Daholli/nixos-config
1
0
Fork 0
Code Issues 3 Pull requests 1 Releases Packages Activity Actions

Compare commits

base: Daholli:592faafe86ae4c780f4c3f1cef9ec5a858aa9bc0
Branches Tags
Daholli:main
Daholli:rewrite
Daholli:main-merge
..
compare: Daholli:02b0930313cc23dce4c403132a9948a8e508dad6
Branches Tags
Daholli:main
Daholli:rewrite
Daholli:main-merge

No commits in common. "592faafe86ae4c780f4c3f1cef9ec5a858aa9bc0" and "02b0930313cc23dce4c403132a9948a8e508dad6" have entirely different histories.
592faafe86 ... 02b0930313

12 changed files with 95 additions and 335 deletions
Download patch file Download diff file Expand all files Collapse all files

42
flake.lock generated
View file

@ -110,11 +110,11 @@
"nixpkgs": "nixpkgs_2"
},
"locked": {
"lastModified": 1761596764,
"narHash": "sha256-KTL+8Fw1qAbqubZSHRMjO4HkILJWVdWTylqHXQ4VTBE=",
"lastModified": 1761583935,
"narHash": "sha256-vJ0ylFdPPESUCBYZvEtVmVemSp4G0WH8CbVIkboHIJs=",
"owner": "cachix",
"repo": "devenv",
"rev": "17560d064ba5e4fc946c0ea0ee7b31ec291e706f",
"rev": "b7e3b2aeb90ce37517fb8da09ceff8ab587a9fcf",
"type": "github"
},
"original": {
@ -131,11 +131,11 @@
"rust-analyzer-src": "rust-analyzer-src"
},
"locked": {
"lastModified": 1761633962,
"narHash": "sha256-QTA706q3zDi9yN7bwsOnj2cQj8FVi9x147A/2lR495U=",
"lastModified": 1761547629,
"narHash": "sha256-4OH1CVm2PdjKRqEJ3RLfkQMDSBdn7VId6iyYCwKOK+U=",
"owner": "nix-community",
"repo": "fenix",
"rev": "abecdc70faee6ef5abf8b250795042a0cbe7070f",
"rev": "d82a7c64ea441e397914577c9a18f2867e5b364b",
"type": "github"
},
"original": {
@ -683,11 +683,11 @@
"xdph": "xdph"
},
"locked": {
"lastModified": 1761601789,
"narHash": "sha256-F8HDu+xAZ2GhYRZPTMbFgXfA6VI7pN95juP3/llCKx8=",
"lastModified": 1761572054,
"narHash": "sha256-NuDXgcyWa9EfQZXs+7mXKTimzlxEdLV0kJR6gGcFU/8=",
"owner": "hyprwm",
"repo": "Hyprland",
"rev": "309c3c78485781a28ad9f5bef48b09ecb3b81473",
"rev": "560c53d87dedf7df8185eb370cfbf3575826e85c",
"type": "github"
},
"original": {
@ -1072,11 +1072,11 @@
"xwayland-satellite-unstable": "xwayland-satellite-unstable"
},
"locked": {
"lastModified": 1761623016,
"narHash": "sha256-C2+TErNmeHMCtodwVrMeA/uJg1GRdQbOntRI7DFullA=",
"lastModified": 1761542689,
"narHash": "sha256-l4TQRcQyp6hoUVQL/R4UBHvYX9whHTntaz5NxHi0PH4=",
"owner": "sodiboo",
"repo": "niri-flake",
"rev": "f0bfe0aaaa51378ace7492850290f8d2db6cc7f3",
"rev": "75768e54ca2591bb0be17fa310992628e5efce2d",
"type": "github"
},
"original": {
@ -1447,11 +1447,11 @@
"rust-analyzer-src": {
"flake": false,
"locked": {
"lastModified": 1761606039,
"narHash": "sha256-rNsxpCKWzVNJ5FR71mpZFSEPxuvZfAQzcVpgfwgajQU=",
"lastModified": 1761500479,
"narHash": "sha256-syeBTCCU96qPJHcVpwHeCwmPCiLTDHHgYQYhpZ0iwLo=",
"owner": "rust-lang",
"repo": "rust-analyzer",
"rev": "7c810e9994eff5b2b7a78ab0a656948c1e8dbf18",
"rev": "049767e6faa84b2d1a951d8f227e6ebd99d728a2",
"type": "github"
},
"original": {
@ -1661,11 +1661,11 @@
"xwayland-satellite-unstable": {
"flake": false,
"locked": {
"lastModified": 1761622056,
"narHash": "sha256-fBrUszJXmB4MY+wf3QsCnqWHcz7u7fLq0QMAWCltIQg=",
"lastModified": 1761422250,
"narHash": "sha256-+pN8VAh8OVUSj8zPoI8QfC93JMIKPaAOABrbeeiO/Hk=",
"owner": "Supreeeme",
"repo": "xwayland-satellite",
"rev": "0728d59ff6463a502e001fb090f6eb92dbc04756",
"rev": "2dd40ecfe882c1659e0e46c761974702c7ab5fde",
"type": "github"
},
"original": {
@ -1726,11 +1726,11 @@
]
},
"locked": {
"lastModified": 1761592723,
"narHash": "sha256-7MMLpYL/EF3wqHIt7Fl3uQJZH1Vvtvgnd24WFpnBzdQ=",
"lastModified": 1761562676,
"narHash": "sha256-yREsDfqZ7JIC2hxQm94DQfNCyhm/KPdxWd3IVJ6zJ2s=",
"owner": "zigtools",
"repo": "zls",
"rev": "8b2754ad49006e70cdbd29c1d57ffb0a2889b836",
"rev": "67177e3d64b8ab0f358303ee6ed4bac4654e2fdb",
"type": "github"
},
"original": {

3
modules/desktop/niri.nix
View file

@ -28,8 +28,7 @@
...
}:
{
config = lib.mkIf (osConfig.networking.hostName == "yggdrasil") {
config = lib.mkIf osConfig.programs.niri.enable {
programs.niri.settings = {
input = {
keyboard = {

10
modules/flake-parts/host-machines.nix
View file

@ -34,14 +34,4 @@ in
}
))
];
flake.hydraJobs =
let
self = inputs.self;
in
{
# hosts = lib.mapAttrs (_: cfg: cfg.config.system.build.toplevel) self.outputs.nixosConfigurations;
packages = self.packages;
shells = lib.filterAttrs (name: shell: name == "x86_64-linux") self.devShells;
};
}

73
modules/hosts/loptland/default.nix
View file

@ -1,73 +0,0 @@
{
config,
...
}:
let
in
{
flake.modules.nixos."hosts/loptland" =
{
inputs,
lib,
pkgs,
modulesPath,
...
}:
let
sopsFile = ../../../secrets/secrets-loptland.yaml;
in
{
nixpkgs.config.allowUnfree = true;
services.qemuGuest.enable = true;
imports =
with config.flake.modules.nixos;
[
(modulesPath + "/profiles/qemu-guest.nix")
inputs.catppuccin.nixosModules.catppuccin
# System modules
base
server
dev
# apps
# Users
cholli
]
++ [
{
home-manager.users.cholli = {
imports = with config.flake.modules.homeManager; [
inputs.catppuccin.homeModules.catppuccin
# components
base
dev
# Activate all user based config
cholli
];
};
}
];
sops = {
secrets = {
"forgejo/db/password" = {
inherit sopsFile;
};
"forgejo/mail/password" = {
inherit sopsFile;
};
"forgejo/mail/passwordHash" = {
inherit sopsFile;
};
};
};
};
}

55
modules/hosts/loptland/hardware.nix
View file

@ -1,55 +0,0 @@
{
config,
...
}:
let
in
{
flake.modules.nixos."hosts/loptland" =
{
inputs,
lib,
pkgs,
...
}:
{
boot = {
kernelPackages = pkgs.linuxPackages_latest;
loader = {
systemd-boot.enable = true;
efi.canTouchEfiVariables = true;
};
};
boot.initrd.availableKernelModules = [
"ata_piix"
"uhci_hcd"
"virtio_pci"
"sr_mod"
"virtio_blk"
];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ ];
boot.extraModulePackages = [ ];
fileSystems."/" = {
device = "/dev/disk/by-uuid/26b098dd-0a15-49c5-9998-75f43d17eb26";
fsType = "ext4";
};
fileSystems."/boot" = {
device = "/dev/disk/by-uuid/30AB-7309";
fsType = "vfat";
options = [
"fmask=0077"
"dmask=0077"
];
};
swapDevices = [ { device = "/dev/disk/by-uuid/b9bcb425-cb1c-40a1-89bb-d7fe6b421834"; } ];
networking.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
};
}

76
modules/hosts/loptland/nginx.nix
View file

@ -1,76 +0,0 @@
{
flake.modules.nixos."hosts/loptland" =
{
config,
lib,
pkgs,
...
}:
let
domainName = "christophhollizeck.dev";
forgejoPort = 3000;
hydraPort = 2000;
in
{
services.nginx = {
enable = true;
recommendedProxySettings = true;
virtualHosts = {
"git.${domainName}" = {
forceSSL = true;
useACMEHost = domainName;
locations."/" = {
extraConfig = ''
client_max_body_size 200M;
'';
proxyPass = "http://localhost:${toString forgejoPort}/";
};
};
"hydra.${domainName}" = lib.mkIf config.services.hydra.enable {
forceSSL = true;
useACMEHost = domainName;
locations."/" = {
proxyPass = "http://localhost:${toString hydraPort}/";
};
};
"ha.${domainName}" = {
forceSSL = true;
useACMEHost = domainName;
locations."/" = {
# tailscale ip
extraConfig = ''
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
'';
proxyPass = "http://100.86.23.74:8123";
};
};
"nixcache.${domainName}" = lib.mkIf config.services.nix-serve.enable {
forceSSL = true;
useACMEHost = domainName;
locations."/" = {
proxyPass = "http://${config.services.nix-serve.bindAddress}:${toString config.services.nix-serve.port}";
};
};
"_" = {
forceSSL = true;
useACMEHost = domainName;
locations."/" = {
proxyPass = "https://${domainName}";
};
};
};
};
};
}

11
modules/hosts/nixberry/default.nix
View file

@ -1,11 +0,0 @@
{
config,
...
}:
let
in
{
flake.modules.nixos."hosts/nixberry" = {
};
}

11
modules/hosts/wsl/default.nix
View file

@ -1,11 +0,0 @@
{
config,
...
}:
let
in
{
flake.modules.nixos."hosts/wsl" = {
};
}

69
modules/hosts/yggdrasil/default.nix
View file

@ -24,7 +24,18 @@ in
diebahn
path-of-building
bottles
# to be removed
kdePackages.bluez-qt
zed-editor
seahorse
font-manager
vesktop
rofi-unwrapped
];
# to be removed
virtualisation.waydroid.enable = true;
services.teamviewer.enable = true;
environment.pathsToLink = [ "/libexec" ];
@ -100,5 +111,63 @@ in
];
};
boot = {
kernelPackages = pkgs.linuxPackages_latest;
loader = {
systemd-boot.enable = true;
efi.canTouchEfiVariables = true;
};
initrd.availableKernelModules = [
"nvme"
"ahci"
"xhci_pci"
"usbhid"
"usb_storage"
"sd_mod"
];
kernelModules = [ "kvm-amd" ];
};
fileSystems = {
"/" = {
device = "/dev/disk/by-uuid/b1a956f4-91d5-456e-a92b-be505bb719bd";
fsType = "ext4";
};
"/boot" = {
device = "/dev/disk/by-uuid/B4D4-8BA0";
fsType = "vfat";
options = [
"fmask=0077"
"dmask=0077"
];
};
"/storage" = {
device = "/dev/disk/by-uuid/c3c1dec1-7716-4c37-a3f2-bb60f9af84fd";
fsType = "ext4";
};
"/var/lib/bluetooth" = {
device = "/persist/var/lib/bluetooth";
options = [
"bind"
"noauto"
"x-systemd.automount"
];
noCheck = true;
};
};
swapDevices = [
{ device = "/dev/disk/by-uuid/4bec00ec-e9eb-4034-836a-ecf15e0bb40e"; }
];
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.enableRedistributableFirmware = true;
hardware.cpu.amd.updateMicrocode = true;
};
}

71
modules/hosts/yggdrasil/hardware.nix
View file

@ -1,71 +0,0 @@
{
config,
...
}:
let
in
{
flake.modules.nixos."hosts/yggdrasil" =
{ lib, pkgs, ... }:
{
boot = {
kernelPackages = pkgs.linuxPackages_latest;
loader = {
systemd-boot.enable = true;
efi.canTouchEfiVariables = true;
};
initrd.availableKernelModules = [
"nvme"
"ahci"
"xhci_pci"
"usbhid"
"usb_storage"
"sd_mod"
];
kernelModules = [ "kvm-amd" ];
};
fileSystems = {
"/" = {
device = "/dev/disk/by-uuid/b1a956f4-91d5-456e-a92b-be505bb719bd";
fsType = "ext4";
};
"/boot" = {
device = "/dev/disk/by-uuid/B4D4-8BA0";
fsType = "vfat";
options = [
"fmask=0077"
"dmask=0077"
];
};
"/storage" = {
device = "/dev/disk/by-uuid/c3c1dec1-7716-4c37-a3f2-bb60f9af84fd";
fsType = "ext4";
};
"/var/lib/bluetooth" = {
device = "/persist/var/lib/bluetooth";
options = [
"bind"
"noauto"
"x-systemd.automount"
];
noCheck = true;
};
};
swapDevices = [
{ device = "/dev/disk/by-uuid/4bec00ec-e9eb-4034-836a-ecf15e0bb40e"; }
];
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.enableRedistributableFirmware = true;
hardware.cpu.amd.updateMicrocode = true;
};
}

8
modules/server/acme.nix
View file

@ -1,4 +1,4 @@
topLevel: {
{
flake.modules.nixos.server =
{
config,
@ -41,10 +41,10 @@ topLevel: {
security.acme = {
acceptTerms = true;
defaults = {
inherit (topLevel.config.flake.meta.users.cholli) email;
inherit (config.flake.meta.users.cholli) email;
group = lib.mkIf config.services.nginx.enable "nginx";
reloadServices = lib.mkIf config.services.nginx.enable "nginx.service";
group = lib.optional config.services.nginx.enable "nginx";
reloadServices = lib.optional config.services.nginx.enable "nginx.service";
dnsProvider = "netcup";
environmentFile = config.sops.templates."netcup.env".path;

1
modules/users/cholli/default.nix
View file

@ -14,7 +14,6 @@
authorizedKeys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHFrDiO5+vMfD5MimkzN32iw3MnSMLZ0mHvOrHVVmLD0"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAII4Pr7p0jizrvIl0UhcvrmL5SHRQQQWIcHLAnRFyUZS6"
];
};