ivandimitrov8080/configuration.nix
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

alejandra format

Browse Source
This commit is contained in:
Ivan Kirilov Dimitrov 2024-08-07 17:41:33 +02:00
parent 1a4be3cb75
commit 06dea9ce71
No known key found for this signature in database
GPG Key ID: 0BDAD4B211C49294
10 changed files with 715 additions and 418 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
flake.nix
View File

@ -20,7 +20,10 @@
};
sal = {
url = "github:ivandimitrov8080/sal";
inputs = { nixpkgs.follows = "nixpkgs"; ide.follows = "ide"; };
inputs = {
nixpkgs.follows = "nixpkgs";
ide.follows = "ide";
};
};
musnix = {
url = "github:musnix/musnix";

16
hardware-configurations/default.nix
View File

@ -1,6 +1,10 @@
top @ {...}: {
flake.hardwareConfigurations = {
nova = { lib, modulesPath, ... }: {
nova = {
lib,
modulesPath,
...
}: {
imports = [(modulesPath + "/installer/scan/not-detected.nix")];
boot = {
initrd = {
@ -12,8 +16,14 @@ top@{ ... }: {
extraModulePackages = [];
};
fileSystems = {
"/" = { device = "/dev/disk/by-uuid/47536cbe-7265-493b-a2e3-bbd376a6f9af"; fsType = "btrfs"; };
"/boot" = { device = "/dev/disk/by-uuid/4C3C-993A"; fsType = "vfat"; };
"/" = {
device = "/dev/disk/by-uuid/47536cbe-7265-493b-a2e3-bbd376a6f9af";
fsType = "btrfs";
};
"/boot" = {
device = "/dev/disk/by-uuid/4C3C-993A";
fsType = "vfat";
};
};
swapDevices = [];
networking.useDHCP = lib.mkForce true;

339
home/modules/default.nix
View File

@ -1,8 +1,7 @@
toplevel @ {moduleWithSystem, ...}: {
flake.homeManagerModules = {
base = moduleWithSystem (
top@{ ... }:
perSystem@{ config, ... }: {
top @ {...}: perSystem @ {config, ...}: {
programs.home-manager.enable = true;
home.stateVersion = toplevel.config.flake.stateVersion;
xdg = {
@ -24,8 +23,7 @@ toplevel@{ moduleWithSystem, ... }: {
}
);
ivand = moduleWithSystem (
top@{ ... }:
perSystem@{ pkgs, ... }: {
top @ {...}: perSystem @ {pkgs, ...}: {
home = {
username = "ivand";
homeDirectory = "/home/ivand";
@ -36,73 +34,148 @@ toplevel@{ moduleWithSystem, ... }: {
git = with pkgs.lib; {
userName = mkForce "Ivan Kirilov Dimitrov";
userEmail = mkForce "ivan@idimitrov.dev";
signing = mkForce { signByDefault = true; key = "ivan@idimitrov.dev"; };
signing = mkForce {
signByDefault = true;
key = "ivan@idimitrov.dev";
};
};
ssh = {
matchBlocks = {
vpsfree-ivand = { hostname = "10.0.0.1"; user = "ivand"; };
vpsfree-root = { hostname = "10.0.0.1"; user = "root"; };
vpsfree-ivand = {
hostname = "10.0.0.1";
user = "ivand";
};
vpsfree-root = {
hostname = "10.0.0.1";
user = "root";
};
};
};
};
}
);
util = moduleWithSystem (
top@{ ... }:
perSystem@{ pkgs, config, ... }: {
top @ {...}: perSystem @ {
pkgs,
config,
...
}: {
home = {
packages = with pkgs; [openssl mlocate uutils-coreutils-noprefix speedtest-cli];
sessionVariables = { PAGER = "bat"; BAT_THEME = "catppuccin-mocha"; };
sessionVariables = {
PAGER = "bat";
BAT_THEME = "catppuccin-mocha";
};
};
programs = {
password-store = { enable = true; package = pkgs.pass.withExtensions (e: with e; [ pass-otp pass-file ]); settings = { PASSWORD_STORE_DIR = "${config.home.homeDirectory}/.password-store"; }; };
password-store = {
enable = true;
package = pkgs.pass.withExtensions (e: with e; [pass-otp pass-file]);
settings = {PASSWORD_STORE_DIR = "${config.home.homeDirectory}/.password-store";};
};
git = {
enable = true;
delta.enable = true;
extraConfig = { color.ui = "auto"; pull.rebase = true; push.autoSetupRemote = true; };
aliases = { a = "add ."; c = "commit"; d = "diff --cached"; p = "push"; pa = "!git remote | xargs -L1 git push --all"; };
extraConfig = {
color.ui = "auto";
pull.rebase = true;
push.autoSetupRemote = true;
};
aliases = {
a = "add .";
c = "commit";
d = "diff --cached";
p = "push";
pa = "!git remote | xargs -L1 git push --all";
};
};
tealdeer = {
enable = true;
settings = { display = { compact = true; }; updates = { auto_update = true; }; };
settings = {
display = {compact = true;};
updates = {auto_update = true;};
};
};
bottom = {
enable = true;
settings = {
flags = {rate = "250ms";};
row = [
{ ratio = 40; child = [{ type = "cpu"; } { type = "mem"; } { type = "net"; }]; }
{ ratio = 35; child = [{ type = "temp"; } { type = "disk"; }]; }
{ ratio = 40; child = [{ type = "proc"; default = true; }]; }
{
ratio = 40;
child = [{type = "cpu";} {type = "mem";} {type = "net";}];
}
{
ratio = 35;
child = [{type = "temp";} {type = "disk";}];
}
{
ratio = 40;
child = [
{
type = "proc";
default = true;
}
];
}
];
};
};
fzf = { enable = true; enableBashIntegration = true; enableZshIntegration = true; };
nix-index = { enable = true; enableZshIntegration = false; enableBashIntegration = false; };
fzf = {
enable = true;
enableBashIntegration = true;
enableZshIntegration = true;
};
nix-index = {
enable = true;
enableZshIntegration = false;
enableBashIntegration = false;
};
bat = {
enable = true;
themes =
let
catppuccin = pkgs.fetchFromGitHub { owner = "catppuccin"; repo = "bat"; rev = "82e7ca555f805b53d2b377390e4ab38c20282e83"; sha256 = "sha256-/Ob9iCVyjJDBCXlss9KwFQTuxybmSSzYRBZxOT10PZg="; };
in
{
catppuccin-mocha = { src = catppuccin; file = "themes/Catppuccin Mocha.tmTheme"; };
catppuccin-macchiato = { src = catppuccin; file = "themes/Catppuccin Macchiato.tmTheme"; };
catppuccin-frappe = { src = catppuccin; file = "themes/Catppuccin Frappe.tmTheme"; };
catppuccin-latte = { src = catppuccin; file = "themes/Catppuccin Latte.tmTheme"; };
themes = let
catppuccin = pkgs.fetchFromGitHub {
owner = "catppuccin";
repo = "bat";
rev = "82e7ca555f805b53d2b377390e4ab38c20282e83";
sha256 = "sha256-/Ob9iCVyjJDBCXlss9KwFQTuxybmSSzYRBZxOT10PZg=";
};
in {
catppuccin-mocha = {
src = catppuccin;
file = "themes/Catppuccin Mocha.tmTheme";
};
catppuccin-macchiato = {
src = catppuccin;
file = "themes/Catppuccin Macchiato.tmTheme";
};
catppuccin-frappe = {
src = catppuccin;
file = "themes/Catppuccin Frappe.tmTheme";
};
catppuccin-latte = {
src = catppuccin;
file = "themes/Catppuccin Latte.tmTheme";
};
};
};
ssh.enable = true;
gpg.enable = true;
};
services = { gpg-agent = { enable = true; enableBashIntegration = true; enableZshIntegration = true; enableNushellIntegration = true; pinentryPackage = pkgs.pinentry-qt; }; };
services = {
gpg-agent = {
enable = true;
enableBashIntegration = true;
enableZshIntegration = true;
enableNushellIntegration = true;
pinentryPackage = pkgs.pinentry-qt;
};
};
}
);
shell = moduleWithSystem (
top@{ ... }:
perSystem@{ pkgs, ... }: {
programs =
let
top @ {...}: perSystem @ {pkgs, ...}: {
programs = let
shellAliases = {
cal = "cal $(date +%Y)";
GG = "git add . && git commit -m 'GG' && git push --set-upstream origin HEAD";
@ -118,8 +191,7 @@ toplevel@{ moduleWithSystem, ... }: {
neofetch = "${pkgs.fastfetch}/bin/fastfetch -c all.jsonc";
};
sessionVariables = {};
in
{
in {
bash = {
inherit shellAliases sessionVariables;
enable = true;
@ -141,9 +213,16 @@ toplevel@{ moduleWithSystem, ... }: {
nushell = {
enable = true;
environmentVariables = {config = ''{ show_banner: false, completions: { quick: false partial: false algorithm: "prefix" } } '';};
shellAliases = { gcal = '' bash -c "cal $(date +%Y)" ''; la = "ls -al"; dev = "nix develop --command $env.SHELL"; };
shellAliases = {
gcal = ''bash -c "cal $(date +%Y)" '';
la = "ls -al";
dev = "nix develop --command $env.SHELL";
};
};
kitty.shellIntegration = {
enableBashIntegration = true;
enableZshIntegration = true;
};
kitty.shellIntegration = { enableBashIntegration = true; enableZshIntegration = true; };
tmux = {
enable = true;
clock24 = true;
@ -157,7 +236,12 @@ toplevel@{ moduleWithSystem, ... }: {
set-option -a terminal-features 'screen-256color:RGB'
'';
};
starship = { enable = true; enableNushellIntegration = true; enableZshIntegration = true; enableBashIntegration = true; };
starship = {
enable = true;
enableNushellIntegration = true;
enableZshIntegration = true;
enableBashIntegration = true;
};
eza = {
enable = true;
enableZshIntegration = true;
@ -176,11 +260,19 @@ toplevel@{ moduleWithSystem, ... }: {
}
);
swayland = moduleWithSystem (
top@{ ... }:
perSystem@{ pkgs, config, ... }: {
top @ {...}: perSystem @ {
pkgs,
config,
...
}: {
home = {
packages = with pkgs; [audacity gimp grim libnotify libreoffice-qt mupdf slurp transmission_4 wl-clipboard xdg-user-dirs xdg-utils xwayland telegram-desktop];
pointerCursor = with pkgs; { name = "catppuccin-mocha-green-cursors"; package = catppuccin-cursors.mochaGreen; size = 24; gtk.enable = true; };
pointerCursor = with pkgs; {
name = "catppuccin-mocha-green-cursors";
package = catppuccin-cursors.mochaGreen;
size = 24;
gtk.enable = true;
};
};
wayland.windowManager.sway = {
enable = true;
@ -213,7 +305,13 @@ toplevel@{ moduleWithSystem, ... }: {
"${modifier}+Shift+c" = "kill";
"${modifier}+Shift+q" = "exit";
};
input = { "*" = { xkb_layout = "us,bg"; xkb_options = "grp:win_space_toggle"; xkb_variant = ",phonetic"; }; };
input = {
"*" = {
xkb_layout = "us,bg";
xkb_options = "grp:win_space_toggle";
xkb_variant = ",phonetic";
};
};
};
swaynag = {enable = config.wayland.windowManager.sway.enable;};
};
@ -221,10 +319,8 @@ toplevel@{ moduleWithSystem, ... }: {
waybar = {
enable = true;
settings = {
mainBar =
let
in
{
mainBar = let
in {
layer = "top";
position = "top";
height = 30;
@ -234,28 +330,47 @@ toplevel@{ moduleWithSystem, ... }: {
modules-center = ["clock#week" "clock#year" "clock#time"];
modules-right = ["network" "pulseaudio" "memory" "cpu" "battery"];
"clock#time" = { format = "{:%H:%M:%S}"; interval = 1; tooltip = false; };
"clock#week" = { format = "{:%a}"; tooltip = false; };
"clock#year" = { format = "{:%Y-%m-%d}"; tooltip = false; };
"clock#time" = {
format = "{:%H:%M:%S}";
interval = 1;
tooltip = false;
};
"clock#week" = {
format = "{:%a}";
tooltip = false;
};
"clock#year" = {
format = "{:%Y-%m-%d}";
tooltip = false;
};
battery = {
format = "{icon} <span color='#cdd6f4'>{capacity}% {time}</span>";
format-time = " {H} h {M} m";
format-icons = ["" "" "" "" ""];
states = { warning = 30; critical = 15; };
states = {
warning = 30;
critical = 15;
};
tooltip = false;
};
cpu = {format = "<span color='#74c7ec'></span> {usage}%";};
memory = { format = "<span color='#89b4fa'></span> {percentage}%"; interval = 5; };
memory = {
format = "<span color='#89b4fa'></span> {percentage}%";
interval = 5;
};
pulseaudio = {
format = "<span color='#a6e3a1'>{icon}</span> {volume}% | {format_source}";
format-muted = "<span color='#f38ba8'>󰝟</span> {volume}% | {format_source}";
format-source = "{volume}% <span color='#a6e3a1'></span>";
format-source-muted = "{volume}% <span color='#f38ba8'></span>";
format-icons = { headphone = ""; default = [ "" "" "" ]; };
format-icons = {
headphone = "";
default = ["" "" ""];
};
tooltip = false;
};
@ -268,10 +383,16 @@ toplevel@{ moduleWithSystem, ... }: {
tooltip = false;
};
"sway/workspaces" = { disable-scroll = true; all-outputs = true; };
"sway/workspaces" = {
disable-scroll = true;
all-outputs = true;
};
};
systemd = { enable = true; target = "sway-session.target"; };
};
systemd = {
enable = true;
target = "sway-session.target";
};
style = ''
@define-color rosewater #f5e0dc;
@define-color flamingo #f2cdcd;
@ -401,12 +522,14 @@ toplevel@{ moduleWithSystem, ... }: {
animation-iteration-count: infinite;
animation-direction: alternate;
}
''
;
'';
};
swaylock = {
enable = true;
settings = { show-failed-attempts = true; image = config.home.homeDirectory + "/pic/bg.png"; };
settings = {
show-failed-attempts = true;
image = config.home.homeDirectory + "/pic/bg.png";
};
};
rofi = {
enable = true;
@ -426,22 +549,52 @@ toplevel@{ moduleWithSystem, ... }: {
};
kitty = {
enable = true;
font = { package = pkgs.fira-code; name = "FiraCodeNFM-Reg"; };
settings = { background_opacity = "0.90"; cursor_shape = "beam"; };
font = {
package = pkgs.fira-code;
name = "FiraCodeNFM-Reg";
};
settings = {
background_opacity = "0.90";
cursor_shape = "beam";
};
};
imv = {
enable = true;
settings = {options.fullscreen = true;};
};
mpv = {
enable = true;
scripts = with pkgs.mpvScripts; [uosc thumbfast];
};
imv = { enable = true; settings = { options.fullscreen = true; }; };
mpv = { enable = true; scripts = with pkgs.mpvScripts; [ uosc thumbfast ]; };
bash.profileExtra = ''[ "$(tty)" = "/dev/tty1" ] && exec sway '';
zsh.loginExtra = ''[ "$(tty)" = "/dev/tty1" ] && exec sway '';
nushell.loginFile.text = ''if (tty) == "/dev/tty1" { sway } '';
};
services = { mako.enable = true; cliphist = { enable = true; systemdTarget = "sway-session.target"; }; };
services = {
mako.enable = true;
cliphist = {
enable = true;
systemdTarget = "sway-session.target";
};
};
systemd.user = {
timers = { rbingwp = { Timer = { OnCalendar = "*-*-* 10:00:00"; Persistent = true; }; Install = { WantedBy = [ "timers.target" ]; }; }; };
timers = {
rbingwp = {
Timer = {
OnCalendar = "*-*-* 10:00:00";
Persistent = true;
};
Install = {WantedBy = ["timers.target"];};
};
};
services = {
wpd = {
Install = {WantedBy = ["sway-session.target"];};
Unit = { Description = "Switch background every x minutes"; After = "graphical-session-pre.target"; PartOf = "graphical-session.target"; };
Unit = {
Description = "Switch background every x minutes";
After = "graphical-session-pre.target";
PartOf = "graphical-session.target";
};
Service = {
ExecStart = ["${pkgs.wpd}/bin/wpd"];
};
@ -464,18 +617,27 @@ toplevel@{ moduleWithSystem, ... }: {
}
);
web = moduleWithSystem (
top@{ ... }:
perSystem@{ ... }: {
top @ {...}: perSystem @ {...}: {
programs = {
browserpass.enable = true;
firefox = {
enable = true;
profiles.ivand = {
id = 0;
search = { default = "DuckDuckGo"; privateDefault = "DuckDuckGo"; force = true; };
search = {
default = "DuckDuckGo";
privateDefault = "DuckDuckGo";
force = true;
};
bookmarks = [
{ name = "home-options"; url = "https://nix-community.github.io/home-manager/options.xhtml"; }
{ name = "nixvim-docs"; url = "https://nix-community.github.io/nixvim/"; }
{
name = "home-options";
url = "https://nix-community.github.io/home-manager/options.xhtml";
}
{
name = "nixvim-docs";
url = "https://nix-community.github.io/nixvim/";
}
];
settings = {
"general.smoothScroll" = true;
@ -499,13 +661,44 @@ toplevel@{ moduleWithSystem, ... }: {
TranslateEnabled = false;
SearchBar = "unified";
SearchSuggestEnabled = false;
SanitizeOnShutdown = { Cache = true; FormData = true; Locked = true; Cookies = false; Downloads = false; History = false; Sessions = false; SiteSettings = false; OfflineApps = true; };
FirefoxHome = { Search = true; Pocket = false; Snippets = false; TopSites = false; Highlights = false; };
UserMessaging = { ExtensionRecommendations = false; FeatureRecommendations = false; UrlbarInterventions = false; MoreFromMozilla = false; SkipOnboarding = true; };
SanitizeOnShutdown = {
Cache = true;
FormData = true;
Locked = true;
Cookies = false;
Downloads = false;
History = false;
Sessions = false;
SiteSettings = false;
OfflineApps = true;
};
FirefoxHome = {
Search = true;
Pocket = false;
Snippets = false;
TopSites = false;
Highlights = false;
};
UserMessaging = {
ExtensionRecommendations = false;
FeatureRecommendations = false;
UrlbarInterventions = false;
MoreFromMozilla = false;
SkipOnboarding = true;
};
Handlers = {
schemes = {
mailto = { action = "useHelperApp"; ask = false; handlers = [{ name = "RoundCube"; uriTemplate = "https://mail.idimitrov.dev/?_task=mail&_action=compose&_to=%s"; }]; };
mailto = {
action = "useHelperApp";
ask = false;
handlers = [
{
name = "RoundCube";
uriTemplate = "https://mail.idimitrov.dev/?_task=mail&_action=compose&_to=%s";
}
];
};
};
};
};

34
nixos/configs/default.nix
View File

@ -1,28 +1,44 @@
toplevel@{ inputs, withSystem, ... }:
let
toplevel @ {
inputs,
withSystem,
...
}: let
system = "x86_64-linux";
mods = toplevel.config.flake.nixosModules;
hardwareConfigurations = toplevel.config.flake.hardwareConfigurations;
essential = with mods; [grub base shell security wireless intranet];
desktop = with mods; [sound wayland];
configWithModules = { hardware ? { nixpkgs.hostPlatform = system; }, modules }: withSystem system (ctx@{ config, inputs', pkgs, ... }: inputs.nixpkgs.lib.nixosSystem {
configWithModules = {
hardware ? {nixpkgs.hostPlatform = system;},
modules,
}:
withSystem system (ctx @ {
config,
inputs',
pkgs,
...
}:
inputs.nixpkgs.lib.nixosSystem {
specialArgs = {
inherit inputs inputs' pkgs;
packages = config.packages;
};
modules = [hardware] ++ modules;
});
novaConfig = mods: configWithModules { hardware = hardwareConfigurations.nova; modules = essential ++ desktop ++ mods; };
in
{
novaConfig = mods:
configWithModules {
hardware = hardwareConfigurations.nova;
modules = essential ++ desktop ++ mods;
};
in {
flake.nixosConfigurations = {
nova = novaConfig [mods.ivand];
nova-music = novaConfig (with mods; [ivand music]);
nova-crypto = novaConfig (with mods; [ivand cryptocurrency]);
nova-nonya = novaConfig (with mods; [ivand anon cryptocurrency]);
nova-ai = novaConfig (with mods; [ivand ai]);
install-iso = configWithModules { modules = (with mods; [ grub base shell wireless ]); };
vps = configWithModules { modules = (with mods; [ base shell security vps mailserver nginx wireguard-output anonymous-dns firewall rest ]); };
stara-miner = configWithModules { modules = (essential ++ [ mods.monero-miner ]); };
install-iso = configWithModules {modules = with mods; [grub base shell wireless];};
vps = configWithModules {modules = with mods; [base shell security vps mailserver nginx wireguard-output anonymous-dns firewall rest];};
stara-miner = configWithModules {modules = essential ++ [mods.monero-miner];};
};
}

127
nixos/modules/default.nix
View File

@ -1,13 +1,18 @@
top@{ inputs, moduleWithSystem, ... }: {
top @ {
inputs,
moduleWithSystem,
...
}: {
flake.nixosModules = {
grub = moduleWithSystem (toplevel @ {...}: perSystem @ {pkgs, ...}: {
boot = {
loader = {
grub =
let
theme = pkgs.sleek-grub-theme.override { withBanner = "Hello Ivan"; withStyle = "bigSur"; };
in
{
grub = let
theme = pkgs.sleek-grub-theme.override {
withBanner = "Hello Ivan";
withStyle = "bigSur";
};
in {
enable = pkgs.lib.mkDefault true;
useOSProber = true;
efiSupport = true;
@ -32,12 +37,25 @@ top@{ inputs, moduleWithSystem, ... }: {
enableAllTerminfo = true;
};
users.defaultUserShell = pkgs.zsh;
programs = { zsh.enable = true; nix-ld.enable = true; };
programs = {
zsh.enable = true;
nix-ld.enable = true;
};
services = {
dbus.enable = true;
logind = { killUserProcesses = true; powerKeyLongPress = "reboot"; };
logind = {
killUserProcesses = true;
powerKeyLongPress = "reboot";
};
};
networking = {
stevenBlackHosts = {
enable = true;
blockFakenews = true;
blockGambling = true;
blockSocial = true;
};
};
networking = { stevenBlackHosts = { enable = true; blockFakenews = true; blockGambling = true; blockSocial = true; }; };
});
shell = moduleWithSystem (toplevel @ {...}: perSystem @ {pkgs, ...}: {
programs = {
@ -68,7 +86,13 @@ top@{ inputs, moduleWithSystem, ... }: {
};
});
sound = moduleWithSystem (toplevel @ {...}: perSystem @ {pkgs, ...}: {
services = { pipewire = { enable = true; alsa.enable = true; pulse.enable = true; }; };
services = {
pipewire = {
enable = true;
alsa.enable = true;
pulse.enable = true;
};
};
environment.systemPackages = with pkgs; [pwvucontrol];
});
music = moduleWithSystem (toplevel @ {...}: perSystem @ {pkgs, ...}: {
@ -82,7 +106,10 @@ top@{ inputs, moduleWithSystem, ... }: {
enable = true;
rtcqs.enable = true;
soundcardPciId = "00:1f.3";
kernel = { realtime = true; packages = pkgs.linuxPackages-rt; };
kernel = {
realtime = true;
packages = pkgs.linuxPackages-rt;
};
};
});
wayland = moduleWithSystem (toplevel @ {...}: perSystem @ {...}: {
@ -91,14 +118,35 @@ top@{ inputs, moduleWithSystem, ... }: {
xdg.portal = {
enable = true;
xdgOpenUsePortal = true;
wlr = { enable = true; settings = { screencast = { output_name = "HDMI-A-1"; max_fps = 60; }; }; };
wlr = {
enable = true;
settings = {
screencast = {
output_name = "HDMI-A-1";
max_fps = 60;
};
};
};
config.common.default = "*";
};
});
security = moduleWithSystem (toplevel @ {...}: perSystem @ {...}: {
security = {
sudo = { enable = false; execWheelOnly = true; extraRules = [{ groups = [ "wheel" ]; }]; };
doas = { enable = true; extraRules = [{ groups = [ "wheel" ]; noPass = true; keepEnv = true; }]; };
sudo = {
enable = false;
execWheelOnly = true;
extraRules = [{groups = ["wheel"];}];
};
doas = {
enable = true;
extraRules = [
{
groups = ["wheel"];
noPass = true;
keepEnv = true;
}
];
};
polkit.enable = true;
rtkit.enable = true;
};
@ -170,8 +218,9 @@ top@{ inputs, moduleWithSystem, ... }: {
};
};
};
ivand = moduleWithSystem (toplevel@{ ... }: perSystem@{ pkgs, ... }:
let homeMods = top.config.flake.homeManagerModules; in {
ivand = moduleWithSystem (toplevel @ {...}: perSystem @ {pkgs, ...}: let
homeMods = top.config.flake.homeManagerModules;
in {
imports = [inputs.home-manager.nixosModules.default];
home-manager = {
backupFileExtension = "bak";
@ -210,12 +259,21 @@ top@{ inputs, moduleWithSystem, ... }: {
];
};
};
extraGroups = { mlocate = { }; realtime = { }; };
extraGroups = {
mlocate = {};
realtime = {};
};
};
programs.dconf.enable = true;
});
flatpak = {
xdg = { portal = { enable = true; wlr.enable = true; config.common.default = "*"; }; };
xdg = {
portal = {
enable = true;
wlr.enable = true;
config.common.default = "*";
};
};
services.flatpak.enable = true;
};
ai = moduleWithSystem (toplevel @ {...}: perSystem @ {...}: {
@ -254,7 +312,11 @@ top@{ inputs, moduleWithSystem, ... }: {
inputs.vpsadminos.nixosConfigurations.container
];
});
mailserver = moduleWithSystem (toplevel@{ ... }: perSystem@{ config, pkgs, ... }: {
mailserver = moduleWithSystem (toplevel @ {...}: perSystem @ {
config,
pkgs,
...
}: {
imports = [
inputs.simple-nixos-mailserver.nixosModule
];
@ -290,16 +352,14 @@ top@{ inputs, moduleWithSystem, ... }: {
$config['smtp_pass'] = "%p";
'';
};
nginx.virtualHosts =
let
nginx.virtualHosts = let
restrictToVpn = ''
allow 10.0.0.2/32;
allow 10.0.0.3/32;
allow 10.0.0.4/32;
deny all;
'';
in
{
in {
"${config.mailserver.fqdn}" = {
extraConfig = restrictToVpn;
};
@ -315,8 +375,7 @@ top@{ inputs, moduleWithSystem, ... }: {
});
nginx = moduleWithSystem (toplevel @ {...}: perSystem @ {pkgs, ...}: {
services = {
nginx =
let
nginx = let
webshiteConfig = ''
add_header 'Referrer-Policy' 'origin-when-cross-origin';
add_header X-Content-Type-Options nosniff;
@ -325,8 +384,7 @@ top@{ inputs, moduleWithSystem, ... }: {
serveStatic = exts: ''
try_files $uri $uri/ ${pkgs.lib.strings.concatStringsSep " " (builtins.map (x: "$uri." + "${x}") exts)} =404;
'';
in
{
in {
enable = true;
recommendedGzipSettings = true;
recommendedOptimisation = true;
@ -416,7 +474,10 @@ top@{ inputs, moduleWithSystem, ... }: {
internalInterfaces = ["wg0"];
};
wg-quick.interfaces = {
wg0 = let iptables = "${pkgs.iptables}/bin/iptables"; ip6tables = "${pkgs.iptables}/bin/ip6tables"; in {
wg0 = let
iptables = "${pkgs.iptables}/bin/iptables";
ip6tables = "${pkgs.iptables}/bin/ip6tables";
in {
address = ["10.0.0.1/32"];
listenPort = 51820;
privateKeyFile = "/etc/wireguard/privatekey";
@ -469,7 +530,12 @@ top@{ inputs, moduleWithSystem, ... }: {
require_nolog = true;
require_nofilter = true;
anonymized_dns = {
routes = [{ server_name = "*"; via = [ "sdns://gQ8yMTcuMTM4LjIyMC4yNDM" ]; }];
routes = [
{
server_name = "*";
via = ["sdns://gQ8yMTcuMTM4LjIyMC4yNDM"];
}
];
};
sources.public-resolvers = {
urls = [
@ -525,8 +591,7 @@ top@{ inputs, moduleWithSystem, ... }: {
users = {
users.ivand = {
isNormalUser = true;
hashedPassword =
"$2b$05$hPrPcewxj4qjLCRQpKBAu.FKvKZdIVlnyn4uYsWE8lc21Jhvc9jWG";
hashedPassword = "$2b$05$hPrPcewxj4qjLCRQpKBAu.FKvKZdIVlnyn4uYsWE8lc21Jhvc9jWG";
extraGroups = ["wheel" "adm" "mlocate"];
openssh.authorizedKeys.keys = [
''

12
overlays/default.nix
View File

@ -1,6 +1,12 @@
top@{ inputs, withSystem, ... }: {
flake.overlays.default = final: prev:
let system = "x86_64-linux"; in withSystem system (
top @ {
inputs,
withSystem,
...
}: {
flake.overlays.default = final: prev: let
system = "x86_64-linux";
in
withSystem system (
{config, ...}: {
nvim = config.packages.nvim;
bingwp = config.packages.bingwp;

6
packages/default.nix
View File

@ -1,5 +1,9 @@
top @ {inputs, ...}: {
perSystem = perSystem@{ system, pkgs, ... }: {
perSystem = perSystem @ {
system,
pkgs,
...
}: {
config.packages = {
nvim = inputs.ide.nvim.${system}.standalone.default {
plugins.lsp.servers = {