noah/dotfiles
1
0
Fork 0
mirror of https://github.com/nmasur/dotfiles synced 2025-04-24 01:02:23 +00:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: noah:59a52dc0337f557009f5b3f83e71af402130dae3
Branches Tags
noah:master
noah:platform
noah:home-manager-fix
noah:immich-proxy
noah:microcode
noah:nixd
noah:eblume-mole
noah:language-checks
noah:keyd-2.4.3
noah:sway
noah:nixosmodules
noah:unfree-predicate-by-pkgs
noah:darwin-ssl
noah:pre-platform
noah:begin-nixos
noah:begin-nix
noah:neovim-lua
noah:pre-nix
noah:legacy
..
compare: noah:9c5de4c54ff60b32a2442caffeb37d9f7a7f9939
Branches Tags
noah:master
noah:platform
noah:home-manager-fix
noah:immich-proxy
noah:microcode
noah:nixd
noah:eblume-mole
noah:language-checks
noah:keyd-2.4.3
noah:sway
noah:nixosmodules
noah:unfree-predicate-by-pkgs
noah:darwin-ssl
noah:pre-platform
noah:begin-nixos
noah:begin-nix
noah:neovim-lua
noah:pre-nix
noah:legacy

No commits in common. "59a52dc0337f557009f5b3f83e71af402130dae3" and "9c5de4c54ff60b32a2442caffeb37d9f7a7f9939" have entirely different histories.
59a52dc033 ... 9c5de4c54f

50 changed files with 281 additions and 284 deletions
Show Stats Expand all files Collapse all files

114
flake.lock generated
View File

@ -138,6 +138,26 @@
"type": "github" "type": "github"
} }
}, },
"firefox-darwin": {
"inputs": {
"nixpkgs": [
"nixpkgs"
]
},
"locked": {
"lastModified": 1737161595,
"narHash": "sha256-Txp3uh0KdB3+Pe6xihU0JWWe0LK8iXTUnZ8bOcKu3w0=",
"owner": "bandithedoge",
"repo": "nixpkgs-firefox-darwin",
"rev": "3224752c71a5245e90cfae360e0dc5de98e2b53c",
"type": "github"
},
"original": {
"owner": "bandithedoge",
"repo": "nixpkgs-firefox-darwin",
"type": "github"
}
},
"flake-compat": { "flake-compat": {
"flake": false, "flake": false,
"locked": { "locked": {
@ -193,6 +213,24 @@
} }
}, },
"flake-utils": { "flake-utils": {
"inputs": {
"systems": "systems"
},
"locked": {
"lastModified": 1731533236,
"narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "11707dc2f618dd54ca8739b309ec4fc024de578b",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"flake-utils_2": {
"inputs": { "inputs": {
"systems": [ "systems": [
"mac-app-util", "mac-app-util",
@ -212,9 +250,9 @@
"type": "indirect" "type": "indirect"
} }
}, },
"flake-utils_2": { "flake-utils_3": {
"inputs": { "inputs": {
"systems": "systems_2" "systems": "systems_3"
}, },
"locked": { "locked": {
"lastModified": 1705309234, "lastModified": 1705309234,
@ -283,15 +321,37 @@
"type": "github" "type": "github"
} }
}, },
"mac-app-util": { "jujutsu": {
"inputs": { "inputs": {
"cl-nix-lite": "cl-nix-lite",
"flake-compat": "flake-compat",
"flake-utils": "flake-utils", "flake-utils": "flake-utils",
"nixpkgs": [ "nixpkgs": [
"nixpkgs" "nixpkgs"
], ],
"systems": "systems" "rust-overlay": "rust-overlay"
},
"locked": {
"lastModified": 1737163288,
"narHash": "sha256-PROBXqOUzgqIG66S74P1nyg7MbNoQ01k3oF0IM7qpHY=",
"owner": "martinvonz",
"repo": "jj",
"rev": "83d40d2c425fa2e050bdac8837b19e5beb3bef25",
"type": "github"
},
"original": {
"owner": "martinvonz",
"repo": "jj",
"type": "github"
}
},
"mac-app-util": {
"inputs": {
"cl-nix-lite": "cl-nix-lite",
"flake-compat": "flake-compat",
"flake-utils": "flake-utils_2",
"nixpkgs": [
"nixpkgs"
],
"systems": "systems_2"
}, },
"locked": { "locked": {
"lastModified": 1732920695, "lastModified": 1732920695,
@ -361,7 +421,7 @@
}, },
"nix2vim": { "nix2vim": {
"inputs": { "inputs": {
"flake-utils": "flake-utils_2", "flake-utils": "flake-utils_3",
"nixpkgs": [ "nixpkgs": [
"nixpkgs" "nixpkgs"
] ]
@ -594,9 +654,11 @@
"darwin": "darwin", "darwin": "darwin",
"disko": "disko", "disko": "disko",
"fidget-nvim-src": "fidget-nvim-src", "fidget-nvim-src": "fidget-nvim-src",
"firefox-darwin": "firefox-darwin",
"gh-collaborators": "gh-collaborators", "gh-collaborators": "gh-collaborators",
"hmts-nvim-src": "hmts-nvim-src", "hmts-nvim-src": "hmts-nvim-src",
"home-manager": "home-manager", "home-manager": "home-manager",
"jujutsu": "jujutsu",
"mac-app-util": "mac-app-util", "mac-app-util": "mac-app-util",
"nextcloud-cookbook": "nextcloud-cookbook", "nextcloud-cookbook": "nextcloud-cookbook",
"nextcloud-external": "nextcloud-external", "nextcloud-external": "nextcloud-external",
@ -631,6 +693,27 @@
"zenyd-mpv-scripts": "zenyd-mpv-scripts" "zenyd-mpv-scripts": "zenyd-mpv-scripts"
} }
}, },
"rust-overlay": {
"inputs": {
"nixpkgs": [
"jujutsu",
"nixpkgs"
]
},
"locked": {
"lastModified": 1735784864,
"narHash": "sha256-tIl5p3ueaPw7T5T1UXkLc8ISMk6Y8CI/D/rd0msf73I=",
"owner": "oxalica",
"repo": "rust-overlay",
"rev": "04d5f1836721461b256ec452883362c5edc5288e",
"type": "github"
},
"original": {
"owner": "oxalica",
"repo": "rust-overlay",
"type": "github"
}
},
"snipe-nvim-src": { "snipe-nvim-src": {
"flake": false, "flake": false,
"locked": { "locked": {
@ -648,6 +731,21 @@
} }
}, },
"systems": { "systems": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
},
"systems_2": {
"locked": { "locked": {
"lastModified": 1689347925, "lastModified": 1689347925,
"narHash": "sha256-ozenz5bFe1UUqOn7f60HRmgc01BgTGIKZ4Xl+HbocGQ=", "narHash": "sha256-ozenz5bFe1UUqOn7f60HRmgc01BgTGIKZ4Xl+HbocGQ=",
@ -662,7 +760,7 @@
"type": "github" "type": "github"
} }
}, },
"systems_2": { "systems_3": {
"locked": { "locked": {
"lastModified": 1681028828, "lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",

24
flake.nix
View File

@ -34,11 +34,11 @@
inputs.nixpkgs.follows = "nixpkgs"; inputs.nixpkgs.follows = "nixpkgs";
}; };
# # Use official Firefox binary for macOS # Use official Firefox binary for macOS
# firefox-darwin = { firefox-darwin = {
# url = "github:bandithedoge/nixpkgs-firefox-darwin"; url = "github:bandithedoge/nixpkgs-firefox-darwin";
# inputs.nixpkgs.follows = "nixpkgs"; inputs.nixpkgs.follows = "nixpkgs";
# }; };
# Better App install management in macOS # Better App install management in macOS
mac-app-util = { mac-app-util = {
@ -175,12 +175,12 @@
flake = false; flake = false;
}; };
# # Git alternative # Git alternative
# # Fixes: https://github.com/martinvonz/jj/issues/4784 # Fixes: https://github.com/martinvonz/jj/issues/4784
# jujutsu = { jujutsu = {
# url = "github:martinvonz/jj"; url = "github:martinvonz/jj";
# inputs.nixpkgs.follows = "nixpkgs"; inputs.nixpkgs.follows = "nixpkgs";
# }; };
# Ren and rep - CLI find and replace # Ren and rep - CLI find and replace
rep = { rep = {
@ -275,7 +275,7 @@
overlays = [ overlays = [
inputs.nur.overlays.default inputs.nur.overlays.default
inputs.nix2vim.overlay inputs.nix2vim.overlay
# inputs.jujutsu.overlays.default # Fix: https://github.com/martinvonz/jj/issues/4784 inputs.jujutsu.overlays.default # Fix: https://github.com/martinvonz/jj/issues/4784
(import ./overlays/neovim-plugins.nix inputs) (import ./overlays/neovim-plugins.nix inputs)
(import ./overlays/tree-sitter.nix inputs) (import ./overlays/tree-sitter.nix inputs)
(import ./overlays/mpv-scripts.nix inputs) (import ./overlays/mpv-scripts.nix inputs)

16
hosts/default.nix
View File

@ -1,16 +0,0 @@
# Return a list of all hosts
{ lib, ... }:
lib.pipe (lib.filesystem.listFilesRecursive ./.) [
# Get only files ending in default.nix
(builtins.filter (name: lib.hasSuffix "default.nix" name))
# Import each host function
map
(file: {
name = builtins.baseNameOf (builtins.dirOf file);
value = import file;
})
# Convert to an attrset of hostname -> host function
(builtins.listToAttrs)
]

42
modules/common/default.nix
View File

@ -16,27 +16,27 @@
]; ];
options = { options = {
# user = lib.mkOption { user = lib.mkOption {
# type = lib.types.str; type = lib.types.str;
# description = "Primary user of the system"; description = "Primary user of the system";
# }; };
# fullName = lib.mkOption { fullName = lib.mkOption {
# type = lib.types.str; type = lib.types.str;
# description = "Human readable name of the user"; description = "Human readable name of the user";
# }; };
# userDirs = { userDirs = {
# # Required to prevent infinite recursion when referenced by himalaya # Required to prevent infinite recursion when referenced by himalaya
# download = lib.mkOption { download = lib.mkOption {
# type = lib.types.str; type = lib.types.str;
# description = "XDG directory for downloads"; description = "XDG directory for downloads";
# default = if pkgs.stdenv.isDarwin then "$HOME/Downloads" else "$HOME/downloads"; default = if pkgs.stdenv.isDarwin then "$HOME/Downloads" else "$HOME/downloads";
# }; };
# }; };
# identityFile = lib.mkOption { identityFile = lib.mkOption {
# type = lib.types.str; type = lib.types.str;
# description = "Path to existing private key file."; description = "Path to existing private key file.";
# default = "/etc/ssh/ssh_host_ed25519_key"; default = "/etc/ssh/ssh_host_ed25519_key";
# }; };
# homePath = lib.mkOption { # homePath = lib.mkOption {
# type = lib.types.path; # type = lib.types.path;
# description = "Path of user's home directory."; # description = "Path of user's home directory.";

2
overlays/pkgs.nix
View File

@ -13,7 +13,7 @@ let
packagesDirectory = lib.filesystem.listFilesRecursive ../pkgs; packagesDirectory = lib.filesystem.listFilesRecursive ../pkgs;
packages = lib.pipe packagesDirectory [ packages = lib.pipe packagesDirectory [
# Get only files called package.nix # Get only files called package.nix
(builtins.filter (name: (name == "package.nix"))) (builtins.filter (name: (lib.hasSuffix "package.nix" name)))
# Apply callPackage to create a derivation # Apply callPackage to create a derivation
(builtins.map prev.callPackage) (builtins.map prev.callPackage)
# Convert the list to an attrset # Convert the list to an attrset

5
platforms/home-manager/default.nix
View File

@ -1,7 +1,4 @@
{ lib, ... }: { lib, ... }:
{ {
imports = lib.pipe (lib.filesystem.listFilesRecursive ./.) [ imports = lib.filesystem.listFilesRecursive ./.;
# Get only files ending in .nix
(builtins.filter (name: lib.hasSuffix ".nix" name))
];
} }

49
platforms/home-manager/modules/nmasur/presets/programs/calendar.nix
View File

@ -1,49 +0,0 @@
{
config,
pkgs,
lib,
...
}:
let
cfg = config.nmasur.presets.programs.calendar;
in
{
options.nmasur.presets.programs.calendar = {
enable = lib.mkEnableOption "Calendar application";
username = lib.mkOption {
type = lib.types.str;
description = "Username for the calendar service backend";
default = config.nmasur.settings.username;
};
hostname = lib.mkOption {
type = lib.types.str;
description = "Hostname for the calendar service backend";
};
url = lib.mkOption {
type = lib.types.str;
description = "Username for the calendar service backend";
default = "https://${cfg.hostname}/remote.php/dav/principals/users/${cfg.username}";
};
};
config = lib.mkIf cfg.enable {
accounts.calendar.accounts.default = {
basePath = "other/calendars"; # Where to save calendars in ~ directory
name = "personal";
local.type = "filesystem";
primary = true;
remote = {
passwordCommand = [ "" ];
type = "caldav";
url = cfg.url;
userName = cfg.username;
};
};
home.packages = [ pkgs.gnome-calendar ];
};
}

2
platforms/home-manager/modules/nmasur/presets/programs/himalaya.nix
View File

@ -20,7 +20,7 @@ in
accounts.email.accounts.home.himalaya = { accounts.email.accounts.home.himalaya = {
enable = true; enable = true;
settings = { settings = {
downloads-dir = config.xdg.userDirs.download; downloads-dir = config.userDirs.download;
smtp-insecure = true; smtp-insecure = true;
}; };
}; };

3
platforms/home-manager/modules/nmasur/profiles/experimental.nix
View File

@ -26,10 +26,9 @@ in
]; ];
programs.gh-dash.enable = lib.mkDefault true; programs.gh-dash.enable = true;
programs.helix.enable = lib.mkDefault true; programs.helix.enable = lib.mkDefault true;
programs.zed-editor.enable = lib.mkDefault true; programs.zed-editor.enable = lib.mkDefault true;
programs.himalaya.enable = lib.mkDefault true;
}; };

6
platforms/home-manager/modules/nmasur/profiles/linux-base.nix
View File

@ -16,14 +16,14 @@ in
config = lib.mkIf cfg.enable { config = lib.mkIf cfg.enable {
# Allow Nix to manage the default applications list # Allow Nix to manage the default applications list
xdg.mimeApps.enable = lib.mkDefault true; mimeApps.enable = lib.mkDefault true;
# Set directories for application defaults # Set directories for application defaults
xdg.userDirs = { userDirs = {
enable = lib.mkDefault true; enable = lib.mkDefault true;
createDirectories = lib.mkDefault true; createDirectories = lib.mkDefault true;
documents = lib.mkDefault "$HOME/documents"; documents = lib.mkDefault "$HOME/documents";
download = lib.mkDefault "$HOME/downloads"; download = lib.mkDefault config.userDirs.download;
music = lib.mkDefault "$HOME/media/music"; music = lib.mkDefault "$HOME/media/music";
pictures = lib.mkDefault "$HOME/media/images"; pictures = lib.mkDefault "$HOME/media/images";
videos = lib.mkDefault "$HOME/media/videos"; videos = lib.mkDefault "$HOME/media/videos";

5
platforms/nix-darwin/default.nix
View File

@ -1,7 +1,4 @@
{ lib, ... }: { lib, ... }:
{ {
imports = lib.pipe (lib.filesystem.listFilesRecursive ./.) [ imports = lib.filesystem.listFilesRecursive ./.;
# Get only files ending in .nix
(builtins.filter (name: lib.hasSuffix ".nix" name))
];
} }

3
platforms/nix-darwin/modules/nmasur/presets/programs/fish.nix
View File

@ -7,7 +7,6 @@
let let
cfg = config.nmasur.presets.programs.fish; cfg = config.nmasur.presets.programs.fish;
inherit (config.nmasur.settings) username;
in in
{ {
@ -19,7 +18,7 @@ in
environment.shells = [ pkgs.fish ]; environment.shells = [ pkgs.fish ];
users.users.${username}.shell = pkgs.fish; users.users.${config.user}.shell = pkgs.fish;
# Speeds up fish launch time on macOS # Speeds up fish launch time on macOS
programs.fish.useBabelfish = true; programs.fish.useBabelfish = true;

3
platforms/nix-darwin/modules/nmasur/presets/services/hammerspoon.nix
View File

@ -6,7 +6,6 @@
let let
cfg = config.nmasur.presets.services.hammerspoon; cfg = config.nmasur.presets.services.hammerspoon;
inherit (config.nmasur.settings) username;
in in
{ {
@ -20,7 +19,7 @@ in
system.activationScripts.postUserActivation.text = '' system.activationScripts.postUserActivation.text = ''
defaults write org.hammerspoon.Hammerspoon MJConfigFile "${ defaults write org.hammerspoon.Hammerspoon MJConfigFile "${
config.home-manager.users.${username}.xdg.configHome config.home-manager.users.${config.user}.xdg.configHome
}/hammerspoon/init.lua" }/hammerspoon/init.lua"
sudo killall Dock sudo killall Dock
''; '';

14
platforms/nix-darwin/modules/nmasur/settings.nix
View File

@ -1,14 +0,0 @@
{ lib, ... }:
{
options.nmasur.settings = {
username = lib.mkOption {
type = lib.types.str;
description = "Primary username for the system";
};
fullName = lib.mkOption {
type = lib.types.str;
description = "Human readable name of the user";
};
};
}

5
platforms/nixos/default.nix
View File

@ -1,7 +1,4 @@
{ lib, ... }: { lib, ... }:
{ {
imports = lib.pipe (lib.filesystem.listFilesRecursive ./.) [ imports = lib.filesystem.listFilesRecursive ./.;
# Get only files ending in .nix
(builtins.filter (name: lib.hasSuffix ".nix" name))
];
} }

8
platforms/nixos/modules/hostnames.nix Normal file
View File

@ -0,0 +1,8 @@
{ lib, ... }:
{
options.hostnames = lib.mkOption {
type = lib.types.attrsOf lib.types.str;
};
}

33
platforms/nixos/modules/nmasur/presets/programs/calendar.nix Normal file
View File

@ -0,0 +1,33 @@
{
config,
pkgs,
lib,
...
}:
let
cfg = config.nmasur.presets.programs.calendar;
in
{
options.nmasur.presets.programs.calendar.enable = lib.mkEnableOption "Calendar application";
config = lib.mkIf cfg.enable {
accounts.calendar.accounts.default = {
basePath = "other/calendars"; # Where to save calendars in ~ directory
name = "personal";
local.type = "filesystem";
primary = true;
remote = {
passwordCommand = [ "" ];
type = "caldav";
url = "https://${config.hostnames.content}/remote.php/dav/principals/users/${config.user}";
userName = config.user;
};
};
home.packages = [ pkgs.gnome-calendar ];
};
}

5
platforms/nixos/modules/nmasur/presets/services/actualbudget.nix
View File

@ -5,7 +5,6 @@
}: }:
let let
inherit (config.nmasur.settings) hostnames;
cfg = config.nmasur.presets.services.actualbudget; cfg = config.nmasur.presets.services.actualbudget;
in in
@ -61,7 +60,7 @@ in
# Allow web traffic to Caddy # Allow web traffic to Caddy
caddy.routes = [ caddy.routes = [
{ {
match = [ { host = [ hostnames.budget ]; } ]; match = [ { host = [ config.hostnames.budget ]; } ];
handle = [ handle = [
{ {
handler = "reverse_proxy"; handler = "reverse_proxy";
@ -72,7 +71,7 @@ in
]; ];
# Configure Cloudflare DNS to point to this machine # Configure Cloudflare DNS to point to this machine
services.cloudflare-dyndns.domains = [ hostnames.budget ]; services.cloudflare-dyndns.domains = [ config.hostnames.budget ];
# Backups # Backups
services.restic.backups.default.paths = [ "/var/lib/actualbudget" ]; services.restic.backups.default.paths = [ "/var/lib/actualbudget" ];

17
platforms/nixos/modules/nmasur/presets/services/arr.nix
View File

@ -7,7 +7,6 @@
let let
inherit (config.nmasur.settings) hostnames;
cfg = config.nmasur.presets.services.actualbudget; cfg = config.nmasur.presets.services.actualbudget;
# This config specifies ports for Prometheus to scrape information # This config specifies ports for Prometheus to scrape information
@ -99,7 +98,7 @@ in
group = "download"; group = "download";
match = [ match = [
{ {
host = [ hostnames.download ]; host = [ config.hostnames.download ];
path = [ "/sonarr*" ]; path = [ "/sonarr*" ];
} }
]; ];
@ -115,7 +114,7 @@ in
group = "download"; group = "download";
match = [ match = [
{ {
host = [ hostnames.download ]; host = [ config.hostnames.download ];
path = [ "/radarr*" ]; path = [ "/radarr*" ];
} }
]; ];
@ -130,7 +129,7 @@ in
group = "download"; group = "download";
match = [ match = [
{ {
host = [ hostnames.download ]; host = [ config.hostnames.download ];
path = [ "/readarr*" ]; path = [ "/readarr*" ];
} }
]; ];
@ -145,7 +144,7 @@ in
group = "download"; group = "download";
match = [ match = [
{ {
host = [ hostnames.download ]; host = [ config.hostnames.download ];
path = [ "/prowlarr*" ]; path = [ "/prowlarr*" ];
} }
]; ];
@ -161,7 +160,7 @@ in
group = "download"; group = "download";
match = [ match = [
{ {
host = [ hostnames.download ]; host = [ config.hostnames.download ];
path = [ "/bazarr*" ]; path = [ "/bazarr*" ];
} }
]; ];
@ -181,7 +180,7 @@ in
group = "download"; group = "download";
match = [ match = [
{ {
host = [ hostnames.download ]; host = [ config.hostnames.download ];
path = [ "/sabnzbd*" ]; path = [ "/sabnzbd*" ];
} }
]; ];
@ -194,7 +193,7 @@ in
} }
{ {
group = "download"; group = "download";
match = [ { host = [ hostnames.download ]; } ]; match = [ { host = [ config.hostnames.download ]; } ];
handle = [ handle = [
{ {
handler = "reverse_proxy"; handler = "reverse_proxy";
@ -205,7 +204,7 @@ in
]; ];
# Configure Cloudflare DNS to point to this machine # Configure Cloudflare DNS to point to this machine
services.cloudflare-dyndns.domains = [ hostnames.download ]; services.cloudflare-dyndns.domains = [ config.hostnames.download ];
# Enable Prometheus exporters # Enable Prometheus exporters
systemd.services = lib.mapAttrs' (name: attrs: { systemd.services = lib.mapAttrs' (name: attrs: {

11
platforms/nixos/modules/nmasur/presets/services/bind.nix
View File

@ -13,16 +13,15 @@
}: }:
let let
inherit (config.nmasur.settings) hostnames;
cfg = config.nmasur.presets.services.bind; cfg = config.nmasur.presets.services.bind;
localIp = "192.168.1.218"; localIp = "192.168.1.218";
localServices = [ localServices = [
hostnames.stream config.hostnames.stream
hostnames.content config.hostnames.content
hostnames.books config.hostnames.books
hostnames.download config.hostnames.download
hostnames.photos config.hostnames.photos
]; ];
mkRecord = service: "${service} A ${localIp}"; mkRecord = service: "${service} A ${localIp}";
localRecords = lib.concatLines (map mkRecord localServices); localRecords = lib.concatLines (map mkRecord localServices);

7
platforms/nixos/modules/nmasur/presets/services/calibre-web.nix
View File

@ -1,7 +1,7 @@
# Calibre-web is an E-Book library and management tool. # Calibre-web is an E-Book library and management tool.
# - Exposed to the public via Caddy. # - Exposed to the public via Caddy.
# - Hostname defined with hostnames.books # - Hostname defined with config.hostnames.books
# - File directory backed up to S3 on a cron schedule. # - File directory backed up to S3 on a cron schedule.
{ {
@ -13,7 +13,6 @@
let let
inherit (config.nmasur.settings) hostnames;
cfg = config.nmasur.presets.services.calibre-web; cfg = config.nmasur.presets.services.calibre-web;
libraryPath = "/data/books"; libraryPath = "/data/books";
in in
@ -39,7 +38,7 @@ in
# Allow web traffic to Caddy # Allow web traffic to Caddy
caddy.routes = [ caddy.routes = [
{ {
match = [ { host = [ hostnames.books ]; } ]; match = [ { host = [ config.hostnames.books ]; } ];
handle = [ handle = [
{ {
handler = "reverse_proxy"; handler = "reverse_proxy";
@ -55,7 +54,7 @@ in
]; ];
# Configure Cloudflare DNS to point to this machine # Configure Cloudflare DNS to point to this machine
services.cloudflare-dyndns.domains = [ hostnames.books ]; services.cloudflare-dyndns.domains = [ config.hostnames.books ];
# Grant user access to Calibre directories # Grant user access to Calibre directories
users.users.${config.user}.extraGroups = [ "calibre-web" ]; users.users.${config.user}.extraGroups = [ "calibre-web" ];

5
platforms/nixos/modules/nmasur/presets/services/filebrowser.nix
View File

@ -4,7 +4,6 @@
... ...
}: }:
let let
inherit (config.nmasur.settings) hostnames;
cfg = config.nmasur.presets.services.filebrowser; cfg = config.nmasur.presets.services.filebrowser;
in in
{ {
@ -21,7 +20,7 @@ in
caddy.routes = [ caddy.routes = [
{ {
match = [ { host = [ hostnames.files ]; } ]; match = [ { host = [ config.hostnames.files ]; } ];
handle = [ handle = [
{ {
handler = "reverse_proxy"; handler = "reverse_proxy";
@ -34,7 +33,7 @@ in
]; ];
# Configure Cloudflare DNS to point to this machine # Configure Cloudflare DNS to point to this machine
services.cloudflare-dyndns.domains = [ hostnames.files ]; services.cloudflare-dyndns.domains = [ config.hostnames.files ];
}; };

3
platforms/nixos/modules/nmasur/presets/services/gitea-runner-local.nix
View File

@ -12,7 +12,6 @@
}: }:
let let
inherit (config.nmasur.settings) hostnames;
cfg = config.nmasur.presets.services.gitea-runner-local; cfg = config.nmasur.presets.services.gitea-runner-local;
in in
@ -43,7 +42,7 @@ in
wget wget
]; ];
name = config.networking.hostName; name = config.networking.hostName;
url = "https://${hostnames.git}"; url = "https://${config.hostnames.git}";
tokenFile = config.secrets.giteaRunnerToken.dest; tokenFile = config.secrets.giteaRunnerToken.dest;
}; };

11
platforms/nixos/modules/nmasur/presets/services/gitea.nix
View File

@ -6,7 +6,6 @@
}: }:
let let
inherit (config.nmasur.settings) hostnames;
cfg = config.nmasur.presets.services.gitea; cfg = config.nmasur.presets.services.gitea;
giteaPath = "/var/lib/gitea"; # Default service directory giteaPath = "/var/lib/gitea"; # Default service directory
in in
@ -29,7 +28,7 @@ in
DISABLE_HTTP_GIT = false; DISABLE_HTTP_GIT = false;
# Allow requests hitting the specified hostname. # Allow requests hitting the specified hostname.
ACCESS_CONTROL_ALLOW_ORIGIN = hostnames.git; ACCESS_CONTROL_ALLOW_ORIGIN = config.hostnames.git;
# Automatically create viable users/orgs on push. # Automatically create viable users/orgs on push.
ENABLE_PUSH_CREATE_USER = true; ENABLE_PUSH_CREATE_USER = true;
@ -41,7 +40,7 @@ in
server = { server = {
HTTP_PORT = 3001; HTTP_PORT = 3001;
HTTP_ADDRESS = "127.0.0.1"; HTTP_ADDRESS = "127.0.0.1";
ROOT_URL = "https://${hostnames.git}/"; ROOT_URL = "https://${config.hostnames.git}/";
SSH_PORT = 22; SSH_PORT = 22;
START_SSH_SERVER = false; # Use sshd instead START_SSH_SERVER = false; # Use sshd instead
DISABLE_SSH = false; DISABLE_SSH = false;
@ -66,7 +65,7 @@ in
{ {
match = [ match = [
{ {
host = [ hostnames.git ]; host = [ config.hostnames.git ];
path = [ "/metrics*" ]; path = [ "/metrics*" ];
} }
]; ];
@ -79,7 +78,7 @@ in
} }
# Allow access to primary server. # Allow access to primary server.
{ {
match = [ { host = [ hostnames.git ]; } ]; match = [ { host = [ config.hostnames.git ]; } ];
handle = [ handle = [
{ {
handler = "reverse_proxy"; handler = "reverse_proxy";
@ -92,7 +91,7 @@ in
]; ];
# Configure Cloudflare DNS to point to this machine # Configure Cloudflare DNS to point to this machine
services.cloudflare-dyndns.domains = [ hostnames.git ]; services.cloudflare-dyndns.domains = [ config.hostnames.git ];
# Scrape the metrics endpoint for Prometheus. # Scrape the metrics endpoint for Prometheus.
prometheus.scrapeTargets = [ prometheus.scrapeTargets = [

47
platforms/nixos/modules/nmasur/presets/services/grafana.nix
View File

@ -6,7 +6,6 @@
}: }:
let let
inherit (config.nmasur.settings) hostnames;
cfg = config.nmasur.presets.services.grafana; cfg = config.nmasur.presets.services.grafana;
promUid = "victoriametrics"; promUid = "victoriametrics";
in in
@ -32,7 +31,7 @@ in
enable = true; enable = true;
settings = { settings = {
server = { server = {
domain = hostnames.metrics; domain = config.hostnames.metrics;
http_addr = "127.0.0.1"; http_addr = "127.0.0.1";
http_port = 3000; http_port = 3000;
protocol = "http"; protocol = "http";
@ -452,7 +451,7 @@ in
{ {
targetBlank = true; targetBlank = true;
title = ""; title = "";
url = "https://${hostnames.git}/admin/runners"; url = "https://${config.hostnames.git}/admin/runners";
} }
]; ];
options = { options = {
@ -526,7 +525,7 @@ in
{ {
targetBlank = true; targetBlank = true;
title = ""; title = "";
url = "https://${hostnames.stream}"; url = "https://${config.hostnames.stream}";
} }
]; ];
options = { options = {
@ -786,7 +785,7 @@ in
{ {
targetBlank = true; targetBlank = true;
title = ""; title = "";
url = "https://${hostnames.download}"; url = "https://${config.hostnames.download}";
} }
]; ];
} }
@ -808,7 +807,7 @@ in
{ {
targetBlank = true; targetBlank = true;
title = ""; title = "";
url = "https://${hostnames.download}/bazarr"; url = "https://${config.hostnames.download}/bazarr";
} }
]; ];
} }
@ -830,7 +829,7 @@ in
{ {
targetBlank = true; targetBlank = true;
title = ""; title = "";
url = "https://${hostnames.download}/radarr"; url = "https://${config.hostnames.download}/radarr";
} }
]; ];
} }
@ -852,7 +851,7 @@ in
{ {
targetBlank = true; targetBlank = true;
title = ""; title = "";
url = "https://${hostnames.download}/readarr"; url = "https://${config.hostnames.download}/readarr";
} }
]; ];
} }
@ -874,7 +873,7 @@ in
{ {
targetBlank = true; targetBlank = true;
title = ""; title = "";
url = "https://${hostnames.content}"; url = "https://${config.hostnames.content}";
} }
]; ];
} }
@ -896,7 +895,7 @@ in
{ {
targetBlank = true; targetBlank = true;
title = ""; title = "";
url = "https://${hostnames.books}"; url = "https://${config.hostnames.books}";
} }
]; ];
} }
@ -918,7 +917,7 @@ in
{ {
targetBlank = true; targetBlank = true;
title = ""; title = "";
url = "https://${hostnames.download}/sabnzbd"; url = "https://${config.hostnames.download}/sabnzbd";
} }
]; ];
} }
@ -940,7 +939,7 @@ in
{ {
targetBlank = true; targetBlank = true;
title = ""; title = "";
url = "https://${hostnames.influxdb}"; url = "https://${config.hostnames.influxdb}";
} }
]; ];
} }
@ -962,7 +961,7 @@ in
{ {
targetBlank = true; targetBlank = true;
title = ""; title = "";
url = "https://${hostnames.stream}"; url = "https://${config.hostnames.stream}";
} }
]; ];
} }
@ -984,7 +983,7 @@ in
{ {
targetBlank = true; targetBlank = true;
title = ""; title = "";
url = "https://${hostnames.download}/sonarr"; url = "https://${config.hostnames.download}/sonarr";
} }
]; ];
} }
@ -1006,7 +1005,7 @@ in
{ {
targetBlank = true; targetBlank = true;
title = ""; title = "";
url = "https://${hostnames.irc}"; url = "https://${config.hostnames.irc}";
} }
]; ];
} }
@ -1028,7 +1027,7 @@ in
{ {
targetBlank = true; targetBlank = true;
title = ""; title = "";
url = "https://${hostnames.download}/prowlarr"; url = "https://${config.hostnames.download}/prowlarr";
} }
]; ];
} }
@ -1050,7 +1049,7 @@ in
{ {
targetBlank = true; targetBlank = true;
title = ""; title = "";
url = "https://${hostnames.metrics}"; url = "https://${config.hostnames.metrics}";
} }
]; ];
} }
@ -1072,7 +1071,7 @@ in
{ {
targetBlank = true; targetBlank = true;
title = ""; title = "";
url = "https://${hostnames.git}"; url = "https://${config.hostnames.git}";
} }
]; ];
} }
@ -1094,7 +1093,7 @@ in
{ {
targetBlank = true; targetBlank = true;
title = ""; title = "";
url = "https://${hostnames.secrets}"; url = "https://${config.hostnames.secrets}";
} }
]; ];
} }
@ -1116,7 +1115,7 @@ in
{ {
targetBlank = true; targetBlank = true;
title = ""; title = "";
url = "https://${hostnames.prometheus}/vmui"; url = "https://${config.hostnames.prometheus}/vmui";
} }
]; ];
} }
@ -1138,7 +1137,7 @@ in
{ {
targetBlank = true; targetBlank = true;
title = ""; title = "";
url = "https://${hostnames.paperless}"; url = "https://${config.hostnames.paperless}";
} }
]; ];
} }
@ -1160,7 +1159,7 @@ in
{ {
targetBlank = true; targetBlank = true;
title = ""; title = "";
url = "https://${hostnames.audiobooks}"; url = "https://${config.hostnames.audiobooks}";
} }
]; ];
} }
@ -2563,7 +2562,7 @@ in
caddy.routes = [ caddy.routes = [
{ {
match = [ { host = [ hostnames.metrics ]; } ]; match = [ { host = [ config.hostnames.metrics ]; } ];
handle = [ handle = [
{ {
handler = "reverse_proxy"; handler = "reverse_proxy";
@ -2576,6 +2575,6 @@ in
]; ];
# Configure Cloudflare DNS to point to this machine # Configure Cloudflare DNS to point to this machine
services.cloudflare-dyndns.domains = [ hostnames.metrics ]; services.cloudflare-dyndns.domains = [ config.hostnames.metrics ];
}; };
} }

9
platforms/nixos/modules/nmasur/presets/services/immich.nix
View File

@ -1,7 +1,6 @@
{ config, lib, ... }: { config, lib, ... }:
let let
inherit (config.nmasur.settings) hostnames;
cfg = config.nmasur.presets.services.immich; cfg = config.nmasur.presets.services.immich;
in in
@ -20,7 +19,7 @@ in
machine-learning.environment = { }; machine-learning.environment = { };
mediaLocation = "/data/images"; mediaLocation = "/data/images";
secretsFile = null; secretsFile = null;
settings.server.externalDomain = "https://${hostnames.photos}"; settings.server.externalDomain = "https://${config.hostnames.photos}";
environment = { environment = {
IMMICH_ENV = "production"; IMMICH_ENV = "production";
IMMICH_LOG_LEVEL = "log"; IMMICH_LOG_LEVEL = "log";
@ -31,7 +30,7 @@ in
caddy.routes = [ caddy.routes = [
{ {
match = [ { host = [ hostnames.photos ]; } ]; match = [ { host = [ config.hostnames.photos ]; } ];
handle = [ handle = [
{ {
handler = "reverse_proxy"; handler = "reverse_proxy";
@ -42,10 +41,10 @@ in
]; ];
# Configure Cloudflare DNS to point to this machine # Configure Cloudflare DNS to point to this machine
services.cloudflare-dyndns.domains = [ hostnames.photos ]; services.cloudflare-dyndns.domains = [ config.hostnames.photos ];
# Point localhost to the local domain # Point localhost to the local domain
networking.hosts."127.0.0.1" = [ hostnames.photos ]; networking.hosts."127.0.0.1" = [ config.hostnames.photos ];
# Backups # Backups
services.restic.backups.default.paths = [ "/data/images" ]; services.restic.backups.default.paths = [ "/data/images" ];

5
platforms/nixos/modules/nmasur/presets/services/influxdb2.nix
View File

@ -6,7 +6,6 @@
{ config, lib, ... }: { config, lib, ... }:
let let
inherit (config.nmasur.settings) hostnames;
cfg = config.nmasur.presets.services.influxdb2; cfg = config.nmasur.presets.services.influxdb2;
in in
{ {
@ -57,7 +56,7 @@ in
caddy.routes = lib.mkIf config.services.influxdb2.enable [ caddy.routes = lib.mkIf config.services.influxdb2.enable [
{ {
match = [ { host = [ hostnames.influxdb ]; } ]; match = [ { host = [ config.hostnames.influxdb ]; } ];
handle = [ handle = [
{ {
handler = "reverse_proxy"; handler = "reverse_proxy";
@ -68,6 +67,6 @@ in
]; ];
# Configure Cloudflare DNS to point to this machine # Configure Cloudflare DNS to point to this machine
services.cloudflare-dyndns.domains = [ hostnames.influxdb ]; services.cloudflare-dyndns.domains = [ config.hostnames.influxdb ];
}; };
} }

7
platforms/nixos/modules/nmasur/presets/services/jellyfin.nix
View File

@ -9,7 +9,6 @@
}: }:
let let
inherit (config.nmasur.settings) hostnames;
cfg = config.nmasur.presets.services.jellyfin; cfg = config.nmasur.presets.services.jellyfin;
in in
{ {
@ -26,7 +25,7 @@ in
{ {
match = [ match = [
{ {
host = [ hostnames.stream ]; host = [ config.hostnames.stream ];
path = [ "/metrics*" ]; path = [ "/metrics*" ];
} }
]; ];
@ -39,7 +38,7 @@ in
} }
# Allow access to normal route. # Allow access to normal route.
{ {
match = [ { host = [ hostnames.stream ]; } ]; match = [ { host = [ config.hostnames.stream ]; } ];
handle = [ handle = [
{ {
handler = "reverse_proxy"; handler = "reverse_proxy";
@ -50,7 +49,7 @@ in
]; ];
# Configure Cloudflare DNS to point to this machine # Configure Cloudflare DNS to point to this machine
services.cloudflare-dyndns.domains = [ hostnames.stream ]; services.cloudflare-dyndns.domains = [ config.hostnames.stream ];
# Create videos directory, allow anyone in Jellyfin group to manage it # Create videos directory, allow anyone in Jellyfin group to manage it
systemd.tmpfiles.rules = [ systemd.tmpfiles.rules = [

3
platforms/nixos/modules/nmasur/presets/services/minecraft-server.nix
View File

@ -6,7 +6,6 @@
}: }:
let let
inherit (config.nmasur.settings) hostnames;
cfg = config.nmasur.presets.services.minecraft-server; cfg = config.nmasur.presets.services.minecraft-server;
localPort = 25564; localPort = 25564;
publicPort = 49732; publicPort = 49732;
@ -53,7 +52,7 @@ in
networking.firewall.allowedTCPPorts = [ publicPort ]; networking.firewall.allowedTCPPorts = [ publicPort ];
cloudflare.noProxyDomains = [ hostnames.minecraft ]; cloudflare.noProxyDomains = [ config.hostnames.minecraft ];
## Automatically start and stop Minecraft server based on player connections ## Automatically start and stop Minecraft server based on player connections

11
platforms/nixos/modules/nmasur/presets/services/nextcloud.nix
View File

@ -6,7 +6,6 @@
}: }:
let let
inherit (config.nmasur.settings) hostnames;
cfg = config.nmasur.presets.services.nextcloud; cfg = config.nmasur.presets.services.nextcloud;
in in
{ {
@ -31,7 +30,7 @@ in
settings = { settings = {
default_phone_region = "US"; default_phone_region = "US";
# Allow access when hitting either of these hosts or IPs # Allow access when hitting either of these hosts or IPs
trusted_domains = [ hostnames.content ]; trusted_domains = [ config.hostnames.content ];
trusted_proxies = [ "127.0.0.1" ]; trusted_proxies = [ "127.0.0.1" ];
maintenance_window_start = 4; # Run jobs at 4am UTC maintenance_window_start = 4; # Run jobs at 4am UTC
log_type = "file"; log_type = "file";
@ -65,7 +64,7 @@ in
# Point Caddy to Nginx # Point Caddy to Nginx
caddy.routes = [ caddy.routes = [
{ {
match = [ { host = [ hostnames.content ]; } ]; match = [ { host = [ config.hostnames.content ]; } ];
handle = [ handle = [
{ {
handler = "subroute"; handler = "subroute";
@ -196,7 +195,7 @@ in
]; ];
# Configure Cloudflare DNS to point to this machine # Configure Cloudflare DNS to point to this machine
services.cloudflare-dyndns.domains = [ hostnames.content ]; services.cloudflare-dyndns.domains = [ config.hostnames.content ];
# Create credentials file for nextcloud # Create credentials file for nextcloud
secrets.nextcloud = { secrets.nextcloud = {
@ -218,11 +217,11 @@ in
systemd.services.phpfpm-nextcloud.serviceConfig.StateDirectoryMode = lib.mkForce "0770"; systemd.services.phpfpm-nextcloud.serviceConfig.StateDirectoryMode = lib.mkForce "0770";
# Log metrics to prometheus # Log metrics to prometheus
networking.hosts."127.0.0.1" = [ hostnames.content ]; networking.hosts."127.0.0.1" = [ config.hostnames.content ];
services.prometheus.exporters.nextcloud = { services.prometheus.exporters.nextcloud = {
enable = config.prometheus.exporters.enable; enable = config.prometheus.exporters.enable;
username = config.services.nextcloud.config.adminuser; username = config.services.nextcloud.config.adminuser;
url = "https://${hostnames.content}"; url = "https://${config.hostnames.content}";
passwordFile = config.services.nextcloud.config.adminpassFile; passwordFile = config.services.nextcloud.config.adminpassFile;
}; };
prometheus.scrapeTargets = [ prometheus.scrapeTargets = [

7
platforms/nixos/modules/nmasur/presets/services/ntfy-sh.nix
View File

@ -1,7 +1,6 @@
{ config, lib, ... }: { config, lib, ... }:
let let
inherit (config.nmasur.settings) hostnames;
cfg = config.nmasur.presets.services.ntfy-sh; cfg = config.nmasur.presets.services.ntfy-sh;
in in
@ -12,7 +11,7 @@ in
services.ntfy-sh = { services.ntfy-sh = {
enable = true; enable = true;
settings = { settings = {
base-url = "https://${hostnames.notifications}"; base-url = "https://${config.hostnames.notifications}";
upstream-base-url = "https://ntfy.sh"; upstream-base-url = "https://ntfy.sh";
listen-http = ":8333"; listen-http = ":8333";
behind-proxy = true; behind-proxy = true;
@ -23,7 +22,7 @@ in
caddy.routes = [ caddy.routes = [
{ {
match = [ { host = [ hostnames.notifications ]; } ]; match = [ { host = [ config.hostnames.notifications ]; } ];
handle = [ handle = [
{ {
handler = "reverse_proxy"; handler = "reverse_proxy";
@ -34,7 +33,7 @@ in
]; ];
# Configure Cloudflare DNS to point to this machine # Configure Cloudflare DNS to point to this machine
services.cloudflare-dyndns.domains = [ hostnames.notifications ]; services.cloudflare-dyndns.domains = [ config.hostnames.notifications ];
}; };
} }

5
platforms/nixos/modules/nmasur/presets/services/paperless.nix
View File

@ -3,7 +3,6 @@
{ config, lib, ... }: { config, lib, ... }:
let let
inherit (config.nmasur.settings) hostnames;
cfg = config.nmasur.presets.services.paperless; cfg = config.nmasur.presets.services.paperless;
in in
{ {
@ -34,7 +33,7 @@ in
{ {
match = [ match = [
{ {
host = [ hostnames.paperless ]; host = [ config.hostnames.paperless ];
# path = [ "/paperless*" ]; # Change path name in Caddy # path = [ "/paperless*" ]; # Change path name in Caddy
} }
]; ];
@ -48,7 +47,7 @@ in
]; ];
# Configure Cloudflare DNS to point to this machine # Configure Cloudflare DNS to point to this machine
services.cloudflare-dyndns.domains = [ hostnames.paperless ]; services.cloudflare-dyndns.domains = [ config.hostnames.paperless ];
secrets.paperless = { secrets.paperless = {
source = ../../../private/prometheus.age; source = ../../../private/prometheus.age;

3
platforms/nixos/modules/nmasur/presets/services/prometheus-remote-write.nix
View File

@ -11,7 +11,6 @@
}: }:
let let
inherit (config.nmasur.settings) hostnames;
cfg = config.nmasur.presets.services.prometheus-remote-write; cfg = config.nmasur.presets.services.prometheus-remote-write;
in in
{ {
@ -26,7 +25,7 @@ in
remoteWrite = [ remoteWrite = [
{ {
name = config.networking.hostName; name = config.networking.hostName;
url = "https://${hostnames.prometheus}/api/v1/write"; url = "https://${config.hostnames.prometheus}/api/v1/write";
basic_auth = { basic_auth = {
# Uses password hashed with bcrypt above # Uses password hashed with bcrypt above
username = "prometheus"; username = "prometheus";

5
platforms/nixos/modules/nmasur/presets/services/thelounge.nix
View File

@ -1,6 +1,5 @@
{ config, lib, ... }: { config, lib, ... }:
let let
inherit (config.nmasur.settings) hostnames;
cfg = config.nmasur.presets.services.thelounge; cfg = config.nmasur.presets.services.thelounge;
in in
{ {
@ -23,7 +22,7 @@ in
# Allow web traffic to Caddy # Allow web traffic to Caddy
caddy.routes = [ caddy.routes = [
{ {
match = [ { host = [ hostnames.irc ]; } ]; match = [ { host = [ config.hostnames.irc ]; } ];
handle = [ handle = [
{ {
handler = "reverse_proxy"; handler = "reverse_proxy";
@ -34,6 +33,6 @@ in
]; ];
# Configure Cloudflare DNS to point to this machine # Configure Cloudflare DNS to point to this machine
services.cloudflare-dyndns.domains = [ hostnames.irc ]; services.cloudflare-dyndns.domains = [ config.hostnames.irc ];
}; };
} }

9
platforms/nixos/modules/nmasur/presets/services/transmission.nix
View File

@ -9,7 +9,6 @@
}: }:
let let
inherit (config.nmasur.settings) hostnames;
cfg = config.nmasur.presets.services.transmission; cfg = config.nmasur.presets.services.transmission;
in in
{ {
@ -38,7 +37,7 @@ in
# This is a salted hash of the real password # This is a salted hash of the real password
# https://github.com/tomwijnroks/transmission-pwgen # https://github.com/tomwijnroks/transmission-pwgen
rpc-password = "{c4c5145f6e18bcd3c7429214a832440a45285ce26jDOBGVW"; rpc-password = "{c4c5145f6e18bcd3c7429214a832440a45285ce26jDOBGVW";
rpc-host-whitelist = hostnames.transmission; rpc-host-whitelist = config.hostnames.transmission;
rpc-host-whitelist-enabled = true; rpc-host-whitelist-enabled = true;
rpc-whitelist = lib.mkDefault "127.0.0.1"; # Overwritten by Cloudflare rpc-whitelist = lib.mkDefault "127.0.0.1"; # Overwritten by Cloudflare
rpc-whitelist-enabled = true; rpc-whitelist-enabled = true;
@ -46,7 +45,7 @@ in
}; };
# Configure Cloudflare DNS to point to this machine # Configure Cloudflare DNS to point to this machine
services.cloudflare-dyndns.domains = [ hostnames.transmission ]; services.cloudflare-dyndns.domains = [ config.hostnames.transmission ];
# Bind transmission to wireguard namespace # Bind transmission to wireguard namespace
systemd.services.transmission = lib.mkIf config.wireguard.enable { systemd.services.transmission = lib.mkIf config.wireguard.enable {
@ -67,14 +66,14 @@ in
caddy.routes = caddy.routes =
let let
# Set if the download domain is the same as the Transmission domain # Set if the download domain is the same as the Transmission domain
useDownloadDomain = hostnames.download == hostnames.transmission; useDownloadDomain = config.hostnames.download == config.hostnames.transmission;
in in
lib.mkAfter [ lib.mkAfter [
{ {
group = if useDownloadDomain then "download" else "transmission"; group = if useDownloadDomain then "download" else "transmission";
match = [ match = [
{ {
host = [ hostnames.transmission ]; host = [ config.hostnames.transmission ];
path = if useDownloadDomain then [ "/transmission*" ] else null; path = if useDownloadDomain then [ "/transmission*" ] else null;
} }
]; ];

5
platforms/nixos/modules/nmasur/presets/services/uptime-kuma.nix
View File

@ -1,7 +1,6 @@
{ config, lib, ... }: { config, lib, ... }:
let let
inherit (config.nmasur.settings) hostnames;
cfg = config.nmasur.presets.services.uptime-kuma; cfg = config.nmasur.presets.services.uptime-kuma;
in in
@ -21,7 +20,7 @@ in
# Allow web traffic to Caddy # Allow web traffic to Caddy
caddy.routes = [ caddy.routes = [
{ {
match = [ { host = [ hostnames.status ]; } ]; match = [ { host = [ config.hostnames.status ]; } ];
handle = [ handle = [
{ {
handler = "reverse_proxy"; handler = "reverse_proxy";
@ -34,7 +33,7 @@ in
]; ];
# Configure Cloudflare DNS to point to this machine # Configure Cloudflare DNS to point to this machine
services.cloudflare-dyndns.domains = [ hostnames.status ]; services.cloudflare-dyndns.domains = [ config.hostnames.status ];
}; };

7
platforms/nixos/modules/nmasur/presets/services/vaultwarden.nix
View File

@ -10,7 +10,6 @@
}: }:
let let
inherit (config.nmasur.settings) hostnames;
cfg = config.nmasur.presets.services.vaultwarden; cfg = config.nmasur.presets.services.vaultwarden;
vaultwardenPath = "/var/lib/bitwarden_rs"; # Default service directory vaultwardenPath = "/var/lib/bitwarden_rs"; # Default service directory
in in
@ -23,7 +22,7 @@ in
services.vaultwarden = { services.vaultwarden = {
enable = true; enable = true;
config = { config = {
DOMAIN = "https://${hostnames.secrets}"; DOMAIN = "https://${config.hostnames.secrets}";
SIGNUPS_ALLOWED = false; SIGNUPS_ALLOWED = false;
SIGNUPS_VERIFY = true; SIGNUPS_VERIFY = true;
INVITATIONS_ALLOWED = true; INVITATIONS_ALLOWED = true;
@ -53,7 +52,7 @@ in
caddy.routes = [ caddy.routes = [
{ {
match = [ { host = [ hostnames.secrets ]; } ]; match = [ { host = [ config.hostnames.secrets ]; } ];
handle = [ handle = [
{ {
handler = "reverse_proxy"; handler = "reverse_proxy";
@ -67,7 +66,7 @@ in
]; ];
# Configure Cloudflare DNS to point to this machine # Configure Cloudflare DNS to point to this machine
services.cloudflare-dyndns.domains = [ hostnames.secrets ]; services.cloudflare-dyndns.domains = [ config.hostnames.secrets ];
## Backup config ## Backup config

5
platforms/nixos/modules/nmasur/presets/services/victoriametrics.nix
View File

@ -10,7 +10,6 @@
let let
inherit (config.nmasur.settings) hostnames;
cfg = config.nmasur.presets.services.victoriametrics; cfg = config.nmasur.presets.services.victoriametrics;
username = "prometheus"; username = "prometheus";
@ -80,7 +79,7 @@ in
caddy.routes = [ caddy.routes = [
{ {
match = [ { host = [ hostnames.prometheus ]; } ]; match = [ { host = [ config.hostnames.prometheus ]; } ];
handle = [ handle = [
{ {
handler = "reverse_proxy"; handler = "reverse_proxy";
@ -91,7 +90,7 @@ in
]; ];
# Configure Cloudflare DNS to point to this machine # Configure Cloudflare DNS to point to this machine
services.cloudflare-dyndns.domains = [ hostnames.prometheus ]; services.cloudflare-dyndns.domains = [ config.hostnames.prometheus ];
}; };
} }

3
platforms/nixos/modules/nmasur/presets/services/vm-agent.nix
View File

@ -10,7 +10,6 @@
let let
inherit (config.nmasur.settings) hostnames;
cfg = config.nmasur.presets.services.vm-agent; cfg = config.nmasur.presets.services.vm-agent;
username = "prometheus"; username = "prometheus";
@ -38,7 +37,7 @@ in
package = pkgs-stable.vmagent; package = pkgs-stable.vmagent;
prometheusConfig = prometheusConfig; prometheusConfig = prometheusConfig;
remoteWrite = { remoteWrite = {
url = "https://${hostnames.prometheus}/api/v1/write"; url = "https://${config.hostnames.prometheus}/api/v1/write";
basicAuthUsername = username; basicAuthUsername = username;
basicAuthPasswordFile = config.secrets.vmagent.dest; basicAuthPasswordFile = config.secrets.vmagent.dest;
}; };

19
platforms/nixos/modules/nmasur/settings.nix
View File

@ -1,19 +0,0 @@
{ lib, ... }:
{
options.nmasur.settings = {
username = lib.mkOption {
type = lib.types.str;
description = "Primary username for the system";
};
fullName = lib.mkOption {
type = lib.types.str;
description = "Human readable name of the user";
};
options.hostnames = lib.mkOption {
type = lib.types.attrsOf lib.types.str;
description = "Map of service names to FQDNs";
default = { };
};
};
}

3
platforms/nixos/modules/secrets.nix
View File

@ -27,7 +27,6 @@ in
identityFile = lib.mkOption { identityFile = lib.mkOption {
type = lib.types.path; type = lib.types.path;
description = "Path containing decryption identity."; description = "Path containing decryption identity.";
default = "/etc/ssh/ssh_host_ed25519_key";
}; };
secrets = lib.mkOption { secrets = lib.mkOption {
@ -92,7 +91,7 @@ in
script = '' script = ''
echo "${attrs.prefix}$( echo "${attrs.prefix}$(
${pkgs.age}/bin/age --decrypt \ ${pkgs.age}/bin/age --decrypt \
--identity ${config.identityFile} ${attrs.source} --identity ${config.secretsIdentityFile} ${attrs.source}
)" > ${attrs.dest} )" > ${attrs.dest}
chown '${attrs.owner}':'${attrs.group}' '${attrs.dest}' chown '${attrs.owner}':'${attrs.group}' '${attrs.dest}'

3
platforms/nixos/modules/services/filebrowser.nix
View File

@ -5,7 +5,6 @@
... ...
}: }:
let let
inherit (config.nmasur.settings) hostnames;
cfg = config.services.filebrowser; cfg = config.services.filebrowser;
dataDir = "/var/lib/filebrowser"; dataDir = "/var/lib/filebrowser";
@ -58,7 +57,7 @@ in
}; };
# Configure Cloudflare DNS to point to this machine # Configure Cloudflare DNS to point to this machine
services.cloudflare-dyndns.domains = [ hostnames.files ]; services.cloudflare-dyndns.domains = [ config.hostnames.files ];
}; };

16
platforms/nixos/modules/nmasur/presets/services/n8n.nix → platforms/nixos/modules/services/n8n.nix
View File

@ -2,22 +2,14 @@
# together with triggers. # together with triggers.
{ config, lib, ... }: { config, lib, ... }:
let
inherit (config.nmasur.settings) hostnames;
cfg = config.nmasur.presets.services.n8n;
in
{ {
options.nmasur.presets.services.n8n.enable = lib.mkEnableOption "n8n low-code automation tool"; config = lib.mkIf config.services.n8n.enable {
config = lib.mkIf cfg.enable {
unfreePackages = [ "n8n" ]; unfreePackages = [ "n8n" ];
services.n8n = { services.n8n = {
webhookUrl = "https://${hostnames.n8n}"; webhookUrl = "https://${config.hostnames.n8n}";
settings = { settings = {
listen_address = "127.0.0.1"; listen_address = "127.0.0.1";
port = 5678; port = 5678;
@ -30,12 +22,12 @@ in
}; };
# Configure Cloudflare DNS to point to this machine # Configure Cloudflare DNS to point to this machine
services.cloudflare-dyndns.domains = [ hostnames.n8n ]; services.cloudflare-dyndns.domains = [ config.hostnames.n8n ];
# Allow web traffic to Caddy # Allow web traffic to Caddy
caddy.routes = [ caddy.routes = [
{ {
match = [ { host = [ hostnames.n8n ]; } ]; match = [ { host = [ config.hostnames.n8n ]; } ];
handle = [ handle = [
{ {
handler = "reverse_proxy"; handler = "reverse_proxy";

0
platforms/windows/alacritty.yml → windows/alacritty.yml
View File

0
platforms/windows/autohotkey/RemapCaps.ahk → windows/autohotkey/RemapCaps.ahk
View File

0
platforms/windows/autohotkey/RemapCapsCtrlEscapeV2.ahk → windows/autohotkey/RemapCapsCtrlEscapeV2.ahk
View File

0
platforms/windows/caps-lock-ctrl.reg → windows/caps-lock-ctrl.reg
View File

0
platforms/windows/chocolatey.config → windows/chocolatey.config
View File

0
platforms/windows/utc-time.reg → windows/utc-time.reg
View File

0
platforms/windows/windows-programs.md → windows/windows-programs.md
View File