m3tam3re/nixos-config
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: m3tam3re:e02d76f98148b527a69e6d5a4aa39775f5af3308
Branches Tags
m3tam3re:master
..
compare: m3tam3re:master
Branches Tags
m3tam3re:master

99 Commits
e02d76f981 ... master

Author SHA1 Message Date
m3tam3re
8f4b39d277 flake update 2025-10-05 14:38:50 +02:00
m3tam3re
dea4ca9377 added ports module from m3ta-nixpkgs / prep for rewrite 2025-10-05 12:24:27 +02:00
m3tam3re
6cd1fdd651 beginning of bigger restructure, m3ta-nixpkgs input 2025-10-03 19:14:37 +02:00
m3tam3re
b66553888b beginning of bigger restructure, m3ta-nixpkgs input 2025-10-03 14:55:24 +02:00
m3tam3re
35becfdea4 +crush 2025-09-29 18:58:19 +02:00
m3tam3re
b2ad6005bc +hyprland cfg 2025-09-15 18:11:00 +02:00
m3tam3re
150dd20d32 +gamemoderun 2025-09-14 16:58:40 +02:00
m3tam3re
bab10c3273 +tuxedo backlight 2025-09-08 04:40:19 +02:00
m3tam3re
d5e13e2099 gnome m3-ares 2025-09-06 21:19:11 +02:00
m3tam3re
20706ce6a3 rofi dmenu exec 2025-09-04 20:23:31 +02:00
m3tam3re
e9baa42695 keybindings + rofi fix 2025-09-04 18:21:56 +02:00
m3tam3re
2e6bf051f0 keybindings + rofi fix 2025-09-04 18:15:37 +02:00
Sascha Koenig
a5f544e8d3 flake update 2025-09-04 15:37:14 +02:00
m3tam3re
a81aee81b1 flake update 2025-09-04 15:36:53 +02:00
m3tam3re
d2c127c396 AZ ssh config 2025-09-04 15:04:11 +02:00
m3tam3re
846a88475a more nix-colors; nushell fzf fix 2025-09-02 20:18:42 +02:00
m3tam3re
bbb79160ae nix-colors 2025-08-30 14:32:25 +02:00
m3tam3re
cc0f4c66ce Msty Studio version number 2025-08-30 09:09:30 +02:00
m3tam3re
7c355127c7 +Msty Studio 2025-08-30 09:05:58 +02:00
m3tam3re
6ce51f5cf2 cleanup 2025-08-28 20:33:23 +02:00
m3tam3re
d96e054ef3 cleanup 2025-08-28 20:31:25 +02:00
m3tam3re
7a3f368aca + webapp launcher, hyprland config changes 2025-08-28 20:28:10 +02:00
Sascha Koenig
9e44101016 hyprpaper randomizer 2025-08-24 11:57:40 +02:00
Sascha Koenig
d5b06c496d minor changes 2025-08-14 11:10:59 +02:00
Sascha Koenig
669ed55dc0 minor changes 2025-08-14 10:51:24 +02:00
Sascha Koenig
578bfd527f some refactoring 2025-07-20 19:30:57 +02:00
Sascha Koenig
2715ddc617 flake update 2025-07-20 14:26:14 +02:00
Sascha Koenig
eedf92819c baserow upgrade 2025-07-15 17:37:38 +02:00
Sascha Koenig
0ff5c04d23 outline config + paperless overlay 2025-07-10 19:31:32 +02:00
Sascha Koenig
55e8c6cae5 +outine, flake update 2025-07-10 06:55:08 +02:00
Sascha Koenig
b54213cfbb flake update 2025-07-03 19:06:08 +02:00
Sascha Koenig
a11ee7ee02 +m3-daedalus 2025-06-24 20:13:48 +02:00
Sascha Koenig
8c9860674b hyprland stream-boxes 2025-05-21 14:24:30 +02:00
Sascha Koenig
e1719204e9 tailscale key rotation 2025-05-20 09:35:04 +02:00
Sascha Koenig
72ceffc61d nushell fzf 2025-05-19 21:03:09 +02:00
Sascha Koenig
22cbc7c5a2 flake update 2025-05-19 17:27:39 +02:00
Sascha Koenig
68ecbd3bf1 +builder for proxmox nixos-template 2025-05-19 12:53:05 +02:00
Sascha Koenig
f85332f321 gitea fix 2025-05-18 13:03:39 +02:00
Sascha Koenig
040d03423d mesa 25.0.6 overlay for doom the dark ages 2025-05-17 15:21:21 +02:00
Sascha Koenig
cf731e7309 rm wl-clipboard pin 2025-05-15 09:50:08 +02:00
Sascha Koenig
e0aa2783bb postgres upgrade@m3-atlas 2025-05-13 05:32:59 +02:00
Sascha Koenig
7854d75742 flake update 2025-05-12 11:22:29 +02:00
Sascha Koenig
80cff4278d port changes for gitea 2025-05-12 10:33:27 +02:00
Sascha Koenig
f33bfec02e vw conf @m3-atlas 2025-05-08 09:45:25 +02:00
Sascha Koenig
20bdd1c7b6 Paperless Service @m3-atlas 2025-05-08 08:20:16 +02:00
Sascha Koenig
7fec29f602 +vautwarden, +slash@nemoti 2025-05-08 00:15:04 +02:00
m3tam3re
a3a85c3596 +Tailscale @m3-ares 2025-05-06 13:23:55 +02:00
m3tam3re
279d00ae82 Headscale and Tailscale config modules 2025-05-06 13:22:39 +02:00
m3tam3re
ad87c67161 Headscale and Tailscale config modules 2025-05-05 11:44:32 +02:00
m3tam3re
53ce9740bd nushell dir_fuzzy 2025-05-05 01:58:36 +02:00
m3tam3re
881a65263d +skim functions for nushell 2025-05-04 19:00:11 +02:00
m3tam3re
32503965ab +Nushell 2025-05-04 10:53:18 +02:00
m3tam3re
3d52c0576e -fastfetch;+nitch 2025-04-30 14:47:05 +02:00
m3tam3re
cc38372ee0 experimental msty-sidecar 2025-04-29 15:05:08 +02:00
m3tam3re
e461fc494a flake update; msty update; +headscale config 2025-04-29 13:36:01 +02:00
m3tam3re
5a5b434efd m3ta.dev www fix for traefik 2025-04-24 16:57:30 +02:00
m3tam3re
d69a9b9b38 + work-timer 2025-04-21 15:00:21 +02:00
m3tam3re
b6e8a1614b traefik domain redirects 2025-04-18 15:59:06 +02:00
m3tam3re
f560c59be5 +code2prompt, removed temprorary overlays 2025-04-18 10:53:05 +02:00
m3tam3re
01a2cbc808 m3-atlas: n8n - nixos, ghost update 2025-04-16 14:06:02 +02:00
m3tam3re
9b6e6a6992 flake update 2025-04-15 09:41:22 +02:00
m3tam3re
02f8b6d787 +ssh config zed for self-host-playbook 2025-04-10 19:16:46 +02:00
m3tam3re
40d6c9692a flake update 2025-04-10 11:36:42 +02:00
m3tam3re
374a17e6fc +experimental pangolin config for m3-atlas 2025-04-07 19:45:20 +02:00
m3tam3re
b1e1a95a1c flake update 2025-03-28 11:32:08 +01:00
m3tam3re
74e7ee8364 lock OVMF 2025-03-28 10:00:43 +01:00
m3tam3re
c32a94b82c Hyprland config change due to 0.48 update 2025-03-27 09:29:24 +01:00
m3tam3re
0e6ea2bacb n8n override fix 2025-03-26 12:24:36 +01:00
m3tam3re
8a2b5438af +vivaldi flake update 2025-03-26 11:54:49 +01:00
m3tam3re
81ee763318 flatpak fix attempt 2025-03-26 06:12:35 +01:00
m3tam3re
1c0b67c2a0 Update flake.lock 2025-03-24 13:05:41 +01:00
m3tam3re
42aa44a56b obs-browser 2025-03-24 13:05:28 +01:00
m3tam3re
466cbaf048 n8n-env, obs-plugins 2025-03-18 11:56:09 +01:00
m3tam3re
b47e20afad flake update / brave fix 2025-03-18 09:32:28 +01:00
m3tam3re
e93bdf20a3 restreamer setup 2025-03-15 14:23:47 +01:00
m3tam3re
779473317d +matomo 2025-03-14 17:32:08 +01:00
m3tam3re
39782b6eb9 flake update 2025-03-14 10:52:22 +01:00
m3tam3re
960ea9503d flake update 2025-03-13 11:30:48 +01:00
m3tam3re
df41024693 playbook ssh config 2025-03-12 14:20:44 +01:00
m3tam3re
73fd3ef108 flake update 2025-03-10 09:37:17 +01:00
m3tam3re
221ffed715 let's try warp 2025-03-05 09:23:39 +01:00
m3tam3re
3637aee724 +warp-terminal 2025-03-04 23:27:10 +01:00
m3tam3re
c0e8cfd773 msty fix licensing 2025-03-04 14:54:59 +01:00
m3tam3re
ede0af92cd fix msty license persistence 2025-03-04 06:14:49 +01:00
m3tam3re
f812a1de83 secrets update 2025-03-03 10:16:17 +01:00
m3tam3re
eb84e24369 +MSTY 2025-03-02 16:14:43 +01:00
m3tam3re
d51894816c pin to fix anytype error 2025-03-01 15:43:00 +01:00
m3tam3re
c7fb70c88d neofetch to fastfetch 2025-03-01 15:01:19 +01:00
m3tam3re
2db7d8c1fd +slash 2025-02-28 15:56:53 +01:00
m3tam3re
ce168609ca flake update 2025-02-28 09:55:27 +01:00
m3tam3re
842b01b647 n8n-env-fix 2025-02-24 14:57:19 +01:00
m3tam3re
fa734b5c85 ghost-env-fix 2025-02-24 14:51:43 +01:00
m3tam3re
a4d8d6890c +crypto 2025-02-24 09:48:13 +01:00
m3tam3re
262902c018 n8n@m3-atlas 2025-02-23 19:07:14 +01:00
m3tam3re
2ffd84eb4e ssh_config 2025-02-22 11:03:03 +01:00
m3tam3re
39e1187948 headscale + tailscale 2025-02-21 14:07:29 +01:00
m3tam3re
74d4940e27 traffic dns fix 2025-02-20 15:47:16 +01:00
m3tam3re
25b1fa76d7 flake update 2025-02-18 19:39:32 +01:00
m3tam3re
b281290bef flake update 2025-02-18 19:37:50 +01:00
108 changed files with 3152 additions and 1148 deletions
Expand all files Collapse all files

489
flake.lock generated
View File

@@ -8,11 +8,11 @@
"systems": "systems" "systems": "systems"
}, },
"locked": { "locked": {
"lastModified": 1736955230, "lastModified": 1754433428,
"narHash": "sha256-uenf8fv2eG5bKM8C/UvFaiJMZ4IpUFaQxk9OH5t/1gA=", "narHash": "sha256-NA/FT2hVhKDftbHSwVnoRTFhes62+7dxZbxj5Gxvghs=",
"owner": "ryantm", "owner": "ryantm",
"repo": "agenix", "repo": "agenix",
"rev": "e600439ec4c273cf11e06fe4d9d906fb98fa097c", "rev": "9edb1787864c4f59ae5074ad498b6272b3ec308d",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -21,47 +21,41 @@
"type": "github" "type": "github"
} }
}, },
"ags": { "base16-schemes": {
"inputs": { "flake": false,
"astal": "astal",
"nixpkgs": [
"hyprpanel",
"nixpkgs"
]
},
"locked": { "locked": {
"lastModified": 1736090999, "lastModified": 1696158499,
"narHash": "sha256-B5CJuHqfJrzPa7tObK0H9669/EClSHpa/P7B9EuvElU=", "narHash": "sha256-5yIHgDTPjoX/3oDEfLSQ0eJZdFL1SaCfb9d6M0RmOTM=",
"owner": "aylur", "owner": "tinted-theming",
"repo": "ags", "repo": "base16-schemes",
"rev": "5527c3c07d92c11e04e7fd99d58429493dba7e3c", "rev": "a9112eaae86d9dd8ee6bb9445b664fba2f94037a",
"type": "github" "type": "github"
}, },
"original": { "original": {
"owner": "aylur", "owner": "tinted-theming",
"repo": "ags", "repo": "base16-schemes",
"type": "github" "type": "github"
} }
}, },
"astal": { "blueprint": {
"inputs": { "inputs": {
"nixpkgs": [ "nixpkgs": [
"hyprpanel", "nix-ai-tools",
"ags",
"nixpkgs" "nixpkgs"
] ],
"systems": "systems_3"
}, },
"locked": { "locked": {
"lastModified": 1735172721, "lastModified": 1758687491,
"narHash": "sha256-rtEAwGsHSppnkR3Qg3eRJ6Xh/F84IY9CrBBLzYabalY=", "narHash": "sha256-sy8Q+MfBe+MZzYj4MJwBDe4lkLnmhy1POO86hWZgqO8=",
"owner": "aylur", "owner": "numtide",
"repo": "astal", "repo": "blueprint",
"rev": "6c84b64efc736e039a8a10774a4a1bf772c37aa2", "rev": "7ecaeb70f63d14a397c73b38f57177894bb795c8",
"type": "github" "type": "github"
}, },
"original": { "original": {
"owner": "aylur", "owner": "numtide",
"repo": "astal", "repo": "blueprint",
"type": "github" "type": "github"
} }
}, },
@@ -73,11 +67,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1700795494, "lastModified": 1744478979,
"narHash": "sha256-gzGLZSiOhf155FW7262kdHo2YDeugp3VuIFb4/GGng0=", "narHash": "sha256-dyN+teG9G82G+m+PX/aSAagkC+vUv0SgUw3XkPhQodQ=",
"owner": "lnl7", "owner": "lnl7",
"repo": "nix-darwin", "repo": "nix-darwin",
"rev": "4b9b83d5a92e8c1fbfd8eb27eda375908c11ec4d", "rev": "43975d782b418ebf4969e9ccba82466728c2851b",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -94,11 +88,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1739518853, "lastModified": 1758287904,
"narHash": "sha256-3dZpC0Kq9qvaTKcfC9Am+PXd73mWo2Whi2yM6gnvOpA=", "narHash": "sha256-IGmaEf3Do8o5Cwp1kXBN1wQmZwQN3NLfq5t4nHtVtcU=",
"owner": "nix-community", "owner": "nix-community",
"repo": "disko", "repo": "disko",
"rev": "85942f35d345daf4d402c05a8ee0c52f414a2168", "rev": "67ff9807dd148e704baadbd4fd783b54282ca627",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -107,20 +101,43 @@
"type": "github" "type": "github"
} }
}, },
"dotfiles": { "flake-parts": {
"flake": false, "inputs": {
"nixpkgs-lib": [
"nur",
"nixpkgs"
]
},
"locked": { "locked": {
"lastModified": 1728910889, "lastModified": 1733312601,
"narHash": "sha256-B/fb+7SKVxK9j851SgR4Nljd6EtE1DzqwLh6yOvkQOY=", "narHash": "sha256-4pDvzqnegAfRkPwO3wmwBhVi/Sye1mzps0zHWYnP88c=",
"ref": "refs/heads/master", "owner": "hercules-ci",
"rev": "360c75b2cbce800ebaf9445266e2fe345bf582bf", "repo": "flake-parts",
"revCount": 53, "rev": "205b12d8b7cd4802fbcb8e8ef6a0f1408781a4f9",
"type": "git", "type": "github"
"url": "https://code.m3tam3re.com/m3tam3re/dotfiles.git"
}, },
"original": { "original": {
"type": "git", "owner": "hercules-ci",
"url": "https://code.m3tam3re.com/m3tam3re/dotfiles.git" "repo": "flake-parts",
"type": "github"
}
},
"flake-utils": {
"inputs": {
"systems": "systems_2"
},
"locked": {
"lastModified": 1731533236,
"narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "11707dc2f618dd54ca8739b309ec4fc024de578b",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
} }
}, },
"home-manager": { "home-manager": {
@@ -131,11 +148,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1703113217, "lastModified": 1745494811,
"narHash": "sha256-7ulcXOk63TIT2lVDSExj7XzFx09LpdSAPtvgtM7yQPE=", "narHash": "sha256-YZCh2o9Ua1n9uCvrvi5pRxtuVNml8X2a03qIFfRKpFs=",
"owner": "nix-community", "owner": "nix-community",
"repo": "home-manager", "repo": "home-manager",
"rev": "3bfaacf46133c037bb356193bd2f1765d9dc82c1", "rev": "abfad3d2958c9e6300a883bd443512c55dfeb1be",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -151,11 +168,32 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1739470101, "lastModified": 1759573136,
"narHash": "sha256-NxNe32VB4XI/xIXrsKmIfrcgtEx5r/5s52pL3CpEcA4=", "narHash": "sha256-ILSPD0Dm8p0w0fCVzOx98ZH8yFDrR75GmwmH3fS2VnE=",
"owner": "nix-community", "owner": "nix-community",
"repo": "home-manager", "repo": "home-manager",
"rev": "5031c6d2978109336637977c165f82aa49fa16a7", "rev": "5f06ceafc6c9b773a776b9195c3f47bbe1defa43",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "home-manager",
"type": "github"
}
},
"home-manager_3": {
"inputs": {
"nixpkgs": [
"hyprpanel",
"nixpkgs"
]
},
"locked": {
"lastModified": 1750798083,
"narHash": "sha256-DTCCcp6WCFaYXWKFRA6fiI2zlvOLCf5Vwx8+/0R8Wc4=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "ff31a4677c1a8ae506aa7e003a3dba08cb203f82",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -170,7 +208,7 @@
"rose-pine-hyprcursor", "rose-pine-hyprcursor",
"nixpkgs" "nixpkgs"
], ],
"systems": "systems_2" "systems": "systems_4"
}, },
"locked": { "locked": {
"lastModified": 1709914708, "lastModified": 1709914708,
@@ -188,15 +226,16 @@
}, },
"hyprpanel": { "hyprpanel": {
"inputs": { "inputs": {
"ags": "ags", "flake-utils": "flake-utils",
"home-manager": "home-manager_3",
"nixpkgs": "nixpkgs_2" "nixpkgs": "nixpkgs_2"
}, },
"locked": { "locked": {
"lastModified": 1739002652, "lastModified": 1757563845,
"narHash": "sha256-W83O9ASWUFaDAFY7H9vvW/Gm9PN5Lkh0McYW3bA/6aU=", "narHash": "sha256-pz69vejsrB+7N+jyKxZcckTjJtzw9BCAIRzHNbFUIp0=",
"owner": "Jas-SinghFSU", "owner": "Jas-SinghFSU",
"repo": "HyprPanel", "repo": "HyprPanel",
"rev": "0d5f80ff5cd525b8f27adfb84cef67d90e3d7f10", "rev": "0a961ce8a959c521f41546af7f355e04adee5503",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -205,45 +244,183 @@
"type": "github" "type": "github"
} }
}, },
"m3ta-nixpkgs": {
"inputs": {
"nixpkgs": "nixpkgs_3"
},
"locked": {
"lastModified": 1759661061,
"narHash": "sha256-LAd1fNNIL19HrOm1cVeoKP5v8si932HsX1ZDwJh9O8o=",
"ref": "refs/heads/master",
"rev": "27d92a238ba9b9df117680c2080e082a2732bfc5",
"revCount": 7,
"type": "git",
"url": "https://code.m3ta.dev/m3tam3re/nixpkgs"
},
"original": {
"type": "git",
"url": "https://code.m3ta.dev/m3tam3re/nixpkgs"
}
},
"nix-ai-tools": {
"inputs": {
"blueprint": "blueprint",
"nixpkgs": "nixpkgs_4",
"treefmt-nix": "treefmt-nix"
},
"locked": {
"lastModified": 1759662326,
"narHash": "sha256-DlLJ95u+Y+dQUgYXK9w4+oXEN1tAoBTuOBbROkJFw5Y=",
"owner": "numtide",
"repo": "nix-ai-tools",
"rev": "f9b693bea48cea1dbe1f1b4471f546fe1e7a0c29",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "nix-ai-tools",
"type": "github"
}
},
"nix-colors": {
"inputs": {
"base16-schemes": "base16-schemes",
"nixpkgs-lib": "nixpkgs-lib"
},
"locked": {
"lastModified": 1707825078,
"narHash": "sha256-hTfge2J2W+42SZ7VHXkf4kjU+qzFqPeC9k66jAUBMHk=",
"owner": "misterio77",
"repo": "nix-colors",
"rev": "b01f024090d2c4fc3152cd0cf12027a7b8453ba1",
"type": "github"
},
"original": {
"owner": "misterio77",
"repo": "nix-colors",
"type": "github"
}
},
"nixlib": {
"locked": {
"lastModified": 1736643958,
"narHash": "sha256-tmpqTSWVRJVhpvfSN9KXBvKEXplrwKnSZNAoNPf/S/s=",
"owner": "nix-community",
"repo": "nixpkgs.lib",
"rev": "1418bc28a52126761c02dd3d89b2d8ca0f521181",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "nixpkgs.lib",
"type": "github"
}
},
"nixos-generators": {
"inputs": {
"nixlib": "nixlib",
"nixpkgs": "nixpkgs_5"
},
"locked": {
"lastModified": 1751903740,
"narHash": "sha256-PeSkNMvkpEvts+9DjFiop1iT2JuBpyknmBUs0Un0a4I=",
"owner": "nix-community",
"repo": "nixos-generators",
"rev": "032decf9db65efed428afd2fa39d80f7089085eb",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "nixos-generators",
"type": "github"
}
},
"nixpkgs": { "nixpkgs": {
"locked": { "locked": {
"lastModified": 1703013332, "lastModified": 1754028485,
"narHash": "sha256-+tFNwMvlXLbJZXiMHqYq77z/RfmpfpiI3yjL6o/Zo9M=", "narHash": "sha256-IiiXB3BDTi6UqzAZcf2S797hWEPCRZOwyNThJIYhUfk=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "54aac082a4d9bb5bbc5c4e899603abfb76a3f6d6", "rev": "59e69648d345d6e8fef86158c555730fa12af9de",
"type": "github" "type": "github"
}, },
"original": { "original": {
"owner": "NixOS", "owner": "NixOS",
"ref": "nixos-unstable", "ref": "nixos-25.05",
"repo": "nixpkgs", "repo": "nixpkgs",
"type": "github" "type": "github"
} }
}, },
"nixpkgs-d016996": { "nixpkgs-45570c2": {
"locked": { "locked": {
"lastModified": 1737074211, "lastModified": 1750950224,
"narHash": "sha256-BdTeiNTc1DUiEcKhmjjuJ54KRv+8UzyTqRl7QS64AMI=", "narHash": "sha256-vMCk6wKJVgR7H2pVrQV4/qygzTtvpnS/9jCT3cjzXVM=",
"owner": "nixos", "owner": "nixos",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "d0169965cf1ce1cd68e50a63eabff7c8b8959743", "rev": "45570c299dc2b63c8c574c4cd77f0b92f7e2766e",
"type": "github" "type": "github"
}, },
"original": { "original": {
"owner": "nixos", "owner": "nixos",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "d0169965cf1ce1cd68e50a63eabff7c8b8959743", "rev": "45570c299dc2b63c8c574c4cd77f0b92f7e2766e",
"type": "github"
}
},
"nixpkgs-9e58ed7": {
"locked": {
"lastModified": 1746823729,
"narHash": "sha256-6E3jRDNK9w1gwDsreG6ZS8Ec0Dv35DkDqKzxZATEUts=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "9e58ed7ba759d81c98f033b7f5eba21ca68f53b0",
"type": "github"
},
"original": {
"owner": "nixos",
"repo": "nixpkgs",
"rev": "9e58ed7ba759d81c98f033b7f5eba21ca68f53b0",
"type": "github"
}
},
"nixpkgs-lib": {
"locked": {
"lastModified": 1697935651,
"narHash": "sha256-qOfWjQ2JQSQL15KLh6D7xQhx0qgZlYZTYlcEiRuAMMw=",
"owner": "nix-community",
"repo": "nixpkgs.lib",
"rev": "e1e11fdbb01113d85c7f41cada9d2847660e3902",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "nixpkgs.lib",
"type": "github"
}
},
"nixpkgs-locked": {
"locked": {
"lastModified": 1739661218,
"narHash": "sha256-hEGW0SKD0ORTEmoTuEEONxgENP5kMqe+NCtJug0U6R0=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "2744d988fa116fc6d46cdfa3d1c936d0abd7d121",
"type": "github"
},
"original": {
"owner": "nixos",
"repo": "nixpkgs",
"rev": "2744d988fa116fc6d46cdfa3d1c936d0abd7d121",
"type": "github" "type": "github"
} }
}, },
"nixpkgs-master": { "nixpkgs-master": {
"locked": { "locked": {
"lastModified": 1739521149, "lastModified": 1759661032,
"narHash": "sha256-9CYhycBZDYkxD1uu6HMeJzRkSuDYZ86RJzEbFopO/CQ=", "narHash": "sha256-cqZAN2FmnUX/M42m1T9/glzcp8C+66bV/25xUB7TbAw=",
"owner": "nixos", "owner": "nixos",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "49f1c6e940b67fa522c45c14603a0584aa90ebd2", "rev": "b7ffd1a8c2550781d74d6a2b48dc6bcd9da29996",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -255,27 +432,27 @@
}, },
"nixpkgs-stable": { "nixpkgs-stable": {
"locked": { "locked": {
"lastModified": 1739357830, "lastModified": 1759580034,
"narHash": "sha256-9xim3nJJUFbVbJCz48UP4fGRStVW5nv4VdbimbKxJ3I=", "narHash": "sha256-YWo57PL7mGZU7D4WeKFMiW4ex/O6ZolUS6UNBHTZfkI=",
"owner": "nixos", "owner": "nixos",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "0ff09db9d034a04acd4e8908820ba0b410d7a33a", "rev": "3bcc93c5f7a4b30335d31f21e2f1281cba68c318",
"type": "github" "type": "github"
}, },
"original": { "original": {
"owner": "nixos", "owner": "nixos",
"ref": "nixos-24.11", "ref": "nixos-25.05",
"repo": "nixpkgs", "repo": "nixpkgs",
"type": "github" "type": "github"
} }
}, },
"nixpkgs_2": { "nixpkgs_2": {
"locked": { "locked": {
"lastModified": 1736344531, "lastModified": 1750776420,
"narHash": "sha256-8YVQ9ZbSfuUk2bUf2KRj60NRraLPKPS0Q4QFTbc+c2c=", "narHash": "sha256-/CG+w0o0oJ5itVklOoLbdn2dGB0wbZVOoDm4np6w09A=",
"owner": "nixos", "owner": "nixos",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "bffc22eb12172e6db3c5dde9e3e5628f8e3e7912", "rev": "30a61f056ac492e3b7cdcb69c1e6abdcf00e39cf",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -287,11 +464,59 @@
}, },
"nixpkgs_3": { "nixpkgs_3": {
"locked": { "locked": {
"lastModified": 1739446958, "lastModified": 1759381078,
"narHash": "sha256-+/bYK3DbPxMIvSL4zArkMX0LQvS7rzBKXnDXLfKyRVc=", "narHash": "sha256-gTrEEp5gEspIcCOx9PD8kMaF1iEmfBcTbO0Jag2QhQs=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "7df7ff7d8e00218376575f0acdcc5d66741351ee",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_4": {
"locked": {
"lastModified": 1759381078,
"narHash": "sha256-gTrEEp5gEspIcCOx9PD8kMaF1iEmfBcTbO0Jag2QhQs=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "7df7ff7d8e00218376575f0acdcc5d66741351ee",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_5": {
"locked": {
"lastModified": 1736657626,
"narHash": "sha256-FWlPMUzp0lkQBdhKlPqtQdqmp+/C+1MBiEytaYfrCTY=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "2f9e2f85cb14a46410a1399aa9ea7ecf433e422e",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixpkgs-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_6": {
"locked": {
"lastModified": 1759381078,
"narHash": "sha256-gTrEEp5gEspIcCOx9PD8kMaF1iEmfBcTbO0Jag2QhQs=",
"owner": "nixos", "owner": "nixos",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "2ff53fe64443980e139eaa286017f53f88336dd0", "rev": "7df7ff7d8e00218376575f0acdcc5d66741351ee",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -301,7 +526,7 @@
"type": "github" "type": "github"
} }
}, },
"nixpkgs_4": { "nixpkgs_7": {
"locked": { "locked": {
"lastModified": 1710272261, "lastModified": 1710272261,
"narHash": "sha256-g0bDwXFmTE7uGDOs9HcJsfLFhH7fOsASbAuOzDC+fhQ=", "narHash": "sha256-g0bDwXFmTE7uGDOs9HcJsfLFhH7fOsASbAuOzDC+fhQ=",
@@ -317,32 +542,59 @@
"type": "github" "type": "github"
} }
}, },
"nur": {
"inputs": {
"flake-parts": "flake-parts",
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1759659817,
"narHash": "sha256-S26D4k/9He1tLCn5ARx+3BNzK7IKBLBJWUqx9GF8X7s=",
"owner": "nix-community",
"repo": "NUR",
"rev": "df8713776e7e236129f7c260017e770393b4f278",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "NUR",
"type": "github"
}
},
"root": { "root": {
"inputs": { "inputs": {
"agenix": "agenix", "agenix": "agenix",
"disko": "disko", "disko": "disko",
"dotfiles": "dotfiles",
"home-manager": "home-manager_2", "home-manager": "home-manager_2",
"hyprpanel": "hyprpanel", "hyprpanel": "hyprpanel",
"nixpkgs": "nixpkgs_3", "m3ta-nixpkgs": "m3ta-nixpkgs",
"nixpkgs-d016996": "nixpkgs-d016996", "nix-ai-tools": "nix-ai-tools",
"nix-colors": "nix-colors",
"nixos-generators": "nixos-generators",
"nixpkgs": "nixpkgs_6",
"nixpkgs-45570c2": "nixpkgs-45570c2",
"nixpkgs-9e58ed7": "nixpkgs-9e58ed7",
"nixpkgs-locked": "nixpkgs-locked",
"nixpkgs-master": "nixpkgs-master", "nixpkgs-master": "nixpkgs-master",
"nixpkgs-stable": "nixpkgs-stable", "nixpkgs-stable": "nixpkgs-stable",
"nur": "nur",
"rose-pine-hyprcursor": "rose-pine-hyprcursor" "rose-pine-hyprcursor": "rose-pine-hyprcursor"
} }
}, },
"rose-pine-hyprcursor": { "rose-pine-hyprcursor": {
"inputs": { "inputs": {
"hyprlang": "hyprlang", "hyprlang": "hyprlang",
"nixpkgs": "nixpkgs_4", "nixpkgs": "nixpkgs_7",
"utils": "utils" "utils": "utils"
}, },
"locked": { "locked": {
"lastModified": 1733265112, "lastModified": 1748096947,
"narHash": "sha256-FdO+2X7TeIAW73hiyFKZbCjlAskb4xMmYYPX97mo9RE=", "narHash": "sha256-ouuA8LVBXzrbYwPW2vNjh7fC9H2UBud/1tUiIM5vPvM=",
"owner": "ndom91", "owner": "ndom91",
"repo": "rose-pine-hyprcursor", "repo": "rose-pine-hyprcursor",
"rev": "89dc9e347ce8da26766ad421b0899536f9f87639", "rev": "4b02963d0baf0bee18725cf7c5762b3b3c1392f1",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -368,16 +620,16 @@
}, },
"systems_2": { "systems_2": {
"locked": { "locked": {
"lastModified": 1689347949, "lastModified": 1681028828,
"narHash": "sha256-12tWmuL2zgBgZkdoB6qXZsgJEH9LR3oUgpaQq2RbI80=", "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems", "owner": "nix-systems",
"repo": "default-linux", "repo": "default",
"rev": "31732fcf5e8fea42e59c2488ad31a0e651500f68", "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github" "type": "github"
}, },
"original": { "original": {
"owner": "nix-systems", "owner": "nix-systems",
"repo": "default-linux", "repo": "default",
"type": "github" "type": "github"
} }
}, },
@@ -396,9 +648,60 @@
"type": "github" "type": "github"
} }
}, },
"systems_4": {
"locked": {
"lastModified": 1689347949,
"narHash": "sha256-12tWmuL2zgBgZkdoB6qXZsgJEH9LR3oUgpaQq2RbI80=",
"owner": "nix-systems",
"repo": "default-linux",
"rev": "31732fcf5e8fea42e59c2488ad31a0e651500f68",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default-linux",
"type": "github"
}
},
"systems_5": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
},
"treefmt-nix": {
"inputs": {
"nixpkgs": [
"nix-ai-tools",
"nixpkgs"
]
},
"locked": {
"lastModified": 1758728421,
"narHash": "sha256-ySNJ008muQAds2JemiyrWYbwbG+V7S5wg3ZVKGHSFu8=",
"owner": "numtide",
"repo": "treefmt-nix",
"rev": "5eda4ee8121f97b218f7cc73f5172098d458f1d1",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "treefmt-nix",
"type": "github"
}
},
"utils": { "utils": {
"inputs": { "inputs": {
"systems": "systems_3" "systems": "systems_5"
}, },
"locked": { "locked": {
"lastModified": 1710146030, "lastModified": 1710146030,

55
flake.nix
View File

@@ -16,10 +16,19 @@
inputs.nixpkgs.follows = "nixpkgs"; inputs.nixpkgs.follows = "nixpkgs";
}; };
nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable"; nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable";
nixpkgs-stable.url = "github:nixos/nixpkgs/nixos-24.11"; nixpkgs-stable.url = "github:nixos/nixpkgs/nixos-25.05";
nixpkgs-d016996.url = "github:nixos/nixpkgs/d0169965cf1ce1cd68e50a63eabff7c8b8959743"; nixpkgs-45570c2.url = "github:nixos/nixpkgs/45570c299dc2b63c8c574c4cd77f0b92f7e2766e";
nixpkgs-locked.url = "github:nixos/nixpkgs/2744d988fa116fc6d46cdfa3d1c936d0abd7d121";
nixpkgs-9e58ed7.url = "github:nixos/nixpkgs/9e58ed7ba759d81c98f033b7f5eba21ca68f53b0";
nixpkgs-master.url = "github:nixos/nixpkgs/master"; nixpkgs-master.url = "github:nixos/nixpkgs/master";
m3ta-nixpkgs.url = "git+https://code.m3ta.dev/m3tam3re/nixpkgs";
# m3ta-nixpkgs.url = "path:/home/m3tam3re/p/nix/nixpkgs";
#
nur = {
url = "github:nix-community/NUR";
inputs.nixpkgs.follows = "nixpkgs";
};
agenix.url = "github:ryantm/agenix"; agenix.url = "github:ryantm/agenix";
disko = { disko = {
@@ -27,21 +36,23 @@
inputs.nixpkgs.follows = "nixpkgs"; inputs.nixpkgs.follows = "nixpkgs";
}; };
nixos-generators = {
url = "github:nix-community/nixos-generators";
};
hyprpanel.url = "github:Jas-SinghFSU/HyprPanel"; hyprpanel.url = "github:Jas-SinghFSU/HyprPanel";
rose-pine-hyprcursor.url = "github:ndom91/rose-pine-hyprcursor"; rose-pine-hyprcursor.url = "github:ndom91/rose-pine-hyprcursor";
nix-colors.url = "github:misterio77/nix-colors";
dotfiles = { nix-ai-tools.url = "github:numtide/nix-ai-tools";
url = "git+https://code.m3tam3re.com/m3tam3re/dotfiles.git";
flake = false;
};
}; };
outputs = { outputs = {
self, self,
agenix, agenix,
dotfiles,
home-manager, home-manager,
nixpkgs, nixpkgs,
m3ta-nixpkgs,
nur,
... ...
} @ inputs: let } @ inputs: let
inherit (self) outputs; inherit (self) outputs;
@@ -58,6 +69,7 @@
forAllSystems (system: import ./pkgs nixpkgs.legacyPackages.${system}); forAllSystems (system: import ./pkgs nixpkgs.legacyPackages.${system});
overlays = import ./overlays {inherit inputs outputs;}; overlays = import ./overlays {inherit inputs outputs;};
homeManagerModules = import ./modules/home-manager; homeManagerModules = import ./modules/home-manager;
nixosConfigurations = { nixosConfigurations = {
m3-ares = nixpkgs.lib.nixosSystem { m3-ares = nixpkgs.lib.nixosSystem {
specialArgs = { specialArgs = {
@@ -67,6 +79,7 @@
modules = [ modules = [
./hosts/m3-ares ./hosts/m3-ares
agenix.nixosModules.default agenix.nixosModules.default
m3ta-nixpkgs.nixosModules.default
]; ];
}; };
m3-atlas = nixpkgs.lib.nixosSystem { m3-atlas = nixpkgs.lib.nixosSystem {
@@ -76,6 +89,7 @@
./hosts/m3-atlas ./hosts/m3-atlas
inputs.disko.nixosModules.disko inputs.disko.nixosModules.disko
agenix.nixosModules.default agenix.nixosModules.default
m3ta-nixpkgs.nixosModules.default
]; ];
}; };
m3-kratos = nixpkgs.lib.nixosSystem { m3-kratos = nixpkgs.lib.nixosSystem {
@@ -86,6 +100,8 @@
modules = [ modules = [
./hosts/m3-kratos ./hosts/m3-kratos
agenix.nixosModules.default agenix.nixosModules.default
nur.modules.nixos.default
m3ta-nixpkgs.nixosModules.default
]; ];
}; };
m3-helios = nixpkgs.lib.nixosSystem { m3-helios = nixpkgs.lib.nixosSystem {
@@ -95,18 +111,35 @@
./hosts/m3-helios ./hosts/m3-helios
inputs.disko.nixosModules.disko inputs.disko.nixosModules.disko
agenix.nixosModules.default agenix.nixosModules.default
m3ta-nixpkgs.nixosModules.default
]; ];
}; };
}; };
homeConfigurations = { homeConfigurations = {
"m3tam3re@m3-ares" = home-manager.lib.homeManagerConfiguration { "m3tam3re@m3-daedalus" = home-manager.lib.homeManagerConfiguration {
pkgs = nixpkgs.legacyPackages."x86_64-linux"; pkgs = nixpkgs.legacyPackages."x86_64-linux";
extraSpecialArgs = { extraSpecialArgs = {
inherit inputs outputs; inherit inputs outputs;
hostname = "m3-ares"; hostname = "m3-daedalus";
}; };
modules = [./home/m3tam3re/m3tam3re-ares.nix]; modules = [./home/m3tam3re/m3-daedalus.nix];
}; };
}; };
devShells.x86_64-linux.infraShell = let
pkgs = nixpkgs.legacyPackages.x86_64-linux;
in
pkgs.mkShell {
buildInputs = with pkgs; [
opentofu
nixos-anywhere
];
shellHook = ''
echo "Infrastructure Management Shell"
echo "Commands:"
echo " - cd infra/proxmox && tofu init"
echo " - tofu plan"
echo " - tofu apply"
'';
};
}; };
} }

16
home/common/default.nix
View File

@@ -1,23 +1,30 @@
{ {
inputs,
lib, lib,
outputs, outputs,
pkgs, pkgs,
... ...
}: { }: {
imports = [ imports = [
(import inputs.nix-colors.homeManagerModules.default
../../modules/home-manager/zellij-ps.nix) inputs.m3ta-nixpkgs.homeManagerModules.default
]; #imports = builtins.attrValues outputs.homeManagerModules; ]; #imports = builtins.attrValues outputs.homeManagerModules;
nixpkgs = { nixpkgs = {
# You can add overlays here # You can add overlays here
overlays = [ overlays = [
# Add overlays your own flake exports (from overlays and pkgs dir): # Add overlays your own flake exports (from overlays and pkgs dir):
outputs.overlays.additions #outputs.overlays.additions
outputs.overlays.modifications #outputs.overlays.modifications
outputs.overlays.temp-packages
outputs.overlays.stable-packages outputs.overlays.stable-packages
outputs.overlays.locked-packages
outputs.overlays.pinned-packages outputs.overlays.pinned-packages
outputs.overlays.master-packages outputs.overlays.master-packages
inputs.nur.overlays.default
inputs.m3ta-nixpkgs.overlays.default
inputs.m3ta-nixpkgs.overlays.modifications
# You can also add overlays exported from other flakes: # You can also add overlays exported from other flakes:
# neovim-nightly-overlay.overlays.default # neovim-nightly-overlay.overlays.default
@@ -44,4 +51,5 @@
warn-dirty = false; warn-dirty = false;
}; };
}; };
colorScheme = inputs.nix-colors.colorSchemes.dracula;
} }

167
home/features/cli/default.nix
View File

@@ -1,32 +1,165 @@
{pkgs, ...}: { {
config,
pkgs,
...
}: {
imports = [ imports = [
./fish.nix ./fish.nix
./fzf.nix ./fzf.nix
./neofetch.nix ./nitch.nix
./nushell.nix
./secrets.nix ./secrets.nix
./starship.nix ./starship.nix
./zellij.nix ./zellij.nix
]; ];
programs.carapace = {
enable = true;
enableFishIntegration = true;
enableNushellIntegration = true;
enableBashIntegration = true;
};
programs.zoxide = { programs.zoxide = {
enable = true; enable = true;
enableFishIntegration = true; enableFishIntegration = true;
enableNushellIntegration = true;
}; };
programs.neovim = { programs.bat = {
enable = true; enable = true;
defaultEditor = true; config = {
viAlias = true; theme = "universal";
vimAlias = true; };
vimdiffAlias = true; themes = {
withNodeJs = true; universal = {
withPython3 = true; src = pkgs.writeText "universal.tmTheme" ''
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>name</key>
<string>Universal (nix-colors)</string>
<key>settings</key>
<array>
<dict>
<key>settings</key>
<dict>
<key>background</key>
<string>#${config.colorScheme.palette.base00}</string>
<key>foreground</key>
<string>#${config.colorScheme.palette.base05}</string>
<key>caret</key>
<string>#${config.colorScheme.palette.base05}</string>
<key>selection</key>
<string>#${config.colorScheme.palette.base02}</string>
<key>selectionForeground</key>
<string>#${config.colorScheme.palette.base05}</string>
<key>lineHighlight</key>
<string>#${config.colorScheme.palette.base01}</string>
</dict>
</dict>
<dict>
<key>name</key>
<string>Comment</string>
<key>scope</key>
<string>comment</string>
<key>settings</key>
<dict>
<key>foreground</key>
<string>#${config.colorScheme.palette.base03}</string>
<key>fontStyle</key>
<string>italic</string>
</dict>
</dict>
<dict>
<key>name</key>
<string>String</string>
<key>scope</key>
<string>string</string>
<key>settings</key>
<dict>
<key>foreground</key>
<string>#${config.colorScheme.palette.base0A}</string>
</dict>
</dict>
<dict>
<key>name</key>
<string>Number</string>
<key>scope</key>
<string>constant.numeric</string>
<key>settings</key>
<dict>
<key>foreground</key>
<string>#${config.colorScheme.palette.base0E}</string>
</dict>
</dict>
<dict>
<key>name</key>
<string>Keyword</string>
<key>scope</key>
<string>keyword</string>
<key>settings</key>
<dict>
<key>foreground</key>
<string>#${config.colorScheme.palette.base08}</string>
</dict>
</dict>
<dict>
<key>name</key>
<string>Function</string>
<key>scope</key>
<string>entity.name.function</string>
<key>settings</key>
<dict>
<key>foreground</key>
<string>#${config.colorScheme.palette.base0B}</string>
</dict>
</dict>
<dict>
<key>name</key>
<string>Type</string>
<key>scope</key>
<string>entity.name.type, storage.type</string>
<key>settings</key>
<dict>
<key>foreground</key>
<string>#${config.colorScheme.palette.base0D}</string>
</dict>
</dict>
<dict>
<key>name</key>
<string>Variable</string>
<key>scope</key>
<string>variable</string>
<key>settings</key>
<dict>
<key>foreground</key>
<string>#${config.colorScheme.palette.base05}</string>
</dict>
</dict>
<dict>
<key>name</key>
<string>Constant</string>
<key>scope</key>
<string>constant</string>
<key>settings</key>
<dict>
<key>foreground</key>
<string>#${config.colorScheme.palette.base0E}</string>
</dict>
</dict>
</array>
</dict>
</plist>
'';
};
};
}; };
programs.bat = {enable = true;};
programs.direnv = { programs.direnv = {
enable = true; enable = true;
enableNushellIntegration = true;
nix-direnv.enable = nix-direnv.enable =
true; true;
}; };
@@ -50,31 +183,39 @@
}; };
}; };
cli.zellij-ps = {
enable = true;
projectFolders = ["/home/m3tam3re/p"];
};
home.packages = with pkgs; [ home.packages = with pkgs; [
agenix-cli
alejandra alejandra
bc bc
claude-code
comma comma
coreutils coreutils
devenv devenv
fabric-ai
fd fd
gcc gcc
go go
htop htop
httpie httpie
hyprpaper-random
jq jq
just just
lazygit lazygit
llm llm
lf lf
nix-index nix-index
procs nushellPlugins.skim
progress progress
ripgrep ripgrep
rocmPackages.rocm-smi rocmPackages.rocm-smi
rocmPackages.rocminfo rocmPackages.rocminfo
rocmPackages.rocm-runtime rocmPackages.rocm-runtime
tldr tldr
pomodoro-timer
trash-cli trash-cli
unimatrix unimatrix
unzip unzip

38
home/features/cli/fish.nix
View File

@@ -11,6 +11,43 @@ in {
config = mkIf cfg.enable { config = mkIf cfg.enable {
programs.fish = { programs.fish = {
enable = true; enable = true;
interactiveShellInit = ''
# Fish colors using universal nix-colors palette
# Text colors
set -g fish_color_normal ${config.colorScheme.palette.base05} # text
set -g fish_color_param ${config.colorScheme.palette.base05} # text
set -g fish_color_comment ${config.colorScheme.palette.base03} # muted
set -g fish_color_autosuggestion ${config.colorScheme.palette.base03} # muted
# Command colors
set -g fish_color_command ${config.colorScheme.palette.base0D} # accent6 (blue)
set -g fish_color_quote ${config.colorScheme.palette.base0A} # accent3 (yellow)
set -g fish_color_redirection ${config.colorScheme.palette.base0E} # accent7 (purple)
set -g fish_color_end ${config.colorScheme.palette.base08} # accent1 (red)
set -g fish_color_error ${config.colorScheme.palette.base08} # accent1 (red)
set -g fish_color_operator ${config.colorScheme.palette.base0C} # accent5 (cyan)
set -g fish_color_escape ${config.colorScheme.palette.base09} # accent2 (orange)
# Path colors
set -g fish_color_cwd ${config.colorScheme.palette.base0B} # accent4 (green)
set -g fish_color_cwd_root ${config.colorScheme.palette.base08} # accent1 (red)
set -g fish_color_valid_path --underline
# Interactive colors
set -g fish_color_match ${config.colorScheme.palette.base0B} # accent4 (green)
set -g fish_color_selection --background=${config.colorScheme.palette.base02} # overlay
set -g fish_color_search_match --background=${config.colorScheme.palette.base02} # overlay
set -g fish_color_history_current --bold
set -g fish_color_user ${config.colorScheme.palette.base0B} # accent4 (green)
set -g fish_color_host ${config.colorScheme.palette.base0D} # accent6 (blue)
set -g fish_color_cancel -r
# Pager colors
set -g fish_pager_color_completion normal
set -g fish_pager_color_description ${config.colorScheme.palette.base03} # muted
set -g fish_pager_color_prefix ${config.colorScheme.palette.base0E} # accent7 (purple)
set -g fish_pager_color_progress ${config.colorScheme.palette.base0B} # accent4 (green)
'';
loginShellInit = '' loginShellInit = ''
set -x NIX_PATH nixpkgs=channel:nixos-unstable set -x NIX_PATH nixpkgs=channel:nixos-unstable
set -x NIX_LOG info set -x NIX_LOG info
@@ -29,6 +66,7 @@ in {
set -x FZF_DEFAULT_COMMAND fd --type f --exclude .git --follow --hidden set -x FZF_DEFAULT_COMMAND fd --type f --exclude .git --follow --hidden
set -x FZF_CTRL_T_COMMAND "$FZF_DEFAULT_COMMAND" set -x FZF_CTRL_T_COMMAND "$FZF_DEFAULT_COMMAND"
set -x FLAKE $HOME/p/nixos/nixos-config set -x FLAKE $HOME/p/nixos/nixos-config
source /run/agenix/${config.home.username}-secrets
if test (tty) = "/dev/tty1" if test (tty) = "/dev/tty1"
exec uwsm start -S -F /run/current-system/sw/bin/Hyprland exec uwsm start -S -F /run/current-system/sw/bin/Hyprland

27
home/features/cli/fzf.nix
View File

@@ -13,22 +13,25 @@ in {
enable = true; enable = true;
enableFishIntegration = true; enableFishIntegration = true;
colors = { colors = {
"fg" = "#f8f8f2"; "fg" = "#${config.colorScheme.palette.base05}";
"bg" = "#282a36"; "bg" = "#${config.colorScheme.palette.base00}";
"hl" = "#bd93f9"; "hl" = "#${config.colorScheme.palette.base0E}";
"fg+" = "#f8f8f2"; "fg+" = "#${config.colorScheme.palette.base05}";
"bg+" = "#44475a"; "bg+" = "#${config.colorScheme.palette.base02}";
"hl+" = "#bd93f9"; "hl+" = "#${config.colorScheme.palette.base0E}";
"info" = "#ffb86c"; "info" = "#${config.colorScheme.palette.base09}";
"prompt" = "#50fa7b"; "prompt" = "#${config.colorScheme.palette.base0B}";
"pointer" = "#ff79c6"; "pointer" = "#${config.colorScheme.palette.base08}";
"marker" = "#ff79c6"; "marker" = "#${config.colorScheme.palette.base08}";
"spinner" = "#ffb86c"; "spinner" = "#${config.colorScheme.palette.base09}";
"header" = "#6272a4"; "header" = "#${config.colorScheme.palette.base03}";
}; };
defaultOptions = [ defaultOptions = [
"--preview='bat --color=always -n {}'" "--preview='bat --color=always -n {}'"
"--bind 'ctrl-/:toggle-preview'" "--bind 'ctrl-/:toggle-preview'"
"--header 'Press CTRL-Y to copy command into clipboard'"
"--bind 'ctrl-/:toggle-preview'"
"--bind 'ctrl-y:execute-silent(echo -n {2..} | wl-copy)+abort'"
]; ];
defaultCommand = "fd --type f --exclude .git --follow --hidden"; defaultCommand = "fd --type f --exclude .git --follow --hidden";
changeDirWidgetCommand = "fd --type d --exclude .git --follow --hidden"; changeDirWidgetCommand = "fd --type d --exclude .git --follow --hidden";

15
home/features/cli/neofetch.nix
View File

@@ -1,15 +0,0 @@
{
config,
lib,
pkgs,
...
}:
with lib; let
cfg = config.features.cli.neofetch;
in {
options.features.cli.neofetch.enable = mkEnableOption "enable neofetch";
config = mkIf cfg.enable {
home.packages = with pkgs; [neofetch];
};
}

15
home/features/cli/nitch.nix Normal file
View File

@@ -0,0 +1,15 @@
{
config,
lib,
pkgs,
...
}:
with lib; let
cfg = config.features.cli.nitch;
in {
options.features.cli.nitch.enable = mkEnableOption "enable nitch";
config = mkIf cfg.enable {
home.packages = with pkgs; [nitch];
};
}

185
home/features/cli/nushell.nix Normal file
View File

@@ -0,0 +1,185 @@
{
config,
lib,
...
}:
with lib; let
cfg = config.features.cli.nushell;
in {
options.features.cli.nushell.enable = mkEnableOption "enable nushell";
config = mkIf cfg.enable {
programs.nushell = {
enable = true;
envFile.text = ''
$env.config.show_banner = false
$env.NIX_PATH = "nixpkgs=channel:nixos-unstable"
$env.NIX_LOG = "iunfo"
$env.WEBKIT_DISABLE_COMPOSITING_MODE = "1"
$env.TERMINAL = "kitty"
$env.EDITOR = "nvim"
$env.VISUAL = "zed"
$env.FZF_DEFAULT_COMMAND = "fd --type f --exclude .git --follow --hidden"
$env.FZF_DEFAULT_OPTS = "--preview='bat --color=always --style=numbers --line-range=:500 {}' --bind 'ctrl-/:toggle-preview' --header 'Press CTRL-Y to copy to clipboard' --bind 'ctrl-y:execute-silent(echo {} | wl-copy)' --color bg:#${config.colorScheme.palette.base00},bg+:#${config.colorScheme.palette.base02},fg:#${config.colorScheme.palette.base05},fg+:#${config.colorScheme.palette.base05},header:#${config.colorScheme.palette.base03},hl:#${config.colorScheme.palette.base0E},hl+:#${config.colorScheme.palette.base0E},info:#${config.colorScheme.palette.base09},marker:#${config.colorScheme.palette.base08},pointer:#${config.colorScheme.palette.base08},prompt:#${config.colorScheme.palette.base0B},spinner:#${config.colorScheme.palette.base09}"
$env.XDG_DATA_HOME = $"($env.HOME)/.local/share"
$env.FZF_DEFAULT_COMMAND = "fd --type f --exclude .git --follow --hidden"
$env.SSH_AUTH_SOCK = "/run/user/1000/gnupg/S.gpg-agent.ssh"
$env.FLAKE = $"($env.HOME)/p/nixos/nixos-config"
source /run/agenix/${config.home.username}-secrets
'';
configFile.text = ''
# FZF integration functions for nushell
def fzf-file [] {
fd --type f --exclude .git --follow --hidden | fzf --preview 'bat --color=always --style=numbers --line-range=:500 {}' --bind 'ctrl-y:execute-silent(echo {} | wl-copy)'
}
def fzf-dir [] {
fd --type d --exclude .git --follow --hidden | fzf --preview 'ls -la {}'
}
def fzf-history [] {
history | get command | reverse | fzf --bind 'ctrl-y:execute-silent(echo {} | wl-copy)'
}
# Key bindings for FZF
$env.config = {
keybindings: [
{
name: fzf_file
modifier: control
keycode: char_t
mode: [emacs, vi_normal, vi_insert]
event: {
send: executehostcommand
cmd: "commandline edit --insert (fzf-file)"
}
}
{
name: fzf_history
modifier: control
keycode: char_r
mode: [emacs, vi_normal, vi_insert]
event: {
send: executehostcommand
cmd: "commandline edit --replace (fzf-history)"
}
}
]
}
if (tty) == "/dev/tty1" {
exec uwsm start -S -F /run/current-system/sw/bin/Hyprland
}
if (tty) == "/dev/tty2" {
exec gamescope -O HDMI-A-1 -W 1920 -H 1080 --adaptive-sync --hdr-enabled --rt --steam -- steam -pipewire-dmabuf -tenfoot
}
alias .. = cd ..
alias ... = cd ...
alias h = cd $env.HOME
alias b = yazi
alias lt = eza --tree --level=2 --long --icons --git
alias grep = rg
alias just = just --unstable
alias n = nix
alias nd = nix develop -c $nu.current-shell
alias ns = nix shell
alias nsn = nix shell nixpkgs#
alias nb = nix build
alias nbn = nix build nixpkgs#
alias nf = nix flake
alias nr = sudo nixos-rebuild --flake .
alias nrs = sudo nixos-rebuild switch --flake .#(sys host | get hostname)
alias snr = sudo nixos-rebuild --flake .
alias snrs = sudo nixos-rebuild --flake . switch
alias hm = home-manager --flake .
alias hms = home-manager --flake . switch
alias hmr = do { cd ~/projects/nix-configurations; nix flake lock --update-input dotfiles; home-manager --flake .#(whoami)@(hostname) switch }
alias tsu = sudo tailscale up
alias tsd = sudo tailscale down
alias vi = nvim
alias vim = nvim
def history_fuzzy [] {
let selected = (
history
| reverse
| get command
| uniq
| to text
| ^fzf
)
if ($selected | is-not-empty) {
commandline edit ($selected)
} else {
null
}
}
def --env dir_fuzzy [] {
let selected = (
fd --type directory
| ^fzf
)
cd $selected
}
def find_fuzzy [] {
# Find non-hidden text files with matches for any content and select one via fuzzy search
let selected = (
^fd --type file --no-hidden -X rg -l --files-with-matches .
| lines
| to text
| ^fzf
)
if ($selected | is-not-empty) {
^$env.EDITOR $selected
}
}
$env.config = {
keybindings: [
{
name: history_fuzzy
modifier: control
keycode: char_r
mode: [emacs, vi_insert, vi_normal]
event: [
{
send: executehostcommand
cmd: "history_fuzzy"
}
]
}
{
name: dir_fuzzy
modifier: alt
keycode: char_c
mode: [emacs, vi_insert, vi_normal]
event: [
{
send: executehostcommand
cmd: "dir_fuzzy"
}
]
}
{
name: history_fuzzy
modifier: control
keycode: char_t
mode: [emacs, vi_insert, vi_normal]
event: [
{
send: executehostcommand
cmd: "find_fuzzy"
}
]
}
]
}
'';
};
};
}

51
home/features/cli/starship.nix
View File

@@ -12,6 +12,57 @@ in {
programs.starship = { programs.starship = {
enable = true; enable = true;
enableFishIntegration = true; enableFishIntegration = true;
enableNushellIntegration = true;
settings = {
format = "$all$character";
palette = "universal";
palettes.universal = {
background = "#${config.colorScheme.palette.base00}";
surface = "#${config.colorScheme.palette.base01}";
muted = "#${config.colorScheme.palette.base03}";
text = "#${config.colorScheme.palette.base05}";
bright = "#${config.colorScheme.palette.base07}";
accent1 = "#${config.colorScheme.palette.base08}";
accent2 = "#${config.colorScheme.palette.base09}";
accent3 = "#${config.colorScheme.palette.base0A}";
accent4 = "#${config.colorScheme.palette.base0B}";
accent5 = "#${config.colorScheme.palette.base0C}";
accent6 = "#${config.colorScheme.palette.base0D}";
accent7 = "#${config.colorScheme.palette.base0E}";
};
character = {
success_symbol = "[](accent7)";
error_symbol = "[](accent1)";
};
directory = {
style = "accent6";
truncation_length = 3;
truncate_to_repo = false;
};
git_branch = {
style = "accent7";
};
git_status = {
style = "accent5";
};
cmd_duration = {
style = "accent3";
};
hostname = {
style = "accent4";
};
username = {
style_user = "accent2";
};
};
}; };
}; };
} }

16
home/features/cli/zellij.nix
View File

@@ -11,6 +11,22 @@ in {
config = mkIf cfg.enable { config = mkIf cfg.enable {
programs.zellij = { programs.zellij = {
enable = true; enable = true;
settings = {
theme = "universal";
themes.universal = {
bg = "#${config.colorScheme.palette.base00}";
fg = "#${config.colorScheme.palette.base05}";
black = "#${config.colorScheme.palette.base01}";
red = "#${config.colorScheme.palette.base08}";
green = "#${config.colorScheme.palette.base0B}";
yellow = "#${config.colorScheme.palette.base0A}";
blue = "#${config.colorScheme.palette.base0D}";
magenta = "#${config.colorScheme.palette.base0E}";
cyan = "#${config.colorScheme.palette.base0C}";
white = "#${config.colorScheme.palette.base07}";
orange = "#${config.colorScheme.palette.base09}";
};
};
}; };
}; };
} }

7
home/features/coding/default.nix
View File

@@ -1,16 +1,19 @@
{pkgs, ...}: { {pkgs, ...}: {
home.packages = with pkgs; [ home.packages = with pkgs; [
devpod devpod
devpod-desktop #devpod-desktop
code2prompt
nur.repos.charmbracelet.crush
(python3.withPackages (ps: (python3.withPackages (ps:
with ps; [ with ps; [
pip
# Scientific packages # Scientific packages
numba numba
numpy numpy
openai-whisper
torch torch
srt srt
])) ]))
pyrefly
nixd nixd
alejandra alejandra
tailwindcss tailwindcss

72
home/features/desktop/coding.nix
View File

@@ -5,7 +5,7 @@
... ...
}: }:
with lib; let with lib; let
cfg = config.features.desktop.office; cfg = config.features.desktop.coding;
in { in {
options.features.desktop.coding.enable = options.features.desktop.coding.enable =
mkEnableOption "install coding related stuff"; mkEnableOption "install coding related stuff";
@@ -15,73 +15,9 @@ in {
bruno bruno
insomnia insomnia
]; ];
coding.editors = {
programs.zed-editor = { neovim.enable = true;
enable = true; zed.enable = true;
userSettings = {
features = {
edit_prediction_provider = "zed";
inline_completion_provider = "zed";
copilot = false;
};
telemetry = {
metrics = false;
};
lsp = {
rust_analyzer = {
binary = {path_lookup = true;};
};
};
languages = {
Nix = {
language_servers = ["nixd"];
formatter = {
external = {
command = "alejandra";
arguments = ["-q" "-"];
};
};
};
Python = {
language_servers = ["pyright"];
formatter = {
external = {
command = "black";
arguments = ["-"];
};
};
};
};
assistant = {
version = "2";
default_model = {
provider = "zed.dev";
model = "claude-3-5-sonnet-latest";
};
};
language_models = {
anthropic = {
version = "1";
api_url = "https://api.anthropic.com";
};
openai = {
version = "1";
api_url = "https://api.openai.com/v1";
};
ollama = {
api_url = "http://localhost:11434";
};
};
auto_update = false;
format_on_save = "on";
vim_mode = true;
load_direnv = "shell_hook";
theme = "Dracula";
buffer_font_family = "FiraCode Nerd Font";
ui_font_size = 16;
buffer_font_size = 16;
show_edit_predictions = true;
};
}; };
}; };
} }

15
home/features/desktop/crypto.nix Normal file
View File

@@ -0,0 +1,15 @@
{
config,
lib,
pkgs,
...
}:
with lib; let
cfg = config.features.desktop.crypto;
in {
options.features.desktop.crypto.enable = mkEnableOption "Enable Crypto";
config = mkIf cfg.enable {
home.packages = with pkgs; [bisq2 monero-gui trezor-suite];
};
}

85
home/features/desktop/default.nix
View File

@@ -1,6 +1,11 @@
{pkgs, ...}: { {
config,
pkgs,
...
}: {
imports = [ imports = [
./coding.nix ./coding.nix
./crypto.nix
./fonts.nix ./fonts.nix
./gaming.nix ./gaming.nix
./hyprland.nix ./hyprland.nix
@@ -9,7 +14,6 @@
./rofi.nix ./rofi.nix
./theme.nix ./theme.nix
./wayland.nix ./wayland.nix
./wofi.nix
]; ];
xdg = { xdg = {
@@ -43,24 +47,14 @@
NIXOS_OZONE_WL = "1"; NIXOS_OZONE_WL = "1";
TERMINAL = "kitty"; TERMINAL = "kitty";
QT_QPA_PLATFORM = "wayland"; QT_QPA_PLATFORM = "wayland";
XDG_CURRENT_DESKTOP = "Hyprland";
XDG_SESSION_TYPE = "wayland";
XDG_SESSION_DESKTOP = "Hyprland";
}; };
home.sessionPath = ["\${XDG_BIN_HOME}" "\${HOME}/.cargo/bin" "$HOME/.npm-global/bin"]; home.sessionPath = ["\${XDG_BIN_HOME}" "\${HOME}/.cargo/bin" "$HOME/.npm-global/bin"];
fonts.fontconfig.enable = true; fonts.fontconfig.enable = true;
services.mako = {
enable = true;
backgroundColor = "#282a36";
textColor = "#80FFEA";
borderColor = "#9742b5";
width = 400;
height = 150;
padding = "10,20";
borderRadius = 8;
borderSize = 1;
margin = "20,20";
};
programs.kitty = { programs.kitty = {
enable = true; enable = true;
shellIntegration = { shellIntegration = {
@@ -68,8 +62,58 @@
enableBashIntegration = true; enableBashIntegration = true;
}; };
font = {name = "Fira Code";}; font = {name = "Fira Code";};
themeFile = "Dracula";
settings = {copy_on_select = "yes";}; settings = {
copy_on_select = "yes";
# Base colors
foreground = "#${config.colorScheme.palette.base05}";
background = "#${config.colorScheme.palette.base00}";
selection_foreground = "#${config.colorScheme.palette.base07}";
selection_background = "#${config.colorScheme.palette.base02}";
# URL color
url_color = "#${config.colorScheme.palette.base08}";
# Cursor
cursor = "#${config.colorScheme.palette.base05}";
cursor_text_color = "#${config.colorScheme.palette.base00}";
# Colors 0-15
color0 = "#${config.colorScheme.palette.base01}";
color8 = "#${config.colorScheme.palette.base03}";
color1 = "#${config.colorScheme.palette.base08}";
color9 = "#${config.colorScheme.palette.base08}";
color2 = "#${config.colorScheme.palette.base0B}";
color10 = "#${config.colorScheme.palette.base0B}";
color3 = "#${config.colorScheme.palette.base0A}";
color11 = "#${config.colorScheme.palette.base0A}";
color4 = "#${config.colorScheme.palette.base0D}";
color12 = "#${config.colorScheme.palette.base0D}";
color5 = "#${config.colorScheme.palette.base0E}";
color13 = "#${config.colorScheme.palette.base0E}";
color6 = "#${config.colorScheme.palette.base0C}";
color14 = "#${config.colorScheme.palette.base0C}";
color7 = "#${config.colorScheme.palette.base05}";
color15 = "#${config.colorScheme.palette.base07}";
# Tab colors
active_tab_foreground = "#${config.colorScheme.palette.base00}";
active_tab_background = "#${config.colorScheme.palette.base05}";
inactive_tab_foreground = "#${config.colorScheme.palette.base05}";
inactive_tab_background = "#${config.colorScheme.palette.base01}";
# Mark colors
mark1_foreground = "#${config.colorScheme.palette.base00}";
mark1_background = "#${config.colorScheme.palette.base08}";
};
}; };
home.pointerCursor = { home.pointerCursor = {
@@ -83,6 +127,7 @@
appimage-run appimage-run
anytype anytype
# blueberry # blueberry
bemoji
brave brave
# brightnessctl # brightnessctl
# clipman # clipman
@@ -98,13 +143,13 @@
# gsettings-desktop-schemas # gsettings-desktop-schemas
# graphviz # graphviz
# ksnip # ksnip
msty-studio
nwg-look nwg-look
# pamixer # pamixer
# pavucontrol # pavucontrol
# libsForQt5.qtstyleplugins # libsForQt5.qtstyleplugins
# stable.nyxt # stable.nyxt
# pcmanfm # pcmanfm
protonmail-desktop
rose-pine-hyprcursor rose-pine-hyprcursor
# qt5ct # qt5ct
# qt6.qtwayland # qt6.qtwayland
@@ -117,7 +162,9 @@
remmina remmina
slack slack
telegram-desktop telegram-desktop
ungoogled-chromium vivaldi
vivaldi-ffmpeg-codecs
warp-terminal
# wl-clipboard # wl-clipboard
# wlogout # wlogout
# wtype # wtype

3
home/features/desktop/gaming.nix
View File

@@ -13,9 +13,10 @@ in {
config = mkIf cfg.enable { config = mkIf cfg.enable {
home.packages = with pkgs; [ home.packages = with pkgs; [
gamescope gamescope
gamemode
goverlay goverlay
mangohud mangohud
protonup-ng protonplus
]; ];
}; };
} }

382
home/features/desktop/hyprland.nix
View File

@@ -1,184 +1,216 @@
{ {
wayland.windowManager.hyprland = { config,
settings = { lib,
xwayland = { ...
force_zero_scaling = true; }:
}; with lib; let
cfg = config.features.desktop.hyprland;
in {
options.features.desktop.hyprland.enable =
mkEnableOption "Hyprland related stuff";
exec-once = [ config = mkIf cfg.enable {
"hyprpanel" wayland.windowManager.hyprland = {
"hyprpaper" settings = {
"hypridle" xwayland = {
"wl-paste -p -t text --watch clipman store -P --histpath=\"~/.local/share/clipman-primary.json\"" force_zero_scaling = true;
];
env = [
"XCURSOR_SIZE,32"
"HYPRCURSOR_THEME,Bibata-Modern-Ice"
"WLR_NO_HARDWARE_CURSORS,1"
"GTK_THEME,Dracula"
];
input = {
kb_layout = "de,us";
kb_variant = "";
kb_model = "";
kb_rules = "";
kb_options = "ctrl:nocaps";
follow_mouse = 1;
};
general = {
gaps_in = 5;
gaps_out = 5;
border_size = 1;
"col.active_border" = "rgba(9742b5ee) rgba(9742b5ee) 45deg";
"col.inactive_border" = "rgba(595959aa)";
layout = "dwindle";
};
decoration = {
shadow = {
enabled = true;
range = 60;
render_power = 3;
color = "rgba(1E202966)";
offset = "1 2";
scale = 0.97;
}; };
rounding = 8;
blur = {
enabled = true;
size = 3;
passes = 3;
};
active_opacity = 0.9;
inactive_opacity = 0.5;
};
animations = { exec-once = [
enabled = true; "hyprpanel"
bezier = "myBezier, 0.05, 0.9, 0.1, 1.05"; "hyprpaper"
animation = [ "hyprpaper-random"
"windows, 1, 7, myBezier" "hypridle"
"windowsOut, 1, 7, default, popin 80%" "wl-paste --type text --watch cliphist store" # Stores only text data
"border, 1, 10, default" "wl-paste --type image --watch cliphist store" # Stores only image data "wl-paste -p -t text --watch clipman store -P --histpath=\"~/.local/share/clipman-primary.json\""
"borderangle, 1, 8, default" "xwaylandvideobridge"
"fade, 1, 7, default" ];
"workspaces, 1, 6, default"
env = [
"XCURSOR_SIZE,32"
"HYPRCURSOR_THEME,Bibata-Modern-Ice"
"WLR_NO_HARDWARE_CURSORS,1"
"GTK_THEME,Dracula"
];
input = {
kb_layout = "de,us";
kb_variant = "";
kb_model = "";
kb_rules = "";
kb_options = "ctrl:nocaps";
follow_mouse = 1;
};
general = {
gaps_in = 5;
gaps_out = 5;
border_size = 1;
# Keeping the existing active border as requested
"col.active_border" = "rgba(9742b5ee) rgba(9742b5ee) 45deg";
"col.inactive_border" = "rgba(${config.colorScheme.palette.base03}aa)";
layout = "dwindle";
};
decoration = {
shadow = {
enabled = true;
range = 60;
render_power = 3;
color = "rgba(${config.colorScheme.palette.base00}66)";
offset = "1 2";
scale = 0.97;
};
rounding = 8;
blur = {
enabled = true;
size = 3;
passes = 3;
};
active_opacity = 0.9;
inactive_opacity = 0.5;
};
animations = {
enabled = true;
bezier = "myBezier, 0.05, 0.9, 0.1, 1.05";
animation = [
"windows, 1, 7, myBezier"
"windowsOut, 1, 7, default, popin 80%"
"border, 1, 10, default"
"borderangle, 1, 8, default"
"fade, 1, 7, default"
"workspaces, 1, 6, default"
];
};
dwindle = {
pseudotile = true;
preserve_split = true;
};
master = {
new_status = "master";
};
device = [
{
name = "epic-mouse-v1";
sensitivity = -0.5;
}
{
name = "zsa-technology-labs-moonlander-mark-i";
kb_layout = "us";
}
{
name = "keychron-keychron-k7";
kb_layout = "us";
}
];
windowrule = [
"float, class:file_progress"
"float, class:confirm"
"float, class:dialog"
"float, class:download"
"float, class:notification"
"float, class:error"
"float, class:splash"
"float, class:confirmreset"
"float, title:Open File"
"float, title:branchdialog"
"float, class:pavucontrol-qt"
"float, class:pavucontrol"
"fullscreen, class:wlogout"
"float, title:wlogout"
"fullscreen, title:wlogout"
"float, class:mpv"
"idleinhibit focus, class:mpv"
"opacity 1.0 override, class:mpv"
"float, title:^(Media viewer)$"
"float, title:^(Volume Control)$"
"float, title:^(Picture-in-Picture)$"
"float,title:^(floating-pomodoro)$"
"size 250 50, title:^(floating-pomodoro)$"
"move 12 100%-150,title:^(floating-pomodoro)$"
"pin,title:^(floating-pomodoro)$"
"float, initialTitle:.*streamlabs.com.*"
"pin, initialTitle:.*streamlabs.com.*"
"size 800 400, initialTitle:.*streamlabs.com.*"
"move 100%-820 102, initialTitle:.*alert-box.*"
"move 100%-820 512, initialTitle:.*chat-box.*"
"opacity 0.5 override, initialTitle:.*streamlabs.com.*"
"idleinhibit focus, initialTitle:.*streamlabs.com.*"
"noanim, initialTitle:.*streamlabs.com.*"
"noborder, initialTitle:.*streamlabs.com.*"
"noshadow, initialTitle:.*streamlabs.com.*"
"noblur, initialTitle:.*streamlabs.com.*"
"opacity 0.0 override, class:^(xwaylandvideobridge)$"
"noanim, class:^(xwaylandvideobridge)$"
"noinitialfocus, class:^(xwaylandvideobridge)$"
"maxsize 1 1, class:^(xwaylandvideobridge)$"
"noblur, class:^(xwaylandvideobridge)$"
"nofocus, class:^(xwaylandvideobridge)$"
];
"$mainMod" = "SUPER";
"$terminal" = "kitty";
bind = [
"$mainMod, return, exec, $terminal nu -c zellij-ps"
# "$mainMod, t, exec, warp-terminal"
"$mainMod, t, exec, $terminal -e nu -c 'nitch; exec nu'"
"$mainMod SHIFT, t, exec, launch-timer"
"$mainMod, n, exec, $terminal -e nvim"
"$mainMod, z, exec, uwsm app -- zeditor"
"$mainMod, o, exec, hyprctl setprop activewindow opaque toggle"
"$mainMod, r, exec, hyprctl dispatch focuswindow \"initialtitle:.*alert-box.*\" && hyprctl dispatch moveactive exact 4300 102 && hyprctl dispatch focuswindow \"initialtitle:.*chat-box.*\" && hyprctl dispatch moveactive exact 4300 512"
"$mainMod, b, exec, uwsm app -- thunar"
"$mainMod SHIFT, B, exec, uwsm app -- vivaldi"
"$mainMod, Escape, exec, uwsm app -- wlogout -p layer-shell"
"$mainMod, Space, togglefloating"
"$mainMod, q, killactive"
"$mainMod, M, exit"
"$mainMod, F, fullscreen"
"$mainMod SHIFT, V, togglefloating"
"$mainMod, D, exec, uwsm app -- rofi -show drun -run-command \"uwsm app -- {cmd}\""
"$mainMod, V, exec, uwsm app -- cliphist list | rofi -dmenu | cliphist decode | wl-copy"
"$mainMod SHIFT, S, exec, uwsm app -- rofi -show emoji"
"$mainMod, P, exec, uwsm app -- rofi-pass"
"$mainMod SHIFT, P, pseudo"
"$mainMod, J, togglesplit"
"$mainMod, h, movefocus, l"
"$mainMod, l, movefocus, r"
"$mainMod, k, movefocus, u"
"$mainMod, j, movefocus, d"
"$mainMod, 1, workspace, 1"
"$mainMod, 2, workspace, 2"
"$mainMod, 3, workspace, 3"
"$mainMod, 4, workspace, 4"
"$mainMod, 5, workspace, 5"
"$mainMod, 6, workspace, 6"
"$mainMod, 7, workspace, 7"
"$mainMod, 8, workspace, 8"
"$mainMod, 9, workspace, 9"
"$mainMod, 0, workspace, 10"
"$mainMod SHIFT, 1, movetoworkspace, 1"
"$mainMod SHIFT, 2, movetoworkspace, 2"
"$mainMod SHIFT, 3, movetoworkspace, 3"
"$mainMod SHIFT, 4, movetoworkspace, 4"
"$mainMod SHIFT, 5, movetoworkspace, 5"
"$mainMod SHIFT, 6, movetoworkspace, 6"
"$mainMod SHIFT, 7, movetoworkspace, 7"
"$mainMod SHIFT, 8, movetoworkspace, 8"
"$mainMod SHIFT, 9, movetoworkspace, 9"
"$mainMod SHIFT, 0, movetoworkspace, 10"
"$mainMod, mouse_down, workspace, e+1"
"$mainMod, mouse_up, workspace, e-1"
];
bindm = [
"$mainMod, mouse:272, movewindow"
"$mainMod, mouse:273, resizewindow"
]; ];
}; };
dwindle = {
pseudotile = true;
preserve_split = true;
};
master = {
new_status = "master";
};
gestures = {
workspace_swipe = false;
};
device = [
{
name = "epic-mouse-v1";
sensitivity = -0.5;
}
{
name = "zsa-technology-labs-moonlander-mark-i";
kb_layout = "us";
}
{
name = "keychron-keychron-k7";
kb_layout = "us";
}
];
windowrule = [
"float, file_progress"
"float, confirm"
"float, dialog"
"float, download"
"float, notification"
"float, error"
"float, splash"
"float, confirmreset"
"float, title:Open File"
"float, title:branchdialog"
"float, Lxappearance"
"float, Wofi"
"float, dunst"
"animation none,Wofi"
"float,viewnior"
"float,feh"
"float, pavucontrol-qt"
"float, pavucontrol"
"float, file-roller"
"fullscreen, wlogout"
"float, title:wlogout"
"fullscreen, title:wlogout"
"idleinhibit focus, mpv"
"idleinhibit fullscreen, firefox"
"float, title:^(Media viewer)$"
"float, title:^(Volume Control)$"
"float, title:^(Picture-in-Picture)$"
"size 800 600, title:^(Volume Control)$"
"move 75 44%, title:^(Volume Control)$"
];
"$mainMod" = "SUPER";
bind = [
"$mainMod, return, exec, kitty -e zellij-ps"
"$mainMod, t, exec, kitty -e fish -c 'neofetch; exec fish'"
"$mainMod SHIFT, e, exec, kitty -e zellij_nvim"
"$mainMod, o, exec, hyprctl setprop activewindow opaque toggle"
"$mainMod, b, exec, thunar"
"$mainMod, Escape, exec, wlogout -p layer-shell"
"$mainMod, Space, togglefloating"
"$mainMod, q, killactive"
"$mainMod, M, exit"
"$mainMod, F, fullscreen"
"$mainMod, V, togglefloating"
"$mainMod, D, exec, rofi -show"
"$mainMod SHIFT, S, exec, bemoji"
"$mainMod, P, exec, rofi-pass"
"$mainMod SHIFT, P, pseudo"
"$mainMod, J, togglesplit"
"$mainMod, h, movefocus, l"
"$mainMod, l, movefocus, r"
"$mainMod, k, movefocus, u"
"$mainMod, j, movefocus, d"
"$mainMod, 1, workspace, 1"
"$mainMod, 2, workspace, 2"
"$mainMod, 3, workspace, 3"
"$mainMod, 4, workspace, 4"
"$mainMod, 5, workspace, 5"
"$mainMod, 6, workspace, 6"
"$mainMod, 7, workspace, 7"
"$mainMod, 8, workspace, 8"
"$mainMod, 9, workspace, 9"
"$mainMod, 0, workspace, 10"
"$mainMod SHIFT, 1, movetoworkspace, 1"
"$mainMod SHIFT, 2, movetoworkspace, 2"
"$mainMod SHIFT, 3, movetoworkspace, 3"
"$mainMod SHIFT, 4, movetoworkspace, 4"
"$mainMod SHIFT, 5, movetoworkspace, 5"
"$mainMod SHIFT, 6, movetoworkspace, 6"
"$mainMod SHIFT, 7, movetoworkspace, 7"
"$mainMod SHIFT, 8, movetoworkspace, 8"
"$mainMod SHIFT, 9, movetoworkspace, 9"
"$mainMod SHIFT, 0, movetoworkspace, 10"
"$mainMod, mouse_down, workspace, e+1"
"$mainMod, mouse_up, workspace, e-1"
];
bindm = [
"$mainMod, mouse:272, movewindow"
"$mainMod, mouse:273, resizewindow"
];
}; };
}; };
} }

26
home/features/desktop/media.nix
View File

@@ -25,8 +25,8 @@ in {
inkscape inkscape
kdePackages.kdenlive kdePackages.kdenlive
krita krita
makemkv libation
mpv #makemkv
pamixer pamixer
pavucontrol pavucontrol
qpwgraph qpwgraph
@@ -40,16 +40,18 @@ in {
unimatrix unimatrix
]; ];
programs.obs-studio = { programs = {
enable = true; mpv = {
plugins = with pkgs.obs-studio-plugins; [ enable = true;
input-overlay bindings = {
obs-gstreamer WHEEL_UP = "seek 10";
obs-vaapi WHEEL_DOWN = "seek -10";
obs-vertical-canvas };
obs-vkcapture config = {
wlrobs profile = "gpu-hq";
]; ytdl-format = "bestvideo+bestaudio";
};
};
}; };
}; };
} }

147
home/features/desktop/rofi.nix
View File

@@ -32,7 +32,152 @@ in {
kb-primary-paste = "Control+V,Shift+Insert"; kb-primary-paste = "Control+V,Shift+Insert";
kb-secondary-paste = "Control+v,Insert"; kb-secondary-paste = "Control+v,Insert";
}; };
theme = "dracula"; theme = let
inherit (config.colorScheme) palette;
in
builtins.toString (pkgs.writeText "rofi-universal-theme.rasi" ''
* {
/* Universal theme colors from nix-colors */
background: #${palette.base00};
surface: #${palette.base01};
overlay: #${palette.base02};
muted: #${palette.base03};
subtle: #${palette.base04};
text: #${palette.base05};
bright-text: #${palette.base06};
highlight: #${palette.base07};
accent1: #${palette.base08};
accent2: #${palette.base09};
accent3: #${palette.base0A};
accent4: #${palette.base0B};
accent5: #${palette.base0C};
accent6: #${palette.base0D};
accent7: #${palette.base0E};
accent8: #${palette.base0F};
/* Global properties */
background-color: @background;
text-color: @text;
font: "Fira Code 12";
border: 0;
margin: 0;
padding: 0;
spacing: 0;
}
window {
background-color: @background;
border: 1px;
border-color: @accent7;
border-radius: 6px;
width: 40%;
padding: 16px;
}
inputbar {
children: [ prompt, entry ];
spacing: 12px;
padding: 8px;
border-radius: 4px;
background-color: @surface;
}
prompt {
text-color: @accent7;
background-color: transparent;
}
entry {
placeholder: "Search...";
placeholder-color: @subtle;
text-color: @text;
background-color: transparent;
cursor-color: @accent7;
}
message {
background-color: @surface;
border-radius: 4px;
padding: 8px;
margin: 8px 0;
}
textbox {
text-color: @text;
background-color: transparent;
}
listview {
background-color: transparent;
margin: 8px 0 0;
lines: 10;
columns: 1;
fixed-height: true;
scrollbar: false;
}
element {
background-color: transparent;
text-color: @text;
padding: 8px;
border-radius: 4px;
spacing: 8px;
}
element normal.normal {
background-color: transparent;
text-color: @text;
}
element selected.normal {
background-color: @accent7;
text-color: @background;
}
element alternate.normal {
background-color: transparent;
text-color: @text;
}
element-icon {
background-color: transparent;
size: 24px;
}
element-text {
background-color: transparent;
text-color: inherit;
vertical-align: 0.5;
}
mode-switcher {
spacing: 0;
background-color: @surface;
border-radius: 4px;
margin: 8px 0 0;
}
button {
padding: 8px 16px;
background-color: transparent;
text-color: @text;
border-radius: 4px;
}
button selected {
background-color: @accent7;
text-color: @background;
}
/* Scrollbar */
scrollbar {
width: 4px;
border: 0;
handle-color: @accent7;
handle-width: 4px;
padding: 0;
}
'');
}; };
}; };
} }

5
home/features/desktop/theme.nix
View File

@@ -1,4 +1,7 @@
{pkgs, ...}: { {
pkgs,
...
}: {
qt = { qt = {
enable = true; enable = true;
platformTheme.name = "gtk"; platformTheme.name = "gtk";

258
home/features/desktop/wayland.nix
View File

@@ -10,264 +10,9 @@ in {
options.features.desktop.wayland.enable = mkEnableOption "wayland extra tools and config"; options.features.desktop.wayland.enable = mkEnableOption "wayland extra tools and config";
config = mkIf cfg.enable { config = mkIf cfg.enable {
programs.waybar = {
enable = true;
style = ''
@define-color background-darker rgba(30, 31, 41, 230);
@define-color background #282a36;
@define-color selection #44475a;
@define-color foreground #f8f8f2;
@define-color comment #6272a4;
@define-color cyan #8be9fd;
@define-color green #50fa7b;
@define-color orange #ffb86c;
@define-color pink #ff79c6;
@define-color purple #bd93f9;
@define-color red #ff5555;
@define-color yellow #f1fa8c;
* {
border: none;
border-radius: 0;
font-family: FiraCode Nerd Font;
font-weight: bold;
font-size: 14px;
min-height: 0;
}
window#waybar {
background: rgba(21, 18, 27, 0);
color: #cdd6f4;
}
tooltip {
background: #1e1e2e;
border-radius: 10px;
border-width: 2px;
border-style: solid;
border-color: #11111b;
}
#workspaces button {
padding: 5px;
color: #313244;
margin-right: 5px;
}
#workspaces button.active {
color: #11111b;
background: #a6e3a1;
border-radius: 10px;
}
#workspaces button.focused {
color: #a6adc8;
background: #eba0ac;
border-radius: 10px;
}
#workspaces button.urgent {
color: #11111b;
background: #a6e3a1;
border-radius: 10px;
}
#workspaces button:hover {
background: #11111b;
color: #cdd6f4;
border-radius: 10px;
}
#custom-language,
#custom-updates,
#custom-caffeine,
#custom-weather,
#window,
#clock,
#battery,
#pulseaudio,
#network,
#workspaces,
#tray,
#backlight {
background: #1e1e2e;
padding: 0px 10px;
margin: 3px 0px;
margin-top: 10px;
border: 1px solid #181825;
}
#tray {
border-radius: 10px;
margin-right: 10px;
}
#workspaces {
background: #1e1e2e;
border-radius: 10px;
margin-left: 10px;
padding-right: 0px;
padding-left: 5px;
}
#custom-caffeine {
color: #89dceb;
border-radius: 10px 0px 0px 10px;
border-right: 0px;
margin-left: 10px;
}
#custom-language {
color: #f38ba8;
border-left: 0px;
border-right: 0px;
}
#custom-updates {
color: #f5c2e7;
border-left: 0px;
border-right: 0px;
}
#window {
border-radius: 10px;
margin-left: 60px;
margin-right: 60px;
}
#clock {
color: #fab387;
border-radius: 10px 0px 0px 10px;
margin-left: 0px;
border-right: 0px;
}
#network {
color: #f9e2af;
border-left: 0px;
border-right: 0px;
}
#pulseaudio {
color: #89b4fa;
border-left: 0px;
border-right: 0px;
}
#pulseaudio.microphone {
color: #cba6f7;
border-left: 0px;
border-right: 0px;
}
#battery {
color: #a6e3a1;
border-radius: 0 10px 10px 0;
margin-right: 10px;
border-left: 0px;
}
#custom-weather {
border-radius: 0px 10px 10px 0px;
border-right: 0px;
margin-left: 0px;
}
'';
settings = {
mainbar = {
layer = "top";
position = "top";
mod = "dock";
exclusive = true;
passthrough = false;
gtk-layer-shell = true;
height = 0;
modules-left = ["clock" "custom/weather" "hyprland/workspaces"];
modules-center = ["hyprland/window"];
modules-right = [
"tray"
"custom/language"
"battery"
"backlight"
"pulseaudio"
"pulseaudio#microphone"
];
"hyprland/window" = {
format = "👉 {}";
seperate-outputs = true;
};
"hyprland/workspaces" = {
disable-scroll = true;
all-outputs = true;
on-click = "activate";
format = " {name} {icon} ";
on-scroll-up = "hyprctl dispatch workspace e+1";
on-scroll-down = "hyprctl dispatch workspace e-1";
format-icons = {
"1" = "";
"2" = "";
"3" = "";
"4" = "";
"5" = "";
"6" = "";
"7" = "";
};
persistent_workspaces = {
"1" = [];
"2" = [];
"3" = [];
"4" = [];
};
};
"custom/weather" = {
format = "{}°C";
tooltip = true;
interval = 3600;
exec = "wttrbar --location Pockau-Lengefeld";
return-type = "json";
};
tray = {
icon-size = 13;
spacing = 10;
};
clock = {
format = " {:%R %d/%m}";
tooltip-format = "<big>{:%Y %B}</big>\n<tt><small>{calendar}</small></tt>";
};
pulseaudio = {
format = "{icon} {volume}%";
tooltip = false;
format-muted = " Muted";
on-click = "pamixer -t";
on-scroll-up = "pamixer -i 5";
on-scroll-down = "pamixer -d 5";
scroll-step = 5;
format-icons = {
headphone = "";
hands-free = "";
headset = "";
phone = "";
portable = "";
car = "";
default = ["" "" ""];
};
};
"pulseaudio#microphone" = {
format = "{format_source}";
format-source = " {volume}%";
format-source-muted = " Muted";
on-click = "pamixer --default-source -t";
on-scroll-up = "pamixer --default-source -i 5";
on-scroll-down = "pamixer --default-source -d 5";
scroll-step = 5;
};
};
};
};
home.packages = with pkgs; [ home.packages = with pkgs; [
grim grim
kdePackages.xwaylandvideobridge
hyprcursor hyprcursor
hyprlock hyprlock
hyprpaper hyprpaper
@@ -277,7 +22,6 @@ in {
wl-clipboard wl-clipboard
wf-recorder wf-recorder
wl-mirror wl-mirror
wl-clipboard
wlogout wlogout
wtype wtype
ydotool ydotool

6
home/features/desktop/wofi.nix
View File

@@ -1,6 +0,0 @@
{pkgs, ...}: {
home.packages = with pkgs; [
wofi
bemoji
];
}

26
home/m3tam3re/dotfiles/default.nix
View File

@@ -1,26 +0,0 @@
{
pkgs,
inputs,
...
}: {
home.file.".config/bat" = {
source = "${inputs.dotfiles}/bat";
recursive = true;
};
home.file.".config/nyxt" = {
source = "${inputs.dotfiles}/nyxt";
recursive = true;
};
# home.file.".config/hypr" = {
# source = "${inputs.dotfiles}/hypr";
# recursive = true;
# };
home.file.".config/nvim" = {
source = "${inputs.dotfiles}/nvim";
recursive = true;
};
home.file.".config/zellij" = {
source = "${inputs.dotfiles}/zellij";
recursive = true;
};
}

46
home/m3tam3re/home-server.nix
View File

@@ -89,27 +89,27 @@
init.defaultBranch = "master"; init.defaultBranch = "master";
}; };
}; };
programs.zellij-ps = { # programs.zellij-ps = {
enable = true; # enable = true;
projectFolders = [ # projectFolders = [
"${config.home.homeDirectory}/p/c" # "${config.home.homeDirectory}/p/c"
"${config.home.homeDirectory}/p" # "${config.home.homeDirectory}/p"
"${config.home.homeDirectory}/.config" # "${config.home.homeDirectory}/.config"
]; # ];
layout = '' # layout = ''
layout { # layout {
pane size=1 borderless=true { # pane size=1 borderless=true {
plugin location="zellij:tab-bar" # plugin location="zellij:tab-bar"
} # }
pane size="70%" command="nvim" # pane size="70%" command="nvim"
pane split_direction="vertical" { # pane split_direction="vertical" {
pane # pane
pane command="unimatrix" # pane command="unimatrix"
} # }
pane size=1 borderless=true { # pane size=1 borderless=true {
plugin location="zellij:status-bar" # plugin location="zellij:status-bar"
} # }
} # }
''; # '';
}; # };
} }

170
home/m3tam3re/home.nix
View File

@@ -24,7 +24,6 @@
# The home.packages option allows you to install Nix packages into your # The home.packages option allows you to install Nix packages into your
# environment. # environment.
home.packages = with pkgs; [ home.packages = with pkgs; [
aider-chat-env
libgtop libgtop
# # Adds the 'hello' command to your environment. It prints a friendly # # Adds the 'hello' command to your environment. It prints a friendly
# # "Hello, world!" when run. # # "Hello, world!" when run.
@@ -81,6 +80,11 @@
# Let Home Manager install and manage itself. # Let Home Manager install and manage itself.
programs.home-manager.enable = true; programs.home-manager.enable = true;
services.cliphist = {
enable = true;
allowImages = true;
};
programs.git = { programs.git = {
enable = true; enable = true;
difftastic.enable = true; difftastic.enable = true;
@@ -95,27 +99,149 @@
init.defaultBranch = "master"; init.defaultBranch = "master";
}; };
}; };
programs.zellij-ps = {
programs.jujutsu = {
enable = true; enable = true;
projectFolders = [ settings = {
"${config.home.homeDirectory}/p/c" user = {
"${config.home.homeDirectory}/p" email = "m@m3tam3re.com";
"${config.home.homeDirectory}/.config" name = "Sascha Koenig";
]; };
layout = '' };
layout {
pane size=1 borderless=true {
plugin location="zellij:tab-bar"
}
pane size="70%" command="nvim"
pane split_direction="vertical" {
pane
pane command="unimatrix"
}
pane size=1 borderless=true {
plugin location="zellij:status-bar"
}
}
'';
}; };
programs.ssh = {
enable = true;
enableDefaultConfig = false;
matchBlocks = {
"AZ-CLD-1" = {
hostname = "152.53.186.119";
user = "sascha.koenig";
port = 2022;
identityFile = "~/.ssh/sascha.koenig";
};
"github.com" = {
hostname = "github.com";
user = "m3tam3re";
port = 22;
identityFile = "~/.ssh/github";
};
"nikhil" = {
hostname = "91.99.176.80";
user = "nikhilmaddirala";
identityFile = "~/.ssh/m3tam3re";
};
"code.m3ta.dev" = {
hostname = "code.m3ta.dev";
user = "m3tam3re";
identityFile = "~/.ssh/gitea";
};
"git.az-gruppe.com" = {
hostname = "git.az-gruppe.com";
port = 2022;
user = "sascha.koenig";
identityFile = "~/.ssh/sascha.koenig";
};
"lkk-nix-1" = {
hostname = "89.58.10.189";
user = "lkk-admin";
identityFile = "~/.ssh/lkk-admin";
};
"m3-r1" = {
hostname = "202.61.226.110";
user = "m3tam3re";
identityFile = "~/.ssh/m3tam3re";
};
"lkk-prod-test" = {
hostname = "192.168.122.215";
user = "root";
identityFile = "~/.ssh/m3tam3re";
};
"lkk-prod-1" = {
hostname = "192.168.0.24";
user = "root";
identityFile = "~/.ssh/m3tam3re";
};
"lkk-prod-2" = {
hostname = "192.168.0.20";
user = "root";
identityFile = "~/.ssh/m3tam3re";
};
"m3-deck" = {
hostname = "192.168.178.193";
user = "m3tam3re";
identityFile = "~/.ssh/m3tam3re";
};
"m3-kratos-vm" = {
hostname = "192.168.122.43";
user = "m3tam3re";
identityFile = "~/.ssh/m3tam3re";
};
"m3-helios" = {
hostname = "192.168.178.210";
user = "m3tam3re";
identityFile = "~/.ssh/m3tam3re";
};
"m3-ares" = {
hostname = "192.168.1.30";
user = "m3tam3re";
identityFile = "~/.ssh/m3tam3re";
};
"m3-atlas" = {
hostname = "152.53.85.162";
user = "m3tam3re";
identityFile = "~/.ssh/m3tam3re";
};
"m3-zelda" = {
hostname = "95.217.189.186";
user = "m3tam3re";
identityFile = "~/.ssh/m3tam3re";
};
"m3-skynet" = {
hostname = "m3-skynet";
user = "admin";
identityFile = "~/.ssh/m3tam3re";
};
"m3-prox-1" = {
hostname = "192.168.1.110";
user = "root";
identityFile = "~/.ssh/m3tam3re";
};
"shp-old" = {
hostname = "95.217.3.250";
port = 2222;
user = "m3tam3re";
identityFile = "~/.ssh/self-host-playbook";
};
"shp-1" = {
hostname = "95.217.189.186";
port = 2222;
user = "m3tam3re";
identityFile = "~/.ssh/self-host-playbook";
};
};
};
# programs.zellij-ps = {
# enable = true;
# projectFolders = [
# "${config.home.homeDirectory}/p/c"
# "${config.home.homeDirectory}/p"
# "${config.home.homeDirectory}/.config"
# ];
# layout = ''
# layout {
# pane size=1 borderless=true {
# plugin location="zellij:tab-bar"
# }
# pane size="70%" command="nvim"
# pane split_direction="vertical" {
# pane
# pane command="unimatrix"
# }
# pane size=1 borderless=true {
# plugin location="zellij:status-bar"
# }
# }
# '';
# };
} }

17
home/m3tam3re/m3-aether.nix Normal file
View File

@@ -0,0 +1,17 @@
{
imports = [
../common
../features/cli
./home-server.nix
];
features = {
cli = {
fish.enable = true;
fzf.enable = true;
nitch.enable = true;
secrets.enable = false;
starship.enable = true;
};
};
}

41
home/m3tam3re/m3-ares.nix
View File

@@ -3,24 +3,16 @@
lib, lib,
... ...
}: }:
with lib; let with lib; {
cfg = config.features.desktop.hyprland;
in {
imports = [ imports = [
../common ../common
./dotfiles
./home.nix ./home.nix
../features/cli ../features/cli
../features/coding ../features/coding
../features/desktop ../features/desktop
#./services/librechat.nix
]; ];
options.features.desktop.hyprland.enable =
mkEnableOption "enable Hyprland";
config = mkMerge [ config = mkMerge [
# Base configuration
{ {
xdg = { xdg = {
# TODO: better structure # TODO: better structure
@@ -31,31 +23,33 @@ in {
associations.added = { associations.added = {
"application/zip" = ["org.gnome.FileRoller.desktop"]; "application/zip" = ["org.gnome.FileRoller.desktop"];
"application/csv" = ["calc.desktop"]; "application/csv" = ["calc.desktop"];
"application/pdf" = ["io.github.zen_browser.zen.desktop"]; "application/pdf" = ["vivaldi-stable.desktop"];
"x-scheme-handler/http" = ["io.github.zen_browser.zen.desktop"]; "x-scheme-handler/http" = ["vivaldi-stable.desktop"];
"x-scheme-handler/https" = ["io.github.zen_browser.zen.desktop"]; "x-scheme-handler/https" = ["vivaldi-stable.desktop"];
}; };
defaultApplications = { defaultApplications = {
"application/zip" = ["org.gnome.FileRoller.desktop"]; "application/zip" = ["org.gnome.FileRoller.desktop"];
"application/csv" = ["calc.desktop"]; "application/csv" = ["calc.desktop"];
"application/pdf" = ["io.github.zen_browser.zen.desktop"]; "application/pdf" = ["vivaldi-stable.desktop"];
"application/md" = ["dev.zed.Zed.desktop"]; "application/md" = ["dev.zed.Zed.desktop"];
"application/text" = ["dev.zed.Zed.desktop"]; "application/text" = ["dev.zed.Zed.desktop"];
"x-scheme-handler/http" = ["io.github.zen_browser.zen.desktop"]; "x-scheme-handler/http" = ["vivaldi-stable.desktop"];
"x-scheme-handler/https" = ["io.github.zen_browser.zen.desktop"]; "x-scheme-handler/https" = ["vivaldi-stable.desktop"];
}; };
}; };
}; };
features = { features = {
cli = { cli = {
fish.enable = true; fish.enable = true;
nushell.enable = true;
fzf.enable = true; fzf.enable = true;
neofetch.enable = true; nitch.enable = true;
secrets.enable = true; secrets.enable = true;
starship.enable = true; starship.enable = true;
}; };
desktop = { desktop = {
coding.enable = true; coding.enable = true;
crypto.enable = true;
gaming.enable = true; gaming.enable = true;
hyprland.enable = true; hyprland.enable = true;
media.enable = true; media.enable = true;
@@ -67,29 +61,32 @@ in {
}; };
} }
(mkIf cfg.enable { (mkIf config.features.desktop.hyprland.enable {
wayland.windowManager.hyprland = { wayland.windowManager.hyprland = {
enable = true; enable = true;
settings = { settings = {
exec-once = ["tuxedo-backlight"];
monitor = [ monitor = [
"eDP-1,preferred,0x0,1.25" "eDP-1,preferred,0x0,1.25"
"HDMI-A-1,preferred,2560x0,1" "HDMI-A-1,1920x1080@120,2560x0,1"
]; ];
workspace = [ workspace = [
"1, monitor:eDP-1, default:true" "1, monitor:eDP-1, default:true"
"2, monitor:eDP-1" "2, monitor:eDP-1"
"3, monitor:eDP-1" "3, monitor:eDP-1"
"4, monitor:HDMI-A-1" "4, monitor:HDMI-A-1,"
"5, monitor:HDMI-A-1,border:false,rounding:false" "5, monitor:HDMI-A-1,border:false,rounding:false"
"6, monitor:HDMI-A-1" "6, monitor:HDMI-A-1"
]; ];
windowrulev2 = [ windowrule = [
"workspace 1,class:dev.zed.Zed" "workspace 1,class:dev.zed.Zed"
"workspace 1,class:Msty"
"workspace 2,class:(com.obsproject.Studio)" "workspace 2,class:(com.obsproject.Studio)"
"workspace 4,opacity 1.0, class:(chromium-browser)" "workspace 4,opacity 1.0, class:(brave-browser)"
"workspace 4,opacity 1.0, class:(zen)" "workspace 4,opacity 1.0, class:(vivaldi-stable)"
"fullscreen,class:^steam_app_\\d+$" "fullscreen,class:^steam_app_\\d+$"
"workspace 5,class:^steam_app_\\d+$" "workspace 5,class:^steam_app_\\d+$"
"idleinhibit focus, class:^steam_app_\\d+$"
]; ];
}; };
}; };

4
home/m3tam3re/m3-atlas.nix
View File

@@ -7,9 +7,9 @@
features = { features = {
cli = { cli = {
fish.enable = true; nushell.enable = true;
fzf.enable = true; fzf.enable = true;
neofetch.enable = true; nitch.enable = true;
secrets.enable = false; secrets.enable = false;
starship.enable = true; starship.enable = true;
}; };

101
home/m3tam3re/m3-daedalus.nix Normal file
View File

@@ -0,0 +1,101 @@
{
config,
lib,
...
}:
with lib; let
cfg = config.features.desktop.hyprland;
in {
imports = [
../common
./home.nix
../features/cli
../features/coding
../features/desktop
#./services/librechat.nix
];
options.features.desktop.hyprland.enable =
mkEnableOption "enable Hyprland";
config = mkMerge [
# Base configuration
{
xdg = {
# TODO: better structure
enable = true;
configFile."mimeapps.list".force = true;
mimeApps = {
enable = true;
associations.added = {
"application/zip" = ["org.gnome.FileRoller.desktop"];
"application/csv" = ["calc.desktop"];
"application/pdf" = ["vivaldi-stable.desktop"];
"x-scheme-handler/http" = ["vivaldi-stable.desktop"];
"x-scheme-handler/https" = ["vivaldi-stable.desktop"];
};
defaultApplications = {
"application/zip" = ["org.gnome.FileRoller.desktop"];
"application/csv" = ["calc.desktop"];
"application/pdf" = ["vivaldi-stable.desktop"];
"application/md" = ["dev.zed.Zed.desktop"];
"application/text" = ["dev.zed.Zed.desktop"];
"x-scheme-handler/http" = ["vivaldi-stable.desktop"];
"x-scheme-handler/https" = ["vivaldi-stable.desktop"];
};
};
};
features = {
cli = {
fish.enable = true;
nushell.enable = true;
fzf.enable = true;
nitch.enable = true;
secrets.enable = true;
starship.enable = true;
};
desktop = {
coding.enable = true;
crypto.enable = false;
gaming.enable = false;
hyprland.enable = false;
media.enable = true;
office.enable = false;
rofi.enable = true;
fonts.enable = true;
wayland.enable = false;
};
};
}
(mkIf cfg.enable {
wayland.windowManager.hyprland = {
enable = true;
settings = {
monitor = [
"eDP-1,preferred,0x0,1.25"
"HDMI-A-1,preferred,2560x0,1"
];
workspace = [
"1, monitor:eDP-1, default:true"
"2, monitor:eDP-1"
"3, monitor:eDP-1"
"4, monitor:HDMI-A-1"
"5, monitor:HDMI-A-1,border:false,rounding:false"
"6, monitor:HDMI-A-1"
];
windowrule = [
"workspace 1,class:dev.zed.Zed"
"workspace 1,class:Msty"
"workspace 2,class:(com.obsproject.Studio)"
"workspace 4,opacity 1.0, class:(brave-browser)"
"workspace 4,opacity 1.0, class:(vivaldi-stable)"
"fullscreen,class:^steam_app_\\d+$"
"workspace 5,class:^steam_app_\\d+$"
"idleinhibit focus, class:^steam_app_\\d+$"
];
};
};
})
];
}

2
home/m3tam3re/m3-helios.nix
View File

@@ -9,7 +9,7 @@
cli = { cli = {
fish.enable = true; fish.enable = true;
fzf.enable = true; fzf.enable = true;
neofetch.enable = true; nitch.enable = true;
secrets.enable = false; secrets.enable = false;
starship.enable = true; starship.enable = true;
}; };

37
home/m3tam3re/m3-kratos.nix
View File

@@ -3,24 +3,16 @@
lib, lib,
... ...
}: }:
with lib; let with lib; {
cfg = config.features.desktop.hyprland;
in {
imports = [ imports = [
../common ../common
./dotfiles
./home.nix ./home.nix
../features/cli ../features/cli
../features/coding ../features/coding
../features/desktop ../features/desktop
./services/librechat.nix
]; ];
options.features.desktop.hyprland.enable =
mkEnableOption "enable Hyprland";
config = mkMerge [ config = mkMerge [
# Base configuration
{ {
xdg = { xdg = {
# TODO: better structure # TODO: better structure
@@ -31,30 +23,31 @@ in {
associations.added = { associations.added = {
"application/zip" = ["org.gnome.FileRoller.desktop"]; "application/zip" = ["org.gnome.FileRoller.desktop"];
"application/csv" = ["calc.desktop"]; "application/csv" = ["calc.desktop"];
"application/pdf" = ["io.github.zen_browser.zen.desktop"]; "application/pdf" = ["vivaldi-stable.desktop"];
"x-scheme-handler/http" = ["io.github.zen_browser.zen.desktop"]; "x-scheme-handler/http" = ["vivaldi-stable.desktop"];
"x-scheme-handler/https" = ["io.github.zen_browser.zen.desktop"]; "x-scheme-handler/https" = ["vivaldi-stable.desktop"];
}; };
defaultApplications = { defaultApplications = {
"application/zip" = ["org.gnome.FileRoller.desktop"]; "application/zip" = ["org.gnome.FileRoller.desktop"];
"application/csv" = ["calc.desktop"]; "application/csv" = ["calc.desktop"];
"application/pdf" = ["io.github.zen_browser.zen.desktop"]; "application/pdf" = ["vivaldi-stable.desktop"];
"application/md" = ["dev.zed.Zed.desktop"]; "application/md" = ["dev.zed.Zed.desktop"];
"application/text" = ["dev.zed.Zed.desktop"]; "application/text" = ["dev.zed.Zed.desktop"];
"x-scheme-handler/http" = ["io.github.zen_browser.zen.desktop"]; "x-scheme-handler/http" = ["vivaldi-stable.desktop"];
"x-scheme-handler/https" = ["io.github.zen_browser.zen.desktop"]; "x-scheme-handler/https" = ["vivaldi-stable.desktop"];
}; };
}; };
}; };
features = { features = {
cli = { cli = {
fish.enable = true; nushell.enable = true;
fzf.enable = true; fzf.enable = true;
neofetch.enable = true; nitch.enable = true;
secrets.enable = true; secrets.enable = true;
starship.enable = true; starship.enable = true;
}; };
desktop = { desktop = {
crypto.enable = true;
coding.enable = true; coding.enable = true;
gaming.enable = true; gaming.enable = true;
hyprland.enable = true; hyprland.enable = true;
@@ -67,7 +60,7 @@ in {
}; };
} }
(mkIf cfg.enable { (mkIf config.features.desktop.hyprland.enable {
wayland.windowManager.hyprland = { wayland.windowManager.hyprland = {
enable = true; enable = true;
settings = { settings = {
@@ -85,11 +78,13 @@ in {
"7, monitor:DP-2" "7, monitor:DP-2"
]; ];
windowrulev2 = [ windowrule = [
"workspace 1,class:dev.zed.Zed" "workspace 1,class:dev.zed.Zed"
"workspace 1,class:Msty"
"workspace 2,class:(com.obsproject.Studio)" "workspace 2,class:(com.obsproject.Studio)"
"workspace 4,opacity 1.0, class:(chromium-browser)" "workspace 4,opacity 1.0, class:(brave-browser)"
"workspace 4,opacity 1.0, class:(zen)" "workspace 4,opacity 1.0, class:(vivaldi-stable)"
"idleinhibit focus, class:^steam_app_\\d+$"
]; ];
}; };
}; };

18
home/m3tam3re/services/librechat.nix
View File

@@ -1,18 +0,0 @@
{
systemd.user.services.librechat = {
Unit = {
Description = "LibreChat Start";
After = ["network-online.target"];
Wants = ["network-online.target"];
};
Install = {WantedBy = ["default.target"];};
Service = {
Type = "oneshot";
RemainAfterExit = "yes";
WorkingDirectory = "/home/m3tam3re/p/r/ai/LibreChat";
ExecStart = "/run/current-system/sw/bin/podman-compose up -d";
ExecStop = "/run/current-system/sw/bin/podman-compose down";
Restart = "on-failure";
};
};
}

11
hosts/common/default.nix
View File

@@ -8,6 +8,7 @@
}: { }: {
imports = [ imports = [
./extraServices ./extraServices
./ports.nix
./users ./users
inputs.home-manager.nixosModules.home-manager inputs.home-manager.nixosModules.home-manager
]; ];
@@ -25,12 +26,16 @@
# You can add overlays here # You can add overlays here
overlays = [ overlays = [
# Add overlays your own flake exports (from overlays and pkgs dir): # Add overlays your own flake exports (from overlays and pkgs dir):
outputs.overlays.additions #outputs.overlays.additions
outputs.overlays.modifications #outputs.overlays.modifications
outputs.overlays.stable-packages outputs.overlays.stable-packages
outputs.overlays.locked-packages
outputs.overlays.pinned-packages outputs.overlays.pinned-packages
outputs.overlays.master-packages outputs.overlays.master-packages
inputs.m3ta-nixpkgs.overlays.default
inputs.m3ta-nixpkgs.overlays.modifications
# You can also add overlays exported from other flakes: # You can also add overlays exported from other flakes:
# neovim-nightly-overlay.overlays.default # neovim-nightly-overlay.overlays.default
@@ -69,5 +74,5 @@
((lib.filterAttrs (_: lib.isType "flake")) inputs); ((lib.filterAttrs (_: lib.isType "flake")) inputs);
nixPath = ["/etc/nix/path"]; nixPath = ["/etc/nix/path"];
}; };
users.defaultUserShell = pkgs.fish; users.defaultUserShell = pkgs.nushell;
} }

3
hosts/common/extraServices/flatpak.nix
View File

@@ -16,8 +16,7 @@ in {
enable = true; enable = true;
wlr.enable = true; wlr.enable = true;
extraPortals = with pkgs; [ extraPortals = with pkgs; [
xdg-desktop-portal-gtk xdg-desktop-portal-hyprland
xdg-desktop-portal-wlr
]; ];
config.common.default = "*"; config.common.default = "*";
}; };

8
hosts/common/extraServices/ollama.nix
View File

@@ -12,10 +12,6 @@ in {
config = mkIf cfg.enable { config = mkIf cfg.enable {
services.ollama = { services.ollama = {
enable = true; enable = true;
package =
if config.services.xserver.videoDrivers == ["amdgpu"] # rocblas-6.0.2 broken
then pkgs.pinned.ollama
else pkgs.ollama;
acceleration = acceleration =
if config.services.xserver.videoDrivers == ["amdgpu"] if config.services.xserver.videoDrivers == ["amdgpu"]
then "rocm" then "rocm"
@@ -24,6 +20,10 @@ in {
else null; else null;
host = "[::]"; host = "[::]";
openFirewall = true; openFirewall = true;
environmentVariables = {
OLLAMA_ORIGINS = "https://msty.studio";
OLLAMA_HOST = "0.0.0.0";
};
}; };
nixpkgs.config = { nixpkgs.config = {
rocmSupport = config.services.xserver.videoDrivers == ["amdgpu"]; rocmSupport = config.services.xserver.videoDrivers == ["amdgpu"];

8
hosts/common/extraServices/virtualisation.nix
View File

@@ -20,7 +20,7 @@ in {
ovmf = { ovmf = {
enable = true; enable = true;
packages = [ packages = [
(pkgs.OVMF.override { (pkgs.locked.OVMF.override {
secureBoot = true; secureBoot = true;
tpmSupport = true; tpmSupport = true;
}) })
@@ -31,8 +31,8 @@ in {
}; };
}; };
programs.virt-manager.enable = true; programs.virt-manager.enable = true;
environment.systemPackages = with pkgs; [ environment = {
OVMFFull systemPackages = [pkgs.qemu];
]; };
}; };
} }

72
hosts/common/ports.nix Normal file
View File

@@ -0,0 +1,72 @@
{config, ...}: {
m3ta.ports = {
enable = true;
definitions = {
# System services
ssh = 22;
# Web & proxy services
traefik = 80;
traefik-ssl = 443;
# Databases
postgres = 5432;
mysql = 3306;
redis = 6379;
# VPN & networking
wireguard = 51820;
tailscale = 41641;
headscale = 3009;
# Containers & web apps
gitea = 3030;
baserow = 3001;
ghost = 3002;
wastebin = 3003;
littlelink = 3004;
searx = 3005;
restreamer = 3006;
paperless = 3012;
vaultwarden = 3013;
slash = 3010;
slash-nemoti = 3016;
kestra = 3018;
outline = 3019;
pangolin = 3020;
pangolin-api = 3021;
pangolin-ws = 3022;
# Home automation
homarr = 7575;
# DNS
adguardhome = 53;
};
hostOverrides = {
# Host-specific overrides
m3-ares = {
# Any custom port overrides for m3-ares
};
m3-atlas = {
# Any custom port overrides for m3-atlas
};
m3-helios = {
# Any custom port overrides for m3-helios
};
m3-kratos = {
# Any custom port overrides for m3-kratos
};
};
};
environment.etc."info/all-ports.json" = {
text = builtins.toJSON {
hostname = config.networking.hostName;
ports = config.m3ta.ports.all; # TODO should only return actually used ports
};
};
}

1
hosts/common/users/m3tam3re.nix
View File

@@ -20,6 +20,7 @@
"input" "input"
"kvm" "kvm"
"qemu-libvirtd" "qemu-libvirtd"
"adbusers"
]; ];
openssh.authorizedKeys.keys = [ openssh.authorizedKeys.keys = [
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC3YEmpYbM+cpmyD10tzNRHEn526Z3LJOzYpWEKdJg8DaYyPbDn9iyVX30Nja2SrW4Wadws0Y8DW+Urs25/wVB6mKl7jgPJVkMi5hfobu3XAz8gwSdjDzRSWJrhjynuaXiTtRYED2INbvjLuxx3X8coNwMw58OuUuw5kNJp5aS2qFmHEYQErQsGT4MNqESe3jvTP27Z5pSneBj45LmGK+RcaSnJe7hG+KRtjuhjI7RdzMeDCX73SfUsal+rHeuEw/mmjYmiIItXhFTDn8ZvVwpBKv7xsJG90DkaX2vaTk0wgJdMnpVIuIRBa4EkmMWOQ3bMLGkLQeK/4FUkNcvQ/4+zcZsg4cY9Q7Fj55DD41hAUdF6SYODtn5qMPsTCnJz44glHt/oseKXMSd556NIw2HOvihbJW7Rwl4OEjGaO/dF4nUw4c9tHWmMn9dLslAVpUuZOb7ykgP0jk79ldT3Dv+2Hj0CdAWT2cJAdFX58KQ9jUPT3tBnObSF1lGMI7t77VU= m3tam3re@m3-nix" "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC3YEmpYbM+cpmyD10tzNRHEn526Z3LJOzYpWEKdJg8DaYyPbDn9iyVX30Nja2SrW4Wadws0Y8DW+Urs25/wVB6mKl7jgPJVkMi5hfobu3XAz8gwSdjDzRSWJrhjynuaXiTtRYED2INbvjLuxx3X8coNwMw58OuUuw5kNJp5aS2qFmHEYQErQsGT4MNqESe3jvTP27Z5pSneBj45LmGK+RcaSnJe7hG+KRtjuhjI7RdzMeDCX73SfUsal+rHeuEw/mmjYmiIItXhFTDn8ZvVwpBKv7xsJG90DkaX2vaTk0wgJdMnpVIuIRBa4EkmMWOQ3bMLGkLQeK/4FUkNcvQ/4+zcZsg4cY9Q7Fj55DD41hAUdF6SYODtn5qMPsTCnJz44glHt/oseKXMSd556NIw2HOvihbJW7Rwl4OEjGaO/dF4nUw4c9tHWmMn9dLslAVpUuZOb7ykgP0jk79ldT3Dv+2Hj0CdAWT2cJAdFX58KQ9jUPT3tBnObSF1lGMI7t77VU= m3tam3re@m3-nix"

111
hosts/m3-aether/configuration.nix Normal file
View File

@@ -0,0 +1,111 @@
# Edit this configuration file to define what should be installed on
# your system. Help is available in the configuration.nix(5) man page, on
# https://search.nixos.org/options and in the NixOS manual (`nixos-help`).
{pkgs, ...}: {
imports = [
# Include the results of the hardware scan.
./disko-config.nix
./hardware-configuration.nix
];
# Bootloader.
boot.loader.grub = {
efiSupport = true;
efiInstallAsRemovable = true;
};
networking.hostName = "m3-helios"; # Define your hostname.
networking.hostId = "3ebf1cd3";
# Pick only one of the below networking options.
# networking.wireless.enable = true; # Enables wireless support via wpa_supplicant.
networking.networkmanager.enable =
true; # Easiest to use and most distros use this by default.
# Set your time zone.
time.timeZone = "Europe/Berlin";
# Configure network proxy if necessary
# networking.proxy.default = "http://user:password@proxy:port/";
# networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain";
# Select internationalisation properties.
i18n.defaultLocale = "en_US.UTF-8";
# console = {
# font = "Lat2-Terminus16";
# keyMap = "us";
# useXkbConfig = true; # use xkb.options in tty.
# };
# Enable the X11 windowing system.
# services.xserver.enable = true;
# Enable the GNOME Desktop Environment.
# services.xserver.displayManager.gdm.enable = true;
# services.xserver.desktopManager.gnome.enable = true;
# Configure keymap in X11
# services.xserver.xkb.layout = "us";
# services.xserver.xkb.options = "eurosign:e,caps:escape";
# Enable CUPS to print documents.
# services.printing.enable = true;
# Enable sound.
# hardware.pulseaudio.enable = true;
# OR
# Enable touchpad support (enabled default in most desktopManager).
# services.libinput.enable = true;
# Define a user account. Don't forget to set a password with passwd.
# List packages installed in system profile. To search, run:
# $ nix search wget
environment.systemPackages = with pkgs; [neovim git];
# Some programs need SUID wrappers, can be configured further or are
# started in user sessions.
# programs.mtr.enable = true;
# programs.gnupg.agent = {
# enable = true;
# enableSSHSupport = true;
# };
# List services that you want to enable:
# Enable the OpenSSH daemon.
services.openssh.enable = true;
services.fstrim = {
enable = true; # For SSD/thin-provisioned storage
interval = "weekly";
};
# Open ports in the firewall.
# networking.firewall.allowedTCPPorts = [ ... ];
# networking.firewall.allowedUDPPorts = [ ... ];
# Or disable the firewall altogether.
# networking.firewall.enable = false;
# Copy the NixOS configuration file and link it from the resulting system
# (/run/current-system/configuration.nix). This is useful in case you
# accidentally delete configuration.nix.
# system.copySystemConfiguration = true;
# This option defines the first version of NixOS you have installed on this particular machine,
# and is used to maintain compatibility with application data (e.g. databases) created on older NixOS versions.
#
# Most users should NEVER change this value after the initial install, for any reason,
# even if you've upgraded your system to a new NixOS release.
#
# This value does NOT affect the Nixpkgs version your packages and OS are pulled from,
# so changing it will NOT upgrade your system - see https://nixos.org/manual/nixos/stable/#sec-upgrading for how
# to actually do that.
#
# This value being lower than the current NixOS release does NOT mean your system is
# out of date, out of support, or vulnerable.
#
# Do NOT change this value unless you have manually inspected all the changes it would make to your configuration,
# and migrated your data accordingly.
#
# For more information, see `man configuration.nix` or https://nixos.org/manual/nixos/stable/options#opt-system.stateVersion .
system.stateVersion = "24.11"; # Did you read the comment?
}

50
hosts/m3-aether/default.nix Normal file
View File

@@ -0,0 +1,50 @@
# A staring point is the basic NIXOS configuration generated by the ISO installer.
# On an existing NIXOS install you can use the following command in your flakes basedir:
# sudo nixos-generate-config --dir ./hosts/m3tam3re
#
# Please make sure to change the first couple of lines in your configuration.nix:
# { config, inputs, ouputs, lib, pkgs, ... }:
#
# {
# imports = [ # Include the results of the hardware scan.
# ./hardware-configuration.nix
# inputs.home-manager.nixosModules.home-manager
# ];
# ...
#
# Moreover please update the packages option in your user configuration and add the home-manager options:
# users.users = {
# m3tam3re = {
# isNormalUser = true;
# initialPassword = "12345";
# extraGroups = [ "wheel" ]; # Enable sudo for the user.
# packages = [ inputs.home-manager.packages.${pkgs.system}.default ];
# };
# };
#
# home-manager = {
# useUserPackages = true;
# extraSpecialArgs = { inherit inputs outputs; };
# users.m3tam3re =
# import ../../home/m3tam3re/${config.networking.hostName}.nix;
# };
#
# Please also change your hostname accordingly:
#:w
# networking.hostName = "nixos"; # Define your hostname.
{
imports = [
../common
./configuration.nix
./programs.nix
./secrets.nix
./services
];
extraServices = {
flatpak.enable = true;
ollama.enable = false;
podman.enable = true;
virtualisation.enable = false;
};
}

39
hosts/m3-aether/disko-config.nix Normal file
View File

@@ -0,0 +1,39 @@
{
disko.devices = {
disk = {
main = {
type = "disk";
device = "/dev/sda";
content = {
type = "gpt";
partitions = {
boot = {
size = "1M";
type = "EF02"; # for GRUB MBR
priority = 1;
};
esp = {
size = "512M";
type = "EF00";
content = {
type = "filesystem";
format = "vfat";
mountpoint = "/boot";
mountOptions = ["defaults" "umask=0077"];
};
};
root = {
size = "100%";
content = {
type = "filesystem";
format = "ext4";
mountpoint = "/";
mountOptions = ["noatime" "nodiratime" "discard"];
};
};
};
};
};
};
};
}

24
hosts/m3-aether/hardware-configuration.nix Normal file
View File

@@ -0,0 +1,24 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
imports =
[ (modulesPath + "/profiles/qemu-guest.nix")
];
boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "virtio_pci" "virtio_scsi" "sd_mod" "sr_mod" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ ];
boot.extraModulePackages = [ ];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true;
# networking.interfaces.ens18.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
}

14
hosts/m3-aether/programs.nix Normal file
View File

@@ -0,0 +1,14 @@
{pkgs, ...}: {
programs.nix-ld.enable = true;
programs.nix-ld.libraries = with pkgs; [
# Add any missing dynamic libraries for unpackaged programs
# here, NOT in environment.systemPackages
];
programs.fish.enable = true;
programs.nh = {
enable = true;
clean.enable = true;
clean.extraArgs = "--keep-since 4d --keep 3";
flake = "/home/m3tam3re/p/nixos/nixos-config";
};
}

15
hosts/m3-aether/secrets.nix Normal file
View File

@@ -0,0 +1,15 @@
{
age = {
secrets = {
traefik = {
file = ../../secrets/traefik.age;
mode = "770";
owner = "traefik";
};
m3tam3re-secrets = {
file = ../../secrets/m3tam3re-secrets.age;
owner = "m3tam3re";
};
};
};
}

7
hosts/m3-aether/services/cloud-init.nix Normal file
View File

@@ -0,0 +1,7 @@
{
services.cloud-init = {
enable = true;
ext4.enable = true;
network.enable = true;
};
}

11
hosts/m3-aether/services/default.nix Normal file
View File

@@ -0,0 +1,11 @@
{
imports = [
./cloud-init.nix
];
systemd.sleep.extraConfig = ''
AllowSuspend=no
AllowHibernation=no
AllowHybridSleep=no
AllowSuspendThenHibernate=no
'';
}

19
hosts/m3-ares/configuration.nix
View File

@@ -24,17 +24,20 @@
boot.loader.systemd-boot.enable = true; boot.loader.systemd-boot.enable = true;
boot.loader.systemd-boot.memtest86.enable = true; boot.loader.systemd-boot.memtest86.enable = true;
boot.initrd.services.lvm.enable = false; boot.initrd.services.lvm.enable = false;
boot.extraModulePackages = with config.boot.kernelPackages; [v4l2loopback]; # boot.kernelModules = [];
boot.kernelModules = ["v4l2loopback"]; boot.kernelPackages = pkgs.linuxPackages_latest;
boot.extraModprobeConfig = '' boot.extraModprobeConfig = ''
options kvm_intel nested=1 options kvm_intel nested=1
options kvm_intel emulate_invalid_guest_state=0 options kvm_intel emulate_invalid_guest_state=0
options kvm ignore_msrs=1 options kvm ignore_msrs=1
options v4l2loopback exclusive_caps=1 max_buffers=2
''; '';
networking.hostName = "m3-ares"; # Define your hostname. networking.hostName = "m3-ares"; # Define your hostname.
# warp-terminal update fix
# networking.extraHosts = ''
# 127.0.0.1 releases.warp.dev
# 127.0.0.1 app.warp.dev
# '';
# Pick only one of the below networking options. # Pick only one of the below networking options.
# networking.wireless.enable = true; # Enables wireless support via wpa_supplicant. # networking.wireless.enable = true; # Enables wireless support via wpa_supplicant.
networking.networkmanager.enable = networking.networkmanager.enable =
@@ -92,7 +95,13 @@
# List services that you want to enable: # List services that you want to enable:
# Enable the OpenSSH daemon. # Enable the OpenSSH daemon.
services.openssh.enable = true; services.openssh = {
enable = true;
settings.PermitRootLogin = "no";
settings = {
PasswordAuthentication = false;
};
};
services.fstrim.enable = true; services.fstrim.enable = true;
# Open ports in the firewall. # Open ports in the firewall.

1
hosts/m3-ares/hardware-configuration.nix
View File

@@ -53,6 +53,7 @@
fileSystems."/mnt/skynet" = { fileSystems."/mnt/skynet" = {
device = "192.168.1.100:/volume3/m3-skynet"; device = "192.168.1.100:/volume3/m3-skynet";
fsType = "nfs"; fsType = "nfs";
options = ["noauto" "x-systemd.automount"];
}; };
swapDevices = []; swapDevices = [];

26
hosts/m3-ares/hardware.nix
View File

@@ -1,4 +1,4 @@
{ {pkgs, ...}: {
hardware.nvidia = { hardware.nvidia = {
prime = { prime = {
offload.enable = false; offload.enable = false;
@@ -16,11 +16,33 @@
dynamicBoost.enable = true; dynamicBoost.enable = true;
nvidiaSettings = true; nvidiaSettings = true;
}; };
hardware.tuxedo-drivers.enable = true;
hardware.bluetooth.enable = true; hardware.bluetooth.enable = true;
hardware.keyboard.zsa.enable = true; hardware.keyboard.zsa.enable = true;
hardware.graphics.enable = true; hardware.graphics.enable = true;
services.hardware.bolt.enable = true; services.hardware.bolt.enable = true;
services.auto-cpufreq.enable = true; services.auto-cpufreq.enable = true;
services.tlp.enable = true; services.tlp = {
enable = true;
settings = {
START_CHARGE_THRESH_BAT0 = 75;
STOP_CHARGE_THRESH_BAT0 = 80;
};
};
environment.systemPackages = with pkgs; [
tuxedo-backlight
];
security.sudo.extraRules = [
{
users = ["@wheel"];
commands = [
{
command = "/run/current-system/sw/bin/set-backlight";
options = ["NOPASSWD"];
}
];
}
];
} }

12
hosts/m3-ares/services/default.nix
View File

@@ -5,8 +5,9 @@
./postgres.nix ./postgres.nix
./restic.nix ./restic.nix
./sound.nix ./sound.nix
./tailscale.nix
./udev.nix ./udev.nix
#./wireguard.nix ./wireguard.nix
]; ];
services = { services = {
hypridle.enable = true; hypridle.enable = true;
@@ -14,7 +15,14 @@
gvfs.enable = true; gvfs.enable = true;
trezord.enable = true; trezord.enable = true;
gnome.gnome-keyring.enable = true; gnome.gnome-keyring.enable = true;
qdrant.enable = true; qdrant = {
enable = true;
settings = {
service = {
host = "0.0.0.0";
};
};
};
upower.enable = true; upower.enable = true;
avahi = { avahi = {
enable = true; enable = true;

5
hosts/m3-ares/services/postgres.nix
View File

@@ -1,4 +1,7 @@
{pkgs, ...}: { {
pkgs,
...
}: {
services.postgresql = { services.postgresql = {
enable = true; enable = true;
package = pkgs.postgresql_17; package = pkgs.postgresql_17;

5
hosts/m3-ares/services/sound.nix
View File

@@ -1,7 +1,4 @@
{pkgs, ...}: { {
environment.systemPackages = with pkgs; [
speechd
];
security.rtkit.enable = true; security.rtkit.enable = true;
services.pipewire = { services.pipewire = {
enable = true; enable = true;

45
hosts/m3-ares/services/tailscale.nix
View File

@@ -1,40 +1,11 @@
{ {config, ...}: {
config,
pkgs,
...
}: {
services.tailscale = { services.tailscale = {
enable = true; enable = false;
useRoutingFeatures = "client"; authKeyFile = config.age.secrets.tailscale-key.path;
}; useRoutingFeatures = "both";
extraUpFlags = [
systemd.services.tailscale-autoconnect = { "--login-server=https://va.m3tam3re.com"
description = "Automatic connection to Tailscale"; "--accept-routes"
];
# make sure tailscale is running before trying to connect to tailscale
after = ["network-pre.target" "tailscale.service"];
wants = ["network-pre.target" "tailscale.service"];
wantedBy = ["multi-user.target"];
# set this service as a oneshot job
serviceConfig = {
Type = "oneshot";
EnvironmentFile = "${config.age.secrets.tailscale-key.path}";
};
# have the job run this shell script
script = with pkgs; ''
# wait for tailscaled to settle
sleep 2
# check if we are already authenticated to tailscale
status="$(${tailscale}/bin/tailscale status -json | ${jq}/bin/jq -r .BackendState)"
if [ $status = "Running" ]; then # if so, then do nothing
exit 0
fi
# otherwise authenticate with tailscale
${tailscale}/bin/tailscale up --exit-node 100.88.96.77 --authkey $TAILSCALE_KEY
'';
}; };
} }

3
hosts/m3-ares/services/udev.nix
View File

@@ -1,6 +1,7 @@
{pkgs, ...}: { {pkgs, ...}: {
services.udev.extraRules = '' services.udev.extraRules = ''
SUBSYSTEM=="usb", MODE="0666 SUBSYSTEM=="usb", MODE="0666"
SUBSYSTEM=="leds", KERNEL=="rgb:kbd_backlight*", ACTION=="add", RUN+="${pkgs.coreutils}/bin/chmod a+w /sys/class/leds/%k/multi_intensity"
''; '';
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
zsa-udev-rules zsa-udev-rules

2
hosts/m3-ares/services/wireguard.nix
View File

@@ -10,7 +10,7 @@
}; };
NO = { NO = {
configFile = config.age.secrets.wg-NO.path; configFile = config.age.secrets.wg-NO.path;
autostart = true; autostart = false;
}; };
US = { US = {
configFile = config.age.secrets.wg-US.path; configFile = config.age.secrets.wg-US.path;

19
hosts/m3-atlas/secrets.nix
View File

@@ -7,22 +7,41 @@
ghost-env = { ghost-env = {
file = ../../secrets/ghost-env.age; file = ../../secrets/ghost-env.age;
}; };
kestra-config = {
file = ../../secrets/kestra-config.age;
mode = "644";
};
kestra-env = {
file = ../../secrets/kestra-env.age;
};
littlelink-m3tam3re = { littlelink-m3tam3re = {
file = ../../secrets/littlelink-m3tam3re.age; file = ../../secrets/littlelink-m3tam3re.age;
}; };
minio-root-cred = { minio-root-cred = {
file = ../../secrets/minio-root-cred.age; file = ../../secrets/minio-root-cred.age;
}; };
n8n-env = {
file = ../../secrets/n8n-env.age;
};
paperless-key = {
file = ../../secrets/paperless-key.age;
};
restreamer-env = { restreamer-env = {
file = ../../secrets/restreamer-env.age; file = ../../secrets/restreamer-env.age;
}; };
searx = { searx = {
file = ../../secrets/searx.age; file = ../../secrets/searx.age;
}; };
tailscale-key = {
file = ../../secrets/tailscale-key.age;
};
traefik = { traefik = {
file = ../../secrets/traefik.age; file = ../../secrets/traefik.age;
owner = "traefik"; owner = "traefik";
}; };
vaultwarden-env = {
file = ../../secrets/vaultwarden-env.age;
};
m3tam3re-secrets = { m3tam3re-secrets = {
file = ../../secrets/m3tam3re-secrets.age; file = ../../secrets/m3tam3re-secrets.age;
owner = "m3tam3re"; owner = "m3tam3re";

17
hosts/m3-atlas/services/containers/baserow.nix
View File

@@ -1,8 +1,8 @@
{config, ...}: { {config, ...}: {
virtualisation.oci-containers.containers."baserow" = { virtualisation.oci-containers.containers."baserow" = {
image = "docker.io/baserow/baserow:1.30.1"; image = "docker.io/baserow/baserow:1.34.2";
environmentFiles = [config.age.secrets.baserow-env.path]; environmentFiles = [config.age.secrets.baserow-env.path];
ports = ["127.0.0.1:3001:80"]; ports = ["127.0.0.1:${toString (config.m3ta.ports.get "baserow")}:80"];
volumes = ["baserow_data:/baserow/data"]; volumes = ["baserow_data:/baserow/data"];
extraOptions = ["--add-host=postgres:10.89.0.1" "--ip=10.89.0.10" "--network=web"]; extraOptions = ["--add-host=postgres:10.89.0.1" "--ip=10.89.0.10" "--network=web"];
}; };
@@ -10,17 +10,26 @@
services.traefik.dynamicConfigOptions.http = { services.traefik.dynamicConfigOptions.http = {
services.baserow.loadBalancer.servers = [ services.baserow.loadBalancer.servers = [
{ {
url = "http://localhost:3001/"; url = "http://localhost:${toString (config.m3ta.ports.get "baserow")}/";
} }
]; ];
routers.baserow = { routers.baserow = {
rule = "Host(`br.m3tam3re.com`)"; rule = "Host(`br.m3ta.dev`)";
tls = { tls = {
certResolver = "godaddy"; certResolver = "godaddy";
}; };
service = "baserow"; service = "baserow";
entrypoints = "websecure"; entrypoints = "websecure";
}; };
routers.baserow-old = {
rule = "Host(`br.m3tam3re.com`)";
tls = {
certResolver = "godaddy";
};
service = "baserow";
entrypoints = "websecure";
middlewares = ["subdomain-redirect"];
};
}; };
} }

6
hosts/m3-atlas/services/containers/default.nix
View File

@@ -2,8 +2,14 @@
imports = [ imports = [
./baserow.nix ./baserow.nix
./ghost.nix ./ghost.nix
./kestra.nix
./littlelink.nix ./littlelink.nix
./matomo.nix
# ./n8n.nix
# ./pangolin.nix
./restreamer.nix ./restreamer.nix
./slash.nix
./slash-nemoti.nix
]; ];
system.activationScripts.createPodmanNetworkWeb = lib.mkAfter '' system.activationScripts.createPodmanNetworkWeb = lib.mkAfter ''
if ! /run/current-system/sw/bin/podman network exists web; then if ! /run/current-system/sw/bin/podman network exists web; then

27
hosts/m3-atlas/services/containers/ghost.nix
View File

@@ -1,6 +1,6 @@
{config, ...}: { {config, ...}: {
virtualisation.oci-containers.containers."ghost" = { virtualisation.oci-containers.containers."ghost" = {
image = "docker.io/ghost:5.106.1"; image = "docker.io/ghost:latest";
environmentFiles = [config.age.secrets.ghost-env.path]; environmentFiles = [config.age.secrets.ghost-env.path];
ports = ["127.0.0.1:3002:2368"]; ports = ["127.0.0.1:3002:2368"];
volumes = ["ghost_data:/var/lib/ghost/content"]; volumes = ["ghost_data:/var/lib/ghost/content"];
@@ -13,14 +13,25 @@
url = "http://localhost:3002/"; url = "http://localhost:3002/";
} }
]; ];
routers = {
routers.ghost = { ghost = {
rule = "Host(`www.m3tam3re.com`)"; rule = "Host(`m3ta.dev`) || Host(`www.m3ta.dev`)";
tls = { tls = {
certResolver = "godaddy"; certResolver = "godaddy";
};
service = "ghost";
entrypoints = "websecure";
middlewares = ["strip-www"];
};
ghost-old = {
rule = "Host(`www.m3tam3re.com`)";
tls = {
certResolver = "godaddy";
};
service = "ghost";
entrypoints = "websecure";
middlewares = ["domain-redirect"];
}; };
service = "ghost";
entrypoints = "websecure";
}; };
}; };
} }

34
hosts/m3-atlas/services/containers/kestra.nix Normal file
View File

@@ -0,0 +1,34 @@
{ config, ... }: {
virtualisation.oci-containers.containers."kestra" = {
image = "docker.io/kestra/kestra:latest";
environmentFiles = [ config.age.secrets.kestra-env.path ];
cmd = [ "server" "standalone" "--config" "/etc/config/application.yaml"];
ports = [ "127.0.0.1:3018:8080" ];
user = "root";
volumes = [
"/var/run/docker.sock:/var/run/docker.sock"
"${config.age.secrets.kestra-config.path}:/etc/config/application.yaml"
"kestra_data:/app/storage"
"/tmp/kestra-wd:/tmp/kestra-wd"
];
extraOptions =
[ "--add-host=postgres:10.89.0.1" "--ip=10.89.0.18" "--network=web" ];
};
systemd.tmpfiles.rules = [
"d /tmp/kestra-wd 0750 1000 1000 - -"
];
# Traefik configuration specific to littlelink
services.traefik.dynamicConfigOptions.http = {
services.kestra.loadBalancer.servers =
[{ url = "http://localhost:3018/"; }];
routers.kestra = {
rule = "Host(`k.m3ta.dev`)";
tls = { certResolver = "godaddy"; };
service = "kestra";
entrypoints = "websecure";
};
};
}

2
hosts/m3-atlas/services/containers/littlelink.nix
View File

@@ -3,7 +3,7 @@
image = "ghcr.io/techno-tim/littlelink-server"; image = "ghcr.io/techno-tim/littlelink-server";
environmentFiles = [config.age.secrets.littlelink-m3tam3re.path]; environmentFiles = [config.age.secrets.littlelink-m3tam3re.path];
ports = ["127.0.0.1:3004:3000"]; ports = ["127.0.0.1:3004:3000"];
extraOptions = ["--ip=10.89.0.12" "--network=web"]; extraOptions = ["--ip=10.89.0.4" "--network=web"];
}; };
# Traefik configuration specific to littlelink # Traefik configuration specific to littlelink
services.traefik.dynamicConfigOptions.http = { services.traefik.dynamicConfigOptions.http = {

43
hosts/m3-atlas/services/containers/matomo.nix Normal file
View File

@@ -0,0 +1,43 @@
{
virtualisation.oci-containers.containers."matomo" = {
image = "docker.io/matomo:latest";
ports = ["127.0.0.1:3011:80"];
volumes = ["matomo_data:/var/www/html"];
environment = {
MATOMO_DATABASE_HOST = "mysql";
MATOMO_DATABASE_USERNAME = "matomo";
MATOMO_DATABASE_PASSWORD = "matomo";
MATOMO_DATABASE_DBNAME = "matomo";
MYSQL_DATABASE = "matomo";
PHP_MEMORY_LIMIT = "2048M";
};
extraOptions = ["--add-host=mysql:10.89.0.1" "--ip=10.89.0.16" "--network=web"];
};
# Traefik configuration specific to ghost
services.traefik.dynamicConfigOptions.http = {
services.matomo.loadBalancer.servers = [
{
url = "http://localhost:3011/";
}
];
routers = {
matomo-nemoti = {
rule = "Host(`stats.nemoti.com`)";
tls = {
certResolver = "godaddy";
};
service = "matomo";
entrypoints = "websecure";
};
matomo-m3tam3re = {
rule = "Host(`stats.m3tam3re.com`)";
tls = {
certResolver = "godaddy";
};
service = "matomo";
entrypoints = "websecure";
};
};
};
}

27
hosts/m3-atlas/services/containers/n8n.nix Normal file
View File

@@ -0,0 +1,27 @@
{config, ...}: {
virtualisation.oci-containers.containers."n8n" = {
image = "docker.n8n.io/n8nio/n8n";
environmentFiles = [config.age.secrets.n8n-env.path];
ports = ["127.0.0.1:5678:5678"];
volumes = ["n8n_data:/home/node/.n8n"];
extraOptions = ["--add-host=postgres:10.89.0.1" "--ip=10.89.0.14" "--network=web"];
};
# Traefik configuration specific to n8n
services.traefik.dynamicConfigOptions.http = {
services.n8n.loadBalancer.servers = [
{
url = "http://localhost:5678/";
}
];
routers.n8n = {
rule = "Host(`wf.m3tam3re.com`)";
tls = {
certResolver = "godaddy";
};
service = "n8n";
entrypoints = "websecure";
};
};
}

211
hosts/m3-atlas/services/containers/pangolin.nix Normal file
View File

@@ -0,0 +1,211 @@
{
config,
pkgs,
lib,
...
}: let
# Define the Pangolin configuration as a Nix attribute set
pangolinConfig = {
app = {
dashboard_url = "https://vpn.m3tam3re.com";
log_level = "info";
save_logs = false;
};
domains = {
vpn = {
base_domain = "m3tam3re.com";
cert_resolver = "godaddy";
prefer_wildcard_cert = false;
};
};
server = {
external_port = 3000;
internal_port = 3001;
next_port = 3002;
internal_hostname = "pangolin";
session_cookie_name = "p_session_token";
resource_access_token_param = "p_token";
resource_session_request_param = "p_session_request";
};
traefik = {
cert_resolver = "godaddy";
http_entrypoint = "web";
https_entrypoint = "websecure";
};
gerbil = {
start_port = 51820;
base_endpoint = "vpn.m3tam3re.com";
use_subdomain = false;
block_size = 24;
site_block_size = 30;
subnet_group = "100.89.137.0/20";
};
rate_limits = {
global = {
window_minutes = 1;
max_requests = 100;
};
};
email = {
smtp_host = config.age.secrets.smtp-host.path;
smtp_port = 587;
smtp_user = config.age.secrets.smtp-user.path;
smtp_pass = config.age.secrets.smtp-pass.path;
no_reply = config.age.secrets.smtp-user.path;
};
users = {
server_admin = {
email = "admin@m3tam3re.com";
password = config.age.secrets.pangolin-admin-password.path;
};
};
flags = {
require_email_verification = true;
disable_signup_without_invite = true;
disable_user_create_org = true;
allow_raw_resources = true;
allow_base_domain_resources = true;
};
};
# Convert Nix attribute set to YAML using a simpler approach
pangolinConfigYaml = pkgs.writeTextFile {
name = "config.yml";
text = lib.generators.toYAML {} pangolinConfig;
};
in {
# Define the containers
virtualisation.oci-containers.containers = {
"pangolin" = {
image = "fosrl/pangolin:1.1.0";
autoStart = true;
volumes = [
"${pangolinConfigYaml}:/app/config/config.yml:ro" # Mount the config file directly
"pangolin_config:/app/config/data" # Volume for persistent data
];
ports = [
"127.0.0.1:3020:3001" # API server
"127.0.0.1:3021:3002" # Next.js server
"127.0.0.1:3022:3000" # API/WebSocket server
];
extraOptions = ["--ip=10.89.0.20" "--network=web"];
};
"gerbil" = {
image = "fosrl/gerbil:1.0.0";
autoStart = true;
volumes = [
"pangolin_config:/var/config" # Share the volume for persistent data
];
cmd = [
"--reachableAt=http://gerbil:3003"
"--generateAndSaveKeyTo=/var/config/key"
"--remoteConfig=http://pangolin:3001/api/v1/gerbil/get-config"
"--reportBandwidthTo=http://pangolin:3001/api/v1/gerbil/receive-bandwidth"
];
ports = [
"51820:51820/udp" # WireGuard port
];
extraOptions = [
"--ip=10.89.0.21"
"--network=web"
"--cap-add=NET_ADMIN"
"--cap-add=SYS_MODULE"
];
};
};
# Secrets for Pangolin
# age.secrets = {
# "smtp-host" = {
# file = ../secrets/smtp-host.age;
# owner = "root";
# group = "root";
# mode = "0400";
# };
# "smtp-user" = {
# file = ../secrets/smtp-user.age;
# owner = "root";
# group = "root";
# mode = "0400";
# };
# "smtp-pass" = {
# file = ../secrets/smtp-pass.age;
# owner = "root";
# group = "root";
# mode = "0400";
# };
# "pangolin-admin-password" = {
# file = ../secrets/pangolin-admin-password.age;
# owner = "root";
# group = "root";
# mode = "0400";
# };
# };
# Traefik configuration for Pangolin
services.traefik.dynamicConfigOptions = {
http = {
# Next.js service (front-end)
services.pangolin-next-service.loadBalancer.servers = [
{url = "http://localhost:3021";}
];
# API service
services.pangolin-api-service.loadBalancer.servers = [
{url = "http://localhost:3022";}
];
# Routers
routers = {
# Next.js router (handles everything except API paths)
"pangolin-next" = {
rule = "Host(`vpn.m3tam3re.com`) && !PathPrefix(`/api/v1`)";
service = "pangolin-next-service";
entrypoints = ["websecure"];
tls = {
certResolver = "godaddy";
};
};
# API router
"pangolin-api" = {
rule = "Host(`vpn.m3tam3re.com`) && PathPrefix(`/api/v1`)";
service = "pangolin-api-service";
entrypoints = ["websecure"];
tls = {
certResolver = "godaddy";
};
};
};
};
};
# Add HTTP provider to Traefik for dynamic configuration from Pangolin
services.traefik.staticConfigOptions.providers.http = {
endpoint = "http://localhost:3020/api/v1/traefik-config";
pollInterval = "5s";
};
# Add experimental section for Badger plugin
services.traefik.staticConfigOptions.experimental = {
plugins = {
#TODO create an overlay for the plugin
badger = {
moduleName = "github.com/fosrl/badger";
version = "v1.0.0";
};
};
};
# Firewall configuration for WireGuard
networking.firewall.allowedUDPPorts = [51820]; # WireGuard port
}

79
hosts/m3-atlas/services/containers/restreamer.nix
View File

@@ -2,25 +2,74 @@
virtualisation.oci-containers.containers."restreamer" = { virtualisation.oci-containers.containers."restreamer" = {
image = "docker.io/datarhei/restreamer:latest"; image = "docker.io/datarhei/restreamer:latest";
environmentFiles = [config.age.secrets.restreamer-env.path]; environmentFiles = [config.age.secrets.restreamer-env.path];
ports = ["127.0.0.1:3006:8080" "1935:1935" "1936:1936"]; # Modified ports to include RTMPS
volumes = ["restreamer_data:/restreamer/db"]; ports = [
"127.0.0.1:${toString (config.m3ta.ports.get "restreamer")}:8080" # Web UI
"127.0.0.1:1936:1935" # RTMP
];
volumes = [
"restreamer_data:/core/data"
"restreamer_config:/core/config"
];
extraOptions = ["--add-host=postgres:10.89.0.1" "--ip=10.89.0.13" "--network=web"]; extraOptions = ["--add-host=postgres:10.89.0.1" "--ip=10.89.0.13" "--network=web"];
}; };
# Traefik configuration specific to baserow
services.traefik.dynamicConfigOptions.http = {
services.restreamer.loadBalancer.servers = [
{
url = "http://localhost:3006/";
}
];
routers.restreamer = { # Traefik configuration
rule = "Host(`stream.m3tam3re.com`)"; services.traefik = {
tls = { dynamicConfigOptions = {
certResolver = "godaddy"; http = {
services.restreamer.loadBalancer.servers = [
{
url = "http://localhost:${toString (config.m3ta.ports.get "restreamer")}/";
}
];
routers.restreamer = {
rule = "Host(`stream.m3ta.dev`)";
tls = {
certResolver = "godaddy";
};
service = "restreamer";
entrypoints = ["websecure"];
};
};
tcp = {
services = {
rtmp-service.loadBalancer.servers = [
{
address = "localhost:1936";
}
];
rtmps-service.loadBalancer.servers = [
{
address = "localhost:1936";
}
];
};
routers = {
rtmp = {
rule = "HostSNI(`*`)"; # Changed to accept all SNI
service = "rtmp-service";
entryPoints = ["rtmp"];
};
rtmps = {
rule = "HostSNI(`stream.m3tam3re.com`)";
service = "rtmps-service";
entryPoints = ["rtmps"];
tls = {
certResolver = "godaddy";
passthrough = false;
};
};
};
}; };
service = "restreamer";
entrypoints = "websecure";
}; };
}; };
# Firewall configuration
networking.firewall = {
allowedTCPPorts = [1935 1945];
};
} }

27
hosts/m3-atlas/services/containers/slash-nemoti.nix Normal file
View File

@@ -0,0 +1,27 @@
{
virtualisation.oci-containers.containers."slash-nemoti" = {
image = "docker.io/yourselfhosted/slash:latest";
ports = ["127.0.0.1:3016:5231"];
volumes = [
"slash-nemoti_data:/var/opt/slash"
];
extraOptions = ["--ip=10.89.0.17" "--network=web"];
};
# Traefik configuration specific to littlelink
services.traefik.dynamicConfigOptions.http = {
services.slash-nemoti.loadBalancer.servers = [
{
url = "http://localhost:3016/";
}
];
routers.slash-nemoti = {
rule = "Host(`l.nemoti.art`)";
tls = {
certResolver = "godaddy";
};
service = "slash-nemoti";
entrypoints = "websecure";
};
};
}

27
hosts/m3-atlas/services/containers/slash.nix Normal file
View File

@@ -0,0 +1,27 @@
{
virtualisation.oci-containers.containers."slash" = {
image = "docker.io/yourselfhosted/slash:latest";
ports = ["127.0.0.1:3010:5231"];
volumes = [
"slash_data:/var/opt/slash"
];
extraOptions = ["--ip=10.89.0.15" "--network=web"];
};
# Traefik configuration specific to littlelink
services.traefik.dynamicConfigOptions.http = {
services.slash.loadBalancer.servers = [
{
url = "http://localhost:3010/";
}
];
routers.slash = {
rule = "Host(`l.m3ta.dev`)";
tls = {
certResolver = "godaddy";
};
service = "slash";
entrypoints = "websecure";
};
};
}

5
hosts/m3-atlas/services/default.nix
View File

@@ -2,12 +2,17 @@
imports = [ imports = [
./containers ./containers
./gitea.nix ./gitea.nix
./headscale.nix
./minio.nix ./minio.nix
./mysql.nix ./mysql.nix
./n8n.nix ./n8n.nix
./outline.nix
./paperless.nix
./postgres.nix ./postgres.nix
./searx.nix ./searx.nix
./tailscale.nix
./traefik.nix ./traefik.nix
./vaultwarden.nix
./wastebin.nix ./wastebin.nix
]; ];
} }

21
hosts/m3-atlas/services/gitea.nix
View File

@@ -1,8 +1,12 @@
{ {config, ...}: {
services.gitea = { services.gitea = {
enable = true; enable = true;
settings = { settings = {
server.ROOT_URL = "https://code.m3tam3re.com"; server = {
ROOT_URL = "https://code.m3ta.dev";
HTTP_PORT = config.m3ta.ports.get "gitea";
};
mailer.SENDMAIL_PATH = "/run/wrappers/bin/sendmail";
service.DISABLE_REGISTRATION = true; service.DISABLE_REGISTRATION = true;
}; };
lfs.enable = true; lfs.enable = true;
@@ -17,17 +21,26 @@
services.traefik.dynamicConfigOptions.http = { services.traefik.dynamicConfigOptions.http = {
services.gitea.loadBalancer.servers = [ services.gitea.loadBalancer.servers = [
{ {
url = "http://localhost:3000/"; url = "http://localhost:${toString (config.m3ta.ports.get "gitea")}/";
} }
]; ];
routers.gitea = { routers.gitea = {
rule = "Host(`code.m3tam3re.com`)"; rule = "Host(`code.m3ta.dev`)";
tls = { tls = {
certResolver = "godaddy"; certResolver = "godaddy";
}; };
service = "gitea"; service = "gitea";
entrypoints = "websecure"; entrypoints = "websecure";
}; };
routers.gitea-old = {
rule = "Host(`code.m3tam3re.com`)";
tls = {
certResolver = "godaddy";
};
service = "gitea";
entrypoints = "websecure";
middlewares = ["subdomain-redirect"];
};
}; };
} }

119
hosts/m3-atlas/services/headscale.nix Normal file
View File

@@ -0,0 +1,119 @@
{
config,
lib,
pkgs,
...
}: {
# Define a new option for the admin user
options.services.headscale = {
adminUser = lib.mkOption {
type = lib.types.str;
default = "m3tam3re";
description = "Username for the headscale admin user";
};
};
config = let
adminUser = config.services.headscale.adminUser;
aclConfig = {
# Groups definition
groups = {
"group:admins" = ["${adminUser}"];
};
acls = [
# Allow all connections within the tailnet
{
action = "accept";
src = ["*"];
dst = ["*:*"];
}
# Allow admin to connect to their own services
{
action = "accept";
src = ["${adminUser}"];
dst = ["${adminUser}:*"];
}
];
# Auto-approvers section for routes
autoApprovers = {
routes = {
"0.0.0.0/0" = ["${adminUser}"];
"10.0.0.0/8" = ["${adminUser}"];
"192.168.0.0/16" = ["${adminUser}"];
};
exitNode = ["${adminUser}"];
};
};
# Convert to HuJSON format with comments
aclHuJson = ''
// Headscale ACL Policy - Generated by NixOS
// Admin user: ${adminUser}
${builtins.toJSON aclConfig}
'';
aclFile = pkgs.writeText "acl-policy.hujson" aclHuJson;
in {
services = {
headscale = {
enable = true;
adminUser = "m3tam3re@m3ta.loc";
port = 3009;
settings = {
server_url = "https://va.m3tam3re.com";
dns = {
base_domain = "m3ta.loc";
nameservers.global = ["8.8.8.8"];
};
logtail.enabled = false;
policy.path = "${aclFile}";
};
};
};
# Create a systemd service to ensure the admin user exists
systemd.services.headscale-ensure-admin = lib.mkIf config.services.headscale.enable {
description = "Ensure Headscale admin user exists";
after = ["headscale.service"];
requires = ["headscale.service"];
wantedBy = ["multi-user.target"];
serviceConfig = {
Type = "oneshot";
RemainAfterExit = true;
User = "headscale";
Group = "headscale";
};
script = ''
# Check if user exists and create if needed
if ! ${pkgs.headscale}/bin/headscale users list | grep -q "${adminUser}"; then
echo "Creating headscale admin user: ${adminUser}"
${pkgs.headscale}/bin/headscale users create "${adminUser}"
else
echo "Headscale admin user ${adminUser} already exists"
fi
'';
};
# Traefik configuration for headscale
services.traefik.dynamicConfigOptions.http = {
services.headscale.loadBalancer.servers = [
{
url = "http://localhost:3009/";
}
];
routers.headscale = {
rule = "Host(`va.m3tam3re.com`)";
tls = {
certResolver = "godaddy";
};
service = "headscale";
entrypoints = "websecure";
};
};
};
}

12
hosts/m3-atlas/services/mysql.nix
View File

@@ -10,14 +10,18 @@
CREATE USER 'ghost'@'10.89.%' IDENTIFIED BY 'ghost'; CREATE USER 'ghost'@'10.89.%' IDENTIFIED BY 'ghost';
GRANT ALL PRIVILEGES ON ghost.* TO 'ghost'@'10.89.%'; GRANT ALL PRIVILEGES ON ghost.* TO 'ghost'@'10.89.%';
CREATE USER 'matomo'@'10.89.%' IDENTIFIED BY 'password'; CREATE USER 'matomo'@'10.89.%' IDENTIFIED BY 'matomo';
GRANT ALL PRIVILEGES ON matomo.* TO 'matomo'@'10.89.%'; GRANT ALL PRIVILEGES ON matomo.* TO 'matomo'@'10.89.%'; '';
'';
}; };
services.mysqlBackup = { services.mysqlBackup = {
enable = true; enable = true;
calendar = "03:00:00"; calendar = "03:00:00";
databases = ["ghost" "matomo"]; databases = ["ghost" "matomo"];
}; };
networking.firewall.allowedTCPPorts = [3306]; networking.firewall = {
extraCommands = ''
iptables -A INPUT -p tcp -s 127.0.0.1 --dport 3306 -j ACCEPT
iptables -A INPUT -p tcp -s 10.89.0.0/24 --dport 3306 -j ACCEPT
'';
};
} }

8
hosts/m3-atlas/services/n8n.nix
View File

@@ -1,9 +1,11 @@
{ {config, ...}: {
services.n8n = { services.n8n = {
enable = true; enable = true;
webhookUrl = "https://wf.m3tam3re.com"; webhookUrl = "https://wf.m3tam3re.com";
}; };
systemd.services.n8n.serviceConfig = {
EnvironmentFile = ["${config.age.secrets.n8n-env.path}"];
};
# Traefik configuration specific to n8n # Traefik configuration specific to n8n
services.traefik.dynamicConfigOptions.http = { services.traefik.dynamicConfigOptions.http = {
services.n8n.loadBalancer.servers = [ services.n8n.loadBalancer.servers = [
@@ -13,7 +15,7 @@
]; ];
routers.n8n = { routers.n8n = {
rule = "Host(`wf.m3tam3re.com`)"; rule = "Host(`wf.m3ta.dev`)";
tls = { tls = {
certResolver = "godaddy"; certResolver = "godaddy";
}; };

33
hosts/m3-atlas/services/outline.nix Normal file
View File

@@ -0,0 +1,33 @@
{
services.outline = {
enable = true;
port = 3019;
publicUrl = "https://ol.m3ta.dev";
databaseUrl = "postgresql://outline:outline@127.0.0.1:5432/outline";
storage = {
storageType = "local";
};
};
systemd.services.outline.serviceConfig = {
Environment = [
"PGSSLMODE=disable"
];
};
# Traefik configuration specific to littlelink
services.traefik.dynamicConfigOptions.http = {
services.outline.loadBalancer.servers = [
{
url = "http://localhost:3019/";
}
];
routers.outline = {
rule = "Host(`ol.m3ta.dev`)";
tls = {
certResolver = "godaddy";
};
service = "outline";
entrypoints = "websecure";
};
};
}

40
hosts/m3-atlas/services/paperless.nix Normal file
View File

@@ -0,0 +1,40 @@
{config, ...}: {
services.paperless = {
enable = true;
port = config.m3ta.ports.get "paperless";
database.createLocally = true;
passwordFile = config.age.secrets.paperless-key.path;
configureTika = true;
settings = {
PAPERLESS_URL = "https://pl.m3ta.dev";
DATABASE_URL = "postgresql://paperless:paperless@127.0.0.1:${toString (config.m3ta.ports.get "postgres")}/paperless";
PAPERLESS_CONSUMER_IGNORE_PATTERN = [
".DS_STORE/*"
"desktop.ini"
".env"
];
PAPERLESS_OCR_LANGUAGE = "deu+eng";
PAPERLESS_OCR_USER_ARGS = {
optimize = 1;
pdfa_image_compression = "lossless";
};
};
};
# Traefik configuration for headscale
services.traefik.dynamicConfigOptions.http = {
services.paperless.loadBalancer.servers = [
{
url = "http://localhost:${toString (config.m3ta.ports.get "paperless")}/";
}
];
routers.paperless = {
rule = "Host(`pl.m3ta.dev`)";
tls = {
certResolver = "godaddy";
};
service = "paperless";
entrypoints = "websecure";
};
};
}

49
hosts/m3-atlas/services/postgres.nix
View File

@@ -1,24 +1,47 @@
{pkgs, ...}: { {
pkgs,
config,
...
}: {
services.postgresql = { services.postgresql = {
enable = true; enable = true;
enableTCPIP = true; enableTCPIP = true;
package = pkgs.postgresql_15; package = pkgs.postgresql_17;
extensions = with pkgs.postgresql17Packages; [
pgvector
];
authentication = pkgs.lib.mkOverride 10 '' authentication = pkgs.lib.mkOverride 10 ''
local all all trust # Local connections (Unix socket)
host all all 127.0.0.1/32 trust local all postgres peer
host all all ::1/128 trust local paperless paperless scram-sha-256
host all all 10.89.0.0/16 trust
''; # Localhost connections (IPv4 and IPv6)
initialScript = pkgs.writeText "backend-initScript" '' host all postgres 127.0.0.1/32 scram-sha-256
CREATE USER baserow WITH ENCRYPTED PASSWORD 'baserow'; host all postgres ::1/128 scram-sha-256
CREATE DATABASE baserow; host outline outline 127.0.0.1/32 scram-sha-256
ALTER DATABASE baserow OWNER to baserow; host outline outline ::1/128 scram-sha-256
host paperless paperless 127.0.0.1/32 scram-sha-256
host paperless paperless ::1/128 scram-sha-256
# Podman network connections for Baserow
host baserow baserow 10.89.0.0/24 scram-sha-256
host kestra kestra 10.89.0.0/24 scram-sha-256
# Deny all other connections
local all all reject
host all all 0.0.0.0/0 reject
host all all ::/0 reject
''; '';
}; };
services.postgresqlBackup = { services.postgresqlBackup = {
enable = true; enable = true;
startAt = "03:10:00"; startAt = "03:10:00";
databases = ["baserow"]; databases = ["baserow" "paperless" "kestra"];
};
networking.firewall = {
extraCommands = ''
iptables -A INPUT -p tcp -s 127.0.0.1 --dport ${toString (config.m3ta.ports.get "postgres")} -j ACCEPT
iptables -A INPUT -p tcp -s 10.89.0.0/24 --dport ${toString (config.m3ta.ports.get "postgres")} -j ACCEPT
'';
}; };
networking.firewall.allowedTCPPorts = [5432];
} }

11
hosts/m3-atlas/services/searx.nix
View File

@@ -17,12 +17,21 @@
]; ];
routers.searx = { routers.searx = {
rule = "Host(`search.m3tam3re.com`)"; rule = "Host(`search.m3ta.dev`)";
tls = { tls = {
certResolver = "godaddy"; certResolver = "godaddy";
}; };
service = "searx"; service = "searx";
entrypoints = "websecure"; entrypoints = "websecure";
}; };
routers.searx-old = {
rule = "Host(`search.m3tam3re.com`)";
tls = {
certResolver = "godaddy";
};
service = "searx";
entrypoints = "websecure";
middlewares = ["subdomain-redirect"];
};
}; };
} }

27
hosts/m3-atlas/services/tailscale.nix Normal file
View File

@@ -0,0 +1,27 @@
{
config,
lib,
pkgs,
...
}: {
services.tailscale = {
enable = true;
authKeyFile = config.age.secrets.tailscale-key.path;
useRoutingFeatures = "both";
extraUpFlags = [
"--login-server=${config.services.headscale.settings.server_url}"
"--advertise-exit-node"
"--accept-routes"
];
};
services.networkd-dispatcher = lib.mkIf config.services.tailscale.enable {
enable = true;
rules."50-tailscale" = {
onState = ["routable"];
script = ''
NETDEV=$(ip -o route get 8.8.8.8 | cut -f 5 -d " ")
${pkgs.ethtool}/bin/ethtool -K "$NETDEV" rx-udp-gro-forwarding on rx-gro-list off
'';
};
};
}

43
hosts/m3-atlas/services/traefik.nix
View File

@@ -11,6 +11,11 @@
caserver = "https://acme-v02.api.letsencrypt.org/directory"; caserver = "https://acme-v02.api.letsencrypt.org/directory";
dnsChallenge = { dnsChallenge = {
provider = "godaddy"; provider = "godaddy";
resolvers = ["1.1.1.1:53" "8.8.8.8:53"];
propagation = {
delayBeforeChecks = 60;
disableChecks = true;
};
}; };
}; };
}; };
@@ -24,12 +29,48 @@
scheme = "https"; scheme = "https";
}; };
}; };
websecure = {address = ":443";}; rtmp = {
address = ":1935";
};
rtmps = {
address = ":1945";
};
websecure = {
address = ":443";
};
}; };
}; };
dynamicConfigOptions = { dynamicConfigOptions = {
http = { http = {
services = {
dummy = {
loadBalancer.servers = [
{url = "http://192.168.0.1";} # Diese URL wird nie verwendet
];
};
};
middlewares = { middlewares = {
domain-redirect = {
redirectRegex = {
regex = "^https://www\\.m3tam3re\\.com(.*)";
replacement = "https://m3ta.dev$1";
permanent = true;
};
};
strip-www = {
redirectRegex = {
regex = "^https://www\\.(.+)";
replacement = "https://$1";
permanent = true;
};
};
subdomain-redirect = {
redirectRegex = {
regex = "^https://([a-zA-Z0-9-]+)\\.m3tam3re\\.com(.*)";
replacement = "https://$1.m3ta.dev$2";
permanent = true;
};
};
auth = { auth = {
basicAuth = { basicAuth = {
users = ["m3tam3re:$apr1$1xqdta2b$DIVNvvp5iTUGNccJjguKh."]; users = ["m3tam3re:$apr1$1xqdta2b$DIVNvvp5iTUGNccJjguKh."];

29
hosts/m3-atlas/services/vaultwarden.nix Normal file
View File

@@ -0,0 +1,29 @@
{config, ...}: {
services.vaultwarden = {
enable = true;
backupDir = "/var/backup/vaultwarden";
config = {
ROCKET_ADDRESS = "127.0.0.1";
ROCKET_PORT = 3013;
};
environmentFile = "${config.age.secrets.vaultwarden-env.path}";
};
# Traefik configuration for headscale
services.traefik.dynamicConfigOptions.http = {
services.vaultwarden.loadBalancer.servers = [
{
url = "http://localhost:3013/";
}
];
routers.vaultwarden = {
rule = "Host(`vw.m3ta.dev`)";
tls = {
certResolver = "godaddy";
};
service = "vaultwarden";
entrypoints = "websecure";
};
};
}

14
hosts/m3-atlas/services/wastebin.nix
View File

@@ -3,8 +3,9 @@
enable = true; enable = true;
settings = { settings = {
WASTEBIN_TITLE = "m3tam3re's wastebin"; WASTEBIN_TITLE = "m3tam3re's wastebin";
WASTEBIN_BASE_URL = "https://bin.m3tam3re.com"; WASTEBIN_BASE_URL = "https://bin.m3ta.dev";
WASTEBIN_ADDRESS_PORT = "0.0.0.0:3003"; WASTEBIN_ADDRESS_PORT = "0.0.0.0:3003";
WASTEBIN_MAX_BODY_SIZE = 1048576;
}; };
}; };
# Traefik configuration specific to wastebin # Traefik configuration specific to wastebin
@@ -16,12 +17,21 @@
]; ];
routers.wastebin = { routers.wastebin = {
rule = "Host(`bin.m3tam3re.com`)"; rule = "Host(`bin.m3ta.dev`)";
tls = { tls = {
certResolver = "godaddy"; certResolver = "godaddy";
}; };
service = "wastebin"; service = "wastebin";
entrypoints = "websecure"; entrypoints = "websecure";
}; };
routers.wastebin-old = {
rule = "Host(`bin.m3tam3re.com`)";
tls = {
certResolver = "godaddy";
};
service = "wastebin";
entrypoints = "websecure";
middlewares = ["subdomain-redirect"];
};
}; };
} }

8
hosts/m3-helios/services/adguard.nix
View File

@@ -1,10 +1,10 @@
{ {config, ...}: {
services.adguardhome = { services.adguardhome = {
enable = true; enable = true;
openFirewall = true; openFirewall = true;
settings = { settings = {
dns = { dns = {
port = 53; port = config.m3ta.ports.get "adguardhome";
upstream_dns = [ upstream_dns = [
"1.1.1.1" "1.1.1.1"
"8.8.8.8" "8.8.8.8"
@@ -20,6 +20,6 @@
}; };
}; };
}; };
networking.firewall.allowedTCPPorts = [53]; networking.firewall.allowedTCPPorts = [(config.m3ta.ports.get "adguardhome")];
networking.firewall.allowedUDPPorts = [53]; networking.firewall.allowedUDPPorts = [(config.m3ta.ports.get "adguardhome")];
} }

17
hosts/m3-kratos/configuration.nix
View File

@@ -14,11 +14,16 @@
boot.loader.systemd-boot.enable = true; boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true; boot.loader.efi.canTouchEfiVariables = true;
boot.initrd.kernelModules = ["amdgpu"]; boot.initrd.kernelModules = ["amdgpu"];
boot.kernelPackages = pkgs.linuxPackages_6_16;
services.xserver.videoDrivers = ["amdgpu"]; services.xserver.videoDrivers = ["amdgpu"];
security.polkit.enable = true; security.polkit.enable = true;
security.pam.services.gdm.enableGnomeKeyring = true;
networking.hostName = "m3-kratos"; # Define your hostname. networking.hostName = "m3-kratos"; # Define your hostname.
networking.hostId = "458bd616"; networking.hostId = "458bd616";
# networking.extraHosts = ''
# 127.0.0.1 releases.warp.dev
# 127.0.0.1 app.warp.dev
# '';
# Pick only one of the below networking options. # Pick only one of the below networking options.
# networking.wireless.enable = true; # Enables wireless support via wpa_supplicant. # networking.wireless.enable = true; # Enables wireless support via wpa_supplicant.
networking.networkmanager.enable = networking.networkmanager.enable =
@@ -63,7 +68,7 @@
# List packages installed in system profile. To search, run: # List packages installed in system profile. To search, run:
# $ nix search wget # $ nix search wget
environment.systemPackages = with pkgs; [neovim git]; environment.systemPackages = with pkgs; [neovim git n8n];
# Some programs need SUID wrappers, can be configured further or are # Some programs need SUID wrappers, can be configured further or are
# started in user sessions. # started in user sessions.
@@ -76,7 +81,13 @@
# List services that you want to enable: # List services that you want to enable:
# Enable the OpenSSH daemon. # Enable the OpenSSH daemon.
services.openssh.enable = true; services.openssh = {
enable = true;
settings.PermitRootLogin = "no";
settings = {
PasswordAuthentication = false;
};
};
services.fstrim.enable = true; services.fstrim.enable = true;
services.zfs.autoSnapshot.enable = true; services.zfs.autoSnapshot.enable = true;

12
hosts/m3-kratos/programs.nix
View File

@@ -4,6 +4,7 @@
# Add any missing dynamic libraries for unpackaged programs # Add any missing dynamic libraries for unpackaged programs
# here, NOT in environment.systemPackages # here, NOT in environment.systemPackages
]; ];
programs.adb.enable = true;
programs.hyprland = { programs.hyprland = {
enable = true; enable = true;
xwayland.enable = true; xwayland.enable = true;
@@ -19,6 +20,17 @@
dedicatedServer.openFirewall = true; dedicatedServer.openFirewall = true;
gamescopeSession.enable = true; gamescopeSession.enable = true;
}; };
programs.obs-studio = {
enable = true;
enableVirtualCamera = true;
plugins = with pkgs.obs-studio-plugins; [
obs-composite-blur
obs-vaapi
# obs-vertical-canvas
obs-vkcapture
wlrobs
];
};
programs.fish.enable = true; programs.fish.enable = true;
programs.thunar = { programs.thunar = {
enable = true; enable = true;

4
hosts/m3-kratos/secrets.nix
View File

@@ -1,6 +1,9 @@
{ {
age = { age = {
secrets = { secrets = {
tailscale-key = {
file = ../../secrets/tailscale-key.age;
};
wg-DE = { wg-DE = {
file = ../../secrets/wg-DE.age; file = ../../secrets/wg-DE.age;
path = "/etc/wireguard/DE.conf"; path = "/etc/wireguard/DE.conf";
@@ -21,7 +24,6 @@
file = ../../secrets/wg-BR.age; file = ../../secrets/wg-BR.age;
path = "/etc/wireguard/BR.conf"; path = "/etc/wireguard/BR.conf";
}; };
tailscale-key.file = ../../secrets/tailscale-key.age;
m3tam3re-secrets = { m3tam3re-secrets = {
file = ../../secrets/m3tam3re-secrets.age; file = ../../secrets/m3tam3re-secrets.age;
owner = "m3tam3re"; owner = "m3tam3re";

2
hosts/m3-kratos/services/default.nix
View File

@@ -4,6 +4,7 @@
./n8n.nix ./n8n.nix
./postgres.nix ./postgres.nix
./sound.nix ./sound.nix
./tailscale.nix
./udev.nix ./udev.nix
./wireguard.nix ./wireguard.nix
]; ];
@@ -14,6 +15,7 @@
trezord.enable = true; trezord.enable = true;
gnome.gnome-keyring.enable = true; gnome.gnome-keyring.enable = true;
qdrant.enable = true; qdrant.enable = true;
stirling-pdf.enable = true;
avahi = { avahi = {
enable = true; enable = true;
nssmdns4 = true; nssmdns4 = true;

1
hosts/m3-kratos/services/n8n.nix
View File

@@ -6,6 +6,7 @@
systemd.services.n8n = { systemd.services.n8n = {
environment = { environment = {
N8N_SECURE_COOKIE = "false"; N8N_SECURE_COOKIE = "false";
N8N_ENFORCE_SETTINGS_FILE_PERMISSIONS = "false";
}; };
}; };
} }

12
hosts/m3-kratos/services/tailscale.nix Normal file
View File

@@ -0,0 +1,12 @@
{config, ...}: {
services.tailscale = {
enable = true;
authKeyFile = config.age.secrets.tailscale-key.path;
useRoutingFeatures = "both";
extraUpFlags = [
"--login-server=https://va.m3tam3re.com"
"--accept-routes"
"--exit-node-allow-lan-access"
];
};
}

2
hosts/m3-kratos/services/udev.nix
View File

@@ -1,6 +1,6 @@
{pkgs, ...}: { {pkgs, ...}: {
services.udev.extraRules = '' services.udev.extraRules = ''
SUBSYSTEM=="usb", MODE="0666 SUBSYSTEM=="usb", MODE="0666"
''; '';
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
zsa-udev-rules zsa-udev-rules

2
hosts/m3-kratos/services/wireguard.nix
View File

@@ -10,7 +10,7 @@
}; };
NO = { NO = {
configFile = config.age.secrets.wg-NO.path; configFile = config.age.secrets.wg-NO.path;
autostart = true; autostart = false;
}; };
US = { US = {
configFile = config.age.secrets.wg-US.path; configFile = config.age.secrets.wg-US.path;

2
modules/home-manager/default.nix
View File

@@ -1,3 +1,3 @@
{ {
zellij-ps = import ./zellij-ps.nix; #module = import ./module.nix;
} }

44
modules/home-manager/zellij-ps.nix
View File

@@ -1,44 +0,0 @@
{
config,
lib,
pkgs,
...
}:
with lib; let
cfg = config.programs.zellij-ps;
in {
options = {
programs.zellij-ps = {
enable = mkEnableOption "Zellij Project Selector";
projectFolders = lib.mkOption {
type = lib.types.listOf lib.types.path;
description = "List of project folders for zellij-ps.";
default = ["${config.home.homeDirectory}/projects"];
};
layout = lib.mkOption {
type = lib.types.str;
description = "Layout for zellij";
default = ''
layout {
pane size=1 borderless=true {
plugin location="zellij:tab-bar"
}
pane
pane split_direction="vertical" {
pane
pane command="htop"
}
pane size=2 borderless=true {
plugin location="zellij:status-bar"
}
}
'';
};
};
};
config = mkIf cfg.enable {
home.packages = [pkgs.zellij-ps];
home.sessionVariables.PROJECT_FOLDERS = lib.concatStringsSep ":" cfg.projectFolders;
home.file.".config/zellij/layouts/zellij-ps.kdl".text = cfg.layout;
};
}

3
modules/nixos/default.nix Normal file
View File

@@ -0,0 +1,3 @@
{
#module = import ./module.nix;
}

53
overlays/default.nix
View File

@@ -1,24 +1,36 @@
{inputs, ...}: { {inputs, ...}: {
# This one brings our custom packages from the 'pkgs' directory # This one brings our custom packages from the 'pkgs' directory
additions = final: prev: # additions = final: prev:
(import ../pkgs {pkgs = final;}) # (import ../pkgs {pkgs = final;})
// (inputs.hyprpanel.overlay final prev) # // {rose-pine-hyprcursor = inputs.rose-pine-hyprcursor.packages.${prev.system}.default;};
// {rose-pine-hyprcursor = inputs.rose-pine-hyprcursor.packages.${prev.system}.default;};
# This one contains whatever you want to overlay # This one contains whatever you want to overlay
# You can change versions, add patches, set compilation flags, anything really. # You can change versions, add patches, set compilation flags, anything really.
# https://nixos.wiki/wiki/Overlays # https://nixos.wiki/wiki/Overlays
modifications = final: prev: {
n8n = import ./mods/n8n.nix {inherit prev;}; # modifications = final: prev: {
# hyprpanel = inputs.hyprpanel.packages.${prev.system}.default.overrideAttrs (prev: { # n8n = import ./mods/n8n.nix {inherit prev;};
# version = "latest"; # or whatever version you want
# src = final.fetchFromGitHub { # brave = prev.brave.override {
# owner = "Jas-SinghFSU"; # commandLineArgs = "--password-store=gnome-libsecret";
# repo = "HyprPanel"; # };
# rev = "master"; # or a specific commit hash
# hash = "sha256-l623fIVhVCU/ylbBmohAtQNbK0YrWlEny0sC/vBJ+dU="; # hyprpanel = inputs.hyprpanel.packages.${prev.system}.default.overrideAttrs (prev: {
# }; # version = "latest"; # or whatever version you want
# }); # src = final.fetchFromGitHub {
#ffmpeg = inputs.nixpkgs-stable.legacyPackages.${prev.system}.ffmpeg; # owner = "Jas-SinghFSU";
# repo = "HyprPanel";
# rev = "master"; # or a specific commit hash
# hash = "sha256-l623fIVhVCU/ylbBmohAtQNbK0YrWlEny0sC/vBJ+dU=";
# };
# });
# };
temp-packages = final: _prev: {
temp = import inputs.nixpkgs-9e9486b {
system = final.system;
config.allowUnfree = true;
};
}; };
stable-packages = final: _prev: { stable-packages = final: _prev: {
@@ -29,7 +41,14 @@
}; };
pinned-packages = final: _prev: { pinned-packages = final: _prev: {
pinned = import inputs.nixpkgs-d016996 { pinned = import inputs.nixpkgs-9472de4 {
system = final.system;
config.allowUnfree = true;
};
};
locked-packages = final: _prev: {
locked = import inputs.nixpkgs-locked {
system = final.system; system = final.system;
config.allowUnfree = true; config.allowUnfree = true;
}; };

17
overlays/mods/n8n.nix
View File

@@ -1,17 +0,0 @@
{prev}:
prev.n8n.overrideAttrs (oldAttrs: rec {
pname = oldAttrs.pname;
version = "1.78.0";
src = prev.fetchFromGitHub {
owner = "n8n-io";
repo = "n8n";
rev = "n8n@${version}";
hash = "sha256-ebMuhbUyak13wQ7qWvpNCcmL52J24QPsGmEvIifnzVo=";
};
pnpmDeps = prev.pnpm_9.fetchDeps {
inherit pname version src;
hash = "sha256-1vheGCTGacrQMVJjYrEuv4NC4ImSb+WAbYLXpEithnM=";
};
})

50
pkgs/aider-chat-env/default.nix
View File

@@ -1,50 +0,0 @@
{
lib,
stdenv,
python3,
zlib,
libffi,
makeWrapper,
}: let
pythonEnv = python3.withPackages (ps:
with ps; [
# Add any Python packages you want available globally here
virtualenv
]);
in
stdenv.mkDerivation rec {
pname = "aider-chat-env";
version = "0.1.0";
src = ./.;
nativeBuildInputs = [makeWrapper];
buildInputs = [pythonEnv zlib libffi];
installPhase = ''
mkdir -p $out/bin
cat > $out/bin/aider-chat-env <<EOF
#!/bin/sh
VENV_DIR="\$HOME/.aider-chat-venv"
if [ ! -d "\$VENV_DIR" ]; then
${pythonEnv}/bin/python -m venv "\$VENV_DIR"
fi
source "\$VENV_DIR/bin/activate"
python -m pip install -U aider-chat
exec "\$SHELL"
EOF
chmod +x $out/bin/aider-chat-env
'';
postFixup = ''
wrapProgram $out/bin/aider-chat-env \
--prefix PATH : ${lib.makeBinPath buildInputs} \
--prefix LD_LIBRARY_PATH : ${lib.makeLibraryPath [stdenv.cc.cc.lib zlib libffi]}
'';
meta = with lib; {
description = "Python environment with aider-chat";
license = licenses.mit;
platforms = platforms.all;
};
}

4
pkgs/default.nix
View File

@@ -1,5 +1,3 @@
{pkgs, ...}: { {pkgs, ...}: {
# Define your custom packages here # package = pkgs.callPackage ./package {};
zellij-ps = pkgs.callPackage ./zellij-ps {};
aider-chat-env = pkgs.callPackage ./aider-chat-env {};
} }

41
pkgs/zellij-ps/default.nix
View File

@@ -1,41 +0,0 @@
{
lib,
stdenv,
fetchFromGitea,
fish,
fd,
fzf,
makeWrapper,
zellij,
}:
with lib;
stdenv.mkDerivation {
pname = "zellij-ps";
version = "0.1.0";
src = fetchFromGitea {
domain = "code.m3tam3re.com";
owner = "m3tam3re";
repo = "helper-scripts";
rev = "08a3217b83391c1110545c1ee3161eecd5dbe5e9";
sha256 = "1sc4i58mwcg3qsq0wwl5rvk08ykbxc497bq7mrxiirndsarskby7";
};
buildInputs = [];
nativeBuildInputs = [makeWrapper];
installPhase = ''
mkdir -p $out/bin
cp zellij-ps.fish $out/bin/zellij-ps
wrapProgram $out/bin/zellij-ps \
--prefix PATH : ${lib.makeBinPath [fish fd fzf zellij]}
'';
meta = with lib; {
description = "A small project script for zellij";
homepage = "https://code.m3tam3re.com/m3tam3re/helper-scripts";
license = licenses.mit;
maintainers = with maintainers; [m3tam3re];
platforms = platforms.unix;
};
}

5
secrets.nix
View File

@@ -22,11 +22,16 @@ in {
"secrets/ghost-env.age".publicKeys = systems ++ users; "secrets/ghost-env.age".publicKeys = systems ++ users;
"secrets/littlelink-m3tam3re.age".publicKeys = systems ++ users; "secrets/littlelink-m3tam3re.age".publicKeys = systems ++ users;
"secrets/m3tam3re-secrets.age".publicKeys = systems ++ users; "secrets/m3tam3re-secrets.age".publicKeys = systems ++ users;
"secrets/kestra-config.age".publicKeys = systems ++ users;
"secrets/kestra-env.age".publicKeys = systems ++ users;
"secrets/minio-root-cred.age".publicKeys = systems ++ users; "secrets/minio-root-cred.age".publicKeys = systems ++ users;
"secrets/n8n-env.age".publicKeys = systems ++ users;
"secrets/paperless-key.age".publicKeys = systems ++ users;
"secrets/restreamer-env.age".publicKeys = systems ++ users; "secrets/restreamer-env.age".publicKeys = systems ++ users;
"secrets/searx.age".publicKeys = systems ++ users; "secrets/searx.age".publicKeys = systems ++ users;
"secrets/tailscale-key.age".publicKeys = systems ++ users; "secrets/tailscale-key.age".publicKeys = systems ++ users;
"secrets/traefik.age".publicKeys = systems ++ users; "secrets/traefik.age".publicKeys = systems ++ users;
"secrets/vaultwarden-env.age".publicKeys = systems ++ users;
"secrets/wg-DE.age".publicKeys = systems ++ users; "secrets/wg-DE.age".publicKeys = systems ++ users;
"secrets/wg-NL.age".publicKeys = systems ++ users; "secrets/wg-NL.age".publicKeys = systems ++ users;
"secrets/wg-NO.age".publicKeys = systems ++ users; "secrets/wg-NO.age".publicKeys = systems ++ users;

BIN
secrets/baserow-env.age
View File

Binary file not shown.

BIN
secrets/ghost-env.age
View File

Binary file not shown.

Some files were not shown because too many files have changed in this diff Show More