diff --git a/configuration.org b/configuration.org index 8bad011..dddc096 100755 --- a/configuration.org +++ b/configuration.org @@ -76,6 +76,8 @@ cluttered, for example, I may create a module for systemd units. #+begin_src nix imports = [ ./hardware-configuration.nix + ./nginx.nix + /etc/nixos/cachix.nix "${nix-gaming}/modules/pipewireLowLatency.nix" @@ -174,7 +176,13 @@ latency will require expanding these settings. #+begin_src nix hardware.pulseaudio.enable = false; sound.enable = false; -security.rtkit.enable = true; +security = { + rtkit.enable = true; + acme = { + acceptTerms = true; + defaults.email = "captainjawz@outlook.com"; + }; +}; services.pipewire = { enable = true; alsa.enable = true; @@ -228,6 +236,13 @@ name. #+begin_src nix nixpkgs.config = { allowUnfree = true; + packageOverrides = pkgs: { + vaapiIntel = pkgs.vaapiIntel.override { enableHybridCodec = true; }; + }; + permittedInsecurePackages = [ + "nodejs-14.21.3" + "openssl-1.1.1u" + ]; }; #+end_src @@ -244,6 +259,21 @@ intention of reduce the number of dotfiles, however I will keep it exclusively as a dotfile and service manager. #+begin_src nix +users.groups.nextcloud.gid = 990; +users.users.nextcloud = { + isNormalUser = false; + uid = 990; + extraGroups = [ "nextcloud" ]; + packages = (with pkgs; [ + nodejs_14 + ### Currently incompatible with newer versions, and compiling + ### an older version takes 7 hours. + # cudatoolkit + # python3Packages.tensorflowWithCuda + # cudaPackages.cudatoolkit + # cudaPackages.cudnn + ]); +}; users.users.jawz = { isNormalUser = true; extraGroups = [ "wheel" "networkmanager" "docker" "scanner" "lp" ]; @@ -377,7 +407,6 @@ du-dust # rusty du gocryptfs # encrypted filesystem! shhh!!! exa # like ls but with colors trashy # oop! didn't meant to delete that -ffmpeg # coolest video converter! # neofetch # use once for brag, never again rmlint # probably my favourite app, amazing dupe finder that integrates well with BTRFS tldr # man for retards @@ -441,8 +470,8 @@ poetry # dependency management made easy # cabal-install # haskell interface # JS -# jq # linting nodejs # not as bad as I thought +# jq # linting #+end_src ** HUNSPELL @@ -464,6 +493,7 @@ main draws of Linux for me. adw-gtk3 # gradience # theme customizer, allows you to modify adw-gtk3 themes gnome.gnome-tweaks # tweaks for the gnome desktop environment +qgnomeplatform # Fonts (nerdfonts.override { @@ -637,13 +667,13 @@ if command -v fzf-share >/dev/null; then source "$(fzf-share)/completion.bash" fi -nixos-magic () { +nixos-reload () { local nix_file="$HOME/Development/NixOS/configuration.nix" local hardware_file="$HOME/Development/NixOS/hardware-configuration.nix" nixfmt "$nix_file" && nixfmt "$hardware_file" sudo nixos-rebuild switch -I nixos-config="$nix_file" - sudo systemctl restart docker - sudo systemctl restart docker-compose + # sudo systemctl restart docker + # sudo systemctl restart docker-compose } #+end_src #+begin_src nix @@ -655,7 +685,6 @@ nixos-magic () { #+begin_src nix programs = { - starship.enable = true; direnv = { enable = true; enableBashIntegration = true; @@ -733,6 +762,10 @@ may be challenging. environment.systemPackages = with pkgs; [ wget docker-compose # easy way to migrate my docker anywhere! + jellyfin-ffmpeg # coolest video converter! + dlib + # nv-codec-headers-11 + # cudatoolkit ]; #+end_src @@ -847,14 +880,15 @@ snapraid = { }; #+end_src -* PROGRAMS & SERVICES +* SYSTEM PROGRAMS & SERVICES Some programs get enabled and installed through here, as well as the activation of some services. #+begin_src nix programs = { + # mtr.enable = true; + starship.enable = true; fzf.fuzzyCompletion = true; - mtr.enable = true; neovim = { enable = true; vimAlias = true; @@ -874,6 +908,97 @@ programs = { }; services = { + jellyfin = { + enable = true; + openFirewall = true; + }; + nextcloud = { + enable = true; + # package = pkgs.nextcloud27; + maxUploadSize = "50G"; + enableImagemagick = true; + appstoreEnable = true; + extraAppsEnable = true; + hostName = "cloud.servidos.lat"; + https = true; + caching = { + redis = true; + }; + config = { + adminpassFile = "${pkgs.writeText "adminpass" "Overlying-Hatchback-Charting-Encounter-Deface-Gallantly7"}"; + overwriteProtocol = "https"; + trustedProxies = [ "nginx" ]; + extraTrustedDomains = [ "localhost:80" "cloud.danilo-reyes.com" "cloud.servidos.lat" ]; + defaultPhoneRegion = "MX"; + dbtype = "pgsql"; + dbuser = "nextcloud"; + dbpassFile = "${pkgs.writeText "dbpass" "sopacerias"}"; + dbtableprefix = "oc_"; + dbname = "nextcloud"; + }; + extraOptions = { + redis = { + host = "localhost"; + port = 6379; + }; + memcache = { + local = "\\OC\\Memcache\\Redis"; + distributed = "\\OC\\Memcache\\Redis"; + locking = "\\OC\\Memcache\\Redis"; + }; + mail_smtpmode = "sendmail"; + mail_sendmailmode = "pipe"; + "installed" = true; + }; + phpOptions = { + display_errors = "stderr"; + error_reporting = "E_ALL & ~E_DEPRECATED & ~E_STRICT"; + expose_php = "Off"; + "opcache.enable_cli" = "1"; + "opcache.fast_shutdown" = "1"; + "opcache.interned_strings_buffer" = "10"; + "opcache.max_accelerated_files" = "10000"; + "opcache.memory_consumption" = "128"; + "opcache.revalidate_freq" = "1"; + "openssl.cafile" = "/etc/ssl/certs/ca-certificates.crt"; + catch_workers_output = "yes"; + short_open_tag = "Off"; + # defaults end here + upload_max_filesize = "50G"; + post_max_size = "50G"; + memory_limit = "2G"; + }; + phpExtraExtensions = all: [ all.pdlib all.bz2 ]; + }; + postgresql = { + enable = true; + ensureDatabases = [ "paperless" "nextcloud" "mealie" ]; + ensureUsers = [ + { + name = "nextcloud"; + ensurePermissions = { + "DATABASE nextcloud" = "ALL PRIVILEGES"; + }; + } + { + name = "paperless"; + ensurePermissions = { + "DATABASE paperless" = "ALL PRIVILEGES"; + }; + } + { + name = "mealie"; + ensurePermissions = { + "DATABASE mealie" = "ALL PRIVILEGES"; + }; + } + ]; + authentication = pkgs.lib.mkOverride 10 '' + local all all trust + host all all 127.0.0.1/32 trust + host all all ::1/128 trust + ''; + }; printing = { enable = true; drivers = [ pkgs.hplip pkgs.hplipWithPlugin ]; @@ -918,26 +1043,26 @@ the best way to define them for now, is using nix. #+begin_src nix systemd.services = { - "docker-compose" = { - enable = true; - restartIfChanged = true; - description = "Start docker-compose servers"; - after = [ "docker.service" "docker.socket" ]; - requires = [ "docker.service" "docker.socket" ]; - wantedBy = [ "default.target" ]; - environment = { - FILE = "/home/jawz/Development/Docker/docker-compose.yml"; - }; - path = [ - pkgs.docker-compose - ]; - serviceConfig = { - Restart = "on-failure"; - RestartSec = 30; - ExecStart = "${pkgs.docker-compose}/bin/docker-compose -f \${FILE} up --remove-orphans"; - ExecStop = "${pkgs.docker-compose}/bin/docker-compose -f \${FILE} down"; - }; - }; + # "docker-compose" = { + # enable = true; + # restartIfChanged = true; + # description = "Start docker-compose servers"; + # after = [ "docker.service" "docker.socket" ]; + # requires = [ "docker.service" "docker.socket" ]; + # wantedBy = [ "default.target" ]; + # environment = { + # FILE = "/home/jawz/Development/Docker/docker-compose.yml"; + # }; + # path = [ + # pkgs.docker-compose + # ]; + # serviceConfig = { + # Restart = "on-failure"; + # RestartSec = 30; + # ExecStart = "${pkgs.docker-compose}/bin/docker-compose -f \${FILE} up --remove-orphans"; + # ExecStop = "${pkgs.docker-compose}/bin/docker-compose -f \${FILE} down"; + # }; + # }; "nextcloud_scrapsync" = { description = "Sync scrapped files with nextcloud"; wantedBy = [ "default.target" ]; @@ -1084,11 +1209,13 @@ nix = { "https://nix-gaming.cachix.org" "https://nixpkgs-python.cachix.org" "https://devenv.cachix.org" + "https://cuda-maintainers.cachix.org" ]; trusted-public-keys = [ "nix-gaming.cachix.org-1:nbjlureqMbRAxR1gJ/f3hxemL9svXaZF/Ees8vCUUs4=" "nixpkgs-python.cachix.org-1:hxjI7pFxTyuTHn2NkvWCrAUcNZLNS3ZAvfYNuYifcEU=" "devenv.cachix.org-1:w1cLUi8dv3hnoSPGAuibQv+f9TZLr6cv/Hm9XgU50cw=" + "cuda-maintainers.cachix.org-1:0dq3bujKpuEPMCX6U4WylrUDZ9JyUG0VpVZa7CNfq5E=" ]; }; gc = { diff --git a/hardware-configuration.nix b/hardware-configuration.nix index 7659073..18f4266 100755 --- a/hardware-configuration.nix +++ b/hardware-configuration.nix @@ -89,6 +89,16 @@ in { options = [ "compress=zstd:3" "space_cache=v2" "commit=120" "datacow" ]; }; + fileSystems."/var/lib/nextcloud/data" = { + device = "/mnt/disk1/nextcloud"; + options = [ "bind" ]; + }; + + fileSystems."/mnt/jellyfin/media" = { + device = "/mnt/disk1/multimedia/media"; + options = [ "bind" "ro" ]; + }; + fileSystems."/mnt/disk2" = { device = "/dev/mapper/disk2"; fsType = "btrfs"; @@ -107,6 +117,11 @@ in { options = [ "compress=zstd:3" "space_cache=v2" "commit=120" "datacow" ]; }; + fileSystems."/mnt/jellyfin/external" = { + device = "/mnt/seedbox/external"; + options = [ "bind" "ro" ]; + }; + fileSystems."/mnt/parity" = { device = "/dev/disk/by-uuid/643b727a-555d-425c-943c-62f5b93631c9"; fsType = "xfs"; @@ -160,8 +175,15 @@ in { nvidia.modesetting.enable = true; opengl = { enable = true; + setLdLibraryPath = true; driSupport = true; driSupport32Bit = true; + extraPackages = with pkgs; [ + intel-media-driver # LIBVA_DRIVER_NAME=iHD + vaapiIntel # LIBVA_DRIVER_NAME=i965 (older but works better for Firefox/Chromium) + vaapiVdpau + libvdpau-va-gl + ]; }; }; # hardware.cpu.intel.updateMicrocode =