mira/nixos
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

idek anymore

Browse source
This commit is contained in:
ArgentumCation 2025-12-04 23:36:32 -05:00
parent bc9c85aa64
commit acaf62d9e3
8 changed files with 222 additions and 423 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

72
auxin/configuration.nix
View file

@ -3,7 +3,8 @@
lib, lib,
pkgs, pkgs,
... ...
}: let }:
let
ports = [ ports = [
111 # RPC? 111 # RPC?
2049 # NFS 2049 # NFS
@ -28,12 +29,14 @@
8842 # Crowdsec (-> 8842) 8842 # Crowdsec (-> 8842)
8888 # Kodi 8888 # Kodi
9000 # Portainer (-> 9443) 9000 # Portainer (-> 9443)
]; #// lib.lists.range 6800 7568 ; ]; # // lib.lists.range 6800 7568 ;
in { in
{
imports = [ imports = [
# Include the results of the hardware scan. # Include the results of the hardware scan.
# ./hardware-configuration.nix # ./hardware-configuration.nix
]; ];
nix.package = pkgs.lix;
nixpkgs = { nixpkgs = {
config = { config = {
kodi.enableAdvancedLauncher = true; kodi.enableAdvancedLauncher = true;
@ -49,8 +52,9 @@ in {
} }
]; ];
# hostName = "auxin"; # Define your hostname. # hostName = "auxin"; # Define your hostname.
nameservers = ["192.168.1.1"]; nameservers = [ "192.168.1.1" ];
firewall = { firewall = {
trustedInterfaces = [ "br-+" ];
enable = true; enable = true;
allowedUDPPorts = ports; allowedUDPPorts = ports;
allowedTCPPorts = ports; allowedTCPPorts = ports;
@ -60,15 +64,16 @@ in {
}; };
}; };
environment.sessionVariables = {LIBVA_DRIVER_NAME = "iHD";}; # environment.sessionVariables = {
LIBVA_DRIVER_NAME = "iHD";
};
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
alacritty ghostty
czkawka czkawka
gcc gcc
go go
hyperfine hyperfine
sof-firmware sof-firmware
jellyfin-media-player
lazydocker lazydocker
gamescope gamescope
lazygit lazygit
@ -78,6 +83,7 @@ in {
upower upower
nodePackages.nodejs nodePackages.nodejs
nodePackages.pnpm nodePackages.pnpm
glibcLocales
]; ];
# Define a user account. Don't forget to set a password with passwd. # Define a user account. Don't forget to set a password with passwd.
users = { users = {
@ -161,7 +167,7 @@ in {
enable = true; enable = true;
openFirewall = true; openFirewall = true;
}; };
x2goserver.enable = true; x2goserver.enable = false;
# Enable the X11 windowing system. # Enable the X11 windowing system.
xserver = { xserver = {
@ -172,8 +178,9 @@ in {
# Kodi # Kodi
desktopManager.kodi = { desktopManager.kodi = {
enable = true; enable = true;
package = pkgs.kodi.withPackages (pkgs: package = pkgs.kodi.withPackages (
with pkgs; [ pkgs: with pkgs; [
pvr-iptvsimple
jellyfin jellyfin
jellycon jellycon
sendtokodi sendtokodi
@ -188,22 +195,23 @@ in {
visualization-spectrum visualization-spectrum
visualization-waveform visualization-waveform
inputstream-adaptive inputstream-adaptive
]); ]
);
}; };
}; };
displayManager = { displayManager = {
sddm = { # sddm = {
enable = true; # enable = true;
wayland.enable = false; # wayland.enable = false;
}; # };
autoLogin = { autoLogin = {
enable = false; enable = true;
user = "mira"; user = "mira";
}; };
}; };
btrbk = {}; # TODO: btrbk = { }; # TODO:
caddy = {}; # TODO: caddy = { }; # TODO:
fail2ban = { fail2ban = {
enable = true; enable = true;
ignoreIP = [ ignoreIP = [
@ -242,8 +250,12 @@ in {
# }; # };
# }; # };
# }; # };
pipewire = { pulseaudio = {
enable = true; enable = true;
support32Bit = true; # # If compatibility with 32-bit applications is desired.
};
pipewire = {
enable = false;
alsa.enable = true; alsa.enable = true;
alsa.support32Bit = true; alsa.support32Bit = true;
pulse.enable = true; pulse.enable = true;
@ -259,42 +271,30 @@ in {
autoPrune.enable = true; autoPrune.enable = true;
# TODO: you're gonna need to disable this eventually # TODO: you're gonna need to disable this eventually
# extraOptions = "--userns-remap=default"; # extraOptions = "--userns-remap=default";
liveRestore = false; # NOTE: Incompatible with swarm liveRestore = false;
}; };
virtualisation.libvirtd.enable = true; virtualisation.libvirtd.enable = true;
# TODO: # TODO:
powerManagement.enable = powerManagement.enable = lib.mkForce false;
lib.mkForce
false;
systemd = { systemd = {
targets = { targets = {
sleep.enable = false; sleep.enable = false;
suspend.enable = false; suspend.enable = false;
}; };
timers."qbittorrent-healthcheck" = { timers."qbittorrent-healthcheck" = {
wantedBy = ["timers.target"]; wantedBy = [ "timers.target" ];
timerConfig = { timerConfig = {
OnCalendar = "*/5 * * * *"; OnCalendar = "*/5 * * * *";
Unit = "qbittorrent-healthcheck"; Unit = "qbittorrent-healthcheck";
}; };
}; };
services = { services = {
"qbittorrent-healthcheck" = {
script = ''
${pkgs.docker}/bin/docker exec qbittorrent ping -c 1 -w 5 -I protonwire0 8.8.8.8 || ${pkgs.docker}/bin/docker restart qbittorrent
'';
serviceConfig = {
Type = "oneshot";
User = "root";
};
};
docker = { docker = {
unitConfig = { unitConfig = {
RequiresMountsFor = "/raid"; RequiresMountsFor = "/raid";
}; };
wantedBy = ["graphical.target"]; wantedBy = [ "graphical.target" ];
}; };
# TODO: switch to ntfy? # TODO: switch to ntfy?
sshdAlert = { sshdAlert = {
@ -308,7 +308,7 @@ in {
${pkgs.curl}/bin/curl --request POST --url https://discord.com/api/webhooks/1235751608046846012/CU7tz271Z3Rbq9mPV0_rB5RBCRDhLKhGH14ebBm-TePpWFqKKJaCRYVMHYTJsIaSq2H- --header 'Content-Type: application/json' --data '{"username": "Auxin SSH status","avatar_url": "https://pbs.twimg.com/media/GMPtuovaQAAQ7Qr?format=png&name=large","content": "SSHD is Running!"}' ${pkgs.curl}/bin/curl --request POST --url https://discord.com/api/webhooks/1235751608046846012/CU7tz271Z3Rbq9mPV0_rB5RBCRDhLKhGH14ebBm-TePpWFqKKJaCRYVMHYTJsIaSq2H- --header 'Content-Type: application/json' --data '{"username": "Auxin SSH status","avatar_url": "https://pbs.twimg.com/media/GMPtuovaQAAQ7Qr?format=png&name=large","content": "SSHD is Running!"}'
''; '';
}; };
wantedBy = ["multi-user.target"]; wantedBy = [ "multi-user.target" ];
}; };
}; };
}; };

21
auxin/hardware-configuration.nix
View file

@ -22,25 +22,30 @@
# initrd.kernelModules = ["i915"]; # initrd.kernelModules = ["i915"];
kernelModules = ["kvm-amd" "iscsi_tcp"]; kernelModules = ["kvm-amd" "iscsi_tcp"];
extraModulePackages = []; extraModulePackages = [];
kernelParams = ["i915.force_probe=56a5" kernelParams = [
#"i915.enable_guc=0" # "i915.enable_guc=1"
]; ];
# kernelPackages = pkgs.linuxPackages_latest; # kernelPackages = pkgs.linuxPackages_latest;
}; };
fileSystems."/" = { fileSystems."/" = {
device = "/dev/disk/by-label/SYSTEM"; device = "/dev/disk/by-label/SYSTEM";
fsType = "btrfs"; fsType = "btrfs";
options = ["subvol=@nixos" "noatime"]; options = ["subvol=@nixos" "noatime" "compress=zstd"];
}; };
fileSystems."/raid" = { fileSystems."/raid" = {
device = "//192.168.2.146/raid"; device = "192.168.1.146:/mnt/raid";
fsType = "cifs"; fsType = "nfs";
options = ["credentials=/etc/nixos/smb-secrets" "_netdev" "uid=1000" "gid=1000" "file_mode=0777" "dir_mode=0777"]; # options = ["credentials=/etc/nixos/smb-secrets" "_netdev" "uid=1000" "gid=1000" "file_mode=0777" "dir_mode=0777"];
}; };
# fileSystems."/samba" = {
# device = "//192.168.2.146/raid";
# fsType = "cifs";
# options = ["credentials=/etc/nixos/smb-secrets" "_netdev"];
# };
fileSystems."/nix" = { fileSystems."/nix" = {
device = "/dev/disk/by-label/SYSTEM"; device = "/dev/disk/by-label/SYSTEM";
fsType = "btrfs"; fsType = "btrfs";
options = ["subvol=@nix" "noatime"]; options = ["subvol=@nix" "noatime" "compress=zstd"];
}; };
fileSystems."/home" = { fileSystems."/home" = {
@ -61,8 +66,6 @@
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware = { hardware = {
enableRedistributableFirmware = true; enableRedistributableFirmware = true;
# pulseaudio.enable = true;
# pulseaudio.support32Bit = true; ## If compatibility with 32-bit applications is desired.
graphics = { graphics = {
enable = true; enable = true;
extraPackages = with pkgs; [ extraPackages = with pkgs; [

153
common.nix
View file

@ -1,10 +1,10 @@
{ config {
, lib config,
, pkgs lib,
, meta pkgs,
, ... meta,
}: ...
let }: let
sshKeys = [ sshKeys = [
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCZ87vi3BF+Mtb8Pv1Gqc9wyeXQCncJrg3lq4dwl15bkHUw4BlR2h1z8payBpGiKMnZy/NtWCclt3Jh562YhjLYHy9VtlTUlADGTvIPtczizZYPCzceC3fP1zCh2N8pUluR8J9Y+EvYWvSQkvSpwD8hhpLXeuOtFjjg0stLliI2YuVk4TJrXNmF8UNweeiBvaJW4Nye5no9h+IKTU8FPehB5BrWhTi9aTiTSxzgX3anOaTzRL1x+Lbeoo27AfZXwQJDlYHdg93csXyAP4l2g4lvtU98W3AlG7ZsipUgRWClfe4OBz1l2rT5F+l28daOFae+THOf2iG6kymesCeJiLBILWk45hmiA8Vv3XAdWxtqPJhQKrqtfm5GMm3cNZPc6N3CJe6gVw75eBCG1TjFhSVXmrHQgbmN0nFs6HU3+ghSnPmDI8A7DvWdRAKceWP39pb3g5kp/pTg+Lj+yFV2ll4/MvbN1wcSdW5azDAYLVnMCS6b8ikO16tpnLT1bbUN4M0= ceph-f4745d24-7f5e-11ef-b66f-14ac604688a3" "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCZ87vi3BF+Mtb8Pv1Gqc9wyeXQCncJrg3lq4dwl15bkHUw4BlR2h1z8payBpGiKMnZy/NtWCclt3Jh562YhjLYHy9VtlTUlADGTvIPtczizZYPCzceC3fP1zCh2N8pUluR8J9Y+EvYWvSQkvSpwD8hhpLXeuOtFjjg0stLliI2YuVk4TJrXNmF8UNweeiBvaJW4Nye5no9h+IKTU8FPehB5BrWhTi9aTiTSxzgX3anOaTzRL1x+Lbeoo27AfZXwQJDlYHdg93csXyAP4l2g4lvtU98W3AlG7ZsipUgRWClfe4OBz1l2rT5F+l28daOFae+THOf2iG6kymesCeJiLBILWk45hmiA8Vv3XAdWxtqPJhQKrqtfm5GMm3cNZPc6N3CJe6gVw75eBCG1TjFhSVXmrHQgbmN0nFs6HU3+ghSnPmDI8A7DvWdRAKceWP39pb3g5kp/pTg+Lj+yFV2ll4/MvbN1wcSdW5azDAYLVnMCS6b8ikO16tpnLT1bbUN4M0= ceph-f4745d24-7f5e-11ef-b66f-14ac604688a3"
"sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIMggnmTj7KL409V2mtbPgKERbmyJAeCGBcyzxWW+arRZAAAABHNzaDo= yubikey-black" "sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIMggnmTj7KL409V2mtbPgKERbmyJAeCGBcyzxWW+arRZAAAABHNzaDo= yubikey-black"
@ -20,8 +20,7 @@ let
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDm1kPy3bxyLX2nUwvETrsBbjmPDHEvKxmzn9dCoaa/C1tWttrvaXUhYZ6svftR7ofqjCailq1WHU4qkIlfz6Hxwq/mxZdOGRg3A2lzDgbJ5C9RSA8LIfYht2UhbqW40wHCEa1B6+bcwLHFWbDyoeT+NQO007lK4Tu1OY3nTNz3QFJgxAPtFuqQSTFpkxL8JZetQtc/KwJ5ofZBZ+nFc4PUstPE47uf4OEOaKY+fbDZ2bf8tmybGhVq6Oc+BQKij5usnQLTeN8XyVxPxGvXahXHx7ESnp//wCs6DrzoMHBbAVFVXS+w6ZzX2el9gCAcUeyZt8iu0zl9GxnVkpyQzHuuBgYON3orYaCdM5vRCnECFoK8XNwP45jNPzFxrIpSYeJ4tR4uhLxCfD3OHB/BQtOQsEdMJvnLnynzyWePeweTe2S1+ohg9zskyxt9c2rSxw8OlWdHds32JuWka6mTJCdfZgHaNY+Ppz1NEo5XYIfz9Jt0vevmaCVbBHo73Tyh6+k= norepinephrine" "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDm1kPy3bxyLX2nUwvETrsBbjmPDHEvKxmzn9dCoaa/C1tWttrvaXUhYZ6svftR7ofqjCailq1WHU4qkIlfz6Hxwq/mxZdOGRg3A2lzDgbJ5C9RSA8LIfYht2UhbqW40wHCEa1B6+bcwLHFWbDyoeT+NQO007lK4Tu1OY3nTNz3QFJgxAPtFuqQSTFpkxL8JZetQtc/KwJ5ofZBZ+nFc4PUstPE47uf4OEOaKY+fbDZ2bf8tmybGhVq6Oc+BQKij5usnQLTeN8XyVxPxGvXahXHx7ESnp//wCs6DrzoMHBbAVFVXS+w6ZzX2el9gCAcUeyZt8iu0zl9GxnVkpyQzHuuBgYON3orYaCdM5vRCnECFoK8XNwP45jNPzFxrIpSYeJ4tR4uhLxCfD3OHB/BQtOQsEdMJvnLnynzyWePeweTe2S1+ohg9zskyxt9c2rSxw8OlWdHds32JuWka6mTJCdfZgHaNY+Ppz1NEo5XYIfz9Jt0vevmaCVbBHo73Tyh6+k= norepinephrine"
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDmOATOG9brF/pBmMufk0LQkPQuLwgZAOZMeHCSdOpr+4Tap/mmqCHGtDL/JW6KsDfFpOFmdnSoeihVPGT3r/Mixt3cGOJlzoWXDt2bHyaEOsLz5B3MuYqBIXG3d2wvxharbmlVg3xyArSaCtuBZcopC5rXajnrPW4HxW+pxPC1NsL3RRGSF0edWdJVdX8oJJBsMMUzfeWh1bxEz2iLKMSYb6KPbQITwFTr+RuiEIppOW3n0zJko1wNG8oWTOgHdkmY4C4rUOk6KgW4qs19t7Mjlc7CnZa3XV7/0DcxERGsphpKvS7dpnEtOt7RaHUr/t0V3yLgl58MPbJKG6WSNIRaXZ0EPSlzz8k+4JjuEFdCDg7WjEDSZsBS9U4AyYQjlEwrkinT7g+LUVKYEDqb0hE539SwARvHZsOXrRgtA+Jh2CJIb/rRWfQRkgxpT9hKiBfYbSj8qbphUrbJ/g72UOQyhIbEW8fF9vmWY75NV/X2+EFZyF56ZhvLFk08sjGIF+s= u0_a441@localhost" "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDmOATOG9brF/pBmMufk0LQkPQuLwgZAOZMeHCSdOpr+4Tap/mmqCHGtDL/JW6KsDfFpOFmdnSoeihVPGT3r/Mixt3cGOJlzoWXDt2bHyaEOsLz5B3MuYqBIXG3d2wvxharbmlVg3xyArSaCtuBZcopC5rXajnrPW4HxW+pxPC1NsL3RRGSF0edWdJVdX8oJJBsMMUzfeWh1bxEz2iLKMSYb6KPbQITwFTr+RuiEIppOW3n0zJko1wNG8oWTOgHdkmY4C4rUOk6KgW4qs19t7Mjlc7CnZa3XV7/0DcxERGsphpKvS7dpnEtOt7RaHUr/t0V3yLgl58MPbJKG6WSNIRaXZ0EPSlzz8k+4JjuEFdCDg7WjEDSZsBS9U4AyYQjlEwrkinT7g+LUVKYEDqb0hE539SwARvHZsOXrRgtA+Jh2CJIb/rRWfQRkgxpT9hKiBfYbSj8qbphUrbJ/g72UOQyhIbEW8fF9vmWY75NV/X2+EFZyF56ZhvLFk08sjGIF+s= u0_a441@localhost"
]; ];
in in {
{
nix = { nix = {
# package = pkgs.nixFlakes; # package = pkgs.nixFlakes;
optimise.automatic = true; optimise.automatic = true;
@ -87,29 +86,29 @@ in
tuptime.timer.enable = true; tuptime.timer.enable = true;
} }
// lib.optionalAttrs // lib.optionalAttrs
((builtins.match ".*-linux" pkgs.stdenv.hostPlatform.system) ((builtins.match ".*-linux" pkgs.stdenv.hostPlatform.system)
!= null) != null)
{ {
avahi = { avahi = {
enable = true; enable = true;
ipv4 = true; ipv4 = true;
ipv6 = true; ipv6 = true;
nssmdns6 = true; nssmdns6 = true;
nssmdns4 = true; nssmdns4 = true;
openFirewall = true; openFirewall = true;
}; };
# smartd # smartd
smartd.enable = lib.mkDefault true; smartd.enable = lib.mkDefault true;
} }
# Mac Services # Mac Services
// lib.optionalAttrs // lib.optionalAttrs
((builtins.match ".*-darwin" pkgs.stdenv.hostPlatform.system) ((builtins.match ".*-darwin" pkgs.stdenv.hostPlatform.system)
!= null) != null)
{ {
nix-daemon.enable = true; nix-daemon.enable = true;
}; };
users = { users = {
groups.dockremap = { }; groups.dockremap = {};
groups."mira".gid = 1000; groups."mira".gid = 1000;
users = { users = {
root.openssh.authorizedKeys.keys = sshKeys; root.openssh.authorizedKeys.keys = sshKeys;
@ -117,7 +116,7 @@ in
isNormalUser = true; isNormalUser = true;
group = "mira"; group = "mira";
uid = 1000; uid = 1000;
extraGroups = [ "wheel" "docker" "dockremap" "audio" ]; extraGroups = ["wheel" "docker" "dockremap" "audio"];
packages = with pkgs; [ packages = with pkgs; [
firefox firefox
tree tree
@ -127,59 +126,59 @@ in
}; };
anish = { anish = {
isNormalUser = true; isNormalUser = true;
extraGroups = [ "wheel" "docker" "dockremap" ]; extraGroups = ["wheel" "docker" "dockremap"];
shell = pkgs.zsh; shell = pkgs.zsh;
openssh.authorizedKeys.keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIF6+YE7GteMK6Lmo0oW266LmaD6jwQMnCxwv0/V9zqKR akristipati6@gatech.edu" ]; openssh.authorizedKeys.keys = ["ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIF6+YE7GteMK6Lmo0oW266LmaD6jwQMnCxwv0/V9zqKR akristipati6@gatech.edu" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGG85YYqWTZVFL61l8/R4eBPPWeG/brocJy5wCdUx9yj akristipati6@gatech.edu" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINd1sJYpn4u731IJwG1HrvAGrEXwB60HdkklXPoFr4CX akristipati6@gatech.edu"];
}; };
}; };
}; };
environment.systemPackages = with pkgs; lib.lists.unique [ environment.systemPackages = with pkgs;
lib.lists.unique [
# zellij bat
bat brightnessctl
brightnessctl btdu
btdu btop
btop btrbk
btrbk cargo
cargo chezmoi
chezmoi cifs-utils
cifs-utils delta
delta difftastic
difftastic duf
duf fastfetch
fastfetch fd
fd file
file fzf
fzf gdu
gdu ghostty
ghostty glibcLocales
glibcLocales hyfetch
hyfetch killall
killall lsd
lsd lsof
lsof mcfly
mcfly neovim
neovim nushell
nushell powertop
powertop python3
python3 ripgrep
ripgrep sheldon
sheldon starship
starship statix
statix tealdeer
tealdeer unzip
unzip viddy
viddy vivid
vivid wget
wget xonsh
xonsh zoxide
zoxide zsh
zsh ]
] ++ [ ++ [
alejandra alejandra
lua-language-server lua-language-server
stylua stylua
]; ];
programs = { programs = {
tmux = { tmux = {
enable = true; enable = true;
@ -194,7 +193,7 @@ in
lazygit.enable = true; lazygit.enable = true;
yazi.enable = true; yazi.enable = true;
zsh.enable = true; zsh.enable = true;
thefuck.enable = true; # thefuck.enable = true;
# direnv.enable = true; # direnv.enable = true;
neovim.enable = true; neovim.enable = true;
starship.enable = true; starship.enable = true;

207
flake.lock generated
View file

@ -38,38 +38,6 @@
"type": "github" "type": "github"
} }
}, },
"flake-compat_2": {
"flake": false,
"locked": {
"lastModified": 1733328505,
"narHash": "sha256-NeCCThCEP3eCl2l/+27kNNK7QrwZB1IJCrXfrbv5oqU=",
"owner": "edolstra",
"repo": "flake-compat",
"rev": "ff81ac966bb2cae68946d5ed5fc4994f96d0ffec",
"type": "github"
},
"original": {
"owner": "edolstra",
"repo": "flake-compat",
"type": "github"
}
},
"flake-compat_3": {
"flake": false,
"locked": {
"lastModified": 1696426674,
"narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=",
"owner": "edolstra",
"repo": "flake-compat",
"rev": "0f9255e01c2351cc7d116c072cb317785dd33b33",
"type": "github"
},
"original": {
"owner": "edolstra",
"repo": "flake-compat",
"type": "github"
}
},
"flake-parts": { "flake-parts": {
"inputs": { "inputs": {
"nixpkgs-lib": [ "nixpkgs-lib": [
@ -78,11 +46,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1736143030, "lastModified": 1762980239,
"narHash": "sha256-+hu54pAoLDEZT9pjHlqL9DNzWz0NbUn8NEAHP7PQPzU=", "narHash": "sha256-8oNVE8TrD19ulHinjaqONf9QWCKK+w4url56cdStMpM=",
"owner": "hercules-ci", "owner": "hercules-ci",
"repo": "flake-parts", "repo": "flake-parts",
"rev": "b905f6fc23a9051a6e1b741e1438dbfc0634c6de", "rev": "52a2caecc898d0b46b2b905f058ccc5081f842da",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -91,27 +59,6 @@
"type": "github" "type": "github"
} }
}, },
"flake-parts_2": {
"inputs": {
"nixpkgs-lib": [
"neovim-nightly-overlay",
"hercules-ci-effects",
"nixpkgs"
]
},
"locked": {
"lastModified": 1733312601,
"narHash": "sha256-4pDvzqnegAfRkPwO3wmwBhVi/Sye1mzps0zHWYnP88c=",
"owner": "hercules-ci",
"repo": "flake-parts",
"rev": "205b12d8b7cd4802fbcb8e8ef6a0f1408781a4f9",
"type": "github"
},
"original": {
"id": "flake-parts",
"type": "indirect"
}
},
"flake-utils": { "flake-utils": {
"inputs": { "inputs": {
"systems": "systems" "systems": "systems"
@ -130,73 +77,6 @@
"type": "github" "type": "github"
} }
}, },
"git-hooks": {
"inputs": {
"flake-compat": "flake-compat_3",
"gitignore": "gitignore",
"nixpkgs": [
"neovim-nightly-overlay",
"nixpkgs"
]
},
"locked": {
"lastModified": 1735882644,
"narHash": "sha256-3FZAG+pGt3OElQjesCAWeMkQ7C/nB1oTHLRQ8ceP110=",
"owner": "cachix",
"repo": "git-hooks.nix",
"rev": "a5a961387e75ae44cc20f0a57ae463da5e959656",
"type": "github"
},
"original": {
"owner": "cachix",
"repo": "git-hooks.nix",
"type": "github"
}
},
"gitignore": {
"inputs": {
"nixpkgs": [
"neovim-nightly-overlay",
"git-hooks",
"nixpkgs"
]
},
"locked": {
"lastModified": 1709087332,
"narHash": "sha256-HG2cCnktfHsKV0s4XW83gU3F57gaTljL9KNSuG6bnQs=",
"owner": "hercules-ci",
"repo": "gitignore.nix",
"rev": "637db329424fd7e46cf4185293b9cc8c88c95394",
"type": "github"
},
"original": {
"owner": "hercules-ci",
"repo": "gitignore.nix",
"type": "github"
}
},
"hercules-ci-effects": {
"inputs": {
"flake-parts": "flake-parts_2",
"nixpkgs": [
"neovim-nightly-overlay",
"nixpkgs"
]
},
"locked": {
"lastModified": 1735695978,
"narHash": "sha256-cwk53OX1S1bCFY09zydubZNmmwcx9l5XEba8mVYuNE4=",
"owner": "hercules-ci",
"repo": "hercules-ci-effects",
"rev": "f6233b5cfbada692d93a73d6ed35bdbfd0fdb9c4",
"type": "github"
},
"original": {
"owner": "hercules-ci",
"repo": "hercules-ci-effects",
"type": "github"
}
},
"mirafetch": { "mirafetch": {
"inputs": { "inputs": {
"cargo2nix": "cargo2nix", "cargo2nix": "cargo2nix",
@ -212,11 +92,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1728409373, "lastModified": 1736958443,
"narHash": "sha256-574pVToueBW5O7GrYqOIP7LXWLaL8DtVItIYL7McMyw=", "narHash": "sha256-RygnAZb+BQ+hx9eDmk7ucAg28l5cIM8sM0zbGX0bHbM=",
"owner": "ArgentumCation", "owner": "ArgentumCation",
"repo": "mirafetch", "repo": "mirafetch",
"rev": "4ee59bf0ed1f8c7d645de3c07a8a8d38b6cd5447", "rev": "a03be8e4340fbf93a29c9904393ff3721c060667",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -227,20 +107,16 @@
}, },
"neovim-nightly-overlay": { "neovim-nightly-overlay": {
"inputs": { "inputs": {
"flake-compat": "flake-compat_2",
"flake-parts": "flake-parts", "flake-parts": "flake-parts",
"git-hooks": "git-hooks",
"hercules-ci-effects": "hercules-ci-effects",
"neovim-src": "neovim-src", "neovim-src": "neovim-src",
"nixpkgs": "nixpkgs_2", "nixpkgs": "nixpkgs_2"
"treefmt-nix": "treefmt-nix"
}, },
"locked": { "locked": {
"lastModified": 1736640403, "lastModified": 1763683496,
"narHash": "sha256-1rpSNc0RuUSzy/p+FSrKscnzkki9OY8fKJCOe7z8fDA=", "narHash": "sha256-k20voxbsi+899PeXlvWpKU5tcgNYfNqC52rgrh+MOto=",
"owner": "nix-community", "owner": "nix-community",
"repo": "neovim-nightly-overlay", "repo": "neovim-nightly-overlay",
"rev": "e22b81280db26159447ea54ea06ea6d20435999a", "rev": "1ddc8e956c8165df29735202b76bb0cfa827916d",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -252,11 +128,11 @@
"neovim-src": { "neovim-src": {
"flake": false, "flake": false,
"locked": { "locked": {
"lastModified": 1736639038, "lastModified": 1763682595,
"narHash": "sha256-ezIZc9Y1m5ERCpVpl2Dx8DMEgTDe0eVU7Q5eXa0fMw8=", "narHash": "sha256-/dUf5I0DyLvPgFzjJj0/lUHKZ2M1sVlbYCgudDabxIo=",
"owner": "neovim", "owner": "neovim",
"repo": "neovim", "repo": "neovim",
"rev": "88dca6a83593a0cf33866addf36cad2e847a2899", "rev": "a8b9660ca3452a27b68bf914f618df2d78b64180",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -270,11 +146,11 @@
"nixpkgs": "nixpkgs_3" "nixpkgs": "nixpkgs_3"
}, },
"locked": { "locked": {
"lastModified": 1736631212, "lastModified": 1763505477,
"narHash": "sha256-mG9lRZBcPiAGiVJ9B97BJoIGQcSBWIVlBiN30QYCtG0=", "narHash": "sha256-nJRd4LY2kT3OELfHqdgWjvToNZ4w+zKCMzS2R6z4sXE=",
"owner": "LnL7", "owner": "LnL7",
"repo": "nix-darwin", "repo": "nix-darwin",
"rev": "6ace2f2d12bdf74235d5cbf9fbd34a71c9716685", "rev": "3bda9f6b14161becbd07b3c56411f1670e19b9b5",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -285,11 +161,11 @@
}, },
"nixos-unstable": { "nixos-unstable": {
"locked": { "locked": {
"lastModified": 1736523798, "lastModified": 1763421233,
"narHash": "sha256-Xb8mke6UCYjge9kPR9o4P1nVrhk7QBbKv3xQ9cj7h2s=", "narHash": "sha256-Stk9ZYRkGrnnpyJ4eqt9eQtdFWRRIvMxpNRf4sIegnw=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "130595eba61081acde9001f43de3248d8888ac4a", "rev": "89c2b2330e733d6cdb5eae7b899326930c2c0648",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -333,11 +209,11 @@
}, },
"nixpkgs-unstable": { "nixpkgs-unstable": {
"locked": { "locked": {
"lastModified": 1736657626, "lastModified": 1763618868,
"narHash": "sha256-FWlPMUzp0lkQBdhKlPqtQdqmp+/C+1MBiEytaYfrCTY=", "narHash": "sha256-v5afmLjn/uyD9EQuPBn7nZuaZVV9r+JerayK/4wvdWA=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "2f9e2f85cb14a46410a1399aa9ea7ecf433e422e", "rev": "a8d610af3f1a5fb71e23e08434d8d61a466fc942",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -349,11 +225,11 @@
}, },
"nixpkgs_2": { "nixpkgs_2": {
"locked": { "locked": {
"lastModified": 1736420959, "lastModified": 1763618868,
"narHash": "sha256-dMGNa5UwdtowEqQac+Dr0d2tFO/60ckVgdhZU9q2E2o=", "narHash": "sha256-v5afmLjn/uyD9EQuPBn7nZuaZVV9r+JerayK/4wvdWA=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "32af3611f6f05655ca166a0b1f47b57c762b5192", "rev": "a8d610af3f1a5fb71e23e08434d8d61a466fc942",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -365,16 +241,18 @@
}, },
"nixpkgs_3": { "nixpkgs_3": {
"locked": { "locked": {
"lastModified": 1718149104, "lastModified": 1747728033,
"narHash": "sha256-Ds1QpobBX2yoUDx9ZruqVGJ/uQPgcXoYuobBguyKEh8=", "narHash": "sha256-NnXFQu7g4LnvPIPfJmBuZF7LFy/fey2g2+LCzjQhTUk=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "e913ae340076bbb73d9f4d3d065c2bca7caafb16", "rev": "2f9173bde1d3fbf1ad26ff6d52f952f9e9da52ea",
"type": "github" "type": "github"
}, },
"original": { "original": {
"id": "nixpkgs", "owner": "NixOS",
"type": "indirect" "ref": "nixpkgs-unstable",
"repo": "nixpkgs",
"type": "github"
} }
}, },
"nixpkgs_4": { "nixpkgs_4": {
@ -445,27 +323,6 @@
"repo": "default", "repo": "default",
"type": "github" "type": "github"
} }
},
"treefmt-nix": {
"inputs": {
"nixpkgs": [
"neovim-nightly-overlay",
"nixpkgs"
]
},
"locked": {
"lastModified": 1736154270,
"narHash": "sha256-p2r8xhQZ3TYIEKBoiEhllKWQqWNJNoT9v64Vmg4q8Zw=",
"owner": "numtide",
"repo": "treefmt-nix",
"rev": "13c913f5deb3a5c08bb810efd89dc8cb24dd968b",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "treefmt-nix",
"type": "github"
}
} }
}, },
"root": "root", "root": "root",

106
galanin/configuration.nix
View file

@ -3,16 +3,16 @@
# https://search.nixos.org/options and in the NixOS manual (`nixos-help`). # https://search.nixos.org/options and in the NixOS manual (`nixos-help`).
{ {
config, config,
lib, lib,
pkgs, pkgs,
... ...
}: { }: {
imports = [ imports = [
# Include the results of the hardware scan. # Include the results of the hardware scan.
# ./hardware-configuration.nix # ./hardware-configuration.nix
]; ];
# Use the systemd-boot EFI boot loader. # Use the systemd-boot EFI boot loader.
boot.loader.systemd-boot.enable = true; boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true; boot.loader.efi.canTouchEfiVariables = true;
@ -25,12 +25,12 @@
defaultGateway.address = "192.168.1.1"; defaultGateway.address = "192.168.1.1";
}; };
# List packages installed in system profile. To search, run: # List packages installed in system profile. To search, run:
# $ nix search wget # $ nix search wget
# environment.systemPackages = with pkgs; [ # environment.systemPackages = with pkgs; [
# vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default. # vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default.
# wget # wget
# ]; # ];
users = { users = {
users = { users = {
@ -39,24 +39,24 @@
uid = 100000; uid = 100000;
group = "dockremap"; group = "dockremap";
subUidRanges = [ subUidRanges = [
{ {
startUid = 100000; startUid = 100000;
count = 65536; count = 65536;
} }
]; ];
subGidRanges = [ subGidRanges = [
{ {
startGid = 100000; startGid = 100000;
count = 65536; count = 65536;
} }
]; ];
}; };
}; };
}; };
# Some programs need SUID wrappers, can be configured further or are # Some programs need SUID wrappers, can be configured further or are
# started in user sessions. # started in user sessions.
# programs.mtr.enable = true; # programs.mtr.enable = true;
# programs. # programs.
programs = { programs = {
gnupg.agent = { gnupg.agent = {
enable = true; enable = true;
@ -76,7 +76,7 @@
configure = { configure = {
customRC = '' customRC = ''
set number relativenumber set number relativenumber
''; '';
}; };
defaultEditor = true; defaultEditor = true;
@ -90,7 +90,7 @@
extraOptions = "--userns-remap=default"; extraOptions = "--userns-remap=default";
liveRestore = false; # NOTE: Incompatible with swarm liveRestore = false; # NOTE: Incompatible with swarm
}; };
# List services that you want to enable: # List services that you want to enable:
services.keepalived = { services.keepalived = {
enable = true; enable = true;
openFirewall = true; openFirewall = true;
@ -101,14 +101,14 @@
delay 1 delay 1
} }
''; '';
vrrpInstances = { vrrpInstances = {
VI_1 = { VI_1 = {
state = "BACKUP"; state = "BACKUP";
interface = "enp0s31f6"; interface = "enp0s31f6";
virtualRouterId = 51; virtualRouterId = 51;
priority=100; priority = 100;
virtualIps = [ {addr = "192.168.1.64";}]; virtualIps = [{addr = "192.168.1.64";}];
extraConfig = '' extraConfig = ''
authentication { authentication {
auth_type PASS auth_type PASS
auth_pass 3141 auth_pass 3141
@ -117,27 +117,27 @@
track_traefik track_traefik
} }
advert_int 1 advert_int 1
''; '';
};
}; };
};
}; };
# Enable the OpenSSH daemon. # Enable the OpenSSH daemon.
# services.openssh.enable = true; # services.openssh.enable = true;
# Open ports in the firewall. # Open ports in the firewall.
# networking.firewall.allowedTCPPorts = [ ... ]; # networking.firewall.allowedTCPPorts = [ ... ];
# networking.firewall.allowedUDPPorts = [ ... ]; # networking.firewall.allowedUDPPorts = [ ... ];
# Or disable the firewall altogether. # Or disable the firewall altogether.
# Copy the NixOS configuration file and link it from the resulting system # Copy the NixOS configuration file and link it from the resulting system
# (/run/current-system/configuration.nix). This is useful in case you # (/run/current-system/configuration.nix). This is useful in case you
# accidentally delete configuration.nix. # accidentally delete configuration.nix.
# system.copySystemConfiguration = true; # system.copySystemConfiguration = true;
services.logind.lidSwitch = "ignore"; services.logind.lidSwitch = "ignore";
systemd.targets.sleep.enable = false; systemd.targets.sleep.enable = false;
systemd.targets.suspend.enable = false; systemd.targets.suspend.enable = false;
systemd.targets.hibernate.enable = false; systemd.targets.hibernate.enable = false;
systemd.targets.hybrid-sleep.enable = false; systemd.targets.hybrid-sleep.enable = false;
system.stateVersion = "24.05"; # Did you read the comment? system.stateVersion = "24.05"; # Did you read the comment?
} }

17
node.nix
View file

@ -1,10 +1,9 @@
{ config {
, lib config,
, pkgs lib,
, meta pkgs,
, ... meta,
}: ...
let }: let
foo = "bar"; foo = "bar";
in in {}
{ }

10
orexin/hardware-configuration.nix
View file

@ -35,11 +35,11 @@
options = ["subvol=@nix" "noatime" "space_cache=v2" "compress=zstd"]; options = ["subvol=@nix" "noatime" "space_cache=v2" "compress=zstd"];
}; };
# fileSystems."/data" = { # fileSystems."/data" = {
# device = "/dev/disk/by-uuid/d57652b7-5506-4cdd-8694-90bcd4810d7b"; # device = "/dev/disk/by-uuid/d57652b7-5506-4cdd-8694-90bcd4810d7b";
# fsType = "btrfs"; # fsType = "btrfs";
# options = ["noatime" "space_cache=v2" "compress=zstd"]; # options = ["noatime" "space_cache=v2" "compress=zstd"];
# }; # };
fileSystems."/boot" = { fileSystems."/boot" = {
device = "/dev/disk/by-uuid/8BA9-84E8"; device = "/dev/disk/by-uuid/8BA9-84E8";

59
primary.nix
View file

@ -1,59 +0,0 @@
inputs @ { config
, pkgs
, flakes
, ...
}: {
imports = [
./etc/seaweedfs.nix # the file from dermetfan
];
services.seaweedfs.clusters.default = {
package = pkgs.seaweedfs;
masters.main = {
openFirewall = true;
ip = "${config.networking.hostName}.lan";
mdir = "/raid/@weed/metadata/";
volumePreallocate = true;
defaultReplication = {
dataCenter = 0;
rack = 0;
server = 0;
};
};
volumes.${config.networking.hostName} = {
openFirewall = true;
dataCenter = "ribosome";
rack = "${config.networking.hostName}";
ip = "${config.networking.hostName}.lan";
dir = [ "/raid/@weed/volumes/volume_${config.networking.hostName}/" ];
disk = "hdd"; # Replication gets screwy if these don't match
max = [ 0 ]; # use all space
port = 9334;
mserver = [
{
ip = "${config.networking.hostName}.lan";
port = 9333;
}
];
};
filers.main = {
openFirewall = true;
dataCenter = "ribosome";
encryptVolumeData = false;
ip = "${config.networking.hostName}.lan";
peers = [ ];
port = 4208;
master = [
# this is actually in cluster.masters that I import in the real file
{
ip = "${config.networking.hostName}.lan";
port = 9333;
}
];
};
};
}