m3tam3re/nixos-config
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: m3tam3re:master
Branches Tags
m3tam3re:master
..
compare: m3tam3re:a5401669102a4b534ee81780a86f24845fef5bab
Branches Tags
m3tam3re:master

4 Commits
master ... a540166910

Author SHA1 Message Date
m3tam3re
a540166910 merge with m3-ares 2025-03-28 09:46:28 +01:00
m3tam3re
7788a8a98b OVMF lock 2025-03-28 09:42:32 +01:00
m3tam3re
aa8636c80d temp fix for autocpu-freq not building 2025-03-28 09:38:15 +01:00
m3tam3re
6011c940ac OVMF pinned 2025-03-27 15:17:51 +01:00
135 changed files with 1274 additions and 4064 deletions
Expand all files Collapse all files

39
.beads/.gitignore vendored
View File

@@ -1,39 +0,0 @@
# SQLite databases
*.db
*.db?*
*.db-journal
*.db-wal
*.db-shm
# Daemon runtime files
daemon.lock
daemon.log
daemon.pid
bd.sock
sync-state.json
last-touched
# Local version tracking (prevents upgrade notification spam after git ops)
.local_version
# Legacy database files
db.sqlite
bd.db
# Worktree redirect file (contains relative path to main repo's .beads/)
# Must not be committed as paths would be wrong in other clones
redirect
# Merge artifacts (temporary files from 3-way merge)
beads.base.jsonl
beads.base.meta.json
beads.left.jsonl
beads.left.meta.json
beads.right.jsonl
beads.right.meta.json
# NOTE: Do NOT add negation patterns (e.g., !issues.jsonl) here.
# They would override fork protection in .git/info/exclude, allowing
# contributors to accidentally commit upstream issue databases.
# The JSONL files (issues.jsonl, interactions.jsonl) and config files
# are tracked by git by default since no pattern above ignores them.

0
.beads/.sync.lock
View File

81
.beads/README.md
View File

@@ -1,81 +0,0 @@
# Beads - AI-Native Issue Tracking
Welcome to Beads! This repository uses **Beads** for issue tracking - a modern, AI-native tool designed to live directly in your codebase alongside your code.
## What is Beads?
Beads is issue tracking that lives in your repo, making it perfect for AI coding agents and developers who want their issues close to their code. No web UI required - everything works through the CLI and integrates seamlessly with git.
**Learn more:** [github.com/steveyegge/beads](https://github.com/steveyegge/beads)
## Quick Start
### Essential Commands
```bash
# Create new issues
bd create "Add user authentication"
# View all issues
bd list
# View issue details
bd show <issue-id>
# Update issue status
bd update <issue-id> --status in_progress
bd update <issue-id> --status done
# Sync with git remote
bd sync
```
### Working with Issues
Issues in Beads are:
- **Git-native**: Stored in `.beads/issues.jsonl` and synced like code
- **AI-friendly**: CLI-first design works perfectly with AI coding agents
- **Branch-aware**: Issues can follow your branch workflow
- **Always in sync**: Auto-syncs with your commits
## Why Beads?
**AI-Native Design**
- Built specifically for AI-assisted development workflows
- CLI-first interface works seamlessly with AI coding agents
- No context switching to web UIs
🚀 **Developer Focused**
- Issues live in your repo, right next to your code
- Works offline, syncs when you push
- Fast, lightweight, and stays out of your way
🔧 **Git Integration**
- Automatic sync with git commits
- Branch-aware issue tracking
- Intelligent JSONL merge resolution
## Get Started with Beads
Try Beads in your own projects:
```bash
# Install Beads
curl -sSL https://raw.githubusercontent.com/steveyegge/beads/main/scripts/install.sh | bash
# Initialize in your repo
bd init
# Create your first issue
bd create "Try out Beads"
```
## Learn More
- **Documentation**: [github.com/steveyegge/beads/docs](https://github.com/steveyegge/beads/tree/main/docs)
- **Quick Start Guide**: Run `bd quickstart`
- **Examples**: [github.com/steveyegge/beads/examples](https://github.com/steveyegge/beads/tree/main/examples)
---
*Beads: Issue tracking that moves at the speed of thought*

0
.beads/interactions.jsonl
View File

2
.beads/issues.jsonl
View File

@@ -1,2 +0,0 @@
{"id":"nixos-config-gx2","title":"form","status":"tombstone","priority":2,"issue_type":"task","created_at":"2026-01-11T11:49:21.688289476+01:00","created_by":"m3tam3re","updated_at":"2026-01-11T11:51:36.426124223+01:00","deleted_at":"2026-01-11T11:51:36.426124223+01:00","deleted_by":"daemon","delete_reason":"delete","original_type":"task"}
{"id":"nixos-config-n4l","title":"Create Gitea action for nix-update package updates","description":"Create a Gitea action to automatically update packages in this nixos-config repository using nix-update.\n\n**Context:**\n- Gitea instance is already running on m3-atlas at code.m3ta.dev (configured in hosts/m3-atlas/services/gitea.nix)\n- The repository is self-hosted on this Gitea instance\n- nix-update is already referenced in home/features/cli/default.nix\n- Currently no Gitea workflows exist (.gitea/ directory does not exist)\n\n**Goal:**\nAutomate package updates by creating a Gitea Actions workflow that:\n1. Runs nix-update periodically (e.g., weekly or on schedule)\n2. Updates package definitions in pkgs/ directory\n3. Creates pull requests with the updates\n4. Uses appropriate secrets/credentials for the Gitea instance\n\n**Requirements:**\n- Create .gitea/workflows/ directory structure\n- Define workflow file with nix-update command\n- Configure triggers (schedule, manual, or on repository events)\n- Set up proper permissions and secrets\n- Test the workflow execution\n\n**Current Repository State:**\n- pkgs/default.nix exists but is minimal (currently just a comment)\n- Multiple nixpkgs inputs are used (unstable, 25.11, locked, master)\n- Custom m3ta-nixpkgs overlay at code.m3ta.dev/m3tam3re/nixpkgs\n- Uses agenix for secrets management\n\n**Related Files:**\n- hosts/m3-atlas/services/gitea.nix (existing Gitea configuration)\n- hosts/common/ports.nix (port management)\n- home/features/cli/default.nix (nix-update reference)\n\n**Acceptance Criteria:**\n- [ ] Create .gitea/workflows directory\n- [ ] Implement nix-update workflow YAML\n- [ ] Configure appropriate triggers\n- [ ] Test workflow on the repository\n- [ ] Document setup and configuration","status":"closed","priority":2,"issue_type":"feature","owner":"p@m3ta.dev","created_at":"2026-01-13T20:39:49.838916335+01:00","created_by":"m3tm3re","updated_at":"2026-01-13T20:51:43.833041989+01:00","closed_at":"2026-01-13T20:51:43.833041989+01:00","close_reason":"Closed"}

4
.beads/metadata.json
View File

@@ -1,4 +0,0 @@
{
"database": "beads.db",
"jsonl_export": "issues.jsonl"
}

2
.beads/sync_base.jsonl
View File

@@ -1,2 +0,0 @@
{"id":"nixos-config-gx2","title":"form","status":"tombstone","priority":2,"issue_type":"task","created_at":"2026-01-11T11:49:21.688289476+01:00","created_by":"m3tam3re","updated_at":"2026-01-11T11:51:36.426124223+01:00","deleted_at":"2026-01-11T11:51:36.426124223+01:00","deleted_by":"daemon","delete_reason":"delete","original_type":"task"}
{"id":"nixos-config-n4l","title":"Create Gitea action for nix-update package updates","description":"Create a Gitea action to automatically update packages in this nixos-config repository using nix-update.\n\n**Context:**\n- Gitea instance is already running on m3-atlas at code.m3ta.dev (configured in hosts/m3-atlas/services/gitea.nix)\n- The repository is self-hosted on this Gitea instance\n- nix-update is already referenced in home/features/cli/default.nix\n- Currently no Gitea workflows exist (.gitea/ directory does not exist)\n\n**Goal:**\nAutomate package updates by creating a Gitea Actions workflow that:\n1. Runs nix-update periodically (e.g., weekly or on schedule)\n2. Updates package definitions in pkgs/ directory\n3. Creates pull requests with the updates\n4. Uses appropriate secrets/credentials for the Gitea instance\n\n**Requirements:**\n- Create .gitea/workflows/ directory structure\n- Define workflow file with nix-update command\n- Configure triggers (schedule, manual, or on repository events)\n- Set up proper permissions and secrets\n- Test the workflow execution\n\n**Current Repository State:**\n- pkgs/default.nix exists but is minimal (currently just a comment)\n- Multiple nixpkgs inputs are used (unstable, 25.11, locked, master)\n- Custom m3ta-nixpkgs overlay at code.m3ta.dev/m3tam3re/nixpkgs\n- Uses agenix for secrets management\n\n**Related Files:**\n- hosts/m3-atlas/services/gitea.nix (existing Gitea configuration)\n- hosts/common/ports.nix (port management)\n- home/features/cli/default.nix (nix-update reference)\n\n**Acceptance Criteria:**\n- [ ] Create .gitea/workflows directory\n- [ ] Implement nix-update workflow YAML\n- [ ] Configure appropriate triggers\n- [ ] Test workflow on the repository\n- [ ] Document setup and configuration","status":"closed","priority":2,"issue_type":"feature","owner":"p@m3ta.dev","created_at":"2026-01-13T20:39:49.838916335+01:00","created_by":"m3tm3re","updated_at":"2026-01-13T20:51:43.833041989+01:00","closed_at":"2026-01-13T20:51:43.833041989+01:00","close_reason":"Closed"}

3
.gitattributes vendored
View File

@@ -1,3 +0,0 @@
# Use bd merge for beads JSONL files
.beads/issues.jsonl merge=beads

157
AGENTS.md
View File

@@ -1,157 +0,0 @@
# NIXOS CONFIGURATION KNOWLEDGE BASE
**Generated:** 2025-12-31 16:13:40 UTC
**Commit:** ebc8291
**Branch:** HEAD
## OVERVIEW
Personal NixOS configuration managing 6 hosts (4 servers, 2 desktops) using flakes, agenix secrets, and feature-based home-manager setup.
## STRUCTURE
```
./
├── flake.nix # Main entry: host definitions, inputs, outputs
├── secrets.nix # Agenix public key mappings
├── hosts/
│ ├── common/ # Shared: base config, users, extraServices, ports
│ ├── m3-atlas/ # Server: 20+ containerized services with Traefik
│ ├── m3-helios/ # Server: AdGuard, internal routing
│ ├── m3-ares/ # Desktop: NVIDIA GPU, Btrfs
│ ├── m3-kratos/ # Desktop: AMD GPU, ZFS
│ └── m3-aether/ # Cloud VM
├── home/
│ ├── common/ # Home-manager base config
│ ├── features/ # Modular feature toggles (cli, desktop, coding)
│ └── m3tam3re/ # Per-host user configs
├── modules/ # Custom NixOS/home-manager modules
├── overlays/ # Package overlays (stable, locked, pinned, master)
├── pkgs/ # Custom package definitions
└── secrets/ # Agenix encrypted .age files (19 secrets)
```
## WHERE TO LOOK
| Task | Location | Notes |
|------|----------|-------|
| Add new host | `flake.nix` + `hosts/<name>/` | Copy template from m3-atlas (server) or m3-ares (desktop) |
| Add service to m3-atlas | `hosts/m3-atlas/services/` | See containers/ for Podman + Traefik pattern |
| Configure desktop features | `home/features/desktop/` | Feature toggles with mkEnableOption |
| Add CLI tool | `home/features/cli/` | Fish + Nushell integration expected |
| Manage secrets | `secrets.nix` + `agenix -e` | SSH keys defined in secrets.nix |
| Define ports | `hosts/common/ports.nix` | Centralized port registry |
| Add user | `hosts/common/users/` | Shared across all hosts |
| Custom packages | `pkgs/default.nix` | Exposed via flake outputs |
## CONVENTIONS
### Secrets (agenix)
- **Create**: `agenix -e secrets/<name>.age` after adding keys to `secrets.nix`
- **Reference**: `config.age.secrets.<name>.path` in service configs
- **Pattern**: Service env files use `environmentFiles = [config.age.secrets.<service>-env.path]`
### Service Organization
- **Native services**: `hosts/<host>/services/<service>.nix`
- **Containers**: `hosts/<host>/services/containers/<service>.nix`
- **Traefik integration**: All m3-atlas services include dynamic config for SSL + routing
- **Networking**: Containers use dedicated `web` network (10.89.0.0/24) with static IPs
### Port Management
- **Registry**: All ports defined in `hosts/common/ports.nix`
- **Access**: `config.m3ta.ports.get "service-name"`
- **Convention**: Internal services use 3000-3020 range
### Home-Manager Features
- **Enable**: `features.<category>.<feature>.enable = true` in user config
- **Categories**: `cli`, `desktop`, `coding`
- **Pattern**: Features are opt-in modules with default.nix aggregators
### Multiple nixpkgs Inputs
- **stable**: 25.11 release
- **locked/pinned**: Specific commits for compatibility
- **master**: Bleeding edge
- **m3ta-nixpkgs**: Custom local overlay at `path:/home/m3tam3re/p/nix/nixpkgs`
## COMMANDS
```bash
# Build/deploy specific host
sudo nixos-rebuild switch --flake .#m3-ares
# Build/deploy current host
sudo nixos-rebuild switch --flake .#$(uname -n)
# Home-manager update
home-manager --flake . switch
# Update all flake inputs
nix flake update
# Add/edit secret
agenix -e secrets/<name>.age
# Infrastructure shell (OpenTofu)
nix develop .#infraShell
# Check configuration (no activation)
nixos-rebuild dry-build --flake .#<hostname>
```
## TRAEFIK PATTERNS (m3-atlas only)
### SSL Termination
- **Provider**: Godaddy DNS challenge
- **Cert storage**: `/var/lib/traefik/acme.json`
- **Config**: `hosts/m3-atlas/services/traefik.nix`
### Service Integration Template
```nix
services.traefik.dynamicConfigOptions.http = {
services.<name>.loadBalancer.servers = [{ url = "http://127.0.0.1:<port>"; }];
routers.<name> = {
rule = "Host(`<subdomain>.m3ta.dev`)";
service = "<name>";
tls.certResolver = "godaddy";
};
};
```
### Container Pattern
- **Network**: `--network=web --ip=10.89.0.<sequential>`
- **Ports**: Bind localhost only (`127.0.0.1:<external>:<internal>`)
- **Database access**: `--add-host=mysql:10.89.0.1` (gateway IP)
## HOST ROLES
| Host | Type | Hardware | Purpose |
|------|------|----------|---------|
| m3-atlas | Server | x86_64, disko | 20+ services, Traefik hub, PostgreSQL, MySQL |
| m3-helios | Server | x86_64, disko | AdGuard DNS, internal routing |
| m3-ares | Desktop | NVIDIA, Btrfs | Personal workstation, n8n, PostgreSQL |
| m3-kratos | Desktop | AMD, ZFS | Workstation, mem0, PostgreSQL |
| m3-aether | Cloud | QEMU | General purpose VM |
| m3-daedalus | Laptop | home-only | Portable (no full NixOS config) |
## ANTI-PATTERNS (THIS PROJECT)
- **DON'T** add secrets to `secrets/` without updating `secrets.nix` public keys
- **DON'T** hardcode ports - use `config.m3ta.ports.get` or add to registry
- **DON'T** create containers outside the `web` network on m3-atlas
- **DON'T** skip Traefik config for public-facing services on m3-atlas
- **DON'T** bypass extraServices flags - use `hosts/common/extraServices/` pattern
- **DON'T** commit unencrypted secrets or test with real credentials
## UNIQUE TO THIS CONFIG
- **Custom m3ta-nixpkgs**: Local overlay for unreleased/patched packages
- **extraServices abstraction**: Boolean flags to toggle Podman, Ollama, virtualisation per host
- **Mythological naming**: All hosts named after Greek mythology
- **Dual domain strategy**: New services on `m3ta.dev`, legacy redirects from `m3tam3re.com`
- **Per-host nixpkgs versions**: Different hosts can use different nixpkgs commits via specialArgs
- **Container IP registry**: Static IP assignments in 10.89.0.0/24 subnet for predictable networking
## NOTES
- m3-atlas is the service hub - most complex configuration
- Secrets require host SSH keys defined in `secrets.nix` before `agenix -e` works
- Fish and Nushell both configured - choose per-user with shell aliases
- Color scheme (Dracula) applied via nix-colors across all visual tools
- See subdirectory AGENTS.md for deep dives on containers, desktop features, CLI tools

441
flake.lock generated
View File

@@ -8,11 +8,11 @@
"systems": "systems" "systems": "systems"
}, },
"locked": { "locked": {
"lastModified": 1762618334, "lastModified": 1736955230,
"narHash": "sha256-wyT7Pl6tMFbFrs8Lk/TlEs81N6L+VSybPfiIgzU8lbQ=", "narHash": "sha256-uenf8fv2eG5bKM8C/UvFaiJMZ4IpUFaQxk9OH5t/1gA=",
"owner": "ryantm", "owner": "ryantm",
"repo": "agenix", "repo": "agenix",
"rev": "fcdea223397448d35d9b31f798479227e80183f6", "rev": "e600439ec4c273cf11e06fe4d9d906fb98fa097c",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -21,32 +21,47 @@
"type": "github" "type": "github"
} }
}, },
"agents": { "ags": {
"flake": false, "inputs": {
"locked": { "astal": "astal",
"lastModified": 1769242935, "nixpkgs": [
"narHash": "sha256-3Ey1NAm4EKBA14AvUvq6Hv6KQvbSvWxB4gha0LBkqpo=", "hyprpanel",
"path": "/home/m3tam3re/p/MISC/AGENTS", "nixpkgs"
"type": "path" ]
}, },
"original": {
"path": "/home/m3tam3re/p/MISC/AGENTS",
"type": "path"
}
},
"base16-schemes": {
"flake": false,
"locked": { "locked": {
"lastModified": 1696158499, "lastModified": 1736090999,
"narHash": "sha256-5yIHgDTPjoX/3oDEfLSQ0eJZdFL1SaCfb9d6M0RmOTM=", "narHash": "sha256-B5CJuHqfJrzPa7tObK0H9669/EClSHpa/P7B9EuvElU=",
"owner": "tinted-theming", "owner": "aylur",
"repo": "base16-schemes", "repo": "ags",
"rev": "a9112eaae86d9dd8ee6bb9445b664fba2f94037a", "rev": "5527c3c07d92c11e04e7fd99d58429493dba7e3c",
"type": "github" "type": "github"
}, },
"original": { "original": {
"owner": "tinted-theming", "owner": "aylur",
"repo": "base16-schemes", "repo": "ags",
"type": "github"
}
},
"astal": {
"inputs": {
"nixpkgs": [
"hyprpanel",
"ags",
"nixpkgs"
]
},
"locked": {
"lastModified": 1735172721,
"narHash": "sha256-rtEAwGsHSppnkR3Qg3eRJ6Xh/F84IY9CrBBLzYabalY=",
"owner": "aylur",
"repo": "astal",
"rev": "6c84b64efc736e039a8a10774a4a1bf772c37aa2",
"type": "github"
},
"original": {
"owner": "aylur",
"repo": "astal",
"type": "github" "type": "github"
} }
}, },
@@ -58,11 +73,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1744478979, "lastModified": 1700795494,
"narHash": "sha256-dyN+teG9G82G+m+PX/aSAagkC+vUv0SgUw3XkPhQodQ=", "narHash": "sha256-gzGLZSiOhf155FW7262kdHo2YDeugp3VuIFb4/GGng0=",
"owner": "lnl7", "owner": "lnl7",
"repo": "nix-darwin", "repo": "nix-darwin",
"rev": "43975d782b418ebf4969e9ccba82466728c2851b", "rev": "4b9b83d5a92e8c1fbfd8eb27eda375908c11ec4d",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -79,11 +94,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1768727946, "lastModified": 1741786315,
"narHash": "sha256-le2GY+ZR6uRHMuOAc60sBR3gBD2BEk1qOZ3S5C/XFpU=", "narHash": "sha256-VT65AE2syHVj6v/DGB496bqBnu1PXrrzwlw07/Zpllc=",
"owner": "nix-community", "owner": "nix-community",
"repo": "disko", "repo": "disko",
"rev": "558e84658d0eafc812497542ad6ca0d9654b3b0f", "rev": "0d8c6ad4a43906d14abd5c60e0ffe7b587b213de",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -92,43 +107,20 @@
"type": "github" "type": "github"
} }
}, },
"flake-parts": { "dotfiles": {
"inputs": { "flake": false,
"nixpkgs-lib": [
"nur",
"nixpkgs"
]
},
"locked": { "locked": {
"lastModified": 1733312601, "lastModified": 1728910889,
"narHash": "sha256-4pDvzqnegAfRkPwO3wmwBhVi/Sye1mzps0zHWYnP88c=", "narHash": "sha256-B/fb+7SKVxK9j851SgR4Nljd6EtE1DzqwLh6yOvkQOY=",
"owner": "hercules-ci", "ref": "refs/heads/master",
"repo": "flake-parts", "rev": "360c75b2cbce800ebaf9445266e2fe345bf582bf",
"rev": "205b12d8b7cd4802fbcb8e8ef6a0f1408781a4f9", "revCount": 53,
"type": "github" "type": "git",
"url": "https://code.m3tam3re.com/m3tam3re/dotfiles.git"
}, },
"original": { "original": {
"owner": "hercules-ci", "type": "git",
"repo": "flake-parts", "url": "https://code.m3tam3re.com/m3tam3re/dotfiles.git"
"type": "github"
}
},
"flake-utils": {
"inputs": {
"systems": "systems_2"
},
"locked": {
"lastModified": 1731533236,
"narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "11707dc2f618dd54ca8739b309ec4fc024de578b",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
} }
}, },
"home-manager": { "home-manager": {
@@ -139,11 +131,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1745494811, "lastModified": 1703113217,
"narHash": "sha256-YZCh2o9Ua1n9uCvrvi5pRxtuVNml8X2a03qIFfRKpFs=", "narHash": "sha256-7ulcXOk63TIT2lVDSExj7XzFx09LpdSAPtvgtM7yQPE=",
"owner": "nix-community", "owner": "nix-community",
"repo": "home-manager", "repo": "home-manager",
"rev": "abfad3d2958c9e6300a883bd443512c55dfeb1be", "rev": "3bfaacf46133c037bb356193bd2f1765d9dc82c1",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -159,32 +151,11 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1768836546, "lastModified": 1743082807,
"narHash": "sha256-nJZkTamcXXMW+SMYiGFB6lB8l0aJw0xjssfN8xYd/Fs=", "narHash": "sha256-qmrCYHVqE6j0TQApfxGx8aRYNdNsqtOrZuH09A+cjTU=",
"owner": "nix-community", "owner": "nix-community",
"repo": "home-manager", "repo": "home-manager",
"rev": "b56c5ad14fcf8b5bc887463552483bf000ca562a", "rev": "171915bfce41018528fda9960211e81946d999b7",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "home-manager",
"type": "github"
}
},
"home-manager_3": {
"inputs": {
"nixpkgs": [
"hyprpanel",
"nixpkgs"
]
},
"locked": {
"lastModified": 1750798083,
"narHash": "sha256-DTCCcp6WCFaYXWKFRA6fiI2zlvOLCf5Vwx8+/0R8Wc4=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "ff31a4677c1a8ae506aa7e003a3dba08cb203f82",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -199,7 +170,7 @@
"rose-pine-hyprcursor", "rose-pine-hyprcursor",
"nixpkgs" "nixpkgs"
], ],
"systems": "systems_3" "systems": "systems_2"
}, },
"locked": { "locked": {
"lastModified": 1709914708, "lastModified": 1709914708,
@@ -217,16 +188,15 @@
}, },
"hyprpanel": { "hyprpanel": {
"inputs": { "inputs": {
"flake-utils": "flake-utils", "ags": "ags",
"home-manager": "home-manager_3",
"nixpkgs": "nixpkgs_2" "nixpkgs": "nixpkgs_2"
}, },
"locked": { "locked": {
"lastModified": 1767767975, "lastModified": 1742881618,
"narHash": "sha256-yBejG3j6OLQYn87UozFAI3q9a1vH00u9xjIf2Q4V5j8=", "narHash": "sha256-4C5Zzo4S9zD+4ZL7MKLE7FqJEMVkOTvfIV9uEBQ8fDY=",
"owner": "Jas-SinghFSU", "owner": "Jas-SinghFSU",
"repo": "HyprPanel", "repo": "HyprPanel",
"rev": "0e73df1dfedf0f6fa21ed0ae5e031b0663c8f400", "rev": "7b5c339e9363187e249fa2f6eadbb295b0e8c6ff",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -235,138 +205,35 @@
"type": "github" "type": "github"
} }
}, },
"m3ta-nixpkgs": {
"inputs": {
"nixpkgs": "nixpkgs_3",
"opencode": "opencode"
},
"locked": {
"lastModified": 1769220120,
"narHash": "sha256-XpGKzBkWK+yCTUiXDB6Pg5mzbrf75QS1k505rz7TxCU=",
"ref": "refs/heads/master",
"rev": "ec315e05343a260bbf99f0acc9a8157aef440c75",
"revCount": 69,
"type": "git",
"url": "https://code.m3ta.dev/m3tam3re/nixpkgs"
},
"original": {
"type": "git",
"url": "https://code.m3ta.dev/m3tam3re/nixpkgs"
}
},
"nix-colors": {
"inputs": {
"base16-schemes": "base16-schemes",
"nixpkgs-lib": "nixpkgs-lib"
},
"locked": {
"lastModified": 1707825078,
"narHash": "sha256-hTfge2J2W+42SZ7VHXkf4kjU+qzFqPeC9k66jAUBMHk=",
"owner": "misterio77",
"repo": "nix-colors",
"rev": "b01f024090d2c4fc3152cd0cf12027a7b8453ba1",
"type": "github"
},
"original": {
"owner": "misterio77",
"repo": "nix-colors",
"type": "github"
}
},
"nixlib": {
"locked": {
"lastModified": 1736643958,
"narHash": "sha256-tmpqTSWVRJVhpvfSN9KXBvKEXplrwKnSZNAoNPf/S/s=",
"owner": "nix-community",
"repo": "nixpkgs.lib",
"rev": "1418bc28a52126761c02dd3d89b2d8ca0f521181",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "nixpkgs.lib",
"type": "github"
}
},
"nixos-generators": {
"inputs": {
"nixlib": "nixlib",
"nixpkgs": "nixpkgs_5"
},
"locked": {
"lastModified": 1764234087,
"narHash": "sha256-NHF7QWa0ZPT8hsJrvijREW3+nifmF2rTXgS2v0tpcEA=",
"owner": "nix-community",
"repo": "nixos-generators",
"rev": "032a1878682fafe829edfcf5fdfad635a2efe748",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "nixos-generators",
"type": "github"
}
},
"nixpkgs": { "nixpkgs": {
"locked": { "locked": {
"lastModified": 1754028485, "lastModified": 1703013332,
"narHash": "sha256-IiiXB3BDTi6UqzAZcf2S797hWEPCRZOwyNThJIYhUfk=", "narHash": "sha256-+tFNwMvlXLbJZXiMHqYq77z/RfmpfpiI3yjL6o/Zo9M=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "59e69648d345d6e8fef86158c555730fa12af9de", "rev": "54aac082a4d9bb5bbc5c4e899603abfb76a3f6d6",
"type": "github" "type": "github"
}, },
"original": { "original": {
"owner": "NixOS", "owner": "NixOS",
"ref": "nixos-25.05", "ref": "nixos-unstable",
"repo": "nixpkgs", "repo": "nixpkgs",
"type": "github" "type": "github"
} }
}, },
"nixpkgs-45570c2": { "nixpkgs-2744d98": {
"locked": { "locked": {
"lastModified": 1750950224, "lastModified": 1739661218,
"narHash": "sha256-vMCk6wKJVgR7H2pVrQV4/qygzTtvpnS/9jCT3cjzXVM=", "narHash": "sha256-hEGW0SKD0ORTEmoTuEEONxgENP5kMqe+NCtJug0U6R0=",
"owner": "nixos", "owner": "nixos",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "45570c299dc2b63c8c574c4cd77f0b92f7e2766e", "rev": "2744d988fa116fc6d46cdfa3d1c936d0abd7d121",
"type": "github" "type": "github"
}, },
"original": { "original": {
"owner": "nixos", "owner": "nixos",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "45570c299dc2b63c8c574c4cd77f0b92f7e2766e", "rev": "2744d988fa116fc6d46cdfa3d1c936d0abd7d121",
"type": "github"
}
},
"nixpkgs-9e58ed7": {
"locked": {
"lastModified": 1746823729,
"narHash": "sha256-6E3jRDNK9w1gwDsreG6ZS8Ec0Dv35DkDqKzxZATEUts=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "9e58ed7ba759d81c98f033b7f5eba21ca68f53b0",
"type": "github"
},
"original": {
"owner": "nixos",
"repo": "nixpkgs",
"rev": "9e58ed7ba759d81c98f033b7f5eba21ca68f53b0",
"type": "github"
}
},
"nixpkgs-lib": {
"locked": {
"lastModified": 1697935651,
"narHash": "sha256-qOfWjQ2JQSQL15KLh6D7xQhx0qgZlYZTYlcEiRuAMMw=",
"owner": "nix-community",
"repo": "nixpkgs.lib",
"rev": "e1e11fdbb01113d85c7f41cada9d2847660e3902",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "nixpkgs.lib",
"type": "github" "type": "github"
} }
}, },
@@ -388,11 +255,11 @@
}, },
"nixpkgs-master": { "nixpkgs-master": {
"locked": { "locked": {
"lastModified": 1768844247, "lastModified": 1743083181,
"narHash": "sha256-vAPadjf0C/6Xcb/5YO30S38lSV8/gNKRwWSfpS6SGNY=", "narHash": "sha256-vAqnMEo26wJ0IM3LV+oheEuG3M8yBl3lC7Hwv7OGE0A=",
"owner": "nixos", "owner": "nixos",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "ba686298c491728b8ee1774c8520665293517540", "rev": "ef65b42f08469c7f9fdab66b78ea5cd32ff0287c",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -404,27 +271,27 @@
}, },
"nixpkgs-stable": { "nixpkgs-stable": {
"locked": { "locked": {
"lastModified": 1768621446, "lastModified": 1742937945,
"narHash": "sha256-6YwHV1cjv6arXdF/PQc365h1j+Qje3Pydk501Rm4Q+4=", "narHash": "sha256-lWc+79eZRyvHp/SqMhHTMzZVhpxkRvthsP1Qx6UCq0E=",
"owner": "nixos", "owner": "nixos",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "72ac591e737060deab2b86d6952babd1f896d7c5", "rev": "d02d88f8de5b882ccdde0465d8fa2db3aa1169f7",
"type": "github" "type": "github"
}, },
"original": { "original": {
"owner": "nixos", "owner": "nixos",
"ref": "nixos-25.11", "ref": "nixos-24.11",
"repo": "nixpkgs", "repo": "nixpkgs",
"type": "github" "type": "github"
} }
}, },
"nixpkgs_2": { "nixpkgs_2": {
"locked": { "locked": {
"lastModified": 1750776420, "lastModified": 1736344531,
"narHash": "sha256-/CG+w0o0oJ5itVklOoLbdn2dGB0wbZVOoDm4np6w09A=", "narHash": "sha256-8YVQ9ZbSfuUk2bUf2KRj60NRraLPKPS0Q4QFTbc+c2c=",
"owner": "nixos", "owner": "nixos",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "30a61f056ac492e3b7cdcb69c1e6abdcf00e39cf", "rev": "bffc22eb12172e6db3c5dde9e3e5628f8e3e7912",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -436,69 +303,21 @@
}, },
"nixpkgs_3": { "nixpkgs_3": {
"locked": { "locked": {
"lastModified": 1768127708, "lastModified": 1742889210,
"narHash": "sha256-1Sm77VfZh3mU0F5OqKABNLWxOuDeHIlcFjsXeeiPazs=", "narHash": "sha256-hw63HnwnqU3ZQfsMclLhMvOezpM7RSB0dMAtD5/sOiw=",
"owner": "NixOS", "owner": "nixos",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "ffbc9f8cbaacfb331b6017d5a5abb21a492c9a38", "rev": "698214a32beb4f4c8e3942372c694f40848b360d",
"type": "github" "type": "github"
}, },
"original": { "original": {
"owner": "NixOS", "owner": "nixos",
"ref": "nixos-unstable", "ref": "nixos-unstable",
"repo": "nixpkgs", "repo": "nixpkgs",
"type": "github" "type": "github"
} }
}, },
"nixpkgs_4": { "nixpkgs_4": {
"locked": {
"lastModified": 1768393167,
"narHash": "sha256-n2063BRjHde6DqAz2zavhOOiLUwA3qXt7jQYHyETjX8=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "2f594d5af95d4fdac67fba60376ec11e482041cb",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixpkgs-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_5": {
"locked": {
"lastModified": 1736657626,
"narHash": "sha256-FWlPMUzp0lkQBdhKlPqtQdqmp+/C+1MBiEytaYfrCTY=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "2f9e2f85cb14a46410a1399aa9ea7ecf433e422e",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixpkgs-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_6": {
"locked": {
"lastModified": 1768564909,
"narHash": "sha256-Kell/SpJYVkHWMvnhqJz/8DqQg2b6PguxVWOuadbHCc=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "e4bae1bd10c9c57b2cf517953ab70060a828ee6f",
"type": "github"
},
"original": {
"owner": "nixos",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_7": {
"locked": { "locked": {
"lastModified": 1710272261, "lastModified": 1710272261,
"narHash": "sha256-g0bDwXFmTE7uGDOs9HcJsfLFhH7fOsASbAuOzDC+fhQ=", "narHash": "sha256-g0bDwXFmTE7uGDOs9HcJsfLFhH7fOsASbAuOzDC+fhQ=",
@@ -514,78 +333,33 @@
"type": "github" "type": "github"
} }
}, },
"nur": {
"inputs": {
"flake-parts": "flake-parts",
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1768844638,
"narHash": "sha256-d0kHY4VjvpkAtOJxcN9xM9UvYZIxWs9f/gybe2+wHzI=",
"owner": "nix-community",
"repo": "NUR",
"rev": "5089b930f2ee6d34412f9d2c625bbe3926bb4bee",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "NUR",
"type": "github"
}
},
"opencode": {
"inputs": {
"nixpkgs": "nixpkgs_4"
},
"locked": {
"lastModified": 1769153255,
"narHash": "sha256-ardM8zEJWvTvsFMQZWivjGPB2uIqFw6QPAzrRjAHQKY=",
"owner": "anomalyco",
"repo": "opencode",
"rev": "c130dd425a32fe1c1cd3747ea6565b0e6bf50100",
"type": "github"
},
"original": {
"owner": "anomalyco",
"ref": "v1.1.34",
"repo": "opencode",
"type": "github"
}
},
"root": { "root": {
"inputs": { "inputs": {
"agenix": "agenix", "agenix": "agenix",
"agents": "agents",
"disko": "disko", "disko": "disko",
"dotfiles": "dotfiles",
"home-manager": "home-manager_2", "home-manager": "home-manager_2",
"hyprpanel": "hyprpanel", "hyprpanel": "hyprpanel",
"m3ta-nixpkgs": "m3ta-nixpkgs", "nixpkgs": "nixpkgs_3",
"nix-colors": "nix-colors", "nixpkgs-2744d98": "nixpkgs-2744d98",
"nixos-generators": "nixos-generators",
"nixpkgs": "nixpkgs_6",
"nixpkgs-45570c2": "nixpkgs-45570c2",
"nixpkgs-9e58ed7": "nixpkgs-9e58ed7",
"nixpkgs-locked": "nixpkgs-locked", "nixpkgs-locked": "nixpkgs-locked",
"nixpkgs-master": "nixpkgs-master", "nixpkgs-master": "nixpkgs-master",
"nixpkgs-stable": "nixpkgs-stable", "nixpkgs-stable": "nixpkgs-stable",
"nur": "nur",
"rose-pine-hyprcursor": "rose-pine-hyprcursor" "rose-pine-hyprcursor": "rose-pine-hyprcursor"
} }
}, },
"rose-pine-hyprcursor": { "rose-pine-hyprcursor": {
"inputs": { "inputs": {
"hyprlang": "hyprlang", "hyprlang": "hyprlang",
"nixpkgs": "nixpkgs_7", "nixpkgs": "nixpkgs_4",
"utils": "utils" "utils": "utils"
}, },
"locked": { "locked": {
"lastModified": 1748096947, "lastModified": 1740132177,
"narHash": "sha256-ouuA8LVBXzrbYwPW2vNjh7fC9H2UBud/1tUiIM5vPvM=", "narHash": "sha256-gNc20APKMefFdH5RONBuHhOps14aiMdgIT0I6RaSN64=",
"owner": "ndom91", "owner": "ndom91",
"repo": "rose-pine-hyprcursor", "repo": "rose-pine-hyprcursor",
"rev": "4b02963d0baf0bee18725cf7c5762b3b3c1392f1", "rev": "568067f35a85932192bd43ddf64fc05eff850f9f",
"type": "github" "type": "github"
}, },
"original": { "original": {
@@ -610,21 +384,6 @@
} }
}, },
"systems_2": { "systems_2": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
},
"systems_3": {
"locked": { "locked": {
"lastModified": 1689347949, "lastModified": 1689347949,
"narHash": "sha256-12tWmuL2zgBgZkdoB6qXZsgJEH9LR3oUgpaQq2RbI80=", "narHash": "sha256-12tWmuL2zgBgZkdoB6qXZsgJEH9LR3oUgpaQq2RbI80=",
@@ -639,7 +398,7 @@
"type": "github" "type": "github"
} }
}, },
"systems_4": { "systems_3": {
"locked": { "locked": {
"lastModified": 1681028828, "lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
@@ -656,7 +415,7 @@
}, },
"utils": { "utils": {
"inputs": { "inputs": {
"systems": "systems_4" "systems": "systems_3"
}, },
"locked": { "locked": {
"lastModified": 1710146030, "lastModified": 1710146030,

53
flake.nix
View File

@@ -16,19 +16,11 @@
inputs.nixpkgs.follows = "nixpkgs"; inputs.nixpkgs.follows = "nixpkgs";
}; };
nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable"; nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable";
nixpkgs-stable.url = "github:nixos/nixpkgs/nixos-25.11"; nixpkgs-stable.url = "github:nixos/nixpkgs/nixos-24.11";
nixpkgs-45570c2.url = "github:nixos/nixpkgs/45570c299dc2b63c8c574c4cd77f0b92f7e2766e"; nixpkgs-2744d98.url = "github:nixos/nixpkgs/2744d988fa116fc6d46cdfa3d1c936d0abd7d121";
nixpkgs-locked.url = "github:nixos/nixpkgs/2744d988fa116fc6d46cdfa3d1c936d0abd7d121"; nixpkgs-locked.url = "github:nixos/nixpkgs/2744d988fa116fc6d46cdfa3d1c936d0abd7d121";
nixpkgs-9e58ed7.url = "github:nixos/nixpkgs/9e58ed7ba759d81c98f033b7f5eba21ca68f53b0";
nixpkgs-master.url = "github:nixos/nixpkgs/master"; nixpkgs-master.url = "github:nixos/nixpkgs/master";
m3ta-nixpkgs.url = "git+https://code.m3ta.dev/m3tam3re/nixpkgs";
# m3ta-nixpkgs.url = "path:/home/m3tam3re/p/NIX/nixpkgs";
#
nur = {
url = "github:nix-community/NUR";
inputs.nixpkgs.follows = "nixpkgs";
};
agenix.url = "github:ryantm/agenix"; agenix.url = "github:ryantm/agenix";
disko = { disko = {
@@ -36,17 +28,11 @@
inputs.nixpkgs.follows = "nixpkgs"; inputs.nixpkgs.follows = "nixpkgs";
}; };
nixos-generators = {
url = "github:nix-community/nixos-generators";
};
hyprpanel.url = "github:Jas-SinghFSU/HyprPanel"; hyprpanel.url = "github:Jas-SinghFSU/HyprPanel";
rose-pine-hyprcursor.url = "github:ndom91/rose-pine-hyprcursor"; rose-pine-hyprcursor.url = "github:ndom91/rose-pine-hyprcursor";
nix-colors.url = "github:misterio77/nix-colors";
agents = { dotfiles = {
url = "path:/home/m3tam3re/p/MISC/AGENTS"; url = "git+https://code.m3tam3re.com/m3tam3re/dotfiles.git";
# url = "git+https://code.m3ta.dev/m3tam3re/AGENTS";
flake = false; flake = false;
}; };
}; };
@@ -54,10 +40,9 @@
outputs = { outputs = {
self, self,
agenix, agenix,
dotfiles,
home-manager, home-manager,
nixpkgs, nixpkgs,
m3ta-nixpkgs,
nur,
... ...
} @ inputs: let } @ inputs: let
inherit (self) outputs; inherit (self) outputs;
@@ -74,7 +59,6 @@
forAllSystems (system: import ./pkgs nixpkgs.legacyPackages.${system}); forAllSystems (system: import ./pkgs nixpkgs.legacyPackages.${system});
overlays = import ./overlays {inherit inputs outputs;}; overlays = import ./overlays {inherit inputs outputs;};
homeManagerModules = import ./modules/home-manager; homeManagerModules = import ./modules/home-manager;
nixosConfigurations = { nixosConfigurations = {
m3-ares = nixpkgs.lib.nixosSystem { m3-ares = nixpkgs.lib.nixosSystem {
specialArgs = { specialArgs = {
@@ -84,7 +68,6 @@
modules = [ modules = [
./hosts/m3-ares ./hosts/m3-ares
agenix.nixosModules.default agenix.nixosModules.default
m3ta-nixpkgs.nixosModules.default
]; ];
}; };
m3-atlas = nixpkgs.lib.nixosSystem { m3-atlas = nixpkgs.lib.nixosSystem {
@@ -94,7 +77,6 @@
./hosts/m3-atlas ./hosts/m3-atlas
inputs.disko.nixosModules.disko inputs.disko.nixosModules.disko
agenix.nixosModules.default agenix.nixosModules.default
m3ta-nixpkgs.nixosModules.default
]; ];
}; };
m3-kratos = nixpkgs.lib.nixosSystem { m3-kratos = nixpkgs.lib.nixosSystem {
@@ -105,8 +87,6 @@
modules = [ modules = [
./hosts/m3-kratos ./hosts/m3-kratos
agenix.nixosModules.default agenix.nixosModules.default
nur.modules.nixos.default
m3ta-nixpkgs.nixosModules.default
]; ];
}; };
m3-helios = nixpkgs.lib.nixosSystem { m3-helios = nixpkgs.lib.nixosSystem {
@@ -116,35 +96,18 @@
./hosts/m3-helios ./hosts/m3-helios
inputs.disko.nixosModules.disko inputs.disko.nixosModules.disko
agenix.nixosModules.default agenix.nixosModules.default
m3ta-nixpkgs.nixosModules.default
]; ];
}; };
}; };
homeConfigurations = { homeConfigurations = {
"m3tam3re@m3-daedalus" = home-manager.lib.homeManagerConfiguration { "m3tam3re@m3-ares" = home-manager.lib.homeManagerConfiguration {
pkgs = nixpkgs.legacyPackages."x86_64-linux"; pkgs = nixpkgs.legacyPackages."x86_64-linux";
extraSpecialArgs = { extraSpecialArgs = {
inherit inputs outputs; inherit inputs outputs;
hostname = "m3-daedalus"; hostname = "m3-ares";
}; };
modules = [./home/m3tam3re/m3-daedalus.nix]; modules = [./home/m3tam3re/m3tam3re-ares.nix];
}; };
}; };
devShells.x86_64-linux.infraShell = let
pkgs = nixpkgs.legacyPackages.x86_64-linux;
in
pkgs.mkShell {
buildInputs = with pkgs; [
opentofu
nixos-anywhere
];
shellHook = ''
echo "Infrastructure Management Shell"
echo "Commands:"
echo " - cd infra/proxmox && tofu init"
echo " - tofu plan"
echo " - tofu apply"
'';
};
}; };
} }

17
home/common/default.nix
View File

@@ -1,30 +1,24 @@
{ {
inputs,
lib, lib,
outputs, outputs,
pkgs, pkgs,
... ...
}: { }: {
imports = [ imports = [
inputs.nix-colors.homeManagerModules.default (import
inputs.m3ta-nixpkgs.homeManagerModules.default ../../modules/home-manager/zellij-ps.nix)
]; #imports = builtins.attrValues outputs.homeManagerModules; ]; #imports = builtins.attrValues outputs.homeManagerModules;
nixpkgs = { nixpkgs = {
# You can add overlays here # You can add overlays here
overlays = [ overlays = [
# Add overlays your own flake exports (from overlays and pkgs dir): # Add overlays your own flake exports (from overlays and pkgs dir):
#outputs.overlays.additions outputs.overlays.additions
#outputs.overlays.modifications outputs.overlays.modifications
outputs.overlays.temp-packages
outputs.overlays.stable-packages outputs.overlays.stable-packages
outputs.overlays.locked-packages
outputs.overlays.pinned-packages outputs.overlays.pinned-packages
outputs.overlays.locked-packages
outputs.overlays.master-packages outputs.overlays.master-packages
inputs.nur.overlays.default
inputs.m3ta-nixpkgs.overlays.default
inputs.m3ta-nixpkgs.overlays.modifications
# You can also add overlays exported from other flakes: # You can also add overlays exported from other flakes:
# neovim-nightly-overlay.overlays.default # neovim-nightly-overlay.overlays.default
@@ -51,5 +45,4 @@
warn-dirty = false; warn-dirty = false;
}; };
}; };
colorScheme = inputs.nix-colors.colorSchemes.dracula;
} }

65
home/features/cli/AGENTS.md
View File

@@ -1,65 +0,0 @@
# CLI FEATURES (home-manager)
**Shell and terminal tooling with Fish + Nushell dual configuration**
## OVERVIEW
8 CLI modules with integrated tooling across Fish and Nushell shells.
## STRUCTURE
```
cli/
├── default.nix # Imports + shared tools (bat, eza, direnv)
├── fish.nix # Fish shell + aliases
├── fzf.nix # Fuzzy finder
├── nitch.nix # System info tool
├── nushell.nix # Nushell + aliases
├── secrets.nix # Password-store integration
├── starship.nix # Shell prompt
└── zellij.nix # Terminal multiplexer
```
## WHERE TO LOOK
| Task | Location | Notes |
|------|----------|-------|
| Add CLI tool | default.nix home.packages | Check if shell integration needed |
| Shell aliases | fish.nix or nushell.nix | Kept in sync between shells |
| Prompt config | starship.nix | Uses nerd-fonts symbols |
| Secret access | secrets.nix | Agenix integration |
## CONVENTIONS
### Shell Integration Pattern
Tools with shell hooks enabled in both Fish and Nushell:
- **carapace**: Completions
- **zoxide**: Smart cd
- **eza**: ls replacement
- **direnv**: Directory environments
- **fzf**: Fuzzy finding
### NixOS Rebuild Aliases (both shells)
```
nr/nrs - nixos-rebuild [switch]
snr/snrs - sudo nixos-rebuild [switch]
hms - home-manager switch
```
### Bat Theme
Custom `universal` theme generated from nix-colors palette in default.nix (lines 34-157).
### Secrets Integration
Fish/Nushell source `$HOME/.secrets` if `secrets.enable = true` (CLI secrets feature).
## ANTI-PATTERNS
- **DON'T** add aliases to only one shell - keep Fish/Nushell in sync
- **DON'T** use `programs.bash` - Nushell is default shell
- **DON'T** bypass carapace for completions - integrated by default
## NOTES
- zellij-ps custom package for project session management
- Default shell set to Nushell in hosts/common/default.nix
- Bat theme dynamically generated (no external theme files)
- lf file manager uses bat for previews
- Agenix CLI (agenix-cli) included for secret management

182
home/features/cli/default.nix
View File

@@ -1,176 +1,34 @@
{ {pkgs, ...}: {
config,
pkgs,
videoDrivers,
...
}: {
imports = [ imports = [
./fish.nix ./fish.nix
./fzf.nix ./fzf.nix
./nitch.nix ./fastfetch.nix
./nushell.nix
./secrets.nix ./secrets.nix
./starship.nix ./starship.nix
./zellij.nix ./zellij.nix
]; ];
cli.stt-ptt = {
enable = true;
whisperPackage =
if videoDrivers == ["nvidia"]
then pkgs.whisper-cpp.override {cudaSupport = true;}
else if videoDrivers == ["amdgpu"]
then pkgs.whisper-cpp-vulkan
else pkgs.whisper-cpp;
model = "ggml-large-v3-turbo";
notifyTimeout = 2000;
};
programs.carapace = {
enable = true;
enableFishIntegration = true;
enableNushellIntegration = true;
enableBashIntegration = true;
};
programs.zoxide = { programs.zoxide = {
enable = true; enable = true;
enableFishIntegration = true; enableFishIntegration = true;
enableNushellIntegration = true;
}; };
programs.bat = { programs.neovim = {
enable = true; enable = true;
config = {theme = "universal";}; defaultEditor = true;
themes = { viAlias = true;
universal = { vimAlias = true;
src = pkgs.writeText "universal.tmTheme" '' vimdiffAlias = true;
<?xml version="1.0" encoding="UTF-8"?> withNodeJs = true;
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> withPython3 = true;
<plist version="1.0">
<dict>
<key>name</key>
<string>Universal (nix-colors)</string>
<key>settings</key>
<array>
<dict>
<key>settings</key>
<dict>
<key>background</key>
<string>#${config.colorScheme.palette.base00}</string>
<key>foreground</key>
<string>#${config.colorScheme.palette.base05}</string>
<key>caret</key>
<string>#${config.colorScheme.palette.base05}</string>
<key>selection</key>
<string>#${config.colorScheme.palette.base02}</string>
<key>selectionForeground</key>
<string>#${config.colorScheme.palette.base05}</string>
<key>lineHighlight</key>
<string>#${config.colorScheme.palette.base01}</string>
</dict>
</dict>
<dict>
<key>name</key>
<string>Comment</string>
<key>scope</key>
<string>comment</string>
<key>settings</key>
<dict>
<key>foreground</key>
<string>#${config.colorScheme.palette.base03}</string>
<key>fontStyle</key>
<string>italic</string>
</dict>
</dict>
<dict>
<key>name</key>
<string>String</string>
<key>scope</key>
<string>string</string>
<key>settings</key>
<dict>
<key>foreground</key>
<string>#${config.colorScheme.palette.base0A}</string>
</dict>
</dict>
<dict>
<key>name</key>
<string>Number</string>
<key>scope</key>
<string>constant.numeric</string>
<key>settings</key>
<dict>
<key>foreground</key>
<string>#${config.colorScheme.palette.base0E}</string>
</dict>
</dict>
<dict>
<key>name</key>
<string>Keyword</string>
<key>scope</key>
<string>keyword</string>
<key>settings</key>
<dict>
<key>foreground</key>
<string>#${config.colorScheme.palette.base08}</string>
</dict>
</dict>
<dict>
<key>name</key>
<string>Function</string>
<key>scope</key>
<string>entity.name.function</string>
<key>settings</key>
<dict>
<key>foreground</key>
<string>#${config.colorScheme.palette.base0B}</string>
</dict>
</dict>
<dict>
<key>name</key>
<string>Type</string>
<key>scope</key>
<string>entity.name.type, storage.type</string>
<key>settings</key>
<dict>
<key>foreground</key>
<string>#${config.colorScheme.palette.base0D}</string>
</dict>
</dict>
<dict>
<key>name</key>
<string>Variable</string>
<key>scope</key>
<string>variable</string>
<key>settings</key>
<dict>
<key>foreground</key>
<string>#${config.colorScheme.palette.base05}</string>
</dict>
</dict>
<dict>
<key>name</key>
<string>Constant</string>
<key>scope</key>
<string>constant</string>
<key>settings</key>
<dict>
<key>foreground</key>
<string>#${config.colorScheme.palette.base0E}</string>
</dict>
</dict>
</array>
</dict>
</plist>
'';
};
};
}; };
programs.bat = {enable = true;};
programs.direnv = { programs.direnv = {
enable = true; enable = true;
enableNushellIntegration = true; nix-direnv.enable =
nix-direnv.enable = true; true;
}; };
programs.eza = { programs.eza = {
@@ -192,12 +50,10 @@
}; };
}; };
cli.zellij-ps = {
enable = true;
projectFolders = ["/home/m3tam3re/p"];
};
home.packages = with pkgs; [ home.packages = with pkgs; [
agenix-cli
alejandra
bc
comma comma
coreutils coreutils
devenv devenv
@@ -207,23 +63,19 @@
go go
htop htop
httpie httpie
hyprpaper-random
jq jq
just just
lazygit lazygit
llm llm
lf lf
nix-index nix-index
nix-update procs
libnotify
nushellPlugins.skim
progress progress
ripgrep ripgrep
rocmPackages.rocm-smi rocmPackages.rocm-smi
rocmPackages.rocminfo rocmPackages.rocminfo
rocmPackages.rocm-runtime rocmPackages.rocm-runtime
tldr tldr
pomodoro-timer
trash-cli trash-cli
unimatrix unimatrix
unzip unzip

15
home/features/cli/fastfetch.nix Normal file
View File

@@ -0,0 +1,15 @@
{
config,
lib,
pkgs,
...
}:
with lib; let
cfg = config.features.cli.fastfetch;
in {
options.features.cli.fastfetch.enable = mkEnableOption "enable fastfetch";
config = mkIf cfg.enable {
home.packages = with pkgs; [fastfetch];
};
}

41
home/features/cli/fish.nix
View File

@@ -11,43 +11,6 @@ in {
config = mkIf cfg.enable { config = mkIf cfg.enable {
programs.fish = { programs.fish = {
enable = true; enable = true;
interactiveShellInit = ''
# Fish colors using universal nix-colors palette
# Text colors
set -g fish_color_normal ${config.colorScheme.palette.base05} # text
set -g fish_color_param ${config.colorScheme.palette.base05} # text
set -g fish_color_comment ${config.colorScheme.palette.base03} # muted
set -g fish_color_autosuggestion ${config.colorScheme.palette.base03} # muted
# Command colors
set -g fish_color_command ${config.colorScheme.palette.base0D} # accent6 (blue)
set -g fish_color_quote ${config.colorScheme.palette.base0A} # accent3 (yellow)
set -g fish_color_redirection ${config.colorScheme.palette.base0E} # accent7 (purple)
set -g fish_color_end ${config.colorScheme.palette.base08} # accent1 (red)
set -g fish_color_error ${config.colorScheme.palette.base08} # accent1 (red)
set -g fish_color_operator ${config.colorScheme.palette.base0C} # accent5 (cyan)
set -g fish_color_escape ${config.colorScheme.palette.base09} # accent2 (orange)
# Path colors
set -g fish_color_cwd ${config.colorScheme.palette.base0B} # accent4 (green)
set -g fish_color_cwd_root ${config.colorScheme.palette.base08} # accent1 (red)
set -g fish_color_valid_path --underline
# Interactive colors
set -g fish_color_match ${config.colorScheme.palette.base0B} # accent4 (green)
set -g fish_color_selection --background=${config.colorScheme.palette.base02} # overlay
set -g fish_color_search_match --background=${config.colorScheme.palette.base02} # overlay
set -g fish_color_history_current --bold
set -g fish_color_user ${config.colorScheme.palette.base0B} # accent4 (green)
set -g fish_color_host ${config.colorScheme.palette.base0D} # accent6 (blue)
set -g fish_color_cancel -r
# Pager colors
set -g fish_pager_color_completion normal
set -g fish_pager_color_description ${config.colorScheme.palette.base03} # muted
set -g fish_pager_color_prefix ${config.colorScheme.palette.base0E} # accent7 (purple)
set -g fish_pager_color_progress ${config.colorScheme.palette.base0B} # accent4 (green)
'';
loginShellInit = '' loginShellInit = ''
set -x NIX_PATH nixpkgs=channel:nixos-unstable set -x NIX_PATH nixpkgs=channel:nixos-unstable
set -x NIX_LOG info set -x NIX_LOG info
@@ -69,7 +32,7 @@ in {
source /run/agenix/${config.home.username}-secrets source /run/agenix/${config.home.username}-secrets
if test (tty) = "/dev/tty1" if test (tty) = "/dev/tty1"
exec uwsm start -F /run/current-system/sw/bin/Hyprland exec uwsm start -S -F /run/current-system/sw/bin/Hyprland
end end
if test (tty) = "/dev/tty2" if test (tty) = "/dev/tty2"
exec gamescope -O HDMI-A-1 -W 1920 -H 1080 --adaptive-sync --hdr-enabled --rt --steam -- steam -pipewire-dmabuf -tenfoot exec gamescope -O HDMI-A-1 -W 1920 -H 1080 --adaptive-sync --hdr-enabled --rt --steam -- steam -pipewire-dmabuf -tenfoot
@@ -85,8 +48,6 @@ in {
grep = "rg"; grep = "rg";
ps = "procs"; ps = "procs";
just = "just --unstable"; just = "just --unstable";
node = "bun";
npx = "bunx";
fs = "du -ah . | sort -hr | head -n 10"; fs = "du -ah . | sort -hr | head -n 10";
n = "nix"; n = "nix";

27
home/features/cli/fzf.nix
View File

@@ -13,25 +13,22 @@ in {
enable = true; enable = true;
enableFishIntegration = true; enableFishIntegration = true;
colors = { colors = {
"fg" = "#${config.colorScheme.palette.base05}"; "fg" = "#f8f8f2";
"bg" = "#${config.colorScheme.palette.base00}"; "bg" = "#282a36";
"hl" = "#${config.colorScheme.palette.base0E}"; "hl" = "#bd93f9";
"fg+" = "#${config.colorScheme.palette.base05}"; "fg+" = "#f8f8f2";
"bg+" = "#${config.colorScheme.palette.base02}"; "bg+" = "#44475a";
"hl+" = "#${config.colorScheme.palette.base0E}"; "hl+" = "#bd93f9";
"info" = "#${config.colorScheme.palette.base09}"; "info" = "#ffb86c";
"prompt" = "#${config.colorScheme.palette.base0B}"; "prompt" = "#50fa7b";
"pointer" = "#${config.colorScheme.palette.base08}"; "pointer" = "#ff79c6";
"marker" = "#${config.colorScheme.palette.base08}"; "marker" = "#ff79c6";
"spinner" = "#${config.colorScheme.palette.base09}"; "spinner" = "#ffb86c";
"header" = "#${config.colorScheme.palette.base03}"; "header" = "#6272a4";
}; };
defaultOptions = [ defaultOptions = [
"--preview='bat --color=always -n {}'" "--preview='bat --color=always -n {}'"
"--bind 'ctrl-/:toggle-preview'" "--bind 'ctrl-/:toggle-preview'"
"--header 'Press CTRL-Y to copy command into clipboard'"
"--bind 'ctrl-/:toggle-preview'"
"--bind 'ctrl-y:execute-silent(echo -n {2..} | wl-copy)+abort'"
]; ];
defaultCommand = "fd --type f --exclude .git --follow --hidden"; defaultCommand = "fd --type f --exclude .git --follow --hidden";
changeDirWidgetCommand = "fd --type d --exclude .git --follow --hidden"; changeDirWidgetCommand = "fd --type d --exclude .git --follow --hidden";

15
home/features/cli/nitch.nix
View File

@@ -1,15 +0,0 @@
{
config,
lib,
pkgs,
...
}:
with lib; let
cfg = config.features.cli.nitch;
in {
options.features.cli.nitch.enable = mkEnableOption "enable nitch";
config = mkIf cfg.enable {
home.packages = with pkgs; [nitch];
};
}

182
home/features/cli/nushell.nix
View File

@@ -1,182 +0,0 @@
{
config,
lib,
...
}:
with lib; let
cfg = config.features.cli.nushell;
in {
options.features.cli.nushell.enable = mkEnableOption "enable nushell";
config = mkIf cfg.enable {
programs.nushell = {
enable = true;
envFile.text = ''
$env.config.show_banner = false
$env.NIX_PATH = "nixpkgs=channel:nixos-unstable"
$env.NIX_LOG = "iunfo"
$env.WEBKIT_DISABLE_COMPOSITING_MODE = "1"
$env.TERMINAL = "kitty"
$env.EDITOR = "nvim"
$env.VISUAL = "zed"
$env.FZF_DEFAULT_COMMAND = "fd --type f --exclude .git --follow --hidden"
$env.FZF_DEFAULT_OPTS = "--preview='bat --color=always --style=numbers --line-range=:500 {}' --bind 'ctrl-/:toggle-preview' --header 'Press CTRL-Y to copy to clipboard' --bind 'ctrl-y:execute-silent(echo {} | wl-copy)' --color bg:#${config.colorScheme.palette.base00},bg+:#${config.colorScheme.palette.base02},fg:#${config.colorScheme.palette.base05},fg+:#${config.colorScheme.palette.base05},header:#${config.colorScheme.palette.base03},hl:#${config.colorScheme.palette.base0E},hl+:#${config.colorScheme.palette.base0E},info:#${config.colorScheme.palette.base09},marker:#${config.colorScheme.palette.base08},pointer:#${config.colorScheme.palette.base08},prompt:#${config.colorScheme.palette.base0B},spinner:#${config.colorScheme.palette.base09}"
$env.XDG_DATA_HOME = $"($env.HOME)/.local/share"
$env.FZF_DEFAULT_COMMAND = "fd --type f --exclude .git --follow --hidden"
$env.SSH_AUTH_SOCK = "/run/user/1000/gnupg/S.gpg-agent.ssh"
$env.FLAKE = $"($env.HOME)/p/nixos/nixos-config"
$env.PATH = ($env.PATH | split row (char esep) | append "/home/m3tam3re/.cache/.bun/bin" | uniq)
source /run/agenix/${config.home.username}-secrets
'';
configFile.text = ''
# FZF integration functions for nushell
def fzf-file [] {
fd --type f --exclude .git --follow --hidden | fzf --preview 'bat --color=always --style=numbers --line-range=:500 {}' --bind 'ctrl-y:execute-silent(echo {} | wl-copy)'
}
def fzf-dir [] {
fd --type d --exclude .git --follow --hidden | fzf --preview 'ls -la {}'
}
def fzf-history [] {
history | get command | reverse | fzf --bind 'ctrl-y:execute-silent(echo {} | wl-copy)'
}
# Key bindings for FZF
$env.config = {
keybindings: [
{
name: fzf_file
modifier: control
keycode: char_t
mode: [emacs, vi_normal, vi_insert]
event: {
send: executehostcommand
cmd: "commandline edit --insert (fzf-file)"
}
}
{
name: fzf_history
modifier: control
keycode: char_r
mode: [emacs, vi_normal, vi_insert]
event: {
send: executehostcommand
cmd: "commandline edit --replace (fzf-history)"
}
}
]
}
# Aliases
alias .. = cd ..
alias ... = cd ...
alias h = cd $env.HOME
alias b = yazi
alias lt = eza --tree --level=2 --long --icons --git
alias grep = rg
alias just = just --unstable
alias node = bun
alias npx = bunx
alias n = nix
alias nd = nix develop -c $nu.current-shell
alias ns = nix shell
alias nsn = nix shell nixpkgs#
alias nb = nix build
alias nbn = nix build nixpkgs#
alias nf = nix flake
alias nr = sudo nixos-rebuild --flake .
alias nrs = sudo nixos-rebuild switch --flake .#(sys host | get hostname)
alias snr = sudo nixos-rebuild --flake .
alias snrs = sudo nixos-rebuild --flake . switch
alias hm = home-manager --flake .
alias hms = home-manager --flake . switch
alias hmr = do { cd ~/projects/nix-configurations; nix flake lock --update-input dotfiles; home-manager --flake .#(whoami)@(hostname) switch }
alias tsu = sudo tailscale up
alias tsd = sudo tailscale down
alias vi = nvim
alias vim = nvim
def history_fuzzy [] {
let selected = (
history
| reverse
| get command
| uniq
| to text
| ^fzf
)
if ($selected | is-not-empty) {
commandline edit ($selected)
} else {
null
}
}
def --env dir_fuzzy [] {
let selected = (
fd --type directory
| ^fzf
)
cd $selected
}
def find_fuzzy [] {
# Find non-hidden text files with matches for any content and select one via fuzzy search
let selected = (
^fd --type file --no-hidden -X rg -l --files-with-matches .
| lines
| to text
| ^fzf
)
if ($selected | is-not-empty) {
^$env.EDITOR $selected
}
}
$env.config = {
keybindings: [
{
name: history_fuzzy
modifier: control
keycode: char_r
mode: [emacs, vi_insert, vi_normal]
event: [
{
send: executehostcommand
cmd: "history_fuzzy"
}
]
}
{
name: dir_fuzzy
modifier: alt
keycode: char_c
mode: [emacs, vi_insert, vi_normal]
event: [
{
send: executehostcommand
cmd: "dir_fuzzy"
}
]
}
{
name: history_fuzzy
modifier: control
keycode: char_t
mode: [emacs, vi_insert, vi_normal]
event: [
{
send: executehostcommand
cmd: "find_fuzzy"
}
]
}
]
}
'';
};
};
}

2
home/features/cli/secrets.nix
View File

@@ -16,6 +16,6 @@ in {
pkgs.pass-wayland.withExtensions pkgs.pass-wayland.withExtensions
(exts: [exts.pass-otp exts.pass-import]); (exts: [exts.pass-otp exts.pass-import]);
}; };
home.packages = with pkgs; [pinentry-gnome3]; home.packages = with pkgs; [pinentry];
}; };
} }

51
home/features/cli/starship.nix
View File

@@ -12,57 +12,6 @@ in {
programs.starship = { programs.starship = {
enable = true; enable = true;
enableFishIntegration = true; enableFishIntegration = true;
enableNushellIntegration = true;
settings = {
format = "$all$character";
palette = "universal";
palettes.universal = {
background = "#${config.colorScheme.palette.base00}";
surface = "#${config.colorScheme.palette.base01}";
muted = "#${config.colorScheme.palette.base03}";
text = "#${config.colorScheme.palette.base05}";
bright = "#${config.colorScheme.palette.base07}";
accent1 = "#${config.colorScheme.palette.base08}";
accent2 = "#${config.colorScheme.palette.base09}";
accent3 = "#${config.colorScheme.palette.base0A}";
accent4 = "#${config.colorScheme.palette.base0B}";
accent5 = "#${config.colorScheme.palette.base0C}";
accent6 = "#${config.colorScheme.palette.base0D}";
accent7 = "#${config.colorScheme.palette.base0E}";
};
character = {
success_symbol = "[](accent7)";
error_symbol = "[](accent1)";
};
directory = {
style = "accent6";
truncation_length = 3;
truncate_to_repo = false;
};
git_branch = {
style = "accent7";
};
git_status = {
style = "accent5";
};
cmd_duration = {
style = "accent3";
};
hostname = {
style = "accent4";
};
username = {
style_user = "accent2";
};
};
}; };
}; };
} }

16
home/features/cli/zellij.nix
View File

@@ -11,22 +11,6 @@ in {
config = mkIf cfg.enable { config = mkIf cfg.enable {
programs.zellij = { programs.zellij = {
enable = true; enable = true;
settings = {
theme = "universal";
themes.universal = {
bg = "#${config.colorScheme.palette.base00}";
fg = "#${config.colorScheme.palette.base05}";
black = "#${config.colorScheme.palette.base01}";
red = "#${config.colorScheme.palette.base08}";
green = "#${config.colorScheme.palette.base0B}";
yellow = "#${config.colorScheme.palette.base0A}";
blue = "#${config.colorScheme.palette.base0D}";
magenta = "#${config.colorScheme.palette.base0E}";
cyan = "#${config.colorScheme.palette.base0C}";
white = "#${config.colorScheme.palette.base07}";
orange = "#${config.colorScheme.palette.base09}";
};
};
}; };
}; };
} }

17
home/features/coding/default.nix
View File

@@ -1,30 +1,17 @@
{pkgs, ...}: { {pkgs, ...}: {
imports = [
./opencode.nix
];
home.packages = with pkgs; [ home.packages = with pkgs; [
agenix-cli
alejandra
beads
bc
bun
claude-code
devpod devpod
#devpod-desktop devpod-desktop
code2prompt
nur.repos.charmbracelet.crush
(python3.withPackages (ps: (python3.withPackages (ps:
with ps; [ with ps; [
pip pip
uv
# Scientific packages # Scientific packages
numba numba
numpy numpy
openai-whisper
torch torch
srt srt
])) ]))
opencode-desktop
pyrefly
nixd nixd
alejandra alejandra
tailwindcss tailwindcss

260
home/features/coding/opencode.nix
View File

@@ -1,260 +0,0 @@
{inputs, ...}: {
xdg.configFile = {
"opencode/command" = {
source = "${inputs.agents}/command";
recursive = true;
};
"opencode/context" = {
source = "${inputs.agents}/context";
recursive = true;
};
"opencode/prompts" = {
source = "${inputs.agents}/prompts";
recursive = true;
};
"opencode/skill" = {
source = "${inputs.agents}/skill";
recursive = true;
};
};
programs.opencode = {
enable = true;
settings = {
theme = "opencode";
plugin = ["oh-my-opencode" "opencode-beads" "opencode-antigravity-auth@beta"];
agent =
builtins.fromJSON
(builtins.readFile "${inputs.agents}/agent/agents.json");
formatter = {
alejandra = {
command = ["alejandra" "-q" "-"];
extensions = [".nix"];
};
};
mcp = {
Ref = {
type = "local";
command = [
"sh"
"-c"
"REF_API_KEY=$(cat /run/agenix/ref-key) exec bunx ref-tools-mcp@latest"
];
enabled = true;
};
Anytype = {
type = "local";
command = [
"sh"
"-c"
"OPENAPI_MCP_HEADERS=$(cat /run/agenix/anytype-key) exec bunx @anyproto/anytype-mcp"
];
enabled = false;
};
Basecamp = {
type = "local";
command = [
"/home/m3tam3re/p/PYTHON/Basecamp-MCP-Server/venv/bin/python"
"/home/m3tam3re/p/PYTHON/Basecamp-MCP-Server/basecamp_fastmcp.py"
];
environment = {
PYTHONPATH = "/home/m3tam3re/p/PYTHON/Basecamp-MCP-Server";
VIRTUAL_ENV = "/home/m3tam3re/p/PYTHON/Basecamp-MCP-Server/venv";
BASECAMP_ACCOUNT_ID = "5996442";
};
enabled = false;
};
Exa = {
type = "local";
command = [
"sh"
"-c"
"EXA_API_KEY=$(cat /run/agenix/exa-key) exec bunx exa-mcp-server@latest tools=web_search_exa"
];
enabled = true;
};
};
provider = {
google = {
models = {
antigravity-gemini-3-pro = {
name = "Gemini 3 Pro (Antigravity)";
limit = {
context = 1048576;
output = 65535;
};
modalities = {
input = ["text" "image" "pdf"];
output = ["text"];
};
variants = {
low = {thinkingLevel = "low";};
high = {thinkingLevel = "high";};
};
};
antigravity-gemini-3-flash = {
name = "Gemini 3 Flash (Antigravity)";
limit = {
context = 1048576;
output = 65536;
};
modalities = {
input = ["text" "image" "pdf"];
output = ["text"];
};
variants = {
minimal = {thinkingLevel = "minimal";};
low = {thinkingLevel = "low";};
medium = {thinkingLevel = "medium";};
high = {thinkingLevel = "high";};
};
};
antigravity-claude-sonnet-4-5 = {
name = "Claude Sonnet 4.5 (Antigravity)";
limit = {
context = 200000;
output = 64000;
};
modalities = {
input = ["text" "image" "pdf"];
output = ["text"];
};
};
antigravity-claude-sonnet-4-5-thinking = {
name = "Claude Sonnet 4.5 Thinking (Antigravity)";
limit = {
context = 200000;
output = 64000;
};
modalities = {
input = ["text" "image" "pdf"];
output = ["text"];
};
variants = {
low = {thinkingConfig = {thinkingBudget = 8192;};};
max = {thinkingConfig = {thinkingBudget = 32768;};};
};
};
antigravity-claude-opus-4-5-thinking = {
name = "Claude Opus 4.5 Thinking (Antigravity)";
limit = {
context = 200000;
output = 64000;
};
modalities = {
input = ["text" "image" "pdf"];
output = ["text"];
};
variants = {
low = {thinkingConfig = {thinkingBudget = 8192;};};
max = {thinkingConfig = {thinkingBudget = 32768;};};
};
};
"gemini-2.5-flash" = {
name = "Gemini 2.5 Flash (Gemini CLI)";
limit = {
context = 1048576;
output = 65536;
};
modalities = {
input = ["text" "image" "pdf"];
output = ["text"];
};
};
"gemini-2.5-pro" = {
name = "Gemini 2.5 Pro (Gemini CLI)";
limit = {
context = 1048576;
output = 65536;
};
modalities = {
input = ["text" "image" "pdf"];
output = ["text"];
};
};
"gemini-3-flash-preview" = {
name = "Gemini 3 Flash Preview (Gemini CLI)";
limit = {
context = 1048576;
output = 65536;
};
modalities = {
input = ["text" "image" "pdf"];
output = ["text"];
};
};
"gemini-3-pro-preview" = {
name = "Gemini 3 Pro Preview (Gemini CLI)";
limit = {
context = 1048576;
output = 65535;
};
modalities = {
input = ["text" "image" "pdf"];
output = ["text"];
};
};
};
};
};
};
};
home.file.".config/opencode/oh-my-opencode.json".text = builtins.toJSON {
"$schema" = "https://raw.githubusercontent.com/code-yeongyu/oh-my-opencode/master/assets/oh-my-opencode.schema.json";
google_auth = false;
agents = {
sisyphus = {
model = "zai-coding-plan/glm-4.7";
};
oracle = {
model = "zai-coding-plan/glm-4.7";
};
librarian = {
model = "zai-coding-plan/glm-4.7";
};
explore = {
model = "zai-coding-plan/glm-4.5-air";
};
multimodal-looker = {
model = "zai-coding-plan/glm-4.6v";
};
prometheus = {
model = "zai-coding-plan/glm-4.7";
};
metis = {
model = "zai-coding-plan/glm-4.7";
};
momus = {
model = "zai-coding-plan/glm-4.7";
};
atlas = {
model = "zai-coding-plan/glm-4.7";
};
};
categories = {
visual-engineering = {
model = "zai-coding-plan/glm-4.7";
};
ultrabrain = {
model = "zai-coding-plan/glm-4.7";
};
artistry = {
model = "zai-coding-plan/glm-4.7";
};
quick = {
model = "zai-coding-plan/glm-4.7";
};
unspecified-low = {
model = "zai-coding-plan/glm-4.7";
};
unspecified-high = {
model = "zai-coding-plan/glm-4.7";
};
writing = {
model = "zai-coding-plan/glm-4.7";
};
};
disabled_mcps = ["context7" "websearch"];
};
}

79
home/features/desktop/AGENTS.md
View File

@@ -1,79 +0,0 @@
# DESKTOP FEATURES (home-manager)
**Wayland/Hyprland environment with color-coordinated tooling**
## OVERVIEW
12 modular desktop features with nix-colors (Dracula) integration across all components.
## STRUCTURE
```
desktop/
├── default.nix # Imports + XDG + Kitty config
├── coding.nix # Development tools (VSCode, etc.)
├── crypto.nix # Crypto wallets/tools
├── fonts.nix # Font packages
├── gaming.nix # Gaming tools/Steam
├── hyprland.nix # Hyprland WM configuration
├── media.nix # Media players/editors
├── office.nix # LibreOffice, document tools
├── rofi.nix # Application launcher
├── theme.nix # GTK/Qt theming
├── wayland.nix # Wayland utilities
└── webapps.nix # Browser-based apps
```
## WHERE TO LOOK
| Task | Location | Notes |
|------|----------|-------|
| Add desktop app | Relevant feature .nix | Update home.packages |
| Configure Hyprland | hyprland.nix | Window manager settings |
| Fix colors | Check colorScheme references | Uses config.colorScheme.palette.base* |
| Add font | fonts.nix | Increases system closure size |
## CONVENTIONS
### Color Scheme Integration
All color-aware tools reference `config.colorScheme.palette.base00` through `base0F`:
- **base00-07**: Grayscale (dark to light)
- **base08**: Red/errors
- **base09**: Orange
- **base0A**: Yellow/strings
- **base0B**: Green/functions
- **base0C**: Cyan
- **base0D**: Blue/types
- **base0E**: Purple/constants
- **base0F**: Brown
Template:
```nix
foreground = "#${config.colorScheme.palette.base05}";
background = "#${config.colorScheme.palette.base00}";
```
### Session Variables
Set in default.nix for Wayland/Hyprland:
```nix
NIXOS_OZONE_WL = "1";
QT_QPA_PLATFORM = "wayland";
XDG_CURRENT_DESKTOP = "Hyprland";
```
### XDG Defaults
- **PDF**: okular
- **Text**: nvim
- **Browser**: Zen (io.github.zen_browser.zen)
- **Archive**: file-roller
## ANTI-PATTERNS
- **DON'T** hardcode hex colors - use colorScheme palette
- **DON'T** install fonts globally - keep in user packages
- **DON'T** bypass XDG defaults - set in mimeApps
## NOTES
- Kitty terminal configured in default.nix (not separate file)
- Bibata-Modern-Ice cursor theme hardcoded
- Session path includes cargo, npm-global, bun
- Desktop features are always-enabled (no feature flags in this dir)

79
home/features/desktop/coding.nix
View File

@@ -5,7 +5,7 @@
... ...
}: }:
with lib; let with lib; let
cfg = config.features.desktop.coding; cfg = config.features.desktop.office;
in { in {
options.features.desktop.coding.enable = options.features.desktop.coding.enable =
mkEnableOption "install coding related stuff"; mkEnableOption "install coding related stuff";
@@ -15,9 +15,80 @@ in {
bruno bruno
insomnia insomnia
]; ];
coding.editors = {
neovim.enable = true; programs.zed-editor = {
zed.enable = true; enable = true;
userSettings = {
features = {
inline_prediction_provider = "zed";
inline_completion_provider = "zed";
copilot = false;
};
telemetry = {
metrics = false;
};
lsp = {
rust_analyzer = {
binary = {path_lookup = true;};
};
};
languages = {
Nix = {
language_servers = ["nixd"];
formatter = {
external = {
command = "alejandra";
arguments = ["-q" "-"];
};
};
};
Python = {
language_servers = ["pyright"];
formatter = {
external = {
command = "black";
arguments = ["-"];
};
};
};
};
assistant = {
version = "2";
default_model = {
provider = "zed.dev";
model = "claude-3-5-sonnet-latest";
};
};
language_models = {
anthropic = {
version = "1";
api_url = "https://api.anthropic.com";
};
openai = {
version = "1";
api_url = "https://api.openai.com/v1";
};
ollama = {
api_url = "http://localhost:11434";
};
};
ssh_connections = [
{
host = "152.53.85.162";
nickname = "m3-atlas";
args = ["-i" "~/.ssh/m3tam3re"];
}
];
auto_update = false;
format_on_save = "on";
vim_mode = true;
load_direnv = "shell_hook";
theme = "Dracula";
buffer_font_family = "FiraCode Nerd Font";
ui_font_size = 16;
buffer_font_size = 16;
show_edit_predictions = true;
};
}; };
}; };
} }

87
home/features/desktop/default.nix
View File

@@ -1,8 +1,4 @@
{ {pkgs, ...}: {
config,
pkgs,
...
}: {
imports = [ imports = [
./coding.nix ./coding.nix
./crypto.nix ./crypto.nix
@@ -13,9 +9,8 @@
./office.nix ./office.nix
./rofi.nix ./rofi.nix
./theme.nix ./theme.nix
./wallpapers.nix
./wayland.nix ./wayland.nix
./webapps.nix ./wofi.nix
]; ];
xdg = { xdg = {
@@ -53,10 +48,23 @@
XDG_SESSION_TYPE = "wayland"; XDG_SESSION_TYPE = "wayland";
XDG_SESSION_DESKTOP = "Hyprland"; XDG_SESSION_DESKTOP = "Hyprland";
}; };
home.sessionPath = ["\${XDG_BIN_HOME}" "\${HOME}/.cargo/bin" "$HOME/.npm-global/bin" "$HOME/.cache/.bun/bin"]; home.sessionPath = ["\${XDG_BIN_HOME}" "\${HOME}/.cargo/bin" "$HOME/.npm-global/bin"];
fonts.fontconfig.enable = true; fonts.fontconfig.enable = true;
services.mako = {
enable = true;
backgroundColor = "#282a36";
textColor = "#80FFEA";
borderColor = "#9742b5";
width = 400;
height = 150;
padding = "10,20";
borderRadius = 8;
borderSize = 1;
margin = "20,20";
};
programs.kitty = { programs.kitty = {
enable = true; enable = true;
shellIntegration = { shellIntegration = {
@@ -64,58 +72,8 @@
enableBashIntegration = true; enableBashIntegration = true;
}; };
font = {name = "Fira Code";}; font = {name = "Fira Code";};
themeFile = "Dracula";
settings = { settings = {copy_on_select = "yes";};
copy_on_select = "yes";
# Base colors
foreground = "#${config.colorScheme.palette.base05}";
background = "#${config.colorScheme.palette.base00}";
selection_foreground = "#${config.colorScheme.palette.base07}";
selection_background = "#${config.colorScheme.palette.base02}";
# URL color
url_color = "#${config.colorScheme.palette.base08}";
# Cursor
cursor = "#${config.colorScheme.palette.base05}";
cursor_text_color = "#${config.colorScheme.palette.base00}";
# Colors 0-15
color0 = "#${config.colorScheme.palette.base01}";
color8 = "#${config.colorScheme.palette.base03}";
color1 = "#${config.colorScheme.palette.base08}";
color9 = "#${config.colorScheme.palette.base08}";
color2 = "#${config.colorScheme.palette.base0B}";
color10 = "#${config.colorScheme.palette.base0B}";
color3 = "#${config.colorScheme.palette.base0A}";
color11 = "#${config.colorScheme.palette.base0A}";
color4 = "#${config.colorScheme.palette.base0D}";
color12 = "#${config.colorScheme.palette.base0D}";
color5 = "#${config.colorScheme.palette.base0E}";
color13 = "#${config.colorScheme.palette.base0E}";
color6 = "#${config.colorScheme.palette.base0C}";
color14 = "#${config.colorScheme.palette.base0C}";
color7 = "#${config.colorScheme.palette.base05}";
color15 = "#${config.colorScheme.palette.base07}";
# Tab colors
active_tab_foreground = "#${config.colorScheme.palette.base00}";
active_tab_background = "#${config.colorScheme.palette.base05}";
inactive_tab_foreground = "#${config.colorScheme.palette.base05}";
inactive_tab_background = "#${config.colorScheme.palette.base01}";
# Mark colors
mark1_foreground = "#${config.colorScheme.palette.base00}";
mark1_background = "#${config.colorScheme.palette.base08}";
};
}; };
home.pointerCursor = { home.pointerCursor = {
@@ -127,14 +85,12 @@
home.packages = with pkgs; [ home.packages = with pkgs; [
appimage-run appimage-run
stable.anytype anytype
# blueberry # blueberry
bemoji
brave brave
# brightnessctl # brightnessctl
# clipman # clipman
distrobox distrobox
launch-webapp
# eww # eww
# firefox-devedition # firefox-devedition
file-roller file-roller
@@ -145,8 +101,8 @@
# google-chrome # google-chrome
# gsettings-desktop-schemas # gsettings-desktop-schemas
# graphviz # graphviz
ksnip # ksnip
msty-studio msty
nwg-look nwg-look
# pamixer # pamixer
# pavucontrol # pavucontrol
@@ -167,6 +123,7 @@
telegram-desktop telegram-desktop
vivaldi vivaldi
vivaldi-ffmpeg-codecs vivaldi-ffmpeg-codecs
warp-terminal
# wl-clipboard # wl-clipboard
# wlogout # wlogout
# wtype # wtype

3
home/features/desktop/gaming.nix
View File

@@ -13,10 +13,9 @@ in {
config = mkIf cfg.enable { config = mkIf cfg.enable {
home.packages = with pkgs; [ home.packages = with pkgs; [
gamescope gamescope
gamemode
goverlay goverlay
mangohud mangohud
protonplus protonup-ng
]; ];
}; };
} }

223
home/features/desktop/hyprland.nix
View File

@@ -1,15 +1,4 @@
{ {
config,
lib,
...
}:
with lib; let
cfg = config.features.desktop.hyprland;
in {
options.features.desktop.hyprland.enable =
mkEnableOption "Hyprland related stuff";
config = mkIf cfg.enable {
wayland.windowManager.hyprland = { wayland.windowManager.hyprland = {
settings = { settings = {
xwayland = { xwayland = {
@@ -18,9 +7,9 @@ in {
exec-once = [ exec-once = [
"hyprpanel" "hyprpanel"
"while ! hyprpaper-random; do sleep 0.5; done" "hyprpaper"
"wl-paste --type text --watch cliphist store" # Stores only text data "hypridle"
"wl-paste --type image --watch cliphist store" # Stores only image data "wl-paste -p -t text --watch clipman store -P --histpath=\"~/.local/share/clipman-primary.json\"" "wl-paste -p -t text --watch clipman store -P --histpath=\"~/.local/share/clipman-primary.json\""
]; ];
env = [ env = [
@@ -28,10 +17,6 @@ in {
"HYPRCURSOR_THEME,Bibata-Modern-Ice" "HYPRCURSOR_THEME,Bibata-Modern-Ice"
"WLR_NO_HARDWARE_CURSORS,1" "WLR_NO_HARDWARE_CURSORS,1"
"GTK_THEME,Dracula" "GTK_THEME,Dracula"
"XDG_CURRENT_DESKTOP,Hyprland"
"XDG_SESSION_TYPE,wayland"
"XDG_SESSION_DESKTOP,Hyprland"
"NIXOS_OZONE_WL,1"
]; ];
input = { input = {
@@ -47,9 +32,8 @@ in {
gaps_in = 5; gaps_in = 5;
gaps_out = 5; gaps_out = 5;
border_size = 1; border_size = 1;
# Keeping the existing active border as requested
"col.active_border" = "rgba(9742b5ee) rgba(9742b5ee) 45deg"; "col.active_border" = "rgba(9742b5ee) rgba(9742b5ee) 45deg";
"col.inactive_border" = "rgba(${config.colorScheme.palette.base03}aa)"; "col.inactive_border" = "rgba(595959aa)";
layout = "dwindle"; layout = "dwindle";
}; };
@@ -58,7 +42,7 @@ in {
enabled = true; enabled = true;
range = 60; range = 60;
render_power = 3; render_power = 3;
color = "rgba(${config.colorScheme.palette.base00}66)"; color = "rgba(1E202966)";
offset = "1 2"; offset = "1 2";
scale = 0.97; scale = 0.97;
}; };
@@ -94,6 +78,10 @@ in {
new_status = "master"; new_status = "master";
}; };
gestures = {
workspace_swipe = false;
};
device = [ device = [
{ {
name = "epic-mouse-v1"; name = "epic-mouse-v1";
@@ -109,83 +97,56 @@ in {
} }
]; ];
windowrule = [ windowrule = [
# Floating dialogs "float, class:file_progress"
"match:class file_progress, float on" "float, class:confirm"
"match:class confirm, float on" "float, class:dialog"
"match:class dialog, float on" "float, class:download"
"match:class download, float on" "float, class:notification"
"match:class notification, float on" "float, class:error"
"match:class error, float on" "float, class:splash"
"match:class splash, float on" "float, class:confirmreset"
"match:class confirmreset, float on" "float, title:Open File"
"match:title Open File, float on" "float, title:branchdialog"
"match:title branchdialog, float on" "float, class:pavucontrol-qt"
"match:class pavucontrol-qt, float on" "float, class:pavucontrol"
"match:class pavucontrol, float on" "fullscreen, class:wlogout"
# wlogout "float, title:wlogout"
"match:class wlogout, fullscreen on" "fullscreen, title:wlogout"
"match:title wlogout, float on" "float, class:mpv"
"match:title wlogout, fullscreen on" "idleinhibit focus, class:mpv"
# mpv "opacity 1.0 override, class:mpv"
"match:class mpv, float on" "float, title:^(Media viewer)$"
"match:class mpv, idle_inhibit focus" "float, title:^(Volume Control)$"
"match:class mpv, opacity 1.0 override" "float, title:^(Picture-in-Picture)$"
# Media/Volume/PiP
"match:title ^(Media viewer)$, float on"
"match:title ^(Volume Control)$, float on"
"match:title ^(Picture-in-Picture)$, float on"
# Pomodoro timer
"match:title ^(floating-pomodoro)$, float on"
"match:title ^(floating-pomodoro)$, size 250 50"
"match:title ^(floating-pomodoro)$, move 12 (monitor_h-150)"
"match:title ^(floating-pomodoro)$, pin on"
# Streamlabs overlays
"match:initial_title .*streamlabs.com.*, float on"
"match:initial_title .*streamlabs.com.*, pin on"
"match:initial_title .*streamlabs.com.*, size 800 400"
"match:initial_title .*alert-box.*, move 100%-820 102"
"match:initial_title .*chat-box.*, move 100%-820 512"
"match:initial_title .*streamlabs.com.*, opacity 0.5 override"
"match:initial_title .*streamlabs.com.*, idle_inhibit focus"
"match:initial_title .*streamlabs.com.*, no_anim on"
"match:initial_title .*streamlabs.com.*, decorate off"
"match:initial_title .*streamlabs.com.*, no_shadow on"
"match:initial_title .*streamlabs.com.*, no_blur on"
"border_color rgb(ffffff), match:xwayland 1"
]; ];
"$mainMod" = "SUPER"; "$mainMod" = "SUPER";
"$terminal" = "kitty";
bind = [ bind = [
"$mainMod, return, exec, $terminal nu -c zellij-ps" "$mainMod, return, exec, kitty -e zellij-ps"
# "$mainMod, t, exec, warp-terminal" # "$mainMod, t, exec, warp-terminal"
"$mainMod, t, exec, $terminal -e nu -c 'nitch; exec nu'" "$mainMod, t, exec, kitty -e fish -c 'fastfetch; exec fish'"
"$mainMod SHIFT, t, exec, launch-timer" "$mainMod SHIFT, e, exec, kitty -e zellij_nvim"
"$mainMod, n, exec, $terminal -e nvim"
"$mainMod, z, exec, uwsm app -- zeditor"
"$mainMod, o, exec, hyprctl setprop activewindow opaque toggle" "$mainMod, o, exec, hyprctl setprop activewindow opaque toggle"
"$mainMod, r, exec, hyprctl dispatch focuswindow \"initialtitle:.*alert-box.*\" && hyprctl dispatch moveactive exact 4300 102 && hyprctl dispatch focuswindow \"initialtitle:.*chat-box.*\" && hyprctl dispatch moveactive exact 4300 512" "$mainMod, b, exec, thunar"
"$mainMod, b, exec, uwsm app -- thunar" "$mainMod SHIFT, B, exec, vivaldi"
"$mainMod SHIFT, B, exec, uwsm app -- vivaldi" "$mainMod, Escape, exec, wlogout -p layer-shell"
"$mainMod, Escape, exec, uwsm app -- wlogout -p layer-shell"
"$mainMod, Space, togglefloating" "$mainMod, Space, togglefloating"
"$mainMod, q, killactive" "$mainMod, q, killactive"
"$mainMod, M, exit" "$mainMod, M, exit"
"$mainMod, F, fullscreen" "$mainMod, F, fullscreen"
"$mainMod SHIFT, V, togglefloating" "$mainMod, V, togglefloating"
"$mainMod, D, exec, uwsm app -- rofi -show drun -run-command \"uwsm app -- {cmd}\"" "$mainMod, D, exec, rofi -show"
"$mainMod, V, exec, uwsm app -- cliphist list | rofi -dmenu | cliphist decode | wl-copy" "$mainMod SHIFT, S, exec, bemoji"
"$mainMod, C, exec, bash -c 'FILE=/tmp/screenshot_$(date +%s).png; grim -g \"$(slurp)\" \"$FILE\" && ksnip \"$FILE\"'" "$mainMod, P, exec, rofi-pass"
"$mainMod SHIFT, S, exec, uwsm app -- rofi -show emoji"
"$mainMod, P, exec, uwsm app -- rofi-pass"
"$mainMod SHIFT, P, pseudo" "$mainMod SHIFT, P, pseudo"
"$mainMod, R, exec, stt-ptt start"
"$mainMod, J, togglesplit" "$mainMod, J, togglesplit"
"$mainMod, h, movefocus, l" "$mainMod, h, movefocus, l"
"$mainMod, l, movefocus, r" "$mainMod, l, movefocus, r"
"$mainMod, k, movefocus, u" "$mainMod, k, movefocus, u"
"$mainMod, j, movefocus, d" "$mainMod, j, movefocus, d"
"$mainMod, 1, workspace, 1" "$mainMod, 1, workspace, 1"
"$mainMod, 2, workspace, 2" "$mainMod, 2, workspace, 2"
"$mainMod, 3, workspace, 3" "$mainMod, 3, workspace, 3"
"$mainMod, 4, workspace, 4" "$mainMod, 4, workspace, 4"
@@ -208,109 +169,11 @@ in {
"$mainMod, mouse_down, workspace, e+1" "$mainMod, mouse_down, workspace, e+1"
"$mainMod, mouse_up, workspace, e-1" "$mainMod, mouse_up, workspace, e-1"
]; ];
bindr = [
"$mainMod, R, exec, stt-ptt stop"
];
bindm = [ bindm = [
"$mainMod, mouse:272, movewindow" "$mainMod, mouse:272, movewindow"
"$mainMod, mouse:273, resizewindow" "$mainMod, mouse:273, resizewindow"
]; ];
}; };
}; };
services.hypridle = {
enable = true;
settings = {
general = {
before_sleep_cmd = "hyprlock";
after_sleep_cmd = "hyprctl dispatch dpms on";
inhibit_sleep = 3;
};
listener = [
{
timeout = 300; # 5 min
on-timeout = "hyprlock";
}
{
timeout = 420; # 5.5 min
on-timeout = "hyprctl dispatch dpms off";
on-resume = "hyprctl dispatch dpms on";
}
];
};
};
services.hyprpaper.enable = true;
programs.hyprlock = {
enable = true;
settings = {
"$font" = "JetBrainsMono Nerd Font";
"$base" = "rgb(${config.colorScheme.palette.base00})";
"$text" = "rgb(${config.colorScheme.palette.base05})";
"$textAlpha" = "${config.colorScheme.palette.base05}";
"$accentAlpha" = "${config.colorScheme.palette.base0D}";
"$red" = "rgb(${config.colorScheme.palette.base08})";
"$yellow" = "rgb(${config.colorScheme.palette.base0A})";
general = {
hide_cursor = true;
};
background = {
monitor = "";
path = "${config.home.homeDirectory}/.config/hypr/wallpapers/wallhaven-lmmo8r.jpg";
blur_passes = 0;
color = "rgb(${config.colorScheme.palette.base00})";
};
label = [
{
monitor = "";
text = "$TIME";
color = "$text";
font_size = 90;
font_family = "$font";
position = "30, 0";
halign = "left";
valign = "top";
}
{
monitor = "";
text = ''cmd[update:43200000] echo "$(date +"%A, %d %B %Y")"'';
color = "$text";
font_size = 25;
font_family = "$font";
position = "30, -150";
halign = "left";
valign = "top";
}
];
input-field = [
{
monitor = "";
size = "300, 60";
outline_thickness = 4;
dots_size = 0.2;
dots_spacing = 0.2;
dots_center = true;
outer_color = "rgb(${config.colorScheme.palette.base0D})";
inner_color = "rgb(${config.colorScheme.palette.base00})";
font_color = "rgb(${config.colorScheme.palette.base05})";
fade_on_empty = false;
placeholder_text = ''<span foreground="##${config.colorScheme.palette.base05}">󰌾 Logged in as <span foreground="##${config.colorScheme.palette.base0D}">$USER</span></span>'';
hide_input = false;
check_color = "rgb(${config.colorScheme.palette.base0D})";
fail_color = "rgb(${config.colorScheme.palette.base08})";
fail_text = ''<i>$FAIL <b>($ATTEMPTS)</b></i>'';
capslock_color = "rgb(${config.colorScheme.palette.base0A})";
position = "0, -35";
halign = "center";
valign = "center";
}
];
};
};
};
} }

16
home/features/desktop/media.nix
View File

@@ -26,12 +26,13 @@ in {
kdePackages.kdenlive kdePackages.kdenlive
krita krita
libation libation
#makemkv makemkv
pamixer pamixer
pavucontrol pavucontrol
qpwgraph qpwgraph
v4l-utils v4l-utils
#plexamp plexamp
webcord
# uxplay # uxplay
# vlc # vlc
# webcord # webcord
@@ -40,6 +41,17 @@ in {
]; ];
programs = { programs = {
obs-studio = {
enable = true;
plugins = with pkgs.obs-studio-plugins; [
obs-composite-blur
obs-vaapi
obs-vertical-canvas
obs-vkcapture
obs-webkitgtk
wlrobs
];
};
mpv = { mpv = {
enable = true; enable = true;
bindings = { bindings = {

170
home/features/desktop/rofi.nix
View File

@@ -32,175 +32,7 @@ in {
kb-primary-paste = "Control+V,Shift+Insert"; kb-primary-paste = "Control+V,Shift+Insert";
kb-secondary-paste = "Control+v,Insert"; kb-secondary-paste = "Control+v,Insert";
}; };
theme = let theme = "dracula";
inherit (config.colorScheme) palette;
in
builtins.toString (pkgs.writeText "rofi-universal-theme.rasi" ''
* {
/* Universal theme colors from nix-colors */
background: #${palette.base00};
surface: #${palette.base01};
overlay: #${palette.base02};
muted: #${palette.base03};
subtle: #${palette.base04};
text: #${palette.base05};
bright-text: #${palette.base06};
highlight: #${palette.base07};
accent1: #${palette.base08};
accent2: #${palette.base09};
accent3: #${palette.base0A};
accent4: #${palette.base0B};
accent5: #${palette.base0C};
accent6: #${palette.base0D};
accent7: #${palette.base0E};
accent8: #${palette.base0F};
/* Global properties */
background-color: @background;
text-color: @text;
font: "Fira Code 12";
border: 0;
margin: 0;
padding: 0;
spacing: 0;
}
window {
background-color: @background;
border: 1px;
border-color: @accent7;
border-radius: 6px;
width: 40%;
padding: 16px;
}
inputbar {
children: [ prompt, entry ];
spacing: 12px;
padding: 8px;
border-radius: 4px;
background-color: @surface;
}
prompt {
text-color: @accent7;
background-color: transparent;
}
entry {
placeholder: "Search...";
placeholder-color: @subtle;
text-color: @text;
background-color: transparent;
cursor-color: @accent7;
}
message {
background-color: @surface;
border-radius: 4px;
padding: 8px;
margin: 8px 0;
}
textbox {
text-color: @text;
background-color: transparent;
}
listview {
background-color: transparent;
margin: 8px 0 0;
lines: 10;
columns: 1;
fixed-height: true;
scrollbar: false;
}
element {
background-color: transparent;
text-color: @text;
padding: 8px;
border-radius: 4px;
spacing: 8px;
}
element normal.normal {
background-color: transparent;
text-color: @text;
}
element selected.normal {
background-color: @accent7;
text-color: @background;
}
element alternate.normal {
background-color: transparent;
text-color: @text;
}
element-icon {
background-color: transparent;
size: 24px;
}
element-text {
background-color: transparent;
text-color: inherit;
vertical-align: 0.5;
}
mode-switcher {
spacing: 0;
background-color: @surface;
border-radius: 4px;
margin: 8px 0 0;
}
button {
padding: 8px 16px;
background-color: transparent;
text-color: @text;
border-radius: 4px;
}
button selected {
background-color: @accent7;
text-color: @background;
}
/* Scrollbar */
scrollbar {
width: 4px;
border: 0;
handle-color: @accent7;
handle-width: 4px;
padding: 0;
}
'');
};
cli.rofi-project-opener = {
enable = true;
projectDirs = {
AI = {
path = "~/p/AI";
args = "";
};
CHAT = {
path = "~/p/CHAT";
args = "--agent chiron";
};
MISC = {
path = "~/p/MISC";
args = "--agent chiron-forge";
};
NIX = {
path = "~/p/NIX";
args = "";
};
};
terminal = pkgs.kitty;
terminalCommand = "opencode %a";
}; };
}; };
} }

5
home/features/desktop/theme.nix
View File

@@ -1,7 +1,4 @@
{ {pkgs, ...}: {
pkgs,
...
}: {
qt = { qt = {
enable = true; enable = true;
platformTheme.name = "gtk"; platformTheme.name = "gtk";

18
home/features/desktop/wallpapers.nix
View File

@@ -1,18 +0,0 @@
{
config,
lib,
pkgs,
...
}:
with lib; let
cfg = config.features.desktop.wallpapers;
in {
options.features.desktop.wallpapers = mkEnableOption "Wallpapers for Hyprland";
config = mkIf cfg {
xdg.configFile."hypr/wallpapers" = {
source = ../../m3tam3re/wallpapers;
recursive = true;
};
};
}

257
home/features/desktop/wayland.nix
View File

@@ -10,6 +10,262 @@ in {
options.features.desktop.wayland.enable = mkEnableOption "wayland extra tools and config"; options.features.desktop.wayland.enable = mkEnableOption "wayland extra tools and config";
config = mkIf cfg.enable { config = mkIf cfg.enable {
programs.waybar = {
enable = true;
style = ''
@define-color background-darker rgba(30, 31, 41, 230);
@define-color background #282a36;
@define-color selection #44475a;
@define-color foreground #f8f8f2;
@define-color comment #6272a4;
@define-color cyan #8be9fd;
@define-color green #50fa7b;
@define-color orange #ffb86c;
@define-color pink #ff79c6;
@define-color purple #bd93f9;
@define-color red #ff5555;
@define-color yellow #f1fa8c;
* {
border: none;
border-radius: 0;
font-family: FiraCode Nerd Font;
font-weight: bold;
font-size: 14px;
min-height: 0;
}
window#waybar {
background: rgba(21, 18, 27, 0);
color: #cdd6f4;
}
tooltip {
background: #1e1e2e;
border-radius: 10px;
border-width: 2px;
border-style: solid;
border-color: #11111b;
}
#workspaces button {
padding: 5px;
color: #313244;
margin-right: 5px;
}
#workspaces button.active {
color: #11111b;
background: #a6e3a1;
border-radius: 10px;
}
#workspaces button.focused {
color: #a6adc8;
background: #eba0ac;
border-radius: 10px;
}
#workspaces button.urgent {
color: #11111b;
background: #a6e3a1;
border-radius: 10px;
}
#workspaces button:hover {
background: #11111b;
color: #cdd6f4;
border-radius: 10px;
}
#custom-language,
#custom-updates,
#custom-caffeine,
#custom-weather,
#window,
#clock,
#battery,
#pulseaudio,
#network,
#workspaces,
#tray,
#backlight {
background: #1e1e2e;
padding: 0px 10px;
margin: 3px 0px;
margin-top: 10px;
border: 1px solid #181825;
}
#tray {
border-radius: 10px;
margin-right: 10px;
}
#workspaces {
background: #1e1e2e;
border-radius: 10px;
margin-left: 10px;
padding-right: 0px;
padding-left: 5px;
}
#custom-caffeine {
color: #89dceb;
border-radius: 10px 0px 0px 10px;
border-right: 0px;
margin-left: 10px;
}
#custom-language {
color: #f38ba8;
border-left: 0px;
border-right: 0px;
}
#custom-updates {
color: #f5c2e7;
border-left: 0px;
border-right: 0px;
}
#window {
border-radius: 10px;
margin-left: 60px;
margin-right: 60px;
}
#clock {
color: #fab387;
border-radius: 10px 0px 0px 10px;
margin-left: 0px;
border-right: 0px;
}
#network {
color: #f9e2af;
border-left: 0px;
border-right: 0px;
}
#pulseaudio {
color: #89b4fa;
border-left: 0px;
border-right: 0px;
}
#pulseaudio.microphone {
color: #cba6f7;
border-left: 0px;
border-right: 0px;
}
#battery {
color: #a6e3a1;
border-radius: 0 10px 10px 0;
margin-right: 10px;
border-left: 0px;
}
#custom-weather {
border-radius: 0px 10px 10px 0px;
border-right: 0px;
margin-left: 0px;
}
'';
settings = {
mainbar = {
layer = "top";
position = "top";
mod = "dock";
exclusive = true;
passthrough = false;
gtk-layer-shell = true;
height = 0;
modules-left = ["clock" "custom/weather" "hyprland/workspaces"];
modules-center = ["hyprland/window"];
modules-right = [
"tray"
"custom/language"
"battery"
"backlight"
"pulseaudio"
"pulseaudio#microphone"
];
"hyprland/window" = {
format = "👉 {}";
seperate-outputs = true;
};
"hyprland/workspaces" = {
disable-scroll = true;
all-outputs = true;
on-click = "activate";
format = " {name} {icon} ";
on-scroll-up = "hyprctl dispatch workspace e+1";
on-scroll-down = "hyprctl dispatch workspace e-1";
format-icons = {
"1" = "";
"2" = "";
"3" = "";
"4" = "";
"5" = "";
"6" = "";
"7" = "";
};
persistent_workspaces = {
"1" = [];
"2" = [];
"3" = [];
"4" = [];
};
};
"custom/weather" = {
format = "{}°C";
tooltip = true;
interval = 3600;
exec = "wttrbar --location Pockau-Lengefeld";
return-type = "json";
};
tray = {
icon-size = 13;
spacing = 10;
};
clock = {
format = " {:%R %d/%m}";
tooltip-format = "<big>{:%Y %B}</big>\n<tt><small>{calendar}</small></tt>";
};
pulseaudio = {
format = "{icon} {volume}%";
tooltip = false;
format-muted = " Muted";
on-click = "pamixer -t";
on-scroll-up = "pamixer -i 5";
on-scroll-down = "pamixer -d 5";
scroll-step = 5;
format-icons = {
headphone = "";
hands-free = "";
headset = "";
phone = "";
portable = "";
car = "";
default = ["" "" ""];
};
};
"pulseaudio#microphone" = {
format = "{format_source}";
format-source = " {volume}%";
format-source-muted = " Muted";
on-click = "pamixer --default-source -t";
on-scroll-up = "pamixer --default-source -i 5";
on-scroll-down = "pamixer --default-source -d 5";
scroll-step = 5;
};
};
};
};
home.packages = with pkgs; [ home.packages = with pkgs; [
grim grim
hyprcursor hyprcursor
@@ -21,6 +277,7 @@ in {
wl-clipboard wl-clipboard
wf-recorder wf-recorder
wl-mirror wl-mirror
wl-clipboard
wlogout wlogout
wtype wtype
ydotool ydotool

55
home/features/desktop/webapps.nix
View File

@@ -1,55 +0,0 @@
{
pkgs,
lib,
...
}: let
icons = {
teams = pkgs.fetchurl {
url = "https://cdn.jsdelivr.net/gh/homarr-labs/dashboard-icons/svg/microsoft-teams.svg";
sha256 = "sha256-Pr9QS8nnXJq97r4/G3c6JXi34zxHl0ps9gcyI8cN/s8=";
};
outlook = pkgs.fetchurl {
url = "https://cdn.jsdelivr.net/gh/homarr-labs/dashboard-icons/svg/microsoft-outlook.svg";
sha256 = "sha256-3u8t5QNHFZvrAegxBiGicO4PjtMWhEaQSCv7MSSfLLc=";
};
opencode = pkgs.fetchurl {
url = "https://cdn.jsdelivr.net/gh/homarr-labs/dashboard-icons/svg/opencode-dark.svg";
sha256 = "1lms4f8habamvdh2qqqz9psx4py9wx23mmlkkds44pvrbq3bkj3n";
};
};
in {
xdg.desktopEntries = {
teams = {
name = "Microsoft Teams";
exec = "launch-webapp https://teams.microsoft.com";
comment = "Open Microsoft Teams as a Desktop App";
categories = ["Application" "Network" "Chat"];
terminal = false;
icon = icons.teams;
};
outlook = {
name = "Microsoft Outlook";
exec = "launch-webapp https://outlook.office.com/mail/";
comment = "Open Microsoft Outlook as a Desktop App";
categories = ["Application" "Network"];
terminal = false;
icon = icons.outlook;
};
basecamp = {
name = "Basecamp";
exec = "launch-webapp https://3.basecamp.com/5996442/";
comment = "Open Basecamp as a Desktop App";
categories = ["Application" "Network"];
terminal = false;
icon = "/home/sascha.koenig/.local/share/icons/basecamp-logo.png";
};
opencode = {
name = "Opencode";
exec = "rofi-project-opener";
comment = "Open Opencode Terminal App";
categories = ["Application" "Development"];
terminal = false;
icon = icons.opencode;
};
};
}

6
home/features/desktop/wofi.nix Normal file
View File

@@ -0,0 +1,6 @@
{pkgs, ...}: {
home.packages = with pkgs; [
wofi
bemoji
];
}

26
home/m3tam3re/dotfiles/default.nix Normal file
View File

@@ -0,0 +1,26 @@
{
pkgs,
inputs,
...
}: {
home.file.".config/bat" = {
source = "${inputs.dotfiles}/bat";
recursive = true;
};
home.file.".config/nyxt" = {
source = "${inputs.dotfiles}/nyxt";
recursive = true;
};
# home.file.".config/hypr" = {
# source = "${inputs.dotfiles}/hypr";
# recursive = true;
# };
home.file.".config/nvim" = {
source = "${inputs.dotfiles}/nvim";
recursive = true;
};
home.file.".config/zellij" = {
source = "${inputs.dotfiles}/zellij";
recursive = true;
};
}

57
home/m3tam3re/home-server.nix
View File

@@ -81,40 +81,35 @@
programs.git = { programs.git = {
enable = true; enable = true;
settings = { userName = "m3tam3re";
user = { userEmail = "m@m3tam3re.com";
name = "m3tm3re"; aliases = {st = "status";};
email = "p@m3ta.dev"; extraConfig = {
};
core.excludesfile = "~/.gitignore_global"; core.excludesfile = "~/.gitignore_global";
init.defaultBranch = "master"; init.defaultBranch = "master";
alias = {
st = "status";
logd = "log --graph --pretty=format:'%Cred%h%Creset -%C(yellow)%d%Creset %s %Cgreen(%cr) %C(bold blue)<%an>%Creset' --abbrev-commit";
}; };
}; };
programs.zellij-ps = {
enable = true;
projectFolders = [
"${config.home.homeDirectory}/p/c"
"${config.home.homeDirectory}/p"
"${config.home.homeDirectory}/.config"
];
layout = ''
layout {
pane size=1 borderless=true {
plugin location="zellij:tab-bar"
}
pane size="70%" command="nvim"
pane split_direction="vertical" {
pane
pane command="unimatrix"
}
pane size=1 borderless=true {
plugin location="zellij:status-bar"
}
}
'';
}; };
# programs.zellij-ps = {
# enable = true;
# projectFolders = [
# "${config.home.homeDirectory}/p/c"
# "${config.home.homeDirectory}/p"
# "${config.home.homeDirectory}/.config"
# ];
# layout = ''
# layout {
# pane size=1 borderless=true {
# plugin location="zellij:tab-bar"
# }
# pane size="70%" command="nvim"
# pane split_direction="vertical" {
# pane
# pane command="unimatrix"
# }
# pane size=1 borderless=true {
# plugin location="zellij:status-bar"
# }
# }
# '';
# };
} }

127
home/m3tam3re/home.nix
View File

@@ -24,6 +24,7 @@
# The home.packages option allows you to install Nix packages into your # The home.packages option allows you to install Nix packages into your
# environment. # environment.
home.packages = with pkgs; [ home.packages = with pkgs; [
aider-chat-env
libgtop libgtop
# # Adds the 'hello' command to your environment. It prints a friendly # # Adds the 'hello' command to your environment. It prints a friendly
# # "Hello, world!" when run. # # "Hello, world!" when run.
@@ -80,71 +81,34 @@
# Let Home Manager install and manage itself. # Let Home Manager install and manage itself.
programs.home-manager.enable = true; programs.home-manager.enable = true;
services.cliphist = {
enable = true;
allowImages = true;
};
programs.git = { programs.git = {
enable = true; enable = true;
settings = { difftastic.enable = true;
user = { userName = "m3tam3re";
name = "m3tm3re"; userEmail = "m@m3tam3re.com";
email = "p@m3ta.dev"; aliases = {
};
core.excludesfile = "~/.gitignore_global";
init.defaultBranch = "master";
alias = {
st = "status"; st = "status";
logd = "log --graph --pretty=format:'%Cred%h%Creset -%C(yellow)%d%Creset %s %Cgreen(%cr) %C(bold blue)<%an>%Creset' --abbrev-commit"; logd = "log --graph --pretty=format:'%Cred%h%Creset -%C(yellow)%d%Creset %s %Cgreen(%cr) %C(bold blue)<%an>%Creset' --abbrev-commit";
}; };
extraConfig = {
core.excludesfile = "~/.gitignore_global";
init.defaultBranch = "master";
}; };
}; };
programs.difftastic.enable = true;
programs.jujutsu = {
enable = true;
settings = {
user = {
email = "m@m3tam3re.com";
name = "Sascha Koenig";
};
};
};
programs.ssh = { programs.ssh = {
enable = true; enable = true;
enableDefaultConfig = false;
matchBlocks = { matchBlocks = {
"AZ-CLD-1" = {
hostname = "152.53.186.119";
user = "sascha.koenig";
port = 2022;
identityFile = "~/.ssh/sascha.koenig";
};
"github.com" = { "github.com" = {
hostname = "github.com"; hostname = "github.com";
user = "m3tam3re"; user = "m3tam3re";
port = 22; port = 22;
identityFile = "~/.ssh/github"; identityFile = "~/.ssh/github";
}; };
"nikhil" = { "code.m3tam3re.com" = {
hostname = "91.99.176.80"; hostname = "code.m3tam3re.com";
user = "nikhilmaddirala";
identityFile = "~/.ssh/m3tam3re";
};
"code.m3ta.dev" = {
hostname = "code.m3ta.dev";
user = "m3tam3re"; user = "m3tam3re";
identityFile = "~/.ssh/gitea"; identityFile = "~/.ssh/gitea";
}; };
"git.az-gruppe.com" = {
hostname = "git.az-gruppe.com";
port = 2022;
user = "sascha.koenig";
identityFile = "~/.ssh/sascha.koenig";
};
"lkk-nix-1" = { "lkk-nix-1" = {
hostname = "89.58.10.189"; hostname = "89.58.10.189";
user = "lkk-admin"; user = "lkk-admin";
@@ -180,6 +144,11 @@
user = "m3tam3re"; user = "m3tam3re";
identityFile = "~/.ssh/m3tam3re"; identityFile = "~/.ssh/m3tam3re";
}; };
"m3-hermes" = {
hostname = "95.216.214.142";
user = "m3tam3re";
identityFile = "~/.ssh/m3tam3re";
};
"m3-helios" = { "m3-helios" = {
hostname = "192.168.178.210"; hostname = "192.168.178.210";
user = "m3tam3re"; user = "m3tam3re";
@@ -200,51 +169,35 @@
user = "m3tam3re"; user = "m3tam3re";
identityFile = "~/.ssh/m3tam3re"; identityFile = "~/.ssh/m3tam3re";
}; };
"m3-skynet" = { "self-host-playbook" = {
hostname = "m3-skynet"; hostname = "157.180.21.225";
user = "admin";
identityFile = "~/.ssh/m3tam3re";
};
"m3-prox-1" = {
hostname = "192.168.1.110";
user = "root";
identityFile = "~/.ssh/m3tam3re";
};
"shp-old" = {
hostname = "95.217.3.250";
port = 2222;
user = "m3tam3re";
identityFile = "~/.ssh/self-host-playbook";
};
"shp-1" = {
hostname = "95.217.189.186";
port = 2222; port = 2222;
user = "m3tam3re"; user = "m3tam3re";
identityFile = "~/.ssh/self-host-playbook"; identityFile = "~/.ssh/self-host-playbook";
}; };
}; };
}; };
# programs.zellij-ps = { programs.zellij-ps = {
# enable = true; enable = true;
# projectFolders = [ projectFolders = [
# "${config.home.homeDirectory}/p/c" "${config.home.homeDirectory}/p/c"
# "${config.home.homeDirectory}/p" "${config.home.homeDirectory}/p"
# "${config.home.homeDirectory}/.config" "${config.home.homeDirectory}/.config"
# ]; ];
# layout = '' layout = ''
# layout { layout {
# pane size=1 borderless=true { pane size=1 borderless=true {
# plugin location="zellij:tab-bar" plugin location="zellij:tab-bar"
# } }
# pane size="70%" command="nvim" pane size="70%" command="nvim"
# pane split_direction="vertical" { pane split_direction="vertical" {
# pane pane
# pane command="unimatrix" pane command="unimatrix"
# } }
# pane size=1 borderless=true { pane size=1 borderless=true {
# plugin location="zellij:status-bar" plugin location="zellij:status-bar"
# } }
# } }
# ''; '';
# }; };
} }

17
home/m3tam3re/m3-aether.nix
View File

@@ -1,17 +0,0 @@
{
imports = [
../common
../features/cli
./home-server.nix
];
features = {
cli = {
fish.enable = true;
fzf.enable = true;
nitch.enable = true;
secrets.enable = false;
starship.enable = true;
};
};
}

37
home/m3tam3re/m3-ares.nix
View File

@@ -3,16 +3,24 @@
lib, lib,
... ...
}: }:
with lib; { with lib; let
cfg = config.features.desktop.hyprland;
in {
imports = [ imports = [
../common ../common
./dotfiles
./home.nix ./home.nix
../features/cli ../features/cli
../features/coding ../features/coding
../features/desktop ../features/desktop
#./services/librechat.nix
]; ];
options.features.desktop.hyprland.enable =
mkEnableOption "enable Hyprland";
config = mkMerge [ config = mkMerge [
# Base configuration
{ {
xdg = { xdg = {
# TODO: better structure # TODO: better structure
@@ -41,9 +49,8 @@ with lib; {
features = { features = {
cli = { cli = {
fish.enable = true; fish.enable = true;
nushell.enable = true;
fzf.enable = true; fzf.enable = true;
nitch.enable = true; fastfetch.enable = true;
secrets.enable = true; secrets.enable = true;
starship.enable = true; starship.enable = true;
}; };
@@ -57,37 +64,35 @@ with lib; {
rofi.enable = true; rofi.enable = true;
fonts.enable = true; fonts.enable = true;
wayland.enable = true; wayland.enable = true;
wallpapers = true;
}; };
}; };
} }
(mkIf config.features.desktop.hyprland.enable { (mkIf cfg.enable {
wayland.windowManager.hyprland = { wayland.windowManager.hyprland = {
enable = true; enable = true;
settings = { settings = {
exec-once = ["tuxedo-backlight"];
monitor = [ monitor = [
"eDP-1,preferred,0x0,1.25" "eDP-1,preferred,0x0,1.25"
"HDMI-A-1,1920x1080@120,2560x0,1" "HDMI-A-1,preferred,2560x0,1"
]; ];
workspace = [ workspace = [
"1, monitor:eDP-1, default:true" "1, monitor:eDP-1, default:true"
"2, monitor:eDP-1" "2, monitor:eDP-1"
"3, monitor:eDP-1" "3, monitor:eDP-1"
"4, monitor:HDMI-A-1," "4, monitor:HDMI-A-1"
"5, monitor:HDMI-A-1,border:false,rounding:false" "5, monitor:HDMI-A-1,border:false,rounding:false"
"6, monitor:HDMI-A-1" "6, monitor:HDMI-A-1"
]; ];
windowrule = [ windowrule = [
"match:class dev.zed.Zed, workspace 1" "workspace 1,class:dev.zed.Zed"
"match:class Msty, workspace 1" "workspace 1,class:Msty"
"match:class ^(com.obsproject.Studio)$, workspace 2" "workspace 2,class:(com.obsproject.Studio)"
"match:class ^(brave-browser)$, workspace 4, opacity 1.0" "workspace 4,opacity 1.0, class:(brave-browser)"
"match:class ^(vivaldi-stable)$, workspace 4, opacity 1.0" "workspace 4,opacity 1.0, class:(vivaldi-stable)"
"match:class ^steam_app_\\d+$, fullscreen on" "fullscreen,class:^steam_app_\\d+$"
"match:class ^steam_app_\\d+$, workspace 5" "workspace 5,class:^steam_app_\\d+$"
"match:class ^steam_app_\\d+$, idle_inhibit focus" "idleinhibit focus, class:^steam_app_\\d+$"
]; ];
}; };
}; };

4
home/m3tam3re/m3-atlas.nix
View File

@@ -7,9 +7,9 @@
features = { features = {
cli = { cli = {
nushell.enable = true; fish.enable = true;
fzf.enable = true; fzf.enable = true;
nitch.enable = true; fastfetch.enable = true;
secrets.enable = false; secrets.enable = false;
starship.enable = true; starship.enable = true;
}; };

101
home/m3tam3re/m3-daedalus.nix
View File

@@ -1,101 +0,0 @@
{
config,
lib,
...
}:
with lib; let
cfg = config.features.desktop.hyprland;
in {
imports = [
../common
./home.nix
../features/cli
../features/coding
../features/desktop
#./services/librechat.nix
];
options.features.desktop.hyprland.enable =
mkEnableOption "enable Hyprland";
config = mkMerge [
# Base configuration
{
xdg = {
# TODO: better structure
enable = true;
configFile."mimeapps.list".force = true;
mimeApps = {
enable = true;
associations.added = {
"application/zip" = ["org.gnome.FileRoller.desktop"];
"application/csv" = ["calc.desktop"];
"application/pdf" = ["vivaldi-stable.desktop"];
"x-scheme-handler/http" = ["vivaldi-stable.desktop"];
"x-scheme-handler/https" = ["vivaldi-stable.desktop"];
};
defaultApplications = {
"application/zip" = ["org.gnome.FileRoller.desktop"];
"application/csv" = ["calc.desktop"];
"application/pdf" = ["vivaldi-stable.desktop"];
"application/md" = ["dev.zed.Zed.desktop"];
"application/text" = ["dev.zed.Zed.desktop"];
"x-scheme-handler/http" = ["vivaldi-stable.desktop"];
"x-scheme-handler/https" = ["vivaldi-stable.desktop"];
};
};
};
features = {
cli = {
fish.enable = true;
nushell.enable = true;
fzf.enable = true;
nitch.enable = true;
secrets.enable = true;
starship.enable = true;
};
desktop = {
coding.enable = true;
crypto.enable = false;
gaming.enable = false;
hyprland.enable = false;
media.enable = true;
office.enable = false;
rofi.enable = true;
fonts.enable = true;
wayland.enable = false;
};
};
}
(mkIf cfg.enable {
wayland.windowManager.hyprland = {
enable = true;
settings = {
monitor = [
"eDP-1,preferred,0x0,1.25"
"HDMI-A-1,preferred,2560x0,1"
];
workspace = [
"1, monitor:eDP-1, default:true"
"2, monitor:eDP-1"
"3, monitor:eDP-1"
"4, monitor:HDMI-A-1"
"5, monitor:HDMI-A-1,border:false,rounding:false"
"6, monitor:HDMI-A-1"
];
windowrule = [
"match:class dev.zed.Zed, workspace 1"
"match:class Msty, workspace 1"
"match:class ^(com.obsproject.Studio)$, workspace 2"
"match:class ^(brave-browser)$, workspace 4, opacity 1.0"
"match:class ^(vivaldi-stable)$, workspace 4, opacity 1.0"
"match:class ^steam_app_\\d+$, fullscreen on"
"match:class ^steam_app_\\d+$, workspace 5"
"match:class ^steam_app_\\d+$, idle_inhibit focus"
];
};
};
})
];
}

2
home/m3tam3re/m3-helios.nix
View File

@@ -9,7 +9,7 @@
cli = { cli = {
fish.enable = true; fish.enable = true;
fzf.enable = true; fzf.enable = true;
nitch.enable = true; fastfetch.enable = true;
secrets.enable = false; secrets.enable = false;
starship.enable = true; starship.enable = true;
}; };

29
home/m3tam3re/m3-kratos.nix
View File

@@ -3,16 +3,24 @@
lib, lib,
... ...
}: }:
with lib; { with lib; let
cfg = config.features.desktop.hyprland;
in {
imports = [ imports = [
../common ../common
./dotfiles
./home.nix ./home.nix
../features/cli ../features/cli
../features/coding ../features/coding
../features/desktop ../features/desktop
./services/librechat.nix
]; ];
options.features.desktop.hyprland.enable =
mkEnableOption "enable Hyprland";
config = mkMerge [ config = mkMerge [
# Base configuration
{ {
xdg = { xdg = {
# TODO: better structure # TODO: better structure
@@ -40,9 +48,9 @@ with lib; {
}; };
features = { features = {
cli = { cli = {
nushell.enable = true; fish.enable = true;
fzf.enable = true; fzf.enable = true;
nitch.enable = true; fastfetch.enable = true;
secrets.enable = true; secrets.enable = true;
starship.enable = true; starship.enable = true;
}; };
@@ -56,12 +64,11 @@ with lib; {
rofi.enable = true; rofi.enable = true;
fonts.enable = true; fonts.enable = true;
wayland.enable = true; wayland.enable = true;
wallpapers = true;
}; };
}; };
} }
(mkIf config.features.desktop.hyprland.enable { (mkIf cfg.enable {
wayland.windowManager.hyprland = { wayland.windowManager.hyprland = {
enable = true; enable = true;
settings = { settings = {
@@ -80,12 +87,12 @@ with lib; {
]; ];
windowrule = [ windowrule = [
"match:class dev.zed.Zed, workspace 1" "workspace 1,class:dev.zed.Zed"
"match:class Msty, workspace 1" "workspace 1,class:Msty"
"match:class ^(com.obsproject.Studio)$, workspace 2" "workspace 2,class:(com.obsproject.Studio)"
"match:class ^(brave-browser)$, workspace 4, opacity 1.0" "workspace 4,opacity 1.0, class:(brave-browser)"
"match:class ^(vivaldi-stable)$, workspace 4, opacity 1.0" "workspace 4,opacity 1.0, class:(vivaldi-stable)"
"match:class ^steam_app_\\d+$, idle_inhibit focus" "idleinhibit focus, class:^steam_app_\\d+$"
]; ];
}; };
}; };

18
home/m3tam3re/services/librechat.nix Normal file
View File

@@ -0,0 +1,18 @@
{
systemd.user.services.librechat = {
Unit = {
Description = "LibreChat Start";
After = ["network-online.target"];
Wants = ["network-online.target"];
};
Install = {WantedBy = ["default.target"];};
Service = {
Type = "oneshot";
RemainAfterExit = "yes";
WorkingDirectory = "/home/m3tam3re/p/r/ai/LibreChat";
ExecStart = "/run/current-system/sw/bin/podman-compose up -d";
ExecStop = "/run/current-system/sw/bin/podman-compose down";
Restart = "on-failure";
};
};
}

BIN
home/m3tam3re/wallpapers/wallhaven-28kdom_2560x1440.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 3.3 MiB

BIN
home/m3tam3re/wallpapers/wallhaven-8o8y5o_2560x1440.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 5.4 MiB

BIN
home/m3tam3re/wallpapers/wallhaven-k72v6q_2560x1440.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 6.7 MiB

BIN
home/m3tam3re/wallpapers/wallhaven-l3o7j2_2560x1440.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 4.5 MiB

BIN
home/m3tam3re/wallpapers/wallhaven-lmmo8r.jpg
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 4.3 MiB

76
hosts/common/AGENTS.md
View File

@@ -1,76 +0,0 @@
# COMMON HOST CONFIGURATION
**Shared base configuration and abstractions for all hosts**
## OVERVIEW
Common imports, overlays, and custom patterns (extraServices, ports) used across 6 hosts.
## STRUCTURE
```
common/
├── default.nix # Base imports, overlays, nix settings
├── ports.nix # Centralized port registry
├── extraServices/ # Optional service modules
│ ├── default.nix
│ ├── flatpak.nix
│ ├── ollama.nix
│ ├── podman.nix
│ └── virtualisation.nix
└── users/
├── default.nix
└── m3tam3re.nix # Primary user definition
```
## WHERE TO LOOK
| Task | Location | Notes |
|------|----------|-------|
| Add port definition | ports.nix | Use config.m3ta.ports.get |
| Enable optional service | Host config extraServices | Boolean flags |
| Modify overlays | default.nix lines 27-36 | 5 overlay sources |
| Add new user | users/ | Shared across all hosts |
## CONVENTIONS
### Port Registry Pattern
```nix
# Define in ports.nix
definitions = {
myservice = 3099;
};
# Access in host config
config.m3ta.ports.get "myservice" # Returns 3099
```
### extraServices Abstraction
Host configs enable via boolean:
```nix
extraServices = {
podman.enable = true; # Container runtime
ollama.enable = true; # LLM inference
flatpak.enable = false; # Flatpak apps
virtualisation.enable = true; # QEMU/KVM
};
```
### Overlay Precedence (bottom overrides top)
1. stable-packages (nixpkgs-stable)
2. locked-packages (nixpkgs-locked)
3. pinned-packages (nixpkgs-45570c2, nixpkgs-9e58ed7)
4. master-packages (nixpkgs-master)
5. m3ta-nixpkgs (local custom overlay)
## ANTI-PATTERNS
- **DON'T** add host-specific logic to common/ - belongs in hosts/<name>/
- **DON'T** bypass port registry - hardcoded ports break consistency
- **DON'T** modify user shell globally - set per-user if needed
## NOTES
- Nix GC runs weekly, keeps 30 days
- Trusted users: root, m3tam3re
- Default shell: Nushell (set line 77)
- Home-manager integrated at common level, not per-host
- TODO on line 69: ports should only return actually used ports

37
hosts/common/default.nix
View File

@@ -1,37 +1,37 @@
# Common configuration for all hosts # Common configuration for all hosts
{ config, pkgs, lib, inputs, outputs, ... }: { {
pkgs,
lib,
inputs,
outputs,
...
}: {
imports = [ imports = [
./extraServices ./extraServices
./ports.nix
./users ./users
inputs.home-manager.nixosModules.home-manager inputs.home-manager.nixosModules.home-manager
]; ];
environment.pathsToLink = environment.pathsToLink = [
[ "/share/xdg-desktop-portal" "/share/applications" ]; "/share/xdg-desktop-portal"
"/share/applications"
];
home-manager = { home-manager = {
useUserPackages = true; useUserPackages = true;
extraSpecialArgs = { extraSpecialArgs = {inherit inputs outputs;};
inherit inputs outputs;
videoDrivers = config.services.xserver.videoDrivers or [ ];
}; };
};
nixpkgs = { nixpkgs = {
# You can add overlays here # You can add overlays here
overlays = [ overlays = [
# Add overlays your own flake exports (from overlays and pkgs dir): # Add overlays your own flake exports (from overlays and pkgs dir):
#outputs.overlays.additions outputs.overlays.additions
#outputs.overlays.modifications outputs.overlays.modifications
outputs.overlays.stable-packages outputs.overlays.stable-packages
outputs.overlays.locked-packages
outputs.overlays.pinned-packages outputs.overlays.pinned-packages
outputs.overlays.locked-packages
outputs.overlays.master-packages outputs.overlays.master-packages
inputs.m3ta-nixpkgs.overlays.default
inputs.m3ta-nixpkgs.overlays.modifications
# You can also add overlays exported from other flakes: # You can also add overlays exported from other flakes:
# neovim-nightly-overlay.overlays.default # neovim-nightly-overlay.overlays.default
@@ -65,9 +65,10 @@
options = "--delete-older-than 30d"; options = "--delete-older-than 30d";
}; };
optimise.automatic = true; optimise.automatic = true;
registry = (lib.mapAttrs (_: flake: { inherit flake; })) registry =
(lib.mapAttrs (_: flake: {inherit flake;}))
((lib.filterAttrs (_: lib.isType "flake")) inputs); ((lib.filterAttrs (_: lib.isType "flake")) inputs);
nixPath = [ "/etc/nix/path" ]; nixPath = ["/etc/nix/path"];
}; };
users.defaultUserShell = pkgs.nushell; users.defaultUserShell = pkgs.fish;
} }

1
hosts/common/extraServices/flatpak.nix
View File

@@ -14,6 +14,7 @@ in {
xdg.portal = { xdg.portal = {
# xdg desktop intergration (required for flatpak) # xdg desktop intergration (required for flatpak)
enable = true; enable = true;
wlr.enable = true;
extraPortals = with pkgs; [ extraPortals = with pkgs; [
xdg-desktop-portal-hyprland xdg-desktop-portal-hyprland
]; ];

12
hosts/common/extraServices/ollama.nix
View File

@@ -12,18 +12,14 @@ in {
config = mkIf cfg.enable { config = mkIf cfg.enable {
services.ollama = { services.ollama = {
enable = true; enable = true;
package = acceleration =
if config.services.xserver.videoDrivers == ["amdgpu"] if config.services.xserver.videoDrivers == ["amdgpu"]
then pkgs.ollama-rocm then "rocm"
else if config.services.xserver.videoDrivers == ["nvidia"] else if config.services.xserver.videoDrivers == ["nvidia"]
then pkgs.ollama-cuda then "cuda"
else pkgs.ollama-cpu; else null;
host = "[::]"; host = "[::]";
openFirewall = true; openFirewall = true;
environmentVariables = {
OLLAMA_ORIGINS = "https://msty.studio";
OLLAMA_HOST = "0.0.0.0";
};
}; };
nixpkgs.config = { nixpkgs.config = {
rocmSupport = config.services.xserver.videoDrivers == ["amdgpu"]; rocmSupport = config.services.xserver.videoDrivers == ["amdgpu"];

17
hosts/common/extraServices/virtualisation.nix
View File

@@ -17,12 +17,23 @@ in {
package = pkgs.qemu_kvm; package = pkgs.qemu_kvm;
runAsRoot = true; runAsRoot = true;
swtpm.enable = true; swtpm.enable = true;
ovmf = {
enable = true;
packages = [
pkgs.locked.OVMFFull.fd
(pkgs.locked.OVMF.override {
secureBoot = true;
tpmSupport = true;
})
.fd
];
};
}; };
}; };
}; };
programs.virt-manager.enable = true; programs.virt-manager.enable = true;
environment = { environment.systemPackages = with pkgs; [
systemPackages = [pkgs.qemu]; # locked.OVMFFull
}; ];
}; };
} }

72
hosts/common/ports.nix
View File

@@ -1,72 +0,0 @@
{config, ...}: {
m3ta.ports = {
enable = true;
definitions = {
# System services
ssh = 22;
# Web & proxy services
traefik = 80;
traefik-ssl = 443;
# Databases
postgres = 5432;
mysql = 3306;
redis = 6379;
# VPN & networking
wireguard = 51820;
tailscale = 41641;
headscale = 3009;
# Containers & web apps
gitea = 3030;
baserow = 3001;
ghost = 3002;
wastebin = 3003;
littlelink = 3004;
searx = 3005;
restreamer = 3006;
paperless = 3012;
vaultwarden = 3013;
slash = 3010;
slash-nemoti = 3016;
kestra = 3018;
outline = 3019;
pangolin = 3020;
pangolin-api = 3021;
pangolin-ws = 3022;
# Home automation
homarr = 7575;
# DNS
adguardhome = 53;
};
hostOverrides = {
# Host-specific overrides
m3-ares = {
# Any custom port overrides for m3-ares
};
m3-atlas = {
# Any custom port overrides for m3-atlas
};
m3-helios = {
# Any custom port overrides for m3-helios
};
m3-kratos = {
# Any custom port overrides for m3-kratos
};
};
};
environment.etc."info/all-ports.json" = {
text = builtins.toJSON {
hostname = config.networking.hostName;
ports = config.m3ta.ports.all; # TODO should only return actually used ports
};
};
}

2
hosts/common/users/m3tam3re.nix
View File

@@ -25,7 +25,7 @@
openssh.authorizedKeys.keys = [ openssh.authorizedKeys.keys = [
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC3YEmpYbM+cpmyD10tzNRHEn526Z3LJOzYpWEKdJg8DaYyPbDn9iyVX30Nja2SrW4Wadws0Y8DW+Urs25/wVB6mKl7jgPJVkMi5hfobu3XAz8gwSdjDzRSWJrhjynuaXiTtRYED2INbvjLuxx3X8coNwMw58OuUuw5kNJp5aS2qFmHEYQErQsGT4MNqESe3jvTP27Z5pSneBj45LmGK+RcaSnJe7hG+KRtjuhjI7RdzMeDCX73SfUsal+rHeuEw/mmjYmiIItXhFTDn8ZvVwpBKv7xsJG90DkaX2vaTk0wgJdMnpVIuIRBa4EkmMWOQ3bMLGkLQeK/4FUkNcvQ/4+zcZsg4cY9Q7Fj55DD41hAUdF6SYODtn5qMPsTCnJz44glHt/oseKXMSd556NIw2HOvihbJW7Rwl4OEjGaO/dF4nUw4c9tHWmMn9dLslAVpUuZOb7ykgP0jk79ldT3Dv+2Hj0CdAWT2cJAdFX58KQ9jUPT3tBnObSF1lGMI7t77VU= m3tam3re@m3-nix" "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQC3YEmpYbM+cpmyD10tzNRHEn526Z3LJOzYpWEKdJg8DaYyPbDn9iyVX30Nja2SrW4Wadws0Y8DW+Urs25/wVB6mKl7jgPJVkMi5hfobu3XAz8gwSdjDzRSWJrhjynuaXiTtRYED2INbvjLuxx3X8coNwMw58OuUuw5kNJp5aS2qFmHEYQErQsGT4MNqESe3jvTP27Z5pSneBj45LmGK+RcaSnJe7hG+KRtjuhjI7RdzMeDCX73SfUsal+rHeuEw/mmjYmiIItXhFTDn8ZvVwpBKv7xsJG90DkaX2vaTk0wgJdMnpVIuIRBa4EkmMWOQ3bMLGkLQeK/4FUkNcvQ/4+zcZsg4cY9Q7Fj55DD41hAUdF6SYODtn5qMPsTCnJz44glHt/oseKXMSd556NIw2HOvihbJW7Rwl4OEjGaO/dF4nUw4c9tHWmMn9dLslAVpUuZOb7ykgP0jk79ldT3Dv+2Hj0CdAWT2cJAdFX58KQ9jUPT3tBnObSF1lGMI7t77VU= m3tam3re@m3-nix"
]; ];
packages = [inputs.home-manager.packages.${pkgs.stdenv.hostPlatform.system}.default]; packages = [inputs.home-manager.packages.${pkgs.system}.default];
}; };
home-manager.users.m3tam3re = home-manager.users.m3tam3re =
import ../../../home/m3tam3re/${config.networking.hostName}.nix; import ../../../home/m3tam3re/${config.networking.hostName}.nix;

111
hosts/m3-aether/configuration.nix
View File

@@ -1,111 +0,0 @@
# Edit this configuration file to define what should be installed on
# your system. Help is available in the configuration.nix(5) man page, on
# https://search.nixos.org/options and in the NixOS manual (`nixos-help`).
{pkgs, ...}: {
imports = [
# Include the results of the hardware scan.
./disko-config.nix
./hardware-configuration.nix
];
# Bootloader.
boot.loader.grub = {
efiSupport = true;
efiInstallAsRemovable = true;
};
networking.hostName = "m3-helios"; # Define your hostname.
networking.hostId = "3ebf1cd3";
# Pick only one of the below networking options.
# networking.wireless.enable = true; # Enables wireless support via wpa_supplicant.
networking.networkmanager.enable =
true; # Easiest to use and most distros use this by default.
# Set your time zone.
time.timeZone = "Europe/Berlin";
# Configure network proxy if necessary
# networking.proxy.default = "http://user:password@proxy:port/";
# networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain";
# Select internationalisation properties.
i18n.defaultLocale = "en_US.UTF-8";
# console = {
# font = "Lat2-Terminus16";
# keyMap = "us";
# useXkbConfig = true; # use xkb.options in tty.
# };
# Enable the X11 windowing system.
# services.xserver.enable = true;
# Enable the GNOME Desktop Environment.
# services.xserver.displayManager.gdm.enable = true;
# services.xserver.desktopManager.gnome.enable = true;
# Configure keymap in X11
# services.xserver.xkb.layout = "us";
# services.xserver.xkb.options = "eurosign:e,caps:escape";
# Enable CUPS to print documents.
# services.printing.enable = true;
# Enable sound.
# hardware.pulseaudio.enable = true;
# OR
# Enable touchpad support (enabled default in most desktopManager).
# services.libinput.enable = true;
# Define a user account. Don't forget to set a password with passwd.
# List packages installed in system profile. To search, run:
# $ nix search wget
environment.systemPackages = with pkgs; [neovim git];
# Some programs need SUID wrappers, can be configured further or are
# started in user sessions.
# programs.mtr.enable = true;
# programs.gnupg.agent = {
# enable = true;
# enableSSHSupport = true;
# };
# List services that you want to enable:
# Enable the OpenSSH daemon.
services.openssh.enable = true;
services.fstrim = {
enable = true; # For SSD/thin-provisioned storage
interval = "weekly";
};
# Open ports in the firewall.
# networking.firewall.allowedTCPPorts = [ ... ];
# networking.firewall.allowedUDPPorts = [ ... ];
# Or disable the firewall altogether.
# networking.firewall.enable = false;
# Copy the NixOS configuration file and link it from the resulting system
# (/run/current-system/configuration.nix). This is useful in case you
# accidentally delete configuration.nix.
# system.copySystemConfiguration = true;
# This option defines the first version of NixOS you have installed on this particular machine,
# and is used to maintain compatibility with application data (e.g. databases) created on older NixOS versions.
#
# Most users should NEVER change this value after the initial install, for any reason,
# even if you've upgraded your system to a new NixOS release.
#
# This value does NOT affect the Nixpkgs version your packages and OS are pulled from,
# so changing it will NOT upgrade your system - see https://nixos.org/manual/nixos/stable/#sec-upgrading for how
# to actually do that.
#
# This value being lower than the current NixOS release does NOT mean your system is
# out of date, out of support, or vulnerable.
#
# Do NOT change this value unless you have manually inspected all the changes it would make to your configuration,
# and migrated your data accordingly.
#
# For more information, see `man configuration.nix` or https://nixos.org/manual/nixos/stable/options#opt-system.stateVersion .
system.stateVersion = "24.11"; # Did you read the comment?
}

50
hosts/m3-aether/default.nix
View File

@@ -1,50 +0,0 @@
# A staring point is the basic NIXOS configuration generated by the ISO installer.
# On an existing NIXOS install you can use the following command in your flakes basedir:
# sudo nixos-generate-config --dir ./hosts/m3tam3re
#
# Please make sure to change the first couple of lines in your configuration.nix:
# { config, inputs, ouputs, lib, pkgs, ... }:
#
# {
# imports = [ # Include the results of the hardware scan.
# ./hardware-configuration.nix
# inputs.home-manager.nixosModules.home-manager
# ];
# ...
#
# Moreover please update the packages option in your user configuration and add the home-manager options:
# users.users = {
# m3tam3re = {
# isNormalUser = true;
# initialPassword = "12345";
# extraGroups = [ "wheel" ]; # Enable sudo for the user.
# packages = [ inputs.home-manager.packages.${pkgs.system}.default ];
# };
# };
#
# home-manager = {
# useUserPackages = true;
# extraSpecialArgs = { inherit inputs outputs; };
# users.m3tam3re =
# import ../../home/m3tam3re/${config.networking.hostName}.nix;
# };
#
# Please also change your hostname accordingly:
#:w
# networking.hostName = "nixos"; # Define your hostname.
{
imports = [
../common
./configuration.nix
./programs.nix
./secrets.nix
./services
];
extraServices = {
flatpak.enable = true;
ollama.enable = false;
podman.enable = true;
virtualisation.enable = false;
};
}

39
hosts/m3-aether/disko-config.nix
View File

@@ -1,39 +0,0 @@
{
disko.devices = {
disk = {
main = {
type = "disk";
device = "/dev/sda";
content = {
type = "gpt";
partitions = {
boot = {
size = "1M";
type = "EF02"; # for GRUB MBR
priority = 1;
};
esp = {
size = "512M";
type = "EF00";
content = {
type = "filesystem";
format = "vfat";
mountpoint = "/boot";
mountOptions = ["defaults" "umask=0077"];
};
};
root = {
size = "100%";
content = {
type = "filesystem";
format = "ext4";
mountpoint = "/";
mountOptions = ["noatime" "nodiratime" "discard"];
};
};
};
};
};
};
};
}

24
hosts/m3-aether/hardware-configuration.nix
View File

@@ -1,24 +0,0 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
imports =
[ (modulesPath + "/profiles/qemu-guest.nix")
];
boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "virtio_pci" "virtio_scsi" "sd_mod" "sr_mod" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ ];
boot.extraModulePackages = [ ];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true;
# networking.interfaces.ens18.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
}

14
hosts/m3-aether/programs.nix
View File

@@ -1,14 +0,0 @@
{pkgs, ...}: {
programs.nix-ld.enable = true;
programs.nix-ld.libraries = with pkgs; [
# Add any missing dynamic libraries for unpackaged programs
# here, NOT in environment.systemPackages
];
programs.fish.enable = true;
programs.nh = {
enable = true;
clean.enable = true;
clean.extraArgs = "--keep-since 4d --keep 3";
flake = "/home/m3tam3re/p/nixos/nixos-config";
};
}

15
hosts/m3-aether/secrets.nix
View File

@@ -1,15 +0,0 @@
{
age = {
secrets = {
traefik = {
file = ../../secrets/traefik.age;
mode = "770";
owner = "traefik";
};
m3tam3re-secrets = {
file = ../../secrets/m3tam3re-secrets.age;
owner = "m3tam3re";
};
};
};
}

7
hosts/m3-aether/services/cloud-init.nix
View File

@@ -1,7 +0,0 @@
{
services.cloud-init = {
enable = true;
ext4.enable = true;
network.enable = true;
};
}

11
hosts/m3-aether/services/default.nix
View File

@@ -1,11 +0,0 @@
{
imports = [
./cloud-init.nix
];
systemd.sleep.extraConfig = ''
AllowSuspend=no
AllowHibernation=no
AllowHybridSleep=no
AllowSuspendThenHibernate=no
'';
}

17
hosts/m3-ares/configuration.nix
View File

@@ -1,7 +1,11 @@
# Edit this configuration file to define what should be installed on # Edit this configuration file to define what should be installed on
# your system. Help is available in the configuration.nix(5) man page, on # your system. Help is available in the configuration.nix(5) man page, on
# https://search.nixos.org/options and in the NixOS manual (`nixos-help`). # https://search.nixos.org/options and in the NixOS manual (`nixos-help`).
{pkgs, ...}: { {
config,
pkgs,
...
}: {
imports = [ imports = [
# Include the results of the hardware scan. # Include the results of the hardware scan.
./hardware-configuration.nix ./hardware-configuration.nix
@@ -9,6 +13,7 @@
specialisation = { specialisation = {
"NVIDIA".configuration = { "NVIDIA".configuration = {
boot.kernelParams = ["nvidia.NVreg_PreserveVideoMemoryAllocations=1"];
system.nixos.tags = ["NVIDIA"]; system.nixos.tags = ["NVIDIA"];
services.xserver.videoDrivers = ["nvidia"]; services.xserver.videoDrivers = ["nvidia"];
hardware.nvidia-container-toolkit.enable = true; hardware.nvidia-container-toolkit.enable = true;
@@ -19,15 +24,15 @@
boot.loader.systemd-boot.enable = true; boot.loader.systemd-boot.enable = true;
boot.loader.systemd-boot.memtest86.enable = true; boot.loader.systemd-boot.memtest86.enable = true;
boot.initrd.services.lvm.enable = false; boot.initrd.services.lvm.enable = false;
# boot.kernelModules = []; boot.extraModulePackages = with config.boot.kernelPackages; [v4l2loopback];
boot.kernelPackages = pkgs.linuxPackages_latest; boot.kernelModules = ["v4l2loopback"];
boot.extraModprobeConfig = '' boot.extraModprobeConfig = ''
options kvm_intel nested=1 options kvm_intel nested=1
options kvm_intel emulate_invalid_guest_state=0 options kvm_intel emulate_invalid_guest_state=0
options kvm ignore_msrs=1 options kvm ignore_msrs=1
options v4l2loopback exclusive_caps=1 max_buffers=2
''; '';
boot.blacklistedKernelModules = ["nova_core"];
# CRITICAL FIX #4: Kernel parameters to prevent nouveau from loading early
networking.hostName = "m3-ares"; # Define your hostname. networking.hostName = "m3-ares"; # Define your hostname.
# warp-terminal update fix # warp-terminal update fix
@@ -60,7 +65,7 @@
# Enable the GNOME Desktop Environment. # Enable the GNOME Desktop Environment.
# services.xserver.displayManager.gdm.enable = true; # services.xserver.displayManager.gdm.enable = true;
# services.xserver.desktopManager.gnome.enable = true; # services.xserver.desktopManager.gnome.enable = true;
# displayManager.gdm.enable = true;
# Configure keymap in X11 # Configure keymap in X11
# services.xserver.xkb.layout = "us"; # services.xserver.xkb.layout = "us";
# services.xserver.xkb.options = "eurosign:e,caps:escape"; # services.xserver.xkb.options = "eurosign:e,caps:escape";

27
hosts/m3-ares/hardware.nix
View File

@@ -1,10 +1,4 @@
{ config, pkgs, inputs, ... }: { {
# Workaround for tuxedo-drivers module bug in unstable (nixpkgs#480391)
# The unstable module has a type error - use stable module until fix propagates
disabledModules = [ "hardware/tuxedo-drivers.nix" ];
imports =
[ "${inputs.nixpkgs-stable}/nixos/modules/hardware/tuxedo-drivers.nix" ];
hardware.nvidia = { hardware.nvidia = {
prime = { prime = {
offload.enable = false; offload.enable = false;
@@ -21,29 +15,12 @@
open = false; open = false;
dynamicBoost.enable = true; dynamicBoost.enable = true;
nvidiaSettings = true; nvidiaSettings = true;
package = config.boot.kernelPackages.nvidiaPackages.production;
}; };
hardware.tuxedo-drivers.enable = true;
hardware.bluetooth.enable = true; hardware.bluetooth.enable = true;
hardware.keyboard.zsa.enable = true; hardware.keyboard.zsa.enable = true;
hardware.graphics.enable = true; hardware.graphics.enable = true;
services.hardware.bolt.enable = true; services.hardware.bolt.enable = true;
services.auto-cpufreq.enable = true; services.auto-cpufreq.enable = true;
services.tlp = { services.tlp.enable = true;
enable = true;
settings = {
START_CHARGE_THRESH_BAT0 = 75;
STOP_CHARGE_THRESH_BAT0 = 80;
};
};
environment.systemPackages = with pkgs; [ tuxedo-backlight ];
security.sudo.extraRules = [{
users = [ "@wheel" ];
commands = [{
command = "/run/current-system/sw/bin/set-backlight";
options = [ "NOPASSWD" ];
}];
}];
} }

2
hosts/m3-ares/programs.nix
View File

@@ -28,7 +28,7 @@
programs.fish.enable = true; programs.fish.enable = true;
programs.thunar = { programs.thunar = {
enable = true; enable = true;
plugins = with pkgs; [thunar-archive-plugin thunar-volman]; plugins = with pkgs.xfce; [thunar-archive-plugin thunar-volman];
}; };
programs.gnupg.agent = { programs.gnupg.agent = {
enable = true; enable = true;

20
hosts/m3-ares/secrets.nix
View File

@@ -1,10 +1,6 @@
{ {
age = { age = {
secrets = { secrets = {
anytype-key = {
file = ../../secrets/anytype-key-ares.age;
owner = "m3tam3re";
};
wg-DE = { wg-DE = {
file = ../../secrets/wg-DE.age; file = ../../secrets/wg-DE.age;
path = "/etc/wireguard/DE.conf"; path = "/etc/wireguard/DE.conf";
@@ -25,22 +21,6 @@
file = ../../secrets/wg-BR.age; file = ../../secrets/wg-BR.age;
path = "/etc/wireguard/BR.conf"; path = "/etc/wireguard/BR.conf";
}; };
ref-key = {
file = ../../secrets/ref-key.age;
owner = "m3tam3re";
};
exa-key = {
file = ../../secrets/exa-key.age;
owner = "m3tam3re";
};
basecamp-client-id = {
file = ../../secrets/basecamp-client-id.age;
owner = "m3tam3re";
};
basecamp-client-secret = {
file = ../../secrets/basecamp-client-secret.age;
owner = "m3tam3re";
};
tailscale-key.file = ../../secrets/tailscale-key.age; tailscale-key.file = ../../secrets/tailscale-key.age;
m3tam3re-secrets = { m3tam3re-secrets = {
file = ../../secrets/m3tam3re-secrets.age; file = ../../secrets/m3tam3re-secrets.age;

10
hosts/m3-ares/services/default.nix
View File

@@ -15,14 +15,7 @@
gvfs.enable = true; gvfs.enable = true;
trezord.enable = true; trezord.enable = true;
gnome.gnome-keyring.enable = true; gnome.gnome-keyring.enable = true;
# qdrant = { qdrant.enable = true;
# enable = true;
# settings = {
# service = {
# host = "0.0.0.0";
# };
# };
# };
upower.enable = true; upower.enable = true;
avahi = { avahi = {
enable = true; enable = true;
@@ -33,7 +26,6 @@
userServices = true; userServices = true;
}; };
}; };
displayManager.gdm.enable = true;
}; };
systemd.sleep.extraConfig = '' systemd.sleep.extraConfig = ''
AllowSuspend=no AllowSuspend=no

5
hosts/m3-ares/services/postgres.nix
View File

@@ -1,7 +1,4 @@
{ {pkgs, ...}: {
pkgs,
...
}: {
services.postgresql = { services.postgresql = {
enable = true; enable = true;
package = pkgs.postgresql_17; package = pkgs.postgresql_17;

5
hosts/m3-ares/services/sound.nix
View File

@@ -1,4 +1,7 @@
{ {pkgs, ...}: {
environment.systemPackages = with pkgs; [
speechd
];
security.rtkit.enable = true; security.rtkit.enable = true;
services.pipewire = { services.pipewire = {
enable = true; enable = true;

45
hosts/m3-ares/services/tailscale.nix
View File

@@ -1,11 +1,40 @@
{config, ...}: { {
config,
pkgs,
...
}: {
services.tailscale = { services.tailscale = {
enable = false; enable = true;
authKeyFile = config.age.secrets.tailscale-key.path; useRoutingFeatures = "client";
useRoutingFeatures = "both";
extraUpFlags = [
"--login-server=https://va.m3tam3re.com"
"--accept-routes"
];
}; };
# systemd.services.tailscale-autoconnect = {
# description = "Automatic connection to Tailscale";
# # make sure tailscale is running before trying to connect to tailscale
# after = ["network-pre.target" "tailscale.service"];
# wants = ["network-pre.target" "tailscale.service"];
# wantedBy = ["multi-user.target"];
# # set this service as a oneshot job
# serviceConfig = {
# Type = "oneshot";
# EnvironmentFile = "${config.age.secrets.tailscale-key.path}";
# };
# # have the job run this shell script
# script = with pkgs; ''
# # wait for tailscaled to settle
# sleep 2
# # check if we are already authenticated to tailscale
# status="$(${tailscale}/bin/tailscale status -json | ${jq}/bin/jq -r .BackendState)"
# if [ $status = "Running" ]; then # if so, then do nothing
# exit 0
# fi
# # otherwise authenticate with tailscale
# ${tailscale}/bin/tailscale up --exit-node 100.88.96.77 --authkey $TAILSCALE_KEY
# '';
# };
} }

3
hosts/m3-ares/services/udev.nix
View File

@@ -1,7 +1,6 @@
{pkgs, ...}: { {pkgs, ...}: {
services.udev.extraRules = '' services.udev.extraRules = ''
SUBSYSTEM=="usb", MODE="0666" SUBSYSTEM=="usb", MODE="0666
SUBSYSTEM=="leds", KERNEL=="rgb:kbd_backlight*", ACTION=="add", RUN+="${pkgs.coreutils}/bin/chmod a+w /sys/class/leds/%k/multi_intensity"
''; '';
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
zsa-udev-rules zsa-udev-rules

2
hosts/m3-ares/services/wireguard.nix
View File

@@ -10,7 +10,7 @@
}; };
NO = { NO = {
configFile = config.age.secrets.wg-NO.path; configFile = config.age.secrets.wg-NO.path;
autostart = false; autostart = true;
}; };
US = { US = {
configFile = config.age.secrets.wg-US.path; configFile = config.age.secrets.wg-US.path;

40
hosts/m3-atlas/secrets.nix
View File

@@ -1,35 +1,35 @@
{ {
age = { age = {
secrets = { secrets = {
baserow-env = { file = ../../secrets/baserow-env.age; }; baserow-env = {
ghost-env = { file = ../../secrets/ghost-env.age; }; file = ../../secrets/baserow-env.age;
kestra-config = { };
file = ../../secrets/kestra-config.age; ghost-env = {
mode = "644"; file = ../../secrets/ghost-env.age;
};
littlelink-m3tam3re = {
file = ../../secrets/littlelink-m3tam3re.age;
};
minio-root-cred = {
file = ../../secrets/minio-root-cred.age;
};
n8n-env = {
file = ../../secrets/n8n-env.age;
};
restreamer-env = {
file = ../../secrets/restreamer-env.age;
};
searx = {
file = ../../secrets/searx.age;
}; };
kestra-env = { file = ../../secrets/kestra-env.age; };
littlelink-m3tam3re = { file = ../../secrets/littlelink-m3tam3re.age; };
minio-root-cred = { file = ../../secrets/minio-root-cred.age; };
n8n-env = { file = ../../secrets/n8n-env.age; };
paperless-key = { file = ../../secrets/paperless-key.age; };
restreamer-env = { file = ../../secrets/restreamer-env.age; };
searx = { file = ../../secrets/searx.age; };
tailscale-key = { file = ../../secrets/tailscale-key.age; };
traefik = { traefik = {
file = ../../secrets/traefik.age; file = ../../secrets/traefik.age;
owner = "traefik"; owner = "traefik";
}; };
vaultwarden-env = { file = ../../secrets/vaultwarden-env.age; };
m3tam3re-secrets = { m3tam3re-secrets = {
file = ../../secrets/m3tam3re-secrets.age; file = ../../secrets/m3tam3re-secrets.age;
owner = "m3tam3re"; owner = "m3tam3re";
}; };
gitea-runner-token = {
file = ../../secrets/gitea-runner-token.age;
mode = "600";
owner = "gitea-runner";
group = "gitea-runner";
};
}; };
}; };
} }

85
hosts/m3-atlas/services/containers/AGENTS.md
View File

@@ -1,85 +0,0 @@
# CONTAINER SERVICES (m3-atlas)
**Container orchestration with Podman + Traefik reverse proxy**
## OVERVIEW
11 containerized services on dedicated `web` network (10.89.0.0/24) with Traefik SSL termination.
## STRUCTURE
```
containers/
├── default.nix # Network setup + service imports
├── baserow.nix # 10.89.0.10 - No-code database
├── ghost.nix # 10.89.0.11 - Blog platform
├── kestra.nix # 10.89.0.12 - Workflow orchestration
├── littlelink.nix # 10.89.0.13 - Link aggregator
├── matomo.nix # 10.89.0.14 - Analytics
├── restreamer.nix # 10.89.0.15 - Video streaming
├── slash.nix # 10.89.0.16 - Link shortener
└── slash-nemoti.nix # 10.89.0.17 - Personal link shortener
```
## WHERE TO LOOK
| Task | Action | Notes |
|------|--------|-------|
| Add container | Copy existing .nix, increment IP | Must update default.nix imports |
| Fix networking | Check IP conflicts in 10.89.0.0/24 | Gateway always 10.89.0.1 |
| Debug Traefik | Check router rules in service file | Domain must match DNS |
| Access database | Use `--add-host=mysql:10.89.0.1` | Gateway IP for host services |
## CONVENTIONS
### Container Definition Template
```nix
virtualisation.oci-containers.containers.<name> = {
image = "registry/image:tag";
ports = ["127.0.0.1:<external>:<internal>"];
volumes = ["/var/lib/<service>:/data"];
environmentFiles = [config.age.secrets.<name>-env.path];
extraOptions = [
"--network=web"
"--ip=10.89.0.<sequential>"
"--add-host=mysql:10.89.0.1" # If DB needed
];
};
```
### Traefik Integration
```nix
services.traefik.dynamicConfigOptions.http = {
services.<name>.loadBalancer.servers = [{
url = "http://127.0.0.1:<port>";
}];
routers.<name> = {
rule = "Host(`<subdomain>.m3ta.dev`)";
service = "<name>";
tls.certResolver = "godaddy";
};
# Legacy redirect (if needed)
routers.<name>-old = {
rule = "Host(`<subdomain>.m3tam3re.com`)";
service = "<name>";
middlewares = ["redirect-m3ta"];
};
};
```
### IP Allocation
- **10.89.0.1**: Gateway (host)
- **10.89.0.10-17**: Assigned containers
- **10.89.0.18+**: Available for new services
## ANTI-PATTERNS
- **DON'T** expose ports publicly - bind to 127.0.0.1 only
- **DON'T** skip static IP assignment - routing breaks without it
- **DON'T** hardcode secrets - use age-encrypted env files
- **DON'T** forget to add imports to default.nix
## NOTES
- Network created via activation script in default.nix
- All services behind Traefik - no direct external access
- MySQL/PostgreSQL run on host, accessed via gateway IP
- Secrets pattern: `<service>-env.age` with environment variables

15
hosts/m3-atlas/services/containers/baserow.nix
View File

@@ -1,8 +1,8 @@
{config, ...}: { {config, ...}: {
virtualisation.oci-containers.containers."baserow" = { virtualisation.oci-containers.containers."baserow" = {
image = "docker.io/baserow/baserow:2.0.6"; image = "docker.io/baserow/baserow:1.31.1";
environmentFiles = [config.age.secrets.baserow-env.path]; environmentFiles = [config.age.secrets.baserow-env.path];
ports = ["127.0.0.1:${toString (config.m3ta.ports.get "baserow")}:80"]; ports = ["127.0.0.1:3001:80"];
volumes = ["baserow_data:/baserow/data"]; volumes = ["baserow_data:/baserow/data"];
extraOptions = ["--add-host=postgres:10.89.0.1" "--ip=10.89.0.10" "--network=web"]; extraOptions = ["--add-host=postgres:10.89.0.1" "--ip=10.89.0.10" "--network=web"];
}; };
@@ -10,26 +10,17 @@
services.traefik.dynamicConfigOptions.http = { services.traefik.dynamicConfigOptions.http = {
services.baserow.loadBalancer.servers = [ services.baserow.loadBalancer.servers = [
{ {
url = "http://localhost:${toString (config.m3ta.ports.get "baserow")}/"; url = "http://localhost:3001/";
} }
]; ];
routers.baserow = { routers.baserow = {
rule = "Host(`br.m3ta.dev`)";
tls = {
certResolver = "godaddy";
};
service = "baserow";
entrypoints = "websecure";
};
routers.baserow-old = {
rule = "Host(`br.m3tam3re.com`)"; rule = "Host(`br.m3tam3re.com`)";
tls = { tls = {
certResolver = "godaddy"; certResolver = "godaddy";
}; };
service = "baserow"; service = "baserow";
entrypoints = "websecure"; entrypoints = "websecure";
middlewares = ["subdomain-redirect"];
}; };
}; };
} }

5
hosts/m3-atlas/services/containers/default.nix
View File

@@ -2,14 +2,11 @@
imports = [ imports = [
./baserow.nix ./baserow.nix
./ghost.nix ./ghost.nix
./kestra.nix
./littlelink.nix ./littlelink.nix
./matomo.nix ./matomo.nix
# ./n8n.nix ./n8n.nix
# ./pangolin.nix
./restreamer.nix ./restreamer.nix
./slash.nix ./slash.nix
./slash-nemoti.nix
]; ];
system.activationScripts.createPodmanNetworkWeb = lib.mkAfter '' system.activationScripts.createPodmanNetworkWeb = lib.mkAfter ''
if ! /run/current-system/sw/bin/podman network exists web; then if ! /run/current-system/sw/bin/podman network exists web; then

17
hosts/m3-atlas/services/containers/ghost.nix
View File

@@ -1,6 +1,6 @@
{config, ...}: { {config, ...}: {
virtualisation.oci-containers.containers."ghost" = { virtualisation.oci-containers.containers."ghost" = {
image = "docker.io/ghost:latest"; image = "docker.io/ghost:5.106.1";
environmentFiles = [config.age.secrets.ghost-env.path]; environmentFiles = [config.age.secrets.ghost-env.path];
ports = ["127.0.0.1:3002:2368"]; ports = ["127.0.0.1:3002:2368"];
volumes = ["ghost_data:/var/lib/ghost/content"]; volumes = ["ghost_data:/var/lib/ghost/content"];
@@ -13,25 +13,14 @@
url = "http://localhost:3002/"; url = "http://localhost:3002/";
} }
]; ];
routers = {
ghost = { routers.ghost = {
rule = "Host(`m3ta.dev`) || Host(`www.m3ta.dev`)";
tls = {
certResolver = "godaddy";
};
service = "ghost";
entrypoints = "websecure";
middlewares = ["strip-www"];
};
ghost-old = {
rule = "Host(`www.m3tam3re.com`)"; rule = "Host(`www.m3tam3re.com`)";
tls = { tls = {
certResolver = "godaddy"; certResolver = "godaddy";
}; };
service = "ghost"; service = "ghost";
entrypoints = "websecure"; entrypoints = "websecure";
middlewares = ["domain-redirect"];
};
}; };
}; };
} }

34
hosts/m3-atlas/services/containers/kestra.nix
View File

@@ -1,34 +0,0 @@
{ config, ... }: {
virtualisation.oci-containers.containers."kestra" = {
image = "docker.io/kestra/kestra:latest";
environmentFiles = [ config.age.secrets.kestra-env.path ];
cmd = [ "server" "standalone" "--config" "/etc/config/application.yaml"];
ports = [ "127.0.0.1:3018:8080" ];
user = "root";
volumes = [
"/var/run/docker.sock:/var/run/docker.sock"
"${config.age.secrets.kestra-config.path}:/etc/config/application.yaml"
"kestra_data:/app/storage"
"/tmp/kestra-wd:/tmp/kestra-wd"
];
extraOptions =
[ "--add-host=postgres:10.89.0.1" "--ip=10.89.0.18" "--network=web" ];
};
systemd.tmpfiles.rules = [
"d /tmp/kestra-wd 0750 1000 1000 - -"
];
# Traefik configuration specific to littlelink
services.traefik.dynamicConfigOptions.http = {
services.kestra.loadBalancer.servers =
[{ url = "http://localhost:3018/"; }];
routers.kestra = {
rule = "Host(`k.m3ta.dev`)";
tls = { certResolver = "godaddy"; };
service = "kestra";
entrypoints = "websecure";
};
};
}

2
hosts/m3-atlas/services/containers/littlelink.nix
View File

@@ -3,7 +3,7 @@
image = "ghcr.io/techno-tim/littlelink-server"; image = "ghcr.io/techno-tim/littlelink-server";
environmentFiles = [config.age.secrets.littlelink-m3tam3re.path]; environmentFiles = [config.age.secrets.littlelink-m3tam3re.path];
ports = ["127.0.0.1:3004:3000"]; ports = ["127.0.0.1:3004:3000"];
extraOptions = ["--ip=10.89.0.4" "--network=web"]; extraOptions = ["--ip=10.89.0.12" "--network=web"];
}; };
# Traefik configuration specific to littlelink # Traefik configuration specific to littlelink
services.traefik.dynamicConfigOptions.http = { services.traefik.dynamicConfigOptions.http = {

211
hosts/m3-atlas/services/containers/pangolin.nix
View File

@@ -1,211 +0,0 @@
{
config,
pkgs,
lib,
...
}: let
# Define the Pangolin configuration as a Nix attribute set
pangolinConfig = {
app = {
dashboard_url = "https://vpn.m3tam3re.com";
log_level = "info";
save_logs = false;
};
domains = {
vpn = {
base_domain = "m3tam3re.com";
cert_resolver = "godaddy";
prefer_wildcard_cert = false;
};
};
server = {
external_port = 3000;
internal_port = 3001;
next_port = 3002;
internal_hostname = "pangolin";
session_cookie_name = "p_session_token";
resource_access_token_param = "p_token";
resource_session_request_param = "p_session_request";
};
traefik = {
cert_resolver = "godaddy";
http_entrypoint = "web";
https_entrypoint = "websecure";
};
gerbil = {
start_port = 51820;
base_endpoint = "vpn.m3tam3re.com";
use_subdomain = false;
block_size = 24;
site_block_size = 30;
subnet_group = "100.89.137.0/20";
};
rate_limits = {
global = {
window_minutes = 1;
max_requests = 100;
};
};
email = {
smtp_host = config.age.secrets.smtp-host.path;
smtp_port = 587;
smtp_user = config.age.secrets.smtp-user.path;
smtp_pass = config.age.secrets.smtp-pass.path;
no_reply = config.age.secrets.smtp-user.path;
};
users = {
server_admin = {
email = "admin@m3tam3re.com";
password = config.age.secrets.pangolin-admin-password.path;
};
};
flags = {
require_email_verification = true;
disable_signup_without_invite = true;
disable_user_create_org = true;
allow_raw_resources = true;
allow_base_domain_resources = true;
};
};
# Convert Nix attribute set to YAML using a simpler approach
pangolinConfigYaml = pkgs.writeTextFile {
name = "config.yml";
text = lib.generators.toYAML {} pangolinConfig;
};
in {
# Define the containers
virtualisation.oci-containers.containers = {
"pangolin" = {
image = "fosrl/pangolin:1.1.0";
autoStart = true;
volumes = [
"${pangolinConfigYaml}:/app/config/config.yml:ro" # Mount the config file directly
"pangolin_config:/app/config/data" # Volume for persistent data
];
ports = [
"127.0.0.1:3020:3001" # API server
"127.0.0.1:3021:3002" # Next.js server
"127.0.0.1:3022:3000" # API/WebSocket server
];
extraOptions = ["--ip=10.89.0.20" "--network=web"];
};
"gerbil" = {
image = "fosrl/gerbil:1.0.0";
autoStart = true;
volumes = [
"pangolin_config:/var/config" # Share the volume for persistent data
];
cmd = [
"--reachableAt=http://gerbil:3003"
"--generateAndSaveKeyTo=/var/config/key"
"--remoteConfig=http://pangolin:3001/api/v1/gerbil/get-config"
"--reportBandwidthTo=http://pangolin:3001/api/v1/gerbil/receive-bandwidth"
];
ports = [
"51820:51820/udp" # WireGuard port
];
extraOptions = [
"--ip=10.89.0.21"
"--network=web"
"--cap-add=NET_ADMIN"
"--cap-add=SYS_MODULE"
];
};
};
# Secrets for Pangolin
# age.secrets = {
# "smtp-host" = {
# file = ../secrets/smtp-host.age;
# owner = "root";
# group = "root";
# mode = "0400";
# };
# "smtp-user" = {
# file = ../secrets/smtp-user.age;
# owner = "root";
# group = "root";
# mode = "0400";
# };
# "smtp-pass" = {
# file = ../secrets/smtp-pass.age;
# owner = "root";
# group = "root";
# mode = "0400";
# };
# "pangolin-admin-password" = {
# file = ../secrets/pangolin-admin-password.age;
# owner = "root";
# group = "root";
# mode = "0400";
# };
# };
# Traefik configuration for Pangolin
services.traefik.dynamicConfigOptions = {
http = {
# Next.js service (front-end)
services.pangolin-next-service.loadBalancer.servers = [
{url = "http://localhost:3021";}
];
# API service
services.pangolin-api-service.loadBalancer.servers = [
{url = "http://localhost:3022";}
];
# Routers
routers = {
# Next.js router (handles everything except API paths)
"pangolin-next" = {
rule = "Host(`vpn.m3tam3re.com`) && !PathPrefix(`/api/v1`)";
service = "pangolin-next-service";
entrypoints = ["websecure"];
tls = {
certResolver = "godaddy";
};
};
# API router
"pangolin-api" = {
rule = "Host(`vpn.m3tam3re.com`) && PathPrefix(`/api/v1`)";
service = "pangolin-api-service";
entrypoints = ["websecure"];
tls = {
certResolver = "godaddy";
};
};
};
};
};
# Add HTTP provider to Traefik for dynamic configuration from Pangolin
services.traefik.staticConfigOptions.providers.http = {
endpoint = "http://localhost:3020/api/v1/traefik-config";
pollInterval = "5s";
};
# Add experimental section for Badger plugin
services.traefik.staticConfigOptions.experimental = {
plugins = {
#TODO create an overlay for the plugin
badger = {
moduleName = "github.com/fosrl/badger";
version = "v1.0.0";
};
};
};
# Firewall configuration for WireGuard
networking.firewall.allowedUDPPorts = [51820]; # WireGuard port
}

8
hosts/m3-atlas/services/containers/restreamer.nix
View File

@@ -4,7 +4,7 @@
environmentFiles = [config.age.secrets.restreamer-env.path]; environmentFiles = [config.age.secrets.restreamer-env.path];
# Modified ports to include RTMPS # Modified ports to include RTMPS
ports = [ ports = [
"127.0.0.1:${toString (config.m3ta.ports.get "restreamer")}:8080" # Web UI "127.0.0.1:3006:8080" # Web UI
"127.0.0.1:1936:1935" # RTMP "127.0.0.1:1936:1935" # RTMP
]; ];
volumes = [ volumes = [
@@ -20,12 +20,12 @@
http = { http = {
services.restreamer.loadBalancer.servers = [ services.restreamer.loadBalancer.servers = [
{ {
url = "http://localhost:${toString (config.m3ta.ports.get "restreamer")}/"; url = "http://localhost:3006/";
} }
]; ];
routers.restreamer = { routers.restreamer = {
rule = "Host(`stream.m3ta.dev`)"; rule = "Host(`stream.m3tam3re.com`)";
tls = { tls = {
certResolver = "godaddy"; certResolver = "godaddy";
}; };
@@ -70,6 +70,6 @@
# Firewall configuration # Firewall configuration
networking.firewall = { networking.firewall = {
allowedTCPPorts = [1935 1945]; allowedTCPPorts = [80 443 1935 1945];
}; };
} }

27
hosts/m3-atlas/services/containers/slash-nemoti.nix
View File

@@ -1,27 +0,0 @@
{
virtualisation.oci-containers.containers."slash-nemoti" = {
image = "docker.io/yourselfhosted/slash:latest";
ports = ["127.0.0.1:3016:5231"];
volumes = [
"slash-nemoti_data:/var/opt/slash"
];
extraOptions = ["--ip=10.89.0.17" "--network=web"];
};
# Traefik configuration specific to littlelink
services.traefik.dynamicConfigOptions.http = {
services.slash-nemoti.loadBalancer.servers = [
{
url = "http://localhost:3016/";
}
];
routers.slash-nemoti = {
rule = "Host(`l.nemoti.art`)";
tls = {
certResolver = "godaddy";
};
service = "slash-nemoti";
entrypoints = "websecure";
};
};
}

5
hosts/m3-atlas/services/default.nix
View File

@@ -2,18 +2,13 @@
imports = [ imports = [
./containers ./containers
./gitea.nix ./gitea.nix
./gitea-actions-runner.nix
./headscale.nix ./headscale.nix
./minio.nix ./minio.nix
./mysql.nix ./mysql.nix
./n8n.nix
./outline.nix
./paperless.nix
./postgres.nix ./postgres.nix
./searx.nix ./searx.nix
./tailscale.nix ./tailscale.nix
./traefik.nix ./traefik.nix
./vaultwarden.nix
./wastebin.nix ./wastebin.nix
]; ];
} }

57
hosts/m3-atlas/services/gitea-actions-runner.nix
View File

@@ -1,57 +0,0 @@
{
config,
pkgs,
...
}: {
services.gitea-actions-runner = {
instances.default = {
enable = true;
name = "${config.networking.hostName}-runner";
url = "https://code.m3ta.dev";
tokenFile = config.age.secrets.gitea-runner-token.path;
# nixos:host is primary, ubuntu is fallback
labels = [
"nixos:host"
];
# Host execution packages
hostPackages = with pkgs; [
bash
curl
coreutils
git
jq
nix
nix-update
nodejs
# Add any other tools you need for nix-update workflows
];
# Advanced settings
settings = {
runner = {
capacity = 4; # One job at a time (increase if you have resources)
timeout = "4h"; # Nix builds can take a while
};
cache = {enabled = true;};
container = {
enable_ipv6 = true;
privileged = false;
};
};
};
};
# User management (auto-created by module, but ensuring proper setup)
users.users.gitea-runner = {
home = "/var/lib/gitea-runner";
group = "gitea-runner";
isSystemUser = true;
createHome = true;
};
users.groups.gitea-runner = {};
# Firewall: Allow Podman bridge networks for cache actions
networking.firewall.trustedInterfaces = ["br-+"];
}

19
hosts/m3-atlas/services/gitea.nix
View File

@@ -1,12 +1,8 @@
{config, ...}: { {
services.gitea = { services.gitea = {
enable = true; enable = true;
settings = { settings = {
server = { server.ROOT_URL = "https://code.m3tam3re.com";
ROOT_URL = "https://code.m3ta.dev";
HTTP_PORT = config.m3ta.ports.get "gitea";
};
mailer.SENDMAIL_PATH = "/run/wrappers/bin/sendmail";
service.DISABLE_REGISTRATION = true; service.DISABLE_REGISTRATION = true;
}; };
lfs.enable = true; lfs.enable = true;
@@ -21,26 +17,17 @@
services.traefik.dynamicConfigOptions.http = { services.traefik.dynamicConfigOptions.http = {
services.gitea.loadBalancer.servers = [ services.gitea.loadBalancer.servers = [
{ {
url = "http://localhost:${toString (config.m3ta.ports.get "gitea")}/"; url = "http://localhost:3000/";
} }
]; ];
routers.gitea = { routers.gitea = {
rule = "Host(`code.m3ta.dev`)";
tls = {
certResolver = "godaddy";
};
service = "gitea";
entrypoints = "websecure";
};
routers.gitea-old = {
rule = "Host(`code.m3tam3re.com`)"; rule = "Host(`code.m3tam3re.com`)";
tls = { tls = {
certResolver = "godaddy"; certResolver = "godaddy";
}; };
service = "gitea"; service = "gitea";
entrypoints = "websecure"; entrypoints = "websecure";
middlewares = ["subdomain-redirect"];
}; };
}; };
} }

90
hosts/m3-atlas/services/headscale.nix
View File

@@ -1,104 +1,19 @@
{ {
config,
lib,
pkgs,
...
}: {
# Define a new option for the admin user
options.services.headscale = {
adminUser = lib.mkOption {
type = lib.types.str;
default = "m3tam3re";
description = "Username for the headscale admin user";
};
};
config = let
adminUser = config.services.headscale.adminUser;
aclConfig = {
# Groups definition
groups = {
"group:admins" = ["${adminUser}"];
};
acls = [
# Allow all connections within the tailnet
{
action = "accept";
src = ["*"];
dst = ["*:*"];
}
# Allow admin to connect to their own services
{
action = "accept";
src = ["${adminUser}"];
dst = ["${adminUser}:*"];
}
];
# Auto-approvers section for routes
autoApprovers = {
routes = {
"0.0.0.0/0" = ["${adminUser}"];
"10.0.0.0/8" = ["${adminUser}"];
"192.168.0.0/16" = ["${adminUser}"];
};
exitNode = ["${adminUser}"];
};
};
# Convert to HuJSON format with comments
aclHuJson = ''
// Headscale ACL Policy - Generated by NixOS
// Admin user: ${adminUser}
${builtins.toJSON aclConfig}
'';
aclFile = pkgs.writeText "acl-policy.hujson" aclHuJson;
in {
services = { services = {
headscale = { headscale = {
enable = true; enable = true;
adminUser = "m3tam3re@m3ta.loc";
port = 3009; port = 3009;
settings = { settings = {
server_url = "https://va.m3tam3re.com"; server_url = "https://va.m3tam3re.com";
dns = { dns = {
base_domain = "m3ta.loc"; base_domain = "m3tam3re.loc";
nameservers.global = ["8.8.8.8"];
}; };
logtail.enabled = false; logtail.enabled = false;
policy.path = "${aclFile}";
}; };
}; };
}; };
# Create a systemd service to ensure the admin user exists # Traefik configuration specific to
systemd.services.headscale-ensure-admin = lib.mkIf config.services.headscale.enable {
description = "Ensure Headscale admin user exists";
after = ["headscale.service"];
requires = ["headscale.service"];
wantedBy = ["multi-user.target"];
serviceConfig = {
Type = "oneshot";
RemainAfterExit = true;
User = "headscale";
Group = "headscale";
};
script = ''
# Check if user exists and create if needed
if ! ${pkgs.headscale}/bin/headscale users list | grep -q "${adminUser}"; then
echo "Creating headscale admin user: ${adminUser}"
${pkgs.headscale}/bin/headscale users create "${adminUser}"
else
echo "Headscale admin user ${adminUser} already exists"
fi
'';
};
# Traefik configuration for headscale
services.traefik.dynamicConfigOptions.http = { services.traefik.dynamicConfigOptions.http = {
services.headscale.loadBalancer.servers = [ services.headscale.loadBalancer.servers = [
{ {
@@ -115,5 +30,4 @@
entrypoints = "websecure"; entrypoints = "websecure";
}; };
}; };
};
} }

7
hosts/m3-atlas/services/mysql.nix
View File

@@ -18,10 +18,5 @@
calendar = "03:00:00"; calendar = "03:00:00";
databases = ["ghost" "matomo"]; databases = ["ghost" "matomo"];
}; };
networking.firewall = { networking.firewall.allowedTCPPorts = [3306];
extraCommands = ''
iptables -A INPUT -p tcp -s 127.0.0.1 --dport 3306 -j ACCEPT
iptables -A INPUT -p tcp -s 10.89.0.0/24 --dport 3306 -j ACCEPT
'';
};
} }

26
hosts/m3-atlas/services/n8n.nix
View File

@@ -1,26 +0,0 @@
{config, ...}: {
services.n8n = {
enable = true;
environment.WEBHOOK_URL = "https://wf.m3tam3re.com";
};
systemd.services.n8n.serviceConfig = {
EnvironmentFile = ["${config.age.secrets.n8n-env.path}"];
};
# Traefik configuration specific to n8n
services.traefik.dynamicConfigOptions.http = {
services.n8n.loadBalancer.servers = [
{
url = "http://localhost:5678/";
}
];
routers.n8n = {
rule = "Host(`wf.m3ta.dev`)";
tls = {
certResolver = "godaddy";
};
service = "n8n";
entrypoints = "websecure";
};
};
}

33
hosts/m3-atlas/services/outline.nix
View File

@@ -1,33 +0,0 @@
{
services.outline = {
enable = true;
port = 3019;
publicUrl = "https://ol.m3ta.dev";
databaseUrl = "postgresql://outline:outline@127.0.0.1:5432/outline";
storage = {
storageType = "local";
};
};
systemd.services.outline.serviceConfig = {
Environment = [
"PGSSLMODE=disable"
];
};
# Traefik configuration specific to littlelink
services.traefik.dynamicConfigOptions.http = {
services.outline.loadBalancer.servers = [
{
url = "http://localhost:3019/";
}
];
routers.outline = {
rule = "Host(`ol.m3ta.dev`)";
tls = {
certResolver = "godaddy";
};
service = "outline";
entrypoints = "websecure";
};
};
}

40
hosts/m3-atlas/services/paperless.nix
View File

@@ -1,40 +0,0 @@
{config, ...}: {
services.paperless = {
enable = true;
port = config.m3ta.ports.get "paperless";
database.createLocally = true;
passwordFile = config.age.secrets.paperless-key.path;
configureTika = true;
settings = {
PAPERLESS_URL = "https://pl.m3ta.dev";
DATABASE_URL = "postgresql://paperless:paperless@127.0.0.1:${toString (config.m3ta.ports.get "postgres")}/paperless";
PAPERLESS_CONSUMER_IGNORE_PATTERN = [
".DS_STORE/*"
"desktop.ini"
".env"
];
PAPERLESS_OCR_LANGUAGE = "deu+eng";
PAPERLESS_OCR_USER_ARGS = {
optimize = 1;
pdfa_image_compression = "lossless";
};
};
};
# Traefik configuration for headscale
services.traefik.dynamicConfigOptions.http = {
services.paperless.loadBalancer.servers = [
{
url = "http://localhost:${toString (config.m3ta.ports.get "paperless")}/";
}
];
routers.paperless = {
rule = "Host(`pl.m3ta.dev`)";
tls = {
certResolver = "godaddy";
};
service = "paperless";
entrypoints = "websecure";
};
};
}

49
hosts/m3-atlas/services/postgres.nix
View File

@@ -1,47 +1,24 @@
{ {pkgs, ...}: {
pkgs,
config,
...
}: {
services.postgresql = { services.postgresql = {
enable = true; enable = true;
enableTCPIP = true; enableTCPIP = true;
package = pkgs.postgresql_17; package = pkgs.postgresql_15;
extensions = with pkgs.postgresql17Packages; [
pgvector
];
authentication = pkgs.lib.mkOverride 10 '' authentication = pkgs.lib.mkOverride 10 ''
# Local connections (Unix socket) local all all trust
local all postgres peer host all all 127.0.0.1/32 trust
local paperless paperless scram-sha-256 host all all ::1/128 trust
host all all 10.89.0.0/16 trust
# Localhost connections (IPv4 and IPv6) '';
host all postgres 127.0.0.1/32 scram-sha-256 initialScript = pkgs.writeText "backend-initScript" ''
host all postgres ::1/128 scram-sha-256 CREATE USER baserow WITH ENCRYPTED PASSWORD 'baserow';
host outline outline 127.0.0.1/32 scram-sha-256 CREATE DATABASE baserow;
host outline outline ::1/128 scram-sha-256 ALTER DATABASE baserow OWNER to baserow;
host paperless paperless 127.0.0.1/32 scram-sha-256
host paperless paperless ::1/128 scram-sha-256
# Podman network connections for Baserow
host baserow baserow 10.89.0.0/24 scram-sha-256
host kestra kestra 10.89.0.0/24 scram-sha-256
# Deny all other connections
local all all reject
host all all 0.0.0.0/0 reject
host all all ::/0 reject
''; '';
}; };
services.postgresqlBackup = { services.postgresqlBackup = {
enable = true; enable = true;
startAt = "03:10:00"; startAt = "03:10:00";
databases = ["baserow" "paperless" "kestra"]; databases = ["baserow"];
};
networking.firewall = {
extraCommands = ''
iptables -A INPUT -p tcp -s 127.0.0.1 --dport ${toString (config.m3ta.ports.get "postgres")} -j ACCEPT
iptables -A INPUT -p tcp -s 10.89.0.0/24 --dport ${toString (config.m3ta.ports.get "postgres")} -j ACCEPT
'';
}; };
networking.firewall.allowedTCPPorts = [5432];
} }

9
hosts/m3-atlas/services/searx.nix
View File

@@ -17,21 +17,12 @@
]; ];
routers.searx = { routers.searx = {
rule = "Host(`search.m3ta.dev`)";
tls = {
certResolver = "godaddy";
};
service = "searx";
entrypoints = "websecure";
};
routers.searx-old = {
rule = "Host(`search.m3tam3re.com`)"; rule = "Host(`search.m3tam3re.com`)";
tls = { tls = {
certResolver = "godaddy"; certResolver = "godaddy";
}; };
service = "searx"; service = "searx";
entrypoints = "websecure"; entrypoints = "websecure";
middlewares = ["subdomain-redirect"];
}; };
}; };
} }

22
hosts/m3-atlas/services/tailscale.nix
View File

@@ -1,27 +1,9 @@
{ {
config,
lib,
pkgs,
...
}: {
services.tailscale = { services.tailscale = {
enable = true; enable = true;
authKeyFile = config.age.secrets.tailscale-key.path;
useRoutingFeatures = "both"; useRoutingFeatures = "both";
extraUpFlags = [
"--login-server=${config.services.headscale.settings.server_url}"
"--advertise-exit-node"
"--accept-routes"
];
};
services.networkd-dispatcher = lib.mkIf config.services.tailscale.enable {
enable = true;
rules."50-tailscale" = {
onState = ["routable"];
script = ''
NETDEV=$(ip -o route get 8.8.8.8 | cut -f 5 -d " ")
${pkgs.ethtool}/bin/ethtool -K "$NETDEV" rx-udp-gro-forwarding on rx-gro-list off
'';
}; };
networking.firewall = {
trustedInterfaces = ["tailscale0"];
}; };
} }

33
hosts/m3-atlas/services/traefik.nix
View File

@@ -12,10 +12,7 @@
dnsChallenge = { dnsChallenge = {
provider = "godaddy"; provider = "godaddy";
resolvers = ["1.1.1.1:53" "8.8.8.8:53"]; resolvers = ["1.1.1.1:53" "8.8.8.8:53"];
propagation = { propagation.delayBeforeChecks = 60;
delayBeforeChecks = 60;
disableChecks = true;
};
}; };
}; };
}; };
@@ -42,35 +39,7 @@
}; };
dynamicConfigOptions = { dynamicConfigOptions = {
http = { http = {
services = {
dummy = {
loadBalancer.servers = [
{url = "http://192.168.0.1";} # Diese URL wird nie verwendet
];
};
};
middlewares = { middlewares = {
domain-redirect = {
redirectRegex = {
regex = "^https://www\\.m3tam3re\\.com(.*)";
replacement = "https://m3ta.dev$1";
permanent = true;
};
};
strip-www = {
redirectRegex = {
regex = "^https://www\\.(.+)";
replacement = "https://$1";
permanent = true;
};
};
subdomain-redirect = {
redirectRegex = {
regex = "^https://([a-zA-Z0-9-]+)\\.m3tam3re\\.com(.*)";
replacement = "https://$1.m3ta.dev$2";
permanent = true;
};
};
auth = { auth = {
basicAuth = { basicAuth = {
users = ["m3tam3re:$apr1$1xqdta2b$DIVNvvp5iTUGNccJjguKh."]; users = ["m3tam3re:$apr1$1xqdta2b$DIVNvvp5iTUGNccJjguKh."];

29
hosts/m3-atlas/services/vaultwarden.nix
View File

@@ -1,29 +0,0 @@
{config, ...}: {
services.vaultwarden = {
enable = true;
backupDir = "/var/backup/vaultwarden";
config = {
ROCKET_ADDRESS = "127.0.0.1";
ROCKET_PORT = 3013;
};
environmentFile = "${config.age.secrets.vaultwarden-env.path}";
};
# Traefik configuration for headscale
services.traefik.dynamicConfigOptions.http = {
services.vaultwarden.loadBalancer.servers = [
{
url = "http://localhost:3013/";
}
];
routers.vaultwarden = {
rule = "Host(`vw.m3ta.dev`)";
tls = {
certResolver = "godaddy";
};
service = "vaultwarden";
entrypoints = "websecure";
};
};
}

11
hosts/m3-atlas/services/wastebin.nix
View File

@@ -3,7 +3,7 @@
enable = true; enable = true;
settings = { settings = {
WASTEBIN_TITLE = "m3tam3re's wastebin"; WASTEBIN_TITLE = "m3tam3re's wastebin";
WASTEBIN_BASE_URL = "https://bin.m3ta.dev"; WASTEBIN_BASE_URL = "https://bin.m3tam3re.com";
WASTEBIN_ADDRESS_PORT = "0.0.0.0:3003"; WASTEBIN_ADDRESS_PORT = "0.0.0.0:3003";
WASTEBIN_MAX_BODY_SIZE = 1048576; WASTEBIN_MAX_BODY_SIZE = 1048576;
}; };
@@ -17,21 +17,12 @@
]; ];
routers.wastebin = { routers.wastebin = {
rule = "Host(`bin.m3ta.dev`)";
tls = {
certResolver = "godaddy";
};
service = "wastebin";
entrypoints = "websecure";
};
routers.wastebin-old = {
rule = "Host(`bin.m3tam3re.com`)"; rule = "Host(`bin.m3tam3re.com`)";
tls = { tls = {
certResolver = "godaddy"; certResolver = "godaddy";
}; };
service = "wastebin"; service = "wastebin";
entrypoints = "websecure"; entrypoints = "websecure";
middlewares = ["subdomain-redirect"];
}; };
}; };
} }

Some files were not shown because too many files have changed in this diff Show More