0 +1,539 @@
// This config is in the KDL format: https://kdl.dev
// "/-" comments out the following node.
// Check the wiki for a full description of the configuration:
// https://github.com/YaLTeR/niri/wiki/Configuration:-Overview
// Input device configuration.
// Find the full list of options on the wiki:
// https://github.com/YaLTeR/niri/wiki/Configuration:-Input
input {
keyboard {
xkb {
// You can set rules, model, layout, variant and options.
// For more information, see xkeyboard-config(7).
// For example:
// layout "us,ru"
// options "grp:win_space_toggle,compose:ralt,ctrl:nocaps"
layout "gb"
options "caps:escape"
}
}
// Next sections include libinput settings.
// Omitting settings disables them, or leaves them at their default values.
touchpad {
// off
tap
// dwt
// dwtp
natural-scroll
scroll-factor 0.5
accel-speed 0.4
accel-profile "flat"
// scroll-method "two-finger"
// disabled-on-external-mouse
}
mouse {
// off
// natural-scroll
accel-speed 0.2
accel-profile "flat"
// scroll-method "no-scroll"
}
trackpoint {
// off
// natural-scroll
// accel-speed 0.2
// accel-profile "flat"
// scroll-method "on-button-down"
// scroll-button 273
// middle-emulation
}
// Uncomment this to make the mouse warp to the center of newly focused windows.
// warp-mouse-to-focus
// Focus windows and outputs automatically when moving the mouse into them.
// Setting max-scroll-amount="0%" makes it work only on windows already fully on screen.
focus-follows-mouse max-scroll-amount="0%"
}
// You can configure outputs by their name, which you can find
// by running `niri msg outputs` while inside a niri instance.
// The built-in laptop monitor is usually called "eDP-1".
// Find more information on the wiki:
// https://github.com/YaLTeR/niri/wiki/Configuration:-Outputs
// Remember to uncomment the node by removing "/-"!
output "eDP-1" {
// Uncomment this line to disable this output.
// off
// Resolution and, optionally, refresh rate of the output.
// The format is "<width>x<height>" or "<width>x<height>@<refresh rate>".
// If the refresh rate is omitted, niri will pick the highest refresh rate
// for the resolution.
// If the mode is omitted altogether or is invalid, niri will pick one automatically.
// Run `niri msg outputs` while inside a niri instance to list all outputs and their modes.
// mode "1920x1080@120.030"
// You can use integer or fractional scale, for example use 1.5 for 150% scale.
scale 1.33
// Transform allows to rotate the output counter-clockwise, valid values are:
// normal, 90, 180, 270, flipped, flipped-90, flipped-180 and flipped-270.
transform "normal"
// Position of the output in the global coordinate space.
// This affects directional monitor actions like "focus-monitor-left", and cursor movement.
// The cursor can only move between directly adjacent outputs.
// Output scale and rotation has to be taken into account for positioning:
// outputs are sized in logical, or scaled, pixels.
// For example, a 3840×2160 output with scale 2.0 will have a logical size of 1920×1080,
// so to put another output directly adjacent to it on the right, set its x to 1920.
// If the position is unset or results in an overlap, the output is instead placed
// automatically.
// position x=1280 y=0
}
output "DP-3" {
scale 1.33
position x=0 y=600
}
output "HDMI-A-1" {
scale 1.33
transform "90"
position x=2880 y=0
}
// Settings that influence how windows are positioned and sized.
// Find more information on the wiki:
// https://github.com/YaLTeR/niri/wiki/Configuration:-Layout
layout {
// Set gaps around windows in logical pixels.
gaps 12
// When to center a column when changing focus, options are:
// - "never", default behavior, focusing an off-screen column will keep at the left
// or right edge of the screen.
// - "always", the focused column will always be centered.
// - "on-overflow", focusing a column will center it if it doesn't fit
// together with the previously focused column.
center-focused-column "never"
// You can customize the widths that "switch-preset-column-width" (Mod+R) toggles between.
preset-column-widths {
// Proportion sets the width as a fraction of the output width, taking gaps into account.
// For example, you can perfectly fit four windows sized "proportion 0.25" on an output.
// The default preset widths are 1/3, 1/2 and 2/3 of the output.
proportion 0.33333
proportion 0.5
proportion 0.66667
// Fixed sets the width in logical pixels exactly.
// fixed 1920
}
// You can also customize the heights that "switch-preset-window-height" (Mod+Shift+R) toggles between.
// preset-window-heights { }
// You can change the default width of the new windows.
default-column-width { proportion 0.5; }
// If you leave the brackets empty, the windows themselves will decide their initial width.
// default-column-width {}
// By default focus ring and border are rendered as a solid background rectangle
// behind windows. That is, they will show up through semitransparent windows.
// This is because windows using client-side decorations can have an arbitrary shape.
//
// If you don't like that, you should uncomment `prefer-no-csd` below.
// Niri will draw focus ring and border *around* windows that agree to omit their
// client-side decorations.
//
// Alternatively, you can override it with a window rule called
// `draw-border-with-background`.
// You can change how the focus ring looks.
focus-ring {
// Uncomment this line to disable the focus ring.
// off
// How many logical pixels the ring extends out from the windows.
width 6
// Colors can be set in a variety of ways:
// - CSS named colors: "red"
// - RGB hex: "#rgb", "#rgba", "#rrggbb", "#rrggbbaa"
// - CSS-like notation: "rgb(255, 127, 0)", rgba(), hsl() and a few others.
// Color of the ring on the active monitor.
// active-color "#7fc8ff"
// Color of the ring on inactive monitors.
// inactive-color "#505050"
// You can also use gradients. They take precedence over solid colors.
// Gradients are rendered the same as CSS linear-gradient(angle, from, to).
// The angle is the same as in linear-gradient, and is optional,
// defaulting to 180 (top-to-bottom gradient).
// You can use any CSS linear-gradient tool on the web to set these up.
// Changing the color space is also supported, check the wiki for more info.
//
active-gradient from="#f00f" to="#0f0f" angle=45 in="oklch longer hue"
// You can also color the gradient relative to the entire view
// of the workspace, rather than relative to just the window itself.
// To do that, set relative-to="workspace-view".
//
// inactive-gradient from="#505050" to="#808080" angle=45 relative-to="workspace-view"
}
// You can also add a border. It's similar to the focus ring, but always visible.
border {
// The settings are the same as for the focus ring.
// If you enable the border, you probably want to disable the focus ring.
off
width 4
active-color "#ffc87f"
inactive-color "#505050"
// active-gradient from="#ffbb66" to="#ffc880" angle=45 relative-to="workspace-view"
// inactive-gradient from="#505050" to="#808080" angle=45 relative-to="workspace-view"
}
// Struts shrink the area occupied by windows, similarly to layer-shell panels.
// You can think of them as a kind of outer gaps. They are set in logical pixels.
// Left and right struts will cause the next window to the side to always be visible.
// Top and bottom struts will simply add outer gaps in addition to the area occupied by
// layer-shell panels and regular gaps.
struts {
// left 64
// right 64
// top 64
// bottom 64
}
}
// Add lines like this to spawn processes at startup.
// Note that running niri as a session supports xdg-desktop-autostart,
// which may be more convenient to use.
// See the binds section below for more spawn examples.
// spawn-at-startup "alacritty" "-e" "fish"
spawn-at-startup "dbus-update-activation-environment" "--systemd" "DISPLAY" "WAYLAND_DISPLAY" "XDG_CURRENT_DESKTOP"
spawn-at-startup "systemctl" "--user" "import-environment" "PATH" "DISPLAY" "WAYLAND_DISPLAY"
spawn-at-startup "waybar"
spawn-at-startup "xwayland-satellite"
environment {
DISPLAY ":0"
}
// Uncomment this line to ask the clients to omit their client-side decorations if possible.
// If the client will specifically ask for CSD, the request will be honored.
// Additionally, clients will be informed that they are tiled, removing some client-side rounded corners.
// This option will also fix border/focus ring drawing behind some semitransparent windows.
// After enabling or disabling this, you need to restart the apps for this to take effect.
// prefer-no-csd
// You can change the path where screenshots are saved.
// A ~ at the front will be expanded to the home directory.
// The path is formatted with strftime(3) to give you the screenshot date and time.
screenshot-path "~/Pictures/Screenshots/Screenshot from %Y-%m-%d %H-%M-%S.png"
// You can also set this to null to disable saving screenshots to disk.
// screenshot-path null
// Animation settings.
// The wiki explains how to configure individual animations:
// https://github.com/YaLTeR/niri/wiki/Configuration:-Animations
animations {
// Uncomment to turn off all animations.
// off
// Slow down all animations by this factor. Values below 1 speed them up instead.
// slowdown 3.0
}
// Window rules let you adjust behavior for individual windows.
// Find more information on the wiki:
// https://github.com/YaLTeR/niri/wiki/Configuration:-Window-Rules
// Work around WezTerm's initial configure bug
// by setting an empty default-column-width.
window-rule {
// This regular expression is intentionally made as specific as possible,
// since this is the default config, and we want no false positives.
// You can get away with just app-id="wezterm" if you want.
match app-id=r#"^org\.wezfurlong\.wezterm$"#
default-column-width {}
}
// Open the Firefox picture-in-picture player as floating by default.
window-rule {
// This app-id regular expression will work for both:
// - host Firefox (app-id is "firefox")
// - Flatpak Firefox (app-id is "org.mozilla.firefox")
match app-id=r#"firefox$"# title="^Picture-in-Picture$"
open-floating true
}
// Example: block out two password managers from screen capture.
// (This example rule is commented out with a "/-" in front.)
/-window-rule {
match app-id=r#"^org\.keepassxc\.KeePassXC$"#
match app-id=r#"^org\.gnome\.World\.Secrets$"#
block-out-from "screen-capture"
// Use this instead if you want them visible on third-party screenshot tools.
// block-out-from "screencast"
}
// Example: enable rounded corners for all windows.
// (This example rule is commented out with a "/-" in front.)
window-rule {
geometry-corner-radius 12
clip-to-geometry true
}
binds {
// Keys consist of modifiers separated by + signs, followed by an XKB key name
// in the end. To find an XKB name for a particular key, you may use a program
// like wev.
//
// "Mod" is a special modifier equal to Super when running on a TTY, and to Alt
// when running as a winit window.
//
// Most actions that you can bind here can also be invoked programmatically with
// `niri msg action do-something`.
// Mod-Shift-/, which is usually the same as Mod-?,
// shows a list of important hotkeys.
Mod+Shift+Slash { show-hotkey-overlay; }
// Suggested binds for running programs: terminal, app launcher, screen locker.
Mod+T { spawn "ghostty"; }
// Mod+D { spawn "tofi-drun" "--drun-launch=true"; }
Mod+D { spawn "fuzzel"; }
Mod+Escape { spawn "swaylock" "-i" "~/wallpapers/lock.png"; }
// You can also use a shell. Do this if you need pipes, multiple commands, etc.
// Note: the entire command goes as a single argument in the end.
// Mod+T { spawn "bash" "-c" "notify-send hello && exec alacritty"; }
// Example volume keys mappings for PipeWire & WirePlumber.
// The allow-when-locked=true property makes them work even when the session is locked.
XF86AudioRaiseVolume allow-when-locked=true { spawn "wpctl" "set-volume" "@DEFAULT_AUDIO_SINK@" "5%+"; }
XF86AudioLowerVolume allow-when-locked=true { spawn "wpctl" "set-volume" "@DEFAULT_AUDIO_SINK@" "5%-"; }
XF86AudioMute allow-when-locked=true { spawn "wpctl" "set-mute" "@DEFAULT_AUDIO_SINK@" "toggle"; }
XF86AudioMicMute allow-when-locked=true { spawn "wpctl" "set-mute" "@DEFAULT_AUDIO_SOURCE@" "toggle"; }
XF86AudioPrev allow-when-locked=true { spawn "playerctl" "previous"; }
XF86AudioPlay allow-when-locked=true { spawn "playerctl" "play-pause"; }
XF86AudioNext allow-when-locked=true { spawn "playerctl" "next"; }
XF86MonBrightnessUp allow-when-locked=true { spawn "xbacklight" "-inc" "10"; }
XF86MonBrightnessDown allow-when-locked=true { spawn "xbacklight" "-dec" "10"; }
Mod+Q { close-window; }
Mod+Left { focus-column-left; }
Mod+Down { focus-window-down; }
Mod+Up { focus-window-up; }
Mod+Right { focus-column-right; }
Mod+H { focus-column-left; }
Mod+J { focus-window-down; }
Mod+K { focus-window-up; }
Mod+L { focus-column-right; }
Mod+Ctrl+Left { move-column-left; }
Mod+Ctrl+Down { move-window-down; }
Mod+Ctrl+Up { move-window-up; }
Mod+Ctrl+Right { move-column-right; }
Mod+Ctrl+H { move-column-left; }
Mod+Ctrl+J { move-window-down; }
Mod+Ctrl+K { move-window-up; }
Mod+Ctrl+L { move-column-right; }
// Alternative commands that move across workspaces when reaching
// the first or last window in a column.
// Mod+J { focus-window-or-workspace-down; }
// Mod+K { focus-window-or-workspace-up; }
// Mod+Ctrl+J { move-window-down-or-to-workspace-down; }
// Mod+Ctrl+K { move-window-up-or-to-workspace-up; }
Mod+Home { focus-column-first; }
Mod+End { focus-column-last; }
Mod+Ctrl+Home { move-column-to-first; }
Mod+Ctrl+End { move-column-to-last; }
Mod+Shift+Left { focus-monitor-left; }
Mod+Shift+Down { focus-monitor-down; }
Mod+Shift+Up { focus-monitor-up; }
Mod+Shift+Right { focus-monitor-right; }
Mod+Shift+H { focus-monitor-left; }
Mod+Shift+J { focus-monitor-down; }
Mod+Shift+K { focus-monitor-up; }
Mod+Shift+L { focus-monitor-right; }
Mod+Shift+Ctrl+Left { move-column-to-monitor-left; }
Mod+Shift+Ctrl+Down { move-column-to-monitor-down; }
Mod+Shift+Ctrl+Up { move-column-to-monitor-up; }
Mod+Shift+Ctrl+Right { move-column-to-monitor-right; }
Mod+Shift+Ctrl+H { move-column-to-monitor-left; }
Mod+Shift+Ctrl+J { move-column-to-monitor-down; }
Mod+Shift+Ctrl+K { move-column-to-monitor-up; }
Mod+Shift+Ctrl+L { move-column-to-monitor-right; }
// Alternatively, there are commands to move just a single window:
// Mod+Shift+Ctrl+Left { move-window-to-monitor-left; }
// ...
// And you can also move a whole workspace to another monitor:
// Mod+Shift+Ctrl+Left { move-workspace-to-monitor-left; }
// ...
Mod+Page_Down { focus-workspace-down; }
Mod+Page_Up { focus-workspace-up; }
Mod+U { focus-workspace-down; }
Mod+I { focus-workspace-up; }
Mod+Ctrl+Page_Down { move-column-to-workspace-down; }
Mod+Ctrl+Page_Up { move-column-to-workspace-up; }
Mod+Ctrl+U { move-column-to-workspace-down; }
Mod+Ctrl+I { move-column-to-workspace-up; }
// Alternatively, there are commands to move just a single window:
// Mod+Ctrl+Page_Down { move-window-to-workspace-down; }
// ...
Mod+Shift+Page_Down { move-workspace-down; }
Mod+Shift+Page_Up { move-workspace-up; }
Mod+Shift+U { move-workspace-down; }
Mod+Shift+I { move-workspace-up; }
// You can bind mouse wheel scroll ticks using the following syntax.
// These binds will change direction based on the natural-scroll setting.
//
// To avoid scrolling through workspaces really fast, you can use
// the cooldown-ms property. The bind will be rate-limited to this value.
// You can set a cooldown on any bind, but it's most useful for the wheel.
Mod+WheelScrollDown cooldown-ms=150 { focus-workspace-down; }
Mod+WheelScrollUp cooldown-ms=150 { focus-workspace-up; }
Mod+Ctrl+WheelScrollDown cooldown-ms=150 { move-column-to-workspace-down; }
Mod+Ctrl+WheelScrollUp cooldown-ms=150 { move-column-to-workspace-up; }
Mod+WheelScrollRight { focus-column-right; }
Mod+WheelScrollLeft { focus-column-left; }
Mod+Ctrl+WheelScrollRight { move-column-right; }
Mod+Ctrl+WheelScrollLeft { move-column-left; }
// Usually scrolling up and down with Shift in applications results in
// horizontal scrolling; these binds replicate that.
Mod+Shift+WheelScrollDown { focus-column-right; }
Mod+Shift+WheelScrollUp { focus-column-left; }
Mod+Ctrl+Shift+WheelScrollDown { move-column-right; }
Mod+Ctrl+Shift+WheelScrollUp { move-column-left; }
// Similarly, you can bind touchpad scroll "ticks".
// Touchpad scrolling is continuous, so for these binds it is split into
// discrete intervals.
// These binds are also affected by touchpad's natural-scroll, so these
// example binds are "inverted", since we have natural-scroll enabled for
// touchpads by default.
// Mod+TouchpadScrollDown { spawn "wpctl" "set-volume" "@DEFAULT_AUDIO_SINK@" "0.02+"; }
// Mod+TouchpadScrollUp { spawn "wpctl" "set-volume" "@DEFAULT_AUDIO_SINK@" "0.02-"; }
// You can refer to workspaces by index. However, keep in mind that
// niri is a dynamic workspace system, so these commands are kind of
// "best effort". Trying to refer to a workspace index bigger than
// the current workspace count will instead refer to the bottommost
// (empty) workspace.
//
// For example, with 2 workspaces + 1 empty, indices 3, 4, 5 and so on
// will all refer to the 3rd workspace.
Mod+1 { focus-workspace 1; }
Mod+2 { focus-workspace 2; }
Mod+3 { focus-workspace 3; }
Mod+4 { focus-workspace 4; }
Mod+5 { focus-workspace 5; }
Mod+6 { focus-workspace 6; }
Mod+7 { focus-workspace 7; }
Mod+8 { focus-workspace 8; }
Mod+9 { focus-workspace 9; }
Mod+Ctrl+1 { move-column-to-workspace 1; }
Mod+Ctrl+2 { move-column-to-workspace 2; }
Mod+Ctrl+3 { move-column-to-workspace 3; }
Mod+Ctrl+4 { move-column-to-workspace 4; }
Mod+Ctrl+5 { move-column-to-workspace 5; }
Mod+Ctrl+6 { move-column-to-workspace 6; }
Mod+Ctrl+7 { move-column-to-workspace 7; }
Mod+Ctrl+8 { move-column-to-workspace 8; }
Mod+Ctrl+9 { move-column-to-workspace 9; }
// Alternatively, there are commands to move just a single window:
// Mod+Ctrl+1 { move-window-to-workspace 1; }
// Switches focus between the current and the previous workspace.
// Mod+Tab { focus-workspace-previous; }
// The following binds move the focused window in and out of a column.
// If the window is alone, they will consume it into the nearby column to the side.
// If the window is already in a column, they will expel it out.
Mod+BracketLeft { consume-or-expel-window-left; }
Mod+BracketRight { consume-or-expel-window-right; }
// Consume one window from the right to the bottom of the focused column.
Mod+Comma { consume-window-into-column; }
// Expel the bottom window from the focused column to the right.
Mod+Period { expel-window-from-column; }
Mod+R { switch-preset-column-width; }
Mod+Shift+R { switch-preset-window-height; }
Mod+Ctrl+R { reset-window-height; }
Mod+F { maximize-column; }
Mod+Shift+F { fullscreen-window; }
Mod+C { center-column; }
// Finer width adjustments.
// This command can also:
// * set width in pixels: "1000"
// * adjust width in pixels: "-5" or "+5"
// * set width as a percentage of screen width: "25%"
// * adjust width as a percentage of screen width: "-10%" or "+10%"
// Pixel sizes use logical, or scaled, pixels. I.e. on an output with scale 2.0,
// set-column-width "100" will make the column occupy 200 physical screen pixels.
Mod+Minus { set-column-width "-10%"; }
Mod+Equal { set-column-width "+10%"; }
// Finer height adjustments when in column with other windows.
Mod+Shift+Minus { set-window-height "-10%"; }
Mod+Shift+Equal { set-window-height "+10%"; }
// Move the focused window between the floating and the tiling layout.
Mod+V { toggle-window-floating; }
Mod+Shift+V { switch-focus-between-floating-and-tiling; }
// Actions to switch layouts.
// Note: if you uncomment these, make sure you do NOT have
// a matching layout switch hotkey configured in xkb options above.
// Having both at once on the same hotkey will break the switching,
// since it will switch twice upon pressing the hotkey (once by xkb, once by niri).
// Mod+Space { switch-layout "next"; }
// Mod+Shift+Space { switch-layout "prev"; }
Print { screenshot; }
Ctrl+Print { screenshot-screen; }
Alt+Print { screenshot-window; }
// The quit action will show a confirmation dialog to avoid accidental exits.
Mod+Shift+E { quit; }
Ctrl+Alt+Delete { quit; }
// Powers off the monitors. To turn them back on, do any input like
// moving the mouse or pressing any other key.
Mod+Shift+P { power-off-monitors; }
}

5
users/configs/desktop/niri/default.nix Normal file
View File

@@ -0,0 +1,5 @@
{...}: {
home.file = {
".config/niri/config.kdl".source = ./config.kdl;
};
}

55
users/configs/desktop/sway/default.nix
View File

@@ -23,6 +23,9 @@ in {
wayland.windowManager.sway = {
enable = true;
extraConfigEarly = ''
exec systemctl --user import-environment PATH
'';
config = {
startup = [
{command = "swaybg -i ~/wallpapers/wallpaper.jpg";}
@@ -44,31 +47,52 @@ in {
};
"type:pointer" = {
accel_profile = "flat";
natural_scroll = "disabled";
pointer_accel = "0.1";
};
};
output = {
eDP-1 = {
scale = "1.33";
};
DP-3 = {
position = "0 0";
scale = "1.33";
};
HDMI-A-1 = {
position = "2880 0";
scale = "1.33";
"type:touchpad" = {
scroll_factor = "0.5";
natural_scroll = "enabled";
};
};
output =
if hostname == "sidon"
then {
DP-3 = {
position = "0 600";
scale = "1.33";
};
HDMI-A-1 = {
position = "2880 0";
scale = "1.33";
transform = "270";
};
}
else {
eDP-1 = {
scale = "1.33";
};
DP-3 = {
position = "0 0";
scale = "1.33";
};
DP-4 = {
position = "2880 0";
scale = "1.33";
};
HDMI-A-1 = {
position = "2880 0";
scale = "1.33";
};
};
workspaceOutputAssign = [
{
output = "HDMI-A-1";
workspace = "2";
workspace = "1";
}
{
output = "DP-3";
workspace = "1";
workspace = "2";
}
];
modifier = mod;
@@ -79,6 +103,7 @@ in {
"${hyper}+Return" = "exec ghostty";
"${hyper}+q" = "kill";
"${hyper}+d" = "exec tofi-drun --drun-launch=true";
"${mod}+Delete" = "exit";
"${mod}+Shift+s" = "exec grim -g \"$(slurp)\"";

1
users/configs/desktop/waybar/config.json
View File

@@ -1,6 +1,7 @@
{
"layer": "top",
"modules-left": [
"niri/workspaces",
"sway/workspaces",
"sway/window"
],

30
users/configs/system/ghostty/config
View File

@@ -1,30 +0,0 @@
font-family = Iosevka Nerd Font
font-size = 12
theme = catppuccin-macchiato
cursor-style = block
shell-integration-features = no-cursor
window-theme = ghostty
window-decoration = false
unfocused-split-opacity = 1
keybind = ctrl+shift+enter>ctrl+shift+h=new_split:left
keybind = ctrl+shift+enter>ctrl+shift+l=new_split:right
keybind = ctrl+shift+enter>ctrl+shift+k=new_split:up
keybind = ctrl+shift+enter>ctrl+shift+j=new_split:down
keybind = ctrl+shift+enter>h=new_split:left
keybind = ctrl+shift+enter>l=new_split:right
keybind = ctrl+shift+enter>k=new_split:up
keybind = ctrl+shift+enter>j=new_split:down
keybind = ctrl+shift+f=toggle_split_zoom
keybind = ctrl+shift+h=goto_split:left
keybind = ctrl+shift+l=goto_split:right
keybind = ctrl+shift+k=goto_split:top
keybind = ctrl+shift+j=goto_split:bottom
keybind = ctrl+shift+m=toggle_tab_overview

44
users/configs/system/ghostty/default.nix
View File

@@ -4,11 +4,47 @@
hostname,
...
}: {
home.file.".config/ghostty/config" = {
source = ./config;
};
programs.ghostty = {
enable = true;
settings = {
font-family = "Iosevka Nerd Font";
font-size = 12;
theme = "Catppuccin Macchiato";
cursor-style = "block";
shell-integration-features = "no-cursor";
window-theme = "ghostty";
window-decoration =
if hostname == "pingbox"
then "none"
else "auto";
working-directory = "home";
unfocused-split-opacity = 1;
keybind = [
"ctrl+shift+enter>ctrl+shift+h=new_split:left"
"ctrl+shift+enter>ctrl+shift+l=new_split:right"
"ctrl+shift+enter>ctrl+shift+k=new_split:up"
"ctrl+shift+enter>ctrl+shift+j=new_split:down"
"ctrl+shift+enter>h=new_split:left"
"ctrl+shift+enter>l=new_split:right"
"ctrl+shift+enter>k=new_split:up"
"ctrl+shift+enter>j=new_split:down"
"ctrl+shift+f=toggle_split_zoom"
"alt+enter=toggle_split_zoom"
"ctrl+shift+h=goto_split:left"
"ctrl+shift+l=goto_split:right"
"ctrl+shift+k=goto_split:top"
"ctrl+shift+j=goto_split:bottom"
"ctrl+shift+m=toggle_tab_overview"
"ctrl+shift+alt+r=reset"
];
};
};
}

1
users/configs/system/helix/config/config.toml
View File

@@ -3,7 +3,6 @@ theme = "catppuccin_custom"
[editor]
cursorline = true
bufferline = "always"
line-number = "relative"
[editor.cursor-shape]
insert = "bar"

47
users/daniel/default.nix
View File

@@ -4,15 +4,16 @@
fetchurl,
hostname,
headless,
inputs,
...
}: let
cliPackages = with pkgs; [
age
direnv
elixir_1_17
elixir
elixir-ls
entr
erlang_26
erlang
gnumake
go
gopls
@@ -35,6 +36,7 @@
)
restic
rust-analyzer
senpai
unzip
zip
zigpkgs."0.14.0"
@@ -49,7 +51,7 @@
feh
fraunces
ghostty
gimp
# gimp
grim
iosevka
inkscape
@@ -67,7 +69,9 @@
wezterm
wl-clipboard
xclip
xwayland-satellite
zathura
zed-editor
];
defaultUser = "daniel";
@@ -77,6 +81,7 @@ in {
../configs/system
]
++ lib.optionals (!headless) [
inputs.zen-browser.homeModules.beta
../configs/desktop
]
++ lib.optionals (builtins.pathExists ./host-specific/${hostname}) [
@@ -90,11 +95,13 @@ in {
"$HOME/go/bin"
];
sessionVariables = {
NIXOS_OZONE_WL = "1";
};
file = {
".icons/default".source = "${pkgs.capitaine-cursors}/share/icons/capitaine-cursors";
".rust".source = pkgs.rustPlatform.rustcSrc;
"bin/update" = {
source = ../../scripts/update;
executable = true;
@@ -118,6 +125,27 @@ in {
stateVersion = "21.05";
};
xdg.portal = {
enable = true;
extraPortals = with pkgs; [
xdg-desktop-portal-gtk
xdg-desktop-portal-wlr
xdg-desktop-portal-gnome
];
xdgOpenUsePortal = true;
config = {
common = {
default = "gtk";
"org.freedesktop.impl.portal.Screencast" = "wlr";
"org.freedesktop.impl.portal.Screenshot" = "wlr";
};
};
};
services.udiskie = {
enable = true;
};
programs = {
# Let Home Manager install and manage itself.
home-manager.enable = true;
@@ -133,10 +161,11 @@ in {
git = {
enable = true;
lfs.enable = true;
package = pkgs.gitFull;
userName = "Daniel Patterson";
userEmail = "me@danielpatterson.dev";
extraConfig = {
settings = {
user.name = "Daniel Patterson";
user.email = "me@danielpatterson.dev";
pull.rebase = true;
init.defaultBranch = "main";
format.signOff = "yes";
@@ -166,7 +195,7 @@ in {
zsh = {
enable = true;
autosuggestion.enable = true;
initExtra = ''
initContent = ''
eval "$(direnv hook zsh)"
'';
oh-my-zsh = {

21
users/daniel/host-specific/leviathan/default.nix Normal file
View File

@@ -0,0 +1,21 @@
{pkgs, ...}: let
# librespot = pkgs.callPackage ../../../../packages/librespot.nix {
# withPulseAudio = true;
# withRodio = true;
# };
in {
services.librespot = {
enable = true;
# package = librespot;
settings = {
# "zeroconf-port" = 12345;
# "verbose" = true;
"name" = "Ships Comms";
# "bitrate" = "320";
# "format" = "S32";
"disable-credential-cache" = true;
};
};
}

13
users/daniel/host-specific/pingbox/default.nix
View File

@@ -12,9 +12,22 @@
};
};
home.packages = with pkgs; [
moonlight-qt
];
programs.kitty.font.size = 12;
services.picom = {
vSync = true;
};
services.easyeffects = {
enable = true;
};
wayland.windowManager.sway.extraConfig = ''
bindswitch lid:on output eDP-1 disable
bindswitch lid:off output eDP-1 enable
'';
}