aboutsummaryrefslogtreecommitdiff
path: root/nixos
diff options
context:
space:
mode:
Diffstat (limited to 'nixos')
-rw-r--r--nixos/configurations/binky.nix8
-rw-r--r--nixos/configurations/lipwig.nix26
-rw-r--r--nixos/modules/desktop.nix6
-rw-r--r--nixos/modules/develop.nix1
-rw-r--r--nixos/modules/router.nix8
-rw-r--r--nixos/modules/users.nix7
-rw-r--r--nixos/modules/wireguad.nix5
7 files changed, 37 insertions, 24 deletions
diff --git a/nixos/configurations/binky.nix b/nixos/configurations/binky.nix
index 4b552d5..7765d01 100644
--- a/nixos/configurations/binky.nix
+++ b/nixos/configurations/binky.nix
@@ -1,4 +1,8 @@
-{lib, ...}: let
+{
+ lib,
+ pkgs,
+ ...
+}: let
inherit (lib) mkDefault;
in {
nixpkgs.hostPlatform.system = "x86_64-linux";
@@ -94,4 +98,6 @@ in {
dataDir = "/home/cynerd";
configDir = "/home/cynerd/.config/syncthing";
};
+
+ environment.systemPackages = [pkgs.heroic];
}
diff --git a/nixos/configurations/lipwig.nix b/nixos/configurations/lipwig.nix
index 6368ebc..1a137db 100644
--- a/nixos/configurations/lipwig.nix
+++ b/nixos/configurations/lipwig.nix
@@ -107,7 +107,7 @@
root = "${pkgs.cgit}/cgit";
locations."/".tryFiles = "$uri @cgit";
locations."@cgit".extraConfig = ''
- fastcgi_pass unix:${config.services.fcgiwrap.cgit.socket.address};
+ fastcgi_pass unix:${config.services.fcgiwrap.instances.cgit.socket.address};
fastcgi_param SCRIPT_FILENAME ${pkgs.cgit}/cgit/cgit.cgi;
fastcgi_param PATH_INFO $uri;
fastcgi_param QUERY_STRING $args;
@@ -137,9 +137,9 @@
};
};
};
- services.fcgiwrap.cgit = {
+ services.fcgiwrap.instances.cgit = {
process.user = "git";
- socket.user = config.services.nginx.group;
+ socket = {inherit (config.services.nginx) user group;};
};
security.acme = {
acceptTerms = true;
@@ -250,19 +250,19 @@
# Additional modules can be fetched with:
# NEXTCLOUD_VERSIONS=28 nix run nixpkgs#nc4nix -- -apps "passwords,integration_homeassistant,integration_github,integration_gitlab"
passwords = pkgs.fetchNextcloudApp {
- url = "https://git.mdns.eu/api/v4/projects/45/packages/generic/passwords/2024.2.0/passwords.tar.gz";
- sha256 = "0s5z6pxkcwmhlbzy9s2g0s05n1iqjmxr2jqxz7ayklin9kcgr3h7";
- license = "gpl3";
+ url = "https://git.mdns.eu/api/v4/projects/45/packages/generic/passwords/2024.7.0/passwords.tar.gz";
+ sha256 = "1RwLOE2aUwISMF/WcYmL8sKs+KXBlYv0OHw8PizrGCY=";
+ license = "agpl3Plus";
};
integration_github = pkgs.fetchNextcloudApp {
- url = "https://github.com/nextcloud-releases/integration_github/releases/download/v2.0.6/integration_github-v2.0.6.tar.gz";
- sha256 = "0rjdlsalayb21nmh3j5bl42dcbavxka2r5g9csagz7vc9dl0qrw6";
- license = "gpl3";
+ url = "https://github.com/nextcloud-releases/integration_github/releases/download/v2.0.7/integration_github-v2.0.7.tar.gz";
+ sha256 = "x4BrBdrvmbdwZcZL6FLAY27B5OpkXIsw92XsD076Aqg=";
+ license = "agpl3Plus";
};
integration_gitlab = pkgs.fetchNextcloudApp {
- url = "https://github.com/nextcloud-releases/integration_gitlab/releases/download/v1.0.18/integration_gitlab-v1.0.18.tar.gz";
- sha256 = "13vlbr7sigqrh480a9zp7zl9nbzb4pk8m1zzlqv9lkzj3zywp7mi";
- license = "gpl3";
+ url = "https://github.com/nextcloud-releases/integration_gitlab/releases/download/v3.0.1/integration_gitlab-v3.0.1.tar.gz";
+ sha256 = "FAF5CHwAVm55QS9NO8B5zsvJ0BWa7Mwfw6kYr2js0Es=";
+ license = "agpl3Plus";
};
};
};
@@ -271,12 +271,14 @@
services.postgresql = {
enable = true;
ensureUsers = [
+ {name = "cynerd";}
{
name = "nextcloud";
ensureDBOwnership = true;
}
];
ensureDatabases = ["nextcloud"];
+ extraPlugins = ps: with ps; [timescaledb];
};
# SearX ####################################################################
diff --git a/nixos/modules/desktop.nix b/nixos/modules/desktop.nix
index 7b21c7d..4a8c7dd 100644
--- a/nixos/modules/desktop.nix
+++ b/nixos/modules/desktop.nix
@@ -70,7 +70,7 @@ in {
msmtp
notmuch
astroid
- taskwarrior
+ taskwarrior3
vdirsyncer
khal
khard
@@ -79,7 +79,7 @@ in {
pinentry-curses
(pass.withExtensions (exts: [
exts.pass-otp
- #exts.pass-audit
+ exts.pass-audit
]))
chromium
@@ -113,7 +113,7 @@ in {
adwaita-icon-theme
vanilla-dmz
sound-theme-freedesktop
- gnome.gnome-characters
+ gnome-characters
gucharmap
(sdcv.withDictionaries [stardict-en-cz stardict-de-cz stardict-cz])
diff --git a/nixos/modules/develop.nix b/nixos/modules/develop.nix
index 971d219..446d205 100644
--- a/nixos/modules/develop.nix
+++ b/nixos/modules/develop.nix
@@ -21,6 +21,7 @@ in {
# Tools
gitlint
tig
+ gitg
gource
glab
github-cli
diff --git a/nixos/modules/router.nix b/nixos/modules/router.nix
index cd37d8b..224037b 100644
--- a/nixos/modules/router.nix
+++ b/nixos/modules/router.nix
@@ -56,6 +56,8 @@ in {
};
config = mkIf cnf.enable {
+ boot.kernel.sysctl."net.ipv6.conf.all.forwarding" = 1;
+
networking = {
useNetworkd = true;
firewall = {
@@ -114,9 +116,10 @@ in {
matchConfig.Name = "home";
networkConfig = {
Address = "${cnf.lanIP}/${toString cnf.lanPrefix}";
- IPForward = "yes";
+ IPv4Forwarding = "yes";
DHCPServer = "yes";
DHCPPrefixDelegation = "yes";
+ IPv6Forwarding = "yes";
IPv6SendRA = "yes";
IPv6AcceptRA = "no";
};
@@ -143,9 +146,10 @@ in {
matchConfig.Name = "guest";
networkConfig = {
Address = "192.168.1.1/24";
- IPForward = "yes";
+ IPv4Forwarding = "yes";
DHCPServer = "yes";
DHCPPrefixDelegation = "yes";
+ IPv6Forwarding = "yes";
IPv6SendRA = "yes";
IPv6AcceptRA = "no";
};
diff --git a/nixos/modules/users.nix b/nixos/modules/users.nix
index d098ec7..1c143bb 100644
--- a/nixos/modules/users.nix
+++ b/nixos/modules/users.nix
@@ -64,10 +64,13 @@ in {
syntaxHighlighting.enable = isNative;
};
shellrc = true;
- vim.defaultEditor = isArm;
+ vim = {
+ enable = isArm;
+ defaultEditor = isArm;
+ };
neovim = {
enable = !isArm;
- defaultEditor = true;
+ defaultEditor = !isArm;
withNodeJs = true;
};
diff --git a/nixos/modules/wireguad.nix b/nixos/modules/wireguad.nix
index 69e1ccd..1b1db90 100644
--- a/nixos/modules/wireguad.nix
+++ b/nixos/modules/wireguad.nix
@@ -66,10 +66,7 @@ in {
matchConfig.Name = "wg";
networkConfig = {
Address = "${config.cynerd.hosts.wg."${hostName}"}/24";
- IPForward = is_endpoint;
- #DNS = mkIf (hostName != "dean") ["10.0.20.30" "10.0.20.31"];
- #DNSSEC = false;
- #Domains = mkIf (hostName != "dean") "~elektroline.cz";
+ IPv4Forwarding = "yes";
};
routes =
(optional (hostName != "lipwig") {