diff --git a/flake.lock b/flake.lock index 965b42f..729a403 100644 --- a/flake.lock +++ b/flake.lock @@ -77,11 +77,11 @@ }, "locked": { "dir": "pkgs/firefox-addons", - "lastModified": 1711500952, - "narHash": "sha256-YEF6ycTwkcuZq1ocon+JahHgwuQLQtpH2js1j+gN8K8=", + "lastModified": 1712760118, + "narHash": "sha256-jifRWUOGDIPRpYZsBoC7PnnhqEhNmMAnbc+DwNI9Mmo=", "owner": "rycee", "repo": "nur-expressions", - "rev": "d0df0c83bfe2e7ed6e26259a289d7056c4001ced", + "rev": "ba09602a6e94f331ccc617f8d4d3bd93e335c469", "type": "gitlab" }, "original": { @@ -192,11 +192,11 @@ ] }, "locked": { - "lastModified": 1709336216, - "narHash": "sha256-Dt/wOWeW6Sqm11Yh+2+t0dfEWxoMxGBvv3JpIocFl9E=", + "lastModified": 1712014858, + "narHash": "sha256-sB4SWl2lX95bExY2gMFG5HIzvva5AVMJd4Igm+GpZNw=", "owner": "hercules-ci", "repo": "flake-parts", - "rev": "f7b3c975cf067e56e7cda6cb098ebe3fb4d74ca2", + "rev": "9126214d0a59633752a136528f5f3b9aa8565b7d", "type": "github" }, "original": { @@ -404,11 +404,11 @@ "utils": "utils" }, "locked": { - "lastModified": 1712089776, - "narHash": "sha256-OBCZeC++pKx5JjJ9ikpTW5vnDTcJAXXmzgybcsY/oQc=", + "lastModified": 1712851231, + "narHash": "sha256-GbxbN7wu5G/aT2EuCw9ESmOTWCWMJhHZrRRqtrq557k=", "owner": "xunuwu", "repo": "neovim-config", - "rev": "a1e6bd192ec5be356f12fee40d904ab6ee062491", + "rev": "87356838578d112d69328fbc35566a5d3fe92c39", "type": "github" }, "original": { @@ -428,11 +428,11 @@ }, "locked": { "dir": "contrib", - "lastModified": 1710631599, - "narHash": "sha256-o7ZtdHjCSEBEgY1mM+bD9f4dy8h+z1L1x5IdfdNdKP8=", + "lastModified": 1712618449, + "narHash": "sha256-+6/UTHSYSwoGwpXanZmwvn29Oo+OomtVp7UyP9K4f0Y=", "owner": "neovim", "repo": "neovim", - "rev": "d114dbe9f79c1382298b04319b7ded88e95e3ee8", + "rev": "2528093bbea8862ede0feb6eb29bdc5451a6313b", "type": "github" }, "original": { @@ -451,11 +451,11 @@ "nixpkgs": "nixpkgs" }, "locked": { - "lastModified": 1710633814, - "narHash": "sha256-weHl4CgXK/CPIDN8wYnv3SIxO5e7KpAf4lXou+qHz/E=", + "lastModified": 1712621069, + "narHash": "sha256-3IikHqy/bH81Qp0cjHn1a554ERd1tfzKMIP0zEKC3PA=", "owner": "nix-community", "repo": "neovim-nightly-overlay", - "rev": "da32dd5c0aabe50350ddf8d33e83aa698d5f2b25", + "rev": "cf37798bbd7c772b80048b54c738febd2df02e6d", "type": "github" }, "original": { @@ -506,11 +506,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1710534455, - "narHash": "sha256-huQT4Xs0y4EeFKn2BTBVYgEwJSv8SDlm82uWgMnCMmI=", + "lastModified": 1712573573, + "narHash": "sha256-xxon7WwNm4/EadMKg1eF40/5s0O78nXUy2ILZt6vT7E=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "9af9c1c87ed3e3ed271934cb896e0cdd33dae212", + "rev": "0d28066770464d19d637f6e8e42e8688420b6ac6", "type": "github" }, "original": { @@ -718,4 +718,3 @@ "root": "root", "version": 7 } - diff --git a/home/profiles/nixdesk/default.nix b/home/profiles/nixdesk/default.nix index 92bd2c0..c528e60 100644 --- a/home/profiles/nixdesk/default.nix +++ b/home/profiles/nixdesk/default.nix @@ -12,6 +12,7 @@ # desktop ../../programs/desktop + ../../programs/desktop/theme.nix ../../programs/desktop/awesome ../../programs/desktop/hyprland diff --git a/home/programs/browsers/firefox.nix b/home/programs/browsers/firefox.nix index ec402e9..5f17d7d 100644 --- a/home/programs/browsers/firefox.nix +++ b/home/programs/browsers/firefox.nix @@ -16,6 +16,7 @@ translate-web-pages cookie-quick-manager istilldontcareaboutcookies + tree-style-tab (lib.mkIf (builtins.elem pkgs.keepassxc config.home.packages) keepassxc-browser) ]; bookmarks = {}; diff --git a/home/programs/desktop/default.nix b/home/programs/desktop/default.nix index bb98bf9..d1ee342 100644 --- a/home/programs/desktop/default.nix +++ b/home/programs/desktop/default.nix @@ -1,37 +1,4 @@ {pkgs, ...}: { - home.pointerCursor = { - gtk.enable = true; - x11.enable = true; - package = pkgs.apple-cursor; - name = "macOS-BigSur"; - size = 16; - }; - - gtk = { - enable = true; - theme = { - package = pkgs.gnome.gnome-themes-extra; - name = "Adwaita-dark"; - }; - iconTheme = { - package = pkgs.gnome.adwaita-icon-theme; - name = "Adwaita-dark"; - }; - font = { - name = "Sans"; - size = 11; - }; - }; - - qt = { - enable = true; - platformTheme = "gtk3"; - style = { - name = "Adwaita-dark"; - package = pkgs.adwaita-qt; - }; - }; - xdg.portal = { enable = true; extraPortals = with pkgs; [ diff --git a/home/programs/desktop/hyprland/default.nix b/home/programs/desktop/hyprland/default.nix index 6b302e2..7fe02ed 100644 --- a/home/programs/desktop/hyprland/default.nix +++ b/home/programs/desktop/hyprland/default.nix @@ -31,12 +31,126 @@ # WantedBy = ["hyprland-session.target"]; # }; #}; + programs.fuzzel = { + enable = true; + settings = { + main = { + terminal = "${lib.getExe pkgs.foot}"; + layer = "overlay"; + }; + colors = { + background = "#181818ff"; + text = "#a4c6d9ff"; + match = "#ae61b5ff"; + border = "#feafffff"; + selection = "#242424ff"; + selection-text = "#ffffffff"; + selection-match = "#fac1ffff"; + }; + }; + }; programs.waybar = { enable = true; + style = '' + * { + font-family: monospace; + font-size: 13px; + } + + window#waybar { + background-color: #181818; + color: #ffffff; + transition-property: background-color; + transition-duration: .5s; + } + + window#waybar.hidden { + opacity: 0.2; + } + + button { + /* Avoid rounded borders under each button name */ + border: none; + border-radius: 0; + } + + /* https://github.com/Alexays/Waybar/wiki/FAQ#the-workspace-buttons-have-a-strange-hover-effect */ + button:hover { + background: inherit; + } + + #workspaces button { + padding: 0 5px; + background-color: transparent; + color: #ffffff; + } + + #workspaces button:hover { + background: rgba(255, 255, 255, 0.1); + } + + #workspaces button.focused { + background-color: #64727D; + } + + #workspaces button.urgent { + background-color: #eb4d4b; + } + + #workspaces button.visible { + color: #fd4dff; + background-color: #202020; + } + + #clock, + #network, + #pulseaudio, + #wireplumber, + #tray { + padding: 0 10px; + color: #ffffff; + } + + #window, + #workspaces { + margin: 0 4px; + } + /* If workspaces is the leftmost module, omit left margin */ + .modules-left > widget:first-child > #workspaces { + margin-left: 0; + } + + /* If workspaces is the rightmost module, omit right margin */ + .modules-right > widget:last-child > #workspaces { + margin-right: 0; + } + @keyframes blink { + to { + background-color: #ffffff; + color: #000000; + } + } + label:focus { + background-color: #000000; + } + #tray { + background-color: #242424; + } + + #tray > .passive { + -gtk-icon-effect: dim; + } + + #tray > .needs-attention { + -gtk-icon-effect: highlight; + background-color: #eb4d4b; + } + + ''; settings = [ { - "height" = 30; + "height" = 24; "spacing" = 4; "modules-left" = [ "hyprland/workspaces" @@ -52,6 +166,19 @@ "tray" ]; + "hyprland/workspaces" = { + "format" = "[{icon} {windows}]"; + "format-window-separator" = ","; + "window-rewrite-default" = "@"; + "window-rewrite" = { + "title<.*youtube.*>" = "y"; + "title<.*discord.*>" = "d"; + "class" = "m"; + "class" = "f"; + "foot" = "t"; + }; + }; + "tray" = { "spacing" = 10; }; @@ -60,11 +187,8 @@ "format-alt" = "{:%Y-%m-%d}"; }; "pulseaudio" = { - "format" = "{volume}% {icon} {format_source}"; - "format-bluetooth" = "{volume}% {icon} {format_source}"; - "format-bluetooth-muted" = " {icon} {format_source}"; - "format-muted" = " {format_source}"; - "format-source" = "{volume}% "; + "format" = "{volume}%"; + "format-source" = "{volume}%"; "format-source-muted" = ""; "format-icons" = { "headphone" = ""; @@ -76,6 +200,7 @@ "default" = ["" "" ""]; }; "on-click" = "${lib.getExe pkgs.pavucontrol}"; + "on-click-middle" = "${lib.getExe pkgs.helvum}"; }; } ]; @@ -89,13 +214,9 @@ enable = true; settings = { exec-once = [ - "${lib.getExe pkgs.waybar}" - "${lib.getExe pkgs.xwaylandvideobridge}" + #"${lib.getExe pkgs.xwaylandvideobridge}" "${lib.getExe pkgs.swaybg} -i ${config.xdg.userDirs.pictures}/wallpaper.png" ]; - input = { - kb_layout = "eu"; - }; env = [ "NIXOS_OZONE_WL,1" # for any ozone-based browser & electron apps to run on wayland "MOZ_ENABLE_WAYLAND,1" # for firefox to run on wayland @@ -108,18 +229,60 @@ "GDK_BACKEND,wayland" ]; + input = { + kb_layout = "eu"; + }; + + general = { + gaps_out = 3; + gaps_in = 3; + "col.active_border" = "rgb(feafff) rgb(fd56ff)"; + }; + + dwindle = { + preserve_split = true; + }; + + workspace = [ + "3,monitor:DP-3" + "2,monitor:DP-3" + "3,monitor:DP-3" + "4,monitor:DP-3" + "5,monitor:DP-3" + + "11,defaultName:q,monitor:HDMI-A-1" + "12,defaultName:w,monitor:HDMI-A-1" + "13,defaultName:e,monitor:HDMI-A-1" + "14,defaultName:r,monitor:HDMI-A-1" + "15,defaultName:t,monitor:HDMI-A-1" + ]; + + animation = [ + "workspaces,1,3,default" + "windows,1,3,default" + "border,1,3,default" + ]; + "$mainMod" = "SUPER"; bind = [ "$mainMod, RETURN, exec, ${lib.getExe pkgs.foot}" - "$mainMod, Q, killactive" + "$mainMod, G, killactive" "$mainMod, SPACE, togglefloating" "$mainMod, F, fullscreen" "$mainMod, M, fullscreen, 1" "$mainMod SHIFT, F, fakefullscreen" - "$mainMod, P, exec, ${pkgs.bemenu}/bin/bemenu-run" - "$mainMod, V, exec, ${lib.getExe pkgs.cliphist} list | ${lib.getExe pkgs.wofi} --dmenu | ${lib.getExe pkgs.cliphist} decode | ${pkgs.wl-clipboard}/bin/wl-copy" + "$mainMod, P, exec, ${lib.getExe pkgs.fuzzel}" + "$mainMod SHIFT, V, exec, ${lib.getExe pkgs.cliphist} list | ${lib.getExe pkgs.wofi} --dmenu | ${lib.getExe pkgs.cliphist} decode | ${pkgs.wl-clipboard}/bin/wl-copy" - "$mainMod SHIFT, E, exec, ${lib.getExe pkgs.wlogout}" + "$mainMod, N, togglesplit" + "$mainMod SHIFT, N, swapsplit" + # preselect with mirrored vim keys, shifted down + "$mainMod, B, layoutmsg, preselect r" + "$mainMod, V, layoutmsg, preselect d" + "$mainMod, C, layoutmsg, preselect u" + "$mainMod, X, layoutmsg, preselect l" + + "$mainMod SHIFT, O, exec, ${lib.getExe pkgs.wlogout}" # focus with vim keys "$mainMod, h, movefocus, l" "$mainMod, j, movefocus, d" @@ -137,11 +300,12 @@ "$mainMod, 3, workspace, 3" "$mainMod, 4, workspace, 4" "$mainMod, 5, workspace, 5" - "$mainMod, 6, workspace, 6" - "$mainMod, 7, workspace, 7" - "$mainMod, 8, workspace, 8" - "$mainMod, 9, workspace, 9" - "$mainMod, 0, workspace, 10" + + "$mainMod, q, workspace, 11" + "$mainMod, w, workspace, 12" + "$mainMod, e, workspace, 13" + "$mainMod, r, workspace, 14" + "$mainMod, t, workspace, 15" # move window to workspace with mod+shift+[0-9] "$mainMod SHIFT, 1, movetoworkspace, 1" @@ -149,11 +313,12 @@ "$mainMod SHIFT, 3, movetoworkspace, 3" "$mainMod SHIFT, 4, movetoworkspace, 4" "$mainMod SHIFT, 5, movetoworkspace, 5" - "$mainMod SHIFT, 6, movetoworkspace, 6" - "$mainMod SHIFT, 7, movetoworkspace, 7" - "$mainMod SHIFT, 8, movetoworkspace, 8" - "$mainMod SHIFT, 9, movetoworkspace, 9" - "$mainMod SHIFT, 0, movetoworkspace, 10" + + "$mainMod SHIFT, q, movetoworkspace, 11" + "$mainMod SHIFT, w, movetoworkspace, 12" + "$mainMod SHIFT, e, movetoworkspace, 13" + "$mainMod SHIFT, r, movetoworkspace, 14" + "$mainMod SHIFT, t, movetoworkspace, 15" # scroll through workspaces with mod+scroll "$mainMod, mouse_down, workspace, e+1" diff --git a/home/programs/desktop/theme.nix b/home/programs/desktop/theme.nix new file mode 100644 index 0000000..c928027 --- /dev/null +++ b/home/programs/desktop/theme.nix @@ -0,0 +1,34 @@ +{pkgs, ...}: { + home.pointerCursor = { + gtk.enable = true; + x11.enable = true; + package = pkgs.apple-cursor; + name = "macOS-BigSur"; + size = 16; + }; + + gtk = { + enable = true; + theme = { + package = pkgs.gnome.gnome-themes-extra; + name = "Adwaita-dark"; + }; + iconTheme = { + package = pkgs.gnome.adwaita-icon-theme; + name = "Adwaita-dark"; + }; + font = { + name = "Sans"; + size = 11; + }; + }; + + qt = { + enable = true; + platformTheme = "gtk3"; + style = { + name = "Adwaita-dark"; + package = pkgs.adwaita-qt; + }; + }; +} diff --git a/hosts/default.nix b/hosts/default.nix index e514b45..6bbc390 100644 --- a/hosts/default.nix +++ b/hosts/default.nix @@ -63,7 +63,7 @@ in { "${mod}/core" - "${mod}/programs/home-manager.nix" + "${mod}/programs" "${mod}/programs/steam.nix" "${mod}/desktop" @@ -81,7 +81,8 @@ in { "${mod}/services" "${mod}/services/pipewire.nix" "${mod}/services/syncthing.nix" - "${mod}/services/containers/server" + #"${mod}/services/containers/server" + "${mod}/services/containers/experimental" #"${mod}/services/networkd-wireguard.nix" #"${mod}/services/wireguard.nix" diff --git a/hosts/nixdesk/default.nix b/hosts/nixdesk/default.nix index 805bae0..5a43f6d 100644 --- a/hosts/nixdesk/default.nix +++ b/hosts/nixdesk/default.nix @@ -22,5 +22,7 @@ } ]; + networking.interfaces.eno1.wakeOnLan.enable = true; + system.stateVersion = "23.11"; } diff --git a/secrets/hopper/betanin b/secrets/hopper/betanin new file mode 100644 index 0000000..997e9c1 --- /dev/null +++ b/secrets/hopper/betanin @@ -0,0 +1,24 @@ +{ + "data": "ENC[AES256_GCM,data:Bw/YPsl3ltVbommvO++qJbbsdWrsST26FMt0Hc3Osj99dhlfMa68k40MxdTBo8VwoRZQkWplxDNrzN9/KjTni95p/HwaSrbNWKk9tpRaYLabym/YL5dnR7jKxyf0pBowLHqBBgW11X40NkEojtJBfFCN5xrU6xpDQtVrN+R80PK1/D8gC/sf6wG8pD/lYbBzXdEDjGg3ZHRMSdLlSNC52qh2tfPyU8kg3fBDuAoO+U3cUkfJxbKGr2Dq7OXlZDcv0/oaHZ+MM6fKThwZpsimD7t6mSjRtoYTiB+6afF/LG2x7thTdbj8zdUtOSQxVcdq7J8m0bEzDHfveGKA4Nneaqa+D1VFxk0jkTQDtN/ow0K8/D0ubSRalAqFI90HWmDJyNi/XzPJiU1plLVgL4XPUObjWnkbjM5QsjcoXuTCMTVkI6RGFUc1jRJju5cNbEiuBDMzNn1q6Ob9BeeyAth+cMGHKlTXkC+Hk7cR46ky6hWCZHY7q7oekPq5Bcy2NLoDMIDF3N5slb31KktZG2rG7tUimPfKTL901dP4d9rKN8PhGjnoBVDrWEJcm89+QcCNsGOZmQJFzDFaUJzChIc2woHHEqZDz4dHrErcWg4mRiKAIjjP029J3tdB+i5MOOmMMJv48TvcVi2FKdjGQ8jiCby8TtVIs4RjBTkAEppQSxAT9ApZDhSSNEsDMxn+/88e/UunrtBYdeIUDR3ANtsXNi35y7ox21zBdVXp64FWO5pOvcTvNFNoH1zmzhMI8zxn2cVhSYqsBWwLjpCoWnlq2sFuvF7bK3UynyjQ+7pyyIxfGzhJ/8Gqo2qjQ/sq3Bdex/EZeVfg8YlG64paCCjJ3LT3/srnOENaJsbNwpOCrTXO0cWt/cCDLonvLmwuB4uS4Hg+DXOqC02Zupb2z0bL9SdU0GxehVvr/bHzOtU9vgghxdGWhsaYhq0/2ghS/2mJmWQNsJwFt7gaKXUt7ugNqn4fmCW/sDNwgoOFkENZgH3ZozvcTAMfXzfEX1XCiHjz5G5PEjODOzo4u9hizYSaaLfa543eaIHb+u8FZuhVyJFfG4IrF4zFXG+2qbpKDJBtueM4RmWcAyUIFaNOkQv1KM638YZtuBKnzgGVyZYME4Yit0IZQqiDOoE7IpZ7chd91sKoAVTSdMa+ESLYabp5UqT9/iJ8xrkj/F7NVZMct5EZWQaAowehrXKpGBZPNFqyepkHBtyTGkphc4NdonfjCSMZzu73+V98DOpUBQKkQMxc/SAeUrUhrUQ3GCf8+YVJmNWyCyRiliq0n+8mQa6DdjqcUiNwIbj4rUYwxsrpGLlA/zu+QvotquOeWiAEhbq539bjmTCGCcbTydQybHiuASpdu0wAbSwaLF0e/0Iq3RYOBsoiPmkSkLvcCzGkmDyaPVX+qCzXcxUh1OT7RD46ppcv/CpljaWIEPd62pse4MmNxk0qPELmymyZWZ8EbQQeXl8THFhgFavzE2i+PP5IAxqlyYQG4StyMd+Q7rsWRP1GVC5xew7GyU31Yi6lWcHplO06WX0yB7f9V+dx2sJ4E0e6xW0kn3dVuWhzBFxVpn3U1u7kkByL4RAeXuI/LWk1nWsF7gSVPk6saIdhq6WYY4flRu44C88eCd+ACwtFwYpW8sOhFMJ9w2fFqkGUxQv9TWbxVr3b+wSfkS4a9t1RXOCgDuOyqOmDN/7vOvP1W63OuHZtx5+VMz5mKcZwwDDKsH8+eHWsrur0Bt4fVXzznpCibfxl31htPrIpAeEKso3xi8AJi6Ag4A/Olne1XJElBkijSBwZz7arThaNuG/BmzZMXCCoJo+2rRywZWHf4GOIGbPsmEGYCA0DpwrR5zU3ABAWEnip9E1y7H3Q8JG0UI7EG9m8nGTCKHu8xd3DIVESvl9mNstBSXBid9cRPne5CQQe7RHrJDHYTA==,iv:rMxC9vqxNGhSDOhXE6hYAZA6uLSKwOfMy1RAdxJBrmg=,tag:cUYkuhq74+JPFPG4+VAlPw==,type:str]", + "sops": { + "kms": null, + "gcp_kms": null, + "azure_kv": null, + "hc_vault": null, + "age": [ + { + "recipient": "age17pdqkpfh6kc6wm7gxzdnwf6vphlwddv9yfpdu3j76e24y3amd9tq3avfc8", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBqakZYMWl2YnlmZUZ2SFFn\nczJKVzU5QUsxeVJDdllja1hObmd3d1ZvbTJNCjRHUDhVTTZzNmtZSTk5SGUzaXhl\nNTJLdmNOUnd2OFpzZ21Jb0R6czdYT1UKLS0tIGdlUklWeEdaVnJENlZmRzVlTTJk\nQ1dZZkhhYnlEcXNuc2xLanZLK05HZFEK0/sUYuJ6bwWVgEUz0ST02ugITRJ/ynIs\nSWqP4EKaDH5Zc/H93TJexIdz12CgO9gurmdpa2w7z1Fn0lW/z+iQRg==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age15mgf89h220puhz48rjpwxwu4n2h4edur60w6cd8gku2hh4e5kqpsghvnyw", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB4cFRKMEQxMnlsZlpWUVMr\nMUtOTjF6RWRZdHdMbzh4ZGpkelc3cEZyRWxrClVOSy9kNXB6OGpVNHhSRnQrdU5y\nV3JiVDNVTThpSTVzSnliY1ZBOFFQY28KLS0tIHd1NEo2VTd0WXJ4eU9KdjlKSHpJ\nOC9XRDhaNmNOOEJoOS8remF6d2szTncKG/uzlIbBX7gFBcUTXzstarnBeiUB0Cdn\nQjT1nFNFGR09WDtJROuTPYS6GFmEmlGwX84dGsIQpIjyN3XPSzsrxQ==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], + "lastmodified": "2024-04-08T22:16:08Z", + "mac": "ENC[AES256_GCM,data:n7/FajYrQhZ8J+3jQ0UZxb6vvcZNImxpCLoPZYhJKxPgdc52u0NxUZnhy+f/JkW+sczZKOTiNA4R8VJLoB+VINRBL3EHBirOu4qyjnMPOk30QP2mpQEcyUDzs2YXh1s0PYsgZJmI74a5kJpHe0OHO/pWGPFwJANJjG69h7o+gCU=,iv:/6wQVsERE5R7FgTbmB40TXMj7QEyXyLlrd+442wS9l8=,tag:ylSM//8UetA7hTgR/RKd+Q==,type:str]", + "pgp": null, + "unencrypted_suffix": "_unencrypted", + "version": "3.8.1" + } +} \ No newline at end of file diff --git a/secrets/hopper/default.nix b/secrets/hopper/default.nix index 3ef7739..dd48f78 100644 --- a/secrets/hopper/default.nix +++ b/secrets/hopper/default.nix @@ -33,5 +33,15 @@ format = "binary"; sopsFile = ./cloudflare; }; + jackett = { + format = "binary"; + sopsFile = ./jackett; + restartUnits = ["podman-qbittorrent.service"]; + }; + betanin = { + format = "binary"; + sopsFile = ./betanin; + restartUnits = ["podman-betanin.service"]; + }; }; } diff --git a/secrets/hopper/jackett b/secrets/hopper/jackett new file mode 100644 index 0000000..d929e72 --- /dev/null +++ b/secrets/hopper/jackett @@ -0,0 +1,24 @@ +{ + "data": "ENC[AES256_GCM,data:1p3OQ+qlo1ewqD4VPvVsyqZecL87sHbEQGyJ3Fepvahe3NsMmsDL4k04bBmsQLpd3fVj65WTtYv7cC5Cjy83AMcHVaX8/AVWh/9qdijmWlmp7RNwGgdyPMs48gM1677X8mUt7AohmlI7A+y6/zaUQl2C/FSGXYJaMOVkeSayMRHu+B0nBIVxNXo=,iv:69xkQvwZND3qfIeRJmOiJ9rp02Y1a/xexcj7IyWlT2w=,tag:GYC0JL1QTouVDPXQsaSH0Q==,type:str]", + "sops": { + "kms": null, + "gcp_kms": null, + "azure_kv": null, + "hc_vault": null, + "age": [ + { + "recipient": "age17pdqkpfh6kc6wm7gxzdnwf6vphlwddv9yfpdu3j76e24y3amd9tq3avfc8", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBDMElTQis1R2VCSjAyWlUv\nVUtFSlZBT3V5YVdpc08xUUl6KzRTZEQ3QUQ4Ckp3clF5N21TMzJqNnJMakhwR2VU\ncm9GSG5SRjdLNWNwdUpuWWxka0lBaVkKLS0tIDVIckttQ3EyQTBEZnBxM21pZFpy\nZjYvcXpMWTVldXdhUmx3RzJNWmdMN0EKceUMr48QXIm1/6CiQg7J54nMSSuHd1fU\nKsL0//t6nmcnuZDWqsxTw4V8/i18KLqB8DfI3Naca1kiT/Eswhq/mA==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age15mgf89h220puhz48rjpwxwu4n2h4edur60w6cd8gku2hh4e5kqpsghvnyw", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB0bWNkQ2MvdG5zWmZXVkhJ\nUmwrZEM0UkRMUkk4dGV3bGoxRk1DU3UwalJJCi9JRktZOG9aRFdPcHZWdjVwa0o4\nZXkzN1hCVkFEOURhbjRla0JIcDJLcXcKLS0tIDAySitMSHpqY0ZnbHU5UjBxYU1a\nL0JaemNyT2REUThtNDEwREUvSDd0ekUK3J7gYbDWZjHJ5+QCE9nUKQI3LsU7yZK4\nGtrCM8JFhNUrglhhtBiIyez2O5BiDpqpflc/jcTaz0Eq+PkNzX35WQ==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], + "lastmodified": "2024-04-08T19:29:32Z", + "mac": "ENC[AES256_GCM,data:fOYBWvnmxQZ/Il+OP9BYbdJ1d58INKjQ7UVHARNkCju+GQ9qfl2tlqhQ/x759aSiPatiVDA/PyXBMBPCIIJA6gaBoitDfoXEwMoNLApcT+LMw1oDLbxBoZRivOKKlDktHEE3FFKTH9Wz1RsG74d5NptacLxvZqgdPLUyVIJQkV4=,iv:nT+twZfMM057UlamPjveu55NdMXseu+HGL2TjuetSAA=,tag:dZXtoqLmgASx8Hz9Af/rJA==,type:str]", + "pgp": null, + "unencrypted_suffix": "_unencrypted", + "version": "3.8.1" + } +} \ No newline at end of file diff --git a/system/core/tools.nix b/system/core/tools.nix index 3699a95..949f328 100644 --- a/system/core/tools.nix +++ b/system/core/tools.nix @@ -1,5 +1,6 @@ {pkgs, ...}: { environment.systemPackages = with pkgs; [ + vim htop btop wget diff --git a/system/services/containers/experimental/default.nix b/system/services/containers/experimental/default.nix new file mode 100644 index 0000000..bb65601 --- /dev/null +++ b/system/services/containers/experimental/default.nix @@ -0,0 +1,132 @@ +{ + config, + pkgs, + ... +}: { + imports = [ + ./smbshare.nix + ]; + virtualisation.podman = { + enable = true; + autoPrune.enable = true; + dockerSocket.enable = true; + }; + + virtualisation.oci-containers = { + backend = "podman"; + + containers = { + gluetun = { + image = "qmcgaw/gluetun:v3"; + volumes = [ + "${config.sops.secrets.wireguard.path}:/gluetun/wireguard/wg0.conf" + ]; + ports = [ + ## This bypasses the firewall + ## use 127.0.0.1:XXXX:XXXX if you only want it to be accessible locally + + "127.0.0.1:8191:8191" # flaresolverr + "9117:9117" # jackett + "5030:5030" # slskd + "8096:8096" # jellyfin + "8080:8080" # qbittorrent webui + ]; + + environment = { + VPN_SERVICE_PROVIDER = "airvpn"; + VPN_TYPE = "wireguard"; + SERVER_COUNTRIES = "Netherlands"; + FIREWALL_VPN_INPUT_PORTS = "11936,8096,14795"; + }; + + extraOptions = [ + "--cap-add=NET_ADMIN" + "--device=/dev/net/tun:/dev/net/tun" + ]; + }; + qbittorrent = { + image = "lscr.io/linuxserver/qbittorrent:latest"; + + environment = { + WEBUI_PORT = "8080"; + TORRENTING_PORT = "11936"; + }; + + volumes = [ + "/media/config/qbittorrent:/config" + "${config.sops.secrets.jackett.path}:/config/qBittorrent/nova3/engines/jackett.json" + "/media/downloads:/downloads" + ]; + + dependsOn = ["gluetun"]; + extraOptions = [ + "--network=container:gluetun" + ]; + }; + flaresolverr = { + image = "flaresolverr/flaresolverr"; + environment = { + LOG_LEVEL = "info"; + }; + dependsOn = ["gluetun"]; + extraOptions = [ + "--network=container:gluetun" + ]; + }; + jellyfin = { + image = "jellyfin/jellyfin"; + volumes = [ + "/media/config/jellyfin/config:/config" + "/media/config/jellyfin/cache:/cache" + "/media/library:/library" + ]; + dependsOn = ["gluetun"]; + extraOptions = [ + "--network=container:gluetun" + ]; + }; + jackett = { + image = "lscr.io/linuxserver/jackett:latest"; + volumes = [ + "/media/config/jackett:/config" + ]; + dependsOn = ["gluetun"]; + extraOptions = [ + "--network=container:gluetun" + ]; + }; + slskd = { + image = "slskd/slskd"; + volumes = [ + "/var/lib/slskd:/app" + "/media/slskd/downloads:/downloads" + "/media/slskd/incomplete:/incomplete" + "/media/library/music:/shares/music" + "${config.sops.secrets.slskd.path}:/app/slskd.yml" + ]; + dependsOn = ["gluetun"]; + extraOptions = [ + "--network=container:gluetun" + ]; + }; + betanin = { + image = "sentriz/betanin"; + environment = { + UID = "1001"; + GID = "100"; + }; + ports = [ + "9393:9393" + ]; + volumes = [ + "/media/config/betanin/data:/b/.local/share/betanin" + "/media/config/betanin/config:/b/.config/betanin" + "/media/config/betanin/beets:/b/.config/beets" + "${config.sops.secrets.betanin.path}:/b/.config/beets/config.yaml" + "/media/library/music:/music" + "/media/slskd/downloads:/downloads" + ]; + }; + }; + }; +} diff --git a/system/services/containers/experimental/smbshare.nix b/system/services/containers/experimental/smbshare.nix new file mode 100644 index 0000000..8946750 --- /dev/null +++ b/system/services/containers/experimental/smbshare.nix @@ -0,0 +1,27 @@ +{pkgs, ...}: { + services.samba = { + enable = true; + package = pkgs.samba4Full; + openFirewall = true; + shares = { + "torrent" = { + path = "/media/downloads"; + browseable = "yes"; + "guest ok" = "yes"; + "read only" = "yes"; + "write-list" = "xun"; + }; + "library" = { + path = "/media/library"; + browseable = "yes"; + "guest ok" = "yes"; + "read only" = "yes"; + "write-list" = "xun"; + }; + }; + }; + services.samba-wsdd = { + enable = true; + openFirewall = true; + }; +} diff --git a/system/services/containers/server/default.nix b/system/services/containers/server/default.nix index 06f12bb..48421f1 100644 --- a/system/services/containers/server/default.nix +++ b/system/services/containers/server/default.nix @@ -7,32 +7,33 @@ #./statistics ]; - services.samba = { - enable = true; - package = pkgs.samba4Full; - openFirewall = true; - shares."torrent-downloads" = { - path = "/media/downloads/complete"; - browseable = "yes"; - "read only" = "yes"; - "guest ok" = "no"; - }; - #shares."decky-cloud-save" = { - # path = "/media/gamesaves"; - # browseable = "yes"; - # "read only" = "no"; - # "guest ok" = "no"; - #}; - extraConfig = '' - server smb encrypt = required - server min protocol = SMB3_00 - ''; - }; - services.samba-wsdd = { - # This enables autodiscovery on windows since SMB1 (and thus netbios) support was discontinued - enable = true; - openFirewall = true; - }; + ### temp disabled + ###services.samba = { + ### enable = true; + ### package = pkgs.samba4Full; + ### openFirewall = true; + ### shares."torrent-downloads" = { + ### path = "/media/downloads/complete"; + ### browseable = "yes"; + ### "read only" = "yes"; + ### "guest ok" = "no"; + ### }; + ### #shares."decky-cloud-save" = { + ### # path = "/media/gamesaves"; + ### # browseable = "yes"; + ### # "read only" = "no"; + ### # "guest ok" = "no"; + ### #}; + ### extraConfig = '' + ### server smb encrypt = required + ### server min protocol = SMB3_00 + ### ''; + ###}; + ###services.samba-wsdd = { + ### # This enables autodiscovery on windows since SMB1 (and thus netbios) support was discontinued + ### enable = true; + ### openFirewall = true; + ###}; #virtualisation.docker = { # enable = true; @@ -131,6 +132,7 @@ "5030:5030" # slskd "5031:5031" # slskd https "8096:8096" # jellyfin + "8080:8080" # qbittorrent webui ]; environment = {