Ittihadyya/adyya-flake
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

i take back what i said, it should be relevant now, though
Some checks failed
/ nix fmt (push) Has been cancelled
Details

Browse source
This commit is contained in:
Ittihadyya 2024-11-26 15:30:26 +02:00
parent 321f72f070
commit abd6c558a2
43 changed files with 929 additions and 978 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
_inheritance.mod.nix
View file

@ -2,8 +2,7 @@
merge, merge,
configs, configs,
... ...
}: }: {
{
#capsaicin is a custom-built PC #capsaicin is a custom-built PC
capsaicin = merge configs.universal configs.personal; capsaicin = merge configs.universal configs.personal;
#menthol is a Lenovo Thinkpad T460s #menthol is a Lenovo Thinkpad T460s
@ -15,5 +14,4 @@
fructose = merge configs.universal (merge configs.sucrose configs.cluster); fructose = merge configs.universal (merge configs.sucrose configs.cluster);
#aspartame is a VPS from Contabo #aspartame is a VPS from Contabo
aspartame = merge configs.universal configs.cluster; aspartame = merge configs.universal configs.cluster;
} }

36
adyya-pkgs/adyya_pkgs.mod.nix
View file

@ -1,15 +1,16 @@
{ {
aspartame.modules = [ aspartame.modules = [
( (
{ pkgs, lib, ... }:
{ {
pkgs,
lib,
...
}: {
nixpkgs.overlays = [ nixpkgs.overlays = [
( (
final: prev: final: prev: let
let caddy-custom = pkgs.callPackage ./caddy-custom.nix {};
caddy-custom = pkgs.callPackage ./caddy-custom.nix { }; in let
in
let
# Caddy Layer4 modules # Caddy Layer4 modules
l4CaddyModules = l4CaddyModules =
lib.lists.map lib.lists.map
@ -24,16 +25,16 @@
"modules/l4tls" "modules/l4tls"
"modules/l4proxyprotocol" "modules/l4proxyprotocol"
]; ];
in in {
{
caddy-default = caddy-custom; caddy-default = caddy-custom;
caddy-base = caddy-custom.withPlugins { caddyModules = [ ]; }; caddy-base = caddy-custom.withPlugins {caddyModules = [];};
caddy-l4 = caddy-custom.withPlugins { caddy-l4 = caddy-custom.withPlugins {
caddyModules = l4CaddyModules; caddyModules = l4CaddyModules;
vendorHash = "sha256-Bz2tR1/a2okARCWFEeSEeVUx2mdBe0QKUh5qzKUOF8s="; vendorHash = "sha256-Bz2tR1/a2okARCWFEeSEeVUx2mdBe0QKUh5qzKUOF8s=";
}; };
caddy-many = caddy-custom.withPlugins { caddy-many = caddy-custom.withPlugins {
caddyModules = [ caddyModules =
[
{ {
name = "transform-encoder"; name = "transform-encoder";
repo = "github.com/caddyserver/transform-encoder"; repo = "github.com/caddyserver/transform-encoder";
@ -44,7 +45,8 @@
repo = "github.com/mpilhlt/caddy-conneg"; repo = "github.com/mpilhlt/caddy-conneg";
version = "v0.1.4"; version = "v0.1.4";
} }
] ++ l4CaddyModules; ]
++ l4CaddyModules;
vendorHash = "sha256-OjyJdcbLMSvgkHKR4xMF0BgsuA5kdKgDgV+ocuNHUf4="; vendorHash = "sha256-OjyJdcbLMSvgkHKR4xMF0BgsuA5kdKgDgV+ocuNHUf4=";
}; };
} }
@ -52,21 +54,21 @@
]; ];
} }
) )
({ {
nixpkgs.overlays = [ nixpkgs.overlays = [
(final: prev: { (final: prev: {
gts = final.callPackage ./gts.nix { }; gts = final.callPackage ./gts.nix {};
}) })
]; ];
}) }
]; ];
personal.modules = [ personal.modules = [
({ {
nixpkgs.overlays = [ nixpkgs.overlays = [
(final: prev: { (final: prev: {
beeref = final.callPackage ./beeref.nix { }; # I'M GOING TO TRUNCATE *YOU*, BEEREF. beeref = final.callPackage ./beeref.nix {}; # I'M GOING TO TRUNCATE *YOU*, BEEREF.
}) })
]; ];
}) }
]; ];
} }

10
adyya-pkgs/beeref.nix
View file

@ -3,9 +3,7 @@
fetchurl, fetchurl,
lib, lib,
... ...
}: }: let
let
name = "beeref"; name = "beeref";
version = "0.3.3"; version = "0.3.3";
src = fetchurl { src = fetchurl {
@ -13,13 +11,13 @@ let
hash = "sha256-pavXKtjOvKY2IUPp+UP0v8WkrpPeNEcNDhqoQtFYszo="; hash = "sha256-pavXKtjOvKY2IUPp+UP0v8WkrpPeNEcNDhqoQtFYszo=";
}; };
in in
appimageTools.wrapType2 { appimageTools.wrapType2 {
inherit name version src; inherit name version src;
extraPkgs = pkgs: [ pkgs.python311 ]; extraPkgs = pkgs: [pkgs.python311];
meta = with lib; { meta = with lib; {
description = "A Simple Reference Image Viewer"; description = "A Simple Reference Image Viewer";
homepage = "https://github.com/rbreu/beeref"; homepage = "https://github.com/rbreu/beeref";
license = licenses.gpl3Only; license = licenses.gpl3Only;
mainProgram = "beeref"; mainProgram = "beeref";
}; };
} }

14
adyya-pkgs/caddy-custom.nix
View file

@ -8,8 +8,7 @@
caddy, caddy,
testers, testers,
stdenv, stdenv,
}: }: let
let
attrsToModule = map (plugin: plugin.repo); attrsToModule = map (plugin: plugin.repo);
attrsToVersionedModule = map ( attrsToVersionedModule = map (
{ {
@ -37,7 +36,7 @@ let
hash = "sha256-CBfyqtWp3gYsYwaIxbfXO3AYaBiM7LutLC7uZgYXfkQ="; hash = "sha256-CBfyqtWp3gYsYwaIxbfXO3AYaBiM7LutLC7uZgYXfkQ=";
}; };
subPackages = [ "cmd/caddy" ]; subPackages = ["cmd/caddy"];
ldflags = [ ldflags = [
"-s" "-s"
@ -46,7 +45,7 @@ let
]; ];
# matches upstream since v2.8.0 # matches upstream since v2.8.0
tags = [ "nobadger" ]; tags = ["nobadger"];
nativeBuildInputs = [ nativeBuildInputs = [
gnused gnused
@ -87,7 +86,7 @@ let
]; ];
}; };
in in
buildGoModule { buildGoModule {
inherit inherit
pname pname
version version
@ -103,8 +102,7 @@ buildGoModule {
vendorHash = "sha256-1Api8bBZJ1/oYk4ZGIiwWCSraLzK9L+hsKXkFtk6iVM="; vendorHash = "sha256-1Api8bBZJ1/oYk4ZGIiwWCSraLzK9L+hsKXkFtk6iVM=";
passthru = { passthru = {
withPlugins = withPlugins = {
{
caddyModules, caddyModules,
vendorHash ? lib.fakeHash, vendorHash ? lib.fakeHash,
}: }:
@ -155,4 +153,4 @@ buildGoModule {
}; };
}; };
}; };
} }

15
adyya-pkgs/gts.nix
View file

@ -4,8 +4,7 @@
fetchFromGitHub, fetchFromGitHub,
buildGoModule, buildGoModule,
nixosTests, nixosTests,
}: }: let
let
owner = "superseriousbusiness"; owner = "superseriousbusiness";
repo = "gotosocial"; repo = "gotosocial";
@ -16,7 +15,7 @@ let
hash = "sha256-85CmcWjcX8a+hZxkyRTfXErmkIx64R2scaaS2Fpf668="; hash = "sha256-85CmcWjcX8a+hZxkyRTfXErmkIx64R2scaaS2Fpf668=";
}; };
in in
buildGoModule rec { buildGoModule rec {
inherit version; inherit version;
pname = repo; pname = repo;
@ -49,15 +48,13 @@ buildGoModule rec {
# checks are currently very unstable in our setup, so we should test manually for now # checks are currently very unstable in our setup, so we should test manually for now
doCheck = false; doCheck = false;
checkFlags = checkFlags = let
let
# flaky / broken tests # flaky / broken tests
skippedTests = [ skippedTests = [
# See: https://github.com/superseriousbusiness/gotosocial/issues/2651 # See: https://github.com/superseriousbusiness/gotosocial/issues/2651
"TestPage/minID,_maxID_and_limit_set" "TestPage/minID,_maxID_and_limit_set"
]; ];
in in ["-skip=^${builtins.concatStringsSep "$|^" skippedTests}$"];
[ "-skip=^${builtins.concatStringsSep "$|^" skippedTests}$" ];
passthru.tests.gotosocial = nixosTests.gotosocial; passthru.tests.gotosocial = nixosTests.gotosocial;
@ -72,7 +69,7 @@ buildGoModule rec {
advertised to! A light-weight alternative to Mastodon advertised to! A light-weight alternative to Mastodon
and Pleroma, with support for clients! and Pleroma, with support for clients!
''; '';
maintainers = with maintainers; [ blakesmith ]; maintainers = with maintainers; [blakesmith];
license = licenses.agpl3Only; license = licenses.agpl3Only;
}; };
} }

18
apps.mod.nix
View file

@ -1,9 +1,7 @@
{ vscode-server, ... }: {vscode-server, ...}: {
{
universal.home_modules = [ universal.home_modules = [
( (
{ pkgs, ... }: {pkgs, ...}: {
{
home.packages = with pkgs; [ home.packages = with pkgs; [
ps ps
wget wget
@ -42,16 +40,14 @@
]; ];
personal.modules = [ personal.modules = [
( (
{ pkgs, ... }: {pkgs, ...}: {
{ users.users.emv.extraGroups = ["video"];
users.users.emv.extraGroups = [ "video" ];
} }
) )
]; ];
personal.home_modules = [ personal.home_modules = [
( (
{ pkgs, ... }: {pkgs, ...}: {
{
home.packages = with pkgs; [ home.packages = with pkgs; [
emulsion emulsion
ffmpeg ffmpeg
@ -70,7 +66,6 @@
terminator = { terminator = {
enable = true; enable = true;
}; };
}; };
} }
) )
@ -81,8 +76,7 @@
]; ];
capsaicin.home_modules = [ capsaicin.home_modules = [
( (
{ pkgs, ... }: {pkgs, ...}: {
{
home.packages = with pkgs; [ home.packages = with pkgs; [
cryptsetup cryptsetup
keepassxc keepassxc

8
art.mod.nix
View file

@ -1,9 +1,7 @@
{ {
capsaicin.home_modules = [ capsaicin.home_modules = [
( (
{ pkgs, ... }: {pkgs, ...}: {
{
home.packages = with pkgs; [ home.packages = with pkgs; [
blender # this is because capsaicin is the only one of the two who can take rendering something without starting a forest fire blender # this is because capsaicin is the only one of the two who can take rendering something without starting a forest fire
]; ];
@ -12,8 +10,7 @@
]; ];
personal.home_modules = [ personal.home_modules = [
( (
{ pkgs, ... }: {pkgs, ...}: {
{
home.packages = with pkgs; [ home.packages = with pkgs; [
krita krita
inkscape inkscape
@ -26,5 +23,4 @@
} }
) )
]; ];
} }

3
audio.mod.nix
View file

@ -14,8 +14,7 @@
]; ];
personal.home_modules = [ personal.home_modules = [
( (
{ pkgs, ... }: {pkgs, ...}: {
{
home.packages = with pkgs; [ home.packages = with pkgs; [
pwvucontrol pwvucontrol
pw-volume pw-volume

5
cluster/kernel.mod.nix
View file

@ -1,8 +1,11 @@
{ {
cluster-testing.modules = [ cluster-testing.modules = [
( (
{ pkgs, lib, ... }:
{ {
pkgs,
lib,
...
}: {
boot.kernelPatches = [ boot.kernelPatches = [
{ {
name = "eBPF-cilium"; name = "eBPF-cilium";

4
cluster/kubernetes.mod.nix
View file

@ -1,6 +1,6 @@
{ {
cluster-testing.modules = [ cluster-testing.modules = [
({ {
/* /*
services.k3s = { # just hogging resources at this moment services.k3s = { # just hogging resources at this moment
enable = true; enable = true;
@ -40,6 +40,6 @@
addonManager.enable = true; addonManager.enable = true;
}; #chat is this factual }; #chat is this factual
*/ */
}) }
]; ];
} }

3
cluster/packages.mod.nix
View file

@ -1,8 +1,7 @@
{ {
cluster-testing.modules = [ cluster-testing.modules = [
( (
{ pkgs, ... }: {pkgs, ...}: {
{
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
clang # this is for cilium clang # this is for cilium
llvm_18 # idem llvm_18 # idem

9
cluster/virtualisation.mod.nix
View file

@ -1,16 +1,15 @@
{ {
cluster.modules = [ cluster.modules = [
({ {
users.users.emv.extraGroups = [ users.users.emv.extraGroups = [
"podman" "podman"
]; ];
}) }
]; ];
sucrose.modules = [ sucrose.modules = [
( (
{ pkgs, ... }: {pkgs, ...}: {
{ environment.systemPackages = [pkgs.podman-compose];
environment.systemPackages = [ pkgs.podman-compose ];
virtualisation = { virtualisation = {
containers.enable = true; containers.enable = true;
podman = { podman = {

10
dev.mod.nix
View file

@ -17,8 +17,7 @@
]; ];
personal.home_modules = [ personal.home_modules = [
( (
{ pkgs, ... }: {pkgs, ...}: {
{
programs.vscode = { programs.vscode = {
enable = true; enable = true;
package = pkgs.vscodium; package = pkgs.vscodium;
@ -38,11 +37,8 @@
]; ];
personal.modules = [ personal.modules = [
( (
{ pkgs, ... }: {pkgs, ...}: {
{ environment.systemPackages = with pkgs; [
environment.systemPackages =
with pkgs;
[
]; ];
programs = { programs = {
direnv = { direnv = {

3
emacs.mod.nix
View file

@ -1,8 +1,7 @@
{ {
personal.home_modules = [ personal.home_modules = [
( (
{ pkgs, ... }: {pkgs, ...}: {
{
home.packages = with pkgs; [ home.packages = with pkgs; [
mupdf mupdf
]; ];

57
flake.nix
View file

@ -24,17 +24,14 @@
#niri.url = "github:sodiboo/niri-flake"; #niri.url = "github:sodiboo/niri-flake";
}; };
outputs = outputs = {
{
self, self,
nixpkgs, nixpkgs,
... ...
}@inputs: } @ inputs:
with nixpkgs.lib; with nixpkgs.lib; let
let
match = flip getAttr; match = flip getAttr;
read_dir_recursively = read_dir_recursively = dir:
dir:
concatMapAttrs ( concatMapAttrs (
this: this:
match { match {
@ -44,13 +41,15 @@
regular = { regular = {
${this} = "${dir}/${this}"; ${this} = "${dir}/${this}";
}; };
symlink = { }; symlink = {};
} }
) (builtins.readDir dir); ) (builtins.readDir dir);
# `const` helper function is used extensively: the function is constant in regards to the name of the attribute. # `const` helper function is used extensively: the function is constant in regards to the name of the attribute.
params = inputs // { params =
inputs
// {
configs = raw_configs; configs = raw_configs;
molecules = { molecules = {
# number via perfect squares for now, start from 15 squared for personal and 2 squared for others (use primes afterwards, in the same way) # number via perfect squares for now, start from 15 squared for personal and 2 squared for others (use primes afterwards, in the same way)
@ -73,11 +72,10 @@
(mapAttrs (const (flip toFunction params))) (mapAttrs (const (flip toFunction params)))
]; ];
merge = merge = prev: this:
prev: this:
{ {
modules = prev.modules or [ ] ++ this.modules or [ ]; modules = prev.modules or [] ++ this.modules or [];
home_modules = prev.home_modules or [ ] ++ this.home_modules or [ ]; home_modules = prev.home_modules or [] ++ this.home_modules or [];
} }
// (optionalAttrs (prev ? system || this ? system) { // (optionalAttrs (prev ? system || this ? system) {
system = prev.system or this.system; system = prev.system or this.system;
@ -85,27 +83,35 @@
all_modules = attrValues (read_all_modules "${self}"); all_modules = attrValues (read_all_modules "${self}");
raw_configs' = builtins.zipAttrsWith ( raw_configs' =
machine: if machine == "extras" then mergeAttrsList else builtins.foldl' merge { } builtins.zipAttrsWith (
) all_modules; machine:
if machine == "extras"
then mergeAttrsList
else builtins.foldl' merge {}
)
all_modules;
raw_configs = builtins.removeAttrs raw_configs' [ "extras" ]; raw_configs = builtins.removeAttrs raw_configs' ["extras"];
extras = raw_configs'.extras or { }; extras = raw_configs'.extras or {};
configs = builtins.mapAttrs (const ( configs =
builtins.mapAttrs (const (
config: config:
nixpkgs.lib.nixosSystem { nixpkgs.lib.nixosSystem {
inherit (config) system; inherit (config) system;
modules = config.modules ++ [ modules =
config.modules
++ [
{ {
_module.args.home_modules = config.home_modules; _module.args.home_modules = config.home_modules;
} }
]; ];
} }
)) raw_configs; ))
in raw_configs;
{ in {
# for use in nix repl # for use in nix repl
p = s: builtins.trace "\n\n${s}\n" "---"; p = s: builtins.trace "\n\n${s}\n" "---";
@ -113,14 +119,15 @@
nixosConfigurations = builtins.mapAttrs (name: const configs.${name}) params.molecules; nixosConfigurations = builtins.mapAttrs (name: const configs.${name}) params.molecules;
# This is useful to rebuild all systems at once, for substitution # This is useful to rebuild all systems at once, for substitution
all-systems = nixpkgs.legacyPackages.x86_64-linux.runCommand "all-systems" { } ( all-systems = nixpkgs.legacyPackages.x86_64-linux.runCommand "all-systems" {} (
'' ''
mkdir $out mkdir $out
'' ''
+ (builtins.concatStringsSep "\n" ( + (builtins.concatStringsSep "\n" (
mapAttrsToList (name: config: '' mapAttrsToList (name: config: ''
ln -s ${config.config.system.build.toplevel} $out/${name} ln -s ${config.config.system.build.toplevel} $out/${name}
'') self.nixosConfigurations '')
self.nixosConfigurations
)) ))
); );
}; };

3
fonts.mod.nix
View file

@ -1,8 +1,7 @@
{ {
personal.modules = [ personal.modules = [
( (
{ pkgs, ... }: {pkgs, ...}: {
{
fonts.packages = with pkgs; [ fonts.packages = with pkgs; [
noto-fonts noto-fonts
noto-fonts-cjk-sans noto-fonts-cjk-sans

6
games.mod.nix
View file

@ -1,8 +1,7 @@
{ {
personal.modules = [ personal.modules = [
( (
{ pkgs, ... }: {pkgs, ...}: {
{
programs.steam = { programs.steam = {
enable = true; enable = true;
extraCompatPackages = with pkgs; [ extraCompatPackages = with pkgs; [
@ -15,8 +14,7 @@
personal.home_modules = [ personal.home_modules = [
( (
{ pkgs, ... }: {pkgs, ...}: {
{
home.packages = with pkgs; [ home.packages = with pkgs; [
lutris lutris
heroic heroic

66
hardware.mod.nix
View file

@ -1,47 +1,51 @@
{ nixos-hardware, ... }: {nixos-hardware, ...}: let
let
config = name: system: additional: { config = name: system: additional: {
inherit name; inherit name;
value = { value = {
inherit system; inherit system;
modules = [ modules =
[
{ {
networking.hostName = name; networking.hostName = name;
nixpkgs.hostPlatform = system; nixpkgs.hostPlatform = system;
} }
] ++ additional; ]
++ additional;
}; };
}; };
filesystem = fsType: path: device: options: { filesystem = fsType: path: device: options: {
fileSystems.${path} = { fileSystems.${path} =
{
inherit device fsType; inherit device fsType;
} // (if options == null then { } else { inherit options; }); }
// (
if options == null
then {}
else {inherit options;}
);
}; };
fs.mergerfs = filesystem "fuse.mergerfs"; fs.mergerfs = filesystem "fuse.mergerfs";
fs.btrfs = filesystem "btrfs"; fs.btrfs = filesystem "btrfs";
fs.ext4 = filesystem "ext4"; fs.ext4 = filesystem "ext4";
fs.vfat = filesystem "vfat"; fs.vfat = filesystem "vfat";
swap = device: { swapDevices = [ { inherit device; } ]; }; swap = device: {swapDevices = [{inherit device;}];};
cpu = brand: { hardware.cpu.${brand}.updateMicrocode = true; }; cpu = brand: {hardware.cpu.${brand}.updateMicrocode = true;};
qemu = qemu = {modulesPath, ...}: {
{ modulesPath, ... }: imports = ["${modulesPath}/profiles/qemu-guest.nix"];
{
imports = [ "${modulesPath}/profiles/qemu-guest.nix" ];
}; };
in in
{ {
universal.modules = [ universal.modules = [
( (
{ {
pkgs, pkgs,
lib, lib,
... ...
}: }: {
{ environment.systemPackages = with pkgs; [mergerfs];
environment.systemPackages = with pkgs; [ mergerfs ];
hardware.enableRedistributableFirmware = true; hardware.enableRedistributableFirmware = true;
boot.kernelPackages = pkgs.linuxPackages_latest; # hope this doesn't break anything -e boot.kernelPackages = pkgs.linuxPackages_latest; # hope this doesn't break anything -e
networking.useDHCP = lib.mkDefault true; networking.useDHCP = lib.mkDefault true;
@ -54,8 +58,8 @@ in
services.fwupd.enable = true; services.fwupd.enable = true;
} }
]; ];
} }
// builtins.listToAttrs [ // builtins.listToAttrs [
(config "capsaicin" "x86_64-linux" [ (config "capsaicin" "x86_64-linux" [
(cpu "intel") (cpu "intel")
(fs.btrfs "/" "/dev/disk/by-uuid/a1a32f8b-847c-4349-8743-05d25950db1d" null) (fs.btrfs "/" "/dev/disk/by-uuid/a1a32f8b-847c-4349-8743-05d25950db1d" null)
@ -66,7 +70,7 @@ in
{ {
boot.loader.systemd-boot.enable = true; boot.loader.systemd-boot.enable = true;
zramSwap.enable = true; zramSwap.enable = true;
boot.initrd.kernelModules = [ ]; boot.initrd.kernelModules = [];
boot.initrd.availableKernelModules = [ boot.initrd.availableKernelModules = [
"xhci_pci" "xhci_pci"
"ahci" "ahci"
@ -77,7 +81,7 @@ in
"usbmon" "usbmon"
"v4l2loopback" "v4l2loopback"
]; ];
boot.extraModulePackages = [ ]; boot.extraModulePackages = [];
} }
]) ])
(config "menthol" "x86_64-linux" [ (config "menthol" "x86_64-linux" [
@ -87,15 +91,15 @@ in
{ {
boot.loader.grub.enable = true; boot.loader.grub.enable = true;
boot.loader.grub.device = "/dev/sda"; boot.loader.grub.device = "/dev/sda";
boot.initrd.kernelModules = [ ]; boot.initrd.kernelModules = [];
boot.initrd.availableKernelModules = [ boot.initrd.availableKernelModules = [
"xhci_pci" "xhci_pci"
"ahci" "ahci"
"sd_mod" "sd_mod"
"rtsx_pci_sdmmc" "rtsx_pci_sdmmc"
]; ];
boot.kernelModules = [ "kvm-intel" ]; boot.kernelModules = ["kvm-intel"];
boot.extraModulePackages = [ ]; boot.extraModulePackages = [];
} }
]) ])
(config "glucose" "x86_64-linux" [ (config "glucose" "x86_64-linux" [
@ -105,15 +109,15 @@ in
{ {
boot.loader.grub.enable = true; boot.loader.grub.enable = true;
boot.loader.grub.device = "/dev/sda"; boot.loader.grub.device = "/dev/sda";
boot.initrd.kernelModules = [ ]; boot.initrd.kernelModules = [];
boot.initrd.availableKernelModules = [ boot.initrd.availableKernelModules = [
"xhci_pci" "xhci_pci"
"ehci_pci" "ehci_pci"
"ahci" "ahci"
"sd_mod" "sd_mod"
]; ];
boot.kernelModules = [ ]; boot.kernelModules = [];
boot.extraModulePackages = [ ]; boot.extraModulePackages = [];
} }
]) ])
(config "fructose" "x86_64-linux" [ (config "fructose" "x86_64-linux" [
@ -123,15 +127,15 @@ in
{ {
boot.loader.grub.enable = true; boot.loader.grub.enable = true;
boot.loader.grub.device = "/dev/sda"; boot.loader.grub.device = "/dev/sda";
boot.initrd.kernelModules = [ ]; boot.initrd.kernelModules = [];
boot.initrd.availableKernelModules = [ boot.initrd.availableKernelModules = [
"xhci_pci" "xhci_pci"
"ehci_pci" "ehci_pci"
"ahci" "ahci"
"sd_mod" "sd_mod"
]; ];
boot.kernelModules = [ ]; boot.kernelModules = [];
boot.extraModulePackages = [ ]; boot.extraModulePackages = [];
} }
]) ])
(config "aspartame" "x86_64-linux" [ (config "aspartame" "x86_64-linux" [
@ -148,7 +152,7 @@ in
"virtio_scsi" "virtio_scsi"
"sd_mod" "sd_mod"
]; ];
boot.initrd.kernelModules = [ ]; boot.initrd.kernelModules = [];
} }
]) ])
] ]

22
home.mod.nix
View file

@ -1,16 +1,18 @@
{ home-manager, ... }: {home-manager, ...}: {
{
universal.modules = [ universal.modules = [
home-manager.nixosModules.home-manager home-manager.nixosModules.home-manager
( (
{ config, pkgs, ... }:
{ {
config,
pkgs,
...
}: {
users.users.emv = { users.users.emv = {
isNormalUser = true; isNormalUser = true;
description = "emv"; description = "emv";
# shell = pkgs.zsh; # this is scuffed as hell, please, for the love of fuck, make a zsh.mod.nix file sometime # shell = pkgs.zsh; # this is scuffed as hell, please, for the love of fuck, make a zsh.mod.nix file sometime
# ignoreShellProgramCheck = true; # ignoreShellProgramCheck = true;
extraGroups = [ "wheel" ]; extraGroups = ["wheel"];
}; };
home-manager = { home-manager = {
backupFileExtension = "bak"; backupFileExtension = "bak";
@ -33,26 +35,24 @@
lib, lib,
config, config,
... ...
}: }: {
{
options.systemd-fuckery = { options.systemd-fuckery = {
auto-restart = lib.mkOption { auto-restart = lib.mkOption {
type = lib.types.listOf lib.types.str; type = lib.types.listOf lib.types.str;
default = [ ]; default = [];
}; };
}; };
config = { config = {
home.activation.restartSystemdFuckery = home.activation.restartSystemdFuckery = let
let
ensureRuntimeDir = "XDG_RUNTIME_DIR=\${XDG_RUNTIME_DIR:-/run/user/$(id -u)}"; ensureRuntimeDir = "XDG_RUNTIME_DIR=\${XDG_RUNTIME_DIR:-/run/user/$(id -u)}";
systemctl = "env ${ensureRuntimeDir} ${config.systemd.user.systemctlPath}"; systemctl = "env ${ensureRuntimeDir} ${config.systemd.user.systemctlPath}";
each = f: builtins.concatStringsSep "\n" (map f config.systemd-fuckery.auto-restart); each = f: builtins.concatStringsSep "\n" (map f config.systemd-fuckery.auto-restart);
in in
lib.mkIf (config.systemd-fuckery.auto-restart != [ ]) ( lib.mkIf (config.systemd-fuckery.auto-restart != []) (
lib.hm.dag.entryAfter [ "reloadSystemd" ] '' lib.hm.dag.entryAfter ["reloadSystemd"] ''
systemdStatus=$(${systemctl} --user is-system-running 2>&1 || true) systemdStatus=$(${systemctl} --user is-system-running 2>&1 || true)
if [[ $systemdStatus == 'running' || $systemdStatus == 'degraded' ]]; then if [[ $systemdStatus == 'running' || $systemdStatus == 'degraded' ]]; then

11
locale.mod.nix
View file

@ -1,16 +1,19 @@
{ {
universal.modules = [ universal.modules = [
({ {
time.timeZone = "Europe/Bucharest"; time.timeZone = "Europe/Bucharest";
i18n.defaultLocale = "en_US.UTF-8"; i18n.defaultLocale = "en_US.UTF-8";
}) }
( (
{ pkgs, lib, ... }:
{ {
pkgs,
lib,
...
}: {
services.xserver.xkb.extraLayouts = { services.xserver.xkb.extraLayouts = {
rulemak = { rulemak = {
description = "Rulemak, Colemak based Russian phonetic layout"; description = "Rulemak, Colemak based Russian phonetic layout";
languages = [ "ru" ]; languages = ["ru"];
symbolsFile = pkgs.fetchurl { symbolsFile = pkgs.fetchurl {
url = "https://geert.hendrickx.be/colemak/rulemak.xkb"; url = "https://geert.hendrickx.be/colemak/rulemak.xkb";
hash = "sha256-S91aAlOllcpw9NWYf/vkZksfe4miZgx3BahswPWDWhU="; hash = "sha256-S91aAlOllcpw9NWYf/vkZksfe4miZgx3BahswPWDWhU=";

3
nerd.mod.nix
View file

@ -1,8 +1,7 @@
{ {
personal.home_modules = [ personal.home_modules = [
( (
{ pkgs, ... }: {pkgs, ...}: {
{
home.packages = with pkgs; [ home.packages = with pkgs; [
geogebra6 # geogebra5 currently does not work? geogebra6 # geogebra5 currently does not work?
gimp gimp

6
networking/firewall.mod.nix
View file

@ -9,7 +9,7 @@
fructose.modules = [ fructose.modules = [
{ {
networking.firewall = { networking.firewall = {
allowedUDPPorts = [ ]; allowedUDPPorts = [];
allowedTCPPorts = [ allowedTCPPorts = [
3000 # forgejo http 3000 # forgejo http
222 # forgejo ssh 222 # forgejo ssh
@ -32,7 +32,7 @@
]; ];
aspartame.modules = [ aspartame.modules = [
({ {
services.fail2ban.enable = true; services.fail2ban.enable = true;
networking.firewall = { networking.firewall = {
interfaces.eth0.allowedTCPPorts = [ interfaces.eth0.allowedTCPPorts = [
@ -45,6 +45,6 @@
64738 # murmur udp 64738 # murmur udp
]; ];
}; };
}) }
]; ];
} }

28
networking/general.mod.nix
View file

@ -2,15 +2,18 @@
# networking? I sure hope it is. (It was not) # networking? I sure hope it is. (It was not)
universal.modules = [ universal.modules = [
( (
{ pkgs, lib, ... }:
{ {
pkgs,
lib,
...
}: {
networking.networkmanager = { networking.networkmanager = {
enable = true; enable = true;
plugins = lib.mkForce [ ]; # networkmanager has a shit ton of vpn plugins by default. which we do not care about because we use wireguard. -e plugins = lib.mkForce []; # networkmanager has a shit ton of vpn plugins by default. which we do not care about because we use wireguard. -e
}; };
systemd.services.NetworkManager-wait-online.enable = false; # # disable networkmanager's waitonline because it fucks up switches systemd.services.NetworkManager-wait-online.enable = false; # # disable networkmanager's waitonline because it fucks up switches
networking.usePredictableInterfaceNames = false; networking.usePredictableInterfaceNames = false;
users.users.emv.extraGroups = [ "networkmanager" ]; users.users.emv.extraGroups = ["networkmanager"];
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
busybox busybox
tcpdump tcpdump
@ -26,13 +29,12 @@
personal.modules = [ personal.modules = [
( (
{ pkgs, ... }: {pkgs, ...}: {
{
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
toybox toybox
]; ];
programs.wireshark.enable = true; programs.wireshark.enable = true;
users.users.emv.extraGroups = [ "wireshark" ]; users.users.emv.extraGroups = ["wireshark"];
} }
) )
]; ];
@ -54,8 +56,7 @@
]; ];
glucose.modules = [ glucose.modules = [
( (
{ ... }: {...}: {
{
networking = { networking = {
interfaces.eth0.ipv4.addresses = [ interfaces.eth0.ipv4.addresses = [
{ {
@ -74,8 +75,7 @@
fructose.modules = [ fructose.modules = [
( (
{ ... }: {...}: {
{
networking = { networking = {
interfaces.eth0.ipv4.addresses = [ interfaces.eth0.ipv4.addresses = [
{ {
@ -94,8 +94,7 @@
capsaicin.modules = [ capsaicin.modules = [
( (
{ config, ... }: {config, ...}: {
{
networking.resolvconf.enable = false; networking.resolvconf.enable = false;
networking = { networking = {
interfaces.eth0.ipv4.addresses = [ interfaces.eth0.ipv4.addresses = [
@ -166,8 +165,7 @@
menthol.modules = [ menthol.modules = [
( (
{ config, ... }: {config, ...}: {
{
hardware.bluetooth = { hardware.bluetooth = {
enable = true; # menthol is the only computer that actually has a bluetooth module. enable = true; # menthol is the only computer that actually has a bluetooth module.
powerOnBoot = true; # this will kill the battery, beware. powerOnBoot = true; # this will kill the battery, beware.
@ -175,7 +173,7 @@
networking.networkmanager = { networking.networkmanager = {
# should probably figure out a way to get the default wireless interface? # should probably figure out a way to get the default wireless interface?
ensureProfiles = { ensureProfiles = {
environmentFiles = [ "${config.sops.templates."networkmanager.env.secrets.yaml".path}" ]; environmentFiles = ["${config.sops.templates."networkmanager.env.secrets.yaml".path}"];
profiles = { profiles = {
home2wireless = { home2wireless = {
connection = { connection = {

10
networking/ssh.mod.nix
View file

@ -1,6 +1,6 @@
{ {
universal.modules = [ universal.modules = [
({ {
services.openssh = { services.openssh = {
enable = true; enable = true;
settings.PasswordAuthentication = false; # english is a fake language, apparently it's not "authentification", literally go explode, it makes sense but i am still mad -e settings.PasswordAuthentication = false; # english is a fake language, apparently it's not "authentification", literally go explode, it makes sense but i am still mad -e
@ -12,7 +12,7 @@
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDRf6PfZtcUN5GJ3hcxoxencU2EMRBeu4BIyBSOgKReD emv@capsaicin" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDRf6PfZtcUN5GJ3hcxoxencU2EMRBeu4BIyBSOgKReD emv@capsaicin"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIK2r4QfMmGcPUs4mpYd1YgcLKwwNpBmuHbZVT5VC+8W7 emv@menthol" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIK2r4QfMmGcPUs4mpYd1YgcLKwwNpBmuHbZVT5VC+8W7 emv@menthol"
]; ];
}) }
]; ];
fructose.modules = [ fructose.modules = [
{ {
@ -26,15 +26,13 @@
{ {
programs.ssh = { programs.ssh = {
enable = true; enable = true;
matchBlocks = matchBlocks = let
let
to = hostname: { to = hostname: {
inherit hostname; inherit hostname;
user = "emv"; user = "emv";
identityFile = "~/.ssh/id_ed25519"; identityFile = "~/.ssh/id_ed25519";
}; };
in in {
{
glucose = to "glucose.wg"; glucose = to "glucose.wg";
fructose = to "fructose.wg"; fructose = to "fructose.wg";
capsaicin = to "capsaicin.wg"; capsaicin = to "capsaicin.wg";

2
networking/tailscale.mod.nix
View file

@ -25,7 +25,7 @@
}; };
}; };
}; };
networking.firewall.allowedUDPPorts = [ 6561 ]; networking.firewall.allowedUDPPorts = [6561];
} }
]; ];

60
networking/vpn.mod.nix
View file

@ -3,8 +3,7 @@
nixpkgs, nixpkgs,
molecules, molecules,
... ...
}: }: let
let
public-keys = { public-keys = {
capsaicin = "Jn0yQV0qdi1oPdiMSmQSPk4IYbfR2THuiY5pTl7cLgs="; capsaicin = "Jn0yQV0qdi1oPdiMSmQSPk4IYbfR2THuiY5pTl7cLgs=";
menthol = "6cDCwXBSC0bpEtpRVtzAFrt+a4BYd2iPjCmQb4xpZnU="; menthol = "6cDCwXBSC0bpEtpRVtzAFrt+a4BYd2iPjCmQb4xpZnU=";
@ -19,32 +18,32 @@ let
ips = builtins.mapAttrs (nixpkgs.lib.const ip) molecules; ips = builtins.mapAttrs (nixpkgs.lib.const ip) molecules;
ips' = builtins.mapAttrs (name: ip: "${ip}/32") ips; ips' = builtins.mapAttrs (name: ip: "${ip}/32") ips;
port-for = builtins.mapAttrs ( port-for =
machine: { config, ... }: toString config.networking.wireguard.interfaces.wg0.listenPort builtins.mapAttrs (
) self.nixosConfigurations; machine: {config, ...}: toString config.networking.wireguard.interfaces.wg0.listenPort
in )
{ self.nixosConfigurations;
in {
extras = { extras = {
wireguard-ips = ips; wireguard-ips = ips;
}; };
universal.modules = [ universal.modules = [
( (
{ config, ... }: {config, ...}: {
{
networking = { networking = {
# i sure hope it is # i sure hope it is
nat = { nat = {
enable = true; enable = true;
externalInterface = "eth0"; externalInterface = "eth0";
internalInterfaces = [ "wg0" ]; internalInterfaces = ["wg0"];
}; };
firewall.allowedUDPPorts = [ config.networking.wireguard.interfaces.wg0.listenPort ]; firewall.allowedUDPPorts = [config.networking.wireguard.interfaces.wg0.listenPort];
extraHosts = builtins.concatStringsSep "\n" ( extraHosts = builtins.concatStringsSep "\n" (
nixpkgs.lib.mapAttrsToList (name: ip: "${ip} ${name}.wg") ips nixpkgs.lib.mapAttrsToList (name: ip: "${ip} ${name}.wg") ips
); );
wireguard.interfaces.wg0 = { wireguard.interfaces.wg0 = {
ips = [ "${ips.${config.networking.hostName}}/24" ]; ips = ["${ips.${config.networking.hostName}}/24"];
listenPort = 46656; listenPort = 46656;
privateKeyFile = config.sops.secrets.wireguard-private-key.path; privateKeyFile = config.sops.secrets.wireguard-private-key.path;
}; };
@ -55,8 +54,7 @@ in
glucose.modules = [ glucose.modules = [
( (
{ pkgs, ... }: {pkgs, ...}: {
{
boot.kernel.sysctl."net.ipv4.ip_forward" = 1; boot.kernel.sysctl."net.ipv4.ip_forward" = 1;
networking.wireguard.interfaces.wg0 = { networking.wireguard.interfaces.wg0 = {
postSetup = '' postSetup = ''
@ -69,17 +67,17 @@ in
peers = [ peers = [
{ {
publicKey = public-keys.capsaicin; publicKey = public-keys.capsaicin;
allowedIPs = [ ips'.capsaicin ]; allowedIPs = [ips'.capsaicin];
} }
{ {
publicKey = public-keys.fructose; publicKey = public-keys.fructose;
allowedIPs = [ ips'.fructose ]; allowedIPs = [ips'.fructose];
endpoint = "10.12.96.9:${port-for.fructose}"; endpoint = "10.12.96.9:${port-for.fructose}";
persistentKeepalive = 25; persistentKeepalive = 25;
} }
{ {
publicKey = public-keys.aspartame; publicKey = public-keys.aspartame;
allowedIPs = [ subnet ]; allowedIPs = [subnet];
endpoint = "vps.collective-conciousness.monster:${port-for.aspartame}"; endpoint = "vps.collective-conciousness.monster:${port-for.aspartame}";
persistentKeepalive = 25; persistentKeepalive = 25;
} }
@ -91,8 +89,7 @@ in
fructose.modules = [ fructose.modules = [
( (
{ pkgs, ... }: {pkgs, ...}: {
{
boot.kernel.sysctl."net.ipv4.ip_forward" = 1; boot.kernel.sysctl."net.ipv4.ip_forward" = 1;
networking.wireguard.interfaces.wg0 = { networking.wireguard.interfaces.wg0 = {
postSetup = '' postSetup = ''
@ -105,17 +102,17 @@ in
peers = [ peers = [
{ {
publicKey = public-keys.capsaicin; publicKey = public-keys.capsaicin;
allowedIPs = [ ips'.capsaicin ]; allowedIPs = [ips'.capsaicin];
} }
{ {
publicKey = public-keys.glucose; publicKey = public-keys.glucose;
allowedIPs = [ ips'.glucose ]; allowedIPs = [ips'.glucose];
endpoint = "10.12.96.4:${port-for.glucose}"; endpoint = "10.12.96.4:${port-for.glucose}";
persistentKeepalive = 25; persistentKeepalive = 25;
} }
{ {
publicKey = public-keys.aspartame; publicKey = public-keys.aspartame;
allowedIPs = [ subnet ]; allowedIPs = [subnet];
endpoint = "vps.collective-conciousness.monster:${port-for.aspartame}"; endpoint = "vps.collective-conciousness.monster:${port-for.aspartame}";
persistentKeepalive = 25; persistentKeepalive = 25;
} }
@ -127,8 +124,7 @@ in
aspartame.modules = [ aspartame.modules = [
( (
{ pkgs, ... }: {pkgs, ...}: {
{
boot.kernel.sysctl."net.ipv4.ip_forward" = 1; boot.kernel.sysctl."net.ipv4.ip_forward" = 1;
networking.wireguard.interfaces.wg0 = { networking.wireguard.interfaces.wg0 = {
postSetup = '' postSetup = ''
@ -141,19 +137,19 @@ in
peers = [ peers = [
{ {
publicKey = public-keys.capsaicin; publicKey = public-keys.capsaicin;
allowedIPs = [ ips'.capsaicin ]; allowedIPs = [ips'.capsaicin];
} }
{ {
publicKey = public-keys.glucose; publicKey = public-keys.glucose;
allowedIPs = [ ips'.glucose ]; allowedIPs = [ips'.glucose];
} }
{ {
publicKey = public-keys.fructose; publicKey = public-keys.fructose;
allowedIPs = [ ips'.fructose ]; allowedIPs = [ips'.fructose];
} }
{ {
publicKey = public-keys.menthol; publicKey = public-keys.menthol;
allowedIPs = [ ips'.menthol ]; allowedIPs = [ips'.menthol];
} }
]; ];
}; };
@ -166,19 +162,19 @@ in
networking.wireguard.interfaces.wg0.peers = [ networking.wireguard.interfaces.wg0.peers = [
{ {
publicKey = public-keys.aspartame; publicKey = public-keys.aspartame;
allowedIPs = [ subnet ]; allowedIPs = [subnet];
endpoint = "vps.collective-conciousness.monster:${port-for.aspartame}"; endpoint = "vps.collective-conciousness.monster:${port-for.aspartame}";
persistentKeepalive = 25; persistentKeepalive = 25;
} }
{ {
publicKey = public-keys.glucose; publicKey = public-keys.glucose;
allowedIPs = [ ips'.glucose ]; allowedIPs = [ips'.glucose];
endpoint = "10.12.96.4:${port-for.glucose}"; endpoint = "10.12.96.4:${port-for.glucose}";
persistentKeepalive = 25; persistentKeepalive = 25;
} }
{ {
publicKey = public-keys.fructose; publicKey = public-keys.fructose;
allowedIPs = [ ips'.fructose ]; allowedIPs = [ips'.fructose];
endpoint = "10.12.96.9:${port-for.fructose}"; endpoint = "10.12.96.9:${port-for.fructose}";
persistentKeepalive = 25; persistentKeepalive = 25;
} }
@ -191,7 +187,7 @@ in
networking.wireguard.interfaces.wg0.peers = [ networking.wireguard.interfaces.wg0.peers = [
{ {
publicKey = public-keys.aspartame; publicKey = public-keys.aspartame;
allowedIPs = [ subnet ]; allowedIPs = [subnet];
endpoint = "vps.collective-conciousness.monster:${port-for.aspartame}"; endpoint = "vps.collective-conciousness.monster:${port-for.aspartame}";
persistentKeepalive = 25; persistentKeepalive = 25;
} }

58
nix.mod.nix
View file

@ -2,11 +2,8 @@
nix-monitored, nix-monitored,
molecules, molecules,
... ...
}: }: let
let garbage-collection-module = {lib, ...}: {
garbage-collection-module =
{ lib, ... }:
{
programs.nh.clean = { programs.nh.clean = {
enable = true; enable = true;
extraArgs = "--keep 3 --keep-since 7d"; extraArgs = "--keep 3 --keep-since 7d";
@ -15,25 +12,21 @@ let
nix.optimise = { nix.optimise = {
automatic = true; automatic = true;
dates = [ "Mon..Sun *-*-* 04:00:00" ]; dates = ["Mon..Sun *-*-* 04:00:00"];
}; };
# there are very few circumstances in which we'd be awake at those times. # there are very few circumstances in which we'd be awake at those times.
systemd.timers = systemd.timers = let
let
fuck-off.timerConfig = { fuck-off.timerConfig = {
Persistent = lib.mkForce false; Persistent = lib.mkForce false;
RandomizedDelaySec = lib.mkForce 0; RandomizedDelaySec = lib.mkForce 0;
}; };
in in {
{
nh-clean = fuck-off; nh-clean = fuck-off;
nix-optimise = fuck-off; nix-optimise = fuck-off;
}; };
}; };
distributed-build-module = distributed-build-module = {config, ...}: {
{ config, ... }:
{
nix.distributedBuilds = true; nix.distributedBuilds = true;
nix.buildMachines = [ nix.buildMachines = [
{ {
@ -59,8 +52,7 @@ let
} }
]; ];
}; };
in in {
{
universal.modules = [ universal.modules = [
{ {
system.stateVersion = "24.05"; system.stateVersion = "24.05";
@ -75,8 +67,7 @@ in
}; };
} }
( (
{ pkgs, ... }: {pkgs, ...}: {
{
nixpkgs.overlays = [ nixpkgs.overlays = [
nix-monitored.overlays.default nix-monitored.overlays.default
(final: prev: { (final: prev: {
@ -91,14 +82,14 @@ in
nix-direnv = prev.nix-direnv.override { nix-direnv = prev.nix-direnv.override {
nix = prev.nix-monitored; nix = prev.nix-monitored;
}; };
nixmon = prev.runCommand "nixmon" { } '' nixmon = prev.runCommand "nixmon" {} ''
mkdir -p $out/bin mkdir -p $out/bin
ln -s ${prev.nix-monitored}/bin/nix $out/bin/nixmon ln -s ${prev.nix-monitored}/bin/nix $out/bin/nixmon
''; '';
}) })
]; ];
# nix.package = pkgs.nix-monitored; # nix.package = pkgs.nix-monitored;
environment.systemPackages = [ pkgs.nixmon ]; environment.systemPackages = [pkgs.nixmon];
programs.nh.enable = true; programs.nh.enable = true;
} }
) )
@ -108,8 +99,7 @@ in
pkgs, pkgs,
lib, lib,
... ...
}: }: {
{
programs.ssh.extraConfig = '' programs.ssh.extraConfig = ''
${builtins.concatStringsSep "" ( ${builtins.concatStringsSep "" (
lib.mapAttrsToList (name: n: '' lib.mapAttrsToList (name: n: ''
@ -117,7 +107,8 @@ in
HostName ${name}.wg HostName ${name}.wg
User remote-builder User remote-builder
IdentityFile ${config.sops.secrets.remote-build-ssh-privkey.path} IdentityFile ${config.sops.secrets.remote-build-ssh-privkey.path}
'') molecules '')
molecules
)} )}
''; '';
@ -131,9 +122,9 @@ in
shell = pkgs.runtimeShell; shell = pkgs.runtimeShell;
}; };
users.groups.remote-builder = { }; users.groups.remote-builder = {};
nix.settings.trusted-users = [ "remote-builder" ]; nix.settings.trusted-users = ["remote-builder"];
} }
) )
( (
@ -149,8 +140,8 @@ in
) )
{ {
nix.settings = { nix.settings = {
substituters = [ "https://cache.collective-conciousness.monster" ]; substituters = ["https://cache.collective-conciousness.monster"];
trusted-public-keys = [ "adyya-flake:PAbC0hnAiNj/kHcm9wIykmKIf25FDeXB6JusqlX2ghs=" ]; trusted-public-keys = ["adyya-flake:PAbC0hnAiNj/kHcm9wIykmKIf25FDeXB6JusqlX2ghs="];
}; };
} }
) )
@ -167,8 +158,7 @@ in
pkgs, pkgs,
lib, lib,
... ...
}: }: {
{
# This is publicly served from https://cache.collective-conciousness.monster # This is publicly served from https://cache.collective-conciousness.monster
# That's proxied through aspartame via caddy. # That's proxied through aspartame via caddy.
services.nix-serve = { services.nix-serve = {
@ -218,19 +208,21 @@ in
) )
garbage-collection-module garbage-collection-module
]; ];
fructose.modules = [ garbage-collection-module ]; fructose.modules = [garbage-collection-module];
menthol.modules = [ distributed-build-module ]; menthol.modules = [distributed-build-module];
aspartame.modules = [ aspartame.modules = [
distributed-build-module distributed-build-module
garbage-collection-module garbage-collection-module
]; ];
capsaicin.modules = [ garbage-collection-module ]; capsaicin.modules = [garbage-collection-module];
universal.home_modules = [ universal.home_modules = [
( (
{ pkgs, lib, ... }:
{ {
pkgs,
lib,
...
}: {
home.packages = with pkgs; [ home.packages = with pkgs; [
cachix cachix
nil nil

7
peripherals.mod.nix
View file

@ -1,11 +1,10 @@
{ {
personal.modules = [ personal.modules = [
( (
{ pkgs, ... }: {pkgs, ...}: {
{
programs.adb.enable = true; # #yeag that's it for now lol programs.adb.enable = true; # #yeag that's it for now lol
users.users.emv.extraGroups = [ "adbusers" ]; users.users.emv.extraGroups = ["adbusers"];
services.udev.packages = [ pkgs.android-udev-rules ]; services.udev.packages = [pkgs.android-udev-rules];
} }
) )
]; ];

5
services/caddy/caddy.mod.nix
View file

@ -1,8 +1,11 @@
{ {
aspartame.modules = [ aspartame.modules = [
( (
{ pkgs, lib, ... }:
{ {
pkgs,
lib,
...
}: {
services.caddy = { services.caddy = {
enable = true; enable = true;
package = pkgs.caddy-many; package = pkgs.caddy-many;

3
services/couchdb/couchdb.mod.nix
View file

@ -1,8 +1,7 @@
{ {
glucose.modules = [ glucose.modules = [
( (
{ config, ... }: {config, ...}: {
{
# services.couchdb = { # services.couchdb = {
# enable = true; # enable = true;
# adminUser = "Admin"; # adminUser = "Admin";

5
services/forgejo/forgejo.mod.nix
View file

@ -1,8 +1,11 @@
{ {
fructose.modules = [ fructose.modules = [
( (
{ config, pkgs, ... }:
{ {
config,
pkgs,
...
}: {
services.forgejo = { services.forgejo = {
enable = true; enable = true;
package = pkgs.forgejo; package = pkgs.forgejo;

10
services/forgejo/runner.mod.nix
View file

@ -6,15 +6,13 @@
config, config,
lib, lib,
... ...
}: }: {
{
services.gitea-actions-runner = { services.gitea-actions-runner = {
package = pkgs.forgejo-runner; package = pkgs.forgejo-runner;
instances = { instances = {
${config.networking.hostName} = { ${config.networking.hostName} = {
enable = true; enable = true;
hostPackages = hostPackages = with pkgs;
with pkgs;
lib.mkDefault [ lib.mkDefault [
bash bash
coreutils coreutils
@ -26,9 +24,9 @@
nix nix
nixfmt-rfc-style nixfmt-rfc-style
]; ];
labels = [ ]; labels = [];
name = config.networking.hostName; name = config.networking.hostName;
settings = { }; settings = {};
tokenFile = config.sops.templates."forgejo_runner.env.secrets.yaml".path; tokenFile = config.sops.templates."forgejo_runner.env.secrets.yaml".path;
url = "https://git.collective-conciousness.monster"; url = "https://git.collective-conciousness.monster";
}; };

5
services/gts/gts.mod.nix
View file

@ -1,8 +1,11 @@
{ {
aspartame.modules = [ aspartame.modules = [
( (
{ pkgs, config, ... }:
{ {
pkgs,
config,
...
}: {
services.gotosocial = { services.gotosocial = {
enable = true; enable = true;
package = pkgs.gts; package = pkgs.gts;

3
services/murmur/murmur.mod.nix
View file

@ -6,8 +6,7 @@
config, config,
lib, lib,
... ...
}: }: {
{
services.murmur = { services.murmur = {
enable = true; enable = true;

3
services/pihole/pihole.mod.nix
View file

@ -1,8 +1,7 @@
{ {
fructose.modules = [ fructose.modules = [
( (
{ config, ... }: {config, ...}: {
{
virtualisation.oci-containers = { virtualisation.oci-containers = {
containers.pihole = { containers.pihole = {
image = "pihole/pihole:latest"; image = "pihole/pihole:latest";

6
services/postgres/postgres.mod.nix
View file

@ -85,8 +85,7 @@
pkgs, pkgs,
lib, lib,
... ...
}: }: {
{
virtualisation.oci-containers = { virtualisation.oci-containers = {
containers.postgres = { containers.postgres = {
image = "postgres:17"; image = "postgres:17";
@ -106,11 +105,10 @@
"5433:8080" "5433:8080"
"5434:53" "5434:53"
]; ];
dependsOn = [ "postgres" ]; dependsOn = ["postgres"];
}; };
}; };
} }
) )
]; ];
} }

3
services/website/website.mod.nix
View file

@ -1,8 +1,7 @@
{ {
aspartame.modules = [ aspartame.modules = [
( (
{ pkgs, ... }: {pkgs, ...}: {
{
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
zola zola
]; ];

72
sops.mod.nix
View file

@ -1,5 +1,4 @@
{ sops-nix, ... }: {sops-nix, ...}: {
{
universal.modules = [ universal.modules = [
sops-nix.nixosModules.sops sops-nix.nixosModules.sops
{ {
@ -11,22 +10,20 @@
sops.age.keyFile = "/home/emv/.config/sops/age/keys.txt"; sops.age.keyFile = "/home/emv/.config/sops/age/keys.txt";
} }
( (
{ config, ... }: {config, ...}: {
{
sops.secrets.wireguard-private-key = { sops.secrets.wireguard-private-key = {
key = "wireguard-private-keys/${config.networking.hostName}"; key = "wireguard-private-keys/${config.networking.hostName}";
}; };
} }
) )
({ {
sops.secrets.remote-build-ssh-privkey = { }; sops.secrets.remote-build-ssh-privkey = {};
}) }
]; ];
aspartame.modules = [ aspartame.modules = [
( (
{ config, ... }: {config, ...}: {
{ sops.secrets.gts_db_pass = {};
sops.secrets.gts_db_pass = { };
sops.templates."gts.env.secrets.yaml".content = '' sops.templates."gts.env.secrets.yaml".content = ''
GTS_DB_PASSWORD=${config.sops.placeholder."gts_db_pass"} GTS_DB_PASSWORD=${config.sops.placeholder."gts_db_pass"}
''; '';
@ -35,9 +32,8 @@
]; ];
sucrose.modules = [ sucrose.modules = [
( (
{ config, ... }: {config, ...}: {
{ sops.secrets."forgejo_runner_${config.networking.hostName}_token" = {};
sops.secrets."forgejo_runner_${config.networking.hostName}_token" = { };
sops.templates."forgejo_runner.env.secrets.yaml".content = '' sops.templates."forgejo_runner.env.secrets.yaml".content = ''
TOKEN=${config.sops.placeholder."forgejo_runner_${config.networking.hostName}_token"} TOKEN=${config.sops.placeholder."forgejo_runner_${config.networking.hostName}_token"}
''; '';
@ -45,14 +41,13 @@
) )
]; ];
glucose.modules = [ glucose.modules = [
({
sops.secrets.binary_cache_secret = { };
})
(
{ config, ... }:
{ {
sops.secrets.couchdb_admin_pass = { }; sops.secrets.binary_cache_secret = {};
sops.secrets.couchdb_admin_account = { }; }
(
{config, ...}: {
sops.secrets.couchdb_admin_pass = {};
sops.secrets.couchdb_admin_account = {};
sops.templates."couchdb.env.secrets.yaml".content = '' sops.templates."couchdb.env.secrets.yaml".content = ''
COUCHDB_PASSWORD="${config.sops.placeholder."couchdb_admin_pass"}" COUCHDB_PASSWORD="${config.sops.placeholder."couchdb_admin_pass"}"
COUCHDB_USER="${config.sops.placeholder."couchdb_admin_account"}" COUCHDB_USER="${config.sops.placeholder."couchdb_admin_account"}"
@ -60,10 +55,9 @@
} }
) )
( (
{ config, ... }: {config, ...}: {
{ sops.secrets.murmur_login_password = {};
sops.secrets.murmur_login_password = { }; sops.secrets.murmur_welcome_message = {};
sops.secrets.murmur_welcome_message = { };
sops.templates."murmur.env.secrets.yaml".content = '' sops.templates."murmur.env.secrets.yaml".content = ''
MURMUR_LOGIN_PASSWORD="${config.sops.placeholder."murmur_login_password"}" MURMUR_LOGIN_PASSWORD="${config.sops.placeholder."murmur_login_password"}"
MURMUR_WELCOME_MESSAGE="${config.sops.placeholder."murmur_welcome_message"}" MURMUR_WELCOME_MESSAGE="${config.sops.placeholder."murmur_welcome_message"}"
@ -73,19 +67,17 @@
]; ];
fructose.modules = [ fructose.modules = [
( (
{ config, ... }: {config, ...}: {
{ sops.secrets.pihole_webpassword = {};
sops.secrets.pihole_webpassword = { };
sops.templates."pihole.env.secrets.yaml".content = '' sops.templates."pihole.env.secrets.yaml".content = ''
WEBPASSWORD="${config.sops.placeholder."pihole_webpassword"}" WEBPASSWORD="${config.sops.placeholder."pihole_webpassword"}"
''; '';
} }
) )
( (
{ config, ... }: {config, ...}: {
{ sops.secrets.postgresdb_admin_password = {};
sops.secrets.postgresdb_admin_password = { }; sops.secrets.forgejo_db_pass = {};
sops.secrets.forgejo_db_pass = { };
sops.templates."postgresdb.env.secrets.yaml".content = '' sops.templates."postgresdb.env.secrets.yaml".content = ''
POSTGRES_PASSWORD=${config.sops.placeholder."postgresdb_admin_password"} POSTGRES_PASSWORD=${config.sops.placeholder."postgresdb_admin_password"}
''; '';
@ -94,14 +86,13 @@
]; ];
personal.modules = [ personal.modules = [
( (
{ config, ... }: {config, ...}: {
{ sops.secrets.home1_ssid = {};
sops.secrets.home1_ssid = { }; sops.secrets.home1_psk = {};
sops.secrets.home1_psk = { }; sops.secrets.home2_ssid = {};
sops.secrets.home2_ssid = { }; sops.secrets.home2_psk = {};
sops.secrets.home2_psk = { }; sops.secrets.phone_ssid = {};
sops.secrets.phone_ssid = { }; sops.secrets.phone_psk = {};
sops.secrets.phone_psk = { };
sops.templates."networkmanager.env.secrets.yaml".content = '' sops.templates."networkmanager.env.secrets.yaml".content = ''
HOME1_SSID="${config.sops.placeholder."home1_ssid"}" HOME1_SSID="${config.sops.placeholder."home1_ssid"}"
HOME2_SSID="${config.sops.placeholder."home2_ssid"}" HOME2_SSID="${config.sops.placeholder."home2_ssid"}"
@ -115,8 +106,7 @@
]; ];
universal.home_modules = [ universal.home_modules = [
( (
{ pkgs, ... }: {pkgs, ...}: {
{
home.packages = with pkgs; [ home.packages = with pkgs; [
sops sops
age age

24
stylix.mod.nix
View file

@ -1,15 +1,12 @@
{ stylix, ... }: {stylix, ...}: let
let
wallpapers = wallpapers =
builtins.mapAttrs builtins.mapAttrs
( (
name: value: name: value: {
{
lib, lib,
pkgs, pkgs,
... ...
}: }: {
{
stylix.image = pkgs.fetchurl { stylix.image = pkgs.fetchurl {
url = value.url; url = value.url;
hash = value.hash or lib.fakeHash; hash = value.hash or lib.fakeHash;
@ -38,8 +35,7 @@ let
twirly-bh.url = "https://w.wallhaven.cc/full/l8/wallhaven-l8v7kq.jpg"; twirly-bh.url = "https://w.wallhaven.cc/full/l8/wallhaven-l8v7kq.jpg";
twirly-bh.hash = "sha256-on/wIsdUgKSgl9o/jwKu/Rk2ehK9JgDBoGji+QH5b5s="; twirly-bh.hash = "sha256-on/wIsdUgKSgl9o/jwKu/Rk2ehK9JgDBoGji+QH5b5s=";
}; };
in in {
{
personal.modules = [ personal.modules = [
stylix.nixosModules.stylix stylix.nixosModules.stylix
( (
@ -47,8 +43,7 @@ in
pkgs, pkgs,
config, config,
... ...
}: }: {
{
stylix.enable = true; stylix.enable = true;
stylix.polarity = "dark"; stylix.polarity = "dark";
@ -87,15 +82,14 @@ in
pkgs, pkgs,
config, config,
... ...
}: }: {
{ systemd-fuckery.auto-restart = ["swaybg"];
systemd-fuckery.auto-restart = [ "swaybg" ];
systemd.user.services."swaybg" = { systemd.user.services."swaybg" = {
Unit = { Unit = {
Description = "wallpapers! brought to you by stylix! :3"; Description = "wallpapers! brought to you by stylix! :3";
PartOf = [ "graphical-session.target" ]; PartOf = ["graphical-session.target"];
}; };
Install.WantedBy = [ "graphical-session.target" ]; Install.WantedBy = ["graphical-session.target"];
Service = { Service = {
ExecStart = "${lib.getExe pkgs.swaybg} -i ${config.stylix.image}"; ExecStart = "${lib.getExe pkgs.swaybg} -i ${config.stylix.image}";
Restart = "on-failure"; Restart = "on-failure";

38
sway.mod.nix
View file

@ -1,8 +1,7 @@
{ {
personal.modules = [ personal.modules = [
( (
{ pkgs, ... }: {pkgs, ...}: {
{
programs.sway = { programs.sway = {
enable = true; enable = true;
package = pkgs.swayfx; package = pkgs.swayfx;
@ -25,8 +24,7 @@
pkgs, pkgs,
config, config,
... ...
}: }: {
{
wayland.windowManager.sway = { wayland.windowManager.sway = {
enable = true; enable = true;
systemd.enable = true; systemd.enable = true;
@ -36,19 +34,17 @@
config = { config = {
modifier = "Mod4"; modifier = "Mod4";
fonts = lib.mkDefault { fonts = lib.mkDefault {
names = [ "pango" ]; names = ["pango"];
style = "monospace"; style = "monospace";
size = 8.0; size = 8.0;
}; };
terminal = "terminator"; terminal = "terminator";
keybindings = keybindings = let
let
mod = config.wayland.windowManager.sway.config.modifier; mod = config.wayland.windowManager.sway.config.modifier;
term = config.wayland.windowManager.sway.config.terminal; term = config.wayland.windowManager.sway.config.terminal;
rofi = "rofi"; rofi = "rofi";
in in {
{
"${mod}+Return" = "exec ${term}"; # opens a terminal window "${mod}+Return" = "exec ${term}"; # opens a terminal window
"${mod}+Shift+q" = "kill"; # kills the active window "${mod}+Shift+q" = "kill"; # kills the active window
@ -114,16 +110,16 @@
### TODO : Resize mode and automatic floating ### TODO : Resize mode and automatic floating
assigns = { assigns = {
"1:" = [ { title = "^Signal$|Discord$"; } ]; "1:" = [{title = "^Signal$|Discord$";}];
"2:main" = [ { title = "VSCodium$"; } ]; "2:main" = [{title = "VSCodium$";}];
"3:browsing" = [ { title = "LibreWolf$"; } ]; "3:browsing" = [{title = "LibreWolf$";}];
"4:misc" = [ ]; "4:misc" = [];
"5:5" = [ ]; "5:5" = [];
"6:6" = [ ]; "6:6" = [];
"7:7" = [ ]; "7:7" = [];
"8:8" = [ ]; "8:8" = [];
"9:9" = [ ]; "9:9" = [];
"0:audio" = [ { title = "pwvucontrol$|noisetorch$"; } ]; "0:audio" = [{title = "pwvucontrol$|noisetorch$";}];
}; };
/* /*
@ -169,7 +165,7 @@
*/ */
bars = [ bars = [
({ {
statusCommand = "\${pkgs.swayrbar}/bin/swayrbar"; statusCommand = "\${pkgs.swayrbar}/bin/swayrbar";
position = "bottom"; position = "bottom";
trayOutput = "primary"; trayOutput = "primary";
@ -208,7 +204,7 @@
text = "#ffffff"; text = "#ffffff";
}; };
}; };
}) }
]; ];
output = { output = {
DP-3 = { DP-3 = {

6
tex.mod.nix
View file

@ -1,13 +1,13 @@
{ {
personal.home_modules = [ personal.home_modules = [
( (
{ pkgs, ... }: {pkgs, ...}: {
{
programs.texlive = { programs.texlive = {
enable = true; enable = true;
packageSet = pkgs.texlive; packageSet = pkgs.texlive;
extraPackages = tpkgs: { extraPackages = tpkgs: {
inherit (tpkgs) inherit
(tpkgs)
scheme-medium scheme-medium
dvisvgm dvisvgm
dvipng # in-place output dvipng # in-place output

3
zsh.mod.nix
View file

@ -1,8 +1,7 @@
{ {
universal.modules = [ universal.modules = [
( (
{ pkgs, ... }: {pkgs, ...}: {
{
programs.zsh = { programs.zsh = {
enable = true; enable = true;
}; };