chris/sneeuwvlok
chris/sneeuwvlok
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

moved over a load more modules

Browse source
This commit is contained in:
Chris Kruining 2025-07-23 23:56:56 +02:00
parent 21f6f37911
commit 30501b7fac
Signed by: chris
SSH key fingerprint: SHA256:nG82MUfuVdRVyCKKWqhY+pCrbz9nbX6uzUns4RKa1Pg
34 changed files with 226 additions and 578 deletions
Download patch file Download diff file Expand all files Collapse all files

48
_modules/system/boot.nix
View file

@ -1,48 +0,0 @@
{ config, options, lib, pkgs, ... }:
let
inherit (lib) mkMerge mkIf mkEnableOption mkDefault mkForce;
cfg = config.modules.boot;
in
{
options.modules.boot =
{
silentBoot = mkEnableOption "Enable silent boot";
animatedBoot = mkEnableOption "Enable boot animation";
};
config = mkMerge [
({
boot.loader = {
efi.canTouchEfiVariables = true;
systemd-boot.enable = true;
timeout = mkDefault 0;
};
time.timeZone = "Europe/Amsterdam";
})
(mkIf (cfg.silentBoot == true) {
boot = {
consoleLogLevel = 0;
initrd.verbose = false;
kernelParams = [ "quiet" "splash" "boot.shell_on_fail" "udev.log_priority=3" "rd.systemd.show_status=auto" ];
loader.timeout = mkDefault 0;
};
})
(mkIf (cfg.animatedBoot == true) {
boot.plymouth = {
enable = true;
theme = mkForce "pixels";
themePackages = with pkgs; [
(adi1090x-plymouth-themes.override {
selected_themes = [ "pixels" ];
})
];
};
})
];
}

34
_modules/system/desktop/gaming.nix
View file

@ -1,34 +0,0 @@
{ inputs, lib, config, ... }: let
inherit (lib) mkEnableOption mkIf;
cfg = config.modules.desktop.gaming;
in
{
imports = [ inputs.jovian.nixosModules.default ];
options.modules.desktop.gaming = {
enable = mkEnableOption "enable steamdeck like desktop";
};
config = mkIf cfg.enable {
services.desktopManager.plasma6.enable = true;
jovian = {
# devices = {
# steamdeck = {
# enable = true;
# enableGyroDsuService = true;
# autoUpdate = true;
# };
# };
steam = {
enable = true;
autoStart = true;
user = "chris";
updater.splash = "steamos";
desktopSession = "plasma";
};
steamos.useSteamOSConfig = true;
};
};
}

8
_modules/system/desktop/wine.nix
View file

@ -1,8 +0,0 @@
{ inputs, lib, pkgs, ... }:
{
# imports = [ inputs.erosanix.nixosModules.someModule ];
config = {
};
}

40
_modules/system/graphics.nix
View file

@ -1,40 +0,0 @@
{ ... }:
{
services.xserver.videoDrivers = [ "nvidia" ];
hardware = {
graphics = {
enable = true;
enable32Bit = true;
};
nvidia = {
modesetting.enable = true;
open = false;
nvidiaSettings = true;
powerManagement = {
enable = true;
finegrained = false;
};
# package = config.boot.kernelPackages.nvidiaPackages.vulkan_beta;
# package = let
# rcu_patch = pkgs.fetchpatch {
# url = "https://github.com/gentoo/gentoo/raw/c64caf53/x11-drivers/nvidia-drivers/files/nvidia-drivers-470.223.02-gpl-pfn_valid.patch";
# hash = "sha256-eZiQQp2S/asE7MfGvfe6dA/kdCvek9SYa/FFGp24dVg=";
# };
# in config.boot.kernelPackages.nvidiaPackages.mkDriver {
# version = "550.40.07";
# sha256_64bit = "sha256-KYk2xye37v7ZW7h+uNJM/u8fNf7KyGTZjiaU03dJpK0=";
# sha256_aarch64 = "sha256-AV7KgRXYaQGBFl7zuRcfnTGr8rS5n13nGUIe3mJTXb4=";
# openSha256 = "sha256-mRUTEWVsbjq+psVe+kAT6MjyZuLkG2yRDxCMvDJRL1I=";
# settingsSha256 = "sha256-c30AQa4g4a1EHmaEu1yc05oqY01y+IusbBuq+P6rMCs=";
# persistencedSha256 = "sha256-11tLSY8uUIl4X/roNnxf5yS2PQvHvoNjnd2CB67e870=";
# patches = [ rcu_patch ];
# };
};
};
}

71
_modules/system/networking/samba.nix
View file

@ -1,71 +0,0 @@
{ pkgs, config, lib, ... }:
let
inherit (builtins) getEnv;
inherit (lib.modules) mkIf mkMerge;
in
{
options.modules.networking.samba = let
inherit (lib.options) mkEnableOption;
in {
sharing.enable = mkEnableOption "Samba: enable NixOs -> external file-transfer";
receicing.enable = mkEnableOption "Samba: enable external -> NixOs file-transfer";
};
config = mkMerge [
(mkIf config.modules.networking.samba.sharing.enable {
users = {
groups.samba-guest = {};
users.samba-guest = {
isSystemUser = true;
description = "Residence of our Samba guest users";
group = "samba-guest";
home = "/var/empty";
createHome = false;
shell = pkgs.shadow;
};
};
user.extraGroups = [ "samba-guest" ];
networking.firewall = {
allowPing = true;
allowedTCPPorts = [ 5327 ];
allowedUDPPorts = [ 3702 ];
};
services.samba-wsdd.enable = true;
services.samba = {
enable = true;
openFirewall = true;
extraConfig = ''
server string = ${config.networking.hostName}
netbios name = ${config.networking.hostName}
workgroup = WORKGROUP
security = user
create mask 0664
force create mode 0664
directory mask 0775
force directory mode 0775
follow symlink = yes
hosts allow = 192.168.1.0/24 localhost
hosts deny = 0.0.0.0/0
guest account = nobody
map to guest = bad user
'';
shares = {
Public = {
path = (getEnv "HOME") + "/Public";
browseable = "yes";
"read only" = "yes";
"guest ok" = "yes";
"forse user" = "${config.user.name}";
"force group" = "samba-guest";
"write list" = "${config.user.name}";
};
};
};
})
];
}

27
_modules/system/options.nix
View file

@ -1,27 +0,0 @@
{ config, lib, ... }:
let
inherit (lib.types) attrs;
inherit (lib.my) mkOpt;
in
{
options = {
user = mkOpt attrs {};
};
config = {
environment.variables = {
NIXPKGS_ALLOW_UNFREE = "1";
};
nix.settings = let
inherit (lib) elem attrNames filterAttrs;
users = (attrNames (filterAttrs (name: user: elem "wheel" (user.extraGroups or [])) config.users.users));# ++ [ "root" ];
in
{
trusted-users = users;
allowed-users = users;
experimental-features = [ "nix-command" "flakes" ];
};
};
}

167
_modules/system/services/media.nix
View file

@ -1,167 +0,0 @@
{ config, lib, pkgs, ... }:
let
inherit (lib) mkIf;
user = "media";
group = "media";
directory = "/var/media";
in
{
options.modules.services.media = let
inherit (lib.options) mkEnableOption;
in {
enable = mkEnableOption "Media tools";
};
imports = let
extras = fetchTarball {
url = "https://github.com/onny/nixos-nextcloud-testumgebung/archive/fa6f062830b4bc3cedb9694c1dbf01d5fdf775ac.tar.gz";
sha256 = "0gzd0276b8da3ykapgqks2zhsqdv4jjvbv97dsxg0hgrhb74z0fs";
};
in [
"${extras}/nextcloud-extras.nix"
];
config = mkIf config.modules.services.media.enable {
environment.systemPackages = with pkgs; [
podman-tui
jellyfin
jellyfin-web
jellyfin-ffmpeg
jellyseerr
mediainfo
id3v2
yt-dlp
];
# need to permit these outdated packages until servarr finally upgrades at some point...
permittedInsecurePackages = [
"dotnet-sdk-6.0.428"
"aspnetcore-runtime-6.0.36"
];
users = {
users.${user} = {
isSystemUser = true;
group = group;
};
groups.${group} = {};
};
systemd.tmpfiles.rules = [
"d '${directory}/series' 0700 ${user} ${group} - -"
"d '${directory}/movies' 0700 ${user} ${group} - -"
"d '${directory}/music' 0700 ${user} ${group} - -"
"d '${directory}/qbittorrent' 0700 ${user} ${group} - -"
"d '${directory}/sabnzbd' 0700 ${user} ${group} - -"
"d '${directory}/reiverr/config' 0700 ${user} ${group} - -"
"d '${directory}/downloads/incomplete' 0700 ${user} ${group} - -"
"d '${directory}/downloads/done' 0700 ${user} ${group} - -"
];
services = let
serviceConf = {
enable = true;
openFirewall = true;
user = user;
group = group;
};
in {
jellyfin = serviceConf;
radarr = serviceConf;
sonarr = serviceConf;
bazarr = serviceConf;
lidarr = serviceConf;
lanraragi = {
enable = true;
port = 6969;
};
jellyseerr = {
enable = true;
openFirewall = true;
};
prowlarr = {
enable = true;
openFirewall = true;
};
qbittorrent = {
enable = true;
openFirewall = true;
dataDir = "${directory}/qbittorrent";
port = 5000;
user = user;
group = group;
};
sabnzbd = {
enable = true;
openFirewall = true;
configFile = "${directory}/sabnzbd/config.ini";
user = user;
group = group;
};
caddy = {
enable = true;
virtualHosts = {
"media.kruining.eu".extraConfig = ''
import auth
reverse_proxy http://127.0.0.1:9494
'';
"jellyfin.kruining.eu".extraConfig = ''
reverse_proxy http://127.0.0.1:8096
'';
# "series.kruining.eu".extraConfig = ''
# reverse_proxy http://127.0.0.1:8989
# '';
# "movies.kruining.eu".extraConfig = ''
# reverse_proxy http://127.0.0.1:7878
# '';
# "indexer.kruining.eu".extraConfig = ''
# reverse_proxy http://127.0.0.1:9696
# '';
# "torrents.kruining.eu".extraConfig = ''
# reverse_proxy http://127.0.0.1:5000
# '';
# "usenet.kruining.eu".extraConfig = ''
# reverse_proxy http://127.0.0.1:8080
# '';
};
};
};
networking.firewall.allowedTCPPorts = [ 80 443 6969 ];
modules.virtualisation.podman.enable = true;
virtualisation = {
oci-containers = {
backend = "podman";
containers = {
flaresolverr = {
image = "flaresolverr/flaresolverr";
autoStart = true;
ports = [ "127.0.0.1:8191:8191" ];
};
reiverr = {
image = "ghcr.io/aleksilassila/reiverr:v2.2.0";
autoStart = true;
ports = [ "127.0.0.1:9494:9494" ];
volumes = [ "${directory}/reiverr/config:/config" ];
};
};
};
};
systemd.services.jellyfin.serviceConfig.killSignal = lib.mkForce "SIGKILL";
};
}

35
_modules/system/zsa_voyager.nix
View file

@ -1,35 +0,0 @@
{ config, pkgs, options, ... }:
{
environment.systemPackages = with pkgs; [
keymapp
];
hardware.keyboard.zsa.enable = true;
services.udev.extraRules = ''
# Rules for Oryx web flashing and live training
KERNEL=="hidraw*", ATTRS{idVendor}=="16c0", MODE="0664", GROUP="plugdev"
KERNEL=="hidraw*", ATTRS{idVendor}=="3297", MODE="0664", GROUP="plugdev"
# Legacy rules for live training over webusb (Not needed for firmware v21+)
# Rule for all ZSA keyboards
SUBSYSTEM=="usb", ATTR{idVendor}=="3297", GROUP="plugdev"
# Rule for the Moonlander
SUBSYSTEM=="usb", ATTR{idVendor}=="3297", ATTR{idProduct}=="1969", GROUP="plugdev"
# Rule for the Ergodox EZ
SUBSYSTEM=="usb", ATTR{idVendor}=="feed", ATTR{idProduct}=="1307", GROUP="plugdev"
# Rule for the Planck EZ
SUBSYSTEM=="usb", ATTR{idVendor}=="feed", ATTR{idProduct}=="6060", GROUP="plugdev"
# Wally Flashing rules for the Ergodox EZ
ATTRS{idVendor}=="16c0", ATTRS{idProduct}=="04[789B]?", ENV{ID_MM_DEVICE_IGNORE}="1"
ATTRS{idVendor}=="16c0", ATTRS{idProduct}=="04[789A]?", ENV{MTP_NO_PROBE}="1"
SUBSYSTEMS=="usb", ATTRS{idVendor}=="16c0", ATTRS{idProduct}=="04[789ABCD]?", MODE:="0666"
KERNEL=="ttyACM*", ATTRS{idVendor}=="16c0", ATTRS{idProduct}=="04[789B]?", MODE:="0666"
# Keymapp / Wally Flashing rules for the Moonlander and Planck EZ
SUBSYSTEMS=="usb", ATTRS{idVendor}=="0483", ATTRS{idProduct}=="df11", MODE:="0666", SYMLINK+="stm32_dfu"
# Keymapp Flashing rules for the Voyager
SUBSYSTEMS=="usb", ATTRS{idVendor}=="3297", MODE:="0666", SYMLINK+="ignition_dfu"
'';
}

15
homes/x86_64-linux/chris@manwe/default.nix
View file

@ -1,11 +1,8 @@
{ lib, ... }: { ... }:
let
inherit (lib);
in
{ {
sneeuwvlok = { sneeuwvlok = {
series = { series = {
media.enable = true; media.enable = true;
};
}; };
} };
}

10
modules/home/desktop/plasma/default.nix
View file

@ -1,5 +1,7 @@
{ config, lib, namespace, osConfig ? {}, ... }: { config, lib, namespace, osConfig ? {}, ... }:
let let
inherit (lib) mkIf;
cfg = config.${namespace}.desktop.plasma; cfg = config.${namespace}.desktop.plasma;
osCfg = osConfig.${namespace}.desktop.plasma or { enable = false; }; osCfg = osConfig.${namespace}.desktop.plasma or { enable = false; };
in in
@ -19,7 +21,7 @@ in
general.askForConfirmationOnLogout = false; general.askForConfirmationOnLogout = false;
sessionRestore.restoreOpenApplicationsOnLogin = "onLastLogout"; sessionRestore.restoreOpenApplicationsOnLogin = "onLastLogout";
}; };
workspace = { workspace = {
clickItemTo = "select"; clickItemTo = "select";
colorScheme = "EverforestDark"; colorScheme = "EverforestDark";
@ -56,18 +58,18 @@ in
kwalletrc = { kwalletrc = {
Wallet.Enabled = false; Wallet.Enabled = false;
}; };
plasmarc = { plasmarc = {
General = { General = {
RaiseMaximumVolume = true; RaiseMaximumVolume = true;
VolumeStep = 2; VolumeStep = 2;
}; };
}; };
kcminputrc = { kcminputrc = {
Keyboard.NumLock.value = 0; Keyboard.NumLock.value = 0;
}; };
}; };
}; };
}; };
} }

4
modules/home/desktop/plasma/panels.nix
View file

@ -1,5 +1,7 @@
{ config, lib, namespace, osConfig ? {}, ... }: { config, lib, namespace, osConfig ? {}, ... }:
let let
inherit (lib) mkIf;
cfg = config.${namespace}.desktop.plasma; cfg = config.${namespace}.desktop.plasma;
osCfg = osConfig.${namespace}.desktop.plasma or { enable = false; }; osCfg = osConfig.${namespace}.desktop.plasma or { enable = false; };
in in
@ -119,4 +121,4 @@ in
} }
]; ];
}; };
} }

4
modules/home/desktop/plasma/power.nix
View file

@ -1,5 +1,7 @@
{ config, lib, namespace, osConfig ? {}, ... }: { config, lib, namespace, osConfig ? {}, ... }:
let let
inherit (lib) mkIf;
cfg = config.${namespace}.desktop.plasma; cfg = config.${namespace}.desktop.plasma;
osCfg = osConfig.${namespace}.desktop.plasma or { enable = false; }; osCfg = osConfig.${namespace}.desktop.plasma or { enable = false; };
in in
@ -47,4 +49,4 @@ in
}; };
}; };
}; };
} }

25
modules/nixos/boot/default.nix
View file

@ -1,12 +1,12 @@
{ lib, namespace, config, ... }: { lib, namespace, config, pkgs, ... }:
let let
inherit (lib) mkIf mkMerge mkDefault mkEnableOption; inherit (lib) mkIf mkMerge mkDefault mkOption;
inherit (lib.types) enum; inherit (lib.types) enum bool;
cfg = config.${namespace}.boot; cfg = config.${namespace}.boot;
in in
{ {
config.${namespace}.boot = { options.${namespace}.boot = {
type = mkOption { type = mkOption {
type = enum [ "bios" "uefi" ]; type = enum [ "bios" "uefi" ];
default = "uefi"; default = "uefi";
@ -25,7 +25,16 @@ in
config = mkMerge [ config = mkMerge [
({ ({
boot.loader.grub.enable = mkDefault true; boot.loader = {
systemd-boot.enable = false;
grub.enable = true;
grub2-theme = {
enable = true;
theme = "vimix";
footer = true;
};
};
}) })
(mkIf cfg.type == "bios" { (mkIf cfg.type == "bios" {
@ -52,7 +61,7 @@ in
verbose = false; verbose = false;
}; };
kernelParams = [ kernelParams = [
"quiet" "quiet"
"loglevel=3" "loglevel=3"
"systemd.show_status=auto" "systemd.show_status=auto"
@ -68,7 +77,7 @@ in
(mkIf cfg.animated { (mkIf cfg.animated {
boot.plymouth = { boot.plymouth = {
enable = true; enable = true;
theme = mkDefault "pixels"; theme = mkDefault "pixels";
themePackages = with pkgs; [ themePackages = with pkgs; [
(adi1090x-plymouth-themes.override { (adi1090x-plymouth-themes.override {
@ -78,4 +87,4 @@ in
}; };
}) })
]; ];
} }

10
modules/nixos/default.nix
View file

@ -1,6 +1,6 @@
{ config, lib, pkgs, ... }: { config, lib, namespace, ... }:
let let
inherit (lib) mkOption mkMerge attrNames filterAttrs; inherit (lib) mkIf mkDefault mkOption mkMerge;
inherit (lib.types) nullOr enum; inherit (lib.types) nullOr enum;
cfg = config.${namespace}; cfg = config.${namespace};
@ -17,7 +17,7 @@ in
config = mkMerge [ config = mkMerge [
(mkIf cfg.preset == "desktop" { (mkIf cfg.preset == "desktop" {
"${namespace}" = mkDefault { ${namespace} = mkDefault {
hardware.has = { hardware.has = {
audio = true; audio = true;
}; };
@ -26,7 +26,7 @@ in
quiet = true; quiet = true;
animated = true; animated = true;
}; };
desktop.use = "kde"; desktop.use = "kde";
}; };
}) })
@ -39,4 +39,4 @@ in
}; };
}) })
]; ];
} }

15
modules/nixos/desktop/default.nix
View file

@ -1,24 +1,19 @@
{ lib, config, namespace, ... }:let { lib, config, namespace, ... }:let
inherit (lib) mkOption mkMerge attrNames filterAttrs; inherit (lib) mkIf mkOption mkEnableOption mkMerge attrNames filterAttrs readDir;
inherit (lib.types) nullOr enum bool; inherit (lib.types) nullOr enum;
cfg = config.${namespace}.desktop; cfg = config.${namespace}.desktop;
in in
{ {
options.${namespace}.desktop = { options.${namespace}.desktop = {
use = mkOption { use = mkOption {
type = nullOr enum (attrNames (filterAttrs (n: type == "directory") (readDir ./.))); type = nullOr enum (attrNames (filterAttrs (n: type: type == "directory") (readDir ./.)));
default = null; default = null;
example = "plasma"; example = "plasma";
description = "Which desktop to enable"; description = "Which desktop to enable";
}; };
autoLogin = mkOption { autoLogin = mkEnableOption "Enable plasma's auto login feature.";
type = bool;
default = false;
example = true;
description = "Enable plasma's auto login feature.";
};
}; };
config = mkMerge [ config = mkMerge [
@ -27,7 +22,7 @@ in
services.displayManager = { services.displayManager = {
enable = true; enable = true;
autoLogin = mkIf cfg.autoLogin { autoLogin = mkIf cfg.autoLogin {
enable = true; enable = true;
}; };

2
modules/nixos/desktop/gamescope/default.nix
View file

@ -1,5 +1,5 @@
{ lib, config, namespace, inputs, ... }:let { lib, config, namespace, inputs, ... }:let
inherit (lib) mkEnableOption; inherit (lib) mkIf mkEnableOption;
cfg = config.${namespace}.desktop.gamescope; cfg = config.${namespace}.desktop.gamescope;
in in

3
modules/nixos/desktop/gnome/default.nix
View file

@ -1,6 +1,5 @@
{ lib, config, namespace, ... }:let { lib, config, namespace, ... }:let
inherit (lib) mkEnableOption mkOption; inherit (lib) mkIf mkEnableOption;
inherit (lib.types) bool;
cfg = config.${namespace}.desktop.gnome; cfg = config.${namespace}.desktop.gnome;
in in

5
modules/nixos/desktop/plasma/default.nix
View file

@ -1,6 +1,5 @@
{ lib, config, namespace, ... }:let { pkgs, lib, config, namespace, ... }:let
inherit (lib) mkEnableOption mkOption; inherit (lib) mkIf mkEnableOption;
inherit (lib.types) bool;
cfg = config.${namespace}.desktop.plasma; cfg = config.${namespace}.desktop.plasma;
in in

4
modules/nixos/hardware/audio/default.nix
View file

@ -5,7 +5,7 @@ let
cfg = config.${namespace}.hardware.has.audio; cfg = config.${namespace}.hardware.has.audio;
in in
{ {
config.${namespace}.hardware.has.audio = mkEnableOption "Enable bluetooth"; options.${namespace}.hardware.has.audio = mkEnableOption "Enable bluetooth";
config = mkIf cfg { config = mkIf cfg {
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
@ -27,4 +27,4 @@ in
}; };
}; };
}; };
} }

4
modules/nixos/hardware/bluetooth/default.nix
View file

@ -5,7 +5,7 @@ let
cfg = config.${namespace}.hardware.has.bluetooth; cfg = config.${namespace}.hardware.has.bluetooth;
in in
{ {
config.${namespace}.hardware.has.bluetooth = mkEnableOption "Enable bluetooth"; options.${namespace}.hardware.has.bluetooth = mkEnableOption "Enable bluetooth";
config = mkIf cfg { config = mkIf cfg {
hardware.bluetooth = { hardware.bluetooth = {
@ -22,4 +22,4 @@ in
}; };
}; };
}; };
} }

4
modules/nixos/hardware/gpu/amd.nix
View file

@ -5,7 +5,7 @@ let
cfg = config.${namespace}.hardware.has.gpu.amd; cfg = config.${namespace}.hardware.has.gpu.amd;
in in
{ {
config.${namespace}.hardware.has.gpu.amd = mkEnableOption "Enable AMD gpu configuration"; options.${namespace}.hardware.has.gpu.amd = mkEnableOption "Enable AMD gpu configuration";
config = mkIf cfg { config = mkIf cfg {
services.xserver.videoDrivers = [ "amd" ]; services.xserver.videoDrivers = [ "amd" ];
@ -26,4 +26,4 @@ in
}; };
}; };
}; };
} }

4
modules/nixos/hardware/gpu/nvidia.nix
View file

@ -5,7 +5,7 @@ let
cfg = config.${namespace}.hardware.has.gpu.nvidia; cfg = config.${namespace}.hardware.has.gpu.nvidia;
in in
{ {
config.${namespace}.hardware.has.gpu.nvidia = mkEnableOption "Enable NVidia gpu configuration"; options.${namespace}.hardware.has.gpu.nvidia = mkEnableOption "Enable NVidia gpu configuration";
config = mkIf cfg { config = mkIf cfg {
services.xserver.videoDrivers = [ "nvidia" ]; services.xserver.videoDrivers = [ "nvidia" ];
@ -28,4 +28,4 @@ in
}; };
}; };
}; };
} }

46
modules/nixos/hardware/keyboard/voyager.nix Normal file
View file

@ -0,0 +1,46 @@
{ lib, config, pkgs, namespace, ... }:
let
inherit (lib) mkIf mkEnableOption;
cfg = config.${namespace}.hardware.keyboard.voyager;
in
{
options.${namespace}.hardware.keyboard.voyager = {
enble = mkEnableOption "Enable tools for ZSA Voyager";
};
config = mkIf cfg.enable {
environment.systemPackages = with pkgs; [
keymapp
];
hardware.keyboard.zsa.enable = true;
services.udev.extraRules = ''
# Rules for Oryx web flashing and live training
KERNEL=="hidraw*", ATTRS{idVendor}=="16c0", MODE="0664", GROUP="plugdev"
KERNEL=="hidraw*", ATTRS{idVendor}=="3297", MODE="0664", GROUP="plugdev"
# Legacy rules for live training over webusb (Not needed for firmware v21+)
# Rule for all ZSA keyboards
SUBSYSTEM=="usb", ATTR{idVendor}=="3297", GROUP="plugdev"
# Rule for the Moonlander
SUBSYSTEM=="usb", ATTR{idVendor}=="3297", ATTR{idProduct}=="1969", GROUP="plugdev"
# Rule for the Ergodox EZ
SUBSYSTEM=="usb", ATTR{idVendor}=="feed", ATTR{idProduct}=="1307", GROUP="plugdev"
# Rule for the Planck EZ
SUBSYSTEM=="usb", ATTR{idVendor}=="feed", ATTR{idProduct}=="6060", GROUP="plugdev"
# Wally Flashing rules for the Ergodox EZ
ATTRS{idVendor}=="16c0", ATTRS{idProduct}=="04[789B]?", ENV{ID_MM_DEVICE_IGNORE}="1"
ATTRS{idVendor}=="16c0", ATTRS{idProduct}=="04[789A]?", ENV{MTP_NO_PROBE}="1"
SUBSYSTEMS=="usb", ATTRS{idVendor}=="16c0", ATTRS{idProduct}=="04[789ABCD]?", MODE:="0666"
KERNEL=="ttyACM*", ATTRS{idVendor}=="16c0", ATTRS{idProduct}=="04[789B]?", MODE:="0666"
# Keymapp / Wally Flashing rules for the Moonlander and Planck EZ
SUBSYSTEMS=="usb", ATTRS{idVendor}=="0483", ATTRS{idProduct}=="df11", MODE:="0666", SYMLINK+="stm32_dfu"
# Keymapp Flashing rules for the Voyager
SUBSYSTEMS=="usb", ATTRS{idVendor}=="3297", MODE:="0666", SYMLINK+="ignition_dfu"
'';
};
}

4
modules/nixos/nix/default.nix
View file

@ -5,7 +5,7 @@ let
cfg = config.${namespace}.nix; cfg = config.${namespace}.nix;
in in
{ {
config.${namespace}.nix = { options.${namespace}.nix = {
enable = mkEnableOption "Enable nix command"; enable = mkEnableOption "Enable nix command";
}; };
@ -39,4 +39,4 @@ in
channel.enable = false; channel.enable = false;
}; };
}; };
} }

6
_modules/system/services/auth/authelia.nix → modules/nixos/services/authentication/authelia.nix
View file

@ -1,12 +1,12 @@
{ config, lib, pkgs, ... }: { config, lib, pkgs, namespace, ... }:
let let
inherit (lib) mkIf mkEnableOption; inherit (lib) mkIf mkEnableOption;
user = "authelia-testing"; user = "authelia-testing";
cfg = config.modules.services.auth.authelia; cfg = config.${namespace}.services.authentication.authelia;
in in
{ {
options.modules.services.auth.authelia = { options.${namespace}.services.authentication.authelia = {
enable = mkEnableOption "Authelia"; enable = mkEnableOption "Authelia";
}; };

1
modules/nixos/services/authentication/default.nix Normal file
View file

@ -0,0 +1 @@
{ ... }: {}

6
_modules/system/authentication/himmelblau.nix → modules/nixos/services/authentication/himmelblau.nix
View file

@ -1,12 +1,12 @@
{ inputs, lib, config, ... }: let { inputs, lib, config, namespace, ... }: let
inherit (lib) mkEnableOption mkIf; inherit (lib) mkEnableOption mkIf;
cfg = config.modules.authentication.himmelblau; cfg = config.${namespace}.services.authentication.himmelblau;
in in
{ {
imports = [ inputs.himmelblau.nixosModules.himmelblau ]; imports = [ inputs.himmelblau.nixosModules.himmelblau ];
options.modules.authentication.himmelblau = { options.${namespace}.services.authentication.himmelblau = {
enable = mkEnableOption "enable azure entra ID authentication"; enable = mkEnableOption "enable azure entra ID authentication";
}; };

6
_modules/system/services/auth/zitadel.nix → modules/nixos/services/authentication/zitadel.nix
View file

@ -1,14 +1,14 @@
{ config, options, lib, pkgs, ... }: { config, lib, pkgs, namespace, ... }:
let let
inherit (lib) mkIf mkEnableOption; inherit (lib) mkIf mkEnableOption;
cfg = config.modules.services.auth.zitadel; cfg = config.${namespace}.services.authentication.zitadel;
db_name = "zitadel"; db_name = "zitadel";
db_user = "zitadel"; db_user = "zitadel";
in in
{ {
options.modules.services.auth.zitadel = { options.${namespace}.services.authentication.zitadel = {
enable = mkEnableOption "Zitadel"; enable = mkEnableOption "Zitadel";
}; };

31
_modules/system/services/games/minecraft.nix → modules/nixos/services/games/minecraft.nix
View file

@ -1,22 +1,33 @@
{ inputs, config, lib, pkgs, ... }: { inputs, config, lib, pkgs, namespace, ... }:
let let
inherit (lib.modules) mkIf; inherit (lib) mkIf mkEnableOption mkOption;
inherit (lib.types) str;
cfg = config.${namespace}.services.games.minecraft;
in in
{ {
imports = [ imports = [
inputs.nix-minecraft.nixosModules.minecraft-servers inputs.nix-minecraft.nixosModules.minecraft-servers
]; ];
options.modules.services.games.minecraft = let options.${namespace}.services.games.minecraft = {
inherit (lib.options) mkEnableOption;
in {
enable = mkEnableOption "Minecraft"; enable = mkEnableOption "Minecraft";
user = mkOption {
type = str;
default = "minecraft";
};
group = mkOption {
type = str;
default = "minecraft";
};
}; };
config = mkIf config.modules.services.games.minecraft.enable { config = mkIf cfg.enable {
user.users."minecraft" = { user.users.${cfg.user} = {
isSystemUser = true; isSystemUser = true;
group = "minecraft"; group = cfg.group;
}; };
services = { services = {
@ -25,7 +36,7 @@ in
eula = true; eula = true;
openFirewall = true; openFirewall = true;
user = "minecraft"; user = cfg.user;
dataDir = "/var/lib/minecraft"; dataDir = "/var/lib/minecraft";
managementSystem = { managementSystem = {
@ -151,7 +162,7 @@ in
symlinks = let symlinks = let
inherit (builtins) attrNames readDir map; inherit (builtins) attrNames readDir map;
inherit (pkgs) linkFarm fetchzip; inherit (pkgs) linkFarm;
linkFarmFromDir = name: dir: linkFarm name (map (x: { name = x; path = "${src}/${dir}/${x}"; }) (attrNames (readDir "${src}/${dir}"))); linkFarmFromDir = name: dir: linkFarm name (map (x: { name = x; path = "${src}/${dir}/${x}"; }) (attrNames (readDir "${src}/${dir}")));
in { in {

12
_modules/system/services/games/palworld.nix → modules/nixos/services/games/palworld.nix
View file

@ -1,15 +1,15 @@
{ config, options, lib, pkgs, ... }: { config, lib, namespace, ... }:
let let
inherit (lib.modules) mkIf; inherit (lib) mkIf mkEnableOption;
cfg = config.${namespace}.services.games.palworld;
in in
{ {
options.modules.services.games.palworld = let options.${namespace}.services.games.palworld = {
inherit (lib.options) mkEnableOption;
in {
enable = mkEnableOption "Palworld"; enable = mkEnableOption "Palworld";
}; };
config = mkIf config.modules.services.games.palworld.enable { config = mkIf cfg.enable {
# kaas = (pkgs.mkSteamServer rec { # kaas = (pkgs.mkSteamServer rec {
# name = "Palworld"; # name = "Palworld";
# src = pkgs.fetchSteam { # src = pkgs.fetchSteam {

104
modules/nixos/services/media/default.nix
View file

@ -1,12 +1,28 @@
{ lib, namespace, config, ... }: { pkgs, lib, namespace, config, ... }:
let let
inherit (lib) mkIf mkEnableOption; inherit (lib) mkIf mkEnableOption mkOption;
inherit (lib.types) str;
cfg = config.${namespace}.services.media; cfg = config.${namespace}.services.media;
in in
{ {
config.${namespace}.services.media = { options.${namespace}.services.media = {
enable = mkEnableOption "Enable media services"; enable = mkEnableOption "Enable media services";
user = mkOption {
type = str;
default = "media";
};
group = mkOption {
type = str;
default = "media";
};
path = mkOption {
type = str;
default = "/var/media";
};
}; };
config = mkIf cfg.enable { config = mkIf cfg.enable {
@ -23,7 +39,7 @@ in
id3v2 id3v2
yt-dlp yt-dlp
]; ];
# need to permit these outdated packages until servarr finally upgrades at some point... # need to permit these outdated packages until servarr finally upgrades at some point...
permittedInsecurePackages = [ permittedInsecurePackages = [
"dotnet-sdk-6.0.428" "dotnet-sdk-6.0.428"
@ -34,22 +50,22 @@ in
# Prepare system # Prepare system
#========================================================================= #=========================================================================
users = { users = {
users.${user} = { users.${cfg.user} = {
isSystemUser = true; isSystemUser = true;
group = group; group = cfg.group;
}; };
groups.${group} = {}; groups.${cfg.group} = {};
}; };
systemd.tmpfiles.rules = [ systemd.tmpfiles.rules = [
"d '${directory}/series' 0700 ${user} ${group} - -" "d '${cfg.directory}/series' 0700 ${cfg.user} ${cfg.group} - -"
"d '${directory}/movies' 0700 ${user} ${group} - -" "d '${cfg.directory}/movies' 0700 ${cfg.user} ${cfg.group} - -"
"d '${directory}/music' 0700 ${user} ${group} - -" "d '${cfg.directory}/music' 0700 ${cfg.user} ${cfg.group} - -"
"d '${directory}/qbittorrent' 0700 ${user} ${group} - -" "d '${cfg.directory}/qbittorrent' 0700 ${cfg.user} ${cfg.group} - -"
"d '${directory}/sabnzbd' 0700 ${user} ${group} - -" "d '${cfg.directory}/sabnzbd' 0700 ${cfg.user} ${cfg.group} - -"
"d '${directory}/reiverr/config' 0700 ${user} ${group} - -" "d '${cfg.directory}/reiverr/config' 0700 ${cfg.user} ${cfg.group} - -"
"d '${directory}/downloads/incomplete' 0700 ${user} ${group} - -" "d '${cfg.directory}/downloads/incomplete' 0700 ${cfg.user} ${cfg.group} - -"
"d '${directory}/downloads/done' 0700 ${user} ${group} - -" "d '${cfg.directory}/downloads/done' 0700 ${cfg.user} ${cfg.group} - -"
]; ];
#========================================================================= #=========================================================================
@ -59,8 +75,8 @@ in
serviceConf = { serviceConf = {
enable = true; enable = true;
openFirewall = true; openFirewall = true;
user = user; user = cfg.user;
group = group; group = cfg.group;
}; };
in { in {
jellyfin = serviceConf; jellyfin = serviceConf;
@ -69,11 +85,6 @@ in
bazarr = serviceConf; bazarr = serviceConf;
lidarr = serviceConf; lidarr = serviceConf;
lanraragi = {
enable = true;
port = 6969;
};
jellyseerr = { jellyseerr = {
enable = true; enable = true;
openFirewall = true; openFirewall = true;
@ -87,20 +98,34 @@ in
qbittorrent = { qbittorrent = {
enable = true; enable = true;
openFirewall = true; openFirewall = true;
dataDir = "${directory}/qbittorrent"; dataDir = "${cfg.directory}/qbittorrent";
port = 5000; port = 5000;
user = user; user = cfg.user;
group = group; group = cfg.group;
}; };
sabnzbd = { sabnzbd = {
enable = true; enable = true;
openFirewall = true; openFirewall = true;
configFile = "${directory}/sabnzbd/config.ini"; configFile = "${cfg.directory}/sabnzbd/config.ini";
user = user; user = cfg.user;
group = group; group = cfg.group;
};
caddy = {
enable = true;
virtualHosts = {
"media.kruining.eu".extraConfig = ''
import auth
reverse_proxy http://127.0.0.1:9494
'';
"jellyfin.kruining.eu".extraConfig = ''
reverse_proxy http://127.0.0.1:8096
'';
};
}; };
}; };
@ -123,31 +148,12 @@ in
image = "ghcr.io/aleksilassila/reiverr:v2.2.0"; image = "ghcr.io/aleksilassila/reiverr:v2.2.0";
autoStart = true; autoStart = true;
ports = [ "127.0.0.1:9494:9494" ]; ports = [ "127.0.0.1:9494:9494" ];
volumes = [ "${directory}/reiverr/config:/config" ]; volumes = [ "${cfg.directory}/reiverr/config:/config" ];
}; };
}; };
}; };
}; };
#=========================================================================
# Hosting
#=========================================================================
services = {
caddy = {
enable = true;
virtualHosts = {
"media.kruining.eu".extraConfig = ''
import auth
reverse_proxy http://127.0.0.1:9494
'';
"jellyfin.kruining.eu".extraConfig = ''
reverse_proxy http://127.0.0.1:8096
'';
};
};
};
networking.firewall.allowedTCPPorts = [ 80 443 6969 ]; networking.firewall.allowedTCPPorts = [ 80 443 6969 ];
}; };
} }

37
_modules/system/services/nextcloud.nix → modules/nixos/services/media/nextcloud.nix
View file

@ -1,26 +1,35 @@
{ config, lib, pkgs, ... }: { config, lib, pkgs, namespace, ... }:
let let
inherit (lib.options) mkEnableOption; inherit (lib) mkIf mkEnableOption mkOption;
inherit (lib.modules) mkIf; inherit (lib.types) str;
user = "nextcloud"; cfg = config.${namespace}.services.media.nextcloud;
group = "nextcloud";
in in
{ {
options.modules.services.nextcloud = { options.modules.services.nextcloud = {
enable = mkEnableOption "Nextcloud"; enable = mkEnableOption "Nextcloud";
};
config = mkIf config.modules.services.nextcloud.enable { user = mkOption {
users = { type = str;
users.${user} = { default = "nextcloud";
isSystemUser = true;
group = group;
};
groups.${group} = {};
}; };
home-manager.users.${user}.home = { group = mkOption {
type = str;
default = "nextcloud";
};
};
config = mkIf cfg.enable {
users = {
users.${cfg.user} = {
isSystemUser = true;
group = cfg.group;
};
groups.${cfg.group} = {};
};
home-manager.users.${cfg.user}.home = {
stateVersion = config.system.stateVersion; stateVersion = config.system.stateVersion;
file.".netrc".text = '' file.".netrc".text = ''

6
_modules/system/networking/nfs.nix → modules/nixos/services/media/nfs.nix
View file

@ -1,11 +1,11 @@
{ config, lib, ... }: { config, lib, namespace, ... }:
let let
inherit (lib) mkIf mkEnableOption; inherit (lib) mkIf mkEnableOption;
cfg = config.modules.networking.nfs; cfg = config.${namespace}.media.nfs;
in in
{ {
options.modules.networking.nfs = { options.${namespace}.media.nfs = {
enable = mkEnableOption "Enable NFS"; enable = mkEnableOption "Enable NFS";
}; };

6
_modules/system/networking/ssh.nix → modules/nixos/services/networking/ssh.nix
View file

@ -1,12 +1,12 @@
{ config, lib, ... }: { config, lib, namespace, ... }:
let let
inherit (lib.modules) mkIf; inherit (lib.modules) mkIf;
inherit (lib.options) mkEnableOption; inherit (lib.options) mkEnableOption;
cfg = config.modules.networking.ssh; cfg = config.${namespace}.services.networking.ssh;
in in
{ {
options.modules.networking.ssh = { options.${namespace}.services.networking.ssh = {
enable = mkEnableOption "enable ssh"; enable = mkEnableOption "enable ssh";
}; };