From 37aa35daed3a0eb273462d80e9f3b9e7779c32b2 Mon Sep 17 00:00:00 2001 From: Danilo Reyes Date: Sun, 27 Oct 2024 17:10:31 -0600 Subject: [PATCH] migrated channel 24.05 to unstable --- base.nix | 2 +- flake.lock | 33 +--- flake.nix | 8 +- gnome.nix | 37 ++--- home-manager.nix | 2 +- hosts/miniserver/hardware-configuration.nix | 161 +++++++++---------- hosts/server/hardware-configuration.nix | 41 ++--- hosts/workstation/configuration.nix | 2 - hosts/workstation/hardware-configuration.nix | 6 +- modules/apps/gaming.nix | 3 +- modules/dev/python.nix | 2 +- modules/servers/mealie.nix | 2 - modules/servers/nextcloud.nix | 8 +- modules/servers/shiori.nix | 2 - modules/services/nvidia.nix | 5 +- modules/services/printing.nix | 2 +- modules/services/sound.nix | 1 - overlay.nix | 35 +--- pkgs/mealie-service.nix | 82 ---------- pkgs/obs-studio.nix | 61 ------- pkgs/shiori-service.nix | 146 ----------------- pkgs/stash.nix | 47 ------ 22 files changed, 131 insertions(+), 557 deletions(-) delete mode 100644 pkgs/mealie-service.nix delete mode 100644 pkgs/obs-studio.nix delete mode 100644 pkgs/shiori-service.nix delete mode 100644 pkgs/stash.nix diff --git a/base.nix b/base.nix index 80b5387..211c707 100644 --- a/base.nix +++ b/base.nix @@ -17,7 +17,7 @@ ./jawz.nix ] ++ (map (file: ./modules/${file}) moduleFiles); - system.stateVersion = "24.05"; + system.stateVersion = "24.11"; sops = { defaultSopsFormat = "yaml"; defaultSopsFile = ./secrets/secrets.yaml; diff --git a/flake.lock b/flake.lock index 6ec7b55..3efed53 100644 --- a/flake.lock +++ b/flake.lock @@ -112,16 +112,16 @@ ] }, "locked": { - "lastModified": 1726989464, - "narHash": "sha256-Vl+WVTJwutXkimwGprnEtXc/s/s8sMuXzqXaspIGlwM=", + "lastModified": 1730016908, + "narHash": "sha256-bFCxJco7d8IgmjfNExNz9knP8wvwbXU4s/d53KOK6U0=", "owner": "nix-community", "repo": "home-manager", - "rev": "2f23fa308a7c067e52dfcc30a0758f47043ec176", + "rev": "e83414058edd339148dc142a8437edb9450574c8", "type": "github" }, "original": { "owner": "nix-community", - "ref": "release-24.05", + "ref": "master", "repo": "home-manager", "type": "github" } @@ -439,16 +439,16 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1729691686, - "narHash": "sha256-BAuPWW+9fa1moZTU+jFh+1cUtmsuF8asgzFwejM4wac=", + "lastModified": 1729880355, + "narHash": "sha256-RP+OQ6koQQLX5nw0NmcDrzvGL8HDLnyXt/jHhL1jwjM=", "owner": "nixos", "repo": "nixpkgs", - "rev": "32e940c7c420600ef0d1ef396dc63b04ee9cad37", + "rev": "18536bf04cd71abd345f9579158841376fdd0c5a", "type": "github" }, "original": { "owner": "nixos", - "ref": "nixos-24.05", + "ref": "nixos-unstable", "repo": "nixpkgs", "type": "github" } @@ -502,7 +502,6 @@ "nixos-cosmic": "nixos-cosmic", "nixpkgs": "nixpkgs_3", "sops-nix": "sops-nix", - "unstable": "unstable", "zen-browser": "zen-browser" } }, @@ -588,22 +587,6 @@ "url": "https://github.com/Open-Wine-Components/umu-launcher/?dir=packaging/nix" } }, - "unstable": { - "locked": { - "lastModified": 1729665710, - "narHash": "sha256-AlcmCXJZPIlO5dmFzV3V2XF6x/OpNWUV8Y/FMPGd8Z4=", - "owner": "nixos", - "repo": "nixpkgs", - "rev": "2768c7d042a37de65bb1b5b3268fc987e534c49d", - "type": "github" - }, - "original": { - "owner": "nixos", - "ref": "nixos-unstable", - "repo": "nixpkgs", - "type": "github" - } - }, "xdph": { "inputs": { "hyprland-protocols": [ diff --git a/flake.nix b/flake.nix index 895f205..82edacd 100644 --- a/flake.nix +++ b/flake.nix @@ -1,11 +1,10 @@ { description = "JawZ NixOS flake setup"; inputs = { - nixpkgs.url = "github:nixos/nixpkgs?ref=nixos-24.05"; - unstable.url = "github:nixos/nixpkgs?ref=nixos-unstable"; + nixpkgs.url = "github:nixos/nixpkgs?ref=nixos-unstable"; master.url = "github:nixos/nixpkgs?ref=master"; home-manager = { - url = "github:nix-community/home-manager/release-24.05"; + url = "github:nix-community/home-manager/master"; inputs.nixpkgs.follows = "nixpkgs"; }; nix-gaming.url = "github:fufexan/nix-gaming"; @@ -41,9 +40,8 @@ config.allowUnfree = true; }; pkgs = makePkgs nixpkgs; - pkgsU = makePkgs inputs.unstable; pkgsM = makePkgs inputs.master; - overlays = [ (import ./overlay.nix { inherit pkgs pkgsU pkgsM; }) ]; + overlays = [ (import ./overlay.nix { inherit pkgs pkgsM; }) ]; createConfig = name: { inherit system; specialArgs = { diff --git a/gnome.nix b/gnome.nix index e587215..a24b208 100644 --- a/gnome.nix +++ b/gnome.nix @@ -8,7 +8,7 @@ displayManager.gdm.enable = true; desktopManager.gnome = { enable = true; - extraGSettingsOverridePackages = [ pkgs.gnome.mutter ]; + extraGSettingsOverridePackages = [ pkgs.mutter ]; extraGSettingsOverrides = '' [org.gnome.mutter] experimental-features=['variable-refresh-rate', 'scale-monitor-framebuffer'] @@ -16,24 +16,21 @@ }; }; }; - environment.gnome.excludePackages = - (with pkgs; [ - gnome-photos - gnome-tour - gnome-text-editor - gnome-connections - # gnome-shell-extensions - baobab - ]) - ++ (with pkgs.gnome; [ - # totem - gnome-music - epiphany - gnome-characters - yelp - gnome-font-viewer - cheese - ]); + environment.gnome.excludePackages = with pkgs; [ + # gnome-shell-extensions + # totem + baobab + cheese + epiphany + gnome-characters + gnome-connections + gnome-font-viewer + gnome-music + gnome-photos + gnome-text-editor + gnome-tour + yelp + ]; qt = { enable = true; style = "adwaita"; @@ -42,7 +39,7 @@ (with pkgs; [ # ffmpegthumbnailer # generate thumbnails adw-gtk3 # theme legacy applications - gnome.gnome-tweaks # tweaks for the gnome desktop environment + gnome-tweaks # tweaks for the gnome desktop environment papirus-icon-theme # icon theme libgda # for pano shell extension # gradience # theme customizer, allows you to modify adw-gtk3 themes diff --git a/home-manager.nix b/home-manager.nix index b49420d..73aeb9b 100644 --- a/home-manager.nix +++ b/home-manager.nix @@ -1,6 +1,6 @@ { config, ... }: { - home.stateVersion = "24.05"; + home.stateVersion = "24.11"; programs.bash = { enable = true; historyFile = "\${XDG_STATE_HOME}/bash/history"; diff --git a/hosts/miniserver/hardware-configuration.nix b/hosts/miniserver/hardware-configuration.nix index 57b26b3..798857e 100644 --- a/hosts/miniserver/hardware-configuration.nix +++ b/hosts/miniserver/hardware-configuration.nix @@ -4,20 +4,14 @@ powerManagement.cpuFreqGovernor = lib.mkDefault "performance"; hardware = { cpu.intel.updateMicrocode = lib.mkDefault true; - opengl = { + graphics = { enable = true; - driSupport = true; - driSupport32Bit = true; + enable32Bit = true; }; }; boot = { kernelModules = [ "kvm-intel" ]; - kernel.sysctl = { - "vm.swappiness" = 80; - "net.ipv6.conf.all.disable_ipv6" = 0; - "net.ipv6.conf.lo.disable_ipv6" = 0; - "net.ipv6.conf.default.disable_ipv6" = 0; - }; + kernel.sysctl."vm.swappiness" = 80; loader = { efi = { canTouchEfiVariables = true; @@ -51,84 +45,79 @@ kernelModules = [ "kvm-intel" ]; }; }; - fileSystems = { - "/" = { - device = "/dev/mapper/nvme"; - fsType = "btrfs"; - options = [ - "subvol=nix" - "ssd" - "compress=zstd:3" - "x-systemd.device-timeout=0" - "space_cache=v2" - "commit=120" - "datacow" - "noatime" - ]; - }; - "/home" = { - device = "/dev/mapper/nvme"; - fsType = "btrfs"; - options = [ - "subvol=home" - "ssd" - "compress=zstd:3" - "x-systemd.device-timeout=0" - "space_cache=v2" - "commit=120" - "datacow" - ]; - }; - # "/srv/pool" = { - # device = "/dev/disk/by-uuid/1e7cf787-e34d-4e3e-ac3c-0c07309dbd34"; - # fsType = "btrfs"; - # options = [ - # "subvol=@data" - # "compress=zstd:3" - # "space_cache=v2" - # "commit=120" - # "datacow" - # ]; - # }; - "/boot" = { - device = "/dev/disk/by-uuid/bf0aeb95-94cc-4377-b6e4-1dbb4958b334"; - fsType = "ext4"; - }; - "/boot/efi" = { - device = "/dev/disk/by-uuid/0C7B-4D4C"; - fsType = "vfat"; - }; - "/var/lib/nextcloud/data" = { - device = "/srv/pool/nextcloud"; - options = [ "bind" ]; - depends = [ "/srv/pool" ]; - }; - # "/srv/jellyfin/media" = { - # device = "/srv/pool/multimedia/media"; - # options = [ "bind" "ro" ]; - # depends = [ "/srv/pool" ]; - # }; - # NFS - "/export/pool" = { - device = "/srv/pool"; - options = [ "bind" ]; - depends = [ "/srv/pool" ]; - }; - "/export/jawz" = { - device = "/home/jawz"; - options = [ "bind" ]; - depends = [ "/srv/pool" ]; - }; - }; - services.nfs = { - server = { - enable = true; - exports = '' - /export workstation(rw,fsid=0,no_subtree_check) - /export/jawz workstation(rw,nohide,insecure,no_subtree_check) - /export/pool workstation(rw,nohide,insecure,no_subtree_check) - ''; + fileSystems = + let + nfsMount = server: nfsDisk: { + device = "${server}:/${nfsDisk}"; + fsType = "nfs"; + options = [ + "x-systemd.automount" + "noauto" + "x-systemd.idle-timeout=600" + ]; + }; + in + { + "/" = { + device = "/dev/mapper/nvme"; + fsType = "btrfs"; + options = [ + "subvol=nix" + "ssd" + "compress=zstd:3" + "x-systemd.device-timeout=0" + "space_cache=v2" + "commit=120" + "datacow" + "noatime" + ]; + }; + "/home" = { + device = "/dev/mapper/nvme"; + fsType = "btrfs"; + options = [ + "subvol=home" + "ssd" + "compress=zstd:3" + "x-systemd.device-timeout=0" + "space_cache=v2" + "commit=120" + "datacow" + ]; + }; + "/boot" = { + device = "/dev/disk/by-uuid/bf0aeb95-94cc-4377-b6e4-1dbb4958b334"; + fsType = "ext4"; + }; + "/boot/efi" = { + device = "/dev/disk/by-uuid/0C7B-4D4C"; + fsType = "vfat"; + }; + "/var/lib/nextcloud/data" = { + device = "/srv/pool/nextcloud"; + options = [ "bind" ]; + depends = [ "/srv/pool" ]; + }; + "/export/pool" = { + device = "/srv/pool"; + options = [ "bind" ]; + depends = [ "/srv/pool" ]; + }; + "/export/jawz" = { + device = "/home/jawz"; + options = [ "bind" ]; + depends = [ "/srv/pool" ]; + }; + "/srv/server/pool" = nfsMount "server" "pool" // { }; + "/srv/server/jawz" = nfsMount "server" "jawz" // { }; }; + services.nfs.server = { + enable = true; + exports = '' + /export workstation(rw,fsid=0,no_subtree_check) + /export/jawz workstation(rw,nohide,insecure,no_subtree_check) + /export/pool workstation(rw,nohide,insecure,no_subtree_check) + ''; }; swapDevices = [ { diff --git a/hosts/server/hardware-configuration.nix b/hosts/server/hardware-configuration.nix index a061b6e..96457f2 100644 --- a/hosts/server/hardware-configuration.nix +++ b/hosts/server/hardware-configuration.nix @@ -1,18 +1,7 @@ { lib, modulesPath, ... }: { imports = [ (modulesPath + "/installer/scan/not-detected.nix") ]; - hardware = { - nvidia = { - modesetting.enable = true; - powerManagement.enable = true; - }; - cpu.intel.updateMicrocode = lib.mkDefault true; - opengl = { - enable = true; - driSupport = true; - driSupport32Bit = true; - }; - }; + hardware.cpu.intel.updateMicrocode = lib.mkDefault true; boot = { loader = { efi = { @@ -61,12 +50,7 @@ }; }; kernelModules = [ "kvm-intel" ]; - kernel.sysctl = { - "vm.swappiness" = 80; - "net.ipv6.conf.all.disable_ipv6" = 1; - "net.ipv6.conf.lo.disable_ipv6" = 1; - "net.ipv6.conf.default.disable_ipv6" = 1; - }; + kernel.sysctl."vm.swappiness" = 80; extraModulePackages = [ ]; initrd = { availableKernelModules = [ @@ -128,7 +112,6 @@ device = "/dev/disk/by-uuid/CBE7-5DEB"; fsType = "vfat"; }; - # NEXTCCLOUD "/var/lib/nextcloud/data" = { device = "/srv/pool/nextcloud"; options = [ "bind" ]; @@ -142,7 +125,6 @@ ]; depends = [ "/srv/pool" ]; }; - # NFS "/export/pool" = { device = "/srv/pool"; options = [ "bind" ]; @@ -154,15 +136,16 @@ depends = [ "/srv/pool" ]; }; }; - services.nfs = { - server = { - enable = true; - exports = '' - /export workstation(rw,fsid=0,no_subtree_check) - /export/jawz workstation(rw,nohide,insecure,no_subtree_check) - /export/pool workstation(rw,nohide,insecure,no_subtree_check) - ''; - }; + services.nfs.server = { + enable = true; + exports = '' + /export workstation(rw,fsid=0,no_subtree_check) + miniserver(rw,fsid=0,no_subtree_check) + /export/jawz workstation(rw,nohide,insecure,no_subtree_check) + miniserver(rw,nohide,insecure,no_subtree_check) + /export/pool workstation(rw,nohide,insecure,no_subtree_check) + miniserver(rw,nohide,insecure,no_subtree_check) + ''; }; swapDevices = [ { diff --git a/hosts/workstation/configuration.nix b/hosts/workstation/configuration.nix index d3140f4..2230ee5 100644 --- a/hosts/workstation/configuration.nix +++ b/hosts/workstation/configuration.nix @@ -4,7 +4,6 @@ ./hardware-configuration.nix ../../base.nix ../../gnome.nix - ../../pkgs/obs-studio.nix ]; my = { enableContainers = true; @@ -82,7 +81,6 @@ groups.nixremote.gid = 555; users = { jawz.packages = with pkgs; [ - nvidia-podman # why not? i'll probably be dissapointed distrobox # install packages from other os gocryptfs # encrypted filesystem! shhh!!! torrenttools # create torrent files from the terminal! diff --git a/hosts/workstation/hardware-configuration.nix b/hosts/workstation/hardware-configuration.nix index 321ead9..ff82cc6 100644 --- a/hosts/workstation/hardware-configuration.nix +++ b/hosts/workstation/hardware-configuration.nix @@ -2,6 +2,7 @@ config, modulesPath, lib, + pkgs, ... }: { @@ -21,12 +22,9 @@ }; }; boot = { - # kernelPackages = pkgs.linuxPackages_zen; + kernelPackages = pkgs.linuxPackages_zen; kernel.sysctl = { "vm.swappiness" = 80; - "net.ipv6.conf.all.disable_ipv6" = 0; - "net.ipv6.conf.lo.disable_ipv6" = 0; - "net.ipv6.conf.default.disable_ipv6" = 0; "net.ipv4.tcp_mtu_probing" = 1; }; loader = { diff --git a/modules/apps/gaming.nix b/modules/apps/gaming.nix index c24845b..3aedc79 100644 --- a/modules/apps/gaming.nix +++ b/modules/apps/gaming.nix @@ -27,10 +27,9 @@ gamemode # optimizes linux to have better gaming performance heroic # install epic games protonup-qt # update proton-ge - # minecraft # minecraft official launcher ns-usbloader # load games into my switch - grapejuice # roblox manager (callPackage ../../pkgs/polymc/default.nix { }) # minecraft launcher + # minecraft # minecraft official launcher # emulators rpcs3 # ps3 diff --git a/modules/dev/python.nix b/modules/dev/python.nix index 91d7a17..00842fe 100644 --- a/modules/dev/python.nix +++ b/modules/dev/python.nix @@ -11,7 +11,7 @@ environment.variables.PYTHONSTARTUP = "\${XDG_CONFIG_HOME}/python/pythonrc"; users.users.jawz.packages = with pkgs; [ pipenv # python development workflow for humans - nodePackages.pyright # LSP + pyright # LSP (python3.withPackages ( ps: with ps; [ black # Python code formatter diff --git a/modules/servers/mealie.nix b/modules/servers/mealie.nix index 204e95f..999a18a 100644 --- a/modules/servers/mealie.nix +++ b/modules/servers/mealie.nix @@ -4,8 +4,6 @@ let setup = import ./setup.nix { inherit lib config; }; in { - disabledModules = [ "services/web-apps/mealie.nix" ]; - imports = [ ../../pkgs/mealie-service.nix ]; options.my.servers.mealie = setup.mkOptions "mealie" "mealie" 9925; config = { networking.firewall.allowedTCPPorts = lib.mkIf (!cfg.isLocal) [ cfg.port ]; diff --git a/modules/servers/nextcloud.nix b/modules/servers/nextcloud.nix index 19e5c0b..32c999d 100644 --- a/modules/servers/nextcloud.nix +++ b/modules/servers/nextcloud.nix @@ -43,7 +43,7 @@ in mediainfo nodejs perl - (python3.withPackages (ps: with ps; [ tensorflow ])) + (python311.withPackages (ps: with ps; [ tensorflow ])) (perlPackages.buildPerlPackage rec { pname = "Image-ExifTool"; version = "12.70"; @@ -84,7 +84,6 @@ in adminpassFile = config.sops.secrets.nextcloud-adminpass.path; dbtype = "pgsql"; dbhost = config.my.postgresSocket; - dbtableprefix = "oc_"; dbname = "nextcloud"; }; phpOptions = { @@ -134,7 +133,10 @@ in "OC\\Preview\\Movie" ]; }; - # phpExtraExtensions = all: [ all.pdlib all.bz2 ]; + phpExtraExtensions = all: [ + all.pdlib + all.bz2 + ]; }; nginx.virtualHosts = { "${config.services.nextcloud.hostName}" = lib.mkIf cfg.enableProxy { diff --git a/modules/servers/shiori.nix b/modules/servers/shiori.nix index 32508d4..0327c4f 100644 --- a/modules/servers/shiori.nix +++ b/modules/servers/shiori.nix @@ -4,8 +4,6 @@ let setup = import ./setup.nix { inherit lib config; }; in { - disabledModules = [ "services/web-apps/shiori.nix" ]; - imports = [ ../../pkgs/shiori-service.nix ]; options.my.servers.shiori = setup.mkOptions "shiori" "bookmarks" 4368; config = lib.mkIf (config.my.servers.shiori.enable && config.my.servers.postgres.enable) { networking.firewall.allowedTCPPorts = lib.mkIf (!cfg.isLocal) [ cfg.port ]; diff --git a/modules/services/nvidia.nix b/modules/services/nvidia.nix index bd0011b..93a897a 100644 --- a/modules/services/nvidia.nix +++ b/modules/services/nvidia.nix @@ -10,10 +10,9 @@ boot.kernelParams = lib.mkIf (config.networking.hostName == "workstation") [ "nvidia-drm.fbdev=1" ]; services.xserver.videoDrivers = [ "nvidia" ]; hardware = { - opengl = { + graphics = { enable = true; - driSupport = true; - driSupport32Bit = true; + enable32Bit = true; extraPackages = with pkgs; [ nvidia-vaapi-driver vaapiVdpau diff --git a/modules/services/printing.nix b/modules/services/printing.nix index f07c693..a13deb5 100644 --- a/modules/services/printing.nix +++ b/modules/services/printing.nix @@ -13,7 +13,7 @@ in { options.my.services.printing.enable = lib.mkEnableOption "enable"; config = lib.mkIf config.my.services.printing.enable { - users.users.jawz.packages = [ pkgs.gnome.simple-scan ]; + users.users.jawz.packages = [ pkgs.simple-scan ]; services.printing = { enable = true; drivers = printingDrivers; diff --git a/modules/services/sound.nix b/modules/services/sound.nix index 31a0cdb..e98e2d1 100644 --- a/modules/services/sound.nix +++ b/modules/services/sound.nix @@ -10,7 +10,6 @@ config = lib.mkIf config.my.services.sound.enable { hardware.pulseaudio.enable = false; security.rtkit.enable = true; # make pipewire realtime-capable - sound.enable = false; services.pipewire = { enable = true; alsa.enable = true; diff --git a/overlay.nix b/overlay.nix index 96b43cb..8d4fe95 100644 --- a/overlay.nix +++ b/overlay.nix @@ -1,8 +1,4 @@ -{ - pkgs, - pkgsU, - pkgsM, -}: +{ pkgs, pkgsM }: _self: super: { gnome = super.gnome.overrideScope ( _gFinal: gPrev: { @@ -19,7 +15,7 @@ _self: super: { }); } ); - lutris = pkgsU.lutris.override { + lutris = super.lutris.override { extraPkgs = pkgs: with pkgs; [ pango @@ -37,33 +33,6 @@ _self: super: { ]; }; inherit (pkgsM) gallery-dl yt-dlp; - inherit (pkgsU) - planify - gdtoolkit_4 - ns-usbloader - collector - homepage-dashboard - stash - kavita - mealie - shiori - bazarr - sonarr - radarr - prowlarr - jellyfin - jellyfin-ffmpeg - pureref - ; - inherit (pkgsU.gnomeExtensions) - appindicator - reading-strip - tactile - pano - freon - gamemode-indicator-in-system-settings - burn-my-windows - ; handbrake = super.handbrake.override { useGtk = true; }; discord = super.discord.override { withOpenASAR = true; }; ripgrep = super.ripgrep.override { withPCRE2 = true; }; diff --git a/pkgs/mealie-service.nix b/pkgs/mealie-service.nix deleted file mode 100644 index e0e65b6..0000000 --- a/pkgs/mealie-service.nix +++ /dev/null @@ -1,82 +0,0 @@ -{ - config, - lib, - pkgs, - ... -}: -let - cfg = config.services.mealie; - pkg = cfg.package; -in -{ - options.services.mealie = { - enable = lib.mkEnableOption "Mealie, a recipe manager and meal planner"; - - package = lib.mkPackageOption pkgs "mealie" { }; - - listenAddress = lib.mkOption { - type = lib.types.str; - default = "0.0.0.0"; - description = "Address on which the service should listen."; - }; - - port = lib.mkOption { - type = lib.types.port; - default = 9000; - description = "Port on which to serve the Mealie service."; - }; - - settings = lib.mkOption { - type = with lib.types; attrsOf anything; - default = { }; - description = '' - Configuration of the Mealie service. - - See [the mealie documentation](https://nightly.mealie.io/documentation/getting-started/installation/backend-config/) for available options and default values. - ''; - example = { - ALLOW_SIGNUP = "false"; - }; - }; - - credentialsFile = lib.mkOption { - type = with lib.types; nullOr path; - default = null; - example = "/run/secrets/mealie-credentials.env"; - description = '' - File containing credentials used in mealie such as {env}`POSTGRES_PASSWORD` - or sensitive LDAP options. - - Expects the format of an `EnvironmentFile=`, as described by {manpage}`systemd.exec(5)`. - ''; - }; - }; - - config = lib.mkIf cfg.enable { - systemd.services.mealie = { - description = "Mealie, a self hosted recipe manager and meal planner"; - - after = [ "network-online.target" ]; - wants = [ "network-online.target" ]; - wantedBy = [ "multi-user.target" ]; - - environment = { - PRODUCTION = "true"; - API_PORT = toString cfg.port; - BASE_URL = "http://localhost:${toString cfg.port}"; - DATA_DIR = "/var/lib/mealie"; - CRF_MODEL_PATH = "/var/lib/mealie/model.crfmodel"; - } // (builtins.mapAttrs (_: toString) cfg.settings); - - serviceConfig = { - DynamicUser = true; - User = "mealie"; - ExecStartPre = "${pkg}/libexec/init_db"; - ExecStart = "${lib.getExe pkg} -b ${cfg.listenAddress}:${builtins.toString cfg.port}"; - EnvironmentFile = lib.mkIf (cfg.credentialsFile != null) cfg.credentialsFile; - StateDirectory = "mealie"; - StandardOutput = "journal"; - }; - }; - }; -} diff --git a/pkgs/obs-studio.nix b/pkgs/obs-studio.nix deleted file mode 100644 index 6ce6d6e..0000000 --- a/pkgs/obs-studio.nix +++ /dev/null @@ -1,61 +0,0 @@ -{ - pkgs, - lib, - config, - ... -}: - -let - cfg = config.programs.obs-studio; -in -{ - options.programs.obs-studio = { - enable = lib.mkEnableOption (lib.mdDoc "obs-studio"); - - package = lib.mkPackageOption pkgs "obs-studio" { example = "obs-studio"; }; - - finalPackage = lib.mkOption { - type = lib.types.package; - visible = false; - readOnly = true; - description = "Resulting customized OBS Studio package."; - }; - - plugins = lib.mkOption { - default = [ ]; - example = lib.literalExpression "[ pkgs.obs-studio-plugins.wlrobs ]"; - description = "Optional OBS plugins."; - type = lib.types.listOf lib.types.package; - }; - - enableVirtualCamera = lib.mkOption { - type = lib.types.bool; - default = false; - description = '' - Installs and sets up the v4l2loopback kernel module, necessary for OBS - to start a virtual camera. - ''; - }; - }; - - config = lib.mkIf cfg.enable { - programs.obs-studio.finalPackage = pkgs.wrapOBS.override { obs-studio = cfg.package; } { - inherit (cfg) plugins; - }; - - environment.systemPackages = [ cfg.finalPackage ]; - - boot = lib.mkIf cfg.enableVirtualCamera { - kernelModules = [ "v4l2loopback" ]; - extraModulePackages = [ config.boot.kernelPackages.v4l2loopback ]; - - extraModprobeConfig = '' - options v4l2loopback devices=1 video_nr=1 card_label="OBS Cam" exclusive_caps=1 - ''; - }; - - security.polkit.enable = lib.mkIf cfg.enableVirtualCamera true; - }; - - meta.maintainers = with lib.maintainers; [ CaptainJawZ ]; -} diff --git a/pkgs/shiori-service.nix b/pkgs/shiori-service.nix deleted file mode 100644 index 0a37304..0000000 --- a/pkgs/shiori-service.nix +++ /dev/null @@ -1,146 +0,0 @@ -{ - config, - lib, - pkgs, - ... -}: -let - cfg = config.services.shiori; -in -{ - options = { - services.shiori = { - enable = lib.mkEnableOption "Shiori simple bookmarks manager"; - - package = lib.mkPackageOption pkgs "shiori" { }; - - address = lib.mkOption { - type = lib.types.str; - default = ""; - description = '' - The IP address on which Shiori will listen. - If empty, listens on all interfaces. - ''; - }; - - port = lib.mkOption { - type = lib.types.port; - default = 8080; - description = "The port of the Shiori web application"; - }; - - webRoot = lib.mkOption { - type = lib.types.str; - default = "/"; - example = "/shiori"; - description = "The root of the Shiori web application"; - }; - - environmentFile = lib.mkOption { - type = lib.types.null or lib.types.path; - default = null; - example = "/path/to/environmentFile"; - description = '' - Path to file containing environment variables. - Useful for passing down secrets. - - ''; - }; - - databaseUrl = lib.mkOption { - type = lib.types.null or lib.types.str; - default = null; - example = "postgresql:///shiori?host=/run/postgresql"; - description = "The connection URL to connect to MySQL or PostgreSQL"; - }; - }; - }; - - config = lib.mkIf cfg.enable { - systemd.services.shiori = { - description = "Shiori simple bookmarks manager"; - wantedBy = [ "multi-user.target" ]; - after = [ - "postgresql.service" - "mysql.service" - ]; - environment = { - SHIORI_DIR = "/var/lib/shiori"; - } // lib.optionalAttrs (cfg.databaseUrl != null) { SHIORI_DATABASE_URL = cfg.databaseUrl; }; - - serviceConfig = { - ExecStart = "${cfg.package}/bin/shiori server --address '${cfg.address}' --port '${toString cfg.port}' --webroot '${cfg.webRoot}'"; - - DynamicUser = true; - StateDirectory = "shiori"; - # As the RootDirectory - RuntimeDirectory = "shiori"; - - # Security options - EnvironmentFile = lib.optional (cfg.environmentFile != null) cfg.environmentFile; - BindReadOnlyPaths = - [ - "/nix/store" - - # For SSL certificates, and the resolv.conf - "/etc" - ] - ++ lib.optional ( - lib.strings.hasInfix "postgres" cfg.databaseUrl && config.services.postgresql.enable - ) "/run/postgresql" - ++ lib.optional ( - lib.strings.hasInfix "mysql" cfg.databaseUrl && config.services.mysql.enable - ) "/var/run/mysqld"; - - CapabilityBoundingSet = ""; - AmbientCapabilities = "CAP_NET_BIND_SERVICE"; - - DeviceAllow = ""; - - LockPersonality = true; - - MemoryDenyWriteExecute = true; - - PrivateDevices = true; - PrivateUsers = true; - - ProtectClock = true; - ProtectControlGroups = true; - ProtectHome = true; - ProtectHostname = true; - ProtectKernelLogs = true; - ProtectKernelModules = true; - ProtectKernelTunables = true; - - RestrictNamespaces = true; - RestrictAddressFamilies = [ - "AF_INET" - "AF_INET6" - "AF_UNIX" - ]; - RestrictRealtime = true; - RestrictSUIDSGID = true; - - RootDirectory = "/run/shiori"; - - SystemCallArchitectures = "native"; - SystemCallErrorNumber = "EPERM"; - SystemCallFilter = [ - "@system-service" - "~@cpu-emulation" - "~@debug" - "~@keyring" - "~@memlock" - "~@obsolete" - "~@privileged" - "~@setuid" - ]; - }; - }; - }; - - meta.maintainers = with lib.maintainers; [ - minijackson - CaptainJawZ - ]; -} diff --git a/pkgs/stash.nix b/pkgs/stash.nix deleted file mode 100644 index f587c95..0000000 --- a/pkgs/stash.nix +++ /dev/null @@ -1,47 +0,0 @@ -{ - config, - lib, - pkgs, - ... -}: - -let - cfg = config.services.stash; -in -{ - options = { - services.stash = { - enable = lib.mkEnableOption "Stash"; - - package = lib.mkPackageOption pkgs "stash" { }; - - # port = lib.mkOption { - # type = lib.types.port; - # default = 8080; - # description = "The port of the Stash web application"; - # }; - }; - }; - - config = lib.mkIf cfg.enable { - systemd.services.stash = { - description = "Stash"; - wantedBy = [ "multi-user.target" ]; - # environment = { - # STASH_DIR = "/var/lib/stash"; - # } // lib.optionalAttrs (cfg.databaseUrl != null) { - # STASH_DATABASE_URL = cfg.databaseUrl; - # }; - - serviceConfig = { - ExecStart = "${cfg.package}/bin/stash server --address '${cfg.address}' --port '${toString cfg.port}' --webroot '${cfg.webRoot}'"; - - EnvironmentFile = lib.optional (cfg.environmentFile != null) cfg.environmentFile; - - RootDirectory = "/var/lib/stash"; - }; - }; - }; - - meta.maintainers = with lib.maintainers; [ CaptainJawZ ]; -}