same as the previous but for workstation

workstation/configuration.org

@@ -54,8 +54,6 @@ let
     (builtins.fetchTarball "https://github.com/nixos/nixpkgs/tarball/master") {
     config = config.nixpkgs.config;
   };
-  nixGaming = import
-    (builtins.fetchTarball "https://github.com/fufexan/nix-gaming/archive/master.tar.gz");
   jawzManageLibrary = pkgs.writeScriptBin
     "manage-library" (builtins.readFile ./scripts/manage-library.sh);
   jawzTasks = pkgs.writeScriptBin
@@ -76,7 +74,6 @@ imports = [
   # ./openldap.nix
   # <agenix/modules/age.nix>
   (import "${home-manager}/nixos")
-  nixGaming.nixosModules.pipewireLowLatency
 ];
 #+end_src
 
@@ -93,6 +90,28 @@ Pick *ONLY ONE* of the below networking options.
 networking = {
   hostName = "workstation";
   networkmanager.enable = true;
+  extraHosts = ''
+               192.168.1.64 battlestation
+               '';
+  firewall = let
+    open_firewall_ports = [
+      6969 # HentaiAtHome
+      25152 # ssh
+      51413 # torrent sedding
+      9091 # qbittorrent
+      2049 # nfs
+    ];
+    open_firewall_port_ranges = [
+      { from = 1714;  to = 1764; } # kdeconnect
+    ];
+    in
+    {
+    enable = true;
+    allowedTCPPorts = open_firewall_ports;
+    allowedUDPPorts = open_firewall_ports;
+    allowedTCPPortRanges = open_firewall_port_ranges;
+    allowedUDPPortRanges = open_firewall_port_ranges;
+  };
 };
 #+end_src
 
@@ -130,38 +149,12 @@ undesirable packages from installing.
 services = {
   xserver = {
     enable = true;
-    displayManager.gdm.enable = true;
-    desktopManager.gnome.enable = true;
+    # displayManager.gdm.enable = true;
+    # desktopManager.gnome.enable = true;
     layout = "us";
     libinput.enable = true; # Wacom required?
   };
 };
-
-environment.gnome.excludePackages = (with pkgs; [
-  gnome-photos
-  gnome-tour
-  gnome-text-editor
-  gnome-connections
-  # gnome-shell-extensions
-  baobab
-])
-++ (with pkgs.gnome; [
-  # totem
-  gedit
-  gnome-music
-  epiphany
-  gnome-characters
-  yelp
-  gnome-font-viewer
-  cheese
-]);
-
-# Sets up QT to use adwaita themes.
-qt = {
-  enable = true;
-  platformTheme = "gnome";
-  style = "adwaita";
-};
 #+end_src
 
 * SOUND
@@ -172,17 +165,17 @@ latency will require expanding these settings.
 #+begin_src nix
 hardware.pulseaudio.enable = false;
 sound.enable = false;
-services.pipewire = {
-  enable = true;
-  alsa.enable = true;
-  alsa.support32Bit = true;
-  pulse.enable = true;
-  lowLatency = {
-    enable = true;
-    quantum = 64;
-    rate = 48000;
-  };
-};
+# services.pipewire = {
+#   enable = true;
+#   alsa.enable = true;
+#   alsa.support32Bit = true;
+#   pulse.enable = true;
+#   lowLatency = {
+#     enable = true;
+#     quantum = 64;
+#     rate = 48000;
+#   };
+# };
 #+end_src
 
 * SECURITY
@@ -240,114 +233,6 @@ Begin the block to install user packages.
 packages = (with pkgs; [
 #+end_src
 
-** GUI PACKAGES
-All of my GUI applications categorized to make it easier to identify what each
-application does, and the justification for is existence on my system.
-
-*** ART AND DEVELOPMENT
-Art and development applications are together, as a game-developer one of my
-goals is to create a workflow between this ecosystem of applications.
-
-#+begin_src nix
-blender # cgi animation and sculpting
-godot # game development
-gdtoolkit # gdscript language server
-krita # art to your heart desire!
-# drawpile # arty party with friends!!
-mypaint # not the best art program
-mypaint-brushes # but it's got some
-mypaint-brushes1 # nice damn brushes
-pureref # create inspiration/reference boards
-gimp # the coolest bestest art program to never exist
-#+end_src
-
-*** GAMING
-So far gaming has been a lot less painful than I could have originally
-anticipated, most everything seems to run seamlessly.
-=note= Roblox uninstalled as there is ongoing drama regarding linux users.
-
-#+begin_src nix
-lutris
-heroic
-wine64Packages.stable
-wineWowPackages.stable
-winetricks
-vulkan-tools
-# nixGaming.packages.${pkgs.hostPlatform.system}.wine-tkg
-# nixGaming.packages.${pkgs.hostPlatform.system}.wine-discord-ipc-bridge
-# grapejuice # roblox manager
-minecraft # minecraft official launcher
-parsec-bin # remote gaming with friends
-protonup-qt # update proton-ge
-#+end_src
-
-*** PRODUCTIVITY
-This is the section where the apps that help me be productive come, a lot of
-this are not used as often as I wish…
-
-#+begin_src nix
-libreoffice-fresh # office, but based
-calibre # ugly af eBook library manager
-foliate # gtk eBook reader
-newsflash # feed reader, syncs with nextcloud
-wike # gtk wikipedia wow!
-unstable.furtherance # I made this one tehee track time utility
-gnome.simple-scan # scanner
-#+end_src
-
-*** MISC
-Most of these apps, are part of the gnome circle, and I decide to install them
-if just for a try and play a little.
-
-#+begin_src nix
-# sequeler # friendly SQL client
-blanket # background noise
-# czkawka # duplicate finder
-pika-backup # backups
-gnome-obfuscate # censor private information
-metadata-cleaner # remove any metadata and geolocation from files
-gnome-recipes # migrate these to mealie and delete
-denaro # manage your finances
-# celeste # sync tool for any cloud provider
-libgda # for pano shell extension
-#+end_src
-
-*** MULTIMEDIA
-Overwhelmingly player applications, used for videos and music, while most of my
-consumption has moved towards jellyfin, it's still worth the install of most
-of these, for now.
-
-#+begin_src nix
-celluloid # video player
-cozy # audiobooks player
-gnome-podcasts # podcast player
-handbrake # video converter, may be unnecessary
-curtail # image compressor
-pitivi # video editor
-identity # compare images or videos
-mousai # poor man shazam
-tagger # tag music files
-bottles # wine prefix manager
-obs-studio # screen recorder & streamer
-shortwave # listen to world radio
-nextcloud-client # self-hosted google-drive alternative
-#+end_src
-
-*** WEB
-Stuff that I use to interact with the web, web browsers, chats, download
-managers, etc.
-
-#+begin_src nix
-firefox # web browser that allows to disable spyware
-tor-browser-bundle-bin # dark web, so dark!
-ungoogled-chromium # web browser with spyware included
-discord # chat
-telegram-desktop # furry chat
-# hugo # website engine
-nicotine-plus # remember Ares?
-warp # never used, but supposedly cool for sharing files
-#+end_src
-
 ** COMMAND-LINE PACKAGES
 
 #+begin_src nix
@@ -376,8 +261,8 @@ jawzTasks
 (writeScriptBin "ffmpreg" (builtins.readFile ./scripts/ffmpreg.sh))
 (writeScriptBin "chat-dl" (builtins.readFile ./scripts/chat-dl.sh))
 (writeScriptBin "split-dir" (builtins.readFile ./scripts/split-dir.sh))
-(writeScriptBin "pika-list" (builtins.readFile ./scripts/pika-list.sh))
-(writeScriptBin "run" (builtins.readFile ./scripts/run.sh))
+# (writeScriptBin "pika-list" (builtins.readFile ./scripts/pika-list.sh))
+# (writeScriptBin "run" (builtins.readFile ./scripts/run.sh))
 #+end_src
 
 ** DEVELOPMENT PACKAGES
@@ -438,12 +323,6 @@ Themes and other customization, making my DE look the way I want is one of the
 main draws of Linux for me.
 
 #+begin_src nix
-# Themes
-adw-gtk3
-# gradience # theme customizer, allows you to modify adw-gtk3 themes
-gnome.gnome-tweaks # tweaks for the gnome desktop environment
-qgnomeplatform
-
 # Fonts
 (nerdfonts.override {
   fonts = [ "Agave" "CascadiaCode" "SourceCodePro"
@@ -515,23 +394,6 @@ symbola
   prettybat # trans your sourcecode!
 #+end_src
 
-** GNOME EXTENSIONS
-
-#+begin_src nix
-]) ++ (with pkgs.gnomeExtensions; [
-  appindicator # applets for open applications
-  gsconnect # sync data and notifications from your phone
-  freon # hardware temperature monitor
-  panel-scroll # scroll well to change workspaces
-  reading-strip # like putting a finger on every line I read
-  tactile # window manager
-  pano # clipboard manager
-  blur-my-shell # make the overview more visually appealing
-  # burn-my-windows
-  # forge # window manager
-# ]) ++ (with unstable.pkgs.gnomeExtensions; [
-#+end_src
-
 ** NODEJS PACKAGES
 
 #+begin_src nix
@@ -611,9 +473,8 @@ if command -v fzf-share >/dev/null; then
 fi
 
 nixos-reload () {
-    nix-store --add-fixed sha256 /home/jawz/Development/NixOS/scripts/PureRef-1.11.1_x64.Appimage
-    nixfmt /home/jawz/Development/NixOS/*.nix
-    sudo nixos-rebuild switch -I nixos-config=/home/jawz/Development/NixOS/configuration.nix
+    nixfmt /home/jawz/Development/NixOS/workstation/*.nix
+    sudo nixos-rebuild switch -I nixos-config=/home/jawz/Development/NixOS/workstation/configuration.nix
 }
 #+end_src
 #+begin_src nix
@@ -826,14 +687,6 @@ programs = {
     enable = true;
     enableSSHSupport = true;
   };
-  geary = {
-    enable = true;
-  };
-  steam = {
-    enable = true;
-    remotePlay.openFirewall = true;
-    dedicatedServer.openFirewall = true;
-  };
   msmtp = {
     enable = true;
     accounts.default = {
@@ -916,7 +769,7 @@ systemd = {
   user = {
     services = {
       HentaiAtHome = {
-        enable = false;
+        enable = true;
         restartIfChanged = true;
         description = "Run hentai@home server";
         wantedBy = [ "default.target" ];
@@ -1006,32 +859,6 @@ systemd = {
 };
 #+end_src
 
-* FIREWALL
-Open ports in the firewall.
-=TIP= list what app a port belongs to in a table.
-
-#+begin_src nix
-networking = {
-  firewall = let
-    open_firewall_ports = [
-      6969 # HentaiAtHome
-      25152 # ssh
-      51413 # torrent
-    ];
-    open_firewall_port_ranges = [
-      { from = 1714;  to = 1764; } # kdeconnect
-    ];
-    in
-    {
-    enable = true;
-    allowedTCPPorts = open_firewall_ports;
-    allowedUDPPorts = open_firewall_ports;
-    allowedTCPPortRanges = open_firewall_port_ranges;
-    allowedUDPPortRanges = open_firewall_port_ranges;
-  };
-};
-#+end_src
-
 * MISC SETTINGS
 ** ENABLE FONTCONFIG
 If enabled, a Fontconfig configuration file will point to a set of default
@@ -1045,6 +872,39 @@ setting.
 fonts.fontconfig.enable = true;
 #+end_src
 
+** NFS
+#+begin_src nix
+fileSystems = {
+  "/export/disk1" = {
+    device = "/mnt/disk1";
+    options = ["bind"];
+  };
+  "/export/disk2" = {
+    device = "/mnt/disk2";
+    options = ["bind"];
+  };
+  "/export/seedbox" = {
+    device = "/mnt/seedbox";
+    options = ["bind"];
+  };
+  "/export/jawz" = {
+    device = "/home/jawz";
+    options = ["bind"];
+  };
+};
+services.nfs = {
+  server = {
+    enable = true;
+    exports = ''
+      /export         192.168.1.64(rw,fsid=0,no_subtree_check)
+      /export/disk1   192.168.1.64(rw,nohide,insecure,no_subtree_check)
+      /export/disk2   192.168.1.64(rw,nohide,insecure,no_subtree_check)
+      /export/seedbox 192.168.1.64(rw,nohide,insecure,no_subtree_check)
+      /export/jawz    192.168.1.64(rw,nohide,insecure,no_subtree_check)
+    '';
+  };
+};
+#+end_src
 * FINAL SYSTEM CONFIGURATIONS
 The first setting creates a copy the NixOS configuration file and link it from
 the resulting system (/run/current-system/configuration.nix).  This is useful in

workstation/nginx.nix

@@ -6,7 +6,9 @@
 
 let
   localhost = "127.0.0.1";
+  battlestation = "192.168.1.64";
   jellyfinPort = "8096";
+  gptPort = "7860";
   nextcloudPort = 80;
   searxPort = 8080;
   newflixPort = 8897;
@@ -108,6 +110,13 @@ in {
       "vault.servidos.lat" = proxy vaultPort // { };
       "searx.servidos.lat" = proxy searxPort // { };
       "qampqwn4wprhqny8h8zj.servidos.lat" = proxy secretFlamePort // { };
+      "6fxAtnPxEeI8hN.servidos.lat" = {
+        forceSSL = true;
+        enableACME = true;
+        locations = {
+          "/" = { proxyPass = "http://${battlestation}:${gptPort}"; };
+        };
+      };
       "flix.servidos.lat" = {
         forceSSL = true;
         enableACME = true;

workstation/scripts/update-dns.sh

@@ -5,7 +5,7 @@
 # for a domain to your external IP address
 
 # namecheap
-hostnames=(cloud @)
+hostnames=(cloud @ 6fxAtnPxEeI8hN)
 domain=rotehaare.art
 password=60d672be5d9d4828a0f96264babe0ac1
 

workstation/servers.nix

@@ -252,4 +252,13 @@ in {
       };
     };
   };
+
+  networking = {
+    firewall = let open_firewall_ports = [ config.services.paperless.port ];
+    in {
+      enable = true;
+      allowedTCPPorts = open_firewall_ports;
+      allowedUDPPorts = open_firewall_ports;
+    };
+  };
 }