diff --git a/.gitmodules b/.gitmodules index d6d2845..d282180 100644 --- a/.gitmodules +++ b/.gitmodules @@ -1,15 +1,15 @@ [submodule "nvim"] - path = user/modules/neovim/nvim + path = src/user/modules/utils/modules/neovim/config/nvim url = https://github.com/itme-brain/nvim.git [submodule "vim"] - path = user/modules/vim/vim + path = src/user/modules/utils/modules/vim/vim url = https://github.com/itme-brain/vim.git [submodule "git"] - path = user/modules/git/git + path = src/user/modules/git/git url = https://github.com/itme-brain/git.git [submodule "bash"] - path = user/modules/bash/bash + path = src/user/modules/bash/config/bash url = https://github.com/itme-brain/bash.git diff --git a/README.md b/README.md index 2bc89c4..cc8dc2d 100644 --- a/README.md +++ b/README.md @@ -1,27 +1,23 @@ -# NixOS Configuration +# My Nix Configurations ๐Ÿ’ป -Modular NixOS flake configuration with home-manager integration. +My modular Nix configs ๐Ÿ”ฅ -## Requirements +## Requirements โš™๏ธ -- [Nix with Flakes](https://nixos.wiki/wiki/Flakes#Enable_flakes_permanently_in_NixOS) +- [Nix 2.0 & Flakes enabled](https://nixos.wiki/wiki/Flakes#Enable_flakes_permanently_in_NixOS) - [NixOS](https://www.nixos.org/) for system configurations -- [Home-Manager](https://nix-community.github.io/home-manager/) for user configurations +- [Nix Home-Manager](https://nix-community.github.io/home-manager/index.xhtml#sec-flakes-standalone) for user configurations -## Flake Outputs +## Flake Endpoints โ„๏ธ -| Configuration | Description | -|---------------|-------------| -| `desktop` | Primary workstation | -| `server` | Home server | -| `wsl` | Windows Subsystem for Linux | +NixOS Configurations: `desktop` ยท `workstation` ยท `server` (wip) ยท `vm` ยท `wsl` -## Fresh Install +## Fresh Install ๐Ÿš€ From the NixOS live installer: ```bash -# Enable flakes +# Enable flakes (not enabled by default on installer) echo "experimental-features = nix-command flakes" | sudo tee -a /etc/nix/nix.conf # Clone repo @@ -33,90 +29,117 @@ nix develop just install desktop ``` -## Getting Started +Replace `desktop` with `workstation` or `vm` as needed. + +## Getting Started ๐Ÿ”ง ```bash git clone --recurse-submodules git@github.com:itme-brain/nixos.git -cd nixos -nix develop -just ``` -**Note:** Replace `hardware.nix` in `system/machines/` with output from `nixos-generate-config` for your hardware. +Enter the dev shell with `nix develop`, then run `just` to see available project scripts. -## Directory Structure +Useful resources: +- [nixpkgs Packages](https://search.nixos.org/packages) ๐Ÿ“ฆ๏ธ +- [nixpkgs Options](https://search.nixos.org/options?) ๐Ÿ”๏ธ +- [Home-Manager Options](https://mipmip.github.io/home-manager-option-search/) โ˜•๏ธ + +โš ๏ธ Be sure to tailor any hardware settings to your own โ€” replace the `hardware.nix` in `src/system/machines/` with output from `nixos-generate-config` + +## Submodules ๐Ÿ”— + +Standalone portable configurations maintained as separate repos. Each can be cloned independently on any system โ€” NixOS or not. + +| Submodule | Purpose | Repo | Standalone Install | +|-----------|---------|------|--------------------| +| **nvim** | Full IDE (LSP, treesitter, telescope) | [itme-brain/nvim](https://github.com/itme-brain/nvim) | `git clone git@github.com:itme-brain/nvim.git ~/.config/nvim` | +| **vim** | Lightweight editor for headless servers | [itme-brain/vim](https://github.com/itme-brain/vim) | `git clone git@github.com:itme-brain/vim.git ~/.vim` | + +```bash +# Update a submodule +cd +git add . && git commit -m "your changes" && git push +cd /path/to/nixos +git add && git commit -m "Update submodule" + +# Pull submodule updates from remote +git submodule update --remote +git add && git commit -m "Update submodule" +``` + +## Directory Structure ๐Ÿ—‚๏ธ ``` . -โ”œโ”€โ”€ flake.nix +โ”œโ”€โ”€ flake.nix # Flake entrypoint - defines all NixOS configurations โ”œโ”€โ”€ flake.lock -โ”œโ”€โ”€ justfile -โ”‚ -โ”œโ”€โ”€ system/ -โ”‚ โ”œโ”€โ”€ keys/ # Machine SSH keys -โ”‚ โ”‚ โ””โ”€โ”€ desktop/ -โ”‚ โ””โ”€โ”€ machines/ -โ”‚ โ”œโ”€โ”€ desktop/ -โ”‚ โ”‚ โ”œโ”€โ”€ default.nix # Machine entry point -โ”‚ โ”‚ โ”œโ”€โ”€ hardware.nix # Hardware config -โ”‚ โ”‚ โ”œโ”€โ”€ system.nix # System settings -โ”‚ โ”‚ โ””โ”€โ”€ modules/ -โ”‚ โ”‚ โ”œโ”€โ”€ disko/ # Disk partitioning -โ”‚ โ”‚ โ””โ”€โ”€ home-manager/ # Home-manager integration -โ”‚ โ”œโ”€โ”€ server/ # Server (same structure) -โ”‚ โ””โ”€โ”€ wsl/ # WSL (same structure) -โ”‚ -โ””โ”€โ”€ user/ - โ”œโ”€โ”€ default.nix # User options (name, email, keys) - โ”œโ”€โ”€ home.nix # Shared home-manager defaults - โ”œโ”€โ”€ bookmarks/ - โ”œโ”€โ”€ keys/ - โ”‚ โ”œโ”€โ”€ age/ - โ”‚ โ”œโ”€โ”€ pgp/ - โ”‚ โ””โ”€โ”€ ssh/ - โ””โ”€โ”€ modules/ - โ”œโ”€โ”€ bash/bash/ # Shell (submodule) - โ”œโ”€โ”€ git/git/ # Git (submodule) - โ”œโ”€โ”€ neovim/nvim/ # Neovim (submodule) - โ”œโ”€โ”€ vim/vim/ # Vim (submodule) - โ”œโ”€โ”€ tmux/ - โ”œโ”€โ”€ dev/ # CLI dev tools - โ”œโ”€โ”€ security/ - โ”‚ โ”œโ”€โ”€ gpg/ - โ”‚ โ””โ”€โ”€ yubikey/ - โ”œโ”€โ”€ utils/ - โ”‚ โ”œโ”€โ”€ dev/ # Dev tools (claude-code, direnv, etc.) - โ”‚ โ”œโ”€โ”€ email/ - โ”‚ โ”œโ”€โ”€ irc/ - โ”‚ โ””โ”€โ”€ writing/ - โ””โ”€โ”€ gui/ - โ”œโ”€โ”€ default.nix # Browser-focused mimeApps - โ”œโ”€โ”€ wm/ - โ”‚ โ”œโ”€โ”€ hyprland/ - โ”‚ โ””โ”€โ”€ sway/ - โ”œโ”€โ”€ browsers/ - โ”œโ”€โ”€ alacritty/ - โ”œโ”€โ”€ dev/ - โ”‚ โ”œโ”€โ”€ pcb/ # Arduino, KiCad - โ”‚ โ””โ”€โ”€ design/ # Penpot - โ”œโ”€โ”€ corn/ - โ”œโ”€โ”€ fun/ - โ””โ”€โ”€ utils/ +โ”œโ”€โ”€ justfile # Project scripts (via `just`) +โ”œโ”€โ”€ system.configs -> src/system/machines/ # Symlink for quick access +โ”œโ”€โ”€ user.configs -> src/user/config/ # Symlink for quick access +โ””โ”€โ”€ src/ + โ”œโ”€โ”€ system/ # System-level (NixOS) configuration + โ”‚ โ”œโ”€โ”€ machines/ # Per-machine NixOS configurations + โ”‚ โ”‚ โ”œโ”€โ”€ desktop/ # Desktop config (flake: nixosConfigurations.desktop) + โ”‚ โ”‚ โ”‚ โ”œโ”€โ”€ default.nix # Machine entry point + โ”‚ โ”‚ โ”‚ โ”œโ”€โ”€ hardware.nix # Machine-specific hardware config + โ”‚ โ”‚ โ”‚ โ”œโ”€โ”€ system.nix # System-level settings + โ”‚ โ”‚ โ”‚ โ””โ”€โ”€ modules/ + โ”‚ โ”‚ โ”‚ โ”œโ”€โ”€ disko/ # Disk partitioning (disko) + โ”‚ โ”‚ โ”‚ โ””โ”€โ”€ home-manager/ # Home-manager integration + home.nix + โ”‚ โ”‚ โ”œโ”€โ”€ workstation/ # Workstation config (same structure as desktop) + โ”‚ โ”‚ โ”œโ”€โ”€ server/ # Server config (no disko) + โ”‚ โ”‚ โ”œโ”€โ”€ vm/ # VM config + โ”‚ โ”‚ โ”œโ”€โ”€ wsl/ # WSL config (includes wsl module) + โ”‚ โ”‚ โ””โ”€โ”€ laptop/ # Laptop config (stub) + โ”‚ โ””โ”€โ”€ modules/ # Shared system modules (imported by machines) + โ”‚ โ”œโ”€โ”€ default.nix + โ”‚ โ”œโ”€โ”€ bitcoin/ # Bitcoin node + electrum server + โ”‚ โ”œโ”€โ”€ forgejo/ # Self-hosted Forgejo + โ”‚ โ””โ”€โ”€ nginx/ # Nginx reverse proxy + โ”‚ + โ””โ”€โ”€ user/ # User-level (home-manager) configuration + โ”œโ”€โ”€ default.nix # User module entry point + โ”œโ”€โ”€ config/ # User identity & settings + โ”‚ โ”œโ”€โ”€ default.nix # Common user variables (username, email, etc.) + โ”‚ โ”œโ”€โ”€ bookmarks/ # Browser bookmarks + โ”‚ โ”œโ”€โ”€ keys/ # Public keys + โ”‚ โ”‚ โ”œโ”€โ”€ pgp/ # PGP public keys + โ”‚ โ”‚ โ””โ”€โ”€ ssh/ # SSH public keys + โ”‚ โ”œโ”€โ”€ nvim # Symlink to neovim submodule config + โ”‚ โ””โ”€โ”€ vim # Symlink to vim submodule config + โ””โ”€โ”€ modules/ # Home-manager modules + โ”œโ”€โ”€ bash/ # Shell config (aliases, prompt, bashrc) + โ”œโ”€โ”€ git/ # Git config + helper scripts + โ”œโ”€โ”€ tmux/ # Tmux config + โ”œโ”€โ”€ security/ # Security tools (GPG) + โ”œโ”€โ”€ utils/ # CLI utilities + โ”‚ โ””โ”€โ”€ modules/ + โ”‚ โ”œโ”€โ”€ dev/ # Dev tools (penpot, PCB design) + โ”‚ โ”œโ”€โ”€ email/ # Email client (aerc) + โ”‚ โ”œโ”€โ”€ irc/ # IRC client + โ”‚ โ”œโ”€โ”€ neovim/ # Neovim (config is a git submodule) + โ”‚ โ””โ”€โ”€ vim/ # Vim lightweight (config is a git submodule) + โ””โ”€โ”€ gui/ # GUI applications + โ”œโ”€โ”€ modules/ + โ”‚ โ”œโ”€โ”€ alacritty/ # Terminal emulator + โ”‚ โ”œโ”€โ”€ browsers/ # Firefox & Chromium + โ”‚ โ”œโ”€โ”€ corn/ # Corn app + โ”‚ โ”œโ”€โ”€ fun/ # Discord, etc. + โ”‚ โ”œโ”€โ”€ utils/ # GUI utilities + โ”‚ โ””โ”€โ”€ writing/ # Writing tools + โ””โ”€โ”€ wm/ # Window managers + โ”œโ”€โ”€ hyprland/ # Hyprland (Wayland) + waybar, rofi + โ”œโ”€โ”€ sway/ # Sway (Wayland) + rofi + โ”œโ”€โ”€ i3/ # i3 (X11) + rofi + โ””โ”€โ”€ shared/ # Shared WM config (mimeapps) ``` -## Architecture +### How it works -**flake.nix** defines NixOS configurations that reference machines under `system/machines/`. -Each machine imports its hardware, system settings, and home-manager config. +**flake.nix** defines NixOS configurations (desktop, workstation, server, wsl) that each reference a machine under `src/system/machines/`. Each machine's `default.nix` pulls in its own `hardware.nix`, `system.nix`, and per-machine modules (disko, home-manager). -**user/home.nix** provides shared defaults for all users: -- Essential packages -- Default modules +The **system layer** (`src/system/`) handles NixOS-level concerns: hardware, bootloader, networking, and system services. Shared modules in `src/system/modules/` can be imported by any machine. -**Machine home.nix** imports user defaults and enables machine-specific modules. +The **user layer** (`src/user/`) handles home-manager configuration. `src/user/config/` defines user identity (name, email, keys), while `src/user/modules/` contains modular home-manager configs for individual tools. Each machine's `home-manager/home.nix` selects which user modules to enable. -## Resources - -- [nixpkgs Packages](https://search.nixos.org/packages) -- [nixpkgs Options](https://search.nixos.org/options) -- [Home-Manager Options](https://home-manager-options.extranix.com) +Root symlinks `system.configs` and `user.configs` provide quick access to machine definitions and user config from the repo root. diff --git a/flake.lock b/flake.lock index 05e035a..7875441 100644 --- a/flake.lock +++ b/flake.lock @@ -102,11 +102,11 @@ }, "nixpkgs": { "locked": { - "lastModified": 1773375660, - "narHash": "sha256-SEzUWw2Rf5Ki3bcM26nSKgbeoqi2uYy8IHVBqOKjX3w=", + "lastModified": 1772822230, + "narHash": "sha256-yf3iYLGbGVlIthlQIk5/4/EQDZNNEmuqKZkQssMljuw=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "3e20095fe3c6cbb1ddcef89b26969a69a1570776", + "rev": "71caefce12ba78d84fe618cf61644dce01cf3a96", "type": "github" }, "original": { diff --git a/flake.nix b/flake.nix index 0f39bd7..0fd5913 100644 --- a/flake.nix +++ b/flake.nix @@ -22,36 +22,66 @@ }; }; - outputs = { nixpkgs, nur, ... }@inputs: + outputs = { nixpkgs, nur, home-manager, nixos-wsl, disko, ... }: let - mkPkgs = system: import nixpkgs { + system = "x86_64-linux"; + pkgs = import nixpkgs { inherit system; config = { allowUnfree = true; - nvidia.acceptLicense = true; + nvidia.acceptLicense = true; }; overlays = [ nur.overlays.default ]; }; - mkSystem = { path, system ? "x86_64-linux" }: - let pkgs = mkPkgs system; - in nixpkgs.lib.nixosSystem { - inherit system pkgs; - specialArgs = { inherit inputs; }; - modules = [ path ]; - }; - in + with pkgs; { nixosConfigurations = { - desktop = mkSystem { path = ./system/machines/desktop; }; - server = mkSystem { path = ./system/machines/server; }; - wsl = mkSystem { path = ./system/machines/wsl; }; + desktop = nixpkgs.lib.nixosSystem { + inherit system pkgs; + modules = [ + disko.nixosModules.disko + ./src/system/machines/desktop + home-manager.nixosModules.home-manager + (import ./src/system/machines/desktop/modules/home-manager) + ]; + }; + + workstation = nixpkgs.lib.nixosSystem { + inherit system pkgs; + modules = [ + ./src/system/machines/workstation + home-manager.nixosModules.home-manager + (import ./src/system/machines/workstation/modules/home-manager) + ]; + }; + + server = nixpkgs.lib.nixosSystem { + inherit system pkgs; + modules = [ + disko.nixosModules.disko + ./src/system/machines/server + home-manager.nixosModules.home-manager + (import ./src/system/machines/server/modules/home-manager) + ]; + }; + + wsl = nixpkgs.lib.nixosSystem { + inherit system pkgs; + modules = [ + ./src/system/machines/wsl + nixos-wsl.nixosModules.wsl + (import ./src/system/machines/wsl/modules/wsl) + home-manager.nixosModules.home-manager + (import ./src/system/machines/wsl/modules/home-manager) + ]; + }; }; - devShells.x86_64-linux.default = with mkPkgs "x86_64-linux"; mkShell { + devShells.${system}.default = mkShell { name = "devShell"; packages = [ just diff --git a/justfile b/justfile index f2aea1d..dedac40 100644 --- a/justfile +++ b/justfile @@ -1,5 +1,5 @@ SYSTEM := "$(echo $HOSTNAME)" -VALID_SYSTEMS := "desktop server wsl" +VALID_SYSTEMS := "desktop workstation server wsl vm laptop" # Print this list default: @@ -10,7 +10,7 @@ default: _validate SYSTEM: #!/usr/bin/env bash case "{{SYSTEM}}" in - desktop|server|wsl) ;; + desktop|workstation|server|wsl|vm|laptop) ;; *) echo "Error: Unknown system '{{SYSTEM}}'. Use one of: {{VALID_SYSTEMS}}"; exit 1 ;; esac @@ -42,7 +42,7 @@ out SYSTEM="desktop": (_validate SYSTEM) # Test switch into the next generation [group('nixos')] -test SYSTEM=SYSTEM: (_validate SYSTEM) +test SYSTEM="desktop": (_validate SYSTEM) @echo "Testing switching to next NixOS generation for {{SYSTEM}}..." @sudo nixos-rebuild test --flake .#{{SYSTEM}} @@ -105,7 +105,7 @@ partition SYSTEM: #!/usr/bin/env bash set -euo pipefail - DISKO_CONFIG="./system/machines/{{SYSTEM}}/modules/disko/default.nix" + DISKO_CONFIG="./src/system/machines/{{SYSTEM}}/modules/disko/default.nix" if [[ ! -f "$DISKO_CONFIG" ]]; then echo "Error: No disko config for '{{SYSTEM}}'" @@ -172,7 +172,7 @@ install SYSTEM: #!/usr/bin/env bash set -euo pipefail - DISKO_CONFIG="./system/machines/{{SYSTEM}}/modules/disko/default.nix" + DISKO_CONFIG="./src/system/machines/{{SYSTEM}}/modules/disko/default.nix" if [[ ! -f "$DISKO_CONFIG" ]]; then echo "Error: No disko config for '{{SYSTEM}}'" diff --git a/src/system/config/default.nix b/src/system/config/default.nix new file mode 100644 index 0000000..4bb4315 --- /dev/null +++ b/src/system/config/default.nix @@ -0,0 +1,14 @@ +{ lib, pkgs, config, ... }: + +with lib; +{ + options = { + machines = mkOption { + description = "Machine Configurations"; + type = types.attrs; + default = { + keys = import ./keys { inherit lib; }; + }; + }; + }; +} diff --git a/user/keys/default.nix b/src/system/config/keys/default.nix similarity index 100% rename from user/keys/default.nix rename to src/system/config/keys/default.nix diff --git a/src/system/config/keys/desktop/README.md b/src/system/config/keys/desktop/README.md new file mode 100644 index 0000000..355d803 --- /dev/null +++ b/src/system/config/keys/desktop/README.md @@ -0,0 +1,3 @@ +# Desktop Keys + +ssh.pub.key - ~/.ssh/id_rsa diff --git a/system/keys/desktop/ssh.pub.key b/src/system/config/keys/desktop/ssh.pub.key similarity index 100% rename from system/keys/desktop/ssh.pub.key rename to src/system/config/keys/desktop/ssh.pub.key diff --git a/system/machines/desktop/README.md b/src/system/machines/desktop/README.md similarity index 100% rename from system/machines/desktop/README.md rename to src/system/machines/desktop/README.md diff --git a/src/system/machines/desktop/default.nix b/src/system/machines/desktop/default.nix new file mode 100644 index 0000000..99a49af --- /dev/null +++ b/src/system/machines/desktop/default.nix @@ -0,0 +1,11 @@ +{ ... }: + +{ + imports = [ + ../../../user/config + ../../config + ./hardware.nix + ./system.nix + ./modules/disko + ]; +} diff --git a/system/machines/desktop/hardware.nix b/src/system/machines/desktop/hardware.nix similarity index 93% rename from system/machines/desktop/hardware.nix rename to src/system/machines/desktop/hardware.nix index a4183c8..3d41249 100644 --- a/system/machines/desktop/hardware.nix +++ b/src/system/machines/desktop/hardware.nix @@ -50,8 +50,6 @@ with lib; cudaPackages.cudatoolkit cudaPackages.cudnn - - nvidia-vaapi-driver ]; hardware = { @@ -72,9 +70,6 @@ with lib; }; }; - # Despite confusing name, this configures userspace nvidia libraries - services.xserver.videoDrivers = [ "nvidia" ]; - virtualisation.libvirtd = { enable = true; qemu = { diff --git a/system/machines/desktop/modules/disko/default.nix b/src/system/machines/desktop/modules/disko/default.nix similarity index 100% rename from system/machines/desktop/modules/disko/default.nix rename to src/system/machines/desktop/modules/disko/default.nix diff --git a/system/machines/desktop/modules/home-manager/default.nix b/src/system/machines/desktop/modules/home-manager/default.nix similarity index 100% rename from system/machines/desktop/modules/home-manager/default.nix rename to src/system/machines/desktop/modules/home-manager/default.nix diff --git a/src/system/machines/desktop/modules/home-manager/home.nix b/src/system/machines/desktop/modules/home-manager/home.nix new file mode 100644 index 0000000..10a5808 --- /dev/null +++ b/src/system/machines/desktop/modules/home-manager/home.nix @@ -0,0 +1,72 @@ +{ config, ... }: + +{ + home-manager.useGlobalPkgs = true; + home-manager.useUserPackages = true; + home-manager.extraSpecialArgs = { + monitors = config.monitors; + }; + home-manager.users.${config.user.name} = { + imports = [ ../../../../../user ]; + + programs.home-manager.enable = true; + + programs.ssh = { + enable = true; + enableDefaultConfig = false; + matchBlocks = { + "*" = { + serverAliveInterval = 60; + serverAliveCountMax = 3; + }; + "server" = { + hostname = "192.168.0.154"; + user = "bryan"; + }; + }; + }; + + home.stateVersion = "23.11"; + + home.username = "${config.user.name}"; + home.homeDirectory = "/home/${config.user.name}"; + + modules = { + user = { + bash.enable = true; + git.enable = true; + + security = { + enable = true; + gpg.enable = true; + }; + + tmux.enable = true; + + utils = { + enable = true; + dev = { + enable = true; + }; + irc.enable = true; + neovim.enable = true; + vim.enable = false; + }; + + gui = { + wm.hyprland.enable = true; + + browser = { + firefox.enable = true; + }; + + alacritty.enable = true; + corn.enable = true; + fun.enable = true; + utils.enable = true; + writing.enable = true; + }; + }; + }; + }; +} diff --git a/system/machines/desktop/system.nix b/src/system/machines/desktop/system.nix similarity index 100% rename from system/machines/desktop/system.nix rename to src/system/machines/desktop/system.nix diff --git a/src/system/machines/laptop/default.nix b/src/system/machines/laptop/default.nix new file mode 100644 index 0000000..25dcc80 --- /dev/null +++ b/src/system/machines/laptop/default.nix @@ -0,0 +1 @@ +#TODO: nixify the shitty laptop diff --git a/system/machines/server/README.md b/src/system/machines/server/README.md similarity index 100% rename from system/machines/server/README.md rename to src/system/machines/server/README.md diff --git a/src/system/machines/server/default.nix b/src/system/machines/server/default.nix new file mode 100644 index 0000000..c71ec8a --- /dev/null +++ b/src/system/machines/server/default.nix @@ -0,0 +1,10 @@ +{ ... }: + +{ + imports = [ + ../../../user/config + ../../config + ./hardware.nix + ./system.nix + ]; +} diff --git a/system/machines/server/hardware.nix b/src/system/machines/server/hardware.nix similarity index 87% rename from system/machines/server/hardware.nix rename to src/system/machines/server/hardware.nix index 8e9e3c5..fb45e7f 100644 --- a/system/machines/server/hardware.nix +++ b/src/system/machines/server/hardware.nix @@ -1,7 +1,10 @@ { config, lib, pkgs, modulesPath, ... }: { - imports = [ (modulesPath + "/installer/scan/not-detected.nix") ]; + imports = [ + (modulesPath + "/installer/scan/not-detected.nix") + ./modules/disko + ]; boot = { initrd = { diff --git a/src/system/machines/server/modules/default.nix b/src/system/machines/server/modules/default.nix new file mode 100644 index 0000000..1649694 --- /dev/null +++ b/src/system/machines/server/modules/default.nix @@ -0,0 +1,5 @@ +{ + imports = [ + ./home + ]; +} diff --git a/system/machines/server/modules/disko/default.nix b/src/system/machines/server/modules/disko/default.nix similarity index 100% rename from system/machines/server/modules/disko/default.nix rename to src/system/machines/server/modules/disko/default.nix diff --git a/src/system/machines/server/modules/home-manager/default.nix b/src/system/machines/server/modules/home-manager/default.nix new file mode 100644 index 0000000..d3a7e46 --- /dev/null +++ b/src/system/machines/server/modules/home-manager/default.nix @@ -0,0 +1,33 @@ +{ config, ... }: + +{ + home-manager.useGlobalPkgs = true; + home-manager.useUserPackages = true; + home-manager.users.${config.user.name} = { + imports = [ ../../../../../user ]; + + programs.home-manager.enable = true; + + home.stateVersion = "25.11"; + + home.username = "${config.user.name}"; + home.homeDirectory = "/home/${config.user.name}"; + + modules = { + user = { + bash.enable = true; + git.enable = true; + tmux.enable = true; + + security = { + gpg.enable = true; + }; + + utils = { + enable = true; + vim.enable = true; + }; + }; + }; + }; +} diff --git a/system/machines/server/system.nix b/src/system/machines/server/system.nix similarity index 98% rename from system/machines/server/system.nix rename to src/system/machines/server/system.nix index fe487f5..c290f9d 100644 --- a/system/machines/server/system.nix +++ b/src/system/machines/server/system.nix @@ -2,14 +2,13 @@ { system.stateVersion = "25.11"; - imports = [ ./modules ]; + imports = [ ../../modules ]; modules.system = { nginx.enable = true; forgejo.enable = true; frigate.enable = true; immich.enable = true; - webdav.enable = false; # bitcoin = { # enable = true; # electrum.enable = true; diff --git a/src/system/machines/vm/default.nix b/src/system/machines/vm/default.nix new file mode 100644 index 0000000..c71ec8a --- /dev/null +++ b/src/system/machines/vm/default.nix @@ -0,0 +1,10 @@ +{ ... }: + +{ + imports = [ + ../../../user/config + ../../config + ./hardware.nix + ./system.nix + ]; +} diff --git a/src/system/machines/vm/hardware.nix b/src/system/machines/vm/hardware.nix new file mode 100644 index 0000000..43d1680 --- /dev/null +++ b/src/system/machines/vm/hardware.nix @@ -0,0 +1,14 @@ +{ config, lib, modulesPath, ... }: + +{ + imports = [ (modulesPath + "/installer/scan/not-detected.nix") ]; + + boot.initrd.availableKernelModules = [ "xhci_pci" "ehci_pci" "ahci" "usbhid" "sd_mod" "sr_mod" ]; + boot.initrd.kernelModules = [ "dm-snapshot" ]; + boot.kernelModules = [ "kvm-intel" ]; + boot.extraModulePackages = [ ]; + + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; + powerManagement.cpuFreqGovernor = lib.mkDefault "performance"; + hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; +} diff --git a/src/system/machines/vm/modules/default.nix b/src/system/machines/vm/modules/default.nix new file mode 100644 index 0000000..1649694 --- /dev/null +++ b/src/system/machines/vm/modules/default.nix @@ -0,0 +1,5 @@ +{ + imports = [ + ./home + ]; +} diff --git a/src/system/machines/vm/modules/disko/default.nix b/src/system/machines/vm/modules/disko/default.nix new file mode 100644 index 0000000..5376126 --- /dev/null +++ b/src/system/machines/vm/modules/disko/default.nix @@ -0,0 +1,49 @@ +{ disk ? "/dev/vda" }: +{ + disko.devices = { + disk = { + one = { + type = "disk"; + device = disk; + content = { + type = "gpt"; + partitions = { + boot = { + size = "200M"; + type = "EF00"; + content = { + type = "filesystem"; + format = "vfat"; + mountpoint = "/boot"; + }; + }; + primary = { + size = "100%"; + content = { + type = "lvm_pv"; + vg = "vm"; + }; + }; + }; + }; + }; + }; + + lvm_vg = { + vm = { + type = "lvm_vg"; + lvs = { + root = { + size = "100%"; + content = { + type = "filesystem"; + format = "ext4"; + mountpoint = "/"; + mountOptions = [ "defaults" ]; + }; + }; + }; + }; + }; + }; +} diff --git a/src/system/machines/vm/modules/home-manager/default.nix b/src/system/machines/vm/modules/home-manager/default.nix new file mode 100644 index 0000000..1d99c4d --- /dev/null +++ b/src/system/machines/vm/modules/home-manager/default.nix @@ -0,0 +1,32 @@ +{ config, ... }: + +{ + home-manager.useGlobalPkgs = true; + home-manager.useUserPackages = true; + home-manager.users.${config.user.name} = { + imports = [ ../../../../../user ]; + + programs.home-manager.enable = true; + + home.stateVersion = "23.11"; + + home.username = "${config.user.name}"; + home.homeDirectory = "/home/${config.user.name}"; + + modules = { + user = { + bash.enable = true; + git.enable = true; + + security = { + gpg.enable = true; + }; + + utils = { + enable = true; + vim.enable = true; + }; + }; + }; + }; +} diff --git a/src/system/machines/vm/system.nix b/src/system/machines/vm/system.nix new file mode 100644 index 0000000..444b180 --- /dev/null +++ b/src/system/machines/vm/system.nix @@ -0,0 +1,96 @@ +{ pkgs, lib, config, ... }: + +{ system.stateVersion = "23.11"; + + imports = [ ../../modules ]; + + users.users = { + ${config.user.name} = { + isNormalUser = true; + extraGroups = config.user.groups; + openssh.authorizedKeys.keys = [ "${config.user.keys.ssh.yubikey}" ]; + }; + }; + + nix = { + channel.enable = false; + package = pkgs.nixVersions.stable; + extraOptions = "experimental-features = nix-command flakes"; + settings = { + auto-optimise-store = true; + trusted-users = [ "${config.user.name}" ]; + }; + gc = { + automatic = true; + dates = "weekly"; + options = "--delete-older-than 30d"; + }; + }; + + boot.loader = { + timeout = null; + grub = { + enable = true; + useOSProber = true; + devices = [ "nodev" ]; + efiSupport = true; + configurationLimit = 3; + splashImage = null; + }; + + efi = { + canTouchEfiVariables = true; + }; + }; + + #fonts.packages = with pkgs; [ + # terminus_font + # terminus-nerdfont + #]; + + security.sudo = { + wheelNeedsPassword = false; + execWheelOnly = true; + }; + + time = { + timeZone = "America/New_York"; + hardwareClockInLocalTime = false; + }; + + services.timesyncd = lib.mkDefault { + enable = true; + servers = [ + "0.pool.ntp.org" + "1.pool.ntp.org" + "2.pool.ntp.org" + "3.pool.ntp.org" + ]; + }; + + i18n.defaultLocale = "en_US.UTF-8"; + + console = { + font = "Lat2-Terminus16"; + useXkbConfig = true; + }; + + networking = { + hostName = "vm"; + useDHCP = lib.mkDefault true; + networkmanager.enable = true; + firewall = { + enable = true; + allowedTCPPorts = [ 22 80 443 ]; + }; + }; + + services.openssh = { + enable = true; + startWhenNeeded = true; + settings = { + X11Forwarding = false; + PasswordAuthentication = true; + }; + }; +} diff --git a/src/system/machines/workstation/default.nix b/src/system/machines/workstation/default.nix new file mode 100644 index 0000000..c71ec8a --- /dev/null +++ b/src/system/machines/workstation/default.nix @@ -0,0 +1,10 @@ +{ ... }: + +{ + imports = [ + ../../../user/config + ../../config + ./hardware.nix + ./system.nix + ]; +} diff --git a/src/system/machines/workstation/hardware.nix b/src/system/machines/workstation/hardware.nix new file mode 100644 index 0000000..1ee4de9 --- /dev/null +++ b/src/system/machines/workstation/hardware.nix @@ -0,0 +1,101 @@ +{ config, lib, pkgs, modulesPath, ... }: + +{ + imports = [ (modulesPath + "/installer/scan/not-detected.nix") ]; + + boot = { + initrd = { + availableKernelModules = [ "vmd" "xhci_pci" "ahci" "nvme" "usbhid" "usb_storage" "sd_mod" ]; + kernelModules = [ "dm-snapshot" ]; + }; + extraModulePackages = [ ]; + kernelParams = [ "intel_iommu=on" ]; + kernelModules = [ + "kvm-intel" + "virtio" + "vfio-pci" + "coretemp" + + "ipmi_devintf" + "ipmi_si" + ]; + }; + + environment.systemPackages = with pkgs; [ + ipmitool + ipmicfg + ipmiutil + ipmiview + + linuxHeaders + + vulkan-headers + vulkan-loader + vulkan-tools + vulkan-extension-layer + + mesa + mesa-demos + + libGL + ]; + + fileSystems = { + "/" = { + device = "/dev/disk/by-uuid/6e964c61-ea77-48cc-b495-6a8516b8e756"; + fsType = "xfs"; + }; + + "/home" = { + device = "/dev/disk/by-uuid/db504fb8-14f8-4292-b745-32d6255c4893"; + fsType = "xfs"; + }; + + "/boot" = { + device = "/dev/disk/by-uuid/61E7-6E56"; + fsType = "vfat"; + }; + + "/var/lib/libvirt/images" = { + device = "/home/VMs"; + options = [ "bind" ]; + }; + }; + + systemd.tmpfiles.rules = [ + "d /home/VMs 0755 root root" + ]; + + virtualisation.libvirtd = { + enable = true; + qemu = { + runAsRoot = true; + }; + }; + + services.xserver.videoDrivers = lib.mkDefault [ "nvidia" ]; + + hardware = { + graphics = { + enable = true; + enable32Bit = true; + }; + + nvidia = { + open = false; + powerManagement.enable = false; + powerManagement.finegrained = false; + modesetting.enable = true; + nvidiaSettings = true; + package = config.boot.kernelPackages.nvidiaPackages.mkDriver { + version = "550.120"; + sha256_64bit = "sha256-gBkoJ0dTzM52JwmOoHjMNwcN2uBN46oIRZHAX8cDVpc="; + settingsSha256 = "sha256-fPfIPwpIijoUpNlAUt9C8EeXR5In633qnlelL+btGbU="; + persistencedSha256 = lib.fakeSha256; + }; + }; + }; + + nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; + hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware; +} diff --git a/src/system/machines/workstation/modules/disko/default.nix b/src/system/machines/workstation/modules/disko/default.nix new file mode 100644 index 0000000..d9943db --- /dev/null +++ b/src/system/machines/workstation/modules/disko/default.nix @@ -0,0 +1,58 @@ +{ disk }: +{ + disko.devices = { + disk = { + one = { + type = "disk"; + device = disk; + content = { + type = "gpt"; + partitions = { + boot = { + size = "1G"; + type = "EF00"; + content = { + type = "filesystem"; + format = "vfat"; + mountpoint = "/boot"; + mountOptions = [ "umask=0077" ]; + }; + }; + primary = { + size = "100%"; + content = { + type = "lvm_pv"; + vg = "nix"; + }; + }; + }; + }; + }; + }; + + lvm_vg = { + nix = { + type = "lvm_vg"; + lvs = { + root = { + size = "5%"; + content = { + type = "filesystem"; + format = "ext4"; + mountpoint = "/"; + mountOptions = [ "defaults" ]; + }; + }; + home = { + size = "100%FREE"; + content = { + type = "filesystem"; + format = "ext4"; + mountpoint = "/home"; + }; + }; + }; + }; + }; + }; +} diff --git a/system/machines/wsl/modules/home-manager/default.nix b/src/system/machines/workstation/modules/home-manager/default.nix similarity index 100% rename from system/machines/wsl/modules/home-manager/default.nix rename to src/system/machines/workstation/modules/home-manager/default.nix diff --git a/src/system/machines/workstation/modules/home-manager/home.nix b/src/system/machines/workstation/modules/home-manager/home.nix new file mode 100644 index 0000000..3720ca5 --- /dev/null +++ b/src/system/machines/workstation/modules/home-manager/home.nix @@ -0,0 +1,52 @@ +{ config, ... }: + +{ + home-manager.useGlobalPkgs = true; + home-manager.useUserPackages = true; + home-manager.users.${config.user.name} = { + imports = [ ../../../../../user ]; + + programs.home-manager.enable = true; + + home.stateVersion = "23.11"; + + home.username = "${config.user.name}"; + home.homeDirectory = "/home/${config.user.name}"; + + modules = { + user = { + bash.enable = true; + git.enable = true; + + security = { + enable = true; + gpg.enable = true; + }; + + tmux.enable = true; + + utils = { + enable = true; + dev = { + enable = true; + }; + email.enable = true; + neovim.enable = true; + vim.enable = true; + }; + + gui = { + wm.i3.enable = true; + + browser = { + chromium.enable = true; + }; + + alacritty.enable = true; + utils.enable = true; + writing.enable = true; + }; + }; + }; + }; +} diff --git a/src/system/machines/workstation/system.nix b/src/system/machines/workstation/system.nix new file mode 100644 index 0000000..e26e5ea --- /dev/null +++ b/src/system/machines/workstation/system.nix @@ -0,0 +1,131 @@ +{ pkgs, lib, config, home-manager, ... }: + +with lib; +{ + system.stateVersion = "23.11"; + + users.users = { + ${config.user.name} = { + isNormalUser = true; + extraGroups = config.user.groups + ++ [ "video" "audio" "kvm" "libvirtd" "dialout" ]; + openssh.authorizedKeys.keys = [ + "${config.user.keys.ssh.yubikey}" + "${config.user.keys.ssh.work}" + ]; + }; + }; + + nix = { + channel.enable = false; + package = pkgs.nixVersions.stable; + extraOptions = '' + experimental-features = nix-command flakes + keep-going = true + ''; + settings = { + auto-optimise-store = true; + trusted-users = [ "${config.user.name}" ]; + substitute = true; + max-jobs = "auto"; + }; + gc = { + automatic = true; + dates = "weekly"; + options = "--delete-older-than 7d"; + }; + }; + + boot.loader = { + systemd-boot = { + enable = true; + configurationLimit = 5; + memtest86.enable = true; + }; + timeout = null; + }; + + environment.systemPackages = with pkgs; [ + vim + git + usbutils + ]; + + fonts.packages = with pkgs; [ + terminus_font + terminus-nerdfont + ]; + + security = { + sudo = { + wheelNeedsPassword = false; + execWheelOnly = true; + }; + polkit.enable = true; + }; + + time = { + timeZone = "America/New_York"; + hardwareClockInLocalTime = true; + }; + + i18n.defaultLocale = "en_US.UTF-8"; + + console = { + font = "Lat2-Terminus16"; + useXkbConfig = true; + }; + + networking = { + hostName = "workstation"; + useDHCP = lib.mkDefault true; + networkmanager.enable = true; + firewall = { + enable = true; + allowedTCPPorts = [ 22 80 443 ]; + }; + }; + + programs.i3lock = { + enable = true; + package = pkgs.i3lock-fancy; + }; + + services = { + xserver.enable = true; + displayManager.ly.enable = true; + + teamviewer.enable = true; + + timesyncd = lib.mkDefault { + enable = true; + servers = [ + "0.pool.ntp.org" + "1.pool.ntp.org" + "2.pool.ntp.org" + "3.pool.ntp.org" + ]; + }; + + pipewire = { + enable = true; + audio.enable = true; + + wireplumber.enable = true; + + pulse.enable = true; + jack.enable = true; + alsa.enable = true; + alsa.support32Bit = true; + }; + + openssh = { + enable = true; + startWhenNeeded = false; + settings = { + X11Forwarding = false; + PasswordAuthentication = true; + }; + }; + }; +} diff --git a/src/system/machines/wsl/default.nix b/src/system/machines/wsl/default.nix new file mode 100644 index 0000000..9af8cf1 --- /dev/null +++ b/src/system/machines/wsl/default.nix @@ -0,0 +1,9 @@ +{ ... }: + +{ + imports = [ + ../../../user/config + ../../config + ./system.nix + ]; +} diff --git a/src/system/machines/wsl/modules/home-manager/default.nix b/src/system/machines/wsl/modules/home-manager/default.nix new file mode 100644 index 0000000..f31f0ea --- /dev/null +++ b/src/system/machines/wsl/modules/home-manager/default.nix @@ -0,0 +1,9 @@ +{ + imports = [ +<<<<<<<< HEAD:src/system/machines/wsl/modules/home-manager/default.nix + ./home.nix +======== + ./c-lightning-REST +>>>>>>>> lightning:src/system/modules/bitcoin/modules/clightning/plugins/default.nix + ]; +} diff --git a/src/system/machines/wsl/modules/home-manager/home.nix b/src/system/machines/wsl/modules/home-manager/home.nix new file mode 100644 index 0000000..1977ae0 --- /dev/null +++ b/src/system/machines/wsl/modules/home-manager/home.nix @@ -0,0 +1,38 @@ +{ config, ... }: + +{ + home-manager.useGlobalPkgs = true; + home-manager.useUserPackages = true; + home-manager.users.${config.user.name} = { + imports = [ ../../../../../user ]; + + programs.home-manager.enable = true; + + home.stateVersion = "23.11"; + + home.username = "${config.user.name}"; + home.homeDirectory = "/home/${config.user.name}"; + + modules = { + user = { + bash.enable = true; + git.enable = true; + + security = { + enable = true; + gpg.enable = true; + }; + + tmux.enable = true; + + utils = { + enable = true; + dev.enable = true; + email.enable = true; + irc.enable = true; + neovim.enable = true; + }; + }; + }; + }; +} diff --git a/system/machines/wsl/modules/wsl/default.nix b/src/system/machines/wsl/modules/wsl/default.nix similarity index 100% rename from system/machines/wsl/modules/wsl/default.nix rename to src/system/machines/wsl/modules/wsl/default.nix diff --git a/system/machines/wsl/modules/wsl/wsl.nix b/src/system/machines/wsl/modules/wsl/wsl.nix similarity index 83% rename from system/machines/wsl/modules/wsl/wsl.nix rename to src/system/machines/wsl/modules/wsl/wsl.nix index 8bf5fb5..e2a4ea8 100644 --- a/system/machines/wsl/modules/wsl/wsl.nix +++ b/src/system/machines/wsl/modules/wsl/wsl.nix @@ -1,11 +1,12 @@ { config, lib, ... }: { - imports = [ ../../../../../user ]; + imports = [ ../../../../../user/config ]; wsl = rec { enable = true; defaultUser = lib.mkDefault config.user.name; + nativeSystemd = true; useWindowsDriver = true; wslConf = { diff --git a/system/machines/wsl/system.nix b/src/system/machines/wsl/system.nix similarity index 100% rename from system/machines/wsl/system.nix rename to src/system/machines/wsl/system.nix diff --git a/system/machines/server/modules/backup/default.nix b/src/system/modules/backup/default.nix similarity index 100% rename from system/machines/server/modules/backup/default.nix rename to src/system/modules/backup/default.nix diff --git a/system/machines/server/modules/bitcoin/config/bitcoin.conf b/src/system/modules/bitcoin/config/bitcoin.conf similarity index 100% rename from system/machines/server/modules/bitcoin/config/bitcoin.conf rename to src/system/modules/bitcoin/config/bitcoin.conf diff --git a/system/machines/server/modules/bitcoin/default.nix b/src/system/modules/bitcoin/default.nix similarity index 100% rename from system/machines/server/modules/bitcoin/default.nix rename to src/system/modules/bitcoin/default.nix diff --git a/system/machines/server/modules/bitcoin/modules/clightning/config/lightning.conf b/src/system/modules/bitcoin/modules/clightning/config/lightning.conf similarity index 100% rename from system/machines/server/modules/bitcoin/modules/clightning/config/lightning.conf rename to src/system/modules/bitcoin/modules/clightning/config/lightning.conf diff --git a/system/machines/server/modules/bitcoin/modules/clightning/default.nix b/src/system/modules/bitcoin/modules/clightning/default.nix similarity index 100% rename from system/machines/server/modules/bitcoin/modules/clightning/default.nix rename to src/system/modules/bitcoin/modules/clightning/default.nix diff --git a/system/machines/server/modules/bitcoin/modules/clightning/plugins/clnrest.nix b/src/system/modules/bitcoin/modules/clightning/plugins/clnrest.nix similarity index 100% rename from system/machines/server/modules/bitcoin/modules/clightning/plugins/clnrest.nix rename to src/system/modules/bitcoin/modules/clightning/plugins/clnrest.nix diff --git a/system/machines/server/modules/bitcoin/modules/electrum/config/config.toml b/src/system/modules/bitcoin/modules/electrum/config/config.toml similarity index 100% rename from system/machines/server/modules/bitcoin/modules/electrum/config/config.toml rename to src/system/modules/bitcoin/modules/electrum/config/config.toml diff --git a/system/machines/server/modules/bitcoin/modules/electrum/default.nix b/src/system/modules/bitcoin/modules/electrum/default.nix similarity index 100% rename from system/machines/server/modules/bitcoin/modules/electrum/default.nix rename to src/system/modules/bitcoin/modules/electrum/default.nix diff --git a/system/machines/server/modules/default.nix b/src/system/modules/default.nix similarity index 84% rename from system/machines/server/modules/default.nix rename to src/system/modules/default.nix index b34257d..c8ecd1a 100644 --- a/system/machines/server/modules/default.nix +++ b/src/system/modules/default.nix @@ -3,14 +3,12 @@ let let entries = builtins.readDir dir; names = builtins.attrNames entries; - + isModuleDir = path: builtins.pathExists path && builtins.readFileType path == "directory" && builtins.baseNameOf path != "config" && - builtins.baseNameOf path != "plugins" && - builtins.baseNameOf path != "home-manager" && - builtins.baseNameOf path != "disko"; + builtins.baseNameOf path != "plugins"; isModule = file: file == "default.nix"; isNix = file: builtins.match ".*\\.nix" file != null && file != "default.nix"; diff --git a/system/machines/server/modules/forgejo/default.nix b/src/system/modules/forgejo/default.nix similarity index 100% rename from system/machines/server/modules/forgejo/default.nix rename to src/system/modules/forgejo/default.nix diff --git a/system/machines/server/modules/frigate/README.md b/src/system/modules/frigate/README.md similarity index 100% rename from system/machines/server/modules/frigate/README.md rename to src/system/modules/frigate/README.md diff --git a/src/system/modules/frigate/default.nix b/src/system/modules/frigate/default.nix new file mode 100644 index 0000000..11c14d3 --- /dev/null +++ b/src/system/modules/frigate/default.nix @@ -0,0 +1,98 @@ +{ pkgs, lib, config, ... }: + +with lib; +let + cfg = config.modules.system.frigate; + nginx = config.modules.system.nginx; + domain = "ramos.codes"; + +in +{ + options.modules.system.frigate = { + enable = mkEnableOption "Enable Frigate NVR"; + }; + + config = mkIf cfg.enable { + services.frigate = { + enable = true; + hostname = "frigate.${domain}"; + # vaapiDriver = "i965"; # Haswell only supports H.264, not HEVC + settings = { + mqtt.enabled = false; + # ffmpeg.hwaccel_args = "preset-vaapi"; # Disabled - camera uses HEVC which Haswell can't decode + record.enabled = true; + cameras = { + doorbell = { + enabled = true; + detect.enabled = false; + ffmpeg.inputs = [{ + path = "rtsp://admin:ocu?u3Su@192.168.1.167/cam/realmonitor?channel=1&subtype=0"; + roles = [ "record" ]; + }]; + }; + living_room = { + enabled = false; + detect.enabled = false; + ffmpeg.inputs = [{ + path = "rtsp://admin:ocu?u3Su@192.168.1.147/cam/realmonitor?channel=1&subtype=0"; + roles = [ "record" ]; + }]; + }; + kitchen = { + enabled = false; + detect.enabled = false; + ffmpeg.inputs = [{ + path = "rtsp://admin:ocu?u3Su@192.168.1.147/cam/realmonitor?channel=2&subtype=0"; + roles = [ "record" ]; + }]; + }; + parking_lot = { + enabled = true; + detect.enabled = false; + ffmpeg.inputs = [{ + path = "rtsp://admin:ocu?u3Su@192.168.1.194/cam/realmonitor?channel=1&subtype=0"; + roles = [ "record" ]; + }]; + }; + porch = { + enabled = false; + detect.enabled = false; + ffmpeg.inputs = [{ + path = "rtsp://admin:ocu?u3Su@192.168.0.43/cam/realmonitor?channel=1&subtype=0"; + roles = [ "record" ]; + }]; + }; + }; + }; + }; + + # Add SSL to frigate's nginx virtualHost + services.nginx.virtualHosts."frigate.${domain}" = mkIf nginx.enable { + useACMEHost = domain; + forceSSL = true; + }; + + # Bind mount caches into the 3TB frigate LVM volume + systemd.tmpfiles.rules = [ + "d /var/lib/frigate/cache 0750 frigate frigate -" + "d /var/lib/frigate/nginx-cache 0750 nginx nginx -" + ]; + + fileSystems."/var/cache/frigate" = { + device = "/var/lib/frigate/cache"; + options = [ "bind" ]; + }; + + fileSystems."/var/cache/nginx/frigate" = { + device = "/var/lib/frigate/nginx-cache"; + options = [ "bind" ]; + }; + + # Backup recordings/database, exclude caches + modules.system.backup = { + paths = [ "/var/lib/frigate" ]; + exclude = [ "*/cache" "*/nginx-cache" ]; + }; + + }; +} diff --git a/system/machines/server/modules/immich/default.nix b/src/system/modules/immich/default.nix similarity index 100% rename from system/machines/server/modules/immich/default.nix rename to src/system/modules/immich/default.nix diff --git a/system/machines/server/modules/nginx/default.nix b/src/system/modules/nginx/default.nix similarity index 100% rename from system/machines/server/modules/nginx/default.nix rename to src/system/modules/nginx/default.nix diff --git a/system/machines/server/modules/tor/default.nix b/src/system/modules/tor/default.nix similarity index 100% rename from system/machines/server/modules/tor/default.nix rename to src/system/modules/tor/default.nix diff --git a/src/user/config/bash b/src/user/config/bash new file mode 120000 index 0000000..41f0b65 --- /dev/null +++ b/src/user/config/bash @@ -0,0 +1 @@ +../modules/bash/config/bash/ \ No newline at end of file diff --git a/user/bookmarks/default.nix b/src/user/config/bookmarks/default.nix similarity index 100% rename from user/bookmarks/default.nix rename to src/user/config/bookmarks/default.nix diff --git a/user/default.nix b/src/user/config/default.nix similarity index 85% rename from user/default.nix rename to src/user/config/default.nix index bc4ddfa..b539c79 100644 --- a/user/default.nix +++ b/src/user/config/default.nix @@ -1,6 +1,10 @@ -{ lib, pkgs, ... }: +{ lib, pkgs, config, ... }: with lib; +let + modules = config.modules.user; + +in { options = { user = mkOption { diff --git a/src/user/config/git b/src/user/config/git new file mode 120000 index 0000000..753f800 --- /dev/null +++ b/src/user/config/git @@ -0,0 +1 @@ +../modules/git/git/ \ No newline at end of file diff --git a/user/keys/age/README.md b/src/user/config/keys/age/README.md similarity index 100% rename from user/keys/age/README.md rename to src/user/config/keys/age/README.md diff --git a/user/keys/age/yubikey.pub.key b/src/user/config/keys/age/yubikey.pub.key similarity index 100% rename from user/keys/age/yubikey.pub.key rename to src/user/config/keys/age/yubikey.pub.key diff --git a/system/keys/default.nix b/src/user/config/keys/default.nix similarity index 70% rename from system/keys/default.nix rename to src/user/config/keys/default.nix index c946ac3..e3f3aaf 100644 --- a/system/keys/default.nix +++ b/src/user/config/keys/default.nix @@ -1,11 +1,12 @@ -{ lib, ... }: +{ lib }: -with lib; with builtins; let extractName = filename: let - noKey = removeSuffix ".key" filename; + # Remove .key extension + noKey = lib.removeSuffix ".key" filename; + # Remove .pub/.priv/.public/.private markers noMarkers = replaceStrings [ ".pub" ".priv" ".public" ".private" ] [ "" "" "" "" ] @@ -22,22 +23,11 @@ let value = readFile "${dir}/${subdir}/${file}"; }) (filter (file: (readDir "${dir}/${subdir}").${file} == "regular" && - hasSuffix ".key" file + lib.hasSuffix ".key" file ) (attrNames (readDir "${dir}/${subdir}"))) ); }) (filter (node: (readDir dir).${node} == "directory") (attrNames (readDir dir))) ) ); - in -{ - options = { - machines = mkOption { - description = "Machine Configurations"; - type = types.attrs; - default = { - keys = constructKeys ./.; - }; - }; - }; -} + constructKeys ./. diff --git a/user/keys/pgp/README.md b/src/user/config/keys/pgp/README.md similarity index 100% rename from user/keys/pgp/README.md rename to src/user/config/keys/pgp/README.md diff --git a/user/keys/pgp/ccur.pub.key b/src/user/config/keys/pgp/ccur.pub.key similarity index 100% rename from user/keys/pgp/ccur.pub.key rename to src/user/config/keys/pgp/ccur.pub.key diff --git a/user/keys/pgp/work.pub.key b/src/user/config/keys/pgp/work.pub.key similarity index 100% rename from user/keys/pgp/work.pub.key rename to src/user/config/keys/pgp/work.pub.key diff --git a/user/keys/pgp/yubikey.pub.key b/src/user/config/keys/pgp/yubikey.pub.key similarity index 100% rename from user/keys/pgp/yubikey.pub.key rename to src/user/config/keys/pgp/yubikey.pub.key diff --git a/user/keys/ssh/README.md b/src/user/config/keys/ssh/README.md similarity index 100% rename from user/keys/ssh/README.md rename to src/user/config/keys/ssh/README.md diff --git a/user/keys/ssh/graphone.pub.key b/src/user/config/keys/ssh/graphone.pub.key similarity index 100% rename from user/keys/ssh/graphone.pub.key rename to src/user/config/keys/ssh/graphone.pub.key diff --git a/user/keys/ssh/work.pub.key b/src/user/config/keys/ssh/work.pub.key similarity index 100% rename from user/keys/ssh/work.pub.key rename to src/user/config/keys/ssh/work.pub.key diff --git a/user/keys/ssh/yubikey.pub.key b/src/user/config/keys/ssh/yubikey.pub.key similarity index 100% rename from user/keys/ssh/yubikey.pub.key rename to src/user/config/keys/ssh/yubikey.pub.key diff --git a/src/user/config/nvim b/src/user/config/nvim new file mode 120000 index 0000000..de5a93f --- /dev/null +++ b/src/user/config/nvim @@ -0,0 +1 @@ +../modules/utils/modules/neovim/config/nvim \ No newline at end of file diff --git a/src/user/config/vim b/src/user/config/vim new file mode 120000 index 0000000..2ab4c21 --- /dev/null +++ b/src/user/config/vim @@ -0,0 +1 @@ +../modules/utils/modules/vim/vim/ \ No newline at end of file diff --git a/user/modules/default.nix b/src/user/default.nix similarity index 80% rename from user/modules/default.nix rename to src/user/default.nix index dc0f32a..ca18159 100644 --- a/user/modules/default.nix +++ b/src/user/default.nix @@ -3,7 +3,7 @@ let let entries = builtins.readDir dir; names = builtins.attrNames entries; - + excludedDirs = [ "config" "scripts" ]; isSubmodule = path: builtins.pathExists "${path}/.git" && @@ -14,6 +14,7 @@ let !(builtins.elem (builtins.baseNameOf path) excludedDirs) && !(isSubmodule path); isModule = file: file == "default.nix"; + isNix = file: builtins.match ".*\\.nix" file != null && file != "default.nix"; in builtins.concatMap (name: @@ -24,11 +25,15 @@ let mkModules path false else if isModule name && !isRoot then [ dir ] + else if isNix name then + [ path ] else [] ) names; in { - imports = mkModules ./. true; + imports = [ + ./config + ] ++ mkModules ./. true; } diff --git a/src/user/modules/bash/config/bash b/src/user/modules/bash/config/bash new file mode 160000 index 0000000..79eb823 --- /dev/null +++ b/src/user/modules/bash/config/bash @@ -0,0 +1 @@ +Subproject commit 79eb823bbb9ff88f284ae055fe1de954df8bf2e0 diff --git a/src/user/modules/bash/config/shellHook.nix b/src/user/modules/bash/config/shellHook.nix new file mode 100644 index 0000000..a252b83 --- /dev/null +++ b/src/user/modules/bash/config/shellHook.nix @@ -0,0 +1,38 @@ +{ lib, config, ... }: + +with lib; +let + tmux = config.modules.user.tmux; + gui = config.modules.user.gui.wm; + sway = config.modules.user.gui.wm.sway; + hyprland = config.modules.user.gui.wm.hyprland; + + wm = { + enable = builtins.any (mod: mod.enable or false) (builtins.attrValues gui); + }; + +in +'' +case $- in + *i*) + ${optionalString wm.enable '' + if [ -z "$DISPLAY" ] && [ "$(tty)" = "/dev/tty1" ]; then + ${optionalString sway.enable '' + exec sway + '' + } + ${optionalString hyprland.enable '' + exec Hyprland + '' + } + exit 0 + fi + ''} + ${optionalString tmux.enable '' + if [ -z "$DISPLAY" ] && [ -z "$TMUX" ] && [ -z "$SSH_TTY" ]; then + exec tmux + fi + ''} + ;; +esac +'' diff --git a/user/modules/bash/default.nix b/src/user/modules/bash/default.nix similarity index 83% rename from user/modules/bash/default.nix rename to src/user/modules/bash/default.nix index a1420a7..1dc7110 100644 --- a/user/modules/bash/default.nix +++ b/src/user/modules/bash/default.nix @@ -10,10 +10,12 @@ in programs.bash = { enable = true; initExtra = "source ~/.config/bash/bashrc"; + profileExtra = import ./config/shellHook.nix { inherit lib config; }; }; - + + # .bashrc home.file.".config/bash" = { - source = ./bash; + source = ./config/bash; recursive = true; }; diff --git a/user/modules/git/default.nix b/src/user/modules/git/default.nix similarity index 100% rename from user/modules/git/default.nix rename to src/user/modules/git/default.nix diff --git a/user/modules/git/git b/src/user/modules/git/git similarity index 100% rename from user/modules/git/git rename to src/user/modules/git/git diff --git a/user/modules/git/scripts/cdg.nix b/src/user/modules/git/scripts/cdg.nix similarity index 100% rename from user/modules/git/scripts/cdg.nix rename to src/user/modules/git/scripts/cdg.nix diff --git a/user/modules/gui/alacritty/config/alacritty.nix b/src/user/modules/gui/modules/alacritty/config/alacritty.nix similarity index 100% rename from user/modules/gui/alacritty/config/alacritty.nix rename to src/user/modules/gui/modules/alacritty/config/alacritty.nix diff --git a/user/modules/gui/alacritty/default.nix b/src/user/modules/gui/modules/alacritty/default.nix similarity index 100% rename from user/modules/gui/alacritty/default.nix rename to src/user/modules/gui/modules/alacritty/default.nix diff --git a/user/modules/gui/browsers/chromium/default.nix b/src/user/modules/gui/modules/browsers/chromium/default.nix similarity index 100% rename from user/modules/gui/browsers/chromium/default.nix rename to src/user/modules/gui/modules/browsers/chromium/default.nix diff --git a/user/modules/gui/browsers/firefox/default.nix b/src/user/modules/gui/modules/browsers/firefox/default.nix similarity index 97% rename from user/modules/gui/browsers/firefox/default.nix rename to src/user/modules/gui/modules/browsers/firefox/default.nix index c8069c3..d414e87 100644 --- a/user/modules/gui/browsers/firefox/default.nix +++ b/src/user/modules/gui/modules/browsers/firefox/default.nix @@ -317,12 +317,6 @@ in "extensions.quarantinedDomains.enabled" = true; "media.videocontrols.picture-in-picture.enabled" = false; - - # VA-API hardware video acceleration (NVIDIA) - "media.ffmpeg.vaapi.enabled" = true; - "media.rdd-ffmpeg.enabled" = true; - "media.av1.enabled" = false; # GTX 1650 doesn't support AV1 decode - "gfx.x11-egl.force-enabled" = true; }; }; }; diff --git a/user/modules/gui/corn/default.nix b/src/user/modules/gui/modules/corn/default.nix similarity index 100% rename from user/modules/gui/corn/default.nix rename to src/user/modules/gui/modules/corn/default.nix diff --git a/user/modules/gui/fun/config/discord.config.json b/src/user/modules/gui/modules/fun/config/discord.config.json similarity index 100% rename from user/modules/gui/fun/config/discord.config.json rename to src/user/modules/gui/modules/fun/config/discord.config.json diff --git a/user/modules/gui/fun/default.nix b/src/user/modules/gui/modules/fun/default.nix similarity index 100% rename from user/modules/gui/fun/default.nix rename to src/user/modules/gui/modules/fun/default.nix diff --git a/user/modules/gui/utils/default.nix b/src/user/modules/gui/modules/utils/default.nix similarity index 100% rename from user/modules/gui/utils/default.nix rename to src/user/modules/gui/modules/utils/default.nix diff --git a/user/modules/utils/writing/default.nix b/src/user/modules/gui/modules/writing/default.nix similarity index 53% rename from user/modules/utils/writing/default.nix rename to src/user/modules/gui/modules/writing/default.nix index 5d83096..664d5fe 100644 --- a/user/modules/utils/writing/default.nix +++ b/src/user/modules/gui/modules/writing/default.nix @@ -2,15 +2,16 @@ with lib; let - cfg = config.modules.user.utils.writing; + cfg = config.modules.user.gui.writing; in -{ options.modules.user.utils.writing = { enable = mkEnableOption "Enable writing tools"; }; +{ options.modules.user.gui.writing = { enable = mkEnableOption "Enable writing tools"; }; config = mkIf cfg.enable { home.packages = with pkgs; [ mdbook pandoc asciidoctor + evince ]; }; } diff --git a/user/modules/gui/wm/hyprland/config/rofi/config/config.rasi b/src/user/modules/gui/wm/hyprland/config/rofi/config/config.rasi similarity index 100% rename from user/modules/gui/wm/hyprland/config/rofi/config/config.rasi rename to src/user/modules/gui/wm/hyprland/config/rofi/config/config.rasi diff --git a/user/modules/gui/wm/hyprland/config/rofi/config/material-ocean.rasi b/src/user/modules/gui/wm/hyprland/config/rofi/config/material-ocean.rasi similarity index 100% rename from user/modules/gui/wm/hyprland/config/rofi/config/material-ocean.rasi rename to src/user/modules/gui/wm/hyprland/config/rofi/config/material-ocean.rasi diff --git a/user/modules/gui/wm/hyprland/config/rofi/default.nix b/src/user/modules/gui/wm/hyprland/config/rofi/default.nix similarity index 100% rename from user/modules/gui/wm/hyprland/config/rofi/default.nix rename to src/user/modules/gui/wm/hyprland/config/rofi/default.nix diff --git a/user/modules/gui/wm/hyprland/config/waybar/config b/src/user/modules/gui/wm/hyprland/config/waybar/config similarity index 100% rename from user/modules/gui/wm/hyprland/config/waybar/config rename to src/user/modules/gui/wm/hyprland/config/waybar/config diff --git a/user/modules/gui/wm/hyprland/config/waybar/scripts/getBlock b/src/user/modules/gui/wm/hyprland/config/waybar/scripts/getBlock similarity index 100% rename from user/modules/gui/wm/hyprland/config/waybar/scripts/getBlock rename to src/user/modules/gui/wm/hyprland/config/waybar/scripts/getBlock diff --git a/user/modules/gui/wm/hyprland/config/waybar/scripts/getPrice b/src/user/modules/gui/wm/hyprland/config/waybar/scripts/getPrice similarity index 100% rename from user/modules/gui/wm/hyprland/config/waybar/scripts/getPrice rename to src/user/modules/gui/wm/hyprland/config/waybar/scripts/getPrice diff --git a/user/modules/gui/wm/hyprland/config/waybar/scripts/weather.sh b/src/user/modules/gui/wm/hyprland/config/waybar/scripts/weather.sh similarity index 100% rename from user/modules/gui/wm/hyprland/config/waybar/scripts/weather.sh rename to src/user/modules/gui/wm/hyprland/config/waybar/scripts/weather.sh diff --git a/user/modules/gui/wm/hyprland/config/waybar/style.css b/src/user/modules/gui/wm/hyprland/config/waybar/style.css similarity index 100% rename from user/modules/gui/wm/hyprland/config/waybar/style.css rename to src/user/modules/gui/wm/hyprland/config/waybar/style.css diff --git a/user/modules/gui/wm/hyprland/default.nix b/src/user/modules/gui/wm/hyprland/default.nix similarity index 93% rename from user/modules/gui/wm/hyprland/default.nix rename to src/user/modules/gui/wm/hyprland/default.nix index d8c7aba..e57625a 100644 --- a/user/modules/gui/wm/hyprland/default.nix +++ b/src/user/modules/gui/wm/hyprland/default.nix @@ -220,27 +220,20 @@ in platformTheme.name = "gtk"; }; - xdg.portal = { - enable = true; - extraPortals = with pkgs; [ - xdg-desktop-portal-hyprland - ]; - config.common.default = "*"; + xdg = { + portal = { + enable = true; + extraPortals = with pkgs; [ + xdg-desktop-portal-hyprland + ]; + config.common.default = "*"; + }; }; programs = { imv.enable = true; - mpv.enable = true; - zathura.enable = true; }; fonts.fontconfig.enable = true; - - # Auto-start Hyprland on tty1 - programs.bash.profileExtra = '' - if [ -z "$DISPLAY" ] && [ "$(tty)" = "/dev/tty1" ]; then - exec Hyprland - fi - ''; }; } diff --git a/user/modules/gui/wm/sway/config/rofi/config/config.rasi b/src/user/modules/gui/wm/i3/config/rofi/config/config.rasi similarity index 100% rename from user/modules/gui/wm/sway/config/rofi/config/config.rasi rename to src/user/modules/gui/wm/i3/config/rofi/config/config.rasi diff --git a/user/modules/gui/wm/sway/config/rofi/config/material-ocean.rasi b/src/user/modules/gui/wm/i3/config/rofi/config/material-ocean.rasi similarity index 100% rename from user/modules/gui/wm/sway/config/rofi/config/material-ocean.rasi rename to src/user/modules/gui/wm/i3/config/rofi/config/material-ocean.rasi diff --git a/user/modules/gui/wm/sway/config/rofi/default.nix b/src/user/modules/gui/wm/i3/config/rofi/default.nix similarity index 100% rename from user/modules/gui/wm/sway/config/rofi/default.nix rename to src/user/modules/gui/wm/i3/config/rofi/default.nix diff --git a/src/user/modules/gui/wm/i3/default.nix b/src/user/modules/gui/wm/i3/default.nix new file mode 100644 index 0000000..4617ee3 --- /dev/null +++ b/src/user/modules/gui/wm/i3/default.nix @@ -0,0 +1,144 @@ +{ pkgs, lib, config, ... }: + +with lib; +let + cfg = config.modules.user.gui.wm.sway; + modifier = config.wayland.windowManager.sway.config.modifier; + + wallpaper = builtins.fetchurl { + url = "https://images6.alphacoders.com/117/1174033.png"; + sha256 = "1ph5m9s57076jx6042iipqx2ifzadmd5z4lf5l49wgq4jb92mp16"; + }; + + barStatus = pkgs.writeShellScript "status.sh" '' + #!/usr/bin/env bash + while :; do + echo "$(ip -4 addr show eno1 | awk '/inet / {print $2}' | cut -d'/' -f1) | $(free -h | awk '/^Mem/ {print $3}') | $(date +'%I:%M:%S %p') | $(date +'%m-%d-%Y')"; sleep 1; + done + ''; + +in +{ options.modules.user.gui.wm.i3 = { enable = mkEnableOption "Enable i3 WM"; }; + config = mkIf cfg.enable { + xsession = { + enable = true; + windowManager.i3 = { + config = { + defaultWorkspace = "workspace number 1"; + + fonts = { + names = [ "Terminus" ]; + }; + + modifier = "Mod1"; + menu = "rofi -show drun -show-icons -drun-icon-theme Qogir -font 'Noto Sans 14'"; + terminal = "${pkgs.alacritty}/bin/alacritty"; + + bars = [ + { + position = "top"; + statusCommand = "${barStatus}"; + fonts = { + names = [ "Terminus" ]; + size = 12.0; + }; + colors = { + background = "#0A0E14"; + statusline = "#FFFFFF"; + }; + } + ]; + + gaps = { + smartGaps = false; + inner = 10; + }; + + floating = { + titlebar = false; + border = 0; + criteria = [ + { + title = "Android Emulator"; + } + ]; + }; + + window = { + titlebar = false; + border= 0; + }; + + keybindings = lib.mkOptionDefault { + "${modifier}+q" = "kill"; + "Print" = "exec grim ~/Pictures/screenshot-$(date +'%Y%m%d-%H%M%S').png"; + "${modifier}+Shift+Print" = "exec grim -g \"$(slurp)\" ~/Pictures/screenshot-$(date +'%Y%m%d-%H%M%S').png"; + "${modifier}+Print" = ''exec sh -c 'grim -g "$(swaymsg -t get_tree | jq -j '"'"'.. | select(.type?) | select(.focused).rect | "\(.x),\(.y) \(.width)x\(.height)"'"'"')" ~/Pictures/screenshot-$(date +'%Y%m%d-%H%M%S').png' ''; + "${modifier}+Shift+f" = "exec alacritty -e sh -c 'EDITOR=nvim ranger'"; + "${modifier}+Shift+d" = "exec rofi -modi emoji -show emoji"; + }; + }; + + extraConfig = '' + exec_always ${pkgs.autotiling}/bin/autotiling -sr "1.61" + ''; + }; + }; + + programs.rofi = import ./config/rofi { inherit pkgs config lib; }; + + home.file.".config/rofi" = { + source = ./config/rofi/config; + recursive = true; + }; + + xdg = { + portal = { + enable = true; + extraPortals = with pkgs; [ + xdg-desktop-portal-gtk + ]; + config.common.default = "*"; + }; + }; + + gtk = { + enable = true; + theme.package = pkgs.juno-theme; + theme.name = "Juno-ocean"; + iconTheme.package = pkgs.qogir-icon-theme; + iconTheme.name = "Qogir"; + }; + + qt = { + enable = true; + style.package = pkgs.juno-theme; + platformTheme.name = "gtk"; + }; + + home.packages = with pkgs; [ + pavucontrol + xdg-utils + wl-clipboard + autotiling + + grim + jq + slurp + + ranger + highlight + + nerd-fonts.terminess-ttf + noto-fonts + noto-fonts-cjk-sans + noto-fonts-color-emoji + ]; + + programs = { + imv.enable = true; + }; + + fonts.fontconfig.enable = true; + }; +} diff --git a/src/user/modules/gui/wm/shared/mimeapps/default.nix b/src/user/modules/gui/wm/shared/mimeapps/default.nix new file mode 100644 index 0000000..7f94be9 --- /dev/null +++ b/src/user/modules/gui/wm/shared/mimeapps/default.nix @@ -0,0 +1,32 @@ +{ pkgs, lib, config, ... }: + +let + browser = config.programs; + + fileTypes = [ + "text/html" "application/pdf" "application/xml" + "image/png" "image/svg+xml" "image/jpg" + "image/jpeg" "image/gif" "image/webp" + "image/avif" "image/bmp" "image/tiff" + ]; + + defaultBrowser = if browser.firefox.enable then + "firefox.desktop" + else if browser.brave.enable then + "brave-browser.desktop" + else if browser.chromium.enable then + "chromium.desktop" + else null; + +in +{ + xdg.mimeApps = lib.optionalAttrs (defaultBrowser != null && config.xdg.portal.enable) { + enable = true; + defaultApplications = builtins.listToAttrs ( + map (type: { + name = type; + value = [ defaultBrowser ]; + }) fileTypes + ); + }; +} diff --git a/src/user/modules/gui/wm/sway/config/rofi/config/config.rasi b/src/user/modules/gui/wm/sway/config/rofi/config/config.rasi new file mode 100644 index 0000000..2e38cf2 --- /dev/null +++ b/src/user/modules/gui/wm/sway/config/rofi/config/config.rasi @@ -0,0 +1,7 @@ +configuration { + font: "SF Pro Rounded 10"; + show-icons: true; + kb-cancel: "Escape,Alt+F1"; +} + +@theme "~/.config/rofi/material-ocean.rasi" diff --git a/src/user/modules/gui/wm/sway/config/rofi/config/material-ocean.rasi b/src/user/modules/gui/wm/sway/config/rofi/config/material-ocean.rasi new file mode 100644 index 0000000..3533a13 --- /dev/null +++ b/src/user/modules/gui/wm/sway/config/rofi/config/material-ocean.rasi @@ -0,0 +1,95 @@ +* { + background: #0f111a; + foreground: #f1f1f1; + selected: #ff4151; +} + +window { + transparency: "real"; + background-color: @background; + text-color: @foreground; +} + +prompt { + enabled: true; + padding: 4px 4px 6px 6px; + background-color: @background; + text-color: @foreground; +} + +textbox-prompt-colon { + expand: false; + background-color: @background; + padding: 4px 0px 0px 6px; +} + +inputbar { + children: [ textbox-prompt-colon, entry ]; + background-color: @background; + text-color: @foreground; + expand: false; + border: 0px 0px 0px 0px; + border-radius: 0px; + border-color: @selected; + margin: 0px 0px 0px 0px; + padding: 0px 0px 4px 0px; + position: center; +} + +entry { + background-color: @background; + text-color: @foreground; + placeholder-color: @foreground; + expand: true; + horizontal-align: 0; + blink: true; + padding: 4px 0px 0px 4px; +} + +case-indicator { + background-color: @background; + text-color: @foreground; + spacing: 0; +} + +listview { + background-color: @background; + columns: 1; + spacing: 5px; + cycle: true; + dynamic: true; + layout: vertical; +} + +mainbox { + background-color: @background; + children: [ inputbar, listview ]; + spacing: 5px; + padding: 5px 5px 5px 5px; +} + +element { + background-color: @background; + text-color: @foreground; + orientation: horizontal; + border-radius: 4px; + padding: 6px 6px 6px 6px; +} + +element-text, element-icon { + background-color: inherit; + text-color: inherit; +} + +element-icon { + size: 18px; + border: 4px; +} + +element selected { + background-color: @selected; + text-color: @background; + border: 0px; + border-radius: 0px; + border-color: @selected; +} diff --git a/src/user/modules/gui/wm/sway/config/rofi/default.nix b/src/user/modules/gui/wm/sway/config/rofi/default.nix new file mode 100644 index 0000000..724fd55 --- /dev/null +++ b/src/user/modules/gui/wm/sway/config/rofi/default.nix @@ -0,0 +1,183 @@ +{ pkgs, config, ... }: +let + inherit (config.lib.formats.rasi) mkLiteral; + +in +{ + enable = true; + package = pkgs.rofi; + location = "center"; + terminal = "\${pkgs.alacritty}/bin/alacritty"; + plugins = with pkgs; [ + rofi-emoji + ]; + + #theme = { + # "*" = { + # nord0 = mkLiteral "#2e3440"; + # nord1 = mkLiteral "#3b4252"; + # nord2 = mkLiteral "#434c5e"; + # nord3 = mkLiteral "#4c566a"; + # nord4 = mkLiteral "#d8dee9"; + # nord5 = mkLiteral "#e5e9f0"; + # nord6 = mkLiteral "#eceff4"; + # nord7 = mkLiteral "#8fbcbb"; + # nord8 = mkLiteral "#88c0d0"; + # nord9 = mkLiteral "#81a1c1"; + # nord10 = mkLiteral "#5e81ac"; + # nord11 = mkLiteral "#bf616a"; + # nord12 = mkLiteral "#d08770"; + # nord13 = mkLiteral "#ebcb8b"; + # nord14 = mkLiteral "#a3be8c"; + # nord15 = mkLiteral "#b48ead"; + # spacing = 2; + # background-color = mkLiteral "var(nord1)"; + # background = mkLiteral "var(nord1)"; + # foreground = mkLiteral "var(nord4)"; + # normal-background = mkLiteral "var(background)"; + # normal-foreground = mkLiteral "var(foreground)"; + # alternate-normal-background = mkLiteral "var(background)"; + # alternate-normal-foreground = mkLiteral "var(foreground)"; + # selected-normal-background = mkLiteral "var(nord8)"; + # selected-normal-foreground = mkLiteral "var(background)"; + # active-background = mkLiteral "var(background)"; + # active-foreground = mkLiteral "var(nord10)"; + # alternate-active-background = mkLiteral "var(background)"; + # alternate-active-foreground = mkLiteral "var(nord10)"; + # selected-active-background = mkLiteral "var(nord10)"; + # selected-active-foreground = mkLiteral "var(background)"; + # urgent-background = mkLiteral "var(background)"; + # urgent-foreground = mkLiteral "var(nord11)"; + # alternate-urgent-background = mkLiteral "var(background)"; + # alternate-urgent-foreground = mkLiteral "var(nord11)"; + # selected-urgent-background = mkLiteral "var(nord11)"; + # selected-urgent-foreground = mkLiteral "var(background)"; + # }; + # + # element = { + # padding = mkLiteral "0px 0px 0px 7px"; + # spacing = mkLiteral "5px"; + # border = 0; + # cursor = mkLiteral "pointer"; + # }; + + # "element normal.normal" = { + # background-color = mkLiteral "var(normal-background)"; + # text-color = mkLiteral "var(normal-foreground)"; + # }; + + # "element normal.urgent" = { + # background-color = mkLiteral "var(urgent-background)"; + # text-color = mkLiteral "var(urgent-foreground)"; + # }; + + # "element normal.active" = { + # background-color = mkLiteral "var(active-background)"; + # text-color = mkLiteral "var(active-foreground)"; + # }; + + # "element selected.normal" = { + # background-color = mkLiteral "var(selected-normal-background)"; + # text-color = mkLiteral "var(selected-normal-foreground)"; + # }; + + # "element selected.urgent" = { + # background-color = mkLiteral "var(selected-urgent-background)"; + # text-color = mkLiteral "var(selected-urgent-foreground)"; + # }; + + # "element selected.active" = { + # background-color = mkLiteral "var(selected-active-background)"; + # text-color = mkLiteral "var(selected-active-foreground)"; + # }; + + # "element alternate.normal" = { + # background-color = mkLiteral "var(alternate-normal-background)"; + # text-color = mkLiteral "var(alternate-normal-foreground)"; + # }; + + # "element alternate.urgent" = { + # background-color = mkLiteral "var(alternate-urgent-background)"; + # text-color = mkLiteral "var(alternate-urgent-foreground)"; + # }; + + # "element alternate.active" = { + # background-color = mkLiteral "var(alternate-active-background)"; + # text-color = mkLiteral "var(alternate-active-foreground)"; + # }; + + # "element-text" = { + # background-color = mkLiteral "rgba(0, 0, 0, 0%)"; + # text-color = mkLiteral "inherit"; + # highlight = mkLiteral "inherit"; + # cursor = mkLiteral "inherit"; + # }; + + # "element-icon" = { + # background-color = mkLiteral "rgba(0, 0, 0, 0%)"; + # size = mkLiteral "1.0000em"; + # text-color = mkLiteral "inherit"; + # cursor = mkLiteral "inherit"; + # }; + + # window = { + # padding = 0; + # border = 0; + # background-color = mkLiteral "var(background)"; + # }; + + # mainbox = { + # padding = 0; + # border = 0; + # }; + + # message = { + # margin = mkLiteral "0px 7px"; + # }; + + # textbox = { + # text-color = mkLiteral "var(foreground)"; + # }; + + # listview = { + # margin = mkLiteral "0px 0px 5px"; + # scrollbar = true; + # spacing = mkLiteral "2px"; + # fixed-height = 0; + # }; + + # scrollbar = { + # padding = 0; + # handle-width = mkLiteral "14px"; + # border = 0; + # handle-color = mkLiteral "var(nord3)"; + # }; + + # button = { + # spacing = 0; + # text-color = mkLiteral "var(normal-foreground)"; + # cursor = mkLiteral "pointer"; + # }; + + # "button selected" = { + # background-color = mkLiteral "var(selected-normal-background)"; + # text-color = mkLiteral "var(selected-normal-foreground)"; + # }; + + # inputbar = { + # padding = mkLiteral "7px"; + # margin = mkLiteral "7px"; + # spacing = 0; + # text-color = mkLiteral "var(normal-foreground)"; + # background-color = mkLiteral "var(nord3)"; + # children = [ "entry" ]; + # }; + + # entry = { + # spacing = 0; + # cursor = mkLiteral "text"; + # text-color = mkLiteral "var(normal-foreground)"; + # background-color = mkLiteral "var(nord3)"; + # }; + #}; +} diff --git a/user/modules/gui/wm/sway/default.nix b/src/user/modules/gui/wm/sway/default.nix similarity index 96% rename from user/modules/gui/wm/sway/default.nix rename to src/user/modules/gui/wm/sway/default.nix index f0d297b..d06dc2c 100644 --- a/user/modules/gui/wm/sway/default.nix +++ b/src/user/modules/gui/wm/sway/default.nix @@ -173,12 +173,5 @@ in }; fonts.fontconfig.enable = true; - - # Auto-start sway on tty1 - programs.bash.profileExtra = '' - if [ -z "$DISPLAY" ] && [ "$(tty)" = "/dev/tty1" ]; then - exec sway - fi - ''; }; } diff --git a/src/user/modules/security/default.nix b/src/user/modules/security/default.nix new file mode 100644 index 0000000..4b07f68 --- /dev/null +++ b/src/user/modules/security/default.nix @@ -0,0 +1,23 @@ +{ pkgs, lib, config, ... }: + +with lib; +let + cfg = config.modules.user.security; + pass = pkgs.pass.withExtensions (exts: with exts; [ + pass-audit + pass-otp + pass-update + #pass-tomb + ]); + +in +{ options.modules.user.security = { enable = mkEnableOption "Enable security module"; }; + config = mkIf cfg.enable { + home.packages = with pkgs; [ + pass + wireguard-tools + ipscan + yubikey-manager + ]; + }; +} diff --git a/user/modules/security/gpg/default.nix b/src/user/modules/security/modules/gpg/default.nix similarity index 97% rename from user/modules/security/gpg/default.nix rename to src/user/modules/security/modules/gpg/default.nix index 4863337..1751008 100644 --- a/user/modules/security/gpg/default.nix +++ b/src/user/modules/security/modules/gpg/default.nix @@ -43,7 +43,7 @@ in if gui.enable then pkgs.pinentry-gnome3 else - pkgs.pinentry-tty; + pkgs.pinentry-curses; }; }; } diff --git a/user/modules/tmux/config/tmux.nix b/src/user/modules/tmux/config/tmux.nix similarity index 100% rename from user/modules/tmux/config/tmux.nix rename to src/user/modules/tmux/config/tmux.nix diff --git a/user/modules/tmux/default.nix b/src/user/modules/tmux/default.nix similarity index 73% rename from user/modules/tmux/default.nix rename to src/user/modules/tmux/default.nix index 9bf2c47..a376258 100644 --- a/user/modules/tmux/default.nix +++ b/src/user/modules/tmux/default.nix @@ -33,12 +33,5 @@ in extraConfig = import ./config/tmux.nix; }; - - # Auto-start tmux only on local TTY (not SSH, not in tmux already) - programs.bash.profileExtra = mkIf (!wm.enable) '' - if [ -t 0 ] && [[ $- == *i* ]] && [ -z "$DISPLAY" ] && [ -z "$TMUX" ] && [ -z "$SSH_TTY" ] && [ -z "$SSH_CONNECTION" ]; then - exec tmux - fi - ''; }; } diff --git a/src/user/modules/utils/default.nix b/src/user/modules/utils/default.nix new file mode 100644 index 0000000..e8d4b86 --- /dev/null +++ b/src/user/modules/utils/default.nix @@ -0,0 +1,21 @@ +{ pkgs, lib, config, ... }: + +with lib; +let + cfg = config.modules.user.utils; + +in +{ options.modules.user.utils = { enable = mkEnableOption "user.utils"; }; + config = mkIf cfg.enable { + home.packages = with pkgs; [ + wget curl fastfetch + unzip fping calc fd pciutils + rsync zip lshw wireshark + calcurse + ]; + + programs.bash.shellAliases = { + calendar = "${pkgs.calcurse}/bin/calcurse"; + }; + }; +} diff --git a/src/user/modules/utils/modules/dev/config/penpot.nix b/src/user/modules/utils/modules/dev/config/penpot.nix new file mode 100644 index 0000000..3f79e97 --- /dev/null +++ b/src/user/modules/utils/modules/dev/config/penpot.nix @@ -0,0 +1,31 @@ +#TODO: Create a penpot derivation and properly fix the script +'' +function penpot() { + case "$1" in + run) + sudo docker compose -p penpot -f ~/Documents/tools/penpot/docker-compose.yaml up -d >/dev/null 2>&1 + nohup bash -c '(sleep 10 && if [[ "$OSTYPE" == "linux-gnu"* ]]; then + xdg-open "http://localhost:9001" + elif [[ "$OSTYPE" == "darwin"* ]]; then + open "http://localhost:9001" + fi)' >/dev/null 2>&1 & + echo "Started penpot on http://localhost:9001" + ;; + stop) + echo "Stopping penpot" + sudo docker compose -p penpot -f ~/Documents/tools/penpot/docker-compose.yaml down >/dev/null 2>&1 + ;; + update) + sudo docker compose -f ~/Documents/tools/penpot/docker-compose.yaml pull + echo "Updated penpot!" + ;; + help) + xdg-open "https://help.penpot.app/" + echo "Opened penpot help page in your browser." + ;; + *) + echo "Usage: penpot {run|stop|update|help}" + ;; + esac +} +'' diff --git a/user/modules/utils/dev/default.nix b/src/user/modules/utils/modules/dev/default.nix similarity index 91% rename from user/modules/utils/dev/default.nix rename to src/user/modules/utils/modules/dev/default.nix index 102807c..1fdb8bd 100644 --- a/user/modules/utils/dev/default.nix +++ b/src/user/modules/utils/modules/dev/default.nix @@ -18,12 +18,6 @@ in qrencode docker - - # Network/system tools - fping - wireguard-tools - pciutils - lshw ] ++ optionals (osConfig.virtualisation.libvirtd.enable) [ virt-manager ]; diff --git a/user/modules/gui/dev/pcb/default.nix b/src/user/modules/utils/modules/dev/modules/pcb/default.nix similarity index 54% rename from user/modules/gui/dev/pcb/default.nix rename to src/user/modules/utils/modules/dev/modules/pcb/default.nix index 59d89d9..a24fe8d 100644 --- a/user/modules/gui/dev/pcb/default.nix +++ b/src/user/modules/utils/modules/dev/modules/pcb/default.nix @@ -2,10 +2,10 @@ with lib; let - cfg = config.modules.user.gui.dev.pcb; + cfg = config.modules.user.utils.dev.pcb; in -{ options.modules.user.gui.dev.pcb = { enable = mkEnableOption "Enable PCB development suite"; }; +{ options.modules.user.utils.dev.pcb = { enable = mkEnableOption "Enable PCB development suite"; }; config = mkIf cfg.enable { home.packages = with pkgs; [ arduino-ide diff --git a/user/modules/utils/email/config/aerc.conf b/src/user/modules/utils/modules/email/config/aerc.conf similarity index 100% rename from user/modules/utils/email/config/aerc.conf rename to src/user/modules/utils/modules/email/config/aerc.conf diff --git a/user/modules/utils/email/config/binds.conf b/src/user/modules/utils/modules/email/config/binds.conf similarity index 100% rename from user/modules/utils/email/config/binds.conf rename to src/user/modules/utils/modules/email/config/binds.conf diff --git a/user/modules/utils/email/default.nix b/src/user/modules/utils/modules/email/default.nix similarity index 100% rename from user/modules/utils/email/default.nix rename to src/user/modules/utils/modules/email/default.nix diff --git a/user/modules/utils/irc/default.nix b/src/user/modules/utils/modules/irc/default.nix similarity index 100% rename from user/modules/utils/irc/default.nix rename to src/user/modules/utils/modules/irc/default.nix diff --git a/user/modules/neovim/.luarc.json b/src/user/modules/utils/modules/neovim/.luarc.json similarity index 100% rename from user/modules/neovim/.luarc.json rename to src/user/modules/utils/modules/neovim/.luarc.json diff --git a/user/modules/neovim/nvim b/src/user/modules/utils/modules/neovim/config/nvim similarity index 100% rename from user/modules/neovim/nvim rename to src/user/modules/utils/modules/neovim/config/nvim diff --git a/user/modules/neovim/pkgs.nix b/src/user/modules/utils/modules/neovim/config/pkgs.nix similarity index 95% rename from user/modules/neovim/pkgs.nix rename to src/user/modules/utils/modules/neovim/config/pkgs.nix index 04dcd86..35b1e0d 100644 --- a/user/modules/neovim/pkgs.nix +++ b/src/user/modules/utils/modules/neovim/config/pkgs.nix @@ -6,7 +6,7 @@ let nixd lua-language-server marksman - taplo + taplo # TOML ]; lsp' = with pkgs.nodePackages; [ diff --git a/user/modules/neovim/default.nix b/src/user/modules/utils/modules/neovim/default.nix similarity index 55% rename from user/modules/neovim/default.nix rename to src/user/modules/utils/modules/neovim/default.nix index 9a90d08..9b0c478 100644 --- a/user/modules/neovim/default.nix +++ b/src/user/modules/utils/modules/neovim/default.nix @@ -2,21 +2,21 @@ with lib; let - cfg = config.modules.user.neovim; + cfg = config.modules.user.utils.neovim; in -{ options.modules.user.neovim = { enable = mkEnableOption "user.neovim"; }; +{ options.modules.user.utils.neovim = { enable = mkEnableOption "user.utils.neovim"; }; config = mkIf cfg.enable { programs.neovim = { enable = true; defaultEditor = true; vimAlias = true; vimdiffAlias = true; - extraPackages = import ./pkgs.nix { inherit pkgs; }; + extraPackages = import ./config/pkgs.nix { inherit pkgs; }; }; home.file.".config/nvim" = { - source = ./nvim; + source = ./config/nvim; recursive = true; }; }; diff --git a/user/modules/vim/default.nix b/src/user/modules/utils/modules/vim/default.nix similarity index 72% rename from user/modules/vim/default.nix rename to src/user/modules/utils/modules/vim/default.nix index 68aed8a..61cafa1 100644 --- a/user/modules/vim/default.nix +++ b/src/user/modules/utils/modules/vim/default.nix @@ -2,10 +2,10 @@ with lib; let - cfg = config.modules.user.vim; + cfg = config.modules.user.utils.vim; in -{ options.modules.user.vim = { enable = mkEnableOption "user.vim"; }; +{ options.modules.user.utils.vim = { enable = mkEnableOption "user.utils.vim"; }; config = mkIf cfg.enable { programs.bash.shellAliases = { vi = "${pkgs.vim}/bin/vim"; diff --git a/src/user/modules/utils/modules/vim/vim b/src/user/modules/utils/modules/vim/vim new file mode 160000 index 0000000..64b4c54 --- /dev/null +++ b/src/user/modules/utils/modules/vim/vim @@ -0,0 +1 @@ +Subproject commit 64b4c545481b593d2859bfb3e1c10cd91742213f diff --git a/system.configs b/system.configs new file mode 120000 index 0000000..44b8b3f --- /dev/null +++ b/system.configs @@ -0,0 +1 @@ +src/system/machines/ \ No newline at end of file diff --git a/system/machines/desktop/default.nix b/system/machines/desktop/default.nix deleted file mode 100644 index 18bc85c..0000000 --- a/system/machines/desktop/default.nix +++ /dev/null @@ -1,14 +0,0 @@ -{ inputs, ... }: - -{ - imports = [ - inputs.disko.nixosModules.disko - (import ./modules/disko) - inputs.home-manager.nixosModules.home-manager - (import ./modules/home-manager) - ../../../user - ../../keys - ./hardware.nix - ./system.nix - ]; -} diff --git a/system/machines/desktop/modules/home-manager/home.nix b/system/machines/desktop/modules/home-manager/home.nix deleted file mode 100644 index ef360f0..0000000 --- a/system/machines/desktop/modules/home-manager/home.nix +++ /dev/null @@ -1,54 +0,0 @@ -{ config, ... }: - -{ - home-manager.useGlobalPkgs = true; - home-manager.useUserPackages = true; - home-manager.extraSpecialArgs = { - monitors = config.monitors; - }; - home-manager.users.${config.user.name} = { - imports = [ - ../../../../../user - ../../../../../user/home.nix - ../../../../../user/modules - ]; - - home.stateVersion = "23.11"; - - programs.ssh = { - enable = true; - enableDefaultConfig = false; - matchBlocks = { - "*" = { - serverAliveInterval = 60; - serverAliveCountMax = 3; - }; - "server" = { - hostname = "192.168.0.154"; - user = "bryan"; - }; - }; - }; - - # Machine-specific modules - modules.user = { - vim.enable = false; - security.yubikey.enable = true; - - utils = { - dev.enable = true; - irc.enable = true; - writing.enable = true; - }; - - gui = { - wm.hyprland.enable = true; - browser.firefox.enable = true; - alacritty.enable = true; - corn.enable = true; - fun.enable = true; - utils.enable = true; - }; - }; - }; -} diff --git a/system/machines/server/default.nix b/system/machines/server/default.nix deleted file mode 100644 index 18bc85c..0000000 --- a/system/machines/server/default.nix +++ /dev/null @@ -1,14 +0,0 @@ -{ inputs, ... }: - -{ - imports = [ - inputs.disko.nixosModules.disko - (import ./modules/disko) - inputs.home-manager.nixosModules.home-manager - (import ./modules/home-manager) - ../../../user - ../../keys - ./hardware.nix - ./system.nix - ]; -} diff --git a/system/machines/server/modules/frigate/default.nix b/system/machines/server/modules/frigate/default.nix deleted file mode 100644 index 4ac4fc1..0000000 --- a/system/machines/server/modules/frigate/default.nix +++ /dev/null @@ -1,188 +0,0 @@ -{ pkgs, lib, config, ... }: - -with lib; -let - cfg = config.modules.system.frigate; - nginx = config.modules.system.nginx; - domain = "ramos.codes"; - -in -{ - options.modules.system.frigate = { - enable = mkEnableOption "Enable Frigate NVR"; - }; - - config = mkIf cfg.enable { - # go2rtc service (required - NixOS frigate doesn't bundle it) - services.go2rtc = { - enable = true; - settings = { - rtsp.listen = ":8554"; - webrtc.listen = ":8555"; - streams = { - doorbell = "rtsp://admin:ocu%3Fu3Su@192.168.1.167/cam/realmonitor?channel=1&subtype=0#backchannel=1"; - doorbell_sub = "rtsp://admin:ocu%3Fu3Su@192.168.1.167/cam/realmonitor?channel=1&subtype=1"; - living_room = "rtsp://admin:ocu%3Fu3Su@192.168.1.147/cam/realmonitor?channel=1&subtype=0#backchannel=1"; - living_room_sub = "rtsp://admin:ocu%3Fu3Su@192.168.1.147/cam/realmonitor?channel=1&subtype=1"; - kitchen = "rtsp://admin:ocu%3Fu3Su@192.168.1.147/cam/realmonitor?channel=2&subtype=0#backchannel=1"; - kitchen_sub = "rtsp://admin:ocu%3Fu3Su@192.168.1.147/cam/realmonitor?channel=2&subtype=1"; - parking_lot = "rtsp://admin:ocu%3Fu3Su@192.168.1.194/cam/realmonitor?channel=1&subtype=0"; - parking_lot_sub = "rtsp://admin:ocu%3Fu3Su@192.168.1.194/cam/realmonitor?channel=1&subtype=1"; - }; - }; - }; - - services.frigate = { - enable = true; - hostname = "frigate.${domain}"; - vaapiDriver = "i965"; # Haswell iGPU for H.264 decode - settings = { - mqtt.enabled = false; - - ffmpeg = { - hwaccel_args = "preset-vaapi"; # VAAPI for H.264 substream detection - input_args = "preset-rtsp-restream"; # TCP transport for go2rtc - }; - - detect.enabled = true; - - record = { - enabled = true; - # 24/7 recording - needs better hardware - # retain = { - # days = 14; - # mode = "all"; - # }; - }; - cameras = { - doorbell = { - enabled = true; - detect = { - enabled = true; - width = 640; - height = 480; - }; - ffmpeg.inputs = [ - { - path = "rtsp://127.0.0.1:8554/doorbell"; - roles = [ "record" ]; - } - { - path = "rtsp://127.0.0.1:8554/doorbell_sub"; - roles = [ "detect" ]; - } - ]; - }; - living_room = { - enabled = true; - detect.enabled = false; # Disable in GUI - audio.enabled = true; - motion.mask = [ "0.969,0.078,0.846,0.075,0.845,0.034,0.97,0.037" ]; - ffmpeg.inputs = [ - { - path = "rtsp://127.0.0.1:8554/living_room"; - roles = [ "record" ]; - } - { - path = "rtsp://127.0.0.1:8554/living_room_sub"; - roles = [ "detect" "audio" ]; - } - ]; - }; - kitchen = { - enabled = true; - detect.enabled = false; # Disable in GUI - audio.enabled = true; - motion.mask = [ "0.847,0.072,0.846,0.029,0.969,0.032,0.969,0.072" ]; - ffmpeg.inputs = [ - { - path = "rtsp://127.0.0.1:8554/kitchen"; - roles = [ "record" ]; - } - { - path = "rtsp://127.0.0.1:8554/kitchen_sub"; - roles = [ "detect" "audio" ]; - } - ]; - }; - parking_lot = { - enabled = true; - detect = { - enabled = true; - width = 640; - height = 480; - }; - motion.mask = [ "0.811,0.109,0.954,0.111,0.959,0.065,0.811,0.055" ]; - zones.Car = { - coordinates = "0.299,0.438,0.191,0.951,0.453,0.964,0.453,0.437"; - loitering_time = 5; - }; - ffmpeg.inputs = [ - { - path = "rtsp://127.0.0.1:8554/parking_lot"; - roles = [ "record" ]; - } - { - path = "rtsp://127.0.0.1:8554/parking_lot_sub"; - roles = [ "detect" ]; - } - ]; - }; - }; - }; - }; - - # Add SSL to frigate's nginx virtualHost - services.nginx.virtualHosts."frigate.${domain}" = mkIf nginx.enable { - useACMEHost = domain; - forceSSL = true; - locations."/go2rtc/" = { - proxyPass = "http://127.0.0.1:1984/"; - proxyWebsockets = true; - }; - }; - - # Frigate segment cache in RAM (reduces disk writes) - fileSystems."/var/cache/frigate" = { - device = "tmpfs"; - fsType = "tmpfs"; - options = [ "size=512M" "mode=0755" ]; - }; - - systemd.tmpfiles.rules = [ - # Set ownership after tmpfs mount - "d /var/cache/frigate 0750 frigate frigate -" - # Create log directories for Frigate API (NixOS uses journald, but API expects these) - "d /dev/shm/logs 0755 frigate frigate -" - "d /dev/shm/logs/frigate 0755 frigate frigate -" - "d /dev/shm/logs/nginx 0755 frigate frigate -" - "d /dev/shm/logs/go2rtc 0755 frigate frigate -" - ]; - - # Pipe journald logs to files for Frigate GUI - systemd.services.frigate-log-pipe = { - description = "Pipe logs to /dev/shm for Frigate GUI"; - wantedBy = [ "multi-user.target" ]; - after = [ "frigate.service" "go2rtc.service" "nginx.service" ]; - serviceConfig = { - Type = "simple"; - Restart = "always"; - ExecStart = pkgs.writeShellScript "frigate-log-pipe" '' - while true; do - ${pkgs.systemd}/bin/journalctl -u frigate -n 500 -o cat > /dev/shm/logs/frigate/current 2>/dev/null - ${pkgs.systemd}/bin/journalctl -u go2rtc -n 500 -o cat > /dev/shm/logs/go2rtc/current 2>/dev/null - ${pkgs.systemd}/bin/journalctl -u nginx -n 500 -o cat > /dev/shm/logs/nginx/current 2>/dev/null - chown frigate:frigate /dev/shm/logs/*/current - sleep 5 - done - ''; - }; - }; - - # Backup recordings/database - modules.system.backup = { - paths = [ "/var/lib/frigate" ]; - }; - - }; -} diff --git a/system/machines/server/modules/home-manager/default.nix b/system/machines/server/modules/home-manager/default.nix deleted file mode 100644 index c3a558b..0000000 --- a/system/machines/server/modules/home-manager/default.nix +++ /dev/null @@ -1,23 +0,0 @@ -{ config, ... }: - -{ - home-manager.useGlobalPkgs = true; - home-manager.useUserPackages = true; - home-manager.users.${config.user.name} = { - imports = [ - ../../../../../user - ../../../../../user/home.nix - ../../../../../user/modules - ]; - - home.stateVersion = "25.11"; - - # Machine-specific modules - modules.user = { - neovim.enable = false; - vim.enable = true; - tmux.enable = false; - utils.dev.enable = true; - }; - }; -} diff --git a/system/machines/server/modules/webdav/default.nix b/system/machines/server/modules/webdav/default.nix deleted file mode 100644 index 1b90573..0000000 --- a/system/machines/server/modules/webdav/default.nix +++ /dev/null @@ -1,69 +0,0 @@ -{ pkgs, lib, config, ... }: - -with lib; -let - cfg = config.modules.system.webdav; - domain = "ramos.codes"; - -in -{ - options.modules.system.webdav = { - enable = mkEnableOption "WebDAV server for phone backups"; - - directory = mkOption { - type = types.path; - default = "/var/lib/seedvault"; - description = "Directory to store backups"; - }; - }; - - config = mkIf cfg.enable { - # Create backup directory - systemd.tmpfiles.rules = [ - "d ${cfg.directory} 0750 webdav webdav -" - ]; - - services.webdav = { - enable = true; - # Credentials in /var/lib/webdav/env: - # WEBDAV_USERNAME=seedvault - # WEBDAV_PASSWORD=your-secure-password - environmentFile = "/var/lib/webdav/env"; - settings = { - address = "127.0.0.1"; - port = 8090; - directory = cfg.directory; - behindProxy = true; - permissions = "CRUD"; # Create, Read, Update, Delete - users = [ - { - username = "{env}WEBDAV_USERNAME"; - password = "{env}WEBDAV_PASSWORD"; - } - ]; - }; - }; - - services.nginx.virtualHosts."backup.${domain}" = { - useACMEHost = domain; - forceSSL = true; - locations."/" = { - proxyPass = "http://127.0.0.1:8090"; - extraConfig = '' - proxy_set_header Host $host; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header X-Forwarded-Proto $scheme; - - # WebDAV needs these - proxy_pass_request_headers on; - proxy_set_header Destination $http_destination; - - # Large file uploads for backups - client_max_body_size 0; - proxy_request_buffering off; - ''; - }; - }; - }; -} diff --git a/system/machines/wsl/default.nix b/system/machines/wsl/default.nix deleted file mode 100644 index 9c3065f..0000000 --- a/system/machines/wsl/default.nix +++ /dev/null @@ -1,13 +0,0 @@ -{ inputs, ... }: - -{ - imports = [ - inputs.nixos-wsl.nixosModules.wsl - (import ./modules/wsl) - inputs.home-manager.nixosModules.home-manager - (import ./modules/home-manager) - ../../../user - ../../keys - ./system.nix - ]; -} diff --git a/system/machines/wsl/modules/home-manager/home.nix b/system/machines/wsl/modules/home-manager/home.nix deleted file mode 100644 index dc8a221..0000000 --- a/system/machines/wsl/modules/home-manager/home.nix +++ /dev/null @@ -1,24 +0,0 @@ -{ config, ... }: - -{ - home-manager.useGlobalPkgs = true; - home-manager.useUserPackages = true; - home-manager.users.${config.user.name} = { - imports = [ - ../../../../../user - ../../../../../user/home.nix - ../../../../../user/modules - ]; - - home.stateVersion = "23.11"; - - # Machine-specific modules - modules.user = { - utils = { - dev.enable = true; - email.enable = true; - irc.enable = true; - }; - }; - }; -} diff --git a/user.configs b/user.configs new file mode 120000 index 0000000..b1100ee --- /dev/null +++ b/user.configs @@ -0,0 +1 @@ +src/user/config/ \ No newline at end of file diff --git a/user/home.nix b/user/home.nix deleted file mode 100644 index 3603c8d..0000000 --- a/user/home.nix +++ /dev/null @@ -1,38 +0,0 @@ -{ lib, pkgs, config, ... }: - -let - pass = pkgs.pass.withExtensions (exts: with exts; [ - pass-audit - pass-otp - pass-update - pass-tomb - ]); - -in -{ - programs.home-manager.enable = true; - - home.username = config.user.name; - home.homeDirectory = "/home/${config.user.name}"; - - # Essential packages for all users - home.packages = with pkgs; [ - pass - wget curl fastfetch fd - unzip zip rsync - calc calcurse - ]; - - programs.bash.shellAliases = { - cal = "${pkgs.calcurse}/bin/calcurse"; - calendar = "${pkgs.calcurse}/bin/calcurse"; - }; - - # Default modules for all users (machines can override with mkForce false) - modules.user = { - bash.enable = lib.mkDefault true; - git.enable = lib.mkDefault true; - neovim.enable = lib.mkDefault true; - security.gpg.enable = lib.mkDefault true; - }; -} diff --git a/user/modules/bash/bash b/user/modules/bash/bash deleted file mode 160000 index a90d892..0000000 --- a/user/modules/bash/bash +++ /dev/null @@ -1 +0,0 @@ -Subproject commit a90d89277c4bbd363d6929f434eef633bea439f5 diff --git a/user/modules/gui/default.nix b/user/modules/gui/default.nix deleted file mode 100644 index 6b9286c..0000000 --- a/user/modules/gui/default.nix +++ /dev/null @@ -1,30 +0,0 @@ -{ lib, config, ... }: - -let - programs = config.programs; - - defaultBrowser = - if programs.firefox.enable then "firefox.desktop" - else if programs.brave.enable then "brave-browser.desktop" - else if programs.chromium.enable then "chromium.desktop" - else null; - - types = [ - "text/html" "application/xhtml+xml" - "x-scheme-handler/http" "x-scheme-handler/https" - "application/pdf" - "image/png" "image/jpeg" "image/jpg" "image/gif" - "image/webp" "image/avif" "image/bmp" "image/tiff" "image/svg+xml" - "video/mp4" "video/webm" "video/mkv" "video/avi" - "video/x-matroska" "video/quicktime" - ]; - -in -{ - xdg.mimeApps = lib.mkIf (defaultBrowser != null) { - enable = true; - defaultApplications = builtins.listToAttrs ( - map (t: { name = t; value = [ defaultBrowser ]; }) types - ); - }; -} diff --git a/user/modules/gui/dev/design/default.nix b/user/modules/gui/dev/design/default.nix deleted file mode 100644 index 392da8f..0000000 --- a/user/modules/gui/dev/design/default.nix +++ /dev/null @@ -1,14 +0,0 @@ -{ pkgs, lib, config, ... }: - -with lib; -let - cfg = config.modules.user.gui.dev.design; - -in -{ options.modules.user.gui.dev.design = { enable = mkEnableOption "Enable design tools"; }; - config = mkIf cfg.enable { - home.packages = with pkgs; [ - penpot-desktop - ]; - }; -} diff --git a/user/modules/security/yubikey/default.nix b/user/modules/security/yubikey/default.nix deleted file mode 100644 index 62f3ead..0000000 --- a/user/modules/security/yubikey/default.nix +++ /dev/null @@ -1,16 +0,0 @@ -{ pkgs, lib, config, ... }: - -with lib; -let - cfg = config.modules.user.security.yubikey; - -in -{ options.modules.user.security.yubikey = { enable = mkEnableOption "Enable Yubikey support"; }; - config = mkIf cfg.enable { - home.packages = with pkgs; [ - yubikey-manager - age-plugin-yubikey - yubico-piv-tool - ]; - }; -} diff --git a/user/modules/vim/vim b/user/modules/vim/vim deleted file mode 160000 index e5ff26b..0000000 --- a/user/modules/vim/vim +++ /dev/null @@ -1 +0,0 @@ -Subproject commit e5ff26b6f6ec9b8e9f8737dc5418d6a64a68ec4b