mirror of
https://github.com/nmasur/dotfiles
synced 2025-02-20 22:12:03 +00:00
more rearchitecting folders
This commit is contained in:
Noah Masur
parent
c7f20e958b
commit
798bac75e8
43
flake.nix
43
flake.nix
@ -260,7 +260,6 @@
|
||||
(import ./overlays/mpv-scripts.nix inputs)
|
||||
(import ./overlays/nextcloud-apps.nix inputs)
|
||||
(import ./overlays/betterlockscreen.nix)
|
||||
(import ./overlays/osc.nix inputs)
|
||||
];
|
||||
|
||||
# System types to support.
|
||||
@ -274,28 +273,40 @@
|
||||
# Helper function to generate an attrset '{ x86_64-linux = f "x86_64-linux"; ... }'.
|
||||
forAllSystems = nixpkgs.lib.genAttrs supportedSystems;
|
||||
|
||||
# { system -> pkgs }
|
||||
pkgsBySystem = forAllSystems (system: import nixpkgs { inherit system overlays; });
|
||||
|
||||
hosts = import ./hosts;
|
||||
|
||||
buildHome = { };
|
||||
buildHome =
|
||||
{ pkgs, modules }:
|
||||
inputs.home-manager.lib.homeManagerConfiguration {
|
||||
inherit pkgs;
|
||||
modules = modules ++ [
|
||||
./platforms/home-manager
|
||||
];
|
||||
};
|
||||
|
||||
buildNixos =
|
||||
pkgs: modules:
|
||||
{ pkgs, modules }:
|
||||
nixpkgs.lib.nixosSystem {
|
||||
inherit pkgs;
|
||||
modules = modules ++ [
|
||||
inputs.home-manager.nixosModules.home-manager
|
||||
inputs.disko.nixosModules.disko
|
||||
inputs.wsl.nixosModules.wsl
|
||||
./platforms/nixos
|
||||
];
|
||||
};
|
||||
|
||||
buildDarwin =
|
||||
pkgs: modules:
|
||||
{ pkgs, modules }:
|
||||
inputs.darwin.lib.darwinSystem {
|
||||
inherit pkgs;
|
||||
modules = modules ++ [
|
||||
inputs.home-manager.darwinModules.home-manager
|
||||
inputs.mac-app-util.darwinModules.default
|
||||
./platforms/nix-darwin
|
||||
];
|
||||
};
|
||||
|
||||
@ -304,15 +315,33 @@
|
||||
|
||||
# Contains my full system builds, including home-manager
|
||||
# nixos-rebuild switch --flake .#tempest
|
||||
nixosConfigurations = builtins.mapAttrs buildNixos (import ./hosts/nixos inputs);
|
||||
nixosConfigurations =
|
||||
builtins.mapAttrs buildNixos {
|
||||
pkgs = pkgsBySystem.x86_64-linux;
|
||||
modules = import ./hosts/x86_64-linux;
|
||||
}
|
||||
// builtins.mapAttrs buildNixos {
|
||||
pkgs = pkgsBySystem.aarch64-linux;
|
||||
modules = import ./hosts/aarch64-linux;
|
||||
};
|
||||
|
||||
# Contains my full Mac system builds, including home-manager
|
||||
# darwin-rebuild switch --flake .#lookingglass
|
||||
darwinConfigurations = builtins.mapAttrs buildDarwin (import ./hosts/darwin inputs);
|
||||
darwinConfigurations = builtins.mapAttrs buildDarwin {
|
||||
pkgs = pkgsBySystem.aarch64-darwin;
|
||||
modules = import ./hosts/darwin;
|
||||
};
|
||||
|
||||
# For quickly applying home-manager settings with:
|
||||
# home-manager switch --flake .#tempest
|
||||
homeConfigurations = {
|
||||
homeConfigurations = rec {
|
||||
default = personal;
|
||||
work = buildHome {
|
||||
pkgs = pkgsBySystem.aarch64-darwin;
|
||||
modules = { };
|
||||
};
|
||||
personal = buildHome {
|
||||
};
|
||||
tempest = nixosConfigurations.tempest.config.home-manager.users.${globals.user}.home;
|
||||
lookingglass = darwinConfigurations.lookingglass.config.home-manager.users."Noah.Masur".home;
|
||||
};
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
# Return a list of all hosts
|
||||
|
||||
{
|
||||
darwinConfigurations = import ./nix-darwin;
|
||||
nixosConfigurations = import ./nixos;
|
||||
darwin-hosts = import ./aarch64-darwin;
|
||||
linux-hosts = import ./x86_64-linux // import ./aarch64-linux;
|
||||
}
|
||||
|
||||
20
hosts/x86_64-linux/default.nix
Normal file
20
hosts/x86_64-linux/default.nix
Normal file
@ -0,0 +1,20 @@
|
||||
# Return a list of all NixOS hosts
|
||||
|
||||
{ nixpkgs, ... }:
|
||||
|
||||
let
|
||||
inherit (nixpkgs) lib;
|
||||
in
|
||||
|
||||
lib.pipe (lib.filesystem.listFilesRecursive ./.) [
|
||||
# Get only files ending in default.nix
|
||||
(builtins.filter (name: lib.hasSuffix "default.nix" name))
|
||||
# Import each host function
|
||||
map
|
||||
(file: {
|
||||
name = builtins.baseNameOf (builtins.dirOf file);
|
||||
value = import file;
|
||||
})
|
||||
# Convert to an attrset of hostname -> host function
|
||||
(builtins.listToAttrs)
|
||||
]
|
||||
@ -32,7 +32,7 @@ in
|
||||
programs.rofi.font = "Hack Nerd Font 14";
|
||||
programs.alacritty.settings.font.normal.family = "VictorMono";
|
||||
programs.kitty.font.name = "VictorMono Nerd Font Mono";
|
||||
config.nmasur.presets.programs.wezterm.font = "VictorMono Nerd Font Mono";
|
||||
nmasur.presets.programs.wezterm.font = "VictorMono Nerd Font Mono";
|
||||
services.dunst.settings.global.font = "Hack Nerd Font 14";
|
||||
};
|
||||
}
|
||||
|
||||
@ -36,7 +36,7 @@ in
|
||||
};
|
||||
};
|
||||
|
||||
config.nmasur.presets.programs.fish.fish_user_key_bindings = # fish
|
||||
nmasur.presets.programs.fish.fish_user_key_bindings = # fish
|
||||
''
|
||||
# Ctrl-h
|
||||
bind -M insert \ch '_atuin_search --filter-mode global'
|
||||
|
||||
@ -63,7 +63,7 @@ in
|
||||
};
|
||||
};
|
||||
|
||||
config.nmasur.presets.programs.fish.fish_user_key_bindings = # fish
|
||||
nmasur.presets.programs.fish.fish_user_key_bindings = # fish
|
||||
''
|
||||
# Ctrl-o
|
||||
bind -M insert \co edit
|
||||
|
||||
@ -167,7 +167,7 @@ in
|
||||
};
|
||||
};
|
||||
|
||||
config.nmasur.presets.programs.fish.fish_user_key_bindings = # fish
|
||||
nmasur.presets.programs.fish.fish_user_key_bindings = # fish
|
||||
''
|
||||
# Ctrl-g
|
||||
bind -M default \cg commandline-git-commits
|
||||
|
||||
@ -15,7 +15,7 @@ in
|
||||
config = lib.mkIf cfg.enable {
|
||||
|
||||
# Set the i3 terminal
|
||||
config.nmasur.presets.services.i3.terminal = pkgs.kitty;
|
||||
nmasur.presets.services.i3.terminal = pkgs.kitty;
|
||||
|
||||
# Set the Rofi terminal for running programs
|
||||
programs.rofi.terminal = lib.mkIf pkgs.stdenv.isLinux (lib.mkDefault "${pkgs.kitty}/bin/kitty");
|
||||
|
||||
@ -80,7 +80,7 @@ in
|
||||
};
|
||||
};
|
||||
|
||||
config.nmasur.presets.programs.fish.fish_user_key_bindings = # fish
|
||||
nmasur.presets.programs.fish.fish_user_key_bindings = # fish
|
||||
''
|
||||
# Ctrl-n
|
||||
bind -M insert \cn 'commandline -r "nix shell nixpkgs#"'
|
||||
|
||||
@ -21,7 +21,7 @@ in
|
||||
|
||||
config = lib.mkIf cfg.enable {
|
||||
# Set the i3 terminal
|
||||
config.nmasur.presets.services.i3.terminal = pkgs.wezterm;
|
||||
nmasur.presets.services.i3.terminal = pkgs.wezterm;
|
||||
|
||||
# Display images in the terminal
|
||||
programs.fish.shellAliases = {
|
||||
|
||||
@ -48,8 +48,10 @@ in
|
||||
bash = lib.mkDefault lib.getExe pkgs.bashInteractive;
|
||||
};
|
||||
|
||||
nmasur.presets = {
|
||||
nmasur.presets.programs = {
|
||||
atuin.enable = lib.mkDefault true;
|
||||
bat.enable = lib.mkDefault true;
|
||||
dotfiles.enable = lib.mkDefault true;
|
||||
fd.enable = lib.mkDefault true;
|
||||
ripgrep.enable = lib.mkDefault true;
|
||||
prettyping.enable = lib.mkDefault true;
|
||||
|
||||
@ -1,18 +0,0 @@
|
||||
{
|
||||
config,
|
||||
pkgs,
|
||||
lib,
|
||||
...
|
||||
}:
|
||||
|
||||
let
|
||||
cfg = config.nmasur.presets.programs.;
|
||||
in
|
||||
|
||||
{
|
||||
|
||||
options.nmasur.presets.programs..enable = lib.mkEnableOption "";
|
||||
|
||||
config = lib.mkIf cfg.enable {
|
||||
};
|
||||
}
|
||||
@ -35,7 +35,7 @@ in
|
||||
|
||||
# Normally I block all requests not coming from Cloudflare, so I have to also
|
||||
# allow my local network.
|
||||
config.nmasur.presets.services.caddy.cidrAllowlist = [ "192.168.0.0/16" ];
|
||||
nmasur.presets.services.caddy.cidrAllowlist = [ "192.168.0.0/16" ];
|
||||
|
||||
services.bind = {
|
||||
|
||||
|
||||
@ -63,7 +63,7 @@ in
|
||||
config = lib.mkIf cfg.enable {
|
||||
|
||||
# Forces Caddy to error if coming from a non-Cloudflare IP
|
||||
config.nmasur.presets.services.caddy.cidrAllowlist = cloudflareIpRanges;
|
||||
nmasur.presets.services.caddy.cidrAllowlist = cloudflareIpRanges;
|
||||
|
||||
# Tell Caddy to use Cloudflare DNS for ACME challenge validation
|
||||
services.caddy.package = pkgs.caddy.withPlugins {
|
||||
|
||||
@ -26,7 +26,7 @@ in
|
||||
maxUploadSize = "50G";
|
||||
config = {
|
||||
adminpassFile = config.secrets.nextcloud.dest;
|
||||
dbtype = "pgsql";
|
||||
dbtype = "pgsql"; # Enables postgresql
|
||||
};
|
||||
settings = {
|
||||
default_phone_region = "US";
|
||||
|
||||
@ -6,12 +6,12 @@
|
||||
}:
|
||||
|
||||
let
|
||||
cfg = config.nmasur.presets.services.zfs;
|
||||
cfg = config.nmasur.presets.zfs;
|
||||
in
|
||||
|
||||
{
|
||||
|
||||
options.nmasur.presets.services.zfs.enable = lib.mkEnableOption "ZFS file system";
|
||||
options.nmasur.presets.zfs.enable = lib.mkEnableOption "ZFS file system";
|
||||
|
||||
config = lib.mkIf cfg.enable {
|
||||
|
||||
@ -1,11 +1,11 @@
|
||||
{ config, ... }:
|
||||
{ config, lib, ... }:
|
||||
|
||||
let
|
||||
cfg = config.nmasur.profiles.aws;
|
||||
in
|
||||
{
|
||||
|
||||
options.nmasur.profiles.nmasur.aws.enable = lib.mkEnableOption "AWS EC2";
|
||||
options.nmasur.profiles.aws.enable = lib.mkEnableOption "AWS EC2";
|
||||
|
||||
config = lib.mkIf cfg.enable {
|
||||
|
||||
|
||||
43
platforms/nixos/modules/nmasur/profiles/communications.nix
Normal file
43
platforms/nixos/modules/nmasur/profiles/communications.nix
Normal file
@ -0,0 +1,43 @@
|
||||
{
|
||||
config,
|
||||
lib,
|
||||
...
|
||||
}:
|
||||
|
||||
let
|
||||
cfg = config.nmasur.profiles.communications;
|
||||
in
|
||||
|
||||
{
|
||||
|
||||
options.nmasur.profiles.communications.enable =
|
||||
lib.mkEnableOption "communications server configuration";
|
||||
|
||||
config = lib.mkIf cfg.enable {
|
||||
|
||||
nmasur.presets = {
|
||||
programs = {
|
||||
msmtp.enable = lib.mkDefault true;
|
||||
};
|
||||
services = {
|
||||
actualbudget.enable = lib.mkDefault true;
|
||||
caddy.enable = lib.mkDefault true;
|
||||
cloudflare.enable = lib.mkDefault true;
|
||||
cloudflared.enable = lib.mkDefault true;
|
||||
gitea.enable = lib.mkDefault true;
|
||||
grafana.enable = lib.mkDefault true;
|
||||
influxdb2.enable = lib.mkDefault true;
|
||||
minecraft-server.enable = lib.mkDefault true;
|
||||
n8n.enable = lib.mkDefault true;
|
||||
nix-autoupgrade.enable = lib.mkDefault true; # On by default for communications
|
||||
ntfy-sh.enable = lib.mkDefault true;
|
||||
postgresql.enable = lib.mkDefault true;
|
||||
thelounge.enable = lib.mkDefault true;
|
||||
uptime-kuma.enable = lib.mkDefault true;
|
||||
vaultwarden.enable = lib.mkDefault true;
|
||||
victoriametrics.enable = lib.mkDefault true;
|
||||
};
|
||||
};
|
||||
|
||||
};
|
||||
}
|
||||
@ -18,5 +18,7 @@ in
|
||||
# Use latest released Linux kernel by default
|
||||
boot.kernelPackages = lib.mkDefault pkgs.linuxPackages_latest;
|
||||
|
||||
nmasur.presets.services.nix-autoupgrade.enable = lib.mkDefault true;
|
||||
|
||||
};
|
||||
}
|
||||
|
||||
42
platforms/nixos/modules/nmasur/profiles/nas.nix
Normal file
42
platforms/nixos/modules/nmasur/profiles/nas.nix
Normal file
@ -0,0 +1,42 @@
|
||||
{
|
||||
config,
|
||||
lib,
|
||||
...
|
||||
}:
|
||||
|
||||
let
|
||||
cfg = config.nmasur.profiles.nas;
|
||||
in
|
||||
|
||||
{
|
||||
|
||||
options.nmasur.profiles.nas.enable = lib.mkEnableOption "NAS (storage device) configuration";
|
||||
|
||||
config = lib.mkIf cfg.enable {
|
||||
|
||||
nmasur.presets = {
|
||||
zfs.enable = lib.mkDefault true;
|
||||
programs = {
|
||||
msmtp.enable = lib.mkDefault true;
|
||||
};
|
||||
services = {
|
||||
arr.enable = lib.mkDefault true;
|
||||
audiobookshelf.enable = lib.mkDefault true;
|
||||
bind.enable = lib.mkDefault true;
|
||||
caddy.enable = lib.mkDefault true;
|
||||
calibre-web.enable = lib.mkDefault true;
|
||||
cloudflare.enable = lib.mkDefault true;
|
||||
cloudflared.enable = lib.mkDefault true;
|
||||
filebrowser.enable = lib.mkDefault true;
|
||||
immich.enable = lib.mkDefault true;
|
||||
jellyfin.enable = lib.mkDefault true;
|
||||
nextcloud.enable = lib.mkDefault true;
|
||||
nix-autoupgrade.enable = lib.mkDefault false; # Off by default for NAS
|
||||
paperless.enable = lib.mkDefault true;
|
||||
samba.enable = lib.mkDefault true;
|
||||
postgresql.enable = lib.mkDefault true;
|
||||
};
|
||||
};
|
||||
|
||||
};
|
||||
}
|
||||
@ -16,6 +16,8 @@ in
|
||||
|
||||
networking.firewall.allowPing = lib.mkDefault true;
|
||||
|
||||
nmasur.presets.services.openssh.enable = lib.mkDefault true;
|
||||
|
||||
# Implement a simple fail2ban service for sshd
|
||||
services.sshguard.enable = lib.mkDefault true;
|
||||
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user