diff --git a/flake.nix b/flake.nix index 78f1aac..fa1b62a 100644 --- a/flake.nix +++ b/flake.nix @@ -124,7 +124,16 @@ ]; }; }; - + homeConfigurations = { + "m3tam3re@m3-daedalus" = home-manager.lib.homeManagerConfiguration { + pkgs = nixpkgs.legacyPackages."x86_64-linux"; + extraSpecialArgs = { + inherit inputs outputs; + hostname = "m3-daedalus"; + }; + modules = [./home/m3tam3re/m3-daedalus.nix]; + }; + }; devShells.x86_64-linux.infraShell = let pkgs = nixpkgs.legacyPackages.x86_64-linux; in diff --git a/home/features/cli/nushell.nix b/home/features/cli/nushell.nix index 7fd8829..381d946 100644 --- a/home/features/cli/nushell.nix +++ b/home/features/cli/nushell.nix @@ -20,6 +20,8 @@ in { $env.TERMINAL = "kitty" $env.EDITOR = "nvim" $env.VISUAL = "zed" + $env.FZF_DEFAULT_COMMAND = "fd --type f --exclude .git --follow --hidden" + $env.FZF_DEFAULT_OPTS = "--preview='bat --color=always -n {}' --bind 'ctrl-/:toggle-preview' --header 'Press CTRL-Y to copy command into clipboard' --bind 'ctrl-/:toggle-preview' --bind 'ctrl-y:execute-silent(echo -n {2..} | wl-copy)+abort' --color bg:#282a36,bg+:#44475a,fg:#f8f8f2,fg+:#f8f8f2,header:#6272a4,hl:#bd93f9,hl+:#bd93f9,info:#ffb86c,marker:#ff79c6,pointer:#ff79c6,prompt:#50fa7b,spinner:#ffb86c" $env.XDG_DATA_HOME = $"($env.HOME)/.local/share" $env.FZF_DEFAULT_COMMAND = "fd --type f --exclude .git --follow --hidden" $env.SSH_AUTH_SOCK = "/run/user/1000/gnupg/S.gpg-agent.ssh" diff --git a/home/features/coding/default.nix b/home/features/coding/default.nix index 467fcf8..3a87f1d 100644 --- a/home/features/coding/default.nix +++ b/home/features/coding/default.nix @@ -9,7 +9,6 @@ # Scientific packages numba numpy - openai-whisper torch srt ])) diff --git a/home/features/desktop/coding.nix b/home/features/desktop/coding.nix index d3c12d5..e3d25ab 100644 --- a/home/features/desktop/coding.nix +++ b/home/features/desktop/coding.nix @@ -5,7 +5,7 @@ ... }: with lib; let - cfg = config.features.desktop.office; + cfg = config.features.desktop.coding; in { options.features.desktop.coding.enable = mkEnableOption "install coding related stuff"; @@ -18,98 +18,98 @@ in { programs.zed-editor = { enable = true; - # userSettings = { - # features = { - # inline_prediction_provider = "zed"; - # edit_prediction_provider = "zed"; - # copilot = false; - # }; - # telemetry = { - # metrics = false; - # }; - # lsp = { - # rust_analyzer = { - # binary = {path_lookup = true;}; - # }; - # }; - # languages = { - # Nix = { - # language_servers = ["nixd"]; - # formatter = { - # external = { - # command = "alejandra"; - # arguments = ["-q" "-"]; - # }; - # }; - # }; - # Python = { - # language_servers = ["pyright"]; - # formatter = { - # external = { - # command = "black"; - # arguments = ["-"]; - # }; - # }; - # }; - # }; - # context_servers = { - # "some-context-server" = { - # command = { - # path = "some-command"; - # args = ["arg-1" "arg-2"]; - # env = {}; - # }; - # settings = {}; - # }; - # }; - # assistant = { - # version = "2"; - # default_model = { - # provider = "anthropic"; - # model = "Claude 3.7 Sonnet"; - # }; - # }; - # language_models = { - # anthropic = { - # version = "1"; - # api_url = "https://api.anthropic.com"; - # }; - # openai = { - # version = "1"; - # api_url = "https://api.openai.com/v1"; - # }; - # ollama = { - # api_url = "http://localhost:11434"; - # }; - # }; - # ssh_connections = [ - # { - # host = "152.53.85.162"; - # nickname = "m3-atlas"; - # args = ["-i" "~/.ssh/m3tam3re"]; - # } - # { - # host = "95.217.189.186"; - # port = 2222; - # nickname = "self-host-playbook"; - # args = ["-i" "~/.ssh/self-host-playbook"]; - # "projects" = [ - # { - # paths = ["/etc/nixos/current-systemconfig"]; - # } - # ]; - # } - # ]; - # auto_update = false; - # format_on_save = "on"; - # vim_mode = true; - # load_direnv = "shell_hook"; - # theme = "Dracula"; - # buffer_font_family = "FiraCode Nerd Font"; - # ui_font_size = 16; - # buffer_font_size = 16; - # show_edit_predictions = true; - # }; + userSettings = { + features = { + inline_prediction_provider = "zed"; + edit_prediction_provider = "zed"; + copilot = false; + }; + telemetry = { + metrics = false; + }; + lsp = { + rust_analyzer = { + binary = {path_lookup = true;}; + }; + }; + languages = { + Nix = { + language_servers = ["nixd"]; + formatter = { + external = { + command = "alejandra"; + arguments = ["-q" "-"]; + }; + }; + }; + Python = { + language_servers = ["pyright"]; + formatter = { + external = { + command = "black"; + arguments = ["-"]; + }; + }; + }; + }; + context_servers = { + "some-context-server" = { + command = { + path = "some-command"; + args = ["arg-1" "arg-2"]; + env = {}; + }; + settings = {}; + }; + }; + assistant = { + version = "2"; + default_model = { + provider = "anthropic"; + model = "Claude 3.7 Sonnet"; + }; + }; + language_models = { + anthropic = { + version = "1"; + api_url = "https://api.anthropic.com"; + }; + openai = { + version = "1"; + api_url = "https://api.openai.com/v1"; + }; + ollama = { + api_url = "http://localhost:11434"; + }; + }; + ssh_connections = [ + { + host = "152.53.85.162"; + nickname = "m3-atlas"; + args = ["-i" "~/.ssh/m3tam3re"]; + } + { + host = "95.217.189.186"; + port = 2222; + nickname = "self-host-playbook"; + args = ["-i" "~/.ssh/self-host-playbook"]; + "projects" = [ + { + paths = ["/etc/nixos/current-systemconfig"]; + } + ]; + } + ]; + auto_update = false; + format_on_save = "on"; + vim_mode = true; + load_direnv = "shell_hook"; + theme = "Dracula"; + buffer_font_family = "FiraCode Nerd Font"; + ui_font_size = 16; + buffer_font_size = 16; + show_edit_predictions = true; + }; + }; }; - }; } diff --git a/home/m3tam3re/m3-aether.nix b/home/m3tam3re/m3-aether.nix index 153bbe7..0f6c41d 100644 --- a/home/m3tam3re/m3-aether.nix +++ b/home/m3tam3re/m3-aether.nix @@ -8,7 +8,7 @@ features = { cli = { fish.enable = true; - skim.enable = true; + fzf.enable = true; nitch.enable = true; secrets.enable = false; starship.enable = true; diff --git a/home/m3tam3re/m3-atlas.nix b/home/m3tam3re/m3-atlas.nix index cfb6428..0961992 100644 --- a/home/m3tam3re/m3-atlas.nix +++ b/home/m3tam3re/m3-atlas.nix @@ -8,7 +8,7 @@ features = { cli = { nushell.enable = true; - skim.enable = true; + fzf.enable = true; nitch.enable = true; secrets.enable = false; starship.enable = true; diff --git a/home/m3tam3re/m3-daedalus.nix b/home/m3tam3re/m3-daedalus.nix new file mode 100644 index 0000000..b5ab2c5 --- /dev/null +++ b/home/m3tam3re/m3-daedalus.nix @@ -0,0 +1,102 @@ +{ + config, + lib, + ... +}: +with lib; let + cfg = config.features.desktop.hyprland; +in { + imports = [ + ../common + ./dotfiles + ./home.nix + ../features/cli + ../features/coding + ../features/desktop + #./services/librechat.nix + ]; + + options.features.desktop.hyprland.enable = + mkEnableOption "enable Hyprland"; + + config = mkMerge [ + # Base configuration + { + xdg = { + # TODO: better structure + enable = true; + configFile."mimeapps.list".force = true; + mimeApps = { + enable = true; + associations.added = { + "application/zip" = ["org.gnome.FileRoller.desktop"]; + "application/csv" = ["calc.desktop"]; + "application/pdf" = ["vivaldi-stable.desktop"]; + "x-scheme-handler/http" = ["vivaldi-stable.desktop"]; + "x-scheme-handler/https" = ["vivaldi-stable.desktop"]; + }; + defaultApplications = { + "application/zip" = ["org.gnome.FileRoller.desktop"]; + "application/csv" = ["calc.desktop"]; + "application/pdf" = ["vivaldi-stable.desktop"]; + "application/md" = ["dev.zed.Zed.desktop"]; + "application/text" = ["dev.zed.Zed.desktop"]; + "x-scheme-handler/http" = ["vivaldi-stable.desktop"]; + "x-scheme-handler/https" = ["vivaldi-stable.desktop"]; + }; + }; + }; + features = { + cli = { + fish.enable = true; + nushell.enable = true; + fzf.enable = true; + nitch.enable = true; + secrets.enable = true; + starship.enable = true; + }; + desktop = { + coding.enable = true; + crypto.enable = false; + gaming.enable = false; + hyprland.enable = false; + media.enable = true; + office.enable = false; + rofi.enable = true; + fonts.enable = true; + wayland.enable = false; + }; + }; + } + + (mkIf cfg.enable { + wayland.windowManager.hyprland = { + enable = true; + settings = { + monitor = [ + "eDP-1,preferred,0x0,1.25" + "HDMI-A-1,preferred,2560x0,1" + ]; + workspace = [ + "1, monitor:eDP-1, default:true" + "2, monitor:eDP-1" + "3, monitor:eDP-1" + "4, monitor:HDMI-A-1" + "5, monitor:HDMI-A-1,border:false,rounding:false" + "6, monitor:HDMI-A-1" + ]; + windowrule = [ + "workspace 1,class:dev.zed.Zed" + "workspace 1,class:Msty" + "workspace 2,class:(com.obsproject.Studio)" + "workspace 4,opacity 1.0, class:(brave-browser)" + "workspace 4,opacity 1.0, class:(vivaldi-stable)" + "fullscreen,class:^steam_app_\\d+$" + "workspace 5,class:^steam_app_\\d+$" + "idleinhibit focus, class:^steam_app_\\d+$" + ]; + }; + }; + }) + ]; +} diff --git a/home/m3tam3re/m3-helios.nix b/home/m3tam3re/m3-helios.nix index 153bbe7..0f6c41d 100644 --- a/home/m3tam3re/m3-helios.nix +++ b/home/m3tam3re/m3-helios.nix @@ -8,7 +8,7 @@ features = { cli = { fish.enable = true; - skim.enable = true; + fzf.enable = true; nitch.enable = true; secrets.enable = false; starship.enable = true; diff --git a/hosts/m3-aether/services/cloud-init.nix b/hosts/m3-aether/services/cloud-init.nix index e69de29..5bf395e 100644 --- a/hosts/m3-aether/services/cloud-init.nix +++ b/hosts/m3-aether/services/cloud-init.nix @@ -0,0 +1,7 @@ +{ + services.cloud-init = { + enable = true; + ext4.enable = true; + network.enable = true; + }; +} diff --git a/hosts/m3-atlas/secrets.nix b/hosts/m3-atlas/secrets.nix index 97412ca..379d61e 100644 --- a/hosts/m3-atlas/secrets.nix +++ b/hosts/m3-atlas/secrets.nix @@ -7,6 +7,13 @@ ghost-env = { file = ../../secrets/ghost-env.age; }; + kestra-config = { + file = ../../secrets/kestra-config.age; + mode = "644"; + }; + kestra-env = { + file = ../../secrets/kestra-env.age; + }; littlelink-m3tam3re = { file = ../../secrets/littlelink-m3tam3re.age; }; diff --git a/hosts/m3-atlas/services/containers/default.nix b/hosts/m3-atlas/services/containers/default.nix index 915bb41..6b38c84 100644 --- a/hosts/m3-atlas/services/containers/default.nix +++ b/hosts/m3-atlas/services/containers/default.nix @@ -2,6 +2,7 @@ imports = [ ./baserow.nix ./ghost.nix + ./kestra.nix ./littlelink.nix ./matomo.nix # ./n8n.nix diff --git a/hosts/m3-atlas/services/containers/kestra.nix b/hosts/m3-atlas/services/containers/kestra.nix new file mode 100644 index 0000000..87ceb79 --- /dev/null +++ b/hosts/m3-atlas/services/containers/kestra.nix @@ -0,0 +1,34 @@ +{ config, ... }: { + virtualisation.oci-containers.containers."kestra" = { + image = "docker.io/kestra/kestra:latest"; + environmentFiles = [ config.age.secrets.kestra-env.path ]; + cmd = [ "server" "standalone" "--config" "/etc/config/application.yaml"]; + ports = [ "127.0.0.1:3018:8080" ]; + user = "root"; + volumes = [ + "/var/run/docker.sock:/var/run/docker.sock" + "${config.age.secrets.kestra-config.path}:/etc/config/application.yaml" + "kestra_data:/app/storage" + "/tmp/kestra-wd:/tmp/kestra-wd" + ]; + extraOptions = + [ "--add-host=postgres:10.89.0.1" "--ip=10.89.0.18" "--network=web" ]; + }; + + systemd.tmpfiles.rules = [ + "d /tmp/kestra-wd 0750 1000 1000 - -" + ]; + + # Traefik configuration specific to littlelink + services.traefik.dynamicConfigOptions.http = { + services.kestra.loadBalancer.servers = + [{ url = "http://localhost:3018/"; }]; + + routers.kestra = { + rule = "Host(`k.m3ta.dev`)"; + tls = { certResolver = "godaddy"; }; + service = "kestra"; + entrypoints = "websecure"; + }; + }; +} diff --git a/hosts/m3-atlas/services/postgres.nix b/hosts/m3-atlas/services/postgres.nix index c61805a..3c82f01 100644 --- a/hosts/m3-atlas/services/postgres.nix +++ b/hosts/m3-atlas/services/postgres.nix @@ -19,6 +19,7 @@ # Podman network connections for Baserow host baserow baserow 10.89.0.0/24 scram-sha-256 + host kestra kestra 10.89.0.0/24 scram-sha-256 # Deny all other connections local all all reject @@ -29,7 +30,7 @@ services.postgresqlBackup = { enable = true; startAt = "03:10:00"; - databases = ["baserow" "paperless"]; + databases = ["baserow" "paperless" "kestra"]; }; networking.firewall = { extraCommands = '' diff --git a/hosts/m3-atlas/services/tailscale.nix b/hosts/m3-atlas/services/tailscale.nix index ae948e9..7fc3a64 100644 --- a/hosts/m3-atlas/services/tailscale.nix +++ b/hosts/m3-atlas/services/tailscale.nix @@ -20,7 +20,7 @@ onState = ["routable"]; script = '' NETDEV=$(ip -o route get 8.8.8.8 | cut -f 5 -d " ") - ${pkgs.ethtool}/bin/ethtool -K $NETDEV rx-udp-gro-forwarding on rx-gro-list off + ${pkgs.ethtool}/bin/ethtool -K "$NETDEV" rx-udp-gro-forwarding on rx-gro-list off ''; }; }; diff --git a/hosts/m3-hermes/default.nix b/hosts/m3-hermes/default.nix index 03dddc4..e723cb4 100644 --- a/hosts/m3-hermes/default.nix +++ b/hosts/m3-hermes/default.nix @@ -5,8 +5,6 @@ system.stateVersion = "24.11"; - networking.hostName = "m3-hermes"; - services.cloud-init = { enable = true; }; @@ -25,8 +23,4 @@ systemd.network.enable = true; console.keyMap = "us"; - - # Bootloader - boot.loader.grub.enable = true; - boot.loader.grub.device = "/dev/sda"; } diff --git a/secrets.nix b/secrets.nix index c3546cf..6dd6ba5 100644 --- a/secrets.nix +++ b/secrets.nix @@ -22,6 +22,8 @@ in { "secrets/ghost-env.age".publicKeys = systems ++ users; "secrets/littlelink-m3tam3re.age".publicKeys = systems ++ users; "secrets/m3tam3re-secrets.age".publicKeys = systems ++ users; + "secrets/kestra-config.age".publicKeys = systems ++ users; + "secrets/kestra-env.age".publicKeys = systems ++ users; "secrets/minio-root-cred.age".publicKeys = systems ++ users; "secrets/n8n-env.age".publicKeys = systems ++ users; "secrets/paperless-key.age".publicKeys = systems ++ users; diff --git a/secrets/kestra-config.age b/secrets/kestra-config.age new file mode 100644 index 0000000..d35b925 Binary files /dev/null and b/secrets/kestra-config.age differ diff --git a/secrets/kestra-env.age b/secrets/kestra-env.age new file mode 100644 index 0000000..1249c73 Binary files /dev/null and b/secrets/kestra-env.age differ