Compare commits

...

167 Commits

Author SHA1 Message Date
e28f9d5f2f Config changes... 2025-07-17 15:59:45 +02:00
6381ccf530 updated flakes inputs 2025-07-09 13:47:29 +02:00
35e7c0df79 added ppd 2025-07-08 15:23:59 +02:00
047e54ef74 removed not used padding 2025-07-08 15:15:05 +02:00
6dfad3f7f1 merge 2025-07-08 15:13:29 +02:00
74ecc77048 merges 2025-07-08 15:12:58 +02:00
5c74dc820b changed configs 2025-07-08 15:10:02 +02:00
89de487f68 added margin between modules 2025-07-08 15:08:35 +02:00
07c5526868 niri changes 2025-07-07 16:02:37 +02:00
d3bb262f7a added brightnessctl 2025-06-24 14:21:51 +02:00
d5560fd847 add brightness controls 2025-06-24 14:18:40 +02:00
751cb87d8d Added host option 2025-06-24 14:04:56 +02:00
d2cc6663e7 added greetd greeter for niri 2025-06-24 13:56:38 +02:00
64f21a317b More niri styling 2025-06-23 17:04:59 +02:00
849bd2a5e0 Merge branch 'main' of ssh://gitea.xeovalyte.dev:2222/xeovalyte/nix 2025-06-22 10:09:47 +02:00
79d07a5bfd Changed some configs 2025-06-22 10:09:41 +02:00
351272fc5c Merge branch 'main' of ssh://gitea.xeovalyte.dev:2222/xeovalyte/nix 2025-06-20 16:35:21 +02:00
f68ff8d18c updated laptop configuration 2025-06-20 16:35:05 +02:00
f475b7b4ab added niri and samba share 2025-06-20 16:34:19 +02:00
e65e523992 added niri 2025-06-19 14:07:57 +02:00
38cb13a195 enabled bluetooth on desktop 2025-06-16 20:43:32 +02:00
fa648a174d Added obs and useful links section to README 2025-06-14 11:02:27 +02:00
95235d5ad5 Merge branch 'main' of ssh://gitea.xeovalyte.dev:2222/xeovalyte/nix 2025-06-11 13:14:22 +02:00
4d1b3e9911 updated flake file 2025-06-11 13:14:20 +02:00
e1fd8a07bd fixed jellyfin 2025-06-03 19:41:07 +02:00
8e9ab3aa38 fixed jellyfin 2025-06-03 19:24:36 +02:00
5da7636a42 Changed caddy config 2025-06-03 19:24:29 +02:00
9fd98e97fe changed how caddy works 2025-05-22 13:25:58 +02:00
af966ab2f3 removed packages 2025-05-22 13:21:46 +02:00
ff981dc3f4 Merge branch 'main' of ssh://gitea.xeovalyte.dev:2222/xeovalyte/nix 2025-05-22 12:07:36 +02:00
8b2bcf41d4 modified hostname 2025-05-22 12:07:19 +02:00
4874017b4f updated inputs 2025-05-22 12:06:55 +02:00
37b631f68b Merge branch 'main' of ssh://gitea.xeovalyte.dev:2222/xeovalyte/nix 2025-05-22 11:24:58 +02:00
cc362f7b5b changed url's 2025-05-22 11:24:56 +02:00
933b9bb6d6 Merge branch 'main' of ssh://gitea.xeovalyte.dev:2222/xeovalyte/nix 2025-05-22 08:01:46 +02:00
f3bf8d650a Added caddyfile generation 2025-05-22 08:01:31 +02:00
0cdb821d5b disabled karakaeep 2025-05-22 07:57:12 +02:00
bace54a43d added age keys 2025-05-20 17:23:31 +02:00
b260743b9e updated nix flake 2025-05-20 16:41:58 +02:00
f51c7e4267 added basic raspi config 2025-05-20 16:36:44 +02:00
2839974006 Delete result 2025-05-20 15:46:12 +02:00
fe6d12b060 added linkding 2025-05-20 15:36:56 +02:00
f09dfbc108 Migrated from default.nix to configuration.nix 2025-05-17 17:13:43 +02:00
ceeb4980ef recrypt keys again 2025-05-17 15:24:06 +02:00
ae43972aa3 changed age keys 2025-05-17 15:23:52 +02:00
abc634dab8 recrypt again 2025-05-17 15:17:47 +02:00
67cb031d5e Recript files 2025-05-17 15:14:20 +02:00
a321537c40 recript 2025-05-17 15:11:44 +02:00
66f7a1be30 changed rpi config 2025-05-17 15:09:05 +02:00
71390267eb added default home manager 2025-05-17 14:22:08 +02:00
be91e1e877 changed overlay 2025-05-17 14:04:55 +02:00
a6b7791093 changed x86 to arm 2025-05-17 13:59:06 +02:00
329e741553 fixed spelling mistake 2025-05-17 13:51:51 +02:00
5c9cce1e4a added home config for rpi 2025-05-17 13:50:45 +02:00
59f36caeb1 changed rpi config 2025-05-17 13:33:35 +02:00
2f90d8e0e8 Merge branch 'main' of ssh://gitea.xeovalyte.dev:2222/xeovalyte/nix 2025-05-17 13:12:28 +02:00
2df3077b80 replaced vesktop with webcord 2025-05-17 13:12:27 +02:00
1628be3e62 Added config for static sites 2025-05-16 15:28:36 +02:00
92f20c250b Merge branch 'main' of ssh://gitea.xeovalyte.dev:2222/xeovalyte/nix 2025-05-16 14:27:57 +02:00
8ecf066196 Changed typst config 2025-05-16 14:27:55 +02:00
b072ac82e1 added stalwart 2025-05-16 13:24:35 +02:00
a79b1b7281 Added typst 2025-05-16 10:50:59 +02:00
38cb4a54b1 Merge branch 'main' of ssh://gitea.xeovalyte.dev:2222/xeovalyte/nix 2025-05-13 14:53:40 +02:00
ca45586276 Fixed cliplboard 2025-05-13 14:53:39 +02:00
51f96a1158 Merge branch 'main' of ssh://gitea.xeovalyte.dev:2222/xeovalyte/nix 2025-05-13 08:14:42 +02:00
e384a2bb8b added vscode 2025-05-13 08:14:38 +02:00
ad155e63ce Added more services 2025-05-09 13:06:35 +02:00
87b73dc10e Added podman aliases 2025-05-09 13:02:38 +02:00
6d3dea12ff Changed helix preferences 2025-05-09 12:19:47 +02:00
5c78d0c1f5 Modularized helix 2025-05-09 12:18:16 +02:00
42cab14829 disabled nushell 2025-05-09 08:43:06 +02:00
22f69febf9 Merge branch 'main' of ssh://gitea.xeovalyte.dev:2222/xeovalyte/nix 2025-05-09 08:41:44 +02:00
c1d5675927 Added wezterm and added aliases for justfile 2025-05-09 08:40:34 +02:00
86bf66c817 Added storage and home assistant 2025-05-02 16:43:52 +02:00
bde66ffbe2 Merge branch 'main' of ssh://gitea.xeovalyte.dev:2222/xeovalyte/nix 2025-05-02 08:57:28 +02:00
eb9ca5e5e1 Added nushell 2025-05-02 08:57:22 +02:00
d7056e8f38 Merge branch 'main' of ssh://gitea.xeovalyte.dev:2222/xeovalyte/nix 2025-05-01 18:50:20 +02:00
9147a68f0b Reconfigured zellij configuration 2025-05-01 18:50:16 +02:00
4ab5ad76cf Added beszel to homepage 2025-04-30 15:56:19 +02:00
5f0eb27281 Added beszel monitoring 2025-04-30 15:24:02 +02:00
1a6889d561 added prototype of beszel container 2025-04-30 15:00:05 +02:00
c4f86996d9 Changed hosts 2025-04-30 14:18:34 +02:00
e17752dec4 Paperless added and fixes for old services 2025-04-30 14:17:05 +02:00
40a5f794ea Added pingvin and vaultwarden 2025-04-30 14:17:05 +02:00
b6a91b7dcb Added homepage, immich and uptime kuma 2025-04-30 14:17:05 +02:00
a8a6776b1b merge 2025-04-28 07:46:11 +02:00
4c47313acc updated inputs 2025-04-28 07:45:33 +02:00
01343006a5 Add forgejo container 2025-04-26 14:54:08 +02:00
4788bd8cd4 Changed lldap to kanidm configuration 2025-04-26 14:09:34 +02:00
af39ac1be4 Added boilerplate for lldap and handle wildcard certificates for tbmrs.nl 2025-04-26 12:23:41 +02:00
8dbddaf62d fixed caddy container and added acme 2025-04-26 11:49:14 +02:00
fcc9fe0773 Modified caddy to make a simple working code 2025-04-25 21:09:55 +02:00
7a0797bcd8 added caddy container 2025-04-25 20:08:18 +02:00
52ce5660fa updated inputs 2025-04-25 19:41:14 +02:00
fdf3fe63d7 added surfer 2025-04-25 17:34:05 +02:00
751fc9298f disabled common home applications 2025-04-25 08:54:11 +02:00
2bd950bd83 added ssh 2025-04-25 08:41:34 +02:00
68ec429e96 Enable first podman container 2025-04-25 08:31:10 +02:00
e07c854ae0 updated inputs 2025-04-25 08:14:18 +02:00
a3f022f5fc added pkgs 2025-04-24 22:56:59 +02:00
63c40c4230 added podman workaround 2025-04-24 22:52:25 +02:00
4512b87d02 changed kernel version 2025-04-24 20:37:18 +02:00
bd454fe348 renaming 2025-04-24 17:27:32 +02:00
4b1332e748 Hostname diff 2025-04-24 17:25:36 +02:00
ff3388379c removed bootloader 2025-04-24 16:48:11 +02:00
0c2736b9aa Fixed hostname 2025-04-24 16:45:42 +02:00
a28c86b74a Added none to display mananger 2025-04-24 16:43:14 +02:00
293fad6bf8 Changed configuration 2025-04-24 16:40:15 +02:00
323b8af5aa Removed modulespath 2025-04-24 16:37:17 +02:00
8a425afdde Bunch of naming 2025-04-24 16:36:36 +02:00
b9d4c49d43 Added two new hosts 2025-04-24 16:10:39 +02:00
7f42d033db Changed git username 2025-04-23 12:08:32 +02:00
0ce120c045 Added tu delft gitlab entry 2025-04-23 11:04:34 +02:00
46d4f7f0f6 Merge branch 'main' of ssh://gitea.xeovalyte.dev:2222/xeovalyte/nix 2025-04-22 08:19:48 +02:00
cd16cc2cb8 Updated firefox 2025-04-22 08:19:31 +02:00
82e9af1d80 updated inputes 2025-04-21 16:08:22 +02:00
66aa78041e Updated inputes 2025-04-10 09:08:27 +02:00
c52c189e87 Added assembly language server 2025-04-02 12:54:06 +02:00
e22ca026e5 Fixed conflicts 2025-03-28 16:07:21 +01:00
52624b4390 Lots of changes 2025-03-28 16:06:09 +01:00
5b64398bfb Updated inputs and fixed cosmic greeter 2025-03-28 16:05:57 +01:00
a9b50ca7f2 Updated inputs 2025-03-23 12:37:05 +01:00
78d49601db Merge branch 'main' of ssh://gitea.xeovalyte.dev:2222/xeovalyte/nix 2025-03-20 14:19:35 +01:00
77953bd48b Desktop changes 2025-03-20 14:19:09 +01:00
3567163844 Updated inputs and and removed unused helix entries 2025-03-20 08:22:50 +01:00
aa5022198f Modified options 2025-03-17 15:10:26 +01:00
c573823590 Updated flakes 2025-03-13 11:34:46 +01:00
e655ba8b08 Added trusted users 2025-03-02 11:07:50 +01:00
4a4648eafd Added incus service 2025-02-28 16:29:18 +01:00
ae201dc410 fixed typo 2025-02-28 08:43:14 +01:00
729fd9688f Modified tablet and desktop config 2025-02-28 08:30:05 +01:00
eacbe34402 Updated flakes 2025-02-25 11:01:06 +01:00
690daec6fa Enabled sunshine 2025-02-22 16:17:19 +01:00
9a08ed5dff Updated inputs 2025-02-20 16:37:00 +01:00
e1eef10228 Migrated bookmarks to Q3 2025-02-10 08:25:13 +01:00
f3362df5aa Updated zellij and docker configuration 2025-02-06 11:16:24 +01:00
3a61bc6b26 Update flake inputs 2025-02-03 13:35:23 +01:00
d161cf7a81 Updated ti desktop and ch desktop 2025-02-01 11:41:25 +01:00
19e101ddc9 Change to unstable bitwarden version 2025-01-28 14:33:57 +01:00
eab59092a4 Merge branch 'main' of ssh://gitea.xeovalyte.dev:2222/xeovalyte/nix 2025-01-28 13:34:10 +01:00
dc7061e70a Updated inputs 2025-01-28 13:33:37 +01:00
482abfdf63 Added hoppscotch 2025-01-26 22:45:11 +01:00
16d8eb35d1 Updated flake inputs 2025-01-20 09:44:42 +01:00
f739a1a984 Added helix nuxt configuration 2025-01-18 13:05:02 +01:00
6033709dea Remoed nuxt helix configuration 2025-01-13 23:21:05 +01:00
bfc2c002b1 modified helix configuration 2025-01-13 22:30:11 +01:00
8944b6534a Enable docker on Timo desktop 2025-01-13 16:53:57 +01:00
587d2bc790 Added pull and update command 2025-01-11 11:28:56 +01:00
beb673db10 Updated flake inputs 2025-01-11 11:25:08 +01:00
44c97f169d Changed other hostnames 2025-01-10 13:55:26 +01:00
ecc8187973 Migrated hostname 2025-01-10 13:47:02 +01:00
9c88315c00 Changed justfile 2025-01-10 13:20:05 +01:00
c0661b2522 Removed homelab and updated config 2025-01-09 22:52:28 +01:00
e09285d330 Modified config so kiiwy doesn't get mad 2025-01-09 19:28:33 +01:00
ba648c277c Small fix 2025-01-09 17:30:17 +01:00
42cd51c0b5 Added wallpaper 2025-01-09 17:16:21 +01:00
fa8a1f2eec Changed stylix 2025-01-09 17:14:10 +01:00
ac8f095cce Merge branch 'main' of ssh://gitea.xeovalyte.dev:2222/xeovalyte/nix 2025-01-09 15:59:17 +01:00
3705f8b8fe Added christa desktop 2025-01-09 15:59:10 +01:00
89993d7c8a Added hosts voor laptop config 2025-01-09 08:26:58 +01:00
f85a04b3b8 Added gnome extension manager 2025-01-07 13:18:12 +01:00
53e3c11d1e Added tweaks 2025-01-07 13:15:33 +01:00
b19e207ec7 Updated inputs 2025-01-07 10:17:48 +01:00
86b463f067 Merge branch 'main' of ssh://gitea.xeovalyte.dev:2222/xeovalyte/nix
Merge
2025-01-03 11:09:13 +01:00
71f09fccc0 Added hosts configuration 2025-01-03 11:09:05 +01:00
331f2c2962 Updated surface config 2025-01-02 19:30:27 +01:00
08f7138ba4 Updated hardware configuration 2025-01-02 19:11:41 +01:00
136 changed files with 3843 additions and 8351 deletions

1
.gitignore vendored Normal file
View File

@@ -0,0 +1 @@
result

7
.sops.yaml Normal file
View File

@@ -0,0 +1,7 @@
keys:
- &v-th-ctr-01 age1cs2p7tgk9356tjmet6526k3ghwq9we82nz6z7qggqns656paku6sx30tkg
- &p-th-rpi-01 age1dd7xpgnak6z6zmwa9889pjd6hmj42zaxq7ea8s47dlk3v6u5f37sldkt97
creation_rules:
- path_regex: secrets/deploy.yaml$
age: >-
age1cs2p7tgk9356tjmet6526k3ghwq9we82nz6z7qggqns656paku6sx30tkg,age12gjtehffgmepyga9vaqkurn9fyvte8n7wsklmg866z5usezvuqlsr2m5mp

View File

@@ -3,6 +3,7 @@
## New system install guide
### 1. Install Nixos with ISO
[Nixos download](https://nixos.org/download)
### 2. Copy hardware configuration to hosts directory
@@ -10,14 +11,85 @@
### 3. Generate ssh-keys
**Archserver**
1. `ssh-keygen -f ~/.ssh/archserver`
2. `ssh-copy-id -i ~/.ssh/archserver 192.168.1.20`
**Gitea**
1. `ssh-keygen -f ~/.ssh/gitea -t ed25519 -C "me+gitea@xeovalyte.dev"`
2. Upload to [Gitea](https://gitea.xeovalyt.dev)
3. Verify ssh key (follow instructions on Gitea)
### 4. Add SSH keys
1. `ssh-add ~/.ssh/gitea`
2. `ssh-add ~/.ssh/archserver`
## Homelab
List over services
| Service | Description | Link |
| -------------- | ---------------------------------- | ---------------------------------------------------------------------- |
| Caddy | Reverse proxy | - |
| Kanidm | Openid provider | [auth.tbmrs.nl](https://auth.tbmrs.nl) |
| Forgejo | Git provider | [git.tbmrs.nl](https://git.tbmrs.nl) |
| Immich | Photo and videos | [photos.tbmrs.nl](https://photos.tbmrs.nl) |
| Homepage | Dashboard | [home.tbmrs.nl](https://home.tbmrs.nl) |
| Uptime Kuma | Uptime monitor | [uptime.tbmrs.nl](https://uptime.tbmrs.nl) |
| Pingvin share | Sharing of files | [share.tbmrs.nl](https://share.tbmrs.nl) |
| Vaultwarden | Password manager | [vault.local.tbmrs.nl](https://vault.local.tbmrs.nl) |
| Paperless NGX | Documents management | [paperless.local.tbmrs.nl](https://paperless.local.tbmrs.nl) |
| Beszel | Resource usage | [monitor.local.tbmrs.nl](https://monitor.local.tbmrs.nl) |
| Dufs | File manager | [files.tbmrs.nl](https://files.tbmrs.nl) |
| Syncthing | File syncing | [syncthing.local.tbmrs.nl](https://syncthing.local.tbmrs.nl) |
| Home Assistant | Home automation | [home-assistant.local.tbmrs.nl](https://home-assistant.local.tbmrs.nl) |
| ~~Karakeep~~ | Bookmarking | ~~[karakeep.local.tbmrs.nl](https://karakeep.local.tbmrs.nl)~~ |
| Vikunja | Tasks management | [vikunja.local.tbmrs.nl](https://vikunja.local.tbmrs.nl) |
| Stalwart | Mailserver | [mail.tbmrs.nl](https://mail.tbmrs.nl) |
| Linkding | Bookmark managment | [links.local.tbmrs.nl](https://links.local.tbmrs.nl) |
| Jellyfin | Movies, series and music streaming | [stream.local.tbmrs.nl](https://stream.local.tbmrs.nl) |
### Todo
- Install koreader selfhosted sync
### Openid commands
#### Configure new openid client
From: [Kanidm Docs](https://kanidm.github.io/kanidm/master/integrations/oauth2/examples.html)
Replace `<service>` with the name of the service.
1. Create a new Kanidm group, and add your regular account to it:
```bash
$ kanidm group create <service>_users
$ kanidm group add-members <service>_users your_username
```
2. Create a new OAuth2 application configuration in Kanidm, configure the redirect URL, and scope access to the group:
```bash
$ kanidm system oauth2 create <service> <servicename> <service_login_url>
$ kanidm system oauth2 add-redirect-url <service> <redirect_url>
$ kanidm system oauth2 update-scope-map <service> <service>_users email openid profile groups
```
3. (Optional) Disable PKCE
```bash
$ kanidm system oauth2 warning-insecure-client-disable-pkce <service>
```
4. Get the OAuth2 client secret from Kanidm
```bash
$ kanidm system oauth2 show-basic-secret <service>
```
## Useful links
Womier keyboard permissions denied or not finding: https://github.com/the-via/releases/issues/257

BIN
assets/kiiwy.png Normal file

Binary file not shown.

After

Width:  |  Height:  |  Size: 46 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 1.0 MiB

View File

@@ -1,7 +1,7 @@
FROM caddy:2.8-builder AS builder
RUN xcaddy build \
--with github.com/caddy-dns/cloudflare
--with github.com/caddy-dns/transip
FROM caddy:2.8

465
flake.lock generated
View File

@@ -5,11 +5,11 @@
"fromYaml": "fromYaml"
},
"locked": {
"lastModified": 1732200724,
"narHash": "sha256-+R1BH5wHhfnycySb7Sy5KbYEaTJZWm1h+LW1OtyhiTs=",
"lastModified": 1746562888,
"narHash": "sha256-YgNJQyB5dQiwavdDFBMNKk1wyS77AtdgDk/VtU6wEaI=",
"owner": "SenchoPens",
"repo": "base16.nix",
"rev": "153d52373b0fb2d343592871009a286ec8837aec",
"rev": "806a1777a5db2a1ef9d5d6f493ef2381047f2b89",
"type": "github"
},
"original": {
@@ -37,11 +37,11 @@
"base16-helix": {
"flake": false,
"locked": {
"lastModified": 1725860795,
"narHash": "sha256-Z2o8VBPW3I+KKTSfe25kskz0EUj7MpUh8u355Z1nVsU=",
"lastModified": 1748408240,
"narHash": "sha256-9M2b1rMyMzJK0eusea0x3lyh3mu5nMeEDSc4RZkGm+g=",
"owner": "tinted-theming",
"repo": "base16-helix",
"rev": "7f795bf75d38e0eea9fed287264067ca187b88a9",
"rev": "6c711ab1a9db6f51e2f6887cc3345530b33e152e",
"type": "github"
},
"original": {
@@ -69,69 +69,74 @@
"base16-vim": {
"flake": false,
"locked": {
"lastModified": 1731949548,
"narHash": "sha256-XIDexXM66sSh5j/x70e054BnUsviibUShW7XhbDGhYo=",
"lastModified": 1732806396,
"narHash": "sha256-e0bpPySdJf0F68Ndanwm+KWHgQiZ0s7liLhvJSWDNsA=",
"owner": "tinted-theming",
"repo": "base16-vim",
"rev": "61165b1632409bd55e530f3dbdd4477f011cadc6",
"rev": "577fe8125d74ff456cf942c733a85d769afe58b7",
"type": "github"
},
"original": {
"owner": "tinted-theming",
"repo": "base16-vim",
"rev": "577fe8125d74ff456cf942c733a85d769afe58b7",
"type": "github"
}
},
"flake-compat": {
"flake": false,
"locked": {
"lastModified": 1717312683,
"narHash": "sha256-FrlieJH50AuvagamEvWMIE6D2OAnERuDboFDYAED/dE=",
"owner": "nix-community",
"repo": "flake-compat",
"rev": "38fd3954cf65ce6faf3d0d45cd26059e059f07ea",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "flake-compat",
"type": "github"
}
},
"flake-compat_2": {
"flake": false,
"locked": {
"lastModified": 1696426674,
"narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=",
"owner": "edolstra",
"repo": "flake-compat",
"rev": "0f9255e01c2351cc7d116c072cb317785dd33b33",
"type": "github"
},
"original": {
"owner": "edolstra",
"repo": "flake-compat",
"type": "github"
}
},
"flake-utils": {
"disko": {
"inputs": {
"systems": [
"stylix",
"systems"
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1731533236,
"narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "11707dc2f618dd54ca8739b309ec4fc024de578b",
"lastModified": 1751854533,
"narHash": "sha256-U/OQFplExOR1jazZY4KkaQkJqOl59xlh21HP9mI79Vc=",
"owner": "nix-community",
"repo": "disko",
"rev": "16b74a1e304197248a1bc663280f2548dbfcae3c",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"owner": "nix-community",
"repo": "disko",
"type": "github"
}
},
"firefox-gnome-theme": {
"flake": false,
"locked": {
"lastModified": 1748383148,
"narHash": "sha256-pGvD/RGuuPf/4oogsfeRaeMm6ipUIznI2QSILKjKzeA=",
"owner": "rafaelmardojai",
"repo": "firefox-gnome-theme",
"rev": "4eb2714fbed2b80e234312611a947d6cb7d70caf",
"type": "github"
},
"original": {
"owner": "rafaelmardojai",
"repo": "firefox-gnome-theme",
"type": "github"
}
},
"flake-parts": {
"inputs": {
"nixpkgs-lib": [
"stylix",
"nixpkgs"
]
},
"locked": {
"lastModified": 1749398372,
"narHash": "sha256-tYBdgS56eXYaWVW3fsnPQ/nFlgWi/Z2Ymhyu21zVM98=",
"owner": "hercules-ci",
"repo": "flake-parts",
"rev": "9305fe4e5c2a6fcf5ba6a3ff155720fbe4076569",
"type": "github"
},
"original": {
"owner": "hercules-ci",
"repo": "flake-parts",
"type": "github"
}
},
@@ -154,16 +159,16 @@
"gnome-shell": {
"flake": false,
"locked": {
"lastModified": 1732369855,
"narHash": "sha256-JhUWbcYPjHO3Xs3x9/Z9RuqXbcp5yhPluGjwsdE2GMg=",
"lastModified": 1744584021,
"narHash": "sha256-0RJ4mJzf+klKF4Fuoc8VN8dpQQtZnKksFmR2jhWE1Ew=",
"owner": "GNOME",
"repo": "gnome-shell",
"rev": "dadd58f630eeea41d645ee225a63f719390829dc",
"rev": "52c517c8f6c199a1d6f5118fae500ef69ea845ae",
"type": "github"
},
"original": {
"owner": "GNOME",
"ref": "47.2",
"ref": "48.1",
"repo": "gnome-shell",
"type": "github"
}
@@ -175,38 +180,73 @@
]
},
"locked": {
"lastModified": 1735344290,
"narHash": "sha256-oJDtWPH1oJT34RJK1FSWjwX4qcGOBRkcNQPD0EbSfNM=",
"lastModified": 1751810233,
"narHash": "sha256-kllkNbIqQi3VplgTMeGzuh1t8Gk8TauvkTRt93Km+tQ=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "613691f285dad87694c2ba1c9e6298d04736292d",
"rev": "9b0873b46c9f9e4b7aa01eb634952c206af53068",
"type": "github"
},
"original": {
"owner": "nix-community",
"ref": "release-24.11",
"ref": "release-25.05",
"repo": "home-manager",
"type": "github"
}
},
"home-manager_2": {
"niri": {
"inputs": {
"nixpkgs": [
"stylix",
"nixpkgs"
]
"niri-stable": "niri-stable",
"niri-unstable": "niri-unstable",
"nixpkgs": "nixpkgs",
"nixpkgs-stable": "nixpkgs-stable",
"xwayland-satellite-stable": "xwayland-satellite-stable",
"xwayland-satellite-unstable": "xwayland-satellite-unstable"
},
"locked": {
"lastModified": 1733085484,
"narHash": "sha256-dVmNuUajnU18oHzBQWZm1BQtANCHaqNuxTHZQ+GN0r8=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "c1fee8d4a60b89cae12b288ba9dbc608ff298163",
"lastModified": 1752057206,
"narHash": "sha256-f8fNAag3K3WAq+lJr2EEu2f3xVSFLPddLgJKZRzXa3M=",
"owner": "sodiboo",
"repo": "niri-flake",
"rev": "90c2edcf32d0fcb511fee9a0b8c580a18178c109",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "home-manager",
"owner": "sodiboo",
"repo": "niri-flake",
"type": "github"
}
},
"niri-stable": {
"flake": false,
"locked": {
"lastModified": 1748151941,
"narHash": "sha256-z4viQZLgC2bIJ3VrzQnR+q2F3gAOEQpU1H5xHtX/2fs=",
"owner": "YaLTeR",
"repo": "niri",
"rev": "8ba57fcf25d2fc9565131684a839d58703f1dae7",
"type": "github"
},
"original": {
"owner": "YaLTeR",
"ref": "v25.05.1",
"repo": "niri",
"type": "github"
}
},
"niri-unstable": {
"flake": false,
"locked": {
"lastModified": 1750791124,
"narHash": "sha256-F5iVU/hjoSHSSe0gllxm0PcAaseEtGNanYK5Ha3k2Tg=",
"owner": "YaLTeR",
"repo": "niri",
"rev": "37458d94b288945f6cfbd3c5c233f634d59f246c",
"type": "github"
},
"original": {
"owner": "YaLTeR",
"repo": "niri",
"type": "github"
}
},
@@ -229,34 +269,13 @@
"type": "github"
}
},
"nixos-cosmic": {
"inputs": {
"flake-compat": "flake-compat",
"nixpkgs": "nixpkgs",
"nixpkgs-stable": "nixpkgs-stable",
"rust-overlay": "rust-overlay"
},
"locked": {
"lastModified": 1735695461,
"narHash": "sha256-xWeCORE1NA95dt3m1wGTmWFao8uMtmysK26jVcsL1tI=",
"owner": "lilyinstarlight",
"repo": "nixos-cosmic",
"rev": "80d9501f798baa8d55d86398142bc94db7619d8e",
"type": "github"
},
"original": {
"owner": "lilyinstarlight",
"repo": "nixos-cosmic",
"type": "github"
}
},
"nixos-hardware": {
"locked": {
"lastModified": 1735388221,
"narHash": "sha256-e5IOgjQf0SZcFCEV/gMGrsI0gCJyqOKShBQU0iiM3Kg=",
"lastModified": 1752048960,
"narHash": "sha256-gATnkOe37eeVwKKYCsL+OnS2gU4MmLuZFzzWCtaKLI8=",
"owner": "NixOS",
"repo": "nixos-hardware",
"rev": "7c674c6734f61157e321db595dbfcd8523e04e19",
"rev": "7ced9122cff2163c6a0212b8d1ec8c33a1660806",
"type": "github"
},
"original": {
@@ -268,11 +287,11 @@
},
"nixpkgs": {
"locked": {
"lastModified": 1735471104,
"narHash": "sha256-0q9NGQySwDQc7RhAV2ukfnu7Gxa5/ybJ2ANT8DQrQrs=",
"lastModified": 1751792365,
"narHash": "sha256-J1kI6oAj25IG4EdVlg2hQz8NZTBNYvIS0l4wpr9KcUo=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "88195a94f390381c6afcdaa933c2f6ff93959cb4",
"rev": "1fd8bada0b6117e6c7eb54aad5813023eed37ccb",
"type": "github"
},
"original": {
@@ -299,27 +318,27 @@
},
"nixpkgs-stable": {
"locked": {
"lastModified": 1735531152,
"narHash": "sha256-As8I+ebItDKtboWgDXYZSIjGlKeqiLBvjxsQHUmAf1Q=",
"lastModified": 1751943650,
"narHash": "sha256-7orTnNqkGGru8Je6Un6mq1T8YVVU/O5kyW4+f9C1mZQ=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "3ffbbdbac0566a0977da3d2657b89cbcfe9a173b",
"rev": "88983d4b665fb491861005137ce2b11a9f89f203",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-24.11",
"ref": "nixos-25.05",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs-unstable": {
"locked": {
"lastModified": 1735471104,
"narHash": "sha256-0q9NGQySwDQc7RhAV2ukfnu7Gxa5/ybJ2ANT8DQrQrs=",
"lastModified": 1751792365,
"narHash": "sha256-J1kI6oAj25IG4EdVlg2hQz8NZTBNYvIS0l4wpr9KcUo=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "88195a94f390381c6afcdaa933c2f6ff93959cb4",
"rev": "1fd8bada0b6117e6c7eb54aad5813023eed37ccb",
"type": "github"
},
"original": {
@@ -330,11 +349,26 @@
},
"nixpkgs_2": {
"locked": {
"lastModified": 1732238832,
"narHash": "sha256-sQxuJm8rHY20xq6Ah+GwIUkF95tWjGRd1X8xF+Pkk38=",
"lastModified": 1751943650,
"narHash": "sha256-7orTnNqkGGru8Je6Un6mq1T8YVVU/O5kyW4+f9C1mZQ=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "8edf06bea5bcbee082df1b7369ff973b91618b8d",
"rev": "88983d4b665fb491861005137ce2b11a9f89f203",
"type": "github"
},
"original": {
"id": "nixpkgs",
"ref": "nixos-25.05",
"type": "indirect"
}
},
"nixpkgs_3": {
"locked": {
"lastModified": 1744868846,
"narHash": "sha256-5RJTdUHDmj12Qsv7XOhuospjAjATNiTMElplWnJE9Hs=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "ebe4301cbd8f81c4f8d3244b3632338bbeb6d49c",
"type": "github"
},
"original": {
@@ -344,38 +378,76 @@
"type": "github"
}
},
"root": {
"inputs": {
"home-manager": "home-manager",
"nix-colors": "nix-colors",
"nixos-cosmic": "nixos-cosmic",
"nixos-hardware": "nixos-hardware",
"nixpkgs": [
"nixos-cosmic",
"nixpkgs-stable"
],
"nixpkgs-unstable": "nixpkgs-unstable",
"stylix": "stylix"
}
},
"rust-overlay": {
"inputs": {
"nixpkgs": [
"nixos-cosmic",
"nixpkgs"
]
},
"nixpkgs_4": {
"locked": {
"lastModified": 1735612067,
"narHash": "sha256-rsjojgfPUf9tWuMXuuo2KAIoUZ49XGZQJSjFGOO8Cq4=",
"owner": "oxalica",
"repo": "rust-overlay",
"rev": "d199142e84bfaae476ffb4e09a70879d7918784d",
"lastModified": 1751211869,
"narHash": "sha256-1Cu92i1KSPbhPCKxoiVG5qnoRiKTgR5CcGSRyLpOd7Y=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "b43c397f6c213918d6cfe6e3550abfe79b5d1c51",
"type": "github"
},
"original": {
"owner": "oxalica",
"repo": "rust-overlay",
"owner": "NixOS",
"ref": "nixos-25.05",
"repo": "nixpkgs",
"type": "github"
}
},
"nur": {
"inputs": {
"flake-parts": [
"stylix",
"flake-parts"
],
"nixpkgs": [
"stylix",
"nixpkgs"
],
"treefmt-nix": "treefmt-nix"
},
"locked": {
"lastModified": 1751320053,
"narHash": "sha256-3m6RMw0FbbaUUa01PNaMLoO7D99aBClmY5ed9V3vz+0=",
"owner": "nix-community",
"repo": "NUR",
"rev": "cbde1735782f9c2bb2c63d5e05fba171a14a4670",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "NUR",
"type": "github"
}
},
"root": {
"inputs": {
"disko": "disko",
"home-manager": "home-manager",
"niri": "niri",
"nix-colors": "nix-colors",
"nixos-hardware": "nixos-hardware",
"nixpkgs": "nixpkgs_2",
"nixpkgs-unstable": "nixpkgs-unstable",
"sops-nix": "sops-nix",
"stylix": "stylix"
}
},
"sops-nix": {
"inputs": {
"nixpkgs": "nixpkgs_3"
},
"locked": {
"lastModified": 1751606940,
"narHash": "sha256-KrDPXobG7DFKTOteqdSVeL1bMVitDcy7otpVZWDE6MA=",
"owner": "Mic92",
"repo": "sops-nix",
"rev": "3633fc4acf03f43b260244d94c71e9e14a2f6e0d",
"type": "github"
},
"original": {
"owner": "Mic92",
"repo": "sops-nix",
"type": "github"
}
},
@@ -385,26 +457,29 @@
"base16-fish": "base16-fish",
"base16-helix": "base16-helix",
"base16-vim": "base16-vim",
"flake-compat": "flake-compat_2",
"flake-utils": "flake-utils",
"firefox-gnome-theme": "firefox-gnome-theme",
"flake-parts": "flake-parts",
"gnome-shell": "gnome-shell",
"home-manager": "home-manager_2",
"nixpkgs": "nixpkgs_2",
"nixpkgs": "nixpkgs_4",
"nur": "nur",
"systems": "systems",
"tinted-foot": "tinted-foot",
"tinted-kitty": "tinted-kitty",
"tinted-tmux": "tinted-tmux"
"tinted-schemes": "tinted-schemes",
"tinted-tmux": "tinted-tmux",
"tinted-zed": "tinted-zed"
},
"locked": {
"lastModified": 1735664732,
"narHash": "sha256-KoXLDDDT/nMBMl6VtoAGxJ58COvT+SWL5aiR+hUPBUo=",
"lastModified": 1752014016,
"narHash": "sha256-Gn6cnUPchPenxUFDt+dh7836CNu3GM13aghTabfZUrU=",
"owner": "danth",
"repo": "stylix",
"rev": "f48cab39ba162c5eaef3d975aaac467c20db402b",
"rev": "26042c1f59ae868193fa4378f85e4f6240f25ff8",
"type": "github"
},
"original": {
"owner": "danth",
"ref": "release-25.05",
"repo": "stylix",
"type": "github"
}
@@ -444,28 +519,43 @@
"tinted-kitty": {
"flake": false,
"locked": {
"lastModified": 1716423189,
"narHash": "sha256-2xF3sH7UIwegn+2gKzMpFi3pk5DlIlM18+vj17Uf82U=",
"lastModified": 1735730497,
"narHash": "sha256-4KtB+FiUzIeK/4aHCKce3V9HwRvYaxX+F1edUrfgzb8=",
"owner": "tinted-theming",
"repo": "tinted-kitty",
"rev": "eb39e141db14baef052893285df9f266df041ff8",
"rev": "de6f888497f2c6b2279361bfc790f164bfd0f3fa",
"type": "github"
},
"original": {
"owner": "tinted-theming",
"repo": "tinted-kitty",
"rev": "eb39e141db14baef052893285df9f266df041ff8",
"type": "github"
}
},
"tinted-schemes": {
"flake": false,
"locked": {
"lastModified": 1750770351,
"narHash": "sha256-LI+BnRoFNRa2ffbe3dcuIRYAUcGklBx0+EcFxlHj0SY=",
"owner": "tinted-theming",
"repo": "schemes",
"rev": "5a775c6ffd6e6125947b393872cde95867d85a2a",
"type": "github"
},
"original": {
"owner": "tinted-theming",
"repo": "schemes",
"type": "github"
}
},
"tinted-tmux": {
"flake": false,
"locked": {
"lastModified": 1729501581,
"narHash": "sha256-1ohEFMC23elnl39kxWnjzH1l2DFWWx4DhFNNYDTYt54=",
"lastModified": 1751159871,
"narHash": "sha256-UOHBN1fgHIEzvPmdNMHaDvdRMgLmEJh2hNmDrp3d3LE=",
"owner": "tinted-theming",
"repo": "tinted-tmux",
"rev": "f0e7f7974a6441033eb0a172a0342e96722b4f14",
"rev": "bded5e24407cec9d01bd47a317d15b9223a1546c",
"type": "github"
},
"original": {
@@ -473,6 +563,77 @@
"repo": "tinted-tmux",
"type": "github"
}
},
"tinted-zed": {
"flake": false,
"locked": {
"lastModified": 1751158968,
"narHash": "sha256-ksOyv7D3SRRtebpXxgpG4TK8gZSKFc4TIZpR+C98jX8=",
"owner": "tinted-theming",
"repo": "base16-zed",
"rev": "86a470d94204f7652b906ab0d378e4231a5b3384",
"type": "github"
},
"original": {
"owner": "tinted-theming",
"repo": "base16-zed",
"type": "github"
}
},
"treefmt-nix": {
"inputs": {
"nixpkgs": [
"stylix",
"nur",
"nixpkgs"
]
},
"locked": {
"lastModified": 1733222881,
"narHash": "sha256-JIPcz1PrpXUCbaccEnrcUS8jjEb/1vJbZz5KkobyFdM=",
"owner": "numtide",
"repo": "treefmt-nix",
"rev": "49717b5af6f80172275d47a418c9719a31a78b53",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "treefmt-nix",
"type": "github"
}
},
"xwayland-satellite-stable": {
"flake": false,
"locked": {
"lastModified": 1748488455,
"narHash": "sha256-IiLr1alzKFIy5tGGpDlabQbe6LV1c9ABvkH6T5WmyRI=",
"owner": "Supreeeme",
"repo": "xwayland-satellite",
"rev": "3ba30b149f9eb2bbf42cf4758d2158ca8cceef73",
"type": "github"
},
"original": {
"owner": "Supreeeme",
"ref": "v0.6",
"repo": "xwayland-satellite",
"type": "github"
}
},
"xwayland-satellite-unstable": {
"flake": false,
"locked": {
"lastModified": 1751228685,
"narHash": "sha256-MENtauGBhJ+kDeFaawvWGXaFG3Il6qQzjaP0RmtfM0k=",
"owner": "Supreeeme",
"repo": "xwayland-satellite",
"rev": "557ebeb616e03d5e4a8049862bbbd1f02c6f020b",
"type": "github"
},
"original": {
"owner": "Supreeeme",
"repo": "xwayland-satellite",
"type": "github"
}
}
},
"root": "root",

184
flake.nix
View File

@@ -1,13 +1,13 @@
{
description = "Nixos configuration for Xeovalyte";
description = "Nixos configuration for Timo";
inputs = {
nixpkgs.url = "nixpkgs/nixos-24.11";
nixpkgs.url = "nixpkgs/nixos-25.05";
nixpkgs-unstable.url = "nixpkgs/nixos-unstable";
home-manager = {
url = "github:nix-community/home-manager/release-24.11";
url = "github:nix-community/home-manager/release-25.05";
inputs.nixpkgs.follows = "nixpkgs";
};
@@ -15,130 +15,140 @@
nix-colors.url = "github:misterio77/nix-colors";
stylix.url = "github:danth/stylix";
stylix.url = "github:danth/stylix/release-25.05";
nixpkgs.follows = "nixos-cosmic/nixpkgs-stable";
sops-nix.url = "github:Mic92/sops-nix";
niri.url = "github:sodiboo/niri-flake";
nixos-cosmic = {
url = "github:lilyinstarlight/nixos-cosmic";
};
disko.url = "github:nix-community/disko";
disko.inputs.nixpkgs.follows = "nixpkgs";
};
outputs = inputs@{ self, nixpkgs, nixpkgs-unstable, home-manager, nix-colors, stylix, nixos-cosmic, ... }:
let
system = "x86_64-linux";
overlay-unstable = final: prev: {
unstable = import nixpkgs-unstable {
config.allowUnfree = true;
localSystem = { inherit system; };
};
};
outputs = {
self,
nixpkgs,
home-manager,
nix-colors,
stylix,
sops-nix,
niri,
disko,
...
} @ inputs: let
inherit (self) outputs;
systems = [
"x86_64-linux"
"aarch64-linux"
];
forAllSystems = nixpkgs.lib.genAttrs systems;
in
{
# Laptop Configuration
packages = forAllSystems (system: import ./pkgs nixpkgs.legacyPackages.${system} );
overlays = import ./overlays { inherit inputs; };
nixosConfigurations = {
xv-laptop = nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
specialArgs = { inherit inputs; };
ti-clt-lpt01 = nixpkgs.lib.nixosSystem {
specialArgs = { inherit inputs outputs; };
modules = [
({ config, pkgs, ... }: { nixpkgs.overlays = [ overlay-unstable ]; })
inputs.nixos-hardware.nixosModules.framework-13-7040-amd
./hosts/laptop
./hosts/ti-clt-lpt01/configuration.nix
];
};
};
homeConfigurations = {
"xeovalyte@xv-laptop" = home-manager.lib.homeManagerConfiguration {
pkgs = nixpkgs.legacyPackages.x86_64-linux;
extraSpecialArgs = { inherit inputs nix-colors; };
ch-clt-dsk01 = nixpkgs.lib.nixosSystem {
specialArgs = { inherit inputs outputs; };
modules = [
({ config, pkgs, ... }: { nixpkgs.overlays = [ overlay-unstable ]; })
./hosts/laptop/home.nix
./hosts/ch-clt-dsk01/configuration.nix
];
};
};
# Surface Configuration
nixosConfigurations = {
xv-surface = nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
specialArgs = { inherit inputs; };
ti-clt-tbl01 = nixpkgs.lib.nixosSystem {
specialArgs = { inherit inputs outputs; };
modules = [
({ config, pkgs, ... }: { nixpkgs.overlays = [ overlay-unstable ]; })
inputs.nixos-hardware.nixosModules.microsoft-surface-go
nixos-cosmic.nixosModules.default
./hosts/surface
./hosts/ti-clt-tbl01/configuration.nix
];
};
# Timo's desktop
ti-clt-dsk01 = nixpkgs.lib.nixosSystem {
specialArgs = { inherit inputs outputs; };
modules = [
./hosts/ti-clt-dsk01/configuration.nix
];
};
v-th-ctr-01 = nixpkgs.lib.nixosSystem {
specialArgs = { inherit inputs outputs; };
modules = [
./hosts/v-th-ctr-01/configuration.nix
];
};
# Raspberry pi
p-th-rpi-01 = nixpkgs.lib.nixosSystem {
specialArgs = { inherit inputs outputs; };
modules = [
./hosts/p-th-rpi-01/configuration.nix
];
};
};
homeConfigurations = {
"xeovalyte@xv-surface" = home-manager.lib.homeManagerConfiguration {
# Timo
"xeovalyte@ti-clt-lpt01" = home-manager.lib.homeManagerConfiguration {
pkgs = nixpkgs.legacyPackages.x86_64-linux;
extraSpecialArgs = { inherit inputs nix-colors; };
extraSpecialArgs = { inherit inputs outputs; };
modules = [
({ config, pkgs, ... }: { nixpkgs.overlays = [ overlay-unstable ]; })
./hosts/surface/home.nix
./hosts/ti-clt-lpt01/home.nix
];
};
};
nixosConfigurations = {
xv-desktop = nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
specialArgs = { inherit inputs; };
modules = [
({ config, pkgs, ... }: { nixpkgs.overlays = [ overlay-unstable ]; })
./hosts/desktop
];
};
};
homeConfigurations = {
"xeovalyte@xv-desktop" = home-manager.lib.homeManagerConfiguration {
"xeovalyte@ti-clt-tbl01" = home-manager.lib.homeManagerConfiguration {
pkgs = nixpkgs.legacyPackages.x86_64-linux;
extraSpecialArgs = { inherit inputs nix-colors; };
extraSpecialArgs = { inherit inputs outputs; };
modules = [
({ config, pkgs, ... }: { nixpkgs.overlays = [ overlay-unstable ]; })
./hosts/desktop/home.nix
./hosts/ti-clt-tbl01/home.nix
];
};
};
# pm01vm01 Configuration
nixosConfigurations = {
pm01vm01 = nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
specialArgs = { inherit inputs; };
modules = [
({ config, pkgs, ... }: { nixpkgs.overlays = [ overlay-unstable ]; })
./hosts/pm01vm01
];
};
};
homeConfigurations = {
"xeovalyte@pm01vm01" = home-manager.lib.homeManagerConfiguration {
"xeovalyte@ti-clt-dsk01" = home-manager.lib.homeManagerConfiguration {
pkgs = nixpkgs.legacyPackages.x86_64-linux;
extraSpecialArgs = { inherit inputs nix-colors; };
extraSpecialArgs = { inherit inputs outputs; };
modules = [
({ config, pkgs, ... }: { nixpkgs.overlays = [ overlay-unstable ]; })
./hosts/pm01vm01/home.nix
./hosts/ti-clt-dsk01/home.nix
];
};
# Christa
"kiiwy@ch-clt-dsk01" = home-manager.lib.homeManagerConfiguration {
pkgs = nixpkgs.legacyPackages.x86_64-linux;
extraSpecialArgs = { inherit inputs outputs; };
modules = [
./hosts/ch-clt-dsk01/home.nix
];
};
# Deploy
"deploy@v-th-ctr-01" = home-manager.lib.homeManagerConfiguration {
pkgs = nixpkgs.legacyPackages.x86_64-linux;
extraSpecialArgs = { inherit inputs outputs; };
modules = [
./hosts/v-th-ctr-01/home.nix
];
};
# Deploy
"deploy@p-th-rpi-01" = home-manager.lib.homeManagerConfiguration {
pkgs = nixpkgs.legacyPackages.aarch64-linux;
extraSpecialArgs = { inherit inputs outputs; };
modules = [
./hosts/p-th-rpi-01/home.nix
];
};
};
};
}

2
homelab/.gitignore vendored
View File

@@ -1,2 +0,0 @@
secrets/
.env

View File

@@ -1,44 +0,0 @@
# Configuration steps
## 1. Install [NixOS](https://nixos.org/)
Follow the steps from the [NixOS Manual Installation](https://nixos.org/manual/nixos/stable/#sec-installation-manual)
> At the edit configuration.nix step you must:
>
> - Add a user to the configuration file and set a password
> - Enable openssh
## 2. Configuring flake
1. Clone this repository
2. Copy hardware configuration to host<br>
`cp /etc/nixos/hardware-configuration.nix ~/nix/hosts/<host>/hardware-configuration.nix`
3. Rebuild system
`sudo nixos-rebuild switch --flake .#<host>`
4. Rebuild home-manager
`home-manager switch --flake .#<user>@<host>`
5. Reboot
## 3. Configuring docker containers
1. Create proxy network<br>
`docker network create proxy`
2. Configure [Adguard](./adguard/README.md)
3. Configure [Caddy](./caddy/README.md)
4. Configure [Authelia](./authelia/README.md)
5. Configure the rest of the services
# Services
| Name | Use | Domain | Auth |
| ------- | -------------- | ----------------------------- | ------ |
| Adguard | DNS | https://adguard.timo.bmrs.nl/ | local |
| Caddy | Reverse proxy | - | - |
| Forgejo | Git | https://git.timo.bmrs.nl/ | Openid |
| Ldap | User directory | https://ldap.timo.bmrs.nl/ | - |
# Services to try out
- [Beszel](https://github.com/henrygd/beszel)

View File

@@ -1,7 +0,0 @@
# Adguard Home
1. Temporaraly edit ports in docker-compose file to setup
2. Configuration screen<br>
1. Change listen interface to port 3000
3. Add DNS rewrite for *.timo.bmrs.nl
4. Delete temporaraly port edit in docker-compose

View File

@@ -1,21 +0,0 @@
services:
adguardhome:
image: adguard/adguardhome:latest
container_name: adguardhome
restart: unless-stopped
ports:
- 53:53/tcp
- 53:53/udp
# - 80:3000 # Only use during setup
volumes:
- work:/opt/adguardhome/work
- conf:/opt/adguardhome/conf
volumes:
work:
conf:
networks:
default:
name: proxy
external: true

View File

@@ -1 +0,0 @@
keys/

View File

@@ -1,13 +0,0 @@
# Authelia
1. Edit environment variables.
1. For HMAC_SECRET, JWT_SECRET, ADMIN_PASSWORD, SESSION_SECRET, STORAGE_ENCRYPTION_KEY, LLDAP_KEY_SEED use an random alphanumeric string of at least 64 characters
2. For CLIENT_SECRET, CLIEND_ID: [Generate client identifier](https://www.authelia.com/integration/openid-connect/frequently-asked-questions/#how-do-i-generate-a-client-identifier-or-client-secret)
1. Use single quotes for the client secret
2. Generate PAM file using and save it to the /config/keys directory: [Generating keypair](https://www.authelia.com/reference/guides/generating-secure-values/#generating-an-rsa-keypair)
1. Save the random password
3. Configure LLDAP
1. Create a user in LLDAP with the group: lldap_password_manager
2. Create groups: forgejo

File diff suppressed because it is too large Load Diff

View File

@@ -1,44 +0,0 @@
services:
authelia:
image: authelia/authelia:latest
container_name: authelia
restart: unless-stopped
depends_on:
- lldap
volumes:
- ./config/configuration.yml:/config/configuration.yml
- ./config/keys:/keys
- data_authelia:/config
environment:
X_AUTHELIA_CONFIG_FILTERS: template
JWT_SECRET: ${AUTHELIA_JWT_SECRET}
SESSION_SECRET: ${AUTHELIA_SESSION_SECRET}
STORAGE_ENCRYPTION_KEY: ${AUTHELIA_STORAGE_ENCRYPTION_KEY}
AUTHELIA_AUTHENTICATION_BACKEND_LDAP_PASSWORD: ${LLDAP_ADMIN_PASSWORD}
HMAC_SECRET: ${AUTHELIA_HMAC_SECRET}
CLIENT_SECRET_FORGEJO: ${AUTHELIA_CLIENT_SECRET_FORGEJO}
CLIENT_ID_FORGEJO: ${AUTHELIA_CLIENT_ID_FORGEJO}
CLIENT_SECRET_PAPERLESS: ${AUTHELIA_CLIENT_SECRET_PAPERLESS}
CLIENT_ID_PAPERLESS: ${AUTHELIA_CLIENT_ID_PAPERLESS}
lldap:
image: lldap/lldap:latest
container_name: lldap
restart: unless-stopped
volumes:
- data_lldap:/data
environment:
LLDAP_JWT_SECRET: ${LLDAP_JWT_SECRET}
LLDAP_KEY_SEED: ${LLDAP_KEY_SEED}
LLDAP_LDAP_BASE_DN: dc=bmrs,dc=nl
LLDAP_LDAP_USER_PASS: ${LLDAP_ADMIN_PASSWORD}
volumes:
data_lldap:
data_authelia:
networks:
default:
name: proxy
external: true

View File

@@ -1,4 +0,0 @@
# Caddy reverse proxy
1. Obtain cloudflare tokens: [Caddy Cloudflare](https://github.com/caddy-dns/cloudflare)
2. Set environment variables

View File

@@ -1,21 +0,0 @@
localhost {
respond "Hello world!"
}
*.timo.bmrs.nl timo.bmrs.nl {
tls {
dns cloudflare {
zone_token {env.CF_ZONE_TOKEN}
api_token {env.CF_API_TOKEN}
}
resolvers 1.1.1.1
}
forward_auth authelia:9091 {
uri /api/authz/forward-auth
copy_headers Remote-User Remote-Groups Remote-Email Remote-Name
}
import routes/*
}

View File

@@ -1,4 +0,0 @@
@adguard host adguard.timo.bmrs.nl
handle @adguard {
reverse_proxy adguardhome:3000
}

View File

@@ -1,9 +0,0 @@
@ldap host ldap.timo.bmrs.nl
handle @ldap {
reverse_proxy lldap:17170
}
@authelia host auth.timo.bmrs.nl
handle @authelia {
reverse_proxy authelia:9091
}

View File

@@ -1,9 +0,0 @@
@dozzle host dozzle.timo.bmrs.nl
handle @dozzle {
forward_auth authelia:9091 {
uri /api/authz/forward-auth
copy_headers Remote-User Remote-Groups Remote-Name Remote-Email
}
reverse_proxy dozzle:8080
}

View File

@@ -1,4 +0,0 @@
@forgejo host git.timo.bmrs.nl
handle @forgejo {
reverse_proxy forgejo:3000
}

View File

@@ -1,4 +0,0 @@
@homeassistant host homeassistant.timo.bmrs.nl
handle @homeassistant {
reverse_proxy homeassistant:8123
}

View File

@@ -1,4 +0,0 @@
@homepage host home.timo.bmrs.nl
handle @homepage {
reverse_proxy homepage:3000
}

View File

@@ -1,4 +0,0 @@
@immich host immich.timo.bmrs.nl
handle @immich {
reverse_proxy immich:2283
}

View File

@@ -1,12 +0,0 @@
@nextcloud host cloud.timo.bmrs.nl
handle @nextcloud {
redir /.well-known/carddav /remote.php/dav/ 301
redir /.well-known/caldav /remote.php/dav/ 301
reverse_proxy nextcloud:80
}
@office host office.timo.bmrs.nl
handle @office {
reverse_proxy nextcloud-office:9980
}

View File

@@ -1,4 +0,0 @@
@paperless-ngx host paperless.timo.bmrs.nl
handle @paperless-ngx {
reverse_proxy paperless-ngx:8000
}

View File

@@ -1,4 +0,0 @@
@searxng host search.timo.bmrs.nl
handle @searxng {
reverse_proxy searxng:8080
}

View File

@@ -1,4 +0,0 @@
@uptime-kuma host uptime.timo.bmrs.nl
handle @uptime-kuma {
reverse_proxy uptime-kuma:3001
}

View File

@@ -1,4 +0,0 @@
@vaultwarden host bitwarden.timo.bmrs.nl
handle @vaultwarden {
reverse_proxy vaultwarden:80
}

View File

@@ -1,33 +0,0 @@
services:
caddy:
build: .
container_name: caddy
restart: unless-stopped
cap_add:
- NET_ADMIN
ports:
- 80:80
- 443:443
- 443:443/udp
volumes:
- data:/data
- config:/config
- ./caddyfiles:/etc/caddy/
environment:
CF_ZONE_TOKEN: ${CF_ZONE_TOKEN}
CF_API_TOKEN: ${CF_API_TOKEN}
networks:
proxy:
aliases:
- auth.timo.bmrs.nl
- cloud.timo.bmrs.nl
- office.timo.bmrs.nl
volumes:
data:
config:
networks:
proxy:
name: proxy
external: true

View File

@@ -1,15 +0,0 @@
services:
dozzle:
image: amir20/dozzle:latest
container_name: dozzle
restart: unless-stopped
volumes:
- /run/user/1000/docker.sock:/var/run/docker.sock:ro
environment:
DOZZLE_ENABLE_ACTIONS: true
DOZZLE_AUTH_PROVIDER: forward-proxy
networks:
default:
external: true
name: proxy

File diff suppressed because it is too large Load Diff

View File

@@ -1,40 +0,0 @@
services:
forgejo:
image: codeberg.org/forgejo/forgejo:9
container_name: forgejo
restart: unless-stopped
depends_on:
- db
ports:
- 222:22
volumes:
- data:/data
- ./config/app.ini:/etc/forgejo/app.ini
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
environment:
FORGEJO__database__DB_TYPE: postgres
FORGEJO__database__HOST: "forgejo-db"
FORGEJO__database__NAME: forgejo
FORGEJO__database__USER: forgejo
FORGEJO__database__PASSWD: ${DB_PASSWORD}
db:
image: postgres:14
container_name: forgejo-db
restart: unless-stopped
volumes:
- data_db:/var/lib/postgresql/data
environment:
POSTGRES_USER: forgejo
POSTGRES_PASSWORD: ${DB_PASSWORD}
POSTGES_DB: forgejo
volumes:
data:
data_db:
networks:
default:
name: proxy
external: true

View File

@@ -1,15 +0,0 @@
# Loads default set of integrations. Do not remove.
default_config:
# Load frontend themes from the themes folder
frontend:
themes: !include_dir_merge_named themes
automation: !include automations.yaml
script: !include scripts.yaml
scene: !include scenes.yaml
http:
use_x_forwarded_for: true
trusted_proxies:
- 172.18.0.0/24

View File

@@ -1,17 +0,0 @@
services:
homeassistant:
image: ghcr.io/home-assistant/home-assistant:stable
container_name: homeassistant
restart: unless-stopped
volumes:
- config:/config
- ./config/configuration.yaml:/config/configuration.yaml
- /etc/localtime:/etc/localtime:ro
volumes:
config:
networks:
default:
name: proxy
external: true

View File

@@ -1 +0,0 @@
logs/

View File

@@ -1,3 +0,0 @@
---
# For configuration options and examples, please see:
# https://gethomepage.dev/configs/bookmarks

View File

@@ -1,10 +0,0 @@
---
# For configuration options and examples, please see:
# https://gethomepage.dev/configs/docker/
# my-docker:
# host: 127.0.0.1
# port: 2375
docker:
socket: /var/run/docker.sock

View File

@@ -1,2 +0,0 @@
---
# sample kubernetes config

View File

@@ -1,56 +0,0 @@
---
# For configuration options and examples, please see:
# https://gethomepage.dev/configs/services
- Primary Services:
- Adguard:
href: https://adguard.timo.bmrs.nl/
description: DNS
icon: adguard-home
server: docker
container: adguardhome
widget:
type: adguard
url: http://adguardhome:3000
username: xeovalyte
password: {{HOMEPAGE_VAR_ADGUARD_PASSWORD}}
- Forgejo:
href: https://git.timo.bmrs.nl/
description: Git
icon: forgejo
server: docker
container: forgejo
- Uptime Kuma:
href: https://uptime.timo.bmrs.nl/
description: Uptime monitoring
icon: uptime-kuma
server: docker
container: uptime-kuma
- Vaultwarden:
href: https://bitwarden.timo.bmrs.nl/
description: Password manager
icon: bitwarden
server: docker
container: vaultwarden
- Backend Services:
- Authelia:
description: SSO
icon: authelia
server: docker
container: authelia
- Caddy:
description: Reverse proxy
icon: caddy
server: docker
container: caddy
- LLDAP:
description: Active directory
href: https://ldap.timo.bmrs.nl/
server: docker
container: lldap

View File

@@ -1,21 +0,0 @@
---
# For configuration options and examples, please see:
# https://gethomepage.dev/configs/settings
providers:
openweathermap: openweathermapapikey
weatherapi: weatherapiapikey
title: Xeovalyte's Dashboard
color: slate
headerStyle: boxedWidgets
layout:
Primary Services:
style: row
columns: 3
Backend Services:
style: row
columns: 4

View File

@@ -1,12 +0,0 @@
---
# For configuration options and examples, please see:
# https://gethomepage.dev/configs/service-widgets
- resources:
cpu: true
memory: true
disk: /
- search:
provider: duckduckgo
target: _blank

View File

@@ -1,19 +0,0 @@
services:
homepage:
image: ghcr.io/gethomepage/homepage:latest
container_name: homepage
restart: unless-stopped
volumes:
- ./config:/app/config
- logs:/app/config/logs
- /run/user/1000/docker.sock:/var/run/docker.sock
environment:
HOMEPAGE_VAR_ADGUARD_PASSWORD: $ADGUARD_PASSWORD
volumes:
logs:
networks:
default:
name: proxy
external: true

View File

@@ -1,78 +0,0 @@
services:
immich:
image: ghcr.io/immich-app/immich-server:release
container_name: immich
restart: unless-stopped
volumes:
- data:/usr/src/app/upload
- /etc/localtime:/etc/localtime:ro
environment:
DB_HOSTNAME: "immich-db"
env_file:
- .env
depends_on:
- redis
- db
immich-machine-learning:
image: ghcr.io/immich-app/immich-machine-learning:release
container_name: immich-machine-learning
restart: unless-stopped
volumes:
- cache:/cache
env_file:
- .env
redis:
image: docker.io/redis:6.2-alpine@sha256:2ba50e1ac3a0ea17b736ce9db2b0a9f6f8b85d4c27d5f5accc6a416d8f42c6d5
container_name: immich-redis
restart: unless-stopped
healthcheck:
test: redis-cli ping || exit 1
volumes:
- data_redis:/data
db:
image: docker.io/tensorchord/pgvecto-rs:pg14-v0.2.0@sha256:90724186f0a3517cf6914295b5ab410db9ce23190a2d9d0b9dd6463e3fa298f0
container_name: immich-db
restart: unless-stopped
volumes:
# Do not edit the next line. If you want to change the database storage location on your system, edit the value of DB_DATA_LOCATION in the .env file
- data_db:/var/lib/postgresql/data
healthcheck:
test: pg_isready --dbname='${DB_DATABASE_NAME}' --username='${DB_USERNAME}' || exit 1; Chksum="$$(psql --dbname='${DB_DATABASE_NAME}' --username='${DB_USERNAME}' --tuples-only --no-align --command='SELECT COALESCE(SUM(checksum_failures), 0) FROM pg_stat_database')"; echo "checksum failure count is $$Chksum"; [ "$$Chksum" = '0' ] || exit 1
interval: 5m
start_interval: 30s
start_period: 5m
command:
[
'postgres',
'-c',
'shared_preload_libraries=vectors.so',
'-c',
'search_path="$$user", public, vectors',
'-c',
'logging_collector=on',
'-c',
'max_wal_size=2GB',
'-c',
'shared_buffers=512MB',
'-c',
'wal_compression=on',
]
environment:
POSTGRES_PASSWORD: ${DB_PASSWORD}
POSTGRES_USER: ${DB_USERNAME}
POSTGRES_DB: ${DB_DATABASE_NAME}
POSTGRES_INITDB_ARGS: '--data-checksums'
volumes:
data:
data_db:
data_redis:
cache:
networks:
default:
name: proxy
external: true

View File

@@ -1,4 +0,0 @@
# Nextcloud
1. Configure environment variables
2. Update office configuration

View File

@@ -1,54 +0,0 @@
services:
nextcloud:
image: nextcloud:apache
container_name: nextcloud
restart: unless-stopped
volumes:
- data:/var/www/html
environment:
POSTGRES_HOST: nextcloud-db
POSTGRES_PASSWORD: ${POSTGRES_PASSWORD}
POSTGRES_DB: nextcloud
POSTGRES_USER: nextcloud
REDIS_HOST: nextcloud-redis
TRUSTED_PROXIES: "172.23.0.0/24"
depends_on:
- db
- redis
db:
image: postgres:16
container_name: nextcloud-db
restart: unless-stopped
volumes:
- data_db:/var/lib/postgresql/data
environment:
POSTGRES_PASSWORD: ${POSTGRES_PASSWORD}
POSTGRES_DB: nextcloud
POSTGRES_USER: nextcloud
redis:
image: redis:alpine
container_name: nextcloud-redis
restart: unless-stopped
volumes:
- data_redis:/data
office:
image: collabora/code
container_name: nextcloud-office
restart: unless-stopped
environment:
DOMAIN: "cloud.timo.bmrs.nl"
extra_params: "--o:ssl.enable=false --o:ssl.termination=true"
volumes:
data:
data_db:
data_redis:
networks:
default:
name: proxy
external: true

View File

@@ -1,3 +0,0 @@
# Paperless NGX
- Create super user: `docker compose exec paperless-ngx python3 manage.py createsuperuser`
- Follow [Paperless wiki](https://www.authelia.com/integration/openid-connect/paperless/) for configuring oauth

View File

@@ -1,50 +0,0 @@
services:
paperless-ngx:
image: ghcr.io/paperless-ngx/paperless-ngx:latest
container_name: paperless-ngx
restart: unless-stopped
depends_on:
- broker
- db
volumes:
- data:/usr/src/paperless/data
- media:/usr/src/paperless/media
environment:
PAPERLESS_REDIS: redis://paperless-ngx-broker:6379
PAPERLESS_DBHOST: paperless-ngx-db
PAPERLESS_DBPASS: ${POSTGRES_PASSWORD}
PAPERLESS_URL: https://paperless.timo.bmrs.nl
PAPERLESS_DISABLE_REGULAR_LOGIN: true
PAPERLESS_APPS: allauth.socialaccount.providers.openid_connect
PAPERLESS_SOCIALACCOUNT_PROVIDERS: ${PAPERLESS_SOCIALACCOUNT_PROVIDERS}
broker:
image: docker.io/library/redis:7
container_name: paperless-ngx-broker
restart: unless-stopped
volumes:
- data_redis:/data
db:
image: docker.io/library/postgres:16
container_name: paperless-ngx-db
restart: unless-stopped
volumes:
- data_db:/var/lib/postgresql/data
environment:
POSTGRES_DB: paperless
POSTGRES_USER: paperless
POSTGRES_PASSWORD: ${POSTGRES_PASSWORD}
volumes:
data:
data_db:
data_redis:
media:
networks:
default:
name: proxy
external: true

File diff suppressed because it is too large Load Diff

View File

@@ -1,54 +0,0 @@
[uwsgi]
# Who will run the code
uid = searxng
gid = searxng
# Number of workers (usually CPU count)
# default value: %k (= number of CPU core, see Dockerfile)
workers = %k
# Number of threads per worker
# default value: 4 (see Dockerfile)
threads = 4
# The right granted on the created socket
chmod-socket = 666
# Plugin to use and interpreter config
single-interpreter = true
master = true
plugin = python3
lazy-apps = true
enable-threads = 4
# Module to import
module = searx.webapp
# Virtualenv and python path
pythonpath = /usr/local/searxng/
chdir = /usr/local/searxng/searx/
# automatically set processes name to something meaningful
auto-procname = true
# Disable request logging for privacy
disable-logging = true
log-5xx = true
# Set the max size of a request (request-body excluded)
buffer-size = 8192
# No keep alive
# See https://github.com/searx/searx-docker/issues/24
add-header = Connection: close
# Follow SIGTERM convention
# See https://github.com/searxng/searxng/issues/3427
die-on-term
# uwsgi serves the static files
static-map = /static=/usr/local/searxng/searx/static
# expires set to one day
static-expires = /* 86400
static-gzip-all = True
offload-threads = 4

View File

@@ -1,15 +0,0 @@
services:
searxng:
image: searxng/searxng
container_name: searxng
restart: unless-stopped
volumes:
- ./config:/etc/searxng
environment:
BASE_URL: "https://search.timo.bmrs.nl/"
SEARXNG_SECRET: "PO8rO5ZW7K67sroemisMS8wpiq5pXEHecvXzGs4CdAgTQIQvAI09m65vFKGVVkZW"
networks:
default:
external: true
name: proxy

View File

@@ -1,15 +0,0 @@
services:
uptime-kuma:
image: louislam/uptime-kuma:1
container_name: uptime-kuma
restart: unless-stopped
volumes:
- data:/app/data
volumes:
data:
networks:
default:
name: proxy
external: true

View File

@@ -1,17 +0,0 @@
services:
vaultwarden:
image: vaultwarden/server:latest
container_name: vaultwarden
restart: unless-stopped
volumes:
- data:/data
environment:
SIGNUPS_ALLOWED: "true"
volumes:
data:
networks:
default:
name: proxy
external: true

View File

@@ -0,0 +1,58 @@
{ pkgs, ... }:
{
imports = [
# Import hardware configuration
./hardware-configuration.nix
# Import modules
../../modules/system
];
settings = {
hostname = "ch-clt-dsk01";
display-manager = "gdm";
desktop-environments = {
cosmic.enable = false;
hyprland.enable = false;
gnome.enable = true;
};
applications = {
common.enable = true;
steam.enable = true;
thunar.enable = false;
};
services = {
docker.enable = false;
quickemu.enable = false;
sunshine.enable = false;
garbage-collection.enable = true;
};
hardware = {
fprint.enable = false;
printing.enable = true;
bluetooth.enable = false;
firewall.enable = true;
locale.enable = true;
nvidia.enable = true;
};
};
# Users
users.users.kiiwy = {
isNormalUser = true;
description = "Christa Boomers";
extraGroups = [ "networkmanager" "wheel" "dialout" ];
};
# Bootloader
boot.loader.efi.canTouchEfiVariables = true;
boot.loader.grub = {
enable = true;
efiSupport = true;
device = "nodev";
configurationLimit = 32;
};
system.stateVersion = "24.11";
}

View File

@@ -0,0 +1,61 @@
{ pkgs, lib, ... }:
{
imports = [
# Modules
../../modules/home/default.nix
];
config = {
home = {
username = "kiiwy";
homeDirectory = "/home/kiiwy";
};
settings = {
host = "c-clt-dsk01";
applications.common.enable = true;
applications.alacritty.enable = true;
applications.devenv.enable = false;
applications.firefox.enable = true;
applications.git.enable = true;
applications.helix.enable = true;
applications.zsh.enable = true;
applications.ssh.enable = true;
applications.thunderbird.enable = false;
applications.yazi.enable = false;
applications.zellij.enable = false;
applications.wezterm.enable = false;
services.nextcloud-sync.enable = false;
theming.fonts.enable = true;
theming.stylix.enable = true;
theming.stylix.wallpaper = "kiiwy.png";
theming.stylix.theme = "theme";
desktop-environments.hyprland.enable = false;
};
home.packages = with pkgs; [
# Desktop Applications
prismlauncher
unstable.signal-desktop
unstable.vesktop
unstable.webcord
unstable.prusa-slicer
blender
brave
# Office
libreoffice
];
# Enable home-manager
programs.home-manager.enable = true;
home.stateVersion = "24.05";
};
}

View File

@@ -1,75 +0,0 @@
{ pkgs, ... }:
{
imports = [
# Include the results of the hardware scan.
./hardware-configuration.nix
# Import modules
../../modules/system/default.nix
];
settings = {
display-manager = "cosmic-greeter";
desktop-environments = {
cosmic.enable = true;
hyprland.enable = false;
gnome.enable = false;
};
applications = {
common.enable = true;
steam.enable = true;
thunar.enable = false;
};
services = {
docker.enable = false;
quickemu.enable = false;
sunshine.enable = false;
garbage-collection.enable = true;
};
hardware = {
fprint.enable = false;
printing.enable = true;
bluetooth.enable = false;
firewall.enable = true;
locale.enable = true;
nvidia.enable = true;
};
};
nix.settings = {
experimental-features = [ "nix-command" "flakes" ];
substituters = [
"https://nix-community.cachix.org"
"https://cosmic.cachix.org/"
];
trusted-public-keys = [
"cosmic.cachix.org-1:Dya9IyXD4xdBehWjrkPv6rtxpmMdRel02smYzA85dPE="
];
};
# Bootloader.
boot.loader.efi.canTouchEfiVariables = true;
boot.loader.grub = {
enable = true;
efiSupport = true;
device = "nodev";
};
# Networking configuration
networking.hostName = "xv-desktop"; # Define your hostname.
networking.interfaces.enp7s0.wakeOnLan.enable = true;
users.users.xeovalyte = {
isNormalUser = true;
description = "Timo Boomers";
extraGroups = [ "networkmanager" "wheel" "dialout" "fuse" ];
};
services.openssh.enable = true;
system.stateVersion = "24.05";
}

View File

@@ -1,80 +0,0 @@
{ pkgs, ... }:
{
imports = [
# Import hardware configuration
./hardware-configuration.nix
# Import modules
../../modules/system/default.nix
];
settings = {
display-manager = "cosmic-greeter";
desktop-environments = {
cosmic.enable = true;
hyprland.enable = true;
gnome.enable = false;
};
applications = {
common.enable = true;
steam.enable = true;
thunar.enable = true;
};
services = {
docker.enable = true;
quickemu.enable = true;
sunshine.enable = false;
garbage-collection.enable = true;
};
hardware = {
fprint.enable = true;
printing.enable = true;
bluetooth.enable = true;
firewall.enable = true;
locale.enable = true;
nvidia.enable = false;
};
};
nix.settings = {
experimental-features = [ "nix-command" "flakes" ];
substituters = [
"https://nix-community.cachix.org"
"https://cosmic.cachix.org/"
];
trusted-public-keys = [
"cosmic.cachix.org-1:Dya9IyXD4xdBehWjrkPv6rtxpmMdRel02smYzA85dPE="
];
};
# Bootloader.
boot.loader.efi.canTouchEfiVariables = true;
boot.loader.grub = {
enable = true;
efiSupport = true;
device = "nodev";
configurationLimit = 32;
};
networking.hostName = "xv-laptop"; # Define your hostname.
users.users.xeovalyte = {
isNormalUser = true;
description = "Timo Boomers";
extraGroups = [ "networkmanager" "wheel" "dialout" ];
};
nix.settings.trusted-users = [ "root" "xeovalyte" ];
# Prevent system freeze on high load
services.earlyoom = {
enable = true;
};
boot.kernelPackages = pkgs.linuxPackages_latest;
system.stateVersion = "24.05";
}

View File

@@ -0,0 +1,69 @@
# Edit this configuration file to define what should be installed on
# your system. Help is available in the configuration.nix(5) man page
# and in the NixOS manual (accessible by running nixos-help).
{ modulesPath, ... }:
{
imports = [
./hardware-configuration.nix
# Include the container-specific autogenerated configuration.
../../modules/system/default.nix
];
settings = {
hostname = "p-th-rpi-01";
display-manager = "none";
desktop-environments = {
cosmic.enable = false;
hyprland.enable = false;
gnome.enable = false;
};
applications = {
common.enable = true;
steam.enable = false;
thunar.enable = false;
};
services = {
docker.enable = false;
podman.enable = true;
quickemu.enable = false;
sunshine.enable = false;
garbage-collection.enable = true;
incus.enable = false;
ssh.enable = true;
};
hardware = {
fprint.enable = false;
printing.enable = false;
bluetooth.enable = false;
firewall.enable = true;
locale.enable = true;
nvidia.enable = false;
};
};
users.users.deploy = {
isNormalUser = true;
description = "Deploy";
extraGroups = [ "networkmanager" "wheel" "dialout" ];
linger = true;
};
# networking
networking = {
dhcpcd.enable = false;
useDHCP = false;
useHostResolvConf = false;
};
networking.hosts = {
"127.0.0.1" = [ "tbmrs.nl" ];
};
networking.firewall = {
enable = true;
allowedTCPPorts = [ 1080 1443 1053 ];
allowedUDPPorts = [ 1080 1443 1053 ];
};
}

View File

@@ -0,0 +1,76 @@
{ pkgs, ... }:
{
imports = [
# Modules
../../modules/home/default.nix
];
config = {
home = {
username = "deploy";
homeDirectory = "/home/deploy";
};
settings = {
host = "p-th-rpi-01";
applications.common.enable = false;
applications.alacritty.enable = false;
applications.devenv.enable = false;
applications.firefox.enable = false;
applications.git.enable = false;
applications.helix.enable = true;
applications.zsh.enable = true;
applications.ssh.enable = true;
applications.thunderbird.enable = false;
applications.yazi.enable = true;
applications.zellij.enable = true;
applications.wezterm.enable = false;
services.nextcloud-sync.enable = false;
services.podman.enable = true;
services.sops.enable = true;
theming.fonts.enable = false;
theming.stylix.enable = false;
theming.stylix.wallpaper = "wallpaper-2.png";
theming.stylix.theme = "da-one-ocean";
desktop-environments.hyprland.enable = false;
containers = {
network.enable = true;
nginx.enable = false;
caddy.enable = true;
kanidm.enable = false;
forgejo.enable = false;
immich.enable = false;
homepage.enable = false;
uptime-kuma.enable = false;
pingvin-share.enable = false;
vaultwarden.enable = false;
paperless-ngx.enable = false;
beszel.enable = false;
storage.enable = false;
homeassistant.enable = false;
karakeep.enable = false;
vikunja.enable = false;
stalwart.enable = false;
linkding.enable = false;
static.enable = true;
};
};
home.packages = with pkgs; [
unstable.helix
lazygit
];
# Enable home-manager
programs.home-manager.enable = true;
home.stateVersion = "24.05";
};
}

View File

@@ -1,48 +0,0 @@
{ config, pkgs, ... }:
{
imports = [
./hardware-configuration.nix
# CLI
../../modules/system/cli/common.nix
../../modules/system/cli/docker.nix
# Hardware
../../modules/system/hardware/firewall.nix
../../modules/system/hardware/garbage-collection.nix
../../modules/system/hardware/locale.nix
];
nix.settings = {
experimental-features = [ "nix-command" "flakes" ];
substituters = [
"https://nix-community.cachix.org"
];
};
# Bootloader.
boot.loader.efi.canTouchEfiVariables = true;
boot.loader.systemd-boot.enable = true;
networking.hostName = "pm01vm01"; # Define your hostname.
users.users.xeovalyte = {
isNormalUser = true;
description = "Timo Boomers";
extraGroups = [ "networkmanager" "wheel" ];
};
# Enable ssh
services.openssh.enable = true;
# Forward ports
networking.firewall = {
allowedTCPPorts = [ 80 443 53 ];
allowedUDPPorts = [ 53 ];
};
system.stateVersion = "24.05";
}

View File

@@ -1,37 +0,0 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
imports =
[ (modulesPath + "/profiles/qemu-guest.nix")
];
boot.initrd.availableKernelModules = [ "xhci_pci" "ohci_pci" "ehci_pci" "virtio_pci" "ahci" "usbhid" "sr_mod" "virtio_blk" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-amd" ];
boot.extraModulePackages = [ ];
fileSystems."/" =
{ device = "/dev/disk/by-uuid/47301fe6-a7db-4ffd-854a-beddd53b6d99";
fsType = "ext4";
};
fileSystems."/boot" =
{ device = "/dev/disk/by-uuid/6A5B-F811";
fsType = "vfat";
options = [ "fmask=0077" "dmask=0077" ];
};
swapDevices = [ ];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true;
# networking.interfaces.enp0s8.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
}

View File

@@ -1,48 +0,0 @@
{ pkgs, lib, config, ... }:
{
imports = [
# Gui
../../modules/home/gui/theming.nix
# CLI
../../modules/home/cli/common
../../modules/home/cli/yazi.nix
];
options = {
host = lib.mkOption {
type = with lib.types; str;
description = ''
Define the host of the machine
'';
};
headless = lib.mkOption {
type = with lib.types; bool;
description = ''
Is this machine headless?
'';
};
};
config = {
home = {
username = "xeovalyte";
homeDirectory = "/home/xeovalyte";
};
host = "pm01vm01";
headless = true;
home.packages = with pkgs; [
];
# Enable home-manager
programs.home-manager.enable = true;
home.stateVersion = "24.05";
};
}

View File

@@ -0,0 +1,97 @@
{ inputs, outputs, pkgs, lib, ... }:
{
imports = [
./hardware-configuration.nix
../../modules/system
];
settings = {
hostname = "ti-clt-dsk01";
display-manager = "greetd";
desktop-environments = {
cosmic.enable = false;
hyprland.enable = false;
gnome.enable = false;
niri.enable = true;
};
applications = {
common.enable = true;
steam.enable = true;
thunar.enable = false;
};
services = {
docker.enable = true;
quickemu.enable = false;
sunshine.enable = true;
garbage-collection.enable = true;
ssh.enable = true;
};
hardware = {
fprint.enable = false;
printing.enable = true;
bluetooth.enable = true;
firewall.enable = true;
locale.enable = true;
nvidia.enable = true;
};
};
# Users
users.users.xeovalyte = {
isNormalUser = true;
description = "Timo Boomers";
extraGroups = [ "wheel" ];
};
# Boot
boot.loader.efi.canTouchEfiVariables = true;
boot.loader.grub = {
enable = true;
efiSupport = true;
device = "nodev";
};
# Networking
networking.interfaces.enp7s0.wakeOnLan.enable = true;
networking.hosts = {
"192.168.100.118" = [
"tbmrs.nl"
"auth.tbmrs.nl"
"git.tbmrs.nl"
"photos.tbmrs.nl"
"home.tbmrs.nl"
"uptime.tbmrs.nl"
"share.tbmrs.nl"
"files.tbmrs.nl"
"mail.tbmrs.nl"
"vault.local.tbmrs.nl"
"paperless.local.tbmrs.nl"
"monitor.local.tbmrs.nl"
"syncthing.local.tbmrs.nl"
"home-assistant.local.tbmrs.nl"
"tasks.local.tbmrs.nl"
"links.local.tbmrs.nl"
"stream.local.tbmrs.nl"
];
};
# Temp keyboard override
environment.systemPackages = with pkgs; [
via
vial
];
services.udev.packages = with pkgs; [
via
vial
];
# manual udev override
# services.udev.extraRules = ''
# KERNEL=="hidraw*", SUBSYSTEM=="hidraw", ATTRS{serial}=="*vial:f64c2b3c*", ATTRS{idVendor}=="320f", ATTRS{idProduct}=="5055", MODE="0660", GROUP="users", TAG+="uaccess", TAG+="udev-acl"
# '';
# state version
system.stateVersion = "24.11";
}

View File

@@ -6,62 +6,76 @@
../../modules/home/default.nix
];
options = {
host = lib.mkOption {
type = with lib.types; str;
description = ''
Define the host of the machine
'';
};
headless = lib.mkOption {
type = with lib.types; bool;
description = ''
Is this machine headless?
'';
};
};
config = {
home = {
username = "xeovalyte";
homeDirectory = "/home/xeovalyte";
};
host = "xv-desktop";
headless = false;
home.packages = with pkgs; [
unstable.prismlauncher
unstable.vesktop
unstable.baobab
];
# Enable home-manager
programs.home-manager.enable = true;
settings = {
host = "ti-clt-dsk01";
applications.common.enable = true;
applications.alacritty.enable = false;
applications.devenv.enable = true;
applications.firefox.enable = true;
applications.git.enable = true;
applications.helix.enable = true;
applications.helix = {
enable = true;
markdown = true;
rust = true;
systemverilog = true;
nix = true;
latex = true;
vue = true;
};
applications.zsh.enable = true;
applications.ssh.enable = true;
applications.thunderbird.enable = true;
applications.yazi.enable = true;
applications.zellij.enable = true;
applications.wezterm.enable = true;
applications.typst.enable = true;
applications.obs-studio.enable = true;
services.nextcloud-sync.enable = true;
theming.fonts.enable = true;
theming.nix-colors.enable = false;
theming.stylix.enable = true;
theming.stylix.wallpaper = "wallpaper-2.png";
theming.stylix.theme = "da-one-ocean";
desktop-environments.hyprland.enable = false;
desktop-environments.niri.enable = true;
};
home.packages = with pkgs; [
unstable.prismlauncher
vesktop
unstable.rnote
unstable.inkscape
unstable.gimp
unstable.brave
unstable.freecad
hoppscotch
unstable.blender
unstable.signal-desktop
unstable.ladybird
unstable.prusa-slicer
unstable.surfer # waveform viewer
pomodoro-gtk
# Office
libreoffice
# Scripts
(import ../../modules/scripts/save_image.nix { inherit pkgs; })
];
# Enable home-manager
programs.home-manager.enable = true;
home.stateVersion = "24.05";
};
}

View File

@@ -0,0 +1,109 @@
{ pkgs, ... }:
{
imports = [
# Import hardware configuration
./hardware-configuration.nix
# Import modules
../../modules/system
];
settings = {
hostname = "ti-clt-lpt01";
display-manager = "greetd";
desktop-environments = {
cosmic.enable = false;
hyprland.enable = false;
gnome.enable = false;
niri.enable = true;
};
applications = {
common.enable = true;
steam.enable = true;
thunar.enable = true;
};
services = {
docker.enable = false;
quickemu.enable = true;
sunshine.enable = false;
garbage-collection.enable = true;
incus.enable = true;
};
hardware = {
fprint.enable = true;
printing.enable = true;
bluetooth.enable = true;
firewall.enable = true;
locale.enable = true;
nvidia.enable = false;
};
};
# Users
users.users.xeovalyte = {
isNormalUser = true;
description = "Timo Boomers";
extraGroups = [ "networkmanager" "wheel" "dialout" "adbusers" ];
};
networking.networkmanager.enable = true;
programs.nix-ld.enable = true;
programs.adb.enable = true;
services.power-profiles-daemon.enable = true;
# Boot.
boot.loader.efi.canTouchEfiVariables = true;
boot.loader.grub = {
enable = true;
efiSupport = true;
device = "nodev";
configurationLimit = 32;
};
boot.kernelPackages = pkgs.linuxPackages_latest;
boot.supportedFilesystems = [ "nfs" ];
# Networking
networking.hosts = {
"127.0.0.1" = [
"tbmrs.nl"
"auth.tbmrs.nl"
"git.tbmrs.nl"
"photos.tbmrs.nl"
"home.tbmrs.nl"
"uptime.tbmrs.nl"
"share.tbmrs.nl"
"vault.local.tbmrs.nl"
"paperless.local.tbmrs.nl"
"monitor.local.tbmrs.nl"
];
};
networking.firewall = {
enable = true;
allowedTCPPorts = [ 22 80 443 53 ];
allowedUDPPorts = [ 80 443 53 ];
};
# Obs
programs.obs-studio = {
enable = true;
# optional Nvidia hardware acceleration
package = (
pkgs.obs-studio.override {
cudaSupport = true;
}
);
plugins = with pkgs.obs-studio-plugins; [
wlrobs
obs-vaapi #optional AMD hardware acceleration
obs-gstreamer
obs-vkcapture
];
};
system.stateVersion = "24.05";
}

View File

@@ -1,4 +1,4 @@
{ pkgs, lib, ... }:
{ pkgs, lib, inputs, ... }:
{
imports = [
@@ -6,58 +6,53 @@
../../modules/home/default.nix
];
options = {
host = lib.mkOption {
type = with lib.types; str;
description = ''
Define the host of the machine
'';
};
headless = lib.mkOption {
type = with lib.types; bool;
description = ''
Is this machine headless?
'';
};
};
config = {
home = {
username = "xeovalyte";
homeDirectory = "/home/xeovalyte";
};
host = "xv-laptop";
headless = false;
settings = {
host = "ti-clt-lpt01";
applications.common.enable = true;
applications.alacritty.enable = true;
applications.devenv.enable = true;
applications.firefox.enable = true;
applications.git.enable = true;
applications.helix.enable = true;
applications.helix = {
enable = true;
markdown = true;
rust = true;
systemverilog = true;
nix = true;
latex = true;
vue = true;
};
applications.zsh.enable = true;
applications.ssh.enable = true;
applications.thunderbird.enable = true;
applications.yazi.enable = true;
applications.zellij.enable = true;
applications.wezterm.enable = true;
applications.nushell.enable = false;
applications.typst.enable = true;
# applications.obs-studio.enable = true;
services.nextcloud-sync.enable = true;
theming.fonts.enable = true;
theming.nix-colors.enable = false;
theming.stylix.enable = true;
theming.stylix.wallpaper = "wallpaper-2.png";
theming.stylix.theme = "da-one-ocean";
desktop-environments.hyprland.enable = false;
desktop-environments.niri.enable = true;
};
home.packages = with pkgs; [
# Desktop Applications
kdenlive
prismlauncher
unstable.joplin-desktop
unstable.prusa-slicer
signal-desktop
unstable.vesktop
@@ -67,6 +62,12 @@
loupe
unstable.rnote
unstable.bottles
unstable.hoppscotch
unstable.apostrophe
unstable.surfer # waveform viewer
unstable.vscode
pomodoro-gtk
unstable.brave
# Office
libreoffice
@@ -74,10 +75,8 @@
# Image editing
gimp
inkscape
unstable.obs-studio
# Development
unstable.drawio
unstable.moonlight-qt
# Scripts
(import ../../modules/scripts/save_image.nix { inherit pkgs; })
@@ -88,5 +87,4 @@
home.stateVersion = "24.05";
};
}

View File

@@ -6,10 +6,11 @@
./hardware-configuration.nix
# Import modules
../../modules/system/default.nix
../../modules/system
];
settings = {
hostname = "ti-clt-tbl01";
display-manager = "gdm";
desktop-environments = {
cosmic.enable = false;
@@ -37,17 +38,11 @@
};
};
nix.settings = {
experimental-features = [ "nix-command" "flakes" ];
substituters = [
"https://nix-community.cachix.org"
"https://cosmic.cachix.org/"
];
trusted-public-keys = [
"cosmic.cachix.org-1:Dya9IyXD4xdBehWjrkPv6rtxpmMdRel02smYzA85dPE="
];
# Users
users.users.xeovalyte = {
isNormalUser = true;
description = "Timo Boomers";
extraGroups = [ "networkmanager" "wheel" "dialout" ];
};
# Bootloader.
@@ -58,24 +53,8 @@
device = "nodev";
configurationLimit = 32;
};
networking.hostName = "xv-laptop"; # Define your hostname.
users.users.xeovalyte = {
isNormalUser = true;
description = "Timo Boomers";
extraGroups = [ "networkmanager" "wheel" "dialout" ];
};
nix.settings.trusted-users = [ "root" "xeovalyte" ];
# Prevent system freeze on high load
services.earlyoom = {
enable = true;
};
boot.kernelPackages = lib.mkForce pkgs.linuxPackages_latest;
system.stateVersion = "24.05";
system.stateVersion = "24.11";
}

View File

@@ -14,18 +14,18 @@
boot.extraModulePackages = [ ];
fileSystems."/" =
{ device = "/dev/disk/by-uuid/09e81450-2741-4218-a2e5-780515cd90b9";
{ device = "/dev/disk/by-uuid/4d44a7fb-9a4f-4d55-8daf-1c93f08485dd";
fsType = "ext4";
};
fileSystems."/boot" =
{ device = "/dev/disk/by-uuid/FC00-C9A3";
{ device = "/dev/disk/by-uuid/30EC-F045";
fsType = "vfat";
options = [ "fmask=0077" "dmask=0077" ];
};
swapDevices =
[ { device = "/dev/disk/by-uuid/30618725-d8ff-40c9-b218-6b1f7aaf9155"; }
[ { device = "/dev/disk/by-uuid/e803d3e2-28f0-427d-88e2-e0daf62f47fa"; }
];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking

View File

@@ -6,32 +6,15 @@
../../modules/home/default.nix
];
options = {
host = lib.mkOption {
type = with lib.types; str;
description = ''
Define the host of the machine
'';
};
headless = lib.mkOption {
type = with lib.types; bool;
description = ''
Is this machine headless?
'';
};
};
config = {
home = {
username = "xeovalyte";
homeDirectory = "/home/xeovalyte";
};
host = "xv-surface";
headless = false;
settings = {
host = "ti-clt-tbl01";
applications.common.enable = true;
applications.alacritty.enable = false;
applications.devenv.enable = false;
@@ -43,11 +26,14 @@
applications.thunderbird.enable = false;
applications.yazi.enable = true;
applications.zellij.enable = false;
applications.wezterm.enable = false;
services.nextcloud-sync.enable = true;
theming.fonts.enable = true;
theming.nix-colors.enable = true;
theming.stylix.enable = true;
theming.stylix.wallpaper = "wallpaper-2.png";
theming.stylix.theme = "da-one-ocean";
desktop-environments.hyprland.enable = false;
};
@@ -55,9 +41,8 @@
home.packages = with pkgs; [
# Desktop Applications
unstable.rnote
# Office
libreoffice
unstable.xournalpp
unstable.koreader
];
# Enable home-manager
@@ -65,5 +50,4 @@
home.stateVersion = "24.05";
};
}

View File

@@ -0,0 +1,84 @@
# Edit this configuration file to define what should be installed on
# your system. Help is available in the configuration.nix(5) man page
# and in the NixOS manual (accessible by running nixos-help).
{ modulesPath, lib, ... }:
{
imports = [
# Include the default incus configuration.
"${modulesPath}/virtualisation/lxc-container.nix"
# Include the container-specific autogenerated configuration.
../../modules/system/default.nix
];
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
settings = {
hostname = "v-th-ctr-01";
display-manager = "none";
desktop-environments = {
cosmic.enable = false;
hyprland.enable = false;
gnome.enable = false;
};
applications = {
common.enable = true;
steam.enable = false;
thunar.enable = false;
};
services = {
docker.enable = false;
podman.enable = true;
quickemu.enable = false;
sunshine.enable = false;
garbage-collection.enable = true;
incus.enable = false;
ssh.enable = true;
};
hardware = {
fprint.enable = false;
printing.enable = false;
bluetooth.enable = false;
firewall.enable = true;
locale.enable = true;
nvidia.enable = false;
};
};
users.users.deploy = {
isNormalUser = true;
description = "Deploy";
extraGroups = [ "networkmanager" "wheel" "dialout" ];
linger = true;
};
# networking
networking = {
dhcpcd.enable = false;
useDHCP = false;
useHostResolvConf = false;
};
networking.hosts = {
"127.0.0.1" = [ "tbmrs.nl" ];
};
networking.firewall = {
enable = true;
allowedTCPPorts = [ 1080 1443 1053 ];
allowedUDPPorts = [ 1080 1443 1053 ];
};
systemd.network = {
enable = true;
networks."50-eth0" = {
matchConfig.Name = "eth0";
networkConfig = {
DHCP = "ipv4";
IPv6AcceptRA = true;
};
linkConfig.RequiredForOnline = "routable";
};
};
}

View File

@@ -0,0 +1,76 @@
{ pkgs, ... }:
{
imports = [
# Modules
../../modules/home/default.nix
];
config = {
home = {
username = "deploy";
homeDirectory = "/home/deploy";
};
settings = {
host = "v-th-ctr-01";
applications.common.enable = false;
applications.alacritty.enable = false;
applications.devenv.enable = false;
applications.firefox.enable = false;
applications.git.enable = false;
applications.helix.enable = true;
applications.zsh.enable = true;
applications.ssh.enable = true;
applications.thunderbird.enable = false;
applications.yazi.enable = true;
applications.zellij.enable = true;
applications.wezterm.enable = false;
services.nextcloud-sync.enable = false;
services.podman.enable = true;
services.sops.enable = true;
theming.fonts.enable = false;
theming.stylix.enable = false;
theming.stylix.wallpaper = "wallpaper-2.png";
theming.stylix.theme = "da-one-ocean";
desktop-environments.hyprland.enable = false;
containers = {
network.enable = true;
nginx.enable = true;
caddy.enable = true;
kanidm.enable = true;
forgejo.enable = true;
immich.enable = true;
homepage.enable = true;
uptime-kuma.enable = true;
pingvin-share.enable = true;
vaultwarden.enable = true;
paperless-ngx.enable = true;
beszel.enable = true;
storage.enable = true;
homeassistant.enable = true;
karakeep.enable = false;
vikunja.enable = true;
stalwart.enable = true;
linkding.enable = true;
jellyfin.enable = true;
};
};
home.packages = with pkgs; [
unstable.helix
lazygit
];
# Enable home-manager
programs.home-manager.enable = true;
home.stateVersion = "24.05";
};
}

View File

@@ -1,12 +1,39 @@
set unstable
default:
@just --choose
@just --list
rebuild:
update:
git pull
sudo nixos-rebuild switch --flake .
home-manager switch --flake .
clean:
sudo nix-collect-garbage -d
nix-collect-garbage -d
fmt:
nix fmt
alias s := switch
switch:
sudo nixos-rebuild switch --flake .
home-manager switch --flake .
rebuild-system:
alias sw := switch-system
switch-system:
sudo nixos-rebuild switch --flake .
rebuild-home-manager:
alias sh := switch-home-manager
switch-home-manager:
home-manager switch --flake .
alias gc := collect-garbage
collect-garbage:
sudo nix-collect-garbage -d
nix-collect-garbage -d

View File

@@ -17,7 +17,7 @@ in {
config = mkIf cfg.enable {
home.packages = with pkgs; [
vlc
bitwarden
unstable.bitwarden
pavucontrol
];
};

View File

@@ -23,147 +23,158 @@ in {
unstable.firefoxpwa
];
programs.firefox = {
enable = true;
nativeMessagingHosts = [ pkgs.unstable.firefoxpwa ];
policies = {
DisableTelemetry = true;
DisableFirefoxStudies = true;
EnableTrackingProtection = {
Value = true;
Locked = true;
Cryptomining = true;
Fingerprinting = true;
};
DisablePocket = true;
DisableFirefoxAccounts = true;
DisableAccounts = true;
DontCheckDefaultBrowser = true;
DisplayBookmarksToolbar = "newpage";
ExtensionSettings = {
"nl-NL@dictionaries.addons.mozilla.org" = {
install_url = "https://addons.mozilla.org/firefox/downloads/latest/woordenboek-nederlands/latest.xpi";
installation_mode = "force_installed";
stylix.targets.firefox.profileNames = [ "${config.home.username}" ];
programs.firefox = lib.mkMerge [
{
enable = true;
}
(lib.mkIf (config.home.username == "xeovalyte") {
nativeMessagingHosts = [ pkgs.unstable.firefoxpwa ];
policies = {
DisableTelemetry = true;
DisableFirefoxStudies = true;
EnableTrackingProtection = {
Value = true;
Locked = true;
Cryptomining = true;
Fingerprinting = true;
};
"uBlock0@raymondhill.net" = {
install_url = "https://addons.mozilla.org/firefox/downloads/latest/ublock-origin/latest.xpi";
installation_mode = "force_installed";
};
"{446900e4-71c2-419f-a6a7-df9c091e268b}" = {
install_url = "https://addons.mozilla.org/firefox/downloads/latest/bitwarden-password-manager/latest.xpi";
installation_mode = "force_installed";
};
"firefoxpwa@filips.si" = {
install_url = "https://addons.mozilla.org/firefox/downloads/latest/pwas-for-firefox/latest.xpi";
installation_mode = "force_installed";
};
"markdown-viewer@outofindex.com" = {
install_url = "https://addons.mozilla.org/firefox/downloads/latest/markdown-viewer-chrome/latest.xpi";
installation_mode = "force_installed";
DisablePocket = true;
DisableFirefoxAccounts = true;
DisableAccounts = true;
DontCheckDefaultBrowser = true;
DisplayBookmarksToolbar = "newpage";
ExtensionSettings = {
"nl-NL@dictionaries.addons.mozilla.org" = {
install_url = "https://addons.mozilla.org/firefox/downloads/latest/woordenboek-nederlands/latest.xpi";
installation_mode = "force_installed";
};
"uBlock0@raymondhill.net" = {
install_url = "https://addons.mozilla.org/firefox/downloads/latest/ublock-origin/latest.xpi";
installation_mode = "force_installed";
};
"{446900e4-71c2-419f-a6a7-df9c091e268b}" = {
install_url = "https://addons.mozilla.org/firefox/downloads/latest/bitwarden-password-manager/latest.xpi";
installation_mode = "force_installed";
};
"firefoxpwa@filips.si" = {
install_url = "https://addons.mozilla.org/firefox/downloads/latest/pwas-for-firefox/latest.xpi";
installation_mode = "force_installed";
};
"markdown-viewer@outofindex.com" = {
install_url = "https://addons.mozilla.org/firefox/downloads/latest/markdown-viewer-chrome/latest.xpi";
installation_mode = "force_installed";
};
};
};
};
profiles.xeovalyte = {
bookmarks = [
{
name = "Toolbar";
toolbar = true;
bookmarks = [
{
name = "Brightspace";
bookmarks = [
{
name = "Books";
url = "https://drive.google.com/drive/folders/1L5OTbn5p3i7_Nc80hc5PztiEGHKwi-I4";
}
{
name = "LCB";
url = "https://brightspace.tudelft.nl/d2l/le/content/681010/Home";
}
{
name = "Calculus";
url = "https://brightspace.tudelft.nl/d2l/le/content/681024/Home";
}
{
name = "IP1";
url = "https://brightspace.tudelft.nl/d2l/le/content/681020/Home";
}
];
}
];
}
];
search.engines = {
"Nix" = {
urls = [{
template = "https://mynixos.com/search";
params = [
{ name = "q"; value = "{searchTerms}"; }
];
}];
icon = "${pkgs.nixos-icons}/share/icons/hicolor/scalable/apps/nix-snowflake.svg";
definedAliases = [ "@nix" ];
};
"SearXNG" = {
urls = [{
template = "https:/search.xeovalyte.dev/search";
params = [
{ name = "q"; value = "{searchTerms}"; }
];
}];
definedAliases = [ "@searxng" ];
};
"Startpage" = {
urls = [{
template = "https:/startpage.com/sp/search";
params = [
{ name = "q"; value = "{searchTerms}"; }
];
}];
definedAliases = [ "@sp" ];
};
"Bing".metaData.hidden = true;
"Google".metaData.hidden = true;
"eBay".metaData.hidden = true;
};
search.force = true;
search.default = "SearXNG";
settings = {
"browser.disableResetPrompt" = true;
"browser.download.panel.shown" = true;
"browser.download.useDownloadDir" = false;
"browser.newtabpage.activity-stream.showSponsoredTopSites" = false;
"browser.shell.checkDefaultBrowser" = false;
"browser.shell.defaultBrowserCheckCount" = 1;
"dom.security.https_only_mode" = true;
"privacy.trackingProtection.enabled" = true;
"browser.toolbars.bookmarks.visibility" = "newtab";
"browser.translations.neverTranslateLanguages" = "nl";
"browser.newtabpage.pinned" = [
profiles.${config.home.username} = {
bookmarks.force = true;
bookmarks.settings = [
{
label = "Server";
url = "https://home.xeovalyte.dev";
}
{
label = "Youtube";
url = "https://youtube.com";
}
{
label = "My TU Delft";
url = "https://my.tudelft.nl/";
name = "Toolbar";
toolbar = true;
bookmarks = [
{
name = "Brightspace";
bookmarks = [
{
name = "Books";
url = "https://drive.google.com/drive/folders/1L5OTbn5p3i7_Nc80hc5PztiEGHKwi-I4";
}
{
name = "Linear algebra and Differential equations";
url = "https://brightspace.tudelft.nl/d2l/le/content/681028/Home";
}
{
name = "Electrical Energy Fundamentals";
url = "https://brightspace.tudelft.nl/d2l/le/content/681016/Home";
}
{
name = "IP 2";
url = "https://brightspace.tudelft.nl/d2l/le/content/681022/Home";
}
];
}
];
}
];
"signon.rememberSignons" = false;
search.engines = {
"Nix" = {
urls = [{
template = "https://mynixos.com/search";
params = [
{ name = "q"; value = "{searchTerms}"; }
];
}];
icon = "${pkgs.nixos-icons}/share/icons/hicolor/scalable/apps/nix-snowflake.svg";
definedAliases = [ "@nix" ];
};
"SearXNG" = {
urls = [{
template = "https:/search.xeovalyte.dev/search";
params = [
{ name = "q"; value = "{searchTerms}"; }
];
}];
definedAliases = [ "@searxng" ];
};
"Startpage" = {
urls = [{
template = "https:/startpage.com/sp/search";
params = [
{ name = "q"; value = "{searchTerms}"; }
];
}];
definedAliases = [ "@sp" ];
};
"bing".metaData.hidden = true;
"google".metaData.hidden = true;
"ebay".metaData.hidden = true;
};
search.force = true;
search.default = "ddg";
settings = {
"browser.disableResetPrompt" = true;
"browser.download.panel.shown" = true;
"browser.download.useDownloadDir" = false;
"browser.newtabpage.activity-stream.showSponsoredTopSites" = false;
"browser.shell.checkDefaultBrowser" = false;
"browser.shell.defaultBrowserCheckCount" = 1;
"dom.security.https_only_mode" = true;
"privacy.trackingProtection.enabled" = true;
"browser.toolbars.bookmarks.visibility" = "newtab";
"browser.translations.neverTranslateLanguages" = "nl";
"browser.newtabpage.pinned" = [
{
label = "Server";
url = "https://home.xeovalyte.dev";
}
{
label = "Youtube";
url = "https://youtube.com";
}
{
label = "My TU Delft";
url = "https://my.tudelft.nl/";
}
{
label = "Vikunja";
url = "https://vikunja.xeovalyte.dev/";
}
];
"signon.rememberSignons" = false;
};
};
};
};
})
];
};
}

View File

@@ -35,7 +35,7 @@ in {
programs.git = mkIf cfg.lazygit.enable {
enable = true;
userEmail = "me+gitea@xeovalyte.dev";
userName = "xeovalyte";
userName = "Timo Boomers";
extraConfig = {
commit.gpgsign = true;
gpg.format = "ssh";

View File

@@ -12,56 +12,105 @@ in {
Enable helix text editor
'';
};
settings.applications.helix.markdown = lib.mkOption {
type = lib.types.bool;
default = false;
description = ''
Enable markdown language support
'';
};
settings.applications.helix.systemverilog = lib.mkOption {
type = lib.types.bool;
default = false;
description = ''
Enable systemverilog language support
'';
};
settings.applications.helix.nix = lib.mkOption {
type = lib.types.bool;
default = true;
description = ''
Enable nix language support
'';
};
settings.applications.helix.latex = lib.mkOption {
type = lib.types.bool;
default = true;
description = ''
Enable latex language support
'';
};
settings.applications.helix.vue = lib.mkOption {
type = lib.types.bool;
default = true;
description = ''
Enable vue/nuxt language support
'';
};
settings.applications.helix.rust = lib.mkOption {
type = lib.types.bool;
default = false;
description = ''
Enable rust language support
'';
};
};
config = mkIf cfg.enable {
home.packages = with pkgs; [
unstable.marksman
unstable.markdown-oxide
unstable.svls
unstable.nil
unstable.nixpkgs-fmt
unstable.tectonic
unstable.texlab
dprint
home.packages = with pkgs; lib.concatLists [
(lib.optionals cfg.markdown [ unstable.marksman unstable.markdown-oxide dprint ])
(lib.optionals cfg.systemverilog [ unstable.svls ])
(lib.optionals cfg.nix [ unstable.nix unstable.nixpkgs-fmt ])
(lib.optionals cfg.latex [ tectonic unstable.texlab ])
(lib.optionals cfg.vue [ unstable.vue-language-server unstable.typescript unstable.typescript-language-server ])
];
home.file.".config/.dprint.json".text =''
{
"markdown": {
"lineWidth":120,
},
"excludes": [],
"plugins": [
"https://plugins.dprint.dev/markdown-0.16.1.wasm"
]
}
'';
# Markdown
home.file.".config/.dprint.json" = lib.mkIf cfg.markdown {
text = ''
{
"markdown": {
"lineWidth":120,
},
"excludes": [],
"plugins": [
"https://plugins.dprint.dev/markdown-0.16.1.wasm"
]
}
'';
};
programs.helix = {
enable = true;
package = pkgs.unstable.helix;
defaultEditor = true;
settings = {
# theme = "base16";
editor.cursor-shape = {
insert = "bar";
};
editor.end-of-line-diagnostics = "hint";
};
languages = {
# Rust
language-server.rust-analyzer.config = {
language-server.rust-analyzer.config = lib.mkIf cfg.rust {
cargo = {
features = "all";
};
};
# Systemverilog
language-server.svls = {
language-server.svls = lib.mkIf cfg.systemverilog {
command = "svls";
};
language-server.texlab = {
# Latex
language-server.texlab = lib.mkIf cfg.latex {
config = {
texlab.chktex = {
onOpenAndSave = true;
@@ -95,20 +144,44 @@ in {
};
};
language = [
{
language-server.typescript-language-server.config = lib.mkIf cfg.vue {
# tsserver = {
# path = "${pkgs.unstable.typescript}/bin/tsserver";
# };
plugins = [
{
name = "@vue/typescript-plugin";
location = "${pkgs.unstable.vue-language-server}/bin/vue-language-server}";
languages = ["vue"];
}
];
vue.inlayHints = {
includeInlayEnumMemberValueHints = true;
includeInlayFunctionLikeReturnTypeHints = true;
includeInlayFunctionParameterTypeHints = true;
includeInlayParameterNameHints = "all";
includeInlayParameterNameHintsWhenArgumentMatchesName = true;
includeInlayPropertyDeclarationTypeHints = true;
includeInlayVariableTypeHints = true;
};
};
# language-server.vue-language-server = {
# command = "${pkgs.vue-language-server}/bin/vue-language-server";
# args = [ "--stdio" ];
# config = {
# typescript = {
# tsdk = "${pkgs.typescript}/bin/";
# };
# };
# };
language = lib.concatLists [
(lib.optionals cfg.systemverilog [{
name = "verilog";
language-servers = [ "svls" ];
}
{
name = "html";
language-servers = [ "vscode-html-language-server" "tailwindcss-ls" ];
}
{
name = "css";
language-servers = [ "vscode-html-language-server" "tailwindcss-ls" ];
}
{
}])
(lib.optionals cfg.markdown [{
name = "markdown";
auto-format = true;
language-servers = [ "markdown-oxide" ];
@@ -119,100 +192,13 @@ in {
name = "typst";
auto-format = false;
formatter.command = "${pkgs.typstfmt}/bin/typstfmt";
}
}])
(lib.optionals cfg.vue [{
name = "vue";
language-servers = ["vuels" "typescript-language-server"];
}])
];
};
# themes = {
# base16 = let
# base00 = "#${config.colorScheme.palette.base00}";
# base01 = "#${config.colorScheme.palette.base01}";
# base02 = "#${config.colorScheme.palette.base02}";
# base03 = "#${config.colorScheme.palette.base03}";
# base04 = "#${config.colorScheme.palette.base04}";
# base05 = "#${config.colorScheme.palette.base05}";
# base06 = "#${config.colorScheme.palette.base06}";
# base07 = "#${config.colorScheme.palette.base07}";
# base08 = "#${config.colorScheme.palette.base08}";
# base09 = "#${config.colorScheme.palette.base09}";
# base0A = "#${config.colorScheme.palette.base0A}";
# base0B = "#${config.colorScheme.palette.base0B}";
# base0C = "#${config.colorScheme.palette.base0C}";
# base0D = "#${config.colorScheme.palette.base0D}";
# base0E = "#${config.colorScheme.palette.base0E}";
# base0F = "#${config.colorScheme.palette.base0F}";
# in {
# "attributes" = base09;
# "comment" = { fg = base03; modifiers = ["italic"]; };
# "constant" = base09;
# "constant.character.escape" = base0C;
# "constant.numeric" = base09;
# "constructor" = base0D;
# "debug" = base03;
# "diagnostic" = { modifiers = ["underlined"]; };
# "diff.delta" = base09;
# "diff.minus" = base08;
# "diff.plus" = base0B;
# "error" = base08;
# "function" = base0D;
# "hint" = base03;
# "info" = base0D;
# "keyword" = base0E;
# "label" = base0E;
# "namespace" = base0E;
# "operator" = base05;
# "special" = base0D;
# "string" = base0B;
# "type" = base0A;
# "variable" = base08;
# "variable.other.member" = base0B;
# "warning" = base09;
# "markup.bold" = { fg = base0A; modifiers = ["bold"]; };
# "markup.heading" = base0D;
# "markup.italic" = { fg = base0E; modifiers = ["italic"]; };
# "markup.link.text" = base08;
# "markup.link.url" = { fg = base09; modifiers = ["underlined"]; };
# "markup.list" = base08;
# "markup.quote" = base0C;
# "markup.raw" = base0B;
# "markup.strikethrough" = { modifiers = ["crossed_out"]; };
# "diagnostic.hint" = { underline = { style = "curl"; }; };
# "diagnostic.info" = { underline = { style = "curl"; }; };
# "diagnostic.warning" = { underline = { style = "curl"; }; };
# "diagnostic.error" = { underline = { style = "curl"; }; };
# # "ui.background" = { bg = base00; };
# "ui.bufferline.active" = { fg = base00; bg = base03; modifiers = ["bold"]; };
# "ui.bufferline" = { fg = base04; bg = base00; };
# "ui.cursor" = { fg = base0A; modifiers = ["reversed"]; };
# "ui.cursor.insert" = { fg = base0A; modifiers = ["reversed"]; };
# "ui.cursorline.primary" = { fg = base05; bg = base01; };
# "ui.cursor.match" = { fg = base0A; modifiers = ["reversed"]; };
# "ui.cursor.select" = { fg = base0A; modifiers = ["reversed"]; };
# "ui.gutter" = { bg = base00; };
# "ui.help" = { fg = base06; bg = base01; };
# "ui.linenr" = { fg = base03; bg = base00; };
# "ui.linenr.selected" = { fg = base04; bg = base01; modifiers = ["bold"]; };
# "ui.menu" = { fg = base05; bg = base01; };
# "ui.menu.scroll" = { fg = base03; bg = base01; };
# "ui.menu.selected" = { fg = base01; bg = base04; };
# "ui.popup" = { bg = base01; };
# "ui.selection" = { bg = base02; };
# "ui.selection.primary" = { bg = base02; };
# "ui.statusline" = { fg = base04; bg = base01; };
# "ui.statusline.inactive" = { bg = base01; fg = base03; };
# "ui.statusline.insert" = { fg = base00; bg = base0B; };
# "ui.statusline.normal" = { fg = base00; bg = base03; };
# "ui.statusline.select" = { fg = base00; bg = base0F; };
# "ui.text" = base05;
# "ui.text.focus" = base05;
# "ui.virtual.indent-guide" = { fg = base03; };
# "ui.virtual.inlay-hint" = { fg = base01; };
# "ui.virtual.ruler" = { bg = base01; };
# "ui.window" = { bg = base01; };
# };
# };
};
};
}

View File

@@ -0,0 +1,37 @@
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.settings.applications.nushell;
in {
options = {
settings.applications.nushell.enable = lib.mkOption {
type = lib.types.bool;
description = ''
Enable nushell shell
'';
default = false;
};
};
config = mkIf cfg.enable {
home.packages = with pkgs; [
eza
bat
];
programs.bash = {
enable = false;
};
programs.nushell = {
enable = true;
};
programs.starship = {
enable = true;
enableNushellIntegration = true;
};
};
}

View File

@@ -0,0 +1,27 @@
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.settings.applications.obs-studio;
in {
options = {
settings.applications.obs-studio.enable = lib.mkOption {
type = lib.types.bool;
description = ''
Enable obs studio with optional plugins
'';
default = false;
};
};
config = mkIf cfg.enable {
programs.obs-studio = {
enable = true;
plugins = with pkgs.obs-studio-plugins; [
wlrobs
obs-vaapi #optional AMD hardware acceleration
];
};
};
}

View File

@@ -30,6 +30,12 @@ in {
user = "git";
identityFile = "~/.ssh/gitea";
};
"gitlab.ewi.tudelft.nl" = {
hostname = "gitlab.ewi.tudelft.nl";
user = "tboomers";
identityFile = "~/.ssh/gitlab_tudelft";
};
};
addKeysToAgent = "yes";
};

View File

@@ -0,0 +1,24 @@
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.settings.applications.typst;
in {
options = {
settings.applications.typst.enable = lib.mkOption {
type = lib.types.bool;
description = ''
Enable typst
'';
default = false;
};
};
config = mkIf cfg.enable {
home.packages = with pkgs; [
unstable.typst
unstable.typst-live
];
};
}

View File

@@ -0,0 +1,107 @@
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.settings.applications.wezterm;
in {
options = {
settings.applications.wezterm.enable = lib.mkOption {
type = lib.types.bool;
default = false;
description = ''
Enable wezterm terminal
'';
};
};
config = mkIf cfg.enable {
programs.wezterm = {
enable = true;
enableZshIntegration = true;
package = pkgs.unstable.wezterm;
extraConfig = /* lua */ ''
-- Pull in the wezterm API
local wezterm = require 'wezterm'
-- This will hold the configuration.
local config = wezterm.config_builder()
local act = wezterm.action
-- This is where you actually apply your config choices
-- For example, changing the color scheme:
config.enable_tab_bar = true
config.use_fancy_tab_bar = false
config.window_decorations = "NONE"
config.tab_bar_at_bottom = true
config.keys = {
-- Pane controls
{
key = 'h',
mods = 'CTRL',
action = act.ActivatePaneDirection 'Left',
},
{
key = 'l',
mods = 'CTRL',
action = act.ActivatePaneDirection 'Right',
},
{
key = 'k',
mods = 'CTRL',
action = act.ActivatePaneDirection 'Up',
},
{
key = 'j',
mods = 'CTRL',
action = act.ActivatePaneDirection 'Down',
},
-- Pane resizing
{
key = 'H',
mods = 'CTRL',
action = act.AdjustPaneSize { 'Left', 5 },
},
{
key = 'L',
mods = 'CTRL',
action = act.AdjustPaneSize { 'Right', 5 },
},
{
key = 'K',
mods = 'CTRL',
action = act.AdjustPaneSize { 'Up', 5 },
},
{
key = 'J',
mods = 'CTRL',
action = act.AdjustPaneSize { 'Down', 5 },
},
{
key = 'q',
mods = 'CTRL',
action = act.CloseCurrentPane { confirm = false },
},
-- Tab management
{ key = '1', mods = 'ALT', action = act.ActivateTab(0) },
{ key = '2', mods = 'ALT', action = act.ActivateTab(1) },
{ key = '3', mods = 'ALT', action = act.ActivateTab(2) },
{ key = '4', mods = 'ALT', action = act.ActivateTab(3) },
{ key = '5', mods = 'ALT', action = act.ActivateTab(4) },
{
key = 'q',
mods = 'ALT',
action = act.CloseCurrentTab { confirm = false },
},
}
-- and finally, return the configuration to wezterm
return config
'';
};
};
}

View File

@@ -1,9 +1,38 @@
{ config, lib, ... }:
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.settings.applications.zellij;
sesh = pkgs.writeScriptBin "sesh" ''
#! /usr/bin/env sh
# Taken from https://github.com/zellij-org/zellij/issues/884#issuecomment-1851136980
# select a directory using zoxide
ZOXIDE_RESULT=$(${pkgs.zoxide}/bin/zoxide query --interactive)
# checks whether a directory has been selected
if [[ -z "$ZOXIDE_RESULT" ]]; then
# if there was no directory, select returns without executing
exit 0
fi
# extracts the directory name from the absolute path
SESSION_TITLE=$(echo "$ZOXIDE_RESULT" | sed 's#.*/##')
# get the list of sessions
SESSION_LIST=$(zellij list-sessions -n | awk '{print $1}')
# checks if SESSION_TITLE is in the session list
if echo "$SESSION_LIST" | grep -q "^$SESSION_TITLE$"; then
# if so, attach to existing session
zellij attach "$SESSION_TITLE"
else
# if not, create a new session
echo "Creating new session $SESSION_TITLE and CD $ZOXIDE_RESULT"
cd $ZOXIDE_RESULT
zellij attach -c "$SESSION_TITLE"
fi
'';
in {
options = {
settings.applications.zellij.enable = lib.mkOption {
@@ -19,13 +48,23 @@ in {
enable = true;
};
programs.zoxide = {
enable = true;
enableZshIntegration = true;
};
home.packages = [
sesh
];
home.file.zellij = {
target = ".config/zellij/config.kdl";
text = ''
pane_frames false
pane_frames true
keybinds {
normal {
bind "Ctrl e" { ToggleFloatingPanes; SwitchToMode "normal"; }
bind "Ctrl d" { Detach; }
bind "Alt 1" { GoToTab 1; }
bind "Alt 2" { GoToTab 2; }
bind "Alt 3" { GoToTab 3; }
@@ -40,7 +79,7 @@ in {
target = ".config/zellij/layouts/default.kdl";
text = ''
layout {
pane
pane borderless=true {}
floating_panes {
pane {
width "80%"
@@ -49,40 +88,8 @@ in {
y "10%"
}
}
}
'';
};
home.file.zellij-layout-dioxus = {
target = ".config/zellij/layouts/dioxus.kdl";
text = ''
layout {
tab {
pane {
command "hx"
args "."
focus true
}
floating_panes {
pane {
width "80%"
height "80%"
x "10%"
y "10%"
}
}
}
tab {
pane {
command "dx"
args "serve"
}
}
tab {
pane {
command "devenv"
args "up"
}
pane size=1 borderless=true {
plugin location="zellij:tab-bar"
}
}
'';

View File

@@ -0,0 +1,61 @@
{ config, lib, ... }:
with lib;
let
cfg = config.settings.containers.beszel;
in {
options = {
settings.containers.beszel.enable = lib.mkOption {
type = lib.types.bool;
default = false;
description = ''
Enable Beszel container
'';
};
};
config = mkIf cfg.enable {
settings.services.sops.enable = true;
services.podman.containers.beszel = {
image = "henrygd/beszel:latest";
network = "proxy";
volumes = [
"%h/containers/beszel/data:/beszel_data"
"%h/containers/beszel/socket:/beszel_socket"
];
environment = {
DISABLE_PASSWORD_AUTH = false;
USER_CREATION = true;
};
};
services.podman.containers.beszel-agent = {
image = "henrygd/beszel-agent:latest";
network = "proxy";
volumes = [
"%h/containers/beszel/socket:/beszel_socket"
"/run/user/1000/podman/podman.sock:/var/run/podman.sock:ro"
"${config.sops.secrets."containers/beszel/key".path}:/run/secrets/key"
];
user = 1000;
userNS = "keep-id";
environment = {
LISTEN = "/beszel_socket/beszel.sock";
KEY_FILE = "/run/secrets/key";
DOCKER_HOST = "unix:///var/run/podman.sock";
};
};
settings.containers.caddy.routes.tbmrs-local.routes.beszel = {
host = "monitor";
url = "beszel:8090";
};
sops.secrets = {
"containers/beszel/key" = { };
};
};
}

View File

@@ -0,0 +1,98 @@
{ config, lib, ... }:
with lib;
let
cfg = config.settings.containers.caddy;
toInternal = name: routesDef: {
name = name;
host = routesDef.host;
url = routesDef.url;
};
generateRoutes = domain: entries: lib.concatMapStrings (route: ''
@${route.name} host ${route.host}.${domain}
handle @${route.name} {
reverse_proxy ${route.url}
}
'') entries;
routesOption = lib.mkOption {
type = types.attrsOf (types.submodule {
options = {
url = mkOption {
type = types.str;
};
host = mkOption {
type = types.str;
};
};
});
};
in {
options = {
settings.containers.caddy.enable = mkOption {
type = lib.types.bool;
default = false;
description = ''
Enable caddy container
'';
};
settings.containers.caddy.routes = mkOption {
type = lib.types.attrsOf (types.submodule {
options = {
routes = routesOption;
domain = mkOption {
type = types.str;
};
};
});
};
};
config = mkIf cfg.enable {
services.podman.containers.caddy = {
image = "localhost/tboomers/caddy-custom:latest";
network = "proxy";
networkAlias = [
"mail.tbmrs.nl"
];
ports = [
"1080:80"
"1443:443"
];
volumes = [
"%h/containers/caddy/Caddyfile:/etc/caddy/Caddyfile"
"%h/containers/caddy/acme_key:/etc/caddy/acme_key"
"%h/containers/caddy/data:/data"
];
};
settings.containers.caddy.routes = {
tbmrs.domain = "tbmrs.nl";
tbmrs-local.domain = "local.tbmrs.nl";
};
home.file."containers/caddy/Caddyfile".text = ''
*.tbmrs.nl, tbmrs.nl {
tls {
dns transip xeovalyte /etc/caddy/acme_key
resolvers 1.1.1.1
}
${generateRoutes cfg.routes.tbmrs.domain (mapAttrsToList toInternal cfg.routes.tbmrs.routes)}
}
*.local.tbmrs.nl {
tls {
dns transip xeovalyte /etc/caddy/acme_key
resolvers 1.1.1.1
}
${generateRoutes cfg.routes.tbmrs-local.domain (mapAttrsToList toInternal cfg.routes.tbmrs-local.routes)}
}
'';
};
}

View File

@@ -0,0 +1,37 @@
{ config, lib, ... }:
with lib;
let
cfg = config.settings.containers.forgejo;
in {
options = {
settings.containers.forgejo.enable = lib.mkOption {
type = lib.types.bool;
default = false;
description = ''
Enable forgejo container
'';
};
};
config = mkIf cfg.enable {
services.podman.containers.forgejo = {
image = "codeberg.org/forgejo/forgejo:11";
network = "proxy";
volumes = [
"%h/containers/forgejo/data:/data"
];
environment = {
FORGEJO__service__ALLOW_ONLY_EXTERNAL_REGISTRATION = true;
FORGEJO__service__SHOW_REGISTRATION_BUTTON = false;
FORGEJO__service__ENABLE_PASSWORD_SIGNIN_FORM = false;
};
};
settings.containers.caddy.routes.tbmrs.routes.forgejo = {
host = "git";
url = "forgejo:3000";
};
};
}

View File

@@ -0,0 +1,36 @@
{ config, lib, ... }:
with lib;
let
cfg = config.settings.containers.homeassistant;
in {
options = {
settings.containers.homeassistant.enable = lib.mkOption {
type = lib.types.bool;
default = false;
description = ''
Enable storage configuration
'';
};
};
config = mkIf cfg.enable {
services.podman.containers.homeassistant = {
image = "ghcr.io/home-assistant/home-assistant:stable";
network = "proxy";
volumes = [
"%h/containers/homeassistant/config:/config"
];
userNS = "keep-id";
environment = {
TZ = "Europe/Amsterdam";
};
};
settings.containers.caddy.routes.tbmrs-local.routes.home-assistant = {
host = "home-assistant";
url = "homeassistant:8123";
};
};
}

View File

@@ -0,0 +1,191 @@
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.settings.containers.homepage;
in {
options = {
settings.containers.homepage.enable = lib.mkOption {
type = lib.types.bool;
default = false;
description = ''
Enable homepage container
'';
};
};
config = mkIf cfg.enable {
services.podman.containers.homepage = {
image = "ghcr.io/gethomepage/homepage:latest";
network = "proxy";
volumes = [
"%h/containers/homepage/config:/app/config"
"%h/containers/homepage/config/settings.yaml:/app/config/settings.yaml"
"%h/containers/homepage/config/services.yaml:/app/config/services.yaml"
"%h/containers/homepage/config/docker.yaml:/app/config/docker.yaml"
"/run/user/1000/podman/podman.sock:/var/run/podman.sock:ro"
];
userNS = "keep-id";
environment = {
HOMEPAGE_ALLOWED_HOSTS = "home.tbmrs.nl";
};
};
settings.containers.caddy.routes.tbmrs.routes.homepage = {
host = "home";
url = "homepage:3000";
};
home.file."containers/homepage/config/settings.yaml".source = (pkgs.formats.yaml { }).generate "settings" {
title = "Timo's Server";
description = "server from Timo";
theme = "dark";
color = "slate";
layout = {
Services = {
style = "row";
columns = "4";
};
Infra = {
style = "row";
columns = "4";
};
};
};
home.file."containers/homepage/config/services.yaml".source = (pkgs.formats.yaml { }).generate "services" [
{
"Services" = [
{
"Forgejo" = {
href = "https://git.tbmrs.nl";
description = "Git server";
icon = "forgejo";
server = "podman";
container = "forgejo";
};
}
{
"Immich" = {
href = "https://photos.tbmrs.nl";
description = "Photo's and videos";
icon = "immich";
server = "podman";
container = "immich-server";
};
}
{
"Pingvin" = {
href = "https://share.tbmrs.nl";
description = "File sharing";
icon = "pingvin-share";
server = "podman";
container = "pingvin-share";
};
}
{
"Vaultwarden" = {
href = "https://vault.local.tbmrs.nl";
description = "Password management";
icon = "vaultwarden";
server = "podman";
container = "vaultwarden";
};
}
{
"Paperless" = {
href = "https://paperless.local.tbmrs.nl";
description = "Documents management";
icon = "paperless-ngx";
server = "podman";
container = "paperless-ngx";
};
}
{
"Home Assistant" = {
href = "https://home-assistant.local.tbmrs.nl";
description = "Home automation";
icon = "home-assistant";
server = "podman";
container = "homeassistant";
};
}
{
"Syncthing" = {
href = "https://syncthing.local.tbmrs.nl";
description = "File syncronisation";
icon = "syncthing";
server = "podman";
container = "syncthing";
};
}
{
"Dufs" = {
href = "https://files.tbmrs.nl";
description = "File management";
icon = "dufs";
server = "podman";
container = "dufs";
};
}
{
"Linkding" = {
href = "https://links.local.tbmrs.nl";
description = "Bookmarks";
icon = "linkding";
server = "podman";
container = "linkding";
};
}
{
"Stalwart" = {
href = "https://mail.tbmrs.nl";
description = "Mailserver";
icon = "stalwart";
server = "podman";
container = "stalwart";
};
}
];
}
{
"Infra" = [
{
"Kanidm" = {
href = "https://auth.tbmrs.nl";
description = "Oauth2 and ldap provider";
icon = "kanidm";
server = "podman";
container = "kanidm";
};
}
{
"Uptime Kuma" = {
href = "https://uptime.tbmrs.nl";
description = "Uptime and status";
icon = "uptime-kuma";
server = "podman";
container = "uptime-kuma";
};
}
{
"Beszel" = {
href = "https://monitor.local.tbmrs.nl";
description = "Server monitoring";
icon = "beszel";
server = "podman";
container = "beszel";
};
}
];
}
];
home.file."containers/homepage/config/docker.yaml".source = (pkgs.formats.yaml {}).generate "docker" {
podman = {
socket = "/var/run/podman.sock";
};
};
};
}

View File

@@ -0,0 +1,80 @@
{ config, lib, ... }:
with lib;
let
cfg = config.settings.containers.immich;
in {
options = {
settings.containers.immich.enable = lib.mkOption {
type = lib.types.bool;
default = false;
description = ''
Enable immich container
'';
};
};
config = mkIf cfg.enable {
services.podman.containers.immich-server = {
image = "ghcr.io/immich-app/immich-server:release";
network = "proxy";
volumes = [
"%h/containers/immich/upload:/usr/src/app/upload"
"/etc/localtime:/etc/localtime:ro"
];
extraConfig = {
Unit = {
After = [
"podman-immich-redis.service"
"podman-immich-database.service"
];
Requires = [
"podman-immich-redis.service"
"podman-immich-database.service"
];
};
};
environment = {
DB_PASSWORD = "changeme";
DB_USERNAME = "postgres";
DB_DATABASE_NAME = "immich";
DB_HOSTNAME = "immich-database";
REDIS_HOSTNAME = "immich-redis";
};
};
services.podman.containers.immich-machine-learning = {
image = "ghcr.io/immich-app/immich-machine-learning:release";
network = "proxy";
volumes = [
"%h/containers/immich/model-cache:/cache"
];
};
services.podman.containers.immich-redis = {
image = "docker.io/valkey/valkey:8-bookworm@sha256:42cba146593a5ea9a622002c1b7cba5da7be248650cbb64ecb9c6c33d29794b1";
network = "proxy";
};
services.podman.containers.immich-database = {
image = "docker.io/tensorchord/pgvecto-rs:pg14-v0.2.0@sha256:739cdd626151ff1f796dc95a6591b55a714f341c737e27f045019ceabf8e8c52";
network = "proxy";
volumes = [
"%h/containers/immich/database-data:/var/lib/postgresql/data"
];
environment = {
POSTGRES_PASSWORD = "changeme";
POSTGRES_USER = "postgres";
POSTGRES_DB = "immich";
POSTGRES_INITDB_ARGS = "--data-checksums";
};
exec = ''postgres -c shared_preload_libraries=vectors.so -c 'search_path="$$user", public, vectors' -c logging_collector=on -c max_wal_size=2GB -c shared_buffers=512MB -c wal_compression=on'';
};
settings.containers.caddy.routes.tbmrs.routes.immich = {
host = "photos";
url = "immich-server:2283";
};
};
}

View File

@@ -0,0 +1,35 @@
{ config, lib, ... }:
with lib;
let
cfg = config.settings.containers.jellyfin;
in {
options = {
settings.containers.jellyfin.enable = lib.mkOption {
type = lib.types.bool;
default = false;
description = ''
Enable jellyfin container
'';
};
};
config = mkIf cfg.enable {
services.podman.containers.jellyfin = {
image = "jellyfin/jellyfin";
network = "proxy";
volumes = [
"%h/containers/jellyfin/config:/config"
"%h/containers/jellyfin/cache:/cache"
"%h/media:/media"
];
userNS = "keep-id";
};
settings.containers.caddy.routes.tbmrs-local.routes.jellyfin = {
host = "stream";
url = "jellyfin:8096";
};
};
}

View File

@@ -0,0 +1,45 @@
{ config, lib, ... }:
with lib;
let
cfg = config.settings.containers.nginx;
in {
options = {
settings.containers.kanidm.enable = lib.mkOption {
type = lib.types.bool;
default = false;
description = ''
Enable kanidm container
'';
};
};
config = mkIf cfg.enable {
services.podman.containers.kanidm = {
image = "kanidm/server:latest";
network = "proxy";
networkAlias = [
"auth.tbmrs.nl"
];
volumes = [
"%h/containers/kanidm/data:/data"
"%h/containers/caddy/data/caddy/certificates/acme-v02.api.letsencrypt.org-directory/wildcard_.tbmrs.nl:/data/keys"
];
environment = {
KANIDM_VERSION = "2";
KANIDM_BINDADDRESS = "[::]:443";
KANIDM_DB_PATH = "/data/kanidm.db";
KANIDM_TLS_CHAIN = "/data/keys/wildcard_.tbmrs.nl.crt";
KANIDM_TLS_KEY = "/data/keys/wildcard_.tbmrs.nl.key";
KANIDM_DOMAIN = "auth.tbmrs.nl";
KANIDM_ORIGIN = "https://auth.tbmrs.nl";
};
};
settings.containers.caddy.routes.tbmrs.routes.kanidm = {
host = "auth";
url = "https://auth.tbmrs.nl";
};
};
}

View File

@@ -0,0 +1,82 @@
{ config, lib, ... }:
with lib;
let
cfg = config.settings.containers.karakeep;
in {
options = {
settings.containers.karakeep.enable = lib.mkOption {
type = lib.types.bool;
default = false;
description = ''
Enable karakeep container
'';
};
};
config = mkIf cfg.enable {
services.podman.containers.karakeep = {
image = "ghcr.io/karakeep-app/karakeep:release";
network = "proxy";
volumes = [
"%h/containers/karakeep/data:/data"
];
environment = {
MEILI_ADDR = "http://karakeep-meilisearch:7700";
BROWSER_WEB_URL = "http://karakeep-chrome:9222";
DATA_DIR = "/data";
};
environmentFile = [
"${config.sops.templates."container-karakeep.env".path}"
];
extraConfig = {
Unit = {
After = [
"podman-karakeep-chrome.service"
"podman-karakeep-meilisearch.service"
];
Requires = [
"podman-karakeep-chrome.service"
"podman-karakeep-meilisearch.service"
];
};
};
};
services.podman.containers.karakeep-chrome = {
image = "gcr.io/zenika-hub/alpine-chrome:123";
network = "proxy";
exec = "--no-sandbox --disable-gpu --disable-dev-shm-usage --remote-debugging-address=0.0.0.0 --remote-debugging-port=9222 --hide-scrollbars";
};
services.podman.containers.karakeep-meilisearch = {
image = "getmeili/meilisearch:v1.13.3";
network = "proxy";
environment = {
MEILI_NO_ANALYTICS = "true";
};
volumes = [
"%h/containers/karakeep/meilisearch:/meili_data"
];
};
settings.services.sops.enable = true;
sops.secrets = {
"containers/karakeep/nextauth-secret" = { };
"containers/karakeep/meili-key" = { };
};
sops.templates = {
"container-karakeep.env" = {
content = ''
KARAKEEP_VERSION=release
NEXTAUTH_SECRET=${config.sops.placeholder."containers/karakeep/nextauth-secret"}
MEILI_MASTER_KEY=${config.sops.placeholder."containers/karakeep/meili-key"}
NEXTAUTH_URL=https://karakeep.local.tbmrs.nl
'';
};
};
};
}

View File

@@ -0,0 +1,58 @@
{ config, lib, ... }:
with lib;
let
cfg = config.settings.containers.linkding;
in {
options = {
settings.containers.linkding.enable = lib.mkOption {
type = lib.types.bool;
default = false;
description = ''
Enable linkding container
'';
};
};
config = mkIf cfg.enable {
services.podman.containers.linkding = {
image = "ghcr.io/sissbruecker/linkding:latest";
network = "proxy";
volumes = [
"%h/containers/linkding/data:/etc/linkding/data"
];
environment = {
LD_ENABLE_OIDC = "True";
OIDC_RP_CLIENT_ID = "linkding";
OIDC_OP_AUTHORIZATION_ENDPOINT = "https://auth.tbmrs.nl/ui/oauth2";
OIDC_OP_TOKEN_ENDPOINT = "https://auth.tbmrs.nl/oauth2/token";
OIDC_OP_USER_ENDPOINT = "https://auth.tbmrs.nl/oauth2/openid/linkding/userinfo";
OIDC_OP_JWKS_ENDPOINT = "https://auth.tbmrs.nl/oauth2/openid/linkding/public_key.jwk";
OIDC_RP_SIGN_ALGO = "ES256";
};
environmentFile = [
"${config.sops.templates."container-linkding.env".path}"
];
};
settings.containers.caddy.routes.tbmrs-local.routes.linkding = {
host = "links";
url = "linkding:9090";
};
settings.services.sops.enable = true;
sops.templates = {
"container-linkding.env" = {
content = /*bash*/ ''
OIDC_RP_CLIENT_SECRET=${config.sops.placeholder."containers/linkding/oidc-secret"}
'';
};
};
sops.secrets = {
"containers/linkding/oidc-secret" = { };
};
};
}

View File

@@ -0,0 +1,25 @@
{ config, lib, ... }:
with lib;
let
cfg = config.settings.containers.network;
in {
options = {
settings.containers.network.enable = lib.mkOption {
type = lib.types.bool;
default = false;
description = ''
Enable network
'';
};
};
config = mkIf cfg.enable {
services.podman.networks.proxy = {
description = "Container network for the proxy";
driver = "bridge";
autoStart = true;
};
};
}

View File

@@ -0,0 +1,26 @@
{ config, lib, ... }:
with lib;
let
cfg = config.settings.containers.nginx;
in {
options = {
settings.containers.nginx.enable = lib.mkOption {
type = lib.types.bool;
default = false;
description = ''
Enable nginx container
'';
};
};
config = mkIf cfg.enable {
services.podman.containers.nginx = {
image = "nginx";
ports = [
"8080:80"
];
};
};
}

View File

@@ -0,0 +1,102 @@
{ config, lib, pkgs, ... }:
with lib;
let
cfg = config.settings.containers.paperless-ngx;
in {
options = {
settings.containers.paperless-ngx.enable = lib.mkOption {
type = lib.types.bool;
default = false;
description = ''
Enable Paperless NGX container
'';
};
};
config = mkIf cfg.enable {
settings.services.sops.enable = true;
services.podman.containers.paperless-ngx = {
image = "ghcr.io/paperless-ngx/paperless-ngx:latest";
network = "proxy";
volumes = [
"%h/containers/paperless-ngx/data:/usr/src/paperless/data"
"%h/containers/paperless-ngx/media:/usr/src/paperless/media"
"%h/containers/paperless-ngx/export:/usr/src/paperless/export"
"%h/containers/paperless-ngx/consume:/usr/src/paperless/consume"
"${config.sops.secrets."containers/paperless-ngx/db-password".path}:/run/secrets/db-password"
"${config.sops.secrets."containers/paperless-ngx/secret".path}:/run/secrets/secret"
"${config.sops.secrets."containers/paperless-ngx/openid-providers".path}:/run/secrets/openid-providers"
];
environment = {
PAPERLESS_REDIS = "redis://paperless-ngx-broker:6379";
PAPERLESS_DBHOST = "paperless-ngx-db";
PAPERLESS_URL = "https://paperless.local.tbmrs.nl";
PAPERLESS_DBPASS_FILE = "/run/secrets/db-password";
PAPERLESS_SECRET_KEY_FILE = "/run/secrets/secret";
PAPERLESS_DISABLE_REGULAR_LOGIN = false;
PAPERLESS_APPS = "allauth.socialaccount.providers.openid_connect";
PAPERLESS_SOCIALACCOUNT_PROVIDERS_FILE = "/run/secrets/openid-providers";
PAPERLESS_SOCIAL_ACCOUNT_SYNC_GROUPS = true;
};
extraConfig = {
Unit = {
After = [
"sops-nix.service"
"podman-paperless-ngx-db.service"
"podman-paperless-ngx-broker.service"
];
Requires = [
"podman-paperless-ngx-db.service"
"podman-paperless-ngx-broker.service"
];
};
};
};
services.podman.containers.paperless-ngx-db = {
image = "docker.io/library/postgres:17";
network = "proxy";
volumes = [
"%h/containers/paperless-ngx/db-data:/var/lib/postgresql/data"
"${config.sops.secrets."containers/paperless-ngx/db-password".path}:/run/secrets/db-password"
];
environment = {
POSTGRES_DB = "paperless";
POSTGRES_USER = "paperless";
POSTGRES_PASSWORD_FILE = "/run/secrets/db-password";
};
extraConfig = {
Unit = {
After = [
"sops-nix.service"
];
};
};
};
services.podman.containers.paperless-ngx-broker = {
image = "docker.io/library/redis:7";
network = "proxy";
volumes = [
"%h/containers/paperless-ngx/redis-data:/data"
];
};
settings.containers.caddy.routes.tbmrs-local.routes.paperless-ngx = {
host = "paperless";
url = "paperless-ngx:8000";
};
sops.secrets = {
"containers/paperless-ngx/db-password" = { };
"containers/paperless-ngx/secret" = { };
"containers/paperless-ngx/openid-providers" = { };
};
};
}

Some files were not shown because too many files have changed in this diff Show More