chris/sneeuwvlok
chris/sneeuwvlok
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

initial migration

Browse source
This commit is contained in:
Chris Kruining 2026-03-24 14:09:46 +00:00
parent 01fb98ba10
commit 59a1fbaf0f
54 changed files with 522 additions and 613 deletions
Download patch file Download diff file Expand all files Collapse all files

4
machines/aule/README.md Normal file
View file

@ -0,0 +1,4 @@
# Description
My future build server, reasoning for the name being the following chain of thought:
**Aule -> the smith -> smithing is building -> build server**

2
machines/aule/configuration.nix Normal file
View file

@ -0,0 +1,2 @@
{ ... }: {
}

3
machines/mandos/README.md Normal file
View file

@ -0,0 +1,3 @@
# Description
Living room Steambox.

31
machines/mandos/configuration.nix Normal file
View file

@ -0,0 +1,31 @@
{ ... }:
{
imports = [
./disks.nix
./hardware.nix
];
sneeuwvlok = {
hardware.has = {
gpu.nvidia = true;
audio = true;
};
boot = {
quiet = true;
animated = true;
};
desktop.use = "gamescope";
application = {
steam.enable = true;
};
editor = {
nano.enable = true;
};
};
system.stateVersion = "23.11";
}

3
machines/mandos/default.nix Normal file
View file

@ -0,0 +1,3 @@
{ ... }: {
imports = [ ./configuration.nix ];
}

33
machines/mandos/disks.nix Normal file
View file

@ -0,0 +1,33 @@
{ config, lib, pkgs, modulesPath, ... }:
let
inherit (lib.modules) mkDefault;
in
{
# TODO :: Implement disko at some point
swapDevices = [ { device = "/dev/disk/by-uuid/0ddf001a-5679-482e-b254-04a1b9094794"; } ];
fileSystems = {
"/" = {
device = "/dev/disk/by-uuid/8c4eaf57-fdb2-4c4c-bcc0-74e85a1c7985";
fsType = "ext4";
};
"/boot" = {
device = "/dev/disk/by-uuid/C842-316A";
fsType = "vfat";
options = [ "fmask=0022" "dmask=0022" ];
};
"/home/chris/games" = {
device = "/dev/disk/by-label/games";
fsType = "ext4";
};
# TODO :: Reformat the disk to ext4
"/home/chris/data" = {
device = "/dev/disk/by-label/Data";
fsType = "ntfs-3g";
options = [ "rw" "uid=chris" ];
};
};
}

18
machines/mandos/hardware.nix Normal file
View file

@ -0,0 +1,18 @@
{ config, lib, pkgs, modulesPath, system, ... }:
let
inherit (lib.modules) mkDefault;
in
{
imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
boot = {
initrd.availableKernelModules = [ "xhci_pci" "ahci" "usb_storage" "usbhid" "sd_mod" ];
initrd.kernelModules = [ ];
kernelModules = [ "kvm-intel" ];
kernelParams = [];
extraModulePackages = [ ];
};
nixpkgs.hostPlatform = mkDefault system;
hardware.cpu.intel.updateMicrocode = mkDefault config.hardware.enableRedistributableFirmware;
}

8
machines/manwe/README.md Normal file
View file

@ -0,0 +1,8 @@
# Description
<<<<<<< HEAD
My steambox.
=======
My desktop, reasoning for the name being the following chain of thought:
**Manwe -> the king of the valar -> leader -> desktop is main machine**
>>>>>>> 72b0f6f8fad97a4ade1b54dfada26828a170febf

42
machines/manwe/configuration.nix Normal file
View file

@ -0,0 +1,42 @@
{ pkgs, ...}: {
imports = [
./disks.nix
./hardware.nix
];
system.activationScripts.remove-gtkrc.text = "rm -f /home/chris/.gtkrc-2.0";
services.logrotate.checkConfig = false;
environment.systemPackages = with pkgs; [ beyond-all-reason openrct2 ];
sneeuwvlok = {
hardware.has = {
gpu.amd = true;
bluetooth = true;
audio = true;
};
boot = {
quiet = true;
animated = true;
};
desktop.use = "plasma";
application = {
steam.enable = true;
};
editor = {
nano.enable = true;
};
};
services.displayManager.autoLogin = {
enable = true;
user = "chris";
};
system.stateVersion = "23.11";
}

3
machines/manwe/default.nix Normal file
View file

@ -0,0 +1,3 @@
{ ... }: {
imports = [ ./configuration.nix ];
}

34
machines/manwe/disks.nix Normal file
View file

@ -0,0 +1,34 @@
{ config, lib, pkgs, modulesPath, ... }:
let
inherit (lib.modules) mkDefault;
in
{
# TODO :: Implement disko at some point
swapDevices = [];
boot.supportedFilesystems = [ "nfs" ];
fileSystems = {
"/" = {
device = "/dev/disk/by-label/nixos";
fsType = "ext4";
};
"/boot" = {
device = "/dev/disk/by-label/boot";
fsType = "vfat";
options = [ "fmask=0022" "dmask=0022" ];
};
"/home/chris/media" = {
device = "ulmo:/";
fsType = "nfs";
};
# "/home/chris/mandos" = {
# device = "mandos:/";
# fsType = "nfs";
# };
};
}

18
machines/manwe/hardware.nix Normal file
View file

@ -0,0 +1,18 @@
{ config, lib, pkgs, modulesPath, system, ... }:
let
inherit (lib.modules) mkDefault;
in
{
imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
boot = {
initrd.availableKernelModules = [ "xhci_pci" "ahci" "usb_storage" "usbhid" "sd_mod" ];
initrd.kernelModules = [ ];
kernelModules = [ "kvm-amd" ];
kernelParams = [];
extraModulePackages = [ ];
};
nixpkgs.hostPlatform = mkDefault system;
hardware.cpu.amd.updateMicrocode = mkDefault config.hardware.enableRedistributableFirmware;
}

3
machines/melkor/README.md Normal file
View file

@ -0,0 +1,3 @@
# Description
TBD

2
machines/melkor/configuration.nix Normal file
View file

@ -0,0 +1,2 @@
{ ... }: {
}

4
machines/orome/README.md Normal file
View file

@ -0,0 +1,4 @@
# Description
My work laptop, reasoning for the name being the following chain of thought:
**Orome -> the huntsman -> hunting means leaving home -> work laptop travels with me**

30
machines/orome/configuration.nix Normal file
View file

@ -0,0 +1,30 @@
{pkgs, ...}: {
imports = [
./disks.nix
./hardware.nix
];
environment.systemPackages = with pkgs; [
azure-cli
github-copilot-cli
];
sneeuwvlok = {
hardware.has = {
bluetooth = true;
audio = true;
};
services.authentication.himmelblau.enable = true;
application = {
steam.enable = true;
};
editor = {
nano.enable = true;
};
};
system.stateVersion = "23.11";
}

3
machines/orome/default.nix Normal file
View file

@ -0,0 +1,3 @@
{ ... }: {
imports = [ ./configuration.nix ];
}

23
machines/orome/disks.nix Normal file
View file

@ -0,0 +1,23 @@
{ config, lib, pkgs, modulesPath, ... }:
let
inherit (lib.modules) mkDefault;
in
{
# TODO :: Implement disko at some point
swapDevices = [];
boot.supportedFilesystems = [ "nfs" ];
fileSystems = {
"/" = { device = "/dev/disk/by-uuid/e60745c9-b3ea-4aeb-9c5c-b67ef1730826";
fsType = "ext4";
};
"/boot" = {
device = "/dev/disk/by-uuid/42B3-C767";
fsType = "vfat";
options = [ "fmask=0077" "dmask=0077" ];
};
};
}

18
machines/orome/hardware.nix Normal file
View file

@ -0,0 +1,18 @@
{ config, lib, pkgs, modulesPath, system, ... }:
let
inherit (lib.modules) mkDefault;
in
{
imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
boot = {
initrd.availableKernelModules = [ "xhci_pci" "thunderbolt" "nvme" "usb_storage" "sd_mod" "rtsx_pci_sdmmc" ];
initrd.kernelModules = [ ];
kernelModules = [ "kvm-intel" ];
kernelParams = [];
extraModulePackages = [ ];
};
nixpkgs.hostPlatform = mkDefault system;
hardware.cpu.intel.updateMicrocode = mkDefault config.hardware.enableRedistributableFirmware;
}

3
machines/tulkas/README.md Normal file
View file

@ -0,0 +1,3 @@
# Description
Steamdeck

32
machines/tulkas/configuration.nix Normal file
View file

@ -0,0 +1,32 @@
{ ... }:
{
imports = [
./disks.nix
./hardware.nix
];
sneeuwvlok = {
hardware.has = {
gpu.amd = true;
bluetooth = true;
audio = true;
};
boot = {
quiet = true;
animated = true;
};
desktop.use = "gamescope";
application = {
steam.enable = true;
};
editor = {
nano.enable = true;
};
};
system.stateVersion = "23.11";
}

3
machines/tulkas/default.nix Normal file
View file

@ -0,0 +1,3 @@
{ ... }: {
imports = [ ./configuration.nix ];
}

23
machines/tulkas/disks.nix Normal file
View file

@ -0,0 +1,23 @@
{ config, lib, pkgs, modulesPath, ... }:
let
inherit (lib.modules) mkDefault;
in
{
# TODO :: Implement disko at some point
swapDevices = [
{ device = "/dev/disk/by-uuid/beddca5c-1ecc-4a46-9fc5-fd918eed8f2a"; }
];
fileSystems = {
"/" = {
device = "/dev/disk/by-uuid/aa438c4c-d193-436b-91ca-c386c0688265";
fsType = "ext4";
};
"/boot" = {
device = "/dev/disk/by-uuid/89B8-0702";
fsType = "vfat";
};
};
}

18
machines/tulkas/hardware.nix Normal file
View file

@ -0,0 +1,18 @@
{ config, lib, pkgs, modulesPath, system, ... }:
let
inherit (lib.modules) mkDefault;
in
{
imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
boot = {
initrd.availableKernelModules = [ "nvme" "xhci_pci" "usbhid" "usb_storage" "sd_mod" "sdhci_pci" ];
initrd.kernelModules = [ ];
kernelModules = [ "kvm-amd" ];
kernelParams = [];
extraModulePackages = [ ];
};
nixpkgs.hostPlatform = mkDefault system;
hardware.cpu.intel.updateMicrocode = mkDefault config.hardware.enableRedistributableFirmware;
}

274
machines/ulmo/configuration.nix Normal file
View file

@ -0,0 +1,274 @@
{...}: {
imports = [
./disks.nix
./hardware.nix
];
networking = {
interfaces.enp2s0 = {
ipv6.addresses = [
{
address = "2a0d:6e00:1dc9:0::dead:beef";
prefixLength = 64;
}
];
useDHCP = true;
};
defaultGateway = {
address = "192.168.1.1";
interface = "enp2s0";
};
defaultGateway6 = {
address = "fe80::1";
interface = "enp2s0";
};
};
# virtualisation = {
# containers.enable = true;
# podman = {
# enable = true;
# dockerCompat = true;
# };
# oci-containers = {
# backend = "podman";
# containers = {
# homey = {
# image = "ghcr.io/athombv/homey-shs:latest";
# autoStart = true;
# privileged = true;
# volumes = [
# "/home/chris/.homey-shs:/homey/user"
# ];
# ports = [
# "4859:4859"
# ];
# };
# };
# };
# };
sneeuwvlok = {
services = {
backup.borg.enable = true;
authentication.zitadel = {
enable = true;
organization = {
nix = {
user = {
chris = {
email = "chris@kruining.eu";
firstName = "Chris";
lastName = "Kruining";
roles = ["ORG_OWNER"];
instanceRoles = ["IAM_OWNER"];
};
kaas = {
email = "chris+kaas@kruining.eu";
firstName = "Kaas";
lastName = "Kruining";
};
};
project = {
ulmo = {
projectRoleCheck = true;
projectRoleAssertion = true;
hasProjectCheck = true;
role = {
jellyfin = {
group = "jellyfin";
};
jellyfin_admin = {
group = "jellyfin";
};
};
assign = {
chris = ["jellyfin" "jellyfin_admin"];
kaas = ["jellyfin"];
};
application = {
jellyfin = {
redirectUris = ["https://jellyfin.kruining.eu/sso/OID/redirect/zitadel"];
grantTypes = ["authorizationCode"];
responseTypes = ["code"];
};
forgejo = {
redirectUris = ["https://git.amarth.cloud/user/oauth2/zitadel/callback"];
grantTypes = ["authorizationCode"];
responseTypes = ["code"];
};
vaultwarden = {
redirectUris = ["https://vault.kruining.eu/identity/connect/oidc-signin"];
grantTypes = ["authorizationCode"];
responseTypes = ["code"];
exportMap = {
client_id = "SSO_CLIENT_ID";
client_secret = "SSO_CLIENT_SECRET";
};
};
matrix = {
redirectUris = ["https://matrix.kruining.eu/_synapse/client/oidc/callback"];
grantTypes = ["authorizationCode"];
responseTypes = ["code"];
};
mydia = {
redirectUris = ["http://localhost:2010/auth/oidc/callback"];
grantTypes = ["authorizationCode"];
responseTypes = ["code"];
};
grafana = {
redirectUris = ["http://localhost:9001/login/generic_oauth"];
grantTypes = ["authorizationCode"];
responseTypes = ["code"];
};
};
};
convex = {
projectRoleCheck = true;
projectRoleAssertion = true;
hasProjectCheck = true;
application = {
scry = {
redirectUris = ["https://nautical-salamander-320.eu-west-1.convex.cloud/api/auth/callback/zitadel"];
grantTypes = ["authorizationCode"];
responseTypes = ["code"];
};
};
};
};
action = {
flattenRoles = {
script = ''
(ctx, api) => {
if (ctx.v1.user.grants == undefined || ctx.v1.user.grants.count == 0) {
return;
}
const roles = ctx.v1.user.grants.grants.flatMap(({ roles, projectId }) => roles.map(role => projectId + ':' + role));
api.v1.claims.setClaim('nix:zitadel:custom', JSON.stringify({ roles }));
};
'';
};
};
triggers = [
{
flowType = "customiseToken";
triggerType = "preUserinfoCreation";
actions = ["flattenRoles"];
}
{
flowType = "customiseToken";
triggerType = "preAccessTokenCreation";
actions = ["flattenRoles"];
}
];
};
};
};
communication.matrix.enable = true;
development.forgejo.enable = true;
networking.ssh.enable = true;
networking.caddy.hosts = {
# Expose amarht cloud stuff like this until I have a proper solution
"auth.amarth.cloud" = ''
reverse_proxy http://192.168.1.223:9092
'';
"amarth.cloud" = ''
reverse_proxy http://192.168.1.223:8080
'';
};
media.enable = true;
media.glance.enable = true;
media.mydia.enable = true;
media.nfs.enable = true;
media.jellyfin.enable = true;
media.servarr = {
radarr = {
enable = true;
port = 2001;
rootFolders = [
"/var/media/movies"
];
};
sonarr = {
enable = true;
# debug = true;
port = 2002;
rootFolders = [
"/var/media/series"
];
};
lidarr = {
enable = true;
debug = true;
port = 2003;
rootFolders = [
"/var/media/music"
];
};
prowlarr = {
enable = true;
# debug = true;
port = 2004;
};
};
observability = {
grafana.enable = true;
prometheus.enable = true;
loki.enable = true;
promtail.enable = true;
# uptime-kuma.enable = true;
};
security.vaultwarden = {
enable = true;
database = {
# type = "sqlite";
# file = "/var/lib/vaultwarden/state.db";
type = "postgresql";
host = "localhost";
port = 5432;
sslMode = "disabled";
};
};
};
editor = {
nano.enable = true;
};
};
system.stateVersion = "23.11";
}

3
machines/ulmo/default.nix Normal file
View file

@ -0,0 +1,3 @@
{ ... }: {
imports = [ ./configuration.nix ];
}

29
machines/ulmo/disks.nix Normal file
View file

@ -0,0 +1,29 @@
{ config, lib, pkgs, modulesPath, ... }:
let
inherit (lib.modules) mkDefault;
in
{
# TODO :: Implement disko at some point
swapDevices = [];
boot.supportedFilesystems = [ "nfs" ];
fileSystems = {
"/" = {
device = "/dev/disk/by-uuid/dd518f17-61c9-4831-b1bd-e1cc2af292aa";
fsType = "ext4";
};
"/boot" = {
device = "/dev/disk/by-uuid/0A56-EBFE";
fsType = "vfat";
options = [ "fmask=0022" "dmask=0022" ];
};
"/var/media" = {
device = "/dev/disk/by-label/data";
fsType = "ext4";
};
};
}

18
machines/ulmo/hardware.nix Normal file
View file

@ -0,0 +1,18 @@
{ config, lib, pkgs, modulesPath, system, ... }:
let
inherit (lib.modules) mkDefault;
in
{
imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
boot = {
initrd.availableKernelModules = [ "xhci_pci" "ahci" "nvme" "usbhid" "usb_storage" "sd_mod" ];
initrd.kernelModules = [ ];
kernelModules = [ "kvm-intel" ];
kernelParams = [];
extraModulePackages = [ ];
};
nixpkgs.hostPlatform = mkDefault system;
hardware.cpu.intel.updateMicrocode = mkDefault config.hardware.enableRedistributableFirmware;
}

3
machines/varda/README.md Normal file
View file

@ -0,0 +1,3 @@
# Description
TBD

2
machines/varda/configuration.nix Normal file
View file

@ -0,0 +1,2 @@
{ ... }: {
}

3
machines/yavanna/README.md Normal file
View file

@ -0,0 +1,3 @@
# Description
TBD

2
machines/yavanna/configuration.nix Normal file
View file

@ -0,0 +1,2 @@
{ ... }: {
}