jawz/NixOS
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

applied nixfmt (new version)

Browse Source
This commit is contained in:
Danilo Reyes 2024-09-22 14:45:24 -06:00
parent dd00fb4854
commit b514828594
89 changed files with 2091 additions and 1339 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

113
base.nix
View File

@ -1,4 +1,11 @@
{ lib, pkgs, inputs, outputs, ... }: {
{
lib,
pkgs,
inputs,
outputs,
...
}:
{
imports = [
inputs.home-manager.nixosModules.home-manager
./modules/apps.nix
@ -22,7 +29,9 @@
home-manager = {
useUserPackages = true;
useGlobalPkgs = true;
extraSpecialArgs = { inherit inputs outputs; };
extraSpecialArgs = {
inherit inputs outputs;
};
users.jawz = import ./home-manager.nix;
};
time = {
@ -31,7 +40,9 @@
};
i18n = {
defaultLocale = "en_CA.UTF-8";
extraLocaleSettings = { LC_MONETARY = "es_MX.UTF-8"; };
extraLocaleSettings = {
LC_MONETARY = "es_MX.UTF-8";
};
};
console = {
font = "Lat2-Terminus16";
@ -44,59 +55,69 @@
enable = true;
wheelNeedsPassword = false;
};
pam.loginLimits = [{
domain = "*";
type = "soft";
item = "nofile";
value = "8192";
}];
pam.loginLimits = [
{
domain = "*";
type = "soft";
item = "nofile";
value = "8192";
}
];
};
users = {
mutableUsers = false;
groups.piracy.gid = 985;
};
nixpkgs.config.allowUnfree = true;
nix = let
featuresList = [
"nixos-test"
"benchmark"
"big-parallel"
"kvm"
"gccarch-znver3"
"gccarch-skylake"
"gccarch-alderlake"
];
in {
distributedBuilds = true;
optimise.automatic = true;
settings = {
auto-optimise-store = true;
trusted-users = [ "nixremote" ];
system-features = featuresList;
experimental-features = [ "nix-command" "flakes" ];
substituters = [
"https://nix-gaming.cachix.org"
"https://nixpkgs-python.cachix.org"
"https://devenv.cachix.org"
"https://cuda-maintainers.cachix.org"
"https://ai.cachix.org"
"https://cache.lix.systems"
"https://cosmic.cachix.org/"
];
trusted-public-keys = [
"nix-gaming.cachix.org-1:nbjlureqMbRAxR1gJ/f3hxemL9svXaZF/Ees8vCUUs4="
"nixpkgs-python.cachix.org-1:hxjI7pFxTyuTHn2NkvWCrAUcNZLNS3ZAvfYNuYifcEU="
"devenv.cachix.org-1:w1cLUi8dv3hnoSPGAuibQv+f9TZLr6cv/Hm9XgU50cw="
"cuda-maintainers.cachix.org-1:0dq3bujKpuEPMCX6U4WylrUDZ9JyUG0VpVZa7CNfq5E="
"ai.cachix.org-1:N9dzRK+alWwoKXQlnn0H6aUx0lU/mspIoz8hMvGvbbc="
"cache.lix.systems:aBnZUw8zA7H35Cz2RyKFVs3H4PlGTLawyY5KRbvJR8o="
"cosmic.cachix.org-1:Dya9IyXD4xdBehWjrkPv6rtxpmMdRel02smYzA85dPE="
nix =
let
featuresList = [
"nixos-test"
"benchmark"
"big-parallel"
"kvm"
"gccarch-znver3"
"gccarch-skylake"
"gccarch-alderlake"
];
in
{
distributedBuilds = true;
optimise.automatic = true;
settings = {
auto-optimise-store = true;
trusted-users = [ "nixremote" ];
system-features = featuresList;
experimental-features = [
"nix-command"
"flakes"
];
substituters = [
"https://nix-gaming.cachix.org"
"https://nixpkgs-python.cachix.org"
"https://devenv.cachix.org"
"https://cuda-maintainers.cachix.org"
"https://ai.cachix.org"
"https://cache.lix.systems"
"https://cosmic.cachix.org/"
];
trusted-public-keys = [
"nix-gaming.cachix.org-1:nbjlureqMbRAxR1gJ/f3hxemL9svXaZF/Ees8vCUUs4="
"nixpkgs-python.cachix.org-1:hxjI7pFxTyuTHn2NkvWCrAUcNZLNS3ZAvfYNuYifcEU="
"devenv.cachix.org-1:w1cLUi8dv3hnoSPGAuibQv+f9TZLr6cv/Hm9XgU50cw="
"cuda-maintainers.cachix.org-1:0dq3bujKpuEPMCX6U4WylrUDZ9JyUG0VpVZa7CNfq5E="
"ai.cachix.org-1:N9dzRK+alWwoKXQlnn0H6aUx0lU/mspIoz8hMvGvbbc="
"cache.lix.systems:aBnZUw8zA7H35Cz2RyKFVs3H4PlGTLawyY5KRbvJR8o="
"cosmic.cachix.org-1:Dya9IyXD4xdBehWjrkPv6rtxpmMdRel02smYzA85dPE="
];
};
};
};
documentation.enable = false;
environment = {
systemPackages = with pkgs; [ wget sops ];
systemPackages = with pkgs; [
wget
sops
];
variables = rec {
# PATH
XDG_CACHE_HOME = "\${HOME}/.cache";

3
cinnamon.nix
View File

@ -1,4 +1,5 @@
{ pkgs, ... }: {
{ pkgs, ... }:
{
services = {
libinput.enable = true;
xserver = {

20
cosmic.nix
View File

@ -1,4 +1,5 @@
{ pkgs, ... }: {
{ pkgs, ... }:
{
services = {
gvfs.enable = true;
libinput.enable = true;
@ -9,11 +10,14 @@
enable = true;
style = "adwaita";
};
users.users.jawz.packages = (with pkgs; [
# ffmpegthumbnailer # generate thumbnails
adw-gtk3 # theme legacy applications
papirus-icon-theme # icon theme
# libgda # for pano shell extension
# gradience # theme customizer, allows you to modify adw-gtk3 themes
]);
users.users.jawz.packages = (
with pkgs;
[
# ffmpegthumbnailer # generate thumbnails
adw-gtk3 # theme legacy applications
papirus-icon-theme # icon theme
# libgda # for pano shell extension
# gradience # theme customizer, allows you to modify adw-gtk3 themes
]
);
}

30
flake.nix
View File

@ -19,13 +19,23 @@
};
};
outputs = { self, nixpkgs, unstable, master, home-manager, sops-nix
, nixos-cosmic, ... }@inputs:
outputs =
{
self,
nixpkgs,
unstable,
master,
home-manager,
sops-nix,
nixos-cosmic,
...
}@inputs:
let
inherit (self) outputs;
lib = nixpkgs.lib // home-manager.lib;
system = "x86_64-linux";
makePkgs = repo:
makePkgs =
repo:
import repo {
inherit system;
config.allowUnfree = true;
@ -36,15 +46,23 @@
overlays = [ (import ./overlay.nix { inherit pkgs pkgsU pkgsM; }) ];
createConfig = name: {
inherit system;
specialArgs = { inherit inputs outputs; };
specialArgs = {
inherit inputs outputs;
};
modules = [
./hosts/${name}/configuration.nix
sops-nix.nixosModules.sops
({ ... }: { nixpkgs.overlays = overlays; })
(
{ ... }:
{
nixpkgs.overlays = overlays;
}
)
nixos-cosmic.nixosModules.default
];
};
in {
in
{
inherit lib pkgs;
formatter = pkgs.alejandra;
nixosConfigurations = {

75
gnome.nix
View File

@ -1,4 +1,5 @@
{ pkgs, ... }: {
{ pkgs, ... }:
{
services = {
gvfs.enable = true;
libinput.enable = true;
@ -15,42 +16,46 @@
};
};
};
environment.gnome.excludePackages = (with pkgs; [
gnome-photos
gnome-tour
gnome-text-editor
gnome-connections
# gnome-shell-extensions
baobab
]) ++ (with pkgs.gnome; [
# totem
gnome-music
epiphany
gnome-characters
yelp
gnome-font-viewer
cheese
]);
environment.gnome.excludePackages =
(with pkgs; [
gnome-photos
gnome-tour
gnome-text-editor
gnome-connections
# gnome-shell-extensions
baobab
])
++ (with pkgs.gnome; [
# totem
gnome-music
epiphany
gnome-characters
yelp
gnome-font-viewer
cheese
]);
qt = {
enable = true;
style = "adwaita";
};
users.users.jawz.packages = (with pkgs; [
# ffmpegthumbnailer # generate thumbnails
adw-gtk3 # theme legacy applications
gnome.gnome-tweaks # tweaks for the gnome desktop environment
papirus-icon-theme # icon theme
libgda # for pano shell extension
# gradience # theme customizer, allows you to modify adw-gtk3 themes
]) ++ (with pkgs.gnomeExtensions; [
appindicator # applets for open applications
reading-strip # like putting a finger on every line I read
tactile # window manager
pano # clipboard manager
freon # hardware temperature monitor
gamemode-indicator-in-system-settings # I guess I'm a gamer now?
# blur-my-shell # make the overview more visually appealing
burn-my-windows
# forge # window manager
]);
users.users.jawz.packages =
(with pkgs; [
# ffmpegthumbnailer # generate thumbnails
adw-gtk3 # theme legacy applications
gnome.gnome-tweaks # tweaks for the gnome desktop environment
papirus-icon-theme # icon theme
libgda # for pano shell extension
# gradience # theme customizer, allows you to modify adw-gtk3 themes
])
++ (with pkgs.gnomeExtensions; [
appindicator # applets for open applications
reading-strip # like putting a finger on every line I read
tactile # window manager
pano # clipboard manager
freon # hardware temperature monitor
gamemode-indicator-in-system-settings # I guess I'm a gamer now?
# blur-my-shell # make the overview more visually appealing
burn-my-windows
# forge # window manager
]);
}

9
home-manager.nix
View File

@ -1,9 +1,14 @@
{ config, ... }: {
{ config, ... }:
{
home.stateVersion = "24.05";
programs.bash = {
enable = true;
historyFile = "\${XDG_STATE_HOME}/bash/history";
historyControl = [ "erasedups" "ignorespace" "ignoredups" ];
historyControl = [
"erasedups"
"ignorespace"
"ignoredups"
];
shellAliases = {
cp = "cp -i";
mv = "mv -i";

23
hosts/miniserver/hardware-configuration.nix
View File

@ -1,4 +1,5 @@
{ lib, modulesPath, ... }: {
{ lib, modulesPath, ... }:
{
imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
powerManagement.cpuFreqGovernor = lib.mkDefault "performance";
hardware = {
@ -129,13 +130,15 @@
'';
};
};
swapDevices = [{
device = "/dev/nvme0n1p3";
randomEncryption = {
enable = true;
cipher = "aes-xts-plain64";
keySize = 512;
sectorSize = 4096;
};
}];
swapDevices = [
{
device = "/dev/nvme0n1p3";
randomEncryption = {
enable = true;
cipher = "aes-xts-plain64";
keySize = 512;
sectorSize = 4096;
};
}
];
}

29
hosts/miniserver/temp-nginx.nix
View File

@ -1,4 +1,9 @@
{ config, lib, pkgs, ... }:
{
config,
lib,
pkgs,
...
}:
let
proxy = locations: {
inherit locations;
@ -6,7 +11,8 @@ let
enableACME = true;
http2 = true;
};
proxyReverse = port:
proxyReverse =
port:
proxy {
"/" = {
proxyPass = "http://192.168.1.69:${toString port}";
@ -16,14 +22,14 @@ let
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_redirect http://192.168.1.69:${
toString port
}/ https://your_domain.com/;
proxy_redirect http://192.168.1.69:${toString port}/ https://your_domain.com/;
'';
};
};
proxyReverseArr = port:
proxyReverse port // {
proxyReverseArr =
port:
proxyReverse port
// {
extraConfig = ''
proxy_set_header X-Forwarded-Host $host;
proxy_set_header Upgrade $http_upgrade;
@ -32,7 +38,8 @@ let
proxy_http_version 1.1;
'';
};
in {
in
{
services = {
nginx = {
appendHttpConfig = ''
@ -47,10 +54,8 @@ in {
"movies.${config.my.domain}" = proxyReverseArr 7878 // { };
"indexer.${config.my.domain}" = proxyReverseArr 9696 // { };
"music.${config.my.domain}" = proxyReverseArr 8686 // { };
"subs.${config.my.domain}" =
proxyReverse config.services.bazarr.listenPort // { };
"library.${config.my.domain}" = proxyReverse config.services.kavita.port
// { };
"subs.${config.my.domain}" = proxyReverse config.services.bazarr.listenPort // { };
"library.${config.my.domain}" = proxyReverse config.services.kavita.port // { };
"vnfx2cojmt7dwzcfmi73.${config.my.domain}" = proxyReverse 9091 // { };
"HSoeJdGRd2Orj0n31UGI.${config.my.domain}" = proxyReverse 3399 // { };
"flix.${config.my.domain}" = {

38
hosts/server/hardware-configuration.nix
View File

@ -1,4 +1,5 @@
{ lib, modulesPath, ... }: {
{ lib, modulesPath, ... }:
{
imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
hardware = {
nvidia = {
@ -68,8 +69,14 @@
};
extraModulePackages = [ ];
initrd = {
availableKernelModules =
[ "xhci_pci" "ahci" "usbhid" "nvme" "usb_storage" "sd_mod" ];
availableKernelModules = [
"xhci_pci"
"ahci"
"usbhid"
"nvme"
"usb_storage"
"sd_mod"
];
kernelModules = [ ];
};
};
@ -129,7 +136,10 @@
};
"/mnt/jellyfin/media" = {
device = "/mnt/pool/multimedia/media";
options = [ "bind" "ro" ];
options = [
"bind"
"ro"
];
depends = [ "/mnt/pool" ];
};
# NFS
@ -154,13 +164,15 @@
'';
};
};
swapDevices = [{
device = "/dev/disk/by-partuuid/cb0ad486-ebf8-4bfc-ad7c-96bdc68576ca";
randomEncryption = {
enable = true;
cipher = "aes-xts-plain64";
keySize = 512;
sectorSize = 4096;
};
}];
swapDevices = [
{
device = "/dev/disk/by-partuuid/cb0ad486-ebf8-4bfc-ad7c-96bdc68576ca";
randomEncryption = {
enable = true;
cipher = "aes-xts-plain64";
keySize = 512;
sectorSize = 4096;
};
}
];
}

38
hosts/workstation/configuration.nix
View File

@ -1,4 +1,5 @@
{ pkgs, ... }: {
{ pkgs, ... }:
{
imports = [
./hardware-configuration.nix
../../base.nix
@ -53,20 +54,24 @@
};
networking = {
hostName = "workstation";
firewall = let
openPorts = [
6674 # ns-usbloader
];
openPortRanges = [{
from = 1714; # kdeconnect
to = 1764; # kdeconnect
}];
in {
allowedTCPPorts = openPorts;
allowedUDPPorts = openPorts;
allowedTCPPortRanges = openPortRanges;
allowedUDPPortRanges = openPortRanges;
};
firewall =
let
openPorts = [
6674 # ns-usbloader
];
openPortRanges = [
{
from = 1714; # kdeconnect
to = 1764; # kdeconnect
}
];
in
{
allowedTCPPorts = openPorts;
allowedUDPPorts = openPorts;
allowedTCPPortRanges = openPortRanges;
allowedUDPPortRanges = openPortRanges;
};
};
nix.settings.cores = 16;
nixpkgs = {
@ -132,8 +137,7 @@
enable = true;
useUpnp = true;
enableWebUI = true;
httpPass =
"Uplifting-Proofs-Eggshell-Molecule-Wriggly-Janitor3-Padded-Oxidizing";
httpPass = "Uplifting-Proofs-Eggshell-Molecule-Wriggly-Janitor3-Padded-Oxidizing";
deviceName = "Oversweet3834";
httpLogin = "Oversweet3834";
httpListenPort = 9876;

117
hosts/workstation/hardware-configuration.nix
View File

@ -1,8 +1,13 @@
{ config, modulesPath, lib, ... }: {
{
config,
modulesPath,
lib,
...
}:
{
imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
hardware = {
cpu.amd.updateMicrocode =
lib.mkDefault config.hardware.enableRedistributableFirmware;
cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
bluetooth = {
enable = true;
settings.General = {
@ -45,8 +50,14 @@
};
initrd = {
secrets."/keyfile" = /etc/keyfile;
availableKernelModules =
[ "xhci_pci" "ahci" "usbhid" "nvme" "usb_storage" "sd_mod" ];
availableKernelModules = [
"xhci_pci"
"ahci"
"usbhid"
"nvme"
"usb_storage"
"sd_mod"
];
luks.devices.nvme = {
device = "/dev/disk/by-uuid/e9618e85-a631-4374-b2a4-22c376d6e41b";
keyFile = "/keyfile";
@ -54,50 +65,58 @@
};
};
};
fileSystems = let
nfsMount = server: nfsDisk: {
device = "${server}:/${nfsDisk}";
fsType = "nfs";
options = [ "x-systemd.automount" "noauto" "x-systemd.idle-timeout=600" ];
};
btrfsMount = subvol: {
device = "/dev/mapper/nvme";
fsType = "btrfs";
options = [
"subvol=${subvol}"
"ssd"
"compress=lzo"
"x-systemd.device-timeout=0"
"space_cache=v2"
"commit=120"
"datacow"
] ++ (if subvol == "nixos" then [ "noatime" ] else [ ]);
};
in {
"/" = btrfsMount "nixos" // { };
"/home" = btrfsMount "home" // { };
"/mnt/games" = btrfsMount "games" // { };
"/mnt/miniserver/pool" = nfsMount "miniserver" "pool" // { };
"/mnt/miniserver/jawz" = nfsMount "miniserver" "jawz" // { };
"/mnt/server/pool" = nfsMount "server" "pool" // { };
"/mnt/server/jawz" = nfsMount "server" "jawz" // { };
"/boot" = {
device = "/dev/disk/by-uuid/ac6d349a-96b9-499e-9009-229efd7743a5";
fsType = "ext4";
};
"/boot/efi" = {
device = "/dev/disk/by-uuid/B05D-B5FB";
fsType = "vfat";
};
fileSystems =
let
nfsMount = server: nfsDisk: {
device = "${server}:/${nfsDisk}";
fsType = "nfs";
options = [
"x-systemd.automount"
"noauto"
"x-systemd.idle-timeout=600"
];
};
btrfsMount = subvol: {
device = "/dev/mapper/nvme";
fsType = "btrfs";
options = [
"subvol=${subvol}"
"ssd"
"compress=lzo"
"x-systemd.device-timeout=0"
"space_cache=v2"
"commit=120"
"datacow"
] ++ (if subvol == "nixos" then [ "noatime" ] else [ ]);
};
in
{
"/" = btrfsMount "nixos" // { };
"/home" = btrfsMount "home" // { };
"/mnt/games" = btrfsMount "games" // { };
"/mnt/miniserver/pool" = nfsMount "miniserver" "pool" // { };
"/mnt/miniserver/jawz" = nfsMount "miniserver" "jawz" // { };
"/mnt/server/pool" = nfsMount "server" "pool" // { };
"/mnt/server/jawz" = nfsMount "server" "jawz" // { };
"/boot" = {
device = "/dev/disk/by-uuid/ac6d349a-96b9-499e-9009-229efd7743a5";
fsType = "ext4";
};
"/boot/efi" = {
device = "/dev/disk/by-uuid/B05D-B5FB";
fsType = "vfat";
};
};
swapDevices = [{
device = "/dev/disk/by-partuuid/c1bd22d7-e62c-440a-88d1-6464be1aa1b0";
randomEncryption = {
enable = true;
cipher = "aes-xts-plain64";
keySize = 512;
sectorSize = 4096;
};
}];
swapDevices = [
{
device = "/dev/disk/by-partuuid/c1bd22d7-e62c-440a-88d1-6464be1aa1b0";
randomEncryption = {
enable = true;
cipher = "aes-xts-plain64";
keySize = 512;
sectorSize = 4096;
};
}
];
}

32
jawz.nix
View File

@ -1,19 +1,21 @@
{ config, ... }: {
sops.secrets = let
keyConfig = file: {
sopsFile = ./secrets/keys.yaml;
owner = config.users.users.jawz.name;
inherit (config.users.users.jawz) group;
path = "/home/jawz/.ssh/${file}";
{ config, ... }:
{
sops.secrets =
let
keyConfig = file: {
sopsFile = ./secrets/keys.yaml;
owner = config.users.users.jawz.name;
inherit (config.users.users.jawz) group;
path = "/home/jawz/.ssh/${file}";
};
in
{
jawz-password.neededForUsers = true;
"private_keys/age" = keyConfig "ed25519_age";
"public_keys/age" = keyConfig "ed25519_age.pub";
"private_keys/${config.networking.hostName}" = keyConfig "ed25519_${config.networking.hostName}";
"git_private_keys/${config.networking.hostName}" = keyConfig "ed25519_git";
};
in {
jawz-password.neededForUsers = true;
"private_keys/age" = keyConfig "ed25519_age";
"public_keys/age" = keyConfig "ed25519_age.pub";
"private_keys/${config.networking.hostName}" =
keyConfig "ed25519_${config.networking.hostName}";
"git_private_keys/${config.networking.hostName}" = keyConfig "ed25519_git";
};
users.users.jawz = {
linger = true;
isNormalUser = true;

3
modules/apps.nix
View File

@ -1,4 +1,5 @@
{ lib, ... }: {
{ lib, ... }:
{
imports = [
./apps/art.nix
./apps/dictionaries.nix

46
modules/apps/art.nix
View File

@ -1,25 +1,35 @@
{ config, lib, pkgs, ... }: {
{
config,
lib,
pkgs,
...
}:
{
options.my = {
apps.art.enable = lib.mkEnableOption "enable";
dev.gameDev.enable = lib.mkEnableOption "enable";
};
config = lib.mkIf config.my.apps.art.enable {
users.users.jawz.packages = (with pkgs; [
gimp # the coolest bestest art program to never exist
krita # art to your heart desire!
mypaint # not the best art program
mypaint-brushes # but it's got some
mypaint-brushes1 # nice damn brushes
# pureref # create inspiration/reference boards
blender # cgi animation and sculpting
# drawpile # arty party with friends!!
]) ++ (if config.my.dev.gameDev.enable then
with pkgs;
[
godot_4 # game development
# gdtoolkit # gdscript language server
]
else
[ ]);
users.users.jawz.packages =
(with pkgs; [
gimp # the coolest bestest art program to never exist
krita # art to your heart desire!
mypaint # not the best art program
mypaint-brushes # but it's got some
mypaint-brushes1 # nice damn brushes
# pureref # create inspiration/reference boards
blender # cgi animation and sculpting
# drawpile # arty party with friends!!
])
++ (
if config.my.dev.gameDev.enable then
with pkgs;
[
godot_4 # game development
# gdtoolkit # gdscript language server
]
else
[ ]
);
};
}

8
modules/apps/dictionaries.nix
View File

@ -1,4 +1,10 @@
{ config, lib, pkgs, ... }: {
{
config,
lib,
pkgs,
...
}:
{
options.my.apps.dictionaries.enable = lib.mkEnableOption "enable";
config = lib.mkIf config.my.apps.dictionaries.enable {
users.users.jawz.packages = with pkgs; [

8
modules/apps/fonts.nix
View File

@ -1,4 +1,10 @@
{ config, lib, pkgs, ... }: {
{
config,
lib,
pkgs,
...
}:
{
options.my.apps.fonts.enable = lib.mkEnableOption "enable";
config = lib.mkIf config.my.apps.fonts.enable {
users.users.jawz.packages = with pkgs; [

63
modules/apps/gaming.nix
View File

@ -1,4 +1,11 @@
{ config, lib, pkgs, inputs, ... }: {
{
config,
lib,
pkgs,
inputs,
...
}:
{
imports = [ inputs.nix-gaming.nixosModules.platformOptimizations ];
options.my.apps.gaming.enable = lib.mkEnableOption "enable";
config = lib.mkIf config.my.apps.gaming.enable {
@ -12,32 +19,34 @@
platformOptimizations.enable = true;
};
};
users.users.jawz.packages = let
polymc = pkgs.callPackage ../../pkgs/polymc/default.nix { };
citra-nightly =
pkgs.callPackage ../../pkgs/citra/default.nix { branch = "nightly"; };
in (with pkgs; [
shipwright # zelda OoT port
mangohud # fps & stats overlay
lutris # games launcher & emulator hub
cartridges # games launcher
gamemode # optimizes linux to have better gaming performance
heroic # install epic games
protonup-qt # update proton-ge
# minecraft # minecraft official launcher
ns-usbloader # load games into my switch
grapejuice # roblox manager
users.users.jawz.packages =
let
polymc = pkgs.callPackage ../../pkgs/polymc/default.nix { };
citra-nightly = pkgs.callPackage ../../pkgs/citra/default.nix { branch = "nightly"; };
in
(with pkgs; [
shipwright # zelda OoT port
mangohud # fps & stats overlay
lutris # games launcher & emulator hub
cartridges # games launcher
gamemode # optimizes linux to have better gaming performance
heroic # install epic games
protonup-qt # update proton-ge
# minecraft # minecraft official launcher
ns-usbloader # load games into my switch
grapejuice # roblox manager
# emulators
rpcs3 # ps3 emulator
pcsx2 # ps2 emulator
cemu # wii u emulator
dolphin-emu # wii emulator
snes9x-gtk # snes emulator
ryujinx # switch emulator
]) ++ [
citra-nightly # 3Ds emulator
polymc # minecraft launcher with mod support
];
# emulators
rpcs3 # ps3 emulator
pcsx2 # ps2 emulator
cemu # wii u emulator
dolphin-emu # wii emulator
snes9x-gtk # snes emulator
ryujinx # switch emulator
])
++ [
citra-nightly # 3Ds emulator
polymc # minecraft launcher with mod support
];
};
}

23
modules/apps/internet.nix
View File

@ -1,4 +1,10 @@
{ config, lib, pkgs, ... }: {
{
config,
lib,
pkgs,
...
}:
{
options.my.apps.internet.enable = lib.mkEnableOption "enable";
config = lib.mkIf config.my.apps.internet.enable {
programs = {
@ -6,13 +12,19 @@
firefox = {
enable = true;
package = pkgs.librewolf; # fuck u firefox
languagePacks = [ "en-CA" "es-MX" "it" ];
languagePacks = [
"en-CA"
"es-MX"
"it"
];
};
};
services.psd.enable = true;
users.users.jawz.packages =
let vdhcoapp = pkgs.callPackage ../../pkgs/vdhcoapp/default.nix { };
in (with pkgs; [
let
vdhcoapp = pkgs.callPackage ../../pkgs/vdhcoapp/default.nix { };
in
(with pkgs; [
warp # transfer files with based ppl
brave # crypto-browser that at least somewhat integrates with gtk
nextcloud-client # self-hosted google-drive alternative
@ -26,7 +38,8 @@
discord # :3
teamspeak5_client # ppl say they will use this...?
# hugo # website engine
]) ++ [
])
++ [
vdhcoapp # video download helper assistant
];
};

8
modules/apps/misc.nix
View File

@ -1,4 +1,10 @@
{ config, lib, pkgs, ... }: {
{
config,
lib,
pkgs,
...
}:
{
options.my.apps.misc.enable = lib.mkEnableOption "enable";
config = lib.mkIf config.my.apps.misc.enable {
users.users.jawz.packages = with pkgs; [

8
modules/apps/multimedia.nix
View File

@ -1,4 +1,10 @@
{ config, lib, pkgs, ... }: {
{
config,
lib,
pkgs,
...
}:
{
options.my.apps.multimedia.enable = lib.mkEnableOption "enable";
config = lib.mkIf config.my.apps.multimedia.enable {
users.users.jawz.packages = with pkgs; [

8
modules/apps/office.nix
View File

@ -1,4 +1,10 @@
{ config, lib, pkgs, ... }: {
{
config,
lib,
pkgs,
...
}:
{
options.my.apps.office.enable = lib.mkEnableOption "enable";
config = lib.mkIf config.my.apps.office.enable {
environment.variables.CALIBRE_USE_SYSTEM_THEME = "1";

3
modules/dev.nix
View File

@ -1,4 +1,5 @@
{ lib, ... }: {
{ lib, ... }:
{
imports = [
./dev/sh.nix
./dev/nix.nix

8
modules/dev/docker.nix
View File

@ -1,4 +1,10 @@
{ config, lib, pkgs, ... }: {
{
config,
lib,
pkgs,
...
}:
{
options.my.dev.docker.enable = lib.mkEnableOption "enable";
config = lib.mkIf config.my.dev.docker.enable {
environment.variables.DOCKER_CONFIG = "\${XDG_CONFIG_HOME}/docker";

8
modules/dev/haskell.nix
View File

@ -1,4 +1,10 @@
{ config, lib, pkgs, ... }: {
{
config,
lib,
pkgs,
...
}:
{
options.my.dev.haskell.enable = lib.mkEnableOption "enable";
config = lib.mkIf config.my.dev.haskell.enable {
users.users.jawz.packages = with pkgs; [

21
modules/dev/javascript.nix
View File

@ -1,16 +1,27 @@
{ config, lib, pkgs, ... }: {
{
config,
lib,
pkgs,
...
}:
{
options.my.dev.javascript.enable = lib.mkEnableOption "enable";
config = lib.mkIf config.my.dev.javascript.enable {
home-manager.users.jawz.xdg.configFile = {
"npm/npmrc".source = ../../dotfiles/npm/npmrc;
"configstore/update-notifier-npm-check.json".source =
../../dotfiles/npm/update-notifier-npm-check.json;
"configstore/update-notifier-npm-check.json".source = ../../dotfiles/npm/update-notifier-npm-check.json;
};
users.users.jawz.packages = with pkgs; [ nodejs nodePackages.pnpm ];
users.users.jawz.packages = with pkgs; [
nodejs
nodePackages.pnpm
];
environment.variables = {
NPM_CONFIG_USERCONFIG = "\${XDG_CONFIG_HOME}/npm/npmrc";
PNPM_HOME = "\${XDG_DATA_HOME}/pnpm";
PATH = [ "\${XDG_DATA_HOME}/npm/bin" "\${XDG_DATA_HOME}/pnpm" ];
PATH = [
"\${XDG_DATA_HOME}/npm/bin"
"\${XDG_DATA_HOME}/pnpm"
];
};
};
}

8
modules/dev/nix.nix
View File

@ -1,4 +1,10 @@
{ config, lib, pkgs, ... }: {
{
config,
lib,
pkgs,
...
}:
{
options.my.dev.nix.enable = lib.mkEnableOption "enable";
config = lib.mkIf config.my.dev.nix.enable {
users.users.jawz.packages = with pkgs; [

18
modules/dev/python.nix
View File

@ -1,14 +1,19 @@
{ config, lib, pkgs, ... }: {
{
config,
lib,
pkgs,
...
}:
{
options.my.dev.python.enable = lib.mkEnableOption "enable";
config = lib.mkIf config.my.dev.python.enable {
home-manager.users.jawz.xdg.configFile."python/pythonrc".source =
../../dotfiles/pythonrc;
home-manager.users.jawz.xdg.configFile."python/pythonrc".source = ../../dotfiles/pythonrc;
environment.variables.PYTHONSTARTUP = "\${XDG_CONFIG_HOME}/python/pythonrc";
users.users.jawz.packages = with pkgs; [
pipenv # python development workflow for humans
nodePackages.pyright # LSP
(python3.withPackages (ps:
with ps; [
(python3.withPackages (
ps: with ps; [
black # Python code formatter
editorconfig # follow rules of contributin
flake8 # wraper for pyflakes, pycodestyle and mccabe
@ -19,7 +24,8 @@
# nose # testing and running python scripts
# poetry # dependency management made easy
# pytest # framework for writing tests
]))
]
))
];
};
}

8
modules/dev/sh.nix
View File

@ -1,4 +1,10 @@
{ config, lib, pkgs, ... }: {
{
config,
lib,
pkgs,
...
}:
{
options.my.dev.sh.enable = lib.mkEnableOption "enable";
config = lib.mkIf config.my.dev.sh.enable {
users.users.jawz.packages = with pkgs; [

56
modules/emacs.nix
View File

@ -1,4 +1,10 @@
{ config, lib, pkgs, ... }: {
{
config,
lib,
pkgs,
...
}:
{
options.my.emacs.enable = lib.mkEnableOption "enable";
config = lib.mkIf config.my.emacs.enable {
home-manager.users.jawz = {
@ -18,33 +24,35 @@
};
};
};
users.users.jawz.packages = (with pkgs; [
fd # modern find, faster searches
fzf # fuzzy finder! super cool and useful
ripgrep # modern grep
tree-sitter # code parsing based on symbols and shit, I do not get it
graphviz # graphs
tetex # export pdf
languagetool # proofreader for English
users.users.jawz.packages =
(with pkgs; [
fd # modern find, faster searches
fzf # fuzzy finder! super cool and useful
ripgrep # modern grep
tree-sitter # code parsing based on symbols and shit, I do not get it
graphviz # graphs
tetex # export pdf
languagetool # proofreader for English
# doom everywhere
xorg.xwininfo
xdotool
xclip
# doom everywhere
xorg.xwininfo
xdotool
xclip
# lsps
yaml-language-server
markdownlint-cli
]) ++ (with pkgs.nodePackages; [
vscode-json-languageserver
# linters
prettier
]);
# lsps
yaml-language-server
markdownlint-cli
])
++ (with pkgs.nodePackages; [
vscode-json-languageserver
# linters
prettier
]);
services.emacs = {
enable = true;
package = with pkgs;
((emacsPackagesFor emacs-gtk).emacsWithPackages
(epkgs: with epkgs; [ vterm ]));
package =
with pkgs;
((emacsPackagesFor emacs-gtk).emacsWithPackages (epkgs: with epkgs; [ vterm ]));
defaultEditor = true;
};
environment.variables.PATH = [ "\${XDG_CONFIG_HOME}/emacs/bin" ];

3
modules/scripts.nix
View File

@ -1,4 +1,5 @@
{ lib, ... }: {
{ lib, ... }:
{
imports = [
./scripts/download.nix
./scripts/ffmpeg4discord.nix

117
modules/scripts/base.nix
View File

@ -1,59 +1,80 @@
{ config, lib, pkgs, ... }: {
{
config,
lib,
pkgs,
...
}:
{
options.my.scripts = lib.mkOption {
type = lib.types.attrsOf (lib.types.submodule {
options = {
enable = lib.mkEnableOption "Whether to enable this script";
install = lib.mkEnableOption "Whether to install the script package";
service = lib.mkEnableOption "Whether to enable the script service";
name = lib.mkOption {
type = lib.types.str;
description = "Name of the script.";
type = lib.types.attrsOf (
lib.types.submodule {
options = {
enable = lib.mkEnableOption "Whether to enable this script";
install = lib.mkEnableOption "Whether to install the script package";
service = lib.mkEnableOption "Whether to enable the script service";
name = lib.mkOption {
type = lib.types.str;
description = "Name of the script.";
};
timer = lib.mkOption {
type = lib.types.str;
default = "*:0";
description = "Systemd timer schedule.";
};
description = lib.mkOption {
type = lib.types.str;
description = "Description of the service.";
};
package = lib.mkOption {
type = lib.types.package;
description = "Package containing the executable script.";
};
};
timer = lib.mkOption {
type = lib.types.str;
default = "*:0";
description = "Systemd timer schedule.";
};
description = lib.mkOption {
type = lib.types.str;
description = "Description of the service.";
};
package = lib.mkOption {
type = lib.types.package;
description = "Package containing the executable script.";
};
};
});
}
);
default = { };
description = "Configuration for multiple scripts.";
};
config = lib.mkIf (lib.any (s: s.enable) (lib.attrValues config.my.scripts)) {
users.users.jawz.packages = lib.flatten (lib.mapAttrsToList (_name: script:
lib.optional (script.enable && script.install) script.package)
config.my.scripts);
users.users.jawz.packages = lib.flatten (
lib.mapAttrsToList (
_name: script: lib.optional (script.enable && script.install) script.package
) config.my.scripts
);
systemd.user.services = lib.mapAttrs' (name: script:
lib.nameValuePair "${script.name}"
(lib.mkIf (script.enable && script.service) {
restartIfChanged = true;
inherit (script) description;
wantedBy = [ "default.target" ];
path = [ pkgs.nix script.package ];
serviceConfig = {
Restart = "on-failure";
RestartSec = 30;
ExecStart = "${script.package}/bin/${script.name}";
};
})) config.my.scripts;
systemd.user.services = lib.mapAttrs' (
name: script:
lib.nameValuePair "${script.name}" (
lib.mkIf (script.enable && script.service) {
restartIfChanged = true;
inherit (script) description;
wantedBy = [ "default.target" ];
path = [
pkgs.nix
script.package
];
serviceConfig = {
Restart = "on-failure";
RestartSec = 30;
ExecStart = "${script.package}/bin/${script.name}";
};
}
)
) config.my.scripts;
systemd.user.timers = lib.mapAttrs' (name: script:
lib.nameValuePair "${script.name}"
(lib.mkIf (script.enable && script.service) {
enable = true;
inherit (script) description;
wantedBy = [ "timers.target" ];
timerConfig = { OnCalendar = script.timer; };
})) config.my.scripts;
systemd.user.timers = lib.mapAttrs' (
name: script:
lib.nameValuePair "${script.name}" (
lib.mkIf (script.enable && script.service) {
enable = true;
inherit (script) description;
wantedBy = [ "timers.target" ];
timerConfig = {
OnCalendar = script.timer;
};
}
)
) config.my.scripts;
};
}

183
modules/scripts/download.nix
View File

@ -1,90 +1,113 @@
{ pkgs, lib, config, ... }: {
{
pkgs,
lib,
config,
...
}:
{
imports = [ ./base.nix ];
options.my.units.download.enable = lib.mkEnableOption "enable";
config = let
download = with pkgs;
python3Packages.buildPythonApplication {
pname = "download";
version = "2.5";
src = ../../scripts/download/.;
build-system = with python3Packages; [ setuptools ];
dependencies = with python3Packages; [ pyyaml types-pyyaml yt-dlp ];
propagatedBuildInputs = [ gallery-dl ffmpeg ];
};
in {
home-manager.users.jawz = {
xdg.configFile."gallery-dl/config.json".source =
../../dotfiles/gallery-dl/config.json;
services.lorri.enable = true;
programs.bash = {
shellAliases = {
dl = "download -u jawz -i";
comic = ''dl "$(cat "$LC" | fzf --multi --exact -i)"'';
gallery = ''dl "$(cat "$LW" | fzf --multi --exact -i)"'';
config =
let
download =
with pkgs;
python3Packages.buildPythonApplication {
pname = "download";
version = "2.5";
src = ../../scripts/download/.;
build-system = with python3Packages; [ setuptools ];
dependencies = with python3Packages; [
pyyaml
types-pyyaml
yt-dlp
];
propagatedBuildInputs = [
gallery-dl
ffmpeg
];
};
initExtra = ''
list_root=$XDG_CONFIG_HOME/jawz/lists/jawz
export LW=$list_root/watch.txt
export LI=$list_root/instant.txt
export LC=$list_root/comic.txt
'';
};
};
systemd.user = lib.mkIf config.my.units.download.enable {
services = let
mkDownloadService = desc: execStartCmd: {
restartIfChanged = true;
description = "Downloads ${desc}";
wantedBy = [ "default.target" ];
path = [ pkgs.bash download ];
serviceConfig = {
TimeoutStartSec = 2000;
TimeoutStopSec = 2000;
Restart = "on-failure";
RestartSec = 30;
ExecStart = "${download}/bin/download ${execStartCmd}";
in
{
home-manager.users.jawz = {
xdg.configFile."gallery-dl/config.json".source = ../../dotfiles/gallery-dl/config.json;
services.lorri.enable = true;
programs.bash = {
shellAliases = {
dl = "download -u jawz -i";
comic = ''dl "$(cat "$LC" | fzf --multi --exact -i)"'';
gallery = ''dl "$(cat "$LW" | fzf --multi --exact -i)"'';
};
initExtra = ''
list_root=$XDG_CONFIG_HOME/jawz/lists/jawz
export LW=$list_root/watch.txt
export LI=$list_root/instant.txt
export LC=$list_root/comic.txt
'';
};
in {
tuhmayto = mkDownloadService "tuhmayto stuff" ''
-u jawz -i https://x.com/tuhmayto/media \
https://www.furaffinity.net/user/tuhmayto/'';
"download@" = mkDownloadService "post from multiple sources" "%I";
"instagram@" = mkDownloadService "post types from instagram"
"instagram -u jawz -t %I";
};
timers = let
downloadTimer = time: delay: {
enable = true;
description = "Downloads post types from different sites";
wantedBy = [ "timers.target" ];
timerConfig = {
OnCalendar = time;
RandomizedDelaySec = delay;
Persistent = true;
systemd.user = lib.mkIf config.my.units.download.enable {
services =
let
mkDownloadService = desc: execStartCmd: {
restartIfChanged = true;
description = "Downloads ${desc}";
wantedBy = [ "default.target" ];
path = [
pkgs.bash
download
];
serviceConfig = {
TimeoutStartSec = 2000;
TimeoutStopSec = 2000;
Restart = "on-failure";
RestartSec = 30;
ExecStart = "${download}/bin/download ${execStartCmd}";
};
};
in
{
tuhmayto = mkDownloadService "tuhmayto stuff" ''
-u jawz -i https://x.com/tuhmayto/media \
https://www.furaffinity.net/user/tuhmayto/'';
"download@" = mkDownloadService "post from multiple sources" "%I";
"instagram@" = mkDownloadService "post types from instagram" "instagram -u jawz -t %I";
};
};
in {
"instagram@stories" = downloadTimer "*-*-* 08:12:00" 120 // { };
"download@main" = downloadTimer "*-*-* 06,18:02:00" 30 // { };
"download@push" = downloadTimer "*:0/5" 30 // { };
"download@manga" = downloadTimer "Fri *-*-* 03:08:00" 30 // { };
# "download@kemono" = downloadTimer
# "*-*-1,3,5,7,9,11,13,15,17,19,21,23,25,27,29,31 18:06:00" 60 // { };
tuhmayto = {
enable = true;
description = "Downloads tuhmayto stuff";
wantedBy = [ "timers.target" ];
timerConfig = { OnCalendar = "*:0/10"; };
};
timers =
let
downloadTimer = time: delay: {
enable = true;
description = "Downloads post types from different sites";
wantedBy = [ "timers.target" ];
timerConfig = {
OnCalendar = time;
RandomizedDelaySec = delay;
Persistent = true;
};
};
in
{
"instagram@stories" = downloadTimer "*-*-* 08:12:00" 120 // { };
"download@main" = downloadTimer "*-*-* 06,18:02:00" 30 // { };
"download@push" = downloadTimer "*:0/5" 30 // { };
"download@manga" = downloadTimer "Fri *-*-* 03:08:00" 30 // { };
# "download@kemono" = downloadTimer
# "*-*-1,3,5,7,9,11,13,15,17,19,21,23,25,27,29,31 18:06:00" 60 // { };
tuhmayto = {
enable = true;
description = "Downloads tuhmayto stuff";
wantedBy = [ "timers.target" ];
timerConfig = {
OnCalendar = "*:0/10";
};
};
};
};
my.scripts.download = {
enable = lib.mkDefault false;
install = true;
service = false;
name = "download";
package = download;
};
};
my.scripts.download = {
enable = lib.mkDefault false;
install = true;
service = false;
name = "download";
package = download;
};
};
}

6
modules/scripts/ffmpeg4discord.nix
View File

@ -1,11 +1,11 @@
{ pkgs, lib, ... }: {
{ pkgs, lib, ... }:
{
imports = [ ./base.nix ];
config.my.scripts.ffmpeg4discord = {
enable = lib.mkDefault false;
install = true;
service = false;
name = "ffmpeg4discord";
package = pkgs.writeScriptBin "ffmpeg4discord"
(builtins.readFile ../../scripts/ffmpeg4discord.py);
package = pkgs.writeScriptBin "ffmpeg4discord" (builtins.readFile ../../scripts/ffmpeg4discord.py);
};
}

6
modules/scripts/ffmpreg.nix
View File

@ -1,11 +1,11 @@
{ pkgs, lib, ... }: {
{ pkgs, lib, ... }:
{
imports = [ ./base.nix ];
config.my.scripts.ffmpreg = {
enable = lib.mkDefault false;
install = true;
service = false;
name = "ffmpreg";
package = pkgs.writeScriptBin "ffmpreg"
(builtins.readFile ../../scripts/ffmpreg.sh);
package = pkgs.writeScriptBin "ffmpreg" (builtins.readFile ../../scripts/ffmpreg.sh);
};
}

8
modules/scripts/find-dup-episode.nix
View File

@ -1,11 +1,13 @@
{ pkgs, lib, ... }: {
{ pkgs, lib, ... }:
{
imports = [ ./base.nix ];
config.my.scripts.find-dup-episodes = {
enable = lib.mkDefault false;
install = true;
service = false;
name = "find-dup-episodes";
package = pkgs.writeScriptBin "find-dup-episodes"
(builtins.readFile ../../scripts/find-dup-episodes.sh);
package = pkgs.writeScriptBin "find-dup-episodes" (
builtins.readFile ../../scripts/find-dup-episodes.sh
);
};
}

6
modules/scripts/manage-library.nix
View File

@ -1,4 +1,5 @@
{ pkgs, lib, ... }: {
{ pkgs, lib, ... }:
{
imports = [ ./base.nix ];
config.my.scripts.manage-library = {
enable = lib.mkDefault false;
@ -7,7 +8,6 @@
name = "manage-library";
timer = "00:30";
description = "scans the library directory and sorts files";
package = pkgs.writeScriptBin "manage-library"
(builtins.readFile ../../scripts/manage-library.sh);
package = pkgs.writeScriptBin "manage-library" (builtins.readFile ../../scripts/manage-library.sh);
};
}

6
modules/scripts/pika-list.nix
View File

@ -1,11 +1,11 @@
{ pkgs, lib, ... }: {
{ pkgs, lib, ... }:
{
imports = [ ./base.nix ];
config.my.scripts.pika-list = {
enable = lib.mkDefault false;
install = true;
service = false;
name = "pika-list";
package = pkgs.writeScriptBin "pika-list"
(builtins.readFile ../../scripts/pika-list.sh);
package = pkgs.writeScriptBin "pika-list" (builtins.readFile ../../scripts/pika-list.sh);
};
}

6
modules/scripts/run.nix
View File

@ -1,11 +1,11 @@
{ pkgs, lib, ... }: {
{ pkgs, lib, ... }:
{
imports = [ ./base.nix ];
config.my.scripts.run = {
enable = lib.mkDefault false;
install = true;
service = false;
name = "run";
package =
pkgs.writeScriptBin "run" (builtins.readFile ../../scripts/run.sh);
package = pkgs.writeScriptBin "run" (builtins.readFile ../../scripts/run.sh);
};
}

6
modules/scripts/split-dir.nix
View File

@ -1,11 +1,11 @@
{ pkgs, lib, ... }: {
{ pkgs, lib, ... }:
{
imports = [ ./base.nix ];
config.my.scripts.split-dir = {
enable = lib.mkDefault false;
install = true;
service = false;
name = "split-dir";
package = pkgs.writeScriptBin "split-dir"
(builtins.readFile ../../scripts/split-dir.sh);
package = pkgs.writeScriptBin "split-dir" (builtins.readFile ../../scripts/split-dir.sh);
};
}

90
modules/scripts/stream-dl.nix
View File

@ -1,47 +1,59 @@
{ pkgs, lib, config, ... }: {
{
pkgs,
lib,
config,
...
}:
{
imports = [ ./base.nix ];
options.my.units.stream-dl.enable = lib.mkEnableOption "enable";
config = let
stream-dl = pkgs.writeScriptBin "stream-dl"
(builtins.readFile ../../scripts/stream-dl.sh);
in {
systemd.user = lib.mkIf config.my.units.stream-dl.enable {
services."stream@" = {
description = "monitors a stream channel for online streams.";
restartIfChanged = true;
wantedBy = [ "default.target" ];
path = [ pkgs.nix stream-dl ];
serviceConfig = {
Restart = "on-failure";
RestartSec = 30;
ExecStart = "${stream-dl}/bin/stream-dl %I";
};
};
timers = let
streamTimer = {
enable = true;
config =
let
stream-dl = pkgs.writeScriptBin "stream-dl" (builtins.readFile ../../scripts/stream-dl.sh);
in
{
systemd.user = lib.mkIf config.my.units.stream-dl.enable {
services."stream@" = {
description = "monitors a stream channel for online streams.";
wantedBy = [ "timers.target" ];
timerConfig = {
OnBootSec = "5min";
OnUnitActiveSec = "65min";
RandomizedDelaySec = 30;
restartIfChanged = true;
wantedBy = [ "default.target" ];
path = [
pkgs.nix
stream-dl
];
serviceConfig = {
Restart = "on-failure";
RestartSec = 30;
ExecStart = "${stream-dl}/bin/stream-dl %I";
};
};
in {
"stream@johnneal911" = streamTimer // { };
"stream@uk2011boy" = streamTimer // { };
"stream@tommy9x6" = streamTimer // { };
"stream@brocollirob" = streamTimer // { };
"stream@tomayto\\x20picarto" = streamTimer // { };
timers =
let
streamTimer = {
enable = true;
description = "monitors a stream channel for online streams.";
wantedBy = [ "timers.target" ];
timerConfig = {
OnBootSec = "5min";
OnUnitActiveSec = "65min";
RandomizedDelaySec = 30;
};
};
in
{
"stream@johnneal911" = streamTimer // { };
"stream@uk2011boy" = streamTimer // { };
"stream@tommy9x6" = streamTimer // { };
"stream@brocollirob" = streamTimer // { };
"stream@tomayto\\x20picarto" = streamTimer // { };
};
};
my.scripts.stream-dl = {
enable = lib.mkDefault false;
install = true;
service = false;
name = "stream-dl";
package = stream-dl;
};
};
my.scripts.stream-dl = {
enable = lib.mkDefault false;
install = true;
service = false;
name = "stream-dl";
package = stream-dl;
};
};
}

6
modules/scripts/tasks.nix
View File

@ -1,4 +1,5 @@
{ pkgs, lib, ... }: {
{ pkgs, lib, ... }:
{
imports = [ ./base.nix ];
config.my.scripts.tasks = {
enable = lib.mkDefault false;
@ -7,7 +8,6 @@
name = "tasks";
timer = "*:0/10";
description = "Runs a bunch of organizing tasks on selected directories";
package =
pkgs.writeScriptBin "tasks" (builtins.readFile ../../scripts/tasks.sh);
package = pkgs.writeScriptBin "tasks" (builtins.readFile ../../scripts/tasks.sh);
};
}

31
modules/scripts/update-dns.nix
View File

@ -1,4 +1,10 @@
{ config, pkgs, lib, ... }: {
{
config,
pkgs,
lib,
...
}:
{
imports = [ ./base.nix ];
config = {
sops.secrets = {
@ -25,17 +31,18 @@
name = "update-dns";
timer = "*:0/30";
description = "Updates the IP of all my domains";
package = let
update-dns = pkgs.writeScriptBin "update-dns"
(builtins.readFile ../../scripts/update-dns.sh);
in pkgs.writeScriptBin "update-dns" ''
#!/usr/bin/env nix-shell
#! nix-shell -i bash -p bash curl
set -a
source ${config.sops.secrets.dns.path}
set -a
${update-dns}/bin/update-dns
'';
package =
let
update-dns = pkgs.writeScriptBin "update-dns" (builtins.readFile ../../scripts/update-dns.sh);
in
pkgs.writeScriptBin "update-dns" ''
#!/usr/bin/env nix-shell
#! nix-shell -i bash -p bash curl
set -a
source ${config.sops.secrets.dns.path}
set -a
${update-dns}/bin/update-dns
'';
};
};
}

120
modules/servers.nix
View File

@ -1,4 +1,9 @@
{ lib, config, pkgs, ... }:
{
lib,
config,
pkgs,
...
}:
let
setup = import ./servers/base.nix { inherit lib config; };
proxy = locations: {
@ -7,12 +12,11 @@ let
enableACME = true;
http2 = true;
};
proxyReverse = port:
proxy {
"/".proxyPass = "http://${config.my.localhost}:${toString port}/";
};
proxyReverseArr = port:
proxyReverse port // {
proxyReverse = port: proxy { "/".proxyPass = "http://${config.my.localhost}:${toString port}/"; };
proxyReverseArr =
port:
proxyReverse port
// {
extraConfig = ''
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
@ -35,17 +39,46 @@ let
config.my.servers.metube.enable
config.my.servers.go-vod.enable
];
in {
in
{
imports = [
./servers/adguardhome.nix
./servers/paperless.nix
./servers/postgres.nix
(import ./servers/audiobookshelf.nix { inherit lib config proxy setup; })
(import ./servers/audiobookshelf.nix {
inherit
lib
config
proxy
setup
;
})
(import ./servers/bazarr.nix { inherit lib config proxyReverse; })
(import ./servers/flame.nix { inherit lib config proxyReverse; })
(import ./servers/homepage.nix { inherit lib config pkgs proxyReverse; })
(import ./servers/jellyfin.nix { inherit lib config pkgs setup; })
(import ./servers/kavita.nix { inherit lib config pkgs proxyReverse; })
(import ./servers/homepage.nix {
inherit
lib
config
pkgs
proxyReverse
;
})
(import ./servers/jellyfin.nix {
inherit
lib
config
pkgs
setup
;
})
(import ./servers/kavita.nix {
inherit
lib
config
pkgs
proxyReverse
;
})
(import ./servers/lidarr.nix { inherit lib config proxyReverseArr; })
(import ./servers/maloja.nix { inherit lib config proxyReverse; })
(import ./servers/mealie.nix { inherit lib config proxyReverse; })
@ -54,14 +87,49 @@ in {
(import ./servers/multi-scrobbler.nix { inherit lib config proxyReverse; })
(import ./servers/nextcloud.nix { inherit lib config pkgs; })
(import ./servers/prowlarr.nix { inherit lib config proxyReverseArr; })
(import ./servers/qbittorrent.nix { inherit lib config pkgs proxyReverse; })
(import ./servers/sabnzbd.nix { inherit lib config pkgs proxyReverse; })
(import ./servers/qbittorrent.nix {
inherit
lib
config
pkgs
proxyReverse
;
})
(import ./servers/sabnzbd.nix {
inherit
lib
config
pkgs
proxyReverse
;
})
(import ./servers/radarr.nix { inherit lib config proxyReverseArr; })
(import ./servers/ryot.nix { inherit lib config proxyReverse; })
(import ./servers/shiori.nix { inherit lib config pkgs proxyReverse; })
(import ./servers/shiori.nix {
inherit
lib
config
pkgs
proxyReverse
;
})
(import ./servers/sonarr.nix { inherit lib config proxyReverse; })
(import ./servers/vaultwarden.nix { inherit lib config pkgs proxyReverse; })
(import ./servers/firefly-iii.nix { inherit lib config pkgs proxyReverse; })
(import ./servers/vaultwarden.nix {
inherit
lib
config
pkgs
proxyReverse
;
})
(import ./servers/firefly-iii.nix {
inherit
lib
config
pkgs
proxyReverse
;
})
];
options.my = {
localhost = lib.mkOption {
@ -173,11 +241,17 @@ in {
clientMaxBodySize = "4096m";
sslCiphers = "AES256+EECDH:AES256+EDH:!aNULL";
};
networking.firewall = let ports = [ 80 443 ];
in {
enable = true;
allowedTCPPorts = ports;
allowedUDPPorts = ports;
};
networking.firewall =
let
ports = [
80
443
];
in
{
enable = true;
allowedTCPPorts = ports;
allowedUDPPorts = ports;
};
};
}

3
modules/servers/adguardhome.nix
View File

@ -1,4 +1,5 @@
{ lib, config, ... }: {
{ lib, config, ... }:
{
options.my.servers.adguardhome.enable = lib.mkEnableOption "enable";
config = lib.mkIf config.my.servers.adguardhome.enable {
services.adguardhome = {

17
modules/servers/audiobookshelf.nix
View File

@ -1,8 +1,15 @@
{ lib, config, proxy, setup, ... }:
let cfg = config.my.servers.audiobookshelf;
in {
options.my.servers.audiobookshelf =
setup.mkOptions "audiobookshelf" "audiobooks" 5687;
{
lib,
config,
proxy,
setup,
...
}:
let
cfg = config.my.servers.audiobookshelf;
in
{
options.my.servers.audiobookshelf = setup.mkOptions "audiobookshelf" "audiobooks" 5687;
config = lib.mkIf config.my.servers.audiobookshelf.enable {
services = {
audiobookshelf = {

5
modules/servers/base.nix
View File

@ -24,4 +24,7 @@ let
default = "http://${config.my.localhost}:${toString port}";
};
};
in { inherit mkOptions; }
in
{
inherit mkOptions;
}

8
modules/servers/bazarr.nix
View File

@ -1,4 +1,10 @@
{ lib, config, proxyReverse, ... }: {
{
lib,
config,
proxyReverse,
...
}:
{
options.my.servers.bazarr.enable = lib.mkEnableOption "enable";
config = lib.mkIf config.my.servers.bazarr.enable {
services = {

40
modules/servers/firefly-iii.nix
View File

@ -1,26 +1,26 @@
{ lib, config, ... }: {
{ lib, config, ... }:
{
options.my.servers.firefly-iii.enable = lib.mkEnableOption "enable";
config = lib.mkIf (config.my.servers.firefly-iii.enable
&& config.my.servers.postgres.enable) {
sops.secrets.firefly-iii-keyfile = {
owner = config.users.users.firefly-iii.name;
inherit (config.users.users.firefly-iii) group;
config = lib.mkIf (config.my.servers.firefly-iii.enable && config.my.servers.postgres.enable) {
sops.secrets.firefly-iii-keyfile = {
owner = config.users.users.firefly-iii.name;
inherit (config.users.users.firefly-iii) group;
};
services = {
nginx.virtualHosts."${config.services.firefly-iii.virtualHost}" = {
forceSSL = true;
enableACME = true;
};
services = {
nginx.virtualHosts."${config.services.firefly-iii.virtualHost}" = {
forceSSL = true;
enableACME = true;
};
firefly-iii = {
enable = true;
virtualHost = "money.servidos.lat";
enableNginx = true;
settings = {
APP_KEY_FILE = config.sops.secrets.firefly-iii-keyfile.path;
DB_HOST = config.my.postgresSocket;
DB_CONNECTION = "pgsql";
};
firefly-iii = {
enable = true;
virtualHost = "money.servidos.lat";
enableNginx = true;
settings = {
APP_KEY_FILE = config.sops.secrets.firefly-iii-keyfile.path;
DB_HOST = config.my.postgresSocket;
DB_CONNECTION = "pgsql";
};
};
};
};
}

13
modules/servers/flame.nix
View File

@ -1,8 +1,14 @@
{ lib, config, proxyReverse, ... }:
{
lib,
config,
proxyReverse,
...
}:
let
port = 5005;
portSecret = 5007;
in {
in
{
options.my.servers = {
flame.enable = lib.mkEnableOption "enable";
flameSecret.enable = lib.mkEnableOption "enable";
@ -40,8 +46,7 @@ in {
};
services.nginx = {
virtualHosts."start.${config.my.domain}" = proxyReverse port // { };
virtualHosts."qampqwn4wprhqny8h8zj.${config.my.domain}" =
proxyReverse portSecret // { };
virtualHosts."qampqwn4wprhqny8h8zj.${config.my.domain}" = proxyReverse portSecret // { };
};
};
}

19
modules/servers/homepage.nix
View File

@ -1,8 +1,14 @@
{ lib, config, proxyReverse, ... }:
{
lib,
config,
proxyReverse,
...
}:
let
port = 8082;
services = import ./homepage/services.nix { inherit config lib; };
in {
in
{
options.my.servers.homepage.enable = lib.mkEnableOption "enable";
config = lib.mkIf config.my.servers.homepage.enable {
sops.secrets.homepage.sopsFile = ../../secrets/env.yaml;
@ -22,8 +28,7 @@ in {
columns = 4;
};
};
background =
"https://images.unsplash.com/photo-1502790671504-542ad42d5189?auto=format&fit=crop&w=2560&q=80";
background = "https://images.unsplash.com/photo-1502790671504-542ad42d5189?auto=format&fit=crop&w=2560&q=80";
};
widgets = [
{
@ -37,7 +42,11 @@ in {
}
{
search = {
provider = [ "brave" "bing" "google" ];
provider = [
"brave"
"bing"
"google"
];
target = "_blank";
showSearchSuggestions = true;
};

293
modules/servers/homepage/services.nix
View File

@ -1,4 +1,5 @@
{ config, lib, ... }: {
{ config, lib, ... }:
{
audiobookshelf = lib.mkIf config.my.servers.audiobookshelf.enable {
icon = "${config.my.servers.audiobookshelf.name}.png";
href = config.my.servers.audiobookshelf.url;
@ -8,149 +9,171 @@
key = "{{HOMEPAGE_VAR_AUDIOBOOKSHELF}}";
};
};
jellyfin = let
name = "jellyfin";
url = "https://flix.servidos.lat";
in {
icon = "${name}.png";
href = url;
widget = {
type = name;
url = url;
key = "{{HOMEPAGE_VAR_JELLYFIN}}";
enableUser = true;
enableBlocks = true;
enableNowPlaying = false;
jellyfin =
let
name = "jellyfin";
url = "https://flix.servidos.lat";
in
{
icon = "${name}.png";
href = url;
widget = {
type = name;
url = url;
key = "{{HOMEPAGE_VAR_JELLYFIN}}";
enableUser = true;
enableBlocks = true;
enableNowPlaying = false;
};
};
};
"now playing" = let
name = "jellyfin";
url = "https://flix.servidos.lat";
in {
icon = "${name}.png";
href = url;
widget = {
type = name;
url = url;
key = "{{HOMEPAGE_VAR_JELLYFIN}}";
enableUser = true;
enableBlocks = false;
enableNowPlaying = true;
showEpisodeNumber = true;
expandOneStreamToTwoRows = true;
"now playing" =
let
name = "jellyfin";
url = "https://flix.servidos.lat";
in
{
icon = "${name}.png";
href = url;
widget = {
type = name;
url = url;
key = "{{HOMEPAGE_VAR_JELLYFIN}}";
enableUser = true;
enableBlocks = false;
enableNowPlaying = true;
showEpisodeNumber = true;
expandOneStreamToTwoRows = true;
};
};
};
sonarr = let
name = "sonarr";
url = "https://series.servidos.lat";
in {
icon = "${name}.png";
href = url;
widget = {
type = name;
url = url;
key = "{{HOMEPAGE_VAR_SONARR}}";
enableQueue = true;
sonarr =
let
name = "sonarr";
url = "https://series.servidos.lat";
in
{
icon = "${name}.png";
href = url;
widget = {
type = name;
url = url;
key = "{{HOMEPAGE_VAR_SONARR}}";
enableQueue = true;
};
};
};
radarr = let
name = "radarr";
url = "https://movies.servidos.lat";
in {
icon = "${name}.png";
href = url;
widget = {
type = name;
url = url;
key = "{{HOMEPAGE_VAR_RADARR}}";
enableQueue = true;
radarr =
let
name = "radarr";
url = "https://movies.servidos.lat";
in
{
icon = "${name}.png";
href = url;
widget = {
type = name;
url = url;
key = "{{HOMEPAGE_VAR_RADARR}}";
enableQueue = true;
};
};
};
lidarr = let
name = "lidarr";
url = "https://music.servidos.lat";
in {
icon = "${name}.png";
href = url;
widget = {
type = name;
url = url;
key = "{{HOMEPAGE_VAR_LIDARR}}";
lidarr =
let
name = "lidarr";
url = "https://music.servidos.lat";
in
{
icon = "${name}.png";
href = url;
widget = {
type = name;
url = url;
key = "{{HOMEPAGE_VAR_LIDARR}}";
};
};
};
prowlarr = let
name = "prowlarr";
url = "https://indexer.servidos.lat";
in {
icon = "${name}.png";
href = url;
widget = {
type = name;
url = url;
key = "{{HOMEPAGE_VAR_PROWLARR}}";
prowlarr =
let
name = "prowlarr";
url = "https://indexer.servidos.lat";
in
{
icon = "${name}.png";
href = url;
widget = {
type = name;
url = url;
key = "{{HOMEPAGE_VAR_PROWLARR}}";
};
};
};
bazarr = let
name = "bazarr";
url = "https://subs.servidos.lat";
in {
icon = "${name}.png";
href = url;
widget = {
type = name;
url = url;
key = "{{HOMEPAGE_VAR_BAZARR}}";
bazarr =
let
name = "bazarr";
url = "https://subs.servidos.lat";
in
{
icon = "${name}.png";
href = url;
widget = {
type = name;
url = url;
key = "{{HOMEPAGE_VAR_BAZARR}}";
};
};
};
kavita = let
name = "kavita";
url = "https://library.servidos.lat";
in {
icon = "${name}.png";
href = url;
widget = {
type = name;
url = url;
username = "{{HOMEPAGE_VAR_KAVITA_USERNAME}}";
password = "{{HOMEPAGE_VAR_KAVITA_PASSWORD}}";
kavita =
let
name = "kavita";
url = "https://library.servidos.lat";
in
{
icon = "${name}.png";
href = url;
widget = {
type = name;
url = url;
username = "{{HOMEPAGE_VAR_KAVITA_USERNAME}}";
password = "{{HOMEPAGE_VAR_KAVITA_PASSWORD}}";
};
};
};
"qbittorrent server" = let
name = "qbittorrent";
url = "https://vnfx2cojmt7dwzcfmi73.servidos.lat";
in {
icon = "${name}.png";
href = url;
widget = {
type = name;
url = "http://192.168.1.69:9091";
username = "{{HOMEPAGE_VAR_QBIT_USERNAME}}";
password = "{{HOMEPAGE_VAR_QBIT_PASSWORD}}";
"qbittorrent server" =
let
name = "qbittorrent";
url = "https://vnfx2cojmt7dwzcfmi73.servidos.lat";
in
{
icon = "${name}.png";
href = url;
widget = {
type = name;
url = "http://192.168.1.69:9091";
username = "{{HOMEPAGE_VAR_QBIT_USERNAME}}";
password = "{{HOMEPAGE_VAR_QBIT_PASSWORD}}";
};
};
};
"qbittorrent miniserver" = let
name = "qbittorrent";
url = "https://xfwmrle6h6skqujbeizw.servidos.lat";
in {
icon = "${name}.png";
href = url;
widget = {
type = name;
url = "http://192.168.1.100:9091";
username = "{{HOMEPAGE_VAR_QBIT_USERNAME}}";
password = "{{HOMEPAGE_VAR_QBIT_PASSWORD}}";
"qbittorrent miniserver" =
let
name = "qbittorrent";
url = "https://xfwmrle6h6skqujbeizw.servidos.lat";
in
{
icon = "${name}.png";
href = url;
widget = {
type = name;
url = "http://192.168.1.100:9091";
username = "{{HOMEPAGE_VAR_QBIT_USERNAME}}";
password = "{{HOMEPAGE_VAR_QBIT_PASSWORD}}";
};
};
};
sabnzbd = let
name = "sabnzbd";
url = "https://HSoeJdGRd2Orj0n31UGI.servidos.lat";
in {
icon = "${name}.png";
href = url;
widget = {
type = name;
url = url;
key = "{{HOMEPAGE_VAR_SABNZBD}}";
sabnzbd =
let
name = "sabnzbd";
url = "https://HSoeJdGRd2Orj0n31UGI.servidos.lat";
in
{
icon = "${name}.png";
href = url;
widget = {
type = name;
url = url;
key = "{{HOMEPAGE_VAR_SABNZBD}}";
};
};
};
}

23
modules/servers/jellyfin.nix
View File

@ -1,8 +1,13 @@
{ lib, config, pkgs, setup, ... }:
{
lib,
config,
pkgs,
setup,
...
}:
let
cfg = config.my.servers.jellyfin;
sub-sync = pkgs.writeScriptBin "sub-sync"
(builtins.readFile ../../scripts/sub-sync.sh);
sub-sync = pkgs.writeScriptBin "sub-sync" (builtins.readFile ../../scripts/sub-sync.sh);
sub-sync-path = [
pkgs.nix
pkgs.bash
@ -14,11 +19,13 @@ let
pkgs.gum
sub-sync
];
in {
in
{
options.my.servers.jellyfin = setup.mkOptions "jellyfin" "flix" 8096;
config = lib.mkIf cfg.enable {
environment.systemPackages = [ pkgs.jellyfin-ffmpeg ]
++ (if cfg.enableCron then sub-sync-path else [ ]);
environment.systemPackages = [
pkgs.jellyfin-ffmpeg
] ++ (if cfg.enableCron then sub-sync-path else [ ]);
services = {
jellyfin = {
enable = true;
@ -131,7 +138,9 @@ in {
enable = true;
description = "syncronizes subtitles downloaded & modified today";
wantedBy = [ "timers.target" ];
timerConfig = { OnCalendar = "20:00"; };
timerConfig = {
OnCalendar = "20:00";
};
};
};
};

11
modules/servers/kavita.nix
View File

@ -1,4 +1,10 @@
{ lib, config, proxyReverse, ... }: {
{
lib,
config,
proxyReverse,
...
}:
{
options.my.servers.kavita.enable = lib.mkEnableOption "enable";
config = lib.mkIf config.my.servers.kavita.enable {
sops.secrets.kavita-token = {
@ -15,8 +21,7 @@
enable = true;
tokenKeyFile = config.sops.secrets.kavita-token.path;
};
nginx.virtualHosts."library.${config.my.domain}" =
proxyReverse config.services.kavita.port // { };
nginx.virtualHosts."library.${config.my.domain}" = proxyReverse config.services.kavita.port // { };
};
};
}

10
modules/servers/lidarr.nix
View File

@ -1,8 +1,14 @@
{ lib, config, proxyReverseArr, ... }:
{
lib,
config,
proxyReverseArr,
...
}:
let
port = 8686;
url = "music.${config.my.domain}";
in {
in
{
options.my.servers.lidarr.enable = lib.mkEnableOption "enable";
config = lib.mkIf config.my.servers.lidarr.enable {
virtualisation.oci-containers.containers.lidarr = {

10
modules/servers/maloja.nix
View File

@ -1,8 +1,14 @@
{ lib, config, proxyReverse, ... }:
{
lib,
config,
proxyReverse,
...
}:
let
port = 42010;
url = "maloja.${config.my.domain}";
in {
in
{
options.my.servers.maloja.enable = lib.mkEnableOption "enable";
config = lib.mkIf config.my.servers.maloja.enable {
sops.secrets.maloja.sopsFile = ../../secrets/env.yaml;

10
modules/servers/mealie.nix
View File

@ -1,9 +1,15 @@
{ lib, config, proxyReverse, ... }:
{
lib,
config,
proxyReverse,
...
}:
let
port = 9925;
domain = "mealie.${config.my.domain}";
url = "https://${domain}";
in {
in
{
options.my.servers.mealie.enable = lib.mkEnableOption "enable";
config = lib.mkIf config.my.servers.mealie.enable {
sops.secrets.mealie.sopsFile = ../../secrets/env.yaml;

16
modules/servers/metube.nix
View File

@ -1,6 +1,13 @@
{ lib, config, proxyReverse, ... }:
let port = 8881;
in {
{
lib,
config,
proxyReverse,
...
}:
let
port = 8881;
in
{
options.my.servers.metube.enable = lib.mkEnableOption "enable";
config = lib.mkIf config.my.servers.metube.enable {
virtualisation.oci-containers.containers.metube = {
@ -15,7 +22,6 @@ in {
YTDL_OPTIONS = ''{"cookiefile":"/cookies.txt"}'';
};
};
services.nginx.virtualHosts."bajameesta.${config.my.domain}" =
proxyReverse port // { };
services.nginx.virtualHosts."bajameesta.${config.my.domain}" = proxyReverse port // { };
};
}

8
modules/servers/microbin.nix
View File

@ -1,4 +1,10 @@
{ lib, config, proxyReverse, ... }: {
{
lib,
config,
proxyReverse,
...
}:
{
options.my.servers.microbin = {
enable = lib.mkEnableOption "enable";
enableCron = lib.mkEnableOption "enable";

13
modules/servers/multi-scrobbler.nix
View File

@ -1,9 +1,15 @@
{ lib, config, proxyReverse, ... }:
{
lib,
config,
proxyReverse,
...
}:
let
port = 9078;
domain = "scrobble.${config.my.domain}";
url = "https://${domain}";
in {
in
{
options.my.servers.multi-scrobbler.enable = lib.mkEnableOption "enable";
config = lib.mkIf config.my.servers.multi-scrobbler.enable {
sops.secrets.multi-scrobbler.sopsFile = ../../secrets/env.yaml;
@ -16,8 +22,7 @@ in {
PUID = "1000";
PGID = "100";
BASE_URL = url;
DEEZER_REDIRECT_URI =
"http://${config.my.miniserver-ip}:${toString port}/deezer/callback";
DEEZER_REDIRECT_URI = "http://${config.my.miniserver-ip}:${toString port}/deezer/callback";
MALOJA_URL = "http://maloja:42010";
WS_ENABLE = "true";
};

416
modules/servers/nextcloud.nix
View File

@ -1,4 +1,9 @@
{ lib, config, pkgs, ... }:
{
lib,
config,
pkgs,
...
}:
let
inherit (config.my) localhost;
collaboraPort = 9980;
@ -13,7 +18,8 @@ let
proxy_set_header Host $host;
proxy_read_timeout 36000s;
'';
in {
in
{
options.my.servers = {
nextcloud = {
enable = lib.mkEnableOption "enable";
@ -22,224 +28,236 @@ in {
collabora.enable = lib.mkEnableOption "enable";
go-vod.enable = lib.mkEnableOption "enable";
};
config = lib.mkIf
(config.my.servers.nextcloud.enable && config.my.servers.postgres.enable) {
sops.secrets = {
smtp-password = { };
nextcloud-adminpass = {
owner = config.users.users.nextcloud.name;
inherit (config.users.users.nextcloud) group;
};
config = lib.mkIf (config.my.servers.nextcloud.enable && config.my.servers.postgres.enable) {
sops.secrets = {
smtp-password = { };
nextcloud-adminpass = {
owner = config.users.users.nextcloud.name;
inherit (config.users.users.nextcloud) group;
};
nixpkgs.config.permittedInsecurePackages =
[ "nodejs-14.21.3" "openssl-1.1.1v" ];
users.users.nextcloud = {
isSystemUser = true;
extraGroups = [ "render" ];
packages = with pkgs; [
mediainfo
nodejs
perl
(python3.withPackages (ps: with ps; [ tensorflow ]))
(perlPackages.buildPerlPackage rec {
pname = "Image-ExifTool";
version = "12.70";
src = fetchurl {
url = "https://exiftool.org/Image-ExifTool-${version}.tar.gz";
hash = "sha256-TLJSJEXMPj870TkExq6uraX8Wl4kmNerrSlX3LQsr/4=";
};
})
];
};
nixpkgs.config.permittedInsecurePackages = [
"nodejs-14.21.3"
"openssl-1.1.1v"
];
users.users.nextcloud = {
isSystemUser = true;
extraGroups = [ "render" ];
packages = with pkgs; [
mediainfo
nodejs
perl
(python3.withPackages (ps: with ps; [ tensorflow ]))
(perlPackages.buildPerlPackage rec {
pname = "Image-ExifTool";
version = "12.70";
src = fetchurl {
url = "https://exiftool.org/Image-ExifTool-${version}.tar.gz";
hash = "sha256-TLJSJEXMPj870TkExq6uraX8Wl4kmNerrSlX3LQsr/4=";
};
})
];
};
programs.msmtp = {
enable = true;
accounts.default = {
auth = true;
host = "smtp.gmail.com";
port = 587;
tls = true;
from = config.my.smtpemail;
user = config.my.smtpemail;
passwordeval = "cat ${config.sops.secrets.smtp-password.path}";
};
programs.msmtp = {
};
services = {
nextcloud = {
enable = true;
accounts.default = {
auth = true;
host = "smtp.gmail.com";
port = 587;
tls = true;
from = config.my.smtpemail;
user = config.my.smtpemail;
passwordeval = "cat ${config.sops.secrets.smtp-password.path}";
https = true;
package = pkgs.nextcloud29;
appstoreEnable = true;
configureRedis = true;
extraAppsEnable = true;
enableImagemagick = true;
maxUploadSize = "16G";
hostName = url;
extraApps = {
inherit (config.services.nextcloud.package.packages.apps) calendar;
};
};
services = {
nextcloud = {
enable = true;
https = true;
package = pkgs.nextcloud29;
appstoreEnable = true;
configureRedis = true;
extraAppsEnable = true;
enableImagemagick = true;
maxUploadSize = "16G";
hostName = url;
extraApps = {
inherit (config.services.nextcloud.package.packages.apps) calendar;
};
config = {
adminpassFile = config.sops.secrets.nextcloud-adminpass.path;
dbtype = "pgsql";
dbhost = config.my.postgresSocket;
dbtableprefix = "oc_";
dbname = "nextcloud";
};
phpOptions = {
catch_workers_output = "yes";
display_errors = "stderr";
error_reporting = "E_ALL & ~E_DEPRECATED & ~E_STRICT";
expose_php = "Off";
"opcache.enable_cli" = "1";
"opcache.fast_shutdown" = "1";
"opcache.interned_strings_buffer" = "16";
"opcache.jit" = "1255";
"opcache.jit_buffer_size" = "256M";
"opcache.max_accelerated_files" = "10000";
"opcache.huge_code_pages" = "1";
"opcache.enable_file_override" = "1";
"opcache.memory_consumption" = "128";
"opcache.revalidate_freq" = "60";
"opcache.save_comments" = "1";
"opcache.validate_timestamps" = "0";
"openssl.cafile" = "/etc/ssl/certs/ca-certificates.crt";
preview_max_x = 512;
preview_max_y = 512;
short_open_tag = "Off";
};
settings = {
log_type = "file";
log_level = 3;
trusted_proxies = [ "192.168.1.100" ];
trusted_domains = [ "cloud.rotehaare.art" "danilo-reyes.com" ];
forwarded_for_headers = [ "HTTP_X_FORWARDED_FOR" ];
overwrite_protocol = "https";
default_phone_region = "MX";
allow_local_remote_servers = true;
mail_smtpmode = "sendmail";
mail_sendmailmode = "pipe";
"memories.exiftool" =
"/etc/profiles/per-user/nextcloud/bin/exiftool";
enabledPreviewProviders = [
"OC\\Preview\\Image"
"OC\\Preview\\HEIC"
"OC\\Preview\\TIFF"
"OC\\Preview\\MKV"
"OC\\Preview\\MP4"
"OC\\Preview\\AVI"
"OC\\Preview\\Movie"
];
};
# phpExtraExtensions = all: [ all.pdlib all.bz2 ];
phpExtraExtensions = all: [ ];
config = {
adminpassFile = config.sops.secrets.nextcloud-adminpass.path;
dbtype = "pgsql";
dbhost = config.my.postgresSocket;
dbtableprefix = "oc_";
dbname = "nextcloud";
};
nginx.virtualHosts = {
${config.services.nextcloud.hostName} = {
forceSSL = true;
enableACME = true;
http2 = true;
serverAliases = [ "cloud.rotehaare.art" ];
locations = {
"/".proxyWebsockets = true;
"~ ^/nextcloud/(?:index|remote|public|cron|core/ajax/update|status|ocs/v[12]|updater/.+|oc[ms]-provider/.+|.+/richdocumentscode/proxy).php(?:$|/)" =
{ };
};
};
"collabora.${config.my.domain}" =
lib.mkIf config.my.servers.collabora.enable {
forceSSL = true;
enableACME = true;
http2 = true;
locations = {
# static files
"^~ /loleaflet" = {
proxyPass = collaboraProxy;
extraConfig = commonProxyConfig;
};
# WOPI discovery URL
"^~ /hosting/discovery" = {
proxyPass = collaboraProxy;
extraConfig = commonProxyConfig;
};
# Capabilities
"^~ /hosting/capabilities" = {
proxyPass = collaboraProxy;
extraConfig = commonProxyConfig;
};
# download, presentation, image upload and websocket
"~ ^/lool" = {
proxyPass = collaboraProxy;
extraConfig = commonWebsocketConfig;
};
# Admin Console websocket
"^~ /lool/adminws" = {
proxyPass = collaboraProxy;
extraConfig = commonWebsocketConfig;
};
};
};
phpOptions = {
catch_workers_output = "yes";
display_errors = "stderr";
error_reporting = "E_ALL & ~E_DEPRECATED & ~E_STRICT";
expose_php = "Off";
"opcache.enable_cli" = "1";
"opcache.fast_shutdown" = "1";
"opcache.interned_strings_buffer" = "16";
"opcache.jit" = "1255";
"opcache.jit_buffer_size" = "256M";
"opcache.max_accelerated_files" = "10000";
"opcache.huge_code_pages" = "1";
"opcache.enable_file_override" = "1";
"opcache.memory_consumption" = "128";
"opcache.revalidate_freq" = "60";
"opcache.save_comments" = "1";
"opcache.validate_timestamps" = "0";
"openssl.cafile" = "/etc/ssl/certs/ca-certificates.crt";
preview_max_x = 512;
preview_max_y = 512;
short_open_tag = "Off";
};
};
virtualisation.oci-containers.containers = {
go-vod = lib.mkIf config.my.servers.go-vod.enable {
autoStart = true;
image = "radialapps/go-vod";
environment = {
TZ = "America/Mexico_City";
NEXTCLOUD_HOST = "https://${config.services.nextcloud.hostName}";
NVIDIA_VISIBLE_DEVICES = "all";
};
volumes = [ "ncdata:/var/www/html:ro" ];
extraOptions = [
"--device=/dev/dri" # VA-API (omit for NVENC)
settings = {
log_type = "file";
log_level = 3;
trusted_proxies = [ "192.168.1.100" ];
trusted_domains = [
"cloud.rotehaare.art"
"danilo-reyes.com"
];
forwarded_for_headers = [ "HTTP_X_FORWARDED_FOR" ];
overwrite_protocol = "https";
default_phone_region = "MX";
allow_local_remote_servers = true;
mail_smtpmode = "sendmail";
mail_sendmailmode = "pipe";
"memories.exiftool" = "/etc/profiles/per-user/nextcloud/bin/exiftool";
enabledPreviewProviders = [
"OC\\Preview\\Image"
"OC\\Preview\\HEIC"
"OC\\Preview\\TIFF"
"OC\\Preview\\MKV"
"OC\\Preview\\MP4"
"OC\\Preview\\AVI"
"OC\\Preview\\Movie"
];
};
collabora = lib.mkIf config.my.servers.collabora.enable {
autoStart = true;
image = "collabora/code";
imageFile = pkgs.dockerTools.pullImage {
imageName = "collabora/code";
imageDigest =
"sha256:aab41379baf5652832e9237fcc06a768096a5a7fccc66cf8bd4fdb06d2cbba7f";
sha256 = "sha256-M66lynhzaOEFnE15Sy1N6lBbGDxwNw6ap+IUJAvoCLs=";
# phpExtraExtensions = all: [ all.pdlib all.bz2 ];
phpExtraExtensions = all: [ ];
};
nginx.virtualHosts = {
${config.services.nextcloud.hostName} = {
forceSSL = true;
enableACME = true;
http2 = true;
serverAliases = [ "cloud.rotehaare.art" ];
locations = {
"/".proxyWebsockets = true;
"~ ^/nextcloud/(?:index|remote|public|cron|core/ajax/update|status|ocs/v[12]|updater/.+|oc[ms]-provider/.+|.+/richdocumentscode/proxy).php(?:$|/)" =
{ };
};
ports = [ "9980:9980" ];
environment = {
TZ = "America/Mexico_City";
domain = "cloud.servidos.lat";
aliasgroup1 = "cloud.servidos.lat:443";
aliasgroup2 = "cloud.rotehaare.art:443";
dictionaries = "en_CA en_US es_MX es_ES fr_FR it pt_BR ru";
extra_params = ''
--o:ssl.enable=false
--o:ssl.termination=true
'';
};
"collabora.${config.my.domain}" = lib.mkIf config.my.servers.collabora.enable {
forceSSL = true;
enableACME = true;
http2 = true;
locations = {
# static files
"^~ /loleaflet" = {
proxyPass = collaboraProxy;
extraConfig = commonProxyConfig;
};
# WOPI discovery URL
"^~ /hosting/discovery" = {
proxyPass = collaboraProxy;
extraConfig = commonProxyConfig;
};
# Capabilities
"^~ /hosting/capabilities" = {
proxyPass = collaboraProxy;
extraConfig = commonProxyConfig;
};
# download, presentation, image upload and websocket
"~ ^/lool" = {
proxyPass = collaboraProxy;
extraConfig = commonWebsocketConfig;
};
# Admin Console websocket
"^~ /lool/adminws" = {
proxyPass = collaboraProxy;
extraConfig = commonWebsocketConfig;
};
};
extraOptions = [ "--cap-add" "MKNOD" ];
};
};
systemd = lib.mkIf config.my.servers.nextcloud.enableCron {
services = {
nextcloud-cron.path = [ pkgs.perl ];
nextcloud-cronjob = let
nextcloud-cronjob = pkgs.writeScriptBin "nextcloud-cronjob"
(builtins.readFile ../../scripts/nextcloud-cronjob.sh);
in {
};
virtualisation.oci-containers.containers = {
go-vod = lib.mkIf config.my.servers.go-vod.enable {
autoStart = true;
image = "radialapps/go-vod";
environment = {
TZ = "America/Mexico_City";
NEXTCLOUD_HOST = "https://${config.services.nextcloud.hostName}";
NVIDIA_VISIBLE_DEVICES = "all";
};
volumes = [ "ncdata:/var/www/html:ro" ];
extraOptions = [
"--device=/dev/dri" # VA-API (omit for NVENC)
];
};
collabora = lib.mkIf config.my.servers.collabora.enable {
autoStart = true;
image = "collabora/code";
imageFile = pkgs.dockerTools.pullImage {
imageName = "collabora/code";
imageDigest = "sha256:aab41379baf5652832e9237fcc06a768096a5a7fccc66cf8bd4fdb06d2cbba7f";
sha256 = "sha256-M66lynhzaOEFnE15Sy1N6lBbGDxwNw6ap+IUJAvoCLs=";
};
ports = [ "9980:9980" ];
environment = {
TZ = "America/Mexico_City";
domain = "cloud.servidos.lat";
aliasgroup1 = "cloud.servidos.lat:443";
aliasgroup2 = "cloud.rotehaare.art:443";
dictionaries = "en_CA en_US es_MX es_ES fr_FR it pt_BR ru";
extra_params = ''
--o:ssl.enable=false
--o:ssl.termination=true
'';
};
extraOptions = [
"--cap-add"
"MKNOD"
];
};
};
systemd = lib.mkIf config.my.servers.nextcloud.enableCron {
services = {
nextcloud-cron.path = [ pkgs.perl ];
nextcloud-cronjob =
let
nextcloud-cronjob = pkgs.writeScriptBin "nextcloud-cronjob" (
builtins.readFile ../../scripts/nextcloud-cronjob.sh
);
in
{
description = "Runs various nextcloud-related cronjobs";
wantedBy = [ "multi-user.target" ];
path = [ pkgs.bash nextcloud-cronjob ];
path = [
pkgs.bash
nextcloud-cronjob
];
serviceConfig = {
Restart = "on-failure";
RestartSec = 30;
ExecStart = "${nextcloud-cronjob}/bin/nextcloud-cronjob";
};
};
};
timers.nextcloud-cronjob = {
enable = true;
description = "Runs various nextcloud-related cronjobs";
wantedBy = [ "timers.target" ];
timerConfig = { OnCalendar = "*:0/10"; };
};
timers.nextcloud-cronjob = {
enable = true;
description = "Runs various nextcloud-related cronjobs";
wantedBy = [ "timers.target" ];
timerConfig = {
OnCalendar = "*:0/10";
};
};
};
};
}

50
modules/servers/paperless.nix
View File

@ -1,29 +1,31 @@
{ lib, config, ... }: {
{ lib, config, ... }:
{
options.my.servers.paperless.enable = lib.mkEnableOption "enable";
config = lib.mkIf
(config.my.servers.paperless.enable && config.my.servers.postgres.enable) {
services.paperless = {
enable = true;
address = "0.0.0.0";
consumptionDirIsPublic = true;
consumptionDir = "/mnt/pool/scans/";
settings = {
PAPERLESS_DBENGINE = "postgress";
PAPERLESS_DBNAME = "paperless";
PAPERLESS_DBHOST = config.my.postgresSocket;
PAPERLESS_CONSUMER_IGNORE_PATTERN =
builtins.toJSON [ ".DS_STORE/*" "desktop.ini" ];
PAPERLESS_TIME_ZONE = "America/Mexico_City";
PAPERLESS_OCR_USER_ARGS = builtins.toJSON {
optimize = 1;
pdfa_image_compression = "lossless";
};
config = lib.mkIf (config.my.servers.paperless.enable && config.my.servers.postgres.enable) {
services.paperless = {
enable = true;
address = "0.0.0.0";
consumptionDirIsPublic = true;
consumptionDir = "/mnt/pool/scans/";
settings = {
PAPERLESS_DBENGINE = "postgress";
PAPERLESS_DBNAME = "paperless";
PAPERLESS_DBHOST = config.my.postgresSocket;
PAPERLESS_CONSUMER_IGNORE_PATTERN = builtins.toJSON [
".DS_STORE/*"
"desktop.ini"
];
PAPERLESS_TIME_ZONE = "America/Mexico_City";
PAPERLESS_OCR_USER_ARGS = builtins.toJSON {
optimize = 1;
pdfa_image_compression = "lossless";
};
};
networking.firewall = {
enable = true;
allowedTCPPorts = [ config.services.paperless.port ];
allowedUDPPorts = [ config.services.paperless.port ];
};
};
networking.firewall = {
enable = true;
allowedTCPPorts = [ config.services.paperless.port ];
allowedUDPPorts = [ config.services.paperless.port ];
};
};
}

16
modules/servers/postgres.nix
View File

@ -1,8 +1,15 @@
{ config, lib, pkgs, ... }:
{
config,
lib,
pkgs,
...
}:
let
upgrade-pg-cluster =
let newPostgres = pkgs.postgresql_16.withPackages (_pp: [ ]);
in pkgs.writeScriptBin "upgrade-pg-cluster" ''
let
newPostgres = pkgs.postgresql_16.withPackages (_pp: [ ]);
in
pkgs.writeScriptBin "upgrade-pg-cluster" ''
set -eux
systemctl stop postgresql
export NEWDATA="/var/lib/postgresql/${newPostgres.psqlSchema}"
@ -26,7 +33,8 @@ let
"shiori"
"firefly-iii"
];
in {
in
{
options.my.servers.postgres.enable = lib.mkEnableOption "enable";
config = lib.mkIf config.my.servers.postgres.enable {
environment.systemPackages = [ upgrade-pg-cluster ];

11
modules/servers/prowlarr.nix
View File

@ -1,4 +1,10 @@
{ lib, config, proxyReverseArr, ... }: {
{
lib,
config,
proxyReverseArr,
...
}:
{
options.my.servers.prowlarr.enable = lib.mkEnableOption "enable";
config = lib.mkIf config.my.servers.prowlarr.enable {
users.users.prowlarr = {
@ -7,8 +13,7 @@
};
services = {
prowlarr.enable = true;
nginx.virtualHosts."indexer.${config.my.domain}" = proxyReverseArr 9696
// { };
nginx.virtualHosts."indexer.${config.my.domain}" = proxyReverseArr 9696 // { };
};
virtualisation.oci-containers.containers.flaresolverr = {
autoStart = true;

56
modules/servers/qbittorrent.nix
View File

@ -1,7 +1,18 @@
{ lib, config, pkgs, proxyReverse, ... }:
{
lib,
config,
pkgs,
proxyReverse,
...
}:
let
port = 9091;
ports = [ port 51411 51412 51413 ];
ports = [
port
51411
51412
51413
];
bencodepy = pkgs.python3Packages.buildPythonPackage {
pname = "bencodepy";
version = "0.9.5";
@ -15,7 +26,8 @@ let
};
build-system = with pkgs.python3Packages; [ setuptools ];
};
qbit_manage_env = pkgs.python3.withPackages (ps:
qbit_manage_env = pkgs.python3.withPackages (
ps:
[
ps.croniter
ps.gitpython
@ -26,17 +38,19 @@ let
ps.retrying
ps.ruamel-yaml
ps.schedule
] ++ [ bencodepy ]);
in {
]
++ [ bencodepy ]
);
in
{
options.my.servers = {
qbittorrent.enable = lib.mkEnableOption "enable";
unpackerr.enable = lib.mkEnableOption "enable";
};
config = lib.mkIf config.my.servers.qbittorrent.enable {
home-manager.users.jawz.xdg.configFile."unpackerr.conf" =
lib.mkIf config.my.servers.unpackerr.enable {
source = ../../dotfiles/unpackerr.conf;
};
lib.mkIf config.my.servers.unpackerr.enable
{ source = ../../dotfiles/unpackerr.conf; };
systemd = {
packages = [ pkgs.qbittorrent-nox ];
services = {
@ -52,13 +66,15 @@ in {
restartIfChanged = true;
description = "Tidy up my torrents";
wantedBy = [ "default.target" ];
serviceConfig = let env = "/home/jawz/Development/Git/qbit_manage";
in {
Restart = "on-failure";
RestartSec = 30;
ExecStart =
"${qbit_manage_env}/bin/python ${env}/qbit_manage.py -r -c ${env}/config.yml";
};
serviceConfig =
let
env = "/home/jawz/Development/Git/qbit_manage";
in
{
Restart = "on-failure";
RestartSec = 30;
ExecStart = "${qbit_manage_env}/bin/python ${env}/qbit_manage.py -r -c ${env}/config.yml";
};
};
unpackerr = lib.mkIf config.my.servers.unpackerr.enable {
enable = true;
@ -68,8 +84,7 @@ in {
serviceConfig = {
Restart = "on-failure";
RestartSec = 30;
ExecStart =
"${pkgs.unpackerr}/bin/unpackerr -c /home/jawz/.config/unpackerr.conf";
ExecStart = "${pkgs.unpackerr}/bin/unpackerr -c /home/jawz/.config/unpackerr.conf";
};
};
};
@ -77,12 +92,13 @@ in {
enable = true;
description = "Tidy up my torrents";
wantedBy = [ "timers.target" ];
timerConfig = { OnCalendar = "*:0/10"; };
timerConfig = {
OnCalendar = "*:0/10";
};
};
};
};
services.nginx.virtualHosts."xfwmrle6h6skqujbeizw.${config.my.domain}" =
proxyReverse port // { };
services.nginx.virtualHosts."xfwmrle6h6skqujbeizw.${config.my.domain}" = proxyReverse port // { };
networking.firewall = {
allowedTCPPorts = ports;
allowedUDPPorts = ports;

11
modules/servers/radarr.nix
View File

@ -1,4 +1,10 @@
{ lib, config, proxyReverseArr, ... }: {
{
lib,
config,
proxyReverseArr,
...
}:
{
options.my.servers.radarr.enable = lib.mkEnableOption "enable";
config = lib.mkIf config.my.servers.radarr.enable {
services = {
@ -6,8 +12,7 @@
enable = true;
group = "piracy";
};
nginx.virtualHosts."movies.${config.my.domain}" = proxyReverseArr 7878
// { };
nginx.virtualHosts."movies.${config.my.domain}" = proxyReverseArr 7878 // { };
};
};
}

52
modules/servers/ryot.nix
View File

@ -1,31 +1,35 @@
{ lib, config, proxyReverse, ... }:
{
lib,
config,
proxyReverse,
...
}:
let
port = 8765;
url = "tracker.${config.my.domain}";
in {
in
{
options.my.servers.ryot.enable = lib.mkEnableOption "enable";
config = lib.mkIf
(config.my.servers.ryot.enable && config.my.servers.postgres.enable) {
sops.secrets.ryot.sopsFile = ../../secrets/env.yaml;
virtualisation.oci-containers.containers.ryot = {
image = "ghcr.io/ignisda/ryot:v7.0.0";
ports = [ "${toString port}:8000" ];
environmentFiles = [ config.sops.secrets.ryot.path ];
environment = {
RUST_LOG = "ryot=debug,sea_orm=debug";
TZ = "America/Mexico_City";
DATABASE_URL = "postgres:///ryot?host=${config.my.postgresSocket}";
FRONTEND_INSECURE_COOKIES = "true";
};
volumes = [ "${config.my.postgresSocket}:${config.my.postgresSocket}" ];
labels = {
"flame.type" = "application";
"flame.name" = "Ryot";
"flame.url" = url;
"flame.icon" = "radar";
};
config = lib.mkIf (config.my.servers.ryot.enable && config.my.servers.postgres.enable) {
sops.secrets.ryot.sopsFile = ../../secrets/env.yaml;
virtualisation.oci-containers.containers.ryot = {
image = "ghcr.io/ignisda/ryot:v7.0.0";
ports = [ "${toString port}:8000" ];
environmentFiles = [ config.sops.secrets.ryot.path ];
environment = {
RUST_LOG = "ryot=debug,sea_orm=debug";
TZ = "America/Mexico_City";
DATABASE_URL = "postgres:///ryot?host=${config.my.postgresSocket}";
FRONTEND_INSECURE_COOKIES = "true";
};
volumes = [ "${config.my.postgresSocket}:${config.my.postgresSocket}" ];
labels = {
"flame.type" = "application";
"flame.name" = "Ryot";
"flame.url" = url;
"flame.icon" = "radar";
};
services.nginx.virtualHosts."tracker.${config.my.domain}" =
proxyReverse port // { };
};
services.nginx.virtualHosts."tracker.${config.my.domain}" = proxyReverse port // { };
};
}

11
modules/servers/sabnzbd.nix
View File

@ -1,4 +1,10 @@
{ lib, config, proxyReverse, ... }: {
{
lib,
config,
proxyReverse,
...
}:
{
options.my.servers.sabnzbd.enable = lib.mkEnableOption "enable";
config = lib.mkIf config.my.servers.sabnzbd.enable {
services = {
@ -7,8 +13,7 @@
group = "piracy";
openFirewall = true;
};
nginx.virtualHosts."HSoeJdGRd2Orj0n31UGI.${config.my.domain}" =
proxyReverse 3399 // { };
nginx.virtualHosts."HSoeJdGRd2Orj0n31UGI.${config.my.domain}" = proxyReverse 3399 // { };
};
};
}

34
modules/servers/shiori.nix
View File

@ -1,20 +1,26 @@
{ lib, config, pkgs, proxyReverse, ... }: {
{
lib,
config,
pkgs,
proxyReverse,
...
}:
{
disabledModules = [ "services/web-apps/shiori.nix" ];
imports = [ ../../pkgs/shiori/shiori-service.nix ];
options.my.servers.shiori.enable = lib.mkEnableOption "enable";
config = lib.mkIf
(config.my.servers.shiori.enable && config.my.servers.postgres.enable) {
sops.secrets.shiori.sopsFile = ../../secrets/env.yaml;
services = {
shiori = {
enable = true;
port = 4368;
package = pkgs.callPackage ../../pkgs/shiori/shiori.nix { };
environmentFile = config.sops.secrets.shiori.path;
databaseUrl = "postgres:///shiori?host=${config.my.postgresSocket}";
};
nginx.virtualHosts."bookmarks.${config.my.domain}" =
proxyReverse config.services.shiori.port // { };
config = lib.mkIf (config.my.servers.shiori.enable && config.my.servers.postgres.enable) {
sops.secrets.shiori.sopsFile = ../../secrets/env.yaml;
services = {
shiori = {
enable = true;
port = 4368;
package = pkgs.callPackage ../../pkgs/shiori/shiori.nix { };
environmentFile = config.sops.secrets.shiori.path;
databaseUrl = "postgres:///shiori?host=${config.my.postgresSocket}";
};
nginx.virtualHosts."bookmarks.${config.my.domain}" =
proxyReverse config.services.shiori.port // { };
};
};
}

11
modules/servers/sonarr.nix
View File

@ -1,4 +1,10 @@
{ lib, config, proxyReverse, ... }: {
{
lib,
config,
proxyReverse,
...
}:
{
options.my.servers.sonarr.enable = lib.mkEnableOption "enable";
config = lib.mkIf config.my.servers.sonarr.enable {
services = {
@ -6,8 +12,7 @@
enable = true;
group = "piracy";
};
nginx.virtualHosts."series.${config.my.domain}" = proxyReverse 8989
// { };
nginx.virtualHosts."series.${config.my.domain}" = proxyReverse 8989 // { };
};
};
}

53
modules/servers/vaultwarden.nix
View File

@ -1,29 +1,34 @@
{ lib, config, pkgs, proxyReverse, ... }: {
{
lib,
config,
pkgs,
proxyReverse,
...
}:
{
options.my.servers.vaultwarden.enable = lib.mkEnableOption "enable";
config = lib.mkIf (config.my.servers.vaultwarden.enable
&& config.my.servers.postgres.enable) {
sops.secrets.vaultwarden.sopsFile = ../../secrets/env.yaml;
services = {
vaultwarden = {
enable = true;
dbBackend = "postgresql";
package = pkgs.vaultwarden;
environmentFile = config.sops.secrets.vaultwarden.path;
config = {
ROCKET_ADDRESS = "${config.my.localhost}";
ROCKET_PORT = 8222;
WEBSOCKET_PORT = 8333;
DATABASE_URL =
"postgresql:///vaultwarden?host=${config.my.postgresSocket}";
ENABLE_DB_WAL = false;
WEBSOCKET_ENABLED = true;
SHOW_PASSWORD_HINT = false;
EXTENDED_LOGGING = true;
LOG_LEVEL = "warn";
};
config = lib.mkIf (config.my.servers.vaultwarden.enable && config.my.servers.postgres.enable) {
sops.secrets.vaultwarden.sopsFile = ../../secrets/env.yaml;
services = {
vaultwarden = {
enable = true;
dbBackend = "postgresql";
package = pkgs.vaultwarden;
environmentFile = config.sops.secrets.vaultwarden.path;
config = {
ROCKET_ADDRESS = "${config.my.localhost}";
ROCKET_PORT = 8222;
WEBSOCKET_PORT = 8333;
DATABASE_URL = "postgresql:///vaultwarden?host=${config.my.postgresSocket}";
ENABLE_DB_WAL = false;
WEBSOCKET_ENABLED = true;
SHOW_PASSWORD_HINT = false;
EXTENDED_LOGGING = true;
LOG_LEVEL = "warn";
};
nginx.virtualHosts."vault.${config.my.domain}" =
proxyReverse config.services.vaultwarden.config.ROCKET_PORT // { };
};
nginx.virtualHosts."vault.${config.my.domain}" =
proxyReverse config.services.vaultwarden.config.ROCKET_PORT // { };
};
};
}

3
modules/services.nix
View File

@ -1,4 +1,5 @@
{ lib, ... }: {
{ lib, ... }:
{
imports = [
./services/network.nix
./services/nvidia.nix

3
modules/services/network.nix
View File

@ -1,4 +1,5 @@
{ config, lib, ... }: {
{ config, lib, ... }:
{
options.my.services.network.enable = lib.mkEnableOption "enable";
config = lib.mkIf config.my.services.network.enable {
networking = {

11
modules/services/nvidia.nix
View File

@ -1,8 +1,13 @@
{ config, lib, pkgs, ... }: {
{
config,
lib,
pkgs,
...
}:
{
options.my.services.nvidia.enable = lib.mkEnableOption "enable";
config = lib.mkIf config.my.services.nvidia.enable {
boot.kernelParams = lib.mkIf (config.networking.hostName == "workstation")
[ "nvidia-drm.fbdev=1" ];
boot.kernelParams = lib.mkIf (config.networking.hostName == "workstation") [ "nvidia-drm.fbdev=1" ];
services.xserver.videoDrivers = [ "nvidia" ];
hardware = {
opengl = {

16
modules/services/printing.nix
View File

@ -1,6 +1,16 @@
{ config, lib, pkgs, ... }:
let printingDrivers = [ pkgs.hplip pkgs.hplipWithPlugin ];
in {
{
config,
lib,
pkgs,
...
}:
let
printingDrivers = [
pkgs.hplip
pkgs.hplipWithPlugin
];
in
{
options.my.services.printing.enable = lib.mkEnableOption "enable";
config = lib.mkIf config.my.services.printing.enable {
users.users.jawz.packages = [ pkgs.gnome.simple-scan ];

8
modules/services/sound.nix
View File

@ -1,4 +1,10 @@
{ config, lib, inputs, ... }: {
{
config,
lib,
inputs,
...
}:
{
imports = [ inputs.nix-gaming.nixosModules.pipewireLowLatency ];
options.my.services.sound.enable = lib.mkEnableOption "enable";
config = lib.mkIf config.my.services.sound.enable {

9
modules/shell.nix
View File

@ -1,5 +1,10 @@
{ lib, ... }: {
imports = [ ./shell/exercism.nix ./shell/multimedia.nix ./shell/tools.nix ];
{ lib, ... }:
{
imports = [
./shell/exercism.nix
./shell/multimedia.nix
./shell/tools.nix
];
my.shell = {
exercism.enable = lib.mkDefault false;
multimedia.enable = lib.mkDefault false;

8
modules/shell/exercism.nix
View File

@ -1,4 +1,10 @@
{ config, lib, pkgs, ... }: {
{
config,
lib,
pkgs,
...
}:
{
options.my.shell.exercism.enable = lib.mkEnableOption "enable";
config = lib.mkIf config.my.shell.exercism.enable {
users.users.jawz.packages = with pkgs; [

46
modules/shell/multimedia.nix
View File

@ -1,23 +1,31 @@
{ config, lib, pkgs, ... }: {
{
config,
lib,
pkgs,
...
}:
{
options.my.shell.multimedia.enable = lib.mkEnableOption "enable";
config = lib.mkIf config.my.shell.multimedia.enable {
users.users.jawz.packages = (with pkgs; [
gallery-dl # similar to yt-dlp but for most image gallery websites
yt-dlp # downloads videos from most video websites
ffmpeg # not ffmpreg, the coolest video conversion tool!
imagemagick # photoshop what??
]) ++ [
(pkgs.python3Packages.buildPythonApplication rec {
pname = "ffpb";
version = "0.4.1";
src = pkgs.python3Packages.fetchPypi {
inherit pname version;
sha256 = "sha256-7eVqbLpMHS1sBw2vYS4cTtyVdnnknGtEI8190VlXflk=";
};
doCheck = false;
buildInputs = [ pkgs.python3Packages.setuptools ];
propagatedBuildInputs = [ pkgs.python3Packages.tqdm ];
})
];
users.users.jawz.packages =
(with pkgs; [
gallery-dl # similar to yt-dlp but for most image gallery websites
yt-dlp # downloads videos from most video websites
ffmpeg # not ffmpreg, the coolest video conversion tool!
imagemagick # photoshop what??
])
++ [
(pkgs.python3Packages.buildPythonApplication rec {
pname = "ffpb";
version = "0.4.1";
src = pkgs.python3Packages.fetchPypi {
inherit pname version;
sha256 = "sha256-7eVqbLpMHS1sBw2vYS4cTtyVdnnknGtEI8190VlXflk=";
};
doCheck = false;
buildInputs = [ pkgs.python3Packages.setuptools ];
propagatedBuildInputs = [ pkgs.python3Packages.tqdm ];
})
];
};
}

8
modules/shell/tools.nix
View File

@ -1,4 +1,10 @@
{ config, lib, pkgs, ... }: {
{
config,
lib,
pkgs,
...
}:
{
options.my.shell.tools.enable = lib.mkEnableOption "enable";
config = lib.mkIf config.my.shell.tools.enable {
home-manager.users.jawz = {

39
overlay.nix
View File

@ -1,16 +1,24 @@
{ pkgs, pkgsU, pkgsM }:
{
pkgs,
pkgsU,
pkgsM,
}:
_self: super: {
gnome = super.gnome.overrideScope (_gFinal: gPrev: {
nautilus = gPrev.nautilus.overrideAttrs (nsuper: {
buildInputs = nsuper.buildInputs ++ (with pkgs.gst_all_1; [
gst-libav
gst-plugins-good
gst-plugins-bad
gst-plugins-ugly
gst-plugins-base
]);
});
});
gnome = super.gnome.overrideScope (
_gFinal: gPrev: {
nautilus = gPrev.nautilus.overrideAttrs (nsuper: {
buildInputs =
nsuper.buildInputs
++ (with pkgs.gst_all_1; [
gst-libav
gst-plugins-good
gst-plugins-bad
gst-plugins-ugly
gst-plugins-base
]);
});
}
);
lutris = super.lutris.override {
extraPkgs = pkgs: [
pkgs.winetricks
@ -19,7 +27,12 @@ _self: super: {
];
};
nerdfonts = super.nerdfonts.override {
fonts = [ "CascadiaCode" "ComicShannsMono" "Iosevka" "Agave" ];
fonts = [
"CascadiaCode"
"ComicShannsMono"
"Iosevka"
"Agave"
];
};
inherit (pkgsU) planify;
inherit (pkgsU) gdtoolkit;

16
pkgs/citra/default.nix
View File

@ -1,15 +1,20 @@
{ branch, qt6Packages, fetchFromGitHub, fetchurl }:
{
branch,
qt6Packages,
fetchFromGitHub,
fetchurl,
}:
let
# Fetched from https://api.citra-emu.org/gamedb
# Please make sure to update this when updating citra!
compat-list = fetchurl {
name = "citra-compat-list";
url =
"https://web.archive.org/web/20230807103651/https://api.citra-emu.org/gamedb/";
url = "https://web.archive.org/web/20230807103651/https://api.citra-emu.org/gamedb/";
hash = "sha256-J+zqtWde5NgK2QROvGewtXGRAWUTNSKHNMG6iu9m1fU=";
};
in {
in
{
nightly = qt6Packages.callPackage ./generic.nix rec {
pname = "citra-nightly";
version = "2104";
@ -24,4 +29,5 @@ in {
inherit branch compat-list;
};
}.${branch}
}
.${branch}

155
pkgs/citra/generic.nix
View File

@ -1,40 +1,83 @@
{ pname, version, src, branch, compat-list, lib, stdenv, cmake, boost
, pkg-config, libusb1, glslang, zstd, libressl, enableSdl2 ? true, SDL2
, enableQt ? true, qtbase, qtmultimedia, wrapQtAppsHook
, enableQtTranslation ? enableQt, qttools, enableWebService ? true
, enableCubeb ? true, cubeb, enableFfmpegAudioDecoder ? true
, enableFfmpegVideoDumper ? true, ffmpeg_4, useDiscordRichPresence ? true
, rapidjson, enableFdk ? false, fdk_aac, python3 }:
assert lib.assertMsg (!enableFfmpegAudioDecoder || !enableFdk)
"Can't enable both enableFfmpegAudioDecoder and enableFdk";
{
pname,
version,
src,
branch,
compat-list,
lib,
stdenv,
cmake,
boost,
pkg-config,
libusb1,
glslang,
zstd,
libressl,
enableSdl2 ? true,
SDL2,
enableQt ? true,
qtbase,
qtmultimedia,
wrapQtAppsHook,
enableQtTranslation ? enableQt,
qttools,
enableWebService ? true,
enableCubeb ? true,
cubeb,
enableFfmpegAudioDecoder ? true,
enableFfmpegVideoDumper ? true,
ffmpeg_4,
useDiscordRichPresence ? true,
rapidjson,
enableFdk ? false,
fdk_aac,
python3,
}:
assert lib.assertMsg (
!enableFfmpegAudioDecoder || !enableFdk
) "Can't enable both enableFfmpegAudioDecoder and enableFdk";
stdenv.mkDerivation rec {
inherit pname version src;
nativeBuildInputs = [ cmake glslang pkg-config python3 ]
++ lib.optionals enableQt [ wrapQtAppsHook ];
nativeBuildInputs = [
cmake
glslang
pkg-config
python3
] ++ lib.optionals enableQt [ wrapQtAppsHook ];
buildInputs = [ boost libusb1 ]
++ lib.optionals enableQt [ qtbase qtmultimedia ]
++ lib.optional enableSdl2 SDL2 ++ lib.optional enableQtTranslation qttools
buildInputs =
[
boost
libusb1
]
++ lib.optionals enableQt [
qtbase
qtmultimedia
]
++ lib.optional enableSdl2 SDL2
++ lib.optional enableQtTranslation qttools
++ lib.optionals enableCubeb cubeb.passthru.backendLibs
++ lib.optional (enableFfmpegAudioDecoder || enableFfmpegVideoDumper)
ffmpeg_4 ++ lib.optional useDiscordRichPresence rapidjson
++ lib.optional (enableFfmpegAudioDecoder || enableFfmpegVideoDumper) ffmpeg_4
++ lib.optional useDiscordRichPresence rapidjson
++ lib.optional enableFdk fdk_aac;
cmakeFlags = [
"-DUSE_SYSTEM_BOOST=ON"
"-DCITRA_WARNINGS_AS_ERRORS=OFF"
"-DCITRA_USE_BUNDLED_FFMPEG=OFF"
"-DCITRA_USE_BUNDLED_QT=OFF"
"-DUSE_SYSTEM_SDL2=ON"
"-DCMAKE_INSTALL_INCLUDEDIR=include"
"-DCMAKE_INSTALL_LIBDIR=lib"
cmakeFlags =
[
"-DUSE_SYSTEM_BOOST=ON"
"-DCITRA_WARNINGS_AS_ERRORS=OFF"
"-DCITRA_USE_BUNDLED_FFMPEG=OFF"
"-DCITRA_USE_BUNDLED_QT=OFF"
"-DUSE_SYSTEM_SDL2=ON"
"-DCMAKE_INSTALL_INCLUDEDIR=include"
"-DCMAKE_INSTALL_LIBDIR=lib"
# We dont want to bother upstream with potentially outdated compat reports
"-DCITRA_ENABLE_COMPATIBILITY_REPORTING=ON"
"-DENABLE_COMPATIBILITY_LIST_DOWNLOAD=OFF" # We provide this deterministically
] ++ lib.optional (!enableSdl2) "-DENABLE_SDL2=OFF"
# We dont want to bother upstream with potentially outdated compat reports
"-DCITRA_ENABLE_COMPATIBILITY_REPORTING=ON"
"-DENABLE_COMPATIBILITY_LIST_DOWNLOAD=OFF" # We provide this deterministically
]
++ lib.optional (!enableSdl2) "-DENABLE_SDL2=OFF"
++ lib.optional (!enableQt) "-DENABLE_QT=OFF"
++ lib.optional enableQtTranslation "-DENABLE_QT_TRANSLATION=ON"
++ lib.optional (!enableWebService) "-DENABLE_WEB_SERVICE=OFF"
@ -44,44 +87,42 @@ stdenv.mkDerivation rec {
++ lib.optional useDiscordRichPresence "-DUSE_DISCORD_PRESENCE=ON"
++ lib.optional enableFdk "-DENABLE_FDK=ON";
postPatch = let
branchCaptialized = lib.toUpper (lib.substring 0 1 branch)
+ lib.substring 1 (-1) branch;
in ''
# Fix file not found when looking in var/empty instead of opt
mkdir externals/dynarmic/src/dynarmic/ir/var
ln -s ../opt externals/dynarmic/src/dynarmic/ir/var/empty
postPatch =
let
branchCaptialized = lib.toUpper (lib.substring 0 1 branch) + lib.substring 1 (-1) branch;
in
''
# Fix file not found when looking in var/empty instead of opt
mkdir externals/dynarmic/src/dynarmic/ir/var
ln -s ../opt externals/dynarmic/src/dynarmic/ir/var/empty
# Prep compatibilitylist
ln -s ${compat-list} ./dist/compatibility_list/compatibility_list.json
# Prep compatibilitylist
ln -s ${compat-list} ./dist/compatibility_list/compatibility_list.json
# We already know the submodules are present
substituteInPlace CMakeLists.txt \
--replace "check_submodules_present()" ""
# We already know the submodules are present
substituteInPlace CMakeLists.txt \
--replace "check_submodules_present()" ""
# Add versions
echo 'set(BUILD_FULLNAME "${branchCaptialized} ${version}")' >> CMakeModules/GenerateBuildInfo.cmake
# Add versions
echo 'set(BUILD_FULLNAME "${branchCaptialized} ${version}")' >> CMakeModules/GenerateBuildInfo.cmake
# Devendoring
rm -rf externals/zstd externals/libressl
cp -r ${zstd.src} externals/zstd
tar xf ${libressl.src} -C externals/
mv externals/${libressl.name} externals/libressl
chmod -R a+w externals/zstd
'';
# Devendoring
rm -rf externals/zstd externals/libressl
cp -r ${zstd.src} externals/zstd
tar xf ${libressl.src} -C externals/
mv externals/${libressl.name} externals/libressl
chmod -R a+w externals/zstd
'';
# Fixes https://github.com/NixOS/nixpkgs/issues/171173
postInstall = lib.optionalString (enableCubeb && enableSdl2) ''
wrapProgram "$out/bin/citra" \
--prefix LD_LIBRARY_PATH : ${
lib.makeLibraryPath cubeb.passthru.backendLibs
}
--prefix LD_LIBRARY_PATH : ${lib.makeLibraryPath cubeb.passthru.backendLibs}
'';
meta = {
homepage = "https://citra-emu.org";
description =
"The ${branch} branch of an open-source emulator for the Ninteno 3DS";
description = "The ${branch} branch of an open-source emulator for the Ninteno 3DS";
longDescription = ''
A Nintendo 3DS Emulator written in C++
Using the nightly branch is recommended for general usage.
@ -91,6 +132,10 @@ stdenv.mkDerivation rec {
mainProgram = if enableQt then "citra-qt" else "citra";
platforms = lib.platforms.linux;
license = lib.licenses.gpl2Plus;
maintainers = with lib.maintainers; [ abbradar ashley ivar ];
maintainers = with lib.maintainers; [
abbradar
ashley
ivar
];
};
}

20
pkgs/obs-studio.nix
View File

@ -1,7 +1,14 @@
{ pkgs, lib, config, ... }:
{
pkgs,
lib,
config,
...
}:
let cfg = config.programs.obs-studio;
in {
let
cfg = config.programs.obs-studio;
in
{
options.programs.obs-studio = {
enable = lib.mkEnableOption (lib.mdDoc "obs-studio");
@ -32,10 +39,9 @@ in {
};
config = lib.mkIf cfg.enable {
programs.obs-studio.finalPackage =
pkgs.wrapOBS.override { obs-studio = cfg.package; } {
plugins = cfg.plugins;
};
programs.obs-studio.finalPackage = pkgs.wrapOBS.override { obs-studio = cfg.package; } {
plugins = cfg.plugins;
};
environment.systemPackages = [ cfg.finalPackage ];

296
pkgs/polymc/default.nix
View File

@ -1,139 +1,177 @@
{ stdenv, lib, fetchFromGitHub, cmake, ninja, jdk17, ghc_filesystem, zlib, file
, xorg, libpulseaudio, openal, qt6, glfw, pciutils, udev, glxinfo, qt6Packages
, libGL, flite, addOpenGLRunpath, vulkan-loader, msaClientID ? null
, extra-cmake-modules, makeWrapper, gamemode, mangohud, glfw-wayland-minecraft
, writeShellScript }:
{
stdenv,
lib,
fetchFromGitHub,
cmake,
ninja,
jdk17,
ghc_filesystem,
zlib,
file,
xorg,
libpulseaudio,
openal,
qt6,
glfw,
pciutils,
udev,
glxinfo,
qt6Packages,
libGL,
flite,
addOpenGLRunpath,
vulkan-loader,
msaClientID ? null,
extra-cmake-modules,
makeWrapper,
gamemode,
mangohud,
glfw-wayland-minecraft,
writeShellScript,
}:
let
polymc = let
binpath = lib.makeBinPath [ xorg.xrandr glxinfo pciutils ];
polymc =
let
binpath = lib.makeBinPath [
xorg.xrandr
glxinfo
pciutils
];
libpath = lib.makeLibraryPath [
xorg.libX11
xorg.libXext
xorg.libXcursor
xorg.libXrandr
xorg.libXxf86vm
libpulseaudio
libGL
vulkan-loader
glfw
openal
udev
flite
stdenv.cc.cc.lib
];
libpath = lib.makeLibraryPath [
xorg.libX11
xorg.libXext
xorg.libXcursor
xorg.libXrandr
xorg.libXxf86vm
libpulseaudio
libGL
vulkan-loader
glfw
openal
udev
flite
stdenv.cc.cc.lib
];
gameLibraryPath = libpath + ":${addOpenGLRunpath.driverLink}/lib";
gameLibraryPath = libpath + ":${addOpenGLRunpath.driverLink}/lib";
in stdenv.mkDerivation rec {
pname = "polymc"
+ (lib.optionalString ((lib.versions.major qt6.qtbase.version) == "5")
"-qt5");
version = "6.1";
in
stdenv.mkDerivation rec {
pname = "polymc" + (lib.optionalString ((lib.versions.major qt6.qtbase.version) == "5") "-qt5");
version = "6.1";
src = fetchFromGitHub {
owner = "PolyMC";
repo = "PolyMC";
rev = version;
sha256 = "sha256-AOy13zAWQ0CtsX9z1M+fxH7Sh/QSFy7EdQ/fD9yUYc8=";
fetchSubmodules = true;
};
dontWrapQtApps = true;
nativeBuildInputs = [
cmake
extra-cmake-modules
ninja
jdk17
qt6.wrapQtAppsHook
file
ghc_filesystem
];
buildInputs = [
qt6.qtbase
qt6.qtsvg
qt6.qtcharts
qt6.qtwayland
qt6Packages.quazip
zlib
];
src = fetchFromGitHub {
owner = "PolyMC";
repo = "PolyMC";
rev = version;
sha256 = "sha256-AOy13zAWQ0CtsX9z1M+fxH7Sh/QSFy7EdQ/fD9yUYc8=";
fetchSubmodules = true;
};
dontWrapQtApps = true;
nativeBuildInputs = [
cmake
extra-cmake-modules
ninja
jdk17
qt6.wrapQtAppsHook
file
ghc_filesystem
];
buildInputs = [
qt6.qtbase
qt6.qtsvg
qt6.qtcharts
qt6.qtwayland
qt6Packages.quazip
zlib
];
cmakeFlags = [
"-GNinja"
"-DLauncher_QT_VERSION_MAJOR=${lib.versions.major qt6.qtbase.version}"
] ++ lib.optionals (msaClientID != null)
[ "-DLauncher_MSA_CLIENT_ID=${msaClientID}" ];
cmakeFlags = [
"-GNinja"
"-DLauncher_QT_VERSION_MAJOR=${lib.versions.major qt6.qtbase.version}"
] ++ lib.optionals (msaClientID != null) [ "-DLauncher_MSA_CLIENT_ID=${msaClientID}" ];
postPatch = ''
# hardcode jdk paths
substituteInPlace launcher/java/JavaUtils.cpp \
--replace 'scanJavaDir("/usr/lib/jvm")' 'javas.append("${jdk17}/lib/openjdk/bin/java")'
'';
postFixup = ''
# xorg.xrandr needed for LWJGL [2.9.2, 3) https://github.com/LWJGL/lwjgl/issues/128
wrapQtApp $out/bin/polymc \
--suffix LD_LIBRARY_PATH : "${gameLibraryPath}" \
--suffix PATH : "${binpath}" \
--set-default ALSOFT_DRIVERS "pulse"
'';
passthru = {
wrap = { extraJDKs ? [ ], extraPaths ? [ ], extraLibs ? [ ]
, withWaylandGLFW ? false, withMangohud ? true, withGamemode ? true }:
stdenv.mkDerivation rec {
pname = "${polymc.pname}-wrapped";
inherit (polymc) version;
libsPath = (lib.makeLibraryPath
(extraLibs ++ lib.optional withGamemode gamemode.lib))
+ lib.optionalString withMangohud "${mangohud + "/lib/mangohud"}";
binsPath =
lib.makeBinPath (extraPaths ++ lib.optional withMangohud mangohud);
waylandPreExec = writeShellScript "waylandGLFW" ''
if [ -n "$WAYLAND_DISPLAY" ]; then
export LD_LIBRARY_PATH=${
lib.getLib glfw-wayland-minecraft
}/lib:"$LD_LIBRARY_PATH"
fi
'';
src = polymc;
nativeBuildInputs = [ makeWrapper ];
phases = [ "installPhase" "fixupPhase" ];
installPhase = ''
mkdir -p $out/bin
ln -s $src/bin/polymc $out/bin/polymc
ln -s $src/share $out/share
'';
postFixup = let javaPaths = lib.makeSearchPath "bin/java" extraJDKs;
in ''
wrapProgram $out/bin/polymc \
--suffix LD_LIBRARY_PATH : "${libsPath}" \
--suffix POLYMC_JAVA_PATHS : "${javaPaths}" \
--suffix PATH : "${binsPath}" ${
lib.optionalString withWaylandGLFW "--run ${waylandPreExec}"
}
'';
preferLocalBuild = true;
inherit (polymc) meta;
};
};
meta = with lib; {
homepage = "https://polymc.org/";
downloadPage = "https://polymc.org/download/";
changelog = "https://github.com/PolyMC/PolyMC/releases";
description = "A free, open source launcher for Minecraft";
longDescription = ''
Allows you to have multiple, separate instances of Minecraft (each with
their own mods, texture packs, saves, etc) and helps you manage them and
their associated options with a simple interface.
postPatch = ''
# hardcode jdk paths
substituteInPlace launcher/java/JavaUtils.cpp \
--replace 'scanJavaDir("/usr/lib/jvm")' 'javas.append("${jdk17}/lib/openjdk/bin/java")'
'';
platforms = [ "x86_64-linux" ];
license = licenses.gpl3Only;
postFixup = ''
# xorg.xrandr needed for LWJGL [2.9.2, 3) https://github.com/LWJGL/lwjgl/issues/128
wrapQtApp $out/bin/polymc \
--suffix LD_LIBRARY_PATH : "${gameLibraryPath}" \
--suffix PATH : "${binpath}" \
--set-default ALSOFT_DRIVERS "pulse"
'';
passthru = {
wrap =
{
extraJDKs ? [ ],
extraPaths ? [ ],
extraLibs ? [ ],
withWaylandGLFW ? false,
withMangohud ? true,
withGamemode ? true,
}:
stdenv.mkDerivation rec {
pname = "${polymc.pname}-wrapped";
inherit (polymc) version;
libsPath =
(lib.makeLibraryPath (extraLibs ++ lib.optional withGamemode gamemode.lib))
+ lib.optionalString withMangohud "${mangohud + "/lib/mangohud"}";
binsPath = lib.makeBinPath (extraPaths ++ lib.optional withMangohud mangohud);
waylandPreExec = writeShellScript "waylandGLFW" ''
if [ -n "$WAYLAND_DISPLAY" ]; then
export LD_LIBRARY_PATH=${lib.getLib glfw-wayland-minecraft}/lib:"$LD_LIBRARY_PATH"
fi
'';
src = polymc;
nativeBuildInputs = [ makeWrapper ];
phases = [
"installPhase"
"fixupPhase"
];
installPhase = ''
mkdir -p $out/bin
ln -s $src/bin/polymc $out/bin/polymc
ln -s $src/share $out/share
'';
postFixup =
let
javaPaths = lib.makeSearchPath "bin/java" extraJDKs;
in
''
wrapProgram $out/bin/polymc \
--suffix LD_LIBRARY_PATH : "${libsPath}" \
--suffix POLYMC_JAVA_PATHS : "${javaPaths}" \
--suffix PATH : "${binsPath}" ${lib.optionalString withWaylandGLFW "--run ${waylandPreExec}"}
'';
preferLocalBuild = true;
inherit (polymc) meta;
};
};
meta = with lib; {
homepage = "https://polymc.org/";
downloadPage = "https://polymc.org/download/";
changelog = "https://github.com/PolyMC/PolyMC/releases";
description = "A free, open source launcher for Minecraft";
longDescription = ''
Allows you to have multiple, separate instances of Minecraft (each with
their own mods, texture packs, saves, etc) and helps you manage them and
their associated options with a simple interface.
'';
platforms = [ "x86_64-linux" ];
license = licenses.gpl3Only;
};
};
};
in polymc
in
polymc

30
pkgs/pureref/default.nix
View File

@ -1,16 +1,30 @@
{ lib, appimageTools, runCommand, curl, gnugrep, cacert }:
{
lib,
appimageTools,
runCommand,
curl,
gnugrep,
cacert,
}:
appimageTools.wrapType1 rec {
pname = "pureref";
version = "2.0.0";
src = runCommand "PureRef-${version}_x64.Appimage" {
nativeBuildInputs = [ curl gnugrep cacert ];
outputHash = "sha256-47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=";
} ''
key="$(curl "https://www.pureref.com/download.php" --silent | grep '%3D%3D' | cut -d '"' -f2)"
curl "https://www.pureref.com/files/build.php?build=LINUX64.Appimage&version=${version}&downloadKey=$key" --output $out
'';
src =
runCommand "PureRef-${version}_x64.Appimage"
{
nativeBuildInputs = [
curl
gnugrep
cacert
];
outputHash = "sha256-47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=";
}
''
key="$(curl "https://www.pureref.com/download.php" --silent | grep '%3D%3D' | cut -d '"' -f2)"
curl "https://www.pureref.com/files/build.php?build=LINUX64.Appimage&version=${version}&downloadKey=$key" --output $out
'';
meta = {
description = "Reference Image Viewer";

61
pkgs/shiori/shiori-service.nix
View File

@ -1,7 +1,14 @@
{ config, lib, pkgs, ... }:
{
config,
lib,
pkgs,
...
}:
let cfg = config.services.shiori;
in {
let
cfg = config.services.shiori;
in
{
options = {
services.shiori = {
enable = lib.mkEnableOption "Shiori simple bookmarks manager";
@ -54,18 +61,16 @@ in {
systemd.services.shiori = {
description = "Shiori simple bookmarks manager";
wantedBy = [ "multi-user.target" ];
after = [ "postgresql.service" "mysql.service" ];
after = [
"postgresql.service"
"mysql.service"
];
environment = {
SHIORI_DIR = "/var/lib/shiori";
} // lib.optionalAttrs (cfg.databaseUrl != null) {
SHIORI_DATABASE_URL = cfg.databaseUrl;
};
} // lib.optionalAttrs (cfg.databaseUrl != null) { SHIORI_DATABASE_URL = cfg.databaseUrl; };
serviceConfig = {
ExecStart =
"${cfg.package}/bin/shiori server --address '${cfg.address}' --port '${
toString cfg.port
}' --webroot '${cfg.webRoot}'";
ExecStart = "${cfg.package}/bin/shiori server --address '${cfg.address}' --port '${toString cfg.port}' --webroot '${cfg.webRoot}'";
DynamicUser = true;
StateDirectory = "shiori";
@ -73,17 +78,20 @@ in {
RuntimeDirectory = "shiori";
# Security options
EnvironmentFile =
lib.optional (cfg.environmentFile != null) cfg.environmentFile;
BindReadOnlyPaths = [
"/nix/store"
EnvironmentFile = lib.optional (cfg.environmentFile != null) cfg.environmentFile;
BindReadOnlyPaths =
[
"/nix/store"
# For SSL certificates, and the resolv.conf
"/etc"
] ++ lib.optional (lib.strings.hasInfix "postgres" cfg.databaseUrl
&& config.services.postgresql.enable) "/run/postgresql"
++ lib.optional (lib.strings.hasInfix "mysql" cfg.databaseUrl
&& config.services.mysql.enable) "/var/run/mysqld";
# For SSL certificates, and the resolv.conf
"/etc"
]
++ lib.optional (
lib.strings.hasInfix "postgres" cfg.databaseUrl && config.services.postgresql.enable
) "/run/postgresql"
++ lib.optional (
lib.strings.hasInfix "mysql" cfg.databaseUrl && config.services.mysql.enable
) "/var/run/mysqld";
CapabilityBoundingSet = "";
AmbientCapabilities = "CAP_NET_BIND_SERVICE";
@ -106,7 +114,11 @@ in {
ProtectKernelTunables = true;
RestrictNamespaces = true;
RestrictAddressFamilies = [ "AF_INET" "AF_INET6" "AF_UNIX" ];
RestrictAddressFamilies = [
"AF_INET"
"AF_INET6"
"AF_UNIX"
];
RestrictRealtime = true;
RestrictSUIDSGID = true;
@ -128,5 +140,8 @@ in {
};
};
meta.maintainers = with lib.maintainers; [ minijackson CaptainJawZ ];
meta.maintainers = with lib.maintainers; [
minijackson
CaptainJawZ
];
}

12
pkgs/shiori/shiori.nix
View File

@ -1,4 +1,9 @@
{ lib, buildGoModule, fetchFromGitHub, installShellFiles }:
{
lib,
buildGoModule,
fetchFromGitHub,
installShellFiles,
}:
buildGoModule rec {
pname = "shiori";
@ -30,6 +35,9 @@ buildGoModule rec {
mainProgram = "shiori";
homepage = "https://github.com/go-shiori/shiori";
license = licenses.mit;
maintainers = with maintainers; [ minijackson CaptainJawZ ];
maintainers = with maintainers; [
minijackson
CaptainJawZ
];
};
}

27
pkgs/vdhcoapp/default.nix
View File

@ -1,11 +1,22 @@
{ lib, fetchFromGitHub, buildNpmPackage, toml2json, nodejs, ffmpeg
, substituteAll, makeWrapper, callPackage }:
{
lib,
fetchFromGitHub,
buildNpmPackage,
toml2json,
nodejs,
ffmpeg,
substituteAll,
makeWrapper,
callPackage,
}:
# This is an adaptation with buildNpmPackage based on https://github.com/milahu/nur-packages/commit/3022ffb3619182ffcd579194e1202e3978e4d55b
let filepicker = callPackage ./filepicker.nix { };
let
filepicker = callPackage ./filepicker.nix { };
in buildNpmPackage rec {
in
buildNpmPackage rec {
pname = "vdhcoapp";
version = "2.0.19";
@ -20,7 +31,10 @@ in buildNpmPackage rec {
npmDepsHash = "sha256-E032U2XZdyTER6ROkBosOTn7bweDXHl8voC3BQEz8Wg=";
dontNpmBuild = true;
nativeBuildInputs = [ toml2json makeWrapper ];
nativeBuildInputs = [
toml2json
makeWrapper
];
patches = [
(substituteAll {
@ -50,8 +64,7 @@ in buildNpmPackage rec {
'';
meta = with lib; {
description =
"Companion application for the Video DownloadHelper browser add-on";
description = "Companion application for the Video DownloadHelper browser add-on";
homepage = "https://www.downloadhelper.net/";
license = licenses.gpl2;
maintainers = with maintainers; [ wolfangaukang ];

16
pkgs/vdhcoapp/filepicker.nix
View File

@ -1,4 +1,12 @@
{ lib, rustPlatform, fetchFromGitHub, pkg-config, atk, gtk3, glib }:
{
lib,
rustPlatform,
fetchFromGitHub,
pkg-config,
atk,
gtk3,
glib,
}:
rustPlatform.buildRustPackage rec {
pname = "filepicker";
@ -13,7 +21,11 @@ rustPlatform.buildRustPackage rec {
cargoHash = "sha256-aal7ppFkCpNc+QTS4Qklsb9WfJ65QqG6p1eOskiX+/Q=";
buildInputs = [ atk gtk3 glib ];
buildInputs = [
atk
gtk3
glib
];
nativeBuildInputs = [ pkg-config ];