fw/nix
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Merge branch 'main' of https://git.wastring.com/fw/nix

Browse source
This commit is contained in:
fwastring 2025-11-30 23:04:38 +01:00
commit 66c3692ea4
13 changed files with 300 additions and 103 deletions
Download patch file Download diff file Expand all files Collapse all files

8
README.md
View file

@ -10,3 +10,11 @@
@ Old Computers
- laptop (Acer Swift 3) † 2025-08-05
```
nixos-anywhere -- \
--flake .#kiosk \
--generate-hardware-config nixos-generate-config ./machines/kiosk/hardware-configuration.nix \
--target-host fw@192.168.1.186
```

41
maskiner/core/disk-config.nix Normal file
View file

@ -0,0 +1,41 @@
{ lib, ... }:
{
disko.devices = {
disk = {
main = {
device = lib.mkDefault "/dev/nvme0n1";
type = "disk";
content = {
type = "gpt";
partitions = {
ESP = {
type = "EF00";
size = "1G";
content = {
type = "filesystem";
format = "vfat";
mountpoint = "/boot";
mountOptions = [ "umask=0077" ];
};
};
root = {
size = "100%";
content = {
type = "filesystem";
format = "ext4";
mountpoint = "/";
};
};
swap = {
size = "101G";
content = {
type = "swap";
};
};
};
};
};
};
};
}

8
maskiner/core/hardware-configuration.nix
View file

@ -8,24 +8,24 @@
[ (modulesPath + "/installer/scan/not-detected.nix")
];
boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "thunderbolt" "usb_storage" "usbhid" "sd_mod" ];
boot.initrd.availableKernelModules = [ "nvme" "xhci_pci" "thunderbolt" "usbhid" "usb_storage" "sd_mod" ];
boot.initrd.kernelModules = [ ];
boot.kernelModules = [ "kvm-amd" ];
boot.extraModulePackages = [ ];
fileSystems."/" =
{ device = "/dev/disk/by-uuid/751f2210-9f0a-46da-bc62-25ede9a5f8a7";
{ device = "/dev/disk/by-uuid/23905182-cee8-4336-8b2f-803dbd761c84";
fsType = "ext4";
};
fileSystems."/boot" =
{ device = "/dev/disk/by-uuid/1947-AC4C";
{ device = "/dev/disk/by-uuid/39A0-5A5F";
fsType = "vfat";
options = [ "fmask=0077" "dmask=0077" ];
};
swapDevices =
[ { device = "/dev/disk/by-uuid/0eea714d-1c2f-4981-b25b-920205959594"; }
[ { device = "/dev/disk/by-uuid/d599597d-d111-48a3-98e9-da81075e38f8"; }
];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking

5
moduler/base.nix
View file

@ -6,9 +6,6 @@
...
}:
{
sops.defaultSopsFile = ../secrets/sops.yaml;
sops.age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
nixpkgs = {
config = {
allowUnfree = true;
@ -96,7 +93,7 @@
garamond-libre
];
i18n.defaultLocale = "en_US.UTF-8";
i18n.defaultLocale = "sv_SE.UTF-8";
i18n.extraLocaleSettings = {
LC_ADDRESS = "sv_SE.UTF-8";
LC_IDENTIFICATION = "sv_SE.UTF-8";

24
moduler/dev.nix
View file

@ -1,9 +1,6 @@
{
inputs,
lib,
config,
pkgs,
myhostname,
...
}:
let
@ -22,24 +19,23 @@ in
inputs.neovim-nightly-overlay.packages.${pkgs.stdenv.hostPlatform.system}.default
# Nix
devenv
nixfmt-rfc-style
# Docker
dive
# dive
lazydocker
# Jobb
dotnetCorePackages.dotnet_9.sdk
gh
awscli
minio-client
# awscli
# minio-client
# dotnetCorePackages.dotnet_9.sdk
# opentofu
# azure-cli
# jira-cli-go
# Blogging
zola
# zola
# System Design
# sqlc
@ -48,10 +44,10 @@ in
# Web Dev
# tailwindcss
prettierd
# prettierd
# Go
go
# go
# air
# templ
# go-migrate-pg
@ -59,13 +55,13 @@ in
# Build
git
gcc
gnumake
cmake
# gnumake
# cmake
# System Tools
yq
jq
git
qrencode
# qrencode
];
}

29
moduler/lsp.nix Normal file
View file

@ -0,0 +1,29 @@
{
lib,
config,
pkgs,
...
}:
{
environment.systemPackages = with pkgs; [
nixd
dockerfile-language-server
bash-language-server
helm-ls
yaml-language-server
lua-language-server
marksman
# tofu-ls
# gopls
# omnisharp-roslyn
# nodejs_22
# vue-language-server
# vtsls
# typescript
# typescript-language-server
# nodePackages.vscode-json-languageserver
# tailwindcss-language-server
];
}

11
moduler/network.nix
View file

@ -15,13 +15,12 @@
};
environment.systemPackages = with pkgs; [
networkmanagerapplet
networkmanager
iperf3
# networkmanager
dnsutils
aria2
nmap
ipcalc
# nmap
# ipcalc
# iperf3
# networkmanagerapplet
# (octodns.withProviders (ps: [
# octodns-providers.gandi

36
moduler/programs.nix
View file

@ -18,7 +18,41 @@
via
];
};
home-manager.users.fw = {
xdg.mimeApps = {
enable = true;
defaultApplications = {
"text/html" = "librewolf.desktop";
"x-scheme-handler/http" = "librewolf.desktop";
"x-scheme-handler/https" = "librewolf.desktop";
"x-scheme-handler/about" = "librewolf.desktop";
"x-scheme-handler/unknown" = "librewolf.desktop";
"text/plain" = "nvim.desktop";
"text/markdown" = "nvim.desktop";
"text/x-markdown" = "nvim.desktop";
"application/json" = "nvim.desktop";
"application/x-ndjson" = "nvim.desktop";
"application/x-yaml" = "nvim.desktop";
"text/yaml" = "nvim.desktop";
"text/x-shellscript" = "nvim.desktop";
"text/x-python" = "nvim.desktop";
"text/x-csrc" = "nvim.desktop";
"text/x-c++src" = "nvim.desktop";
"application/x-sql" = "nvim.desktop";
"text/xml" = "nvim.desktop";
"application/xml" = "nvim.desktop";
"application/pdf" = "org.gnome.Evince.desktop";
"image/jpeg" = "feh.desktop";
"image/png" = "feh.desktop";
"image/gif" = "feh.desktop";
"image/webp" = "feh.desktop";
"image/tiff" = "feh.desktop";
"image/bmp" = "feh.desktop";
"image/svg+xml" = "feh.desktop";
};
};
};
environment.sessionVariables.DEFAULT_BROWSER = "${pkgs.librewolf}/bin/librewolf";
environment.systemPackages = with pkgs; [
# GUI

22
moduler/programs/waybar/waybar-latte.css
View file

@ -60,14 +60,14 @@ button {
/* hover */
button:hover {
background: rgba(255,255,255,0.08);
box-shadow: inset 0 -3px @green;
box-shadow: inset 0 -3px @peach;
}
/* active (no CSS transform in GTK; simulate press with padding + shadow) */
button:active {
padding-top: 1px; /* nudge down visually */
padding-bottom: 1px; /* keep height stable */
box-shadow: inset 0 -2px @green;
box-shadow: inset 0 -2px @peach;
color: @base;
}
@ -88,9 +88,9 @@ button:active {
}
#workspaces button.active, #workspaces button.focused {
background: @green;
background: @peach;
color: @base;
box-shadow: inset 0 -3px @green;
box-shadow: inset 0 -3px @peach;
}
#workspaces button.urgent {
@ -101,7 +101,7 @@ button:active {
/* -------- Clock -------- */
#clock {
background: @green;
background: @peach;
color: @base;
font-weight: 600;
letter-spacing: 0.2px;
@ -109,7 +109,7 @@ button:active {
/* -------- Mpris -------- */
#mpris {
background: @green;
background: @peach;
color: @base;
font-weight: 600;
letter-spacing: 0.2px;
@ -117,7 +117,7 @@ button:active {
/* -------- Pavu -------- */
#pulseaudio {
background: @green;
background: @peach;
color: @base;
font-weight: 600;
letter-spacing: 0.2px;
@ -125,7 +125,7 @@ button:active {
/* -------- Bluetooth -------- */
#bluetooth {
background: @green;
background: @peach;
color: @base;
font-weight: 600;
letter-spacing: 0.2px;
@ -133,7 +133,7 @@ button:active {
/* -------- Upower -------- */
#upower {
background: @green;
background: @peach;
color: @base;
font-weight: 600;
letter-spacing: 0.2px;
@ -141,7 +141,7 @@ button:active {
/* -------- Network -------- */
#network {
background: @green;
background: @peach;
color: @base;
font-weight: 600;
letter-spacing: 0.2px;
@ -149,5 +149,5 @@ button:active {
/* -------- Helpers -------- */
@keyframes blink {
to { background-color: @green; color: @base; }
to { background-color: @peach; color: @base; }
}

22
moduler/programs/waybar/waybar-mocha.css
View file

@ -60,14 +60,14 @@ button {
/* hover */
button:hover {
background: rgba(255,255,255,0.08);
box-shadow: inset 0 -3px @green;
box-shadow: inset 0 -3px @peach;
}
/* active (no CSS transform in GTK; simulate press with padding + shadow) */
button:active {
padding-top: 1px; /* nudge down visually */
padding-bottom: 1px; /* keep height stable */
box-shadow: inset 0 -2px @green;
box-shadow: inset 0 -2px @peach;
color: @base;
}
@ -88,9 +88,9 @@ button:active {
}
#workspaces button.active, #workspaces button.focused {
background: @green;
background: @peach;
color: @base;
box-shadow: inset 0 -3px @green;
box-shadow: inset 0 -3px @peach;
}
#workspaces button.urgent {
@ -101,7 +101,7 @@ button:active {
/* -------- Clock -------- */
#clock {
background: @green;
background: @peach;
color: @base;
font-weight: 600;
letter-spacing: 0.2px;
@ -109,7 +109,7 @@ button:active {
/* -------- Mpris -------- */
#mpris {
background: @green;
background: @peach;
color: @base;
font-weight: 600;
letter-spacing: 0.2px;
@ -117,7 +117,7 @@ button:active {
/* -------- Pavu -------- */
#pulseaudio {
background: @green;
background: @peach;
color: @base;
font-weight: 600;
letter-spacing: 0.2px;
@ -125,7 +125,7 @@ button:active {
/* -------- Bluetooth -------- */
#bluetooth {
background: @green;
background: @peach;
color: @base;
font-weight: 600;
letter-spacing: 0.2px;
@ -133,7 +133,7 @@ button:active {
/* -------- Upower -------- */
#upower {
background: @green;
background: @peach;
color: @base;
font-weight: 600;
letter-spacing: 0.2px;
@ -141,7 +141,7 @@ button:active {
/* -------- Network -------- */
#network {
background: @green;
background: @peach;
color: @base;
font-weight: 600;
letter-spacing: 0.2px;
@ -149,5 +149,5 @@ button:active {
/* -------- Helpers -------- */
@keyframes blink {
to { background-color: @green; color: @base; }
to { background-color: @peach; color: @base; }
}

102
moduler/services/nextcloud/default.nix Normal file
View file

@ -0,0 +1,102 @@
{
lib,
pkgs,
config,
myhost,
...
}:
let
cfg = config.services.nextcloud;
srv = cfg.settings.server;
in
with lib;
{
options = {
nextcloud = {
enable = mkEnableOption "enables nextcloud";
port = lib.mkOption {
type = lib.types.int;
default = 8003;
description = "The port that Nextcloud is served on.";
};
domain = lib.mkOption {
type = lib.types.str;
default = "files.wastring.com";
description = "The hostname that Nextcloud is served on.";
};
};
};
config = mkMerge [
(mkIf config.nextloud.enable {
services.nginx = {
virtualHosts.${config.nextcloud.domain} = {
forceSSL = true;
enableACME = true;
};
};
sops.secrets.nextcloud-admin-password = { };
sops.secrets.nextcloud-fw-password = { };
sops.secrets.nextcloud-disa-password = { };
services.nextcloud = {
enable = true;
package = pkgs.nextcloud31;
hostName = config.nextcloud.domain;
https = true;
configureRedis = true;
config.adminpassFile = config.sops.secrets.nextcloud-admin-password.path;
config.dbtype = "sqlite";
ensureUsers = {
fw = {
email = "fredrik@wastring.com";
passwordFile = config.sops.secrets.nextcloud-fw-password.path;
};
disa = {
email = "disahorner@hotmail.com";
passwordFile = config.sops.secrets.nextcloud-disa-password.path;
};
};
extraApps = {
inherit (config.services.nextcloud.package.packages.apps)
contacts
calendar
onlyoffice
;
};
extraAppsEnable = true;
settings.enabledPreviewProviders = [
"OC\\Preview\\BMP"
"OC\\Preview\\GIF"
"OC\\Preview\\JPEG"
"OC\\Preview\\Krita"
"OC\\Preview\\MarkDown"
"OC\\Preview\\MP3"
"OC\\Preview\\OpenDocument"
"OC\\Preview\\PNG"
"OC\\Preview\\TXT"
"OC\\Preview\\XBitmap"
"OC\\Preview\\HEIC"
];
};
services.fail2ban = {
enable = true;
jails = {
nextcloud.settings = {
backend = "systemd";
journalmatch = "SYSLOG_IDENTIFIER=Nextcloud";
enabled = true;
port = 443;
protocol = "tcp";
filter = "nextcloud";
maxretry = 3;
bantime = 86400;
findtime = 43200;
};
};
};
})
];
}

73
moduler/system.nix
View file

@ -21,9 +21,6 @@
poppler-utils
imagemagick
pandoc
alsa-utils
sops
@ -33,19 +30,16 @@
wget
htop
procps
btop
procs
dysk
grc
vim
fastfetch
bc
sysstat
lm_sensors
ethtool
pciutils
usbutils
# sysstat
# lm_sensors
# ethtool
# pciutils
# usbutils
fzf
eza
@ -57,40 +51,37 @@
fortune
cowsay
openssl
lazygit
hyprpicker
typst
typstyle
tinymist
(
let
base = pkgs.appimageTools.defaultFhsEnvArgs;
in
pkgs.buildFHSEnv (
base
// {
name = "fhs";
targetPkgs =
pkgs:
# pkgs.buildFHSUserEnv provides only a minimal FHS environment,
# lacking many basic packages needed by most software.
# Therefore, we need to add them manually.
#
# pkgs.appimageTools provides basic packages required by most software.
(base.targetPkgs pkgs)
++ (with pkgs; [
pkg-config
ncurses
# Feel free to add more packages here if needed.
]);
profile = "export FHS=1";
runScript = "bash";
extraOutputsToInstall = [ "dev" ];
}
)
)
# (
# let
# base = pkgs.appimageTools.defaultFhsEnvArgs;
# in
# pkgs.buildFHSEnv (
# base
# // {
# name = "fhs";
# targetPkgs =
# pkgs:
# # pkgs.buildFHSUserEnv provides only a minimal FHS environment,
# # lacking many basic packages needed by most software.
# # Therefore, we need to add them manually.
# #
# # pkgs.appimageTools provides basic packages required by most software.
# (base.targetPkgs pkgs)
# ++ (with pkgs; [
# pkg-config
# ncurses
# # Feel free to add more packages here if needed.
# ]);
# profile = "export FHS=1";
# runScript = "bash";
# extraOutputsToInstall = [ "dev" ];
# }
# )
# )
];
}

6
moduler/users.nix
View file

@ -4,13 +4,13 @@
...
}:
{
sops.secrets.user-password = { };
# sops.secrets.user-password = { };
users = {
defaultUserShell = pkgs.bash;
mutableUsers = false;
users = {
fw = {
hashedPasswordFile = config.sops.secrets.user-password.path;
# hashedPasswordFile = config.sops.secrets.user-password.path;
initialPassword = "password";
isNormalUser = true;
description = "Fredrik Wastring";
extraGroups = [