diff --git a/README.md b/README.md
index 1b3afd9..d7fb4a8 100644
--- a/README.md
+++ b/README.md
@@ -20,7 +20,7 @@ bash -c "$(curl -fsSL https://raw.githubusercontent.com/tboerger/nixos-config/ma
mkdir -p /mnt/etc/ssh
cp /etc/ssh/ssh_host_* /mnt/etc/ssh/
-nixos-install --no-root-password --root /mnt --flake github:tboerger/nixos-config#chnum-bootstrap
+nixos-install --no-root-password --root /mnt --flake github:tboerger/nixos-config#chnum
```
### Updates
diff --git a/flake.lock b/flake.lock
index 6fc0c59..5d2dec4 100644
--- a/flake.lock
+++ b/flake.lock
@@ -80,11 +80,11 @@
},
"hardware": {
"locked": {
- "lastModified": 1665987993,
- "narHash": "sha256-MvlaIYTRiqefG4dzI5p6vVCfl+9V8A1cPniUjcn6Ngc=",
+ "lastModified": 1667768008,
+ "narHash": "sha256-PGbX0s2hhXGnZDFVE6UIhPSOf5YegpWs5dUXpT/14F0=",
"owner": "nixos",
"repo": "nixos-hardware",
- "rev": "0e6593630071440eb89cd97a52921497482b22c6",
+ "rev": "f6483e0def85efb9c1e884efbaff45a5e7aabb34",
"type": "github"
},
"original": {
@@ -101,11 +101,11 @@
"utils": "utils_2"
},
"locked": {
- "lastModified": 1666649150,
- "narHash": "sha256-kINnLxC0KFalUk4tVO/H5hUU7FVAOYYcUSWrsBpnl+I=",
+ "lastModified": 1667708081,
+ "narHash": "sha256-FChEy05x4ed/pttjfTeKxjPCnHknMYrUtDyBiYbreT4=",
"owner": "nix-community",
"repo": "home-manager",
- "rev": "7dc4e4ebd71280842b4d30975439980baaac9db8",
+ "rev": "1ef0da321217c6c19b7a30509631c080a19321e5",
"type": "github"
},
"original": {
@@ -116,11 +116,11 @@
},
"nixpkgs": {
"locked": {
- "lastModified": 1666539104,
- "narHash": "sha256-jeuC+d375wHHxMOFLgu7etseCQVJuPNKoEc9X9CsErg=",
+ "lastModified": 1667629849,
+ "narHash": "sha256-P+v+nDOFWicM4wziFK9S/ajF2lc0N2Rg9p6Y35uMoZI=",
"owner": "nixos",
"repo": "nixpkgs",
- "rev": "0e6df35f39651504249a05191f9a78d251707e22",
+ "rev": "3bacde6273b09a21a8ccfba15586fb165078fb62",
"type": "github"
},
"original": {
@@ -132,11 +132,11 @@
},
"nur": {
"locked": {
- "lastModified": 1666676809,
- "narHash": "sha256-oZ4ECJ7N+RRM/WZ4v5HlHpU2wXpLAFbHrTX3Xb0eRCM=",
+ "lastModified": 1668038359,
+ "narHash": "sha256-xsEG4/ZoUpG7VWymXgRD2MAN0nkKneeD84f4RUpsNic=",
"owner": "nix-community",
"repo": "NUR",
- "rev": "f87ab9ff2ea215252532c9e7cf194c56fd8d6c38",
+ "rev": "71dadb246555d9acab72a953cdb051dcbd926464",
"type": "github"
},
"original": {
@@ -174,11 +174,11 @@
},
"utils_2": {
"locked": {
- "lastModified": 1659877975,
- "narHash": "sha256-zllb8aq3YO3h8B/U0/J1WBgAL8EX5yWf5pMj3G0NAmc=",
+ "lastModified": 1667395993,
+ "narHash": "sha256-nuEHfE/LcWyuSWnS8t12N1wc105Qtau+/OdUAjtQ0rA=",
"owner": "numtide",
"repo": "flake-utils",
- "rev": "c0e246b9b83f637f4681389ecabcb2681b4f3af0",
+ "rev": "5aed5285a952e0b949eb3ba02c12fa4fcfef535f",
"type": "github"
},
"original": {
@@ -189,11 +189,11 @@
},
"utils_3": {
"locked": {
- "lastModified": 1659877975,
- "narHash": "sha256-zllb8aq3YO3h8B/U0/J1WBgAL8EX5yWf5pMj3G0NAmc=",
+ "lastModified": 1667395993,
+ "narHash": "sha256-nuEHfE/LcWyuSWnS8t12N1wc105Qtau+/OdUAjtQ0rA=",
"owner": "numtide",
"repo": "flake-utils",
- "rev": "c0e246b9b83f637f4681389ecabcb2681b4f3af0",
+ "rev": "5aed5285a952e0b949eb3ba02c12fa4fcfef535f",
"type": "github"
},
"original": {
diff --git a/machines/asgard/default.nix b/machines/asgard/default.nix
index f43d30b..b8618ce 100644
--- a/machines/asgard/default.nix
+++ b/machines/asgard/default.nix
@@ -16,7 +16,7 @@
docker = {
enable = config.personal.services.enable;
};
- samba = {
+ shares = {
enable = config.personal.services.enable;
};
tailscale = {
diff --git a/machines/asgard/filesystems.nix b/machines/asgard/filesystems.nix
index 0812858..7b7fdf8 100644
--- a/machines/asgard/filesystems.nix
+++ b/machines/asgard/filesystems.nix
@@ -29,7 +29,7 @@
];
};
- fileSystems."/var/lib/media/shares" = {
+ fileSystems."/var/lib/shares" = {
device = "/dev/disk/by-label/shares";
fsType = "ext4";
options = [
@@ -37,7 +37,12 @@
];
};
- fileSystems."/var/lib/media/photos" = {
+ fileSystems."/exports/shares" = {
+ device = "/var/lib/shares";
+ options = [ "bind" ];
+ };
+
+ fileSystems."/var/lib/photos" = {
device = "/dev/disk/by-label/photos";
fsType = "ext4";
options = [
@@ -45,7 +50,12 @@
];
};
- fileSystems."/var/lib/media/videos" = {
+ fileSystems."/exports/photos" = {
+ device = "/var/lib/photos";
+ options = [ "bind" ];
+ };
+
+ fileSystems."/var/lib/videos" = {
device = "/dev/disk/by-label/videos";
fsType = "ext4";
options = [
@@ -53,7 +63,12 @@
];
};
- fileSystems."/var/lib/media/movies" = {
+ fileSystems."/exports/videos" = {
+ device = "/var/lib/videos";
+ options = [ "bind" ];
+ };
+
+ fileSystems."/var/lib/movies" = {
device = "/dev/disk/by-label/movies";
fsType = "ext4";
options = [
@@ -61,7 +76,12 @@
];
};
- fileSystems."/var/lib/media/shows" = {
+ fileSystems."/exports/movies" = {
+ device = "/var/lib/movies";
+ options = [ "bind" ];
+ };
+
+ fileSystems."/var/lib/shows" = {
device = "/dev/disk/by-label/shows";
fsType = "ext4";
options = [
@@ -69,7 +89,12 @@
];
};
- fileSystems."/var/lib/media/books" = {
+ fileSystems."/exports/shows" = {
+ device = "/var/lib/shows";
+ options = [ "bind" ];
+ };
+
+ fileSystems."/var/lib/books" = {
device = "/dev/disk/by-label/books";
fsType = "ext4";
options = [
@@ -77,7 +102,12 @@
];
};
- fileSystems."/var/lib/media/music" = {
+ fileSystems."/exports/books" = {
+ device = "/var/lib/books";
+ options = [ "bind" ];
+ };
+
+ fileSystems."/var/lib/music" = {
device = "/dev/disk/by-label/music";
fsType = "ext4";
options = [
@@ -85,6 +115,11 @@
];
};
+ fileSystems."/exports/music" = {
+ device = "/var/lib/music";
+ options = [ "bind" ];
+ };
+
fileSystems."/var/lib/printer" = {
device = "/dev/disk/by-label/printer";
fsType = "ext4";
@@ -93,6 +128,11 @@
];
};
+ fileSystems."/exports/printer" = {
+ device = "/var/lib/printer";
+ options = [ "bind" ];
+ };
+
fileSystems."/var/lib/backup" = {
device = "/dev/disk/by-label/backup";
fsType = "ext4";
diff --git a/machines/chnum/default.nix b/machines/chnum/default.nix
index c9f5c74..31a78eb 100644
--- a/machines/chnum/default.nix
+++ b/machines/chnum/default.nix
@@ -22,9 +22,15 @@
docker = {
enable = config.personal.services.enable;
};
+ hacking = {
+ enable = config.personal.services.enable;
+ };
libvirt = {
enable = config.personal.services.enable;
};
+ tailscale = {
+ enable = config.personal.services.enable;
+ };
};
};
diff --git a/machines/chnum/filesystems.nix b/machines/chnum/filesystems.nix
index 793f58a..97ea542 100644
--- a/machines/chnum/filesystems.nix
+++ b/machines/chnum/filesystems.nix
@@ -1,32 +1,24 @@
{ config, lib, pkgs, ... }:
{
- boot = {
- initrd = {
- luks = {
- devices = {
- luks = {
- name = "luks";
- device = "/dev/disk/by-partlabel/data";
- preLVM = true;
- allowDiscards = true;
- };
- };
- };
- };
- };
-
- fileSystems."/boot" = {
- device = "/dev/disk/by-label/boot";
- fsType = "vfat";
- };
+ swapDevices = [{
+ device = "/dev/disk/by-label/swap";
+ }];
fileSystems."/" = {
device = "/dev/disk/by-label/root";
fsType = "ext4";
options = [
"noatime"
- "nodiratime"
+ "discard"
+ ];
+ };
+
+ fileSystems."/nix" = {
+ device = "/dev/disk/by-label/nix";
+ fsType = "ext4";
+ options = [
+ "noatime"
"discard"
];
};
@@ -36,12 +28,12 @@
fsType = "ext4";
options = [
"noatime"
- "nodiratime"
"discard"
];
};
- swapDevices = [{
- device = "/dev/disk/by-label/swap";
- }];
+ fileSystems."/boot" = {
+ device = "/dev/disk/by-label/boot";
+ fsType = "vfat";
+ };
}
diff --git a/machines/chnum/hardware.nix b/machines/chnum/hardware.nix
index 9ba9a55..e11919a 100644
--- a/machines/chnum/hardware.nix
+++ b/machines/chnum/hardware.nix
@@ -21,4 +21,10 @@
};
};
};
+
+ environment = {
+ systemPackages = with pkgs; [
+ intel-gpu-tools
+ ];
+ };
}
diff --git a/machines/modules/tools.nix b/machines/modules/tools.nix
index 7a25ce7..f80ae62 100644
--- a/machines/modules/tools.nix
+++ b/machines/modules/tools.nix
@@ -17,6 +17,7 @@ with lib;
jq
lsof
minio-client
+ nix-index
nmap
p7zip
pciutils
diff --git a/machines/modules/unpackerr.nix b/machines/modules/unpackerr.nix
deleted file mode 100644
index 5c12103..0000000
--- a/machines/modules/unpackerr.nix
+++ /dev/null
@@ -1,310 +0,0 @@
-{ config, pkgs, lib, ... }:
-with lib;
-
-let
- cfg = config.services.unpackerr;
- mkStarrOptions = { name, url }: {
- url = mkOption {
- type = types.str;
- default = "";
- example = "${url}";
- description = ''
- The URL to access ${name}
- '';
- };
- apiKey = mkOption {
- type = types.str;
- default = "";
- description = ''
- The API key for accessing ${name}
- '';
- };
- paths = mkOption {
- type = types.str;
- default = "";
- example = "/downloads,/moreDownloads";
- description = ''
- List of paths where content is downloaded for ${name}
- '';
- };
- protocols = mkOption {
- type = types.str;
- default = "torrent";
- example = "torrent,usenet";
- description = ''
- Protocols to process
- '';
- };
- timeout = mkOption {
- type = types.str;
- default = "10s";
- description = ''
- How long to wait for ${name} to respond
- '';
- };
- deleteOrginal = mkOption {
- type = types.bool;
- default = false;
- description = ''
- Delete archives after import?
- Recommend not setting this to true
- '';
- };
- deleteDelay = mkOption {
- type = types.str;
- default = "5m";
- description = ''
- Extracts are deleted this long after import. `-1` to disable.
- '';
- };
- };
-
-in
-{
- options.services.unpackerr = {
- enable = mkEnableOption "unpackerr";
-
- user = mkOption {
- default = "unpackerr";
- type = types.str;
- description = ''
- User account under which unpackerr runs.
- '';
- };
-
- group = mkOption {
- type = types.str;
- default = "unpackerr";
- description = ''
- Group under which unpackerr runs.
- '';
- };
-
- package = mkOption {
- type = types.package;
- default = pkgs.unpackerr;
- defaultText = "pkgs.unpackerr";
- description = ''
- The unpackerr package to use.
- '';
- };
-
- debug = mkOption {
- type = types.bool;
- default = false;
- description = ''
- Turns on more logs.
- '';
- };
-
- interval = mkOption {
- type = types.str;
- default = "2m";
- description = ''
- How often apps are polled, recommended 1m to 5m
- '';
- };
-
- startDelay = mkOption {
- type = types.str;
- default = "1m";
- description = ''
- Files are queued at least this long before extraction
- '';
- };
-
- retryDelay = mkOption {
- type = types.str;
- default = "5m";
- description = ''
- Failed extractions are retried after at least this long
- '';
- };
-
- maxRetries = mkOption {
- type = types.int;
- default = 3;
- description = ''
- Times to retry failed extractions. `0` = unlimited.
- '';
- };
-
- parallel = mkOption {
- type = types.int;
- default = 1;
- description = ''
- Concurrent extractions, 1 is recommended.
- '';
- };
-
- fileMode = mkOption {
- type = types.str;
- default = "0644";
- description = ''
- Extracted files are written with this mode
- '';
- };
-
- dirMode = mkOption {
- type = types.str;
- default = "0755";
- description = ''
- Extracted folders are written with this mode
- '';
- };
-
- sonarr = mkStarrOptions { name = "Sonarr"; url = "http://localhost:8989"; };
-
- radarr = mkStarrOptions { name = "Radarr"; url = "http://localhost:7878"; };
-
- lidarr = mkStarrOptions { name = "Lidarr"; url = "http://localhost:8686"; };
-
- readarr = mkStarrOptions { name = "Readarr"; url = "http://localhost:8787"; };
-
- folder = {
- path = mkOption {
- type = types.str;
- default = "";
- description = ''
- folder path, not for Starr apps.
- '';
- };
- extractPath = mkOption {
- type = types.str;
- default = "";
- description = ''
- Where to extract to, Defaults to .
- '';
- };
- deleteAfter = mkOption {
- type = types.str;
- default = "";
- example = "10m";
- description = ''
- Delete extracted files and/or archives after this duration, `0` to disable.
- '';
- };
- deleteOrginal = mkOption {
- type = types.bool;
- default = false;
- description = ''
- Delete archives after extraction
- '';
- };
- deleteFiles = mkOption {
- type = types.bool;
- default = false;
- description = ''
- Delete extracted files after successful extraction
- '';
- };
- moveBack = mkOption {
- type = types.bool;
- default = false;
- description = ''
- Move extracted items back into original folder
- '';
- };
- };
-
- extraConfig = mkOption {
- type = types.attrs;
- default = { };
- description = ''
- Extra environment variables
- '';
- example = {
- UN_WEBHOOK_0_URL = "http://example.com";
- };
- };
- };
-
- config = mkIf cfg.enable {
- # Create group if set to default
- users.groups = mkIf (cfg.group == "unpackerr") {
- unpackerr = { };
- };
-
- # Create user if set to default
- users.users = mkIf (cfg.user == "unpackerr") {
- unpackerr = {
- group = cfg.group;
- shell = pkgs.bashInteractive;
- createHome = false;
- description = "unpackerr Daemon user";
- isSystemUser = true;
- };
- };
-
- # The actual service
- systemd.services.unpackerr = {
- wantedBy = [ "multi-user.target" ];
- after = [ "network.target" ];
- description = "unpackerr system service";
- # Filter out all unset variables else unpackerr complains
- environment = filterAttrs (n: v: stringLength v > 0)
- {
- # General options
- UN_DEBUG = "${toString cfg.debug}";
- UN_INTERVAL = "${cfg.interval}";
- UN_START_DELAY = "${cfg.startDelay}";
- UN_RETRY_DELAY = "${cfg.retryDelay}";
- UN_MAX_RETRIES = "${toString cfg.maxRetries}";
- UN_PARALLEL = "${toString cfg.parallel}";
- UN_FILE_MODE = "${cfg.fileMode}";
- UN_DIR_MODE = "${cfg.dirMode}";
-
- # Sonarr
- UN_SONARR_0_URL = "${cfg.sonarr.url}";
- UN_SONARR_0_API_KEY = "${cfg.sonarr.apiKey}";
- UN_SONARR_0_PATHS_0 = "${cfg.sonarr.paths}";
- UN_SONARR_0_PROTOCOLS = "${cfg.sonarr.protocols}";
- UN_SONARR_0_TIMEOUT = "${cfg.sonarr.timeout}";
- UN_SONARR_0_DELETE_ORIG = "${toString cfg.sonarr.deleteOrginal}";
- UN_SONARR_0_DELETE_DELAY = "${cfg.sonarr.deleteDelay}";
-
- # Radarr
- UN_RADARR_0_URL = "${cfg.radarr.url}";
- UN_RADARR_0_API_KEY = "${cfg.radarr.apiKey}";
- UN_RADARR_0_PATHS_0 = "${cfg.radarr.paths}";
- UN_RADARR_0_PROTOCOLS = "${cfg.radarr.protocols}";
- UN_RADARR_0_TIMEOUT = "${cfg.radarr.timeout}";
- UN_RADARR_0_DELETE_ORIG = "${toString cfg.radarr.deleteOrginal}";
- UN_RADARR_0_DELETE_DELAY = "${cfg.radarr.deleteDelay}";
-
- # Lidarr
- UN_LIDARR_0_URL = "${cfg.lidarr.url}";
- UN_LIDARR_0_API_KEY = "${cfg.lidarr.apiKey}";
- UN_LIDARR_0_PATHS_0 = "${cfg.lidarr.paths}";
- UN_LIDARR_0_PROTOCOLS = "${cfg.lidarr.protocols}";
- UN_LIDARR_0_TIMEOUT = "${cfg.lidarr.timeout}";
- UN_LIDARR_0_DELETE_ORIG = "${toString cfg.lidarr.deleteOrginal}";
- UN_LIDARR_0_DELETE_DELAY = "${cfg.lidarr.deleteDelay}";
-
- # Readarr
- UN_READARR_0_URL = "${cfg.readarr.url}";
- UN_READARR_0_API_KEY = "${cfg.readarr.apiKey}";
- UN_READARR_0_PATHS_0 = "${cfg.readarr.paths}";
- UN_READARR_0_PROTOCOLS = "${cfg.readarr.protocols}";
- UN_READARR_0_TIMEOUT = "${cfg.readarr.timeout}";
- UN_READARR_0_DELETE_ORIG = "${toString cfg.readarr.deleteOrginal}";
- UN_READARR_0_DELETE_DELAY = "${cfg.readarr.deleteDelay}";
-
- # Folder
- UN_FOLDER_0_PATH = "${cfg.folder.path}";
- UN_FOLDER_0_EXTRACT_PATH = "${cfg.folder.extractPath}";
- UN_FOLDER_0_DELETE_AFTER = "${cfg.folder.deleteAfter}";
- UN_FOLDER_0_DELETE_ORIGINAL = "${toString cfg.folder.deleteOrginal}";
- UN_FOLDER_0_DELETE_FILES = "${toString cfg.folder.deleteFiles}";
- UN_FOLDER_0_MOVE_BACK = "${toString cfg.folder.moveBack}";
- } // cfg.extraConfig;
- serviceConfig = {
- User = cfg.user;
- Group = cfg.group;
- Type = "simple";
- Restart = "on-failure";
- ExecStart = "${cfg.package}/bin/unpackerr";
- };
- };
- };
-}
diff --git a/machines/services/default.nix b/machines/services/default.nix
index a829343..7fe79b1 100644
--- a/machines/services/default.nix
+++ b/machines/services/default.nix
@@ -9,13 +9,14 @@ with lib;
./coredns.nix
./desktop.nix
./docker.nix
+ ./hacking.nix
./hass.nix
./haveged.nix
./libvirt.nix
./media.nix
./nixbuild.nix
./openssh.nix
- ./samba.nix
+ ./shares.nix
./tailscale.nix
./timesyncd.nix
./webserver.nix
diff --git a/machines/services/desktop.nix b/machines/services/desktop.nix
index 3044838..e023582 100644
--- a/machines/services/desktop.nix
+++ b/machines/services/desktop.nix
@@ -146,24 +146,15 @@ in
};
};
- desktopManager = {
- xterm = {
- enable = false;
- };
- };
-
displayManager = {
- defaultSession = "none+i3";
-
- lightdm = {
+ gdm = {
enable = true;
};
};
- windowManager = {
- i3 = {
+ desktopManager = {
+ gnome = {
enable = true;
- package = pkgs.i3-gaps;
};
};
};
diff --git a/machines/services/hacking.nix b/machines/services/hacking.nix
new file mode 100644
index 0000000..35a2f8d
--- /dev/null
+++ b/machines/services/hacking.nix
@@ -0,0 +1,35 @@
+{ pkgs, lib, config, options, ... }:
+with lib;
+
+let
+ cfg = config.personal.services.hacking;
+
+in
+{
+ options = {
+ personal = {
+ services = {
+ hacking = {
+ enable = mkEnableOption "Hacking";
+ };
+ };
+ };
+ };
+
+ config = mkIf cfg.enable {
+ environment = {
+ systemPackages = with pkgs; [
+ burpsuite
+ chisel
+ chkrootkit
+ john
+ lynis
+ metasploit
+ nikto
+ nmap
+ thc-hydra
+ wireshark
+ ];
+ };
+ };
+}
diff --git a/machines/services/media.nix b/machines/services/media.nix
index efc9f9a..4a57c26 100644
--- a/machines/services/media.nix
+++ b/machines/services/media.nix
@@ -17,6 +17,12 @@ in
};
config = mkIf cfg.enable {
+ environment = {
+ systemPackages = with pkgs; [
+ nur.repos.tboerger.jellyseerr
+ ];
+ };
+
users = {
users = {
media = {
@@ -122,53 +128,37 @@ in
package = pkgs.prowlarr;
};
- # unpackerr = {
- # enable = true;
- # user = "media";
- # group = "media";
- # # package = pkgs.unpackerr;
- # };
+ nginx = {
+ virtualHosts = let
+ base = locations: {
+ inherit locations;
+
+ useACMEHost = "boerger.ws";
+ forceSSL = true;
+ };
+ proxy = port: base {
+ "/" = {
+ proxyPass = "http://127.0.0.1:" + toString(port) + "/";
+ proxyWebsockets = true;
+ };
+ };
+ in {
+ "nzbget.boerger.ws" = proxy 6789;
+ "jellyfin.boerger.ws" = proxy 8096;
+ "radarr.boerger.ws" = proxy 7878;
+ "sonarr.boerger.ws" = proxy 8989;
+ "lidarr.boerger.ws" = proxy 8686;
+ "readarr.boerger.ws" = proxy 8787;
+ "bazarr.boerger.ws" = proxy 6767;
+ "prowlarr.boerger.ws" = proxy 9696;
+ };
+ };
};
personal = {
services = {
webserver = {
enable = true;
-
- hosts = [
- {
- domain = "nzbget.boerger.ws";
- proxy = "http://localhost:6789";
- }
- {
- domain = "jellyfin.boerger.ws";
- proxy = "http://localhost:8096";
- }
- {
- domain = "radarr.boerger.ws";
- proxy = "http://localhost:7878";
- }
- {
- domain = "sonarr.boerger.ws";
- proxy = "http://localhost:8989";
- }
- {
- domain = "lidarr.boerger.ws";
- proxy = "http://localhost:8686";
- }
- {
- domain = "readarr.boerger.ws";
- proxy = "http://localhost:8787";
- }
- {
- domain = "bazarr.boerger.ws";
- proxy = "http://localhost:6767";
- }
- {
- domain = "prowlarr.boerger.ws";
- proxy = "http://localhost:9696";
- }
- ];
};
};
};
diff --git a/machines/services/samba.nix b/machines/services/shares.nix
similarity index 77%
rename from machines/services/samba.nix
rename to machines/services/shares.nix
index c13c2b5..8c89ad2 100644
--- a/machines/services/samba.nix
+++ b/machines/services/shares.nix
@@ -2,15 +2,15 @@
with lib;
let
- cfg = config.personal.services.samba;
+ cfg = config.personal.services.shares;
in
{
options = {
personal = {
services = {
- samba = {
- enable = mkEnableOption "Samba";
+ shares = {
+ enable = mkEnableOption "Shares";
};
};
};
@@ -52,6 +52,7 @@ in
networking = {
firewall = {
allowedTCPPorts = [
+ 2049
5357
];
@@ -62,8 +63,22 @@ in
};
services = {
- samba-wsdd = {
- enable = true;
+ nfs = {
+ server = {
+ enable = true;
+
+ exports = ''
+ /exports 192.168.1.0/255.255.255.0(rw,fsid=0,no_subtree_check)
+ /exports/shares 192.168.1.0/255.255.255.0(rw,nohide,insecure,no_subtree_check)
+ /exports/photos 192.168.1.0/255.255.255.0(rw,nohide,insecure,no_subtree_check)
+ /exports/videos 192.168.1.0/255.255.255.0(rw,nohide,insecure,no_subtree_check)
+ /exports/movies 192.168.1.0/255.255.255.0(rw,nohide,insecure,no_subtree_check)
+ /exports/shows 192.168.1.0/255.255.255.0(rw,nohide,insecure,no_subtree_check)
+ /exports/books 192.168.1.0/255.255.255.0(rw,nohide,insecure,no_subtree_check)
+ /exports/music 192.168.1.0/255.255.255.0(rw,nohide,insecure,no_subtree_check)
+ /exports/printer 192.168.1.0/255.255.255.0(rw,nohide,insecure,no_subtree_check)
+ '';
+ };
};
samba = {
@@ -83,7 +98,7 @@ in
shares = {
shares = {
comment = "General shares";
- path = "/var/lib/media/shares";
+ path = "/var/lib/shares";
"browseable" = "yes";
"read only" = "no";
@@ -95,7 +110,7 @@ in
photos = {
comment = "Shared photos";
- path = "/var/lib/media/photos";
+ path = "/var/lib/photos";
"browseable" = "yes";
"read only" = "no";
@@ -107,7 +122,7 @@ in
videos = {
comment = "Shared videos";
- path = "/var/lib/media/videos";
+ path = "/var/lib/videos";
"browseable" = "yes";
"read only" = "no";
@@ -119,7 +134,7 @@ in
movies = {
comment = "Shared movies";
- path = "/var/lib/media/movies";
+ path = "/var/lib/movies";
"browseable" = "no";
"read only" = "no";
@@ -132,7 +147,7 @@ in
shows = {
comment = "Shared shows";
- path = "/var/lib/media/shows";
+ path = "/var/lib/shows";
"browseable" = "no";
"read only" = "no";
@@ -145,7 +160,7 @@ in
books = {
comment = "Shared books";
- path = "/var/lib/media/books";
+ path = "/var/lib/books";
"browseable" = "no";
"read only" = "no";
@@ -158,7 +173,7 @@ in
music = {
comment = "Shared music";
- path = "/var/lib/media/music";
+ path = "/var/lib/music";
"browseable" = "no";
"read only" = "no";
@@ -192,6 +207,10 @@ in
};
};
};
+
+ samba-wsdd = {
+ enable = true;
+ };
};
age.secrets."users/printer/password" = {
diff --git a/machines/utgard/filesystems.nix b/machines/utgard/filesystems.nix
index 5f86d45..4faf18c 100644
--- a/machines/utgard/filesystems.nix
+++ b/machines/utgard/filesystems.nix
@@ -1,23 +1,19 @@
{ config, lib, pkgs, ... }:
let
- cifsServer = "//192.168.1.10";
-
- cifsOptions = [
+ nfsOptions = [
"x-systemd.automount"
"noauto"
"x-systemd.idle-timeout=60"
"x-systemd.device-timeout=5s"
"x-systemd.mount-timeout=5s"
- "credentials=${config.age.secrets."users/media/smbpasswd".path}"
- "uid=${toString config.users.users.media.uid}"
- "gid=${toString config.users.groups.media.gid}"
+ "nfsvers=4.2"
];
in
{
environment = {
systemPackages = with pkgs; [
- cifs-utils
+ nfs-utils
];
};
@@ -157,30 +153,26 @@ in
};
fileSystems."/var/lib/movies" = {
- device = "${cifsServer}/movies";
- fsType = "cifs";
- options = cifsOptions;
+ device = "192.168.1.10:/movies";
+ fsType = "nfs";
+ options = nfsOptions;
};
fileSystems."/var/lib/shows" = {
- device = "${cifsServer}/shows";
- fsType = "cifs";
- options = cifsOptions;
+ device = "192.168.1.10:/shows";
+ fsType = "nfs";
+ options = nfsOptions;
};
fileSystems."/var/lib/books" = {
- device = "${cifsServer}/books";
- fsType = "cifs";
- options = cifsOptions;
+ device = "192.168.1.10:/books";
+ fsType = "nfs";
+ options = nfsOptions;
};
fileSystems."/var/lib/music" = {
- device = "${cifsServer}/music";
- fsType = "cifs";
- options = cifsOptions;
- };
-
- age.secrets."users/media/smbpasswd" = {
- file = ../../secrets/users/media/smbpasswd.age;
+ device = "192.168.1.10:/music";
+ fsType = "nfs";
+ options = nfsOptions;
};
}
diff --git a/machines/utgard/hardware.nix b/machines/utgard/hardware.nix
index 5b5be77..b1c1496 100644
--- a/machines/utgard/hardware.nix
+++ b/machines/utgard/hardware.nix
@@ -18,7 +18,7 @@
environment = {
systemPackages = with pkgs; [
- intel-media-driver
+ intel-gpu-tools
];
};
}
diff --git a/profiles/thomas/default.nix b/profiles/thomas/default.nix
index 18ec13c..7aa236f 100644
--- a/profiles/thomas/default.nix
+++ b/profiles/thomas/default.nix
@@ -23,7 +23,7 @@ in
username = username;
desktop = {
- i3 = {
+ gnome = {
enable = desktop;
};
};
@@ -126,9 +126,6 @@ in
autorandr = {
enable = desktop;
};
- rofi = {
- enable = desktop;
- };
ssh = {
enable = desktop;
};
@@ -159,13 +156,6 @@ in
udiskie = {
enable = desktop;
};
-
- # dunst = {
- # enable = desktop;
- # };
- polybar = {
- enable = desktop;
- };
};
};
diff --git a/profiles/thomas/desktop/default.nix b/profiles/thomas/desktop/default.nix
index 0671a48..8dbabb7 100644
--- a/profiles/thomas/desktop/default.nix
+++ b/profiles/thomas/desktop/default.nix
@@ -2,6 +2,7 @@
{
imports = [
+ ./gnome.nix
./i3.nix
];
diff --git a/profiles/thomas/desktop/gnome.nix b/profiles/thomas/desktop/gnome.nix
new file mode 100644
index 0000000..09d340c
--- /dev/null
+++ b/profiles/thomas/desktop/gnome.nix
@@ -0,0 +1,91 @@
+{ pkgs, lib, config, options, ... }:
+with lib;
+
+let
+ cfg = config.profile.desktop.gnome;
+
+
+in
+{
+ options = {
+ profile = {
+ desktop = {
+ gnome = {
+ enable = mkEnableOption "Gnome";
+ };
+ };
+ };
+ };
+
+ config = mkIf cfg.enable {
+ services = {
+ udev = {
+ packages = with pkgs; [
+ gnome.gnome-settings-daemon
+ ];
+ };
+
+ xserver = {
+ displayManager = {
+ gdm = {
+ enable = true;
+ };
+ };
+
+ desktopManager = {
+ gnome = {
+ enable = true;
+ };
+ };
+ };
+
+ gnome = {
+ evolution-data-server = {
+ enable = true;
+ };
+
+ gnome-online-accounts = {
+ enable = true;
+ };
+
+ gnome-keyring = {
+ enable = true;
+ };
+ };
+ };
+
+ environment = {
+ systemPackages = with pkgs; [
+ gnome.adwaita-icon-theme
+ gnome.gnome-tweaks
+
+ gnomeExtensions.calc
+ gnomeExtensions.clipman
+ gnomeExtensions.ddterm
+ gnomeExtensions.docker
+ gnomeExtensions.gsnap
+ gnomeExtensions.gtile
+ gnomeExtensions.keyman
+ gnomeExtensions.vitals
+ gnomeExtensions.weather
+ gnomeExtensions.zilence
+ ];
+
+ gnome = {
+ excludePackages = with pkgs; [
+ gnome-tour
+
+ gnome.atomix
+ gnome.cheese
+ gnome.epiphany
+ gnome.geary
+ gnome.gnome-music
+ gnome.gnome-terminal
+ gnome.hitori
+ gnome.iagno
+ gnome.tali
+ ]
+ };
+ };
+ };
+}
diff --git a/profiles/thomas/desktop/i3.nix b/profiles/thomas/desktop/i3.nix
index acde595..5ffa234 100644
--- a/profiles/thomas/desktop/i3.nix
+++ b/profiles/thomas/desktop/i3.nix
@@ -92,6 +92,17 @@ in
};
config = mkIf cfg.enable {
+ services = {
+ xserver = {
+ windowManager = {
+ i3 = {
+ enable = true;
+ package = pkgs.i3-gaps;
+ };
+ };
+ };
+ };
+
home-manager.users."${config.profile.username}" = { config, ... }: {
home = {
packages = with pkgs; [
@@ -107,7 +118,306 @@ in
];
};
+ programs = {
+ rofi = {
+ enable = true;
+
+ font = "DejaVu Sans Mono 14";
+ terminal = "alacritty";
+ theme = "solarized";
+
+ plugins = with pkgs; [
+ rofi-calc
+ rofi-file-browser
+ rofi-mpd
+ rofi-power-menu
+ rofi-pulse-select
+ rofi-systemd
+ rofi-vpn
+ ];
+
+ extraConfig = {
+ modi = "window,drun,ssh";
+ };
+ };
+ };
+
services = {
+ dunst = {
+ enable = true;
+
+ iconTheme = {
+ name = "Numix";
+ package = pkgs.numix-icon-theme;
+ size = "64x64";
+ };
+
+ settings = {
+ global = {
+ font = "DejaVu Sans Mono 14";
+ frame_color = "#93a1a1";
+ separator_color = "#93a1a1";
+ };
+
+ urgency_normal = {
+ msg_urgency = "normal";
+ background = "#586e75";
+ foreground = "#93a1a1";
+ };
+
+ urgency_critical = {
+ msg_urgency = "critical";
+ background = "#dc322f";
+ foreground = "#eee8d5";
+ };
+
+ urgency_low = {
+ msg_urgency = "low";
+ background = "#073642";
+ foreground = "#657b83";
+ };
+ };
+ };
+
+ polybar = {
+ enable = true;
+ script = "polybar general &";
+
+ package = pkgs.polybar.override {
+ i3Support = true;
+ mpdSupport = true;
+ iwSupport = true;
+ pulseSupport = true;
+ githubSupport = true;
+ };
+
+ settings =
+ let
+ icons = {
+ powerOff = "";
+ xmark = "";
+ microchip = "";
+ memory = "";
+ batteryBolt = "";
+ batteryHalf = "";
+ batteryFull = "";
+ batteryExclamation = "";
+ volumeHigh = "";
+ volumeSlash = "";
+ wifi = "";
+ wifiSlash = "";
+ ethernet = "";
+ calendar = "";
+ clock = "";
+
+ terminal = "";
+ code = "";
+ chrome = "";
+ envelope = "";
+ music = "";
+ comment = "";
+ question = "?";
+ };
+
+ fonts = {
+ font-0 = "DejaVu Sans Mono:size=14:style=Regular;0";
+ font-1 = "Font Awesome 6 Free Solid:size=12:style=Solid;-1";
+ font-2 = "FontAwesome:size=12:style=Regular;-2";
+ };
+
+ in
+ {
+ "colors" = {
+ background = "#002b36";
+ background-alt = "#073642";
+ foreground = "#93a1a1";
+ foreground-alt = "#eee8d5";
+ primary = "#ffb52a";
+ secondary = "#e60053";
+ alert = "#bd2c40";
+ red = "#dc322f";
+ };
+
+ "bar/general" = fonts // {
+ width = "100%";
+ height = 43;
+ radius = 0;
+
+ fixed-center = true;
+
+ background = "\${colors.background}";
+ foreground = "\${colors.foreground}";
+
+ line-size = 3;
+ line-color = "#f00";
+
+ border-size = 5;
+ border-color = "#000000";
+
+ padding-left = 0;
+ padding-right = 2;
+
+ module-margin-left = 2;
+ module-margin-right = 2;
+
+ modules-left = "i3";
+ modules-center = "";
+ modules-right = "cpu memory volume wireless wired battery date";
+
+ tray-position = "right";
+ tray-padding = 2;
+ tray-background = "#0063ff";
+
+ wm-restack = "i3";
+ scroll-up = "i3wm-wsnext";
+ scroll-down = "i3wm-wsprev";
+ };
+
+ "module/i3" = {
+ type = "internal/i3";
+ strip-wsnumbers = true;
+
+ ws-icon-0 = "1;${icons.terminal}";
+ ws-icon-1 = "2;${icons.code}";
+ ws-icon-2 = "3;${icons.chrome}";
+ ws-icon-3 = "4;${icons.envelope}";
+ ws-icon-4 = "5;${icons.music}";
+ ws-icon-5 = "6;${icons.comment}";
+ ws-icon-6 = "7:${icons.question}";
+ ws-icon-7 = "8:${icons.question}";
+ ws-icon-8 = "9:${icons.question}";
+ ws-icon-default = "${icons.question}";
+
+ label-mode = "%mode%";
+ label-mode-padding = 2;
+ label-mode-underline = "\${colors.foreground}";
+ # label-mode-background = "#e60053";
+
+ label-focused = "%icon%";
+ label-focused-padding = 4;
+ label-focused-underline = "\${colors.foreground}";
+ # label-focused-foreground = "#ffffff";
+ # label-focused-background = "#3f3f3f";
+
+ label-unfocused = "%icon%";
+ label-unfocused-padding = 4;
+ label-unfocused-underline = "\${colors.foreground}";
+
+ label-visible = "%icon%";
+ label-visible-padding = 4;
+ label-visible-underline = "\${colors.foreground}";
+
+ label-urgent = "%icon%";
+ label-urgent-padding = 4;
+ label-urgent-underline = "\${colors.foreground}";
+ # label-urgent-foreground = "#000000";
+ # label-urgent-background = "#bd2c40";
+
+ label-separator = "";
+ label-separator-padding = 0;
+ label-separator-underline = "\${colors.foreground}";
+ # label-separator-foreground = "#ffb52a";
+ };
+
+ "module/cpu" = {
+ type = "internal/cpu";
+ format = "${icons.microchip}