adguardhome: increase statistic retention time

rp5: move things in separate configs, to be reused
xwayland: tried to fix clipboard issues
2024-11-26 17:03:05 +01:00 · 2024-11-26 17:02:32 +01:00 · 2024-11-26 15:08:30 +01:00 · 2024-11-26 15:06:39 +01:00
6 changed files with 148 additions and 64 deletions
--- a/modules/nixos/desktop/hyprland/default.nix
+++ b/modules/nixos/desktop/hyprland/default.nix
@ -34,6 +34,48 @@ let
        1password&
    fi
  '';
+
+  # clipsync = pkgs.writeShellScriptBin "clipsync" ''
+  #   insert() {
+  #     # Read all the piped input into variable.
+  #     value=$(cat)
+  #     wValue="$(wl-paste)"
+  #     xValue="$(xclip -o -selection clipboard)"
+
+  #     notify() {
+  #       notify-send -u low -c clipboard "$1" "$value"
+  #     }
+
+  #     if [ "$value" != "$wValue" ]; then
+  #       notify "Wayland"
+  #       echo -n "$value" | wl-copy
+  #     fi
+
+  #     if [ "$value" != "$xValue" ]; then
+  #       notify "X11"
+  #       echo -n "$value" | xclip -selection clipboard
+  #     fi
+  #   }
+
+  #   watch() {
+  #     # Wayland -> X11
+  #     wl-paste --type text --watch clipsync insert &
+
+  #     # X11 -> Wayland
+  #     while clipnotify; do
+  #       xclip -o -selection clipboard | clipsync insert
+  #     done &
+  #   }
+
+  #   kill() {
+  #     pkill wl-paste
+  #     pkill clipnotify
+  #     pkill xclip
+  #     pkill clipsync
+  #   }
+  #   "$@"
+  # '';
+
 in
 {
  options.${namespace}.desktop.hyprland = {
@ -54,9 +96,14 @@ in
      libnotify

      # Wayland Utilities
-      wl-clipboard
      wlr-randr

+      # Clipboard Stuff
+      wl-clipboard
+      xclip
+      clipnotify
+      # clipsync
+
      # Screenshot Utility
      grimblast

@ -128,6 +175,8 @@ in
                "[workspace 8 silent] vesktop"
                "[workspace 9 silent] 1password"
                "[workspace 1 silent] zen"
+
+                "${pkgs.xorg.xhost}/bin/xhost +"
              ];

              windowrulev2 = [
--- a/modules/nixos/services/openssh/default.nix
+++ b/modules/nixos/services/openssh/default.nix
@ -0,0 +1,29 @@
+{
+  lib,
+  config,
+  namespace,
+  ...
+}:
+let
+  cfg = config.${namespace}.services.openssh;
+  inherit (lib) mkIf mkEnableOption;
+in
+{
+  options.${namespace}.services.openssh = {
+    enable = mkEnableOption "Enable SSH";
+  };
+
+  config = mkIf cfg.enable {
+    services.openssh = {
+      enable = true;
+      settings = {
+        PasswordAuthentication = false;
+        KbdInteractiveAuthentication = false;
+      };
+    };
+
+    services.fail2ban = {
+      enable = true;
+    };
+  };
+}
--- a/modules/nixos/services/remotebuild/default.nix
+++ b/modules/nixos/services/remotebuild/default.nix
@ -0,0 +1,48 @@
+{
+  lib,
+  config,
+  namespace,
+  ...
+}:
+let
+  cfg = config.${namespace}.services.remotebuild;
+  inherit (lib) mkIf mkEnableOption;
+in
+{
+  options.${namespace}.services.remotebuild = {
+    enable = mkEnableOption "Enable remotebuild";
+  };
+
+  config = mkIf cfg.enable {
+    users.users.remotebuild = {
+      isNormalUser = true;
+      createHome = false;
+      group = "remotebuild";
+
+      openssh.authorizedKeys.keys = [
+        "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJYZjG+XPNoVHVdCel5MK4mwvtoFCqDY1WMI1yoU71Rd root@yggdrasil"
+      ];
+    };
+
+    users.groups.remotebuild = { };
+
+    nix = {
+      nrBuildUsers = 64;
+      settings = {
+        trusted-users = [ "remotebuild" ];
+
+        min-free = 10 * 1024 * 1024;
+        max-free = 200 * 1024 * 1024;
+
+        max-jobs = "auto";
+        cores = 0;
+      };
+    };
+
+    systemd.services.nix-daemon.serviceConfig = {
+      MemoryAccounting = true;
+      MemoryMax = "90%";
+      OOMScoreAdjust = 500;
+    };
+  };
+}
--- a/systems/aarch64-linux/nixberry/default.nix
+++ b/systems/aarch64-linux/nixberry/default.nix
@ -19,38 +19,6 @@ in
    raspberry-pi-5
  ];

-  security.sudo.wheelNeedsPassword = false;
-  users.users.remotebuild = {
-    isNormalUser = true;
-    createHome = false;
-    group = "remotebuild";
-
-    openssh.authorizedKeys.keys = [
-      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJYZjG+XPNoVHVdCel5MK4mwvtoFCqDY1WMI1yoU71Rd root@yggdrasil"
-    ];
-  };
-
-  users.groups.remotebuild = { };
-
-  nix = {
-    nrBuildUsers = 64;
-    settings = {
-      trusted-users = [ "remotebuild" ];
-
-      min-free = 10 * 1024 * 1024;
-      max-free = 200 * 1024 * 1024;
-
-      max-jobs = "auto";
-      cores = 0;
-    };
-  };
-
-  systemd.services.nix-daemon.serviceConfig = {
-    MemoryAccounting = true;
-    MemoryMax = "90%";
-    OOMScoreAdjust = 500;
-  };
-
  networking = {
    interfaces.wlan0 = {
      ipv4.addresses = [
@ -74,9 +42,7 @@ in
        };
      };
    };
-  };
-
-  networking.firewall = {
+    firewall = {
      allowedTCPPorts = [
        53
        80
@ -85,6 +51,7 @@ in
        53
      ];
    };
+  };

  services.adguardhome = {
    enable = true;
@ -126,6 +93,10 @@ in
            "https://adguardteam.github.io/HostlistsRegistry/assets/filter_47.txt"
          ];

+      statistics = {
+        enabled = true;
+        interval = "8760h";
+      };
    };
  };

@ -156,17 +127,14 @@ in
    };
  };

-  services.openssh = {
-    enable = true;
-    settings = {
-      PasswordAuthentication = false;
-      KbdInteractiveAuthentication = false;
-    };
-  };
-
  ${namespace} = {
    submodules.basics = enabled;

+    services = {
+      openssh = enabled;
+      remotebuild = enabled;
+    };
+
    system = {
      # cachemiss for webkit gtk
      hardware.networking.enable = mkForce false;
--- a/systems/x86_64-linux/loptland/default.nix
+++ b/systems/x86_64-linux/loptland/default.nix
@ -29,18 +29,6 @@ in
    };
  };

-  services.openssh = {
-    enable = true;
-    settings = {
-      PasswordAuthentication = false;
-      KbdInteractiveAuthentication = false;
-    };
-  };
-
-  services.fail2ban = {
-    enable = true;
-  };
-
  services.nginx = {
    enable = true;
    recommendedProxySettings = true;
@ -101,6 +89,7 @@ in
        enable = true;
        inherit sopsFile;
      };
+      openssh = enabled;
    };

    security = {
--- a/systems/x86_64-linux/yggdrasil/default.nix
+++ b/systems/x86_64-linux/yggdrasil/default.nix
@ -80,9 +80,10 @@ in
        };

        exec-once = [
-          "xrandr --output DP-2 --primary"
          "[workspace 1 silent] obsidian --disabled-gpu"
          "[workspace 9 silent] git-butler"
+
+          "${pkgs.xorg.xrandr}/bin/xrandr --output DP-2 --primary"
        ];

        workspace = [
Author	SHA1	Message	Date
Christoph Hollizeck	bc1a7c4092	adguardhome: increase statistic retention time	2024-11-26 17:03:05 +01:00
Christoph Hollizeck	ca9b9f6222	rp5: move things in separate configs, to be reused	2024-11-26 17:02:32 +01:00
Christoph Hollizeck	fbd3a669fd	xwayland: tried to fix clipboard issues originally wanted to fix a 1password copy issue, but that fixed itself after a restart, leaving xclip and the commented code in for potentional future endeavors	2024-11-26 15:08:30 +01:00
Christoph Hollizeck	7f80d5a263	xwayland: refer to xrandr package rather than global installation	2024-11-26 15:06:39 +01:00