sorceress
/
nix-infra
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Cleanup / reformat

This commit is contained in:
Agatha Lovelace 2024-11-22 17:26:16 +01:00
parent 0d1378aa0d
commit b30f9a4f46
Signed by: sorceress
GPG Key ID: 01D0B3AB10CED4F8
10 changed files with 242 additions and 231 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
common/default.nix
View File

@ -30,10 +30,12 @@
dogdns
du-dust
git
headscale
imagemagick
jq
killall
mtr
nmap
openssl
rsync
sqlite-interactive
@ -41,6 +43,8 @@
xclip
];
services.tailscale.enable = true;
# 🥺
# security.please.enable = true;
}

41
common/fragments/graphical/barebones.nix Normal file
View File

@ -0,0 +1,41 @@
{ pkgs, ... }:
{
# Config for client devices, but not necessarily a full desktop environment.
imports = [
../restic.nix
../yubikey.nix
];
# User packages
users.users.agatha.packages = with pkgs; [
android-tools
broot
colmena
exiftool
ffmpeg
flac
hyperfine
just
magic-wormhole
neofetch
nil
pfetch
pridefetch
rink
sshfs
unstable.rustmission
whois
wireguard-tools
yt-dlp
];
home-manager.users.agatha = {
programs.direnv.enable = true;
home.sessionVariables = {
"DIRENV_LOG_FORMAT" = "";
};
programs.ssh.enable = true;
};
}

119
common/fragments/graphical/default.nix
View File

@ -1,6 +1,12 @@
{ pkgs, config, lib, ... }: {
{
pkgs,
config,
lib,
...
}:
{
imports = [
../restic.nix
./barebones.nix
./audio.nix
./bspwm.nix
./clipboard.nix
@ -22,26 +28,19 @@
(final: prev: {
pads = final.callPackage ../../../common/pkgs/pads.nix { };
bspm = final.callPackage ../../../common/pkgs/bspm.nix { };
polybar-scripts =
final.callPackage ../../../common/pkgs/polybar-scripts.nix { };
polybar-scripts = final.callPackage ../../../common/pkgs/polybar-scripts.nix { };
})
];
# User packages
users.users.agatha.packages = with pkgs; [
android-tools
blueberry
brightnessctl
broot
bspm
cider
colmena
darktable
dino
element-desktop
exiftool
ffmpeg
flac
flameshot
gimp
glib
@ -52,32 +51,19 @@
gnome.gnome-disk-utility
gnome.gnome-font-viewer
gnome.nautilus
hyperfine
just
magic-wormhole
mpv
mumble
neofetch
nil
nitrogen
nmap
obs-studio
obsidian
pfetch
polybar-scripts
pridefetch
prismlauncher
rink
rofi-calc
rofimoji
speechd
sshfs
tdesktop
whois
wireguard-tools
xdg-utils
xdotool
yt-dlp
yubioath-flutter
];
@ -100,20 +86,22 @@
enable = true;
displayManager = {
gdm.enable = true;
# gdm.wayland = true;
sessionPackages = [ pkgs.sway ];
session = [{
manage = "window";
name = "bspwm";
start = let cfg = config.home-manager.users.agatha;
in ''
${cfg.services.sxhkd.package}/bin/sxhkd ${
toString cfg.services.sxhkd.extraOptions
} &
${cfg.xsession.windowManager.bspwm.package}/bin/bspwm -c ${cfg.xdg.configHome}/bspwm/bspwmrc
'';
}];
session = [
{
manage = "window";
name = "bspwm";
start =
let
cfg = config.home-manager.users.agatha;
in
''
${cfg.services.sxhkd.package}/bin/sxhkd ${toString cfg.services.sxhkd.extraOptions} &
${cfg.xsession.windowManager.bspwm.package}/bin/bspwm -c ${cfg.xdg.configHome}/bspwm/bspwmrc
'';
}
];
};
# Layout overrides
layout = lib.mkForce "eu,de(qwerty),ua,ru";
@ -150,51 +138,6 @@
<Multi_key> <p><l> : "🥺"
<Multi_key> <m><s> : "/html <span data-mx-spoiler=\"\"></span>"
'';
programs.direnv.enable = true;
home.sessionVariables = { "DIRENV_LOG_FORMAT" = ""; };
programs.ssh.enable = true;
programs.ssh.matchBlocks = {
"bloodletting" = { hostname = "technogothic.net"; };
"backups" = {
match = ''originalhost backups exec "ip r | rg 10.21.0.0/16"'';
hostname = "10.20.1.2";
user = "agatha";
identityFile = [ "~/.ssh/id_ed25519" ];
};
"work" = {
match = ''originalhost work exec "ip r | rg 10.21.0.0/16"'';
hostname = "10.21.221.6";
forwardX11 = true;
forwardX11Trusted = true;
forwardAgent = true;
extraOptions."TCPKeepAlive" = "yes";
};
"ritual" = {
match = ''originalhost ritual exec "ip r | rg 10.21.0.0/16"'';
hostname = "10.21.221.60";
};
"watchtower" = {
match = ''originalhost watchtower exec "ip r | rg 10.21.0.0/16"'';
hostname = "10.21.220.205";
};
};
xdg.desktopEntries.element-work = {
name = "Element @ Work";
icon = "im.riot.Riot";
exec = "${pkgs.element-desktop}/bin/element-desktop --profile=work";
categories = [ "Network" "InstantMessaging" "Chat" "VideoConference" ];
mimeType = [ "x-scheme-handler/element" ];
settings.StartupWMClass = "element";
settings.Keywords =
"Matrix;matrix.org;chat;irc;communications;talk;riot;vector;";
};
};
services.gvfs.enable = true;
@ -224,7 +167,12 @@
fonts.fontconfig.enable = true;
fonts.fontDir.enable = true;
fonts.packages = with pkgs; [
(nerdfonts.override { fonts = [ "DaddyTimeMono" "NerdFontsSymbolsOnly" ]; })
(nerdfonts.override {
fonts = [
"DaddyTimeMono"
"NerdFontsSymbolsOnly"
];
})
cantarell-fonts
cm_unicode
corefonts
@ -254,13 +202,14 @@
hardware.bluetooth = {
enable = true;
settings = { General = { Disable = "Headset"; }; };
settings = {
General = {
Disable = "Headset";
};
};
};
# Virtual Camera config
boot.extraModulePackages = with config.boot.kernelPackages; [ v4l2loopback ];
boot.kernelModules = [ "v4l2loopback" ];
# Fix Wireguard NetworkManager connections
networking.firewall.checkReversePath = "loose";
}

15
common/fragments/minecraft.nix
View File

@ -1,4 +1,9 @@
{ pkgs, config, lib, ... }:
{
pkgs,
config,
lib,
...
}:
let
rsyncSSHKeys = config.users.users.agatha.openssh.authorizedKeys.keys;
@ -32,7 +37,8 @@ let
allow-flight = true;
max-tick-time = 2 * 60 * 1000;
};
in {
in
{
services.modded-minecraft-servers = {
eula = true;
@ -71,7 +77,10 @@ in {
};
};
systemd.services.mc-e2e.path = with pkgs; [ getconf gawk ];
systemd.services.mc-e2e.path = with pkgs; [
getconf
gawk
];
users.users.agatha.packages = with pkgs; [ mcrcon ];
}

76
flake.lock
View File

@ -67,18 +67,12 @@
}
},
"crane": {
"inputs": {
"nixpkgs": [
"helix",
"nixpkgs"
]
},
"locked": {
"lastModified": 1709610799,
"narHash": "sha256-5jfLQx0U9hXbi2skYMGodDJkIgffrjIOgMRjZqms2QE=",
"lastModified": 1727974419,
"narHash": "sha256-WD0//20h+2/yPGkO88d2nYbb23WMWYvnRyDQ9Dx4UHg=",
"owner": "ipetkov",
"repo": "crane",
"rev": "81c393c776d5379c030607866afef6406ca1be57",
"rev": "37e4f9f0976cb9281cd3f0c70081e5e0ecaee93f",
"type": "github"
},
"original": {
@ -139,11 +133,11 @@
"systems": "systems_4"
},
"locked": {
"lastModified": 1709126324,
"narHash": "sha256-q6EQdSeUZOG26WelxqkmR7kArjgWCdw5sfJVHPH/7j8=",
"lastModified": 1726560853,
"narHash": "sha256-X6rJYSESBVr3hBoH0WbKE5KvhPU5bloyZ2L4K60/fPQ=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "d465f4819400de7c8d874d50b982301f28a84605",
"rev": "c1dfcf08411b08f6b8615f7d8971a2bfa81d5e8a",
"type": "github"
},
"original": {
@ -204,7 +198,7 @@
"inputs": {
"naersk": "naersk_2",
"nixpkgs": [
"nixpkgs-unstable"
"nixpkgs"
],
"utils": "utils_3"
},
@ -232,11 +226,11 @@
"rust-overlay": "rust-overlay"
},
"locked": {
"lastModified": 1725452565,
"narHash": "sha256-kxduxKvEBSEhoxYHQbMCbxHT0t14kRF4zT6ZmWaqH6M=",
"lastModified": 1729690460,
"narHash": "sha256-x8qkGujBPuOefXPyjcaB8Ot0IYkQBy6O2ZYb8NrnB3k=",
"owner": "helix-editor",
"repo": "helix",
"rev": "41db5d735eae03be9a69b1136844dac642484ed8",
"rev": "101a74bf6edbbfdf9b0628a0bdbbc307ebe10ff2",
"type": "github"
},
"original": {
@ -252,11 +246,11 @@
]
},
"locked": {
"lastModified": 1720042825,
"narHash": "sha256-A0vrUB6x82/jvf17qPCpxaM+ulJnD8YZwH9Ci0BsAzE=",
"lastModified": 1726989464,
"narHash": "sha256-Vl+WVTJwutXkimwGprnEtXc/s/s8sMuXzqXaspIGlwM=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "e1391fb22e18a36f57e6999c7a9f966dc80ac073",
"rev": "2f23fa308a7c067e52dfcc30a0758f47043ec176",
"type": "github"
},
"original": {
@ -468,11 +462,11 @@
]
},
"locked": {
"lastModified": 1725544312,
"narHash": "sha256-ETyDNLOF5YvFO2lVlKttXgdHTqSGdp9ZCRRCjv2gaoM=",
"lastModified": 1730070491,
"narHash": "sha256-+RYCbdU6l4E4pr40++lrdhdE3gNC/BR54AL7xWG/YRU=",
"owner": "LnL7",
"repo": "nix-darwin",
"rev": "a55b3f1ab41bb6d5025ebeebb4da5fd240b9b3b3",
"rev": "5c0c6aaa797d6ccbb6cdab14de0248135735709d",
"type": "github"
},
"original": {
@ -497,11 +491,11 @@
},
"nixpkgs-darwin": {
"locked": {
"lastModified": 1725140114,
"narHash": "sha256-tlRqsd84YFI7dL8Lz/Sm+M9Bm+Mh7kUs+5ArJbZsuy8=",
"lastModified": 1730091932,
"narHash": "sha256-Xg1O6tAHBK8EVHMLylYFlpRmqtG/deKqTfI9atLRLE0=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "4927f77b7a68615ce99678086cd3dcd0eda34fdd",
"rev": "9b9516e15a60ce6633efccb02d703f6eca973228",
"type": "github"
},
"original": {
@ -529,17 +523,18 @@
},
"nixpkgs-unstable": {
"locked": {
"lastModified": 1725369773,
"narHash": "sha256-gT+rUDbw+TQuszQEzMUJWTW7QYtccZ5xxWmKOSrPvEw=",
"lastModified": 1729980323,
"narHash": "sha256-eWPRZAlhf446bKSmzw6x7RWEE4IuZgAp8NW3eXZwRAY=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "8b4061fd60ccc3b3f44b73faa7c983eacf7a6f7b",
"rev": "86e78d3d2084ff87688da662cf78c2af085d8e73",
"type": "github"
},
"original": {
"id": "nixpkgs",
"owner": "NixOS",
"ref": "nixpkgs-unstable",
"type": "indirect"
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_2": {
@ -588,17 +583,18 @@
},
"nixpkgs_5": {
"locked": {
"lastModified": 1725407940,
"narHash": "sha256-tiN5Rlg/jiY0tyky+soJZoRzLKbPyIdlQ77xVgREDNM=",
"lastModified": 1729973466,
"narHash": "sha256-knnVBGfTCZlQgxY1SgH0vn2OyehH9ykfF8geZgS95bk=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "6f6c45b5134a8ee2e465164811e451dcb5ad86e3",
"rev": "cd3e8833d70618c4eea8df06f95b364b016d4950",
"type": "github"
},
"original": {
"id": "nixpkgs",
"owner": "NixOS",
"ref": "nixos-24.05",
"type": "indirect"
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_6": {
@ -638,21 +634,17 @@
},
"rust-overlay": {
"inputs": {
"flake-utils": [
"helix",
"flake-utils"
],
"nixpkgs": [
"helix",
"nixpkgs"
]
},
"locked": {
"lastModified": 1709604635,
"narHash": "sha256-le4fwmWmjGRYWwkho0Gr7mnnZndOOe4XGbLw68OvF40=",
"lastModified": 1728268235,
"narHash": "sha256-lJMFnMO4maJuNO6PQ5fZesrTmglze3UFTTBuKGwR1Nw=",
"owner": "oxalica",
"repo": "rust-overlay",
"rev": "e86c0fb5d3a22a5f30d7f64ecad88643fe26449d",
"rev": "25685cc2c7054efc31351c172ae77b21814f2d42",
"type": "github"
},
"original": {

53
flake.nix
View File

@ -1,7 +1,7 @@
{
inputs = {
nixpkgs.url = "nixpkgs/nixos-24.05";
nixpkgs-unstable.url = "nixpkgs/nixpkgs-unstable";
nixpkgs.url = "github:NixOS/nixpkgs/nixos-24.05";
nixpkgs-unstable.url = "github:NixOS/nixpkgs/nixpkgs-unstable";
nixpkgs-darwin.url = "github:NixOS/nixpkgs/nixpkgs-24.05-darwin";
lix-module = {
@ -49,7 +49,7 @@
frq-friend = {
url = "git+https://git.xenua.me/xenua/fedi-frq-friend";
inputs.nixpkgs.follows = "nixpkgs-unstable";
inputs.nixpkgs.follows = "nixpkgs";
};
helix = {
@ -66,6 +66,7 @@
{
nixpkgs,
nixpkgs-unstable,
nixpkgs-darwin,
lix-module,
home-manager,
nix-darwin,
@ -81,7 +82,7 @@
...
}:
let
overlays = system: config: [
mkOverlays = system: config: [
(final: prev: {
helix =
let
@ -106,6 +107,7 @@
unstable = import nixpkgs-unstable { inherit system config; };
})
colmena.overlay
lix-module.overlays.default
];
mkDesktop = hostname: {
imports = [
@ -113,7 +115,6 @@
./common/linux-specific.nix
./hosts/${hostname}/configuration.nix
./common/options.nix
lix-module.nixosModules.default
(import "${home-manager}/nixos")
url-eater.nixosModules.default
colorpickle.nixosModules.default
@ -154,7 +155,7 @@
nixpkgs = import nixpkgs rec {
system = "x86_64-linux";
config.allowUnfree = true;
overlays = overlays system config;
overlays = mkOverlays system config;
};
};
@ -163,14 +164,13 @@
./common
./common/linux-specific.nix
./hosts/bloodletting/configuration.nix
lix-module.nixosModules.default
(import "${home-manager}/nixos")
mms.module
];
deployment = {
targetUser = "root";
targetHost = "bloodletting";
targetHost = "technogothic.net";
tags = [ "prod" ];
@ -220,7 +220,6 @@
./common
./common/linux-specific.nix
./hosts/watchtower/configuration.nix
lix-module.nixosModules.default
(import "${home-manager}/nixos")
];
@ -236,29 +235,35 @@
tears = mkDesktop "tears";
};
darwinConfigurations."Agathas-Mac-mini" = nix-darwin.lib.darwinSystem {
pkgs = import nixpkgs-darwin rec {
system = "aarch64-darwin";
config.allowUnfree = true;
overlays = mkOverlays system config;
};
modules = [
./common
./hosts/Agathas-Mac-mini/configuration.nix
lix-module.nixosModules.default
(import "${home-manager}/nix-darwin")
(
{ config, ... }:
{
nixpkgs.overlays = overlays nixpkgs.system config;
}
)
];
};
devShells."x86_64-linux".default =
devShells =
let
pkgs = import nixpkgs { system = "x86_64-linux"; };
patchedColmena =
system:
let
pkgs = import nixpkgs { inherit system; };
in
pkgs.mkShell {
buildInputs = [
(pkgs.writeShellScriptBin "colmena" ''
${colmena.defaultPackage.${pkgs.system}}/bin/colmena --disable-emoji $@
'')
];
};
in
pkgs.mkShell {
buildInputs = [
(pkgs.writeShellScriptBin "colmena" ''
${colmena.defaultPackage.${pkgs.system}}/bin/colmena --disable-emoji $@
'')
];
{
"x86_64-linux".default = patchedColmena "x86_64-linux";
"aarch64-darwin".default = patchedColmena "aarch64-darwin";
};
};
}

92
hosts/bloodletting/configuration.nix
View File

@ -1,4 +1,10 @@
{ config, pkgs, lib, ... }: {
{
config,
pkgs,
lib,
...
}:
{
imports = [
./hardware-configuration.nix
../../common/fragments/bin.nix
@ -23,8 +29,7 @@
nixpkgs.overlays = [
(final: prev: {
bin = final.callPackage ../../common/pkgs/bin.nix { };
agatha-mastodon =
final.callPackage ../../common/pkgs/mastodon/default.nix { };
agatha-mastodon = final.callPackage ../../common/pkgs/mastodon/default.nix { };
})
];
@ -39,15 +44,19 @@
networking.networkmanager.enable = true;
networking.interfaces.ens20 = {
ipv4.addresses = [{
address = "91.198.192.199";
prefixLength = 27;
}];
ipv4.addresses = [
{
address = "91.198.192.199";
prefixLength = 27;
}
];
ipv6.addresses = [{
address = "2001:67c:b54:1::6";
prefixLength = 64;
}];
ipv6.addresses = [
{
address = "2001:67c:b54:1::6";
prefixLength = 64;
}
];
};
networking.defaultGateway = {
@ -62,11 +71,20 @@
# Open ports in the firewall.
networking.firewall = {
allowedTCPPorts = [ 20 21 22 80 443 990 ];
allowedTCPPortRanges = [{
from = 40000;
to = 40200;
}];
allowedTCPPorts = [
20
21
22
80
443
990
];
allowedTCPPortRanges = [
{
from = 40000;
to = 40200;
}
];
trustedInterfaces = [ "podman0" ];
};
@ -76,7 +94,7 @@
dockerCompat = true;
defaultNetwork.settings.dns_enabled = true;
};
oci-containers = { backend = "podman"; };
oci-containers.backend = "podman";
};
# SSL/TLS Certificates
@ -85,13 +103,20 @@
security.acme.certs."technogothic.net" = {
domain = "*.technogothic.net";
extraDomainNames = [ "technogothic.net" "*.argent.technogothic.net" ];
extraDomainNames = [
"technogothic.net"
"*.argent.technogothic.net"
];
dnsProvider = "hurricane";
credentialsFile = "/var/lib/secrets/hurricane-tokens";
group = "nginx";
};
security.acme.defaults.reloadServices = [ "nginx" "vsftpd" "prosody" ];
security.acme.defaults.reloadServices = [
"nginx"
"vsftpd"
"prosody"
];
systemd.services.nginx.serviceConfig.ProtectHome = "read-only";
# Nginx
@ -108,10 +133,14 @@
upstreams = {
"backend-mastodon-streaming" = {
servers = builtins.listToAttrs (map (i: {
name = "unix:/run/mastodon-streaming/streaming-${toString i}.socket";
value = { fail_timeout = "0"; };
}) (lib.range 1 config.services.mastodon.streamingProcesses));
servers = builtins.listToAttrs (
map (i: {
name = "unix:/run/mastodon-streaming/streaming-${toString i}.socket";
value = {
fail_timeout = "0";
};
}) (lib.range 1 config.services.mastodon.streamingProcesses)
);
extraConfig = ''
least_conn;
'';
@ -125,7 +154,9 @@
serverAliases = [ "agatha.technogothic.net" ];
locations."=/cv.pdf" = { alias = "/home/ftp/cv.pdf"; };
locations."=/cv.pdf" = {
alias = "/home/ftp/cv.pdf";
};
locations."=/.well-known/host-meta" = {
return = "301 https://fv.technogothic.net$request_uri";
@ -168,9 +199,7 @@
locations."/" = {
proxyPass = "http://localhost:6162";
proxyWebsockets = true;
extraConfig = "client_max_body_size ${
toString config.services.bin.textUploadLimit
}M;";
extraConfig = "client_max_body_size ${toString config.services.bin.textUploadLimit}M;";
};
};
@ -180,7 +209,9 @@
root = "/home/ftp";
locations."/" = { extraConfig = "autoindex on;"; };
locations."/" = {
extraConfig = "autoindex on;";
};
};
virtualHosts."fv.technogothic.net" = {
@ -191,7 +222,9 @@
locations."/system/".alias = "/var/lib/mastodon/public-system/";
locations."/" = { tryFiles = "$uri @proxy"; };
locations."/" = {
tryFiles = "$uri @proxy";
};
locations."@proxy" = {
proxyPass = "http://unix:/run/mastodon-web/web.socket";
@ -234,4 +267,3 @@
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
system.stateVersion = "22.11"; # Did you read the comment?
}

20
hosts/ritual/configuration.nix
View File

@ -14,7 +14,9 @@
boot.loader.systemd-boot.configurationLimit = 5;
# Setup keyfile
boot.initrd.secrets = { "/crypto_keyfile.bin" = null; };
boot.initrd.secrets = {
"/crypto_keyfile.bin" = null;
};
networking.hostName = "ritual";
@ -27,7 +29,7 @@
dockerCompat = true;
defaultNetwork.settings.dns_enabled = true;
};
oci-containers = { backend = "podman"; };
oci-containers.backend = "podman";
};
# Don't suspend when closed and plugged into power
@ -35,7 +37,18 @@
home-manager.users.agatha = {
xsession.windowManager.bspwm = {
monitors = { eDP-1 = [ "I" "II" "III" "IV" "V" "VI" "VII" "VIII" ]; };
monitors = {
eDP-1 = [
"I"
"II"
"III"
"IV"
"V"
"VI"
"VII"
"VIII"
];
};
rules = {
"Element".desktop = "II";
"TelegramDesktop".desktop = "III";
@ -68,4 +81,3 @@
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
system.stateVersion = "22.11"; # Did you read the comment?
}

48
hosts/tears/configuration.nix
View File

@ -14,7 +14,9 @@
boot.loader.systemd-boot.configurationLimit = 3;
# Setup keyfile
boot.initrd.secrets = { "/crypto_keyfile.bin" = null; };
boot.initrd.secrets = {
"/crypto_keyfile.bin" = null;
};
networking.hostName = "tears";
@ -27,47 +29,13 @@
dockerCompat = true;
defaultNetwork.settings.dns_enabled = true;
};
oci-containers = { backend = "podman"; };
oci-containers.backend = "podman";
};
home-manager.users.agatha = {
xsession.windowManager.bspwm = {
monitors = {
DP-1 = [ "I" "II" "III" "IV" "V" ];
HDMI-1 = [ "VI" "VII" "VIII" "IX" "X" ];
};
extraConfigEarly =
"xrandr --output HDMI-1 --mode 1920x1080 --rate 144 --dpi 92 --output DP-1 --mode 1920x1080 --rate 144 --dpi 92 --left-of HDMI-1";
rules = {
"Element".desktop = "I";
"TelegramDesktop".desktop = "II";
"dino".desktop = "II";
"Cider".desktop = "III";
"Geary".desktop = "IV";
"firefox" = {
desktop = "VI";
state = "tiled";
follow = false;
};
};
};
services.polybar = {
script = ''
polybar left &
polybar right &'';
settings."bar/right" = {
monitor = "\${env:MONITOR:HDMI-1}";
modules.right =
"filesystem battery pulseaudio xkeyboard memory cpu powermenu";
};
settings."bar/left".monitor = "\${env:MONITOR:DP-1}";
};
};
environment.graphical.theme.name = "bridge";
services.syncthing.dataDir = "/mnt/hdd/syncthing";
# Needed for remote builds
users.users.root.openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGCsAQfMx1X+8HEa88x+l3KdJPFAzXg0vL0l/pm56/ZR nix-builder"
];
# This value determines the NixOS release from which the default
# settings for stateful data, like file locations and database versions

5
hosts/watchtower/configuration.nix
View File

@ -16,6 +16,7 @@
# Enable networking
networking.networkmanager.enable = true;
systemd.services.NetworkManager-wait-online.enable = false;
# Open ports in the firewall.
networking.firewall = {
@ -33,9 +34,7 @@
dockerCompat = true;
defaultNetwork.settings.dns_enabled = true;
};
oci-containers = {
backend = "podman";
};
oci-containers.backend = "podman";
};
# This value determines the NixOS release from which the default