+m3-daedalus

2025-05-26 11:36:25 +02:00 · 2025-05-26 11:36:25 +02:00 · a11ee7ee02
commit a11ee7ee02
parent 8c9860674b
18 changed files with 265 additions and 107 deletions
--- a/flake.nix
+++ b/flake.nix
@ -124,7 +124,16 @@
        ];
      };
    };
-
+    homeConfigurations = {
+          "m3tam3re@m3-daedalus" = home-manager.lib.homeManagerConfiguration {
+            pkgs = nixpkgs.legacyPackages."x86_64-linux";
+            extraSpecialArgs = {
+              inherit inputs outputs;
+              hostname = "m3-daedalus";
+            };
+            modules = [./home/m3tam3re/m3-daedalus.nix];
+          };
+        };
    devShells.x86_64-linux.infraShell = let
      pkgs = nixpkgs.legacyPackages.x86_64-linux;
    in
--- a/home/features/cli/nushell.nix
+++ b/home/features/cli/nushell.nix
@ -20,6 +20,8 @@ in {
        $env.TERMINAL = "kitty"
        $env.EDITOR = "nvim"
        $env.VISUAL = "zed"
+        $env.FZF_DEFAULT_COMMAND = "fd --type f --exclude .git --follow --hidden"
+        $env.FZF_DEFAULT_OPTS = "--preview='bat --color=always -n {}' --bind 'ctrl-/:toggle-preview' --header 'Press CTRL-Y to copy command into clipboard' --bind 'ctrl-/:toggle-preview' --bind 'ctrl-y:execute-silent(echo -n {2..} | wl-copy)+abort' --color bg:#282a36,bg+:#44475a,fg:#f8f8f2,fg+:#f8f8f2,header:#6272a4,hl:#bd93f9,hl+:#bd93f9,info:#ffb86c,marker:#ff79c6,pointer:#ff79c6,prompt:#50fa7b,spinner:#ffb86c"
        $env.XDG_DATA_HOME = $"($env.HOME)/.local/share"
        $env.FZF_DEFAULT_COMMAND = "fd --type f --exclude .git --follow --hidden"
        $env.SSH_AUTH_SOCK = "/run/user/1000/gnupg/S.gpg-agent.ssh"
--- a/home/features/coding/default.nix
+++ b/home/features/coding/default.nix
@ -9,7 +9,6 @@
        # Scientific packages
        numba
        numpy
-        openai-whisper
        torch
        srt
      ]))
--- a/home/features/desktop/coding.nix
+++ b/home/features/desktop/coding.nix
@ -5,7 +5,7 @@
  ...
 }:
 with lib; let
-  cfg = config.features.desktop.office;
+  cfg = config.features.desktop.coding;
 in {
  options.features.desktop.coding.enable =
    mkEnableOption "install coding related stuff";
@ -18,98 +18,98 @@ in {

    programs.zed-editor = {
      enable = true;
-      # userSettings = {
-      #   features = {
-      #     inline_prediction_provider = "zed";
-      #     edit_prediction_provider = "zed";
-      #     copilot = false;
-      #   };
-      #   telemetry = {
-      #     metrics = false;
-      #   };
-      #   lsp = {
-      #     rust_analyzer = {
-      #       binary = {path_lookup = true;};
-      #     };
-      #   };
-      #   languages = {
-      #     Nix = {
-      #       language_servers = ["nixd"];
-      #       formatter = {
-      #         external = {
-      #           command = "alejandra";
-      #           arguments = ["-q" "-"];
-      #         };
-      #       };
-      #     };
-      #     Python = {
-      #       language_servers = ["pyright"];
-      #       formatter = {
-      #         external = {
-      #           command = "black";
-      #           arguments = ["-"];
-      #         };
-      #       };
-      #     };
-      #   };
-      #   context_servers = {
-      #     "some-context-server" = {
-      #       command = {
-      #         path = "some-command";
-      #         args = ["arg-1" "arg-2"];
-      #         env = {};
-      #       };
-      #       settings = {};
-      #     };
-      #   };
-      #   assistant = {
-      #     version = "2";
-      #     default_model = {
-      #       provider = "anthropic";
-      #       model = "Claude 3.7 Sonnet";
-      #     };
-      #   };
-      #   language_models = {
-      #     anthropic = {
-      #       version = "1";
-      #       api_url = "https://api.anthropic.com";
-      #     };
-      #     openai = {
-      #       version = "1";
-      #       api_url = "https://api.openai.com/v1";
-      #     };
-      #     ollama = {
-      #       api_url = "http://localhost:11434";
-      #     };
-      #   };
-      #   ssh_connections = [
-      #     {
-      #       host = "152.53.85.162";
-      #       nickname = "m3-atlas";
-      #       args = ["-i" "~/.ssh/m3tam3re"];
-      #     }
-      #     {
-      #       host = "95.217.189.186";
-      #       port = 2222;
-      #       nickname = "self-host-playbook";
-      #       args = ["-i" "~/.ssh/self-host-playbook"];
-      #       "projects" = [
-      #         {
-      #           paths = ["/etc/nixos/current-systemconfig"];
-      #         }
-      #       ];
-      #     }
-      #   ];
-      #   auto_update = false;
-      #   format_on_save = "on";
-      #   vim_mode = true;
-      #   load_direnv = "shell_hook";
-      #   theme = "Dracula";
-      #   buffer_font_family = "FiraCode Nerd Font";
-      #   ui_font_size = 16;
-      #   buffer_font_size = 16;
-      #   show_edit_predictions = true;
-      # };
+      userSettings = {
+           features = {
+             inline_prediction_provider = "zed";
+             edit_prediction_provider = "zed";
+             copilot = false;
+           };
+           telemetry = {
+             metrics = false;
+           };
+           lsp = {
+             rust_analyzer = {
+               binary = {path_lookup = true;};
+             };
+           };
+           languages = {
+             Nix = {
+               language_servers = ["nixd"];
+               formatter = {
+                 external = {
+                   command = "alejandra";
+                   arguments = ["-q" "-"];
+                 };
+               };
+             };
+             Python = {
+               language_servers = ["pyright"];
+               formatter = {
+                 external = {
+                   command = "black";
+                   arguments = ["-"];
+                 };
+               };
+             };
+           };
+           context_servers = {
+             "some-context-server" = {
+               command = {
+                 path = "some-command";
+                 args = ["arg-1" "arg-2"];
+                 env = {};
+               };
+               settings = {};
+             };
+           };
+           assistant = {
+             version = "2";
+             default_model = {
+               provider = "anthropic";
+               model = "Claude 3.7 Sonnet";
+             };
+           };
+           language_models = {
+             anthropic = {
+               version = "1";
+               api_url = "https://api.anthropic.com";
+             };
+             openai = {
+               version = "1";
+               api_url = "https://api.openai.com/v1";
+             };
+             ollama = {
+               api_url = "http://localhost:11434";
+             };
+           };
+           ssh_connections = [
+             {
+               host = "152.53.85.162";
+               nickname = "m3-atlas";
+               args = ["-i" "~/.ssh/m3tam3re"];
+             }
+             {
+               host = "95.217.189.186";
+               port = 2222;
+               nickname = "self-host-playbook";
+               args = ["-i" "~/.ssh/self-host-playbook"];
+               "projects" = [
+                 {
+                   paths = ["/etc/nixos/current-systemconfig"];
+                 }
+               ];
+             }
+           ];
+           auto_update = false;
+           format_on_save = "on";
+           vim_mode = true;
+           load_direnv = "shell_hook";
+           theme = "Dracula";
+           buffer_font_family = "FiraCode Nerd Font";
+           ui_font_size = 16;
+           buffer_font_size = 16;
+           show_edit_predictions = true;
+         };
+      };
    };
-  };
 }
--- a/home/m3tam3re/m3-aether.nix
+++ b/home/m3tam3re/m3-aether.nix
@ -8,7 +8,7 @@
  features = {
    cli = {
      fish.enable = true;
-      skim.enable = true;
+      fzf.enable = true;
      nitch.enable = true;
      secrets.enable = false;
      starship.enable = true;
--- a/home/m3tam3re/m3-atlas.nix
+++ b/home/m3tam3re/m3-atlas.nix
@ -8,7 +8,7 @@
  features = {
    cli = {
      nushell.enable = true;
-      skim.enable = true;
+      fzf.enable = true;
      nitch.enable = true;
      secrets.enable = false;
      starship.enable = true;
--- a/home/m3tam3re/m3-daedalus.nix
+++ b/home/m3tam3re/m3-daedalus.nix
@ -0,0 +1,102 @@
+{
+  config,
+  lib,
+  ...
+}:
+with lib; let
+  cfg = config.features.desktop.hyprland;
+in {
+  imports = [
+    ../common
+    ./dotfiles
+    ./home.nix
+    ../features/cli
+    ../features/coding
+    ../features/desktop
+    #./services/librechat.nix
+  ];
+
+  options.features.desktop.hyprland.enable =
+    mkEnableOption "enable Hyprland";
+
+  config = mkMerge [
+    # Base configuration
+    {
+      xdg = {
+        # TODO: better structure
+        enable = true;
+        configFile."mimeapps.list".force = true;
+        mimeApps = {
+          enable = true;
+          associations.added = {
+            "application/zip" = ["org.gnome.FileRoller.desktop"];
+            "application/csv" = ["calc.desktop"];
+            "application/pdf" = ["vivaldi-stable.desktop"];
+            "x-scheme-handler/http" = ["vivaldi-stable.desktop"];
+            "x-scheme-handler/https" = ["vivaldi-stable.desktop"];
+          };
+          defaultApplications = {
+            "application/zip" = ["org.gnome.FileRoller.desktop"];
+            "application/csv" = ["calc.desktop"];
+            "application/pdf" = ["vivaldi-stable.desktop"];
+            "application/md" = ["dev.zed.Zed.desktop"];
+            "application/text" = ["dev.zed.Zed.desktop"];
+            "x-scheme-handler/http" = ["vivaldi-stable.desktop"];
+            "x-scheme-handler/https" = ["vivaldi-stable.desktop"];
+          };
+        };
+      };
+      features = {
+        cli = {
+          fish.enable = true;
+          nushell.enable = true;
+          fzf.enable = true;
+          nitch.enable = true;
+          secrets.enable = true;
+          starship.enable = true;
+        };
+        desktop = {
+          coding.enable = true;
+          crypto.enable = false;
+          gaming.enable = false;
+          hyprland.enable = false;
+          media.enable = true;
+          office.enable = false;
+          rofi.enable = true;
+          fonts.enable = true;
+          wayland.enable = false;
+        };
+      };
+    }
+
+    (mkIf cfg.enable {
+      wayland.windowManager.hyprland = {
+        enable = true;
+        settings = {
+          monitor = [
+            "eDP-1,preferred,0x0,1.25"
+            "HDMI-A-1,preferred,2560x0,1"
+          ];
+          workspace = [
+            "1, monitor:eDP-1, default:true"
+            "2, monitor:eDP-1"
+            "3, monitor:eDP-1"
+            "4, monitor:HDMI-A-1"
+            "5, monitor:HDMI-A-1,border:false,rounding:false"
+            "6, monitor:HDMI-A-1"
+          ];
+          windowrule = [
+            "workspace 1,class:dev.zed.Zed"
+            "workspace 1,class:Msty"
+            "workspace 2,class:(com.obsproject.Studio)"
+            "workspace 4,opacity 1.0, class:(brave-browser)"
+            "workspace 4,opacity 1.0, class:(vivaldi-stable)"
+            "fullscreen,class:^steam_app_\\d+$"
+            "workspace 5,class:^steam_app_\\d+$"
+            "idleinhibit focus, class:^steam_app_\\d+$"
+          ];
+        };
+      };
+    })
+  ];
+}
--- a/home/m3tam3re/m3-helios.nix
+++ b/home/m3tam3re/m3-helios.nix
@ -8,7 +8,7 @@
  features = {
    cli = {
      fish.enable = true;
-      skim.enable = true;
+      fzf.enable = true;
      nitch.enable = true;
      secrets.enable = false;
      starship.enable = true;
--- a/hosts/m3-aether/services/cloud-init.nix
+++ b/hosts/m3-aether/services/cloud-init.nix
@ -0,0 +1,7 @@
+{
+  services.cloud-init = {
+    enable = true;
+    ext4.enable = true;
+    network.enable = true;
+  };
+}
--- a/hosts/m3-atlas/secrets.nix
+++ b/hosts/m3-atlas/secrets.nix
@ -7,6 +7,13 @@
      ghost-env = {
        file = ../../secrets/ghost-env.age;
      };
+      kestra-config = {
+        file = ../../secrets/kestra-config.age;
+        mode = "644";
+      };
+      kestra-env = {
+        file = ../../secrets/kestra-env.age;
+      };
      littlelink-m3tam3re = {
        file = ../../secrets/littlelink-m3tam3re.age;
      };
--- a/hosts/m3-atlas/services/containers/default.nix
+++ b/hosts/m3-atlas/services/containers/default.nix
@ -2,6 +2,7 @@
  imports = [
    ./baserow.nix
    ./ghost.nix
+    ./kestra.nix
    ./littlelink.nix
    ./matomo.nix
    # ./n8n.nix
--- a/hosts/m3-atlas/services/containers/kestra.nix
+++ b/hosts/m3-atlas/services/containers/kestra.nix
@ -0,0 +1,34 @@
+{ config, ... }: {
+  virtualisation.oci-containers.containers."kestra" = {
+    image = "docker.io/kestra/kestra:latest";
+    environmentFiles = [ config.age.secrets.kestra-env.path ];
+    cmd = [ "server" "standalone" "--config" "/etc/config/application.yaml"];
+    ports = [ "127.0.0.1:3018:8080" ];
+    user = "root";
+    volumes = [
+      "/var/run/docker.sock:/var/run/docker.sock"
+      "${config.age.secrets.kestra-config.path}:/etc/config/application.yaml"
+      "kestra_data:/app/storage"
+      "/tmp/kestra-wd:/tmp/kestra-wd"
+    ];
+    extraOptions =
+      [ "--add-host=postgres:10.89.0.1" "--ip=10.89.0.18" "--network=web" ];
+  };
+
+  systemd.tmpfiles.rules = [
+    "d /tmp/kestra-wd 0750 1000 1000 - -"
+  ];
+
+  # Traefik configuration specific to littlelink
+  services.traefik.dynamicConfigOptions.http = {
+    services.kestra.loadBalancer.servers =
+      [{ url = "http://localhost:3018/"; }];
+
+    routers.kestra = {
+      rule = "Host(`k.m3ta.dev`)";
+      tls = { certResolver = "godaddy"; };
+      service = "kestra";
+      entrypoints = "websecure";
+    };
+  };
+}
--- a/hosts/m3-atlas/services/postgres.nix
+++ b/hosts/m3-atlas/services/postgres.nix
@ -19,6 +19,7 @@

      # Podman network connections for Baserow
      host    baserow      baserow      10.89.0.0/24    scram-sha-256
+      host    kestra       kestra       10.89.0.0/24    scram-sha-256

      # Deny all other connections
      local   all       all       reject
@ -29,7 +30,7 @@
  services.postgresqlBackup = {
    enable = true;
    startAt = "03:10:00";
-    databases = ["baserow" "paperless"];
+    databases = ["baserow" "paperless" "kestra"];
  };
  networking.firewall = {
    extraCommands = ''
--- a/hosts/m3-atlas/services/tailscale.nix
+++ b/hosts/m3-atlas/services/tailscale.nix
@ -20,7 +20,7 @@
      onState = ["routable"];
      script = ''
        NETDEV=$(ip -o route get 8.8.8.8 | cut -f 5 -d " ")
-        ${pkgs.ethtool}/bin/ethtool -K $NETDEV rx-udp-gro-forwarding on rx-gro-list off
+        ${pkgs.ethtool}/bin/ethtool -K "$NETDEV" rx-udp-gro-forwarding on rx-gro-list off
      '';
    };
  };
--- a/hosts/m3-hermes/default.nix
+++ b/hosts/m3-hermes/default.nix
@ -5,8 +5,6 @@

  system.stateVersion = "24.11";

-  networking.hostName = "m3-hermes";
-
  services.cloud-init = {
    enable = true;
  };
@ -25,8 +23,4 @@
  systemd.network.enable = true;

  console.keyMap = "us";
-
-  # Bootloader
-  boot.loader.grub.enable = true;
-  boot.loader.grub.device = "/dev/sda";
 }
--- a/secrets.nix
+++ b/secrets.nix
@ -22,6 +22,8 @@ in {
  "secrets/ghost-env.age".publicKeys = systems ++ users;
  "secrets/littlelink-m3tam3re.age".publicKeys = systems ++ users;
  "secrets/m3tam3re-secrets.age".publicKeys = systems ++ users;
+  "secrets/kestra-config.age".publicKeys = systems ++ users;
+  "secrets/kestra-env.age".publicKeys = systems ++ users;
  "secrets/minio-root-cred.age".publicKeys = systems ++ users;
  "secrets/n8n-env.age".publicKeys = systems ++ users;
  "secrets/paperless-key.age".publicKeys = systems ++ users;
--- a/secrets/kestra-config.age
+++ b/secrets/kestra-config.age
--- a/secrets/kestra-env.age
+++ b/secrets/kestra-env.age