xun/nixos-config
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Compare commits

base: xun:383d9f878eb8705b3b4832092005cfbc579e5d4e
Branches Tags
xun:master
..
compare: xun:9e17ff86d95b124111c4a60db324c28ef59bd8cf
Branches Tags
xun:master

10 commits
383d9f878e ... 9e17ff86d9

Author SHA1 Message Date
xunuwu
9e17ff86d9
setup gpg 2025-06-07 17:28:58 +02:00
xunuwu
b6f3b37cdf
add vps as trusted proxy 2025-06-07 10:58:46 +02:00
xunuwu
4ccc71014f
add miniflux 2025-06-07 10:51:27 +02:00
xunuwu
05d2d39af5
prefix some profile things with __ 2025-06-07 05:37:35 +02:00
xunuwu
cf7a9b09de
update sops secret paths 2025-06-06 14:48:41 +02:00
xunuwu
8d1bcedeab
remove buildiso just command 2025-06-06 14:46:35 +02:00
xunuwu
808b16f9e3
add nixpkgs github search engine 2025-06-06 14:43:42 +02:00
xunuwu
701a7ee401
clean up search engine stuff 2025-06-06 14:37:20 +02:00
xunuwu
d6ed128d6b
fix noogle custom search engine 2025-06-06 14:32:20 +02:00
xunuwu
9d5414f614
use haumea for homeProfiles 2025-06-06 14:03:53 +02:00
20 changed files with 115 additions and 86 deletions
Download patch file Download diff file Expand all files Collapse all files

16
.sops.yaml
View file

@ -7,27 +7,17 @@ keys:
- &rackserv age1zutg3s4nth679a6av9xqw4km0ezmfkxlnusu78demf0rzazqn3pqk9exgj
creation_rules:
- path_regex: home/profiles/secrets
key_groups:
- age:
- *xun
- path_regex: sys/profiles/secrets/global
- path_regex: secrets/nixdesk
key_groups:
- age:
- *xun
- *nixdesk
- *hopper
- path_regex: sys/profiles/secrets/nixdesk
key_groups:
- age:
- *xun
- *nixdesk
- path_regex: sys/profiles/secrets/hopper
- path_regex: secrets/hopper
key_groups:
- age:
- *xun
- *hopper
- path_regex: sys/profiles/secrets/rackserv
- path_regex: secrets/rackserv
key_groups:
- age:
- *xun

7
Justfile
View file

@ -7,13 +7,8 @@ local OPERATION *FLAGS:
{{FLAGS}} \
{{OPERATION}}
buildiso *FLAGS:
nix build .#nixosConfigurations.liveiso.config.system.build.isoImage {{FLAGS}}
updatekeys:
fd . sys/profiles/secrets -E '*.nix' -t f -x sops updatekeys -y
fd . secrets -E '*.nix' -t f -x sops updatekeys -y
remote OPERATION HOST REMOTEHOST *FLAGS:
nixos-rebuild \

8
flake.nix
View file

@ -6,11 +6,13 @@
haumea,
...
} @ inputs: let
systemProfiles = haumea.lib.load {
src = ./sys/profiles;
_load = path:
haumea.lib.load {
src = path;
loader = haumea.lib.loaders.path;
};
homeProfiles = ./home;
systemProfiles = _load ./sys/profiles;
homeProfiles = _load ./home;
vars = import ./vars;
l = nixpkgs.lib;
b = builtins;

5
home/cli/gpg.nix Normal file
View file

@ -0,0 +1,5 @@
{
programs.gpg = {
enable = true;
};
}

0
home/desktop/common/fuzzel.nix → home/desktop/__common/fuzzel.nix
View file

0
home/desktop/common/wl-clipboard.nix → home/desktop/__common/wl-clipboard.nix
View file

0
home/desktop/common/wob.nix → home/desktop/__common/wob.nix
View file

0
home/desktop/sway/waybar.nix → home/desktop/sway/__waybar.nix
View file

8
home/desktop/sway/default.nix
View file

@ -6,10 +6,10 @@
...
}: {
imports = [
../common/fuzzel.nix
../common/wob.nix
../common/wl-clipboard.nix
./waybar.nix
../__common/fuzzel.nix
../__common/wob.nix
../__common/wl-clipboard.nix
./__waybar.nix
];
# services.gnome-keyring = {

15
home/programs/firefox/search-engines.nix
View file

@ -3,9 +3,7 @@
pkgs,
...
}: {
programs.firefox.profiles.xun.search = let
inherit (lib) attrsToList singleton;
in {
programs.firefox.profiles.xun.search = {
force = true;
default = "google";
order = [
@ -47,6 +45,11 @@
icon = "https://github.githubassets.com/favicons/favicon-dark.svg";
definedAliases = ["@ghn"];
};
"nixpkgs github" = {
urls = mkUrl "https://github.com/search?type=code&q=repo:NixOS/nixpkgs {searchTerms}";
icon = "https://github.githubassets.com/favicons/favicon-dark.svg";
definedAliases = ["@nixpkgs"];
};
"Brave" = {
urls = mkUrl "https://search.brave.com/search?q={searchTerms}";
icon = "https://brave.com/static-assets/images/brave-favicon.png";
@ -57,21 +60,19 @@
icon = "https://www.youtube.com/favicon.ico";
definedAliases = ["@yt"];
};
"crates.io" = {
urls = mkUrl "https://crates.io/search?q={searchTerms}";
icon = "https://crates.io/favicon.ico";
definedAliases = ["@cr"];
};
"noogle" = {
url = mkUrl "https://noogle.dev/q?term={searchTerms}";
urls = mkUrl "https://noogle.dev/q?term={searchTerms}";
icon = "https://noogle.dev/favicon.png";
definedAliases = ["@noogle"];
definedAliases = ["@nog"];
};
"google".metaData.alias = "@go";
"ddb".metaData.alias = "@ddg";
"wikipedia".metaData.alias = "@wiki";
"bing".metaData.alias = "@bi";
};
};

20
hosts/hopper/home.nix
View file

@ -4,20 +4,20 @@
pkgs,
...
}: {
imports = map (x: homeProfiles + x) [
/cli/xdg.nix
/cli/comma.nix
imports = with homeProfiles; [
cli.xdg
cli.comma
/programs/nvim.nix
/programs/foot.nix
programs.nvim
programs.foot
/desktop/xdg-portals.nix
/desktop/sway/default.nix
desktop.xdg-portals
desktop.sway.default
/programs/mpv.nix
programs.mpv
/services/playerctl.nix
/services/polkit-agent.nix
services.playerctl
services.polkit-agent
];
wayland.windowManager.sway.config.output."HDMI-A-1".scale = "2.0";

8
hosts/hopper/profiles/lab/caddy.nix
View file

@ -20,7 +20,12 @@ in {
services.caddy = {
enable = true;
globalConfig = "metrics";
globalConfig = ''
metrics
servers {
trusted_proxies static 10.0.0.1
}
'';
virtualHosts = let
mkPublicEntry = name: destination: {
hostName = "${name}.${domain}:80";
@ -43,6 +48,7 @@ in {
navidrome = mkPublicEntry "navidrome" "${bridge}:${toString config.services.navidrome.settings.Port}";
vaultwarden = mkPublicEntry "vw" "${bridge}:${toString config.services.vaultwarden.config.ROCKET_PORT}";
abs = mkPublicEntry "abs" "${bridge}:${toString config.services.audiobookshelf.port}";
miniflux = mkPublicEntry "rss" "${bridge}:18632";
navidrome2 = mkPrivateEntry "navidrome" "${bridge}:${toString config.services.navidrome.settings.Port}";
slskd = mkPrivateEntry "slskd" "localhost:${toString config.services.slskd.settings.web.port}";

1
hosts/hopper/profiles/lab/default.nix
View file

@ -9,6 +9,7 @@
./glances.nix
./homepage.nix
./minecraft.nix
./miniflux.nix
./navidrome
./prometheus.nix
./restic.nix

6
hosts/hopper/profiles/lab/homepage.nix
View file

@ -79,6 +79,12 @@ in {
icon = "vaultwarden";
};
}
{
"miniflux" = {
href = "https://rss.${domain}";
icon = "miniflux";
};
}
];
}
];

14
hosts/hopper/profiles/lab/miniflux.nix Normal file
View file

@ -0,0 +1,14 @@
{
vars,
config,
...
}: {
services.miniflux = {
enable = true;
adminCredentialsFile = config.sops.secrets.miniflux.path;
config = {
BASE_URL = "https://miniflux.${vars.domain}";
LISTEN_ADDR = "${config.vpnNamespaces."wg".bridgeAddress}:18632";
};
};
}

1
hosts/hopper/profiles/lab/vpn-namespace.nix
View file

@ -11,6 +11,7 @@
config.services.audiobookshelf.port
config.services.navidrome.settings.Port
config.services.glances.port
18632
];
in {
extraCommands = builtins.concatStringsSep "\n" (map

1
hosts/hopper/profiles/persistent.nix
View file

@ -8,6 +8,7 @@
"/var/log"
"/var/lib/nixos"
"/var/lib/bluetooth"
"/var/lib/postgresql"
];
files = [
"/etc/machine-id"

1
hosts/nixdesk/default.nix
View file

@ -65,6 +65,7 @@
programs.home-manager
# programs.qt
programs.adb
programs.gpg
programs.openrgb
programs.tools
programs.thunar

81
hosts/nixdesk/home.nix
View file

@ -6,63 +6,64 @@
homeProfiles,
...
}: {
imports = map (x: homeProfiles + x) [
/cli/zsh.nix
/cli/fish.nix
imports = with homeProfiles; [
cli.zsh
cli.fish
/cli/xdg.nix
/cli/direnv.nix
/cli/tmux.nix
/cli/comma.nix
/cli/irssi.nix
/cli/git.nix
/cli/github.nix
/cli/jujutsu.nix
cli.xdg
cli.direnv
cli.tmux
cli.comma
cli.irssi
cli.gpg
cli.git
cli.github
cli.jujutsu
/programs/nvim.nix
programs.nvim
/programs/firefox/default.nix
/programs/tor.nix
/programs/chromium.nix
programs.firefox.default
programs.tor
programs.chromium
/programs/foot.nix
programs.foot
/themes/dark/default.nix
themes.dark.default
# desktop
/desktop/xdg-portals.nix
/desktop/sway/default.nix
desktop.xdg-portals
desktop.sway.default
# development
/develop/common.nix
/develop/docs.nix
develop.common
develop.docs
/develop/langs/haskell.nix
/develop/langs/go.nix
/develop/langs/js.nix
/develop/langs/rust.nix
/develop/langs/elixir.nix
/develop/langs/nix.nix
/develop/langs/zig.nix
/develop/langs/lua.nix
/develop/langs/c.nix
/develop/langs/csharp.nix
develop.langs.haskell
develop.langs.go
develop.langs.js
develop.langs.rust
develop.langs.elixir
develop.langs.nix
develop.langs.zig
develop.langs.lua
develop.langs.c
develop.langs.csharp
# programs
/programs/discord.nix
/programs/obs.nix
programs.discord
programs.obs
/programs/beets.nix
/programs/cmus.nix
programs.beets
programs.cmus
/programs/mpv.nix
programs.mpv
# gaming
/programs/mangohud.nix
/programs/jc141.nix
programs.mangohud
programs.jc141
/services/playerctl.nix
/services/polkit-agent.nix
services.playerctl
services.polkit-agent
];
wayland.windowManager.sway.extraConfig = ''

5
sys/profiles/programs/gpg.nix Normal file
View file

@ -0,0 +1,5 @@
{
programs.gnupg.agent = {
enable = true;
};
}