swarsel/.dotfiles
1
0
Fork 0
mirror of https://github.com/Swarsel/.dotfiles.git synced 2025-12-06 09:07:21 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

feat: init nixos-server, work screenshare & qol

Browse source
This commit is contained in:
Swarsel 2024-09-23 21:18:36 +02:00
parent e4f38440f8
commit dcf7b84d94
Signed by: swarsel
GPG key ID: 26A54C31F2A4FD84
34 changed files with 1644 additions and 298 deletions
Download patch file Download diff file Expand all files Collapse all files

1
profiles/common/home/custom-packages.nix
View file

@ -15,6 +15,7 @@
fs-diff
update-checker
github-notifications
screenshare
(pkgs.writeScriptBin "project" ''
#! ${pkgs.bash}/bin/bash

2
profiles/common/home/sway.nix
View file

@ -53,6 +53,7 @@ in
"${modifier}+o" = "exec pass-fuzzel --otp";
"${modifier}+Shift+p" = "exec pass-fuzzel --type";
"${modifier}+Shift+o" = "exec pass-fuzzel --otp --type";
"${modifier}+Ctrl+p" = "exec 1password --quick-acces";
"${modifier}+Escape" = "mode $exit";
"${modifier}+Shift+Escape" = "exec kitty -o confirm_os_window_close=0 btm";
"${modifier}+s" = "exec grim -g \"$(slurp)\" -t png - | wl-copy -t image/png";
@ -157,6 +158,7 @@ in
{ title = "Syncthing Tray"; }
{ app_id = "SchildiChat"; }
{ app_id = "Element"; }
{ class = "1Password"; }
{ app_id = "com.nextcloud.desktopclient.nextcloud"; }
{ app_id = "gnome-system-monitor"; }
{ title = "(?:Open|Save) (?:File|Folder|As)"; }

42
profiles/common/home/zsh.nix
View file

@ -1,25 +1,29 @@
{ pkgs, ... }:
{ config, pkgs, lib, ... }:
{
programs.zsh = {
enable = true;
shellAliases = {
hg = "history | grep";
hmswitch = "cd ~/.dotfiles; home-manager --flake .#$(whoami)@$(hostname) switch; cd -;";
nswitch = "cd ~/.dotfiles; sudo nixos-rebuild --flake .#$(hostname) switch; cd -;";
nswitch-stay = "cd ~/.dotfiles; git restore flake.lock; sudo nixos-rebuild --flake .#$(hostname) switch; cd -;";
edithome = "e -w ~/.dotfiles/SwarselSystems.org";
magit = "emacsclient -nc -e \"(magit-status)\"";
config = "git --git-dir=$HOME/.cfg/ --work-tree=$HOME";
g = "git";
c = "git --git-dir=$HOME/.dotfiles/.git --work-tree=$HOME/.dotfiles/";
passpush = "cd ~/.local/share/password-store; git add .; git commit -m 'pass file changes'; git push; cd -;";
passpull = "cd ~/.local/share/password-store; git pull; cd -;";
hotspot = "nmcli connection up local; nmcli device wifi hotspot;";
cd = "z";
cdr = "cd \"$( (find /home/swarsel/Documents/GitHub -maxdepth 1 && echo /home/swarsel/.dotfiles) | fzf )\"";
nix-ldd = "LD_LIBRARY_PATH=$NIX_LD_LIBRARY_PATH ldd";
fs-diff = "sudo mount -o subvol=/ /dev/mapper/cryptroot /mnt ; fs-diff";
};
shellAliases = lib.recursiveUpdate
{
hg = "history | grep";
hmswitch = "cd ~/.dotfiles; home-manager --flake .#$(whoami)@$(hostname) switch; cd -;";
nswitch = "cd ~/.dotfiles; sudo nixos-rebuild --flake .#$(hostname) switch; cd -;";
nswitch-stay = "cd ~/.dotfiles; git restore flake.lock; sudo nixos-rebuild --flake .#$(hostname) switch; cd -;";
edithome = "e -w ~/.dotfiles/SwarselSystems.org";
magit = "emacsclient -nc -e \"(magit-status)\"";
config = "git --git-dir=$HOME/.cfg/ --work-tree=$HOME";
g = "git";
c = "git --git-dir=$HOME/.dotfiles/.git --work-tree=$HOME/.dotfiles/";
passpush = "cd ~/.local/share/password-store; git add .; git commit -m 'pass file changes'; git push; cd -;";
passpull = "cd ~/.local/share/password-store; git pull; cd -;";
hotspot = "nmcli connection up local; nmcli device wifi hotspot;";
cd = "z";
cdr = "cd \"$( (find /home/swarsel/Documents/GitHub -maxdepth 1 && echo /home/swarsel/.dotfiles) | fzf )\"";
nix-ldd = "LD_LIBRARY_PATH=$NIX_LD_LIBRARY_PATH ldd";
fs-diff = "sudo mount -o subvol=/ /dev/mapper/cryptroot /mnt ; fs-diff";
lt = "ls -lath";
oldshell = "nix shell github:nixos/nixpkgs/\"$1\" \"$2\"";
}
config.swarselsystems.shellAliases;
autosuggestion.enable = true;
enableCompletion = true;
syntaxHighlighting.enable = true;

2
profiles/common/nixos/zsh.nix
View file

@ -1,4 +1,4 @@
{ pkgs, ... }:
{ lib, config, pkgs, ... }:
{
programs.zsh.enable = true;
users.defaultUserShell = pkgs.zsh;

15
profiles/nbl-imba-2/default.nix
View file

@ -92,6 +92,7 @@
{ command = "teams-for-linux"; }
{ command = "1password"; }
];
sharescreen = "eDP-2";
monitors = {
main = {
name = "BOE 0x0BC9 Unknown";
@ -139,7 +140,7 @@
scale = "1";
position = "-1280,0";
workspace = "1:";
output = "DP-8";
output = "DP-9";
};
work_middle_middle_side = {
name = "Hewlett Packard HP Z24i CN44250RDT";
@ -148,13 +149,13 @@
scale = "1";
position = "-2480,0";
workspace = "12:S";
output = "DP-9";
output = "DP-8";
};
work_seminary = {
name = "Applied Creative Technology Transmitter QUATTRO201811";
mode = "1280x720";
scale = "1";
position = "10000,10000";
position = "10000,10000"; # i.e. this screen is inaccessible by moving the mouse
workspace = "12:S";
output = "DP-4";
};
@ -184,7 +185,13 @@
};
};
keybindings = {
"Mod4+Ctrl+p" = "exec wl-mirror eDP-2";
"Mod4+Ctrl+Shift+p" = "exec screenshare";
};
shellAliases = {
ans2-15_3-9 = ". ~/.venvs/ansible39_2_15_0/bin/activate";
ans3-9 = ". ~/.venvs/ansible39/bin/activate";
ans = ". ~/.venvs/ansible/bin/activate";
ans2-15 = ". ~/.venvs/ansible2.15.0/bin/activate";
};
};
}

2
profiles/nbl-imba-2/hardware-configuration.nix
View file

@ -9,7 +9,7 @@
(modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "thunderbolt" "usb_storage" "cryptd" "usbhid" "sd_mod" ];
boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "thunderbolt" "usb_storage" "cryptd" "usbhid" "sd_mod" "r8152" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-amd" ];
boot.extraModulePackages = [ ];

1
profiles/optional/home/work.nix
View file

@ -6,6 +6,7 @@
shellcheck
dig
docker
postman
];
programs = {

32
profiles/server/common/calibre.nix Normal file
View file

@ -0,0 +1,32 @@
{ pkgs, config, ... }:
{
environment.systemPackages = with pkgs; [
calibre
];
sops.secrets.kavita = { owner = "kavita"; };
services.kavita = {
enable = true;
user = "kavita";
port = 8080;
tokenKeyFile = config.sops.secrets.kavita.path;
};
services.nginx = {
"scroll.swarsel.win" = {
enableACME = true;
forceSSL = true;
acmeRoot = null;
locations = {
"/" = {
proxyPass = "http://192.168.1.22:8080";
extraConfig = ''
client_max_body_size 0;
'';
};
};
};
};
}

53
profiles/server/common/default.nix Normal file
View file

@ -0,0 +1,53 @@
{ lib, config, inputs, ... }:
{
imports = [
../../common/nixos/xserver.nix
../../common/nixos/gc.nix
../../common/nixos/store.nix
../../common/nixos/time.nix
../../common/nixos/pipewire.nix
./packages.nix
./sops.nix
./ssh.nix
./nginx.nix
./kavita.nix
./jellyfin.nix
./navidrome.nix
./spotifyd.nix
./mpd.nix
./matrix.nix
];
nix =
let
flakeInputs = lib.filterAttrs (_: lib.isType "flake") inputs;
in
{
settings = {
experimental-features = [
"nix-command"
"flakes"
"ca-derivations"
];
trusted-users = [ "swarsel" ];
flake-registry = "";
warn-dirty = false;
};
channel.enable = false;
registry = lib.mapAttrs (_: flake: { inherit flake; }) flakeInputs;
nixPath = lib.mapAttrsToList (n: _: "${n}=flake:${n}") flakeInputs;
};
environment.shellAliases = lib.recursiveUpdate
{
npswitch = "cd /.dotfiles; git pull; nixos-rebuild --flake .#$(hostname) switch; cd -;";
nswitch = "cd /.dotfiles; nixos-rebuild --flake .#$(hostname) switch; cd -;";
}
config.swarselsystems.shellAliases;
nixpkgs.config.permittedInsecurePackages = [
"olm-3.2.16"
];
system.stateVersion = lib.mkDefault "23.05";
}

44
profiles/server/common/jellyfin.nix Normal file
View file

@ -0,0 +1,44 @@
{ pkgs, lib, config, ... }:
{
config = lib.mkIf config.swarselsystems.server.jellyfin {
users.users.jellyfin = {
extraGroups = [ "video" "render" ];
};
nixpkgs.config.packageOverrides = pkgs: {
vaapiIntel = pkgs.vaapiIntel.override { enableHybridCodec = true; };
};
hardware.graphics = {
enable = true;
extraPackages = with pkgs; [
intel-media-driver # LIBVA_DRIVER_NAME=iHD
vaapiIntel # LIBVA_DRIVER_NAME=i965 (older but works better for Firefox/Chromium)
vaapiVdpau
libvdpau-va-gl
];
};
services.jellyfin = {
enable = true;
user = "jellyfin";
# openFirewall = true; # this works only for the default ports
};
services.nginx = {
virtualHosts = {
"screen.swarsel.win" = {
enableACME = true;
forceSSL = true;
acmeRoot = null;
locations = {
"/" = {
proxyPass = "http://192.168.1.16:8096";
extraConfig = ''
client_max_body_size 0;
'';
};
};
};
};
};
};
}

35
profiles/server/common/kavita.nix Normal file
View file

@ -0,0 +1,35 @@
{ pkgs, lib, config, ... }:
{
config = lib.mkIf config.swarselsystems.server.kavita {
environment.systemPackages = with pkgs; [
calibre
];
sops.secrets.kavita = { owner = "kavita"; };
services.kavita = {
enable = true;
user = "kavita";
settings.Port = 8080;
tokenKeyFile = config.sops.secrets.kavita.path;
};
services.nginx = {
virtualHosts = {
"scroll.swarsel.win" = {
enableACME = true;
forceSSL = true;
acmeRoot = null;
locations = {
"/" = {
proxyPass = "http://192.168.1.22:8080";
extraConfig = ''
client_max_body_size 0;
'';
};
};
};
};
};
};
}

273
profiles/server/common/matrix.nix Normal file
View file

@ -0,0 +1,273 @@
{ config, lib, pkgs, modulesPath, sops, ... }:
let
matrixDomain = "swatrix.swarsel.win";
in
{
config = lib.mkIf config.swarselsystems.server.matrix {
environment.systemPackages = with pkgs; [
matrix-synapse
lottieconverter
ffmpeg
];
sops = {
secrets = {
matrixsharedsecret = { owner = "matrix-synapse"; };
mautrixtelegram_as = { owner = "matrix-synapse"; };
mautrixtelegram_hs = { owner = "matrix-synapse"; };
mautrixtelegram_api_id = { owner = "matrix-synapse"; };
mautrixtelegram_api_hash = { owner = "matrix-synapse"; };
};
templates = {
"matrix_user_register.sh".content = ''
register_new_matrix_user -k ${config.sops.placeholder.matrixsharedsecret} http://localhost:8008
'';
matrixshared = {
owner = "matrix-synapse";
content = ''
registration_shared_secret: ${config.sops.placeholder.matrixsharedsecret}
'';
};
mautrixtelegram = {
owner = "matrix-synapse";
content = ''
MAUTRIX_TELEGRAM_APPSERVICE_AS_TOKEN=${config.sops.placeholder.mautrixtelegram_as}
MAUTRIX_TELEGRAM_APPSERVICE_HS_TOKEN=${config.sops.placeholder.mautrixtelegram_hs}
MAUTRIX_TELEGRAM_TELEGRAM_API_ID=${config.sops.placeholder.mautrixtelegram_api_id}
MAUTRIX_TELEGRAM_TELEGRAM_API_HASH=${config.sops.placeholder.mautrixtelegram_api_hash}
'';
};
};
};
services.postgresql = {
enable = true;
initialScript = pkgs.writeText "synapse-init.sql" ''
CREATE ROLE "matrix-synapse" WITH LOGIN PASSWORD 'synapse';
CREATE DATABASE "matrix-synapse" WITH OWNER "matrix-synapse"
TEMPLATE template0
LC_COLLATE = "C"
LC_CTYPE = "C";
CREATE ROLE "mautrix-telegram" WITH LOGIN PASSWORD 'telegram';
CREATE DATABASE "mautrix-telegram" WITH OWNER "mautrix-telegram"
TEMPLATE template0
LC_COLLATE = "C"
LC_CTYPE = "C";
CREATE ROLE "mautrix-whatsapp" WITH LOGIN PASSWORD 'whatsapp';
CREATE DATABASE "mautrix-whatsapp" WITH OWNER "mautrix-whatsapp"
TEMPLATE template0
LC_COLLATE = "C"
LC_CTYPE = "C";
CREATE ROLE "mautrix-signal" WITH LOGIN PASSWORD 'signal';
CREATE DATABASE "mautrix-signal" WITH OWNER "mautrix-signal"
TEMPLATE template0
LC_COLLATE = "C"
LC_CTYPE = "C";
'';
};
services.matrix-synapse = {
enable = true;
settings = {
app_service_config_files = [
"/var/lib/matrix-synapse/telegram-registration.yaml"
"/var/lib/matrix-synapse/whatsapp-registration.yaml"
"/var/lib/matrix-synapse/signal-registration.yaml"
"/var/lib/matrix-synapse/doublepuppet.yaml"
];
server_name = matrixDomain;
public_baseurl = "https://${matrixDomain}";
listeners = [
{
port = 8008;
bind_addresses = [ "0.0.0.0" ];
type = "http";
tls = false;
x_forwarded = true;
resources = [
{
names = [ "client" "federation" ];
compress = true;
}
];
}
];
};
extraConfigFiles = [
config.sops.templates.matrixshared.path
];
};
services.mautrix-telegram = {
enable = true;
environmentFile = config.sops.templates.mautrixtelegram.path;
settings = {
homeserver = {
address = "http://localhost:8008";
domain = matrixDomain;
};
appservice = {
address = "http://localhost:29317";
hostname = "0.0.0.0";
port = "29317";
provisioning.enabled = true;
id = "telegram";
# ephemeral_events = true; # not needed due to double puppeting
public = {
enabled = false;
};
database = "postgresql:///mautrix-telegram?host=/run/postgresql";
};
bridge = {
relaybot.authless_portals = true;
allow_avatar_remove = true;
allow_contact_info = true;
sync_channel_members = true;
startup_sync = true;
sync_create_limit = 0;
sync_direct_chats = true;
telegram_link_preview = true;
permissions = {
"*" = "relaybot";
"@swarsel:${matrixDomain}" = "admin";
};
animated_sticker = {
target = "gif";
args = {
width = 256;
height = 256;
fps = 30; # only for webm
background = "020202"; # only for gif, transparency not supported
};
};
};
};
};
systemd.services.mautrix-telegram.path = with pkgs; [
lottieconverter # for animated stickers conversion, unfree package
ffmpeg # if converting animated stickers to webm (very slow!)
];
services.mautrix-whatsapp = {
enable = true;
settings = {
homeserver = {
address = "http://localhost:8008";
domain = matrixDomain;
};
appservice = {
address = "http://localhost:29318";
hostname = "0.0.0.0";
port = 29318;
database = {
type = "postgres";
uri = "postgresql:///mautrix-whatsapp?host=/run/postgresql";
};
};
bridge = {
displayname_template = "{{or .FullName .PushName .JID}} (WA)";
history_sync = {
backfill = true;
max_initial_conversations = -1;
message_count = -1;
request_full_sync = true;
full_sync_config = {
days_limit = 900;
size_mb_limit = 5000;
storage_quota_mb = 5000;
};
};
login_shared_secret_map = {
matrixDomain = "as_token:doublepuppet";
};
sync_manual_marked_unread = true;
send_presence_on_typing = true;
parallel_member_sync = true;
url_previews = true;
caption_in_message = true;
extev_polls = true;
permissions = {
"*" = "relaybot";
"@swarsel:${matrixDomain}" = "admin";
};
};
};
};
services.mautrix-signal = {
enable = true;
settings = {
homeserver = {
address = "http://localhost:8008";
domain = matrixDomain;
};
appservice = {
address = "http://localhost:29328";
hostname = "0.0.0.0";
port = 29328;
database = {
type = "postgres";
uri = "postgresql:///mautrix-signal?host=/run/postgresql";
};
};
bridge = {
displayname_template = "{{or .ContactName .ProfileName .PhoneNumber}} (Signal)";
login_shared_secret_map = {
matrixDomain = "as_token:doublepuppet";
};
caption_in_message = true;
permissions = {
"*" = "relaybot";
"@swarsel:${matrixDomain}" = "admin";
};
};
};
};
# restart the bridges daily. this is done for the signal bridge mainly which stops carrying
# messages out after a while.
systemd.timers."restart-bridges" = {
wantedBy = [ "timers.target" ];
timerConfig = {
OnBootSec = "1d";
OnUnitActiveSec = "1d";
Unit = "restart-bridges.service";
};
};
systemd.services."restart-bridges" = {
script = ''
systemctl restart mautrix-whatsapp.service
systemctl restart mautrix-signal.service
systemctl restart mautrix-telegram.service
'';
serviceConfig = {
Type = "oneshot";
User = "root";
};
};
services.nginx = {
virtualHosts = {
"swatrix.swarsel.win" = {
enableACME = true;
forceSSL = true;
acmeRoot = null;
locations = {
"~ ^(/_matrix|/_synapse/client)" = {
proxyPass = "http://192.168.1.23:8008";
extraConfig = ''
client_max_body_size 0;
'';
};
};
};
};
};
};
}

51
profiles/server/common/mpd.nix Normal file
View file

@ -0,0 +1,51 @@
{ pkgs, lib, config, ... }:
{
config = lib.mkIf config.swarselsystems.server.mpd {
users = {
groups = {
mpd = { };
};
users = {
mpd = {
isSystemUser = true;
group = "mpd";
extraGroups = [ "audio" "utmp" ];
};
};
};
sops = {
secrets.mpdpass = { owner = "mpd"; };
};
environment.systemPackages = with pkgs; [
pciutils
alsa-utils
mpv
];
services.mpd = {
enable = true;
musicDirectory = "/media";
user = "mpd";
group = "mpd";
network = {
port = 3254;
listenAddress = "any";
};
credentials = [
{
passwordFile = config.sops.secrets.mpdpass.path;
permissions = [
"read"
"add"
"control"
"admin"
];
}
];
};
};
}

76
profiles/server/common/navidrome.nix Normal file
View file

@ -0,0 +1,76 @@
{ pkgs, lib, config, ... }:
{
config = lib.mkIf config.swarselsystems.server.navidrome {
environment.systemPackages = with pkgs; [
pciutils
alsa-utils
mpv
];
users = {
groups = {
navidrome = {
gid = 61593;
};
};
users = {
navidrome = {
isSystemUser = true;
uid = 61593;
group = "navidrome";
extraGroups = [ "audio" "utmp" ];
};
};
};
hardware.enableAllFirmware = true;
services.navidrome = {
enable = true;
settings = {
Address = "0.0.0.0";
Port = 4040;
MusicFolder = "/media";
EnableSharing = true;
EnableTranscodingConfig = true;
Scanner.GroupAlbumReleases = true;
ScanSchedule = "@every 1d";
# Insert these values locally as sops-nix does not work for them
# LastFM.ApiKey = TEMPLATE;
# LastFM.Secret = TEMPLATE;
# Spotify.ID = TEMPLATE;
# Spotify.Secret = TEMPLATE;
UILoginBackgroundUrl = "https://i.imgur.com/OMLxi7l.png";
UIWelcomeMessage = "~SwarselSound~";
};
};
services.nginx = {
virtualHosts = {
"sound.swarsel.win" = {
enableACME = true;
forceSSL = true;
acmeRoot = null;
locations = {
"/" = {
proxyPass = "http://192.168.1.13:4040";
proxyWebsockets = true;
extraConfig = ''
proxy_redirect http:// https://;
proxy_read_timeout 600s;
proxy_send_timeout 600s;
proxy_buffering off;
proxy_request_buffering off;
client_max_body_size 0;
'';
};
};
};
};
};
};
}

30
profiles/server/common/nginx.nix Normal file
View file

@ -0,0 +1,30 @@
{ pkgs, config, ... }:
{
environment.systemPackages = with pkgs; [
lego
];
sops = {
secrets.dnstokenfull = { owner = "acme"; };
templates."certs.secret".content = ''
CF_DNS_API_TOKEN=${config.sops.placeholder.dnstokenfull}
'';
};
security.acme = {
acceptTerms = true;
preliminarySelfsigned = false;
defaults.email = "mrswarsel@gmail.com";
defaults.dnsProvider = "cloudflare";
defaults.environmentFile = "${config.sops.templates."certs.secret".path}";
};
services.nginx = {
enable = true;
recommendedProxySettings = true;
recommendedTlsSettings = true;
recommendedOptimisation = true;
recommendedGzipSettings = true;
# virtualHosts are defined in the respective sections
};
}

9
profiles/server/common/packages.nix Normal file
View file

@ -0,0 +1,9 @@
{ pkgs, ... }:
{
environment.systemPackages = with pkgs; [
gnupg
nix-index
ssh-to-age
git
];
}

9
profiles/server/common/sops.nix Normal file
View file

@ -0,0 +1,9 @@
{ pkgs, ... }:
{
sops = {
age.sshKeyPaths = [ "/etc/ssh/sops" ];
defaultSopsFile = "/.dotfiles/secrets/server/secrets.yaml";
validateSopsFiles = false;
};
}

29
profiles/server/common/spotifyd.nix Normal file
View file

@ -0,0 +1,29 @@
{ pkgs, lib, config, ... }:
{
config = lib.mkIf config.swarselsystems.server.spotifyd {
users.groups.spotifyd = {
gid = 65136;
};
users.users.spotifyd = {
isSystemUser = true;
uid = 65136;
group = "spotifyd";
extraGroups = [ "audio" "utmp" ];
};
services.spotifyd = {
enable = true;
settings = {
global = {
dbus_type = "session";
use_mpris = false;
device = "default:CARD=PCH";
device_name = "SwarselSpot";
mixer = "alsa";
zeroconf_port = 1025;
};
};
};
};
}

11
profiles/server/common/ssh.nix Normal file
View file

@ -0,0 +1,11 @@
_:
{
services.openssh = {
enable = true;
settings.PermitRootLogin = "yes";
};
users.users.root.openssh.authorizedKeys.keyFiles = [
../../../secrets/keys/authorized_keys
];
}

54
profiles/server/winters/default.nix Normal file
View file

@ -0,0 +1,54 @@
{ inputs, outputs, config, pkgs, lib, ... }:
{
imports = [
inputs.sops-nix.nixosModules.sops
./hardware-configuration.nix
../../optional/nixos/autologin.nix
../../server/common
] ++ (builtins.attrValues outputs.nixosModules);
nixpkgs = {
inherit (outputs) overlays;
config = {
allowUnfree = true;
};
};
boot = {
loader.systemd-boot.enable = true;
loader.efi.canTouchEfiVariables = true;
kernelPackages = pkgs.linuxPackages_latest;
};
networking = {
hostName = "winters";
firewall.enable = true;
};
swarselsystems = {
hasBluetooth = false;
hasFingerprint = false;
impermanence = false;
isBtrfs = false;
server = {
enable = true;
kavita = true;
navidrome = true;
jellyfin = true;
spotifyd = true;
mpd = true;
matrix = true;
};
shellAliases = {
nswitch = "cd /.dotfiles; sudo nixos-rebuild --flake .#$(hostname) switch; cd -;";
};
};
}

108
profiles/winters/home.nix
View file

@ -1,108 +0,0 @@
{ config, pkgs, ... }:
{
home = {
username = "swarsel";
homeDirectory = "/home/swarsel";
stateVersion = "23.05"; # TEMPLATE -- Please read the comment before changing.
keyboard.layout = "us"; # TEMPLATE
packages = with pkgs; [
];
};
sops.age.sshKeyPaths = [ "${config.home.homeDirectory}/.ssh/sops" ];
# waybar config - TEMPLATE - update for cores and temp
programs.waybar.settings.mainBar = {
cpu.format = "{icon0} {icon1} {icon2} {icon3} {icon4} {icon5} {icon6} {icon7}";
temperature.hwmon-path.abs = "/sys/devices/platform/thinkpad_hwmon/hwmon/";
temperature.input-filename = "temp1_input";
};
programs.waybar.settings.mainBar.modules-right = [
"custom/outer-left-arrow-dark"
"mpris"
"custom/left-arrow-light"
"network"
"custom/left-arrow-dark"
"pulseaudio"
"custom/left-arrow-light"
"custom/pseudobat"
"battery"
"custom/left-arrow-dark"
"group/hardware"
"custom/left-arrow-light"
"clock#2"
"custom/left-arrow-dark"
"clock#1"
];
wayland.windowManager.sway = {
config = rec {
# update for actual inputs here,
input = {
"36125:53060:splitkb.com_Kyria_rev3" = {
xkb_layout = "us";
xkb_variant = "altgr-intl";
};
"1:1:AT_Translated_Set_2_keyboard" = {
# TEMPLATE
xkb_layout = "us";
xkb_options = "grp:win_space_toggle";
xkb_variant = "altgr-intl";
};
"type:touchpad" = {
dwt = "enabled";
tap = "enabled";
natural_scroll = "enabled";
middle_emulation = "enabled";
};
};
output = {
eDP-1 = {
mode = "1920x1080"; # TEMPLATE
scale = "1";
position = "1920,0";
# bg = "~/.dotfiles/wallpaper/lenovowp.png fill";
};
# external monitor
HDMI-A-1 = {
mode = "2560x1440";
scale = "1";
# bg = "~/.dotfiles/wallpaper/lenovowp.png fill";
position = "0,0";
};
};
workspaceOutputAssign = [
{ output = "eDP-1"; workspace = "1:"; }
{ output = "HDMI-A-1"; workspace = "2:"; }
];
# keybindings = let
# inherit (config.wayland.windowManager.sway.config) modifier;
# in {
# };
startup = [
{ command = "nextcloud --background"; }
{ command = "discord --start-minimized"; }
{ command = "element-desktop --hidden -enable-features=UseOzonePlatform -ozone-platform=wayland --disable-gpu-driver-bug-workarounds"; }
{ command = "ANKI_WAYLAND=1 anki"; }
{ command = "OBSIDIAN_USE_WAYLAND=1 obsidian"; }
{ command = "nm-applet"; }
];
};
};
}

142
profiles/winters/nixos.nix
View file

@ -1,142 +0,0 @@
{ pkgs, ... }:
{
#
# imports =
# [
# ./hardware-configuration.nix
# ];
#
imports =
[
./hardware-configuration.nix
];
services = {
getty.autologinUser = "swarsel";
greetd.settings.initial_session.user = "swarsel";
};
boot = {
loader.systemd-boot.enable = true;
loader.efi.canTouchEfiVariables = true;
kernelPackages = pkgs.linuxPackages_latest;
};
networking = {
hostName = "winters"; # Define your hostname.
nftables.enable = true;
enableIPv6 = true;
firewall.checkReversePath = "strict";
firewall = {
enable = true;
allowedUDPPorts = [ ];
allowedTCPPorts = [ ];
allowedTCPPortRanges = [
];
allowedUDPPortRanges = [
];
};
};
virtualisation.virtualbox = {
host = {
enable = true;
enableExtensionPack = true;
};
# leaving this here for future notice. setting guest.enable = true will make 'restarting sysinit-reactivation.target' take till timeout on nixos-rebuild switch
guest = {
enable = false;
};
};
stylix.image = ../../wallpaper/lenovowp.png;
enable = true;
base16Scheme = ../../../wallpaper/swarsel.yaml;
# base16Scheme = "${pkgs.base16-schemes}/share/themes/shapeshifter.yaml";
polarity = "dark";
opacity.popups = 0.5;
cursor = {
package = pkgs.capitaine-cursors;
name = "capitaine-cursors";
size = 16;
};
fonts = {
sizes = {
terminal = 10;
applications = 11;
};
serif = {
# package = (pkgs.nerdfonts.override { fonts = [ "FiraMono" "FiraCode"]; });
package = pkgs.cantarell-fonts;
# package = pkgs.montserrat;
name = "Cantarell";
# name = "FiraCode Nerd Font Propo";
# name = "Montserrat";
};
sansSerif = {
# package = (pkgs.nerdfonts.override { fonts = [ "FiraMono" "FiraCode"]; });
package = pkgs.cantarell-fonts;
# package = pkgs.montserrat;
name = "Cantarell";
# name = "FiraCode Nerd Font Propo";
# name = "Montserrat";
};
monospace = {
package = pkgs.nerdfonts.override { fonts = [ "FiraCode" ]; };
name = "FiraCode Nerd Font Mono";
};
emoji = {
package = pkgs.noto-fonts-emoji;
name = "Noto Color Emoji";
};
};
hardware = {
graphics = {
enable = true;
enable32Bit = true;
extraPackages = with pkgs; [
];
};
bluetooth.enable = true;
};
programs.steam = {
enable = true;
extraCompatPackages = [
pkgs.proton-ge-bin
];
};
services.power-profiles-daemon.enable = true;
users.users.swarsel = {
isNormalUser = true;
description = "Leon S";
extraGroups = [ "networkmanager" "wheel" "lp" "audio" "video" "vboxusers" "scanner" ];
packages = with pkgs; [ ];
};
environment.systemPackages = with pkgs; [
sbctl
teams-for-linux
# gog games installing
heroic
# minecraft
temurin-bin-17
(prismlauncher.override {
glfw = pkgs.glfw-wayland-minecraft;
})
];
system.stateVersion = "23.05";
}