Compare commits
No commits in common. "ae0b0534448fb63daff3063c715512d9f18fb878" and "a930955644ed9fa9a75369284d1c18e8516dc385" have entirely different histories.
ae0b053444
...
a930955644
16
flake.lock
16
flake.lock
|
@ -420,21 +420,6 @@
|
||||||
"type": "github"
|
"type": "github"
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"nix-flatpak": {
|
|
||||||
"locked": {
|
|
||||||
"lastModified": 1721549352,
|
|
||||||
"narHash": "sha256-nlXJa8RSOX0kykrIYW33ukoHYq+FOSNztHLLgqKwOp8=",
|
|
||||||
"owner": "gmodena",
|
|
||||||
"repo": "nix-flatpak",
|
|
||||||
"rev": "dbce39ea8664820ba9037caaf1e2fad365ed6b4b",
|
|
||||||
"type": "github"
|
|
||||||
},
|
|
||||||
"original": {
|
|
||||||
"owner": "gmodena",
|
|
||||||
"repo": "nix-flatpak",
|
|
||||||
"type": "github"
|
|
||||||
}
|
|
||||||
},
|
|
||||||
"nix-index-database": {
|
"nix-index-database": {
|
||||||
"inputs": {
|
"inputs": {
|
||||||
"nixpkgs": [
|
"nixpkgs": [
|
||||||
|
@ -554,7 +539,6 @@
|
||||||
"hyprland": "hyprland",
|
"hyprland": "hyprland",
|
||||||
"hyprland-contrib": "hyprland-contrib",
|
"hyprland-contrib": "hyprland-contrib",
|
||||||
"neovim-nightly-overlay": "neovim-nightly-overlay",
|
"neovim-nightly-overlay": "neovim-nightly-overlay",
|
||||||
"nix-flatpak": "nix-flatpak",
|
|
||||||
"nix-index-database": "nix-index-database",
|
"nix-index-database": "nix-index-database",
|
||||||
"nixpkgs": "nixpkgs_3",
|
"nixpkgs": "nixpkgs_3",
|
||||||
"nixpkgs-unstable": "nixpkgs-unstable",
|
"nixpkgs-unstable": "nixpkgs-unstable",
|
||||||
|
|
|
@ -18,7 +18,6 @@
|
||||||
neovim-nightly-overlay = {
|
neovim-nightly-overlay = {
|
||||||
url = "github:nix-community/neovim-nightly-overlay";
|
url = "github:nix-community/neovim-nightly-overlay";
|
||||||
};
|
};
|
||||||
nix-flatpak.url = "github:gmodena/nix-flatpak";
|
|
||||||
hyprland-contrib = {
|
hyprland-contrib = {
|
||||||
url = "github:hyprwm/contrib";
|
url = "github:hyprwm/contrib";
|
||||||
inputs.nixpkgs.follows = "nixpkgs";
|
inputs.nixpkgs.follows = "nixpkgs";
|
||||||
|
@ -52,13 +51,11 @@
|
||||||
, neovim-nightly-overlay
|
, neovim-nightly-overlay
|
||||||
, nix-index-database
|
, nix-index-database
|
||||||
, rust-overlay
|
, rust-overlay
|
||||||
, nix-flatpak
|
|
||||||
, ...
|
, ...
|
||||||
}:
|
}:
|
||||||
let
|
let
|
||||||
commonModules = [
|
commonModules = [
|
||||||
nur.nixosModules.nur
|
nur.nixosModules.nur
|
||||||
nix-flatpak.nixosModules.nix-flatpak
|
|
||||||
home-manager.nixosModules.home-manager
|
home-manager.nixosModules.home-manager
|
||||||
nix-index-database.nixosModules.nix-index
|
nix-index-database.nixosModules.nix-index
|
||||||
{
|
{
|
||||||
|
|
|
@ -41,16 +41,6 @@
|
||||||
"bind"
|
"bind"
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
fileSystems."/nas/public/Public" = {
|
|
||||||
device = "/nas/Syncthing/Sync/Public";
|
|
||||||
fsType = "auto";
|
|
||||||
options = [
|
|
||||||
"defaults"
|
|
||||||
"nofail"
|
|
||||||
"nobootwait"
|
|
||||||
"bind"
|
|
||||||
];
|
|
||||||
};
|
|
||||||
|
|
||||||
swapDevices = [ ];
|
swapDevices = [ ];
|
||||||
|
|
||||||
|
@ -96,7 +86,6 @@
|
||||||
};
|
};
|
||||||
|
|
||||||
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
|
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
|
||||||
hardware.enableAllFirmware = true;
|
|
||||||
hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
|
hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
|
||||||
hardware.opengl = {
|
hardware.opengl = {
|
||||||
enable = true;
|
enable = true;
|
||||||
|
|
|
@ -227,7 +227,7 @@ in
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
extraConfig = /*hyprlang*/ ''
|
extraConfig = /*hyprlang*/ ''
|
||||||
exec-once=dbus-update-activation-environment --all
|
exec-once=dbus-update-activation-enviroment --all
|
||||||
exec-once=${gnome-keyring.path} ${config.sops.secrets."gnome-keyring/${config.home.username}".path}
|
exec-once=${gnome-keyring.path} ${config.sops.secrets."gnome-keyring/${config.home.username}".path}
|
||||||
exec-once=foot --server
|
exec-once=foot --server
|
||||||
|
|
||||||
|
|
|
@ -5,31 +5,32 @@ let
|
||||||
in
|
in
|
||||||
{
|
{
|
||||||
config = mkIf cfg.enable {
|
config = mkIf cfg.enable {
|
||||||
|
|
||||||
programs.yazi = {
|
programs.yazi = {
|
||||||
enable = true;
|
enable = true;
|
||||||
enableZshIntegration = true;
|
enableZshIntegration = true;
|
||||||
keymap = {
|
keymap = {
|
||||||
manager.prepend_keymap = [
|
manager.prepend_keymap = [
|
||||||
# {
|
{
|
||||||
# on = [ "m" ];
|
on = [ "m" ];
|
||||||
# run = "plugin bookmarks --args=save";
|
run = "plugin bookmarks --args=save";
|
||||||
# desc = "Save current position as a bookmark";
|
desc = "Save current position as a bookmark";
|
||||||
# }
|
}
|
||||||
# {
|
{
|
||||||
# on = [ "'" ];
|
on = [ "'" ];
|
||||||
# run = "plugin bookmarks --args=jump";
|
run = "plugin bookmarks --args=jump";
|
||||||
# desc = "Jump to a bookmark";
|
desc = "Jump to a bookmark";
|
||||||
# }
|
}
|
||||||
# {
|
{
|
||||||
# on = [ "b" "d" ];
|
on = [ "b" "d" ];
|
||||||
# run = "plugin bookmarks --args=delete";
|
run = "plugin bookmarks --args=delete";
|
||||||
# desc = "Delete a bookmark";
|
desc = "Delete a bookmark";
|
||||||
# }
|
}
|
||||||
# {
|
{
|
||||||
# on = [ "b" "D" ];
|
on = [ "b" "D" ];
|
||||||
# run = "plugin bookmarks --args=delete_all";
|
run = "plugin bookmarks --args=delete_all";
|
||||||
# desc = "Delete all bookmarks";
|
desc = "Delete all bookmarks";
|
||||||
# }
|
}
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
settings = {
|
settings = {
|
||||||
|
@ -79,12 +80,6 @@ in
|
||||||
{ name = "*"; use = "open"; }
|
{ name = "*"; use = "open"; }
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
plugin = {
|
|
||||||
prepend_previewers = [
|
|
||||||
{ mime = "{image,audio,video}/*"; run = "mediainfo"; }
|
|
||||||
{ mime = "application/x-subrip"; run = "mediainfo"; }
|
|
||||||
];
|
|
||||||
};
|
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
home.file = {
|
home.file = {
|
||||||
|
@ -97,31 +92,22 @@ in
|
||||||
sha256 = "sha256-TSmZwy9jhf0D+6l4KbNQ6BjHbL0Vfo/yL3wt8bjo/EM=";
|
sha256 = "sha256-TSmZwy9jhf0D+6l4KbNQ6BjHbL0Vfo/yL3wt8bjo/EM=";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
".config/yazi/plugins/mediainfo.yazi" = {
|
".config/yazi/init.lua".text = /*lua*/ ''
|
||||||
recursive = true;
|
require("bookmarks"):setup({
|
||||||
source = pkgs.fetchFromGitHub {
|
last_directory = { enable = false, persist = false },
|
||||||
owner = "Ape";
|
persist = "none",
|
||||||
repo = "mediainfo.yazi";
|
desc_format = "full",
|
||||||
rev = "c69314e80f5b45fe87a0e06a10d064ed54110439";
|
notify = {
|
||||||
hash = "sha256-8xdBPdKSiwB7iRU8DJdTHY+BjfR9D3FtyVtDL9tNiy4=";
|
enable = false,
|
||||||
};
|
timeout = 1,
|
||||||
};
|
message = {
|
||||||
# ".config/yazi/init.lua".text = /*lua*/ ''
|
new = "New bookmark '<key>' -> '<folder>'",
|
||||||
# require("bookmarks"):setup({
|
delete = "Deleted bookmark in '<key>'",
|
||||||
# last_directory = { enable = false, persist = false },
|
delete_all = "Deleted all bookmarks",
|
||||||
# persist = "none",
|
},
|
||||||
# desc_format = "full",
|
},
|
||||||
# notify = {
|
})
|
||||||
# enable = false,
|
'';
|
||||||
# timeout = 1,
|
|
||||||
# message = {
|
|
||||||
# new = "New bookmark '<key>' -> '<folder>'",
|
|
||||||
# delete = "Deleted bookmark in '<key>'",
|
|
||||||
# delete_all = "Deleted all bookmarks",
|
|
||||||
# },
|
|
||||||
# },
|
|
||||||
# })
|
|
||||||
# '';
|
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -30,11 +30,11 @@ in
|
||||||
shellAliases = {
|
shellAliases = {
|
||||||
ls = "${pkgs.eza}/bin/eza -lah";
|
ls = "${pkgs.eza}/bin/eza -lah";
|
||||||
cat = "${pkgs.bat}/bin/bat";
|
cat = "${pkgs.bat}/bin/bat";
|
||||||
update = "nh os switch";
|
update = "sudo nixos-rebuild switch --flake $HOME/dotfiles";
|
||||||
superupdate = "nh os switch --update";
|
superupdate = "(cd $HOME/dotfiles && nix flake update && sudo nixos-rebuild switch --flake $HOME/dotfiles)";
|
||||||
uptest = "nh os test";
|
|
||||||
lg = "${pkgs.lazygit}/bin/lazygit";
|
lg = "${pkgs.lazygit}/bin/lazygit";
|
||||||
du = "${pkgs.dust}/bin/dust";
|
du = "${pkgs.dust}/bin/dust";
|
||||||
|
uptest = "sudo nixos-rebuild test --flake $HOME/dotfiles";
|
||||||
dry = "sudo nixos-rebuild dry-activate --flake $HOME/dotfiles";
|
dry = "sudo nixos-rebuild dry-activate --flake $HOME/dotfiles";
|
||||||
jq = "${pkgs.gojq}/bin/gojq";
|
jq = "${pkgs.gojq}/bin/gojq";
|
||||||
n = lib.mkIf config.profile.neovide.enable "neovide";
|
n = lib.mkIf config.profile.neovide.enable "neovide";
|
||||||
|
|
|
@ -8,7 +8,6 @@
|
||||||
./services.nix
|
./services.nix
|
||||||
./games.nix
|
./games.nix
|
||||||
./environments.nix
|
./environments.nix
|
||||||
./flatpak.nix
|
|
||||||
];
|
];
|
||||||
options.profile = {
|
options.profile = {
|
||||||
|
|
||||||
|
@ -64,6 +63,7 @@
|
||||||
android.enable = lib.mkEnableOption "android";
|
android.enable = lib.mkEnableOption "android";
|
||||||
avahi.enable = lib.mkEnableOption "avahi";
|
avahi.enable = lib.mkEnableOption "avahi";
|
||||||
bluetooth.enable = lib.mkEnableOption "bluetooth";
|
bluetooth.enable = lib.mkEnableOption "bluetooth";
|
||||||
|
flatpak.enable = lib.mkEnableOption "flatpak";
|
||||||
gnome.enable = lib.mkEnableOption "gnome";
|
gnome.enable = lib.mkEnableOption "gnome";
|
||||||
kde.enable = lib.mkEnableOption "kde";
|
kde.enable = lib.mkEnableOption "kde";
|
||||||
networking.firewall = {
|
networking.firewall = {
|
||||||
|
|
|
@ -1,10 +0,0 @@
|
||||||
{ lib, ... }:
|
|
||||||
let
|
|
||||||
inherit (lib) mkEnableOption;
|
|
||||||
in
|
|
||||||
{
|
|
||||||
options.profile.flatpak = {
|
|
||||||
enable = mkEnableOption "flatpak";
|
|
||||||
zen-browser.enable = mkEnableOption "zen-browser";
|
|
||||||
};
|
|
||||||
}
|
|
|
@ -22,29 +22,5 @@ in
|
||||||
wireguard.enable = mkEnableOption "wireguard";
|
wireguard.enable = mkEnableOption "wireguard";
|
||||||
photoprism.enable = mkEnableOption "photoprism";
|
photoprism.enable = mkEnableOption "photoprism";
|
||||||
navidrome.enable = mkEnableOption "navidrome";
|
navidrome.enable = mkEnableOption "navidrome";
|
||||||
|
|
||||||
telemetry = {
|
|
||||||
enable = mkEnableOption "telemetry";
|
|
||||||
grafana.enable = mkOption {
|
|
||||||
type = types.bool;
|
|
||||||
default = config.profile.services.telemetry.enable;
|
|
||||||
};
|
|
||||||
loki.enable = mkOption {
|
|
||||||
type = types.bool;
|
|
||||||
default = config.profile.services.telemetry.enable;
|
|
||||||
};
|
|
||||||
promtail.enable = mkOption {
|
|
||||||
type = types.bool;
|
|
||||||
default = config.profile.services.telemetry.enable;
|
|
||||||
};
|
|
||||||
tempo.enable = mkOption {
|
|
||||||
type = types.bool;
|
|
||||||
default = config.profile.services.telemetry.enable;
|
|
||||||
};
|
|
||||||
minio.enable = mkOption {
|
|
||||||
type = types.bool;
|
|
||||||
default = config.profile.services.telemetry.enable;
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -75,11 +75,6 @@ in
|
||||||
dbeaver.enable = true;
|
dbeaver.enable = true;
|
||||||
kde.enable = false;
|
kde.enable = false;
|
||||||
|
|
||||||
flatpak = {
|
|
||||||
enable = true;
|
|
||||||
zen-browser.enable = true;
|
|
||||||
};
|
|
||||||
|
|
||||||
microsoft-edge.enable = true;
|
microsoft-edge.enable = true;
|
||||||
nextcloud.enable = false;
|
nextcloud.enable = false;
|
||||||
|
|
||||||
|
|
|
@ -69,7 +69,6 @@
|
||||||
wireguard.enable = true;
|
wireguard.enable = true;
|
||||||
photoprism.enable = true;
|
photoprism.enable = true;
|
||||||
navidrome.enable = true;
|
navidrome.enable = true;
|
||||||
telemetry.enable = true;
|
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,31 +0,0 @@
|
||||||
grafana:
|
|
||||||
admin_user: ENC[AES256_GCM,data:pg3WnfsF8L+/Tg==,iv:wh8VM567ClsFz7GS00OCh9kx3HZCz5GZ/BaTtOt3ksk=,tag:k6mJiktl1Met6Kzl738jpQ==,type:str]
|
|
||||||
admin_password: ENC[AES256_GCM,data:EFJfC78YtBLF5CIxLLhN9deZYcSL7/EfS4w=,iv:qrNi3WsRD26W5L67Fxch7qasEUh9vTj6HUWZs5PGz4o=,tag:bxW1CJyXOcz/pgN39ncQ+w==,type:str]
|
|
||||||
admin_email: ENC[AES256_GCM,data:2cvoq65K2/mdDuykkPVZryDJeNCK,iv:rU4jUYm+3dcvx1KooN9mWQDoovn7t+V7z1eU1m7VagE=,tag:Bhdbiq4BXO3nDwG9StUOkQ==,type:str]
|
|
||||||
secret_key: ENC[AES256_GCM,data:f4f1YF27VU/893HASHmCVL8vnsJEaHD33GOdFVpMj81MOutXqb7d03Hb1DYkDV3aMVmEdpvBcFK3SpZdFma3,iv:q6d59H1PniaVhw6tbd1maCelEGlAC4y2i38jMZ9Jn/Q=,tag:uSbCRstKy7C4Vwp+/FxF/Q==,type:str]
|
|
||||||
loki:
|
|
||||||
caddy:
|
|
||||||
basic_auth:
|
|
||||||
username: ENC[AES256_GCM,data:MRwky3O8LGS/4w==,iv:CUHjGRNc8NU5FqhqvpqbATmVE3Kg9Z0jMBFlzsAwON0=,tag:uZlxw9skd0VNLfZTJ/6ZSQ==,type:str]
|
|
||||||
#ENC[AES256_GCM,data:t+u4g7nvpq2U27CHgmu1xi2Ppwv7cJf1s6Et,iv:LtwoPoxsQn1MujHRoD6SqDLm8uN4uBpuIVmn23DDgjI=,tag:PKOHF5vcQzHszpp1sfuU0Q==,type:comment]
|
|
||||||
password: ENC[AES256_GCM,data:GcQ6x8ewxInmAcQwhhwJgXMHxd/ygkscsp2vg7PILEeaOv1heBX0fTHb0sRyAfhLxwKDH84LtGb37656,iv:UEQ7dgqNEKisalpPXFffsVzn6kXDt9DmJP6ec3LOHRE=,tag:CyPPqG2Vf8eeSVzAASintQ==,type:str]
|
|
||||||
sops:
|
|
||||||
kms: []
|
|
||||||
gcp_kms: []
|
|
||||||
azure_kv: []
|
|
||||||
hc_vault: []
|
|
||||||
age:
|
|
||||||
- recipient: age1kruum2varzua7w5n6n52vhwyek2arc685rhcwt0u7k2jf5mecsjslkl9ll
|
|
||||||
enc: |
|
|
||||||
-----BEGIN AGE ENCRYPTED FILE-----
|
|
||||||
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB1KzFkak5QQ01MUVV0djVH
|
|
||||||
cXlveDhxU3RRelhNL3JQbE1xVWNlaFYzem40CmtGYlpZMTJPS2lKUGl2Vy9CVW5j
|
|
||||||
bFoyNVlJM1lmSGhSM2lGREN3N3VXWTAKLS0tIE9xWFpoTUdrVVBtOS9lckRXWGc1
|
|
||||||
bzYzSEQrRkN6WVVmN254a2NCcUxGVFkK4aHv8tiFiNEnd7I5LB0Jd/4upkEEEXis
|
|
||||||
9A5hdTn20EqL62QuHeYRav1TRu42dp+R4iZAlVl9cRzThkzZKJdHlg==
|
|
||||||
-----END AGE ENCRYPTED FILE-----
|
|
||||||
lastmodified: "2024-08-29T05:57:46Z"
|
|
||||||
mac: ENC[AES256_GCM,data:JGrZUe8PLjlcHULvVa8Yi8ORAW5bMKOMxSGbJ2UFji9byRGu+JHaU7gdF45lrR5XKxJZLmZesWI9fRjsnlEd9WDTEroiwFo965mYFcdmbrJb37BIRO6Thy6C77GXMNcOVW2hBgcVDckNIbAk3qgvVG2QOZ5VKwxPLVQPsfWfCFs=,iv:Do05RY+cgahdv8/Nk6RIOxBA6x28GxyErrgSQRoIR80=,tag:HoqhdhZmcS3QxXGfZyxfFw==,type:str]
|
|
||||||
pgp: []
|
|
||||||
unencrypted_suffix: _unencrypted
|
|
||||||
version: 3.8.1
|
|
|
@ -1,9 +1,8 @@
|
||||||
{ hardware-configuration, profile-path, config, pkgs, ... }:
|
{ hardware-configuration, profile-path, config, ... }:
|
||||||
{
|
{
|
||||||
imports = [
|
imports = [
|
||||||
profile-path
|
profile-path
|
||||||
hardware-configuration
|
hardware-configuration
|
||||||
./flatpak
|
|
||||||
./modules
|
./modules
|
||||||
./services
|
./services
|
||||||
./podman
|
./podman
|
||||||
|
@ -26,11 +25,11 @@
|
||||||
connect-timeout = 5
|
connect-timeout = 5
|
||||||
'';
|
'';
|
||||||
|
|
||||||
# nix.gc = {
|
nix.gc = {
|
||||||
# automatic = true;
|
automatic = true;
|
||||||
# dates = "weekly";
|
dates = "weekly";
|
||||||
# options = "--delete-older-than 7d";
|
options = "--delete-older-than 7d";
|
||||||
# };
|
};
|
||||||
|
|
||||||
i18n.defaultLocale = "en_US.UTF-8";
|
i18n.defaultLocale = "en_US.UTF-8";
|
||||||
|
|
||||||
|
@ -66,19 +65,4 @@
|
||||||
RestartSec = "10s";
|
RestartSec = "10s";
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
programs.nh = {
|
|
||||||
enable = true;
|
|
||||||
clean.enable = true;
|
|
||||||
clean.extraArgs = "--keep-since 4d --keep 3";
|
|
||||||
flake = "/home/${config.profile.user.name}/dotfiles";
|
|
||||||
};
|
|
||||||
|
|
||||||
environment.variables.FLAKE = "/home/${config.profile.user.name}/dotfiles";
|
|
||||||
|
|
||||||
environment.systemPackages = with pkgs; [
|
|
||||||
# Tools for nh
|
|
||||||
nix-output-monitor
|
|
||||||
nvd
|
|
||||||
];
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,19 +0,0 @@
|
||||||
{ config, lib, ... }:
|
|
||||||
let
|
|
||||||
cfg = config.profile.flatpak;
|
|
||||||
inherit (lib.lists) optional;
|
|
||||||
in
|
|
||||||
{
|
|
||||||
config = lib.mkIf cfg.enable {
|
|
||||||
fonts.fontDir.enable = true;
|
|
||||||
services.flatpak = {
|
|
||||||
enable = true;
|
|
||||||
update.auto = {
|
|
||||||
enable = true;
|
|
||||||
onCalendar = "weekly"; # Default value
|
|
||||||
};
|
|
||||||
packages = [ ]
|
|
||||||
++ optional cfg.zen-browser.enable "io.github.zen_browser.zen";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
}
|
|
|
@ -7,6 +7,7 @@
|
||||||
./bluetooth.nix
|
./bluetooth.nix
|
||||||
./boot_loader.nix
|
./boot_loader.nix
|
||||||
./brightnessctl.nix
|
./brightnessctl.nix
|
||||||
|
./flatpak.nix
|
||||||
./font.nix
|
./font.nix
|
||||||
./gnome.nix
|
./gnome.nix
|
||||||
./hyprland.nix
|
./hyprland.nix
|
||||||
|
|
55
system/modules/flatpak.nix
Normal file
55
system/modules/flatpak.nix
Normal file
|
@ -0,0 +1,55 @@
|
||||||
|
{ config, pkgs, lib, ... }:
|
||||||
|
let
|
||||||
|
cfg = config.profile.flatpak;
|
||||||
|
in
|
||||||
|
{
|
||||||
|
config = lib.mkIf cfg.enable {
|
||||||
|
# Allow flatpak to access fonts
|
||||||
|
fonts.fontDir.enable = true;
|
||||||
|
|
||||||
|
services.flatpak.enable = true;
|
||||||
|
# system.fsPackages = [ pkgs.bindfs ];
|
||||||
|
|
||||||
|
# Allows user installed fonts to be accessed by flatpak
|
||||||
|
# fileSystems =
|
||||||
|
# let
|
||||||
|
# mkRoSymBind = path: {
|
||||||
|
# device = path;
|
||||||
|
# fsType = "fuse.bindfs";
|
||||||
|
# options = [ "ro" "resolve-symlinks" "x-gvfs-hide" ];
|
||||||
|
# };
|
||||||
|
# aggregatedFonts = pkgs.buildEnv {
|
||||||
|
# name = "system-fonts";
|
||||||
|
# paths = config.fonts.packages;
|
||||||
|
# pathsToLink = [ "/share/fonts" ];
|
||||||
|
# };
|
||||||
|
# in
|
||||||
|
# {
|
||||||
|
# # Create an FHS mount to support flatpak host icons/fonts
|
||||||
|
# "/usr/share/icons" = mkRoSymBind (config.system.path + "/share/icons");
|
||||||
|
# "/usr/share/fonts" = mkRoSymBind (aggregatedFonts + "/share/fonts");
|
||||||
|
# };
|
||||||
|
|
||||||
|
xdg.portal = {
|
||||||
|
enable = true;
|
||||||
|
xdgOpenUsePortal = true;
|
||||||
|
# extraPortals = with pkgs; [
|
||||||
|
# # xdg-desktop-portal-gtk
|
||||||
|
# # xdg-desktop-portal-kde
|
||||||
|
# # xdg-desktop-portal-gnome
|
||||||
|
# ];
|
||||||
|
};
|
||||||
|
|
||||||
|
# Auto update flatpak every boot with systemd
|
||||||
|
# systemd.services.flatpak-update = {
|
||||||
|
# wantedBy = [ "multi-user.target" ];
|
||||||
|
# after = [ "network-online.target" ];
|
||||||
|
# wants = [ "network-online.target" ];
|
||||||
|
# description = "Auto update flatpak every boot after network is online";
|
||||||
|
# serviceConfig = {
|
||||||
|
# Type = "oneshot";
|
||||||
|
# ExecStart = ''${pkgs.flatpak}/bin/flatpak update --assumeyes --noninteractive --system'';
|
||||||
|
# };
|
||||||
|
# };
|
||||||
|
};
|
||||||
|
}
|
|
@ -2,11 +2,11 @@
|
||||||
let
|
let
|
||||||
dbus-sway-environment = pkgs.writeTextFile {
|
dbus-sway-environment = pkgs.writeTextFile {
|
||||||
name = "dbus-sway-environment";
|
name = "dbus-sway-environment";
|
||||||
destination = "/bin/dbus-sway-environment";
|
destination = "/bin/dbus-sway-enviroment";
|
||||||
executable = true;
|
executable = true;
|
||||||
|
|
||||||
text = ''
|
text = ''
|
||||||
dbus-update-activation-environment --systemd WAYLAND_DISPLAY XDG_CURRENT_DESKTOP=sway
|
dbus-update-activation-enviroment --systemd WAYLAND_DISPLAY XDG_CURRENT_DESKTOP=sway
|
||||||
systemctl --user stop pipewire pipewire-media-session xdg-desktop-portal xdg-desktop-portal-wlr
|
systemctl --user stop pipewire pipewire-media-session xdg-desktop-portal xdg-desktop-portal-wlr
|
||||||
systemctl --user start pipewire pipewire-media-session xdg-desktop-portal xdg-desktop-portal-wlr
|
systemctl --user start pipewire pipewire-media-session xdg-desktop-portal xdg-desktop-portal-wlr
|
||||||
'';
|
'';
|
||||||
|
|
|
@ -1,14 +1,10 @@
|
||||||
{ config, lib, pkgs, ... }:
|
{ config, lib, ... }:
|
||||||
let
|
let
|
||||||
cfg = config.profile.programs.yazi;
|
cfg = config.profile.programs.yazi;
|
||||||
inherit (lib) mkIf;
|
inherit (lib) mkIf;
|
||||||
in
|
in
|
||||||
{
|
{
|
||||||
config = mkIf cfg.enable {
|
config = mkIf cfg.enable {
|
||||||
environment.systemPackages = with pkgs; [
|
|
||||||
mediainfo
|
|
||||||
ffmpegthumbnailer
|
|
||||||
];
|
|
||||||
programs.yazi = {
|
programs.yazi = {
|
||||||
enable = true;
|
enable = true;
|
||||||
settings = {
|
settings = {
|
||||||
|
|
|
@ -1,8 +1,6 @@
|
||||||
{ ... }:
|
{ ... }:
|
||||||
{
|
{
|
||||||
imports = [
|
imports = [
|
||||||
./telemetry
|
|
||||||
|
|
||||||
./caddy.nix
|
./caddy.nix
|
||||||
./cockpit.nix
|
./cockpit.nix
|
||||||
./forgejo.nix
|
./forgejo.nix
|
||||||
|
|
|
@ -143,26 +143,6 @@ in
|
||||||
"living-room-system"
|
"living-room-system"
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
"/nas/Syncthing/Sync/General" = {
|
|
||||||
label = "General";
|
|
||||||
id = "General";
|
|
||||||
devices = [
|
|
||||||
"s20fe"
|
|
||||||
"work-laptop"
|
|
||||||
"windows"
|
|
||||||
"living-room-system"
|
|
||||||
];
|
|
||||||
};
|
|
||||||
"/nas/Syncthing/Sync/Public" = {
|
|
||||||
label = "Public";
|
|
||||||
id = "Public";
|
|
||||||
devices = [
|
|
||||||
"s20fe"
|
|
||||||
"work-laptop"
|
|
||||||
"windows"
|
|
||||||
"living-room-system"
|
|
||||||
];
|
|
||||||
};
|
|
||||||
};
|
};
|
||||||
devices = {
|
devices = {
|
||||||
s20fe = {
|
s20fe = {
|
||||||
|
|
|
@ -1,7 +0,0 @@
|
||||||
{ ... }:
|
|
||||||
{
|
|
||||||
imports = [
|
|
||||||
./grafana.nix
|
|
||||||
./loki.nix
|
|
||||||
];
|
|
||||||
}
|
|
|
@ -1,59 +0,0 @@
|
||||||
{ config, lib, pkgs, ... }:
|
|
||||||
let
|
|
||||||
cfg = config.profile.services.telemetry.grafana;
|
|
||||||
inherit (lib) mkIf;
|
|
||||||
grafanaDomain = "grafana.tigor.web.id";
|
|
||||||
in
|
|
||||||
{
|
|
||||||
config = mkIf cfg.enable {
|
|
||||||
sops.secrets =
|
|
||||||
let
|
|
||||||
opts = {
|
|
||||||
sopsFile = ../../../secrets/telemetry.yaml;
|
|
||||||
owner = "grafana";
|
|
||||||
};
|
|
||||||
in
|
|
||||||
{
|
|
||||||
"grafana/admin_user" = opts;
|
|
||||||
"grafana/admin_password" = opts;
|
|
||||||
"grafana/admin_email" = opts;
|
|
||||||
"grafana/secret_key" = opts;
|
|
||||||
};
|
|
||||||
|
|
||||||
services.caddy.virtualHosts.${grafanaDomain}.extraConfig = ''
|
|
||||||
reverse_proxy ${config.services.grafana.settings.server.http_addr}:${toString config.services.grafana.settings.server.http_port}
|
|
||||||
'';
|
|
||||||
|
|
||||||
services.grafana = {
|
|
||||||
enable = true;
|
|
||||||
package = pkgs.grafana;
|
|
||||||
settings = {
|
|
||||||
# https://grafana.com/docs/grafana/latest/setup-grafana/configure-grafana/
|
|
||||||
server = {
|
|
||||||
protocol = "http"; # served behind caddy
|
|
||||||
http_addr = "0.0.0.0";
|
|
||||||
http_port = 44518;
|
|
||||||
domain = grafanaDomain;
|
|
||||||
root_url = "https://${grafanaDomain}";
|
|
||||||
enable_gzip = true;
|
|
||||||
};
|
|
||||||
database = {
|
|
||||||
type = "sqlite3";
|
|
||||||
cache_mode = "shared";
|
|
||||||
wal = true;
|
|
||||||
query_retries = 3;
|
|
||||||
};
|
|
||||||
security = {
|
|
||||||
# Admin credentials is already available in the secrets
|
|
||||||
admin_user = "$__file{${config.sops.secrets."grafana/admin_user".path}}";
|
|
||||||
admin_password = "$__file{${config.sops.secrets."grafana/admin_password".path}}";
|
|
||||||
admin_email = "$__file{${config.sops.secrets."grafana/admin_email".path}}";
|
|
||||||
secret_key = "$__file{${config.sops.secrets."grafana/secret_key".path}}";
|
|
||||||
cookie_secure = true;
|
|
||||||
cookie_samesite = "lax";
|
|
||||||
strict_transport_security = true;
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
}
|
|
|
@ -1,107 +0,0 @@
|
||||||
{ config, lib, ... }:
|
|
||||||
let
|
|
||||||
cfg = config.profile.services.telemetry.loki;
|
|
||||||
inherit (lib) mkIf;
|
|
||||||
lokiDomain = "loki.tigor.web.id";
|
|
||||||
in
|
|
||||||
{
|
|
||||||
config = mkIf cfg.enable {
|
|
||||||
|
|
||||||
sops =
|
|
||||||
let
|
|
||||||
usernameKey = "loki/caddy/basic_auth/username";
|
|
||||||
passwordKey = "loki/caddy/basic_auth/password";
|
|
||||||
in
|
|
||||||
{
|
|
||||||
secrets =
|
|
||||||
let
|
|
||||||
opts = { sopsFile = ../../../secrets/telemetry.yaml; owner = "grafana"; };
|
|
||||||
in
|
|
||||||
{
|
|
||||||
${usernameKey} = opts;
|
|
||||||
${passwordKey} = opts;
|
|
||||||
};
|
|
||||||
templates = {
|
|
||||||
"loki/caddy/basic_auth".content = /*sh*/ ''
|
|
||||||
LOKI_USERNAME=${config.sops.placeholder.${usernameKey}}
|
|
||||||
LOKI_PASSWORD=${config.sops.placeholder.${passwordKey}}
|
|
||||||
'';
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
systemd.services."caddy".serviceConfig = {
|
|
||||||
EnvironmentFile = [ config.sops.templates."loki/caddy/basic_auth".path ];
|
|
||||||
};
|
|
||||||
services.caddy.virtualHosts.${lokiDomain}.extraConfig = /*caddy*/ ''
|
|
||||||
basicauth {
|
|
||||||
{$LOKI_USERNAME} {$LOKI_PASSWORD}
|
|
||||||
}
|
|
||||||
reverse_proxy ${config.services.loki.configuration.server.http_listen_address}:${toString config.services.loki.configuration.server.http_listen_port}
|
|
||||||
'';
|
|
||||||
|
|
||||||
services.loki =
|
|
||||||
let
|
|
||||||
dataDir = config.services.loki.dataDir;
|
|
||||||
in
|
|
||||||
{
|
|
||||||
enable = true;
|
|
||||||
configuration = {
|
|
||||||
# https://grafana.com/docs/loki/latest/configure/examples/configuration-examples/
|
|
||||||
auth_enabled = false;
|
|
||||||
server = {
|
|
||||||
http_listen_address = "0.0.0.0";
|
|
||||||
http_listen_port = 3100;
|
|
||||||
grpc_listen_port = 9095;
|
|
||||||
};
|
|
||||||
|
|
||||||
common = {
|
|
||||||
path_prefix = dataDir;
|
|
||||||
replication_factor = 1;
|
|
||||||
ring = {
|
|
||||||
instance_addr = "127.0.0.1";
|
|
||||||
kvstore.store = "inmemory";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
|
|
||||||
schema_config = {
|
|
||||||
configs = [
|
|
||||||
{
|
|
||||||
from = "2024-08-29";
|
|
||||||
store = "tsdb";
|
|
||||||
object_store = "filesystem";
|
|
||||||
schema = "v13";
|
|
||||||
index = {
|
|
||||||
prefix = "index_";
|
|
||||||
period = "24h";
|
|
||||||
};
|
|
||||||
}
|
|
||||||
];
|
|
||||||
};
|
|
||||||
|
|
||||||
storage_config = {
|
|
||||||
filesystem = {
|
|
||||||
directory = "${dataDir}/chunks";
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
};
|
|
||||||
# https://grafana.com/docs/grafana/latest/datasources/loki/
|
|
||||||
services.grafana.provision.datasources.settings.datasources = [
|
|
||||||
{
|
|
||||||
name = "Loki";
|
|
||||||
type = "loki";
|
|
||||||
access = "proxy";
|
|
||||||
url = "http://${config.services.loki.configuration.server.http_listen_address}:${toString config.services.loki.configuration.server.http_listen_port}";
|
|
||||||
basicAuth = true;
|
|
||||||
basicAuthUser = "$__file{${config.sops.secrets."loki/caddy/basic_auth/username".path}}";
|
|
||||||
jsonData = {
|
|
||||||
timeout = 60;
|
|
||||||
maxLines = 1000;
|
|
||||||
};
|
|
||||||
secureJsonData = {
|
|
||||||
basicAuthPassword = "$__file{${config.sops.secrets."loki/caddy/basic_auth/password".path}}";
|
|
||||||
};
|
|
||||||
}
|
|
||||||
];
|
|
||||||
};
|
|
||||||
}
|
|
Loading…
Reference in a new issue