jawz/NixOS
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: jawz:1b743f9fcc7db349a4c45fd80b590081a021a9ef
Branches Tags
jawz:main
jawz:clean
jawz:modules
jawz:weekly-2025-10-29
jawz:weekly-2025-10-11
jawz:weekly-2025-10-06
jawz:weekly-2025-10-04
jawz:weekly-2025-09-30
jawz:weekly-2025-09-29
..
compare: jawz:c3d20aa28ffcd7fe863db9226267ffaa634d21fe
Branches Tags
jawz:main
jawz:clean
jawz:modules
jawz:weekly-2025-10-29
jawz:weekly-2025-10-11
jawz:weekly-2025-10-06
jawz:weekly-2025-10-04
jawz:weekly-2025-09-30
jawz:weekly-2025-09-29

4 Commits
1b743f9fcc ... c3d20aa28f

Author SHA1 Message Date
Danilo Reyes
c3d20aa28f part 3 of the flake-parts migration 2025-10-12 14:02:09 -06:00
Danilo Reyes
11fd8e0440 refractor shell configurations with flake-parts 2025-10-12 13:51:45 -06:00
Danilo Reyes
6f97b24115 flake parts, migrated modules 2025-10-12 13:41:48 -06:00
Danilo Reyes
6497dede6f migration to flake-parts 2025-10-12 13:23:38 -06:00
50 changed files with 594 additions and 318 deletions
Show Stats Expand all files Collapse all files

24
config/base.nix
View File

@ -124,29 +124,7 @@
sops sops
; ;
}; };
variables = variables = inputs.self.lib.xdgEnvironment;
let
XDG_DATA_HOME = "\${HOME}/.local/share";
XDG_CONFIG_HOME = "\${HOME}/.config";
XDG_CACHE_HOME = "\${HOME}/.cache";
in
{
# PATH
inherit XDG_DATA_HOME XDG_CONFIG_HOME XDG_CACHE_HOME;
XDG_BIN_HOME = "\${HOME}/.local/bin";
XDG_STATE_HOME = "\${HOME}/.local/state";
# DEV PATH
PSQL_HISTORY = "${XDG_DATA_HOME}/psql_history";
REDISCLI_HISTFILE = "${XDG_DATA_HOME}/redis/rediscli_history";
WINEPREFIX = "${XDG_DATA_HOME}/wine";
# OPTIONS
ELECTRUMDIR = "${XDG_DATA_HOME}/electrum";
WGETRC = "${XDG_CONFIG_HOME}/wgetrc";
XCOMPOSECACHE = "${XDG_CACHE_HOME}/X11/xcompose";
"_JAVA_OPTIONS" = "-Djava.util.prefs.userRoot=${XDG_CONFIG_HOME}/java";
ORG_DEVICE = "workstation";
PATH = [ "\${HOME}/.local/bin" ];
};
}; };
programs = { programs = {
nh = { nh = {

17
config/home-manager.nix
View File

@ -14,22 +14,7 @@ let
${pokemon-colorscripts}/bin/pokemon-colorscripts -r --no-title ${pokemon-colorscripts}/bin/pokemon-colorscripts -r --no-title
export command_timeout=60 export command_timeout=60
''; '';
commonAliases = { commonAliases = inputs.self.lib.commonAliases // {
cp = "cp -i";
mv = "mv -i";
mkdir = "mkdir -p";
mkcd = "(){ mkdir -p \"$1\" && cd \"$1\" }";
copy = "xclip -selection clipboard";
cdp = "pwd | copy";
cfp = "(){ readlink -f \"$1\" | copy }";
".." = "cd ..";
"..." = "cd ../..";
".3" = "cd ../../..";
".4" = "cd ../../../..";
".5" = "cd ../../../../..";
c = "cat";
sc = "systemctl --user";
jc = "journalctl --user -xefu";
open-gallery = '' open-gallery = ''
cd /srv/pool/scrapping/JawZ/gallery-dl && cd /srv/pool/scrapping/JawZ/gallery-dl &&
xdg-open "$(${fd}/bin/fd . ./ Husbands wikifeet -tdirectory -d 1 | ${fzf}/bin/fzf -i)"''; xdg-open "$(${fd}/bin/fd . ./ Husbands wikifeet -tdirectory -d 1 | ${fzf}/bin/fzf -i)"'';

13
config/jawz.nix
View File

@ -1,11 +1,12 @@
{ config, lib, ... }: {
config,
lib,
inputs,
...
}:
let let
inherit (config.networking) hostName; inherit (config.networking) hostName;
nixosHosts = nixosHosts = inputs.self.lib.getNixosHosts config.my.ips hostName lib;
lib.attrNames config.my.ips
|> lib.filter (
name: !(lib.hasPrefix "wg-" name) && name != "vps" && name != "router" && name != hostName
);
nixosHostsMatch = lib.concatStringsSep " " nixosHosts; nixosHostsMatch = lib.concatStringsSep " " nixosHosts;
in in
{ {

10
environments/hyprland.nix
View File

@ -23,13 +23,11 @@ in
wl-clipboard-rs wl-clipboard-rs
wf-recorder wf-recorder
grimblast # screenshots grimblast # screenshots
mako # notification daemon mako # notification daemon
libnotify # dependency of mako libnotify # dependency of mako
swaylock-effects # screen locker swaylock-effects # screen locker
yazi # file manager yazi # file manager
imv # images imv # images
playerctl # media player control playerctl # media player control
; ;
}; };
@ -78,27 +76,22 @@ in
"${mod}, bracketright, changegroupactive, f" "${mod}, bracketright, changegroupactive, f"
"${mod}, S, exec, wofi --show drun icons" "${mod}, S, exec, wofi --show drun icons"
"${mod}, P, pin, active" "${mod}, P, pin, active"
"${mod}, left, movefocus, l" "${mod}, left, movefocus, l"
"${mod}, right, movefocus, r" "${mod}, right, movefocus, r"
"${mod}, up, movefocus, u" "${mod}, up, movefocus, u"
"${mod}, down, movefocus, d" "${mod}, down, movefocus, d"
"${mod}, h, movefocus, l" "${mod}, h, movefocus, l"
"${mod}, l, movefocus, r" "${mod}, l, movefocus, r"
"${mod}, k, movefocus, u" "${mod}, k, movefocus, u"
"${mod}, j, movefocus, d" "${mod}, j, movefocus, d"
"${mod} SHIFT, left, movewindow, l" "${mod} SHIFT, left, movewindow, l"
"${mod} SHIFT, right, movewindow, r" "${mod} SHIFT, right, movewindow, r"
"${mod} SHIFT, up, movewindow, u" "${mod} SHIFT, up, movewindow, u"
"${mod} SHIFT, down, movewindow, d" "${mod} SHIFT, down, movewindow, d"
"${mod} SHIFT, h, movewindow, l" "${mod} SHIFT, h, movewindow, l"
"${mod} SHIFT, l, movewindow, r" "${mod} SHIFT, l, movewindow, r"
"${mod} SHIFT, k, movewindow, u" "${mod} SHIFT, k, movewindow, u"
"${mod} SHIFT, j, movewindow, d" "${mod} SHIFT, j, movewindow, d"
"${mod}, 1, workspace, 1" "${mod}, 1, workspace, 1"
"${mod}, 2, workspace, 2" "${mod}, 2, workspace, 2"
"${mod}, 3, workspace, 3" "${mod}, 3, workspace, 3"
@ -119,7 +112,6 @@ in
"${mod} SHIFT, 8, movetoworkspace, 8" "${mod} SHIFT, 8, movetoworkspace, 8"
"${mod} SHIFT, 9, movetoworkspace, 9" "${mod} SHIFT, 9, movetoworkspace, 9"
"${mod} SHIFT, 0, movetoworkspace, 10" "${mod} SHIFT, 0, movetoworkspace, 10"
"${mod}, F3, exec, grimblast save area ~/Pictures/screenshots/$(date +'%Y-%m-%d_%H-%M-%S').png" "${mod}, F3, exec, grimblast save area ~/Pictures/screenshots/$(date +'%Y-%m-%d_%H-%M-%S').png"
"${mod} SHIFT, F3, exec, grimblast save screen ~/Pictures/screenshots/$(date +'%Y-%m-%d_%H-%M-%S').png" "${mod} SHIFT, F3, exec, grimblast save screen ~/Pictures/screenshots/$(date +'%Y-%m-%d_%H-%M-%S').png"
]; ];
@ -128,12 +120,10 @@ in
"${mod} SHIFT, l, moveactive, 20 0" "${mod} SHIFT, l, moveactive, 20 0"
"${mod} SHIFT, k, moveactive, 0 -20" "${mod} SHIFT, k, moveactive, 0 -20"
"${mod} SHIFT, j, moveactive, 0 20" "${mod} SHIFT, j, moveactive, 0 20"
"${mod} CTRL, l, resizeactive, 30 0" "${mod} CTRL, l, resizeactive, 30 0"
"${mod} CTRL, h, resizeactive, -30 0" "${mod} CTRL, h, resizeactive, -30 0"
"${mod} CTRL, k, resizeactive, 0 -10" "${mod} CTRL, k, resizeactive, 0 -10"
"${mod} CTRL, j, resizeactive, 0 10" "${mod} CTRL, j, resizeactive, 0 10"
",XF86AudioRaiseVolume, exec, wpctl set-volume -l 1.4 @DEFAULT_AUDIO_SINK@ 5%+" ",XF86AudioRaiseVolume, exec, wpctl set-volume -l 1.4 @DEFAULT_AUDIO_SINK@ 5%+"
",XF86AudioLowerVolume, exec, wpctl set-volume -l 1.4 @DEFAULT_AUDIO_SINK@ 5%-" ",XF86AudioLowerVolume, exec, wpctl set-volume -l 1.4 @DEFAULT_AUDIO_SINK@ 5%-"
]; ];

2
environments/waybar-style.nix
View File

@ -30,12 +30,10 @@ in
border: none; border: none;
min-width: 20px; min-width: 20px;
} }
#workspaces button.active { #workspaces button.active {
background: #${colors.base02}; background: #${colors.base02};
color: #${colors.base05}; color: #${colors.base05};
} }
#workspaces button:hover { #workspaces button:hover {
background: #${colors.base01}; background: #${colors.base01};
color: #${colors.base04}; color: #${colors.base04};

46
flake.lock generated
View File

@ -232,6 +232,24 @@
"inputs": { "inputs": {
"nixpkgs-lib": "nixpkgs-lib_2" "nixpkgs-lib": "nixpkgs-lib_2"
}, },
"locked": {
"lastModified": 1759362264,
"narHash": "sha256-wfG0S7pltlYyZTM+qqlhJ7GMw2fTF4mLKCIVhLii/4M=",
"owner": "hercules-ci",
"repo": "flake-parts",
"rev": "758cf7296bee11f1706a574c77d072b8a7baa881",
"type": "github"
},
"original": {
"owner": "hercules-ci",
"repo": "flake-parts",
"type": "github"
}
},
"flake-parts_3": {
"inputs": {
"nixpkgs-lib": "nixpkgs-lib_3"
},
"locked": { "locked": {
"lastModified": 1712014858, "lastModified": 1712014858,
"narHash": "sha256-sB4SWl2lX95bExY2gMFG5HIzvva5AVMJd4Igm+GpZNw=", "narHash": "sha256-sB4SWl2lX95bExY2gMFG5HIzvva5AVMJd4Igm+GpZNw=",
@ -245,7 +263,7 @@
"type": "indirect" "type": "indirect"
} }
}, },
"flake-parts_3": { "flake-parts_4": {
"inputs": { "inputs": {
"nixpkgs-lib": [ "nixpkgs-lib": [
"nur", "nur",
@ -266,7 +284,7 @@
"type": "github" "type": "github"
} }
}, },
"flake-parts_4": { "flake-parts_5": {
"inputs": { "inputs": {
"nixpkgs-lib": [ "nixpkgs-lib": [
"stylix", "stylix",
@ -681,7 +699,7 @@
}, },
"nix-gaming": { "nix-gaming": {
"inputs": { "inputs": {
"flake-parts": "flake-parts", "flake-parts": "flake-parts_2",
"nixpkgs": [ "nixpkgs": [
"nixpkgs" "nixpkgs"
] ]
@ -768,6 +786,21 @@
} }
}, },
"nixpkgs-lib_2": { "nixpkgs-lib_2": {
"locked": {
"lastModified": 1754788789,
"narHash": "sha256-x2rJ+Ovzq0sCMpgfgGaaqgBSwY+LST+WbZ6TytnT9Rk=",
"owner": "nix-community",
"repo": "nixpkgs.lib",
"rev": "a73b9c743612e4244d865a2fdee11865283c04e6",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "nixpkgs.lib",
"type": "github"
}
},
"nixpkgs-lib_3": {
"locked": { "locked": {
"dir": "lib", "dir": "lib",
"lastModified": 1711703276, "lastModified": 1711703276,
@ -835,7 +868,7 @@
}, },
"nixtendo-switch": { "nixtendo-switch": {
"inputs": { "inputs": {
"flake-parts": "flake-parts_2", "flake-parts": "flake-parts_3",
"nixpkgs": [ "nixpkgs": [
"nixpkgs" "nixpkgs"
] ]
@ -856,7 +889,7 @@
}, },
"nur": { "nur": {
"inputs": { "inputs": {
"flake-parts": "flake-parts_3", "flake-parts": "flake-parts_4",
"nixpkgs": [ "nixpkgs": [
"nixpkgs" "nixpkgs"
] ]
@ -943,6 +976,7 @@
"root": { "root": {
"inputs": { "inputs": {
"doom-emacs": "doom-emacs", "doom-emacs": "doom-emacs",
"flake-parts": "flake-parts",
"fonts": "fonts", "fonts": "fonts",
"home-manager": "home-manager", "home-manager": "home-manager",
"hyprland": "hyprland", "hyprland": "hyprland",
@ -988,7 +1022,7 @@
"base16-helix": "base16-helix", "base16-helix": "base16-helix",
"base16-vim": "base16-vim", "base16-vim": "base16-vim",
"firefox-gnome-theme": "firefox-gnome-theme", "firefox-gnome-theme": "firefox-gnome-theme",
"flake-parts": "flake-parts_4", "flake-parts": "flake-parts_5",
"gnome-shell": "gnome-shell", "gnome-shell": "gnome-shell",
"nixpkgs": [ "nixpkgs": [
"nixpkgs" "nixpkgs"

78
flake.nix
View File

@ -1,6 +1,7 @@
{ {
description = "JawZ NixOS flake setup"; description = "JawZ NixOS flake setup";
inputs = { inputs = {
flake-parts.url = "github:hercules-ci/flake-parts";
nixpkgs.url = "github:nixos/nixpkgs?ref=nixos-25.05"; nixpkgs.url = "github:nixos/nixpkgs?ref=nixos-25.05";
nixpkgs-small.url = "github:nixos/nixpkgs?ref=nixos-25.05-small"; nixpkgs-small.url = "github:nixos/nixpkgs?ref=nixos-25.05-small";
nixpkgs-unstable.url = "github:nixos/nixpkgs?ref=nixos-unstable"; nixpkgs-unstable.url = "github:nixos/nixpkgs?ref=nixos-unstable";
@ -59,76 +60,13 @@
}; };
}; };
outputs = outputs =
{ self, jawz-scripts, ... }@inputs: inputs:
let inputs.flake-parts.lib.mkFlake { inherit inputs; } {
inherit (self) outputs; imports = [
system = "x86_64-linux"; ./parts/core.nix
mkpkgs = ./parts/hosts.nix
repo: ./parts/packages.nix
import repo { ./parts/devshells.nix
inherit system;
config.allowUnfree = true;
};
langList = builtins.filter (name: name != "emacs") (
builtins.map (file: builtins.replaceStrings [ ".nix" ] [ "" ] (baseNameOf file)) (
builtins.attrNames (builtins.readDir ./modules/dev)
)
);
commonModules = name: [
{
nixpkgs.overlays = [
(import ./config/overlay.nix { inherit mkpkgs inputs; })
inputs.doom-emacs.overlays.default
];
}
{
nix.registry = {
jawz.flake = self;
unstable.flake = inputs.nixpkgs-unstable;
};
}
./hosts/${name}/configuration.nix
inputs.nur.modules.nixos.default
inputs.sops-nix.nixosModules.sops
inputs.stylix.nixosModules.stylix
inputs.nixtendo-switch.nixosModules.nixtendo-switch
]; ];
createConfig =
name: local-nixpkgs:
let
lib = local-nixpkgs.lib // inputs.home-manager.lib;
in
lib.nixosSystem {
inherit system;
specialArgs = {
inherit inputs outputs;
};
modules = commonModules name;
};
in
{
nixosConfigurations = {
workstation = createConfig "workstation" inputs.nixpkgs;
miniserver = createConfig "miniserver" inputs.nixpkgs-small;
server = createConfig "server" inputs.nixpkgs-small;
galaxy = createConfig "galaxy" inputs.nixpkgs-small;
emacs = createConfig "emacs" inputs.nixpkgs;
};
packages.${system} = (jawz-scripts.packages.${system} or { }) // {
emacs-vm = inputs.nixos-generators.nixosGenerate {
inherit system;
specialArgs = {
inherit inputs outputs;
};
modules = commonModules "emacs";
format = "vm";
};
};
devShells.${system} = builtins.listToAttrs (
map (name: {
inherit name;
value = self.nixosConfigurations.emacs.config.devShells.${name};
}) langList
);
}; };
} }

11
modules/dev/emacs.nix
View File

@ -1,5 +1,6 @@
{ {
config, config,
inputs,
lib, lib,
pkgs, pkgs,
... ...
@ -14,10 +15,12 @@
"doom/templates/programming.org".source = ../../dotfiles/doom/templates/programming.org; "doom/templates/programming.org".source = ../../dotfiles/doom/templates/programming.org;
}; };
services.lorri.enable = true; services.lorri.enable = true;
programs.${config.my.shell.type}.shellAliases = { programs.${config.my.shell.type}.shellAliases =
edit = "emacsclient -t"; inputs.self.lib.mergeAliases inputs.self.lib.commonAliases
e = "edit"; {
}; edit = "emacsclient -t";
e = "edit";
};
}; };
users.users.jawz.packages = builtins.attrValues { users.users.jawz.packages = builtins.attrValues {
inherit (pkgs.xorg) xwininfo; inherit (pkgs.xorg) xwininfo;

17
modules/dev/nix.nix
View File

@ -1,5 +1,6 @@
{ {
config, config,
inputs,
lib, lib,
pkgs, pkgs,
... ...
@ -33,12 +34,14 @@ in
}; };
config = lib.mkIf config.my.dev.nix.enable { config = lib.mkIf config.my.dev.nix.enable {
users.users.jawz = { inherit packages; }; users.users.jawz = { inherit packages; };
home-manager.users.jawz.programs.${shellType}.shellAliases = { home-manager.users.jawz.programs.${shellType}.shellAliases =
nixformat = '' inputs.self.lib.mergeAliases inputs.self.lib.commonAliases
deadnix -e && \ {
nix run nixpkgs#nixfmt-tree && \ nixformat = ''
statix fix deadnix -e && \
''; nix run nixpkgs#nixfmt-tree && \
}; statix fix
'';
};
}; };
} }

27
modules/modules.nix
View File

@ -1,22 +1,21 @@
{ lib, config, ... }: {
lib,
config,
inputs,
...
}:
let let
filterNames = file: file != "librewolf.nix"; filterNames = file: file != "librewolf.nix";
autoImport =
dir:
builtins.readDir ./${dir}
|> builtins.attrNames
|> builtins.filter (file: builtins.match ".*\\.nix" file != null && filterNames file)
|> map (file: ./${dir}/${file});
in in
{ {
imports = imports =
autoImport "apps" inputs.self.lib.autoImport ./apps filterNames
++ autoImport "dev" ++ inputs.self.lib.autoImport ./dev filterNames
++ autoImport "scripts" ++ inputs.self.lib.autoImport ./scripts filterNames
++ autoImport "servers" ++ inputs.self.lib.autoImport ./servers filterNames
++ autoImport "services" ++ inputs.self.lib.autoImport ./services filterNames
++ autoImport "shell" ++ inputs.self.lib.autoImport ./shell filterNames
++ autoImport "network" ++ inputs.self.lib.autoImport ./network filterNames
++ [ ++ [
./nix/build.nix ./nix/build.nix
./users/nixremote.nix ./users/nixremote.nix

43
modules/network/firewall.nix
View File

@ -1,18 +1,23 @@
{ lib, config, ... }: {
lib,
config,
inputs,
...
}:
let let
nativeServicesWithOpenFirewall = [ firewallBlacklist = [
"adguardhome" "lidarr"
"plex" "maloja"
"nix-serve" "tranga"
"radarr" "flame"
"sonarr" "flameSecret"
"jellyfin" "ryot"
"prowlarr" "drpp"
"bazarr" "metube"
"stash" "multi-scrobbler"
"ombi" "plex-discord-bot"
"flaresolverr"
]; ];
nativeServicesWithOpenFirewall = inputs.self.lib.getServicesWithNativeFirewall config firewallBlacklist;
servicesConfig = lib.listToAttrs ( servicesConfig = lib.listToAttrs (
map (serviceName: { map (serviceName: {
name = serviceName; name = serviceName;
@ -37,17 +42,7 @@ in
config = lib.mkIf config.my.network.firewall.enabledServicePorts { config = lib.mkIf config.my.network.firewall.enabledServicePorts {
services = servicesConfig; services = servicesConfig;
networking.firewall.allowedTCPPorts = networking.firewall.allowedTCPPorts =
config.my.network.firewall.staticPorts inputs.self.lib.generateFirewallPorts config nativeServicesWithOpenFirewall lib
++ config.my.network.firewall.additionalPorts
++ (
config.my.servers
|> lib.filterAttrs (
name: srv:
(srv.enable or false) && (srv ? port) && !(builtins.elem name nativeServicesWithOpenFirewall)
)
|> lib.attrValues
|> map (srv: srv.port)
)
++ (lib.optionals config.services.nginx.enable [ ++ (lib.optionals config.services.nginx.enable [
config.services.nginx.defaultHTTPListenPort config.services.nginx.defaultHTTPListenPort
config.services.nginx.defaultSSLListenPort config.services.nginx.defaultSSLListenPort

14
modules/network/nginx.nix
View File

@ -1,6 +1,10 @@
{ lib, config, ... }: {
lib,
config,
inputs,
...
}:
let let
setup = import ../factories/mkserver.nix { inherit lib config; };
proxyReverseServices = [ proxyReverseServices = [
"firefox-syncserver" "firefox-syncserver"
"readeck" "readeck"
@ -44,11 +48,11 @@ let
cfg = config.my.servers.${serviceName}; cfg = config.my.servers.${serviceName};
proxyFunc = proxyFunc =
if serviceConfig.type == "proxyReverse" then if serviceConfig.type == "proxyReverse" then
setup.proxyReverse inputs.self.lib.proxyReverse
else if serviceConfig.type == "proxyReverseFix" then else if serviceConfig.type == "proxyReverseFix" then
setup.proxyReverseFix inputs.self.lib.proxyReverseFix
else if serviceConfig.type == "proxyReversePrivate" then else if serviceConfig.type == "proxyReversePrivate" then
setup.proxyReversePrivate inputs.self.lib.proxyReversePrivate
else else
throw "Unknown proxy type: ${serviceConfig.type}"; throw "Unknown proxy type: ${serviceConfig.type}";
in in

36
modules/scripts/download.nix
View File

@ -17,32 +17,26 @@
in in
{ {
home-manager.users.jawz.programs.${config.my.shell.type} = { home-manager.users.jawz.programs.${config.my.shell.type} = {
shellAliases = { shellAliases = inputs.self.lib.mergeAliases inputs.self.lib.commonAliases {
dl = "${download}/bin/download -u jawz -i"; dl = "${download}/bin/download -u jawz -i";
comic = ''dl "$(cat "$LC" | fzf --multi --exact -i)"''; comic = ''dl "$(cat "$LC" | fzf --multi --exact -i)"'';
gallery = ''dl "$(cat "$LW" | fzf --multi --exact -i)"''; gallery = ''dl "$(cat "$LW" | fzf --multi --exact -i)"'';
}; };
} }
// ( //
if config.my.shell.type == "bash" then inputs.self.lib.shellConditional config.my.shell.type
{ ''
initExtra = '' list_root=$XDG_CONFIG_HOME/jawz/lists/jawz
list_root=$XDG_CONFIG_HOME/jawz/lists/jawz export LW=$list_root/watch.txt
export LW=$list_root/watch.txt export LI=$list_root/instant.txt
export LI=$list_root/instant.txt export LC=$list_root/comic.txt
export LC=$list_root/comic.txt ''
''; ''
} list_root=$XDG_CONFIG_HOME/jawz/lists/jawz
else export LW=$list_root/watch.txt
{ export LI=$list_root/instant.txt
initContent = '' export LC=$list_root/comic.txt
list_root=$XDG_CONFIG_HOME/jawz/lists/jawz '';
export LW=$list_root/watch.txt
export LI=$list_root/instant.txt
export LC=$list_root/comic.txt
'';
}
);
systemd.user = { systemd.user = {
services = services =
let let

10
modules/servers/atticd.nix
View File

@ -1,10 +1,14 @@
{ lib, config, ... }: {
lib,
config,
inputs,
...
}:
let let
cfg = config.my.servers.atticd; cfg = config.my.servers.atticd;
setup = import ../factories/mkserver.nix { inherit lib config; };
in in
{ {
options.my.servers.atticd = setup.mkOptions "atticd" "cache" 2343; options.my.servers.atticd = inputs.self.lib.mkServerOptions "atticd" "cache" 2343 lib;
config = lib.mkIf (cfg.enable && config.my.secureHost) { config = lib.mkIf (cfg.enable && config.my.secureHost) {
sops.secrets."private_cache_keys/atticd".sopsFile = ../../secrets/keys.yaml; sops.secrets."private_cache_keys/atticd".sopsFile = ../../secrets/keys.yaml;
services.atticd = { services.atticd = {

12
modules/servers/audiobookshelf.nix
View File

@ -1,10 +1,16 @@
{ lib, config, ... }: {
lib,
config,
inputs,
...
}:
let let
cfg = config.my.servers.audiobookshelf; cfg = config.my.servers.audiobookshelf;
setup = import ../factories/mkserver.nix { inherit lib config; };
in in
{ {
options.my.servers.audiobookshelf = setup.mkOptions "audiobookshelf" "audiobooks" 5687; options.my.servers.audiobookshelf =
inputs.self.lib.mkServerOptions "audiobookshelf" "audiobooks" 5687
lib;
config = lib.mkIf (cfg.enable && config.my.secureHost) { config = lib.mkIf (cfg.enable && config.my.secureHost) {
my.servers.audiobookshelf.enableSocket = true; my.servers.audiobookshelf.enableSocket = true;
services.audiobookshelf = { services.audiobookshelf = {

12
modules/servers/bazarr.nix
View File

@ -1,10 +1,16 @@
{ lib, config, ... }: {
lib,
config,
inputs,
...
}:
let let
cfg = config.my.servers.bazarr; cfg = config.my.servers.bazarr;
setup = import ../factories/mkserver.nix { inherit lib config; };
in in
{ {
options.my.servers.bazarr = setup.mkOptions "bazarr" "subs" config.services.bazarr.listenPort; options.my.servers.bazarr =
inputs.self.lib.mkServerOptions "bazarr" "subs" config.services.bazarr.listenPort
lib;
config.services.bazarr = lib.mkIf cfg.enable { config.services.bazarr = lib.mkIf cfg.enable {
inherit (cfg) enable; inherit (cfg) enable;
group = "piracy"; group = "piracy";

10
modules/servers/drpp.nix
View File

@ -1,10 +1,14 @@
{ lib, config, ... }: {
lib,
config,
inputs,
...
}:
let let
cfg = config.my.servers.drpp; cfg = config.my.servers.drpp;
setup = import ../factories/mkserver.nix { inherit lib config; };
in in
{ {
options.my.servers.drpp = setup.mkOptions "drpp" "drpp" 0; options.my.servers.drpp = inputs.self.lib.mkServerOptions "drpp" "drpp" 0 lib;
config.virtualisation.oci-containers.containers.drpp = lib.mkIf cfg.enable { config.virtualisation.oci-containers.containers.drpp = lib.mkIf cfg.enable {
image = "ghcr.io/phin05/discord-rich-presence-plex:latest"; image = "ghcr.io/phin05/discord-rich-presence-plex:latest";
environment = { environment = {

12
modules/servers/firefox-syncserver.nix
View File

@ -1,10 +1,16 @@
{ lib, config, ... }: {
lib,
config,
inputs,
...
}:
let let
cfg = config.my.servers.firefox-syncserver; cfg = config.my.servers.firefox-syncserver;
setup = import ../factories/mkserver.nix { inherit lib config; };
in in
{ {
options.my.servers.firefox-syncserver = setup.mkOptions "firefox-syncserver" "sync" 4233; options.my.servers.firefox-syncserver =
inputs.self.lib.mkServerOptions "firefox-syncserver" "sync" 4233
lib;
config = lib.mkIf (cfg.enable && config.my.secureHost) { config = lib.mkIf (cfg.enable && config.my.secureHost) {
# sops.secrets.firefox-syncserver.sopsFile = ../../secrets/env.yaml; # sops.secrets.firefox-syncserver.sopsFile = ../../secrets/env.yaml;
services.firefox-syncserver = { services.firefox-syncserver = {

12
modules/servers/flame.nix
View File

@ -1,14 +1,18 @@
{ lib, config, ... }: {
lib,
config,
inputs,
...
}:
let let
cfg = config.my.servers.flame; cfg = config.my.servers.flame;
cfgS = config.my.servers.flameSecret; cfgS = config.my.servers.flameSecret;
enable = (cfg.enable || cfgS.enable) && config.my.secureHost; enable = (cfg.enable || cfgS.enable) && config.my.secureHost;
setup = import ../factories/mkserver.nix { inherit lib config; };
in in
{ {
options.my.servers = { options.my.servers = {
flame = setup.mkOptions "flame" "start" 5005; flame = inputs.self.lib.mkServerOptions "flame" "start" 5005 lib;
flameSecret = setup.mkOptions "flameSecret" "qampqwn4wprhqny8h8zj" 5007; flameSecret = inputs.self.lib.mkServerOptions "flameSecret" "qampqwn4wprhqny8h8zj" 5007 lib;
}; };
config = lib.mkIf enable { config = lib.mkIf enable {
sops.secrets = { sops.secrets = {

4
modules/servers/gitea.nix
View File

@ -1,19 +1,19 @@
{ {
lib, lib,
config, config,
inputs,
pkgs, pkgs,
... ...
}: }:
let let
cfg = config.my.servers.gitea; cfg = config.my.servers.gitea;
setup = import ../factories/mkserver.nix { inherit lib config; };
in in
{ {
imports = [ imports = [
../nix/gitea-actions-runners/ryujinx.nix ../nix/gitea-actions-runners/ryujinx.nix
../nix/gitea-actions-runners/nixos.nix ../nix/gitea-actions-runners/nixos.nix
]; ];
options.my.servers.gitea = setup.mkOptions "gitea" "git" 9083; options.my.servers.gitea = inputs.self.lib.mkServerOptions "gitea" "git" 9083 lib;
config = lib.mkIf (cfg.enable && config.my.secureHost) { config = lib.mkIf (cfg.enable && config.my.secureHost) {
sops.secrets.gitea.sopsFile = ../../secrets/env.yaml; sops.secrets.gitea.sopsFile = ../../secrets/env.yaml;
services.gitea = { services.gitea = {

10
modules/servers/homepage.nix
View File

@ -1,10 +1,14 @@
{ lib, config, ... }: {
lib,
config,
inputs,
...
}:
let let
cfg = config.my.servers.homepage; cfg = config.my.servers.homepage;
setup = import ../factories/mkserver.nix { inherit lib config; };
in in
{ {
options.my.servers.homepage = setup.mkOptions "homepage" "home" 8082; options.my.servers.homepage = inputs.self.lib.mkServerOptions "homepage" "home" 8082 lib;
config = lib.mkIf config.my.secureHost { config = lib.mkIf config.my.secureHost {
sops.secrets = lib.mkIf cfg.enable { sops.secrets = lib.mkIf cfg.enable {
homepage.sopsFile = ../../secrets/homepage.yaml; homepage.sopsFile = ../../secrets/homepage.yaml;

3
modules/servers/jellyfin.nix
View File

@ -19,10 +19,9 @@ let
pkgs.gum pkgs.gum
sub-sync sub-sync
]; ];
setup = import ../factories/mkserver.nix { inherit lib config; };
in in
{ {
options.my.servers.jellyfin = setup.mkOptions "jellyfin" "flix" 8096; options.my.servers.jellyfin = inputs.self.lib.mkServerOptions "jellyfin" "flix" 8096 lib;
config = lib.mkIf (cfg.enable && config.my.secureHost) { config = lib.mkIf (cfg.enable && config.my.secureHost) {
environment.systemPackages = [ environment.systemPackages = [
pkgs.jellyfin-ffmpeg pkgs.jellyfin-ffmpeg

12
modules/servers/kavita.nix
View File

@ -1,10 +1,16 @@
{ lib, config, ... }: {
lib,
config,
inputs,
...
}:
let let
cfg = config.my.servers.kavita; cfg = config.my.servers.kavita;
setup = import ../factories/mkserver.nix { inherit lib config; };
in in
{ {
options.my.servers.kavita = setup.mkOptions "kavita" "library" config.services.kavita.settings.Port; options.my.servers.kavita =
inputs.self.lib.mkServerOptions "kavita" "library" config.services.kavita.settings.Port
lib;
config = lib.mkIf (cfg.enable && config.my.secureHost) { config = lib.mkIf (cfg.enable && config.my.secureHost) {
sops.secrets.kavita-token = { sops.secrets.kavita-token = {
owner = config.users.users.kavita.name; owner = config.users.users.kavita.name;

10
modules/servers/lidarr.nix
View File

@ -1,10 +1,14 @@
{ lib, config, ... }: {
lib,
config,
inputs,
...
}:
let let
cfg = config.my.servers.lidarr; cfg = config.my.servers.lidarr;
setup = import ../factories/mkserver.nix { inherit lib config; };
in in
{ {
options.my.servers.lidarr = setup.mkOptions "lidarr" "music" 8686; options.my.servers.lidarr = inputs.self.lib.mkServerOptions "lidarr" "music" 8686 lib;
config.virtualisation.oci-containers.containers.lidarr = lib.mkIf cfg.enable { config.virtualisation.oci-containers.containers.lidarr = lib.mkIf cfg.enable {
autoStart = true; autoStart = true;
image = "linuxserver/lidarr:version-2.13.3.4711"; image = "linuxserver/lidarr:version-2.13.3.4711";

10
modules/servers/maloja.nix
View File

@ -1,10 +1,14 @@
{ lib, config, ... }: {
lib,
config,
inputs,
...
}:
let let
cfg = config.my.servers.maloja; cfg = config.my.servers.maloja;
setup = import ../factories/mkserver.nix { inherit lib config; };
in in
{ {
options.my.servers.maloja = setup.mkOptions "maloja" "maloja" 42010; options.my.servers.maloja = inputs.self.lib.mkServerOptions "maloja" "maloja" 42010 lib;
config = lib.mkIf (cfg.enable && config.my.secureHost) { config = lib.mkIf (cfg.enable && config.my.secureHost) {
sops.secrets.maloja.sopsFile = ../../secrets/env.yaml; sops.secrets.maloja.sopsFile = ../../secrets/env.yaml;
virtualisation.oci-containers.containers.maloja = { virtualisation.oci-containers.containers.maloja = {

10
modules/servers/mealie.nix
View File

@ -1,10 +1,14 @@
{ lib, config, ... }: {
lib,
config,
inputs,
...
}:
let let
cfg = config.my.servers.mealie; cfg = config.my.servers.mealie;
setup = import ../factories/mkserver.nix { inherit lib config; };
in in
{ {
options.my.servers.mealie = setup.mkOptions "mealie" "mealie" 9925; options.my.servers.mealie = inputs.self.lib.mkServerOptions "mealie" "mealie" 9925 lib;
config = lib.mkIf (cfg.enable && config.my.secureHost) { config = lib.mkIf (cfg.enable && config.my.secureHost) {
sops.secrets.mealie.sopsFile = ../../secrets/env.yaml; sops.secrets.mealie.sopsFile = ../../secrets/env.yaml;
services.mealie = { services.mealie = {

10
modules/servers/metube.nix
View File

@ -1,10 +1,14 @@
{ lib, config, ... }: {
lib,
config,
inputs,
...
}:
let let
cfg = config.my.servers.metube; cfg = config.my.servers.metube;
setup = import ../factories/mkserver.nix { inherit lib config; };
in in
{ {
options.my.servers.metube = setup.mkOptions "metube" "bajameesta" 8881; options.my.servers.metube = inputs.self.lib.mkServerOptions "metube" "bajameesta" 8881 lib;
config.virtualisation.oci-containers.containers.metube = lib.mkIf cfg.enable { config.virtualisation.oci-containers.containers.metube = lib.mkIf cfg.enable {
image = "ghcr.io/alexta69/metube:latest"; image = "ghcr.io/alexta69/metube:latest";
ports = [ "${toString cfg.port}:8081" ]; ports = [ "${toString cfg.port}:8081" ];

10
modules/servers/microbin.nix
View File

@ -1,10 +1,14 @@
{ lib, config, ... }: {
lib,
config,
inputs,
...
}:
let let
cfg = config.my.servers.microbin; cfg = config.my.servers.microbin;
setup = import ../factories/mkserver.nix { inherit lib config; };
in in
{ {
options.my.servers.microbin = setup.mkOptions "microbin" "copy" 8086; options.my.servers.microbin = inputs.self.lib.mkServerOptions "microbin" "copy" 8086 lib;
config.services.microbin = lib.mkIf (cfg.enable && config.my.secureHost) { config.services.microbin = lib.mkIf (cfg.enable && config.my.secureHost) {
inherit (cfg) enable; inherit (cfg) enable;
settings = { settings = {

12
modules/servers/multi-scrobbler.nix
View File

@ -1,10 +1,16 @@
{ lib, config, ... }: {
lib,
config,
inputs,
...
}:
let let
cfg = config.my.servers.multi-scrobbler; cfg = config.my.servers.multi-scrobbler;
setup = import ../factories/mkserver.nix { inherit lib config; };
in in
{ {
options.my.servers.multi-scrobbler = setup.mkOptions "multi-scrobbler" "scrobble" 9078; options.my.servers.multi-scrobbler =
inputs.self.lib.mkServerOptions "multi-scrobbler" "scrobble" 9078
lib;
config = lib.mkIf (cfg.enable && config.my.secureHost) { config = lib.mkIf (cfg.enable && config.my.secureHost) {
sops.secrets.multi-scrobbler.sopsFile = ../../secrets/env.yaml; sops.secrets.multi-scrobbler.sopsFile = ../../secrets/env.yaml;
virtualisation.oci-containers.containers.multi-scrobbler = { virtualisation.oci-containers.containers.multi-scrobbler = {

5
modules/servers/nextcloud.nix
View File

@ -31,12 +31,11 @@ let
pytensorflow = pkgs.python311.withPackages (ps: [ ps.tensorflow ]); pytensorflow = pkgs.python311.withPackages (ps: [ ps.tensorflow ]);
cfg = config.my.servers.nextcloud; cfg = config.my.servers.nextcloud;
cfgC = config.my.servers.collabora; cfgC = config.my.servers.collabora;
setup = import ../factories/mkserver.nix { inherit lib config; };
in in
{ {
options.my.servers = { options.my.servers = {
nextcloud = setup.mkOptions "nextcloud" "cloud" 80; nextcloud = inputs.self.lib.mkServerOptions "nextcloud" "cloud" 80 lib;
collabora = setup.mkOptions "collabora" "collabora" 9980; collabora = inputs.self.lib.mkServerOptions "collabora" "collabora" 9980 lib;
go-vod.enable = lib.mkEnableOption "Go-VOD video transcoding service"; go-vod.enable = lib.mkEnableOption "Go-VOD video transcoding service";
}; };
config = lib.mkIf (cfg.enable && config.my.servers.postgres.enable && config.my.secureHost) { config = lib.mkIf (cfg.enable && config.my.servers.postgres.enable && config.my.secureHost) {

4
modules/servers/nix-serve.nix
View File

@ -1,15 +1,15 @@
{ {
lib, lib,
inputs,
config, config,
pkgs, pkgs,
... ...
}: }:
let let
cfg = config.my.servers.nix-serve; cfg = config.my.servers.nix-serve;
setup = import ../factories/mkserver.nix { inherit lib config; };
in in
{ {
options.my.servers.nix-serve = setup.mkOptions "nix-serve" "cache" 5000; options.my.servers.nix-serve = inputs.self.lib.mkServerOptions "nix-serve" "cache" 5000 lib;
config = lib.mkIf (cfg.enable && config.my.secureHost) { config = lib.mkIf (cfg.enable && config.my.secureHost) {
sops.secrets."private_cache_keys/miniserver".sopsFile = ../../secrets/keys.yaml; sops.secrets."private_cache_keys/miniserver".sopsFile = ../../secrets/keys.yaml;
services.nix-serve = { services.nix-serve = {

10
modules/servers/ombi.nix
View File

@ -1,10 +1,14 @@
{ lib, config, ... }: {
lib,
config,
inputs,
...
}:
let let
cfg = config.my.servers.ombi; cfg = config.my.servers.ombi;
setup = import ../factories/mkserver.nix { inherit lib config; };
in in
{ {
options.my.servers.ombi = setup.mkOptions "ombi" "requests" 3425; options.my.servers.ombi = inputs.self.lib.mkServerOptions "ombi" "requests" 3425 lib;
config.services.ombi = lib.mkIf cfg.enable { config.services.ombi = lib.mkIf cfg.enable {
inherit (cfg) enable port; inherit (cfg) enable port;
}; };

10
modules/servers/plex-discord-bot.nix
View File

@ -1,11 +1,15 @@
{ lib, config, ... }: {
lib,
config,
inputs,
...
}:
let let
cfg = config.my.servers.plex-discord-bot; cfg = config.my.servers.plex-discord-bot;
setup = import ../factories/mkserver.nix { inherit lib config; };
name = "plex-discord-bot"; name = "plex-discord-bot";
in in
{ {
options.my.servers.plex-discord-bot = setup.mkOptions name name 0; options.my.servers.plex-discord-bot = inputs.self.lib.mkServerOptions name name 0 lib;
config.virtualisation.oci-containers.containers.plex-discord-bot = lib.mkIf cfg.enable { config.virtualisation.oci-containers.containers.plex-discord-bot = lib.mkIf cfg.enable {
image = "ghcr.io/phin05/discord-rich-presence-plex:latest"; image = "ghcr.io/phin05/discord-rich-presence-plex:latest";
environment = { environment = {

4
modules/servers/plex.nix
View File

@ -1,14 +1,14 @@
{ {
lib, lib,
inputs,
config, config,
... ...
}: }:
let let
cfg = config.my.servers.plex; cfg = config.my.servers.plex;
setup = import ../factories/mkserver.nix { inherit lib config; };
in in
{ {
options.my.servers.plex = setup.mkOptions "plex" "plex" 32400; options.my.servers.plex = inputs.self.lib.mkServerOptions "plex" "plex" 32400 lib;
config.services = lib.mkIf (cfg.enable && config.my.secureHost) { config.services = lib.mkIf (cfg.enable && config.my.secureHost) {
plex = { plex = {
inherit (cfg) enable; inherit (cfg) enable;

4
modules/servers/portfolio.nix
View File

@ -1,14 +1,14 @@
{ {
config, config,
lib, lib,
inputs,
... ...
}: }:
let let
cfg = config.my.websites.portfolio; cfg = config.my.websites.portfolio;
setup = import ../factories/mkserver.nix { inherit lib config; };
in in
{ {
options.my.websites.portfolio = setup.mkOptions "portfolio" "portfolio" 0; options.my.websites.portfolio = inputs.self.lib.mkServerOptions "portfolio" "portfolio" 0 lib;
config.services.nginx.virtualHosts."danilo-reyes.com" = lib.mkIf cfg.enableProxy { config.services.nginx.virtualHosts."danilo-reyes.com" = lib.mkIf cfg.enableProxy {
forceSSL = true; forceSSL = true;
enableACME = true; enableACME = true;

4
modules/servers/prowlarr.nix
View File

@ -1,14 +1,14 @@
{ {
lib, lib,
inputs,
config, config,
... ...
}: }:
let let
cfg = config.my.servers.prowlarr; cfg = config.my.servers.prowlarr;
setup = import ../factories/mkserver.nix { inherit lib config; };
in in
{ {
options.my.servers.prowlarr = setup.mkOptions "prowlarr" "indexer" 9696; options.my.servers.prowlarr = inputs.self.lib.mkServerOptions "prowlarr" "indexer" 9696 lib;
config = lib.mkIf cfg.enable { config = lib.mkIf cfg.enable {
users.users.prowlarr = { users.users.prowlarr = {
group = "piracy"; group = "piracy";

10
modules/servers/radarr.nix
View File

@ -1,10 +1,14 @@
{ lib, config, ... }: {
lib,
config,
inputs,
...
}:
let let
cfg = config.my.servers.radarr; cfg = config.my.servers.radarr;
setup = import ../factories/mkserver.nix { inherit lib config; };
in in
{ {
options.my.servers.radarr = setup.mkOptions "radarr" "movies" 7878; options.my.servers.radarr = inputs.self.lib.mkServerOptions "radarr" "movies" 7878 lib;
config = lib.mkIf cfg.enable { config = lib.mkIf cfg.enable {
services.radarr = { services.radarr = {
inherit (cfg) enable; inherit (cfg) enable;

10
modules/servers/readeck.nix
View File

@ -1,10 +1,14 @@
{ lib, config, ... }: {
lib,
config,
inputs,
...
}:
let let
cfg = config.my.servers.readeck; cfg = config.my.servers.readeck;
setup = import ../factories/mkserver.nix { inherit lib config; };
in in
{ {
options.my.servers.readeck = setup.mkOptions "readeck" "laters" 9546; options.my.servers.readeck = inputs.self.lib.mkServerOptions "readeck" "laters" 9546 lib;
config = lib.mkIf (cfg.enable && config.my.secureHost) { config = lib.mkIf (cfg.enable && config.my.secureHost) {
sops.secrets.readeck.sopsFile = ../../secrets/env.yaml; sops.secrets.readeck.sopsFile = ../../secrets/env.yaml;
services.readeck = { services.readeck = {

10
modules/servers/ryot.nix
View File

@ -1,10 +1,14 @@
{ lib, config, ... }: {
lib,
config,
inputs,
...
}:
let let
cfg = config.my.servers.ryot; cfg = config.my.servers.ryot;
setup = import ../factories/mkserver.nix { inherit lib config; };
in in
{ {
options.my.servers.ryot = setup.mkOptions "ryot" "tracker" 8765; options.my.servers.ryot = inputs.self.lib.mkServerOptions "ryot" "tracker" 8765 lib;
config = lib.mkIf (cfg.enable && config.my.servers.postgres.enable && config.my.secureHost) { config = lib.mkIf (cfg.enable && config.my.servers.postgres.enable && config.my.secureHost) {
sops.secrets.ryot.sopsFile = ../../secrets/env.yaml; sops.secrets.ryot.sopsFile = ../../secrets/env.yaml;
virtualisation.oci-containers.containers.ryot = { virtualisation.oci-containers.containers.ryot = {

10
modules/servers/shiori.nix
View File

@ -1,10 +1,14 @@
{ lib, config, ... }: {
lib,
config,
inputs,
...
}:
let let
cfg = config.my.servers.shiori; cfg = config.my.servers.shiori;
setup = import ../factories/mkserver.nix { inherit lib config; };
in in
{ {
options.my.servers.shiori = setup.mkOptions "shiori" "bookmarks" 4368; options.my.servers.shiori = inputs.self.lib.mkServerOptions "shiori" "bookmarks" 4368 lib;
config = lib.mkIf (cfg.enable && config.my.servers.postgres.enable && config.my.secureHost) { config = lib.mkIf (cfg.enable && config.my.servers.postgres.enable && config.my.secureHost) {
sops.secrets.shiori.sopsFile = ../../secrets/env.yaml; sops.secrets.shiori.sopsFile = ../../secrets/env.yaml;
services.shiori = { services.shiori = {

10
modules/servers/sonarr.nix
View File

@ -1,10 +1,14 @@
{ lib, config, ... }: {
lib,
config,
inputs,
...
}:
let let
cfg = config.my.servers.sonarr; cfg = config.my.servers.sonarr;
setup = import ../factories/mkserver.nix { inherit lib config; };
in in
{ {
options.my.servers.sonarr = setup.mkOptions "sonarr" "series" 8989; options.my.servers.sonarr = inputs.self.lib.mkServerOptions "sonarr" "series" 8989 lib;
config.services.sonarr = lib.mkIf cfg.enable { config.services.sonarr = lib.mkIf cfg.enable {
inherit (cfg) enable; inherit (cfg) enable;
group = "piracy"; group = "piracy";

4
modules/servers/stash.nix
View File

@ -1,5 +1,6 @@
{ {
lib, lib,
inputs,
config, config,
pkgs, pkgs,
... ...
@ -7,7 +8,6 @@
let let
cfg = config.my.servers.stash; cfg = config.my.servers.stash;
cfgS = config.services.stash; cfgS = config.services.stash;
setup = import ../factories/mkserver.nix { inherit lib config; };
stashPythonFHS = pkgs.buildFHSEnv { stashPythonFHS = pkgs.buildFHSEnv {
name = "stash-python-fhs"; name = "stash-python-fhs";
targetPkgs = targetPkgs =
@ -28,7 +28,7 @@ let
}; };
in in
{ {
options.my.servers.stash = setup.mkOptions "stash" "xxx" 9999; options.my.servers.stash = inputs.self.lib.mkServerOptions "stash" "xxx" 9999 lib;
config = lib.mkIf (cfg.enable && config.my.secureHost) { config = lib.mkIf (cfg.enable && config.my.secureHost) {
sops.secrets = { sops.secrets = {
"stash/password".sopsFile = ../../secrets/secrets.yaml; "stash/password".sopsFile = ../../secrets/secrets.yaml;

6
modules/servers/synapse.nix
View File

@ -1,5 +1,6 @@
{ {
lib, lib,
inputs,
config, config,
pkgs, pkgs,
... ...
@ -8,7 +9,6 @@ let
cfg = config.my.servers.synapse; cfg = config.my.servers.synapse;
cfgE = config.my.servers.element; cfgE = config.my.servers.element;
domain = "wedsgk5ac2qcaf9yb.click"; domain = "wedsgk5ac2qcaf9yb.click";
setup = import ../factories/mkserver.nix { inherit lib config; };
clientConfig."m.homeserver".base_url = cfg.url; clientConfig."m.homeserver".base_url = cfg.url;
serverConfig."m.server" = "${cfg.host}:443"; serverConfig."m.server" = "${cfg.host}:443";
mkWellKnown = data: '' mkWellKnown = data: ''
@ -19,8 +19,8 @@ let
in in
{ {
options.my.servers = { options.my.servers = {
synapse = setup.mkOptions "synapse" "pYLemuAfsrzNBaH77xSu" 8008; synapse = inputs.self.lib.mkServerOptions "synapse" "pYLemuAfsrzNBaH77xSu" 8008 lib;
element = setup.mkOptions "element" "55a608953f6d64c199" 5345; element = inputs.self.lib.mkServerOptions "element" "55a608953f6d64c199" 5345 lib;
}; };
config = lib.mkIf (cfg.enable && config.my.secureHost) { config = lib.mkIf (cfg.enable && config.my.secureHost) {
my.servers = { my.servers = {

10
modules/servers/tranga.nix
View File

@ -1,10 +1,14 @@
{ config, lib, ... }: {
config,
lib,
inputs,
...
}:
let let
setup = import ../factories/mkserver.nix { inherit lib config; };
cfg = config.my.servers.tranga; cfg = config.my.servers.tranga;
in in
{ {
options.my.servers.tranga = setup.mkOptions "tranga" "tranga" 9555; options.my.servers.tranga = inputs.self.lib.mkServerOptions "tranga" "tranga" 9555 lib;
config = lib.mkIf cfg.enable { config = lib.mkIf cfg.enable {
virtualisation.oci-containers.containers = { virtualisation.oci-containers.containers = {
tranga-api = { tranga-api = {

4
modules/servers/vaultwarden.nix
View File

@ -1,15 +1,15 @@
{ {
lib, lib,
inputs,
config, config,
pkgs, pkgs,
... ...
}: }:
let let
cfg = config.my.servers.vaultwarden; cfg = config.my.servers.vaultwarden;
setup = import ../factories/mkserver.nix { inherit lib config; };
in in
{ {
options.my.servers.vaultwarden = setup.mkOptions "vaultwarden" "vault" 8222; options.my.servers.vaultwarden = inputs.self.lib.mkServerOptions "vaultwarden" "vault" 8222 lib;
config = lib.mkIf (cfg.enable && config.my.servers.postgres.enable && config.my.secureHost) { config = lib.mkIf (cfg.enable && config.my.servers.postgres.enable && config.my.secureHost) {
sops.secrets.vaultwarden.sopsFile = ../../secrets/env.yaml; sops.secrets.vaultwarden.sopsFile = ../../secrets/env.yaml;
services.vaultwarden = { services.vaultwarden = {

36
modules/shell/tools.nix
View File

@ -57,7 +57,7 @@ in
}; };
}; };
${shellType} = { ${shellType} = {
shellAliases = { shellAliases = inputs.self.lib.mergeAliases inputs.self.lib.commonAliases {
cd = "z"; cd = "z";
hh = "hstr"; hh = "hstr";
ls = "eza --icons --group-directories-first"; ls = "eza --icons --group-directories-first";
@ -70,26 +70,20 @@ in
uniq --count | sort -rn''; uniq --count | sort -rn'';
}; };
} }
// ( //
if shellType == "bash" then inputs.self.lib.shellConditional shellType
{ ''
initExtra = '' if command -v fzf-share >/dev/null; then
if command -v fzf-share >/dev/null; then source "$(fzf-share)/key-bindings.bash"
source "$(fzf-share)/key-bindings.bash" source "$(fzf-share)/completion.bash"
source "$(fzf-share)/completion.bash" fi
fi ''
''; ''
} if command -v fzf-share >/dev/null; then
else source "$(fzf-share)/key-bindings.bash"
{ source "$(fzf-share)/completion.bash"
initContent = '' fi
if command -v fzf-share >/dev/null; then '';
source "$(fzf-share)/key-bindings.bash"
source "$(fzf-share)/completion.bash"
fi
'';
}
);
}; };
programs = { programs = {
starship.enable = true; starship.enable = true;

224
parts/core.nix Normal file
View File

@ -0,0 +1,224 @@
{ inputs, ... }:
let
system = "x86_64-linux";
mkpkgs =
repo:
import repo {
inherit system;
config.allowUnfree = true;
};
in
{
systems = [ system ];
flake = {
lib = {
commonModules = name: [
../hosts/${name}/configuration.nix
inputs.nur.modules.nixos.default
inputs.sops-nix.nixosModules.sops
inputs.stylix.nixosModules.stylix
inputs.nixtendo-switch.nixosModules.nixtendo-switch
{
nixpkgs.overlays = [
(import ../config/overlay.nix { inherit mkpkgs inputs; })
inputs.doom-emacs.overlays.default
];
}
{
nix.registry = {
jawz.flake = inputs.self;
unstable.flake = inputs.nixpkgs-unstable;
};
}
];
createConfig =
name: local-nixpkgs:
let
lib = local-nixpkgs.lib // inputs.home-manager.lib;
in
lib.nixosSystem {
inherit system;
modules = inputs.self.lib.commonModules name;
specialArgs = {
inherit inputs;
outputs = inputs.self;
};
};
langList =
builtins.readDir ../modules/dev
|> builtins.attrNames
|> map (file: baseNameOf file |> builtins.replaceStrings [ ".nix" ] [ "" ])
|> builtins.filter (name: name != "emacs");
autoImport =
dir: filterFn:
builtins.readDir dir
|> builtins.attrNames
|> builtins.filter (file: builtins.match ".*\\.nix" file != null && filterFn file)
|> map (file: dir + "/${file}");
mkServerOptions = name: subdomain: port: lib: {
enable = lib.mkEnableOption "this server service";
enableCron = lib.mkEnableOption "enable cronjob";
enableProxy = lib.mkEnableOption "enable reverse proxy";
port = lib.mkOption {
type = lib.types.int;
default = port;
};
name = lib.mkOption {
type = lib.types.str;
default = name;
};
domain = lib.mkOption {
type = lib.types.str;
default = "servidos.lat";
};
host = lib.mkOption {
type = lib.types.str;
default = "${subdomain}.servidos.lat";
};
hostName = lib.mkOption {
type = lib.types.str;
default = "miniserver";
};
url = lib.mkOption {
type = lib.types.str;
default = "https://${subdomain}.servidos.lat";
};
ip = lib.mkOption {
type = lib.types.str;
default = "127.0.0.1";
};
local = lib.mkOption {
type = lib.types.str;
default = "http://127.0.0.1:${toString port}";
};
isLocal = lib.mkOption {
type = lib.types.bool;
default = true;
};
enableSocket = lib.mkOption {
type = lib.types.bool;
default = false;
};
certPath = lib.mkOption {
type = lib.types.nullOr lib.types.path;
default = null;
};
};
proxy = locations: {
inherit locations;
forceSSL = true;
enableACME = true;
http2 = true;
};
proxyReverse =
cfg:
inputs.self.lib.proxy {
"/" = {
proxyPass = "http://${cfg.ip}:${toString cfg.port}/";
proxyWebsockets = cfg.enableSocket or false;
};
};
proxyReverseFix =
cfg:
let
useLocalhost = cfg.hostName == cfg.hostName;
localHeaders = ''
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
'';
in
inputs.self.lib.proxyReverse cfg
// {
extraConfig = ''
${if useLocalhost then localHeaders else ""}
proxy_set_header X-Forwarded-Host $host;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $http_connection;
proxy_redirect off;
proxy_http_version 1.1;
'';
};
proxyReversePrivate =
cfg:
inputs.self.lib.proxyReverse cfg
// {
extraConfig = ''
ssl_verify_client on;
ssl_client_certificate ${cfg.certPath};
error_page 403 /403.html;
'';
};
commonAliases = {
cp = "cp -i";
mv = "mv -i";
mkdir = "mkdir -p";
mkcd = "(){ mkdir -p \"$1\" && cd \"$1\" }";
copy = "xclip -selection clipboard";
cdp = "pwd | copy";
cfp = "(){ readlink -f \"$1\" | copy }";
".." = "cd ..";
"..." = "cd ../..";
".3" = "cd ../../..";
".4" = "cd ../../../..";
".5" = "cd ../../../../..";
c = "cat";
sc = "systemctl --user";
jc = "journalctl --user -xefu";
};
xdgEnvironment =
let
XDG_DATA_HOME = "\${HOME}/.local/share";
XDG_CONFIG_HOME = "\${HOME}/.config";
XDG_CACHE_HOME = "\${HOME}/.cache";
in
{
inherit XDG_DATA_HOME XDG_CONFIG_HOME XDG_CACHE_HOME;
XDG_BIN_HOME = "\${HOME}/.local/bin";
XDG_STATE_HOME = "\${HOME}/.local/state";
PSQL_HISTORY = "${XDG_DATA_HOME}/psql_history";
REDISCLI_HISTFILE = "${XDG_DATA_HOME}/redis/rediscli_history";
WINEPREFIX = "${XDG_DATA_HOME}/wine";
ELECTRUMDIR = "${XDG_DATA_HOME}/electrum";
WGETRC = "${XDG_CONFIG_HOME}/wgetrc";
XCOMPOSECACHE = "${XDG_CACHE_HOME}/X11/xcompose";
"_JAVA_OPTIONS" = "-Djava.util.prefs.userRoot=${XDG_CONFIG_HOME}/java";
ORG_DEVICE = "workstation";
PATH = [ "\${HOME}/.local/bin" ];
};
getNixosHosts =
ips: hostName: lib:
builtins.attrNames ips
|> builtins.filter (
name: !(lib.hasPrefix "wg-" name) && name != "vps" && name != "router" && name != hostName
);
shellConditional =
shellType: bashContent: zshContent:
if shellType == "bash" then { initExtra = bashContent; } else { initContent = zshContent; };
mergeAliases = baseAliases: extraAliases: baseAliases // extraAliases;
getServicesWithNativeFirewall =
config: blacklist:
config.my.servers
|> builtins.attrNames
|> builtins.filter (
name:
(config.my.servers.${name}.enable or false)
&& !(builtins.elem name blacklist)
&& builtins.hasAttr name config.services
&& (config.services.${name} ? openFirewall)
);
generateFirewallPorts =
config: nativeServices: lib:
config.my.network.firewall.staticPorts
++ config.my.network.firewall.additionalPorts
++ (
config.my.servers
|> lib.filterAttrs (
name: srv: (srv.enable or false) && (srv ? port) && !(builtins.elem name nativeServices)
)
|> lib.attrValues
|> map (srv: srv.port)
);
};
};
}

12
parts/devshells.nix Normal file
View File

@ -0,0 +1,12 @@
{ inputs, ... }:
{
perSystem = _: {
devShells =
inputs.self.lib.langList
|> map (name: {
inherit name;
value = inputs.self.nixosConfigurations.emacs.config.devShells.${name};
})
|> builtins.listToAttrs;
};
}

10
parts/hosts.nix Normal file
View File

@ -0,0 +1,10 @@
{ inputs, ... }:
{
flake.nixosConfigurations = {
workstation = inputs.self.lib.createConfig "workstation" inputs.nixpkgs;
miniserver = inputs.self.lib.createConfig "miniserver" inputs.nixpkgs-small;
server = inputs.self.lib.createConfig "server" inputs.nixpkgs-small;
galaxy = inputs.self.lib.createConfig "galaxy" inputs.nixpkgs-small;
emacs = inputs.self.lib.createConfig "emacs" inputs.nixpkgs;
};
}

18
parts/packages.nix Normal file
View File

@ -0,0 +1,18 @@
{ inputs, ... }:
{
perSystem =
{ system, ... }:
{
packages = (inputs.jawz-scripts.packages.${system} or { }) // {
emacs-vm = inputs.nixos-generators.nixosGenerate {
inherit system;
modules = inputs.self.lib.commonModules "emacs";
format = "vm";
specialArgs = {
inherit inputs;
outputs = inputs.self;
};
};
};
};
}