jawz/NixOS
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

massive restructure of my org file

Browse Source 
ops

sakljdask
This commit is contained in:
Danilo Reyes 2023-09-02 19:42:21 -06:00
parent e60a8909ea
commit 49280cf576
3 changed files with 353 additions and 346 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.gitignore vendored
View File

@ -1,3 +1,4 @@
/dotfiles/*.Appimage
/scripts/download/.direnv/
/configuration.nix
/scripts/PureRef-1.11.1_x64.Appimage

686
configuration.org
View File

@ -35,25 +35,35 @@ other functions.
them into binaries which then I can integrate into the nix-store as well as
declared systemd units.
* DECLARATION
Here I will declare the dependencies and variables that will be used multiple
times through the config file, such as the current version of NixOS,
repositories and even some scripts that will be reused on systemd
configurations.
** VARIABLES
#+begin_src nix
{ config, pkgs, ... }:
let
VERSION = "23.05";
unstable = import (builtins.fetchTarball "https://github.com/nixos/nixpkgs/tarball/master") {
version = "23.05";
myEmail = "CaptainJawZ@outlook.com";
myName = "Danilo Reyes";
unstable = import
(builtins.fetchTarball "https://github.com/nixos/nixpkgs/tarball/master") {
config = config.nixpkgs.config;
};
nix-gaming = import (builtins.fetchTarball "https://github.com/fufexan/nix-gaming/archive/master.tar.gz");
jawz_nextcloud_scrapsync = pkgs.writeScriptBin
"nextcloud_scrapsync" (builtins.readFile ./scripts/nextcloud_scrapsync.sh);
jawz_manage_library = pkgs.writeScriptBin
"manage_library" (builtins.readFile ./scripts/manage_library.sh);
jawz_tasks = pkgs.writeScriptBin
nixGaming = import
(builtins.fetchTarball "https://github.com/fufexan/nix-gaming/archive/master.tar.gz");
jawzManageLibrary = pkgs.writeScriptBin
"manage-library" (builtins.readFile ./scripts/manage-library.sh);
jawzTasks = pkgs.writeScriptBin
"tasks" (builtins.readFile ./scripts/tasks.sh);
in
{ # Remember to close this bracket at the end of the document
#+end_src
* IMPORTS
** IMPORTS
These are files and modules which get loaded onto the configuration file, in the
future I may segment this file into different modules once it becomes too
cluttered, for example, I may create a module for systemd units.
@ -65,7 +75,7 @@ imports = [
# ./openldap.nix
<home-manager/nixos>
<agenix/modules/age.nix>
"${nix-gaming}/modules/pipewireLowLatency.nix"
"${nixGaming}/modules/pipewireLowLatency.nix"
];
#+end_src
@ -108,9 +118,9 @@ console = {
* GNOME
At the time of writing this file, I require of X11, as the NVIDIA support for
Wayland isn't perfect yet. At the time being, the ability to switch through GDM
from Wayland to XORG, it's pretty handy, but in the future these settings will
require an update.
Wayland is not perfect yet. At the time being, the ability to switch through
GDM from Wayland to XORG, it's pretty handy, but in the future these settings
will require an update.
Sets up GNOME as the default desktop environment, while excluding some
undesirable packages from installing.
@ -166,7 +176,7 @@ security = {
rtkit.enable = true;
acme = {
acceptTerms = true;
defaults.email = "captainjawz@outlook.com";
defaults.email = "${myEmail}";
};
};
services.pipewire = {
@ -183,9 +193,6 @@ services.pipewire = {
#+end_src
* SECURITY
Recently, I've gotten frustrated with OpenDoas, as such I've decided to
temporarily enable Sudo, but in the future, I plan to revert that decision.
** SUDO
Disabled password for commodity, but this is obviously not recommended.
#+begin_src nix
security.sudo = {
@ -194,12 +201,10 @@ security.sudo = {
};
#+end_src
* USER PACKAGES
Being part of the "wheel" group, means that the user has root privileges.
This allows to install non-free packages, and also a toggle for installing
packages from the unstable repository by prepending "unstable" to the package
name.
* NIXPKGS
Allow non-free, sadly is a requirement for some of my drivers, besides that,
here is a good place to declare some package overrides as well as permit unsafe
packages.
#+begin_src nix
nixpkgs.config = {
@ -209,22 +214,15 @@ nixpkgs.config = {
};
permittedInsecurePackages = [
"nodejs-14.21.3"
"openssl-1.1.1u"
"openssl-1.1.1v"
];
};
#+end_src
This section of the document categorizes and organizes all he packages that I
want installed, attempting to group them as dependencies of others when
necessary.
It has come to my attention, that using home-manager to manage packages, isn't a
recommended thing, while in theory there should be no errors with it, being a
downstream package there is no warranty that an upstream change will break
things with a new upgrade, breaking thus, the declarative nature of NixOs, for
that purpose, I have decided to keep home-manager as a module, with the
intention of reduce the number of dotfiles, however I will keep it exclusively
as a dotfile and service manager.
* SYSTEM USERS
This may be a terrible idea, but because I need some of my service applications
to be part of specific groups so they have the required permissions to accesss
some files, I'm using a declarative approach to set some of them up.
#+begin_src nix
users.groups = {
@ -245,25 +243,42 @@ users.users = {
packages = (with pkgs; [
nodejs_14
perl
# unstable.exiftool
( perlPackages.buildPerlPackage rec {
pname = "Image-ExifTool";
version = "12.60";
src = fetchurl {
url = "https://exiftool.org/Image-ExifTool-${version}.tar.gz";
hash = "sha256-c9vgbQBMMQgqVueNfyRvK7AAL7sYNUR7wyorB289Mq0=";
};
})
(perlPackages.buildPerlPackage rec {
pname = "Image-ExifTool";
version = "12.60";
src = fetchurl {
url = "https://exiftool.org/Image-ExifTool-${version}.tar.gz";
hash = "sha256-c9vgbQBMMQgqVueNfyRvK7AAL7sYNUR7wyorB289Mq0=";
};
})
]);
};
jawz = {
isNormalUser = true;
extraGroups = [ "wheel" "networkmanager" "docker" "scanner" "lp" "piracy" "kavita" ];
initialPassword = "password";
openssh = {
#+end_src
* NORMAL USERS
Being part of the "wheel" group, means that the user has root privileges.
#+begin_src nix
jawz = {
isNormalUser = true;
extraGroups = [ "wheel" "networkmanager" "docker"
"scanner" "lp" "piracy" "kavita"
"render" "video"
];
initialPassword = "password";
openssh = {
authorizedKeys.keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIB5GaQM4N+yGAByibOFQOBVMV/6TjOfaGIP+NunMiK76 gpodeacero\cdreyes@100CDREYES" ];
};
packages = (with pkgs; [
#+end_src
This section of the document categorizes and organizes all he packages that I
want installed, attempting to group them as dependencies of others when
necessary.
* USER PACKAGES
Begin the block to install user packages.
#+begin_src nix
packages = (with pkgs; [
#+end_src
** GUI PACKAGES
@ -295,17 +310,16 @@ anticipated, most everything seems to run seamlessly.
#+begin_src nix
lutris
heroic
wine64Packages.full
wineWowPackages.full
vulkan-tools
# nix-gaming.packages.${pkgs.hostPlatform.system}.wine-tkg
wine64Packages.stable
wineWowPackages.stable
winetricks
# nix-gaming.packages.${pkgs.hostPlatform.system}.wine-discord-ipc-bridge
vulkan-tools
# nixGaming.packages.${pkgs.hostPlatform.system}.wine-tkg
# nixGaming.packages.${pkgs.hostPlatform.system}.wine-discord-ipc-bridge
# grapejuice # roblox manager
minecraft # minecraft official launcher
parsec-bin # remote gaming with friends
protonup-qt # update proton-ge
renpy
#+end_src
*** PRODUCTIVITY
@ -313,7 +327,7 @@ This is the section where the apps that help me be productive come, a lot of
this are not used as often as I wish…
#+begin_src nix
libreoffice-fresh # office, but based
unstable.libreoffice-fresh # office, but based
calibre # ugly af eBook library manager
foliate # gtk eBook reader
newsflash # feed reader, syncs with nextcloud
@ -329,7 +343,7 @@ if just for a try and play a little.
#+begin_src nix
# sequeler # friendly SQL client
blanket # background noise
czkawka # duplicate finder
# czkawka # duplicate finder
pika-backup # backups
# tilix # used to be my favourite terminal, but it's so outdated, that each time I use it less and less…
gnome-obfuscate # censor private information
@ -342,7 +356,7 @@ libgda # for pano shell extension
*** MULTIMEDIA
Overwhelmingly player applications, used for videos and music, while most of my
consumption has moved towards Danilo-flix, it's still worth the install of most
consumption has moved towards jellyfin, it's still worth the install of most
of these, for now.
#+begin_src nix
@ -366,12 +380,11 @@ Stuff that I use to interact with the web, web browsers, chats, download
managers, etc.
#+begin_src nix
firefox # web browser that allows to disable spyware
tor-browser-bundle-bin # dark web, so dark!
ungoogled-chromium # web browser with spyware included
discord # chat
telegram-desktop # furry chat
google-chrome # web browser with spyware included
firefox # web browser that allows to disable spyware
# librewolf # no spyware web browser
tor-browser-bundle-bin # dark web, so dark!
# hugo # website engine
nicotine-plus # remember Ares?
warp # never used, but supposedly cool for sharing files
@ -395,15 +408,19 @@ vcsi # video thumbnails for torrents, can I replace it with ^?
tree-sitter # code parsing, required by Doom emacs
torrenttools # create torrent files from the terminal!
lm_sensors # for extension, displays cpu temp
#+end_src
# My own scripts
jawz_manage_library
jawz_tasks
** MY SCRIPTS
Here I compile my own scripts into binaries
#+begin_src nix
jawzManageLibrary
jawzTasks
(writeScriptBin "ffmpeg4discord" (builtins.readFile ./scripts/ffmpeg4discord.py))
(writeScriptBin "ffmpreg" (builtins.readFile ./scripts/ffmpreg.sh))
(writeScriptBin "chat-dl" (builtins.readFile ./scripts/chat-dl.sh))
(writeScriptBin "split_dir" (builtins.readFile ./scripts/split_dir.sh))
(writeScriptBin "pika_list" (builtins.readFile ./scripts/pika_list.sh))
(writeScriptBin "split-dir" (builtins.readFile ./scripts/split-dir.sh))
(writeScriptBin "pika-list" (builtins.readFile ./scripts/pika-list.sh))
(writeScriptBin "run" (builtins.readFile ./scripts/run.sh))
#+end_src
@ -429,8 +446,6 @@ bats # testing system, required by Exercism
bashdb # autocomplete
shellcheck # linting
shfmt # a shell parser and formatter
file # required by my tasks script?
xclip # manipulate clipboard from scripts
# NIX
nixfmt # linting
@ -438,8 +453,8 @@ cachix # why spend time compiling?
# PYTHON.
python3 # base language
pipenv # python development workflow for humans
poetry # dependency management made easy
# pipenv # python development workflow for humans
# poetry # dependency management made easy
# C# & Rust
# omnisharp-roslyn # c# linter and code formatter
@ -573,19 +588,6 @@ symbola
]); }; }; # <--- end of package list
#+end_src
* MISC SETTINGS
** ENABLE FONTCONFIG
If enabled, a Fontconfig configuration file will point to a set of default
fonts. If you don't care about running X11 applications or any other program
that uses Fontconfig, you can turn this option off and prevent a dependency on
all those fonts.
=tip= once that Wayland is ready for deployment, I probably can remove this
setting.
#+begin_src nix
fonts.fontconfig.enable = true;
#+end_src
* HOME-MANAGER
** HOME-MANAGER SETTINGS
These make it so packages install to '/etc' rather than the user home directory,
@ -594,14 +596,8 @@ also allow for upgrades when rebuilding the system.
#+begin_src nix
home-manager.useUserPackages = true;
home-manager.useGlobalPkgs = true;
#+end_src
** PACKAGES
#+begin_src nix
home-manager.users.jawz = { config, pkgs, ... }:{
home.stateVersion = VERSION;
home.packages = with pkgs; [ ];
home.stateVersion = "${version}";
#+end_src
** DOTFILES
@ -613,11 +609,11 @@ programs.bash = {
historyFile = "\${XDG_STATE_HOME}/bash/history";
historyControl = [ "erasedups" ];
shellAliases = {
ls = "exa --icons --group-directories-first --no-permissions --no-user --no-time";
ls = "exa --icons --group-directories-first";
edit = "emacsclient -t";
comic = "download -u jawz -i $(cat $LC | fzf --multi --exact -i)";
gallery = "download -u jawz -i $(cat $LW | fzf --multi --exact -i)";
open_gallery = "cd /mnt/disk2/scrapping/JawZ/gallery-dl && xdg-open $(fd . ./ Husbands -tdirectory -d 1 | fzf -i)";
comic = "download -u jawz -i \"$(cat $LC | fzf --multi --exact -i)\"";
gallery = "download -u jawz -i \"$(cat $LW | fzf --multi --exact -i)\"";
open_gallery = "cd /mnt/disk2/scrapping/JawZ/gallery-dl && xdg-open $(fd . ./ Husbands -tdirectory -d 1 | fzf -i)\"";
unique_extensions = "fd -tf | rev | cut -d. -f1 | rev | tr '[:upper:]' '[:lower:]' | sort | uniq --count | sort -rn";
cp = "cp -i";
mv = "mv -i";
@ -641,9 +637,9 @@ programs.bash = {
#+end_src
#+begin_src bash
/home/jawz/.local/bin/pokemon-colorscripts -r --no-title
$HOME/.local/bin/pokemon-colorscripts -r --no-title
# Lists
list_root=${config.home.homeDirectory}/.config/jawz/lists/jawz
list_root="${config.home.homeDirectory}"/.config/jawz/lists/jawz
export LW=$list_root/watch.txt
export LI=$list_root/instant.txt
export LC=$list_root/comic.txt
@ -686,8 +682,8 @@ programs = {
};
git = {
enable = true;
userName = "Danilo Reyes";
userEmail = "CaptainJawZ@outlook.com";
userName = "${myName}";
userEmail = "${myEmail}";
};
htop = {
enable = true;
@ -767,7 +763,6 @@ environment.variables = rec {
XDG_STATE_HOME = "\${HOME}/.local/state";
# DEV PATH
CABAL_CONFIG = "\${XDG_CONFIG_HOME}/cabal/config";
CABAL_DIR = "\${XDG_CACHE_HOME}/cabal";
CARGO_HOME = "\${XDG_DATA_HOME}/cargo";
GEM_HOME = "\${XDG_DATA_HOME}/ruby/gems";
@ -776,9 +771,12 @@ environment.variables = rec {
GOPATH = "\${XDG_DATA_HOME}/go";
NPM_CONFIG_USERCONFIG = "\${XDG_CONFIG_HOME}/npm/npmrc";
PNPM_HOME = "\${XDG_DATA_HOME}/pnpm";
PSQL_HISTORY="\${XDG_DATA_HOME}/psql_history";
REDISCLI_HISTFILE="\${XDG_DATA_HOME}/redis/rediscli_history";
WINEPREFIX="\${XDG_DATA_HOME}/wine";
# OPTIONS
# HISTFILE = "\${XDG_STATE_HOME}/bash/history";
HISTFILE = "\${XDG_STATE_HOME}/bash/history";
LESSHISTFILE = "-";
GHCUP_USE_XDG_DIRS = "true";
RIPGREP_CONFIG_PATH = "\${XDG_CONFIG_HOME}/ripgrep/ripgreprc";
@ -811,7 +809,7 @@ environment.variables = rec {
#+end_src
* DOCKER
Virtualization settings for Docker. NixOS offers an option to declaratively run
Virtualisation settings for Docker. NixOS offers an option to declaratively run
docker-compose images using [[https://nixos.wiki/wiki/Docker][Arion]]. Could be an interesting thing to try out.
#+begin_src nix
@ -866,7 +864,7 @@ snapraid = {
};
#+end_src
* SYSTEM PROGRAMS & SERVICES
* SYSTEM PROGRAMS
Some programs get enabled and installed through here, as well as the activation
of some services.
@ -903,94 +901,25 @@ programs = {
};
};
};
#+end_src
* SERVICES
** MISC
Miscellaneous services, most of which are managed by systemd.
#+begin_src nix
services = {
prowlarr.enable = true;
# vaultwarden.enable = true;
kavita = {
enable = true;
tokenKeyFile = "${pkgs.writeText "kavitaToken" "A\u002BRkRxBjlQrmWSuXWTGUcpXZjzMo2nJ0Z4g4OZ1S4c2zp6oaesGUXzKp2mhvOwjj\u002BNoURG3CRIE2qnGybvOgAlDxAZCPBzSNRcx6RJ1lFRgvI8wQR6Nd5ivYX0RMo4S8yOH8XIDhzN6vNo31rCjyv2IycX0JqiJPIovfbvXn9Y="}";
};
sonarr = {
enable = true;
group = "piracy";
};
radarr = {
enable = true;
package = unstable.pkgs.radarr;
group = "piracy";
};
bazarr = {
enable = true;
group = "piracy";
};
jellyfin = {
enable = true;
group = "piracy";
};
minidlna = {
enable = true;
openFirewall = true;
settings.media_dir = [
"/mnt/disk2/glue"
];
};
nextcloud = {
enable = true;
https = true;
package = pkgs.nextcloud26;
appstoreEnable = true;
configureRedis = true;
maxUploadSize = "512M";
extraAppsEnable = true;
enableImagemagick = true;
hostName = "cloud.servidos.lat";
config = {
adminpassFile = "${pkgs.writeText "adminpass" "Overlying-Hatchback-Charting-Encounter-Deface-Gallantly7"}";
overwriteProtocol = "https";
defaultPhoneRegion = "MX";
dbtype = "pgsql";
dbuser = "nextcloud";
dbpassFile = "${pkgs.writeText "dbpass" "sopacerias"}";
dbtableprefix = "oc_";
dbname = "nextcloud";
trustedProxies = [ "nginx" ];
extraTrustedDomains = [ "cloud.rotehaare.art" "danilo-reyes.com" ];
};
phpOptions = {
catch_workers_output = "yes";
display_errors = "stderr";
error_reporting = "E_ALL & ~E_DEPRECATED & ~E_STRICT";
expose_php = "Off";
"opcache.enable_cli" = "1";
"opcache.fast_shutdown" = "1";
"opcache.interned_strings_buffer" = "16";
"opcache.jit" = "1255";
"opcache.jit_buffer_size" = "128M";
"opcache.max_accelerated_files" = "10000";
"opcache.memory_consumption" = "128";
"opcache.revalidate_freq" = "1";
"opcache.save_comments" = "1";
"opcache.validate_timestamps" = "0";
"openssl.cafile" = "/etc/ssl/certs/ca-certificates.crt";
short_open_tag = "Off";
};
extraOptions = {
mail_smtpmode = "sendmail";
mail_sendmailmode = "pipe";
"installed" = true;
"memories.exiftool" = "/etc/profiles/per-user/nextcloud/bin/exiftool";
enabledPreviewProviders = [
"OC\\Preview\\Image"
"OC\\Preview\\HEIC"
"OC\\Preview\\TIFF"
"OC\\Preview\\MKV"
"OC\\Preview\\MP4"
"OC\\Preview\\AVI"
"OC\\Preview\\Movie"
settings = {
inotify = "yes";
media_dir = [
"/mnt/disk2/glue"
];
};
phpExtraExtensions = all: [ all.pdlib all.bz2 ];
};
postgresql = {
enable = true;
@ -1056,6 +985,98 @@ services = {
defaultEditor = true;
package = pkgs.emacs;
};
#+end_src
** PIRACY
All the fun stuff happens here >:).
#+begin_src nix
prowlarr.enable = true;
kavita = {
enable = true;
tokenKeyFile = "${pkgs.writeText "kavitaToken" "A\u002BRkRxBjlQrmWSuXWTGUcpXZjzMo2nJ0Z4g4OZ1S4c2zp6oaesGUXzKp2mhvOwjj\u002BNoURG3CRIE2qnGybvOgAlDxAZCPBzSNRcx6RJ1lFRgvI8wQR6Nd5ivYX0RMo4S8yOH8XIDhzN6vNo31rCjyv2IycX0JqiJPIovfbvXn9Y="}";
};
sonarr = {
enable = true;
group = "piracy";
};
radarr = {
enable = true;
package = unstable.pkgs.radarr;
group = "piracy";
};
bazarr = {
enable = true;
group = "piracy";
};
jellyfin = {
enable = true;
group = "piracy";
};
#+end_src
** NEXTCLOUD
This configuration may not 100% work on a fresh installation, as some of the
settings declared take into account pre-existing configurations and apps.
#+begin_src nix
nextcloud = {
enable = true;
https = true;
package = pkgs.nextcloud27;
appstoreEnable = true;
configureRedis = true;
maxUploadSize = "512M";
extraAppsEnable = true;
enableImagemagick = true;
hostName = "cloud.servidos.lat";
config = {
adminpassFile = "${pkgs.writeText "adminpass" "Overlying-Hatchback-Charting-Encounter-Deface-Gallantly7"}";
overwriteProtocol = "https";
defaultPhoneRegion = "MX";
dbtype = "pgsql";
dbuser = "nextcloud";
dbpassFile = "${pkgs.writeText "dbpass" "sopacerias"}";
dbtableprefix = "oc_";
dbname = "nextcloud";
trustedProxies = [ "nginx" ];
extraTrustedDomains = [ "cloud.rotehaare.art" "danilo-reyes.com" ];
};
phpOptions = {
catch_workers_output = "yes";
display_errors = "stderr";
error_reporting = "E_ALL & ~E_DEPRECATED & ~E_STRICT";
expose_php = "Off";
"opcache.enable_cli" = "1";
"opcache.fast_shutdown" = "1";
"opcache.interned_strings_buffer" = "16";
"opcache.jit" = "1255";
"opcache.jit_buffer_size" = "128M";
"opcache.max_accelerated_files" = "10000";
"opcache.memory_consumption" = "128";
"opcache.revalidate_freq" = "1";
"opcache.save_comments" = "1";
"opcache.validate_timestamps" = "0";
"openssl.cafile" = "/etc/ssl/certs/ca-certificates.crt";
short_open_tag = "Off";
};
extraOptions = {
mail_smtpmode = "sendmail";
mail_sendmailmode = "pipe";
"installed" = true;
"memories.exiftool" = "/etc/profiles/per-user/nextcloud/bin/exiftool";
enabledPreviewProviders = [
"OC\\Preview\\Image"
"OC\\Preview\\HEIC"
"OC\\Preview\\TIFF"
"OC\\Preview\\MKV"
"OC\\Preview\\MP4"
"OC\\Preview\\AVI"
"OC\\Preview\\Movie"
];
};
phpExtraExtensions = all: [ all.pdlib all.bz2 ];
};
};
#+end_src
@ -1064,156 +1085,136 @@ Home-manager, is not as flushed out when it comes to creating systemd units, so
the best way to define them for now, is using nix.
#+begin_src nix
systemd.services = {
# "docker-compose" = {
# enable = true;
# restartIfChanged = true;
# description = "Start docker-compose servers";
# after = [ "docker.service" "docker.socket" ];
# requires = [ "docker.service" "docker.socket" ];
# wantedBy = [ "default.target" ];
# environment = {
# FILE = "/home/jawz/Development/Docker/docker-compose.yml";
# };
# path = [
# pkgs.docker-compose
# ];
# serviceConfig = {
# Restart = "on-failure";
# RestartSec = 30;
# ExecStart = "${pkgs.docker-compose}/bin/docker-compose -f \${FILE} up --remove-orphans";
# ExecStop = "${pkgs.docker-compose}/bin/docker-compose -f \${FILE} down";
# };
# };
# "nextcloud_scrapsync" = {
# description = "Sync scrapped files with nextcloud";
# wantedBy = [ "default.target" ];
# path = [
# pkgs.bash
# jawz_nextcloud_scrapsync
# ];
# serviceConfig = {
# RestartSec = 30;
# ExecStart = "${jawz_nextcloud_scrapsync}/bin/nextcloud_scrapsync";
# };
# };
# "nextcloud_previews" = {
# description = "Generate previews";
# wantedBy = [ "default.target" ];
# path = [
# pkgs.nextcloud26
# ];
# serviceConfig = {
# RestartSec = 30;
# ExecStart = "${pkgs.nextcloud26}/occ preview:pre-generate";
# };
# };
};
systemd.timers = {
# "nextcloud_scrapsync" = {
# enable = true;
# description = "Sync scrapped files with nextcloud";
# wantedBy = [ "timers.target" ];
# timerConfig = {
# OnCalendar= [
# "*-*-* 01:32:00"
# "*-*-* 08:32:00"
# "*-*-* 14:32:00"
# "*-*-* 20:32:00"
# ];
# RandomizedDelaySec = 30;
# Persistent = true;
# };
# };
# "nextcloud_previews" = {
# enable = true;
# description = "Generate previews";
# wantedBy = [ "timers.target" ];
# timerConfig = {
# OnCalendar = "*:0/10";
# };
# };
};
systemd.user.services = {
"HentaiAtHome" = {
enable = true;
restartIfChanged = true;
description = "Run hentai@home server";
wantedBy = [ "default.target" ];
path = [
pkgs.HentaiAtHome
];
serviceConfig = {
Restart = "on-failure";
RestartSec = 30;
WorkingDirectory="/mnt/hnbox";
ExecStart = "${pkgs.HentaiAtHome}/bin/HentaiAtHome";
systemd = {
services = {
"docker-compose" = {
enable = true;
restartIfChanged = true;
description = "Start docker-compose servers";
after = [ "docker.service" "docker.socket" ];
requires = [ "docker.service" "docker.socket" ];
wantedBy = [ "default.target" ];
environment = {
FILE = "/home/jawz/Development/Docker/docker-compose.yml";
};
path = [
pkgs.docker-compose
];
serviceConfig = {
Restart = "on-failure";
RestartSec = 30;
ExecStart = "${pkgs.docker-compose}/bin/docker-compose -f \${FILE} up --remove-orphans";
ExecStop = "${pkgs.docker-compose}/bin/docker-compose -f \${FILE} down";
};
};
"nextcloud-cronjob" = let jawzNextcloudCronjob = pkgs.writeScriptBin
"nextcloud-cronjob" (builtins.readFile ./scripts/nextcloud-cronjob.sh); in {
description = "Runs various nextcloud-related cronjobs";
wantedBy = [ "default.target" ];
path = [
pkgs.bash
jawzNextcloudCronjob
];
serviceConfig = {
Restart = "on-failure";
RestartSec = 30;
ExecStart = "${jawzNextcloudCronjob}/bin/nextcloud-cronjob";
};
};
};
timers = {
"nextcloud-cronjob" = {
enable = true;
description = "Runs various nextcloud-related cronjobs";
wantedBy = [ "timers.target" ];
timerConfig = {
OnCalendar = "*:0/10";
};
};
};
"manage_library" = {
enable = true;
restartIfChanged = true;
description = "Run the manage library bash script";
wantedBy = [ "default.target" ];
path = [
pkgs.bash
pkgs.nix
jawz_manage_library
];
serviceConfig = {
Restart = "on-failure";
RestartSec = 30;
ExecStart = "${jawz_manage_library}/bin/manage_library";
user = {
services = {
"HentaiAtHome" = {
enable = true;
restartIfChanged = true;
description = "Run hentai@home server";
wantedBy = [ "default.target" ];
path = [
pkgs.HentaiAtHome
];
serviceConfig = {
Restart = "on-failure";
RestartSec = 30;
WorkingDirectory="/mnt/hnbox";
ExecStart = "${pkgs.HentaiAtHome}/bin/HentaiAtHome";
};
};
"manage-library" = {
enable = true;
restartIfChanged = true;
description = "Run the manage library bash script";
wantedBy = [ "default.target" ];
path = [
pkgs.bash
pkgs.nix
jawzManageLibrary
];
serviceConfig = {
Restart = "on-failure";
RestartSec = 30;
ExecStart = "${jawzManageLibrary}/bin/manage-library";
};
};
"tasks" = {
restartIfChanged = true;
description = "Run a tasks script which keeps a lot of things organized";
wantedBy = [ "default.target" ];
path = [
pkgs.bash
pkgs.nix
jawzTasks
];
serviceConfig = {
Restart = "on-failure";
RestartSec = 30;
ExecStart = "${jawzTasks}/bin/tasks";
};
};
"update-dns" = let jawzUpdateDns = pkgs.writeScriptBin
"update-dns" (builtins.readFile ./scripts/update-dns.sh); in {
restartIfChanged = true;
description = "update DNS of my websites";
wantedBy = [ "default.target" ];
path = [
pkgs.curl
pkgs.bash
jawzUpdateDns
];
serviceConfig = {
Restart = "on-failure";
RestartSec = 30;
ExecStart = "${jawzUpdateDns}/bin/update-dns";
};
};
};
};
"tasks" = {
restartIfChanged = true;
description = "Run a tasks script which keeps a lot of things organized";
wantedBy = [ "default.target" ];
path = [
pkgs.bash
pkgs.nix
jawz_tasks
];
serviceConfig = {
Restart = "on-failure";
RestartSec = 30;
ExecStart = "${jawz_tasks}/bin/tasks";
};
};
"update_dns" = let jawz_update_dns = pkgs.writeScriptBin
"update_dns" (builtins.readFile ./scripts/update_dns.sh); in {
restartIfChanged = true;
description = "update DNS of my websites";
wantedBy = [ "default.target" ];
path = [
pkgs.curl
pkgs.bash
jawz_update_dns
];
serviceConfig = {
Restart = "on-failure";
RestartSec = 30;
ExecStart = "${jawz_update_dns}/bin/update_dns";
};
};
};
systemd.user.timers = {
"tasks" = {
enable = true;
description = "Run a tasks script which keeps a lot of things organized";
wantedBy = [ "timers.target" ];
timerConfig = {
OnCalendar = "*:0/10";
};
};
"update_dns" = {
enable = true;
description = "update DNS of my websites";
wantedBy = [ "timers.target" ];
timerConfig = {
OnBootSec = "1min";
OnUnitActiveSec = "6h";
timers = {
"tasks" = {
enable = true;
description = "Run a tasks script which keeps a lot of things organized";
wantedBy = [ "timers.target" ];
timerConfig = {
OnCalendar = "*:0/10";
};
};
"update_dns" = {
enable = true;
description = "update DNS of my websites";
wantedBy = [ "timers.target" ];
timerConfig = {
OnBootSec = "1min";
OnUnitActiveSec = "6h";
};
};
};
};
};
@ -1246,6 +1247,19 @@ networking = {
# networking.firewall.enable = false;
#+end_src
* MISC SETTINGS
** ENABLE FONTCONFIG
If enabled, a Fontconfig configuration file will point to a set of default
fonts. If you don't care about running X11 applications or any other program
that uses Fontconfig, you can turn this option off and prevent a dependency on
all those fonts.
=tip= once that Wayland is ready for deployment, I probably can remove this
setting.
#+begin_src nix
fonts.fontconfig.enable = true;
#+end_src
* FINAL SYSTEM CONFIGURATIONS
The first setting creates a copy the NixOS configuration file and link it from
the resulting system (/run/current-system/configuration.nix). This is useful in
@ -1263,7 +1277,7 @@ everything from scratch.
#+begin_src nix
system = {
copySystemConfiguration = true;
stateVersion = VERSION;
stateVersion = "${version}";
};
nix = {
settings = {
@ -1285,11 +1299,7 @@ nix = {
dates = "weekly";
};
};
#+end_src
** CLOSING :D
That super pesky closing bracket.
#+begin_src nix
}
#+end_src
# LocalWords: useXkbConfig Wayland XORG NIXPKGS

12
hardware-configuration.nix
View File

@ -4,9 +4,10 @@
{ config, lib, pkgs, modulesPath, ... }:
let
unstable_tarball =
builtins.fetchTarball "https://github.com/nixos/nixpkgs/tarball/master";
unstable = import unstable_tarball { config = config.nixpkgs.config; };
unstable = import
(builtins.fetchTarball "https://github.com/nixos/nixpkgs/tarball/master") {
config = config.nixpkgs.config;
};
in {
imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
boot = {
@ -165,13 +166,11 @@ in {
};
cpu.intel.updateMicrocode = lib.mkDefault true;
bluetooth.enable = true;
# huion driver
# opentabletdriver = {
# enable = true;
# package = unstable.opentabletdriver;
# daemon.enable = false;
# };
# nvidia driver
nvidia.modesetting.enable = true;
opengl = {
enable = true;
@ -186,7 +185,4 @@ in {
];
};
};
# hardware.cpu.intel.updateMicrocode =
# lib.mkDefault config.hardware.enableRedistributableFirmware;
}