fw/nix
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

huge refactor

Browse source
This commit is contained in:
fwastring 2026-04-02 10:58:37 +02:00
parent 03e5a47910
commit 1d4c8455ee
30 changed files with 972 additions and 697 deletions
Download patch file Download diff file Expand all files Collapse all files

20
maskiner/archive/alloy-systemd.yaml
View file

@ -1,20 +0,0 @@
loki.relabel "journal" {
forward_to = []
rule {
source_labels = ["__journal__systemd_unit"]
target_label = "unit"
}
}
loki.source.journal "read" {
forward_to = [loki.write.endpoint.receiver]
relabel_rules = loki.relabel.journal.rules
labels = {component = "macmini"}
}
loki.write "endpoint" {
endpoint {
url ="http://192.168.1.143:3100/loki/api/v1/push"
}
}

83
maskiner/archive/configuration.nix
View file

@ -1,83 +0,0 @@
# This is your system's configuration file.
# Use this to configure your system environment (it replaces /etc/nixos/configuration.nix)
{
inputs,
lib,
config,
pkgs,
myhostname,
...
}:
let
modulesDirectory = ../../moduler;
in
{
# You can import other NixOS modules here
imports = [
./hardware-configuration.nix
(modulesDirectory + /services/base)
../../moduler/users.nix
../../moduler/services/monitoring
];
alloy = {
enable = true;
configPath = ./alloy-systemd.yaml;
};
nixpkgs.config.permittedInsecurePackages = [
"broadcom-sta-6.30.223.271-59-6.12.58"
];
nix.settings = {
trusted-public-keys = [
"cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY="
"hyprland.cachix.org-1:a7pgxzMz7+chwVL3/pzj6jIBMioiJM7ypFP8PwtkuGc="
];
};
security.sudo.wheelNeedsPassword = false;
users.users.root.openssh.authorizedKeys.keys = [
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDALsdpwvC0w/Aj+1fWtzJyyWoUrGkdh8o2thVHeQQBNo0D7cmVberYmi4Cv9gWGX6PaElrnOl0KRdGyro2wxOYokSxgk2VgWW67BFITAQAbKyG2NhXXPbhb4jccDo7WH7TtOG8IofuJTPRu1Duda6k4RN0I0CkyAN6LGX+zy49cq0qKf9ijXYhCDYNih3+Fu/ig0aW/SYmsVoUl2VFTWdI5x5/wLvIjTEZhmAtYIeYADaLnom356cFrUysZa++FUujQAz3Ow236BvP95XZdTsqvfWNZFNIpC9VYF72JeIDCs5wDIr0GFmanF2On1nar+jJpoOE8SdHt357p5g/PqXV5TisN2xQRkqVwO9tWtMl4sF84jA4ULnY2gQWv9jErMxymUQ1IwuPUzDDlbRHCtfexAtkBy7wv6xslKAzG1QahvF/btNs5Caj3LN31rgAuxyooCbKGKTeBP3kHPKcz1iupgidfbO/QqVXBRQJTEdGyAKa8hVmLQZZPC/XUhxESAk= fw@fw-nix"
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC8ku8iCb7tXd/tfxYDW+Tj8K9kpfrYZciYUZ6tBpO80inm4EImtfyEeJTuqDWMKov2BftUKs8brNeTBCXUEvU1P0+cpOP9RtYA5tfBXf3su+iVSswJJStIxNboXHrEGKdJJRNsTv/9agshDSUBy6G5TI1cXhv/updornfA4fwOMqOmtlYEn6XCRnsrO6NBLc/uLckdbF75HOsoLvezRvuqTLjpapjaUKGVPrgNXiclIKHmuOx71kgD4FX3rSz9FgKjnfu3a7DBbrHsf/g+N9PjNF1muN9UOV6nK3WwiO9BMWi7NpAWfzJOeZg9chqzI+U6CcsqYVeESgL41so+dnv3 fw@laptop"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIP34dnsZSnWdDvd+3BXDwcw7wP0PjPEx2eCdBQJyGD6O fw@laptop"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAII60tdNsG0z9q2jHmoTKvkeLQE6OF0bmTsDX1bpqpoG7 fw@jobb"
];
# Restic
users.users.restic = {
isNormalUser = true;
createHome = true;
home = "/home/restic";
openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIP34dnsZSnWdDvd+3BXDwcw7wP0PjPEx2eCdBQJyGD6O fw@laptop"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAII60tdNsG0z9q2jHmoTKvkeLQE6OF0bmTsDX1bpqpoG7 fw@jobb"
];
};
# Where repos will live (you can choose a different path/disk)
systemd.tmpfiles.rules = [
"d /srv/restic 0750 restic restic -"
];
networking.firewall.allowedUDPPorts = [
22000
21027
];
services = {
openssh = {
enable = true;
allowSFTP = true;
};
};
security.rtkit.enable = true;
networking.hostName = myhostname;
services.xserver.dpi = 100;
system.stateVersion = "24.11";
}

39
maskiner/archive/hardware-configuration.nix
View file

@ -1,39 +0,0 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
imports =
[ (modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = [ "ohci_pci" "ehci_pci" "ahci" "firewire_ohci" "usb_storage" "usbhid" "sd_mod" "sr_mod" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-intel" "wl" ];
boot.extraModulePackages = [ config.boot.kernelPackages.broadcom_sta ];
fileSystems."/" =
{ device = "/dev/disk/by-uuid/1c7e7116-3486-45a8-90c0-d3deea8e96b0";
fsType = "ext4";
};
fileSystems."/boot" =
{ device = "/dev/disk/by-uuid/B70D-941F";
fsType = "vfat";
options = [ "fmask=0077" "dmask=0077" ];
};
swapDevices = [ ];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true;
# networking.interfaces.enp4s0.useDHCP = lib.mkDefault true;
# networking.interfaces.wlp3s0b1.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
}

11
maskiner/core/configuration.nix
View file

@ -12,14 +12,7 @@ in
{
imports = [
./hardware-configuration.nix
(modulesDirectory + /users.nix)
(modulesDirectory + /git.nix)
(modulesDirectory + /network.nix)
(modulesDirectory + /programs.nix)
(modulesDirectory + /system.nix)
(modulesDirectory + /dev.nix)
(modulesDirectory + /sound.nix)
(modulesDirectory + /features/standard)
(modulesDirectory + /programs/kubernetes-tools.nix)
(modulesDirectory + /services/base)
@ -30,6 +23,8 @@ in
];
kubernetes-tools.enable = true;
features.profile = "desktop";
networking.hostName = myhostname;
security.pki.certificateFiles = [

122
maskiner/gammal/configuration.nix
View file

@ -1,122 +0,0 @@
# Edit this configuration file to define what should be installed on
# your system. Help is available in the configuration.nix(5) man page
# and in the NixOS manual (accessible by running nixos-help).
{
inputs,
pkgs,
myhostname,
...
}:
let
theme = "mocha";
modulesDirectory = ../../moduler;
in
{
imports = [
./hardware-configuration.nix
(modulesDirectory + /users.nix)
(modulesDirectory + /git.nix)
(modulesDirectory + /network.nix)
(modulesDirectory + /programs.nix)
(modulesDirectory + /system.nix)
(modulesDirectory + /dev.nix)
(modulesDirectory + /sound.nix)
(modulesDirectory + /services/base)
(modulesDirectory + /programs/hyprland)
(modulesDirectory + /programs/nixvim)
];
networking.networkmanager = {
enable = true;
plugins = with pkgs; [
networkmanager-openvpn
];
};
stylix = {
enable = true;
base16Scheme = "${pkgs.base16-schemes}/share/themes/catppuccin-${theme}.yaml";
};
nixvim = {
enable = true;
theme = theme;
};
hyprland = {
enable = true;
theme = theme;
};
home-manager.extraSpecialArgs = { inherit inputs pkgs; };
home-manager.users.fw = {
imports = [
./../../moduler/home.nix
./../../moduler/programs/waybar
inputs.catppuccin.homeModules.catppuccin
];
waybar = {
enable = true;
profile = "laptop";
theme = theme;
};
gtk = {
enable = true;
iconTheme = {
name = "oomox-gruvbox-dark";
package = pkgs.gruvbox-dark-icons-gtk;
};
};
kitty = {
enable = true;
theme = theme;
};
fish = {
theme = theme;
};
k9s = {
enable = true;
theme = theme;
};
oh-my-posh = {
enable = true;
theme = theme;
};
catppuccin = {
librewolf = {
enable = true;
flavor = theme;
accent = "peach";
};
};
programs.ranger.enable = true;
stylix.targets = {
lazygit.enable = false;
fish.enable = false;
kitty.enable = false;
waybar.enable = false;
tmux.enable = false;
k9s.enable = false;
};
};
security.sudo.wheelNeedsPassword = false;
users.users.root.openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAII60tdNsG0z9q2jHmoTKvkeLQE6OF0bmTsDX1bpqpoG7 fw@jobb"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFpJBGPIfPB1BwSG7aoKqwfccyZSaU7J3xpJ8behMp9N fw@core"
];
services.upower = {
enable = true;
};
boot.kernelPackages = pkgs.linuxPackages_latest;
networking.hostName = myhostname;
system.stateVersion = "25.05";
}

18
maskiner/gammal/hardware-configuration.nix
View file

@ -1,18 +0,0 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
imports =
[ (modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = [ "xhci_pci" "ahci" "nvme" "usb_storage" "sd_mod" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-intel" ];
boot.extraModulePackages = [ ];
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
}

35
maskiner/gammal/laptop-disk.nix
View file

@ -1,35 +0,0 @@
{ lib, ... }:
{
disko.devices = {
disk = {
main = {
device = lib.mkDefault "/dev/sda";
type = "disk";
content = {
type = "gpt";
partitions = {
ESP = {
type = "EF00";
size = "1G";
content = {
type = "filesystem";
format = "vfat";
mountpoint = "/boot";
mountOptions = [ "umask=0077" ];
};
};
root = {
size = "100%";
content = {
type = "filesystem";
format = "ext4";
mountpoint = "/";
};
};
};
};
};
};
};
}

7
maskiner/laptop/configuration.nix
View file

@ -13,10 +13,7 @@ in
{
imports = [
./hardware-configuration.nix
(modulesDirectory + /users.nix)
(modulesDirectory + /network.nix)
(modulesDirectory + /system.nix)
(modulesDirectory + /features/standard)
(modulesDirectory + /services/base)
(modulesDirectory + /services/webcam-rtsp)
@ -26,6 +23,8 @@ in
enable = true;
};
features.profile = "camera";
hardware.graphics = {
enable = true;
extraPackages = with pkgs; [

18
maskiner/legacy/hardware-configuration.nix
View file

@ -1,18 +0,0 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{ config, lib, pkgs, modulesPath, ... }:
{
imports =
[ (modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = [ "xhci_pci" "nvme" "usb_storage" "sd_mod" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ ];
boot.extraModulePackages = [ ];
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
}

11
maskiner/node/configuration.nix
View file

@ -48,8 +48,7 @@ in
# You can import other NixOS modules here
imports = [
./hardware-configuration.nix
(modulesDirectory + /users.nix)
(modulesDirectory + /features/standard)
(modulesDirectory + /kitchenowl.nix)
# (modulesDirectory + /radicale.nix)
(modulesDirectory + /vaultwarden.nix)
@ -73,6 +72,8 @@ in
];
sops.defaultSopsFile = ../../secrets/sops.yaml;
features.profile = "server";
sops.age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
sops.secrets.gandi_key = {
path = "/run/secrets/gandi_key";
@ -140,9 +141,9 @@ in
};
home-manager.users.fw = {
# imports = [
# (modulesDirectory + /programs/beets)
# ];
imports = [
(modulesDirectory + /programs/beets)
];
home.username = "fw";
home.homeDirectory = "/home/fw";

11
maskiner/styrelsen/configuration.nix
View file

@ -16,14 +16,7 @@ in
{
imports = [
./hardware-configuration.nix
(modulesDirectory + /users.nix)
(modulesDirectory + /git.nix)
(modulesDirectory + /network.nix)
(modulesDirectory + /programs.nix)
(modulesDirectory + /system.nix)
(modulesDirectory + /dev.nix)
(modulesDirectory + /sound.nix)
(modulesDirectory + /features/standard)
(modulesDirectory + /services/base)
@ -33,6 +26,8 @@ in
];
kubernetes-tools.enable = true;
features.profile = "laptop";
networking.networkmanager = {
enable = true;
};

35
maskiner/styrelsen/laptop-disk.nix
View file

@ -1,35 +0,0 @@
{ lib, ... }:
{
disko.devices = {
disk = {
main = {
device = lib.mkDefault "/dev/nvme0n1";
type = "disk";
content = {
type = "gpt";
partitions = {
ESP = {
type = "EF00";
size = "1G";
content = {
type = "filesystem";
format = "vfat";
mountpoint = "/boot";
mountOptions = [ "umask=0077" ];
};
};
root = {
size = "100%";
content = {
type = "filesystem";
format = "ext4";
mountpoint = "/";
};
};
};
};
};
};
};
}