iofq/nix
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

immich

Browse source
This commit is contained in:
iofq 2025-06-01 20:39:11 -05:00
parent 18caa32b2c
commit e4dc04a7ff
13 changed files with 516 additions and 181 deletions
Download patch file Download diff file Expand all files Collapse all files

327
flake.lock generated
View file

@ -41,11 +41,11 @@
"flake-compat_2": {
"flake": false,
"locked": {
"lastModified": 1696426674,
"narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=",
"lastModified": 1747046372,
"narHash": "sha256-CIVLLkVgvHYbgI2UpXvIIBJ12HWgX+fjA8Xf8PUmqCY=",
"owner": "edolstra",
"repo": "flake-compat",
"rev": "0f9255e01c2351cc7d116c072cb317785dd33b33",
"rev": "9100a0f413b0c601e0533d1d94ffd501ce2e7885",
"type": "github"
},
"original": {
@ -57,11 +57,11 @@
"flake-compat_3": {
"flake": false,
"locked": {
"lastModified": 1733328505,
"narHash": "sha256-NeCCThCEP3eCl2l/+27kNNK7QrwZB1IJCrXfrbv5oqU=",
"lastModified": 1696426674,
"narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=",
"owner": "edolstra",
"repo": "flake-compat",
"rev": "ff81ac966bb2cae68946d5ed5fc4994f96d0ffec",
"rev": "0f9255e01c2351cc7d116c072cb317785dd33b33",
"type": "github"
},
"original": {
@ -87,6 +87,38 @@
}
},
"flake-compat_5": {
"flake": false,
"locked": {
"lastModified": 1733328505,
"narHash": "sha256-NeCCThCEP3eCl2l/+27kNNK7QrwZB1IJCrXfrbv5oqU=",
"owner": "edolstra",
"repo": "flake-compat",
"rev": "ff81ac966bb2cae68946d5ed5fc4994f96d0ffec",
"type": "github"
},
"original": {
"owner": "edolstra",
"repo": "flake-compat",
"type": "github"
}
},
"flake-compat_6": {
"flake": false,
"locked": {
"lastModified": 1696426674,
"narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=",
"owner": "edolstra",
"repo": "flake-compat",
"rev": "0f9255e01c2351cc7d116c072cb317785dd33b33",
"type": "github"
},
"original": {
"owner": "edolstra",
"repo": "flake-compat",
"type": "github"
}
},
"flake-compat_7": {
"flake": false,
"locked": {
"lastModified": 1696426674,
@ -103,6 +135,48 @@
}
},
"flake-parts": {
"inputs": {
"nixpkgs-lib": [
"neovim-nightly-overlay",
"nixpkgs"
]
},
"locked": {
"lastModified": 1743550720,
"narHash": "sha256-hIshGgKZCgWh6AYJpJmRgFdR3WUbkY04o82X05xqQiY=",
"owner": "hercules-ci",
"repo": "flake-parts",
"rev": "c621e8422220273271f52058f618c94e405bb0f5",
"type": "github"
},
"original": {
"owner": "hercules-ci",
"repo": "flake-parts",
"type": "github"
}
},
"flake-parts_2": {
"inputs": {
"nixpkgs-lib": [
"neovim-nightly-overlay",
"hercules-ci-effects",
"nixpkgs"
]
},
"locked": {
"lastModified": 1743550720,
"narHash": "sha256-hIshGgKZCgWh6AYJpJmRgFdR3WUbkY04o82X05xqQiY=",
"owner": "hercules-ci",
"repo": "flake-parts",
"rev": "c621e8422220273271f52058f618c94e405bb0f5",
"type": "github"
},
"original": {
"id": "flake-parts",
"type": "indirect"
}
},
"flake-parts_3": {
"inputs": {
"nixpkgs-lib": "nixpkgs-lib"
},
@ -120,7 +194,7 @@
"type": "github"
}
},
"flake-parts_2": {
"flake-parts_4": {
"inputs": {
"nixpkgs-lib": [
"nvim",
@ -142,7 +216,7 @@
"type": "github"
}
},
"flake-parts_3": {
"flake-parts_5": {
"inputs": {
"nixpkgs-lib": [
"nvim",
@ -184,8 +258,8 @@
},
"gen-luarc": {
"inputs": {
"flake-parts": "flake-parts",
"git-hooks": "git-hooks",
"flake-parts": "flake-parts_3",
"git-hooks": "git-hooks_2",
"luvit-meta": "luvit-meta",
"nixpkgs": [
"nvim",
@ -208,8 +282,31 @@
},
"git-hooks": {
"inputs": {
"flake-compat": "flake-compat_2",
"flake-compat": "flake-compat_3",
"gitignore": "gitignore",
"nixpkgs": [
"neovim-nightly-overlay",
"nixpkgs"
]
},
"locked": {
"lastModified": 1747372754,
"narHash": "sha256-2Y53NGIX2vxfie1rOW0Qb86vjRZ7ngizoo+bnXU9D9k=",
"owner": "cachix",
"repo": "git-hooks.nix",
"rev": "80479b6ec16fefd9c1db3ea13aeb038c60530f46",
"type": "github"
},
"original": {
"owner": "cachix",
"repo": "git-hooks.nix",
"type": "github"
}
},
"git-hooks_2": {
"inputs": {
"flake-compat": "flake-compat_4",
"gitignore": "gitignore_2",
"nixpkgs": [
"nvim",
"gen-luarc",
@ -231,10 +328,10 @@
"type": "github"
}
},
"git-hooks_2": {
"git-hooks_3": {
"inputs": {
"flake-compat": "flake-compat_4",
"gitignore": "gitignore_2",
"flake-compat": "flake-compat_6",
"gitignore": "gitignore_3",
"nixpkgs": [
"nvim",
"neovim-nightly-overlay",
@ -258,8 +355,7 @@
"gitignore": {
"inputs": {
"nixpkgs": [
"nvim",
"gen-luarc",
"neovim-nightly-overlay",
"git-hooks",
"nixpkgs"
]
@ -282,7 +378,7 @@
"inputs": {
"nixpkgs": [
"nvim",
"neovim-nightly-overlay",
"gen-luarc",
"git-hooks",
"nixpkgs"
]
@ -302,6 +398,29 @@
}
},
"gitignore_3": {
"inputs": {
"nixpkgs": [
"nvim",
"neovim-nightly-overlay",
"git-hooks",
"nixpkgs"
]
},
"locked": {
"lastModified": 1709087332,
"narHash": "sha256-HG2cCnktfHsKV0s4XW83gU3F57gaTljL9KNSuG6bnQs=",
"owner": "hercules-ci",
"repo": "gitignore.nix",
"rev": "637db329424fd7e46cf4185293b9cc8c88c95394",
"type": "github"
},
"original": {
"owner": "hercules-ci",
"repo": "gitignore.nix",
"type": "github"
}
},
"gitignore_4": {
"inputs": {
"nixpkgs": [
"pre-commit-hooks",
@ -324,7 +443,29 @@
},
"hercules-ci-effects": {
"inputs": {
"flake-parts": "flake-parts_3",
"flake-parts": "flake-parts_2",
"nixpkgs": [
"neovim-nightly-overlay",
"nixpkgs"
]
},
"locked": {
"lastModified": 1747284884,
"narHash": "sha256-lTSKhRrassMcJ1ZsuUVunyl/F04vvCKY80HB/4rvvm4=",
"owner": "hercules-ci",
"repo": "hercules-ci-effects",
"rev": "7168f6002a6b48a9b6151e1e97e974a0722ecfdc",
"type": "github"
},
"original": {
"owner": "hercules-ci",
"repo": "hercules-ci-effects",
"type": "github"
}
},
"hercules-ci-effects_2": {
"inputs": {
"flake-parts": "flake-parts_5",
"nixpkgs": [
"nvim",
"neovim-nightly-overlay",
@ -352,11 +493,11 @@
]
},
"locked": {
"lastModified": 1746287478,
"narHash": "sha256-z3HiHR2CNAdwyZTWPM2kkzhE1gD1G6ExPxkaiQfNh7s=",
"lastModified": 1747439237,
"narHash": "sha256-5rCGrnkglKKj4cav1U3HC+SIUNJh08pqOK4spQv9RjA=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "75268f62525920c4936404a056f37b91e299c97e",
"rev": "ae755329092c87369b9e9a1510a8cf1ce2b1c708",
"type": "github"
},
"original": {
@ -400,14 +541,38 @@
},
"neovim-nightly-overlay": {
"inputs": {
"flake-compat": "flake-compat_3",
"flake-parts": "flake-parts_2",
"git-hooks": "git-hooks_2",
"flake-compat": "flake-compat_2",
"flake-parts": "flake-parts",
"git-hooks": "git-hooks",
"hercules-ci-effects": "hercules-ci-effects",
"neovim-src": "neovim-src",
"nixpkgs": "nixpkgs_2",
"nixpkgs": "nixpkgs",
"treefmt-nix": "treefmt-nix"
},
"locked": {
"lastModified": 1747475604,
"narHash": "sha256-QQI3EaXwqTiWAz6JCV1rD9g7uJzkhOK8gQpawVznYEs=",
"owner": "nix-community",
"repo": "neovim-nightly-overlay",
"rev": "a389c17ddc7b05050c35f9c1cd6b58a5d2ef720c",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "neovim-nightly-overlay",
"type": "github"
}
},
"neovim-nightly-overlay_2": {
"inputs": {
"flake-compat": "flake-compat_5",
"flake-parts": "flake-parts_4",
"git-hooks": "git-hooks_3",
"hercules-ci-effects": "hercules-ci-effects_2",
"neovim-src": "neovim-src_2",
"nixpkgs": "nixpkgs_3",
"treefmt-nix": "treefmt-nix_2"
},
"locked": {
"lastModified": 1746256223,
"narHash": "sha256-a97mwMJcE0cYGfwB5N5v+Ey+by1poGTc/fsrd47Fom8=",
@ -423,6 +588,22 @@
}
},
"neovim-src": {
"flake": false,
"locked": {
"lastModified": 1747473845,
"narHash": "sha256-jmjtmuIjIKuGWyNenamx6gaWPSVkD84TxngP6hX8Auc=",
"owner": "neovim",
"repo": "neovim",
"rev": "8e8f4523c687cac4e966cb78856f73706dcec37d",
"type": "github"
},
"original": {
"owner": "neovim",
"repo": "neovim",
"type": "github"
}
},
"neovim-src_2": {
"flake": false,
"locked": {
"lastModified": 1746214751,
@ -445,11 +626,11 @@
]
},
"locked": {
"lastModified": 1746054057,
"narHash": "sha256-iR+idGZJ191cY6NBXyVjh9QH8GVWTkvZw/w+1Igy45A=",
"lastModified": 1747470409,
"narHash": "sha256-R9TP2//BDKyjNzuZybplIZm7HQEnwL8khs7EmmTPYP4=",
"owner": "nix-community",
"repo": "nix-index-database",
"rev": "13ba07d54c6ccc5af30a501df669bf3fe3dd4db8",
"rev": "c1f63a0c3bf1b2fe05124ccb099333163e2184a7",
"type": "github"
},
"original": {
@ -460,11 +641,11 @@
},
"nixos-hardware": {
"locked": {
"lastModified": 1745955289,
"narHash": "sha256-mmV2oPhQN+YF2wmnJzXX8tqgYmUYXUj3uUUBSTmYN5o=",
"lastModified": 1747129300,
"narHash": "sha256-L3clA5YGeYCF47ghsI7Tcex+DnaaN/BbQ4dR2wzoiKg=",
"owner": "NixOS",
"repo": "nixos-hardware",
"rev": "72081c9fbbef63765ae82bff9727ea79cc86bd5b",
"rev": "e81fd167b33121269149c57806599045fd33eeed",
"type": "github"
},
"original": {
@ -475,16 +656,16 @@
},
"nixpkgs": {
"locked": {
"lastModified": 1746141548,
"narHash": "sha256-IgBWhX7A2oJmZFIrpRuMnw5RAufVnfvOgHWgIdds+hc=",
"owner": "nixos",
"lastModified": 1747426788,
"narHash": "sha256-N4cp0asTsJCnRMFZ/k19V9akkxb7J/opG+K+jU57JGc=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "f02fddb8acef29a8b32f10a335d44828d7825b78",
"rev": "12a55407652e04dcf2309436eb06fef0d3713ef3",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "nixos-unstable",
"owner": "NixOS",
"ref": "nixpkgs-unstable",
"repo": "nixpkgs",
"type": "github"
}
@ -534,6 +715,22 @@
}
},
"nixpkgs_2": {
"locked": {
"lastModified": 1747327360,
"narHash": "sha256-LSmTbiq/nqZR9B2t4MRnWG7cb0KVNU70dB7RT4+wYK4=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "e06158e58f3adee28b139e9c2bcfcc41f8625b46",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_3": {
"locked": {
"lastModified": 1746152631,
"narHash": "sha256-zBuvmL6+CUsk2J8GINpyy8Hs1Zp4PP6iBWSmZ4SCQ/s=",
@ -549,7 +746,7 @@
"type": "github"
}
},
"nixpkgs_3": {
"nixpkgs_4": {
"locked": {
"lastModified": 1746314326,
"narHash": "sha256-2xqKEdmbFttKUwIxZgQAOG24rNqVvJ7c3LmA+ZnvWlc=",
@ -570,8 +767,8 @@
"flake-utils": "flake-utils",
"gen-luarc": "gen-luarc",
"mini-nvim": "mini-nvim",
"neovim-nightly-overlay": "neovim-nightly-overlay",
"nixpkgs": "nixpkgs_3",
"neovim-nightly-overlay": "neovim-nightly-overlay_2",
"nixpkgs": "nixpkgs_4",
"nixpkgs-uns": "nixpkgs-uns",
"nvim-orgmode": "nvim-orgmode"
},
@ -607,18 +804,18 @@
},
"pre-commit-hooks": {
"inputs": {
"flake-compat": "flake-compat_5",
"gitignore": "gitignore_3",
"flake-compat": "flake-compat_7",
"gitignore": "gitignore_4",
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1742649964,
"narHash": "sha256-DwOTp7nvfi8mRfuL1escHDXabVXFGT1VlPD1JHrtrco=",
"lastModified": 1747372754,
"narHash": "sha256-2Y53NGIX2vxfie1rOW0Qb86vjRZ7ngizoo+bnXU9D9k=",
"owner": "cachix",
"repo": "pre-commit-hooks.nix",
"rev": "dcf5072734cb576d2b0c59b2ac44f5050b5eac82",
"rev": "80479b6ec16fefd9c1db3ea13aeb038c60530f46",
"type": "github"
},
"original": {
@ -631,14 +828,15 @@
"inputs": {
"deploy-rs": "deploy-rs",
"home-manager": "home-manager",
"neovim-nightly-overlay": "neovim-nightly-overlay",
"nix-index-database": "nix-index-database",
"nixos-hardware": "nixos-hardware",
"nixpkgs": "nixpkgs",
"nixpkgs": "nixpkgs_2",
"nvim": "nvim",
"pre-commit-hooks": "pre-commit-hooks",
"sops-nix": "sops-nix",
"systems": "systems_3",
"treefmt-nix": "treefmt-nix_2"
"treefmt-nix": "treefmt-nix_3"
}
},
"sops-nix": {
@ -648,11 +846,11 @@
]
},
"locked": {
"lastModified": 1745310711,
"narHash": "sha256-ePyTpKEJTgX0gvgNQWd7tQYQ3glIkbqcW778RpHlqgA=",
"lastModified": 1746485181,
"narHash": "sha256-PxrrSFLaC7YuItShxmYbMgSuFFuwxBB+qsl9BZUnRvg=",
"owner": "Mic92",
"repo": "sops-nix",
"rev": "5e3e92b16d6fdf9923425a8d4df7496b2434f39c",
"rev": "e93ee1d900ad264d65e9701a5c6f895683433386",
"type": "github"
},
"original": {
@ -706,6 +904,27 @@
}
},
"treefmt-nix": {
"inputs": {
"nixpkgs": [
"neovim-nightly-overlay",
"nixpkgs"
]
},
"locked": {
"lastModified": 1747469671,
"narHash": "sha256-bo1ptiFoNqm6m1B2iAhJmWCBmqveLVvxom6xKmtuzjg=",
"owner": "numtide",
"repo": "treefmt-nix",
"rev": "ab0378b61b0d85e73a8ab05d5c6029b5bd58c9fb",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "treefmt-nix",
"type": "github"
}
},
"treefmt-nix_2": {
"inputs": {
"nixpkgs": [
"nvim",
@ -727,18 +946,18 @@
"type": "github"
}
},
"treefmt-nix_2": {
"treefmt-nix_3": {
"inputs": {
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1746216483,
"narHash": "sha256-4h3s1L/kKqt3gMDcVfN8/4v2jqHrgLIe4qok4ApH5x4=",
"lastModified": 1747469671,
"narHash": "sha256-bo1ptiFoNqm6m1B2iAhJmWCBmqveLVvxom6xKmtuzjg=",
"owner": "numtide",
"repo": "treefmt-nix",
"rev": "29ec5026372e0dec56f890e50dbe4f45930320fd",
"rev": "ab0378b61b0d85e73a8ab05d5c6029b5bd58c9fb",
"type": "github"
},
"original": {

6
flake.nix
View file

@ -30,6 +30,7 @@
url = "github:serokell/deploy-rs";
inputs.nixpkgs.follows = "nixpkgs";
};
neovim-nightly-overlay.url = "github:nix-community/neovim-nightly-overlay";
};
outputs = {
self,
@ -44,7 +45,10 @@
pkgs = import nixpkgs {
inherit system;
config.allowUnfree = true;
overlays = [ inputs.nvim.overlays.default ];
overlays = [
inputs.nvim.overlays.default
inputs.neovim-nightly-overlay.overlays.default
];
};
eachSystem = f: nixpkgs.lib.genAttrs (import systems) (system: f nixpkgs.legacyPackages.${system});
treefmtEval = eachSystem (pkgs: inputs.treefmt-nix.lib.evalModule pkgs ./treefmt.nix);

4
home-manager/shared/programs/dev.nix
View file

@ -6,6 +6,7 @@
jq
tree
jujutsu
emacs-nox
#devops
k9s
@ -21,7 +22,4 @@
#c
gcc
];
services.ollama = {
enable = true;
};
}

6
home-manager/shared/programs/shell/fish.nix
View file

@ -26,6 +26,12 @@
}
];
functions = {
nix-shell = {
wraps = "nix-shell";
body = ''
command nix-shell $argv --command "fish"
'';
};
nix = {
wraps = "nix";
body = ''

9
home-manager/shared/programs/shell/tmux.nix
View file

@ -50,6 +50,15 @@
bind "/" {
LaunchOrFocusPlugin "zellij-forgot" { floating true; }
}
bind "1" { GoToTab 1; SwitchToMode "Locked"; }
bind "2" { GoToTab 2; SwitchToMode "Locked"; }
bind "3" { GoToTab 3; SwitchToMode "Locked"; }
bind "4" { GoToTab 4; SwitchToMode "Locked"; }
bind "5" { GoToTab 5; SwitchToMode "Locked"; }
bind "6" { GoToTab 6; SwitchToMode "Locked"; }
bind "7" { GoToTab 7; SwitchToMode "Locked"; }
bind "8" { GoToTab 8; SwitchToMode "Locked"; }
bind "9" { GoToTab 9; SwitchToMode "Locked"; }
}
shared_except "tmux" {
bind "Ctrl a" {

21
home-manager/shared/wayland/default.nix
View file

@ -4,7 +4,6 @@
...
}: {
imports = [
./librewolf
./alacritty
./hyprland
./xdg
@ -12,6 +11,8 @@
];
home.packages = with pkgs; [
wlogout
wf-recorder
wdisplays
wl-clipboard
gammastep
@ -20,13 +21,18 @@
home.sessionVariables = {
MOZ_DBUS_REMOTE = 1;
};
programs.bemenu = {
programs.wofi = {
enable = true;
settings = {
ignorecase = true;
fn = "UbuntuMono";
prompt = "open";
};
style = ''
window, #input, #entry, #scroll, #text, #inner-box {
background-color: #152528;
color: #e6eaea;
}
#entry:selected, #text:selected {
background-color: #a1cdd8;
color: #152528;
}
'';
};
services.gammastep = {
enable = true;
@ -60,5 +66,6 @@
}
];
};
services.mako.enable = true;
home.file.".icons/default".source = "${pkgs.vanilla-dmz}/share/icons/DMZ-Black";
}

25
home-manager/shared/wayland/hyprland/default.nix
View file

@ -5,6 +5,7 @@
extraConfig = ''
monitor=,preferred,auto,1
'';
plugins = [pkgs.hyprlandPlugins.hyprexpo];
settings = {
"$mod" = "SUPER";
general = {
@ -16,6 +17,7 @@
disable_hyprland_logo = true;
new_window_takes_over_fullscreen = 1;
exit_window_retains_fullscreen = 1;
vfr = true;
};
decoration = {
blur = {
@ -27,13 +29,11 @@
};
animations = {
enabled = "yes";
bezier = "ease,0.22,1,0.35,1";
animation = [
"windows, 1, 1.5, ease, popin"
"windowsOut, 1, 1.5, ease, popin"
"border, 0, 1, default"
"fade, 1, 1.5, ease"
"workspaces, 1, 3, ease, slidefade"
"windows, 1, 3, default, popin"
"windowsOut, 1, 3, default, popin"
"fade, 1, 3, default"
"workspaces, 1, 2, default, fade"
];
};
master = {
@ -42,11 +42,10 @@
};
input = {
kb_options = "caps:super";
repeat_delay = "300";
repeat_rate = "60";
repeat_delay = "250";
repeat_rate = "75";
float_switch_override_focus = 0;
# follow_mouse = 0;
accel_profile = "flat";
sensitivity = 0.4;
touchpad = {
@ -71,17 +70,18 @@
];
bind =
[
"$mod, a, hyprexpo:expo, toggle"
"$mod, Return, exec, alacritty"
"$mod, x, killactive"
"$mod, f, fullscreen"
"$mod SHIFT, Escape, exit"
"$mod SHIFT, f, fullscreenstate, 0 3"
"$mod, Space, exec, ${pkgs.bemenu}/bin/bemenu-run"
"$mod, Space, exec, ${pkgs.wofi}/bin/wofi --show run"
"$mod, Escape, exec, ${pkgs.wlogout}/bin/wlogout"
"$mod, t, togglefloating"
"$mod, bracketleft, exec, grimshot --notify save area /tmp/scrot-$(date \"+%Y-%m-%d\"T\"%H:%M:%S\").png"
"$mod, bracketright, exec, grimshot --notify copy area"
"$mod SHIFT, q, exec, swaylock"
"$mod SHIFT, BACKSPACE, exit"
",XF86MonBrightnessDown, exec, light -U 10"
",XF86MonBrightnessUp, exec, light -A 10"
",XF86AudioRaiseVolume, exec, pactl set-sink-volume @DEFAULT_SINK@ +1%"
@ -105,6 +105,7 @@
"$mod, PERIOD, focusmonitor, r"
"$mod SHIFT, COMMA, movewindow, mon:l"
"$mod SHIFT, PERIOD, movewindow, mon:r"
"$mod, s, togglespecialworkspace"
]
++ (
# workspaces
@ -169,6 +170,7 @@
"hyprland/window"
];
modules-right = [
"tray"
"cpu"
"memory"
"network"
@ -176,7 +178,6 @@
"pulseaudio"
"battery"
"clock"
"tray"
];
"hyprland/workspaces" = {
disable-scroll = true;

3
home-manager/shared/wayland/librewolf/default.nix
View file

@ -1,3 +0,0 @@
_: {
programs.librewolf.enable = true;
}

6
home-manager/t14/home.nix
View file

@ -13,20 +13,17 @@
prismlauncher
runelite
jdk21
steam-run
# comms
signal-desktop
discord
# apps
(chromium.override {commandLineArgs = "--load-media-router-component-extension=1";}) #chromecast
chromium
pcmanfm
feh
ffmpeg
mpv
vlc
wdisplays
piper
calibre
@ -36,6 +33,7 @@
android-tools
];
};
programs.librewolf.enable = true;
programs.ssh = {
enable = true;
matchBlocks = {

34
nixos/configuration.nix
View file

@ -1,12 +1,13 @@
{
pkgs,
host,
...
}: {
users.groups.plugdev = {}; # Create plugdev group
host,
...
}: { # Create plugdev group
networking.hostName = host.hostName;
users.groups.${host.username} = {};
users.users.${host.username} = {
time.timeZone = "America/Chicago";
users = {
groups.plugdev = {};
groups.${host.username} = {};
users.${host.username} = {
isNormalUser = true;
group = "${host.username}";
extraGroups = [
@ -16,14 +17,18 @@
"adbusers"
];
};
environment.systemPackages = with pkgs; [vim];
programs.nix-index.enableBashIntegration = false;
programs.nix-index.enableZshIntegration = false;
programs.nix-index-database.comma.enable = true;
time.timeZone = "America/Chicago";
};
programs = {
nix-index = {
enableBashIntegration = false;
enableZshIntegration = false;
};
nix-index-database.comma.enable = true;
};
# Enable flakes and unfree packages
nix.settings = {
nix = {
settings = {
auto-optimise-store = true;
substituters = ["https://nix-community.cachix.org"];
trusted-public-keys = [
@ -32,9 +37,10 @@
trusted-users = [host.username];
experimental-features = ["nix-command" "flakes"];
};
nix.gc = {
gc = {
automatic = true;
dates = "00:00";
options = "--delete-older-than 14d";
};
};
}

118
nixos/consensus/configuration.nix
View file

@ -1,41 +1,28 @@
{pkgs, ...}: {
{lib, pkgs, config, ...}: {
imports = [
./hardware-configuration.nix
];
sops = {
defaultSopsFile = ../../secrets/cf-acme.yaml;
secrets = {
"env" = {};
};
};
documentation = {
enable = lib.mkDefault false;
info.enable = lib.mkDefault false;
man.enable = lib.mkDefault false;
nixos.enable = lib.mkDefault false;
};
environment.systemPackages = with pkgs; [
git
nvim-pkg
docker-compose
tmux
];
boot.tmp.cleanOnBoot = true;
zramSwap.enable = false;
swapDevices = [
{
device = "/var/swapfile";
size = 4 * 1024;
}
];
virtualisation.docker.enable = true;
networking = {
hostName = "consensus";
firewall = {
enable = true;
allowedTCPPorts = [
22
2022
6443
25565
30001
30303
];
allowedUDPPorts = [
30001
30303
];
logRefusedConnections = true;
};
};
services = {
zfs.autoScrub.enable = true;
zfs.autoSnapshot.enable = true;
tailscale.enable = true;
k3s = {
enable = true;
@ -52,6 +39,67 @@
PermitRootLogin = "prohibit-password";
};
};
immich = {
enable = true;
port = 2283;
host = "localhost";
openFirewall = true;
machine-learning.enable = false;
mediaLocation = "/rice/immich";
};
nginx = {
enable = true;
virtualHosts."img.10110110.xyz" = {
useACMEHost = "10110110.xyz";
forceSSL = true;
locations."/" = {
proxyPass = "http://localhost:${toString config.services.immich.port}";
proxyWebsockets = true;
recommendedProxySettings = true;
extraConfig = ''
client_max_body_size 50000M;
proxy_read_timeout 600s;
proxy_send_timeout 600s;
send_timeout 600s;
'';
};
};
};
};
boot = {
tmp.cleanOnBoot = true;
supportedFilesystems = ["zfs"];
zfs.forceImportRoot = false;
zfs.extraPools = ["rice"];
};
networking.hostId = "91238132";
zramSwap.enable = false;
swapDevices = [
{
device = "/var/swapfile";
size = 4 * 1024;
}
];
virtualisation.docker.enable = true;
networking = {
hostName = "consensus";
firewall = {
enable = true;
allowedTCPPorts = [
22
443
2022
6443
25565
30001
30303
];
allowedUDPPorts = [
30001
30303
];
logRefusedConnections = true;
};
};
users.users = {
root = {
@ -68,6 +116,18 @@
};
};
security.sudo.wheelNeedsPassword = false;
security.acme = {
acceptTerms = true;
defaults.email = "acme@10110110.xyz";
certs = {
"10110110.xyz" = {
domain = "*.10110110.xyz";
group = config.services.nginx.group;
dnsProvider = "cloudflare";
environmentFile = config.sops.secrets."env".path;
};
};
};
nix.settings.trusted-users = ["e"];
system.stateVersion = "23.11";
}

63
nixos/t14/configuration.nix
View file

@ -1,7 +1,7 @@
{
pkgs,
attrs,
...
pkgs,
attrs,
...
}: let
# Horrid workaround for https://github.com/nix-community/home-manager/issues/1011
homeManagerSessionVars = "/etc/profiles/per-user/${attrs.username}/etc/profile.d/hm-session-vars.sh";
@ -10,12 +10,14 @@ in {
./hardware-configuration.nix
./backups.nix
];
environment.systemPackages = with pkgs; [
environment = {
systemPackages = with pkgs; [
cryptsetup
nfs-utils
nerdctl
];
environment.extraInit = "[[ -f ${homeManagerSessionVars} ]] && source ${homeManagerSessionVars} && echo 'x' > /tmp/test";
extraInit = "[[ -f ${homeManagerSessionVars} ]] && source ${homeManagerSessionVars} && echo 'x' > /tmp/test";
};
boot = {
loader.systemd-boot.enable = true;
@ -60,7 +62,27 @@ in {
};
steam.enable = true;
adb.enable = true;
fish.enable = true;
fish.enable = true; #enable vendor completions
};
# workaround for wait-online killing nixos build
systemd.services.NetworkManager-wait-online = {
serviceConfig = {
ExecStart = ["" "${pkgs.networkmanager}/bin/nm-online -q"];
};
};
hardware = {
graphics = {
enable = true;
enable32Bit = true;
extraPackages = [
pkgs.mesa
pkgs.amdvlk
pkgs.libGL
];
};
ledger.enable = true;
};
services = {
resolved = {
@ -70,7 +92,6 @@ in {
];
};
tailscale.enable = true;
avahi.enable = true; # chromecast
pipewire = {
enable = true;
alsa.enable = true;
@ -117,33 +138,17 @@ in {
pkgs.ledger-udev-rules
pkgs.trezor-udev-rules
];
};
# workaround for wait-online killing nixos build
systemd.services.NetworkManager-wait-online = {
serviceConfig = {
ExecStart = ["" "${pkgs.networkmanager}/bin/nm-online -q"];
trezord.enable = true;
udisks2.enable = true; # kindle
};
};
hardware.graphics = {
enable = true;
enable32Bit = true;
extraPackages = [
pkgs.mesa
pkgs.amdvlk
pkgs.libGL
];
};
hardware.ledger.enable = true;
services.trezord.enable = true;
services.udisks2.enable = true; # kindle
fonts = {
# Set a sane system-wide default font
fonts.packages = with pkgs; [
packages = with pkgs; [
nerd-fonts.ubuntu-mono
spleen
];
fonts.fontconfig.defaultFonts.monospace = ["UbuntuMono"];
fontconfig.defaultFonts.monospace = ["UbuntuMono"];
};
system.stateVersion = "22.11";
}

25
secrets/cf-acme.yaml Normal file
View file

@ -0,0 +1,25 @@
env: ENC[AES256_GCM,data:G2O7yhOE3UKukq+1zXVWAW/REdTVdBCY0WByZbC7jnxR773ST9lA8rwEL5leB8h0bTqqQh8bwI4AdFR6/r0UQyc=,iv:IaRUoGY2zfaFDofSedHjtSx0UIGoIqX6oQhbrKCE45c=,tag:MW74dIOol8PZNxyUJEbPyQ==,type:str]
sops:
age:
- recipient: age14e2d2y8e2avzfrsyxg9dudxd36svm24t7skw6e969n0c42znlp3shffdtg
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA3ei9idzZZTmtXSHB5bnhB
WjdOeDJBc3l0MjEvbHlHczRtTCt3cG05M0JzCnMvM05SWWJsU1h6VXFxOWVlN21x
MmJxcFpVbEpKaUliRmJBM2FhN1d6cm8KLS0tIElibU4xUTNScWM2cEI2YXdWRzdr
cjFKUzJENlVUVlpoQ3RNelFUV2h3WkkKIOHlJ72UWGnOxvO6mm6f1wnWZ5acWQCX
AmG5ATn3WYvUt9nthMUMFpX3ICFiLHp73eKz1vMsA6DloVpi58FAlg==
-----END AGE ENCRYPTED FILE-----
- recipient: age16pdhm238k63uye3rf4cwwe7ddyzds6xj9jv4wpsfggkghyarjqtsjzkxna
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA4M2ZNcndhUFdkT2JmYWxw
Sk14Sk1OWUQ1MzZ3SDZLdnR6TW9xK3h1bGpvCmlVUkRxbnFWc1gzRGduZURTOWNI
WDdsakRRelhId1RKSEIvRWJpQUozYk0KLS0tIDlrY1E0NG5ydWRoT1QyMXZmVXpN
TzlHa0h2SFlUZnAvcjJ1NGdFL3ppWWsKm/aU+oAbTH7kC/k+VbGoxBGQzWxe8SRD
8Glhaq/ctBcr09dbkWl43GTXkNoEx8/wKA30HTvEq0yWEBworrSQ8w==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2025-06-02T00:02:47Z"
mac: ENC[AES256_GCM,data:l3I8KNMoZGrUUS/RzY0fAr7DkvyhynOqPW/09IfI8sKYBP+gavdf3/OpW3uwhYzuS6pRWwCaUTa0F+HELu7rBG8FwpvyBpdeAgZb1hVFtKeBuaCjXDieuxKjj27IKLx3UbHx2iRm91oB7bIMZaXYMrlYVmrs/BkgoT8vHj5j7Rc=,iv:KaB9qaUTYbnS6ix297MjIHxl+LSazZnRW0Lu2bP/kmk=,tag:bbncBMsk/qOfz0LRmrqiUQ==,type:str]
unencrypted_suffix: _unencrypted
version: 3.10.2