jawz/NixOS
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

applied nixfmt (new version)

Browse Source
This commit is contained in:
Danilo Reyes 2024-09-22 14:45:24 -06:00
parent dd00fb4854
commit b514828594
89 changed files with 2091 additions and 1339 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

113
base.nix
View File

@ -1,4 +1,11 @@
{ lib, pkgs, inputs, outputs, ... }: { {
lib,
pkgs,
inputs,
outputs,
...
}:
{
imports = [ imports = [
inputs.home-manager.nixosModules.home-manager inputs.home-manager.nixosModules.home-manager
./modules/apps.nix ./modules/apps.nix
@ -22,7 +29,9 @@
home-manager = { home-manager = {
useUserPackages = true; useUserPackages = true;
useGlobalPkgs = true; useGlobalPkgs = true;
extraSpecialArgs = { inherit inputs outputs; }; extraSpecialArgs = {
inherit inputs outputs;
};
users.jawz = import ./home-manager.nix; users.jawz = import ./home-manager.nix;
}; };
time = { time = {
@ -31,7 +40,9 @@
}; };
i18n = { i18n = {
defaultLocale = "en_CA.UTF-8"; defaultLocale = "en_CA.UTF-8";
extraLocaleSettings = { LC_MONETARY = "es_MX.UTF-8"; }; extraLocaleSettings = {
LC_MONETARY = "es_MX.UTF-8";
};
}; };
console = { console = {
font = "Lat2-Terminus16"; font = "Lat2-Terminus16";
@ -44,59 +55,69 @@
enable = true; enable = true;
wheelNeedsPassword = false; wheelNeedsPassword = false;
}; };
pam.loginLimits = [{ pam.loginLimits = [
domain = "*"; {
type = "soft"; domain = "*";
item = "nofile"; type = "soft";
value = "8192"; item = "nofile";
}]; value = "8192";
}
];
}; };
users = { users = {
mutableUsers = false; mutableUsers = false;
groups.piracy.gid = 985; groups.piracy.gid = 985;
}; };
nixpkgs.config.allowUnfree = true; nixpkgs.config.allowUnfree = true;
nix = let nix =
featuresList = [ let
"nixos-test" featuresList = [
"benchmark" "nixos-test"
"big-parallel" "benchmark"
"kvm" "big-parallel"
"gccarch-znver3" "kvm"
"gccarch-skylake" "gccarch-znver3"
"gccarch-alderlake" "gccarch-skylake"
]; "gccarch-alderlake"
in {
distributedBuilds = true;
optimise.automatic = true;
settings = {
auto-optimise-store = true;
trusted-users = [ "nixremote" ];
system-features = featuresList;
experimental-features = [ "nix-command" "flakes" ];
substituters = [
"https://nix-gaming.cachix.org"
"https://nixpkgs-python.cachix.org"
"https://devenv.cachix.org"
"https://cuda-maintainers.cachix.org"
"https://ai.cachix.org"
"https://cache.lix.systems"
"https://cosmic.cachix.org/"
];
trusted-public-keys = [
"nix-gaming.cachix.org-1:nbjlureqMbRAxR1gJ/f3hxemL9svXaZF/Ees8vCUUs4="
"nixpkgs-python.cachix.org-1:hxjI7pFxTyuTHn2NkvWCrAUcNZLNS3ZAvfYNuYifcEU="
"devenv.cachix.org-1:w1cLUi8dv3hnoSPGAuibQv+f9TZLr6cv/Hm9XgU50cw="
"cuda-maintainers.cachix.org-1:0dq3bujKpuEPMCX6U4WylrUDZ9JyUG0VpVZa7CNfq5E="
"ai.cachix.org-1:N9dzRK+alWwoKXQlnn0H6aUx0lU/mspIoz8hMvGvbbc="
"cache.lix.systems:aBnZUw8zA7H35Cz2RyKFVs3H4PlGTLawyY5KRbvJR8o="
"cosmic.cachix.org-1:Dya9IyXD4xdBehWjrkPv6rtxpmMdRel02smYzA85dPE="
]; ];
in
{
distributedBuilds = true;
optimise.automatic = true;
settings = {
auto-optimise-store = true;
trusted-users = [ "nixremote" ];
system-features = featuresList;
experimental-features = [
"nix-command"
"flakes"
];
substituters = [
"https://nix-gaming.cachix.org"
"https://nixpkgs-python.cachix.org"
"https://devenv.cachix.org"
"https://cuda-maintainers.cachix.org"
"https://ai.cachix.org"
"https://cache.lix.systems"
"https://cosmic.cachix.org/"
];
trusted-public-keys = [
"nix-gaming.cachix.org-1:nbjlureqMbRAxR1gJ/f3hxemL9svXaZF/Ees8vCUUs4="
"nixpkgs-python.cachix.org-1:hxjI7pFxTyuTHn2NkvWCrAUcNZLNS3ZAvfYNuYifcEU="
"devenv.cachix.org-1:w1cLUi8dv3hnoSPGAuibQv+f9TZLr6cv/Hm9XgU50cw="
"cuda-maintainers.cachix.org-1:0dq3bujKpuEPMCX6U4WylrUDZ9JyUG0VpVZa7CNfq5E="
"ai.cachix.org-1:N9dzRK+alWwoKXQlnn0H6aUx0lU/mspIoz8hMvGvbbc="
"cache.lix.systems:aBnZUw8zA7H35Cz2RyKFVs3H4PlGTLawyY5KRbvJR8o="
"cosmic.cachix.org-1:Dya9IyXD4xdBehWjrkPv6rtxpmMdRel02smYzA85dPE="
];
};
}; };
};
documentation.enable = false; documentation.enable = false;
environment = { environment = {
systemPackages = with pkgs; [ wget sops ]; systemPackages = with pkgs; [
wget
sops
];
variables = rec { variables = rec {
# PATH # PATH
XDG_CACHE_HOME = "\${HOME}/.cache"; XDG_CACHE_HOME = "\${HOME}/.cache";

3
cinnamon.nix
View File

@ -1,4 +1,5 @@
{ pkgs, ... }: { { pkgs, ... }:
{
services = { services = {
libinput.enable = true; libinput.enable = true;
xserver = { xserver = {

20
cosmic.nix
View File

@ -1,4 +1,5 @@
{ pkgs, ... }: { { pkgs, ... }:
{
services = { services = {
gvfs.enable = true; gvfs.enable = true;
libinput.enable = true; libinput.enable = true;
@ -9,11 +10,14 @@
enable = true; enable = true;
style = "adwaita"; style = "adwaita";
}; };
users.users.jawz.packages = (with pkgs; [ users.users.jawz.packages = (
# ffmpegthumbnailer # generate thumbnails with pkgs;
adw-gtk3 # theme legacy applications [
papirus-icon-theme # icon theme # ffmpegthumbnailer # generate thumbnails
# libgda # for pano shell extension adw-gtk3 # theme legacy applications
# gradience # theme customizer, allows you to modify adw-gtk3 themes papirus-icon-theme # icon theme
]); # libgda # for pano shell extension
# gradience # theme customizer, allows you to modify adw-gtk3 themes
]
);
} }

30
flake.nix
View File

@ -19,13 +19,23 @@
}; };
}; };
outputs = { self, nixpkgs, unstable, master, home-manager, sops-nix outputs =
, nixos-cosmic, ... }@inputs: {
self,
nixpkgs,
unstable,
master,
home-manager,
sops-nix,
nixos-cosmic,
...
}@inputs:
let let
inherit (self) outputs; inherit (self) outputs;
lib = nixpkgs.lib // home-manager.lib; lib = nixpkgs.lib // home-manager.lib;
system = "x86_64-linux"; system = "x86_64-linux";
makePkgs = repo: makePkgs =
repo:
import repo { import repo {
inherit system; inherit system;
config.allowUnfree = true; config.allowUnfree = true;
@ -36,15 +46,23 @@
overlays = [ (import ./overlay.nix { inherit pkgs pkgsU pkgsM; }) ]; overlays = [ (import ./overlay.nix { inherit pkgs pkgsU pkgsM; }) ];
createConfig = name: { createConfig = name: {
inherit system; inherit system;
specialArgs = { inherit inputs outputs; }; specialArgs = {
inherit inputs outputs;
};
modules = [ modules = [
./hosts/${name}/configuration.nix ./hosts/${name}/configuration.nix
sops-nix.nixosModules.sops sops-nix.nixosModules.sops
({ ... }: { nixpkgs.overlays = overlays; }) (
{ ... }:
{
nixpkgs.overlays = overlays;
}
)
nixos-cosmic.nixosModules.default nixos-cosmic.nixosModules.default
]; ];
}; };
in { in
{
inherit lib pkgs; inherit lib pkgs;
formatter = pkgs.alejandra; formatter = pkgs.alejandra;
nixosConfigurations = { nixosConfigurations = {

75
gnome.nix
View File

@ -1,4 +1,5 @@
{ pkgs, ... }: { { pkgs, ... }:
{
services = { services = {
gvfs.enable = true; gvfs.enable = true;
libinput.enable = true; libinput.enable = true;
@ -15,42 +16,46 @@
}; };
}; };
}; };
environment.gnome.excludePackages = (with pkgs; [ environment.gnome.excludePackages =
gnome-photos (with pkgs; [
gnome-tour gnome-photos
gnome-text-editor gnome-tour
gnome-connections gnome-text-editor
# gnome-shell-extensions gnome-connections
baobab # gnome-shell-extensions
]) ++ (with pkgs.gnome; [ baobab
# totem ])
gnome-music ++ (with pkgs.gnome; [
epiphany # totem
gnome-characters gnome-music
yelp epiphany
gnome-font-viewer gnome-characters
cheese yelp
]); gnome-font-viewer
cheese
]);
qt = { qt = {
enable = true; enable = true;
style = "adwaita"; style = "adwaita";
}; };
users.users.jawz.packages = (with pkgs; [ users.users.jawz.packages =
# ffmpegthumbnailer # generate thumbnails (with pkgs; [
adw-gtk3 # theme legacy applications # ffmpegthumbnailer # generate thumbnails
gnome.gnome-tweaks # tweaks for the gnome desktop environment adw-gtk3 # theme legacy applications
papirus-icon-theme # icon theme gnome.gnome-tweaks # tweaks for the gnome desktop environment
libgda # for pano shell extension papirus-icon-theme # icon theme
# gradience # theme customizer, allows you to modify adw-gtk3 themes libgda # for pano shell extension
]) ++ (with pkgs.gnomeExtensions; [ # gradience # theme customizer, allows you to modify adw-gtk3 themes
appindicator # applets for open applications ])
reading-strip # like putting a finger on every line I read ++ (with pkgs.gnomeExtensions; [
tactile # window manager appindicator # applets for open applications
pano # clipboard manager reading-strip # like putting a finger on every line I read
freon # hardware temperature monitor tactile # window manager
gamemode-indicator-in-system-settings # I guess I'm a gamer now? pano # clipboard manager
# blur-my-shell # make the overview more visually appealing freon # hardware temperature monitor
burn-my-windows gamemode-indicator-in-system-settings # I guess I'm a gamer now?
# forge # window manager # blur-my-shell # make the overview more visually appealing
]); burn-my-windows
# forge # window manager
]);
} }

9
home-manager.nix
View File

@ -1,9 +1,14 @@
{ config, ... }: { { config, ... }:
{
home.stateVersion = "24.05"; home.stateVersion = "24.05";
programs.bash = { programs.bash = {
enable = true; enable = true;
historyFile = "\${XDG_STATE_HOME}/bash/history"; historyFile = "\${XDG_STATE_HOME}/bash/history";
historyControl = [ "erasedups" "ignorespace" "ignoredups" ]; historyControl = [
"erasedups"
"ignorespace"
"ignoredups"
];
shellAliases = { shellAliases = {
cp = "cp -i"; cp = "cp -i";
mv = "mv -i"; mv = "mv -i";

23
hosts/miniserver/hardware-configuration.nix
View File

@ -1,4 +1,5 @@
{ lib, modulesPath, ... }: { { lib, modulesPath, ... }:
{
imports = [ (modulesPath + "/installer/scan/not-detected.nix") ]; imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
powerManagement.cpuFreqGovernor = lib.mkDefault "performance"; powerManagement.cpuFreqGovernor = lib.mkDefault "performance";
hardware = { hardware = {
@ -129,13 +130,15 @@
''; '';
}; };
}; };
swapDevices = [{ swapDevices = [
device = "/dev/nvme0n1p3"; {
randomEncryption = { device = "/dev/nvme0n1p3";
enable = true; randomEncryption = {
cipher = "aes-xts-plain64"; enable = true;
keySize = 512; cipher = "aes-xts-plain64";
sectorSize = 4096; keySize = 512;
}; sectorSize = 4096;
}]; };
}
];
} }

29
hosts/miniserver/temp-nginx.nix
View File

@ -1,4 +1,9 @@
{ config, lib, pkgs, ... }: {
config,
lib,
pkgs,
...
}:
let let
proxy = locations: { proxy = locations: {
inherit locations; inherit locations;
@ -6,7 +11,8 @@ let
enableACME = true; enableACME = true;
http2 = true; http2 = true;
}; };
proxyReverse = port: proxyReverse =
port:
proxy { proxy {
"/" = { "/" = {
proxyPass = "http://192.168.1.69:${toString port}"; proxyPass = "http://192.168.1.69:${toString port}";
@ -16,14 +22,14 @@ let
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header X-Forwarded-Proto $scheme;
proxy_redirect http://192.168.1.69:${ proxy_redirect http://192.168.1.69:${toString port}/ https://your_domain.com/;
toString port
}/ https://your_domain.com/;
''; '';
}; };
}; };
proxyReverseArr = port: proxyReverseArr =
proxyReverse port // { port:
proxyReverse port
// {
extraConfig = '' extraConfig = ''
proxy_set_header X-Forwarded-Host $host; proxy_set_header X-Forwarded-Host $host;
proxy_set_header Upgrade $http_upgrade; proxy_set_header Upgrade $http_upgrade;
@ -32,7 +38,8 @@ let
proxy_http_version 1.1; proxy_http_version 1.1;
''; '';
}; };
in { in
{
services = { services = {
nginx = { nginx = {
appendHttpConfig = '' appendHttpConfig = ''
@ -47,10 +54,8 @@ in {
"movies.${config.my.domain}" = proxyReverseArr 7878 // { }; "movies.${config.my.domain}" = proxyReverseArr 7878 // { };
"indexer.${config.my.domain}" = proxyReverseArr 9696 // { }; "indexer.${config.my.domain}" = proxyReverseArr 9696 // { };
"music.${config.my.domain}" = proxyReverseArr 8686 // { }; "music.${config.my.domain}" = proxyReverseArr 8686 // { };
"subs.${config.my.domain}" = "subs.${config.my.domain}" = proxyReverse config.services.bazarr.listenPort // { };
proxyReverse config.services.bazarr.listenPort // { }; "library.${config.my.domain}" = proxyReverse config.services.kavita.port // { };
"library.${config.my.domain}" = proxyReverse config.services.kavita.port
// { };
"vnfx2cojmt7dwzcfmi73.${config.my.domain}" = proxyReverse 9091 // { }; "vnfx2cojmt7dwzcfmi73.${config.my.domain}" = proxyReverse 9091 // { };
"HSoeJdGRd2Orj0n31UGI.${config.my.domain}" = proxyReverse 3399 // { }; "HSoeJdGRd2Orj0n31UGI.${config.my.domain}" = proxyReverse 3399 // { };
"flix.${config.my.domain}" = { "flix.${config.my.domain}" = {

38
hosts/server/hardware-configuration.nix
View File

@ -1,4 +1,5 @@
{ lib, modulesPath, ... }: { { lib, modulesPath, ... }:
{
imports = [ (modulesPath + "/installer/scan/not-detected.nix") ]; imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
hardware = { hardware = {
nvidia = { nvidia = {
@ -68,8 +69,14 @@
}; };
extraModulePackages = [ ]; extraModulePackages = [ ];
initrd = { initrd = {
availableKernelModules = availableKernelModules = [
[ "xhci_pci" "ahci" "usbhid" "nvme" "usb_storage" "sd_mod" ]; "xhci_pci"
"ahci"
"usbhid"
"nvme"
"usb_storage"
"sd_mod"
];
kernelModules = [ ]; kernelModules = [ ];
}; };
}; };
@ -129,7 +136,10 @@
}; };
"/mnt/jellyfin/media" = { "/mnt/jellyfin/media" = {
device = "/mnt/pool/multimedia/media"; device = "/mnt/pool/multimedia/media";
options = [ "bind" "ro" ]; options = [
"bind"
"ro"
];
depends = [ "/mnt/pool" ]; depends = [ "/mnt/pool" ];
}; };
# NFS # NFS
@ -154,13 +164,15 @@
''; '';
}; };
}; };
swapDevices = [{ swapDevices = [
device = "/dev/disk/by-partuuid/cb0ad486-ebf8-4bfc-ad7c-96bdc68576ca"; {
randomEncryption = { device = "/dev/disk/by-partuuid/cb0ad486-ebf8-4bfc-ad7c-96bdc68576ca";
enable = true; randomEncryption = {
cipher = "aes-xts-plain64"; enable = true;
keySize = 512; cipher = "aes-xts-plain64";
sectorSize = 4096; keySize = 512;
}; sectorSize = 4096;
}]; };
}
];
} }

38
hosts/workstation/configuration.nix
View File

@ -1,4 +1,5 @@
{ pkgs, ... }: { { pkgs, ... }:
{
imports = [ imports = [
./hardware-configuration.nix ./hardware-configuration.nix
../../base.nix ../../base.nix
@ -53,20 +54,24 @@
}; };
networking = { networking = {
hostName = "workstation"; hostName = "workstation";
firewall = let firewall =
openPorts = [ let
6674 # ns-usbloader openPorts = [
]; 6674 # ns-usbloader
openPortRanges = [{ ];
from = 1714; # kdeconnect openPortRanges = [
to = 1764; # kdeconnect {
}]; from = 1714; # kdeconnect
in { to = 1764; # kdeconnect
allowedTCPPorts = openPorts; }
allowedUDPPorts = openPorts; ];
allowedTCPPortRanges = openPortRanges; in
allowedUDPPortRanges = openPortRanges; {
}; allowedTCPPorts = openPorts;
allowedUDPPorts = openPorts;
allowedTCPPortRanges = openPortRanges;
allowedUDPPortRanges = openPortRanges;
};
}; };
nix.settings.cores = 16; nix.settings.cores = 16;
nixpkgs = { nixpkgs = {
@ -132,8 +137,7 @@
enable = true; enable = true;
useUpnp = true; useUpnp = true;
enableWebUI = true; enableWebUI = true;
httpPass = httpPass = "Uplifting-Proofs-Eggshell-Molecule-Wriggly-Janitor3-Padded-Oxidizing";
"Uplifting-Proofs-Eggshell-Molecule-Wriggly-Janitor3-Padded-Oxidizing";
deviceName = "Oversweet3834"; deviceName = "Oversweet3834";
httpLogin = "Oversweet3834"; httpLogin = "Oversweet3834";
httpListenPort = 9876; httpListenPort = 9876;

117
hosts/workstation/hardware-configuration.nix
View File

@ -1,8 +1,13 @@
{ config, modulesPath, lib, ... }: { {
config,
modulesPath,
lib,
...
}:
{
imports = [ (modulesPath + "/installer/scan/not-detected.nix") ]; imports = [ (modulesPath + "/installer/scan/not-detected.nix") ];
hardware = { hardware = {
cpu.amd.updateMicrocode = cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
lib.mkDefault config.hardware.enableRedistributableFirmware;
bluetooth = { bluetooth = {
enable = true; enable = true;
settings.General = { settings.General = {
@ -45,8 +50,14 @@
}; };
initrd = { initrd = {
secrets."/keyfile" = /etc/keyfile; secrets."/keyfile" = /etc/keyfile;
availableKernelModules = availableKernelModules = [
[ "xhci_pci" "ahci" "usbhid" "nvme" "usb_storage" "sd_mod" ]; "xhci_pci"
"ahci"
"usbhid"
"nvme"
"usb_storage"
"sd_mod"
];
luks.devices.nvme = { luks.devices.nvme = {
device = "/dev/disk/by-uuid/e9618e85-a631-4374-b2a4-22c376d6e41b"; device = "/dev/disk/by-uuid/e9618e85-a631-4374-b2a4-22c376d6e41b";
keyFile = "/keyfile"; keyFile = "/keyfile";
@ -54,50 +65,58 @@
}; };
}; };
}; };
fileSystems = let fileSystems =
nfsMount = server: nfsDisk: { let
device = "${server}:/${nfsDisk}"; nfsMount = server: nfsDisk: {
fsType = "nfs"; device = "${server}:/${nfsDisk}";
options = [ "x-systemd.automount" "noauto" "x-systemd.idle-timeout=600" ]; fsType = "nfs";
}; options = [
btrfsMount = subvol: { "x-systemd.automount"
device = "/dev/mapper/nvme"; "noauto"
fsType = "btrfs"; "x-systemd.idle-timeout=600"
options = [ ];
"subvol=${subvol}" };
"ssd" btrfsMount = subvol: {
"compress=lzo" device = "/dev/mapper/nvme";
"x-systemd.device-timeout=0" fsType = "btrfs";
"space_cache=v2" options = [
"commit=120" "subvol=${subvol}"
"datacow" "ssd"
] ++ (if subvol == "nixos" then [ "noatime" ] else [ ]); "compress=lzo"
}; "x-systemd.device-timeout=0"
in { "space_cache=v2"
"/" = btrfsMount "nixos" // { }; "commit=120"
"/home" = btrfsMount "home" // { }; "datacow"
"/mnt/games" = btrfsMount "games" // { }; ] ++ (if subvol == "nixos" then [ "noatime" ] else [ ]);
"/mnt/miniserver/pool" = nfsMount "miniserver" "pool" // { }; };
"/mnt/miniserver/jawz" = nfsMount "miniserver" "jawz" // { }; in
"/mnt/server/pool" = nfsMount "server" "pool" // { }; {
"/mnt/server/jawz" = nfsMount "server" "jawz" // { }; "/" = btrfsMount "nixos" // { };
"/boot" = { "/home" = btrfsMount "home" // { };
device = "/dev/disk/by-uuid/ac6d349a-96b9-499e-9009-229efd7743a5"; "/mnt/games" = btrfsMount "games" // { };
fsType = "ext4"; "/mnt/miniserver/pool" = nfsMount "miniserver" "pool" // { };
}; "/mnt/miniserver/jawz" = nfsMount "miniserver" "jawz" // { };
"/boot/efi" = { "/mnt/server/pool" = nfsMount "server" "pool" // { };
device = "/dev/disk/by-uuid/B05D-B5FB"; "/mnt/server/jawz" = nfsMount "server" "jawz" // { };
fsType = "vfat"; "/boot" = {
}; device = "/dev/disk/by-uuid/ac6d349a-96b9-499e-9009-229efd7743a5";
fsType = "ext4";
};
"/boot/efi" = {
device = "/dev/disk/by-uuid/B05D-B5FB";
fsType = "vfat";
};
};
swapDevices = [{
device = "/dev/disk/by-partuuid/c1bd22d7-e62c-440a-88d1-6464be1aa1b0";
randomEncryption = {
enable = true;
cipher = "aes-xts-plain64";
keySize = 512;
sectorSize = 4096;
}; };
}]; swapDevices = [
{
device = "/dev/disk/by-partuuid/c1bd22d7-e62c-440a-88d1-6464be1aa1b0";
randomEncryption = {
enable = true;
cipher = "aes-xts-plain64";
keySize = 512;
sectorSize = 4096;
};
}
];
} }

32
jawz.nix
View File

@ -1,19 +1,21 @@
{ config, ... }: { { config, ... }:
sops.secrets = let {
keyConfig = file: { sops.secrets =
sopsFile = ./secrets/keys.yaml; let
owner = config.users.users.jawz.name; keyConfig = file: {
inherit (config.users.users.jawz) group; sopsFile = ./secrets/keys.yaml;
path = "/home/jawz/.ssh/${file}"; owner = config.users.users.jawz.name;
inherit (config.users.users.jawz) group;
path = "/home/jawz/.ssh/${file}";
};
in
{
jawz-password.neededForUsers = true;
"private_keys/age" = keyConfig "ed25519_age";
"public_keys/age" = keyConfig "ed25519_age.pub";
"private_keys/${config.networking.hostName}" = keyConfig "ed25519_${config.networking.hostName}";
"git_private_keys/${config.networking.hostName}" = keyConfig "ed25519_git";
}; };
in {
jawz-password.neededForUsers = true;
"private_keys/age" = keyConfig "ed25519_age";
"public_keys/age" = keyConfig "ed25519_age.pub";
"private_keys/${config.networking.hostName}" =
keyConfig "ed25519_${config.networking.hostName}";
"git_private_keys/${config.networking.hostName}" = keyConfig "ed25519_git";
};
users.users.jawz = { users.users.jawz = {
linger = true; linger = true;
isNormalUser = true; isNormalUser = true;

3
modules/apps.nix
View File

@ -1,4 +1,5 @@
{ lib, ... }: { { lib, ... }:
{
imports = [ imports = [
./apps/art.nix ./apps/art.nix
./apps/dictionaries.nix ./apps/dictionaries.nix

46
modules/apps/art.nix
View File

@ -1,25 +1,35 @@
{ config, lib, pkgs, ... }: { {
config,
lib,
pkgs,
...
}:
{
options.my = { options.my = {
apps.art.enable = lib.mkEnableOption "enable"; apps.art.enable = lib.mkEnableOption "enable";
dev.gameDev.enable = lib.mkEnableOption "enable"; dev.gameDev.enable = lib.mkEnableOption "enable";
}; };
config = lib.mkIf config.my.apps.art.enable { config = lib.mkIf config.my.apps.art.enable {
users.users.jawz.packages = (with pkgs; [ users.users.jawz.packages =
gimp # the coolest bestest art program to never exist (with pkgs; [
krita # art to your heart desire! gimp # the coolest bestest art program to never exist
mypaint # not the best art program krita # art to your heart desire!
mypaint-brushes # but it's got some mypaint # not the best art program
mypaint-brushes1 # nice damn brushes mypaint-brushes # but it's got some
# pureref # create inspiration/reference boards mypaint-brushes1 # nice damn brushes
blender # cgi animation and sculpting # pureref # create inspiration/reference boards
# drawpile # arty party with friends!! blender # cgi animation and sculpting
]) ++ (if config.my.dev.gameDev.enable then # drawpile # arty party with friends!!
with pkgs; ])
[ ++ (
godot_4 # game development if config.my.dev.gameDev.enable then
# gdtoolkit # gdscript language server with pkgs;
] [
else godot_4 # game development
[ ]); # gdtoolkit # gdscript language server
]
else
[ ]
);
}; };
} }

8
modules/apps/dictionaries.nix
View File

@ -1,4 +1,10 @@
{ config, lib, pkgs, ... }: { {
config,
lib,
pkgs,
...
}:
{
options.my.apps.dictionaries.enable = lib.mkEnableOption "enable"; options.my.apps.dictionaries.enable = lib.mkEnableOption "enable";
config = lib.mkIf config.my.apps.dictionaries.enable { config = lib.mkIf config.my.apps.dictionaries.enable {
users.users.jawz.packages = with pkgs; [ users.users.jawz.packages = with pkgs; [

8
modules/apps/fonts.nix
View File

@ -1,4 +1,10 @@
{ config, lib, pkgs, ... }: { {
config,
lib,
pkgs,
...
}:
{
options.my.apps.fonts.enable = lib.mkEnableOption "enable"; options.my.apps.fonts.enable = lib.mkEnableOption "enable";
config = lib.mkIf config.my.apps.fonts.enable { config = lib.mkIf config.my.apps.fonts.enable {
users.users.jawz.packages = with pkgs; [ users.users.jawz.packages = with pkgs; [

63
modules/apps/gaming.nix
View File

@ -1,4 +1,11 @@
{ config, lib, pkgs, inputs, ... }: { {
config,
lib,
pkgs,
inputs,
...
}:
{
imports = [ inputs.nix-gaming.nixosModules.platformOptimizations ]; imports = [ inputs.nix-gaming.nixosModules.platformOptimizations ];
options.my.apps.gaming.enable = lib.mkEnableOption "enable"; options.my.apps.gaming.enable = lib.mkEnableOption "enable";
config = lib.mkIf config.my.apps.gaming.enable { config = lib.mkIf config.my.apps.gaming.enable {
@ -12,32 +19,34 @@
platformOptimizations.enable = true; platformOptimizations.enable = true;
}; };
}; };
users.users.jawz.packages = let users.users.jawz.packages =
polymc = pkgs.callPackage ../../pkgs/polymc/default.nix { }; let
citra-nightly = polymc = pkgs.callPackage ../../pkgs/polymc/default.nix { };
pkgs.callPackage ../../pkgs/citra/default.nix { branch = "nightly"; }; citra-nightly = pkgs.callPackage ../../pkgs/citra/default.nix { branch = "nightly"; };
in (with pkgs; [ in
shipwright # zelda OoT port (with pkgs; [
mangohud # fps & stats overlay shipwright # zelda OoT port
lutris # games launcher & emulator hub mangohud # fps & stats overlay
cartridges # games launcher lutris # games launcher & emulator hub
gamemode # optimizes linux to have better gaming performance cartridges # games launcher
heroic # install epic games gamemode # optimizes linux to have better gaming performance
protonup-qt # update proton-ge heroic # install epic games
# minecraft # minecraft official launcher protonup-qt # update proton-ge
ns-usbloader # load games into my switch # minecraft # minecraft official launcher
grapejuice # roblox manager ns-usbloader # load games into my switch
grapejuice # roblox manager
# emulators # emulators
rpcs3 # ps3 emulator rpcs3 # ps3 emulator
pcsx2 # ps2 emulator pcsx2 # ps2 emulator
cemu # wii u emulator cemu # wii u emulator
dolphin-emu # wii emulator dolphin-emu # wii emulator
snes9x-gtk # snes emulator snes9x-gtk # snes emulator
ryujinx # switch emulator ryujinx # switch emulator
]) ++ [ ])
citra-nightly # 3Ds emulator ++ [
polymc # minecraft launcher with mod support citra-nightly # 3Ds emulator
]; polymc # minecraft launcher with mod support
];
}; };
} }

23
modules/apps/internet.nix
View File

@ -1,4 +1,10 @@
{ config, lib, pkgs, ... }: { {
config,
lib,
pkgs,
...
}:
{
options.my.apps.internet.enable = lib.mkEnableOption "enable"; options.my.apps.internet.enable = lib.mkEnableOption "enable";
config = lib.mkIf config.my.apps.internet.enable { config = lib.mkIf config.my.apps.internet.enable {
programs = { programs = {
@ -6,13 +12,19 @@
firefox = { firefox = {
enable = true; enable = true;
package = pkgs.librewolf; # fuck u firefox package = pkgs.librewolf; # fuck u firefox
languagePacks = [ "en-CA" "es-MX" "it" ]; languagePacks = [
"en-CA"
"es-MX"
"it"
];
}; };
}; };
services.psd.enable = true; services.psd.enable = true;
users.users.jawz.packages = users.users.jawz.packages =
let vdhcoapp = pkgs.callPackage ../../pkgs/vdhcoapp/default.nix { }; let
in (with pkgs; [ vdhcoapp = pkgs.callPackage ../../pkgs/vdhcoapp/default.nix { };
in
(with pkgs; [
warp # transfer files with based ppl warp # transfer files with based ppl
brave # crypto-browser that at least somewhat integrates with gtk brave # crypto-browser that at least somewhat integrates with gtk
nextcloud-client # self-hosted google-drive alternative nextcloud-client # self-hosted google-drive alternative
@ -26,7 +38,8 @@
discord # :3 discord # :3
teamspeak5_client # ppl say they will use this...? teamspeak5_client # ppl say they will use this...?
# hugo # website engine # hugo # website engine
]) ++ [ ])
++ [
vdhcoapp # video download helper assistant vdhcoapp # video download helper assistant
]; ];
}; };

8
modules/apps/misc.nix
View File

@ -1,4 +1,10 @@
{ config, lib, pkgs, ... }: { {
config,
lib,
pkgs,
...
}:
{
options.my.apps.misc.enable = lib.mkEnableOption "enable"; options.my.apps.misc.enable = lib.mkEnableOption "enable";
config = lib.mkIf config.my.apps.misc.enable { config = lib.mkIf config.my.apps.misc.enable {
users.users.jawz.packages = with pkgs; [ users.users.jawz.packages = with pkgs; [

8
modules/apps/multimedia.nix
View File

@ -1,4 +1,10 @@
{ config, lib, pkgs, ... }: { {
config,
lib,
pkgs,
...
}:
{
options.my.apps.multimedia.enable = lib.mkEnableOption "enable"; options.my.apps.multimedia.enable = lib.mkEnableOption "enable";
config = lib.mkIf config.my.apps.multimedia.enable { config = lib.mkIf config.my.apps.multimedia.enable {
users.users.jawz.packages = with pkgs; [ users.users.jawz.packages = with pkgs; [

8
modules/apps/office.nix
View File

@ -1,4 +1,10 @@
{ config, lib, pkgs, ... }: { {
config,
lib,
pkgs,
...
}:
{
options.my.apps.office.enable = lib.mkEnableOption "enable"; options.my.apps.office.enable = lib.mkEnableOption "enable";
config = lib.mkIf config.my.apps.office.enable { config = lib.mkIf config.my.apps.office.enable {
environment.variables.CALIBRE_USE_SYSTEM_THEME = "1"; environment.variables.CALIBRE_USE_SYSTEM_THEME = "1";

3
modules/dev.nix
View File

@ -1,4 +1,5 @@
{ lib, ... }: { { lib, ... }:
{
imports = [ imports = [
./dev/sh.nix ./dev/sh.nix
./dev/nix.nix ./dev/nix.nix

8
modules/dev/docker.nix
View File

@ -1,4 +1,10 @@
{ config, lib, pkgs, ... }: { {
config,
lib,
pkgs,
...
}:
{
options.my.dev.docker.enable = lib.mkEnableOption "enable"; options.my.dev.docker.enable = lib.mkEnableOption "enable";
config = lib.mkIf config.my.dev.docker.enable { config = lib.mkIf config.my.dev.docker.enable {
environment.variables.DOCKER_CONFIG = "\${XDG_CONFIG_HOME}/docker"; environment.variables.DOCKER_CONFIG = "\${XDG_CONFIG_HOME}/docker";

8
modules/dev/haskell.nix
View File

@ -1,4 +1,10 @@
{ config, lib, pkgs, ... }: { {
config,
lib,
pkgs,
...
}:
{
options.my.dev.haskell.enable = lib.mkEnableOption "enable"; options.my.dev.haskell.enable = lib.mkEnableOption "enable";
config = lib.mkIf config.my.dev.haskell.enable { config = lib.mkIf config.my.dev.haskell.enable {
users.users.jawz.packages = with pkgs; [ users.users.jawz.packages = with pkgs; [

21
modules/dev/javascript.nix
View File

@ -1,16 +1,27 @@
{ config, lib, pkgs, ... }: { {
config,
lib,
pkgs,
...
}:
{
options.my.dev.javascript.enable = lib.mkEnableOption "enable"; options.my.dev.javascript.enable = lib.mkEnableOption "enable";
config = lib.mkIf config.my.dev.javascript.enable { config = lib.mkIf config.my.dev.javascript.enable {
home-manager.users.jawz.xdg.configFile = { home-manager.users.jawz.xdg.configFile = {
"npm/npmrc".source = ../../dotfiles/npm/npmrc; "npm/npmrc".source = ../../dotfiles/npm/npmrc;
"configstore/update-notifier-npm-check.json".source = "configstore/update-notifier-npm-check.json".source = ../../dotfiles/npm/update-notifier-npm-check.json;
../../dotfiles/npm/update-notifier-npm-check.json;
}; };
users.users.jawz.packages = with pkgs; [ nodejs nodePackages.pnpm ]; users.users.jawz.packages = with pkgs; [
nodejs
nodePackages.pnpm
];
environment.variables = { environment.variables = {
NPM_CONFIG_USERCONFIG = "\${XDG_CONFIG_HOME}/npm/npmrc"; NPM_CONFIG_USERCONFIG = "\${XDG_CONFIG_HOME}/npm/npmrc";
PNPM_HOME = "\${XDG_DATA_HOME}/pnpm"; PNPM_HOME = "\${XDG_DATA_HOME}/pnpm";
PATH = [ "\${XDG_DATA_HOME}/npm/bin" "\${XDG_DATA_HOME}/pnpm" ]; PATH = [
"\${XDG_DATA_HOME}/npm/bin"
"\${XDG_DATA_HOME}/pnpm"
];
}; };
}; };
} }

8
modules/dev/nix.nix
View File

@ -1,4 +1,10 @@
{ config, lib, pkgs, ... }: { {
config,
lib,
pkgs,
...
}:
{
options.my.dev.nix.enable = lib.mkEnableOption "enable"; options.my.dev.nix.enable = lib.mkEnableOption "enable";
config = lib.mkIf config.my.dev.nix.enable { config = lib.mkIf config.my.dev.nix.enable {
users.users.jawz.packages = with pkgs; [ users.users.jawz.packages = with pkgs; [

18
modules/dev/python.nix
View File

@ -1,14 +1,19 @@
{ config, lib, pkgs, ... }: { {
config,
lib,
pkgs,
...
}:
{
options.my.dev.python.enable = lib.mkEnableOption "enable"; options.my.dev.python.enable = lib.mkEnableOption "enable";
config = lib.mkIf config.my.dev.python.enable { config = lib.mkIf config.my.dev.python.enable {
home-manager.users.jawz.xdg.configFile."python/pythonrc".source = home-manager.users.jawz.xdg.configFile."python/pythonrc".source = ../../dotfiles/pythonrc;
../../dotfiles/pythonrc;
environment.variables.PYTHONSTARTUP = "\${XDG_CONFIG_HOME}/python/pythonrc"; environment.variables.PYTHONSTARTUP = "\${XDG_CONFIG_HOME}/python/pythonrc";
users.users.jawz.packages = with pkgs; [ users.users.jawz.packages = with pkgs; [
pipenv # python development workflow for humans pipenv # python development workflow for humans
nodePackages.pyright # LSP nodePackages.pyright # LSP
(python3.withPackages (ps: (python3.withPackages (
with ps; [ ps: with ps; [
black # Python code formatter black # Python code formatter
editorconfig # follow rules of contributin editorconfig # follow rules of contributin
flake8 # wraper for pyflakes, pycodestyle and mccabe flake8 # wraper for pyflakes, pycodestyle and mccabe
@ -19,7 +24,8 @@
# nose # testing and running python scripts # nose # testing and running python scripts
# poetry # dependency management made easy # poetry # dependency management made easy
# pytest # framework for writing tests # pytest # framework for writing tests
])) ]
))
]; ];
}; };
} }

8
modules/dev/sh.nix
View File

@ -1,4 +1,10 @@
{ config, lib, pkgs, ... }: { {
config,
lib,
pkgs,
...
}:
{
options.my.dev.sh.enable = lib.mkEnableOption "enable"; options.my.dev.sh.enable = lib.mkEnableOption "enable";
config = lib.mkIf config.my.dev.sh.enable { config = lib.mkIf config.my.dev.sh.enable {
users.users.jawz.packages = with pkgs; [ users.users.jawz.packages = with pkgs; [

56
modules/emacs.nix
View File

@ -1,4 +1,10 @@
{ config, lib, pkgs, ... }: { {
config,
lib,
pkgs,
...
}:
{
options.my.emacs.enable = lib.mkEnableOption "enable"; options.my.emacs.enable = lib.mkEnableOption "enable";
config = lib.mkIf config.my.emacs.enable { config = lib.mkIf config.my.emacs.enable {
home-manager.users.jawz = { home-manager.users.jawz = {
@ -18,33 +24,35 @@
}; };
}; };
}; };
users.users.jawz.packages = (with pkgs; [ users.users.jawz.packages =
fd # modern find, faster searches (with pkgs; [
fzf # fuzzy finder! super cool and useful fd # modern find, faster searches
ripgrep # modern grep fzf # fuzzy finder! super cool and useful
tree-sitter # code parsing based on symbols and shit, I do not get it ripgrep # modern grep
graphviz # graphs tree-sitter # code parsing based on symbols and shit, I do not get it
tetex # export pdf graphviz # graphs
languagetool # proofreader for English tetex # export pdf
languagetool # proofreader for English
# doom everywhere # doom everywhere
xorg.xwininfo xorg.xwininfo
xdotool xdotool
xclip xclip
# lsps # lsps
yaml-language-server yaml-language-server
markdownlint-cli markdownlint-cli
]) ++ (with pkgs.nodePackages; [ ])
vscode-json-languageserver ++ (with pkgs.nodePackages; [
# linters vscode-json-languageserver
prettier # linters
]); prettier
]);
services.emacs = { services.emacs = {
enable = true; enable = true;
package = with pkgs; package =
((emacsPackagesFor emacs-gtk).emacsWithPackages with pkgs;
(epkgs: with epkgs; [ vterm ])); ((emacsPackagesFor emacs-gtk).emacsWithPackages (epkgs: with epkgs; [ vterm ]));
defaultEditor = true; defaultEditor = true;
}; };
environment.variables.PATH = [ "\${XDG_CONFIG_HOME}/emacs/bin" ]; environment.variables.PATH = [ "\${XDG_CONFIG_HOME}/emacs/bin" ];

3
modules/scripts.nix
View File

@ -1,4 +1,5 @@
{ lib, ... }: { { lib, ... }:
{
imports = [ imports = [
./scripts/download.nix ./scripts/download.nix
./scripts/ffmpeg4discord.nix ./scripts/ffmpeg4discord.nix

117
modules/scripts/base.nix
View File

@ -1,59 +1,80 @@
{ config, lib, pkgs, ... }: { {
config,
lib,
pkgs,
...
}:
{
options.my.scripts = lib.mkOption { options.my.scripts = lib.mkOption {
type = lib.types.attrsOf (lib.types.submodule { type = lib.types.attrsOf (
options = { lib.types.submodule {
enable = lib.mkEnableOption "Whether to enable this script"; options = {
install = lib.mkEnableOption "Whether to install the script package"; enable = lib.mkEnableOption "Whether to enable this script";
service = lib.mkEnableOption "Whether to enable the script service"; install = lib.mkEnableOption "Whether to install the script package";
name = lib.mkOption { service = lib.mkEnableOption "Whether to enable the script service";
type = lib.types.str; name = lib.mkOption {
description = "Name of the script."; type = lib.types.str;
description = "Name of the script.";
};
timer = lib.mkOption {
type = lib.types.str;
default = "*:0";
description = "Systemd timer schedule.";
};
description = lib.mkOption {
type = lib.types.str;
description = "Description of the service.";
};
package = lib.mkOption {
type = lib.types.package;
description = "Package containing the executable script.";
};
}; };
timer = lib.mkOption { }
type = lib.types.str; );
default = "*:0";
description = "Systemd timer schedule.";
};
description = lib.mkOption {
type = lib.types.str;
description = "Description of the service.";
};
package = lib.mkOption {
type = lib.types.package;
description = "Package containing the executable script.";
};
};
});
default = { }; default = { };
description = "Configuration for multiple scripts."; description = "Configuration for multiple scripts.";
}; };
config = lib.mkIf (lib.any (s: s.enable) (lib.attrValues config.my.scripts)) { config = lib.mkIf (lib.any (s: s.enable) (lib.attrValues config.my.scripts)) {
users.users.jawz.packages = lib.flatten (lib.mapAttrsToList (_name: script: users.users.jawz.packages = lib.flatten (
lib.optional (script.enable && script.install) script.package) lib.mapAttrsToList (
config.my.scripts); _name: script: lib.optional (script.enable && script.install) script.package
) config.my.scripts
);
systemd.user.services = lib.mapAttrs' (name: script: systemd.user.services = lib.mapAttrs' (
lib.nameValuePair "${script.name}" name: script:
(lib.mkIf (script.enable && script.service) { lib.nameValuePair "${script.name}" (
restartIfChanged = true; lib.mkIf (script.enable && script.service) {
inherit (script) description; restartIfChanged = true;
wantedBy = [ "default.target" ]; inherit (script) description;
path = [ pkgs.nix script.package ]; wantedBy = [ "default.target" ];
serviceConfig = { path = [
Restart = "on-failure"; pkgs.nix
RestartSec = 30; script.package
ExecStart = "${script.package}/bin/${script.name}"; ];
}; serviceConfig = {
})) config.my.scripts; Restart = "on-failure";
RestartSec = 30;
ExecStart = "${script.package}/bin/${script.name}";
};
}
)
) config.my.scripts;
systemd.user.timers = lib.mapAttrs' (name: script: systemd.user.timers = lib.mapAttrs' (
lib.nameValuePair "${script.name}" name: script:
(lib.mkIf (script.enable && script.service) { lib.nameValuePair "${script.name}" (
enable = true; lib.mkIf (script.enable && script.service) {
inherit (script) description; enable = true;
wantedBy = [ "timers.target" ]; inherit (script) description;
timerConfig = { OnCalendar = script.timer; }; wantedBy = [ "timers.target" ];
})) config.my.scripts; timerConfig = {
OnCalendar = script.timer;
};
}
)
) config.my.scripts;
}; };
} }

183
modules/scripts/download.nix
View File

@ -1,90 +1,113 @@
{ pkgs, lib, config, ... }: { {
pkgs,
lib,
config,
...
}:
{
imports = [ ./base.nix ]; imports = [ ./base.nix ];
options.my.units.download.enable = lib.mkEnableOption "enable"; options.my.units.download.enable = lib.mkEnableOption "enable";
config = let config =
download = with pkgs; let
python3Packages.buildPythonApplication { download =
pname = "download"; with pkgs;
version = "2.5"; python3Packages.buildPythonApplication {
src = ../../scripts/download/.; pname = "download";
build-system = with python3Packages; [ setuptools ]; version = "2.5";
dependencies = with python3Packages; [ pyyaml types-pyyaml yt-dlp ]; src = ../../scripts/download/.;
propagatedBuildInputs = [ gallery-dl ffmpeg ]; build-system = with python3Packages; [ setuptools ];
}; dependencies = with python3Packages; [
in { pyyaml
home-manager.users.jawz = { types-pyyaml
xdg.configFile."gallery-dl/config.json".source = yt-dlp
../../dotfiles/gallery-dl/config.json; ];
services.lorri.enable = true; propagatedBuildInputs = [
programs.bash = { gallery-dl
shellAliases = { ffmpeg
dl = "download -u jawz -i"; ];
comic = ''dl "$(cat "$LC" | fzf --multi --exact -i)"'';
gallery = ''dl "$(cat "$LW" | fzf --multi --exact -i)"'';
}; };
initExtra = '' in
list_root=$XDG_CONFIG_HOME/jawz/lists/jawz {
export LW=$list_root/watch.txt home-manager.users.jawz = {
export LI=$list_root/instant.txt xdg.configFile."gallery-dl/config.json".source = ../../dotfiles/gallery-dl/config.json;
export LC=$list_root/comic.txt services.lorri.enable = true;
''; programs.bash = {
}; shellAliases = {
}; dl = "download -u jawz -i";
systemd.user = lib.mkIf config.my.units.download.enable { comic = ''dl "$(cat "$LC" | fzf --multi --exact -i)"'';
services = let gallery = ''dl "$(cat "$LW" | fzf --multi --exact -i)"'';
mkDownloadService = desc: execStartCmd: {
restartIfChanged = true;
description = "Downloads ${desc}";
wantedBy = [ "default.target" ];
path = [ pkgs.bash download ];
serviceConfig = {
TimeoutStartSec = 2000;
TimeoutStopSec = 2000;
Restart = "on-failure";
RestartSec = 30;
ExecStart = "${download}/bin/download ${execStartCmd}";
}; };
initExtra = ''
list_root=$XDG_CONFIG_HOME/jawz/lists/jawz
export LW=$list_root/watch.txt
export LI=$list_root/instant.txt
export LC=$list_root/comic.txt
'';
}; };
in {
tuhmayto = mkDownloadService "tuhmayto stuff" ''
-u jawz -i https://x.com/tuhmayto/media \
https://www.furaffinity.net/user/tuhmayto/'';
"download@" = mkDownloadService "post from multiple sources" "%I";
"instagram@" = mkDownloadService "post types from instagram"
"instagram -u jawz -t %I";
}; };
timers = let systemd.user = lib.mkIf config.my.units.download.enable {
downloadTimer = time: delay: { services =
enable = true; let
description = "Downloads post types from different sites"; mkDownloadService = desc: execStartCmd: {
wantedBy = [ "timers.target" ]; restartIfChanged = true;
timerConfig = { description = "Downloads ${desc}";
OnCalendar = time; wantedBy = [ "default.target" ];
RandomizedDelaySec = delay; path = [
Persistent = true; pkgs.bash
download
];
serviceConfig = {
TimeoutStartSec = 2000;
TimeoutStopSec = 2000;
Restart = "on-failure";
RestartSec = 30;
ExecStart = "${download}/bin/download ${execStartCmd}";
};
};
in
{
tuhmayto = mkDownloadService "tuhmayto stuff" ''
-u jawz -i https://x.com/tuhmayto/media \
https://www.furaffinity.net/user/tuhmayto/'';
"download@" = mkDownloadService "post from multiple sources" "%I";
"instagram@" = mkDownloadService "post types from instagram" "instagram -u jawz -t %I";
}; };
}; timers =
in { let
"instagram@stories" = downloadTimer "*-*-* 08:12:00" 120 // { }; downloadTimer = time: delay: {
"download@main" = downloadTimer "*-*-* 06,18:02:00" 30 // { }; enable = true;
"download@push" = downloadTimer "*:0/5" 30 // { }; description = "Downloads post types from different sites";
"download@manga" = downloadTimer "Fri *-*-* 03:08:00" 30 // { }; wantedBy = [ "timers.target" ];
# "download@kemono" = downloadTimer timerConfig = {
# "*-*-1,3,5,7,9,11,13,15,17,19,21,23,25,27,29,31 18:06:00" 60 // { }; OnCalendar = time;
tuhmayto = { RandomizedDelaySec = delay;
enable = true; Persistent = true;
description = "Downloads tuhmayto stuff"; };
wantedBy = [ "timers.target" ]; };
timerConfig = { OnCalendar = "*:0/10"; }; in
}; {
"instagram@stories" = downloadTimer "*-*-* 08:12:00" 120 // { };
"download@main" = downloadTimer "*-*-* 06,18:02:00" 30 // { };
"download@push" = downloadTimer "*:0/5" 30 // { };
"download@manga" = downloadTimer "Fri *-*-* 03:08:00" 30 // { };
# "download@kemono" = downloadTimer
# "*-*-1,3,5,7,9,11,13,15,17,19,21,23,25,27,29,31 18:06:00" 60 // { };
tuhmayto = {
enable = true;
description = "Downloads tuhmayto stuff";
wantedBy = [ "timers.target" ];
timerConfig = {
OnCalendar = "*:0/10";
};
};
};
};
my.scripts.download = {
enable = lib.mkDefault false;
install = true;
service = false;
name = "download";
package = download;
}; };
}; };
my.scripts.download = {
enable = lib.mkDefault false;
install = true;
service = false;
name = "download";
package = download;
};
};
} }

6
modules/scripts/ffmpeg4discord.nix
View File

@ -1,11 +1,11 @@
{ pkgs, lib, ... }: { { pkgs, lib, ... }:
{
imports = [ ./base.nix ]; imports = [ ./base.nix ];
config.my.scripts.ffmpeg4discord = { config.my.scripts.ffmpeg4discord = {
enable = lib.mkDefault false; enable = lib.mkDefault false;
install = true; install = true;
service = false; service = false;
name = "ffmpeg4discord"; name = "ffmpeg4discord";
package = pkgs.writeScriptBin "ffmpeg4discord" package = pkgs.writeScriptBin "ffmpeg4discord" (builtins.readFile ../../scripts/ffmpeg4discord.py);
(builtins.readFile ../../scripts/ffmpeg4discord.py);
}; };
} }

6
modules/scripts/ffmpreg.nix
View File

@ -1,11 +1,11 @@
{ pkgs, lib, ... }: { { pkgs, lib, ... }:
{
imports = [ ./base.nix ]; imports = [ ./base.nix ];
config.my.scripts.ffmpreg = { config.my.scripts.ffmpreg = {
enable = lib.mkDefault false; enable = lib.mkDefault false;
install = true; install = true;
service = false; service = false;
name = "ffmpreg"; name = "ffmpreg";
package = pkgs.writeScriptBin "ffmpreg" package = pkgs.writeScriptBin "ffmpreg" (builtins.readFile ../../scripts/ffmpreg.sh);
(builtins.readFile ../../scripts/ffmpreg.sh);
}; };
} }

8
modules/scripts/find-dup-episode.nix
View File

@ -1,11 +1,13 @@
{ pkgs, lib, ... }: { { pkgs, lib, ... }:
{
imports = [ ./base.nix ]; imports = [ ./base.nix ];
config.my.scripts.find-dup-episodes = { config.my.scripts.find-dup-episodes = {
enable = lib.mkDefault false; enable = lib.mkDefault false;
install = true; install = true;
service = false; service = false;
name = "find-dup-episodes"; name = "find-dup-episodes";
package = pkgs.writeScriptBin "find-dup-episodes" package = pkgs.writeScriptBin "find-dup-episodes" (
(builtins.readFile ../../scripts/find-dup-episodes.sh); builtins.readFile ../../scripts/find-dup-episodes.sh
);
}; };
} }

6
modules/scripts/manage-library.nix
View File

@ -1,4 +1,5 @@
{ pkgs, lib, ... }: { { pkgs, lib, ... }:
{
imports = [ ./base.nix ]; imports = [ ./base.nix ];
config.my.scripts.manage-library = { config.my.scripts.manage-library = {
enable = lib.mkDefault false; enable = lib.mkDefault false;
@ -7,7 +8,6 @@
name = "manage-library"; name = "manage-library";
timer = "00:30"; timer = "00:30";
description = "scans the library directory and sorts files"; description = "scans the library directory and sorts files";
package = pkgs.writeScriptBin "manage-library" package = pkgs.writeScriptBin "manage-library" (builtins.readFile ../../scripts/manage-library.sh);
(builtins.readFile ../../scripts/manage-library.sh);
}; };
} }

6
modules/scripts/pika-list.nix
View File

@ -1,11 +1,11 @@
{ pkgs, lib, ... }: { { pkgs, lib, ... }:
{
imports = [ ./base.nix ]; imports = [ ./base.nix ];
config.my.scripts.pika-list = { config.my.scripts.pika-list = {
enable = lib.mkDefault false; enable = lib.mkDefault false;
install = true; install = true;
service = false; service = false;
name = "pika-list"; name = "pika-list";
package = pkgs.writeScriptBin "pika-list" package = pkgs.writeScriptBin "pika-list" (builtins.readFile ../../scripts/pika-list.sh);
(builtins.readFile ../../scripts/pika-list.sh);
}; };
} }

6
modules/scripts/run.nix
View File

@ -1,11 +1,11 @@
{ pkgs, lib, ... }: { { pkgs, lib, ... }:
{
imports = [ ./base.nix ]; imports = [ ./base.nix ];
config.my.scripts.run = { config.my.scripts.run = {
enable = lib.mkDefault false; enable = lib.mkDefault false;
install = true; install = true;
service = false; service = false;
name = "run"; name = "run";
package = package = pkgs.writeScriptBin "run" (builtins.readFile ../../scripts/run.sh);
pkgs.writeScriptBin "run" (builtins.readFile ../../scripts/run.sh);
}; };
} }

6
modules/scripts/split-dir.nix
View File

@ -1,11 +1,11 @@
{ pkgs, lib, ... }: { { pkgs, lib, ... }:
{
imports = [ ./base.nix ]; imports = [ ./base.nix ];
config.my.scripts.split-dir = { config.my.scripts.split-dir = {
enable = lib.mkDefault false; enable = lib.mkDefault false;
install = true; install = true;
service = false; service = false;
name = "split-dir"; name = "split-dir";
package = pkgs.writeScriptBin "split-dir" package = pkgs.writeScriptBin "split-dir" (builtins.readFile ../../scripts/split-dir.sh);
(builtins.readFile ../../scripts/split-dir.sh);
}; };
} }

90
modules/scripts/stream-dl.nix
View File

@ -1,47 +1,59 @@
{ pkgs, lib, config, ... }: { {
pkgs,
lib,
config,
...
}:
{
imports = [ ./base.nix ]; imports = [ ./base.nix ];
options.my.units.stream-dl.enable = lib.mkEnableOption "enable"; options.my.units.stream-dl.enable = lib.mkEnableOption "enable";
config = let config =
stream-dl = pkgs.writeScriptBin "stream-dl" let
(builtins.readFile ../../scripts/stream-dl.sh); stream-dl = pkgs.writeScriptBin "stream-dl" (builtins.readFile ../../scripts/stream-dl.sh);
in { in
systemd.user = lib.mkIf config.my.units.stream-dl.enable { {
services."stream@" = { systemd.user = lib.mkIf config.my.units.stream-dl.enable {
description = "monitors a stream channel for online streams."; services."stream@" = {
restartIfChanged = true;
wantedBy = [ "default.target" ];
path = [ pkgs.nix stream-dl ];
serviceConfig = {
Restart = "on-failure";
RestartSec = 30;
ExecStart = "${stream-dl}/bin/stream-dl %I";
};
};
timers = let
streamTimer = {
enable = true;
description = "monitors a stream channel for online streams."; description = "monitors a stream channel for online streams.";
wantedBy = [ "timers.target" ]; restartIfChanged = true;
timerConfig = { wantedBy = [ "default.target" ];
OnBootSec = "5min"; path = [
OnUnitActiveSec = "65min"; pkgs.nix
RandomizedDelaySec = 30; stream-dl
];
serviceConfig = {
Restart = "on-failure";
RestartSec = 30;
ExecStart = "${stream-dl}/bin/stream-dl %I";
}; };
}; };
in { timers =
"stream@johnneal911" = streamTimer // { }; let
"stream@uk2011boy" = streamTimer // { }; streamTimer = {
"stream@tommy9x6" = streamTimer // { }; enable = true;
"stream@brocollirob" = streamTimer // { }; description = "monitors a stream channel for online streams.";
"stream@tomayto\\x20picarto" = streamTimer // { }; wantedBy = [ "timers.target" ];
timerConfig = {
OnBootSec = "5min";
OnUnitActiveSec = "65min";
RandomizedDelaySec = 30;
};
};
in
{
"stream@johnneal911" = streamTimer // { };
"stream@uk2011boy" = streamTimer // { };
"stream@tommy9x6" = streamTimer // { };
"stream@brocollirob" = streamTimer // { };
"stream@tomayto\\x20picarto" = streamTimer // { };
};
};
my.scripts.stream-dl = {
enable = lib.mkDefault false;
install = true;
service = false;
name = "stream-dl";
package = stream-dl;
}; };
}; };
my.scripts.stream-dl = {
enable = lib.mkDefault false;
install = true;
service = false;
name = "stream-dl";
package = stream-dl;
};
};
} }

6
modules/scripts/tasks.nix
View File

@ -1,4 +1,5 @@
{ pkgs, lib, ... }: { { pkgs, lib, ... }:
{
imports = [ ./base.nix ]; imports = [ ./base.nix ];
config.my.scripts.tasks = { config.my.scripts.tasks = {
enable = lib.mkDefault false; enable = lib.mkDefault false;
@ -7,7 +8,6 @@
name = "tasks"; name = "tasks";
timer = "*:0/10"; timer = "*:0/10";
description = "Runs a bunch of organizing tasks on selected directories"; description = "Runs a bunch of organizing tasks on selected directories";
package = package = pkgs.writeScriptBin "tasks" (builtins.readFile ../../scripts/tasks.sh);
pkgs.writeScriptBin "tasks" (builtins.readFile ../../scripts/tasks.sh);
}; };
} }

31
modules/scripts/update-dns.nix
View File

@ -1,4 +1,10 @@
{ config, pkgs, lib, ... }: { {
config,
pkgs,
lib,
...
}:
{
imports = [ ./base.nix ]; imports = [ ./base.nix ];
config = { config = {
sops.secrets = { sops.secrets = {
@ -25,17 +31,18 @@
name = "update-dns"; name = "update-dns";
timer = "*:0/30"; timer = "*:0/30";
description = "Updates the IP of all my domains"; description = "Updates the IP of all my domains";
package = let package =
update-dns = pkgs.writeScriptBin "update-dns" let
(builtins.readFile ../../scripts/update-dns.sh); update-dns = pkgs.writeScriptBin "update-dns" (builtins.readFile ../../scripts/update-dns.sh);
in pkgs.writeScriptBin "update-dns" '' in
#!/usr/bin/env nix-shell pkgs.writeScriptBin "update-dns" ''
#! nix-shell -i bash -p bash curl #!/usr/bin/env nix-shell
set -a #! nix-shell -i bash -p bash curl
source ${config.sops.secrets.dns.path} set -a
set -a source ${config.sops.secrets.dns.path}
${update-dns}/bin/update-dns set -a
''; ${update-dns}/bin/update-dns
'';
}; };
}; };
} }

120
modules/servers.nix
View File

@ -1,4 +1,9 @@
{ lib, config, pkgs, ... }: {
lib,
config,
pkgs,
...
}:
let let
setup = import ./servers/base.nix { inherit lib config; }; setup = import ./servers/base.nix { inherit lib config; };
proxy = locations: { proxy = locations: {
@ -7,12 +12,11 @@ let
enableACME = true; enableACME = true;
http2 = true; http2 = true;
}; };
proxyReverse = port: proxyReverse = port: proxy { "/".proxyPass = "http://${config.my.localhost}:${toString port}/"; };
proxy { proxyReverseArr =
"/".proxyPass = "http://${config.my.localhost}:${toString port}/"; port:
}; proxyReverse port
proxyReverseArr = port: // {
proxyReverse port // {
extraConfig = '' extraConfig = ''
proxy_set_header Host $host; proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
@ -35,17 +39,46 @@ let
config.my.servers.metube.enable config.my.servers.metube.enable
config.my.servers.go-vod.enable config.my.servers.go-vod.enable
]; ];
in { in
{
imports = [ imports = [
./servers/adguardhome.nix ./servers/adguardhome.nix
./servers/paperless.nix ./servers/paperless.nix
./servers/postgres.nix ./servers/postgres.nix
(import ./servers/audiobookshelf.nix { inherit lib config proxy setup; }) (import ./servers/audiobookshelf.nix {
inherit
lib
config
proxy
setup
;
})
(import ./servers/bazarr.nix { inherit lib config proxyReverse; }) (import ./servers/bazarr.nix { inherit lib config proxyReverse; })
(import ./servers/flame.nix { inherit lib config proxyReverse; }) (import ./servers/flame.nix { inherit lib config proxyReverse; })
(import ./servers/homepage.nix { inherit lib config pkgs proxyReverse; }) (import ./servers/homepage.nix {
(import ./servers/jellyfin.nix { inherit lib config pkgs setup; }) inherit
(import ./servers/kavita.nix { inherit lib config pkgs proxyReverse; }) lib
config
pkgs
proxyReverse
;
})
(import ./servers/jellyfin.nix {
inherit
lib
config
pkgs
setup
;
})
(import ./servers/kavita.nix {
inherit
lib
config
pkgs
proxyReverse
;
})
(import ./servers/lidarr.nix { inherit lib config proxyReverseArr; }) (import ./servers/lidarr.nix { inherit lib config proxyReverseArr; })
(import ./servers/maloja.nix { inherit lib config proxyReverse; }) (import ./servers/maloja.nix { inherit lib config proxyReverse; })
(import ./servers/mealie.nix { inherit lib config proxyReverse; }) (import ./servers/mealie.nix { inherit lib config proxyReverse; })
@ -54,14 +87,49 @@ in {
(import ./servers/multi-scrobbler.nix { inherit lib config proxyReverse; }) (import ./servers/multi-scrobbler.nix { inherit lib config proxyReverse; })
(import ./servers/nextcloud.nix { inherit lib config pkgs; }) (import ./servers/nextcloud.nix { inherit lib config pkgs; })
(import ./servers/prowlarr.nix { inherit lib config proxyReverseArr; }) (import ./servers/prowlarr.nix { inherit lib config proxyReverseArr; })
(import ./servers/qbittorrent.nix { inherit lib config pkgs proxyReverse; }) (import ./servers/qbittorrent.nix {
(import ./servers/sabnzbd.nix { inherit lib config pkgs proxyReverse; }) inherit
lib
config
pkgs
proxyReverse
;
})
(import ./servers/sabnzbd.nix {
inherit
lib
config
pkgs
proxyReverse
;
})
(import ./servers/radarr.nix { inherit lib config proxyReverseArr; }) (import ./servers/radarr.nix { inherit lib config proxyReverseArr; })
(import ./servers/ryot.nix { inherit lib config proxyReverse; }) (import ./servers/ryot.nix { inherit lib config proxyReverse; })
(import ./servers/shiori.nix { inherit lib config pkgs proxyReverse; }) (import ./servers/shiori.nix {
inherit
lib
config
pkgs
proxyReverse
;
})
(import ./servers/sonarr.nix { inherit lib config proxyReverse; }) (import ./servers/sonarr.nix { inherit lib config proxyReverse; })
(import ./servers/vaultwarden.nix { inherit lib config pkgs proxyReverse; }) (import ./servers/vaultwarden.nix {
(import ./servers/firefly-iii.nix { inherit lib config pkgs proxyReverse; }) inherit
lib
config
pkgs
proxyReverse
;
})
(import ./servers/firefly-iii.nix {
inherit
lib
config
pkgs
proxyReverse
;
})
]; ];
options.my = { options.my = {
localhost = lib.mkOption { localhost = lib.mkOption {
@ -173,11 +241,17 @@ in {
clientMaxBodySize = "4096m"; clientMaxBodySize = "4096m";
sslCiphers = "AES256+EECDH:AES256+EDH:!aNULL"; sslCiphers = "AES256+EECDH:AES256+EDH:!aNULL";
}; };
networking.firewall = let ports = [ 80 443 ]; networking.firewall =
in { let
enable = true; ports = [
allowedTCPPorts = ports; 80
allowedUDPPorts = ports; 443
}; ];
in
{
enable = true;
allowedTCPPorts = ports;
allowedUDPPorts = ports;
};
}; };
} }

3
modules/servers/adguardhome.nix
View File

@ -1,4 +1,5 @@
{ lib, config, ... }: { { lib, config, ... }:
{
options.my.servers.adguardhome.enable = lib.mkEnableOption "enable"; options.my.servers.adguardhome.enable = lib.mkEnableOption "enable";
config = lib.mkIf config.my.servers.adguardhome.enable { config = lib.mkIf config.my.servers.adguardhome.enable {
services.adguardhome = { services.adguardhome = {

17
modules/servers/audiobookshelf.nix
View File

@ -1,8 +1,15 @@
{ lib, config, proxy, setup, ... }: {
let cfg = config.my.servers.audiobookshelf; lib,
in { config,
options.my.servers.audiobookshelf = proxy,
setup.mkOptions "audiobookshelf" "audiobooks" 5687; setup,
...
}:
let
cfg = config.my.servers.audiobookshelf;
in
{
options.my.servers.audiobookshelf = setup.mkOptions "audiobookshelf" "audiobooks" 5687;
config = lib.mkIf config.my.servers.audiobookshelf.enable { config = lib.mkIf config.my.servers.audiobookshelf.enable {
services = { services = {
audiobookshelf = { audiobookshelf = {

5
modules/servers/base.nix
View File

@ -24,4 +24,7 @@ let
default = "http://${config.my.localhost}:${toString port}"; default = "http://${config.my.localhost}:${toString port}";
}; };
}; };
in { inherit mkOptions; } in
{
inherit mkOptions;
}

8
modules/servers/bazarr.nix
View File

@ -1,4 +1,10 @@
{ lib, config, proxyReverse, ... }: { {
lib,
config,
proxyReverse,
...
}:
{
options.my.servers.bazarr.enable = lib.mkEnableOption "enable"; options.my.servers.bazarr.enable = lib.mkEnableOption "enable";
config = lib.mkIf config.my.servers.bazarr.enable { config = lib.mkIf config.my.servers.bazarr.enable {
services = { services = {

40
modules/servers/firefly-iii.nix
View File

@ -1,26 +1,26 @@
{ lib, config, ... }: { { lib, config, ... }:
{
options.my.servers.firefly-iii.enable = lib.mkEnableOption "enable"; options.my.servers.firefly-iii.enable = lib.mkEnableOption "enable";
config = lib.mkIf (config.my.servers.firefly-iii.enable config = lib.mkIf (config.my.servers.firefly-iii.enable && config.my.servers.postgres.enable) {
&& config.my.servers.postgres.enable) { sops.secrets.firefly-iii-keyfile = {
sops.secrets.firefly-iii-keyfile = { owner = config.users.users.firefly-iii.name;
owner = config.users.users.firefly-iii.name; inherit (config.users.users.firefly-iii) group;
inherit (config.users.users.firefly-iii) group; };
services = {
nginx.virtualHosts."${config.services.firefly-iii.virtualHost}" = {
forceSSL = true;
enableACME = true;
}; };
services = { firefly-iii = {
nginx.virtualHosts."${config.services.firefly-iii.virtualHost}" = { enable = true;
forceSSL = true; virtualHost = "money.servidos.lat";
enableACME = true; enableNginx = true;
}; settings = {
firefly-iii = { APP_KEY_FILE = config.sops.secrets.firefly-iii-keyfile.path;
enable = true; DB_HOST = config.my.postgresSocket;
virtualHost = "money.servidos.lat"; DB_CONNECTION = "pgsql";
enableNginx = true;
settings = {
APP_KEY_FILE = config.sops.secrets.firefly-iii-keyfile.path;
DB_HOST = config.my.postgresSocket;
DB_CONNECTION = "pgsql";
};
}; };
}; };
}; };
};
} }

13
modules/servers/flame.nix
View File

@ -1,8 +1,14 @@
{ lib, config, proxyReverse, ... }: {
lib,
config,
proxyReverse,
...
}:
let let
port = 5005; port = 5005;
portSecret = 5007; portSecret = 5007;
in { in
{
options.my.servers = { options.my.servers = {
flame.enable = lib.mkEnableOption "enable"; flame.enable = lib.mkEnableOption "enable";
flameSecret.enable = lib.mkEnableOption "enable"; flameSecret.enable = lib.mkEnableOption "enable";
@ -40,8 +46,7 @@ in {
}; };
services.nginx = { services.nginx = {
virtualHosts."start.${config.my.domain}" = proxyReverse port // { }; virtualHosts."start.${config.my.domain}" = proxyReverse port // { };
virtualHosts."qampqwn4wprhqny8h8zj.${config.my.domain}" = virtualHosts."qampqwn4wprhqny8h8zj.${config.my.domain}" = proxyReverse portSecret // { };
proxyReverse portSecret // { };
}; };
}; };
} }

19
modules/servers/homepage.nix
View File

@ -1,8 +1,14 @@
{ lib, config, proxyReverse, ... }: {
lib,
config,
proxyReverse,
...
}:
let let
port = 8082; port = 8082;
services = import ./homepage/services.nix { inherit config lib; }; services = import ./homepage/services.nix { inherit config lib; };
in { in
{
options.my.servers.homepage.enable = lib.mkEnableOption "enable"; options.my.servers.homepage.enable = lib.mkEnableOption "enable";
config = lib.mkIf config.my.servers.homepage.enable { config = lib.mkIf config.my.servers.homepage.enable {
sops.secrets.homepage.sopsFile = ../../secrets/env.yaml; sops.secrets.homepage.sopsFile = ../../secrets/env.yaml;
@ -22,8 +28,7 @@ in {
columns = 4; columns = 4;
}; };
}; };
background = background = "https://images.unsplash.com/photo-1502790671504-542ad42d5189?auto=format&fit=crop&w=2560&q=80";
"https://images.unsplash.com/photo-1502790671504-542ad42d5189?auto=format&fit=crop&w=2560&q=80";
}; };
widgets = [ widgets = [
{ {
@ -37,7 +42,11 @@ in {
} }
{ {
search = { search = {
provider = [ "brave" "bing" "google" ]; provider = [
"brave"
"bing"
"google"
];
target = "_blank"; target = "_blank";
showSearchSuggestions = true; showSearchSuggestions = true;
}; };

293
modules/servers/homepage/services.nix
View File

@ -1,4 +1,5 @@
{ config, lib, ... }: { { config, lib, ... }:
{
audiobookshelf = lib.mkIf config.my.servers.audiobookshelf.enable { audiobookshelf = lib.mkIf config.my.servers.audiobookshelf.enable {
icon = "${config.my.servers.audiobookshelf.name}.png"; icon = "${config.my.servers.audiobookshelf.name}.png";
href = config.my.servers.audiobookshelf.url; href = config.my.servers.audiobookshelf.url;
@ -8,149 +9,171 @@
key = "{{HOMEPAGE_VAR_AUDIOBOOKSHELF}}"; key = "{{HOMEPAGE_VAR_AUDIOBOOKSHELF}}";
}; };
}; };
jellyfin = let jellyfin =
name = "jellyfin"; let
url = "https://flix.servidos.lat"; name = "jellyfin";
in { url = "https://flix.servidos.lat";
icon = "${name}.png"; in
href = url; {
widget = { icon = "${name}.png";
type = name; href = url;
url = url; widget = {
key = "{{HOMEPAGE_VAR_JELLYFIN}}"; type = name;
enableUser = true; url = url;
enableBlocks = true; key = "{{HOMEPAGE_VAR_JELLYFIN}}";
enableNowPlaying = false; enableUser = true;
enableBlocks = true;
enableNowPlaying = false;
};
}; };
}; "now playing" =
"now playing" = let let
name = "jellyfin"; name = "jellyfin";
url = "https://flix.servidos.lat"; url = "https://flix.servidos.lat";
in { in
icon = "${name}.png"; {
href = url; icon = "${name}.png";
widget = { href = url;
type = name; widget = {
url = url; type = name;
key = "{{HOMEPAGE_VAR_JELLYFIN}}"; url = url;
enableUser = true; key = "{{HOMEPAGE_VAR_JELLYFIN}}";
enableBlocks = false; enableUser = true;
enableNowPlaying = true; enableBlocks = false;
showEpisodeNumber = true; enableNowPlaying = true;
expandOneStreamToTwoRows = true; showEpisodeNumber = true;
expandOneStreamToTwoRows = true;
};
}; };
}; sonarr =
sonarr = let let
name = "sonarr"; name = "sonarr";
url = "https://series.servidos.lat"; url = "https://series.servidos.lat";
in { in
icon = "${name}.png"; {
href = url; icon = "${name}.png";
widget = { href = url;
type = name; widget = {
url = url; type = name;
key = "{{HOMEPAGE_VAR_SONARR}}"; url = url;
enableQueue = true; key = "{{HOMEPAGE_VAR_SONARR}}";
enableQueue = true;
};
}; };
}; radarr =
radarr = let let
name = "radarr"; name = "radarr";
url = "https://movies.servidos.lat"; url = "https://movies.servidos.lat";
in { in
icon = "${name}.png"; {
href = url; icon = "${name}.png";
widget = { href = url;
type = name; widget = {
url = url; type = name;
key = "{{HOMEPAGE_VAR_RADARR}}"; url = url;
enableQueue = true; key = "{{HOMEPAGE_VAR_RADARR}}";
enableQueue = true;
};
}; };
}; lidarr =
lidarr = let let
name = "lidarr"; name = "lidarr";
url = "https://music.servidos.lat"; url = "https://music.servidos.lat";
in { in
icon = "${name}.png"; {
href = url; icon = "${name}.png";
widget = { href = url;
type = name; widget = {
url = url; type = name;
key = "{{HOMEPAGE_VAR_LIDARR}}"; url = url;
key = "{{HOMEPAGE_VAR_LIDARR}}";
};
}; };
}; prowlarr =
prowlarr = let let
name = "prowlarr"; name = "prowlarr";
url = "https://indexer.servidos.lat"; url = "https://indexer.servidos.lat";
in { in
icon = "${name}.png"; {
href = url; icon = "${name}.png";
widget = { href = url;
type = name; widget = {
url = url; type = name;
key = "{{HOMEPAGE_VAR_PROWLARR}}"; url = url;
key = "{{HOMEPAGE_VAR_PROWLARR}}";
};
}; };
}; bazarr =
bazarr = let let
name = "bazarr"; name = "bazarr";
url = "https://subs.servidos.lat"; url = "https://subs.servidos.lat";
in { in
icon = "${name}.png"; {
href = url; icon = "${name}.png";
widget = { href = url;
type = name; widget = {
url = url; type = name;
key = "{{HOMEPAGE_VAR_BAZARR}}"; url = url;
key = "{{HOMEPAGE_VAR_BAZARR}}";
};
}; };
}; kavita =
kavita = let let
name = "kavita"; name = "kavita";
url = "https://library.servidos.lat"; url = "https://library.servidos.lat";
in { in
icon = "${name}.png"; {
href = url; icon = "${name}.png";
widget = { href = url;
type = name; widget = {
url = url; type = name;
username = "{{HOMEPAGE_VAR_KAVITA_USERNAME}}"; url = url;
password = "{{HOMEPAGE_VAR_KAVITA_PASSWORD}}"; username = "{{HOMEPAGE_VAR_KAVITA_USERNAME}}";
password = "{{HOMEPAGE_VAR_KAVITA_PASSWORD}}";
};
}; };
}; "qbittorrent server" =
"qbittorrent server" = let let
name = "qbittorrent"; name = "qbittorrent";
url = "https://vnfx2cojmt7dwzcfmi73.servidos.lat"; url = "https://vnfx2cojmt7dwzcfmi73.servidos.lat";
in { in
icon = "${name}.png"; {
href = url; icon = "${name}.png";
widget = { href = url;
type = name; widget = {
url = "http://192.168.1.69:9091"; type = name;
username = "{{HOMEPAGE_VAR_QBIT_USERNAME}}"; url = "http://192.168.1.69:9091";
password = "{{HOMEPAGE_VAR_QBIT_PASSWORD}}"; username = "{{HOMEPAGE_VAR_QBIT_USERNAME}}";
password = "{{HOMEPAGE_VAR_QBIT_PASSWORD}}";
};
}; };
}; "qbittorrent miniserver" =
"qbittorrent miniserver" = let let
name = "qbittorrent"; name = "qbittorrent";
url = "https://xfwmrle6h6skqujbeizw.servidos.lat"; url = "https://xfwmrle6h6skqujbeizw.servidos.lat";
in { in
icon = "${name}.png"; {
href = url; icon = "${name}.png";
widget = { href = url;
type = name; widget = {
url = "http://192.168.1.100:9091"; type = name;
username = "{{HOMEPAGE_VAR_QBIT_USERNAME}}"; url = "http://192.168.1.100:9091";
password = "{{HOMEPAGE_VAR_QBIT_PASSWORD}}"; username = "{{HOMEPAGE_VAR_QBIT_USERNAME}}";
password = "{{HOMEPAGE_VAR_QBIT_PASSWORD}}";
};
}; };
}; sabnzbd =
sabnzbd = let let
name = "sabnzbd"; name = "sabnzbd";
url = "https://HSoeJdGRd2Orj0n31UGI.servidos.lat"; url = "https://HSoeJdGRd2Orj0n31UGI.servidos.lat";
in { in
icon = "${name}.png"; {
href = url; icon = "${name}.png";
widget = { href = url;
type = name; widget = {
url = url; type = name;
key = "{{HOMEPAGE_VAR_SABNZBD}}"; url = url;
key = "{{HOMEPAGE_VAR_SABNZBD}}";
};
}; };
};
} }

23
modules/servers/jellyfin.nix
View File

@ -1,8 +1,13 @@
{ lib, config, pkgs, setup, ... }: {
lib,
config,
pkgs,
setup,
...
}:
let let
cfg = config.my.servers.jellyfin; cfg = config.my.servers.jellyfin;
sub-sync = pkgs.writeScriptBin "sub-sync" sub-sync = pkgs.writeScriptBin "sub-sync" (builtins.readFile ../../scripts/sub-sync.sh);
(builtins.readFile ../../scripts/sub-sync.sh);
sub-sync-path = [ sub-sync-path = [
pkgs.nix pkgs.nix
pkgs.bash pkgs.bash
@ -14,11 +19,13 @@ let
pkgs.gum pkgs.gum
sub-sync sub-sync
]; ];
in { in
{
options.my.servers.jellyfin = setup.mkOptions "jellyfin" "flix" 8096; options.my.servers.jellyfin = setup.mkOptions "jellyfin" "flix" 8096;
config = lib.mkIf cfg.enable { config = lib.mkIf cfg.enable {
environment.systemPackages = [ pkgs.jellyfin-ffmpeg ] environment.systemPackages = [
++ (if cfg.enableCron then sub-sync-path else [ ]); pkgs.jellyfin-ffmpeg
] ++ (if cfg.enableCron then sub-sync-path else [ ]);
services = { services = {
jellyfin = { jellyfin = {
enable = true; enable = true;
@ -131,7 +138,9 @@ in {
enable = true; enable = true;
description = "syncronizes subtitles downloaded & modified today"; description = "syncronizes subtitles downloaded & modified today";
wantedBy = [ "timers.target" ]; wantedBy = [ "timers.target" ];
timerConfig = { OnCalendar = "20:00"; }; timerConfig = {
OnCalendar = "20:00";
};
}; };
}; };
}; };

11
modules/servers/kavita.nix
View File

@ -1,4 +1,10 @@
{ lib, config, proxyReverse, ... }: { {
lib,
config,
proxyReverse,
...
}:
{
options.my.servers.kavita.enable = lib.mkEnableOption "enable"; options.my.servers.kavita.enable = lib.mkEnableOption "enable";
config = lib.mkIf config.my.servers.kavita.enable { config = lib.mkIf config.my.servers.kavita.enable {
sops.secrets.kavita-token = { sops.secrets.kavita-token = {
@ -15,8 +21,7 @@
enable = true; enable = true;
tokenKeyFile = config.sops.secrets.kavita-token.path; tokenKeyFile = config.sops.secrets.kavita-token.path;
}; };
nginx.virtualHosts."library.${config.my.domain}" = nginx.virtualHosts."library.${config.my.domain}" = proxyReverse config.services.kavita.port // { };
proxyReverse config.services.kavita.port // { };
}; };
}; };
} }

10
modules/servers/lidarr.nix
View File

@ -1,8 +1,14 @@
{ lib, config, proxyReverseArr, ... }: {
lib,
config,
proxyReverseArr,
...
}:
let let
port = 8686; port = 8686;
url = "music.${config.my.domain}"; url = "music.${config.my.domain}";
in { in
{
options.my.servers.lidarr.enable = lib.mkEnableOption "enable"; options.my.servers.lidarr.enable = lib.mkEnableOption "enable";
config = lib.mkIf config.my.servers.lidarr.enable { config = lib.mkIf config.my.servers.lidarr.enable {
virtualisation.oci-containers.containers.lidarr = { virtualisation.oci-containers.containers.lidarr = {

10
modules/servers/maloja.nix
View File

@ -1,8 +1,14 @@
{ lib, config, proxyReverse, ... }: {
lib,
config,
proxyReverse,
...
}:
let let
port = 42010; port = 42010;
url = "maloja.${config.my.domain}"; url = "maloja.${config.my.domain}";
in { in
{
options.my.servers.maloja.enable = lib.mkEnableOption "enable"; options.my.servers.maloja.enable = lib.mkEnableOption "enable";
config = lib.mkIf config.my.servers.maloja.enable { config = lib.mkIf config.my.servers.maloja.enable {
sops.secrets.maloja.sopsFile = ../../secrets/env.yaml; sops.secrets.maloja.sopsFile = ../../secrets/env.yaml;

10
modules/servers/mealie.nix
View File

@ -1,9 +1,15 @@
{ lib, config, proxyReverse, ... }: {
lib,
config,
proxyReverse,
...
}:
let let
port = 9925; port = 9925;
domain = "mealie.${config.my.domain}"; domain = "mealie.${config.my.domain}";
url = "https://${domain}"; url = "https://${domain}";
in { in
{
options.my.servers.mealie.enable = lib.mkEnableOption "enable"; options.my.servers.mealie.enable = lib.mkEnableOption "enable";
config = lib.mkIf config.my.servers.mealie.enable { config = lib.mkIf config.my.servers.mealie.enable {
sops.secrets.mealie.sopsFile = ../../secrets/env.yaml; sops.secrets.mealie.sopsFile = ../../secrets/env.yaml;

16
modules/servers/metube.nix
View File

@ -1,6 +1,13 @@
{ lib, config, proxyReverse, ... }: {
let port = 8881; lib,
in { config,
proxyReverse,
...
}:
let
port = 8881;
in
{
options.my.servers.metube.enable = lib.mkEnableOption "enable"; options.my.servers.metube.enable = lib.mkEnableOption "enable";
config = lib.mkIf config.my.servers.metube.enable { config = lib.mkIf config.my.servers.metube.enable {
virtualisation.oci-containers.containers.metube = { virtualisation.oci-containers.containers.metube = {
@ -15,7 +22,6 @@ in {
YTDL_OPTIONS = ''{"cookiefile":"/cookies.txt"}''; YTDL_OPTIONS = ''{"cookiefile":"/cookies.txt"}'';
}; };
}; };
services.nginx.virtualHosts."bajameesta.${config.my.domain}" = services.nginx.virtualHosts."bajameesta.${config.my.domain}" = proxyReverse port // { };
proxyReverse port // { };
}; };
} }

8
modules/servers/microbin.nix
View File

@ -1,4 +1,10 @@
{ lib, config, proxyReverse, ... }: { {
lib,
config,
proxyReverse,
...
}:
{
options.my.servers.microbin = { options.my.servers.microbin = {
enable = lib.mkEnableOption "enable"; enable = lib.mkEnableOption "enable";
enableCron = lib.mkEnableOption "enable"; enableCron = lib.mkEnableOption "enable";

13
modules/servers/multi-scrobbler.nix
View File

@ -1,9 +1,15 @@
{ lib, config, proxyReverse, ... }: {
lib,
config,
proxyReverse,
...
}:
let let
port = 9078; port = 9078;
domain = "scrobble.${config.my.domain}"; domain = "scrobble.${config.my.domain}";
url = "https://${domain}"; url = "https://${domain}";
in { in
{
options.my.servers.multi-scrobbler.enable = lib.mkEnableOption "enable"; options.my.servers.multi-scrobbler.enable = lib.mkEnableOption "enable";
config = lib.mkIf config.my.servers.multi-scrobbler.enable { config = lib.mkIf config.my.servers.multi-scrobbler.enable {
sops.secrets.multi-scrobbler.sopsFile = ../../secrets/env.yaml; sops.secrets.multi-scrobbler.sopsFile = ../../secrets/env.yaml;
@ -16,8 +22,7 @@ in {
PUID = "1000"; PUID = "1000";
PGID = "100"; PGID = "100";
BASE_URL = url; BASE_URL = url;
DEEZER_REDIRECT_URI = DEEZER_REDIRECT_URI = "http://${config.my.miniserver-ip}:${toString port}/deezer/callback";
"http://${config.my.miniserver-ip}:${toString port}/deezer/callback";
MALOJA_URL = "http://maloja:42010"; MALOJA_URL = "http://maloja:42010";
WS_ENABLE = "true"; WS_ENABLE = "true";
}; };

416
modules/servers/nextcloud.nix
View File

@ -1,4 +1,9 @@
{ lib, config, pkgs, ... }: {
lib,
config,
pkgs,
...
}:
let let
inherit (config.my) localhost; inherit (config.my) localhost;
collaboraPort = 9980; collaboraPort = 9980;
@ -13,7 +18,8 @@ let
proxy_set_header Host $host; proxy_set_header Host $host;
proxy_read_timeout 36000s; proxy_read_timeout 36000s;
''; '';
in { in
{
options.my.servers = { options.my.servers = {
nextcloud = { nextcloud = {
enable = lib.mkEnableOption "enable"; enable = lib.mkEnableOption "enable";
@ -22,224 +28,236 @@ in {
collabora.enable = lib.mkEnableOption "enable"; collabora.enable = lib.mkEnableOption "enable";
go-vod.enable = lib.mkEnableOption "enable"; go-vod.enable = lib.mkEnableOption "enable";
}; };
config = lib.mkIf config = lib.mkIf (config.my.servers.nextcloud.enable && config.my.servers.postgres.enable) {
(config.my.servers.nextcloud.enable && config.my.servers.postgres.enable) { sops.secrets = {
sops.secrets = { smtp-password = { };
smtp-password = { }; nextcloud-adminpass = {
nextcloud-adminpass = { owner = config.users.users.nextcloud.name;
owner = config.users.users.nextcloud.name; inherit (config.users.users.nextcloud) group;
inherit (config.users.users.nextcloud) group;
};
}; };
nixpkgs.config.permittedInsecurePackages = };
[ "nodejs-14.21.3" "openssl-1.1.1v" ]; nixpkgs.config.permittedInsecurePackages = [
users.users.nextcloud = { "nodejs-14.21.3"
isSystemUser = true; "openssl-1.1.1v"
extraGroups = [ "render" ]; ];
packages = with pkgs; [ users.users.nextcloud = {
mediainfo isSystemUser = true;
nodejs extraGroups = [ "render" ];
perl packages = with pkgs; [
(python3.withPackages (ps: with ps; [ tensorflow ])) mediainfo
(perlPackages.buildPerlPackage rec { nodejs
pname = "Image-ExifTool"; perl
version = "12.70"; (python3.withPackages (ps: with ps; [ tensorflow ]))
src = fetchurl { (perlPackages.buildPerlPackage rec {
url = "https://exiftool.org/Image-ExifTool-${version}.tar.gz"; pname = "Image-ExifTool";
hash = "sha256-TLJSJEXMPj870TkExq6uraX8Wl4kmNerrSlX3LQsr/4="; version = "12.70";
}; src = fetchurl {
}) url = "https://exiftool.org/Image-ExifTool-${version}.tar.gz";
]; hash = "sha256-TLJSJEXMPj870TkExq6uraX8Wl4kmNerrSlX3LQsr/4=";
};
})
];
};
programs.msmtp = {
enable = true;
accounts.default = {
auth = true;
host = "smtp.gmail.com";
port = 587;
tls = true;
from = config.my.smtpemail;
user = config.my.smtpemail;
passwordeval = "cat ${config.sops.secrets.smtp-password.path}";
}; };
programs.msmtp = { };
services = {
nextcloud = {
enable = true; enable = true;
accounts.default = { https = true;
auth = true; package = pkgs.nextcloud29;
host = "smtp.gmail.com"; appstoreEnable = true;
port = 587; configureRedis = true;
tls = true; extraAppsEnable = true;
from = config.my.smtpemail; enableImagemagick = true;
user = config.my.smtpemail; maxUploadSize = "16G";
passwordeval = "cat ${config.sops.secrets.smtp-password.path}"; hostName = url;
extraApps = {
inherit (config.services.nextcloud.package.packages.apps) calendar;
}; };
}; config = {
services = { adminpassFile = config.sops.secrets.nextcloud-adminpass.path;
nextcloud = { dbtype = "pgsql";
enable = true; dbhost = config.my.postgresSocket;
https = true; dbtableprefix = "oc_";
package = pkgs.nextcloud29; dbname = "nextcloud";
appstoreEnable = true;
configureRedis = true;
extraAppsEnable = true;
enableImagemagick = true;
maxUploadSize = "16G";
hostName = url;
extraApps = {
inherit (config.services.nextcloud.package.packages.apps) calendar;
};
config = {
adminpassFile = config.sops.secrets.nextcloud-adminpass.path;
dbtype = "pgsql";
dbhost = config.my.postgresSocket;
dbtableprefix = "oc_";
dbname = "nextcloud";
};
phpOptions = {
catch_workers_output = "yes";
display_errors = "stderr";
error_reporting = "E_ALL & ~E_DEPRECATED & ~E_STRICT";
expose_php = "Off";
"opcache.enable_cli" = "1";
"opcache.fast_shutdown" = "1";
"opcache.interned_strings_buffer" = "16";
"opcache.jit" = "1255";
"opcache.jit_buffer_size" = "256M";
"opcache.max_accelerated_files" = "10000";
"opcache.huge_code_pages" = "1";
"opcache.enable_file_override" = "1";
"opcache.memory_consumption" = "128";
"opcache.revalidate_freq" = "60";
"opcache.save_comments" = "1";
"opcache.validate_timestamps" = "0";
"openssl.cafile" = "/etc/ssl/certs/ca-certificates.crt";
preview_max_x = 512;
preview_max_y = 512;
short_open_tag = "Off";
};
settings = {
log_type = "file";
log_level = 3;
trusted_proxies = [ "192.168.1.100" ];
trusted_domains = [ "cloud.rotehaare.art" "danilo-reyes.com" ];
forwarded_for_headers = [ "HTTP_X_FORWARDED_FOR" ];
overwrite_protocol = "https";
default_phone_region = "MX";
allow_local_remote_servers = true;
mail_smtpmode = "sendmail";
mail_sendmailmode = "pipe";
"memories.exiftool" =
"/etc/profiles/per-user/nextcloud/bin/exiftool";
enabledPreviewProviders = [
"OC\\Preview\\Image"
"OC\\Preview\\HEIC"
"OC\\Preview\\TIFF"
"OC\\Preview\\MKV"
"OC\\Preview\\MP4"
"OC\\Preview\\AVI"
"OC\\Preview\\Movie"
];
};
# phpExtraExtensions = all: [ all.pdlib all.bz2 ];
phpExtraExtensions = all: [ ];
}; };
nginx.virtualHosts = { phpOptions = {
${config.services.nextcloud.hostName} = { catch_workers_output = "yes";
forceSSL = true; display_errors = "stderr";
enableACME = true; error_reporting = "E_ALL & ~E_DEPRECATED & ~E_STRICT";
http2 = true; expose_php = "Off";
serverAliases = [ "cloud.rotehaare.art" ]; "opcache.enable_cli" = "1";
locations = { "opcache.fast_shutdown" = "1";
"/".proxyWebsockets = true; "opcache.interned_strings_buffer" = "16";
"~ ^/nextcloud/(?:index|remote|public|cron|core/ajax/update|status|ocs/v[12]|updater/.+|oc[ms]-provider/.+|.+/richdocumentscode/proxy).php(?:$|/)" = "opcache.jit" = "1255";
{ }; "opcache.jit_buffer_size" = "256M";
}; "opcache.max_accelerated_files" = "10000";
}; "opcache.huge_code_pages" = "1";
"collabora.${config.my.domain}" = "opcache.enable_file_override" = "1";
lib.mkIf config.my.servers.collabora.enable { "opcache.memory_consumption" = "128";
forceSSL = true; "opcache.revalidate_freq" = "60";
enableACME = true; "opcache.save_comments" = "1";
http2 = true; "opcache.validate_timestamps" = "0";
locations = { "openssl.cafile" = "/etc/ssl/certs/ca-certificates.crt";
# static files preview_max_x = 512;
"^~ /loleaflet" = { preview_max_y = 512;
proxyPass = collaboraProxy; short_open_tag = "Off";
extraConfig = commonProxyConfig;
};
# WOPI discovery URL
"^~ /hosting/discovery" = {
proxyPass = collaboraProxy;
extraConfig = commonProxyConfig;
};
# Capabilities
"^~ /hosting/capabilities" = {
proxyPass = collaboraProxy;
extraConfig = commonProxyConfig;
};
# download, presentation, image upload and websocket
"~ ^/lool" = {
proxyPass = collaboraProxy;
extraConfig = commonWebsocketConfig;
};
# Admin Console websocket
"^~ /lool/adminws" = {
proxyPass = collaboraProxy;
extraConfig = commonWebsocketConfig;
};
};
};
}; };
}; settings = {
virtualisation.oci-containers.containers = { log_type = "file";
go-vod = lib.mkIf config.my.servers.go-vod.enable { log_level = 3;
autoStart = true; trusted_proxies = [ "192.168.1.100" ];
image = "radialapps/go-vod"; trusted_domains = [
environment = { "cloud.rotehaare.art"
TZ = "America/Mexico_City"; "danilo-reyes.com"
NEXTCLOUD_HOST = "https://${config.services.nextcloud.hostName}"; ];
NVIDIA_VISIBLE_DEVICES = "all"; forwarded_for_headers = [ "HTTP_X_FORWARDED_FOR" ];
}; overwrite_protocol = "https";
volumes = [ "ncdata:/var/www/html:ro" ]; default_phone_region = "MX";
extraOptions = [ allow_local_remote_servers = true;
"--device=/dev/dri" # VA-API (omit for NVENC) mail_smtpmode = "sendmail";
mail_sendmailmode = "pipe";
"memories.exiftool" = "/etc/profiles/per-user/nextcloud/bin/exiftool";
enabledPreviewProviders = [
"OC\\Preview\\Image"
"OC\\Preview\\HEIC"
"OC\\Preview\\TIFF"
"OC\\Preview\\MKV"
"OC\\Preview\\MP4"
"OC\\Preview\\AVI"
"OC\\Preview\\Movie"
]; ];
}; };
collabora = lib.mkIf config.my.servers.collabora.enable { # phpExtraExtensions = all: [ all.pdlib all.bz2 ];
autoStart = true; phpExtraExtensions = all: [ ];
image = "collabora/code"; };
imageFile = pkgs.dockerTools.pullImage { nginx.virtualHosts = {
imageName = "collabora/code"; ${config.services.nextcloud.hostName} = {
imageDigest = forceSSL = true;
"sha256:aab41379baf5652832e9237fcc06a768096a5a7fccc66cf8bd4fdb06d2cbba7f"; enableACME = true;
sha256 = "sha256-M66lynhzaOEFnE15Sy1N6lBbGDxwNw6ap+IUJAvoCLs="; http2 = true;
serverAliases = [ "cloud.rotehaare.art" ];
locations = {
"/".proxyWebsockets = true;
"~ ^/nextcloud/(?:index|remote|public|cron|core/ajax/update|status|ocs/v[12]|updater/.+|oc[ms]-provider/.+|.+/richdocumentscode/proxy).php(?:$|/)" =
{ };
}; };
ports = [ "9980:9980" ]; };
environment = { "collabora.${config.my.domain}" = lib.mkIf config.my.servers.collabora.enable {
TZ = "America/Mexico_City"; forceSSL = true;
domain = "cloud.servidos.lat"; enableACME = true;
aliasgroup1 = "cloud.servidos.lat:443"; http2 = true;
aliasgroup2 = "cloud.rotehaare.art:443"; locations = {
dictionaries = "en_CA en_US es_MX es_ES fr_FR it pt_BR ru"; # static files
extra_params = '' "^~ /loleaflet" = {
--o:ssl.enable=false proxyPass = collaboraProxy;
--o:ssl.termination=true extraConfig = commonProxyConfig;
''; };
# WOPI discovery URL
"^~ /hosting/discovery" = {
proxyPass = collaboraProxy;
extraConfig = commonProxyConfig;
};
# Capabilities
"^~ /hosting/capabilities" = {
proxyPass = collaboraProxy;
extraConfig = commonProxyConfig;
};
# download, presentation, image upload and websocket
"~ ^/lool" = {
proxyPass = collaboraProxy;
extraConfig = commonWebsocketConfig;
};
# Admin Console websocket
"^~ /lool/adminws" = {
proxyPass = collaboraProxy;
extraConfig = commonWebsocketConfig;
};
}; };
extraOptions = [ "--cap-add" "MKNOD" ];
}; };
}; };
systemd = lib.mkIf config.my.servers.nextcloud.enableCron { };
services = { virtualisation.oci-containers.containers = {
nextcloud-cron.path = [ pkgs.perl ]; go-vod = lib.mkIf config.my.servers.go-vod.enable {
nextcloud-cronjob = let autoStart = true;
nextcloud-cronjob = pkgs.writeScriptBin "nextcloud-cronjob" image = "radialapps/go-vod";
(builtins.readFile ../../scripts/nextcloud-cronjob.sh); environment = {
in { TZ = "America/Mexico_City";
NEXTCLOUD_HOST = "https://${config.services.nextcloud.hostName}";
NVIDIA_VISIBLE_DEVICES = "all";
};
volumes = [ "ncdata:/var/www/html:ro" ];
extraOptions = [
"--device=/dev/dri" # VA-API (omit for NVENC)
];
};
collabora = lib.mkIf config.my.servers.collabora.enable {
autoStart = true;
image = "collabora/code";
imageFile = pkgs.dockerTools.pullImage {
imageName = "collabora/code";
imageDigest = "sha256:aab41379baf5652832e9237fcc06a768096a5a7fccc66cf8bd4fdb06d2cbba7f";
sha256 = "sha256-M66lynhzaOEFnE15Sy1N6lBbGDxwNw6ap+IUJAvoCLs=";
};
ports = [ "9980:9980" ];
environment = {
TZ = "America/Mexico_City";
domain = "cloud.servidos.lat";
aliasgroup1 = "cloud.servidos.lat:443";
aliasgroup2 = "cloud.rotehaare.art:443";
dictionaries = "en_CA en_US es_MX es_ES fr_FR it pt_BR ru";
extra_params = ''
--o:ssl.enable=false
--o:ssl.termination=true
'';
};
extraOptions = [
"--cap-add"
"MKNOD"
];
};
};
systemd = lib.mkIf config.my.servers.nextcloud.enableCron {
services = {
nextcloud-cron.path = [ pkgs.perl ];
nextcloud-cronjob =
let
nextcloud-cronjob = pkgs.writeScriptBin "nextcloud-cronjob" (
builtins.readFile ../../scripts/nextcloud-cronjob.sh
);
in
{
description = "Runs various nextcloud-related cronjobs"; description = "Runs various nextcloud-related cronjobs";
wantedBy = [ "multi-user.target" ]; wantedBy = [ "multi-user.target" ];
path = [ pkgs.bash nextcloud-cronjob ]; path = [
pkgs.bash
nextcloud-cronjob
];
serviceConfig = { serviceConfig = {
Restart = "on-failure"; Restart = "on-failure";
RestartSec = 30; RestartSec = 30;
ExecStart = "${nextcloud-cronjob}/bin/nextcloud-cronjob"; ExecStart = "${nextcloud-cronjob}/bin/nextcloud-cronjob";
}; };
}; };
}; };
timers.nextcloud-cronjob = { timers.nextcloud-cronjob = {
enable = true; enable = true;
description = "Runs various nextcloud-related cronjobs"; description = "Runs various nextcloud-related cronjobs";
wantedBy = [ "timers.target" ]; wantedBy = [ "timers.target" ];
timerConfig = { OnCalendar = "*:0/10"; }; timerConfig = {
OnCalendar = "*:0/10";
}; };
}; };
}; };
};
} }

50
modules/servers/paperless.nix
View File

@ -1,29 +1,31 @@
{ lib, config, ... }: { { lib, config, ... }:
{
options.my.servers.paperless.enable = lib.mkEnableOption "enable"; options.my.servers.paperless.enable = lib.mkEnableOption "enable";
config = lib.mkIf config = lib.mkIf (config.my.servers.paperless.enable && config.my.servers.postgres.enable) {
(config.my.servers.paperless.enable && config.my.servers.postgres.enable) { services.paperless = {
services.paperless = { enable = true;
enable = true; address = "0.0.0.0";
address = "0.0.0.0"; consumptionDirIsPublic = true;
consumptionDirIsPublic = true; consumptionDir = "/mnt/pool/scans/";
consumptionDir = "/mnt/pool/scans/"; settings = {
settings = { PAPERLESS_DBENGINE = "postgress";
PAPERLESS_DBENGINE = "postgress"; PAPERLESS_DBNAME = "paperless";
PAPERLESS_DBNAME = "paperless"; PAPERLESS_DBHOST = config.my.postgresSocket;
PAPERLESS_DBHOST = config.my.postgresSocket; PAPERLESS_CONSUMER_IGNORE_PATTERN = builtins.toJSON [
PAPERLESS_CONSUMER_IGNORE_PATTERN = ".DS_STORE/*"
builtins.toJSON [ ".DS_STORE/*" "desktop.ini" ]; "desktop.ini"
PAPERLESS_TIME_ZONE = "America/Mexico_City"; ];
PAPERLESS_OCR_USER_ARGS = builtins.toJSON { PAPERLESS_TIME_ZONE = "America/Mexico_City";
optimize = 1; PAPERLESS_OCR_USER_ARGS = builtins.toJSON {
pdfa_image_compression = "lossless"; optimize = 1;
}; pdfa_image_compression = "lossless";
}; };
}; };
networking.firewall = {
enable = true;
allowedTCPPorts = [ config.services.paperless.port ];
allowedUDPPorts = [ config.services.paperless.port ];
};
}; };
networking.firewall = {
enable = true;
allowedTCPPorts = [ config.services.paperless.port ];
allowedUDPPorts = [ config.services.paperless.port ];
};
};
} }

16
modules/servers/postgres.nix
View File

@ -1,8 +1,15 @@
{ config, lib, pkgs, ... }: {
config,
lib,
pkgs,
...
}:
let let
upgrade-pg-cluster = upgrade-pg-cluster =
let newPostgres = pkgs.postgresql_16.withPackages (_pp: [ ]); let
in pkgs.writeScriptBin "upgrade-pg-cluster" '' newPostgres = pkgs.postgresql_16.withPackages (_pp: [ ]);
in
pkgs.writeScriptBin "upgrade-pg-cluster" ''
set -eux set -eux
systemctl stop postgresql systemctl stop postgresql
export NEWDATA="/var/lib/postgresql/${newPostgres.psqlSchema}" export NEWDATA="/var/lib/postgresql/${newPostgres.psqlSchema}"
@ -26,7 +33,8 @@ let
"shiori" "shiori"
"firefly-iii" "firefly-iii"
]; ];
in { in
{
options.my.servers.postgres.enable = lib.mkEnableOption "enable"; options.my.servers.postgres.enable = lib.mkEnableOption "enable";
config = lib.mkIf config.my.servers.postgres.enable { config = lib.mkIf config.my.servers.postgres.enable {
environment.systemPackages = [ upgrade-pg-cluster ]; environment.systemPackages = [ upgrade-pg-cluster ];

11
modules/servers/prowlarr.nix
View File

@ -1,4 +1,10 @@
{ lib, config, proxyReverseArr, ... }: { {
lib,
config,
proxyReverseArr,
...
}:
{
options.my.servers.prowlarr.enable = lib.mkEnableOption "enable"; options.my.servers.prowlarr.enable = lib.mkEnableOption "enable";
config = lib.mkIf config.my.servers.prowlarr.enable { config = lib.mkIf config.my.servers.prowlarr.enable {
users.users.prowlarr = { users.users.prowlarr = {
@ -7,8 +13,7 @@
}; };
services = { services = {
prowlarr.enable = true; prowlarr.enable = true;
nginx.virtualHosts."indexer.${config.my.domain}" = proxyReverseArr 9696 nginx.virtualHosts."indexer.${config.my.domain}" = proxyReverseArr 9696 // { };
// { };
}; };
virtualisation.oci-containers.containers.flaresolverr = { virtualisation.oci-containers.containers.flaresolverr = {
autoStart = true; autoStart = true;

56
modules/servers/qbittorrent.nix
View File

@ -1,7 +1,18 @@
{ lib, config, pkgs, proxyReverse, ... }: {
lib,
config,
pkgs,
proxyReverse,
...
}:
let let
port = 9091; port = 9091;
ports = [ port 51411 51412 51413 ]; ports = [
port
51411
51412
51413
];
bencodepy = pkgs.python3Packages.buildPythonPackage { bencodepy = pkgs.python3Packages.buildPythonPackage {
pname = "bencodepy"; pname = "bencodepy";
version = "0.9.5"; version = "0.9.5";
@ -15,7 +26,8 @@ let
}; };
build-system = with pkgs.python3Packages; [ setuptools ]; build-system = with pkgs.python3Packages; [ setuptools ];
}; };
qbit_manage_env = pkgs.python3.withPackages (ps: qbit_manage_env = pkgs.python3.withPackages (
ps:
[ [
ps.croniter ps.croniter
ps.gitpython ps.gitpython
@ -26,17 +38,19 @@ let
ps.retrying ps.retrying
ps.ruamel-yaml ps.ruamel-yaml
ps.schedule ps.schedule
] ++ [ bencodepy ]); ]
in { ++ [ bencodepy ]
);
in
{
options.my.servers = { options.my.servers = {
qbittorrent.enable = lib.mkEnableOption "enable"; qbittorrent.enable = lib.mkEnableOption "enable";
unpackerr.enable = lib.mkEnableOption "enable"; unpackerr.enable = lib.mkEnableOption "enable";
}; };
config = lib.mkIf config.my.servers.qbittorrent.enable { config = lib.mkIf config.my.servers.qbittorrent.enable {
home-manager.users.jawz.xdg.configFile."unpackerr.conf" = home-manager.users.jawz.xdg.configFile."unpackerr.conf" =
lib.mkIf config.my.servers.unpackerr.enable { lib.mkIf config.my.servers.unpackerr.enable
source = ../../dotfiles/unpackerr.conf; { source = ../../dotfiles/unpackerr.conf; };
};
systemd = { systemd = {
packages = [ pkgs.qbittorrent-nox ]; packages = [ pkgs.qbittorrent-nox ];
services = { services = {
@ -52,13 +66,15 @@ in {
restartIfChanged = true; restartIfChanged = true;
description = "Tidy up my torrents"; description = "Tidy up my torrents";
wantedBy = [ "default.target" ]; wantedBy = [ "default.target" ];
serviceConfig = let env = "/home/jawz/Development/Git/qbit_manage"; serviceConfig =
in { let
Restart = "on-failure"; env = "/home/jawz/Development/Git/qbit_manage";
RestartSec = 30; in
ExecStart = {
"${qbit_manage_env}/bin/python ${env}/qbit_manage.py -r -c ${env}/config.yml"; Restart = "on-failure";
}; RestartSec = 30;
ExecStart = "${qbit_manage_env}/bin/python ${env}/qbit_manage.py -r -c ${env}/config.yml";
};
}; };
unpackerr = lib.mkIf config.my.servers.unpackerr.enable { unpackerr = lib.mkIf config.my.servers.unpackerr.enable {
enable = true; enable = true;
@ -68,8 +84,7 @@ in {
serviceConfig = { serviceConfig = {
Restart = "on-failure"; Restart = "on-failure";
RestartSec = 30; RestartSec = 30;
ExecStart = ExecStart = "${pkgs.unpackerr}/bin/unpackerr -c /home/jawz/.config/unpackerr.conf";
"${pkgs.unpackerr}/bin/unpackerr -c /home/jawz/.config/unpackerr.conf";
}; };
}; };
}; };
@ -77,12 +92,13 @@ in {
enable = true; enable = true;
description = "Tidy up my torrents"; description = "Tidy up my torrents";
wantedBy = [ "timers.target" ]; wantedBy = [ "timers.target" ];
timerConfig = { OnCalendar = "*:0/10"; }; timerConfig = {
OnCalendar = "*:0/10";
};
}; };
}; };
}; };
services.nginx.virtualHosts."xfwmrle6h6skqujbeizw.${config.my.domain}" = services.nginx.virtualHosts."xfwmrle6h6skqujbeizw.${config.my.domain}" = proxyReverse port // { };
proxyReverse port // { };
networking.firewall = { networking.firewall = {
allowedTCPPorts = ports; allowedTCPPorts = ports;
allowedUDPPorts = ports; allowedUDPPorts = ports;

11
modules/servers/radarr.nix
View File

@ -1,4 +1,10 @@
{ lib, config, proxyReverseArr, ... }: { {
lib,
config,
proxyReverseArr,
...
}:
{
options.my.servers.radarr.enable = lib.mkEnableOption "enable"; options.my.servers.radarr.enable = lib.mkEnableOption "enable";
config = lib.mkIf config.my.servers.radarr.enable { config = lib.mkIf config.my.servers.radarr.enable {
services = { services = {
@ -6,8 +12,7 @@
enable = true; enable = true;
group = "piracy"; group = "piracy";
}; };
nginx.virtualHosts."movies.${config.my.domain}" = proxyReverseArr 7878 nginx.virtualHosts."movies.${config.my.domain}" = proxyReverseArr 7878 // { };
// { };
}; };
}; };
} }

52
modules/servers/ryot.nix
View File

@ -1,31 +1,35 @@
{ lib, config, proxyReverse, ... }: {
lib,
config,
proxyReverse,
...
}:
let let
port = 8765; port = 8765;
url = "tracker.${config.my.domain}"; url = "tracker.${config.my.domain}";
in { in
{
options.my.servers.ryot.enable = lib.mkEnableOption "enable"; options.my.servers.ryot.enable = lib.mkEnableOption "enable";
config = lib.mkIf config = lib.mkIf (config.my.servers.ryot.enable && config.my.servers.postgres.enable) {
(config.my.servers.ryot.enable && config.my.servers.postgres.enable) { sops.secrets.ryot.sopsFile = ../../secrets/env.yaml;
sops.secrets.ryot.sopsFile = ../../secrets/env.yaml; virtualisation.oci-containers.containers.ryot = {
virtualisation.oci-containers.containers.ryot = { image = "ghcr.io/ignisda/ryot:v7.0.0";
image = "ghcr.io/ignisda/ryot:v7.0.0"; ports = [ "${toString port}:8000" ];
ports = [ "${toString port}:8000" ]; environmentFiles = [ config.sops.secrets.ryot.path ];
environmentFiles = [ config.sops.secrets.ryot.path ]; environment = {
environment = { RUST_LOG = "ryot=debug,sea_orm=debug";
RUST_LOG = "ryot=debug,sea_orm=debug"; TZ = "America/Mexico_City";
TZ = "America/Mexico_City"; DATABASE_URL = "postgres:///ryot?host=${config.my.postgresSocket}";
DATABASE_URL = "postgres:///ryot?host=${config.my.postgresSocket}"; FRONTEND_INSECURE_COOKIES = "true";
FRONTEND_INSECURE_COOKIES = "true"; };
}; volumes = [ "${config.my.postgresSocket}:${config.my.postgresSocket}" ];
volumes = [ "${config.my.postgresSocket}:${config.my.postgresSocket}" ]; labels = {
labels = { "flame.type" = "application";
"flame.type" = "application"; "flame.name" = "Ryot";
"flame.name" = "Ryot"; "flame.url" = url;
"flame.url" = url; "flame.icon" = "radar";
"flame.icon" = "radar";
};
}; };
services.nginx.virtualHosts."tracker.${config.my.domain}" =
proxyReverse port // { };
}; };
services.nginx.virtualHosts."tracker.${config.my.domain}" = proxyReverse port // { };
};
} }

11
modules/servers/sabnzbd.nix
View File

@ -1,4 +1,10 @@
{ lib, config, proxyReverse, ... }: { {
lib,
config,
proxyReverse,
...
}:
{
options.my.servers.sabnzbd.enable = lib.mkEnableOption "enable"; options.my.servers.sabnzbd.enable = lib.mkEnableOption "enable";
config = lib.mkIf config.my.servers.sabnzbd.enable { config = lib.mkIf config.my.servers.sabnzbd.enable {
services = { services = {
@ -7,8 +13,7 @@
group = "piracy"; group = "piracy";
openFirewall = true; openFirewall = true;
}; };
nginx.virtualHosts."HSoeJdGRd2Orj0n31UGI.${config.my.domain}" = nginx.virtualHosts."HSoeJdGRd2Orj0n31UGI.${config.my.domain}" = proxyReverse 3399 // { };
proxyReverse 3399 // { };
}; };
}; };
} }

34
modules/servers/shiori.nix
View File

@ -1,20 +1,26 @@
{ lib, config, pkgs, proxyReverse, ... }: { {
lib,
config,
pkgs,
proxyReverse,
...
}:
{
disabledModules = [ "services/web-apps/shiori.nix" ]; disabledModules = [ "services/web-apps/shiori.nix" ];
imports = [ ../../pkgs/shiori/shiori-service.nix ]; imports = [ ../../pkgs/shiori/shiori-service.nix ];
options.my.servers.shiori.enable = lib.mkEnableOption "enable"; options.my.servers.shiori.enable = lib.mkEnableOption "enable";
config = lib.mkIf config = lib.mkIf (config.my.servers.shiori.enable && config.my.servers.postgres.enable) {
(config.my.servers.shiori.enable && config.my.servers.postgres.enable) { sops.secrets.shiori.sopsFile = ../../secrets/env.yaml;
sops.secrets.shiori.sopsFile = ../../secrets/env.yaml; services = {
services = { shiori = {
shiori = { enable = true;
enable = true; port = 4368;
port = 4368; package = pkgs.callPackage ../../pkgs/shiori/shiori.nix { };
package = pkgs.callPackage ../../pkgs/shiori/shiori.nix { }; environmentFile = config.sops.secrets.shiori.path;
environmentFile = config.sops.secrets.shiori.path; databaseUrl = "postgres:///shiori?host=${config.my.postgresSocket}";
databaseUrl = "postgres:///shiori?host=${config.my.postgresSocket}";
};
nginx.virtualHosts."bookmarks.${config.my.domain}" =
proxyReverse config.services.shiori.port // { };
}; };
nginx.virtualHosts."bookmarks.${config.my.domain}" =
proxyReverse config.services.shiori.port // { };
}; };
};
} }

11
modules/servers/sonarr.nix
View File

@ -1,4 +1,10 @@
{ lib, config, proxyReverse, ... }: { {
lib,
config,
proxyReverse,
...
}:
{
options.my.servers.sonarr.enable = lib.mkEnableOption "enable"; options.my.servers.sonarr.enable = lib.mkEnableOption "enable";
config = lib.mkIf config.my.servers.sonarr.enable { config = lib.mkIf config.my.servers.sonarr.enable {
services = { services = {
@ -6,8 +12,7 @@
enable = true; enable = true;
group = "piracy"; group = "piracy";
}; };
nginx.virtualHosts."series.${config.my.domain}" = proxyReverse 8989 nginx.virtualHosts."series.${config.my.domain}" = proxyReverse 8989 // { };
// { };
}; };
}; };
} }

53
modules/servers/vaultwarden.nix
View File

@ -1,29 +1,34 @@
{ lib, config, pkgs, proxyReverse, ... }: { {
lib,
config,
pkgs,
proxyReverse,
...
}:
{
options.my.servers.vaultwarden.enable = lib.mkEnableOption "enable"; options.my.servers.vaultwarden.enable = lib.mkEnableOption "enable";
config = lib.mkIf (config.my.servers.vaultwarden.enable config = lib.mkIf (config.my.servers.vaultwarden.enable && config.my.servers.postgres.enable) {
&& config.my.servers.postgres.enable) { sops.secrets.vaultwarden.sopsFile = ../../secrets/env.yaml;
sops.secrets.vaultwarden.sopsFile = ../../secrets/env.yaml; services = {
services = { vaultwarden = {
vaultwarden = { enable = true;
enable = true; dbBackend = "postgresql";
dbBackend = "postgresql"; package = pkgs.vaultwarden;
package = pkgs.vaultwarden; environmentFile = config.sops.secrets.vaultwarden.path;
environmentFile = config.sops.secrets.vaultwarden.path; config = {
config = { ROCKET_ADDRESS = "${config.my.localhost}";
ROCKET_ADDRESS = "${config.my.localhost}"; ROCKET_PORT = 8222;
ROCKET_PORT = 8222; WEBSOCKET_PORT = 8333;
WEBSOCKET_PORT = 8333; DATABASE_URL = "postgresql:///vaultwarden?host=${config.my.postgresSocket}";
DATABASE_URL = ENABLE_DB_WAL = false;
"postgresql:///vaultwarden?host=${config.my.postgresSocket}"; WEBSOCKET_ENABLED = true;
ENABLE_DB_WAL = false; SHOW_PASSWORD_HINT = false;
WEBSOCKET_ENABLED = true; EXTENDED_LOGGING = true;
SHOW_PASSWORD_HINT = false; LOG_LEVEL = "warn";
EXTENDED_LOGGING = true;
LOG_LEVEL = "warn";
};
}; };
nginx.virtualHosts."vault.${config.my.domain}" =
proxyReverse config.services.vaultwarden.config.ROCKET_PORT // { };
}; };
nginx.virtualHosts."vault.${config.my.domain}" =
proxyReverse config.services.vaultwarden.config.ROCKET_PORT // { };
}; };
};
} }

3
modules/services.nix
View File

@ -1,4 +1,5 @@
{ lib, ... }: { { lib, ... }:
{
imports = [ imports = [
./services/network.nix ./services/network.nix
./services/nvidia.nix ./services/nvidia.nix

3
modules/services/network.nix
View File

@ -1,4 +1,5 @@
{ config, lib, ... }: { { config, lib, ... }:
{
options.my.services.network.enable = lib.mkEnableOption "enable"; options.my.services.network.enable = lib.mkEnableOption "enable";
config = lib.mkIf config.my.services.network.enable { config = lib.mkIf config.my.services.network.enable {
networking = { networking = {

11
modules/services/nvidia.nix
View File

@ -1,8 +1,13 @@
{ config, lib, pkgs, ... }: { {
config,
lib,
pkgs,
...
}:
{
options.my.services.nvidia.enable = lib.mkEnableOption "enable"; options.my.services.nvidia.enable = lib.mkEnableOption "enable";
config = lib.mkIf config.my.services.nvidia.enable { config = lib.mkIf config.my.services.nvidia.enable {
boot.kernelParams = lib.mkIf (config.networking.hostName == "workstation") boot.kernelParams = lib.mkIf (config.networking.hostName == "workstation") [ "nvidia-drm.fbdev=1" ];
[ "nvidia-drm.fbdev=1" ];
services.xserver.videoDrivers = [ "nvidia" ]; services.xserver.videoDrivers = [ "nvidia" ];
hardware = { hardware = {
opengl = { opengl = {

16
modules/services/printing.nix
View File

@ -1,6 +1,16 @@
{ config, lib, pkgs, ... }: {
let printingDrivers = [ pkgs.hplip pkgs.hplipWithPlugin ]; config,
in { lib,
pkgs,
...
}:
let
printingDrivers = [
pkgs.hplip
pkgs.hplipWithPlugin
];
in
{
options.my.services.printing.enable = lib.mkEnableOption "enable"; options.my.services.printing.enable = lib.mkEnableOption "enable";
config = lib.mkIf config.my.services.printing.enable { config = lib.mkIf config.my.services.printing.enable {
users.users.jawz.packages = [ pkgs.gnome.simple-scan ]; users.users.jawz.packages = [ pkgs.gnome.simple-scan ];

8
modules/services/sound.nix
View File

@ -1,4 +1,10 @@
{ config, lib, inputs, ... }: { {
config,
lib,
inputs,
...
}:
{
imports = [ inputs.nix-gaming.nixosModules.pipewireLowLatency ]; imports = [ inputs.nix-gaming.nixosModules.pipewireLowLatency ];
options.my.services.sound.enable = lib.mkEnableOption "enable"; options.my.services.sound.enable = lib.mkEnableOption "enable";
config = lib.mkIf config.my.services.sound.enable { config = lib.mkIf config.my.services.sound.enable {

9
modules/shell.nix
View File

@ -1,5 +1,10 @@
{ lib, ... }: { { lib, ... }:
imports = [ ./shell/exercism.nix ./shell/multimedia.nix ./shell/tools.nix ]; {
imports = [
./shell/exercism.nix
./shell/multimedia.nix
./shell/tools.nix
];
my.shell = { my.shell = {
exercism.enable = lib.mkDefault false; exercism.enable = lib.mkDefault false;
multimedia.enable = lib.mkDefault false; multimedia.enable = lib.mkDefault false;

8
modules/shell/exercism.nix
View File

@ -1,4 +1,10 @@
{ config, lib, pkgs, ... }: { {
config,
lib,
pkgs,
...
}:
{
options.my.shell.exercism.enable = lib.mkEnableOption "enable"; options.my.shell.exercism.enable = lib.mkEnableOption "enable";
config = lib.mkIf config.my.shell.exercism.enable { config = lib.mkIf config.my.shell.exercism.enable {
users.users.jawz.packages = with pkgs; [ users.users.jawz.packages = with pkgs; [

46
modules/shell/multimedia.nix
View File

@ -1,23 +1,31 @@
{ config, lib, pkgs, ... }: { {
config,
lib,
pkgs,
...
}:
{
options.my.shell.multimedia.enable = lib.mkEnableOption "enable"; options.my.shell.multimedia.enable = lib.mkEnableOption "enable";
config = lib.mkIf config.my.shell.multimedia.enable { config = lib.mkIf config.my.shell.multimedia.enable {
users.users.jawz.packages = (with pkgs; [ users.users.jawz.packages =
gallery-dl # similar to yt-dlp but for most image gallery websites (with pkgs; [
yt-dlp # downloads videos from most video websites gallery-dl # similar to yt-dlp but for most image gallery websites
ffmpeg # not ffmpreg, the coolest video conversion tool! yt-dlp # downloads videos from most video websites
imagemagick # photoshop what?? ffmpeg # not ffmpreg, the coolest video conversion tool!
]) ++ [ imagemagick # photoshop what??
(pkgs.python3Packages.buildPythonApplication rec { ])
pname = "ffpb"; ++ [
version = "0.4.1"; (pkgs.python3Packages.buildPythonApplication rec {
src = pkgs.python3Packages.fetchPypi { pname = "ffpb";
inherit pname version; version = "0.4.1";
sha256 = "sha256-7eVqbLpMHS1sBw2vYS4cTtyVdnnknGtEI8190VlXflk="; src = pkgs.python3Packages.fetchPypi {
}; inherit pname version;
doCheck = false; sha256 = "sha256-7eVqbLpMHS1sBw2vYS4cTtyVdnnknGtEI8190VlXflk=";
buildInputs = [ pkgs.python3Packages.setuptools ]; };
propagatedBuildInputs = [ pkgs.python3Packages.tqdm ]; doCheck = false;
}) buildInputs = [ pkgs.python3Packages.setuptools ];
]; propagatedBuildInputs = [ pkgs.python3Packages.tqdm ];
})
];
}; };
} }

8
modules/shell/tools.nix
View File

@ -1,4 +1,10 @@
{ config, lib, pkgs, ... }: { {
config,
lib,
pkgs,
...
}:
{
options.my.shell.tools.enable = lib.mkEnableOption "enable"; options.my.shell.tools.enable = lib.mkEnableOption "enable";
config = lib.mkIf config.my.shell.tools.enable { config = lib.mkIf config.my.shell.tools.enable {
home-manager.users.jawz = { home-manager.users.jawz = {

39
overlay.nix
View File

@ -1,16 +1,24 @@
{ pkgs, pkgsU, pkgsM }: {
pkgs,
pkgsU,
pkgsM,
}:
_self: super: { _self: super: {
gnome = super.gnome.overrideScope (_gFinal: gPrev: { gnome = super.gnome.overrideScope (
nautilus = gPrev.nautilus.overrideAttrs (nsuper: { _gFinal: gPrev: {
buildInputs = nsuper.buildInputs ++ (with pkgs.gst_all_1; [ nautilus = gPrev.nautilus.overrideAttrs (nsuper: {
gst-libav buildInputs =
gst-plugins-good nsuper.buildInputs
gst-plugins-bad ++ (with pkgs.gst_all_1; [
gst-plugins-ugly gst-libav
gst-plugins-base gst-plugins-good
]); gst-plugins-bad
}); gst-plugins-ugly
}); gst-plugins-base
]);
});
}
);
lutris = super.lutris.override { lutris = super.lutris.override {
extraPkgs = pkgs: [ extraPkgs = pkgs: [
pkgs.winetricks pkgs.winetricks
@ -19,7 +27,12 @@ _self: super: {
]; ];
}; };
nerdfonts = super.nerdfonts.override { nerdfonts = super.nerdfonts.override {
fonts = [ "CascadiaCode" "ComicShannsMono" "Iosevka" "Agave" ]; fonts = [
"CascadiaCode"
"ComicShannsMono"
"Iosevka"
"Agave"
];
}; };
inherit (pkgsU) planify; inherit (pkgsU) planify;
inherit (pkgsU) gdtoolkit; inherit (pkgsU) gdtoolkit;

16
pkgs/citra/default.nix
View File

@ -1,15 +1,20 @@
{ branch, qt6Packages, fetchFromGitHub, fetchurl }: {
branch,
qt6Packages,
fetchFromGitHub,
fetchurl,
}:
let let
# Fetched from https://api.citra-emu.org/gamedb # Fetched from https://api.citra-emu.org/gamedb
# Please make sure to update this when updating citra! # Please make sure to update this when updating citra!
compat-list = fetchurl { compat-list = fetchurl {
name = "citra-compat-list"; name = "citra-compat-list";
url = url = "https://web.archive.org/web/20230807103651/https://api.citra-emu.org/gamedb/";
"https://web.archive.org/web/20230807103651/https://api.citra-emu.org/gamedb/";
hash = "sha256-J+zqtWde5NgK2QROvGewtXGRAWUTNSKHNMG6iu9m1fU="; hash = "sha256-J+zqtWde5NgK2QROvGewtXGRAWUTNSKHNMG6iu9m1fU=";
}; };
in { in
{
nightly = qt6Packages.callPackage ./generic.nix rec { nightly = qt6Packages.callPackage ./generic.nix rec {
pname = "citra-nightly"; pname = "citra-nightly";
version = "2104"; version = "2104";
@ -24,4 +29,5 @@ in {
inherit branch compat-list; inherit branch compat-list;
}; };
}.${branch} }
.${branch}

155
pkgs/citra/generic.nix
View File

@ -1,40 +1,83 @@
{ pname, version, src, branch, compat-list, lib, stdenv, cmake, boost {
, pkg-config, libusb1, glslang, zstd, libressl, enableSdl2 ? true, SDL2 pname,
, enableQt ? true, qtbase, qtmultimedia, wrapQtAppsHook version,
, enableQtTranslation ? enableQt, qttools, enableWebService ? true src,
, enableCubeb ? true, cubeb, enableFfmpegAudioDecoder ? true branch,
, enableFfmpegVideoDumper ? true, ffmpeg_4, useDiscordRichPresence ? true compat-list,
, rapidjson, enableFdk ? false, fdk_aac, python3 }: lib,
assert lib.assertMsg (!enableFfmpegAudioDecoder || !enableFdk) stdenv,
"Can't enable both enableFfmpegAudioDecoder and enableFdk"; cmake,
boost,
pkg-config,
libusb1,
glslang,
zstd,
libressl,
enableSdl2 ? true,
SDL2,
enableQt ? true,
qtbase,
qtmultimedia,
wrapQtAppsHook,
enableQtTranslation ? enableQt,
qttools,
enableWebService ? true,
enableCubeb ? true,
cubeb,
enableFfmpegAudioDecoder ? true,
enableFfmpegVideoDumper ? true,
ffmpeg_4,
useDiscordRichPresence ? true,
rapidjson,
enableFdk ? false,
fdk_aac,
python3,
}:
assert lib.assertMsg (
!enableFfmpegAudioDecoder || !enableFdk
) "Can't enable both enableFfmpegAudioDecoder and enableFdk";
stdenv.mkDerivation rec { stdenv.mkDerivation rec {
inherit pname version src; inherit pname version src;
nativeBuildInputs = [ cmake glslang pkg-config python3 ] nativeBuildInputs = [
++ lib.optionals enableQt [ wrapQtAppsHook ]; cmake
glslang
pkg-config
python3
] ++ lib.optionals enableQt [ wrapQtAppsHook ];
buildInputs = [ boost libusb1 ] buildInputs =
++ lib.optionals enableQt [ qtbase qtmultimedia ] [
++ lib.optional enableSdl2 SDL2 ++ lib.optional enableQtTranslation qttools boost
libusb1
]
++ lib.optionals enableQt [
qtbase
qtmultimedia
]
++ lib.optional enableSdl2 SDL2
++ lib.optional enableQtTranslation qttools
++ lib.optionals enableCubeb cubeb.passthru.backendLibs ++ lib.optionals enableCubeb cubeb.passthru.backendLibs
++ lib.optional (enableFfmpegAudioDecoder || enableFfmpegVideoDumper) ++ lib.optional (enableFfmpegAudioDecoder || enableFfmpegVideoDumper) ffmpeg_4
ffmpeg_4 ++ lib.optional useDiscordRichPresence rapidjson ++ lib.optional useDiscordRichPresence rapidjson
++ lib.optional enableFdk fdk_aac; ++ lib.optional enableFdk fdk_aac;
cmakeFlags = [ cmakeFlags =
"-DUSE_SYSTEM_BOOST=ON" [
"-DCITRA_WARNINGS_AS_ERRORS=OFF" "-DUSE_SYSTEM_BOOST=ON"
"-DCITRA_USE_BUNDLED_FFMPEG=OFF" "-DCITRA_WARNINGS_AS_ERRORS=OFF"
"-DCITRA_USE_BUNDLED_QT=OFF" "-DCITRA_USE_BUNDLED_FFMPEG=OFF"
"-DUSE_SYSTEM_SDL2=ON" "-DCITRA_USE_BUNDLED_QT=OFF"
"-DCMAKE_INSTALL_INCLUDEDIR=include" "-DUSE_SYSTEM_SDL2=ON"
"-DCMAKE_INSTALL_LIBDIR=lib" "-DCMAKE_INSTALL_INCLUDEDIR=include"
"-DCMAKE_INSTALL_LIBDIR=lib"
# We dont want to bother upstream with potentially outdated compat reports # We dont want to bother upstream with potentially outdated compat reports
"-DCITRA_ENABLE_COMPATIBILITY_REPORTING=ON" "-DCITRA_ENABLE_COMPATIBILITY_REPORTING=ON"
"-DENABLE_COMPATIBILITY_LIST_DOWNLOAD=OFF" # We provide this deterministically "-DENABLE_COMPATIBILITY_LIST_DOWNLOAD=OFF" # We provide this deterministically
] ++ lib.optional (!enableSdl2) "-DENABLE_SDL2=OFF" ]
++ lib.optional (!enableSdl2) "-DENABLE_SDL2=OFF"
++ lib.optional (!enableQt) "-DENABLE_QT=OFF" ++ lib.optional (!enableQt) "-DENABLE_QT=OFF"
++ lib.optional enableQtTranslation "-DENABLE_QT_TRANSLATION=ON" ++ lib.optional enableQtTranslation "-DENABLE_QT_TRANSLATION=ON"
++ lib.optional (!enableWebService) "-DENABLE_WEB_SERVICE=OFF" ++ lib.optional (!enableWebService) "-DENABLE_WEB_SERVICE=OFF"
@ -44,44 +87,42 @@ stdenv.mkDerivation rec {
++ lib.optional useDiscordRichPresence "-DUSE_DISCORD_PRESENCE=ON" ++ lib.optional useDiscordRichPresence "-DUSE_DISCORD_PRESENCE=ON"
++ lib.optional enableFdk "-DENABLE_FDK=ON"; ++ lib.optional enableFdk "-DENABLE_FDK=ON";
postPatch = let postPatch =
branchCaptialized = lib.toUpper (lib.substring 0 1 branch) let
+ lib.substring 1 (-1) branch; branchCaptialized = lib.toUpper (lib.substring 0 1 branch) + lib.substring 1 (-1) branch;
in '' in
# Fix file not found when looking in var/empty instead of opt ''
mkdir externals/dynarmic/src/dynarmic/ir/var # Fix file not found when looking in var/empty instead of opt
ln -s ../opt externals/dynarmic/src/dynarmic/ir/var/empty mkdir externals/dynarmic/src/dynarmic/ir/var
ln -s ../opt externals/dynarmic/src/dynarmic/ir/var/empty
# Prep compatibilitylist # Prep compatibilitylist
ln -s ${compat-list} ./dist/compatibility_list/compatibility_list.json ln -s ${compat-list} ./dist/compatibility_list/compatibility_list.json
# We already know the submodules are present # We already know the submodules are present
substituteInPlace CMakeLists.txt \ substituteInPlace CMakeLists.txt \
--replace "check_submodules_present()" "" --replace "check_submodules_present()" ""
# Add versions # Add versions
echo 'set(BUILD_FULLNAME "${branchCaptialized} ${version}")' >> CMakeModules/GenerateBuildInfo.cmake echo 'set(BUILD_FULLNAME "${branchCaptialized} ${version}")' >> CMakeModules/GenerateBuildInfo.cmake
# Devendoring # Devendoring
rm -rf externals/zstd externals/libressl rm -rf externals/zstd externals/libressl
cp -r ${zstd.src} externals/zstd cp -r ${zstd.src} externals/zstd
tar xf ${libressl.src} -C externals/ tar xf ${libressl.src} -C externals/
mv externals/${libressl.name} externals/libressl mv externals/${libressl.name} externals/libressl
chmod -R a+w externals/zstd chmod -R a+w externals/zstd
''; '';
# Fixes https://github.com/NixOS/nixpkgs/issues/171173 # Fixes https://github.com/NixOS/nixpkgs/issues/171173
postInstall = lib.optionalString (enableCubeb && enableSdl2) '' postInstall = lib.optionalString (enableCubeb && enableSdl2) ''
wrapProgram "$out/bin/citra" \ wrapProgram "$out/bin/citra" \
--prefix LD_LIBRARY_PATH : ${ --prefix LD_LIBRARY_PATH : ${lib.makeLibraryPath cubeb.passthru.backendLibs}
lib.makeLibraryPath cubeb.passthru.backendLibs
}
''; '';
meta = { meta = {
homepage = "https://citra-emu.org"; homepage = "https://citra-emu.org";
description = description = "The ${branch} branch of an open-source emulator for the Ninteno 3DS";
"The ${branch} branch of an open-source emulator for the Ninteno 3DS";
longDescription = '' longDescription = ''
A Nintendo 3DS Emulator written in C++ A Nintendo 3DS Emulator written in C++
Using the nightly branch is recommended for general usage. Using the nightly branch is recommended for general usage.
@ -91,6 +132,10 @@ stdenv.mkDerivation rec {
mainProgram = if enableQt then "citra-qt" else "citra"; mainProgram = if enableQt then "citra-qt" else "citra";
platforms = lib.platforms.linux; platforms = lib.platforms.linux;
license = lib.licenses.gpl2Plus; license = lib.licenses.gpl2Plus;
maintainers = with lib.maintainers; [ abbradar ashley ivar ]; maintainers = with lib.maintainers; [
abbradar
ashley
ivar
];
}; };
} }

20
pkgs/obs-studio.nix
View File

@ -1,7 +1,14 @@
{ pkgs, lib, config, ... }: {
pkgs,
lib,
config,
...
}:
let cfg = config.programs.obs-studio; let
in { cfg = config.programs.obs-studio;
in
{
options.programs.obs-studio = { options.programs.obs-studio = {
enable = lib.mkEnableOption (lib.mdDoc "obs-studio"); enable = lib.mkEnableOption (lib.mdDoc "obs-studio");
@ -32,10 +39,9 @@ in {
}; };
config = lib.mkIf cfg.enable { config = lib.mkIf cfg.enable {
programs.obs-studio.finalPackage = programs.obs-studio.finalPackage = pkgs.wrapOBS.override { obs-studio = cfg.package; } {
pkgs.wrapOBS.override { obs-studio = cfg.package; } { plugins = cfg.plugins;
plugins = cfg.plugins; };
};
environment.systemPackages = [ cfg.finalPackage ]; environment.systemPackages = [ cfg.finalPackage ];

296
pkgs/polymc/default.nix
View File

@ -1,139 +1,177 @@
{ stdenv, lib, fetchFromGitHub, cmake, ninja, jdk17, ghc_filesystem, zlib, file {
, xorg, libpulseaudio, openal, qt6, glfw, pciutils, udev, glxinfo, qt6Packages stdenv,
, libGL, flite, addOpenGLRunpath, vulkan-loader, msaClientID ? null lib,
, extra-cmake-modules, makeWrapper, gamemode, mangohud, glfw-wayland-minecraft fetchFromGitHub,
, writeShellScript }: cmake,
ninja,
jdk17,
ghc_filesystem,
zlib,
file,
xorg,
libpulseaudio,
openal,
qt6,
glfw,
pciutils,
udev,
glxinfo,
qt6Packages,
libGL,
flite,
addOpenGLRunpath,
vulkan-loader,
msaClientID ? null,
extra-cmake-modules,
makeWrapper,
gamemode,
mangohud,
glfw-wayland-minecraft,
writeShellScript,
}:
let let
polymc = let polymc =
binpath = lib.makeBinPath [ xorg.xrandr glxinfo pciutils ]; let
binpath = lib.makeBinPath [
xorg.xrandr
glxinfo
pciutils
];
libpath = lib.makeLibraryPath [ libpath = lib.makeLibraryPath [
xorg.libX11 xorg.libX11
xorg.libXext xorg.libXext
xorg.libXcursor xorg.libXcursor
xorg.libXrandr xorg.libXrandr
xorg.libXxf86vm xorg.libXxf86vm
libpulseaudio libpulseaudio
libGL libGL
vulkan-loader vulkan-loader
glfw glfw
openal openal
udev udev
flite flite
stdenv.cc.cc.lib stdenv.cc.cc.lib
]; ];
gameLibraryPath = libpath + ":${addOpenGLRunpath.driverLink}/lib"; gameLibraryPath = libpath + ":${addOpenGLRunpath.driverLink}/lib";
in stdenv.mkDerivation rec { in
pname = "polymc" stdenv.mkDerivation rec {
+ (lib.optionalString ((lib.versions.major qt6.qtbase.version) == "5") pname = "polymc" + (lib.optionalString ((lib.versions.major qt6.qtbase.version) == "5") "-qt5");
"-qt5"); version = "6.1";
version = "6.1";
src = fetchFromGitHub { src = fetchFromGitHub {
owner = "PolyMC"; owner = "PolyMC";
repo = "PolyMC"; repo = "PolyMC";
rev = version; rev = version;
sha256 = "sha256-AOy13zAWQ0CtsX9z1M+fxH7Sh/QSFy7EdQ/fD9yUYc8="; sha256 = "sha256-AOy13zAWQ0CtsX9z1M+fxH7Sh/QSFy7EdQ/fD9yUYc8=";
fetchSubmodules = true; fetchSubmodules = true;
}; };
dontWrapQtApps = true; dontWrapQtApps = true;
nativeBuildInputs = [ nativeBuildInputs = [
cmake cmake
extra-cmake-modules extra-cmake-modules
ninja ninja
jdk17 jdk17
qt6.wrapQtAppsHook qt6.wrapQtAppsHook
file file
ghc_filesystem ghc_filesystem
]; ];
buildInputs = [ buildInputs = [
qt6.qtbase qt6.qtbase
qt6.qtsvg qt6.qtsvg
qt6.qtcharts qt6.qtcharts
qt6.qtwayland qt6.qtwayland
qt6Packages.quazip qt6Packages.quazip
zlib zlib
]; ];
cmakeFlags = [ cmakeFlags = [
"-GNinja" "-GNinja"
"-DLauncher_QT_VERSION_MAJOR=${lib.versions.major qt6.qtbase.version}" "-DLauncher_QT_VERSION_MAJOR=${lib.versions.major qt6.qtbase.version}"
] ++ lib.optionals (msaClientID != null) ] ++ lib.optionals (msaClientID != null) [ "-DLauncher_MSA_CLIENT_ID=${msaClientID}" ];
[ "-DLauncher_MSA_CLIENT_ID=${msaClientID}" ];
postPatch = '' postPatch = ''
# hardcode jdk paths # hardcode jdk paths
substituteInPlace launcher/java/JavaUtils.cpp \ substituteInPlace launcher/java/JavaUtils.cpp \
--replace 'scanJavaDir("/usr/lib/jvm")' 'javas.append("${jdk17}/lib/openjdk/bin/java")' --replace 'scanJavaDir("/usr/lib/jvm")' 'javas.append("${jdk17}/lib/openjdk/bin/java")'
'';
postFixup = ''
# xorg.xrandr needed for LWJGL [2.9.2, 3) https://github.com/LWJGL/lwjgl/issues/128
wrapQtApp $out/bin/polymc \
--suffix LD_LIBRARY_PATH : "${gameLibraryPath}" \
--suffix PATH : "${binpath}" \
--set-default ALSOFT_DRIVERS "pulse"
'';
passthru = {
wrap = { extraJDKs ? [ ], extraPaths ? [ ], extraLibs ? [ ]
, withWaylandGLFW ? false, withMangohud ? true, withGamemode ? true }:
stdenv.mkDerivation rec {
pname = "${polymc.pname}-wrapped";
inherit (polymc) version;
libsPath = (lib.makeLibraryPath
(extraLibs ++ lib.optional withGamemode gamemode.lib))
+ lib.optionalString withMangohud "${mangohud + "/lib/mangohud"}";
binsPath =
lib.makeBinPath (extraPaths ++ lib.optional withMangohud mangohud);
waylandPreExec = writeShellScript "waylandGLFW" ''
if [ -n "$WAYLAND_DISPLAY" ]; then
export LD_LIBRARY_PATH=${
lib.getLib glfw-wayland-minecraft
}/lib:"$LD_LIBRARY_PATH"
fi
'';
src = polymc;
nativeBuildInputs = [ makeWrapper ];
phases = [ "installPhase" "fixupPhase" ];
installPhase = ''
mkdir -p $out/bin
ln -s $src/bin/polymc $out/bin/polymc
ln -s $src/share $out/share
'';
postFixup = let javaPaths = lib.makeSearchPath "bin/java" extraJDKs;
in ''
wrapProgram $out/bin/polymc \
--suffix LD_LIBRARY_PATH : "${libsPath}" \
--suffix POLYMC_JAVA_PATHS : "${javaPaths}" \
--suffix PATH : "${binsPath}" ${
lib.optionalString withWaylandGLFW "--run ${waylandPreExec}"
}
'';
preferLocalBuild = true;
inherit (polymc) meta;
};
};
meta = with lib; {
homepage = "https://polymc.org/";
downloadPage = "https://polymc.org/download/";
changelog = "https://github.com/PolyMC/PolyMC/releases";
description = "A free, open source launcher for Minecraft";
longDescription = ''
Allows you to have multiple, separate instances of Minecraft (each with
their own mods, texture packs, saves, etc) and helps you manage them and
their associated options with a simple interface.
''; '';
platforms = [ "x86_64-linux" ];
license = licenses.gpl3Only; postFixup = ''
# xorg.xrandr needed for LWJGL [2.9.2, 3) https://github.com/LWJGL/lwjgl/issues/128
wrapQtApp $out/bin/polymc \
--suffix LD_LIBRARY_PATH : "${gameLibraryPath}" \
--suffix PATH : "${binpath}" \
--set-default ALSOFT_DRIVERS "pulse"
'';
passthru = {
wrap =
{
extraJDKs ? [ ],
extraPaths ? [ ],
extraLibs ? [ ],
withWaylandGLFW ? false,
withMangohud ? true,
withGamemode ? true,
}:
stdenv.mkDerivation rec {
pname = "${polymc.pname}-wrapped";
inherit (polymc) version;
libsPath =
(lib.makeLibraryPath (extraLibs ++ lib.optional withGamemode gamemode.lib))
+ lib.optionalString withMangohud "${mangohud + "/lib/mangohud"}";
binsPath = lib.makeBinPath (extraPaths ++ lib.optional withMangohud mangohud);
waylandPreExec = writeShellScript "waylandGLFW" ''
if [ -n "$WAYLAND_DISPLAY" ]; then
export LD_LIBRARY_PATH=${lib.getLib glfw-wayland-minecraft}/lib:"$LD_LIBRARY_PATH"
fi
'';
src = polymc;
nativeBuildInputs = [ makeWrapper ];
phases = [
"installPhase"
"fixupPhase"
];
installPhase = ''
mkdir -p $out/bin
ln -s $src/bin/polymc $out/bin/polymc
ln -s $src/share $out/share
'';
postFixup =
let
javaPaths = lib.makeSearchPath "bin/java" extraJDKs;
in
''
wrapProgram $out/bin/polymc \
--suffix LD_LIBRARY_PATH : "${libsPath}" \
--suffix POLYMC_JAVA_PATHS : "${javaPaths}" \
--suffix PATH : "${binsPath}" ${lib.optionalString withWaylandGLFW "--run ${waylandPreExec}"}
'';
preferLocalBuild = true;
inherit (polymc) meta;
};
};
meta = with lib; {
homepage = "https://polymc.org/";
downloadPage = "https://polymc.org/download/";
changelog = "https://github.com/PolyMC/PolyMC/releases";
description = "A free, open source launcher for Minecraft";
longDescription = ''
Allows you to have multiple, separate instances of Minecraft (each with
their own mods, texture packs, saves, etc) and helps you manage them and
their associated options with a simple interface.
'';
platforms = [ "x86_64-linux" ];
license = licenses.gpl3Only;
};
}; };
}; in
in polymc polymc

30
pkgs/pureref/default.nix
View File

@ -1,16 +1,30 @@
{ lib, appimageTools, runCommand, curl, gnugrep, cacert }: {
lib,
appimageTools,
runCommand,
curl,
gnugrep,
cacert,
}:
appimageTools.wrapType1 rec { appimageTools.wrapType1 rec {
pname = "pureref"; pname = "pureref";
version = "2.0.0"; version = "2.0.0";
src = runCommand "PureRef-${version}_x64.Appimage" { src =
nativeBuildInputs = [ curl gnugrep cacert ]; runCommand "PureRef-${version}_x64.Appimage"
outputHash = "sha256-47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU="; {
} '' nativeBuildInputs = [
key="$(curl "https://www.pureref.com/download.php" --silent | grep '%3D%3D' | cut -d '"' -f2)" curl
curl "https://www.pureref.com/files/build.php?build=LINUX64.Appimage&version=${version}&downloadKey=$key" --output $out gnugrep
''; cacert
];
outputHash = "sha256-47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=";
}
''
key="$(curl "https://www.pureref.com/download.php" --silent | grep '%3D%3D' | cut -d '"' -f2)"
curl "https://www.pureref.com/files/build.php?build=LINUX64.Appimage&version=${version}&downloadKey=$key" --output $out
'';
meta = { meta = {
description = "Reference Image Viewer"; description = "Reference Image Viewer";

61
pkgs/shiori/shiori-service.nix
View File

@ -1,7 +1,14 @@
{ config, lib, pkgs, ... }: {
config,
lib,
pkgs,
...
}:
let cfg = config.services.shiori; let
in { cfg = config.services.shiori;
in
{
options = { options = {
services.shiori = { services.shiori = {
enable = lib.mkEnableOption "Shiori simple bookmarks manager"; enable = lib.mkEnableOption "Shiori simple bookmarks manager";
@ -54,18 +61,16 @@ in {
systemd.services.shiori = { systemd.services.shiori = {
description = "Shiori simple bookmarks manager"; description = "Shiori simple bookmarks manager";
wantedBy = [ "multi-user.target" ]; wantedBy = [ "multi-user.target" ];
after = [ "postgresql.service" "mysql.service" ]; after = [
"postgresql.service"
"mysql.service"
];
environment = { environment = {
SHIORI_DIR = "/var/lib/shiori"; SHIORI_DIR = "/var/lib/shiori";
} // lib.optionalAttrs (cfg.databaseUrl != null) { } // lib.optionalAttrs (cfg.databaseUrl != null) { SHIORI_DATABASE_URL = cfg.databaseUrl; };
SHIORI_DATABASE_URL = cfg.databaseUrl;
};
serviceConfig = { serviceConfig = {
ExecStart = ExecStart = "${cfg.package}/bin/shiori server --address '${cfg.address}' --port '${toString cfg.port}' --webroot '${cfg.webRoot}'";
"${cfg.package}/bin/shiori server --address '${cfg.address}' --port '${
toString cfg.port
}' --webroot '${cfg.webRoot}'";
DynamicUser = true; DynamicUser = true;
StateDirectory = "shiori"; StateDirectory = "shiori";
@ -73,17 +78,20 @@ in {
RuntimeDirectory = "shiori"; RuntimeDirectory = "shiori";
# Security options # Security options
EnvironmentFile = EnvironmentFile = lib.optional (cfg.environmentFile != null) cfg.environmentFile;
lib.optional (cfg.environmentFile != null) cfg.environmentFile; BindReadOnlyPaths =
BindReadOnlyPaths = [ [
"/nix/store" "/nix/store"
# For SSL certificates, and the resolv.conf # For SSL certificates, and the resolv.conf
"/etc" "/etc"
] ++ lib.optional (lib.strings.hasInfix "postgres" cfg.databaseUrl ]
&& config.services.postgresql.enable) "/run/postgresql" ++ lib.optional (
++ lib.optional (lib.strings.hasInfix "mysql" cfg.databaseUrl lib.strings.hasInfix "postgres" cfg.databaseUrl && config.services.postgresql.enable
&& config.services.mysql.enable) "/var/run/mysqld"; ) "/run/postgresql"
++ lib.optional (
lib.strings.hasInfix "mysql" cfg.databaseUrl && config.services.mysql.enable
) "/var/run/mysqld";
CapabilityBoundingSet = ""; CapabilityBoundingSet = "";
AmbientCapabilities = "CAP_NET_BIND_SERVICE"; AmbientCapabilities = "CAP_NET_BIND_SERVICE";
@ -106,7 +114,11 @@ in {
ProtectKernelTunables = true; ProtectKernelTunables = true;
RestrictNamespaces = true; RestrictNamespaces = true;
RestrictAddressFamilies = [ "AF_INET" "AF_INET6" "AF_UNIX" ]; RestrictAddressFamilies = [
"AF_INET"
"AF_INET6"
"AF_UNIX"
];
RestrictRealtime = true; RestrictRealtime = true;
RestrictSUIDSGID = true; RestrictSUIDSGID = true;
@ -128,5 +140,8 @@ in {
}; };
}; };
meta.maintainers = with lib.maintainers; [ minijackson CaptainJawZ ]; meta.maintainers = with lib.maintainers; [
minijackson
CaptainJawZ
];
} }

12
pkgs/shiori/shiori.nix
View File

@ -1,4 +1,9 @@
{ lib, buildGoModule, fetchFromGitHub, installShellFiles }: {
lib,
buildGoModule,
fetchFromGitHub,
installShellFiles,
}:
buildGoModule rec { buildGoModule rec {
pname = "shiori"; pname = "shiori";
@ -30,6 +35,9 @@ buildGoModule rec {
mainProgram = "shiori"; mainProgram = "shiori";
homepage = "https://github.com/go-shiori/shiori"; homepage = "https://github.com/go-shiori/shiori";
license = licenses.mit; license = licenses.mit;
maintainers = with maintainers; [ minijackson CaptainJawZ ]; maintainers = with maintainers; [
minijackson
CaptainJawZ
];
}; };
} }

27
pkgs/vdhcoapp/default.nix
View File

@ -1,11 +1,22 @@
{ lib, fetchFromGitHub, buildNpmPackage, toml2json, nodejs, ffmpeg {
, substituteAll, makeWrapper, callPackage }: lib,
fetchFromGitHub,
buildNpmPackage,
toml2json,
nodejs,
ffmpeg,
substituteAll,
makeWrapper,
callPackage,
}:
# This is an adaptation with buildNpmPackage based on https://github.com/milahu/nur-packages/commit/3022ffb3619182ffcd579194e1202e3978e4d55b # This is an adaptation with buildNpmPackage based on https://github.com/milahu/nur-packages/commit/3022ffb3619182ffcd579194e1202e3978e4d55b
let filepicker = callPackage ./filepicker.nix { }; let
filepicker = callPackage ./filepicker.nix { };
in buildNpmPackage rec { in
buildNpmPackage rec {
pname = "vdhcoapp"; pname = "vdhcoapp";
version = "2.0.19"; version = "2.0.19";
@ -20,7 +31,10 @@ in buildNpmPackage rec {
npmDepsHash = "sha256-E032U2XZdyTER6ROkBosOTn7bweDXHl8voC3BQEz8Wg="; npmDepsHash = "sha256-E032U2XZdyTER6ROkBosOTn7bweDXHl8voC3BQEz8Wg=";
dontNpmBuild = true; dontNpmBuild = true;
nativeBuildInputs = [ toml2json makeWrapper ]; nativeBuildInputs = [
toml2json
makeWrapper
];
patches = [ patches = [
(substituteAll { (substituteAll {
@ -50,8 +64,7 @@ in buildNpmPackage rec {
''; '';
meta = with lib; { meta = with lib; {
description = description = "Companion application for the Video DownloadHelper browser add-on";
"Companion application for the Video DownloadHelper browser add-on";
homepage = "https://www.downloadhelper.net/"; homepage = "https://www.downloadhelper.net/";
license = licenses.gpl2; license = licenses.gpl2;
maintainers = with maintainers; [ wolfangaukang ]; maintainers = with maintainers; [ wolfangaukang ];

16
pkgs/vdhcoapp/filepicker.nix
View File

@ -1,4 +1,12 @@
{ lib, rustPlatform, fetchFromGitHub, pkg-config, atk, gtk3, glib }: {
lib,
rustPlatform,
fetchFromGitHub,
pkg-config,
atk,
gtk3,
glib,
}:
rustPlatform.buildRustPackage rec { rustPlatform.buildRustPackage rec {
pname = "filepicker"; pname = "filepicker";
@ -13,7 +21,11 @@ rustPlatform.buildRustPackage rec {
cargoHash = "sha256-aal7ppFkCpNc+QTS4Qklsb9WfJ65QqG6p1eOskiX+/Q="; cargoHash = "sha256-aal7ppFkCpNc+QTS4Qklsb9WfJ65QqG6p1eOskiX+/Q=";
buildInputs = [ atk gtk3 glib ]; buildInputs = [
atk
gtk3
glib
];
nativeBuildInputs = [ pkg-config ]; nativeBuildInputs = [ pkg-config ];