aboutsummaryrefslogtreecommitdiff
path: root/nixos
diff options
context:
space:
mode:
Diffstat (limited to 'nixos')
-rw-r--r--nixos/configurations/adm-omnia.nix4
-rw-r--r--nixos/configurations/adm-omnia2.nix4
-rw-r--r--nixos/configurations/errol.nix6
-rw-r--r--nixos/configurations/lipwig.nix20
-rw-r--r--nixos/configurations/ridcully.nix6
-rw-r--r--nixos/configurations/spt-mox.nix2
-rw-r--r--nixos/configurations/spt-mox2.nix2
-rw-r--r--nixos/configurations/spt-omnia.nix12
-rw-r--r--nixos/modules/backup.nix63
-rw-r--r--nixos/modules/desktop.nix20
-rw-r--r--nixos/modules/gaming.nix20
-rw-r--r--nixos/modules/generic.nix2
-rw-r--r--nixos/modules/packages.nix1
13 files changed, 135 insertions, 27 deletions
diff --git a/nixos/configurations/adm-omnia.nix b/nixos/configurations/adm-omnia.nix
index 069dfb0..056a68e 100644
--- a/nixos/configurations/adm-omnia.nix
+++ b/nixos/configurations/adm-omnia.nix
@@ -26,12 +26,12 @@ in {
enable = false;
ar9287 = {
interface = "wlp1s0";
- bssids = ["04:f0:21:23:3d:ce" "08:f0:21:23:3d:ce" "0c:f0:21:23:3d:ce"];
+ bssids = config.secrets.wifiMacs.adm-omnia.ar9287;
channel = 11;
};
qca988x = {
interface = "wlp3s0";
- bssids = ["04:f0:21:24:0b:4e" "08:f0:21:24:0b:4e" "0c:f0:21:24:0b:4e"];
+ bssids = config.secrets.wifiMacs.adm-omnia.qca988x;
channel = 36;
};
};
diff --git a/nixos/configurations/adm-omnia2.nix b/nixos/configurations/adm-omnia2.nix
index 45b8dc4..8b47e63 100644
--- a/nixos/configurations/adm-omnia2.nix
+++ b/nixos/configurations/adm-omnia2.nix
@@ -15,12 +15,12 @@
enable = true;
ar9287 = {
interface = "wlp2s0";
- bssids = ["12:f0:21:23:2b:00" "12:f0:21:23:2b:01" "12:f0:21:23:2b:02"];
+ bssids = config.secrets.wifiMacs.adm-omnia2.ar9287;
channel = 11;
};
qca988x = {
interface = "wlp1s0";
- bssids = ["12:f0:21:23:2b:03" "12:f0:21:23:2b:04" "12:f0:21:23:2b:05"];
+ bssids = config.secrets.wifiMacs.adm-omnia2.qca988x;
channel = 36;
};
};
diff --git a/nixos/configurations/errol.nix b/nixos/configurations/errol.nix
index fd348e8..407cf82 100644
--- a/nixos/configurations/errol.nix
+++ b/nixos/configurations/errol.nix
@@ -26,6 +26,7 @@ in {
"encroot" = "/dev/disk/by-uuid/7c412ae6-6016-45af-8c2a-8fcc394dbbe6";
"enchdd1" = "/dev/disk/by-uuid/87f16080-5ff6-43dd-89f3-307455a46fbe";
"enchdd2" = "/dev/disk/by-uuid/be4a33fa-8bc6-431d-a3ac-787668f223ed";
+ #"encback" = "/dev/disk/by-uuid/1bd8c637-f71e-4fb0-96de-b660c4f1afaf";
};
fileSystems = {
"/" = {
@@ -53,6 +54,11 @@ in {
fsType = "btrfs";
options = ["compress=lzo" "subvol=@home"];
};
+ #"/back" = {
+ # device = "/dev/mapper/encback";
+ # fsType = "btrfs";
+ # options = ["compress=lzo"];
+ #};
};
services.btrfs.autoScrub = {
enable = true;
diff --git a/nixos/configurations/lipwig.nix b/nixos/configurations/lipwig.nix
index 7d00a37..7476ab6 100644
--- a/nixos/configurations/lipwig.nix
+++ b/nixos/configurations/lipwig.nix
@@ -25,6 +25,13 @@
};
wireguard = true;
openvpn.oldpersonal = true;
+ borgjobs = {
+ postgresql.dumpCommand = pkgs.writeScript "postgreqsl-backup.sh" ''
+ /run/wrappers/bin/sudo -u postgres /run/current-system/sw/bin/pg_dumpall
+ '';
+ nextcloud_data.paths = "/nas/nextcloud/data";
+ sync_data.paths = "/nas/sync";
+ };
};
boot.loader.systemd-boot.enable = false;
@@ -191,7 +198,7 @@
# Nextcloud ################################################################
services.nextcloud = {
enable = true;
- package = pkgs.nextcloud28;
+ package = pkgs.nextcloud29;
https = true;
hostName = "cloud.cynerd.cz";
datadir = "/nas/nextcloud";
@@ -200,7 +207,6 @@
adminpassFile = "/run/secrets/nextcloud.admin.pass";
dbtype = "pgsql";
dbhost = "/run/postgresql";
- dbtableprefix = "oc_";
};
settings = {
#log_type = "systemd";
@@ -234,20 +240,20 @@
twofactor_webauthn
;
# Additional modules can be fetched with:
- # NEXTCLOUD_VERSIONS=28 nix run nixpkgs#nc4nix -- -apps "passwords,money,integration_github,integration_gitlab"
+ # NEXTCLOUD_VERSIONS=29 nix run nixpkgs#nc4nix -- -apps "passwords,money,integration_github,integration_gitlab"
passwords = pkgs.fetchNextcloudApp {
url = "https://git.mdns.eu/api/v4/projects/45/packages/generic/passwords/2024.9.0/passwords.tar.gz";
sha256 = "L+jumcussL0c9xNMg/GMs1GSd1IY9wUvC8ZEg+3U+sc=";
license = "agpl3Plus";
};
integration_github = pkgs.fetchNextcloudApp {
- url = "https://github.com/nextcloud-releases/integration_github/releases/download/v2.0.7/integration_github-v2.0.7.tar.gz";
- sha256 = "x4BrBdrvmbdwZcZL6FLAY27B5OpkXIsw92XsD076Aqg=";
+ url = "https://github.com/nextcloud-releases/integration_github/releases/download/v3.0.0/integration_github-v3.0.0.tar.gz";
+ sha256 = "ruLN4lw3Vy8OavTYm1g2L9q1wusRP0a+BpvfXkrZI3A=";
license = "agpl3Plus";
};
integration_gitlab = pkgs.fetchNextcloudApp {
- url = "https://github.com/nextcloud-releases/integration_gitlab/releases/download/v3.1.1/integration_gitlab-v3.1.1.tar.gz";
- sha256 = "nBqnBDVoNEqRGp+WKq4okis1kCr6pzEz4G6368MaxuE=";
+ url = "https://github.com/nextcloud-releases/integration_gitlab/releases/download/v3.1.2/integration_gitlab-v3.1.2.tar.gz";
+ sha256 = "nCH0DqYmr4T856sOU5PhSK6WAHIF9mnYThgytxEbkNA=";
license = "agpl3Plus";
};
money = pkgs.fetchNextcloudApp {
diff --git a/nixos/configurations/ridcully.nix b/nixos/configurations/ridcully.nix
index 2be1a7a..ff3b5a0 100644
--- a/nixos/configurations/ridcully.nix
+++ b/nixos/configurations/ridcully.nix
@@ -26,6 +26,7 @@ in {
cynerd.autounlock = {
"encroot" = "/dev/disk/by-uuid/bc7d2ba4-6e04-4c49-b40c-3aecd1a86c71";
"enchdd" = "/dev/disk/by-uuid/7fee3cda-efa0-47cd-8832-fdead9a7e6db";
+ "encback" = "/dev/disk/by-uuid/b426cbe7-fba2-473b-90f9-9ebe3e34b76e";
};
fileSystems = {
"/" = {
@@ -48,6 +49,11 @@ in {
fsType = "btrfs";
options = ["compress=lzo" "subvol=@home"];
};
+ "/back" = {
+ device = "/dev/mapper/encback";
+ fsType = "btrfs";
+ options = ["compress=lzo"];
+ };
};
services.btrfs.autoScrub = {
enable = true;
diff --git a/nixos/configurations/spt-mox.nix b/nixos/configurations/spt-mox.nix
index 0bc7627..989df29 100644
--- a/nixos/configurations/spt-mox.nix
+++ b/nixos/configurations/spt-mox.nix
@@ -17,7 +17,7 @@
enable = true;
qca988x = {
interface = "wlp1s0";
- bssids = ["04:f0:21:24:24:d2" "08:f0:21:24:24:d2"];
+ bssids = config.secrets.wifiMacs.spt-mox.qca988x;
channel = 7;
};
};
diff --git a/nixos/configurations/spt-mox2.nix b/nixos/configurations/spt-mox2.nix
index af0796c..b416671 100644
--- a/nixos/configurations/spt-mox2.nix
+++ b/nixos/configurations/spt-mox2.nix
@@ -20,7 +20,7 @@
enable = true;
qca988x = {
interface = "wlp1s0";
- bssids = ["04:f0:21:45:d3:47" "08:f0:21:45:d3:47"];
+ bssids = config.secrets.wifiMacs.spt-mox2.qca988x;
channel = 1;
};
};
diff --git a/nixos/configurations/spt-omnia.nix b/nixos/configurations/spt-omnia.nix
index 79ced79..e55e34f 100644
--- a/nixos/configurations/spt-omnia.nix
+++ b/nixos/configurations/spt-omnia.nix
@@ -1,14 +1,10 @@
-{
- config,
- pkgs,
- ...
-}: let
+{config, ...}: let
hosts = config.cynerd.hosts.spt;
in {
turris.board = "omnia";
deploy = {
enable = true;
- ssh.host = "omnia.spt";
+ ssh.host = "spt.cynerd.cz";
};
cynerd = {
@@ -28,12 +24,12 @@ in {
enable = true;
ar9287 = {
interface = "wlp1s0";
- bssids = ["04:f0:21:24:21:93" "08:f0:21:24:21:93"];
+ bssids = config.secrets.wifiMacs.spt-omnia.ar9287;
channel = 11;
};
qca988x = {
interface = "wlp3s0";
- bssids = ["04:f0:21:23:16:64" "08:f0:21:23:16:64"];
+ bssids = config.secrets.wifiMacs.spt-omnia.qca988x;
channel = 36;
};
};
diff --git a/nixos/modules/backup.nix b/nixos/modules/backup.nix
new file mode 100644
index 0000000..3f5042b
--- /dev/null
+++ b/nixos/modules/backup.nix
@@ -0,0 +1,63 @@
+{
+ config,
+ lib,
+ ...
+}: let
+ inherit (builtins) elem readFile readDir;
+ inherit (lib) mkOption types mkIf hasSuffix removeSuffix hasAttr filterAttrs mapAttrs mapAttrs' nameValuePair mergeAttrsList recursiveUpdate;
+
+ servers = ["ridcully"]; # TODO "errol"
+ clients =
+ mapAttrs' (fname: _:
+ nameValuePair (removeSuffix ".pub" fname)
+ (readFile (config.personal-secrets + "/unencrypted/backup/${fname}")))
+ (filterAttrs (n: v: v == "regular" && hasSuffix ".pub" n)
+ (readDir (config.personal-secrets + "/unencrypted/backup")));
+ edpersonal = readFile (config.personal-secrets + "/unencrypted/edpersonal.pub");
+in {
+ options.cynerd = {
+ borgjobs = mkOption {
+ type = with types; attrsOf anything;
+ description = "Job to be backed up for this ";
+ };
+ };
+
+ config = {
+ services.borgbackup = {
+ repos = mkIf (elem config.networking.hostName servers) (
+ mapAttrs (name: key: {
+ path = "/back/${name}";
+ authorizedKeys = [key edpersonal];
+ allowSubRepos = true;
+ })
+ clients
+ );
+
+ jobs = mkIf (hasAttr config.networking.hostName clients) (mergeAttrsList
+ (map (server: (mapAttrs' (n: v:
+ nameValuePair "${server}-${n}"
+ (recursiveUpdate
+ (recursiveUpdate {
+ encryption.mode = "none";
+ prune = {
+ keep = {
+ daily = 7;
+ weekly = 4;
+ monthly = -1;
+ };
+ prefix = n;
+ };
+ }
+ v)
+ {
+ repo = "borg@${server}:./${n}";
+ environment = {
+ BORG_RSH = "ssh -i /run/secrets/borgbackup.key";
+ };
+ archiveBaseName = null;
+ }))
+ config.cynerd.borgjobs))
+ servers));
+ };
+ };
+}
diff --git a/nixos/modules/desktop.nix b/nixos/modules/desktop.nix
index 4a8c7dd..b3746d0 100644
--- a/nixos/modules/desktop.nix
+++ b/nixos/modules/desktop.nix
@@ -70,6 +70,7 @@ in {
msmtp
notmuch
astroid
+ dodo
taskwarrior3
vdirsyncer
khal
@@ -146,12 +147,15 @@ in {
kdenlive
# GStreamer
- gst_all_1.gst-libav
- gst_all_1.gst-plugins-bad
+ gst_all_1.gstreamer
gst_all_1.gst-plugins-base
gst_all_1.gst-plugins-good
+ gst_all_1.gst-plugins-bad
gst_all_1.gst-plugins-ugly
+ gst_all_1.gst-plugins-rs
gst_all_1.gst-plugins-viperfx
+ gst_all_1.gst-libav
+ gst_all_1.gst-vaapi
# Writing
typst
@@ -244,9 +248,15 @@ in {
alsa.enable = true;
alsa.support32Bit = true;
pulse.enable = true;
- extraConfig.pipewire."10-zeroconf" = {
- "context.modules" = [{name = "libpipewire-module-zeroconf-discover";}];
- };
+ configPackages = [
+ (pkgs.writeTextDir "share/pipewire/pipewire.conf.d/10-zeroconf-discover.conf" ''
+ context.modules = [
+ { name = libpipewire-module-zeroconf-discover
+ args = { }
+ }
+ ]
+ '')
+ ];
};
upower.enable = true;
diff --git a/nixos/modules/gaming.nix b/nixos/modules/gaming.nix
index 64af068..0f944bd 100644
--- a/nixos/modules/gaming.nix
+++ b/nixos/modules/gaming.nix
@@ -35,6 +35,26 @@ in {
libopus
];
};
+ heroic = pkgs.heroic.override {
+ extraPkgs = pkgs:
+ with pkgs; [
+ ncurses
+ xorg.libXpm
+ flac1_3
+ libopus
+ SDL
+ SDL2_image
+ SDL2_mixer
+ SDL2_ttf
+ SDL_image
+ SDL_mixer
+ SDL_ttf
+ glew110
+ libdrm
+ libidn
+ tbb
+ ];
+ };
};
};
}
diff --git a/nixos/modules/generic.nix b/nixos/modules/generic.nix
index 02afd17..502d0c3 100644
--- a/nixos/modules/generic.nix
+++ b/nixos/modules/generic.nix
@@ -9,7 +9,7 @@ in {
system.stateVersion = "24.05";
nix = {
- extraOptions = "experimental-features = nix-command flakes repl-flake";
+ extraOptions = "experimental-features = nix-command flakes";
settings = {
auto-optimise-store = true;
substituters = [
diff --git a/nixos/modules/packages.nix b/nixos/modules/packages.nix
index d321901..1052f56 100644
--- a/nixos/modules/packages.nix
+++ b/nixos/modules/packages.nix
@@ -66,6 +66,7 @@ in {
speedtest-cli
librespeed-cli
termshark
+ w3m
lm_sensors
]
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-19 14:04:16 +0000