pagedmov/nixos-config
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

work on reducing statefulness of the configuration

Browse Source
This commit is contained in:
pagedmov
2026-03-09 22:41:29 -04:00
parent 8ee748a997
commit a88925cfa3
25 changed files with 302 additions and 532 deletions
Download Patch File Download Diff File Expand all files Collapse all files

380
flake.lock generated
View File

@@ -1,5 +1,26 @@
{
"nodes": {
"agenix": {
"inputs": {
"darwin": "darwin",
"home-manager": "home-manager",
"nixpkgs": "nixpkgs",
"systems": "systems"
},
"locked": {
"lastModified": 1770165109,
"narHash": "sha256-9VnK6Oqai65puVJ4WYtCTvlJeXxMzAp/69HhQuTdl/I=",
"owner": "ryantm",
"repo": "agenix",
"rev": "b027ee29d959fda4b60b57566d64c98a202e0feb",
"type": "github"
},
"original": {
"owner": "ryantm",
"repo": "agenix",
"type": "github"
}
},
"aquamarine": {
"inputs": {
"hyprutils": [
@@ -104,7 +125,7 @@
"copyparty": {
"inputs": {
"flake-utils": "flake-utils",
"nixpkgs": "nixpkgs"
"nixpkgs": "nixpkgs_2"
},
"locked": {
"lastModified": 1773005383,
@@ -120,9 +141,31 @@
"type": "github"
}
},
"darwin": {
"inputs": {
"nixpkgs": [
"agenix",
"nixpkgs"
]
},
"locked": {
"lastModified": 1744478979,
"narHash": "sha256-dyN+teG9G82G+m+PX/aSAagkC+vUv0SgUw3XkPhQodQ=",
"owner": "lnl7",
"repo": "nix-darwin",
"rev": "43975d782b418ebf4969e9ccba82466728c2851b",
"type": "github"
},
"original": {
"owner": "lnl7",
"ref": "master",
"repo": "nix-darwin",
"type": "github"
}
},
"disko": {
"inputs": {
"nixpkgs": "nixpkgs_2"
"nixpkgs": "nixpkgs_3"
},
"locked": {
"lastModified": 1773025010,
@@ -229,7 +272,7 @@
},
"flake-utils_2": {
"inputs": {
"systems": "systems_4"
"systems": "systems_5"
},
"locked": {
"lastModified": 1731533236,
@@ -303,6 +346,27 @@
}
},
"home-manager": {
"inputs": {
"nixpkgs": [
"agenix",
"nixpkgs"
]
},
"locked": {
"lastModified": 1745494811,
"narHash": "sha256-YZCh2o9Ua1n9uCvrvi5pRxtuVNml8X2a03qIFfRKpFs=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "abfad3d2958c9e6300a883bd443512c55dfeb1be",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "home-manager",
"type": "github"
}
},
"home-manager_2": {
"inputs": {
"nixpkgs": [
"nixpkgs"
@@ -324,7 +388,7 @@
},
"hypr-contrib": {
"inputs": {
"nixpkgs": "nixpkgs_3"
"nixpkgs": "nixpkgs_4"
},
"locked": {
"lastModified": 1771502235,
@@ -409,9 +473,9 @@
"hyprutils": "hyprutils",
"hyprwayland-scanner": "hyprwayland-scanner",
"hyprwire": "hyprwire",
"nixpkgs": "nixpkgs_4",
"nixpkgs": "nixpkgs_5",
"pre-commit-hooks": "pre-commit-hooks",
"systems": "systems",
"systems": "systems_2",
"xdph": "xdph"
},
"locked": {
@@ -534,8 +598,8 @@
"inputs": {
"hyprutils": "hyprutils_2",
"hyprwayland-scanner": "hyprwayland-scanner_2",
"nixpkgs": "nixpkgs_5",
"systems": "systems_2"
"nixpkgs": "nixpkgs_6",
"systems": "systems_3"
},
"locked": {
"lastModified": 1772469529,
@@ -734,132 +798,21 @@
},
"nixpkgs": {
"locked": {
"lastModified": 1748162331,
"narHash": "sha256-rqc2RKYTxP3tbjA+PB3VMRQNnjesrT0pEofXQTrMsS8=",
"lastModified": 1754028485,
"narHash": "sha256-IiiXB3BDTi6UqzAZcf2S797hWEPCRZOwyNThJIYhUfk=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "7c43f080a7f28b2774f3b3f43234ca11661bf334",
"rev": "59e69648d345d6e8fef86158c555730fa12af9de",
"type": "github"
},
"original": {
"id": "nixpkgs",
"owner": "NixOS",
"ref": "nixos-25.05",
"type": "indirect"
}
},
"nixpkgs_2": {
"locked": {
"lastModified": 1772771118,
"narHash": "sha256-xWzaTvmmACR/SRWtABgI/Z97lcqwJAeoSd5QW1KdK1s=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "e38213b91d3786389a446dfce4ff5a8aaf6012f2",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixpkgs-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_3": {
"locked": {
"lastModified": 1712163089,
"narHash": "sha256-Um+8kTIrC19vD4/lUCN9/cU9kcOsD1O1m+axJqQPyMM=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "fd281bd6b7d3e32ddfa399853946f782553163b5",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_4": {
"locked": {
"lastModified": 1772198003,
"narHash": "sha256-I45esRSssFtJ8p/gLHUZ1OUaaTaVLluNkABkk6arQwE=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "dd9b079222d43e1943b6ebd802f04fd959dc8e61",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_5": {
"locked": {
"lastModified": 1772433332,
"narHash": "sha256-izhTDFKsg6KeVBxJS9EblGeQ8y+O8eCa6RcW874vxEc=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "cf59864ef8aa2e178cccedbe2c178185b0365705",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_6": {
"locked": {
"lastModified": 1772956932,
"narHash": "sha256-M0yS4AafhKxPPmOHGqIV0iKxgNO8bHDWdl1kOwGBwRY=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "608d0cadfed240589a7eea422407a547ad626a14",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "nixpkgs-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_7": {
"locked": {
"lastModified": 1770380644,
"narHash": "sha256-P7dWMHRUWG5m4G+06jDyThXO7kwSk46C1kgjEWcybkE=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "ae67888ff7ef9dff69b3cf0cc0fbfbcd3a722abe",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixpkgs-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_8": {
"locked": {
"lastModified": 1771848320,
"narHash": "sha256-0MAd+0mun3K/Ns8JATeHT1sX28faLII5hVLq0L3BdZU=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "2fc6539b481e1d2569f25f8799236694180c0993",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_9": {
"nixpkgs_10": {
"locked": {
"lastModified": 1767767207,
"narHash": "sha256-Mj3d3PfwltLmukFal5i3fFt27L6NiKXdBezC1EBuZs4=",
@@ -875,11 +828,138 @@
"type": "github"
}
},
"nixpkgs_2": {
"locked": {
"lastModified": 1748162331,
"narHash": "sha256-rqc2RKYTxP3tbjA+PB3VMRQNnjesrT0pEofXQTrMsS8=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "7c43f080a7f28b2774f3b3f43234ca11661bf334",
"type": "github"
},
"original": {
"id": "nixpkgs",
"ref": "nixos-25.05",
"type": "indirect"
}
},
"nixpkgs_3": {
"locked": {
"lastModified": 1772771118,
"narHash": "sha256-xWzaTvmmACR/SRWtABgI/Z97lcqwJAeoSd5QW1KdK1s=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "e38213b91d3786389a446dfce4ff5a8aaf6012f2",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixpkgs-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_4": {
"locked": {
"lastModified": 1712163089,
"narHash": "sha256-Um+8kTIrC19vD4/lUCN9/cU9kcOsD1O1m+axJqQPyMM=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "fd281bd6b7d3e32ddfa399853946f782553163b5",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_5": {
"locked": {
"lastModified": 1772198003,
"narHash": "sha256-I45esRSssFtJ8p/gLHUZ1OUaaTaVLluNkABkk6arQwE=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "dd9b079222d43e1943b6ebd802f04fd959dc8e61",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_6": {
"locked": {
"lastModified": 1772433332,
"narHash": "sha256-izhTDFKsg6KeVBxJS9EblGeQ8y+O8eCa6RcW874vxEc=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "cf59864ef8aa2e178cccedbe2c178185b0365705",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_7": {
"locked": {
"lastModified": 1772956932,
"narHash": "sha256-M0yS4AafhKxPPmOHGqIV0iKxgNO8bHDWdl1kOwGBwRY=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "608d0cadfed240589a7eea422407a547ad626a14",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "nixpkgs-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_8": {
"locked": {
"lastModified": 1770380644,
"narHash": "sha256-P7dWMHRUWG5m4G+06jDyThXO7kwSk46C1kgjEWcybkE=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "ae67888ff7ef9dff69b3cf0cc0fbfbcd3a722abe",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixpkgs-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_9": {
"locked": {
"lastModified": 1771848320,
"narHash": "sha256-0MAd+0mun3K/Ns8JATeHT1sX28faLII5hVLq0L3BdZU=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "2fc6539b481e1d2569f25f8799236694180c0993",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixvim": {
"inputs": {
"flake-parts": "flake-parts",
"nixpkgs": "nixpkgs_7",
"systems": "systems_3"
"nixpkgs": "nixpkgs_8",
"systems": "systems_4"
},
"locked": {
"lastModified": 1772402258,
@@ -945,13 +1025,14 @@
},
"root": {
"inputs": {
"agenix": "agenix",
"copyparty": "copyparty",
"disko": "disko",
"home-manager": "home-manager",
"home-manager": "home-manager_2",
"hypr-contrib": "hypr-contrib",
"hyprland": "hyprland",
"hyprpicker": "hyprpicker",
"nixpkgs": "nixpkgs_6",
"nixpkgs": "nixpkgs_7",
"nixvim": "nixvim",
"shed": "shed",
"spicetify-nix": "spicetify-nix",
@@ -961,7 +1042,7 @@
"shed": {
"inputs": {
"flake-utils": "flake-utils_2",
"nixpkgs": "nixpkgs_8"
"nixpkgs": "nixpkgs_9"
},
"locked": {
"lastModified": 1773107703,
@@ -982,7 +1063,7 @@
"nixpkgs": [
"nixpkgs"
],
"systems": "systems_5"
"systems": "systems_6"
},
"locked": {
"lastModified": 1773007504,
@@ -1007,9 +1088,9 @@
"firefox-gnome-theme": "firefox-gnome-theme",
"flake-parts": "flake-parts_2",
"gnome-shell": "gnome-shell",
"nixpkgs": "nixpkgs_9",
"nixpkgs": "nixpkgs_10",
"nur": "nur",
"systems": "systems_6",
"systems": "systems_7",
"tinted-foot": "tinted-foot",
"tinted-kitty": "tinted-kitty",
"tinted-schemes": "tinted-schemes",
@@ -1032,16 +1113,16 @@
},
"systems": {
"locked": {
"lastModified": 1689347949,
"narHash": "sha256-12tWmuL2zgBgZkdoB6qXZsgJEH9LR3oUgpaQq2RbI80=",
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default-linux",
"rev": "31732fcf5e8fea42e59c2488ad31a0e651500f68",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default-linux",
"repo": "default",
"type": "github"
}
},
@@ -1062,16 +1143,16 @@
},
"systems_3": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"lastModified": 1689347949,
"narHash": "sha256-12tWmuL2zgBgZkdoB6qXZsgJEH9LR3oUgpaQq2RbI80=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"repo": "default-linux",
"rev": "31732fcf5e8fea42e59c2488ad31a0e651500f68",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"repo": "default-linux",
"type": "github"
}
},
@@ -1120,6 +1201,21 @@
"type": "github"
}
},
"systems_7": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
},
"tinted-foot": {
"flake": false,
"locked": {

10
flake.nix
View File

@@ -10,6 +10,7 @@
stylix.url = "github:danth/stylix";
disko.url = "github:nix-community/disko";
shed.url = "github:km-clay/shed";
agenix.url = "github:ryantm/agenix";
nixvim.url = "github:nix-community/nixvim";
@@ -49,14 +50,6 @@
hostDir = "laptop";
kind = "both";
}
{
host = "xenon";
hostDir = "server";
kind = "both";
extraNixosModules = [
./modules/server
];
}
{
host = "phosphorous";
hostDir = "work";
@@ -64,6 +57,7 @@
extraNixosModules = [
inputs.shed.nixosModules.shed
inputs.copyparty.nixosModules.default
inputs.agenix.nixosModules.default
];
extraHomeModules = [
inputs.shed.homeModules.shed

68
hosts/server/config.nix
View File

@@ -1,68 +0,0 @@
{ pkgs, username, ... }:
{
imports = [ ./hardware.nix ];
movOpts = {
sysEnv = {
issue.enable = true;
sddmConfig.enable = true;
stylixConfig.enable = true;
nixSettings.enable = true;
};
hardwareCfg = {
networkModule.enable = true;
bootLoader.enable = true;
powerProfiles.enable = true;
};
softwareCfg = {
sysPkgs.enable = true;
sysProgs.enable = true;
sysServices.enable = true;
};
serverCfg = {
jellyfinConfig.enable = true;
caddyConfig.enable = true;
};
};
networking.firewall = {
allowedTCPPorts = [
443
8920
];
};
environment = {
etc."tmpfiles.d/home-permissions.conf".text = ''
d /home/pagedmov 0750 pagedmov users -
'';
variables = {
PATH = "${pkgs.clang-tools}/bin:$PATH";
TERM = "kitty";
};
shells = with pkgs; [
zsh
bash
];
};
users = {
groups.persist = { };
users = {
root.initialPassword = "1234";
${username} = {
isNormalUser = true;
initialPassword = "1234";
shell = pkgs.zsh;
extraGroups = [
"wheel"
"persist"
"libvirtd"
];
};
};
};
security.sudo.extraConfig = ''
${username} ALL=(ALL) NOPASSWD: /etc/profiles/per-user/${username}/bin/rebuild
'';
nix.settings.allowed-users = [ "${username}" ];
time.timeZone = "America/New_York";
}

63
hosts/server/hardware.nix
View File

@@ -1,63 +0,0 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{
config,
lib,
pkgs,
modulesPath,
...
}:
{
imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
boot.initrd.availableKernelModules = [
"nvme"
"xhci_pci"
"ahci"
"usbhid"
"usb_storage"
"sd_mod"
];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-amd" ];
boot.extraModulePackages = [ ];
fileSystems."/" = {
device = "/dev/disk/by-uuid/c40b3b09-688d-4fe3-96f9-8e3d75b0a7b7";
fsType = "ext4";
};
fileSystems."/nix" = {
device = "/dev/disk/by-uuid/1048d206-0a27-4e4e-b9a4-4f068bab5439";
fsType = "ext4";
};
fileSystems."/boot" = {
device = "/dev/disk/by-uuid/357E-BCCD";
fsType = "vfat";
options = [
"fmask=0077"
"dmask=0077"
];
};
fileSystems."/home" = {
device = "/dev/disk/by-uuid/b53ab583-f32e-4144-a2ee-f341e54f8233";
fsType = "ext4";
};
swapDevices = [ ];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true;
# networking.interfaces.enp10s0.useDHCP = lib.mkDefault true;
# networking.interfaces.wlp11s0.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
}

47
hosts/server/home.nix
View File

@@ -1,47 +0,0 @@
{
host,
pkgs,
self,
inputs,
lib,
username,
config,
...
}:
{
home.username = "${username}";
home.homeDirectory = "/home/${username}";
home.stateVersion = "24.05";
programs.home-manager.enable = true;
movOpts = {
homeFiles.enable = true;
# modules/home/environment
envConfig = {
starshipConfig.enable = true;
stylixHomeConfig.enable = true;
userPkgs.enable = true;
zshConfig = {
shellAliases.enable = true;
envVariables.enable = true;
shellOptions.enable = true;
extraConfig.enable = true;
};
};
# modules/home/programs
programConfigs = {
autojumpConfig.enable = true;
kittyConfig.enable = true;
btopConfig.enable = true;
ezaConfig.enable = true;
fzfConfig.enable = true;
gitConfig.enable = true;
yaziConfig.enable = true;
batConfig.enable = true;
};
};
}

4
modules/home/environment/hyprland.nix
View File

@@ -294,10 +294,6 @@ in
"super, l, movefocus, r"
"super, k, movefocus, u"
"super, j, movefocus, d"
"super, y, exec, /home/pagedmov/splitman-ipc.sh start"
"super, u, exec, /home/pagedmov/splitman-ipc.sh split"
"super, i, exec, /home/pagedmov/splitman-ipc.sh stop"
"super, o, exec, /home/pagedmov/splitman-ipc.sh pause"
"super shift, h, movewindow, l"
"super shift, l, movewindow, r"
"super shift, k, movewindow, u"

2
modules/home/environment/paperd/theme_builder.nix
View File

@@ -403,7 +403,7 @@ pkgs.writeText "theme-builder.py" ''
print("Sent reload signal to Kitty.")
nvim_colors = STATE_DIR / "nvim-colors.lua"
for sock in Path("/run/user/1000").glob("nvim.*.0"):
for sock in Path(os.environ.get("XDG_RUNTIME_DIR", "/run/user/1000")).glob("nvim.*.0"):
try:
nvim = attach('socket', path=str(sock))
nvim.command(f"luafile {nvim_colors}")

2
modules/home/environment/swaync.nix
View File

@@ -614,7 +614,7 @@
all: unset;
}
@import url("file:///home/pagedmov/.local/state/sysflake/swaync-colors.css");
@import url("file://${config.home.homeDirectory}/.local/state/sysflake/swaync-colors.css");
'';
xdg.configFile."swaync/config.json".text = ''
{

14
modules/home/environment/userservices.nix
View File

@@ -5,20 +5,6 @@ let
in
{
systemd.user = {
timers = {
maintenanceCheck = {
Unit = {
Description = "Timer for package maintenance check";
};
Timer = {
OnCalendar = "hourly";
Persistent = true;
};
Install = {
WantedBy = [ "timers.target" ];
};
};
};
services = {
swww-daemon = {
Unit.Description = "Daemon for swww (sway wayland wallpaper manager)";

4
modules/home/environment/waybar.nix
View File

@@ -143,7 +143,7 @@ in
};
"image#nixicon" = {
path = "/home/pagedmov/.sysflake/assets/images/nix-snowflake-colours.svg";
path = "${self}/assets/images/nix-snowflake-colours.svg";
size = 28;
};
@@ -271,7 +271,7 @@ in
margin: 6px 10px 6px 4px;
}
@import url("file:///home/pagedmov/.local/state/sysflake/waybar-colors.css");
@import url("file://${config.home.homeDirectory}/.local/state/sysflake/waybar-colors.css");
'';
};
};

2
modules/home/programs/git.nix
View File

@@ -22,7 +22,7 @@
};
safe = {
directory = [
"/home/pagedmov/mnt/net"
"${config.home.homeDirectory}/mnt/net"
];
};
core.pager = "delta";

10
modules/server/cdn/default.nix
View File

@@ -1,10 +0,0 @@
{
pkgs,
lib,
config,
...
}:
{
imports = [ ./jellyfin.nix ];
}

18
modules/server/cdn/jellyfin.nix
View File

@@ -1,18 +0,0 @@
{
pkgs,
lib,
config,
...
}:
{
options = {
movOpts.serverCfg.jellyfinConfig.enable = lib.mkEnableOption "Enables the server's jellyfin config";
};
config = lib.mkIf config.movOpts.serverCfg.jellyfinConfig.enable {
services.jellyfin = {
enable = true;
openFirewall = true;
};
};
}

8
modules/server/default.nix
View File

@@ -1,8 +0,0 @@
{ pkgs, lib, ... }:
{
imports = [
./cdn
./glasshaus
];
}

22
modules/server/glasshaus/caddy.nix
View File

@@ -1,22 +0,0 @@
{
lib,
config,
pkgs,
...
}:
{
options = {
movOpts.serverCfg.caddyConfig.enable = lib.mkEnableOption "Enable my caddy config for the glasshaus.info domain name";
};
config = lib.mkIf config.movOpts.serverCfg.caddyConfig.enable {
services.caddy = {
enable = true;
configFile = pkgs.writeText "Caddyfile" ''
glasshaus.info {
reverse_proxy localhost:8096
}
'';
};
};
}

10
modules/server/glasshaus/default.nix
View File

@@ -1,10 +0,0 @@
{
pkgs,
lib,
config,
...
}:
{
imports = [ ./caddy.nix ];
}

2
modules/sys/software/packages.nix
View File

@@ -51,6 +51,8 @@
pavucontrol
playerctl
usbutils
age
agenix-cli
vim
uhk-agent
jq

15
modules/sys/software/programs.nix
View File

@@ -9,21 +9,6 @@
movOpts.softwareCfg.sysProgs.enable = lib.mkEnableOption "enables default system programs";
};
config = lib.mkIf config.movOpts.softwareCfg.sysProgs.enable {
environment.etc."shells" = {
enable = true;
text = ''
/run/current-system/sw/bin/zsh
/run/current-system/sw/bin/bash
/run/current-system/sw/bin/zsh
/nix/store/m7l6yzmflrf9hjs8707lk9nkhi6f73n1-zsh-5.9/bin/zsh
/run/current-system/sw/bin/bash
/run/current-system/sw/bin/sh
/nix/store/f33kh08pa7pmy4kvsmsibda46sh46s66-bash-interactive-5.2p37/bin/bash
/nix/store/f33kh08pa7pmy4kvsmsibda46sh46s66-bash-interactive-5.2p37/bin/sh
/bin/sh
/home/pagedmov/Coding/projects/rust/rsh/target/debug/rsh
'';
};
programs = {
hyprland.enable = lib.mkDefault true;
zsh.enable = lib.mkDefault true;

22
modules/sys/software/services.nix
View File

@@ -2,6 +2,7 @@
lib,
pkgs,
config,
self,
...
}:
{
@@ -9,6 +10,21 @@
movOpts.softwareCfg.sysServices.enable = lib.mkEnableOption "enables default system services";
};
config = lib.mkIf config.movOpts.softwareCfg.sysServices.enable {
age.identityPaths = [ "/home/pagedmov/.ssh/id_ed25519" ];
age.secrets = {
copyparty-admin = {
file = "${self}/secrets/copyparty-admin.age";
owner = "copyparty";
};
copyparty-pagedmov = {
file = "${self}/secrets/copyparty-pagedmov.age";
owner = "copyparty";
};
copyparty-testuser = {
file = "${self}/secrets/copyparty-testuser.age";
owner = "copyparty";
};
};
users.users.pagedmov = {
openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBX/xEA6/zfAkjwaDcl+NnCJLMd7OzRru7IKbn+52fi5 root@nixos"
@@ -35,13 +51,13 @@
};
accounts = {
admin = {
passwordFile = "${pkgs.writeText "/run/keys/admin" "admin123"}";
passwordFile = config.age.secrets.copyparty-admin.path;
};
pagedmov = {
passwordFile = "${pkgs.writeText "/run/keys/pagedmov" "200231980qwertyuiop"}";
passwordFile = config.age.secrets.copyparty-pagedmov.path;
};
testuser = {
passwordFile = "${pkgs.writeText "/run/keys/testuser" "testpassword"}";
passwordFile = config.age.secrets.copyparty-testuser.path;
};
};
volumes = {

94
overlay/scripts/nix/check_updates.nix
View File

@@ -1,94 +0,0 @@
{ pkgs }:
pkgs.stdenv.mkDerivation {
pname = "pkg_maintenance_check";
version = "1.0";
src = ./.;
buildPhase = ''
mkdir -p $out/bin
cat > $out/bin/checkupdates.py <<- EOF
import json
import subprocess
import requests
def get_packages_by_maintainer(target_maintainer):
try:
nix_env_command = [
"nix-env", "--meta", "--json", "-qaP"
]
jq_query = (
'to_entries[] | select(.value.meta.maintainers? // [] | '
f'any(.github == "{target_maintainer}")) | .value'
)
result = subprocess.run(
nix_env_command,
capture_output=True,
text=True,
check=True
)
filtered_packages = subprocess.run(
["jq", "-r", "-c", jq_query],
input=result.stdout,
capture_output=True,
text=True,
check=True
)
return [json.loads(pkg) for pkg in filtered_packages.stdout.strip().split('\n') if pkg]
except subprocess.CalledProcessError as e:
print(f"Error running nix-env or jq: {e}")
return []
def check_github_releases(maintained_packages):
github_api_template = "https://api.github.com/repos/{owner}/{repo}/releases/latest"
updates = []
for package in maintained_packages:
pname = package.get("pname", "unknown")
repo_url = package.get("meta", {}).get("homepage", "")
current_version = package.get("version", "unknown")
if "github.com" in repo_url:
owner_repo = repo_url.split("github.com/")[1].rstrip('/')
owner, repo = owner_repo.split('/')
api_url = github_api_template.format(owner=owner, repo=repo)
response = requests.get(api_url)
if response.status_code == 200:
latest_release = response.json()
latest_version = latest_release.get("tag_name", "").lstrip('v')
if latest_version and latest_version != current_version:
updates.append({"pkg": pname, "version": latest_version})
else:
print(f"{pname} is up to date.\n")
else:
print(f"Failed to check version for {pname} (HTTP {response.status_code}).\n")
else:
print(f"Skipping non-GitHub repository for {pname}.\n")
return updates
def notify_updates(updates):
if updates:
update_string = '\n'.join([f" {update['pkg']} -> {update['version']}" for update in updates])
subprocess.run([
"notify-send",
"--icon=/home/pagedmov/.sysflake/assets/images/nixos-icon-generic.png",
"Maintenance Update",
f"Package updates found:\n{update_string}"
])
subprocess.run(["aplay", "-q", "-N", "/home/pagedmov/.sysflake/assets/sound/login.wav"])
target_maintainer = "pagedMov"
maintained_packages = get_packages_by_maintainer(target_maintainer)
if maintained_packages:
updates = check_github_releases(maintained_packages)
notify_updates(updates)
else:
print(f"No packages maintained by {target_maintainer} were found.")
EOF
'';
buildInputs = with pkgs; [
python3Packages.requests
jq
];
installPhase = ":";
}

1
overlay/scripts/nix/default.nix
View File

@@ -8,7 +8,6 @@
fetchfromgh = super.callPackage ./templates/fetchfromgh.nix { };
mkshell = super.callPackage ./templates/mkshell.nix { };
garbage-collect = super.callPackage ./garbage-collect.nix { };
check_updates = super.callPackage ./check_updates.nix { };
rebuild = super.callPackage ./rebuild.nix {
inherit host;
self = root;

5
secrets/copyparty-admin.age Normal file
View File

@@ -0,0 +1,5 @@
age-encryption.org/v1
-> ssh-ed25519 UdB2QQ 0wPXeQ7y+1CTZ9ROAlEmyOvUVeoLPe2qpVqu+9yOARM
DsBm/L7XpwmZ3fCV2u3omkhhJQjXCPApN6qv0zb/0e4
--- PtsnfRS5NGQ+dOkShmJuz4GCLvPP7cud5YUwAov3j/Y
Ú°ë.°áó/Ò‚@>ðTmC_<5F>53ßÒ;Ê Í¤£ C^á

5
secrets/copyparty-pagedmov.age Normal file
View File

@@ -0,0 +1,5 @@
age-encryption.org/v1
-> ssh-ed25519 UdB2QQ N5xflk7WYS55ypDAMewPRMoIEWQu/gPdbY6FlUJ6ERA
lwaUmt3ZSicZy1wtMxAY6XsXp9wJRbkF2zOD5fPFGq0
--- 59Ea58Hu6Aa00ttHfytrXZ+uh0Na9IVQpsog6cZiuCs
phú¦O©%w\†ŮÁł×(ž(Ł«±Ők˙ż8&qJj‰ŰAD¬s”ކßĘxxŁJ¨ď

5
secrets/copyparty-testuser.age Normal file
View File

@@ -0,0 +1,5 @@
age-encryption.org/v1
-> ssh-ed25519 UdB2QQ 60YOnpbCVEZDinRksQDnoJZNQzrrsM259Il+A9TJjBc
pNLOy0r3jfEfFQRSwuv0gHFfh00rmPHWRSzz5g5lnVE
--- LslDG7BgBKxPtzqQXepkhnU5O0MmWDlpn9svZ2VMdN8
TðÚ[_ýøÜvŸ”÷ªŸÚEKK>¶<UÝˬ*ý<®ñ‚÷ææ‰&

21
secrets/secrets.nix Normal file
View File

@@ -0,0 +1,21 @@
let
# User key (for editing secrets)
pagedmov = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAID0Eew2n6M2HtsTHHFBfMrsGsz9mt6gqN3XTM4RG5h6N pagedmov@oganesson";
# Host keys (for decryption at activation time)
phosphorous = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBhyhqppXv0SPQ6n3xkTqPXH866e2cCpDkw7f1Rxzjbu root@phosphorous";
in
{
"copyparty-admin.age".publicKeys = [
pagedmov
phosphorous
];
"copyparty-pagedmov.age".publicKeys = [
pagedmov
phosphorous
];
"copyparty-testuser.age".publicKeys = [
pagedmov
phosphorous
];
}