servius/dotfiles
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

Compare commits

base: servius:24fab1402b86d5c1594710e20622ccb6b698c45b
Branches Tags
servius:master
...
compare: servius:master
Branches Tags
servius:master

78 Commits
24fab1402b ... master

Author SHA1 Message Date
servius
2913f0c8e1 fix(scripts): correct aichat role syntax
Some checks are pending
Flake checker / Build Nix targets (push) Waiting to run
Details
2026-01-28 14:34:31 +05:30
servius
fb7c219cf2 feat: Disable mpv on macos
Some checks failed
Flake checker / Build Nix targets (push) Has been cancelled
Details
2026-01-28 13:49:31 +05:30
servius
581fa74f19 feat: Add embedding model and extraPackages to aichat
Some checks failed
Flake checker / Build Nix targets (push) Has been cancelled
Details
2026-01-27 16:37:57 +05:30
servius
3f1f23391a feat: Disable nixvim grammarPackages for now because of is-not treesitter
Some checks failed
Flake checker / Build Nix targets (push) Has been cancelled
Details
2026-01-26 23:54:38 +05:30
servius
ddb0345587 feat: Update use local model
Some checks failed
Flake checker / Build Nix targets (push) Has been cancelled
Details
2026-01-26 20:59:27 +05:30
servius
99494b8777 feat: Remove command runner 2026-01-26 20:55:15 +05:30
servius
4c385b2653 feat: Update to latest flake.lock
Some checks failed
Flake checker / Build Nix targets (push) Has been cancelled
Details
2026-01-26 01:06:30 +05:30
servius
f32d7d3643 feat: Added hytale
Some checks failed
Flake checker / Build Nix targets (push) Has been cancelled
Details
2026-01-25 15:30:45 +05:30
servius
ab4c22592a feat(games): add Hytale game module and Flatpak support
Some checks failed
Flake checker / Build Nix targets (push) Has been cancelled
Details
2026-01-24 23:50:55 +05:30
servius
869778df2a feat(nix): integrate cratesNix across Darwin and home modules
Some checks failed
Flake checker / Build Nix targets (push) Has been cancelled
Details
2026-01-23 16:27:52 +05:30
servius
0a2ad32dfb feat: Use different partition for swapfile
Some checks failed
Flake checker / Build Nix targets (push) Has been cancelled
Details
2026-01-23 12:59:50 +05:30
servius
230547eb92 feat: extend ghostty shader, add shadps4 builds, update nix, homepage
Some checks failed
Flake checker / Build Nix targets (push) Has been cancelled
Details
2026-01-21 20:21:25 +05:30
servius
3beb85c474 chore(flake): update flake.lock 2026-01-21 10:41:33 +05:30
servius
101331cbc9 refactor: switch ping to siteMonitor and enable GLSL analyzer 2026-01-21 02:09:15 +05:30
servius
d803dd9dc8 refactor(nixos): add ping to homepage 2026-01-20 17:00:57 +05:30
servius
509a9b49ed feat(nixos): enable immich ml; bind localhost; add ollama env 2026-01-18 21:35:15 +05:30
servius
a97ff2c46d chore(flake): update flake.lock
Some checks failed
Flake checker / Build Nix targets (push) Has been cancelled
Details
2026-01-15 02:16:54 +05:30
servius
6453bb62a1 feat(kellnr): add sops config and docs flag, dynamic domain vhost
Some checks failed
Flake checker / Build Nix targets (push) Has been cancelled
Details
2026-01-14 12:08:19 +05:30
servius
67305549bc feat: Added kellnr
Some checks failed
Flake checker / Build Nix targets (push) Has been cancelled
Details
2026-01-14 11:45:10 +05:30
servius
6ff14a1aa4 feat(vicinae): Adde pactl for sound plugin
Some checks failed
Flake checker / Build Nix targets (push) Has been cancelled
Details
2026-01-13 17:14:45 +05:30
servius
9a6d19b101 feat(atuin): add macOS launchd daemon agent
Some checks failed
Flake checker / Build Nix targets (push) Has been cancelled
Details
2026-01-13 16:23:45 +05:30
servius
2494e8ce83 feat(yazi): add config arg and preview cache_dir
Some checks failed
Flake checker / Build Nix targets (push) Has been cancelled
Details
2026-01-13 16:01:52 +05:30
servius
f90f84b3f7 feat(overlays): override libfprint to CS9711 fork with deps
Some checks failed
Flake checker / Build Nix targets (push) Has been cancelled
Details
2026-01-13 15:36:16 +05:30
servius
3db69c9e41 chore(darwin): prune kuro packages, update shiro casks, add 1password
Some checks failed
Flake checker / Build Nix targets (push) Has been cancelled
Details
2026-01-13 15:23:12 +05:30
servius
ac55fa4426 refactor: update aichat model; add atuin daemon; cleanup gui
Some checks failed
Flake checker / Build Nix targets (push) Has been cancelled
Details
2026-01-13 15:20:13 +05:30
servius
5a195af336 feat(home): added binwalk 2026-01-13 14:46:19 +05:30
servius
e0f79ae04b chore: add OpenWebUI entry and update LLM URLs
Some checks failed
Flake checker / Build Nix targets (push) Has been cancelled
Details
2026-01-13 14:30:40 +05:30
servius
74d5ec1426 feat: Added wireshark and refactor ollama modules
Some checks failed
Flake checker / Build Nix targets (push) Has been cancelled
Details
2026-01-13 14:11:37 +05:30
servius
124e3fedfd chore(home): Move fonts into fonts.nix 2026-01-13 12:19:43 +05:30
servius
34c0bf9616 feat(Justfile): Add comments and update ast-grep pattern for program addition
Some checks failed
Flake checker / Build Nix targets (push) Has been cancelled
Details
2026-01-13 11:40:18 +05:30
servius
5eb002fe8b fix: format before adding to git
Some checks failed
Flake checker / Build Nix targets (push) Has been cancelled
Details
2026-01-13 11:38:21 +05:30
servius
fd2ea0ba07 feat(util): Added option to easily add new programs/modules using just
Some checks failed
Flake checker / Build Nix targets (push) Has been cancelled
Details 
feat(virtualisation): Added waydroid
chore(structure): moved all individual home.packages into their own files
 2026-01-13 11:35:11 +05:30
servius
165dff7faa feat(tsuba): Add image pruning systemd timer
Some checks failed
Flake checker / Build Nix targets (push) Has been cancelled
Details
2026-01-13 00:55:46 +05:30
servius
49ad26ac1c chore: update flake.lock with latest revisions and hashes 2026-01-13 00:38:31 +05:30
servius
01e0349610 feat(jellyfin): add automated docker image update service and timer
Some checks failed
Flake checker / Build Nix targets (push) Has been cancelled
Details
2026-01-13 00:28:12 +05:30
servius
9ca0e4fa5b feat: Update nixpkgs
Some checks failed
Flake checker / Build Nix targets (push) Has been cancelled
Details
2026-01-12 23:13:20 +05:30
servius
0a95fbd703 fix(hyprland): set direct_scanout to auto mode by default
Some checks failed
Flake checker / Build Nix targets (push) Has been cancelled
Details
2026-01-12 22:09:22 +05:30
servius
04a08d3107 fix(fish): conditionally use sixel for fastfetch in tmux
Some checks failed
Flake checker / Build Nix targets (push) Has been cancelled
Details 
fix(nvim): enhance catppuccin colorscheme with integrations
 2026-01-07 21:21:43 +05:30
uttarayan21
0d14b6bffc feat: Use default tailscale
Some checks failed
Flake checker / Build Nix targets (push) Has been cancelled
Details
2026-01-07 11:42:36 +05:30
servius
7b717f95ab feat(email): add alias and update git config for fastmail account
Some checks failed
Flake checker / Build Nix targets (push) Has been cancelled
Details
2026-01-07 07:08:48 +05:30
uttarayan21
f9a7c9ae52 feat(hyprland): optimize animation timings
Some checks failed
Flake checker / Build Nix targets (push) Has been cancelled
Details 
feat(neovim): add tv plugin and remove markdown-preview
 2026-01-07 04:53:57 +05:30
uttarayan21
5d48a7ed38 feat: Added hyprshade 2026-01-06 15:26:12 +05:30
uttarayan21
99b4fb3ad1 chore(flake): update nixpkgs and stylix to 25.11, update dependencies and disable stylix for tsuba
Some checks failed
Flake checker / Build Nix targets (push) Has been cancelled
Details
2026-01-04 08:52:09 +05:30
uttarayan21
741cfc163e feat: Added netboot.xyz
Some checks failed
Flake checker / Build Nix targets (push) Has been cancelled
Details
2026-01-04 02:48:55 +05:30
uttarayan21
b9a684f4e9 feat: Use upstream hyprpaper module
Some checks failed
Flake checker / Build Nix targets (push) Has been cancelled
Details
2026-01-04 00:42:04 +05:30
uttarayan21
253d600448 feat: Update nixpkgs 2026-01-04 00:26:02 +05:30
uttarayan21
1f537d6189 feat: Re-added orcaslicer 2026-01-03 23:04:55 +05:30
uttarayan21
97dd599e03 chore: Disable a bunch of unused apps
Some checks failed
Flake checker / Build Nix targets (push) Has been cancelled
Details
2026-01-03 03:28:12 +05:30
uttarayan21
ac69625809 feat: update Makefile 2025-12-30 19:08:36 +05:30
uttarayan21
1cec36e736 feat(vicinae): use catppuccin-mocha dark theme in vicinae
Some checks failed
Flake checker / Build Nix targets (push) Has been cancelled
Details
2025-12-30 18:53:49 +05:30
uttarayan21
5f243fda02 feat(nixos): Added uid and gid to users
Some checks failed
Flake checker / Build Nix targets (push) Has been cancelled
Details
2025-12-30 18:35:28 +05:30
uttarayan21
67cc456503 feat(home): enable shadps4
Some checks failed
Flake checker / Build Nix targets (push) Has been cancelled
Details
2025-12-30 06:39:50 +05:30
uttarayan21
e8aece3f47 feat(nixos): update flake.lock and configure services for ryu and tako 
feat(home): adjust vicinae and eilmeldung configurations

feat(neovim): enable folding in neovim configuration

fix(nixos): disable resolved dns and remove fallback dns on tako

chore(nixos): add pihole and resolved services to tsuba

chore(home): remove unused packages from programs

chore(nixos): add gamescope-wsi and vulkan-tools to steam configuration

chore(nixos): update navidrome service with sops integration and systemd tmpfiles

chore(darwin): use dynamic user in shiro configuration

chore(secrets): add lastfm and pihole secrets to secrets.yaml
 2025-12-30 04:32:13 +05:30
uttarayan21
0fa7586c97 feat: Update eilmeldung config and update nix flakes 2025-12-27 21:23:44 +05:30
uttarayan21
f3c22f29bf chore: update flake.lock with latest revisions and hashes
Some checks failed
Flake checker / Build Nix targets (push) Has been cancelled
Details
2025-12-26 22:29:29 +05:30
uttarayan21
9fb2079375 feat(home): enable ironbar service and disable orcaslicer app 2025-12-26 21:24:14 +05:30
uttarayan21
d109ceb7fd feat: Added navidrome server with authelia reverse proxy
Some checks failed
Flake checker / Build Nix targets (push) Has been cancelled
Details
2025-12-26 09:15:00 +05:30
uttarayan21
5862504957 feat: Update to latest nixpkgs
Some checks failed
Flake checker / Build Nix targets (push) Has been cancelled
Details
2025-12-25 22:30:53 +05:30
uttarayan21
b7c7a875f6 feat: update flake.lock and add eilmeldung program with configuration 2025-12-25 06:29:41 +05:30
uttarayan21
59eee40635 fix(tsuba): remove duplicate bootloader configuration
Some checks failed
Flake checker / Build Nix targets (push) Has been cancelled
Details
2025-12-18 16:35:09 +05:30
uttarayan21
ab1c940aef feat(ghostty): disable stylix integration and add catppuccin-mocha theme 
perf(wezterm): reduce font size to 13
feat(fastfetch): set logo type to kitty
fix(fish): replace pfetch with fastfetch
chore(hyprland): swap kitty and wezterm bindings
 2025-12-18 15:59:59 +05:30
uttarayan21
e6e4a58d70 feat(tailscale): use stable package
Some checks failed
Flake checker / Build Nix targets (push) Has been cancelled
Details 
feat(zed): add stable package to zed editor config
fix(mbsync): enable mbsync only on linux
 2025-12-16 15:11:24 +05:30
uttarayan21
6c9ea5bd8f feat(tsuba): update Raspberry Pi bootloader and extra config settings
Some checks failed
Flake checker / Build Nix targets (push) Has been cancelled
Details
2025-12-16 12:10:34 +05:30
uttarayan21
59e0ffc1ae fix(dualsense): Correct touchpad device name for libinput ignore
Some checks failed
Flake checker / Build Nix targets (push) Has been cancelled
Details 
chore(handoff): Disable airpods handoff service
perf(wivrn): Comment out nightly package for stability
 2025-12-15 14:20:16 +05:30
uttarayan21
edf2e5834a feat(wivrn): update to uttarayan21/wivrn and use nightly package
Some checks failed
Flake checker / Build Nix targets (push) Has been cancelled
Details
2025-12-12 18:57:32 +05:30
uttarayan21
42dac8b4d2 feat: Updated nixpkgs 2025-12-12 18:39:33 +05:30
uttarayan21
ceddbd9132 chore: Update readme
Some checks failed
Flake checker / Build Nix targets (push) Has been cancelled
Details
2025-12-11 04:14:00 +05:30
uttarayan21
c9456966bf feat(email): enable mbsync and configure neomutt with sidebar and notmuch support
Some checks failed
Flake checker / Build Nix targets (push) Has been cancelled
Details
2025-12-09 18:22:16 +05:30
uttarayan21
8bd6da8f75 feat(home): add prismlauncher and ida apps, enable ollama service
Some checks failed
Flake checker / Build Nix targets (push) Has been cancelled
Details 
feat(nixos): enable ollama service with cuda support
fix(nixos): update llama service to use fixed port and remove commented code
chore(home): reorganize app imports and remove unused packages
 2025-12-09 17:45:27 +05:30
uttarayan21
f0bb05678c chore: update flake.lock to latest 2025-12-09 15:28:53 +05:30
uttarayan21
3051a19d79 chore: update flake lock and nix files for home-manager changes
Some checks failed
Flake checker / Build Nix targets (push) Has been cancelled
Details
2025-12-09 02:01:54 +05:30
uttarayan21
2e1fdc655c chore(vr): comment out envision package in vr.nix 2025-12-09 01:53:20 +05:30
uttarayan21
340f260c31 chore: update flake.lock with latest dependency revisions
Some checks failed
Flake checker / Build Nix targets (push) Has been cancelled
Details
2025-12-09 01:26:53 +05:30
uttarayan21
644b2c31ed feat(nixos): add wivrn service support with flake inputs
Some checks failed
Flake checker / Build Nix targets (push) Has been cancelled
Details
2025-12-09 00:31:39 +05:30
uttarayan21
d099b4b403 chore: remove devices diagrams and update flake configuration 2025-12-08 23:18:54 +05:30
uttarayan21
597cf35a09 chore: remove deprecated NixOS mirai configuration files 2025-12-08 17:24:28 +05:30
uttarayan21
497445c854 feat(nixos): enable GNOME, add Droidcam, and update services config
Some checks failed
Flake checker / Build Nix targets (push) Has been cancelled
Details
2025-12-08 16:58:41 +05:30
uttarayan21
b25638eb9f feat(apps): add "ida" and enable documentation in NixOS config 2025-12-06 21:41:50 +05:30
164 changed files with 6018 additions and 3887 deletions
Expand all files Collapse all files

1
.ignore Normal file
View File

@@ -0,0 +1 @@
*.lock

8
Makefile
View File

@@ -1,9 +1,9 @@
.PHONY: darwin home default nixos just
.PHONY: darwin home default nixos install
default: just
default: install
just:
just
install:
sudo nixos-rebuild switch --flake . --builders '' --max-jobs 1
build:
sudo nixos-rebuild build --flake . --show-trace

23
README.md
View File

@@ -1,11 +1,22 @@
# Machines
1. Ryu Dektop (Intel i9-14900KS / Nvidia 5090 / 64GB CL36@6000MTs)
1. Ryu Dektop (Intel i9-14900KS / Nvidia RTX 5090 / DDR5 64GB CL36@6000MTs)
```
deploy -s .#ryu
```
2. Mirai Server (AMD Ryzen 7 7700 / 64GB@5200MHz)
3. Tako Server (Intel Xeon E-2236 / 64GB)
4. Tsuba Server (Raspberry Pi 5 / 8GB)
5. Kuro Laptop (Apple M4 Pro macbook / 24GB)
6. Shiro Desktop (Apple M4 macmini / 16GB)
2. Tako Server (Intel Xeon E-2236 / DDR5 64GB)
```
deploy -s .#tako
```
3. Tsuba Server (Raspberry Pi 5 / 8GB)
```
deploy -s .#tsuba
```
4. Kuro Laptop (Apple M4 Pro macbook / 24GB)
```
deploy -s .#kuro
```
5. Shiro Desktop (Apple M4 macmini / 16GB)
```
deploy -s .#shiro
```

235
assets/devices-diagram.d2
View File

@@ -1,235 +0,0 @@
title: Device Architecture Overview {
near: top-center
shape: text
style: {
font-size: 24
bold: true
}
}
# Device Groups
servers: Server Infrastructure {
style.fill: "#e8f4fd"
style.stroke: "#1e3a8a"
style.stroke-width: 2
mirai: mirai {
shape: rectangle
style.fill: "#fbbf24"
label: "mirai\nMain Server\nx86_64-linux\nUser: fs0c131y\nHeadless"
services: Services {
shape: cylinder
style.fill: "#34d399"
label: "Services\n• Nextcloud\n• Gitea\n• Minecraft\n• Immich\n• Paperless\n• Tailscale\n• And more..."
}
}
deoxys: deoxys {
shape: rectangle
style.fill: "#a78bfa"
label: "deoxys\nVM Server\nx86_64-linux\nUser: servius\nHeadless"
}
tsuba: tsuba {
shape: rectangle
style.fill: "#fb7185"
label: "tsuba\nRaspberry Pi\naarch64-linux\nUser: servius\nHeadless"
}
}
workstations: Development Workstations {
style.fill: "#f0fdf4"
style.stroke: "#15803d"
style.stroke-width: 2
ryu: ryu {
shape: rectangle
style.fill: "#3b82f6"
label: "ryu\nMain Desktop\nx86_64-linux\nUser: servius\nHyprland + GNOME"
monitors: Multi-Monitor Setup {
style.fill: "#ddd6fe"
primary: "HDMI-A-1\n(Gigabyte FO27Q3)" {
shape: rectangle
style.fill: "#c4b5fd"
}
secondary: "DP-3\n(Acer XV272U)" {
shape: rectangle
style.fill: "#c4b5fd"
}
tertiary: "DP-1\n(Gigabyte M27Q)" {
shape: rectangle
style.fill: "#c4b5fd"
}
}
}
shiro: shiro {
shape: rectangle
style.fill: "#9ca3af"
label: "shiro\nMac Mini Desktop\naarch64-darwin\nUser: servius\nBuild Server"
}
}
mobile: Portable Devices {
style.fill: "#fef3c7"
style.stroke: "#d97706"
style.stroke-width: 2
kuro: kuro {
shape: rectangle
style.fill: "#6b7280"
label: "kuro\nMacBook\naarch64-darwin\nUser: fs0c131y"
}
deck: SteamDeck {
shape: rectangle
style.fill: "#ef4444"
label: "SteamDeck\nGaming Handheld\nx86_64-linux\nUser: deck\nHome Manager Only"
}
}
# Network Infrastructure
network: Network Infrastructure {
style.fill: "#fdf2f8"
style.stroke: "#db2777"
style.stroke-width: 2
tailscale: Tailscale VPN {
shape: cloud
style.fill: "#ec4899"
}
zerotier: ZeroTier Network {
shape: cloud
style.fill: "#f97316"
}
local_network: Local Network {
shape: cloud
style.fill: "#06b6d4"
}
}
# Build Infrastructure
builders: Build Machines {
style.fill: "#f5f5f4"
style.stroke: "#525252"
style.stroke-width: 2
build_info: "Distributed Builds\nmirai, shiro (+ tsuba)" {
shape: text
style.font-size: 14
style.bold: true
}
}
# Configuration Management
config_mgmt: Configuration Management {
style.fill: "#fefce8"
style.stroke: "#ca8a04"
style.stroke-width: 2
nixos_flake: NixOS Flake {
shape: hexagon
style.fill: "#facc15"
}
home_manager: Home Manager {
shape: hexagon
style.fill: "#eab308"
}
darwin: nix-darwin {
shape: hexagon
style.fill: "#f59e0b"
}
}
# Deployment Connections
workstations.ryu -> servers.mirai: SSH Deploy {
style.stroke: "#059669"
style.stroke-width: 2
}
workstations.ryu -> servers.deoxys: SSH Deploy {
style.stroke: "#059669"
style.stroke-width: 2
}
workstations.ryu -> servers.tsuba: "SSH Deploy\n(tsuba.darksailor.dev)" {
style.stroke: "#059669"
style.stroke-width: 2
}
mobile.kuro -> servers.mirai: SSH Deploy {
style.stroke: "#7c3aed"
style.stroke-width: 2
}
mobile.kuro -> workstations.shiro: SSH Deploy {
style.stroke: "#7c3aed"
style.stroke-width: 2
}
workstations.ryu -> mobile.deck: "SSH Deploy\n(steamdeck)" {
style.stroke: "#dc2626"
style.stroke-width: 2
}
# Network connections
servers.mirai -> network.tailscale
servers.deoxys -> network.tailscale
servers.tsuba -> network.tailscale
workstations.ryu -> network.local_network
mobile.deck -> network.tailscale
servers.mirai -> network.zerotier
workstations.ryu -> network.zerotier
# Build relationships
workstations.ryu -> builders: Uses distributed builds
mobile.kuro -> builders: Uses distributed builds
servers.mirai -> builders: Build server
workstations.shiro -> builders: Build server
# Configuration connections
config_mgmt.nixos_flake -> servers.mirai
config_mgmt.nixos_flake -> servers.deoxys
config_mgmt.nixos_flake -> servers.tsuba
config_mgmt.nixos_flake -> workstations.ryu
config_mgmt.darwin -> mobile.kuro
config_mgmt.darwin -> workstations.shiro
config_mgmt.home_manager -> mobile.deck
# Legend
legend: Legend {
near: bottom-right
style.fill: "#f9fafb"
style.stroke: "#6b7280"
servers_legend: "🖥️ Servers (headless)" {
shape: text
style.font-size: 12
}
workstations_legend: "💻 Workstations (GUI)" {
shape: text
style.font-size: 12
}
mobile_legend: "📱 Portable/Mobile" {
shape: text
style.font-size: 12
}
deploy_legend: "→ SSH Deploy" {
shape: text
style.font-size: 12
}
}

149
assets/devices-diagram.svg
View File

File diff suppressed because one or more lines are too long
Side by Side

Before

Width:  |  Height:  |  Size: 66 KiB

2
darwin/default.nix
View File

@@ -3,6 +3,7 @@
inputs,
nix-darwin,
overlays,
nixpkgs,
...
}: (builtins.mapAttrs (
name: device:
@@ -11,6 +12,7 @@
specialArgs = {
inherit device inputs;
stablePkgs = inputs.nixpkgs-stable.legacyPackages.${device.system};
cratesNix = inputs.crates-nix.mkLib {pkgs = nixpkgs.legacyPackages.${device.system};};
};
modules = [
inputs.home-manager.darwinModules.home-manager

2
darwin/kuro/configuration.nix
View File

@@ -28,7 +28,7 @@
extra-nix-path = nixpkgs=flake:nixpkgs
builders-use-substitutes = true
'';
package = pkgs.nixVersions.latest;
package = pkgs.nixVersions.nix_2_32;
buildMachines = [
../../builders/tako.nix
../../builders/shiro.nix

3
darwin/kuro/homebrew.nix
View File

@@ -8,11 +8,8 @@
"lunar"
"orcaslicer"
"raycast"
"shapr3d"
"vlc"
"zed"
"zen"
"lm-studio"
];
};
}

4
darwin/kuro/services/tailscale.nix
View File

@@ -1,3 +1,5 @@
{...}: {
services.tailscale.enable = true;
services.tailscale = {
enable = true;
};
}

2
darwin/shiro/configuration.nix
View File

@@ -35,7 +35,7 @@
distributedBuilds = true;
};
users.users.servius = {
users.users.${device.user} = {
# isNormalUser = true;
openssh.authorizedKeys.keyFiles = [
../../secrets/id_ed25519.pub

4
darwin/shiro/homebrew.nix
View File

@@ -5,12 +5,10 @@
"docker-compose"
];
casks = [
"1password"
"docker"
"raycast"
"lunar"
"virtual-desktop-streamer"
"kicad"
"shapr3d"
"orcaslicer"
"zed"
"zen"

1434
flake.lock generated
View File

File diff suppressed because it is too large Load Diff

59
flake.nix
View File

@@ -3,14 +3,14 @@
inputs = {
nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable";
nixpkgs-master.url = "github:nixos/nixpkgs/master";
nixpkgs-stable.url = "github:nixos/nixpkgs/nixos-25.05";
nixpkgs-stable.url = "github:nixos/nixpkgs/nixos-25.11";
flake-utils.url = "github:numtide/flake-utils";
disko = {
url = "github:nix-community/disko/latest";
inputs.nixpkgs.follows = "nixpkgs";
};
home-manager = {
url = "github:nix-community/home-manager/release-25.11";
url = "github:nix-community/home-manager";
inputs.nixpkgs.follows = "nixpkgs";
};
stylix = {
@@ -18,11 +18,11 @@
inputs.nixpkgs.follows = "nixpkgs";
};
stylix-stable = {
url = "github:nix-community/stylix/release-25.05";
url = "github:nix-community/stylix/release-25.11";
inputs.nixpkgs.follows = "nixpkgs-stable";
};
home-manager-stable = {
url = "github:nix-community/home-manager/release-25.05";
url = "github:nix-community/home-manager/release-25.11";
inputs.nixpkgs.follows = "nixpkgs-stable";
};
nix-darwin = {
@@ -189,11 +189,6 @@
url = "github:uttarayan21/ddcbacklight";
inputs.nixpkgs.follows = "nixpkgs";
};
command-runner = {
url = "github:uttarayan21/command-runner";
# url = "path:/home/servius/Projects/command-runner";
inputs.nixpkgs.follows = "nixpkgs";
};
hyprmonitors = {
url = "git+https://git.darksailor.dev/servius/hyprmonitors";
# url = "path:/home/servius/Projects/hyprmonitors";
@@ -230,7 +225,14 @@
url = "github:xatuke/handoff";
inputs.nixpkgs.follows = "nixpkgs";
};
crates-nix.url = "github:uttarayan21/crates.nix";
crates-io-index = {
url = "git+https://github.com/rust-lang/crates.io-index?shallow=1";
flake = false;
};
crates-nix = {
url = "github:uttarayan21/crates.nix";
inputs.crates-io-index.follows = "crates-io-index";
};
headplane = {
url = "github:tale/headplane";
inputs.nixpkgs.follows = "nixpkgs";
@@ -239,6 +241,17 @@
url = "github:vicinaehq/vicinae";
# inputs.nixpkgs.follows = "nixpkgs";
};
wivrn = {
url = "github:uttarayan21/wivrn?submodules=1";
inputs.nixpkgs.follows = "nixpkgs";
};
eilmeldung = {
url = "github:christo-auer/eilmeldung";
inputs.nixpkgs.follows = "nixpkgs";
};
hytale-launcher = {
url = "github:JPyke3/hytale-launcher-nix";
};
};
outputs = {
@@ -255,14 +268,6 @@
...
} @ inputs: let
devices = {
# mirai = mkDevice {
# name = "mirai";
# system = "x86_64-linux";
# user = "fs0c131y";
# hasGui = false; # Don't wan't to run GUI apps on a headless server
# isNix = true;
# isServer = true;
# };
tako = mkDevice {
name = "tako";
system = "x86_64-linux";
@@ -342,6 +347,14 @@
if isDarwin
then "/Users/${device.user}"
else "/home/${device.user}";
uid =
if (builtins.hasAttr "uid" device)
then device.uid
else 1000;
gid =
if (builtins.hasAttr "gid" device)
then device.gid
else 1000;
# output =
# if isDarwin
# then self.darwinConfigurations."${device.name}"
@@ -417,13 +430,13 @@
config.allowUnfree = true;
};
in {
packages = rec {
default = neovim;
neovim = pkgs.nixvim.makeNixvim (pkgs.callPackage ./neovim);
};
# packages = rec {
# default = neovim;
# neovim = pkgs.nixvim.makeNixvim (pkgs.callPackage ./neovim);
# };
devShells = {
default = pkgs.mkShell {
packages = with pkgs; [sops just openssl];
packages = with pkgs; [sops just openssl ast-grep];
};
};
}

10
home/accounts/fastmail.nix
View File

@@ -1,4 +1,8 @@
{config, ...}: {
{
config,
pkgs,
...
}: {
sops = {
secrets."accounts/mail/fastmail" = {};
};
@@ -11,6 +15,7 @@
};
primary = true;
address = "email@uttarayan.me";
aliases = ["servius@darksailor.dev"];
userName = address;
realName = "Uttarayan Mondal";
imap = {
@@ -35,5 +40,8 @@
};
};
};
programs.mbsync.enable = true;
services.mbsync.enable = pkgs.stdenv.isLinux;
# accounts.email.accounts.<name>.mbsync.create
# services.mbsync.enable = true;
}

12
home/apps/default.nix
View File

@@ -6,16 +6,17 @@
lib.optionalAttrs device.hasGui {
imports = [
# ./audacity.nix
./blueman.nix
# ./blueman.nix
# ./bottles.nix
./chromium.nix
# ./cursor.nix
./discord.nix
./firefox.nix
./ghostty.nix
./gimp.nix
# ./gimp.nix
# ./guitarix.nix
./hyprpicker.nix
# ./ida.nix
# ./jellyflix.nix
# ./kicad.nix
./kitty.nix
@@ -27,18 +28,19 @@ lib.optionalAttrs device.hasGui {
# ./openscad.nix
./orcaslicer.nix
# ./pcsx2.nix
./prismlauncher.nix
# ./rpcs3.nix
# ./shadps4.nix
./shadps4.nix
./slack.nix
# ./thunderbird.nix
# ./tsukimi.nix
# ./vial.nix
./vicinae.nix
./vlc.nix
./vscode.nix
# ./vscode.nix
./wezterm.nix
./zathura.nix
./zed.nix
./zen.nix
./vicinae.nix
];
}

11
home/apps/discord.nix
View File

@@ -4,9 +4,12 @@
...
}: {
home.packages = lib.optionals pkgs.stdenv.isLinux [
pkgs.discord
pkgs.vesktop
pkgs.discord-canary
pkgs.discord-ptb
(pkgs.discord.override {
withOpenASAR = true;
withVencord = true;
})
# pkgs.vesktop
# pkgs.discord-canary
# pkgs.discord-ptb
];
}

86
home/apps/ghostty.nix
View File

@@ -3,6 +3,7 @@
device,
...
}: {
stylix.targets.ghostty.enable = false;
programs.ghostty = {
enable = device.is "ryu";
installBatSyntax = false;
@@ -11,9 +12,92 @@
"Hasklug Nerd Font Mono"
];
window-decoration = false;
title = "";
title = "ghostty";
command = "fish";
background-opacity = 0.8;
theme = "catppuccin-mocha";
custom-shader = "~/.config/ghostty/shader.glsl";
# custom-shader = toString (pkgs.writeText "shader.glsl"
# /*
# glsl
# */
# ''
# const float CURSOR_ANIMATION_SPEED = 150.0; // ms
# const float TRAILING_CURSORS = 3.0;
# bool at_pos(vec2 fragCoord, vec2 pos, vec2 size) {
# return (pos.x <= fragCoord.x && fragCoord.x <= pos.x + size.x &&
# pos.y - size.y <= fragCoord.y && fragCoord.y <= pos.y);
# }
# void mainImage(out vec4 fragColor, in vec2 fragCoord) {
# // Normalized pixel coordinates (from 0 to 1)
# vec2 uv = fragCoord / iResolution.xy;
# vec2 current_cursor = iCurrentCursor.xy;
# vec2 previous_cursor = iPreviousCursor.xy;
# float time_passed = (iTime - iTimeCursorChange) * 1000.0; // in ms
#
# if (time_passed > CURSOR_ANIMATION_SPEED) {
# // No animation, just render normally
# fragColor = texture(iChannel0, uv);
# return;
# }
# // Animate cursor meovement
# vec4 col = texture(iChannel0, uv);
# // linear interpolation between current and previous cursor position based on time passed
# vec2 animated_cursor_pos = mix(previous_cursor, current_cursor, time_passed / CURSOR_ANIMATION_SPEED);
# // make 3 trailing cursors for smoother animation
# for (int i = 1; i <= int(TRAILING_CURSORS); i++) {
# float t = float(i) / TRAILING_CURSORS;
# vec2 trail_pos = mix(previous_cursor, current_cursor, (time_passed / CURSOR_ANIMATION_SPEED) * t);
# if (at_pos(fragCoord, trail_pos, iCurrentCursor.zw)) {
# col = mix(col, iCurrentCursorColor, t);
# }
# }
#
# // vec4 cursor_color = mix(iPreviousCursorColor, iCurrentCursorColor, time_passed / CURSOR_ANIMATION_SPEED);
# vec4 cursor_color = iCurrentCursorColor; // no color animation for now
# vec2 cursor_size = iCurrentCursor.zw;
# // check if fragCoord is within the animated cursor rectangle
# // y is in the negative direction
# // if (animated_cursor_pos.x <= fragCoord.x && fragCoord.x <= animated_cursor_pos.x + cursor_size.x &&
# // animated_cursor_pos.y - cursor_size.y <= fragCoord.y && fragCoord.y <= animated_cursor_pos.y) {
# // col = cursor_color;
# // }
# if (at_pos(fragCoord, animated_cursor_pos, cursor_size)) {
# col = cursor_color;
# }
#
# fragColor = col;
# }
# '');
};
systemd.enable = true;
themes = {
catppuccin-mocha = {
# background = "1e1e2e";
background = "000000";
cursor-color = "f5e0dc";
foreground = "cdd6f4";
palette = [
"0=#45475a"
"1=#f38ba8"
"2=#a6e3a1"
"3=#f9e2af"
"4=#89b4fa"
"5=#f5c2e7"
"6=#94e2d5"
"7=#bac2de"
"8=#585b70"
"9=#f38ba8"
"10=#a6e3a1"
"11=#f9e2af"
"12=#89b4fa"
"13=#f5c2e7"
"14=#94e2d5"
"15=#a6adc8"
];
selection-background = "353749";
selection-foreground = "cdd6f4";
};
};
};
}

10
home/apps/ida.nix Normal file
View File

@@ -0,0 +1,10 @@
{
pkgs,
lib,
device,
...
}: {
home.packages = lib.optionals (device.is "ryu") [
pkgs.ida-free
];
}

7
home/apps/mpv.nix
View File

@@ -1,6 +1,6 @@
{pkgs, ...}: {
programs.mpv = {
enable = true;
enable = pkgs.stdenv.isLinux;
config = {
vo = "gpu-next";
gpu-api = "vulkan";
@@ -23,10 +23,5 @@
gamut-mapping = "desaturate";
};
};
package =
if pkgs.stdenv.isLinux
then pkgs.mpv-unwrapped.wrapper {mpv = pkgs.mpv-unwrapped.override {sixelSupport = true;};}
else pkgs.mpv;
};
}

13
home/apps/prismlauncher.nix Normal file
View File

@@ -0,0 +1,13 @@
{pkgs, ...}: {
home.packages = with pkgs; [
(prismlauncher.override {
additionalPrograms = [ffmpeg zenity];
jdks = [
# graalvm-ce
zulu8
zulu17
zulu
];
})
];
}

112
home/apps/shadps4.nix
View File

@@ -2,12 +2,122 @@
pkgs,
lib,
...
}: {
}: let
shadps4_qtlauncher = pkgs.fetchFromGitHub {
owner = "shadps4-emu";
repo = "shadps4-qtlauncher";
rev = "1f4e59f6110d5f991cead5a3e9f72671fced2c70";
sha256 = "sha256-AAxj3Eqp7iGJgRgJki/93fln5Z6ae8AydJLGZ6Dbb00=";
fetchSubmodules = true;
};
# diegolixShadps4 = pkgs.fetchFromGitHub {
# owner = "diegolix";
# repo = "shadps4-qtlauncher";
# rev = "a1b2c3d4e5f67890123456789abcdef01234567";
# sha256 = "sha256-PLACEHOLDERFORHASHVALUE1234567890ABCDEFGH=";
# fetchSubmodules = true;
# };
bblauncher = pkgs.fetchFromGitHub {
owner = "rainmakerv3";
repo = "BB_Launcher";
rev = "2280c90974d2d741ce927dfc88f0ecf98c8bd2df";
sha256 = "sha256-jPcIQp2EBAEiaTLvC/OBH0BgcfYv3zo2H7akHJSlPaI=";
fetchSubmodules = true;
};
in {
home.packages = lib.optionals pkgs.stdenv.isLinux [
(pkgs.shadps4.overrideAttrs
(oldAttrs: {
nativeBuildInputs = oldAttrs.nativeBuildInputs ++ [pkgs.cudatoolkit];
buildInputs = oldAttrs.buildInputs ++ [pkgs.cudatoolkit];
}))
(pkgs.stdenv.mkDerivation {
pname = "shadps4-qt";
version = "1.0.0";
src = shadps4_qtlauncher;
nativeBuildInputs = [
pkgs.cmake
pkgs.pkg-config
pkgs.qt6.wrapQtAppsHook
];
buildInputs = [
pkgs.alsa-lib
pkgs.ffmpeg
pkgs.fmt
pkgs.glslang
pkgs.jack2
pkgs.libedit
pkgs.libevdev
pkgs.libpng
pkgs.libpulseaudio
pkgs.libxkbcommon
pkgs.openal
pkgs.openssl
pkgs.qt6.qtbase
pkgs.qt6.qtmultimedia
pkgs.qt6.qttools
pkgs.qt6.qtwayland
pkgs.SDL2
pkgs.sdl3
pkgs.sndio
pkgs.stb
pkgs.udev
pkgs.vulkan-headers
pkgs.vulkan-tools
pkgs.vulkan-utility-libraries
pkgs.wayland
pkgs.wayland-protocols
pkgs.xorg.libxcb
pkgs.xorg.xcbutil
pkgs.xorg.xcbutilkeysyms
pkgs.xorg.xcbutilwm
pkgs.zlib
];
})
(pkgs.stdenv.mkDerivation {
pname = "BBLauncher";
version = "1.0.0";
src = bblauncher;
nativeBuildInputs = [
pkgs.cmake
pkgs.pkg-config
pkgs.qt6.wrapQtAppsHook
];
buildInputs = [
pkgs.alsa-lib
pkgs.ffmpeg
pkgs.fmt
pkgs.glslang
pkgs.jack2
pkgs.libedit
pkgs.libevdev
pkgs.libpng
pkgs.libpulseaudio
pkgs.libxkbcommon
pkgs.openal
pkgs.openssl
pkgs.qt6.qtbase
pkgs.qt6.qtmultimedia
pkgs.qt6.qttools
pkgs.qt6.qtwayland
pkgs.qt6.qtwebview
pkgs.SDL2
pkgs.sdl3
pkgs.sndio
pkgs.stb
pkgs.udev
pkgs.vulkan-headers
pkgs.vulkan-tools
pkgs.vulkan-utility-libraries
pkgs.wayland
pkgs.wayland-protocols
pkgs.xorg.libxcb
pkgs.xorg.xcbutil
pkgs.xorg.xcbutilkeysyms
pkgs.xorg.xcbutilwm
pkgs.zlib
];
})
];
}

12
home/apps/vicinae.nix
View File

@@ -7,10 +7,12 @@
imports = [inputs.vicinae.homeManagerModules.default];
services.vicinae = {
enable = device.is "ryu";
autoStart = true;
extensions = [];
# package = pkgs.vicinae.overrideAttrs (old: {
# patches = [../../patches/vicinae-ctrl-np.patch];
# });
systemd = {
enable = true;
autoStart = true;
};
};
home.packages = with pkgs; [
pulseaudio
];
}

2
home/apps/wezterm.nix
View File

@@ -20,7 +20,7 @@
colors = {
background = "#000000",
},
font_size = 16,
font_size = 13,
initial_cols = 200,
hide_tab_bar_if_only_one_tab = true,
window_background_opacity = 0.8,

2
home/apps/zed.nix
View File

@@ -2,6 +2,7 @@
pkgs,
lib,
device,
stablePkgs,
...
}: {
home.packages = with pkgs; [
@@ -174,6 +175,7 @@
};
}
];
package = pkgs.zed-editor;
extraPackages = with pkgs; [
nixd
nil

22
home/default.nix
View File

@@ -15,12 +15,12 @@
./scripts.nix
./services
./accounts
./fonts.nix
];
xdg.enable = true;
xdg.userDirs = {
enable = device.isLinux;
# music = "${config.home.homeDirectory}/Nextcloud/Music";
};
programs = {
@@ -35,26 +35,6 @@
username = device.user;
homeDirectory = lib.mkForce device.home;
file = {
".config/fish/themes".source = pkgs.catppuccinThemes.fish + "/themes";
".cargo/config.toml".text =
# toml
''
[alias]
lldb = ["with", "rust-lldb", "--"]
t = ["nextest", "run"]
[net]
git-fetch-with-cli = true
[registries.catscii]
index = "https://git.shipyard.rs/catscii/crate-index.git"
[http]
user-agent = "shipyard J0/QFq2Sa5y6nTxJQAb8t+e/3qLSub1/sa3zn0leZv6LKG/zmQcoikT9U3xPwbzp8hQ="
'';
};
sessionVariables = {
EDITOR = "nvim";
SHELL = "${pkgs.bash}/bin/bash";

20
home/fonts.nix Normal file
View File

@@ -0,0 +1,20 @@
{
pkgs,
device,
...
}: {
home.packages = with pkgs;
lib.optionals (!device.isServer) [
monaspace
nerd-fonts.fira-code
nerd-fonts.hasklug
nerd-fonts.symbols-only
noto-fonts
noto-fonts-cjk-sans
noto-fonts-color-emoji
liberation_ttf
fira-code
fira-code-symbols
mplus-outline-fonts.githubRelease
];
}

2
home/module.nix
View File

@@ -1,6 +1,7 @@
{
device,
inputs,
pkgs,
...
}: {
nixpkgs.config.allowUnfree = true;
@@ -12,6 +13,7 @@
inherit inputs;
inherit device;
stablePkgs = inputs.nixpkgs-stable.legacyPackages.${device.system};
cratesNix = inputs.crates-nix.mkLib {inherit pkgs;};
};
users.${device.user}.imports = [
inputs.nixvim.homeModules.nixvim

5
home/programs/1password-cli.nix Normal file
View File

@@ -0,0 +1,5 @@
{pkgs, ...}: {
home.packages = [
pkgs._1password-cli
];
}

82
home/programs/aichat.nix
View File

@@ -1,4 +1,8 @@
{config, ...}: {
{
pkgs,
config,
...
}: {
sops = {
secrets."llama/api_key" = {};
secrets."openai/api_key" = {};
@@ -16,25 +20,30 @@
enableNushellIntegration = false;
settings = {
save_session = true;
model = "openai:gpt-4o";
# model = "ryu:qwen3-coder-30b";
rag_embedding_model = "ollama:RobinBially/nomic-embed-text-8k";
model = "ryu:qwen3:30b-a3b";
rag_embedding_model = "ryu:RobinBially/nomic-embed-text-8k";
clients = [
{
type = "openai-compatible";
name = "mirai";
name = "ryu";
api_base = "https://ollama.darksailor.dev/v1";
api_key_cmd = "cat ${config.sops.secrets."llama/api_key".path}";
models = [
# {
# name = "RobinBially/nomic-embed-text-8k";
# type = "embedding";
# default_chunk_size = 8000;
# }
{
name = "gpt-oss-20b";
name = "gpt-oss:20b";
type = "chat";
}
{
name = "qwen3:30b-a3b";
type = "chat";
}
{
name = "RobinBially/nomic-embed-text-8k";
type = "embedding";
default_chunk_size = 1000;
max_tokens_per_chunk = 8192;
max_batch_size = 100;
}
# {
# name = "deepseek-r1:14b";
# type = "chat";
@@ -45,42 +54,6 @@
# }
];
}
{
type = "openai-compatible";
name = "ryu";
api_base = "https://llama.ryu.darksailor.dev/v1";
models = [
{
name = "qwen3-coder-30b";
type = "chat";
}
# {
# name = "RobinBially/nomic-embed-text-8k";
# type = "embedding";
# default_chunk_size = 8000;
# }
# {
# name = "deepseek-r1:7b";
# type = "chat";
# }
# {
# name = "qwen3:30b-a3b";
# type = "chat";
# }
# {
# name = "deepseek-r1:14b";
# type = "chat";
# }
# {
# name = "qwen3:8b";
# type = "chat";
# }
# {
# name = "qwen3:14b";
# type = "chat";
# }
];
}
{
type = "gemini";
name = "gemini";
@@ -166,18 +139,29 @@
};
}
];
document_loaders = {
git =
/*
sh
*/
''sh -c "yek $1 --json | jq '[.[] | { path: .filename, contents: .content }]'"'';
};
};
roles = {
"%git-commit%" =
"git-commit" =
/*
md
*/
''
---
model: openai:gpt-4o
model: ryu:gpt-oss:20b
---
Your task is to generate a concise and informative commit message based on the provided diff. Use the conventional commit format, which includes a type (feat, fix, chore, docs, style, refactor, perf, test) and an optional scope. The message should be in the imperative mood and should not exceed 72 characters in the subject line. Do not under any circumstance include any additional text or explanations, just add the commit message.
'';
};
extraPackages = with pkgs; [
jq
yek
];
};
}

1
home/programs/alejandra.nix Normal file
View File

@@ -0,0 +1 @@
{pkgs, ...}: {home.packages = [pkgs.alejandra];}

1
home/programs/aria2.nix Normal file
View File

@@ -0,0 +1 @@
{pkgs, ...}: {home.packages = [pkgs.aria2];}

1
home/programs/ast-grep.nix Normal file
View File

@@ -0,0 +1 @@
{pkgs, ...}: {home.packages = [pkgs.ast-grep];}

40
home/programs/atuin.nix
View File

@@ -9,9 +9,49 @@
auto_sync = true;
sync_frequency = "1m";
sync_address = "https://atuin.darksailor.dev";
sync = {
records = true;
};
daemon = {
enabled = true;
};
};
enable = true;
enableFishIntegration = true;
enableNushellIntegration = true;
};
systemd.user.services.atuin-daemon = {
Unit = {
Description = "Atuin Daemon";
After = ["network.target"];
};
Install = {
WantedBy = ["default.target"];
};
Service = {
ExecStart = "${pkgs.atuin}/bin/atuin daemon";
Restart = "on-failure";
RestartSec = "10s";
# Environment = lib.mkForce "ATUIN_DATA_DIR=${device.home}/.local/share/atuin";
};
};
launchd.agents.atuin-daemon = {
enable = true;
config = {
# A label for the service
Label = "dev.darksailor.atuin-daemon";
# The command to run
ProgramArguments = [
"${pkgs.atuin}/bin/atuin"
"daemon"
];
# Run the service when you log in
RunAtLoad = true;
# Keep the process alive, or restart if it dies
KeepAlive = true;
# Log files
StandardOutPath = "${device.home}/Library/Logs/atuin-daemon.log";
StandardErrorPath = "${device.home}/Library/Logs/atuin-daemon.error.log";
};
};
}

10
home/programs/bat.nix
View File

@@ -1,11 +1,5 @@
{
pkgs,
lib,
device,
...
}: {
programs.
bat = {
{...}: {
programs.bat = {
enable = true;
# extraPackages = with pkgs.bat-extras; [batman batgrep batwatch];
};

1
home/programs/binwalk.nix Normal file
View File

@@ -0,0 +1 @@
{pkgs, ...}: {home.packages = [pkgs.binwalk];}

1
home/programs/bottom.nix Normal file
View File

@@ -0,0 +1 @@
{pkgs, ...}: {home.packages = [pkgs.bottom];}

1
home/programs/btop.nix Normal file
View File

@@ -0,0 +1 @@
{pkgs, ...}: {home.packages = [pkgs.btop];}

1
home/programs/cachix.nix Normal file
View File

@@ -0,0 +1 @@
{pkgs, ...}: {home.packages = [pkgs.cachix];}

27
home/programs/cargo.nix Normal file
View File

@@ -0,0 +1,27 @@
{
lib,
device,
cratesNix,
...
}:
lib.mkIf (!device.isServer) {
home.file.".cargo/config.toml".text =
# toml
''
[alias]
lldb = ["with", "rust-lldb", "--"]
t = ["nextest", "run"]
[net]
git-fetch-with-cli = true
[registries.kellnr]
index = "sparse+https://crates.darksailor.dev/api/v1/crates/"
[registry]
global-credential-providers = ["cargo:token", "/etc/profiles/per-user/fs0c131y/bin/cargo-credential-1password --account my.1password.com"]
'';
home.packages = [
(cratesNix.buildCrate "cargo-credential-1password" {})
];
}

96
home/programs/default.nix
View File

@@ -5,99 +5,75 @@
}: {
imports = [
../../modules
./1password-cli.nix
./aichat.nix
./alejandra.nix
./aria2.nix
./ast-grep.nix
./atuin.nix
./bat.nix
./bluetui.nix
./bottom.nix
./btop.nix
./cachix.nix
./carapace.nix
./ddcbacklight.nix
./deploy-rs.nix
./direnv.nix
./dust.nix
./eilmeldung.nix
./eza.nix
./fastfetch.nix
./fd.nix
./file.nix
./fish.nix
./fzf.nix
./gh.nix
./git.nix
./gnupg.nix
./himalaya.nix
./mpd.nix
./hyprshade.nix
./jq.nix
./just.nix
./ncpamixer.nix
./nh.nix
./neomutt.nix
./neovim.nix
./nix-index.nix
./nushell.nix
./omnix.nix
./retroarch.nix
./opencode.nix
./p7zip.nix
./pkg-config.nix
./ripgrep.nix
./rustup.nix
./ryujinx.nix
./sd.nix
./sops.nix
./ssh.nix
./starship.nix
./sxiv.nix
./tea.nix
./television.nix
./tmux.nix
./tuifeed.nix
./uv.nix
./xh.nix
./yazi.nix
./yt-dlp.nix
./zoxide.nix
./neovim.nix
./opencode.nix
# ./bluetui.nix
# ./goread.nix
# ./helix.nix
# ./magika.nix
# ./mpd.nix
# ./mpris-scrobbler.nix
# ./ncmpcpp.nix
# ./neomutt.nix
# ./neovim.nix
# ./newsboat.nix
# ./nh.nix
# ./omnix.nix
# ./retroarch.nix
# ./ryujinx.nix
# ./sxiv.nix
# ./tea.nix
# ./template.nix
# ./tuifeed.nix
# ./xh.nix
# ./zellij.nix
./dysk.nix
./binwalk.nix
./cargo.nix
];
home.packages = with pkgs;
[
_1password-cli
asciidoctor
alejandra
aria2
ast-grep
bottom
btop
cachix
deploy-rs.deploy-rs
dust
fd
file
fzf
gnupg
gpg-tui
jq
just
macchina
nb
p7zip
pandoc
pfetch-rs
pkg-config
ripgrep
sd
tldr
# vcpkg-tool
]
++ lib.optionals (!device.isServer) [
monaspace
nerd-fonts.fira-code
nerd-fonts.hasklug
nerd-fonts.symbols-only
noto-fonts
noto-fonts-cjk-sans
noto-fonts-color-emoji
liberation_ttf
fira-code
fira-code-symbols
mplus-outline-fonts.githubRelease
]
++ lib.optionals device.isLinux []
++ lib.optionals device.isDarwin [];
}

1
home/programs/deploy-rs.nix Normal file
View File

@@ -0,0 +1 @@
{pkgs, ...}: {home.packages = [pkgs.deploy-rs.deploy-rs];}

1
home/programs/dust.nix Normal file
View File

@@ -0,0 +1 @@
{pkgs, ...}: {home.packages = [pkgs.dust];}

1
home/programs/dysk.nix Normal file
View File

@@ -0,0 +1 @@
{pkgs, ...}: {home.packages = [pkgs.dysk];}

41
home/programs/eilmeldung.nix Normal file
View File

@@ -0,0 +1,41 @@
{
inputs,
device,
...
}: {
imports = [
inputs.eilmeldung.homeManager.default
];
programs.eilmeldung = {
enable = device.is "ryu";
settings = {
refresh_fps = 60;
article_scope = "unread";
theme = {
color_palette = {
background = "#1e1e2e";
# // ...
};
};
input_config.mappings = {
"q" = ["quit"];
"j" = ["down"];
"k" = ["up"];
"g g" = ["gotofirst"];
"G" = ["gotolast"];
"o" = ["open" "read" "nextunread"];
};
feed_list = [
"query: \"Today Unread\" today unread"
"query: \"Today Marked\" today marked"
"feeds"
"* categories"
"tags"
];
};
};
}

1
home/programs/fastfetch.nix
View File

@@ -13,6 +13,7 @@ in {
settings = {
logo = lib.mkIf (device.is "ryu") {
source = nextcloudWallpapers "hornet.png";
type = "kitty";
width = 70;
};
modules = [

1
home/programs/fd.nix Normal file
View File

@@ -0,0 +1 @@
{pkgs, ...}: {home.packages = [pkgs.fd];}

1
home/programs/file.nix Normal file
View File

@@ -0,0 +1 @@
{pkgs, ...}: {home.packages = [pkgs.file];}

23
home/programs/fish.nix
View File

@@ -4,8 +4,11 @@
device,
config,
...
}: {
stylix.targets.fish.enable = false;
}:
{
home.file = {
".config/fish/themes".source = pkgs.catppuccinThemes.fish + "/themes";
};
programs.fish = {
enable = true;
shellAbbrs = {
@@ -21,21 +24,16 @@
# t = "zellij a -c --index 0";
t = "tmux";
};
shellAliases =
{
g = "git";
}
// lib.optionalAttrs pkgs.stdenv.isLinux {
kmpv = "mpv --vo-kitty-use-shm=yes --vo=kitty --really-quiet";
smpv = "mpv --vo-sixel-buffered=yes --vo=sixel --profile=sw-fast";
};
shellAliases = {
g = "git";
};
shellInit = ''
set fish_greeting
yes | fish_config theme save "Catppuccin Mocha"
'';
# ${pkgs.spotify-player}/bin/spotify_player generate fish | source
interactiveShellInit = ''
${pkgs.pfetch-rs}/bin/pfetch
if test -n "$TMUX"; ${lib.getExe pkgs.fastfetch} --logo-type sixel; else ${lib.getExe pkgs.fastfetch}; end
# ${pkgs.nb}/bin/nb todo undone
${lib.optionalString (device.isLinux && !device.isNix) "source /etc/profile.d/nix-daemon.fish"}
${lib.optionalString (device.is "ryu") ''
@@ -46,3 +44,6 @@
'';
};
}
// lib.optionalAttrs (!(device.is "tsuba")) {
stylix.targets.fish.enable = false;
}

14
home/programs/fzf.nix
View File

@@ -1,13 +1 @@
{
pkgs,
lib,
device,
...
}: {
programs.fzf = {
enable = true;
package = pkgs.fzf;
enableFishIntegration = true;
tmux.enableShellIntegration = true;
};
}
{pkgs, ...}: { home.packages = [pkgs.fzf];}

4
home/programs/git.nix
View File

@@ -10,8 +10,8 @@ lib.optionalAttrs (!(device.is "tsuba")) {
enable = true;
lfs.enable = true;
settings = {
user.name = "uttarayan21";
user.email = config.accounts.email.accounts.fastmail.address;
user.name = "servius";
user.email = builtins.elemAt config.accounts.email.accounts.fastmail.aliases 0;
user.signingkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJfKKrX8yeIHUUury0aPwMY6Ha+BJyUR7P0Gqid90ik/";
color.ui = true;
core.editor = "nvim";

1
home/programs/gnupg.nix Normal file
View File

@@ -0,0 +1 @@
{pkgs, ...}: {home.packages = [pkgs.gnupg];}

6
home/programs/himalaya.nix
View File

@@ -1,13 +1,13 @@
{device, ...}: {
{config, ...}: {
programs.himalaya = {
enable = true;
};
accounts.email.accounts.fastmail.himalaya = {
enable = true;
settings = {
downloads-dir = "${device.home}/Mail";
downloads-dir = "${config.home.homeDirectory}/Mail/fastmail";
backend.type = "maildir";
backend.root-dir = "~/Mail";
backend.root-dir = "${config.home.homeDirectory}/Mail/fastmail";
};
};
}

10
home/programs/hyprshade.nix Normal file
View File

@@ -0,0 +1,10 @@
{
pkgs,
device,
...
}: {
home.packages = with pkgs;
lib.mkIf (device.is "ryu") [
hyprshade
];
}

1
home/programs/jq.nix Normal file
View File

@@ -0,0 +1 @@
{pkgs, ...}: {home.packages = [pkgs.jq];}

1
home/programs/just.nix Normal file
View File

@@ -0,0 +1 @@
{pkgs, ...}: {home.packages = [pkgs.just];}

17
home/programs/neomutt.nix
View File

@@ -1,9 +1,20 @@
{pkgs, ...}: {
programs.neomutt = {
enable = false;
enable = true;
vimKeys = true;
editor = "nvim";
# sidebar = {
# };
sidebar = {
enable = true;
};
};
programs.notmuch = {
enable = true;
};
accounts.email.accounts.fastmail.neomutt = {
enable = true;
};
accounts.email.accounts.fastmail.notmuch = {
enable = true;
neomutt.enable = true;
};
}

7
home/programs/neovim.nix
View File

@@ -4,8 +4,8 @@
stablePkgs,
lib,
...
}: {
stylix.targets.nixvim.enable = false;
}:
{
programs = lib.optionalAttrs (device.is "ryu" || device.is "kuro" || device.is "mirai" || device.is "tako" || device.is "shiro") {
nixvim =
{
@@ -19,3 +19,6 @@
// (import ./../../neovim {inherit pkgs stablePkgs;});
};
}
// lib.optionalAttrs (!(device.is "tsuba")) {
stylix.targets.nixvim.enable = false;
}

1
home/programs/p7zip.nix Normal file
View File

@@ -0,0 +1 @@
{pkgs, ...}: {home.packages = [pkgs.p7zip];}

1
home/programs/pkg-config.nix Normal file
View File

@@ -0,0 +1 @@
{pkgs, ...}: {home.packages = [pkgs.pkg-config];}

1
home/programs/ripgrep.nix Normal file
View File

@@ -0,0 +1 @@
{pkgs, ...}: {home.packages = [pkgs.ripgrep];}

1
home/programs/sd.nix Normal file
View File

@@ -0,0 +1 @@
{pkgs, ...}: {home.packages = [pkgs.sd];}

8
home/programs/sops.nix
View File

@@ -12,4 +12,12 @@
defaultSopsFormat = "yaml";
age.keyFile = "${config.home.homeDirectory}/.config/sops/age/keys.txt";
};
launchd.agents.sops-nix = pkgs.lib.mkIf pkgs.stdenv.isDarwin {
enable = true;
config = {
EnvironmentVariables = {
PATH = pkgs.lib.mkForce "/usr/bin:/bin:/usr/sbin:/sbin";
};
};
};
}

7
home/programs/starship.nix
View File

@@ -3,8 +3,8 @@
lib,
device,
...
}: {
stylix.targets.starship.enable = false;
}:
{
programs.starship = {
enable = true;
enableFishIntegration = true;
@@ -30,3 +30,6 @@
(pkgs.catppuccinThemes.starship + /palettes/${flavour}.toml));
};
}
// lib.optionalAttrs (!(device.is "tsuba")) {
stylix.targets.starship.enable = false;
}

5
home/programs/yazi.nix
View File

@@ -1,4 +1,4 @@
{...}: {
{config, ...}: {
programs. yazi = {
enable = true;
enableFishIntegration = true;
@@ -13,6 +13,9 @@
}
];
};
preview = {
cache_dir = config.home.homeDirectory + "/.cache/yazi/previews";
};
};
};
}

31
home/services/command-runner.nix
View File

@@ -1,31 +0,0 @@
{
config,
lib,
pkgs,
inputs,
...
}: {
imports = [
inputs.command-runner.homeManagerModules.command-runner
];
services.command-runner = {
enable = true;
port = 5599;
database.path = "${config.home.homeDirectory}/.local/share/command-runner.db";
commands = let
hyprctl = "${pkgs.hyprland}/bin/hyprctl";
in
{
"display_on" = [hyprctl "-i" "{instance}" "dispatch" "dpms" "on"];
"display_off" = [hyprctl "-i" "{instance}" "dispatch" "dpms" "off"];
"display_toggle" = [hyprctl "-i" "{instance}" "dispatch" "dpms" "toggle"];
"display_status" = [hyprctl "-i" "{instance}" "-j" "monitors"];
"hyprland_instance" = [hyprctl "-j" "instances"];
}
// (builtins.foldl' (acc: elem: acc // elem) {} (lib.map (name: {
"display_on_${name}" = [hyprctl "-i" "{instance}" "dispatch" "dpms" "on" name];
"display_off_${name}" = [hyprctl "-i" "{instance}" "dispatch" "dpms" "off" name];
"display_toggle_${name}" = [hyprctl "-i" "{instance}" "dispatch" "dpms" "toggle" name];
}) ["HDMI-A-1" "DP-3" "DP-1"]));
};
}

7
home/services/default.nix
View File

@@ -4,14 +4,15 @@
./swayosd.nix
./kdeconnect.nix
./gtk.nix
./anyrun.nix
# ./ironbar
# ./anyrun.nix
./ironbar
./gui.nix
./eww.nix
# ./eww.nix
./xdg.nix
./hyprmon.nix
./hyprland.nix
./hyprpaper.nix
./remmina.nix
# ./wallpaperengine.nix
];
}

27
home/services/gui.nix
View File

@@ -2,24 +2,8 @@
pkgs,
device,
lib,
inputs,
...
}: {
systemd.user.services.onepassword-gui = lib.optionalAttrs (device.is "ryu") {
Unit = {
Description = "1Password GUI";
BindsTo = ["graphical-session.target"];
After = ["graphical-session-pre.target"];
};
Service = {
ExecStart = "${pkgs._1password-gui}/bin/1password";
Restart = "always";
};
Install = {
WantedBy = ["graphical-session.target"];
};
};
home.packages = with pkgs;
lib.optionals (device.is "ryu") [
nautilus
@@ -28,18 +12,9 @@
# polkit_gnome
seahorse
signal-desktop
# sony-headphones-client
sony-headphones-client
spotify
steam-run
wl-clipboard
# (prismlauncher.override {
# additionalPrograms = [ffmpeg zenity];
# jdks = [
# # graalvm-ce
# zulu8
# zulu17
# zulu
# ];
# })
];
}

24
home/services/hyprland.nix
View File

@@ -35,13 +35,15 @@
settings = {
# source = "${pkgs.catppuccinThemes.hyprland}/themes/mocha.conf";
render = {
direct_scanout = true;
cm_fs_passthrough = 1;
cm_auto_hdr = 1;
};
experimental = {
xx_color_management_v4 = true;
cm_enabled = true;
direct_scanout = 2; # 0 - off; 1 - on; 2 - auto based on `game`
cm_fs_passthrough = 1; # 0 - off; 1 - always; 2 - hdr only
send_content_type = true; # automatic monitor mode switch
cm_auto_hdr = 1; # 0 - off; 1 - switch to cm,hdr 2; 2 - switch to cm,hdredid
};
# experimental = {
# xx_color_management_v4 = true;
# };
monitorv2 = [
{
output = device.monitors.primary;
@@ -123,12 +125,12 @@
bezier = "myBezier, 0.05, 0.9, 0.1, 1.05";
animation = [
"windows, 1, 7, myBezier"
"windowsOut, 1, 7, default, popin 80%"
"windows, 1, 2, myBezier"
"windowsOut, 1, 2, default, popin 80%"
"border, 1, 10, default"
"borderangle, 1, 8, default"
"fade, 1, 7, default"
"workspaces, 1, 6, default"
"fade, 1, 2, default"
"workspaces, 1, 2, default"
];
};
@@ -189,7 +191,7 @@
bind = [
# Example binds, see https://wiki.hyprland.org/Configuring/Binds/ for more
"$mainMod, Return, exec, ${lib.getExe pkgs.kitty}"
"$mainModShift, Return, exec, ${lib.getExe pkgs.wezterm}"
"$mainModShift, Return, exec, ${lib.getExe pkgs.ghostty}"
# "$mainModShift, Return, exec, ${pkgs.foot}/bin/foot"
"$mainModShift, Q, killactive,"
"$mainModShift, s, exec, ${lib.getExe pkgs.hyprshot} -m region -o ~/Pictures/Screenshots/"

34
home/services/hyprpaper.nix
View File

@@ -4,25 +4,31 @@
config,
...
}: {
imports = [
../../modules/hyprpaper.nix
];
programs.hyprpaper = let
services.hyprpaper = let
wallpapers = import ../../utils/wallhaven.nix {inherit pkgs;};
nextcloudWallpapers = name: config.home.homeDirectory + "/Nextcloud/Wallpapers/" + name;
silksongFleas = nextcloudWallpapers "silksong-fleas.jpg";
silksongShadeLord = nextcloudWallpapers "silksong-shadelord.jpg";
in rec {
in {
enable = device.is "ryu";
systemd.enable = true;
systemd.target = "hyprland-session.target";
settings.preload =
wallpapers.all
++ pkgs.lib.mapAttrsToList (_: value: value) settings.wallpapers;
settings.wallpapers = {
"${device.monitors.primary}" = silksongShadeLord;
"${device.monitors.secondary}" = wallpapers.frieren_3;
"${device.monitors.tertiary}" = silksongFleas;
settings = {
wallpaper = [
{
monitor = device.monitors.primary;
path = silksongShadeLord;
fit_mode = "cover";
}
{
monitor = device.monitors.secondary;
path = wallpapers.frieren_3;
fit_mode = "cover";
}
{
monitor = device.monitors.tertiary;
path = silksongFleas;
fit_mode = "cover";
}
];
};
};
}

7
home/services/remmina.nix Normal file
View File

@@ -0,0 +1,7 @@
{device, ...}: {
services.remmina = {
enable = device.is "ryu";
systemdService.enable = true;
addRdpMimeTypeAssoc = true;
};
}

7
home/services/xdg.nix
View File

@@ -3,12 +3,11 @@
lib,
device,
...
}:
lib.optionalAttrs (device.is "ryu") {
}: {
xdg.portal = {
enable = pkgs.stdenv.isLinux;
enable = device.is "ryu";
config = {
hyprland.default = ["kde" "hyprland"];
hyprland.default = ["hyprland"];
common.default = ["*" "hyprland"];
};
extraPortals = with pkgs; [

15
justfile
View File

@@ -1,12 +1,13 @@
set dotenv-load
[macos]
install:
sudo nix run nix-darwin -- switch --flake .
[linux]
install:
sudo nixos-rebuild switch --flake . --builders '' --max-jobs 1
install cores='32':
sudo nixos-rebuild switch --flake . --builders '' --max-jobs 1 --cores {{cores}}
[macos]
build:
@@ -30,3 +31,13 @@ nvim:
[linux]
rollback:
sudo nixos-rebuild switch --rollback --flake .
add program:
echo '{pkgs, ...}: { home.packages = [pkgs.{{program}}];}' > home/programs/{{program}}.nix
# https://ast-grep.github.io/advanced/pattern-parse.html#incomplete-pattern-code
# Since the imports doesn't match the whole pattern we need to use the selector binding and the attr expression to match it properly.
ast-grep run -p '{ imports = [$$$ITEMS] }' --selector binding --rewrite 'imports = [$$$ITEMS ./{{program}}.nix ]' home/programs/default.nix -i
alejandra fmt home/programs/{{program}}.nix home/programs/default.nix
git add home/programs/{{program}}.nix

10
modules/aichat.nix
View File

@@ -81,6 +81,14 @@ in {
type = lib.types.attrsOf lib.types.str;
description = "Roles for the AI chat clients";
};
extraPackages = mkOption {
type = lib.types.listOf lib.types.package;
default = [];
example = literalExpression "with pkgs; [ jq yek ];";
description = ''
Additional packages to install.
'';
};
};
};
@@ -99,7 +107,7 @@ in {
'';
};
in {
home.packages = mkIf cfg.enable [aichat-wrapped];
home.packages = mkIf cfg.enable ([aichat-wrapped] ++ cfg.extraPackages);
programs.fish.interactiveShellInit = mkIf cfg.enableFishIntegration fishIntegration;
programs.bash.initExtra = mkIf cfg.enableBashIntegration bashIntegration;

6
modules/default.nix
View File

@@ -4,10 +4,10 @@
...
}: {
imports = [
./goread.nix
./hyprpaper.nix
# ./goread.nix
# ./hyprpaper.nix
# ./aichat.nix
./tuifeed.nix
# ./tuifeed.nix
#./ghostty.nix
# ./sketchybar.nix
];

104
modules/hyprpaper.nix
View File

@@ -1,104 +0,0 @@
{
pkgs,
config,
lib,
...
}:
with lib; let
cfg = config.programs.hyprpaper;
in {
options = {
programs.hyprpaper = {
enable = mkEnableOption "Hyprpaper - Wayland wallpaper utility";
systemd = {
enable = mkEnableOption "autostart service for Hyprpaper";
target = mkOption {
type = types.str;
default = "graphical-session.target";
example = "hyprland-session.target";
description = ''
The systemd target that will automatically start the Hyprpaper service.
'';
};
};
settings = with types; {
preload = mkOption {
type = listOf path;
default = [];
description = ''
Wallpaper images that should be preloaded into memory
'';
example = [./wallpapers/tensura.png];
};
wallpapers = mkOption {
type = attrsOf str;
default = {};
example = {"DP-1" = ./wallpapers/tensura.png;};
description = ''
Wallpaper to monitor mapper
'';
};
extraConfig = mkOption {
type = str;
default = "";
description = "Check https://github.com/hyprwm/hyprpaper#usage for info";
example = ''
newConfigOption = foo,bar
'';
};
};
};
};
config = {
home.packages = mkIf cfg.enable [pkgs.hyprpaper];
systemd.user.services.hyprpaper = mkIf cfg.systemd.enable {
Unit = {
Description = "autostart service for Hyprpaper";
Documentation = "https://github.com/hyprwm/hyprpaper";
BindsTo = ["graphical-session.target"];
After = ["graphical-session-pre.target"];
};
Service = {
ExecStart = "${pkgs.hyprpaper}/bin/hyprpaper";
ExecReload = "${pkgs.coreutils}/bin/kill -SIGUSR2 $MAINPID";
Restart = "on-failure";
KillMode = "mixed";
};
Install = {WantedBy = [cfg.systemd.target];};
};
xdg.configFile = mkIf cfg.enable {
"hypr/hyprpaper.conf".text = ''
# Auto-generated by Nix home-manager module
# hyprpaper.settings.preload
${(lists.foldl (acc: v:
acc
+ ''
preload = ${v}
'') ""
cfg.settings.preload)}
# hyprpaper.settings.wallpapers
${(lists.foldl (acc: v:
acc
+ ''
wallpaper = ${v}
'') "" (pkgs.lib.attrsets.mapAttrsToList (name: val: name + "," + val)
cfg.settings.wallpapers))}
# hyprpaper.settings.extraConfig
${cfg.settings.extraConfig}
'';
};
};
}

71
neovim/default.nix
View File

@@ -1,8 +1,4 @@
{
pkgs,
stablePkgs,
...
}: let
{pkgs, ...}: let
mkMappings = mappings:
[]
++ (pkgs.lib.optionals (builtins.hasAttr "normal" mappings) (mkMode mappings.normal "n"))
@@ -17,16 +13,6 @@
mode = mode;
})
mappings;
border = [
""
""
""
""
""
""
""
""
];
rawLua = lua: {
"__raw" = ''
${lua}
@@ -60,7 +46,20 @@ in {
colorschemes = {
catppuccin = {
enable = true;
settings.flavour = "mocha";
settings = {
flavour = "mocha";
integrations = {
cmp = true;
gitsigns = true;
nvimtree = true;
treesitter = true;
notify = true;
mini = {
enabled = true;
indentscope_color = "";
};
};
};
};
};
keymaps = mkMappings {
@@ -330,10 +329,6 @@ in {
settings.image_provider = "image.nvim";
};
markdown-preview = {
enable = true;
};
noice = {
enable = true;
settings = {
@@ -362,18 +357,18 @@ in {
additional_vim_regex_highlighting = true;
};
};
folding = true;
grammarPackages =
(with pkgs.tree-sitter-grammars; [
tree-sitter-norg
tree-sitter-norg-meta
tree-sitter-just
tree-sitter-nu
tree-sitter-pest
tree-sitter-slint
])
++ pkgs.vimPlugins.nvim-treesitter.allGrammars;
nixGrammars = true;
folding.enable = true;
# grammarPackages =
# (with pkgs.tree-sitter-grammars; [
# tree-sitter-norg
# tree-sitter-norg-meta
# tree-sitter-just
# tree-sitter-nu
# tree-sitter-pest
# tree-sitter-slint
# ])
# ++ pkgs.vimPlugins.nvim-treesitter.allGrammars;
# nixGrammars = true;
};
telescope = {
@@ -407,6 +402,15 @@ in {
};
};
tv = {
enable = true;
settings = {
global_keybindings = {
channels = "<leader>tv";
};
};
};
fidget = {
enable = true;
settings.notification.override_vim_notify = true;
@@ -543,6 +547,8 @@ in {
sqls.enable = true;
pyright.enable = true;
slint_lsp.enable = true;
wgsl_analyzer.enable = true;
glsl_analyzer.enable = true;
# sourcekit.enable = true;
openscad_lsp.enable = true;
tinymist.enable = true;
@@ -851,6 +857,5 @@ in {
pkgs.lua
pkgs.ripgrep
pkgs.nodejs-slim
pkgs.qwen-code
];
}

33
neovim/overlays.nix
View File

@@ -47,36 +47,3 @@ in [
vimPlugins
tree-sitter-grammars
]
# tree-sitter-grammars = final: prev: {
# tree-sitter-grammars =
# prev.tree-sitter-grammars
# // {
# # tree-sitter-just = final.pkgs.tree-sitter.buildGrammar {
# # language = "just";
# # version = "1";
# # src = inputs.tree-sitter-just;
# # };
# # tree-sitter-nu = final.pkgs.tree-sitter.buildGrammar {
# # language = "nu";
# # version = "1";
# # src = inputs.tree-sitter-nu;
# # };
# tree-sitter-d2 = final.pkgs.tree-sitter.buildGrammar {
# language = "d2";
# version = "1";
# src = inputs.tree-sitter-d2;
# };
# };
# };
# vimPlugins = final: prev: {
# vimPlugins =
# prev.vimPlugins
# // {
# d2 = final.pkgs.vimUtils.buildVimPlugin {
# name = "d2";
# version = "1";
# src = inputs.d2;
# };
# };
# };

1
nixos/default.nix
View File

@@ -31,6 +31,7 @@
./${device.name}/configuration.nix
../home/module.nix
./documentation.nix
{nixpkgs.overlays = overlays;}
../sops.nix
../stylix.nix

7
nixos/documentation.nix Normal file
View File

@@ -0,0 +1,7 @@
{...}: {
documentation.enable = true;
documentation.man.enable = true;
documentation.dev.enable = true;
documentation.doc.enable = true;
documentation.nixos.enable = true;
}

186
nixos/mirai/configuration.nix
View File

@@ -1,186 +0,0 @@
{
config,
pkgs,
device,
...
}: {
imports = [
# Include the results of the hardware scan.
./services
./mirai.nix
# ./docker.nix
];
virtualisation.docker.enable = true;
# virtualisation.podman = {
# enable = true;
# dockerSocket.enable = true;
# defaultNetwork.dnsname.enable = true;
# };
users.extraUsers.${device.user}.extraGroups = ["docker"];
environment.systemPackages = with pkgs; [
arion
];
security.sudo.wheelNeedsPassword = false;
sops = {
secrets."builder/mirai/cache/private" = {};
secrets.users = {
sopsFile = ../../secrets/users.yaml;
format = "yaml";
key = "";
};
};
# Use the systemd-boot EFI boot loader.
boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true;
nix = {
settings = {
max-jobs = 1;
cores = 8;
auto-optimise-store = true;
extra-experimental-features = "nix-command flakes auto-allocate-uids";
trusted-users = [device.user "remotebuilder"];
trusted-substituters = [
"https://nix-community.cachix.org"
"https://nixos-raspberrypi.cachix.org"
# "https://sh.darksailor.dev"
];
trusted-public-keys = [
"nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs="
"nixos-raspberrypi.cachix.org-1:4iMO9LXa8BqhU+Rpg6LQKiGa2lsNh/j2oiYLNOQ5sPI="
# "mirai:bcVPoFGBZ0i7JAKMXIqLj2GY3CulLC4kP7rQyqes1RM="
];
};
extraOptions = ''
build-users-group = nixbld
extra-nix-path = nixpkgs=flake:nixpkgs
builders-use-substitutes = true
secret-key-files = ${config.sops.secrets."builder/mirai/cache/private".path}
'';
gc = {
automatic = true;
dates = "daily";
options = "--delete-older-than 5d";
};
package = pkgs.nixVersions.latest; # deploy-rs doesn't work with nix >= 2.32
distributedBuilds = true;
};
users.users.${device.user} = {
isNormalUser = true;
extraGroups = ["wheel" "docker" "media"];
openssh.authorizedKeys.keyFiles = [
../../secrets/id_ed25519.pub
../../secrets/id_ios.pub
];
};
users.users.remotebuilder = {
isNormalUser = true;
openssh.authorizedKeys.keyFiles = [
../../secrets/id_ed25519.pub
];
};
users.groups.media = {};
nixpkgs.config.allowUnfree = true;
networking.hostName = "mirai"; # Define your hostname.
# Pick only one of the below networking options.
# networking.wireless.enable = true; # Enables wireless support via wpa_supplicant.
# networking.networkmanager.enable = true; # Easiest to use and most distros use this by default.
# Set your time zone.
time.timeZone = "Europe/Helsinki";
# Configure network proxy if necessary
# networking.proxy.default = "http://user:password@proxy:port/";
# networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain";
# Select internationalisation properties.
# i18n.defaultLocale = "en_US.UTF-8";
# console = {
# font = "Lat2-Terminus16";
# keyMap = "us";
# useXkbConfig = true; # use xkb.options in tty.
# };
# Enable the X11 windowing system.
# services.xserver.enable = true;
# Configure keymap in X11
# services.xserver.xkb.layout = "us";
# services.xserver.xkb.options = "eurosign:e,caps:escape";
# Enable CUPS to print documents.
# services.printing.enable = true;
# Enable sound.
# hardware.pulseaudio.enable = true;
# OR
# services.pipewire = {
# enable = true;
# pulse.enable = true;
# };
# Enable touchpad support (enabled default in most desktopManager).
# services.libinput.enable = true;
# Define a user account. Don't forget to set a password with passwd.
# users.users.alice = {
# isNormalUser = true;
# extraGroups = [ "wheel" ]; # Enable sudo for the user.
# packages = with pkgs; [
# firefox
# tree
# ];
# };
# List packages installed in system profile. To search, run:
# $ nix search wget
# environment.systemPackages = with pkgs; [
# vim # Do not forget to add an editor to edit configuration.nix! The Nano editor is also installed by default.
# wget
# ];
# Some programs need SUID wrappers, can be configured further or are
# started in user sessions.
# programs.mtr.enable = true;
# programs.gnupg.agent = {
# enable = true;
# enableSSHSupport = true;
# };
# List services that you want to enable:
# Enable the OpenSSH daemon.
services.openssh.enable = true;
# Open ports in the firewall.
networking.firewall.allowedTCPPorts = [22 80 443];
# Copy the NixOS configuration file and link it from the resulting system
# (/run/current-system/configuration.nix). This is useful in case you
# accidentally delete configuration.nix.
# system.copySystemConfiguration = true;
# This option defines the first version of NixOS you have installed on this particular machine,
# and is used to maintain compatibility with application data (e.g. databases) created on older NixOS versions.
#
# Most users should NEVER change this value after the initial install, for any reason,
# even if you've upgraded your system to a new NixOS release.
#
# This value does NOT affect the Nixpkgs version your packages and OS are pulled from,
# so changing it will NOT upgrade your system - see https://nixos.org/manual/nixos/stable/#sec-upgrading for how
# to actually do that.
#
# This value being lower than the current NixOS release does NOT mean your system is
# out of date, out of support, or vulnerable.
#
# Do NOT change this value unless you have manually inspected all the changes it would make to your configuration,
# and migrated your data accordingly.
#
# For more information, see `man configuration.nix` or https://nixos.org/manual/nixos/stable/options#opt-system.stateVersion .
system.stateVersion = "24.11"; # Did you read the comment?
}

96
nixos/mirai/disk-config.nix
View File

@@ -1,96 +0,0 @@
{...}: {
disko.devices = {
disk = {
one = {
type = "disk";
device = "/dev/nvme0n1";
content = {
type = "gpt";
partitions = {
ESP = {
priority = 1;
name = "ESP";
size = "1G";
type = "EF00";
content = {
type = "filesystem";
format = "vfat";
mountpoint = "/boot";
mountOptions = ["umask=0077"];
};
};
primary = {
size = "100%";
content = {
type = "lvm_pv";
vg = "pool";
};
};
};
};
};
two = {
type = "disk";
device = "/dev/nvme1n1";
content = {
type = "gpt";
partitions = {
primary = {
size = "100%";
content = {
type = "lvm_pv";
vg = "pool";
};
};
};
};
};
};
lvm_vg = {
pool = {
type = "lvm_vg";
lvs = {
root = {
size = "64G";
lvm_type = "mirror";
content = {
type = "filesystem";
format = "ext4";
mountpoint = "/";
mountOptions = [
"defaults"
];
};
};
nix = {
size = "256G";
lvm_type = "raid0";
content = {
type = "filesystem";
format = "ext4";
mountpoint = "/nix";
};
};
home = {
size = "256G";
lvm_type = "raid0";
content = {
type = "filesystem";
format = "ext4";
mountpoint = "/home";
};
};
media = {
size = "100%";
lvm_type = "raid0";
content = {
type = "filesystem";
format = "ext4";
mountpoint = "/media";
};
};
};
};
};
};
}

69
nixos/mirai/docker.nix
View File

@@ -1,69 +0,0 @@
{
config,
lib,
pkgs,
...
}: {
# virtualisation = {
# docker.enable = true;
# podman.enable = true;
# oci-containers = {
# backend = "podman";
# containers.homeassistant = {
# volumes = ["home-assistant:/config"];
# environment.TZ = "Asia/Kolkata";
# image = "ghcr.io/home-assistant/home-assistant:stable"; # Warning: if the tag does not change, the image will not be updated
# extraOptions = [
# "--network=ha-net"
# ];
# };
# };
# };
# networking.firewall.allowedTCPPorts = [8123];
# environment.systemPackages = with pkgs; [
# docker
# podman
# ];
# services.caddy = {
# enable = true;
# virtualHosts."home.darksailor.dev".extraConfig = ''
# reverse_proxy localhost:8123
# '';
# };
# containers.llama = {
# autoStart = true;
# privateNetwork = true;
# hostAddress = "192.168.100.10";
# localAddress = "192.168.100.11";
# hostAddress6 = "fc00::1";
# localAddress6 = "fc00::2";
# config = {
# config,
# pkgs,
# libs,
# ...
# }: {
# system.stateVersion = "24.11";
# networking = {
# firewall = {
# enable = true;
# allowedTCPPorts = [4000];
# };
# # Use systemd-resolved inside the container
# # Workaround for bug https://github.com/NixOS/nixpkgs/issues/162686
# useHostResolvConf = lib.mkForce false;
# };
# services.resolved.enable = true;
# services.llama-cpp = {
# enable = true;
# host = "127.0.0.1";
# port = 4000;
# model = builtins.fetchurl {
# name = "qwen_2.5.1_coder_7b_instruct_gguf";
# sha256 = "61834b88c1a1ce5c277028a98c4a0c94a564210290992a7ba301bbef96ef8eba";
# url = "https://huggingface.co/bartowski/Qwen2.5.1-Coder-7B-Instruct-GGUF/resolve/main/Qwen2.5.1-Coder-7B-Instruct-Q8_0.gguf?download=true";
# };
# };
# };
# };
}

64
nixos/mirai/mirai.nix
View File

@@ -1,64 +0,0 @@
# Do not modify this file! It was generated by nixos-generate-config
# and may be overwritten by future invocations. Please make changes
# to /etc/nixos/configuration.nix instead.
{
config,
lib,
pkgs,
modulesPath,
...
}: {
imports = [
(modulesPath + "/installer/scan/not-detected.nix")
./disk-config.nix
];
boot.initrd.availableKernelModules = ["nvme" "xhci_pci" "ahci"];
boot.initrd.kernelModules = ["dm-snapshot"];
boot.kernelModules = ["kvm-amd"];
boot.extraModulePackages = [];
boot.binfmt.emulatedSystems = ["aarch64-linux"];
fileSystems."/var/lib/nextcloud" = {
device = "/media/nextcloud";
options = [
"bind"
];
};
fileSystems."/var/lib/docker" = {
device = "/media/docker";
options = [
"bind"
];
};
fileSystems."/home".neededForBoot = true;
# fileSystems."/" = {
# device = "/dev/disk/by-uuid/8f805d1b-a469-4db8-9ee1-b98ea220714a";
# fsType = "ext4";
# };
#
# fileSystems."/boot" = {
# device = "/dev/disk/by-uuid/D840-A590";
# fsType = "vfat";
# options = ["fmask=0022" "dmask=0022"];
# };
#
# fileSystems."/media" = {
# device = "/dev/disk/by-uuid/cad22fc7-08d2-4650-8d5e-a101e3fd1bd1";
# fsType = "ext4";
# };
swapDevices = [];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
# (the default) this is the recommended approach. When using systemd-networkd it's
# still possible to use this option, but it's recommended to use it in conjunction
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
networking.useDHCP = lib.mkDefault true;
# networking.interfaces.enp6s0.useDHCP = lib.mkDefault true;
nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
hardware.cpu.amd.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
}

17
nixos/mirai/services/attic.nix
View File

@@ -1,17 +0,0 @@
{...}: {
services = {
atticd = {
enable = false;
listen = "/run/attic.sock";
};
caddy = {
virtualHosts."cache.darksailor.dev".extraConfig = ''
reverse_proxy /run/attic.sock {
transport http {
protocol = "fd"
}
}
'';
};
};
}

13
nixos/mirai/services/atuin.nix
View File

@@ -1,13 +0,0 @@
{...}: {
services = {
atuin = {
enable = true;
openRegistration = false;
};
caddy = {
virtualHosts."atuin.darksailor.dev".extraConfig = ''
reverse_proxy localhost:8888
'';
};
};
}

107
nixos/mirai/services/authelia.nix
View File

@@ -1,107 +0,0 @@
{config, ...}: {
sops = {
secrets = let
user = config.systemd.services.authelia-darksailor.serviceConfig.User;
in {
"authelia/servers/darksailor/jwtSecret".owner = user;
"authelia/servers/darksailor/storageEncryptionSecret".owner = user;
"authelia/servers/darksailor/sessionSecret".owner = user;
"authelia/users/servius".owner = user;
"lldap/users/authelia".owner = user;
users.owner = user;
"authelia/oidc/jwks".owner = user;
};
};
services = {
authelia = {
instances.darksailor = {
enable = true;
settings = {
authentication_backend = {
password_reset.disable = false;
password_change.disable = false;
ldap = {
address = "ldap://localhost:389";
timeout = "5s";
base_dn = "dc=darksailor,dc=dev";
user = "cn=authelia,ou=people,dc=darksailor,dc=dev";
users_filter = "(&({username_attribute}={input})(objectClass=person))";
groups_filter = "(&(member={dn})(objectClass=groupOfNames))";
additional_users_dn = "OU=people";
additional_groups_dn = "OU=groups";
};
};
session = {
cookies = [
{
domain = "darksailor.dev";
authelia_url = "https://auth.darksailor.dev";
name = "authelia_session";
}
];
};
access_control = {
default_policy = "one_factor";
rules = let
bypass_api = domain: [
{
inherit domain;
policy = "bypass";
resources = [
"^/api([/?].*)?$"
];
}
{
inherit domain;
policy = "one_factor";
}
];
in
(bypass_api "sonarr.tsuba.darksailor.dev")
++ (bypass_api "radarr.tsuba.darksailor.dev")
++ (bypass_api "lidarr.tsuba.darksailor.dev")
++ (bypass_api "bazarr.tsuba.darksailor.dev")
++ (bypass_api "prowlarr.tsuba.darksailor.dev");
};
storage = {
local = {
path = "/var/lib/authelia-darksailor/authelia.sqlite3";
};
};
theme = "dark";
notifier.filesystem.filename = "/var/lib/authelia-darksailor/authelia-notifier.log";
server = {
address = "0.0.0.0:5555";
endpoints.authz = {
forward-auth = {
implementation = "ForwardAuth";
};
auth-request = {
implementation = "AuthRequest";
};
};
};
};
secrets = {
jwtSecretFile = config.sops.secrets."authelia/servers/darksailor/jwtSecret".path;
storageEncryptionKeyFile = config.sops.secrets."authelia/servers/darksailor/storageEncryptionSecret".path;
sessionSecretFile = config.sops.secrets."authelia/servers/darksailor/sessionSecret".path;
oidcHmacSecretFile = config.sops.secrets."authelia/servers/darksailor/sessionSecret".path;
oidcIssuerPrivateKeyFile = config.sops.secrets."authelia/oidc/jwks".path;
};
environmentVariables = {
AUTHELIA_AUTHENTICATION_BACKEND_LDAP_PASSWORD_FILE = config.sops.secrets."lldap/users/authelia".path;
};
};
};
caddy = {
virtualHosts."auth.darksailor.dev".extraConfig = ''
reverse_proxy localhost:5555 {
# header_up Host {http.request.header.X-Forwarded-Host}
# header_up X-Forwarded-Host {http.request.header.X-Forwarded-Host}
# header_up X-Forwarded-Proto {http.request.header.X-Forwarded-Proto}
}
'';
};
};
}

15
nixos/mirai/services/caddy.nix
View File

@@ -1,15 +0,0 @@
{...}: {
services = {
caddy = {
enable = true;
extraConfig = ''
(auth) {
forward_auth localhost:5555 {
uri /api/authz/forward-auth?authelia_url=https://auth.darksailor.dev
copy_headers Remote-User Remote-Groups Remote-Name Remote-Email
}
}
'';
};
};
}

30
nixos/mirai/services/default.nix
View File

@@ -1,30 +0,0 @@
{...}: {
imports = [
# ./atuin.nix
# ./authelia.nix
# ./caddy.nix
# ./excalidraw.nix
# ./fail2ban.nix
# ./flaresolverr.nix
# ./games
# ./gitea.nix
# ./homepage.nix
# # ./immich.nix
# ./immich.nix
# # ./llama.nix
# ./lldap.nix
# ./nextcloud.nix
# # ./paperless.nix
# ./prowlarr.nix
# ./resolved.nix
# ./searxng.nix
./tailscale.nix
# ./headscale.nix
# ./shitpost.nix
];
services = {
nix-serve = {
enable = true;
};
};
}

30
nixos/mirai/services/excalidraw.nix
View File

@@ -1,30 +0,0 @@
{...}: {
virtualisation.oci-containers = {
backend = "docker";
containers = {
excalidraw = {
image = "excalidraw/excalidraw:latest";
ports = ["127.0.0.1:5959:80"];
volumes = [];
};
};
};
services.caddy.virtualHosts."draw.darksailor.dev".extraConfig = ''
import auth
reverse_proxy localhost:5959
'';
services.authelia = {
instances.darksailor = {
settings = {
access_control = {
rules = [
{
domain = "draw.darksailor.dev";
policy = "one_factor";
}
];
};
};
};
};
}

22
nixos/mirai/services/fail2ban.nix
View File

@@ -1,22 +0,0 @@
{...}: {
# sops = {
# secrets."ryu/public" = {};
# };
services = {
fail2ban = {
enable = true;
bantime = "24h"; # Ban IPs for one day on the first ban
bantime-increment = {
enable = true; # Enable increment of bantime after each violation
# formula = "ban.Time * math.exp(float(ban.Count+1)*banFactor)/math.exp(1*banFactor)";
multipliers = "1 2 4 8 16 32 64";
maxtime = "168h"; # Do not ban for more than 1 week
overalljails = true; # Calculate the bantime based on all the violations
};
# I'm beind a CG-NAT
ignoreIP = [
"106.219.121.52"
];
};
};
}

8
nixos/mirai/services/flaresolverr.nix
View File

@@ -1,8 +0,0 @@
{stablePkgs, ...}: {
services = {
flaresolverr = {
enable = true;
package = stablePkgs.flaresolverr;
};
};
}

7
nixos/mirai/services/games/default.nix
View File

@@ -1,7 +0,0 @@
{...}: {
imports = [
./minecraft.nix
./satisfactory.nix
./terraria.nix
];
}

56
nixos/mirai/services/games/minecraft.nix
View File

@@ -1,56 +0,0 @@
{
pkgs,
inputs,
...
}: {
# imports = [inputs.nix-minecraft.nixosModules.minecraft-servers];
services = let
whitelist = {
"AbhinavSE" = "8b6c052e-69b3-4bee-b9dc-12eb94653c9e";
"Serveus" = "79882fb6-d594-4073-a3d0-70a01d0abb67";
"__Shun__" = "1c7a300f-98e4-402c-8741-432f3494bb25";
"shashikant" = "20891e82-203c-4d04-9868-79a5879ecfc3";
};
in {
minecraft-server = {
inherit whitelist;
enable = false;
openFirewall = true;
eula = true;
declarative = true;
serverProperties = {
motd = "Servius's Minecraft Server";
level-seed = "4504535438041489910";
view-distance = 24;
white-list = true;
};
package = let
getJavaVersion = v: (builtins.getAttr "openjdk${toString v}" pkgs.javaPackages.compiler).headless;
in
pkgs.minecraft-server.override {
url = "https://piston-data.mojang.com/v1/objects/6e64dcabba3c01a7271b4fa6bd898483b794c59b/server.jar";
sha1 = "sha1-bmTcq7o8AacnG0+mvYmEg7eUxZs=";
version = "1.21.6";
jre_headless = getJavaVersion 21;
};
};
# minecraft-servers = {
# enable = true;
# eula = true;
# openFirewall = true;
# servers.fabric = {
# inherit whitelist;
# enable = true;
# jvmOpts = "-Xmx4G -Xms4G";
# package = pkgs.fabricServers.fabric-1_21_7;
# serverProperties = {
# motd = "Servius's Fabric Minecraft Server";
# server-port = 25567;
# level-seed = "4504535438041489910";
# view-distance = 24;
# white-list = true;
# };
# };
# };
};
}

10
nixos/mirai/services/games/satisfactory.nix
View File

@@ -1,10 +0,0 @@
{...}: {
imports = [
../../../../modules/nixos/satisfactory.nix
];
services.satisfactory = {
# enable = true;
enable = false;
maxPlayers = 4;
};
}

7
nixos/mirai/services/games/terraria.nix
View File

@@ -1,7 +0,0 @@
{...}: {
services.terraria = {
enable = true;
# port = 7777;
autoCreatedWorldSize = "large";
};
}

185
nixos/mirai/services/gitea.nix
View File

@@ -1,185 +0,0 @@
{
lib,
config,
pkgs,
...
}: {
virtualisation.docker.enable = true;
sops = {
# secrets."gitea/registration".owner = config.systemd.services.gitea-actions-mirai.serviceConfig.User;
secrets."gitea/registration" = {};
secrets."authelia/oidc/gitea/client_secret" = {
owner = config.systemd.services.authelia-darksailor.serviceConfig.User;
mode = "0440";
restartUnits = [
"gitea.service"
"authelia-darksailor.service"
];
};
secrets."authelia/oidc/gitea/client_id" = {
owner = config.systemd.services.authelia-darksailor.serviceConfig.User;
mode = "0440";
restartUnits = [
"gitea.service"
"authelia-darksailor.service"
];
};
templates = {
"GITEA_REGISTRATION_TOKEN.env".content = ''
TOKEN=${config.sops.placeholder."gitea/registration"}
'';
"GITEA_OAUTH_SETUP.env".content = ''
CLIENT_ID=${config.sops.placeholder."authelia/oidc/gitea/client_id"}
CLIENT_SECRET=${config.sops.placeholder."authelia/oidc/gitea/client_secret"}
'';
};
};
services = {
gitea = {
enable = true;
lfs.enable = true;
settings = {
service = {
DISABLE_REGISTRATION = false;
ALLOW_ONLY_EXTERNAL_REGISTRATION = true;
SHOW_REGISTRATION_BUTTON = false;
ENABLE_REVERSE_PROXY_AUTHENTICATION = false;
ENABLE_REVERSE_PROXY_AUTO_REGISTRATION = false;
ENABLE_PASSWORD_SIGNIN_FORM = false;
};
repository = {
ENABLE_PUSH_CREATE_USER = true;
};
mailer = {
ENABLED = true;
PROTOCOL = "sendmail";
};
security = {
REVERSE_PROXY_AUTHENTICATION_USER = "REMOTE-USER";
};
server = {
ROOT_URL = "https://git.darksailor.dev";
DOMAIN = "git.darksailor.dev";
# LFS_START_SERVER = true;
LFS_ALLOW_PURE_SSH = true;
};
oauth2_client = {
ENABLE_AUTO_REGISTRATION = true;
ACCOUNT_LINKING = "auto";
OPENID_CONNECT_SCOPES = "openid profile email";
};
openid = {
ENABLE_OPENID_SIGNIN = false;
ENABLE_OPENID_SIGNUP = true;
WHITELISTED_URIS = "auth.darksailor.dev";
};
};
};
# gitea-actions-runner = {
# instances = {
# mirai = {
# enable = true;
# name = "mirai";
# url = "https://git.darksailor.dev";
# labels = [
# "ubuntu-latest:docker://catthehacker/ubuntu:full-latest"
# "ubuntu-22.04:docker://catthehacker/ubuntu:full-22.04"
# "ubuntu-20.04:docker://catthehacker/ubuntu:full-20.04"
# "native:host"
# ];
# tokenFile = "${config.sops.templates."GITEA_REGISTRATION_TOKEN.env".path}";
# };
# };
# };
caddy = {
virtualHosts."git.darksailor.dev".extraConfig = ''
reverse_proxy localhost:3000
'';
};
authelia = {
instances.darksailor = {
settings = {
# access_control = {
# rules = [
# {
# domain = "git.darksailor.dev";
# policy = "bypass";
# resources = [
# "^/api([/?].*)?$"
# ];
# }
# {
# domain = "git.darksailor.dev";
# policy = "one_factor";
# }
# ];
# };
identity_providers = {
oidc = {
clients = [
{
client_name = "Gitea: Darksailor";
client_id = ''{{ secret "${config.sops.secrets."authelia/oidc/gitea/client_id".path}" }}'';
client_secret = ''{{ secret "${config.sops.secrets."authelia/oidc/gitea/client_secret".path}" }}'';
public = false;
authorization_policy = "one_factor";
require_pkce = false;
# pkce_challenge_method = "S256";
redirect_uris = [
"https://git.darksailor.dev/user/oauth2/authelia/callback"
];
scopes = [
"openid"
"email"
"profile"
];
response_types = ["code"];
grant_types = ["authorization_code"];
userinfo_signed_response_alg = "none";
token_endpoint_auth_method = "client_secret_post";
}
];
};
};
};
};
};
};
systemd.services.gitea = {
after = ["sops-install-secrets.service"];
};
# systemd.services."gitea-actions-mirai" = {
# after = ["gitea.service"];
# };
# systemd.services.gitea-oauth-setup = let
# name = "authelia";
# gitea_oauth_script = pkgs.writeShellApplication {
# name = "gitea_oauth2_script";
# runtimeInputs = [config.services.gitea.package];
# text = ''
# gitea admin auth delete --id "$(gitea admin auth list | grep "${name}" | cut -d "$(printf '\t')" -f1)"
# gitea admin auth add-oauth --provider=openidConnect --name=${name} --key="$CLIENT_ID" --secret="$CLIENT_SECRET" --auto-discover-url=https://auth.darksailor.dev/.well-known/openid-configuration --scopes='openid email profile'
# '';
# };
# in {
# description = "Configure Gitea OAuth with Authelia";
# after = ["gitea.service"];
# wants = ["gitea.service"];
# wantedBy = ["multi-user.target"];
# serviceConfig = {
# Type = "oneshot";
# User = config.services.gitea.user;
# Group = config.services.gitea.group;
# RemainAfterExit = true;
# ExecStart = "${lib.getExe gitea_oauth_script}";
# WorkingDirectory = config.services.gitea.stateDir;
# EnvironmentFile = config.sops.templates."GITEA_OAUTH_SETUP.env".path;
# };
# environment = {
# GITEA_WORK_DIR = config.services.gitea.stateDir;
# GITEA_CUSTOM = config.services.gitea.customDir;
# };
# };
}

79
nixos/mirai/services/headscale.nix
View File

@@ -1,79 +0,0 @@
{config, ...}: {
sops = {
secrets.headscale-secret = {
owner = config.systemd.services.headscale.serviceConfig.User;
mode = "0440";
restartUnits = ["headscale.service" "authelia-darksailor.service"];
key = "authelia/oidc/headscale/client_secret";
};
secrets.headscale-authelia = {
owner = config.systemd.services.authelia-darksailor.serviceConfig.User;
mode = "0440";
restartUnits = ["headscale.service" "authelia-darksailor.service"];
key = "authelia/oidc/headscale/client_secret";
};
};
services = {
headscale = {
enable = true;
port = 8095;
settings = {
dns = {
magic_dns = true;
base_domain = "headscale.darksailor.dev";
nameservers.global = ["1.1.1.1"];
};
oidc = {
issuer = "https://auth.darksailor.dev";
client_id = "headscale";
client_secret_path = "${config.sops.secrets.headscale-secret.path}";
pkce = {
enabled = true;
method = "S256";
};
};
};
};
# headplane = {
# enable = true;
# settings = {
# server.port = 42562;
# };
# };
caddy = {
virtualHosts."headscale.darksailor.dev".extraConfig = ''
reverse_proxy localhost:${toString config.services.headplane.settings.server.port}
'';
};
authelia = {
instances.darksailor = {
settings = {
identity_providers = {
oidc = {
clients = [
{
client_name = "HeadScale";
client_id = "headscale";
client_secret = ''{{ secret "${config.sops.secrets.headscale-authelia.path}" }}'';
public = false;
authorization_policy = "one_factor";
require_pkce = true;
pkce_challenge_method = "S256";
redirect_uris = [
"https://headscale.darksailor.dev/oidc/callback"
];
scopes = ["openid" "email" "profile" "groups"];
response_types = ["code"];
grant_types = ["authorization_code"];
access_token_signed_response_alg = "none";
userinfo_signed_response_alg = "none";
token_endpoint_auth_method = "client_secret_basic";
}
];
};
};
};
};
};
};
}

181
nixos/mirai/services/homepage.nix
View File

@@ -1,181 +0,0 @@
{config, ...}: {
services = {
homepage-dashboard = {
enable = true;
allowedHosts = "dashboard.darksailor.dev";
settings = {
title = "Servius' Dashboard";
description = "A collection of services and links for quick access.";
};
widgets = [
{
resources = {
cpu = true;
disk = "/";
memory = true;
};
}
];
services = [
{
"Tsuba" = [
{
"Jellyfin" = {
icon = "jellyfin.png";
description = "Jellyfin Media Server";
href = "https://jellyfin.tsuba.darksailor.dev";
};
}
{
"Sonarr" = {
icon = "sonarr.png";
description = "Sonarr: TV Series Management";
href = "https://sonarr.tsuba.darksailor.dev";
};
}
{
"Bazarr" = {
icon = "bazarr.png";
description = "Bazarr: Subtitles and Metadata";
href = "https://bazarr.tsuba.darksailor.dev";
};
}
{
"Radarr" = {
icon = "radarr.png";
description = "Radarr: Movie Management";
href = "https://radarr.tsuba.darksailor.dev";
};
}
{
"Deluge" = {
icon = "deluge.png";
description = "Deluge: Torrent Client";
href = "https://deluge.tsuba.darksailor.dev";
};
}
{
"Prowlarr" = {
icon = "prowlarr.png";
description = "Prowlarr: Indexer Manager";
href = "https://prowlarr.tsuba.darksailor.dev";
};
}
{
"Home Assistant" = {
icon = "home-assistant.png";
description = "Home Automation";
href = "https://home.darksailor.dev";
};
}
];
}
{
"Mirai" = [
{
"Gitea" = {
icon = "gitea.png";
description = "Gitea Code Hosting";
href = "https://git.darksailor.dev";
};
}
{
"Nextcloud" = {
icon = "nextcloud.png";
description = "Nextcloud Suite";
href = "https://cloud.darksailor.dev";
};
}
{
"Open WebUI" = {
icon = "open-webui.png";
description = "Open WebUI for self hosted llms";
href = "https://llama.darksailor.dev";
};
}
{
"Immich" = {
icon = "immich.png";
description = "Immich: Self-hosted Photo and Video Backup";
href = "https://photos.darksailor.dev";
};
}
{
"Excalidraw" = {
icon = "excalidraw.png";
description = "Excalidraw: Self-hosted Collaborative Whiteboard";
href = "https://draw.darksailor.dev";
};
}
];
}
];
bookmarks = [
{
"Nix" = [
{
"Nixpkgs" = [
{
abbr = "pkgs";
href = "https://search.nixos.org/packages?channel=unstable";
}
];
}
{
"NixOS" = [
{
abbr = "nixos";
href = "https://search.nixos.org/options?channel=unstable";
}
];
}
{
"Home Manager" = [
{
abbr = "hm";
href = "https://home-manager-options.extranix.com";
}
];
}
{
"NixVim" = [
{
abbr = "nixvim";
href = "https://nix-community.github.io/nixvim/search";
}
];
}
{
"Tailscale" = [
{
abbr = "ts";
href = "https://login.tailscale.com";
}
];
}
];
}
];
};
caddy = {
virtualHosts."dashboard.darksailor.dev".extraConfig = ''
import auth
reverse_proxy localhost:${builtins.toString config.services.homepage-dashboard.listenPort}
'';
};
authelia = {
instances.darksailor = {
settings = {
access_control = {
rules = [
{
domain = "dashboard.darksailor.dev";
policy = "one_factor";
}
];
};
};
};
};
};
}

118
nixos/mirai/services/immich.nix
View File

@@ -1,118 +0,0 @@
{
pkgs,
config,
...
}: {
sops = {
secrets."authelia/oidc/immich/client_id" = {
owner = config.systemd.services.authelia-darksailor.serviceConfig.User;
mode = "0440";
restartUnits = ["immich-server.service" "authelia-darksailor.service"];
};
secrets."authelia/oidc/immich/client_secret" = {
owner = config.systemd.services.authelia-darksailor.serviceConfig.User;
mode = "0440";
restartUnits = ["immich-server.service" "authelia-darksailor.service"];
};
templates = {
"immich-config.json" = {
content =
/*
json
*/
''
{
"oauth": {
"clientId": "${config.sops.placeholder."authelia/oidc/immich/client_id"}",
"clientSecret": "${config.sops.placeholder."authelia/oidc/immich/client_secret"}",
"enabled": true,
"autoLaunch": true,
"autoRegister": true,
"buttonText": "Login with Authelia",
"scope": "openid email profile",
"issuerUrl": "https://auth.darksailor.dev"
},
"passwordLogin" : {
"enabled": false
},
"server": {
"externalDomain": "https://photos.darksailor.dev"
},
{
"machineLearning": {
"enabled": true,
"urls": [
"http://ryu.darksailor.dev:3003",
"http://localhost:3003"
],
}
}
}
'';
mode = "0400";
owner = "immich";
restartUnits = ["immich-server.service"];
};
};
};
virtualisation.oci-containers = {
backend = "docker";
containers = {
immich-machine-learning = {
image = "ghcr.io/immich-app/immich-machine-learning:v${pkgs.immich.version}";
ports = [
"127.0.0.1:3003:3003"
];
volumes = [
"model-cache:/cache"
];
};
};
};
services.immich = {
enable = true;
mediaLocation = "/media/photos/immich";
accelerationDevices = null;
machine-learning.enable = false;
environment = {
IMMICH_CONFIG_FILE = config.sops.templates."immich-config.json".path;
};
package = pkgs.immich;
};
services.caddy = {
virtualHosts."photos.darksailor.dev".extraConfig = ''
reverse_proxy localhost:${builtins.toString config.services.immich.port}
'';
};
services.authelia = {
instances.darksailor = {
settings = {
identity_providers = {
oidc = {
clients = [
{
client_name = "immich";
client_id = ''{{ secret "${config.sops.secrets."authelia/oidc/immich/client_id".path}" }}'';
client_secret = ''{{ secret "${config.sops.secrets."authelia/oidc/immich/client_secret".path}" }}'';
public = false;
authorization_policy = "one_factor";
require_pkce = false;
redirect_uris = [
"https://photos.darksailor.dev/auth/login"
"https://photos.darksailor.dev/user-settings"
"app.immich:///oauth-callback"
];
scopes = ["openid" "profile" "email"];
response_types = ["code"];
grant_types = ["authorization_code"];
# access_token_signed_response_alg = "none";
userinfo_signed_response_alg = "none";
token_endpoint_auth_method = "client_secret_post";
}
];
};
};
};
};
};
}

103
nixos/mirai/services/llama.nix
View File

@@ -1,103 +0,0 @@
{
config,
pkgs,
inputs,
...
}: {
sops = {
secrets."llama/api_key".owner = config.services.caddy.user;
secrets."llama/user".owner = config.services.caddy.user;
secrets."openai/api_key" = {};
templates = {
"LLAMA_API_KEY.env".content = ''
LLAMA_API_KEY=${config.sops.placeholder."llama/api_key"}
'';
api_key_env.owner = config.services.caddy.user;
"OPENAI_API_KEY.env".content = ''
OPENAI_API_KEY="${config.sops.placeholder."openai/api_key"}"
'';
};
};
services = {
llama-cpp = {
enable = false;
port = 11435;
model = pkgs.fetchurl {
url = "https://huggingface.co/lmstudio-community/gpt-oss-20b-GGUF/resolve/main/gpt-oss-20b-MXFP4.gguf";
sha256 = "65d06d31a3977d553cb3af137b5c26b5f1e9297a6aaa29ae7caa98788cde53ab";
};
# package = pkgs.ik_llama;
};
ollama = {
enable = false;
loadModels = [
"deepseek-r1:7b"
"deepseek-r1:14b"
"RobinBially/nomic-embed-text-8k"
"qwen3:8b"
];
port = 11434;
host = "0.0.0.0";
environmentVariables = {
OLLAMA_ORIGINS = "*";
};
};
open-webui = {
enable = false;
port = 7070;
environment = {
SCARF_NO_ANALYTICS = "True";
DO_NOT_TRACK = "True";
ANONYMIZED_TELEMETRY = "False";
WEBUI_AUTH = "False";
ENABLE_LOGIN_FORM = "False";
WEBUI_URL = "https://llama.darksailor.dev";
OPENAI_BASE_URL = "https://ollama.darksailor.dev/v1";
OLLAMA_API_BASE_URL = "https://ollama.ryu.darksailor.dev";
};
environmentFile = "${config.sops.templates."LLAMA_API_KEY.env".path}";
};
caddy = {
virtualHosts."llama.darksailor.dev".extraConfig = ''
import auth
reverse_proxy localhost:${builtins.toString config.services.open-webui.port}
'';
virtualHosts."ollama.darksailor.dev".extraConfig = ''
@apikey {
header Authorization "Bearer {env.LLAMA_API_KEY}"
}
handle @apikey {
header {
# Set response headers or proxy to a different service if API key is valid
Access-Control-Allow-Origin *
-Authorization "Bearer {env.LLAMA_API_KEY}" # Remove the header after validation
}
reverse_proxy localhost:${builtins.toString config.services.llama-cpp.port}
}
respond "Unauthorized" 403
'';
};
authelia = {
instances.darksailor = {
settings = {
access_control = {
rules = [
{
domain = "llama.darksailor.dev";
policy = "one_factor";
}
];
};
};
};
};
};
systemd.services.caddy = {
serviceConfig = {
EnvironmentFile = config.sops.templates."LLAMA_API_KEY.env".path;
};
};
}

Some files were not shown because too many files have changed in this diff Show More