xun/nixos-config
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Compare commits

base: xun:383d9f878eb8705b3b4832092005cfbc579e5d4e
Branches Tags
xun:master
..
compare: xun:9e17ff86d95b124111c4a60db324c28ef59bd8cf
Branches Tags
xun:master

10 commits
383d9f878e ... 9e17ff86d9

Author SHA1 Message Date
xunuwu
9e17ff86d9
setup gpg 2025-06-07 17:28:58 +02:00
xunuwu
b6f3b37cdf
add vps as trusted proxy 2025-06-07 10:58:46 +02:00
xunuwu
4ccc71014f
add miniflux 2025-06-07 10:51:27 +02:00
xunuwu
05d2d39af5
prefix some profile things with __ 2025-06-07 05:37:35 +02:00
xunuwu
cf7a9b09de
update sops secret paths 2025-06-06 14:48:41 +02:00
xunuwu
8d1bcedeab
remove buildiso just command 2025-06-06 14:46:35 +02:00
xunuwu
808b16f9e3
add nixpkgs github search engine 2025-06-06 14:43:42 +02:00
xunuwu
701a7ee401
clean up search engine stuff 2025-06-06 14:37:20 +02:00
xunuwu
d6ed128d6b
fix noogle custom search engine 2025-06-06 14:32:20 +02:00
xunuwu
9d5414f614
use haumea for homeProfiles 2025-06-06 14:03:53 +02:00
20 changed files with 115 additions and 86 deletions
Download patch file Download diff file Expand all files Collapse all files

16
.sops.yaml
View file

@ -7,27 +7,17 @@ keys:
- &rackserv age1zutg3s4nth679a6av9xqw4km0ezmfkxlnusu78demf0rzazqn3pqk9exgj - &rackserv age1zutg3s4nth679a6av9xqw4km0ezmfkxlnusu78demf0rzazqn3pqk9exgj
creation_rules: creation_rules:
- path_regex: home/profiles/secrets - path_regex: secrets/nixdesk
key_groups:
- age:
- *xun
- path_regex: sys/profiles/secrets/global
key_groups: key_groups:
- age: - age:
- *xun - *xun
- *nixdesk - *nixdesk
- *hopper - path_regex: secrets/hopper
- path_regex: sys/profiles/secrets/nixdesk
key_groups:
- age:
- *xun
- *nixdesk
- path_regex: sys/profiles/secrets/hopper
key_groups: key_groups:
- age: - age:
- *xun - *xun
- *hopper - *hopper
- path_regex: sys/profiles/secrets/rackserv - path_regex: secrets/rackserv
key_groups: key_groups:
- age: - age:
- *xun - *xun

7
Justfile
View file

@ -7,13 +7,8 @@ local OPERATION *FLAGS:
{{FLAGS}} \ {{FLAGS}} \
{{OPERATION}} {{OPERATION}}
buildiso *FLAGS:
nix build .#nixosConfigurations.liveiso.config.system.build.isoImage {{FLAGS}}
updatekeys: updatekeys:
fd . sys/profiles/secrets -E '*.nix' -t f -x sops updatekeys -y fd . secrets -E '*.nix' -t f -x sops updatekeys -y
remote OPERATION HOST REMOTEHOST *FLAGS: remote OPERATION HOST REMOTEHOST *FLAGS:
nixos-rebuild \ nixos-rebuild \

12
flake.nix
View file

@ -6,11 +6,13 @@
haumea, haumea,
... ...
} @ inputs: let } @ inputs: let
systemProfiles = haumea.lib.load { _load = path:
src = ./sys/profiles; haumea.lib.load {
loader = haumea.lib.loaders.path; src = path;
}; loader = haumea.lib.loaders.path;
homeProfiles = ./home; };
systemProfiles = _load ./sys/profiles;
homeProfiles = _load ./home;
vars = import ./vars; vars = import ./vars;
l = nixpkgs.lib; l = nixpkgs.lib;
b = builtins; b = builtins;

5
home/cli/gpg.nix Normal file
View file

@ -0,0 +1,5 @@
{
programs.gpg = {
enable = true;
};
}

0
home/desktop/common/fuzzel.nix → home/desktop/__common/fuzzel.nix
View file

0
home/desktop/common/wl-clipboard.nix → home/desktop/__common/wl-clipboard.nix
View file

0
home/desktop/common/wob.nix → home/desktop/__common/wob.nix
View file

0
home/desktop/sway/waybar.nix → home/desktop/sway/__waybar.nix
View file

8
home/desktop/sway/default.nix
View file

@ -6,10 +6,10 @@
... ...
}: { }: {
imports = [ imports = [
../common/fuzzel.nix ../__common/fuzzel.nix
../common/wob.nix ../__common/wob.nix
../common/wl-clipboard.nix ../__common/wl-clipboard.nix
./waybar.nix ./__waybar.nix
]; ];
# services.gnome-keyring = { # services.gnome-keyring = {

15
home/programs/firefox/search-engines.nix
View file

@ -3,9 +3,7 @@
pkgs, pkgs,
... ...
}: { }: {
programs.firefox.profiles.xun.search = let programs.firefox.profiles.xun.search = {
inherit (lib) attrsToList singleton;
in {
force = true; force = true;
default = "google"; default = "google";
order = [ order = [
@ -47,6 +45,11 @@
icon = "https://github.githubassets.com/favicons/favicon-dark.svg"; icon = "https://github.githubassets.com/favicons/favicon-dark.svg";
definedAliases = ["@ghn"]; definedAliases = ["@ghn"];
}; };
"nixpkgs github" = {
urls = mkUrl "https://github.com/search?type=code&q=repo:NixOS/nixpkgs {searchTerms}";
icon = "https://github.githubassets.com/favicons/favicon-dark.svg";
definedAliases = ["@nixpkgs"];
};
"Brave" = { "Brave" = {
urls = mkUrl "https://search.brave.com/search?q={searchTerms}"; urls = mkUrl "https://search.brave.com/search?q={searchTerms}";
icon = "https://brave.com/static-assets/images/brave-favicon.png"; icon = "https://brave.com/static-assets/images/brave-favicon.png";
@ -57,21 +60,19 @@
icon = "https://www.youtube.com/favicon.ico"; icon = "https://www.youtube.com/favicon.ico";
definedAliases = ["@yt"]; definedAliases = ["@yt"];
}; };
"crates.io" = { "crates.io" = {
urls = mkUrl "https://crates.io/search?q={searchTerms}"; urls = mkUrl "https://crates.io/search?q={searchTerms}";
icon = "https://crates.io/favicon.ico"; icon = "https://crates.io/favicon.ico";
definedAliases = ["@cr"]; definedAliases = ["@cr"];
}; };
"noogle" = { "noogle" = {
url = mkUrl "https://noogle.dev/q?term={searchTerms}"; urls = mkUrl "https://noogle.dev/q?term={searchTerms}";
icon = "https://noogle.dev/favicon.png"; icon = "https://noogle.dev/favicon.png";
definedAliases = ["@noogle"]; definedAliases = ["@nog"];
}; };
"google".metaData.alias = "@go"; "google".metaData.alias = "@go";
"ddb".metaData.alias = "@ddg"; "ddb".metaData.alias = "@ddg";
"wikipedia".metaData.alias = "@wiki";
"bing".metaData.alias = "@bi"; "bing".metaData.alias = "@bi";
}; };
}; };

20
hosts/hopper/home.nix
View file

@ -4,20 +4,20 @@
pkgs, pkgs,
... ...
}: { }: {
imports = map (x: homeProfiles + x) [ imports = with homeProfiles; [
/cli/xdg.nix cli.xdg
/cli/comma.nix cli.comma
/programs/nvim.nix programs.nvim
/programs/foot.nix programs.foot
/desktop/xdg-portals.nix desktop.xdg-portals
/desktop/sway/default.nix desktop.sway.default
/programs/mpv.nix programs.mpv
/services/playerctl.nix services.playerctl
/services/polkit-agent.nix services.polkit-agent
]; ];
wayland.windowManager.sway.config.output."HDMI-A-1".scale = "2.0"; wayland.windowManager.sway.config.output."HDMI-A-1".scale = "2.0";

8
hosts/hopper/profiles/lab/caddy.nix
View file

@ -20,7 +20,12 @@ in {
services.caddy = { services.caddy = {
enable = true; enable = true;
globalConfig = "metrics"; globalConfig = ''
metrics
servers {
trusted_proxies static 10.0.0.1
}
'';
virtualHosts = let virtualHosts = let
mkPublicEntry = name: destination: { mkPublicEntry = name: destination: {
hostName = "${name}.${domain}:80"; hostName = "${name}.${domain}:80";
@ -43,6 +48,7 @@ in {
navidrome = mkPublicEntry "navidrome" "${bridge}:${toString config.services.navidrome.settings.Port}"; navidrome = mkPublicEntry "navidrome" "${bridge}:${toString config.services.navidrome.settings.Port}";
vaultwarden = mkPublicEntry "vw" "${bridge}:${toString config.services.vaultwarden.config.ROCKET_PORT}"; vaultwarden = mkPublicEntry "vw" "${bridge}:${toString config.services.vaultwarden.config.ROCKET_PORT}";
abs = mkPublicEntry "abs" "${bridge}:${toString config.services.audiobookshelf.port}"; abs = mkPublicEntry "abs" "${bridge}:${toString config.services.audiobookshelf.port}";
miniflux = mkPublicEntry "rss" "${bridge}:18632";
navidrome2 = mkPrivateEntry "navidrome" "${bridge}:${toString config.services.navidrome.settings.Port}"; navidrome2 = mkPrivateEntry "navidrome" "${bridge}:${toString config.services.navidrome.settings.Port}";
slskd = mkPrivateEntry "slskd" "localhost:${toString config.services.slskd.settings.web.port}"; slskd = mkPrivateEntry "slskd" "localhost:${toString config.services.slskd.settings.web.port}";

1
hosts/hopper/profiles/lab/default.nix
View file

@ -9,6 +9,7 @@
./glances.nix ./glances.nix
./homepage.nix ./homepage.nix
./minecraft.nix ./minecraft.nix
./miniflux.nix
./navidrome ./navidrome
./prometheus.nix ./prometheus.nix
./restic.nix ./restic.nix

6
hosts/hopper/profiles/lab/homepage.nix
View file

@ -79,6 +79,12 @@ in {
icon = "vaultwarden"; icon = "vaultwarden";
}; };
} }
{
"miniflux" = {
href = "https://rss.${domain}";
icon = "miniflux";
};
}
]; ];
} }
]; ];

14
hosts/hopper/profiles/lab/miniflux.nix Normal file
View file

@ -0,0 +1,14 @@
{
vars,
config,
...
}: {
services.miniflux = {
enable = true;
adminCredentialsFile = config.sops.secrets.miniflux.path;
config = {
BASE_URL = "https://miniflux.${vars.domain}";
LISTEN_ADDR = "${config.vpnNamespaces."wg".bridgeAddress}:18632";
};
};
}

1
hosts/hopper/profiles/lab/vpn-namespace.nix
View file

@ -11,6 +11,7 @@
config.services.audiobookshelf.port config.services.audiobookshelf.port
config.services.navidrome.settings.Port config.services.navidrome.settings.Port
config.services.glances.port config.services.glances.port
18632
]; ];
in { in {
extraCommands = builtins.concatStringsSep "\n" (map extraCommands = builtins.concatStringsSep "\n" (map

1
hosts/hopper/profiles/persistent.nix
View file

@ -8,6 +8,7 @@
"/var/log" "/var/log"
"/var/lib/nixos" "/var/lib/nixos"
"/var/lib/bluetooth" "/var/lib/bluetooth"
"/var/lib/postgresql"
]; ];
files = [ files = [
"/etc/machine-id" "/etc/machine-id"

1
hosts/nixdesk/default.nix
View file

@ -65,6 +65,7 @@
programs.home-manager programs.home-manager
# programs.qt # programs.qt
programs.adb programs.adb
programs.gpg
programs.openrgb programs.openrgb
programs.tools programs.tools
programs.thunar programs.thunar

81
hosts/nixdesk/home.nix
View file

@ -6,63 +6,64 @@
homeProfiles, homeProfiles,
... ...
}: { }: {
imports = map (x: homeProfiles + x) [ imports = with homeProfiles; [
/cli/zsh.nix cli.zsh
/cli/fish.nix cli.fish
/cli/xdg.nix cli.xdg
/cli/direnv.nix cli.direnv
/cli/tmux.nix cli.tmux
/cli/comma.nix cli.comma
/cli/irssi.nix cli.irssi
/cli/git.nix cli.gpg
/cli/github.nix cli.git
/cli/jujutsu.nix cli.github
cli.jujutsu
/programs/nvim.nix programs.nvim
/programs/firefox/default.nix programs.firefox.default
/programs/tor.nix programs.tor
/programs/chromium.nix programs.chromium
/programs/foot.nix programs.foot
/themes/dark/default.nix themes.dark.default
# desktop # desktop
/desktop/xdg-portals.nix desktop.xdg-portals
/desktop/sway/default.nix desktop.sway.default
# development # development
/develop/common.nix develop.common
/develop/docs.nix develop.docs
/develop/langs/haskell.nix develop.langs.haskell
/develop/langs/go.nix develop.langs.go
/develop/langs/js.nix develop.langs.js
/develop/langs/rust.nix develop.langs.rust
/develop/langs/elixir.nix develop.langs.elixir
/develop/langs/nix.nix develop.langs.nix
/develop/langs/zig.nix develop.langs.zig
/develop/langs/lua.nix develop.langs.lua
/develop/langs/c.nix develop.langs.c
/develop/langs/csharp.nix develop.langs.csharp
# programs # programs
/programs/discord.nix programs.discord
/programs/obs.nix programs.obs
/programs/beets.nix programs.beets
/programs/cmus.nix programs.cmus
/programs/mpv.nix programs.mpv
# gaming # gaming
/programs/mangohud.nix programs.mangohud
/programs/jc141.nix programs.jc141
/services/playerctl.nix services.playerctl
/services/polkit-agent.nix services.polkit-agent
]; ];
wayland.windowManager.sway.extraConfig = '' wayland.windowManager.sway.extraConfig = ''

5
sys/profiles/programs/gpg.nix Normal file
View file

@ -0,0 +1,5 @@
{
programs.gnupg.agent = {
enable = true;
};
}