+m3-daedalus
This commit is contained in:
Sascha Koenig
parent
8c9860674b
commit
a11ee7ee02
11
flake.nix
11
flake.nix
@ -124,7 +124,16 @@
|
|||||||
];
|
];
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
homeConfigurations = {
|
||||||
|
"m3tam3re@m3-daedalus" = home-manager.lib.homeManagerConfiguration {
|
||||||
|
pkgs = nixpkgs.legacyPackages."x86_64-linux";
|
||||||
|
extraSpecialArgs = {
|
||||||
|
inherit inputs outputs;
|
||||||
|
hostname = "m3-daedalus";
|
||||||
|
};
|
||||||
|
modules = [./home/m3tam3re/m3-daedalus.nix];
|
||||||
|
};
|
||||||
|
};
|
||||||
devShells.x86_64-linux.infraShell = let
|
devShells.x86_64-linux.infraShell = let
|
||||||
pkgs = nixpkgs.legacyPackages.x86_64-linux;
|
pkgs = nixpkgs.legacyPackages.x86_64-linux;
|
||||||
in
|
in
|
||||||
|
|||||||
@ -20,6 +20,8 @@ in {
|
|||||||
$env.TERMINAL = "kitty"
|
$env.TERMINAL = "kitty"
|
||||||
$env.EDITOR = "nvim"
|
$env.EDITOR = "nvim"
|
||||||
$env.VISUAL = "zed"
|
$env.VISUAL = "zed"
|
||||||
|
$env.FZF_DEFAULT_COMMAND = "fd --type f --exclude .git --follow --hidden"
|
||||||
|
$env.FZF_DEFAULT_OPTS = "--preview='bat --color=always -n {}' --bind 'ctrl-/:toggle-preview' --header 'Press CTRL-Y to copy command into clipboard' --bind 'ctrl-/:toggle-preview' --bind 'ctrl-y:execute-silent(echo -n {2..} | wl-copy)+abort' --color bg:#282a36,bg+:#44475a,fg:#f8f8f2,fg+:#f8f8f2,header:#6272a4,hl:#bd93f9,hl+:#bd93f9,info:#ffb86c,marker:#ff79c6,pointer:#ff79c6,prompt:#50fa7b,spinner:#ffb86c"
|
||||||
$env.XDG_DATA_HOME = $"($env.HOME)/.local/share"
|
$env.XDG_DATA_HOME = $"($env.HOME)/.local/share"
|
||||||
$env.FZF_DEFAULT_COMMAND = "fd --type f --exclude .git --follow --hidden"
|
$env.FZF_DEFAULT_COMMAND = "fd --type f --exclude .git --follow --hidden"
|
||||||
$env.SSH_AUTH_SOCK = "/run/user/1000/gnupg/S.gpg-agent.ssh"
|
$env.SSH_AUTH_SOCK = "/run/user/1000/gnupg/S.gpg-agent.ssh"
|
||||||
|
|||||||
@ -9,7 +9,6 @@
|
|||||||
# Scientific packages
|
# Scientific packages
|
||||||
numba
|
numba
|
||||||
numpy
|
numpy
|
||||||
openai-whisper
|
|
||||||
torch
|
torch
|
||||||
srt
|
srt
|
||||||
]))
|
]))
|
||||||
|
|||||||
@ -5,7 +5,7 @@
|
|||||||
...
|
...
|
||||||
}:
|
}:
|
||||||
with lib; let
|
with lib; let
|
||||||
cfg = config.features.desktop.office;
|
cfg = config.features.desktop.coding;
|
||||||
in {
|
in {
|
||||||
options.features.desktop.coding.enable =
|
options.features.desktop.coding.enable =
|
||||||
mkEnableOption "install coding related stuff";
|
mkEnableOption "install coding related stuff";
|
||||||
@ -18,98 +18,98 @@ in {
|
|||||||
|
|
||||||
programs.zed-editor = {
|
programs.zed-editor = {
|
||||||
enable = true;
|
enable = true;
|
||||||
# userSettings = {
|
userSettings = {
|
||||||
# features = {
|
features = {
|
||||||
# inline_prediction_provider = "zed";
|
inline_prediction_provider = "zed";
|
||||||
# edit_prediction_provider = "zed";
|
edit_prediction_provider = "zed";
|
||||||
# copilot = false;
|
copilot = false;
|
||||||
# };
|
};
|
||||||
# telemetry = {
|
telemetry = {
|
||||||
# metrics = false;
|
metrics = false;
|
||||||
# };
|
};
|
||||||
# lsp = {
|
lsp = {
|
||||||
# rust_analyzer = {
|
rust_analyzer = {
|
||||||
# binary = {path_lookup = true;};
|
binary = {path_lookup = true;};
|
||||||
# };
|
};
|
||||||
# };
|
};
|
||||||
# languages = {
|
languages = {
|
||||||
# Nix = {
|
Nix = {
|
||||||
# language_servers = ["nixd"];
|
language_servers = ["nixd"];
|
||||||
# formatter = {
|
formatter = {
|
||||||
# external = {
|
external = {
|
||||||
# command = "alejandra";
|
command = "alejandra";
|
||||||
# arguments = ["-q" "-"];
|
arguments = ["-q" "-"];
|
||||||
# };
|
};
|
||||||
# };
|
};
|
||||||
# };
|
};
|
||||||
# Python = {
|
Python = {
|
||||||
# language_servers = ["pyright"];
|
language_servers = ["pyright"];
|
||||||
# formatter = {
|
formatter = {
|
||||||
# external = {
|
external = {
|
||||||
# command = "black";
|
command = "black";
|
||||||
# arguments = ["-"];
|
arguments = ["-"];
|
||||||
# };
|
};
|
||||||
# };
|
};
|
||||||
# };
|
};
|
||||||
# };
|
};
|
||||||
# context_servers = {
|
context_servers = {
|
||||||
# "some-context-server" = {
|
"some-context-server" = {
|
||||||
# command = {
|
command = {
|
||||||
# path = "some-command";
|
path = "some-command";
|
||||||
# args = ["arg-1" "arg-2"];
|
args = ["arg-1" "arg-2"];
|
||||||
# env = {};
|
env = {};
|
||||||
# };
|
};
|
||||||
# settings = {};
|
settings = {};
|
||||||
# };
|
};
|
||||||
# };
|
};
|
||||||
# assistant = {
|
assistant = {
|
||||||
# version = "2";
|
version = "2";
|
||||||
# default_model = {
|
default_model = {
|
||||||
# provider = "anthropic";
|
provider = "anthropic";
|
||||||
# model = "Claude 3.7 Sonnet";
|
model = "Claude 3.7 Sonnet";
|
||||||
# };
|
};
|
||||||
# };
|
};
|
||||||
# language_models = {
|
language_models = {
|
||||||
# anthropic = {
|
anthropic = {
|
||||||
# version = "1";
|
version = "1";
|
||||||
# api_url = "https://api.anthropic.com";
|
api_url = "https://api.anthropic.com";
|
||||||
# };
|
};
|
||||||
# openai = {
|
openai = {
|
||||||
# version = "1";
|
version = "1";
|
||||||
# api_url = "https://api.openai.com/v1";
|
api_url = "https://api.openai.com/v1";
|
||||||
# };
|
};
|
||||||
# ollama = {
|
ollama = {
|
||||||
# api_url = "http://localhost:11434";
|
api_url = "http://localhost:11434";
|
||||||
# };
|
};
|
||||||
# };
|
};
|
||||||
# ssh_connections = [
|
ssh_connections = [
|
||||||
# {
|
{
|
||||||
# host = "152.53.85.162";
|
host = "152.53.85.162";
|
||||||
# nickname = "m3-atlas";
|
nickname = "m3-atlas";
|
||||||
# args = ["-i" "~/.ssh/m3tam3re"];
|
args = ["-i" "~/.ssh/m3tam3re"];
|
||||||
# }
|
}
|
||||||
# {
|
{
|
||||||
# host = "95.217.189.186";
|
host = "95.217.189.186";
|
||||||
# port = 2222;
|
port = 2222;
|
||||||
# nickname = "self-host-playbook";
|
nickname = "self-host-playbook";
|
||||||
# args = ["-i" "~/.ssh/self-host-playbook"];
|
args = ["-i" "~/.ssh/self-host-playbook"];
|
||||||
# "projects" = [
|
"projects" = [
|
||||||
# {
|
{
|
||||||
# paths = ["/etc/nixos/current-systemconfig"];
|
paths = ["/etc/nixos/current-systemconfig"];
|
||||||
# }
|
}
|
||||||
# ];
|
];
|
||||||
# }
|
}
|
||||||
# ];
|
];
|
||||||
# auto_update = false;
|
auto_update = false;
|
||||||
# format_on_save = "on";
|
format_on_save = "on";
|
||||||
# vim_mode = true;
|
vim_mode = true;
|
||||||
# load_direnv = "shell_hook";
|
load_direnv = "shell_hook";
|
||||||
# theme = "Dracula";
|
theme = "Dracula";
|
||||||
# buffer_font_family = "FiraCode Nerd Font";
|
buffer_font_family = "FiraCode Nerd Font";
|
||||||
# ui_font_size = 16;
|
ui_font_size = 16;
|
||||||
# buffer_font_size = 16;
|
buffer_font_size = 16;
|
||||||
# show_edit_predictions = true;
|
show_edit_predictions = true;
|
||||||
# };
|
};
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|||||||
@ -8,7 +8,7 @@
|
|||||||
features = {
|
features = {
|
||||||
cli = {
|
cli = {
|
||||||
fish.enable = true;
|
fish.enable = true;
|
||||||
skim.enable = true;
|
fzf.enable = true;
|
||||||
nitch.enable = true;
|
nitch.enable = true;
|
||||||
secrets.enable = false;
|
secrets.enable = false;
|
||||||
starship.enable = true;
|
starship.enable = true;
|
||||||
|
|||||||
@ -8,7 +8,7 @@
|
|||||||
features = {
|
features = {
|
||||||
cli = {
|
cli = {
|
||||||
nushell.enable = true;
|
nushell.enable = true;
|
||||||
skim.enable = true;
|
fzf.enable = true;
|
||||||
nitch.enable = true;
|
nitch.enable = true;
|
||||||
secrets.enable = false;
|
secrets.enable = false;
|
||||||
starship.enable = true;
|
starship.enable = true;
|
||||||
|
|||||||
102
home/m3tam3re/m3-daedalus.nix
Normal file
102
home/m3tam3re/m3-daedalus.nix
Normal file
@ -0,0 +1,102 @@
|
|||||||
|
{
|
||||||
|
config,
|
||||||
|
lib,
|
||||||
|
...
|
||||||
|
}:
|
||||||
|
with lib; let
|
||||||
|
cfg = config.features.desktop.hyprland;
|
||||||
|
in {
|
||||||
|
imports = [
|
||||||
|
../common
|
||||||
|
./dotfiles
|
||||||
|
./home.nix
|
||||||
|
../features/cli
|
||||||
|
../features/coding
|
||||||
|
../features/desktop
|
||||||
|
#./services/librechat.nix
|
||||||
|
];
|
||||||
|
|
||||||
|
options.features.desktop.hyprland.enable =
|
||||||
|
mkEnableOption "enable Hyprland";
|
||||||
|
|
||||||
|
config = mkMerge [
|
||||||
|
# Base configuration
|
||||||
|
{
|
||||||
|
xdg = {
|
||||||
|
# TODO: better structure
|
||||||
|
enable = true;
|
||||||
|
configFile."mimeapps.list".force = true;
|
||||||
|
mimeApps = {
|
||||||
|
enable = true;
|
||||||
|
associations.added = {
|
||||||
|
"application/zip" = ["org.gnome.FileRoller.desktop"];
|
||||||
|
"application/csv" = ["calc.desktop"];
|
||||||
|
"application/pdf" = ["vivaldi-stable.desktop"];
|
||||||
|
"x-scheme-handler/http" = ["vivaldi-stable.desktop"];
|
||||||
|
"x-scheme-handler/https" = ["vivaldi-stable.desktop"];
|
||||||
|
};
|
||||||
|
defaultApplications = {
|
||||||
|
"application/zip" = ["org.gnome.FileRoller.desktop"];
|
||||||
|
"application/csv" = ["calc.desktop"];
|
||||||
|
"application/pdf" = ["vivaldi-stable.desktop"];
|
||||||
|
"application/md" = ["dev.zed.Zed.desktop"];
|
||||||
|
"application/text" = ["dev.zed.Zed.desktop"];
|
||||||
|
"x-scheme-handler/http" = ["vivaldi-stable.desktop"];
|
||||||
|
"x-scheme-handler/https" = ["vivaldi-stable.desktop"];
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
features = {
|
||||||
|
cli = {
|
||||||
|
fish.enable = true;
|
||||||
|
nushell.enable = true;
|
||||||
|
fzf.enable = true;
|
||||||
|
nitch.enable = true;
|
||||||
|
secrets.enable = true;
|
||||||
|
starship.enable = true;
|
||||||
|
};
|
||||||
|
desktop = {
|
||||||
|
coding.enable = true;
|
||||||
|
crypto.enable = false;
|
||||||
|
gaming.enable = false;
|
||||||
|
hyprland.enable = false;
|
||||||
|
media.enable = true;
|
||||||
|
office.enable = false;
|
||||||
|
rofi.enable = true;
|
||||||
|
fonts.enable = true;
|
||||||
|
wayland.enable = false;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
||||||
|
|
||||||
|
(mkIf cfg.enable {
|
||||||
|
wayland.windowManager.hyprland = {
|
||||||
|
enable = true;
|
||||||
|
settings = {
|
||||||
|
monitor = [
|
||||||
|
"eDP-1,preferred,0x0,1.25"
|
||||||
|
"HDMI-A-1,preferred,2560x0,1"
|
||||||
|
];
|
||||||
|
workspace = [
|
||||||
|
"1, monitor:eDP-1, default:true"
|
||||||
|
"2, monitor:eDP-1"
|
||||||
|
"3, monitor:eDP-1"
|
||||||
|
"4, monitor:HDMI-A-1"
|
||||||
|
"5, monitor:HDMI-A-1,border:false,rounding:false"
|
||||||
|
"6, monitor:HDMI-A-1"
|
||||||
|
];
|
||||||
|
windowrule = [
|
||||||
|
"workspace 1,class:dev.zed.Zed"
|
||||||
|
"workspace 1,class:Msty"
|
||||||
|
"workspace 2,class:(com.obsproject.Studio)"
|
||||||
|
"workspace 4,opacity 1.0, class:(brave-browser)"
|
||||||
|
"workspace 4,opacity 1.0, class:(vivaldi-stable)"
|
||||||
|
"fullscreen,class:^steam_app_\\d+$"
|
||||||
|
"workspace 5,class:^steam_app_\\d+$"
|
||||||
|
"idleinhibit focus, class:^steam_app_\\d+$"
|
||||||
|
];
|
||||||
|
};
|
||||||
|
};
|
||||||
|
})
|
||||||
|
];
|
||||||
|
}
|
||||||
@ -8,7 +8,7 @@
|
|||||||
features = {
|
features = {
|
||||||
cli = {
|
cli = {
|
||||||
fish.enable = true;
|
fish.enable = true;
|
||||||
skim.enable = true;
|
fzf.enable = true;
|
||||||
nitch.enable = true;
|
nitch.enable = true;
|
||||||
secrets.enable = false;
|
secrets.enable = false;
|
||||||
starship.enable = true;
|
starship.enable = true;
|
||||||
|
|||||||
@ -0,0 +1,7 @@
|
|||||||
|
{
|
||||||
|
services.cloud-init = {
|
||||||
|
enable = true;
|
||||||
|
ext4.enable = true;
|
||||||
|
network.enable = true;
|
||||||
|
};
|
||||||
|
}
|
||||||
@ -7,6 +7,13 @@
|
|||||||
ghost-env = {
|
ghost-env = {
|
||||||
file = ../../secrets/ghost-env.age;
|
file = ../../secrets/ghost-env.age;
|
||||||
};
|
};
|
||||||
|
kestra-config = {
|
||||||
|
file = ../../secrets/kestra-config.age;
|
||||||
|
mode = "644";
|
||||||
|
};
|
||||||
|
kestra-env = {
|
||||||
|
file = ../../secrets/kestra-env.age;
|
||||||
|
};
|
||||||
littlelink-m3tam3re = {
|
littlelink-m3tam3re = {
|
||||||
file = ../../secrets/littlelink-m3tam3re.age;
|
file = ../../secrets/littlelink-m3tam3re.age;
|
||||||
};
|
};
|
||||||
|
|||||||
@ -2,6 +2,7 @@
|
|||||||
imports = [
|
imports = [
|
||||||
./baserow.nix
|
./baserow.nix
|
||||||
./ghost.nix
|
./ghost.nix
|
||||||
|
./kestra.nix
|
||||||
./littlelink.nix
|
./littlelink.nix
|
||||||
./matomo.nix
|
./matomo.nix
|
||||||
# ./n8n.nix
|
# ./n8n.nix
|
||||||
|
|||||||
34
hosts/m3-atlas/services/containers/kestra.nix
Normal file
34
hosts/m3-atlas/services/containers/kestra.nix
Normal file
@ -0,0 +1,34 @@
|
|||||||
|
{ config, ... }: {
|
||||||
|
virtualisation.oci-containers.containers."kestra" = {
|
||||||
|
image = "docker.io/kestra/kestra:latest";
|
||||||
|
environmentFiles = [ config.age.secrets.kestra-env.path ];
|
||||||
|
cmd = [ "server" "standalone" "--config" "/etc/config/application.yaml"];
|
||||||
|
ports = [ "127.0.0.1:3018:8080" ];
|
||||||
|
user = "root";
|
||||||
|
volumes = [
|
||||||
|
"/var/run/docker.sock:/var/run/docker.sock"
|
||||||
|
"${config.age.secrets.kestra-config.path}:/etc/config/application.yaml"
|
||||||
|
"kestra_data:/app/storage"
|
||||||
|
"/tmp/kestra-wd:/tmp/kestra-wd"
|
||||||
|
];
|
||||||
|
extraOptions =
|
||||||
|
[ "--add-host=postgres:10.89.0.1" "--ip=10.89.0.18" "--network=web" ];
|
||||||
|
};
|
||||||
|
|
||||||
|
systemd.tmpfiles.rules = [
|
||||||
|
"d /tmp/kestra-wd 0750 1000 1000 - -"
|
||||||
|
];
|
||||||
|
|
||||||
|
# Traefik configuration specific to littlelink
|
||||||
|
services.traefik.dynamicConfigOptions.http = {
|
||||||
|
services.kestra.loadBalancer.servers =
|
||||||
|
[{ url = "http://localhost:3018/"; }];
|
||||||
|
|
||||||
|
routers.kestra = {
|
||||||
|
rule = "Host(`k.m3ta.dev`)";
|
||||||
|
tls = { certResolver = "godaddy"; };
|
||||||
|
service = "kestra";
|
||||||
|
entrypoints = "websecure";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
||||||
@ -19,6 +19,7 @@
|
|||||||
|
|
||||||
# Podman network connections for Baserow
|
# Podman network connections for Baserow
|
||||||
host baserow baserow 10.89.0.0/24 scram-sha-256
|
host baserow baserow 10.89.0.0/24 scram-sha-256
|
||||||
|
host kestra kestra 10.89.0.0/24 scram-sha-256
|
||||||
|
|
||||||
# Deny all other connections
|
# Deny all other connections
|
||||||
local all all reject
|
local all all reject
|
||||||
@ -29,7 +30,7 @@
|
|||||||
services.postgresqlBackup = {
|
services.postgresqlBackup = {
|
||||||
enable = true;
|
enable = true;
|
||||||
startAt = "03:10:00";
|
startAt = "03:10:00";
|
||||||
databases = ["baserow" "paperless"];
|
databases = ["baserow" "paperless" "kestra"];
|
||||||
};
|
};
|
||||||
networking.firewall = {
|
networking.firewall = {
|
||||||
extraCommands = ''
|
extraCommands = ''
|
||||||
|
|||||||
@ -20,7 +20,7 @@
|
|||||||
onState = ["routable"];
|
onState = ["routable"];
|
||||||
script = ''
|
script = ''
|
||||||
NETDEV=$(ip -o route get 8.8.8.8 | cut -f 5 -d " ")
|
NETDEV=$(ip -o route get 8.8.8.8 | cut -f 5 -d " ")
|
||||||
${pkgs.ethtool}/bin/ethtool -K $NETDEV rx-udp-gro-forwarding on rx-gro-list off
|
${pkgs.ethtool}/bin/ethtool -K "$NETDEV" rx-udp-gro-forwarding on rx-gro-list off
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|||||||
@ -5,8 +5,6 @@
|
|||||||
|
|
||||||
system.stateVersion = "24.11";
|
system.stateVersion = "24.11";
|
||||||
|
|
||||||
networking.hostName = "m3-hermes";
|
|
||||||
|
|
||||||
services.cloud-init = {
|
services.cloud-init = {
|
||||||
enable = true;
|
enable = true;
|
||||||
};
|
};
|
||||||
@ -25,8 +23,4 @@
|
|||||||
systemd.network.enable = true;
|
systemd.network.enable = true;
|
||||||
|
|
||||||
console.keyMap = "us";
|
console.keyMap = "us";
|
||||||
|
|
||||||
# Bootloader
|
|
||||||
boot.loader.grub.enable = true;
|
|
||||||
boot.loader.grub.device = "/dev/sda";
|
|
||||||
}
|
}
|
||||||
|
|||||||
@ -22,6 +22,8 @@ in {
|
|||||||
"secrets/ghost-env.age".publicKeys = systems ++ users;
|
"secrets/ghost-env.age".publicKeys = systems ++ users;
|
||||||
"secrets/littlelink-m3tam3re.age".publicKeys = systems ++ users;
|
"secrets/littlelink-m3tam3re.age".publicKeys = systems ++ users;
|
||||||
"secrets/m3tam3re-secrets.age".publicKeys = systems ++ users;
|
"secrets/m3tam3re-secrets.age".publicKeys = systems ++ users;
|
||||||
|
"secrets/kestra-config.age".publicKeys = systems ++ users;
|
||||||
|
"secrets/kestra-env.age".publicKeys = systems ++ users;
|
||||||
"secrets/minio-root-cred.age".publicKeys = systems ++ users;
|
"secrets/minio-root-cred.age".publicKeys = systems ++ users;
|
||||||
"secrets/n8n-env.age".publicKeys = systems ++ users;
|
"secrets/n8n-env.age".publicKeys = systems ++ users;
|
||||||
"secrets/paperless-key.age".publicKeys = systems ++ users;
|
"secrets/paperless-key.age".publicKeys = systems ++ users;
|
||||||
|
|||||||
BIN
secrets/kestra-config.age
Normal file
BIN
secrets/kestra-config.age
Normal file
Binary file not shown.
BIN
secrets/kestra-env.age
Normal file
BIN
secrets/kestra-env.age
Normal file
Binary file not shown.
Loading…
x
Reference in New Issue
Block a user