Blunkall-Technologies/Olympus
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

remodel begin

Browse Source
This commit is contained in:
Nathan
2025-08-17 14:04:02 -05:00
parent 1a0a5ced12
commit 453f175edc
36 changed files with 283 additions and 112 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
flake.nix
View File

@@ -112,7 +112,8 @@
homebox = nixpkgs.lib.nixosSystem { homebox = nixpkgs.lib.nixosSystem {
specialArgs = { specialArgs = {
inputs = inputs // { inputs = inputs // {
nathan-home-manager = import ./home-manager/nathan; nathan = import ./home-manager/users/nathan;
home-manager-config = import ./home-manager;
tokyo-night-sddm-theme = self.tokyo-night-sddm-theme; tokyo-night-sddm-theme = self.tokyo-night-sddm-theme;
inherit self; inherit self;
}; };
@@ -126,8 +127,10 @@
laptop = nixpkgs.lib.nixosSystem { laptop = nixpkgs.lib.nixosSystem {
specialArgs = { specialArgs = {
inputs = inputs // { inputs = inputs // {
nathan-home-manager = import ./home-manager/nathan; nathan = import ./home-manager/users/nathan;
home-manager-config = import ./home-manager;
tokyo-night-sddm-theme = self.tokyo-night-sddm-theme; tokyo-night-sddm-theme = self.tokyo-night-sddm-theme;
inherit self;
}; };
}; };
modules = [ modules = [

8
home-manager/default.nix
View File

@@ -0,0 +1,8 @@
{ ... }: {
imports = [
./programs
./services
./users
];
}

0
home-manager/users/default.nix Normal file
View File

93
system-config/configuration/homebox/default.nix
View File

@@ -176,41 +176,82 @@
}; };
sysconfig = { sysconfig = {
opts = {
users = {
nathan = {
extraGroups = [ "wheel" "networkmanager" ];
sshKeys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAsU69CxfQk58CvItPN426h5Alnpb60SH37wet97Vb57 nathan@laptop"
];
hashedPasswordFile = config.sops.secrets."nathan/pass".path;
home-manager = {
enable = true;
extraModules = [
{
homeconfig = {
host = "homebox";
minimal = false;
wayvnc.enable = false;
hyprland.enable = true;
swaylock.enable = true;
wal.enable = true;
mpd.enable = true;
ags.enable = true;
calcurse.enable = true;
rofi.enable = true;
firefox.enable = true;
git.enable = true;
nh.enable = true;
};
home.packages = [
pkgs.wayvnc
];
}
];
};
};
};
services = {
sddm.enable = true; sddm.enable = true;
openssh.enable = true; openssh.enable = true;
pipewire.enable = true; pipewire.enable = true;
ags.enable = true;
hyprland.enable = true;
netbird.enable = true; netbird.enable = true;
minecraft.enable = false; minecraft.enable = false;
};
programs = {
hyprland.enable = true;
ags.enable = true;
steam.enable = false; steam.enable = false;
virtualization = { };
traefik.enable = true;
jellyfin.enable = true; virtualization = {
"blunkall.us".enable = true; traefik.enable = true;
nextcloud.enable = true; jellyfin.enable = true;
ntfy.enable = false; "blunkall.us".enable = true;
gitea.enable = true; nextcloud.enable = true;
n8n.enable = true; ntfy.enable = false;
keycloak.enable = true; gitea.enable = true;
netbird.enable = true; n8n.enable = true;
ollama.enable = true; keycloak.enable = true;
homeassistant.enable = true; netbird.enable = true;
wyoming = { ollama.enable = true;
enable = true; homeassistant.enable = true;
piper = true; wyoming = {
openwakeword = true; enable = true;
faster-whisper = true; piper = true;
}; openwakeword = true;
rustdesk.enable = false; #broken faster-whisper = true;
};
rustdesk.enable = false; #broken
pihole.enable = false; #broken pihole.enable = false; #broken
code-server.enable = false; code-server.enable = false;
novnc.enable = true; novnc.enable = true;
minecraft.enable = true; minecraft.enable = true;
sandbox.enable = false; sandbox.enable = false;
};
}; };
}; };

62
system-config/configuration/laptop/default.nix
View File

@@ -66,17 +66,58 @@
alsa-utils alsa-utils
]; ];
sysconfig.opts = { sysconfig = {
sddm.enable = true; users = {
openssh.enable = false; nathan = {
steam.enable = true; extraGroups = [ "wheel" "networkmanager" ];
pipewire.enable = true; sshKeys = [
ags.enable = true; "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAsU69CxfQk58CvItPN426h5Alnpb60SH37wet97Vb57 nathan@laptop"
kdePlasma6.enable = true; ];
hyprland.enable = true; hashedPasswordFile = config.sops.secrets."nathan/pass".path;
netbird.enable = true; home-manager = {
enable = true;
extraModules = [
{
homeconfig = {
host = "homebox";
minimal = false;
wayvnc.enable = false;
hyprland.enable = true;
swaylock.enable = true;
wal.enable = true;
mpd.enable = true;
ags.enable = true;
calcurse.enable = true;
rofi.enable = true;
firefox.enable = true;
git.enable = true;
nh.enable = true;
};
home.packages = [
pkgs.wayvnc
];
}
];
};
};
};
services = {
sddm.enable = true;
openssh.enable = false;
pipewire.enable = true;
kdePlasma6.enable = true;
netbird.enable = true;
ollama.enable = true;
};
programs = {
steam.enable = true;
ags.enable = true;
hyprland.enable = true;
};
ollama.enable = true;
virtualization = { virtualization = {
@@ -117,7 +158,6 @@
} }
(inputs.nathan-home-manager { (inputs.nathan-home-manager {
config = config.home-manager.users."nathan"; config = config.home-manager.users."nathan";
sysconfig = config;
inherit lib pkgs; inherit lib pkgs;
}) })
]; ];

4
system-config/programs/ags/default.nix
View File

@@ -1,11 +1,11 @@
{ config, lib, pkgs, ... }: { { config, lib, pkgs, ... }: {
options.sysconfig.opts.ags.enable = lib.options.mkOption { options.sysconfig.programs.ags.enable = lib.options.mkOption {
type = lib.types.bool; type = lib.types.bool;
default = false; default = false;
}; };
config = lib.mkIf config.sysconfig.opts.ags.enable { config = lib.mkIf config.sysconfig.programs.ags.enable {
services = { services = {
upower.enable = true; upower.enable = true;
gvfs.enable = true; gvfs.enable = true;

6
system-config/programs/hyprland/default.nix
View File

@@ -1,13 +1,13 @@
{ config, lib, pkgs, inputs, ... }: { { config, lib, pkgs, inputs, ... }: {
options.sysconfig.opts.hyprland.enable = lib.options.mkOption { options.sysconfig.programs.hyprland.enable = lib.options.mkOption {
type = lib.types.bool; type = lib.types.bool;
default = false; default = false;
}; };
config = lib.mkIf config.sysconfig.opts.hyprland.enable { config = lib.mkIf config.sysconfig.programs.hyprland.enable {
sysconfig.opts.sddm.enable = lib.mkDefault true; sysconfig.services.sddm.enable = lib.mkDefault true;
environment.sessionVariables.NIXOS_OZONE_WL = "1"; environment.sessionVariables.NIXOS_OZONE_WL = "1";

4
system-config/programs/steam/default.nix
View File

@@ -1,11 +1,11 @@
{ config, lib, ... }: { { config, lib, ... }: {
options.sysconfig.opts.steam.enable = lib.options.mkOption { options.sysconfig.programs.steam.enable = lib.options.mkOption {
type = lib.types.bool; type = lib.types.bool;
default = false; default = false;
}; };
config = lib.mkIf config.sysconfig.opts.steam.enable { config = lib.mkIf config.sysconfig.programs.steam.enable {
programs.steam = { programs.steam = {
enable = true; enable = true;

4
system-config/services/containers/code-server/default.nix
View File

@@ -1,11 +1,11 @@
{ config, lib, ... }: { { config, lib, ... }: {
options.sysconfig.opts.virtualization.code-server.enable = lib.options.mkOption { options.sysconfig.virtualization.code-server.enable = lib.options.mkOption {
type = lib.types.bool; type = lib.types.bool;
default = false; default = false;
}; };
config = lib.mkIf config.sysconfig.opts.virtualization.code-server.enable { config = lib.mkIf config.sysconfig.virtualization.code-server.enable {
containers.code-server = { containers.code-server = {

4
system-config/services/containers/gitea/default.nix
View File

@@ -1,11 +1,11 @@
{ config, lib, pkgs, ... }: { { config, lib, pkgs, ... }: {
options.sysconfig.opts.virtualization.gitea.enable = lib.options.mkOption { options.sysconfig.virtualization.gitea.enable = lib.options.mkOption {
type = lib.types.bool; type = lib.types.bool;
default = false; default = false;
}; };
config = lib.mkIf config.sysconfig.opts.virtualization.gitea.enable { config = lib.mkIf config.sysconfig.virtualization.gitea.enable {
networking = { networking = {
hosts."192.168.100.20" = [ "gitea.blunkall.us" ]; hosts."192.168.100.20" = [ "gitea.blunkall.us" ];

4
system-config/services/containers/gitlab/default.nix
View File

@@ -1,11 +1,11 @@
{ config, lib, pkgs, ... }: { { config, lib, pkgs, ... }: {
options.sysconfig.opts.virtualization.gitlab.enable = lib.options.mkOption { options.sysconfig.virtualization.gitlab.enable = lib.options.mkOption {
type = lib.types.bool; type = lib.types.bool;
default = false; default = false;
}; };
config = lib.mkIf config.sysconfig.opts.virtualization.gitlab.enable { config = lib.mkIf config.sysconfig.virtualization.gitlab.enable {
sops.secrets = { sops.secrets = {
"gitlab/db_pass" = {}; "gitlab/db_pass" = {};

4
system-config/services/containers/homeassistant/default.nix
View File

@@ -1,6 +1,6 @@
{ config, lib, ... }: { { config, lib, ... }: {
options.sysconfig.opts.virtualization.homeassistant = { options.sysconfig.virtualization.homeassistant = {
enable = lib.options.mkOption { enable = lib.options.mkOption {
type = lib.types.bool; type = lib.types.bool;
default = false; default = false;
@@ -11,7 +11,7 @@
}; };
}; };
config = lib.mkIf config.sysconfig.opts.virtualization.homeassistant.enable { config = lib.mkIf config.sysconfig.virtualization.homeassistant.enable {
networking = { networking = {
hosts."192.168.100.25" = [ "hass.local" ]; hosts."192.168.100.25" = [ "hass.local" ];

4
system-config/services/containers/jellyfin/default.nix
View File

@@ -1,11 +1,11 @@
{ config, lib, ... }: { { config, lib, ... }: {
options.sysconfig.opts.virtualization.jellyfin.enable = lib.options.mkOption { options.sysconfig.virtualization.jellyfin.enable = lib.options.mkOption {
type = lib.types.bool; type = lib.types.bool;
default = false; default = false;
}; };
config = lib.mkIf config.sysconfig.opts.virtualization.jellyfin.enable { config = lib.mkIf config.sysconfig.virtualization.jellyfin.enable {
containers.jellyfin = { containers.jellyfin = {

4
system-config/services/containers/keycloak/default.nix
View File

@@ -1,6 +1,6 @@
{ config, lib, inputs, ... }: { { config, lib, inputs, ... }: {
options.sysconfig.opts.virtualization.keycloak.enable = lib.options.mkOption { options.sysconfig.virtualization.keycloak.enable = lib.options.mkOption {
type = lib.types.bool; type = lib.types.bool;
default = false; default = false;
}; };
@@ -9,7 +9,7 @@
inputs.sops-nix.nixosModules.sops inputs.sops-nix.nixosModules.sops
]; ];
config = lib.mkIf config.sysconfig.opts.virtualization.keycloak.enable { config = lib.mkIf config.sysconfig.virtualization.keycloak.enable {
sops.secrets."keycloak/dbpass" = {}; sops.secrets."keycloak/dbpass" = {};

4
system-config/services/containers/minecraft/default.nix
View File

@@ -1,12 +1,12 @@
{ config, lib, pkgs, inputs, ... }: { { config, lib, pkgs, inputs, ... }: {
options.sysconfig.opts.virtualization.minecraft.enable = lib.options.mkOption { options.sysconfig.virtualization.minecraft.enable = lib.options.mkOption {
type = lib.types.bool; type = lib.types.bool;
default = false; default = false;
}; };
config = lib.mkIf config.sysconfig.opts.virtualization.minecraft.enable { config = lib.mkIf config.sysconfig.virtualization.minecraft.enable {
networking = { networking = {
firewall = { firewall = {

4
system-config/services/containers/n8n/default.nix
View File

@@ -1,11 +1,11 @@
{ config, lib, ... }: { { config, lib, ... }: {
options.sysconfig.opts.virtualization.n8n.enable = lib.options.mkOption { options.sysconfig.virtualization.n8n.enable = lib.options.mkOption {
type = lib.types.bool; type = lib.types.bool;
default = false; default = false;
}; };
config = lib.mkIf config.sysconfig.opts.virtualization.n8n.enable { config = lib.mkIf config.sysconfig.virtualization.n8n.enable {
networking = { networking = {
hosts."192.168.100.21" = [ "n8n.local" ]; hosts."192.168.100.21" = [ "n8n.local" ];

12
system-config/services/containers/netbird/default.nix
View File

@@ -1,8 +1,8 @@
{ config, lib, inputs, ... }: { { config, lib, inputs, ... }: {
options.sysconfig.opts = { options.sysconfig = {
netbird.enable = lib.options.mkOption { services.netbird.enable = lib.options.mkOption {
type = lib.types.bool; type = lib.types.bool;
default = false; default = false;
}; };
@@ -18,21 +18,21 @@
config = { config = {
services.netbird = { services.netbird = {
enable = config.sysconfig.opts.netbird.enable; enable = config.sysconfig.services.netbird.enable;
}; };
networking = { networking = {
firewall = lib.mkIf config.sysconfig.opts.virtualization.netbird.enable { firewall = lib.mkIf config.sysconfig.virtualization.netbird.enable {
allowedUDPPorts = [ 3478 ]; allowedUDPPorts = [ 3478 ];
allowedUDPPortRanges = [{ from = 51100; to = 56100; }]; allowedUDPPortRanges = [{ from = 51100; to = 56100; }];
}; };
nat.internalInterfaces = [ "ve-netbird" ]; nat.internalInterfaces = [ "ve-netbird" ];
}; };
sops.secrets."netbird/coturnPass" = lib.mkIf config.sysconfig.opts.virtualization.netbird.enable {}; sops.secrets."netbird/coturnPass" = lib.mkIf config.sysconfig.virtualization.netbird.enable {};
containers.netbird = lib.mkIf config.sysconfig.opts.virtualization.netbird.enable { containers.netbird = lib.mkIf config.sysconfig.virtualization.netbird.enable {
autoStart = true; autoStart = true;
privateNetwork = true; privateNetwork = true;

4
system-config/services/containers/nextcloud/default.nix
View File

@@ -1,11 +1,11 @@
{ config, lib, ... }: { { config, lib, ... }: {
options.sysconfig.opts.virtualization.nextcloud.enable = lib.options.mkOption { options.sysconfig.virtualization.nextcloud.enable = lib.options.mkOption {
type = lib.types.bool; type = lib.types.bool;
default = false; default = false;
}; };
config = lib.mkIf config.sysconfig.opts.virtualization.nextcloud.enable { config = lib.mkIf config.sysconfig.virtualization.nextcloud.enable {
sops.secrets."nextcloud/pass" = {}; sops.secrets."nextcloud/pass" = {};

4
system-config/services/containers/nginx/default.nix
View File

@@ -1,11 +1,11 @@
{ config, lib, ... }: { { config, lib, ... }: {
options.sysconfig.opts.virtualization."blunkall.us".enable = lib.mkOption { options.sysconfig.virtualization."blunkall.us".enable = lib.mkOption {
type = lib.types.bool; type = lib.types.bool;
default = false; default = false;
}; };
config = lib.mkIf config.sysconfig.opts.virtualization."blunkall.us".enable { config = lib.mkIf config.sysconfig.virtualization."blunkall.us".enable {
containers.blunkall-us = { containers.blunkall-us = {

6
system-config/services/containers/novnc/default.nix
View File

@@ -1,16 +1,16 @@
{ config, lib, pkgs, ... }: { { config, lib, pkgs, ... }: {
options.sysconfig.opts.virtualization.novnc.enable = lib.mkOption { options.sysconfig.virtualization.novnc.enable = lib.mkOption {
type = lib.types.bool; type = lib.types.bool;
default = false; default = false;
}; };
config = lib.mkIf config.sysconfig.opts.virtualization.novnc.enable { config = lib.mkIf config.sysconfig.virtualization.novnc.enable {
networking = { networking = {
hosts."192.168.100.30" = [ "novnc.local" ]; hosts."192.168.100.30" = [ "novnc.local" ];
firewall.interfaces."ve-novnc" = lib.mkIf config.sysconfig.opts.virtualization.novnc.enable { firewall.interfaces."ve-novnc" = lib.mkIf config.sysconfig.virtualization.novnc.enable {
allowedTCPPorts = [ 5900 ]; allowedTCPPorts = [ 5900 ];
allowedUDPPorts = [ 5900 ]; allowedUDPPorts = [ 5900 ];
}; };

4
system-config/services/containers/ntfy/default.nix
View File

@@ -1,11 +1,11 @@
{ config, lib, ... }: { { config, lib, ... }: {
options.sysconfig.opts.virtualization.ntfy.enable = lib.mkOption { options.sysconfig.virtualization.ntfy.enable = lib.mkOption {
type = lib.types.bool; type = lib.types.bool;
default = false; default = false;
}; };
config = lib.mkIf config.sysconfig.opts.virtualization.ntfy.enable { config = lib.mkIf config.sysconfig.virtualization.ntfy.enable {
containers.ntfy = { containers.ntfy = {

4
system-config/services/containers/ollama/default.nix
View File

@@ -1,13 +1,13 @@
{ config, lib, inputs, ... }: { { config, lib, inputs, ... }: {
options = { options = {
sysconfig.opts.virtualization.ollama.enable = lib.options.mkOption { sysconfig.virtualization.ollama.enable = lib.options.mkOption {
type = lib.types.bool; type = lib.types.bool;
default = false; default = false;
}; };
}; };
config = lib.mkIf config.sysconfig.opts.virtualization.ollama.enable { config = lib.mkIf config.sysconfig.virtualization.ollama.enable {
containers.ollama = { containers.ollama = {

4
system-config/services/containers/pihole/default.nix
View File

@@ -1,12 +1,12 @@
{ config, lib, pkgs, inputs, ... }: { { config, lib, pkgs, inputs, ... }: {
options.sysconfig.opts.virtualization.pihole.enable = lib.options.mkOption { options.sysconfig.virtualization.pihole.enable = lib.options.mkOption {
type = lib.types.bool; type = lib.types.bool;
default = false; default = false;
}; };
config = lib.mkIf config.sysconfig.opts.virtualization.pihole.enable { config = lib.mkIf config.sysconfig.virtualization.pihole.enable {
/* sops.secrets."pihole/pass" = {}; /* sops.secrets."pihole/pass" = {};
sops.templates."pihole.env" = { sops.templates."pihole.env" = {

4
system-config/services/containers/rustdesk/default.nix
View File

@@ -1,11 +1,11 @@
{ config, lib, ... }: { { config, lib, ... }: {
options.sysconfig.opts.virtualization.rustdesk.enable = lib.options.mkOption { options.sysconfig.virtualization.rustdesk.enable = lib.options.mkOption {
type = lib.types.bool; type = lib.types.bool;
default = false; default = false;
}; };
config = lib.mkIf config.sysconfig.opts.virtualization.rustdesk.enable { config = lib.mkIf config.sysconfig.virtualization.rustdesk.enable {
/*networking = { /*networking = {
firewall.allowedTCPPorts = [ 21115 21116 21117 21118 21119 ]; firewall.allowedTCPPorts = [ 21115 21116 21117 21118 21119 ];

4
system-config/services/containers/sandbox/default.nix
View File

@@ -1,6 +1,6 @@
{ config, lib, inputs, ... }: { { config, lib, inputs, ... }: {
options.sysconfig.opts.virtualization.sandbox.enable = lib.mkOption { options.sysconfig.virtualization.sandbox.enable = lib.mkOption {
type = lib.types.bool; type = lib.types.bool;
default = false; default = false;
}; };
@@ -18,7 +18,7 @@
}) })
]; ];
config = lib.mkIf config.sysconfig.opts.virtualization.sandbox.enable { config = lib.mkIf config.sysconfig.virtualization.sandbox.enable {
networking = { networking = {

4
system-config/services/containers/traefik/default.nix
View File

@@ -1,11 +1,11 @@
{ config, lib, ... }: { { config, lib, ... }: {
options.sysconfig.opts.virtualization.traefik.enable = lib.options.mkOption { options.sysconfig.virtualization.traefik.enable = lib.options.mkOption {
type = lib.types.bool; type = lib.types.bool;
default = false; default = false;
}; };
config = lib.mkIf config.sysconfig.opts.virtualization.traefik.enable { config = lib.mkIf config.sysconfig.virtualization.traefik.enable {
networking = { networking = {
hosts."192.168.100.11" = [ "blunkall.us" "*.blunkall.us" "traefik.local" ]; hosts."192.168.100.11" = [ "blunkall.us" "*.blunkall.us" "traefik.local" ];

16
system-config/services/containers/wyoming/default.nix
View File

@@ -1,6 +1,6 @@
{ config, lib, ... }: { { config, lib, ... }: {
options.sysconfig.opts.virtualization.wyoming = { options.sysconfig.virtualization.wyoming = {
enable = lib.options.mkOption { enable = lib.options.mkOption {
type = lib.types.bool; type = lib.types.bool;
default = false; default = false;
@@ -23,7 +23,7 @@
}; };
}; };
config = lib.mkIf config.sysconfig.opts.virtualization.wyoming.enable { config = lib.mkIf config.sysconfig.virtualization.wyoming.enable {
containers.wyoming = { containers.wyoming = {
@@ -32,7 +32,7 @@
hostAddress = "192.168.100.10"; hostAddress = "192.168.100.10";
localAddress = "192.168.100.26"; localAddress = "192.168.100.26";
bindMounts = lib.mkIf config.sysconfig.opts.virtualization.wyoming.faster-whisper { bindMounts = lib.mkIf config.sysconfig.virtualization.wyoming.faster-whisper {
"/dev/nvidia0" = { "/dev/nvidia0" = {
hostPath = "/dev/nvidia0"; hostPath = "/dev/nvidia0";
isReadOnly = false; isReadOnly = false;
@@ -55,7 +55,7 @@
}; };
}; };
allowedDevices = lib.mkIf config.sysconfig.opts.virtualization.wyoming.faster-whisper [ allowedDevices = lib.mkIf config.sysconfig.virtualization.wyoming.faster-whisper [
{ {
node = "/dev/nvidia0"; node = "/dev/nvidia0";
modifier = "rw"; modifier = "rw";
@@ -86,7 +86,7 @@
services.wyoming = { services.wyoming = {
piper = lib.mkIf config.sysconfig.opts.virtualization.wyoming.piper { piper = lib.mkIf config.sysconfig.virtualization.wyoming.piper {
servers.piper = { servers.piper = {
enable = true; enable = true;
@@ -95,7 +95,7 @@
}; };
}; };
openwakeword = lib.mkIf config.sysconfig.opts.virtualization.wyoming.openwakeword { openwakeword = lib.mkIf config.sysconfig.virtualization.wyoming.openwakeword {
enable = true; enable = true;
uri = "tcp://0.0.0.0:11432"; uri = "tcp://0.0.0.0:11432";
preloadModels = [ preloadModels = [
@@ -109,7 +109,7 @@
]; ];
}; };
faster-whisper = lib.mkIf config.sysconfig.opts.virtualization.wyoming.faster-whisper { faster-whisper = lib.mkIf config.sysconfig.virtualization.wyoming.faster-whisper {
servers.whisper = { servers.whisper = {
enable = true; enable = true;
device = "auto"; device = "auto";
@@ -119,7 +119,7 @@
}; };
}; };
satellite = lib.mkIf config.sysconfig.opts.virtualization.wyoming.satellite { satellite = lib.mkIf config.sysconfig.virtualization.wyoming.satellite {
enable = true; enable = true;
uri = "tcp://0.0.0.0:11431"; uri = "tcp://0.0.0.0:11431";
#user = "nathan"; #user = "nathan";

4
system-config/services/dynamicDNS/default.nix
View File

@@ -1,12 +1,12 @@
{ config, lib, pkgs, ... }: { { config, lib, pkgs, ... }: {
options.sysconfig.opts.dynamicDNS.enable = lib.options.mkOption { options.sysconfig.services.dynamicDNS.enable = lib.options.mkOption {
type = lib.types.bool; type = lib.types.bool;
default = false; default = false;
}; };
config = lib.mkIf config.sysconfig.opts.dynamicDNS { config = lib.mkIf config.sysconfig.services.dynamicDNS {
systemd.timers.dynamicDNS = { systemd.timers.dynamicDNS = {

6
system-config/services/kdePlasma6/default.nix
View File

@@ -1,15 +1,15 @@
{ config, lib, pkgs, ... }: { { config, lib, pkgs, ... }: {
options.sysconfig.opts.kdePlasma6.enable = lib.options.mkOption { options.sysconfig.services.kdePlasma6.enable = lib.options.mkOption {
type = lib.types.bool; type = lib.types.bool;
default = false; default = false;
}; };
config = lib.mkIf config.sysconfig.opts.kdePlasma6.enable { config = lib.mkIf config.sysconfig.services.kdePlasma6.enable {
services.desktopManager.plasma6.enable = true; services.desktopManager.plasma6.enable = true;
sysconfig.opts.sddm.enable = lib.mkDefault true; sysconfig.services.sddm.enable = lib.mkDefault true;
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
kdePackages.discover # Optional: Install if you use Flatpak or fwupd firmware update sevice kdePackages.discover # Optional: Install if you use Flatpak or fwupd firmware update sevice

4
system-config/services/minecraft/default.nix
View File

@@ -1,6 +1,6 @@
{ config, lib, pkgs, inputs, ... }: { { config, lib, pkgs, inputs, ... }: {
options.sysconfig.opts.minecraft.enable = lib.options.mkOption { options.sysconfig.services.minecraft.enable = lib.options.mkOption {
type = lib.types.bool; type = lib.types.bool;
default = false; default = false;
}; };
@@ -9,7 +9,7 @@
inputs.nix-minecraft.nixosModules.minecraft-servers inputs.nix-minecraft.nixosModules.minecraft-servers
]; ];
config = lib.mkIf config.sysconfig.opts.minecraft.enable { config = lib.mkIf config.sysconfig.services.minecraft.enable {
nixpkgs.overlays = [ inputs.nix-minecraft.overlay ]; nixpkgs.overlays = [ inputs.nix-minecraft.overlay ];

4
system-config/services/novnc/default.nix
View File

@@ -1,11 +1,11 @@
{ config, lib, pkgs, ... }: { { config, lib, pkgs, ... }: {
options.sysconfig.opts.novnc.enable = lib.mkOption { options.sysconfig.services.novnc.enable = lib.mkOption {
type = lib.types.bool; type = lib.types.bool;
default = false; default = false;
}; };
config = lib.mkIf config.sysconfig.opts.novnc.enable { config = lib.mkIf config.sysconfig.services.novnc.enable {
systemd.services.novnc = { systemd.services.novnc = {
enable = true; enable = true;

4
system-config/services/ollama/default.nix
View File

@@ -1,13 +1,13 @@
{ config, lib, inputs, ... }: { { config, lib, inputs, ... }: {
options = { options = {
sysconfig.opts.ollama.enable = lib.options.mkOption { sysconfig.services.ollama.enable = lib.options.mkOption {
type = lib.types.bool; type = lib.types.bool;
default = false; default = false;
}; };
}; };
config = lib.mkIf config.sysconfig.opts.ollama.enable { config = lib.mkIf config.sysconfig.services.ollama.enable {
services.ollama = { services.ollama = {
enable = true; enable = true;
acceleration = "cuda"; acceleration = "cuda";

4
system-config/services/openssh/default.nix
View File

@@ -1,13 +1,13 @@
{ config, lib, ... }: { { config, lib, ... }: {
options = { options = {
sysconfig.opts.openssh.enable = lib.options.mkOption { sysconfig.services.openssh.enable = lib.options.mkOption {
type = lib.types.bool; type = lib.types.bool;
default = false; default = false;
}; };
}; };
config = lib.mkIf config.sysconfig.opts.openssh.enable { config = lib.mkIf config.sysconfig.services.openssh.enable {
networking.firewall.allowedTCPPorts = [ 22 ]; networking.firewall.allowedTCPPorts = [ 22 ];

4
system-config/services/pipewire/default.nix
View File

@@ -1,13 +1,13 @@
{ config, lib, pkgs, ... }: { { config, lib, pkgs, ... }: {
options = { options = {
sysconfig.opts.pipewire.enable = lib.options.mkOption { sysconfig.services.pipewire.enable = lib.options.mkOption {
type = lib.types.bool; type = lib.types.bool;
default = false; default = false;
}; };
}; };
config = lib.mkIf config.sysconfig.opts.pipewire.enable { config = lib.mkIf config.sysconfig.services.pipewire.enable {
# Enable sound with pipewire. # Enable sound with pipewire.
#sound.enable = true; #sound.enable = true;

4
system-config/services/sddm/default.nix
View File

@@ -1,11 +1,11 @@
{ config, lib, pkgs, inputs, ... }: { { config, lib, pkgs, inputs, ... }: {
options.sysconfig.opts.sddm.enable = lib.mkOption { options.sysconfig.services.sddm.enable = lib.mkOption {
type = lib.types.bool; type = lib.types.bool;
default = false; default = false;
}; };
config = lib.mkIf config.sysconfig.opts.sddm.enable { config = lib.mkIf config.sysconfig.services.sddm.enable {
qt.enable = true; qt.enable = true;

79
system-config/users/default.nix Normal file
View File

@@ -0,0 +1,79 @@
{ config, lib, inputs, ... }: {
options.sysconfig = {
users = let
userType = lib.types.submodule ({ username, ... }: {
options = {
username = lib.mkOption {
type = lib.types.str;
default = username;
};
home-manager = {
enable = lib.mkOption {
type = lib.types.bool;
default = false;
};
extraModules = lib.mkOption {
type = lib.types.listOf lib.types.raw;
default = [];
};
};
sshKeys = lib.mkOption {
type = lib.types.listOf lib.types.str;
default = [];
};
hashedPasswordFile = lib.mkOption {
type = lib.types.nullOr lib.types.str;
default = null;
};
extraGroups = lib.mkOption {
type = lib.types.listOf lib.types.str;
default = [];
};
};
});
in lib.mkOption {
type = lib.types.attrsOf userType;
default = {};
};
};
config = {
users.users = builtins.mapAttrs (name: user: {
name = user.username;
isNormalUser = true;
hashedPasswordFile = lib.mkIf (user.hashedPasswordFile != null) user.hashedPasswordFile;
extraGroups = user.extraGroups;
openssh.authorizedKeys.keys = lib.mkIf config.sysconfig.services.openssh.enable config.sysconfig.users.${user.username}.sshKeys;
}) config.sysconfig.users;
home-manager = {
backupFileExtension = "backup";
extraSpecialArgs = {inherit inputs;};
sharedModules = [
inputs.sops-nix.homeManagerModules.sops
inputs.home-manager-config
];
users = (builtins.mapAttrs
(name: user: (lib.mkMerge [
(inputs.${user.username} { config = config.home-manager.users.${user.username}; inherit lib; })
] ++ user.home-manager.extraModules))
(builtins.removeAttrs
config.sysconfig.users
(builtins.partition
(name: config.sysconfig.users.${name}.home-manager.enable == true)
(builtins.attrNames config.sysconfig.users)
).wrong
)
);
};
};
}