Merge branch 'homelab'

2025-12-06 08:07:45 +00:00 · 2024-11-29 16:31:15 +00:00 · 2024-11-29 16:31:15 +00:00 · 8bbe4f9a6c
commit 8bbe4f9a6c
parent 4e743403b0 e0341a84d9
26 changed files with 767 additions and 237 deletions
--- a/modules/home/default.nix
+++ b/modules/home/default.nix
@ -13,4 +13,6 @@ in {
  programs.home-manager.enable = true;
  home.username = cfg.user.name;
  home.homeDirectory = "/home/${cfg.user.name}";
+  # home.profileDirectory =
+  #   "${config.home.homeDirectory}/.local/state/nix/profile/";
 }
--- a/modules/home/desktop/i3.nix
+++ b/modules/home/desktop/i3.nix
@ -14,29 +14,30 @@
          separator = "";
        };
        icons = "awesome5";
-        blocks = [{
-          block = "sound";
-          format = " $icon $volume ";
-          click = [{
-            button = "left";
-            cmd = "pavucontrol";
-          }];
-        } {
+        blocks = [
+          {
+            block = "sound";
+            format = " $icon $volume ";
+            click = [{
+              button = "left";
+              cmd = "pavucontrol";
+            }];
+          }
+          {
            block = "time";
            format = "$icon $timestamp.datetime(f:'%Y-%m-%d %a %H:%M:%S') ";
            interval = 1;
-        }];
+          }
+        ];
      };
    };

    xsession.windowManager.i3 = let
      modifier = "Mod4";
      wsAmount = 10;
-      genSpaces = f: map builtins.toString (
-        builtins.genList f wsAmount
-      );
-      workspaces = genSpaces (x: x+1);
-    
+      genSpaces = f: map builtins.toString (builtins.genList f wsAmount);
+      workspaces = genSpaces (x: x + 1);
+
    in {
      enable = true;
      config = {
@ -53,38 +54,43 @@
        workspaceAutoBackAndForth = true;
        focus.wrapping = "yes";

+        startup = [ ] ++ lib.optionals config.mods.social.enable [{
+          command = "exec vesktop";
+        }];
+
+        assigns = {
+          "2" = [{ class = "^electron$"; }];
+          "3" = [{ class = "^Steam$"; }];
+        };
+
        keybindings = let
          # modKeyComb: string -> valueAction: string
          # -> keys: [string] -> values: [string]
          # -> keybindings: attrSet { string -> string }
-          zipBinds = comb: action: keys: values: (
-            builtins.listToAttrs (lib.zipListsWith (k: v: {
+          zipBinds = comb: action: keys: values:
+            (builtins.listToAttrs (lib.zipListsWith (k: v: {
              name = "${modifier}${comb}${k}";
              value = "${action} ${v}";
-            }) keys values)
-          );
+            }) keys values));

-          moveKeys = ["h" "j" "k" "l"];
-          moveDirs = ["left" "down" "up" "right"];
+          moveKeys = [ "h" "j" "k" "l" ];
+          moveDirs = [ "left" "down" "up" "right" ];

-          workspKeys = genSpaces (x: lib.mod (x+1) wsAmount);
+          workspKeys = genSpaces (x: lib.mod (x + 1) wsAmount);

-        in lib.mkOptionDefault (
-          (zipBinds "+" "focus" moveKeys moveDirs) //
-          (zipBinds "+Shift+" "move" moveKeys moveDirs) //
-          (zipBinds "+" "workspace number" workspKeys workspaces) //
-          (zipBinds "+Shift+" "move container to workspace number"
-            workspKeys workspaces) //
-          {
-            "XF86AudioRaiseVolume" = 
-              "exec --no-startup-id pactl set-sink-volume 0 +2%";
-            "XF86AudioLowerVolume" = 
-              "exec --no-startup-id pactl set-sink-volume 0 -2%";
-          }
-        );
+        in lib.mkOptionDefault ((zipBinds "+" "focus" moveKeys moveDirs)
+          // (zipBinds "+Shift+" "move" moveKeys moveDirs)
+          // (zipBinds "+" "workspace number" workspKeys workspaces)
+          // (zipBinds "+Shift+" "move container to workspace number" workspKeys
+            workspaces) // {
+              "XF86AudioRaiseVolume" =
+                "exec --no-startup-id pactl set-sink-volume 0 +2%";
+              "XF86AudioLowerVolume" =
+                "exec --no-startup-id pactl set-sink-volume 0 -2%";
+            });

        bars = let
-          status_conf = 
+          status_conf =
            "${config.xdg.configHome}/i3status-rust/config-default.toml";
          stylix_bar = {
            mode = "dock";
@ -96,9 +102,7 @@
            workspaceNumbers = true;
            trayOutput = "primary";
          } // config.lib.stylix.i3.bar;
-        in [
-          stylix_bar
-        ];
+        in [ stylix_bar ];
      };
    };
  };
--- a/modules/home/desktop/media.nix
+++ b/modules/home/desktop/media.nix
@ -8,6 +8,13 @@
      pulseaudio
      pavucontrol

+      # Video
+      stremio
+
+      # Interactive
+      bottles
+      mindustry
+
      # Podcasts
      gpodder
    ];
--- a/modules/home/desktop/productivity.nix
+++ b/modules/home/desktop/productivity.nix
@ -19,6 +19,10 @@

      # password manager
      bitwarden-desktop
+
+      # documents
+      texliveFull
+      texstudio
    ];

    home.sessionVariables.BROWSER = "librewolf";
--- a/modules/home/desktop/social.nix
+++ b/modules/home/desktop/social.nix
@ -1,5 +1,5 @@
-{ pkgs, lib, config, ... }: 
-let 
+{ pkgs, lib, config, ... }:
+let
  vesktop-nogain = (pkgs.vesktop.overrideAttrs (previousAttrs: {
    patches = previousAttrs.patches ++ [
      (builtins.fetchurl {
@ -15,7 +15,7 @@ in {
  config = lib.mkIf config.mods.social.enable {
    home.packages = with pkgs; [
      # Communication
-      kotatogram-desktop
+      # kotatogram-desktop
      signal-desktop
      vesktop-nogain

--- a/modules/home/terminal/development.nix
+++ b/modules/home/terminal/development.nix
@ -71,6 +71,7 @@ in {
    programs.direnv = {
      enable = true;
      nix-direnv.enable = true;
+      enableZshIntegration = lib.mkIf config.mods.terminal.zsh.enable true;
    };

    home.sessionVariables.EDITOR = "hx";
--- a/modules/home/terminal/tools.nix
+++ b/modules/home/terminal/tools.nix
@ -1,36 +1,35 @@
 { pkgs, lib, config, ... }:
-let
-  cfg = config.mods.terminal;
+let cfg = config.mods.terminal;
 in with lib; {
  options.mods.terminal.tools.enable = mkEnableOption "enables cli tools";

  config = mkIf cfg.tools.enable {
-    programs.zellij = {
-      enable = true;
-      # enableZshIntegration = mkIf cfg.zsh.enable true;
-    };

-    programs.fzf = {
-      enable = true;
-      enableZshIntegration = mkIf cfg.zsh.enable true;
-    };
+    programs = builtins.listToAttrs (map (name: {
+      name = name;
+      value = {
+        enable = true;
+      } // optionalAttrs
+        (builtins.hasAttr "enableZshIntegration" config.programs.${name}) {
+          enableZshIntegration = mkIf cfg.zsh.enable true;
+        };
+    }) [
+      "zellij"
+      "fzf"
+      "eza"
+      "bat"
+      "zoxide"
+      "dircolors"
+      "yazi"
+      "nix-index"
+      "thefuck"

-    programs.zoxide = {
-      enable = true;
-      enableZshIntegration = mkIf cfg.zsh.enable true;
-    };
-
-    programs.dircolors = {
-      enable = true;
-      enableZshIntegration = mkIf cfg.zsh.enable true;
-    };
-
-    programs.yazi = {
-      enable = true;
-      enableZshIntegration = mkIf cfg.zsh.enable true;
-    };
-
-    programs.lazygit.enable = true;
+      "lazygit"
+      "fd"
+      "ripgrep"
+      "bottom"
+      "htop"
+    ]);

    home.packages = with pkgs; [
      # libraries
@ -38,13 +37,11 @@ in with lib; {
      ueberzugpp

      # file managing
-      fd
-      ripgrep
      trash-cli

      # programs
-      bottom
      fend
+      unzip
    ];
  };
 }
--- a/modules/home/xdg.nix
+++ b/modules/home/xdg.nix
@ -1,10 +1,11 @@
 { pkgs, lib, config, ... }: {
-  options.mods.xdg.enable =
-    lib.mkEnableOption "enables xdg settings";
+  options.mods.xdg.enable = lib.mkEnableOption "enables xdg settings";

  config = lib.mkIf config.mods.xdg.enable {
-    xdg = let 
-      browser = ["librewolf.desktop"];
+    nix.settings.use-xdg-base-directories = true;
+
+    xdg = let
+      browser = [ "librewolf.desktop" ];
      associations = {
        "text/html" = browser;
        "x-scheme-handler/http" = browser;
@ -19,13 +20,13 @@
        "application/x-extension-xhtml" = browser;
        "application/x-extension-xht" = browser;

-        "audio/*" = ["mpv.desktop"];
-        "video/*" = ["mpv.dekstop"];
-        "image/*" = ["imv.desktop"];
+        "audio/*" = [ "mpv.desktop" ];
+        "video/*" = [ "mpv.dekstop" ];
+        "image/*" = [ "imv.desktop" ];
        "application/json" = browser;
        # "application/pdf" = ["org.pwmt.zathura.desktop.desktop"];
-        "x-scheme-handler/tg" = ["kotatogram-desktop.desktop"];
-        "x-scheme-handler/discord" = ["vesktop.desktop"];
+        "x-scheme-handler/tg" = [ "kotatogram-desktop.desktop" ];
+        "x-scheme-handler/discord" = [ "vesktop.desktop" ];
      };
    in {
      enable = true;
--- a/modules/nixos/core/boot.nix
+++ b/modules/nixos/core/boot.nix
@ -1,17 +1,18 @@
 { pkgs, lib, config, ... }: {
  options.mods = {
    boot.enable = lib.mkEnableOption {
-      description = "enables grub"; 
+      description = "enables grub";
      default = true;
    };
  };

  config = lib.mkIf config.mods.boot.enable {
    boot.loader = lib.mkIf config.mods.xorg.enable {
-      timeout = 0;
+      timeout = 2;
      efi.canTouchEfiVariables = true;
      grub = {
        enable = true;
+        zfsSupport = true;
        efiSupport = true;
        device = "nodev";
        gfxmodeEfi = config.mods.monitors.primary.config.mode;
--- a/modules/nixos/core/network.nix
+++ b/modules/nixos/core/network.nix
@ -1,14 +1,24 @@
-{ pkgs, lib, config, ... }: {
+{ pkgs, lib, config, ... }:
+
+let
+  cfg = config.mods;
+  wg = cfg.wireguard;
+
+in with lib; {
  options.mods = {
-    i2p.enable = lib.mkEnableOption "enables i2p network";
-    tailscale.enable = lib.mkEnableOption "enables tailscale";
-    wireguard.enable = lib.mkEnableOption "enables wireguard client";
-    openvpn.enable = lib.mkEnableOption "enables openvpn config";
+    i2p.enable = mkEnableOption "enables i2p network";
+    tailscale.enable = mkEnableOption "enables tailscale";
+    wireguard.enable = mkEnableOption "enables wireguard client";
+    wireguard.id = mkOption {
+      type = with types; nullOr ints.u8;
+      default = null;
+    };
+    openvpn.enable = mkEnableOption "enables openvpn config";
    openvpn.config = let
      username = "${config.mods.user.name}";
      folder = "${config.users.users.${username}.home}/documents/openvpn/";
      file = "${config.mods.user.name}.ovpn";
-    in lib.mkOption {
+    in mkOption {
      description = "the config location";
      default = "${folder}${file}";
    };
@ -18,10 +28,10 @@
    networking.networkmanager.enable = true;
    services.resolved.enable = true;

-    services.tailscale.enable = config.mods.tailscale.enable;
+    services.tailscale.enable = cfg.tailscale.enable;

-    services.openvpn.servers = lib.mkIf config.mods.openvpn.enable {
-      remote.config = "config ${config.mods.openvpn.config}";
+    services.openvpn.servers = mkIf cfg.openvpn.enable {
+      remote.config = "config ${cfg.openvpn.config}";
    };

    networking.firewall.allowedTCPPorts = [
@ -30,7 +40,7 @@
      4447 # default socks proxy port
      4444 # default http proxy port
    ];
-    services.i2pd = lib.mkIf config.mods.i2p.enable {
+    services.i2pd = lib.mkIf cfg.i2p.enable {
      enable = true;
      proto.sam.enable = true;
      address = "127.0.0.1";
@ -42,16 +52,17 @@
    };

    networking.firewall.allowedUDPPorts = [ 51820 ];
-    networking.wg-quick.interfaces = lib.mkIf config.mods.wireguard.enable {
+    networking.wg-quick.interfaces = lib.mkIf (wg.id != null) {
      wg0 = {
-        address = [ "10.0.0.2/24" "fdc9:281f:04d7:9ee9::2/64" ];
+        address = [ "10.0.0.${wg.id}/24" "fdc9:281f:04d7:9ee9::${wg.id}/64" ];
        dns = [ "10.0.0.1" "fdc9:281f:04d7:9ee9::1" ];
        mtu = 1500;
        privateKeyFile = "/home/muon/wireguard-keys/private";

        peers = [{
          publicKey = "2RF8GmTZwQdzVm2l2piYy6U0qiMU3wSxC7Lt8urAjwA=";
-          presharedKeyFile = "/home/muon/wireguard-keys/psk-muon";
+          presharedKeyFile =
+            "/home/muon/wireguard-keys/psk-${config.networking.hostName}";
          allowedIPs = [ "0.0.0.0/0" "::/0" ];
          # ip route add 93.95.230.11 via 192.168.0.1
          endpoint = "93.95.230.11:51820";
@ -60,24 +71,5 @@
      };
    };

-    # networking.wireguard.interfaces = lib.mkIf config.mods.wireguard.enable {
-    #   wg0 = {
-    #     ips = [ "10.100.0.2/24" ];
-    #     listenPort = 51820;
-
-    #     privateKeyFile = "/home/muon/wireguard-keys/private";
-
-    #     peers = [
-    #       {
-    #         publicKey = "2RF8GmTZwQdzVm2l2piYy6U0qiMU3wSxC7Lt8urAjwA=";
-    #         allowedIPs = [ "0.0.0.0/0" ];
-    #         # ip route add 93.95.230.11 via 192.168.0.1
-    #         endpoint = "93.95.230.11:51820";
-    #         persistentKeepalive = 25;
-    #       }
-    #     ];
-    #   };
-    # };
-
  };
 }
--- a/modules/nixos/desktop/xorg.nix
+++ b/modules/nixos/desktop/xorg.nix
@ -1,4 +1,5 @@
-{ pkgs, lib, config, ... }: let
+{ pkgs, lib, config, ... }:
+let
  monitorModule = lib.types.submodule {
    options = {
      name = lib.mkOption {
@ -21,22 +22,22 @@ in {
    };
  };

-  config = let 
+  config = let
    startupTargets = [
      "systemd-user-sessions.service"
      "multi-user.target"
      "network-online.target"
    ];
-  
+
  in lib.mkIf config.mods.xorg.enable {
    services.xserver.enable = true;
    services.xserver.xkb.layout = "us";
    services.xserver.xkb.options = "caps:escape";

-    services.xserver.displayManager.gdm.enable = true;
+    # services.xserver.displayManager.gdm.enable = true;
+    services.xserver.displayManager.sddm.enable = true;
    services.displayManager.autoLogin.enable = true;
-    services.displayManager.autoLogin.user =
-      config.mods.user.name;
+    services.displayManager.autoLogin.user = config.mods.user.name;

    systemd.services.display-manager.wants = startupTargets;
    systemd.services.display-manager.after = startupTargets;
--- a/modules/nixos/server/default.nix
+++ b/modules/nixos/server/default.nix
@ -9,5 +9,6 @@
    ./wireguard.nix
    ./headscale.nix
    ./photoprism.nix
+    ./search.nix
  ];
 }
--- a/modules/nixos/server/media.nix
+++ b/modules/nixos/server/media.nix
@ -6,12 +6,20 @@
    };
  };

-
  config = lib.mkIf config.mods.server.media.enable {
    services.jellyfin = {
      enable = true;
      openFirewall = true;
-      user="${config.mods.user.name}";
+      user = "${config.mods.user.name}";
    };
+
+    services.immich = {
+      enable = true;
+      openFirewall = true;
+      host = "0.0.0.0";
+      # user = "${config.mods.user.name}";
+    };
+
+    users.users.immich.extraGroups = [ "video" "render" ];
  };
 }
--- a/modules/nixos/server/search.nix
+++ b/modules/nixos/server/search.nix
@ -0,0 +1,48 @@
+{ pkgs, lib, config, ... }:
+let
+  inherit (lib) types mkOption mkEnableOption;
+  cfg = config.mods.server.search;
+in {
+  options.mods.server.search = {
+    enable = mkEnableOption {
+      default = false;
+      description = "enables search engine server";
+    };
+
+    port = mkOption {
+      type = types.port;
+      default = 8081;
+    };
+
+    nginx = mkOption {
+      type = types.nullOr types.str;
+      default = "search";
+    };
+  };
+
+  config = {
+    services.searx = lib.mkIf cfg.enable {
+      enable = true;
+
+      runInUwsgi = true;
+      uwsgiConfig = {
+        disable-logging = true;
+        http = ":${toString cfg.port}";
+      };
+
+      settings = {
+        server.port = cfg.port;
+        server.bind_address = "0.0.0.0";
+        server.secret_key = "temporary-before-sops";
+
+        enabled_plugins = [ "Hostnames plugin" "Tracker URL remover" ];
+        hostnames.remove = [ "(.*.)?facebook.com$" ];
+        hostnames.replace = {
+          "(.*.)?reddit.com$" = "redlib.northboot.xyz";
+          "(.*.)?youtube.com$" = "invidious.example.com";
+        };
+      };
+    };
+
+  };
+}
--- a/modules/nixos/unfree/nvidia.nix
+++ b/modules/nixos/unfree/nvidia.nix
@ -1,6 +1,5 @@
 { pkgs, lib, config, ... }:
-let
-  cfg = config.mods.unfree.nvidia;
+let cfg = config.mods.unfree.nvidia;
 in {
  options.mods.unfree.nvidia = {
    enable = lib.mkEnableOption {
@ -8,7 +7,7 @@ in {
      description = "enables proprietary nvidia drivers";
    };
    packages = lib.mkOption {
-      default = [ "nvidia-x11" ];
+      default = [ "nvidia-x11" "nvidia-settings" ];
      description = "unfree packages";
    };
    driver = lib.mkOption {
@ -29,12 +28,12 @@ in {
    hardware.nvidia = {
      modesetting.enable = true;

-      powerManagement.enable = false;
+      # powerManagement.enable = false;
      powerManagement.finegrained = false;

      open = false;
-      nvidiaSettings = false;
-      
+      nvidiaSettings = lib.mkDefault false;
+
      package = config.boot.kernelPackages.nvidiaPackages."${cfg.driver}";
    };
  };
--- a/modules/nixos/unfree/steam.nix
+++ b/modules/nixos/unfree/steam.nix
@ -5,11 +5,7 @@
      description = "enables proprietary steam software";
    };
    packages = lib.mkOption {
-      default = [
-        "steam"
-        "steam-original"
-        "steam-run"
-      ];
+      default = [ "steam" "steam-original" "steam-run" "steam-unwrapped" ];
      description = "unfree packages";
    };
  };