peperunas/nixos
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Compare commits

base: peperunas:853ee7482681b1edae7d039a7f7b38f27944b6d9
Branches Tags
peperunas:master
peperunas:nixos-21.11
peperunas:laptopshit
..
compare: peperunas:b3e77937597013e6d18876c7dd050cbc1ea4a0e8
Branches Tags
peperunas:master
peperunas:nixos-21.11
peperunas:laptopshit

No commits in common. "853ee7482681b1edae7d039a7f7b38f27944b6d9" and "b3e77937597013e6d18876c7dd050cbc1ea4a0e8" have entirely different histories.
853ee74826 ... b3e7793759

11 changed files with 32 additions and 143 deletions
Show Stats Expand all files Collapse all files

14
cachix.nix
View File

@ -1,14 +0,0 @@
# WARN: this file will get overwritten by $ cachix use <name>
{ pkgs, lib, ... }:
let
folder = ./cachix;
toImport = name: value: folder + ("/" + name);
filterCaches = key: value: value == "regular" && lib.hasSuffix ".nix" key;
imports = lib.mapAttrsToList toImport (lib.filterAttrs filterCaches (builtins.readDir folder));
in {
inherit imports;
nix.binaryCaches = ["https://cache.nixos.org/"];
}

12
cachix/ropfuscator.nix
View File

@ -1,12 +0,0 @@
{
nix = {
binaryCaches = [
"https://ropfuscator.cachix.org"
];
binaryCachePublicKeys = [
"ropfuscator.cachix.org-1:LZ03aJ1yqFlxpU+wfGhLlOkA3MwXqnntd2Wk7u2LnHQ="
];
};
}

22
flake.lock generated
View File

@ -7,27 +7,27 @@
] ]
}, },
"locked": { "locked": {
"lastModified": 1638267006, "lastModified": 1637019201,
"narHash": "sha256-heZdDlD09rnoeEiZ4wKfbXNDkO5I9qVFvX9d790h/XE=", "narHash": "sha256-lq4gz51fx4m5FXfx1SCB444aEBeaYtLMVm3P18Wi9ls=",
"owner": "rycee", "owner": "rycee",
"repo": "home-manager", "repo": "home-manager",
"rev": "3e93c4e8b2b479c712b7c20a428993b459118842", "rev": "bcf03fa16a1f06b8a0abb27bf49afa8d6fffe8f1",
"type": "github" "type": "github"
}, },
"original": { "original": {
"owner": "rycee", "owner": "rycee",
"ref": "release-21.11", "ref": "release-21.05",
"repo": "home-manager", "repo": "home-manager",
"type": "github" "type": "github"
} }
}, },
"nixos-unstable": { "nixos-unstable": {
"locked": { "locked": {
"lastModified": 1638286143, "lastModified": 1637595801,
"narHash": "sha256-A+rgjbIpz3uPRKHPXwdmouVcVn5pZqLnaZHymjkraG4=", "narHash": "sha256-LkIMwVFKCuEqidaUdg8uxwpESAXjsPo4oCz3eJ7RaRw=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "29d1f6e1f625d246dcf84a78ef97b4da3cafc6ea", "rev": "263ef4cc4146c9fab808085487438c625d4426a9",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -39,16 +39,16 @@
}, },
"nixpkgs": { "nixpkgs": {
"locked": { "locked": {
"lastModified": 1638279546, "lastModified": 1637615379,
"narHash": "sha256-1KCwN7twjp1dBdp0jPgVdYFztDkCR8+roo0B34J9oBY=", "narHash": "sha256-wL5+nm7z+42IHyhc52P3aAj1Kp2fQ6C8IyPBihj7Bjg=",
"owner": "NixOS", "owner": "NixOS",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "96b4157790fc96e70d6e6c115e3f34bba7be490f", "rev": "09650059d7f5ae59a7f0fb2dd3bfc6d2042a74de",
"type": "github" "type": "github"
}, },
"original": { "original": {
"owner": "NixOS", "owner": "NixOS",
"ref": "nixos-21.11", "ref": "nixos-21.05",
"repo": "nixpkgs", "repo": "nixpkgs",
"type": "github" "type": "github"
} }

4
flake.nix
View File

@ -1,9 +1,9 @@
{ {
inputs = { inputs = {
nixpkgs.url = "github:NixOS/nixpkgs/nixos-21.11"; nixpkgs.url = "github:NixOS/nixpkgs/nixos-21.05";
nixos-unstable.url = "github:NixOS/nixpkgs/nixos-unstable"; nixos-unstable.url = "github:NixOS/nixpkgs/nixos-unstable";
home-manager = { home-manager = {
url = "github:rycee/home-manager/release-21.11"; url = "github:rycee/home-manager/release-21.05";
inputs.nixpkgs.follows = "nixpkgs"; inputs.nixpkgs.follows = "nixpkgs";
}; };
}; };

23
hosts/architect/default.nix
View File

@ -23,25 +23,28 @@ in {
./matrix.nix ./matrix.nix
./fail2ban.nix ./fail2ban.nix
./dns.nix ./dns.nix
# ./minecraft.nix ./minecraft.nix
./prowlarr.nix ./prowlarr.nix
./plex.nix ./plex.nix
./transmission.nix ./transmission.nix
./githubrunner.nix ./githubrunner.nix
./libreddit.nix
./invidious.nix
./nitter.nix
]; ];
time.timeZone = "Europe/Rome"; time.timeZone = "Europe/Rome";
system.stateVersion = "21.11"; # Did you read the comment? system.stateVersion = "21.05"; # Did you read the comment?
users.users.giulio.openssh.authorizedKeys.keys = pubkeys; users.users.giulio.openssh.authorizedKeys.keys = pubkeys;
services.fwupd.enable = true; fileSystems."/tmp" = {
device = "tmpfs";
fsType = "tmpfs";
options = [ "size=20G" ];
};
boot = { boot = {
kernelParams = kernelParams =
[ "ip=${architect-lan}::10.0.0.1:255.255.255.0::${wan-if}:off" "nvme_core.default_ps_max_latency_us=5500" ]; [ "ip=${architect-lan}::10.0.0.1:255.255.255.0::${wan-if}:off" ];
kernel.sysctl."net.ipv4.ip_forward" = 1; kernel.sysctl."net.ipv4.ip_forward" = 1;
initrd = { initrd = {
availableKernelModules = [ "igc" "r8169" ]; availableKernelModules = [ "igc" "r8169" ];
network = { network = {
@ -69,6 +72,7 @@ in {
}; };
supportedFilesystems = [ "zfs" ]; supportedFilesystems = [ "zfs" ];
zfs.enableUnstable = true;
zfs.requestEncryptionCredentials = true; zfs.requestEncryptionCredentials = true;
}; };
@ -115,9 +119,10 @@ in {
''; '';
}; };
environment.systemPackages = with pkgs; [ cudatoolkit cachix ]; environment.systemPackages = with pkgs; [ cudatoolkit ];
hardware = { hardware = {
cpu.amd.updateMicrocode = true;
opengl.enable = true; opengl.enable = true;
opengl.extraPackages = with pkgs; [ vaapiVdpau ]; opengl.extraPackages = with pkgs; [ vaapiVdpau ];
opengl.driSupport = true; opengl.driSupport = true;

10
hosts/architect/hardware.nix
View File

@ -42,15 +42,9 @@
fsType = "vfat"; fsType = "vfat";
}; };
fileSystems."/tmp" = {
fsType = "tmpfs";
device = "tmpfs";
options = [ "mode=1777" "strictatime" "rw" "nosuid" "nodev" "size=29G" ];
};
swapDevices = [{ swapDevices = [{
device = "/dev/sdc1"; device = "/dev/zpool/data/swap";
size = 100000; size = 40000;
}]; }];
} }

26
hosts/architect/invidious.nix
View File

@ -1,26 +0,0 @@
{ pkgs, ... }:
with import ./network.nix;
let domain = "tube.giugl.io";
in {
services = {
invidious = {
enable = true;
port = 9092;
};
nginx.virtualHosts.${domain} = {
forceSSL = true;
enableACME = true;
locations."/" = {
proxyPass = "http://localhost:9092";
};
};
};
networking.extraHosts = ''
${architect-lan} ${domain}
${architect-wg} ${domain}
'';
}

26
hosts/architect/libreddit.nix
View File

@ -1,26 +0,0 @@
{ pkgs, ... }:
with import ./network.nix;
let domain = "reddit.giugl.io";
in {
services = {
libreddit = {
enable = true;
port = 9090;
};
nginx.virtualHosts.${domain} = {
forceSSL = true;
enableACME = true;
locations."/" = {
proxyPass = "http://localhost:9090";
};
};
};
networking.extraHosts = ''
${architect-lan} ${domain}
${architect-wg} ${domain}
'';
}

33
hosts/architect/nitter.nix
View File

@ -1,33 +0,0 @@
{ pkgs, ... }:
with import ./network.nix;
let domain = "tweet.giugl.io";
in {
services = {
nitter = {
enable = true;
server = {
port = 9093;
hostname = domain;
};
preferences = {
replaceYouTube = "tube.giugl.io";
replaceTwitter = "tweet.giugl.io";
};
};
nginx.virtualHosts.${domain} = {
forceSSL = true;
enableACME = true;
locations."/" = {
proxyPass = "http://localhost:9093";
};
};
};
networking.extraHosts = ''
${architect-lan} ${domain}
${architect-wg} ${domain}
'';
}

1
hosts/architect/transmission.nix
View File

@ -13,7 +13,6 @@ in {
speed-limit-up = 10; speed-limit-up = 10;
speed-limit-up-enabled = true; speed-limit-up-enabled = true;
peer-port = 51413; peer-port = 51413;
umask = 2;
}; };
performanceNetParameters = true; performanceNetParameters = true;
}; };

4
lib/host.nix
View File

@ -14,9 +14,11 @@
modules = [ modules = [
{ {
imports = users_mod ++ roles_mod; imports = users_mod ++ roles_mod ++ [(nixos-unstable + "/nixos/modules/services/misc/prowlarr.nix")];
nixpkgs = { nixpkgs = {
pkgs = pkgs; pkgs = pkgs;
overlays = [ (self: super: {prowlarr = pkgs.unstable.prowlarr;}) ];
}; };
nix.nixPath = [ nix.nixPath = [