Compare commits

...

4 commits

Author SHA1 Message Date
435f1b3aa1 Moving more stuff around
All checks were successful
Build / nix-build (native-aarch64, varda) (pull_request) Successful in 1m31s
Build / nix-build (native-x86_64, durincore) (pull_request) Successful in 4m36s
2024-05-30 23:55:10 -05:00
8c70906d0f if no containers, don't show service status of podman containers. 2024-05-30 23:28:07 -05:00
d820259c32 Moving stuff around 2024-05-30 23:12:28 -05:00
f5983194db Moving stuff around for the merge 2024-05-30 23:00:46 -05:00
37 changed files with 71 additions and 385 deletions

View file

@ -1,8 +1,5 @@
{ inputs { lib, ... }: {
, config
, lib
, ...
}: {
imports = [ imports = [
./shell ./shell
./programs ./programs

View file

@ -23,8 +23,6 @@ in
ll = "${pkgs.eza}/bin/eza --long --all --group --header"; ll = "${pkgs.eza}/bin/eza --long --all --group --header";
tm = "tmux attach -t (basename $PWD) || tmux new -s (basename $PWD)"; tm = "tmux attach -t (basename $PWD) || tmux new -s (basename $PWD)";
x = "exit"; x = "exit";
# lazydocker --> lazypodman
lazypodman="sudo DOCKER_HOST=unix:///run/podman/podman.sock lazydocker";
}; };
shellAbbrs = { shellAbbrs = {

View file

@ -1,4 +1,4 @@
{ inputs, lib, ... }: { lib, ... }:
with lib; with lib;
rec { rec {
@ -12,9 +12,6 @@ rec {
user = existsOrDefault "user" options "568"; user = existsOrDefault "user" options "568";
group = existsOrDefault "group" options "568"; group = existsOrDefault "group" options "568";
subdomain = existsOrDefault "subdomainOverride" options options.app;
host = existsOrDefault "host" options "${subdomain}.${options.domain}";
enableBackups = (lib.attrsets.hasAttrByPath [ "persistence" "folder" ] options) enableBackups = (lib.attrsets.hasAttrByPath [ "persistence" "folder" ] options)
&& (lib.attrsets.attrByPath [ "persistence" "enable" ] true options); && (lib.attrsets.attrByPath [ "persistence" "enable" ] true options);
# nix doesnt have an exhausive list of options for oci # nix doesnt have an exhausive list of options for oci

View file

@ -1,6 +1,6 @@
## Modules ## Modules
A set of 'custom' modules with the aim to enable easy on/off/settings to build up a system modulary to my 'specs'. A set of 'custom' modules with the aim to enable easy on/off/settings to build up a system modularly to my 'specs'.
The main goal is to build up a `mySystem` options key which is easy to read and toggle functionality on and off. The main goal is to build up a `mySystem` options key which is easy to read and toggle functionality on and off.

View file

@ -1,6 +1,5 @@
{ {
imports = [ imports = [
./gnome.nix ./gnome.nix
]; ];
} }

View file

@ -1,9 +1,4 @@
{ lib { lib, config, pkgs, ... }:
, config
, pkgs
, ...
}:
with lib; with lib;
let let
cfg = config.mySystem.de.gnome; cfg = config.mySystem.de.gnome;
@ -13,7 +8,6 @@ in
options.mySystem.de.gnome.systrayicons = mkEnableOption "Enable systray icons" // { default = true; }; options.mySystem.de.gnome.systrayicons = mkEnableOption "Enable systray icons" // { default = true; };
options.mySystem.de.gnome.gsconnect = mkEnableOption "Enable gsconnect (KDEConnect for GNOME)" // { default = true; }; options.mySystem.de.gnome.gsconnect = mkEnableOption "Enable gsconnect (KDEConnect for GNOME)" // { default = true; };
config = mkIf cfg.enable { config = mkIf cfg.enable {
# Ref: https://nixos.wiki/wiki/GNOME # Ref: https://nixos.wiki/wiki/GNOME
@ -38,17 +32,12 @@ in
# GNOME # GNOME
gnome.enable = true; gnome.enable = true;
}; };
}; };
udev.packages = optionals cfg.systrayicons [ pkgs.gnome.gnome-settings-daemon ]; # support appindicator udev.packages = optionals cfg.systrayicons [ pkgs.gnome.gnome-settings-daemon ]; # support appindicator
}; };
# systyray icons # systyray icons
# extra pkgs and extensions # extra pkgs and extensions
environment = { environment = {
systemPackages = with pkgs; [ systemPackages = with pkgs; [
@ -62,9 +51,7 @@ in
# dont forget to enable them per-user in dconf settings -> "org/gnome/shell" # dont forget to enable them per-user in dconf settings -> "org/gnome/shell"
gnomeExtensions.vitals gnomeExtensions.vitals
gnomeExtensions.caffeine gnomeExtensions.caffeine
gnomeExtensions.spotify-tray
gnomeExtensions.dash-to-dock gnomeExtensions.dash-to-dock
] ]
++ optionals cfg.systrayicons [ pkgs.gnomeExtensions.appindicator ]; ++ optionals cfg.systrayicons [ pkgs.gnomeExtensions.appindicator ];
}; };
@ -89,21 +76,9 @@ in
systemd.services."getty@tty1".enable = false; systemd.services."getty@tty1".enable = false;
systemd.services."autovt@tty1".enable = false; systemd.services."autovt@tty1".enable = false;
# TODO tidy this
# port forward for GNOME when using RDP***REMOVED***
# for RDP TODO make this a flag if RDP is enabled per host
networking.firewall.allowedTCPPorts = [
3389
];
# And dconf # And dconf
programs.dconf.enable = true; programs.dconf.enable = true;
# https://github.com/NixOS/nixpkgs/issues/114514
# dconf write /org/gnome/mutter/experimental-features "['scale-monitor-framebuffer']" TODO hack for GNOME 45
# Exclude default GNOME packages that dont interest me. # Exclude default GNOME packages that dont interest me.
environment.gnome.excludePackages = environment.gnome.excludePackages =
(with pkgs; [ (with pkgs; [

View file

@ -1,9 +1,4 @@
{ lib { lib, config, ... }:
, config
, self
, pkgs
, ...
}:
with lib; with lib;
let let
cfg = config.mySystem.shell.fish; cfg = config.mySystem.shell.fish;

View file

@ -1,17 +1,7 @@
{ lib { lib, config, ... }:
, config
, pkgs
, ...
}:
with lib; with lib;
let let
cfg = config.mySystem.security.acme; cfg = config.mySystem.security.acme;
app = "acme";
appFolder = "/var/lib/${app}";
# persistentFolder = "${config.mySystem.persistentFolder}/var/lib/${appFolder}";
user = app;
group = app;
in in
{ {
options.mySystem.security.acme.enable = mkEnableOption "acme"; options.mySystem.security.acme.enable = mkEnableOption "acme";

View file

@ -1,9 +1,6 @@
{ lib, config, ... }: { ... }:
with lib;
{ {
imports = [ imports = [
./acme ./acme
]; ];
} }

View file

@ -1,9 +1,4 @@
{ lib { lib, config, pkgs, ... }:
, config
, pkgs
, ...
}:
with lib; with lib;
let let
cfg = config.mySystem.services.cockpit; cfg = config.mySystem.services.cockpit;

View file

@ -3,9 +3,7 @@
./cockpit ./cockpit
./forgejo ./forgejo
./glances ./glances
./grafana
./monitoring.nix ./monitoring.nix
./nfs
./nginx ./nginx
./nix-serve ./nix-serve
./podman ./podman

View file

@ -1,9 +1,7 @@
{ lib, pkgs, config, ... }: { lib, config, ... }:
with lib; with lib;
let let
cfg = config.mySystem.services.forgejo; cfg = config.mySystem.services.forgejo;
app = "forgejo";
port = 443;
http_port = 3000; http_port = 3000;
serviceUser = "forgejo"; serviceUser = "forgejo";
domain = "git.hsn.dev"; domain = "git.hsn.dev";

View file

@ -1,8 +1,4 @@
{ pkgs { pkgs, config, lib, ... }:
, config
, lib
, ...
}:
let let
cfg = config.mySystem.services.glances; cfg = config.mySystem.services.glances;
app = "Glances"; app = "Glances";
@ -17,16 +13,7 @@ with lib;
type = lib.types.bool; type = lib.types.bool;
description = "Enable gatus monitoring"; description = "Enable gatus monitoring";
default = true; default = true;
}; };
addToHomepage = mkOption
{
type = lib.types.bool;
description = "Add to homepage";
default = true;
};
}; };
config = mkIf cfg.enable { config = mkIf cfg.enable {
@ -46,7 +33,6 @@ with lib;
firewall.allowedTCPPorts = [ 61208 ]; firewall.allowedTCPPorts = [ 61208 ];
}; };
environment.etc."glances/glances.conf" = { environment.etc."glances/glances.conf" = {
text = '' text = ''
[global] [global]

View file

@ -1,108 +0,0 @@
{ lib
, config
, pkgs
, ...
}:
with lib;
let
cfg = config.mySystem.services.grafana;
app = "grafana";
category = "services";
description = "Metric visualisation";
user = app; #string
group = app; #string
port = 2342; #int
appFolder = "/var/lib/${app}";
# persistentFolder = "${config.mySystem.persistentFolder}/var/lib/${appFolder}";
host = "${app}" + (if cfg.dev then "-dev" else "");
url = "${host}.${config.networking.domain}";
in
{
options.mySystem.${category}.${app} =
{
enable = mkEnableOption "${app}";
addToHomepage = mkEnableOption "Add ${app} to homepage" // { default = true; };
monitor = mkOption
{
type = lib.types.bool;
description = "Enable gatus monitoring";
default = true;
};
addToDNS = mkOption
{
type = lib.types.bool;
description = "Add to DNS list";
default = true;
};
dev = mkOption
{
type = lib.types.bool;
description = "Development instance";
default = false;
};
backups = mkOption
{
type = lib.types.bool;
description = "Enable local backups";
default = true;
};
};
config = mkIf cfg.enable {
users.users.jahanson.extraGroups = [ group ];
## service
services.grafana = {
inherit port;
enable = true;
domain = host;
addr = "127.0.0.1";
};
### gatus integration
mySystem.services.gatus.monitors = mkIf cfg.monitor [
{
name = app;
group = "${category}";
url = "https://${url}";
interval = "1m";
conditions = [ "[CONNECTED] == true" "[STATUS] == 200" "[RESPONSE_TIME] < 50" ];
}
];
### Ingress
services.nginx.virtualHosts.${url} = {
useACMEHost = config.networking.domain;
forceSSL = true;
locations."^~ /" = {
proxyPass = "http://127.0.0.1:${builtins.toString port}";
};
};
### firewall config
# networking.firewall = mkIf cfg.openFirewall {
# allowedTCPPorts = [ port ];
# allowedUDPPorts = [ port ];
# };
### backups
warnings = [
(mkIf (!cfg.backups && config.mySystem.purpose != "Development")
"WARNING: Local backups for ${app} are disabled!")
];
services.restic.backups = config.lib.mySystem.mkRestic
{
inherit app user;
paths = [ appFolder ];
inherit appFolder;
};
};
}

View file

@ -1,8 +1,4 @@
{ lib { lib, config, ... }:
, config
, self
, ...
}:
with lib; with lib;
let let
cfg = config.mySystem.services.promMonitoring; cfg = config.mySystem.services.promMonitoring;
@ -30,8 +26,6 @@ in
smartctl = { smartctl = {
enable = true; enable = true;
}; };
}; };
# ensure ports are open # ensure ports are open

View file

@ -1,48 +0,0 @@
{ lib
, config
, pkgs
, ...
}:
with lib;
let
cfg = config.mySystem.nfs.nas;
in
{
options.mySystem.nfs.nas = {
enable = mkEnableOption "Mount NAS";
lazy = mkOption
{
type = lib.types.bool;
description = "Enable lazymount";
default = false;
};
};
config = mkIf cfg.enable
{
services.rpcbind.enable = true; # needed for NFS
environment.systemPackages = with pkgs; [ nfs-utils ];
systemd.mounts = lib.mkIf cfg.lazy [{
type = "nfs";
mountConfig = {
Options = "noatime";
};
what = "${config.mySystem.nasAddress}:/tank";
where = "/mnt/nas";
}];
systemd.automounts = lib.mkIf cfg.lazy [{
wantedBy = [ "multi-user.target" ];
automountConfig = {
TimeoutIdleSec = "600";
};
where = "/mnt/nas";
}];
fileSystems."${config.mySystem.nasFolder}" = lib.mkIf (!cfg.lazy) {
device = "${config.mySystem.nasAddress}:/tank";
fsType = "nfs";
};
};
}

View file

@ -1,8 +1,4 @@
{ lib { lib, config, ... }:
, config
, pkgs
, ...
}:
with lib; with lib;
let let
cfg = config.mySystem.services.nginx; cfg = config.mySystem.services.nginx;

View file

@ -1,8 +1,4 @@
{ lib { lib, config, pkgs, ... }:
, config
, pkgs
, ...
}:
with lib; with lib;
let let
cfg = config.mySystem.services.nix-serve; cfg = config.mySystem.services.nix-serve;
@ -13,10 +9,8 @@ in
# enable nix serve binary cache # enable nix serve binary cache
# you can test its working with `nix store ping --store http://10.8.20.33:5000` # you can test its working with `nix store ping --store http://10.8.20.33:5000`
config.services.nix-serve = mkIf cfg.enable { config.services.nix-serve = mkIf cfg.enable {
enable = true; enable = true;
package = pkgs.nix-serve-ng; package = pkgs.nix-serve-ng;
openFirewall = true; openFirewall = true;
}; };
} }

View file

@ -1,9 +1,4 @@
{ lib { lib, config, pkgs, ... }:
, config
, pkgs
, ...
}:
with lib; with lib;
let let
cfg = config.mySystem.services.podman; cfg = config.mySystem.services.podman;
@ -34,7 +29,13 @@ in
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
podman-tui # status of containers in the terminal podman-tui # status of containers in the terminal
lazydocker
]; ];
programs.fish.shellAliases = {
# lazydocker --> lazypodman
lazypodman="sudo DOCKER_HOST=unix:///run/podman/podman.sock lazydocker";
};
networking.firewall.interfaces.podman0.allowedUDPPorts = [ 53 ]; networking.firewall.interfaces.podman0.allowedUDPPorts = [ 53 ];

View file

@ -1,15 +1,9 @@
{ lib { lib, config, ... }:
, config
, pkgs
, ...
}:
with lib; with lib;
let let
cfg = config.mySystem.${category}.${app}; cfg = config.mySystem.${category}.${app};
app = "postgresql"; app = "postgresql";
category = "services"; category = "services";
description = "Postgres RDMS";
appFolder = "/var/lib/${app}";
in in
{ {
options.mySystem.${category}.${app} = options.mySystem.${category}.${app} =
@ -21,6 +15,13 @@ in
type = lib.types.bool; type = lib.types.bool;
description = "Enable prometheus scraping"; description = "Enable prometheus scraping";
default = true; default = true;
};
backupLocation = mkOption
{
type = lib.types.string;
description = "Location for sql backups to be stored.";
default = "/persist/backup/postgresql";
}; };
backup = mkOption backup = mkOption
{ {
@ -28,7 +29,6 @@ in
description = "Enable backups"; description = "Enable backups";
default = true; default = true;
}; };
}; };
config = mkIf cfg.enable { config = mkIf cfg.enable {
@ -55,7 +55,7 @@ in
# enable backups # enable backups
services.postgresqlBackup = mkIf cfg.backup { services.postgresqlBackup = mkIf cfg.backup {
enable = lib.mkForce true; enable = lib.mkForce true;
location = "${config.mySystem.nasFolder}/backup/nixos/postgresql"; location = cfg.backupLocation;
}; };
### firewall config ### firewall config

View file

@ -1,20 +1,14 @@
{ lib { lib, config, ... }:
, config
, pkgs
, ...
}:
with lib; with lib;
let let
cfg = config.mySystem.${category}.${app}; cfg = config.mySystem.${category}.${app};
app = "radicale"; app = "radicale";
category = "services"; category = "services";
description = "Contact/Calendar managment";
user = app; #string user = app; #string
group = app; #string group = app; #string
port = 5232; #int port = 5232; #int
appFolder = "/var/lib/${app}"; appFolder = "/var/lib/${app}";
host = "${app}" + (if cfg.dev then "-dev" else ""); url = "${app}.jahanson.tech";
url = "${host}.${config.networking.domain}";
in in
{ {
options.mySystem.${category}.${app} = options.mySystem.${category}.${app} =
@ -33,26 +27,12 @@ in
description = "Enable prometheus scraping"; description = "Enable prometheus scraping";
default = true; default = true;
}; };
addToDNS = mkOption
{
type = lib.types.bool;
description = "Add to DNS list";
default = true;
};
dev = mkOption
{
type = lib.types.bool;
description = "Development instance";
default = false;
};
backups = mkOption backups = mkOption
{ {
type = lib.types.bool; type = lib.types.bool;
description = "Enable local backups"; description = "Enable local backups";
default = true; default = true;
}; };
}; };
config = mkIf cfg.enable { config = mkIf cfg.enable {
@ -83,8 +63,7 @@ in
htpasswd_encryption = "plain"; htpasswd_encryption = "plain";
realm = "Radicale - Password Required"; realm = "Radicale - Password Required";
}; };
storage.filesystem_folder = "/var/lib/radicale/collections"; # TODO impermance/move? storage.filesystem_folder = "/var/lib/radicale/collections";
}; };
}; };
@ -126,9 +105,6 @@ in
inherit app user; inherit app user;
paths = [ appFolder ]; paths = [ appFolder ];
inherit appFolder; inherit appFolder;
}); });
}; };
} }

View file

@ -1,8 +1,4 @@
{ lib { lib, config, ... }:
, config
, self
, ...
}:
with lib; with lib;
let let
cfg = config.mySystem.services.rebootRequiredCheck; cfg = config.mySystem.services.rebootRequiredCheck;
@ -11,7 +7,6 @@ in
options.mySystem.services.rebootRequiredCheck.enable = mkEnableOption "Reboot required check"; options.mySystem.services.rebootRequiredCheck.enable = mkEnableOption "Reboot required check";
config = mkIf cfg.enable { config = mkIf cfg.enable {
# Enable timer # Enable timer
systemd.timers."reboot-required-check" = { systemd.timers."reboot-required-check" = {
wantedBy = [ "timers.target" ]; wantedBy = [ "timers.target" ];
@ -46,9 +41,5 @@ in
User = "root"; User = "root";
}; };
}; };
}; };
} }

View file

@ -1,8 +1,4 @@
{ lib { lib, config, pkgs, ... }:
, config
, pkgs
, ...
}:
with lib; with lib;
let let
cfg = config.mySystem.system.resticBackup; cfg = config.mySystem.system.resticBackup;
@ -30,10 +26,9 @@ in
mountPath = mkOption mountPath = mkOption
{ {
type = types.str; type = types.str;
description = "Location for snapshot mount"; description = "Location for snapshot mount";
default = "/mnt/nightly_backup"; default = "/mnt/nightly_backup";
}; };
}; };
config = { config = {

View file

@ -1,7 +1,4 @@
{ lib { lib, config, ... }:
, config
, ...
}:
let let
cfg = config.mySystem.system.impermanence; cfg = config.mySystem.system.impermanence;
in in

View file

@ -53,22 +53,24 @@ let
zpool list -Ho name,cap,size | awk '{ printf("%-10s%+3s used out of %+5s\n", $1, $2, $3); }' | sed -e 's/^/ /' zpool list -Ho name,cap,size | awk '{ printf("%-10s%+3s used out of %+5s\n", $1, $2, $3); }' | sed -e 's/^/ /'
fi fi
printf "\n" printf "\n"
if [[ -n "$service_status" ]]; then
printf "$BOLDService status$ENDCOLOR\n" printf "$BOLDService status$ENDCOLOR\n"
while IFS= read -r line; do
while IFS= read -r line; do if [[ $line =~ ".scope" ]]; then
if [[ $line =~ ".scope" ]]; then continue
continue fi
fi if echo "$line" | grep -q 'failed'; then
if echo "$line" | grep -q 'failed'; then service_name=$(echo $line | awk '{print $2;}' | sed 's/podman-//g')
service_name=$(echo $line | awk '{print $2;}' | sed 's/podman-//g') printf "$RED $ENDCOLOR%-50s $RED[failed]$ENDCOLOR\n" "$service_name"
printf "$RED $ENDCOLOR%-50s $RED[failed]$ENDCOLOR\n" "$service_name" elif echo "$line" | grep -q 'running'; then
elif echo "$line" | grep -q 'running'; then service_name=$(echo $line | awk '{print $1;}' | sed 's/podman-//g')
service_name=$(echo $line | awk '{print $1;}' | sed 's/podman-//g') printf "$GREEN $ENDCOLOR%-50s $GREEN[active]$ENDCOLOR\n" "$service_name"
printf "$GREEN $ENDCOLOR%-50s $GREEN[active]$ENDCOLOR\n" "$service_name" else
else echo "service status unknown"
echo "service status unknown" fi
fi done <<< "$service_status"
done <<< "$service_status" fi
''; '';
cfg = config.mySystem.system.motd; cfg = config.mySystem.system.motd;
in in

View file

@ -1,8 +1,4 @@
{ lib { lib, config, ... }:
, config
, self
, ...
}:
with lib; with lib;
let let
cfg = config.mySystem.nix; cfg = config.mySystem.nix;
@ -27,7 +23,6 @@ in
}; };
}; };
}; };
config.nix = { config.nix = {
optimise.automatic = cfg.autoOptimiseStore; optimise.automatic = cfg.autoOptimiseStore;
# automatically garbage collect nix store # automatically garbage collect nix store

View file

@ -1,8 +1,4 @@
{ lib { lib, config, ... }:
, config
, self
, ...
}:
with lib; with lib;
let let
cfg = config.mySystem.services.openssh; cfg = config.mySystem.services.openssh;
@ -23,7 +19,6 @@ in
default = "no"; default = "no";
}; };
}; };
config = mkIf cfg.enable { config = mkIf cfg.enable {
services.openssh = { services.openssh = {
enable = true; enable = true;

View file

@ -8,7 +8,7 @@ let
cfg = config.mySystem.system.systemd.pushover-alerts; cfg = config.mySystem.system.systemd.pushover-alerts;
in in
{ {
options.mySystem.system.systemd.pushover-alerts.enable = mkEnableOption "Pushover alers for systemd failures" // { default = true; }; options.mySystem.system.systemd.pushover-alerts.enable = mkEnableOption "Pushover alerts for systemd failures" // { default = true; };
options.systemd.services = mkOption { options.systemd.services = mkOption {
type = with types; attrsOf ( type = with types; attrsOf (
submodule { submodule {

View file

@ -1,7 +1,4 @@
{ lib { lib, config, ... }:
, config
, ...
}:
with lib; with lib;
let let
cfg = config.mySystem.security; cfg = config.mySystem.security;

View file

@ -1,8 +1,4 @@
{ lib { lib, config, ... }:
, config
, self
, ...
}:
with lib; with lib;
let let
cfg = config.mySystem.system; cfg = config.mySystem.system;

View file

@ -1,7 +1,4 @@
{ lib { lib, config, ... }:
, config
, ...
}:
let let
cfg = config.mySystem.time; cfg = config.mySystem.time;
in in

View file

@ -1,8 +1,4 @@
{ lib { lib, config, pkgs, ... }:
, config
, pkgs
, ...
}:
let let
cfg = config.mySystem.system.zfs; cfg = config.mySystem.system.zfs;
in in
@ -40,6 +36,5 @@ with lib;
ZED_PUSHOVER_TOKEN = "$(${pkgs.busybox}/bin/cat ${config.sops.secrets.pushover-api-key.path})"; ZED_PUSHOVER_TOKEN = "$(${pkgs.busybox}/bin/cat ${config.sops.secrets.pushover-api-key.path})";
ZED_PUSHOVER_USER = "$(${pkgs.busybox}/bin/cat ${config.sops.secrets.pushover-user-key.path})"; ZED_PUSHOVER_USER = "$(${pkgs.busybox}/bin/cat ${config.sops.secrets.pushover-user-key.path})";
}; };
}; };
} }

View file

@ -1,4 +1,4 @@
{ config, lib, pkgs, imports, modulesPath, ... }: { config, lib, pkgs, modulesPath, ... }:
with lib; with lib;
{ {

View file

@ -5,5 +5,4 @@
./system.nix ./system.nix
./users.nix ./users.nix
]; ];
} }

View file

@ -1,4 +1,4 @@
{ config, ... }: { ... }:
{ {
sops.age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ]; sops.age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
# Secret for machine-specific pushover # Secret for machine-specific pushover

View file

@ -1,5 +1,4 @@
{ config, lib, pkgs, ... }: { lib, pkgs, ... }:
with lib;
{ {
system = { system = {
# Enable printing changes on nix build etc with nvd # Enable printing changes on nix build etc with nvd

View file

@ -1,12 +1,10 @@
{ config, lib, pkgs, imports, boot, self, inputs, ... }: { config, lib, pkgs, ... }:
# Role for workstations # Role for workstations
# Covers desktops/laptops, expected to have a GUI and do workloads # Covers desktops/laptops, expected to have a GUI and do workloads
# Will have home-manager installs # Will have home-manager installs
with config; with config;
{ {
mySystem = { mySystem = {
de.gnome.enable = true; de.gnome.enable = true;
@ -15,20 +13,20 @@ with config;
# TODO decide if i drop to bash on pis? # TODO decide if i drop to bash on pis?
shell.fish.enable = true; shell.fish.enable = true;
nfs.nas = { # TODO make nfs server configurable
enable = true; # nfs.nas = {
lazy = true; # enable = true;
}; # lazy = true;
# };
system.resticBackup.local.enable = false; system.resticBackup.local.enable = false;
system.resticBackup.remote.enable = false; system.resticBackup.remote.enable = false;
}; };
boot = { boot = {
binfmt.emulatedSystems = [ "aarch64-linux" ]; # Enabled for raspi4 compilation binfmt.emulatedSystems = [ "aarch64-linux" ]; # Enabled for raspi4 compilation
plymouth.enable = true; # hide console with splash screen plymouth.enable = true; # hide console with splash screen
}; };
nix.settings = { nix.settings = {