chris/sneeuwvlok
chris/sneeuwvlok
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

.

Browse source
This commit is contained in:
Chris Kruining 2025-12-02 09:18:02 +01:00 committed by chris
parent 70fd7c3d7a
commit 2130c44388
17 changed files with 254 additions and 243 deletions
Download patch file Download diff file Expand all files Collapse all files

1
.gitattributes vendored Normal file
View file

@ -0,0 +1 @@
* text=auto

22
.just/machine.just
View file

@ -1,11 +1,11 @@
@_default: list @_default: list
[doc('List machines')] [doc('List machines')]
@list: @list:
ls -1 ../systems/x86_64-linux/ ls -1 ../systems/x86_64-linux/
[doc('Update the target machine')] [doc('Update the target machine')]
[no-exit-message] [no-exit-message]
@update machine: @update machine:
just assert '-d "../systems/x86_64-linux/{{ machine }}"' "Machine {{ machine }} does not exist, must be one of: $(ls ../systems/x86_64-linux/ | sed ':a;N;$!ba;s/\n/, /g')" just assert '-d "../systems/x86_64-linux/{{ machine }}"' "Machine {{ machine }} does not exist, must be one of: $(ls ../systems/x86_64-linux/ | sed ':a;N;$!ba;s/\n/, /g')"
nixos-rebuild switch --use-remote-sudo --target-host {{ machine }} --flake ..#{{ machine }} nixos-rebuild switch --use-remote-sudo --target-host {{ machine }} --flake ..#{{ machine }}

70
.just/vars.just
View file

@ -1,36 +1,36 @@
set unstable set unstable
base_path := invocation_directory() / "systems/x86_64-linux" base_path := invocation_directory() / "systems/x86_64-linux"
# sops := "nix shell nixpkgs#sops --command sops" # sops := "nix shell nixpkgs#sops --command sops"
# yq := "nix shell nixpkgs#yq --command yq" # yq := "nix shell nixpkgs#yq --command yq"
sops := "sops" sops := "sops"
yq := "yq" yq := "yq"
@_default: @_default:
just --list just --list
[doc('list all vars of the target machine')] [doc('list all vars of the target machine')]
list machine: list machine:
sops decrypt {{ base_path }}/{{ machine }}/secrets.yml sops decrypt {{ base_path }}/{{ machine }}/secrets.yml
@edit machine: @edit machine:
sops edit {{ base_path }}/{{ machine }}/secrets.yml sops edit {{ base_path }}/{{ machine }}/secrets.yml
@set machine key value: @set machine key value:
sops set {{ base_path }}/{{ machine }}/secrets.yml "$(printf '%s\n' '["{{ key }}"]' | sed -E 's#/#"]["#g; s/\["([0-9]+)"\]/[\1]/g')" "\"$(echo '{{ value }}' | sed 's/\"/\\\"/g')\"" sops set {{ base_path }}/{{ machine }}/secrets.yml "$(printf '%s\n' '["{{ key }}"]' | sed -E 's#/#"]["#g; s/\["([0-9]+)"\]/[\1]/g')" "\"$(echo '{{ value }}' | sed 's/\"/\\\"/g')\""
git add {{ base_path }}/{{ machine }}/secrets.yml git add {{ base_path }}/{{ machine }}/secrets.yml
git commit -m 'chore(secrets): set secret "{{ key }}" for machine "{{ machine}}"' -- {{ base_path }}/{{ machine }}/secrets.yml > /dev/null git commit -m 'chore(secrets): set secret "{{ key }}" for machine "{{ machine}}"' -- {{ base_path }}/{{ machine }}/secrets.yml > /dev/null
echo "Done" echo "Done"
@get machine key: @get machine key:
sops decrypt {{ base_path }}/{{ machine }}/secrets.yml | yq ".$(echo "{{ key }}" | sed -E 's/\//./g')" sops decrypt {{ base_path }}/{{ machine }}/secrets.yml | yq ".$(echo "{{ key }}" | sed -E 's/\//./g')"
@remove machine key: @remove machine key:
sops unset {{ base_path }}/{{ machine }}/secrets.yml "$(printf '%s\n' '["{{ key }}"]' | sed -E 's#/#"]["#g; s/\["([0-9]+)"\]/[\1]/g')" sops unset {{ base_path }}/{{ machine }}/secrets.yml "$(printf '%s\n' '["{{ key }}"]' | sed -E 's#/#"]["#g; s/\["([0-9]+)"\]/[\1]/g')"
git add {{ base_path }}/{{ machine }}/secrets.yml git add {{ base_path }}/{{ machine }}/secrets.yml
git commit -m 'chore(secrets): removed secret "{{ key }}" from machine "{{ machine}}"' -- {{ base_path }}/{{ machine }}/secrets.yml > /dev/null git commit -m 'chore(secrets): removed secret "{{ key }}" from machine "{{ machine}}"' -- {{ base_path }}/{{ machine }}/secrets.yml > /dev/null
echo "Done" echo "Done"

64
.justfile
View file

@ -1,33 +1,33 @@
@_default: @_default:
just --list --list-submodules just --list --list-submodules
[doc('Manage vars')] [doc('Manage vars')]
mod vars '.just/vars.just' mod vars '.just/vars.just'
[doc('Manage machines')] [doc('Manage machines')]
mod machine '.just/machine.just' mod machine '.just/machine.just'
[doc('Show information about project')] [doc('Show information about project')]
@show: @show:
echo "show" echo "show"
[doc('update the flake dependencies')] [doc('update the flake dependencies')]
@update: @update:
nix flake update nix flake update
git commit -m 'chore: update dependencies' -- ./flake.lock > /dev/null git commit -m 'chore: update dependencies' -- ./flake.lock > /dev/null
echo "Done" echo "Done"
[doc('Introspection on flake output')] [doc('Introspection on flake output')]
@select key: @select key:
nix eval --json .#{{ key }} | jq . nix eval --json .#{{ key }} | jq .
#=============================================================================================== #===============================================================================================
# Utils # Utils
#=============================================================================================== #===============================================================================================
[no-exit-message] [no-exit-message]
[no-cd] [no-cd]
[private] [private]
@assert condition message: @assert condition message:
[ {{ condition }} ] || { echo -e 1>&2 "\n\x1b[1;41m Error \x1b[0m {{ message }}\n"; exit 1; } [ {{ condition }} ] || { echo -e 1>&2 "\n\x1b[1;41m Error \x1b[0m {{ message }}\n"; exit 1; }

88
flake.lock generated
View file

@ -320,6 +320,27 @@
} }
}, },
"flake-parts_2": { "flake-parts_2": {
"inputs": {
"nixpkgs-lib": [
"mydia",
"nixpkgs"
]
},
"locked": {
"lastModified": 1763759067,
"narHash": "sha256-LlLt2Jo/gMNYAwOgdRQBrsRoOz7BPRkzvNaI/fzXi2Q=",
"owner": "hercules-ci",
"repo": "flake-parts",
"rev": "2cccadc7357c0ba201788ae99c4dfa90728ef5e0",
"type": "github"
},
"original": {
"owner": "hercules-ci",
"repo": "flake-parts",
"type": "github"
}
},
"flake-parts_3": {
"inputs": { "inputs": {
"nixpkgs-lib": [ "nixpkgs-lib": [
"nvf", "nvf",
@ -340,7 +361,7 @@
"type": "github" "type": "github"
} }
}, },
"flake-parts_3": { "flake-parts_4": {
"inputs": { "inputs": {
"nixpkgs-lib": [ "nixpkgs-lib": [
"stylix", "stylix",
@ -361,7 +382,7 @@
"type": "github" "type": "github"
} }
}, },
"flake-parts_4": { "flake-parts_5": {
"inputs": { "inputs": {
"nixpkgs-lib": [ "nixpkgs-lib": [
"terranix", "terranix",
@ -402,7 +423,7 @@
}, },
"flake-utils-plus": { "flake-utils-plus": {
"inputs": { "inputs": {
"flake-utils": "flake-utils_5" "flake-utils": "flake-utils_4"
}, },
"locked": { "locked": {
"lastModified": 1715533576, "lastModified": 1715533576,
@ -457,25 +478,7 @@
}, },
"flake-utils_4": { "flake-utils_4": {
"inputs": { "inputs": {
"systems": "systems_5" "systems": "systems_6"
},
"locked": {
"lastModified": 1731533236,
"narHash": "sha256-l0KFg5HjrsfsO/JpG+r7fRrqm12kzFHyUHqHCVpMMbI=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "11707dc2f618dd54ca8739b309ec4fc024de578b",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"flake-utils_5": {
"inputs": {
"systems": "systems_7"
}, },
"locked": { "locked": {
"lastModified": 1694529238, "lastModified": 1694529238,
@ -682,19 +685,19 @@
}, },
"mydia": { "mydia": {
"inputs": { "inputs": {
"flake-utils": "flake-utils_3", "flake-parts": "flake-parts_2",
"nixpkgs": "nixpkgs_5" "nixpkgs": "nixpkgs_5"
}, },
"locked": { "locked": {
"lastModified": 1764568388, "lastModified": 1764661298,
"narHash": "sha256-kl8165eI0lUz9E96sdreZ48/nApydDfJP8IksjBveAw=", "narHash": "sha256-sdYGCZnrbjshBDvGDI34MepTHAJsdL3FZQHdqRJzPSk=",
"owner": "getmydia", "owner": "chris-kruining",
"repo": "mydia", "repo": "mydia",
"rev": "74f0cf9a8ca782581ec0a35acf6526fccfbb6e2a", "rev": "a5a03289332c435946c4ebdcaee70d96380bc1a7",
"type": "github" "type": "github"
}, },
"original": { "original": {
"owner": "getmydia", "owner": "chris-kruining",
"repo": "mydia", "repo": "mydia",
"type": "github" "type": "github"
} }
@ -745,7 +748,7 @@
"nix-minecraft": { "nix-minecraft": {
"inputs": { "inputs": {
"flake-compat": "flake-compat_3", "flake-compat": "flake-compat_3",
"flake-utils": "flake-utils_4", "flake-utils": "flake-utils_3",
"nixpkgs": "nixpkgs_6" "nixpkgs": "nixpkgs_6"
}, },
"locked": { "locked": {
@ -1065,10 +1068,10 @@
"nvf": { "nvf": {
"inputs": { "inputs": {
"flake-compat": "flake-compat_4", "flake-compat": "flake-compat_4",
"flake-parts": "flake-parts_2", "flake-parts": "flake-parts_3",
"mnw": "mnw", "mnw": "mnw",
"nixpkgs": "nixpkgs_8", "nixpkgs": "nixpkgs_8",
"systems": "systems_6" "systems": "systems_5"
}, },
"locked": { "locked": {
"lastModified": 1762622004, "lastModified": 1762622004,
@ -1239,11 +1242,11 @@
"base16-helix": "base16-helix", "base16-helix": "base16-helix",
"base16-vim": "base16-vim", "base16-vim": "base16-vim",
"firefox-gnome-theme": "firefox-gnome-theme", "firefox-gnome-theme": "firefox-gnome-theme",
"flake-parts": "flake-parts_3", "flake-parts": "flake-parts_4",
"gnome-shell": "gnome-shell", "gnome-shell": "gnome-shell",
"nixpkgs": "nixpkgs_10", "nixpkgs": "nixpkgs_10",
"nur": "nur", "nur": "nur",
"systems": "systems_8", "systems": "systems_7",
"tinted-foot": "tinted-foot", "tinted-foot": "tinted-foot",
"tinted-kitty": "tinted-kitty", "tinted-kitty": "tinted-kitty",
"tinted-schemes": "tinted-schemes", "tinted-schemes": "tinted-schemes",
@ -1384,28 +1387,13 @@
"type": "github" "type": "github"
} }
}, },
"systems_9": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
},
"terranix": { "terranix": {
"inputs": { "inputs": {
"flake-parts": "flake-parts_4", "flake-parts": "flake-parts_5",
"nixpkgs": [ "nixpkgs": [
"nixpkgs" "nixpkgs"
], ],
"systems": "systems_9" "systems": "systems_8"
}, },
"locked": { "locked": {
"lastModified": 1762472226, "lastModified": 1762472226,

3
flake.nix
View file

@ -90,7 +90,8 @@
}; };
mydia = { mydia = {
url = "github:getmydia/mydia"; url = "github:chris-kruining/mydia";
# url = "github:getmydia/mydia";
}; };
}; };

9
homes/x86_64-linux/chris@mandos/default.nix
View file

@ -1,10 +1,11 @@
{ osConfig, ... }: {osConfig, ...}: {
{
home.stateVersion = osConfig.system.stateVersion; home.stateVersion = osConfig.system.stateVersion;
programs.git = { programs.git = {
userName = "Chris Kruining"; settings.user = {
userEmail = "chris@kruining.eu"; name = "Chris Kruining";
email = "chris@kruining.eu";
};
}; };
sneeuwvlok = { sneeuwvlok = {

9
homes/x86_64-linux/chris@manwe/default.nix
View file

@ -1,10 +1,11 @@
{ osConfig, ... }: {osConfig, ...}: {
{
home.stateVersion = osConfig.system.stateVersion; home.stateVersion = osConfig.system.stateVersion;
programs.git = { programs.git = {
userName = "Chris Kruining"; settings.user = {
userEmail = "chris@kruining.eu"; name = "Chris Kruining";
email = "chris@kruining.eu";
};
}; };
sneeuwvlok = { sneeuwvlok = {

9
homes/x86_64-linux/chris@orome/default.nix
View file

@ -1,10 +1,11 @@
{ osConfig, ... }: {osConfig, ...}: {
{
home.stateVersion = osConfig.system.stateVersion; home.stateVersion = osConfig.system.stateVersion;
programs.git = { programs.git = {
userName = "Chris Kruining"; settings.user = {
userEmail = "chris@kruining.eu"; name = "Chris Kruining";
email = "chris@kruining.eu";
};
}; };
sneeuwvlok = { sneeuwvlok = {

9
homes/x86_64-linux/chris@tulkas/default.nix
View file

@ -1,10 +1,11 @@
{ osConfig, ... }: {osConfig, ...}: {
{
home.stateVersion = osConfig.system.stateVersion; home.stateVersion = osConfig.system.stateVersion;
programs.git = { programs.git = {
userName = "Chris Kruining"; settings.user = {
userEmail = "chris@kruining.eu"; name = "Chris Kruining";
email = "chris@kruining.eu";
};
}; };
sneeuwvlok = { sneeuwvlok = {

16
modules/home/application/onlyoffice/default.nix
View file

@ -1,16 +1,20 @@
{ inputs, config, lib, pkgs, namespace, ... }: {
let inputs,
config,
lib,
pkgs,
namespace,
...
}: let
inherit (lib) mkIf mkEnableOption; inherit (lib) mkIf mkEnableOption;
cfg = config.${namespace}.application.onlyoffice; cfg = config.${namespace}.application.onlyoffice;
in in {
{
options.${namespace}.application.onlyoffice = { options.${namespace}.application.onlyoffice = {
enable = mkEnableOption "enable onlyoffice"; enable = mkEnableOption "enable onlyoffice";
}; };
config = mkIf cfg.enable { config = mkIf cfg.enable {
home.packages = with pkgs; [ onlyoffice-bin ]; home.packages = with pkgs; [onlyoffice-desktopeditors];
# fonts.packages = with pkgs; [ corefonts ];
}; };
} }

110
modules/home/application/steam/default.nix
View file

@ -1,55 +1,55 @@
{ inputs, config, lib, pkgs, namespace, ... }: { inputs, config, lib, pkgs, namespace, ... }:
let let
inherit (lib) mkIf mkEnableOption; inherit (lib) mkIf mkEnableOption;
cfg = config.${namespace}.application.steam; cfg = config.${namespace}.application.steam;
in in
{ {
options.${namespace}.application.steam = { options.${namespace}.application.steam = {
enable = mkEnableOption "enable steam"; enable = mkEnableOption "enable steam";
}; };
config = mkIf cfg.enable { config = mkIf cfg.enable {
home.packages = with pkgs; [ protonup-ng ]; home.packages = with pkgs; [ protonup-ng ];
home.sessionVariables = { home.sessionVariables = {
STEAM_EXTRA_COMPAT_TOOLS_PATHS = "\${HOME}/.steam/root/compatibilitytools.d"; STEAM_EXTRA_COMPAT_TOOLS_PATHS = "\${HOME}/.steam/root/compatibilitytools.d";
}; };
programs = { programs = {
# steam = { # steam = {
# enable = true; # enable = true;
# package = pkgs.steam-small.override { # package = pkgs.steam-small.override {
# extraEnv = { # extraEnv = {
# DXVK_HUD = "compiler"; # DXVK_HUD = "compiler";
# MANGOHUD = true; # MANGOHUD = true;
# }; # };
# }; # };
# gamescopeSession = { # gamescopeSession = {
# enable = true; # enable = true;
# args = ["--immediate-flips"]; # args = ["--immediate-flips"];
# }; # };
# }; # };
# https://github.com/FeralInteractive/gamemode # https://github.com/FeralInteractive/gamemode
# gamemode = { # gamemode = {
# enable = true; # enable = true;
# enableRenice = true; # enableRenice = true;
# settings = {}; # settings = {};
# }; # };
# gamescope = { # gamescope = {
# enable = true; # enable = true;
# capSysNice = true; # capSysNice = true;
# env = { # env = {
# DXVK_HDR = "1"; # DXVK_HDR = "1";
# ENABLE_GAMESCOPE_WSI = "1"; # ENABLE_GAMESCOPE_WSI = "1";
# WINE_FULLSCREEN_FSR = "1"; # WINE_FULLSCREEN_FSR = "1";
# WLR_RENDERER = "vulkan"; # WLR_RENDERER = "vulkan";
# }; # };
# args = ["--hdr-enabled"]; # args = ["--hdr-enabled"];
# }; # };
}; };
}; };
} }

30
modules/home/application/teamspeak/default.nix
View file

@ -1,15 +1,15 @@
{ inputs, config, lib, pkgs, namespace, ... }: { inputs, config, lib, pkgs, namespace, ... }:
let let
inherit (lib) mkIf mkEnableOption; inherit (lib) mkIf mkEnableOption;
cfg = config.${namespace}.application.teamspeak; cfg = config.${namespace}.application.teamspeak;
in in
{ {
options.${namespace}.application.teamspeak = { options.${namespace}.application.teamspeak = {
enable = mkEnableOption "enable teamspeak"; enable = mkEnableOption "enable teamspeak";
}; };
config = mkIf cfg.enable { config = mkIf cfg.enable {
home.packages = with pkgs; [ teamspeak3 teamspeak6-client ]; home.packages = with pkgs; [ teamspeak3 teamspeak6-client ];
}; };
} }

34
modules/home/shell/toolset/git/default.nix
View file

@ -1,10 +1,14 @@
{ config, lib, pkgs, namespace, ... }: {
let config,
lib,
pkgs,
namespace,
...
}: let
inherit (lib) mkEnableOption mkIf; inherit (lib) mkEnableOption mkIf;
cfg = config.${namespace}.shell.toolset.git; cfg = config.${namespace}.shell.toolset.git;
in in {
{
options.${namespace}.shell.toolset.git = { options.${namespace}.shell.toolset.git = {
enable = mkEnableOption "version-control system"; enable = mkEnableOption "version-control system";
}; };
@ -12,7 +16,7 @@ in
config = mkIf cfg.enable { config = mkIf cfg.enable {
home.sessionVariables.GITHUB_TOKEN = "$(cat /run/agenix/tokenGH)"; home.sessionVariables.GITHUB_TOKEN = "$(cat /run/agenix/tokenGH)";
home.packages = with pkgs; [ lazygit lazyjj jujutsu ]; home.packages = with pkgs; [lazygit lazyjj jujutsu];
programs = { programs = {
zsh.initContent = '' zsh.initContent = ''
@ -29,14 +33,6 @@ in
git = { git = {
enable = true; enable = true;
package = pkgs.gitFull; package = pkgs.gitFull;
difftastic = {
enable = true;
options = {
background = "dark";
color = "always";
display = "inline";
};
};
ignores = [ ignores = [
# General: # General:
@ -69,7 +65,7 @@ in
"*.elc" "*.elc"
]; ];
extraConfig = { settings = {
init.defaultBranch = "main"; init.defaultBranch = "main";
core = { core = {
editor = "nvim"; editor = "nvim";
@ -106,6 +102,16 @@ in
}; };
}; };
}; };
difftastic = {
enable = true;
git.enable = true;
options = {
background = "dark";
color = "always";
display = "inline";
};
};
}; };
}; };
} }

15
modules/nixos/application/steam/default.nix
View file

@ -1,10 +1,15 @@
{ inputs, config, lib, pkgs, namespace, ... }: {
let inputs,
config,
lib,
pkgs,
namespace,
...
}: let
inherit (lib) mkIf mkEnableOption; inherit (lib) mkIf mkEnableOption;
cfg = config.${namespace}.application.steam; cfg = config.${namespace}.application.steam;
in in {
{
options.${namespace}.application.steam = { options.${namespace}.application.steam = {
enable = mkEnableOption "enable steam"; enable = mkEnableOption "enable steam";
}; };
@ -13,7 +18,7 @@ in
programs = { programs = {
steam = { steam = {
enable = true; enable = true;
package = pkgs.steam-small.override { package = pkgs.steam.override {
extraEnv = { extraEnv = {
DXVK_HUD = "compiler"; DXVK_HUD = "compiler";
MANGOHUD = true; MANGOHUD = true;

2
modules/nixos/services/authentication/zitadel/default.nix
View file

@ -560,8 +560,6 @@ in
tofu = lib.getExe pkgs.opentofu; tofu = lib.getExe pkgs.opentofu;
in in
'' ''
#!/usr/bin/env bash
if [ "$(systemctl is-active zitadel)" != "active" ]; then if [ "$(systemctl is-active zitadel)" != "active" ]; then
echo "Zitadel is not running" echo "Zitadel is not running"
exit 1 exit 1

6
modules/nixos/services/media/mydia/default.nix
View file

@ -21,12 +21,16 @@ in {
config = mkIf cfg.enable { config = mkIf cfg.enable {
services.mydia = { services.mydia = {
enable = true; enable = true;
package = inputs.mydia.packages.${system}.default;
port = 2010; port = 2010;
listenAddress = "0.0.0.0"; listenAddress = "0.0.0.0";
openFirewall = true; openFirewall = true;
database = {
type = "postgres";
uri = "postgres://localhost:5432/mydia?sslMode=disable";
};
secretKeyBaseFile = config.sops.secrets."mydia/secret_key_base".path; secretKeyBaseFile = config.sops.secrets."mydia/secret_key_base".path;
guardianSecretKeyFile = config.sops.secrets."mydia/guardian_secret".path; guardianSecretKeyFile = config.sops.secrets."mydia/guardian_secret".path;