Ittihadyya/adyya-flake
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Moved vscodium definition.

Browse source 
added caddyfile plugin to vscodium.
used nixfmt.
This commit is contained in:
Ittihadyya 2024-11-22 14:34:14 +02:00
parent 91c0a203fc
commit 7bbf371287
12 changed files with 123 additions and 91 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

16
apps.mod.nix
View file

@ -59,7 +59,7 @@
signal-desktop signal-desktop
discord discord
obsidian obsidian
# calibre # still borked apparently, what the hell # still!!! # calibre # still borked apparently, what the hell # still!!!
libreoffice libreoffice
]; ];
@ -70,19 +70,7 @@
terminator = { terminator = {
enable = true; enable = true;
}; };
vscode = {
enable = true;
package = pkgs.vscodium;
mutableExtensionsDir = false;
extensions = with pkgs.vscode-extensions; [
rust-lang.rust-analyzer
tuttieee.emacs-mcx
tamasfe.even-better-toml
vadimcn.vscode-lldb
jnoortheen.nix-ide
mkhl.direnv
];
};
}; };
} }
) )

24
cluster/virtualisation.mod.nix
View file

@ -3,22 +3,24 @@
({ ({
users.users.emv.extraGroups = [ users.users.emv.extraGroups = [
"podman" "podman"
# "docker" # "docker"
]; ];
}) })
]; ];
sucrose.modules = [ sucrose.modules = [
/* ({ /*
virtualisation.docker = { ({
enable = true; virtualisation.docker = {
storageDriver = "btrfs"; enable = true;
daemon.settings = { storageDriver = "btrfs";
userland-proxy = false; daemon.settings = {
ipv6 = false; userland-proxy = false;
data-root = "/home/emv/docker-data-root/"; ipv6 = false;
data-root = "/home/emv/docker-data-root/";
};
}; };
}; })
})*/ */
( (
{ pkgs, ... }: { pkgs, ... }:
{ {

21
dev.mod.nix
View file

@ -15,6 +15,27 @@
}; };
} }
]; ];
personal.home_modules = [
(
{ pkgs, ... }:
{
programs.vscode = {
enable = true;
package = pkgs.vscodium;
mutableExtensionsDir = false;
extensions = with pkgs.vscode-extensions; [
rust-lang.rust-analyzer
tuttieee.emacs-mcx
tamasfe.even-better-toml
vadimcn.vscode-lldb
jnoortheen.nix-ide
mkhl.direnv
matthewpi.caddyfile-support
];
};
}
)
];
personal.modules = [ personal.modules = [
( (
{ pkgs, ... }: { pkgs, ... }:

2
hardware.mod.nix
View file

@ -43,7 +43,7 @@ in
{ {
environment.systemPackages = with pkgs; [ mergerfs ]; environment.systemPackages = with pkgs; [ mergerfs ];
hardware.enableRedistributableFirmware = true; hardware.enableRedistributableFirmware = true;
boot.kernelPackages = pkgs.linuxPackages_latest; # hope this doesn't break anything -e boot.kernelPackages = pkgs.linuxPackages_latest; # hope this doesn't break anything -e
networking.useDHCP = lib.mkDefault true; networking.useDHCP = lib.mkDefault true;
} }
) )

2
networking/general.mod.nix
View file

@ -8,7 +8,7 @@
enable = true; enable = true;
plugins = lib.mkForce [ ]; # networkmanager has a shit ton of vpn plugins by default. which we do not care about because we use wireguard. -e plugins = lib.mkForce [ ]; # networkmanager has a shit ton of vpn plugins by default. which we do not care about because we use wireguard. -e
}; };
systemd.services.NetworkManager-wait-online.enable = false; ## disable networkmanager's waitonline because it fucks up switches systemd.services.NetworkManager-wait-online.enable = false; # # disable networkmanager's waitonline because it fucks up switches
networking.usePredictableInterfaceNames = false; networking.usePredictableInterfaceNames = false;
users.users.emv.extraGroups = [ "networkmanager" ]; users.users.emv.extraGroups = [ "networkmanager" ];
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [

5
networking/ssh.mod.nix
View file

@ -16,7 +16,10 @@
]; ];
fructose.modules = [ fructose.modules = [
{ {
services.openssh.ports = [ 22 222 ]; services.openssh.ports = [
22
222
];
} }
]; ];
personal.home_modules = [ personal.home_modules = [

17
networking/tailscale.mod.nix
View file

@ -39,11 +39,14 @@
} }
]; ];
/*sucrose.modules = [ /*
{ sucrose.modules = [
services.tailscale.extraSetFlags = [ {
"--advertise-exit-node" services.tailscale.extraSetFlags = [
]; "--advertise-exit-node"
} ];
];*/ # this is not needed, currently -e }
];
*/
# this is not needed, currently -e
} }

58
nix.mod.nix
View file

@ -97,7 +97,7 @@ in
''; '';
}) })
]; ];
# nix.package = pkgs.nix-monitored; # nix.package = pkgs.nix-monitored;
environment.systemPackages = [ pkgs.nixmon ]; environment.systemPackages = [ pkgs.nixmon ];
programs.nh.enable = true; programs.nh.enable = true;
} }
@ -179,39 +179,41 @@ in
secretKeyFile = config.sops.secrets.binary-cache-secret.path; secretKeyFile = config.sops.secrets.binary-cache-secret.path;
}; };
/* systemd.timers."auto-update-rebuild" = { /*
wantedBy = [ "timers.target" ]; systemd.timers."auto-update-rebuild" = {
timerConfig = { wantedBy = [ "timers.target" ];
OnBootSec = "5m"; timerConfig = {
OnUnitInactiveSec = "1h"; OnBootSec = "5m";
Unit = "auto-update-rebuild.service"; OnUnitInactiveSec = "1h";
Unit = "auto-update-rebuild.service";
};
}; };
};
systemd.services."auto-update-rebuild" = { systemd.services."auto-update-rebuild" = {
script = '' script = ''
mkdir -p /tmp/auto-update-rebuild && cd /tmp/auto-update-rebuild mkdir -p /tmp/auto-update-rebuild && cd /tmp/auto-update-rebuild
export PATH=${ export PATH=${
lib.makeBinPath ( lib.makeBinPath (
with pkgs; with pkgs;
[ [
nix nix
git git
coreutils coreutils
] ]
) )
} }
nix flake update --flake /home/emv/adyya-flake nix flake update --flake /home/emv/adyya-flake
''; '';
serviceConfig = { serviceConfig = {
Restart = "on-failure"; Restart = "on-failure";
RestartSec = "15m"; RestartSec = "15m";
Type = "oneshot"; Type = "oneshot";
};
}; };
};*/ */
} }
) )
garbage-collection-module garbage-collection-module

3
services/forgejo/forgejo.mod.nix
View file

@ -25,7 +25,8 @@
type = "tar.gz"; type = "tar.gz";
}; };
settings = { # this directly drops stuff in the forgejo app.ini settings = {
# this directly drops stuff in the forgejo app.ini
server = { server = {
DOMAIN = "git.collective-conciousness.monster"; DOMAIN = "git.collective-conciousness.monster";
PROTOCOL = "http"; PROTOCOL = "http";

4
services/gts/gts.mod.nix
View file

@ -42,8 +42,8 @@
cache.memory-target = "500MiB"; cache.memory-target = "500MiB";
### Web config ### Web config
# web-template-base-dir = "/var/gts/web/template/"; # web-template-base-dir = "/var/gts/web/template/";
# web-asset-base-dir = "/var/gts/web/assets/"; # web-asset-base-dir = "/var/gts/web/assets/";
### Instance config ### Instance config
instance-languages = [ instance-languages = [

40
services/murmur/murmur.mod.nix
View file

@ -1,21 +1,29 @@
{ {
glucose.modules = [ glucose.modules = [
({pkgs, config, lib, ...}: { (
services.murmur = { {
enable = true; pkgs,
config,
lib,
...
}:
{
services.murmur = {
enable = true;
environmentFile = "${config.sops.templates."murmur.env.secrets.yaml".path}"; environmentFile = "${config.sops.templates."murmur.env.secrets.yaml".path}";
# the environment variables are provided by, evidently, the environment file. # the environment variables are provided by, evidently, the environment file.
welcometext = "$MURMUR_WELCOME_MESSAGE"; welcometext = "$MURMUR_WELCOME_MESSAGE";
# registerPassword = "$MURMUR_REGISTRY_PASSWORD"; # removed as we realized we don't actually want it to be a public server. # registerPassword = "$MURMUR_REGISTRY_PASSWORD"; # removed as we realized we don't actually want it to be a public server.
password = "$MURMUR_LOGIN_PASSWORD"; password = "$MURMUR_LOGIN_PASSWORD";
port = 64738; # tcp/udp - this is the default but i'm writing it out as to not have to dig into the declaration every time i need to know which port it is. port = 64738; # tcp/udp - this is the default but i'm writing it out as to not have to dig into the declaration every time i need to know which port it is.
openFirewall = true; # this is fine since glucose is not public-facing. otherwise i would prefer to do it through `networking` openFirewall = true; # this is fine since glucose is not public-facing. otherwise i would prefer to do it through `networking`
registerName = "Adyya's cave of hushed tones"; registerName = "Adyya's cave of hushed tones";
registerUrl = "https://mumble.collective-conciousness.monster"; registerUrl = "https://mumble.collective-conciousness.monster";
registerHostname = "mumble.collective-conciousness.mosnter"; # i vaguely know what the difference between these two are but it is a bit strange, i guess. registerHostname = "mumble.collective-conciousness.mosnter"; # i vaguely know what the difference between these two are but it is a bit strange, i guess.
}; };
}) }
)
]; ];
} }

22
sops.mod.nix
View file

@ -48,14 +48,17 @@
''; '';
} }
) )
({config, ...}:{ (
sops.secrets.murmur_login_password = { }; { config, ... }:
sops.secrets.murmur_welcome_message = { }; {
sops.templates."murmur.env.secrets.yaml".content = '' sops.secrets.murmur_login_password = { };
MURMUR_LOGIN_PASSWORD="${config.sops.placeholder."murmur_login_password"}" sops.secrets.murmur_welcome_message = { };
MURMUR_WELCOME_MESSAGE="${config.sops.placeholder."murmur_welcome_message"}" sops.templates."murmur.env.secrets.yaml".content = ''
''; MURMUR_LOGIN_PASSWORD="${config.sops.placeholder."murmur_login_password"}"
}) MURMUR_WELCOME_MESSAGE="${config.sops.placeholder."murmur_welcome_message"}"
'';
}
)
]; ];
fructose.modules = [ fructose.modules = [
( (
@ -68,7 +71,8 @@
} }
) )
( (
{config, ...}: { { config, ... }:
{
sops.secrets.postgresdb_admin_password = { }; sops.secrets.postgresdb_admin_password = { };
sops.secrets.forgejo_db_pass = { }; sops.secrets.forgejo_db_pass = { };
sops.templates."postgresdb.env.secrets.yaml".content = '' sops.templates."postgresdb.env.secrets.yaml".content = ''