joy/nix
1
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity

options

Browse source
This commit is contained in:
joy 2024-11-24 20:15:38 +01:00
parent ea854d5559
commit 7575254865
27 changed files with 300 additions and 190 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
hosts/desktop/default.nix
View file

@ -2,9 +2,15 @@
networking.hostName = "desktop"; networking.hostName = "desktop";
openrgb.enable = true; openrgb.enable = true;
games.enable = true; emulator.enable = true;
lact.enable = true; steam.enable = true;
norisk.enable = true;
amd-gpu.enable = true;
gnome.enable = true; gnome.enable = true;
bluetooth.enable = true;
systemd-boot.enable = true;
qemu.enable = true;
sync-client.enable = true;
imports = [ imports = [
./hardware.nix ./hardware.nix

7
hosts/laptop/default.nix
View file

@ -1,8 +1,13 @@
{username, ...}: { {username, ...}: {
networking.hostName = "laptop"; networking.hostName = "laptop";
virtualisation.virtualbox.host.enable = true;
led.enable = true; led.enable = true;
gnome.enable = true; gnome.enable = true;
virtual-box.enalbe = true;
bluetooth.enable = true;
systemd-boot.enable = true;
qemu.enable = true;
sync-client.enable = true;
home-manager.users.${username} = { home-manager.users.${username} = {
hypridle.enable = true; hypridle.enable = true;
}; };

10
hosts/server/default.nix
View file

@ -1,8 +1,14 @@
{ {
networking.hostName = "server"; networking.hostName = "server";
services.logind.lidSwitch = "ignore"; services.logind.lidSwitch = "ignore";
boot.loader.grub.enable = true; boot.loader.grub.enable = true;
boot.loader.grub.device = "/dev/sda"; boot.loader.grub.device = "/dev/sda";
sync-server.enable = true;
nginx.enable = true;
forgejo.enable = true;
immich.enable = true;
docker.enable = true;
imports = [ imports = [
./hardware.nix ./hardware.nix
@ -10,9 +16,5 @@
../../modules/system ../../modules/system
../../modules/secrets ../../modules/secrets
../../modules/services ../../modules/services
../../modules/services/nginx
../../modules/services/forgejo
../../modules/services/syncthing
../../modules/services/immich
]; ];
} }

5
modules/games/emulator/default.nix
View file

@ -19,7 +19,10 @@
}; };
}; };
in { in {
config = lib.mkIf config.games.enable { options = {
emulator.enable = lib.mkEnableOption "";
};
config = lib.mkIf config.emulator.enable {
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
cemu cemu
customPkgs.suyu customPkgs.suyu

5
modules/games/norisk/default.nix
View file

@ -21,7 +21,10 @@
iconurl = "https://raw.githubusercontent.com/NoRiskClient/noriskclient-launcher/refs/heads/main/src/images/norisk_logo.png"; iconurl = "https://raw.githubusercontent.com/NoRiskClient/noriskclient-launcher/refs/heads/main/src/images/norisk_logo.png";
iconsha256 = "sha256-VwWwShUrT055mcabS8QTqqb8INgRB/08U2qEEIVYHlg="; iconsha256 = "sha256-VwWwShUrT055mcabS8QTqqb8INgRB/08U2qEEIVYHlg=";
in { in {
config = lib.mkIf config.games.enable { options = {
norisk.enable = lib.mkEnableOption "";
};
config = lib.mkIf config.norisk.enable {
environment.systemPackages = [ environment.systemPackages = [
customPkgs.no-risk-client customPkgs.no-risk-client
]; ];

4
modules/games/steam/default.nix
View file

@ -5,9 +5,9 @@
... ...
}: { }: {
options = { options = {
games.enable = lib.mkEnableOption ""; steam.enable = lib.mkEnableOption "";
}; };
config = lib.mkIf config.games.enable { config = lib.mkIf config.steam.enable {
programs.steam.enable = true; programs.steam.enable = true;
nixpkgs.config.allowUnfreePredicate = pkg: nixpkgs.config.allowUnfreePredicate = pkg:
builtins.elem (lib.getName pkg) [ builtins.elem (lib.getName pkg) [

4
modules/hardware/lact/default.nix → modules/hardware/amd-gpu/default.nix
View file

@ -5,10 +5,10 @@
... ...
}: { }: {
options = { options = {
lact.enable = lib.mkEnableOption ""; amd-gpu.enable = lib.mkEnableOption "";
}; };
config = lib.mkIf config.lact.enable { config = lib.mkIf config.amd-gpu.enable {
environment.systemPackages = with pkgs; [lact]; environment.systemPackages = with pkgs; [lact];
systemd.packages = with pkgs; [lact]; systemd.packages = with pkgs; [lact];
systemd.services.lactd.wantedBy = ["multi-user.target"]; systemd.services.lactd.wantedBy = ["multi-user.target"];

13
modules/hardware/bluetooth/default.nix
View file

@ -1,4 +1,13 @@
{ {
services.blueman.enable = true; lib,
hardware.bluetooth.enable = true; config,
...
}: {
options = {
bluetooth.enable = lib.mkEnableOption "";
};
config = lib.mkIf config.bluetooth.enable {
services.blueman.enable = true;
hardware.bluetooth.enable = true;
};
} }

3
modules/hardware/boot/default.nix
View file

@ -1,3 +0,0 @@
{
boot.loader.systemd-boot.enable = true;
}

6
modules/hardware/default.nix
View file

@ -3,9 +3,9 @@
./powerkey ./powerkey
./bluetooth ./bluetooth
./openrgb ./openrgb
./sound ./pipewire
./lact ./amd-gpu
./boot ./systemd-boot
./led ./led
]; ];
} }

0
modules/hardware/sound/default.nix → modules/hardware/pipewire/default.nix
View file

12
modules/hardware/systemd-boot/default.nix Normal file
View file

@ -0,0 +1,12 @@
{
lib,
config,
...
}: {
options = {
systemd-boot.enable = lib.mkEnableOption "";
};
config = lib.mkIf config.systemd-boot.enable {
boot.loader.systemd-boot.enable = true;
};
}

6
modules/services/default.nix
View file

@ -1,8 +1,12 @@
{ {
imports = [ imports = [
./vm ./virt
./syncthing
./docker ./docker
./ssh ./ssh
./misc ./misc
./nginx
./forgejo
./immich
]; ];
} }

19
modules/services/docker/default.nix
View file

@ -1,5 +1,16 @@
{username, ...}: { {
virtualisation.docker.rootless.enable = true; lib,
virtualisation.docker.enable = true; config,
users.users.${username}.extraGroups = ["docker"]; username,
...
}: {
options = {
docker.enable = lib.mkEnableOption "";
};
config = lib.mkIf config.docker.enable {
virtualisation.docker.rootless.enable = true;
virtualisation.docker.enable = true;
users.users.${username}.extraGroups = ["docker"];
};
} }

46
modules/services/forgejo/default.nix
View file

@ -1,32 +1,38 @@
{ {
config,
domain, domain,
lib,
config,
... ...
}: let }: let
cfg = config.services.forgejo; cfg = config.services.forgejo;
srv = cfg.settings.server; srv = cfg.settings.server;
in { in {
services.nginx = { options = {
virtualHosts.${cfg.settings.server.DOMAIN} = { forgejo.enable = lib.mkEnableOption "";
forceSSL = true;
enableACME = true;
extraConfig = ''
client_max_body_size 512M;
'';
locations."/".proxyPass = "http://localhost:${toString srv.HTTP_PORT}";
};
}; };
config = lib.mkIf config.forgejo.enable {
services.forgejo = { services.nginx = {
enable = true; virtualHosts.${cfg.settings.server.DOMAIN} = {
lfs.enable = true; forceSSL = true;
settings = { enableACME = true;
server = { extraConfig = ''
DOMAIN = "git.${domain}"; client_max_body_size 512M;
ROOT_URL = "https://${srv.DOMAIN}/"; '';
HTTP_PORT = 2000; locations."/".proxyPass = "http://localhost:${toString srv.HTTP_PORT}";
};
};
services.forgejo = {
enable = true;
lfs.enable = true;
settings = {
server = {
DOMAIN = "git.${domain}";
ROOT_URL = "https://${srv.DOMAIN}/";
HTTP_PORT = 2000;
};
service.DISABLE_REGISTRATION = true;
}; };
service.DISABLE_REGISTRATION = true;
}; };
}; };
} }

38
modules/services/immich/default.nix
View file

@ -1,17 +1,27 @@
{domain, ...}: { {
services.nginx = { domain,
virtualHosts."immich.${domain}" = { lib,
forceSSL = true; config,
enableACME = true; ...
extraConfig = '' }: {
client_max_body_size 512M; options = {
''; immich.enable = lib.mkEnableOption "";
locations."/".proxyPass = "http://localhost:2283"; };
config = lib.mkIf config.immich.enable {
services.nginx = {
virtualHosts."immich.${domain}" = {
forceSSL = true;
enableACME = true;
extraConfig = ''
client_max_body_size 512M;
'';
locations."/".proxyPass = "http://localhost:2283";
};
}; };
services.immich = {
enable = true;
environment.IMMICH_MACHINE_LEARNING_URL = "http://localhost:3003";
};
users.users.immich.extraGroups = ["video" "render"];
}; };
services.immich = {
enable = true;
environment.IMMICH_MACHINE_LEARNING_URL = "http://localhost:3003";
};
users.users.immich.extraGroups = ["video" "render"];
} }

13
modules/services/invidious/default.nix
View file

@ -1,13 +0,0 @@
{domain, ...}: {
services.invidious = {
enable = true;
settings = {
db = {
user = "invidious";
dbname = "invidious";
};
};
};
services.invidious.domain = "yt.${domain}";
services.invidious.nginx.enable = true;
}

93
modules/services/nginx/default.nix
View file

@ -1,50 +1,57 @@
{ {
domain, domain,
mail, mail,
lib,
config,
... ...
}: { }: {
services.nginx = { options = {
virtualHosts."xn--xck.xyz" = { nginx.enable = lib.mkEnableOption "";
forceSSL = true; };
enableACME = true; config = lib.mkIf config.nginx.enable {
root = "/var/www/www.${domain}"; services.nginx = {
}; virtualHosts."xn--xck.xyz" = {
virtualHosts."${domain}" = { forceSSL = true;
forceSSL = true; enableACME = true;
enableACME = true; root = "/var/www/www.${domain}";
root = "/var/www/www.${domain}"; };
}; virtualHosts."${domain}" = {
virtualHosts."www.${domain}" = { forceSSL = true;
forceSSL = true; enableACME = true;
enableACME = true; root = "/var/www/www.${domain}";
root = "/var/www/www.${domain}"; };
}; virtualHosts."www.${domain}" = {
virtualHosts."wallpapers.${domain}" = { forceSSL = true;
forceSSL = true; enableACME = true;
enableACME = true; root = "/var/www/www.${domain}";
root = "/var/www/wallpapers.${domain}"; };
}; virtualHosts."wallpapers.${domain}" = {
virtualHosts."4get.${domain}" = { forceSSL = true;
forceSSL = true; enableACME = true;
enableACME = true; root = "/var/www/wallpapers.${domain}";
locations."/".proxyPass = "http://localhost:8080"; };
}; virtualHosts."4get.${domain}" = {
virtualHosts."pin.${domain}" = { forceSSL = true;
forceSSL = true; enableACME = true;
enableACME = true; locations."/".proxyPass = "http://localhost:8080";
locations."/".proxyPass = "http://localhost:6060"; };
}; virtualHosts."pin.${domain}" = {
virtualHosts."trans.${domain}" = { forceSSL = true;
forceSSL = true; enableACME = true;
enableACME = true; locations."/".proxyPass = "http://localhost:6060";
locations."/".proxyPass = "http://localhost:5000"; };
}; virtualHosts."trans.${domain}" = {
virtualHosts."yt.${domain}" = { forceSSL = true;
forceSSL = true; enableACME = true;
enableACME = true; locations."/".proxyPass = "http://localhost:5000";
locations."/".proxyPass = "http://localhost:3000"; };
}; virtualHosts."yt.${domain}" = {
forceSSL = true;
enableACME = true;
locations."/".proxyPass = "http://localhost:3000";
};
};
security.acme.defaults.email = "${mail}";
security.acme.acceptTerms = true;
}; };
security.acme.defaults.email = "${mail}";
security.acme.acceptTerms = true;
} }

20
modules/services/syncthing/client/default.nix Normal file
View file

@ -0,0 +1,20 @@
{
username,
lib,
config,
...
}: {
options = {
sync-client.enable = lib.mkEnableOption "";
};
config = lib.mkIf config.sync-client.enable {
services.syncthing = {
enable = true;
dataDir = "/home/${username}";
openDefaultPorts = true;
configDir = "/home/${username}/.config/syncthing";
user = username;
group = "users";
};
};
}

33
modules/services/syncthing/default.nix
View file

@ -1,31 +1,6 @@
{ {
username, imports = [
domain, ./server
... ./client
}: { ];
services.syncthing = {
enable = true;
dataDir = "/home/${username}";
openDefaultPorts = true;
configDir = "/home/${username}/.config/syncthing";
user = username;
group = "users";
guiAddress = "0.0.0.0:8384";
};
services.nginx = {
enable = true;
recommendedProxySettings = true;
recommendedTlsSettings = true;
virtualHosts."sync.${domain}" = {
enableACME = true;
forceSSL = true;
locations."/" = {
proxyPass = "http://127.0.0.1:8384";
proxyWebsockets = true;
extraConfig =
"proxy_ssl_server_name on;"
+ "proxy_pass_header Authorization;";
};
};
};
} }

38
modules/services/syncthing/server/default.nix Normal file
View file

@ -0,0 +1,38 @@
{
username,
domain,
lib,
config,
...
}: {
options = {
sync-server.enable = lib.mkEnableOption "";
};
config = lib.mkIf config.sync-server.enable {
services.syncthing = {
enable = true;
dataDir = "/home/${username}";
openDefaultPorts = true;
configDir = "/home/${username}/.config/syncthing";
user = username;
group = "users";
guiAddress = "0.0.0.0:8384";
};
services.nginx = {
enable = true;
recommendedProxySettings = true;
recommendedTlsSettings = true;
virtualHosts."sync.${domain}" = {
enableACME = true;
forceSSL = true;
locations."/" = {
proxyPass = "http://127.0.0.1:8384";
proxyWebsockets = true;
extraConfig =
"proxy_ssl_server_name on;"
+ "proxy_pass_header Authorization;";
};
};
};
};
}

6
modules/services/virt/default.nix Normal file
View file

@ -0,0 +1,6 @@
{
imports = [
./qemu
./virtual-box
];
}

41
modules/services/virt/qemu/default.nix Normal file
View file

@ -0,0 +1,41 @@
{
pkgs,
username,
lib,
config,
...
}: {
options = {
qemu.enable = lib.mkEnableOption "";
};
config = lib.mkIf config.qemu.enable {
programs.dconf.enable = true;
users.users.${username}.extraGroups = ["libvirtd"];
environment.systemPackages = with pkgs; [
virt-manager
virt-viewer
spice
spice-gtk
spice-protocol
win-virtio
win-spice
virtiofsd
freerdp
];
virtualisation = {
libvirtd = {
enable = true;
qemu = {
swtpm.enable = true;
ovmf.enable = true;
ovmf.packages = [pkgs.OVMFFull.fd];
};
};
spiceUSBRedirection.enable = true;
};
services.spice-vdagentd.enable = true;
};
}

13
modules/services/virt/virtual-box/default.nix Normal file
View file

@ -0,0 +1,13 @@
{
lib,
config,
...
}: {
options = {
virtual-box.enable = lib.mkEnableOption "";
};
config = lib.mkIf config.virtual-box.enable {
virtualisation.virtualbox.host.enable = true;
};
}

34
modules/services/vm/default.nix
View file

@ -1,34 +0,0 @@
{
pkgs,
username,
...
}: {
programs.dconf.enable = true;
users.users.${username}.extraGroups = ["libvirtd"];
environment.systemPackages = with pkgs; [
virt-manager
virt-viewer
spice
spice-gtk
spice-protocol
win-virtio
win-spice
virtiofsd
freerdp
];
virtualisation = {
libvirtd = {
enable = true;
qemu = {
swtpm.enable = true;
ovmf.enable = true;
ovmf.packages = [pkgs.OVMFFull.fd];
};
};
spiceUSBRedirection.enable = true;
};
services.spice-vdagentd.enable = true;
}

1
modules/wm/default.nix
View file

@ -9,7 +9,6 @@
./gnome ./gnome
./hyprland ./hyprland
./polkit ./polkit
./syncthing
]; ];
home-manager = { home-manager = {
extraSpecialArgs = { extraSpecialArgs = {

10
modules/wm/syncthing/default.nix
View file

@ -1,10 +0,0 @@
{username, ...}: {
services.syncthing = {
enable = true;
dataDir = "/home/${username}";
openDefaultPorts = true;
configDir = "/home/${username}/.config/syncthing";
user = username;
group = "users";
};
}