koi.rip / dotfiles
my nixos dotfiles :3 (git.koi.rip mirror) git.koi.rip/koi/dotfiles
linux dotfiles neovim nixos catppuccin
fork atom

refact: reorganize wow; seber: init

squashed:
commit 23ead49604a32286ad0d07d861e5586e2e53c770
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
commit b54ed2c3b8f06d18f4892e03b9d5b7980cad06b6
aaaaaaaaaa
commit 6165885276948206018724fdc782dc3cb27ae1dc
aaa
commit 167491f8826445819222242b2674464b48307071
refact: reorganize wow

koi.rip 29c0c341 2929b329

+445 -232
unified split
-2
.github/workflows/checks.yml
··· 30 30 steps: 31 31 - name: commit message 32 32 uses: adamperkowski/commits@main 33 - with: 34 - scopes: base,home,external,zsh,systems,docs,ci,flake
+20 -20
flake.lock
··· 34 34 ] 35 35 }, 36 36 "locked": { 37 - "lastModified": 1764205579, 38 - "narHash": "sha256-too5qF43XgQgz4CA94Fnl1OVQnZQV4oV1UMiPgDbSn8=", 37 + "lastModified": 1764513266, 38 + "narHash": "sha256-Ry3v336Fzvmkh+WRb16+nJ1iaImT2N9Z3oJTus4vFjQ=", 39 39 "owner": "adamperkowski", 40 40 "repo": "anvim", 41 - "rev": "65ec22ac654c1fbf03c770688ae6091bbc1125ad", 41 + "rev": "4fe81e137bb94be36708c841d2e764431dd990e5", 42 42 "type": "github" 43 43 }, 44 44 "original": { ··· 94 94 ] 95 95 }, 96 96 "locked": { 97 - "lastModified": 1764398914, 98 - "narHash": "sha256-YPrpwlVQidzQlMh0OnquaJR+58rKe9YNnuRis293Ilo=", 97 + "lastModified": 1764536451, 98 + "narHash": "sha256-BgtcUkBfItu9/yU14IgUaj4rYOanTOUZjUfBP20/ZB4=", 99 99 "owner": "nix-community", 100 100 "repo": "home-manager", 101 - "rev": "d0c5fdc48db6f19471b8adc954eca09194e68036", 101 + "rev": "3fdd076e08049a9c7a83149b270440d9787d2df5", 102 102 "type": "github" 103 103 }, 104 104 "original": { ··· 145 145 "xwayland-satellite-unstable": "xwayland-satellite-unstable" 146 146 }, 147 147 "locked": { 148 - "lastModified": 1764405884, 149 - "narHash": "sha256-TnvBRPmcpcyinvLgsitHS7w5soSa6yNBfRYEI2TK1Ts=", 148 + "lastModified": 1764488513, 149 + "narHash": "sha256-xBUnv+ndZxRbY9mYSPEP0afaZRUVXDFcJx0WMD4ypfs=", 150 150 "owner": "sodiboo", 151 151 "repo": "niri-flake", 152 - "rev": "10aae4855ee275f7d80d85f4328c24265fb20f1f", 152 + "rev": "9e3bbd170669d10846bae68d23dabef11832f8f2", 153 153 "type": "github" 154 154 }, 155 155 "original": { ··· 178 178 "niri-unstable": { 179 179 "flake": false, 180 180 "locked": { 181 - "lastModified": 1764399944, 182 - "narHash": "sha256-FC9eYtSmplgxllCX4/3hJq5J3sXWKLSc7at8ZUxycVw=", 181 + "lastModified": 1764485473, 182 + "narHash": "sha256-RlGEcuZFB/IdvYLrYsf0RpgvNtCMyIuBLt3lS+GZvP8=", 183 183 "owner": "YaLTeR", 184 184 "repo": "niri", 185 - "rev": "b35bcae35b3f9665043c335e55ed5828af77db85", 185 + "rev": "311ca6b5da19f5acd7d3e481620de57240ce8f7c", 186 186 "type": "github" 187 187 }, 188 188 "original": { ··· 209 209 }, 210 210 "nixpkgs-unstable": { 211 211 "locked": { 212 - "lastModified": 1764384123, 213 - "narHash": "sha256-wD3gmlbWMd9cnltCTnT0Ry4pl65xISPVfdz5HlrKHiw=", 214 - "rev": "59b6c96beacc898566c9be1052ae806f3835f87d", 212 + "lastModified": 1764527385, 213 + "narHash": "sha256-gpwyCnyi2or0InBXe+4I9YeED3Uly3EGH58qvVnchBY=", 214 + "rev": "23258e03aaa49b3a68597e3e50eb0cbce7e42e9d", 215 215 "type": "tarball", 216 - "url": "https://releases.nixos.org/nixpkgs/nixpkgs-26.05pre903996.59b6c96beacc/nixexprs.tar.xz" 216 + "url": "https://releases.nixos.org/nixpkgs/nixpkgs-26.05pre904683.23258e03aaa4/nixexprs.tar.xz?lastModified=1764527385&rev=23258e03aaa49b3a68597e3e50eb0cbce7e42e9d" 217 217 }, 218 218 "original": { 219 219 "type": "tarball", ··· 222 222 }, 223 223 "nixpkgs_2": { 224 224 "locked": { 225 - "lastModified": 1764406085, 226 - "narHash": "sha256-QXqXGjX4TxC72d8uF1IhW4lymO9gIxpGJRaOO5Gd1XI=", 227 - "rev": "9561691c9f450fad7c3526916e1c4f44be0d1192", 225 + "lastModified": 1764494334, 226 + "narHash": "sha256-MtiuWNmHyb23Fuv2ggpZpp+48/pr2C4lEhLejAeO9rE=", 227 + "rev": "d542db745310b6929708d9abea513f3ff19b1341", 228 228 "type": "tarball", 229 - "url": "https://releases.nixos.org/nixos/25.11/nixos-25.11.461.9561691c9f45/nixexprs.tar.xz" 229 + "url": "https://releases.nixos.org/nixos/25.11/nixos-25.11.612.d542db745310/nixexprs.tar.xz?lastModified=1764494334&rev=d542db745310b6929708d9abea513f3ff19b1341" 230 230 }, 231 231 "original": { 232 232 "type": "tarball",
+11 -16
flake.nix
··· 42 42 }; 43 43 44 44 outputs = 45 - { 46 - self, 47 - nixpkgs, 48 - home-manager, 49 - niri, 50 - ... 51 - }@inputs: 45 + { self, nixpkgs, ... }@inputs: 52 46 let 53 47 inherit (nixpkgs) lib; 54 48 system = "x86_64-linux"; 55 49 56 50 mkHost = 57 - name: 51 + name: extraModules: 58 52 lib.nixosSystem { 59 53 specialArgs = { inherit inputs; }; 60 - 61 54 modules = [ 62 - ./modules/base.nix 55 + ./modules/base 63 56 ./systems/${name} 64 - home-manager.nixosModules.home-manager 65 - niri.nixosModules.niri 66 - ./modules/home.nix 67 - ]; 57 + ] 58 + ++ extraModules; 68 59 }; 60 + 61 + mkDesktopHost = name: mkHost name [ ./modules/desktop ]; 62 + mkServerHost = name: mkHost name; 69 63 in 70 64 { 71 65 nixosConfigurations = { 72 - desktop = mkHost "desktop"; 73 - laptop = mkHost "laptop"; 66 + miku = mkDesktopHost "miku"; 67 + hatsune = mkDesktopHost "hatsune"; 68 + seber = mkHost "seber" [ ]; 74 69 }; 75 70 76 71 formatter.${system} = nixpkgs.legacyPackages.${system}.callPackage ./formatter.nix { };
+1
home/modules/packages.nix
··· 9 9 playerctl 10 10 lsd 11 11 jq 12 + gh 12 13 13 14 signal-desktop 14 15
-1
home/modules/programs/niri.nix
··· 25 25 26 26 input = { 27 27 keyboard = { 28 - # xkb.layout = "pl"; 29 28 repeat-delay = 180; 30 29 repeat-rate = 60; 31 30 numlock = true;
+1 -1
home/modules/programs/zsh.nix
··· 31 31 mkdirenv = "echo -e 'if has nix; then\\n use flake\\nfi' >> .envrc && direnv allow"; 32 32 33 33 nixb = "nom build"; 34 - nixs = "nom shell -c $SHELL"; 34 + nixs = "nom shell"; 35 35 nixdev = "nom develop -c $SHELL"; 36 36 37 37 diff = "diff --color=auto";
-182
modules/base.nix
··· 1 - { pkgs, inputs, ... }: 2 - 3 - { 4 - boot = { 5 - loader = { 6 - systemd-boot.enable = true; 7 - efi.canTouchEfiVariables = true; 8 - }; 9 - kernelParams = [ 10 - "vt.default_red=30,243,166,249,137,245,148,186,88,243,166,249,137,245,148,166" 11 - "vt.default_grn=30,139,227,226,180,194,226,194,91,139,227,226,180,194,226,173" 12 - "vt.default_blu=46,168,161,175,250,231,213,222,112,168,161,175,250,231,213,200" 13 - ]; 14 - }; 15 - 16 - networking = { 17 - networkmanager.enable = true; 18 - firewall.enable = true; 19 - }; 20 - 21 - console = { 22 - font = "Lat2-Terminus16"; 23 - useXkbConfig = true; 24 - }; 25 - 26 - security.sudo-rs = { 27 - enable = true; 28 - execWheelOnly = true; 29 - extraRules = [ 30 - { 31 - groups = [ "wheel" ]; 32 - commands = [ 33 - { 34 - command = "/run/current-system/sw/bin/nixos-rebuild"; 35 - options = [ "NOPASSWD" ]; 36 - } 37 - ]; 38 - } 39 - ]; 40 - }; 41 - 42 - users.users.adam = { 43 - isNormalUser = true; 44 - shell = pkgs.zsh; 45 - ignoreShellProgramCheck = true; 46 - extraGroups = [ 47 - "wheel" 48 - "jellyfin" 49 - ]; 50 - packages = with pkgs; [ 51 - pavucontrol 52 - gh 53 - ]; 54 - }; 55 - 56 - nixpkgs = { 57 - config.allowUnfree = true; 58 - overlays = [ 59 - (_: prev: { 60 - unstable = import inputs.nixpkgs-unstable { 61 - system = prev.stdenv.hostPlatform.system; 62 - config = prev.config; 63 - }; 64 - }) 65 - inputs.niri.overlays.niri 66 - ]; 67 - }; 68 - 69 - environment = { 70 - localBinInPath = true; 71 - systemPackages = with pkgs; [ 72 - xwayland-satellite 73 - htop 74 - ]; 75 - }; 76 - 77 - programs.niri = { 78 - enable = true; 79 - package = pkgs.niri-stable; 80 - }; 81 - 82 - programs.hyprland = { 83 - enable = true; 84 - xwayland.enable = true; 85 - }; 86 - 87 - programs.nano.enable = false; 88 - programs.nix-ld.enable = true; 89 - 90 - programs.gnupg.agent = { 91 - enable = true; 92 - enableSSHSupport = true; 93 - pinentryPackage = pkgs.pinentry-curses; 94 - }; 95 - 96 - services.pipewire = { 97 - enable = true; 98 - pulse.enable = true; 99 - }; 100 - 101 - services.openssh = { 102 - enable = true; 103 - openFirewall = true; 104 - hostKeys = [ 105 - { 106 - path = "/home/adam/.ssh/id_ed25519"; 107 - type = "ed25519"; 108 - } 109 - ]; 110 - settings = { 111 - PasswordAuthentication = false; 112 - PermitRootLogin = "no"; 113 - PubkeyAuthentication = true; 114 - }; 115 - }; 116 - 117 - nix = { 118 - package = pkgs.lixPackageSets.stable.lix; 119 - 120 - settings = { 121 - experimental-features = [ 122 - "nix-command" 123 - "flakes" 124 - ]; 125 - trusted-users = [ 126 - "root" 127 - "adam" 128 - ]; 129 - }; 130 - }; 131 - 132 - system = { 133 - replaceDependencies.replacements = with pkgs; [ 134 - { 135 - oldDependency = coreutils-full; 136 - newDependency = symlinkJoin { 137 - name = 138 - "coreuutils-full" 139 - + builtins.concatStringsSep "" ( 140 - builtins.genList (_: "_") (builtins.stringLength coreutils-full.version) 141 - ); 142 - paths = [ uutils-coreutils-noprefix ]; 143 - }; 144 - } 145 - { 146 - oldDependency = coreutils; 147 - newDependency = symlinkJoin { 148 - name = 149 - "coreuutils" 150 - + builtins.concatStringsSep "" ( 151 - builtins.genList (_: "_") (builtins.stringLength coreutils.version) 152 - ); 153 - paths = [ uutils-coreutils-noprefix ]; 154 - }; 155 - } 156 - { 157 - oldDependency = findutils; 158 - newDependency = symlinkJoin { 159 - name = 160 - "finduutils" 161 - + builtins.concatStringsSep "" ( 162 - builtins.genList (_: "_") (builtins.stringLength findutils.version) 163 - ); 164 - paths = [ uutils-findutils ]; 165 - }; 166 - } 167 - { 168 - oldDependency = diffutils; 169 - newDependency = symlinkJoin { 170 - name = 171 - "diffuutils" 172 - + builtins.concatStringsSep "" ( 173 - builtins.genList (_: "_") (builtins.stringLength diffutils.version) 174 - ); 175 - paths = [ uutils-diffutils ]; 176 - }; 177 - } 178 - ]; 179 - 180 - stateVersion = "25.11"; 181 - }; 182 - }
+11
modules/base/boot.nix
··· 1 + { 2 + boot = { 3 + loader.efi.canTouchEfiVariables = true; 4 + 5 + kernelParams = [ 6 + "vt.default_red=30,243,166,249,137,245,148,186,88,243,166,249,137,245,148,166" 7 + "vt.default_grn=30,139,227,226,180,194,226,194,91,139,227,226,180,194,226,173" 8 + "vt.default_blu=46,168,161,175,250,231,213,222,112,168,161,175,250,231,213,200" 9 + ]; 10 + }; 11 + }
+3
modules/base/console.nix
··· 1 + { 2 + console.font = "Lat2-Terminus16"; 3 + }
+15
modules/base/default.nix
··· 1 + { 2 + imports = [ 3 + ./boot.nix 4 + ./console.nix 5 + ./security.nix 6 + ./networking.nix 7 + ./environment.nix 8 + ./nixpkgs.nix 9 + ./nix.nix 10 + ./system.nix 11 + ./users 12 + ./programs 13 + ./services 14 + ]; 15 + }
+3
modules/base/environment.nix
··· 1 + { 2 + environment.localBinInPath = true; 3 + }
+6
modules/base/networking.nix
··· 1 + { 2 + networking = { 3 + networkmanager.enable = true; 4 + firewall.enable = true; 5 + }; 6 + }
+18
modules/base/nix.nix
··· 1 + { pkgs, ... }: 2 + 3 + { 4 + nix = { 5 + package = pkgs.lixPackageSets.stable.lix; 6 + 7 + settings = { 8 + experimental-features = [ 9 + "flakes" 10 + "nix-command" 11 + ]; 12 + trusted-users = [ 13 + "root" 14 + "adam" 15 + ]; 16 + }; 17 + }; 18 + }
+15
modules/base/nixpkgs.nix
··· 1 + { inputs, ... }: 2 + 3 + { 4 + nixpkgs = { 5 + config.allowUnfree = true; 6 + overlays = [ 7 + (_: prev: { 8 + unstable = import inputs.nixpkgs-unstable { 9 + system = prev.stdenv.hostPlatform.system; 10 + config = prev.config; 11 + }; 12 + }) 13 + ]; 14 + }; 15 + }
+7
modules/base/programs/bash.nix
··· 1 + { 2 + programs.bash.shellInit = '' 3 + if [ -n "$SSH_TTY" ]; then 4 + export TERM='xterm-256color' 5 + fi 6 + ''; 7 + }
+6
modules/base/programs/default.nix
··· 1 + { 2 + imports = [ 3 + ./bash.nix 4 + ./nano.nix 5 + ]; 6 + }
+3
modules/base/programs/nano.nix
··· 1 + { 2 + programs.nano.enable = false; 3 + }
+17
modules/base/security.nix
··· 1 + { 2 + security.sudo-rs = { 3 + enable = true; 4 + execWheelOnly = true; 5 + extraRules = [ 6 + { 7 + groups = [ "wheel" ]; 8 + commands = [ 9 + { 10 + command = "/run/current-system/sw/bin/nixos-rebuild"; 11 + options = [ "NOPASSWD" ]; 12 + } 13 + ]; 14 + } 15 + ]; 16 + }; 17 + }
+3
modules/base/services/default.nix
··· 1 + { 2 + imports = [ ./openssh.nix ]; 3 + }
+11
modules/base/services/openssh.nix
··· 1 + { 2 + services.openssh = { 3 + enable = true; 4 + openFirewall = true; 5 + settings = { 6 + PasswordAuthentication = false; 7 + PermitRootLogin = "no"; 8 + PubkeyAuthentication = true; 9 + }; 10 + }; 11 + }
+54
modules/base/system.nix
··· 1 + { pkgs, ... }: 2 + 3 + { 4 + system = { 5 + replaceDependencies.replacements = with pkgs; [ 6 + { 7 + oldDependency = coreutils-full; 8 + newDependency = symlinkJoin { 9 + name = 10 + "coreuutils-full" 11 + + builtins.concatStringsSep "" ( 12 + builtins.genList (_: "_") (builtins.stringLength coreutils-full.version) 13 + ); 14 + paths = [ uutils-coreutils-noprefix ]; 15 + }; 16 + } 17 + { 18 + oldDependency = coreutils; 19 + newDependency = symlinkJoin { 20 + name = 21 + "coreuutils" 22 + + builtins.concatStringsSep "" ( 23 + builtins.genList (_: "_") (builtins.stringLength coreutils.version) 24 + ); 25 + paths = [ uutils-coreutils-noprefix ]; 26 + }; 27 + } 28 + { 29 + oldDependency = findutils; 30 + newDependency = symlinkJoin { 31 + name = 32 + "finduutils" 33 + + builtins.concatStringsSep "" ( 34 + builtins.genList (_: "_") (builtins.stringLength findutils.version) 35 + ); 36 + paths = [ uutils-findutils ]; 37 + }; 38 + } 39 + { 40 + oldDependency = diffutils; 41 + newDependency = symlinkJoin { 42 + name = 43 + "diffuutils" 44 + + builtins.concatStringsSep "" ( 45 + builtins.genList (_: "_") (builtins.stringLength diffutils.version) 46 + ); 47 + paths = [ uutils-diffutils ]; 48 + }; 49 + } 50 + ]; 51 + 52 + stateVersion = "25.11"; 53 + }; 54 + }
+14
modules/base/users/adam.nix
··· 1 + { 2 + users.users.adam = { 3 + isNormalUser = true; 4 + hashedPassword = "$y$j9T$kpXvXU/Ftx9qI9LKssnpY/$mGPO35iEUCb8/.bdYA/Zys3MuIaNSlrnUY2S6wCoFD8"; 5 + ignoreShellProgramCheck = true; 6 + extraGroups = [ 7 + "wheel" 8 + "jellyfin" 9 + ]; 10 + openssh.authorizedKeys.keys = [ 11 + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAID9feAlrIVPuVS28tz54/m7pZkjHHL5aVhV2qwBPPceT adam" 12 + ]; 13 + }; 14 + }
+8
modules/base/users/default.nix
··· 1 + { 2 + imports = [ 3 + ./adam.nix 4 + ./root.nix 5 + ]; 6 + 7 + config.users.mutableUsers = false; 8 + }
+5
modules/base/users/root.nix
··· 1 + { config, ... }: 2 + 3 + { 4 + users.users.root.hashedPassword = config.users.users.adam.hashedPassword; 5 + }
+3
modules/desktop/console.nix
··· 1 + { 2 + console.useXkbConfig = true; 3 + }
+17
modules/desktop/default.nix
··· 1 + { inputs, pkgs, ... }: 2 + 3 + { 4 + imports = [ 5 + inputs.home-manager.nixosModules.home-manager 6 + inputs.niri.nixosModules.niri 7 + ../home.nix 8 + 9 + ./console.nix 10 + ./nixpkgs.nix 11 + ./environment.nix 12 + ./programs 13 + ./services 14 + ]; 15 + 16 + users.users.adam.shell = pkgs.zsh; 17 + }
+8
modules/desktop/environment.nix
··· 1 + { pkgs, ... }: 2 + 3 + { 4 + environment.systemPackages = with pkgs; [ 5 + xwayland-satellite 6 + htop 7 + ]; 8 + }
+5
modules/desktop/nixpkgs.nix
··· 1 + { inputs, ... }: 2 + 3 + { 4 + nixpkgs.overlays = [ inputs.niri.overlays.niri ]; 5 + }
+7
modules/desktop/programs/default.nix
··· 1 + { 2 + imports = [ 3 + ./gnupg.nix 4 + ./nix-ld.nix 5 + ./niri.nix 6 + ]; 7 + }
+9
modules/desktop/programs/gnupg.nix
··· 1 + { pkgs, ... }: 2 + 3 + { 4 + programs.gnupg.agent = { 5 + enable = true; 6 + enableSSHSupport = true; 7 + pinentryPackage = pkgs.pinentry-curses; 8 + }; 9 + }
+6
modules/desktop/programs/hyprland.nix
··· 1 + { 2 + programs.hyprland = { 3 + enable = true; 4 + xwayland.enable = true; 5 + }; 6 + }
+8
modules/desktop/programs/niri.nix
··· 1 + { pkgs, ... }: 2 + 3 + { 4 + programs.niri = { 5 + enable = true; 6 + package = pkgs.niri-stable; 7 + }; 8 + }
+3
modules/desktop/programs/nix-ld.nix
··· 1 + { 2 + programs.nix-ld.enable = true; 3 + }
+3
modules/desktop/services/default.nix
··· 1 + { 2 + imports = [ ./pipewire.nix ]; 3 + }
+6
modules/desktop/services/pipewire.nix
··· 1 + { 2 + services.pipewire = { 3 + enable = true; 4 + pulse.enable = true; 5 + }; 6 + }
secrets/cloudflare.pem.age secrets/cloudflared.pem.age
+5 -1
secrets/secrets.nix
··· 1 1 let 2 2 adam = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAID9feAlrIVPuVS28tz54/m7pZkjHHL5aVhV2qwBPPceT"; 3 + seber = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIXT/a7M/lYUEkWmRz+aTko8GPi0SVvabNx2NxflVpi3"; 3 4 in 4 5 { 5 6 "chromium.sh.age".publicKeys = [ adam ]; 6 - "cloudflare.pem.age".publicKeys = [ adam ]; 7 + "cloudflared.pem.age".publicKeys = [ adam ]; 7 8 "jellyfin-rpc.json.age".publicKeys = [ adam ]; 8 9 "wakatime.cfg.age".publicKeys = [ adam ]; 10 + 11 + "ssl-adamperkowski.cert.pem.age".publicKeys = [ seber ]; 12 + "ssl-adamperkowski.key.pem.age".publicKeys = [ seber ]; 9 13 }
secrets/ssl-adamperkowski.cert.pem.age

This is a binary file and will not be displayed.

secrets/ssl-adamperkowski.key.pem.age

This is a binary file and will not be displayed.

+8 -5
systems/desktop/default.nix systems/miku/default.nix
··· 2 2 3 3 { 4 4 imports = [ 5 - ./hardware-configuration.nix 5 + ./hardware.nix 6 6 inputs.agenix.nixosModules.default 7 7 ]; 8 8 9 - networking.hostName = "desktop"; 9 + boot.loader.systemd-boot.enable = true; 10 + 11 + networking.hostName = "miku"; 10 12 11 13 time.timeZone = "Europe/Warsaw"; 12 14 i18n.defaultLocale = "en_US.UTF-8"; ··· 18 20 layout = "us"; 19 21 variant = "colemak"; 20 22 }; 23 + 21 24 videoDrivers = [ "nvidia" ]; 22 25 }; 23 26 ··· 44 47 45 48 environment.systemPackages = with pkgs; [ cloudflared ]; 46 49 47 - age.secrets.cloudflare = { 48 - file = ../../secrets/cloudflare.pem.age; 50 + age.secrets.cloudflared = { 51 + file = ../../secrets/cloudflared.pem.age; 49 52 mode = "0400"; 50 53 }; 51 54 ··· 54 57 after = [ "jellyfin.service" ]; 55 58 56 59 script = '' 57 - export TUNNEL_ORIGIN_CERT=/run/agenix/cloudflare 60 + export TUNNEL_ORIGIN_CERT=/run/agenix/cloudflared 58 61 59 62 cloudflared=${pkgs.cloudflared}/bin/cloudflared 60 63 token=$($cloudflared tunnel token jelly)
systems/desktop/hardware-configuration.nix systems/miku/hardware.nix
+4 -4
systems/laptop/default.nix systems/hatsune/default.nix
··· 1 1 { pkgs, ... }: 2 2 3 3 { 4 - imports = [ 5 - ./hardware-configuration.nix 6 - ]; 4 + imports = [ ./hardware.nix ]; 7 5 8 - networking.hostName = "laptop"; 6 + boot.loader.systemd-boot.enable = true; 7 + 8 + networking.hostName = "hatsune"; 9 9 10 10 time.timeZone = "Europe/Warsaw"; 11 11 i18n.defaultLocale = "en_US.UTF-8";
systems/laptop/hardware-configuration.nix systems/hatsune/hardware.nix
+6
systems/modules/systemd-boot.nix
··· 1 + { 2 + boot.loader = { 3 + systemd-boot.enable = true; 4 + efi.canTouchEfiVariables = true; 5 + }; 6 + }
+78
systems/seber/default.nix
··· 1 + { inputs, pkgs, ... }: 2 + 3 + { 4 + imports = [ 5 + ./hardware.nix 6 + inputs.agenix.nixosModules.default 7 + ]; 8 + 9 + boot.loader.grub = { 10 + enable = true; 11 + device = "/dev/vda"; 12 + }; 13 + 14 + networking.hostName = "seber"; 15 + 16 + time.timeZone = "UTC"; 17 + i18n.defaultLocale = "en_US.UTF-8"; 18 + 19 + environment.systemPackages = with pkgs; [ 20 + git 21 + vim 22 + htop 23 + ]; 24 + 25 + networking.firewall.allowedTCPPorts = [ 26 + 80 27 + 443 28 + ]; 29 + 30 + age = { 31 + identityPaths = [ "/home/adam/.ssh/id_ed25519" ]; 32 + secrets = { 33 + ssl-adamperkowski-cert = { 34 + file = ../../secrets/ssl-adamperkowski.cert.pem.age; 35 + mode = "0440"; 36 + group = "nginx"; 37 + }; 38 + ssl-adamperkowski-key = { 39 + file = ../../secrets/ssl-adamperkowski.key.pem.age; 40 + mode = "0440"; 41 + group = "nginx"; 42 + }; 43 + }; 44 + }; 45 + 46 + services.nginx = { 47 + enable = true; 48 + virtualHosts = { 49 + "adam.qpon" = { 50 + locations."/" = { 51 + proxyPass = "http://127.0.0.1:8000"; 52 + extraConfig = '' 53 + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; 54 + proxy_set_header X-Forwarded-Proto $scheme; 55 + proxy_set_header Host $host; 56 + ''; 57 + }; 58 + 59 + onlySSL = true; 60 + sslCertificate = "/run/agenix/ssl-adamperkowski-cert"; 61 + sslCertificateKey = "/run/agenix/ssl-adamperkowski-key"; 62 + }; 63 + }; 64 + }; 65 + 66 + systemd.services.website = { 67 + description = "my site :3"; 68 + after = [ "network.target" ]; 69 + wantedBy = [ "multi-user.target" ]; 70 + 71 + serviceConfig = { 72 + ExecStart = "/var/website/website/bin/website"; 73 + WorkingDirectory = "/var/website"; 74 + Restart = "on-failure"; 75 + RestartSec = 10; 76 + }; 77 + }; 78 + }
+37
systems/seber/hardware.nix
··· 1 + { 2 + config, 3 + lib, 4 + pkgs, 5 + modulesPath, 6 + ... 7 + }: 8 + 9 + { 10 + imports = [ 11 + (modulesPath + "/profiles/qemu-guest.nix") 12 + ]; 13 + 14 + boot.initrd.availableKernelModules = [ 15 + "ata_piix" 16 + "uhci_hcd" 17 + "virtio_pci" 18 + "sr_mod" 19 + "virtio_blk" 20 + ]; 21 + boot.initrd.kernelModules = [ ]; 22 + boot.kernelModules = [ ]; 23 + boot.extraModulePackages = [ ]; 24 + 25 + fileSystems."/" = { 26 + device = "/dev/disk/by-uuid/9bc4dce8-4cbe-49e2-bd9f-12542c3361fe"; 27 + fsType = "ext4"; 28 + }; 29 + 30 + swapDevices = [ 31 + { device = "/dev/disk/by-uuid/3a56df3a-5226-4016-8ba0-ddd979c60c8c"; } 32 + ]; 33 + 34 + networking.useDHCP = lib.mkDefault true; 35 + 36 + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; 37 + }