aboutsummaryrefslogtreecommitdiff
path: root/nixos/modules
diff options
context:
space:
mode:
Diffstat (limited to 'nixos/modules')
-rw-r--r--nixos/modules/desktop.nix10
-rw-r--r--nixos/modules/develop.nix3
-rw-r--r--nixos/modules/gaming.nix9
-rw-r--r--nixos/modules/generic.nix2
-rw-r--r--nixos/modules/homeassistant.nix57
-rw-r--r--nixos/modules/hosts.nix23
-rw-r--r--nixos/modules/packages.nix1
-rw-r--r--nixos/modules/wifi-zd.nix137
8 files changed, 225 insertions, 17 deletions
diff --git a/nixos/modules/desktop.nix b/nixos/modules/desktop.nix
index dfc9777..05a7b7b 100644
--- a/nixos/modules/desktop.nix
+++ b/nixos/modules/desktop.nix
@@ -69,7 +69,6 @@ in {
isync
msmtp
notmuch
- astroid
dodo
taskwarrior3
gnupg
@@ -81,14 +80,19 @@ in {
]))
chromium
+ tangram
ferdium
signal-desktop
- libreoffice
- onlyoffice-desktopeditors
mupdf
zathura
pdfgrep
+ libreoffice-qt6-fresh
+ hunspell
+ hunspellDicts.en_US-large
+ hunspellDicts.en_GB-large
+ hunspellDicts.cs_CZ
+
xdg-utils
xdg-launch
mesa-demos
diff --git a/nixos/modules/develop.nix b/nixos/modules/develop.nix
index 6444473..4973a92 100644
--- a/nixos/modules/develop.nix
+++ b/nixos/modules/develop.nix
@@ -112,6 +112,9 @@ in {
pylxd
selenium
+
+ pyvisa
+ pyvisa-py
]))
ruff
geckodriver
diff --git a/nixos/modules/gaming.nix b/nixos/modules/gaming.nix
index 6dce70d..4f957ed 100644
--- a/nixos/modules/gaming.nix
+++ b/nixos/modules/gaming.nix
@@ -18,7 +18,10 @@ in {
config = mkIf cnf {
cynerd.desktop.enable = true;
- environment.systemPackages = [pkgs.heroic];
+ environment.systemPackages = with pkgs; [
+ heroic
+ prismlauncher
+ ];
nixpkgs.config.permittedInsecurePackages = [
"SDL_ttf-2.0.11" # TODO
@@ -35,7 +38,7 @@ in {
with pkgs; [
ncurses
xorg.libXpm
- #flac134
+ flac134
libopus
];
};
@@ -44,7 +47,7 @@ in {
with pkgs; [
ncurses
xorg.libXpm
- #flac134
+ flac134 # For Nebuchadnezzar
libopus
SDL
SDL2_image
diff --git a/nixos/modules/generic.nix b/nixos/modules/generic.nix
index e029058..e6e96a4 100644
--- a/nixos/modules/generic.nix
+++ b/nixos/modules/generic.nix
@@ -37,7 +37,7 @@ in {
kernelPackages = mkOverride 1100 pkgs.linuxPackages_latest;
kernelParams = ["boot.shell_on_fail"];
};
- hardware.enableAllFirmware = true;
+ hardware.enableAllFirmware = mkDefault true;
services.fwupd.enable = mkDefault (pkgs.system == "x86_64-linux");
systemd.oomd.enable = false;
diff --git a/nixos/modules/homeassistant.nix b/nixos/modules/homeassistant.nix
new file mode 100644
index 0000000..f7ebe9c
--- /dev/null
+++ b/nixos/modules/homeassistant.nix
@@ -0,0 +1,57 @@
+{
+ config,
+ lib,
+ ...
+}: let
+ inherit (lib) mkOption mkEnableOption types mkIf;
+ cnf = config.cynerd.ha;
+in {
+ options.cynerd.ha = {
+ enable = mkEnableOption "Home assistant setup on the primary router.";
+ domain = mkOption {
+ type = with types; str;
+ description = "The domain name of the system.";
+ };
+ extraOptions = mkOption {
+ type = with types; listOf str;
+ default = [];
+ description = "Extra options passed to the container.";
+ };
+ };
+
+ config = mkIf cnf.enable {
+ virtualisation.oci-containers = {
+ backend = "podman";
+ containers.homeassistant = {
+ volumes = ["home-assistant:/config" "/run/dbus:/run/dbus:ro"];
+ environment.TZ = "Europe/Prague";
+ image = "ghcr.io/home-assistant/armv7-homeassistant:latest";
+ extraOptions =
+ ["--privileged" "--network=host"]
+ ++ cnf.extraOptions;
+ };
+ };
+
+ services.nginx = {
+ enable = true;
+ virtualHosts = {
+ "${cnf.domain}" = {
+ forceSSL = true;
+ enableACME = true;
+ locations."/" = {
+ proxyPass = "http://localhost:8123";
+ proxyWebsockets = true;
+ recommendedProxySettings = true;
+ };
+ };
+ };
+ };
+ security.acme = {
+ acceptTerms = true;
+ defaults.email = "cynerd+acme@email.cz";
+ certs."${cnf.domain}" = {};
+ };
+
+ networking.firewall.allowedTCPPorts = [80 443];
+ };
+}
diff --git a/nixos/modules/hosts.nix b/nixos/modules/hosts.nix
index 4b358b8..9affe19 100644
--- a/nixos/modules/hosts.nix
+++ b/nixos/modules/hosts.nix
@@ -19,7 +19,7 @@ in {
default = true;
description = "Use my personal static hosts";
};
- vpn = staticZoneOption;
+ zd = staticZoneOption;
wg = staticZoneOption;
spt = staticZoneOption;
adm = staticZoneOption;
@@ -28,9 +28,10 @@ in {
config = {
cynerd.hosts = {
- vpn = {
- "lipwig" = "10.8.0.1";
- "adm-omnia" = "10.8.0.51";
+ zd = {
+ "mox" = "10.8.0.1";
+ # Portable
+ "binky" = "10.8.0.63";
};
wg = {
"lipwig" = "10.8.1.1";
@@ -40,6 +41,7 @@ in {
# Endpoints
"spt-omnia" = "10.8.1.50";
"adm-omnia" = "10.8.1.51";
+ "zd-mox" = "10.8.1.52";
# Endpoints without routing
"dean" = "10.8.1.59";
};
@@ -51,6 +53,7 @@ in {
# Local
"mpd" = "10.8.2.51";
"errol" = "10.8.2.60";
+ "ridcully" = "10.8.2.59";
"printer" = "10.8.2.90";
# Portable
"albert" = "10.8.2.61";
@@ -61,7 +64,6 @@ in {
"omnia" = "10.8.3.1";
"omnia2" = "10.8.3.3";
# Local
- "ridcully" = "10.8.3.60";
"3dprint" = "10.8.3.80";
"mpd" = "10.8.3.51";
"printer" = "192.168.1.20";
@@ -72,15 +74,16 @@ in {
};
networking.hosts = mkIf cnf.enable {
- # VPN
- "${cnf.vpn.lipwig}" = ["lipwig.vpn"];
- "${cnf.vpn.adm-omnia}" = ["adm.vpn"];
+ # Zd
+ "${cnf.zd.mox}" = ["mox.zd"];
+ "${cnf.zd.binky}" = ["binky.zd"];
# Wireguard
"${cnf.wg.lipwig}" = ["lipwig.wg"];
"${cnf.wg.binky}" = ["binky.wg"];
"${cnf.wg.android}" = ["android.wg"];
"${cnf.wg.spt-omnia}" = ["spt.wg"];
"${cnf.wg.adm-omnia}" = ["adm.wg"];
+ "${cnf.wg.zd-mox}" = ["zd.wg"];
"${cnf.wg.dean}" = ["dean" "dean.wg"];
# Spt
"${cnf.spt.omnia}" = ["omnia.spt"];
@@ -88,14 +91,14 @@ in {
"${cnf.spt.mox2}" = ["mox2.spt"];
"10.8.2.4" = ["mi3g.spt"];
"${cnf.spt.mpd}" = ["mpd.spt"];
- "${cnf.spt.errol}" = ["errol" "desktop.spt"];
+ "${cnf.spt.errol}" = ["errol"];
+ "${cnf.spt.ridcully}" = ["ridcully"];
"${cnf.spt.albert}" = ["albert.spt"];
"${cnf.spt.binky}" = ["binky.spt"];
# Adm
"${cnf.adm.omnia}" = ["omnia.adm"];
"10.8.3.2" = ["redmi.adm"];
"${cnf.adm.omnia2}" = ["omnia2.adm"];
- "${cnf.adm.ridcully}" = ["ridcully" "desktop.adm"];
"${cnf.adm.albert}" = ["albert.adm"];
"${cnf.adm.binky}" = ["binky.adm"];
"${cnf.adm."3dprint"}" = ["3dprint"];
diff --git a/nixos/modules/packages.nix b/nixos/modules/packages.nix
index 155d8a5..c41e491 100644
--- a/nixos/modules/packages.nix
+++ b/nixos/modules/packages.nix
@@ -47,6 +47,7 @@ in {
tree
lsof
strace
+ ripgrep
sourceHighlight # Colors for less
unrar
diff --git a/nixos/modules/wifi-zd.nix b/nixos/modules/wifi-zd.nix
new file mode 100644
index 0000000..107fdf4
--- /dev/null
+++ b/nixos/modules/wifi-zd.nix
@@ -0,0 +1,137 @@
+{
+ config,
+ lib,
+ ...
+}: let
+ inherit (lib) mkOption mkEnableOption types mkIf mkForce mkMerge hostapd elemAt;
+ cnf = config.cynerd.wifiAP.zd;
+
+ wifi-networks = name: let
+ is2g = cnf."${name}".channel <= 14;
+ in {
+ "${cnf."${name}".interface}" = {
+ bssid = elemAt cnf."${name}".bssids 0;
+ ssid = "UNas${
+ if is2g
+ then ""
+ else "5"
+ }";
+ authentication = {
+ mode = "wpa2-sha256";
+ wpaPasswordFile = "/run/secrets/hostapd-UNas.pass";
+ };
+ settings = mkIf is2g {
+ ieee80211w = 0;
+ wpa_key_mgmt = mkForce "WPA-PSK"; # force use without sha256
+ };
+ };
+ "${cnf."${name}".interface}.guest" = {
+ bssid = elemAt cnf."${name}".bssids 1;
+ ssid = "Koci";
+ authentication = {
+ mode = "wpa2-sha256";
+ wpaPasswordFile = "/run/secrets/hostapd-Koci.pass";
+ };
+ };
+ };
+
+ net-networks = name: {
+ "lan-${cnf."${name}".interface}" = {
+ matchConfig = {
+ Name = cnf."${name}".interface;
+ WLANInterfaceType = "ap";
+ };
+ networkConfig.Bridge = "brlan";
+ bridgeVLANs = [
+ {
+ EgressUntagged = 1;
+ PVID = 1;
+ }
+ ];
+ };
+ "lan-${cnf."${name}".interface}-guest" = {
+ matchConfig.Name = "${cnf."${name}".interface}.guest";
+ networkConfig.Bridge = "brlan";
+ bridgeVLANs = [
+ {
+ EgressUntagged = 2;
+ PVID = 2;
+ }
+ ];
+ };
+ };
+
+ wOptions = card: channelDefault: {
+ interface = mkOption {
+ type = with types; nullOr str;
+ default = null;
+ description = "Specify interface for ${card}";
+ };
+ bssids = mkOption {
+ type = with types; listOf str;
+ default = [];
+ description = "BSSIDs for networks.";
+ };
+ channel = mkOption {
+ type = types.ints.positive;
+ default = channelDefault;
+ description = "Channel to be used for ${card}";
+ };
+ };
+in {
+ options = {
+ cynerd.wifiAP.zd = {
+ enable = mkEnableOption "Enable Wi-Fi Access Point support";
+ ar9287 = wOptions "Qualcom Atheros AR9287" 7;
+ qca988x = wOptions "Qualcom Atheros QCA988x" 36;
+ };
+ };
+
+ config = mkIf cnf.enable {
+ # TODO regdom doesn't work for some reason
+ boot.extraModprobeConfig = ''
+ options cfg80211 ieee80211_regdom="CZ"
+ '';
+ services.hostapd = {
+ enable = true;
+ radios = mkMerge [
+ (mkIf (cnf.ar9287.interface != null) {
+ "${cnf.ar9287.interface}" = {
+ inherit (cnf.ar9287) channel;
+ countryCode = "CZ";
+ wifi4 = {
+ enable = true;
+ inherit (hostapd.qualcomAtherosAR9287.wifi4) capabilities;
+ };
+ networks = wifi-networks "ar9287";
+ };
+ })
+ (mkIf (cnf.qca988x.interface != null) {
+ "${cnf.qca988x.interface}" = let
+ is2g = cnf.qca988x.channel <= 14;
+ in {
+ inherit (cnf.qca988x) channel;
+ countryCode = "CZ";
+ band =
+ if is2g
+ then "2g"
+ else "5g";
+ wifi4 = {
+ enable = true;
+ inherit (hostapd.qualcomAtherosQCA988x.wifi4) capabilities;
+ };
+ wifi5 = {
+ enable = !is2g;
+ inherit (hostapd.qualcomAtherosQCA988x.wifi5) capabilities;
+ };
+ networks = wifi-networks "qca988x";
+ };
+ })
+ ];
+ };
+ systemd.network.networks = mkMerge [
+ (mkIf (cnf.ar9287.interface != null) (net-networks "ar9287"))
+ (mkIf (cnf.qca988x.interface != null) (net-networks "qca988x"))
+ ];
+ };
+}
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-26 10:24:17 +0000