muon/flake
1
0
Fork 0
mirror of https://codeberg.org/muon/home.git synced 2026-03-08 03:25:16 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Merge branch 'main' of codeberg.org:muon/home

Browse source
This commit is contained in:
muon 2026-01-17 11:01:59 +00:00
commit c960a79e21
7 changed files with 236 additions and 249 deletions
Download patch file Download diff file Expand all files Collapse all files

76
flake.lock generated
View file

@ -233,11 +233,11 @@
]
},
"locked": {
"lastModified": 1766553851,
"narHash": "sha256-hHKQhHkXxuPJwLkI8wdu826GLV5AcuW9/HVdc9eBnTU=",
"lastModified": 1767606757,
"narHash": "sha256-lCl9QyHHHG/lKkpZu9nhJ5ri30FUD66VWNMJp167wPY=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "7eca7f7081036a7b740090994c9ec543927f89a7",
"rev": "c4eabb884b01366f25c3f80823b12dd595ed603a",
"type": "github"
},
"original": {
@ -254,11 +254,11 @@
]
},
"locked": {
"lastModified": 1765682243,
"narHash": "sha256-yeCxFV/905Wr91yKt5zrVvK6O2CVXWRMSrxqlAZnLp0=",
"lastModified": 1767104570,
"narHash": "sha256-GKgwu5//R+cLdKysZjGqvUEEOGXXLdt93sNXeb2M/Lk=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "58bf3ecb2d0bba7bdf363fc8a6c4d49b4d509d03",
"rev": "e4e78a2cbeaddd07ab7238971b16468cc1d14daf",
"type": "github"
},
"original": {
@ -299,7 +299,10 @@
},
"ndg": {
"inputs": {
"nixpkgs": "nixpkgs_4"
"nixpkgs": [
"nvf",
"nixpkgs"
]
},
"locked": {
"lastModified": 1765720983,
@ -426,11 +429,11 @@
},
"nixpkgs_3": {
"locked": {
"lastModified": 1766309749,
"narHash": "sha256-3xY8CZ4rSnQ0NqGhMKAy5vgC+2IVK0NoVEzDoOh4DA4=",
"lastModified": 1767379071,
"narHash": "sha256-EgE0pxsrW9jp9YFMkHL9JMXxcqi/OoumPJYwf+Okucw=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "a6531044f6d0bef691ea18d4d4ce44d0daa6e816",
"rev": "fb7944c166a3b630f177938e478f0378e64ce108",
"type": "github"
},
"original": {
@ -442,27 +445,11 @@
},
"nixpkgs_4": {
"locked": {
"lastModified": 1764242076,
"narHash": "sha256-sKoIWfnijJ0+9e4wRvIgm/HgE27bzwQxcEmo2J/gNpI=",
"lastModified": 1766651565,
"narHash": "sha256-QEhk0eXgyIqTpJ/ehZKg9IKS7EtlWxF3N7DXy42zPfU=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "2fad6eac6077f03fe109c4d4eb171cf96791faa4",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_5": {
"locked": {
"lastModified": 1764517877,
"narHash": "sha256-pp3uT4hHijIC8JUK5MEqeAWmParJrgBVzHLNfJDZxg4=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "2d293cbfa5a793b4c50d17c05ef9e385b90edf6c",
"rev": "3e2499d5539c16d0d173ba53552a4ff8547f4539",
"type": "github"
},
"original": {
@ -509,15 +496,16 @@
"systems": "systems_2"
},
"locked": {
"lastModified": 1766596669,
"narHash": "sha256-9C72hpMDa99n4MbqZqsBkrBQZe+HEN9lnu7Sme67nmU=",
"owner": "NotAShelf",
"lastModified": 1767502401,
"narHash": "sha256-5XJhFSzF5KAfHN9roSR0B/mIhogkM0kehrdI/NNBGVQ=",
"owner": "thamenato",
"repo": "nvf",
"rev": "ef1f22efaf4aa37ba9382a7d1807fa8ac9c097fd",
"rev": "3e372f0c2a09673c686605b9f69e337b9ad7d6a9",
"type": "github"
},
"original": {
"owner": "NotAShelf",
"owner": "thamenato",
"ref": "fix-nvim-treesitter",
"repo": "nvf",
"type": "github"
}
@ -544,11 +532,11 @@
]
},
"locked": {
"lastModified": 1766289575,
"narHash": "sha256-BOKCwOQQIP4p9z8DasT5r+qjri3x7sPCOq+FTjY8Z+o=",
"lastModified": 1767499857,
"narHash": "sha256-0zUU/PW09d6oBaR8x8vMHcAhg1MOvo3CwoXgHijzzNE=",
"owner": "Mic92",
"repo": "sops-nix",
"rev": "9836912e37aef546029e48c8749834735a6b9dad",
"rev": "ecc41505948ec2ab0325f14c9862a4329c2b4190",
"type": "github"
},
"original": {
@ -587,7 +575,7 @@
"firefox-gnome-theme": "firefox-gnome-theme",
"flake-parts": "flake-parts_2",
"gnome-shell": "gnome-shell",
"nixpkgs": "nixpkgs_5",
"nixpkgs": "nixpkgs_4",
"nur": "nur",
"systems": "systems_3",
"tinted-foot": "tinted-foot",
@ -597,11 +585,11 @@
"tinted-zed": "tinted-zed"
},
"locked": {
"lastModified": 1766603026,
"narHash": "sha256-J2DDdRqSU4w9NNgkMfmMeaLIof5PXtS9RG7y6ckDvQE=",
"lastModified": 1767559556,
"narHash": "sha256-Pf1d9Hh9UUQ/oS+evq6dU0MiaDczXXNztTlQekaMbW0=",
"owner": "danth",
"repo": "stylix",
"rev": "551df12ee3ebac52c5712058bd97fd9faa4c3430",
"rev": "b135edbdd403896d1ef507934c045f716deb5609",
"type": "github"
},
"original": {
@ -765,11 +753,11 @@
]
},
"locked": {
"lastModified": 1766614843,
"narHash": "sha256-upUQfQv7Xiy5IZzfsVOL0lH4A/wuUQjG2jlzmBmVuwU=",
"lastModified": 1767568852,
"narHash": "sha256-6s8hL3YX9zAq2T7qvcwwzaEVwc9MEYbW+C2LcAAQfbk=",
"owner": "0xc000022070",
"repo": "zen-browser-flake",
"rev": "b01d17acbec3d1b76fecf500289d8509da202585",
"rev": "350c729b261e6f5529460140a5f0943dd4c5e156",
"type": "github"
},
"original": {

3
flake.nix
View file

@ -14,7 +14,8 @@
nix-alien.url = "github:thiagokokada/nix-alien";
nvf = {
url = "github:NotAShelf/nvf";
# url = "github:NotAShelf/nvf";
url = "github:thamenato/nvf/fix-nvim-treesitter";
inputs.nixpkgs.follows = "nixpkgs";
};

33
hosts/mups/configuration.nix
View file

@ -75,43 +75,40 @@ in {
forceSSL = true;
locations."/" = {proxyPass = "http://10.0.0.3:5001";};
};
"seedbox.muon.host" = {
"stream.muon.host" = {
forceSSL = true;
enableACME = true;
locations = {
"/" = {
proxyPass = "http://10.0.0.3:3013";
};
"/api" = {
"/api/" = {
proxyPass = "http://10.0.0.3:3014";
extraConfig =
#sh
''
limit_req zone=api burst=20 nodelay;
# CORS headers
add_header Access-Control-Allow-Origin "*" always;
add_header Access-Control-Allow-Methods "GET, POST, PUT, DELETE, OPTIONS" always;
add_header Access-Control-Allow-Headers "DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization" always;
add_header Access-Control-Expose-Headers "Content-Length,Content-Range" always;
# add_header Access-Control-Allow-Origin "*" always;
# add_header Access-Control-Allow-Methods "GET, POST, PUT, DELETE, OPTIONS" always;
# add_header Access-Control-Allow-Headers "DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization" always;
# add_header Access-Control-Expose-Headers "Content-Length,Content-Range" always;
# Handle preflight requests
if ($request_method = 'OPTIONS') {
add_header Access-Control-Allow-Origin "*";
add_header Access-Control-Allow-Methods "GET, POST, PUT, DELETE, OPTIONS";
add_header Access-Control-Allow-Headers "DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization";
add_header Content-Type text/plain;
add_header Content-Length 0;
return 204;
}
# if ($request_method = 'OPTIONS') {
# add_header Access-Control-Allow-Origin "*";
# add_header Access-Control-Allow-Methods "GET, POST, PUT, DELETE, OPTIONS";
# add_header Access-Control-Allow-Headers "DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization";
# add_header Content-Type text/plain;
# add_header Content-Length 0;
# return 204;
# }
'';
};
"/api/stream" = {
"/api/stream/" = {
proxyPass = "http://10.0.0.3:3014";
extraConfig =
#sh
''
limit_req zone=download burst=10 nodelay;
proxy_set_header Range $http_range;
# Streaming optimizations

2
hosts/murk/home.nix
View file

@ -21,6 +21,8 @@ in {
mods.terminal.tools.enable = true;
mods.desktop.development.enable = true;
mods.desktop.productivity.enable = false;
mods.zen.enable = true;
mods.obsidian.enable = true;
home.packages = with pkgs;
[

12
modules/home/terminal/nvim/default.nix
View file

@ -50,12 +50,10 @@
languages = {
enableFormat = true;
enableTreesitter = true;
# enableTreesitter = true;
enableExtraDiagnostics = true;
nix.enable = true;
nix.lsp.servers = ["nixd"];
markdown.enable = true;
bash.enable = true;
rust.enable = true;
@ -63,7 +61,6 @@
python = {
enable = true;
lsp.servers = ["pyright"];
format.type = ["ruff" "black"];
};
@ -73,12 +70,17 @@
};
};
treesitter = {
enable = true;
context.enable = true;
};
statusline.lualine.enable = true;
telescope.enable = true;
autocomplete.nvim-cmp.enable = true;
autopairs.nvim-autopairs.enable = true;
tabline.nvimBufferline.enable = true;
treesitter.context.enable = true;
# treesitter.context.enable = true;
comments.comment-nvim.enable = true;
notes.todo-comments.enable = true;

17
modules/nixos/core/network.nix
View file

@ -32,14 +32,15 @@ in
config = {
networking.networkmanager.enable = true;
# networking.nameservers = [ "45.90.28.97" "45.90.30.97" ];
networking.nameservers = ["194.242.2.4#base.dns.mullvad.net"];
# services.resolved = {
# enable = true;
# dnssec = "false";
# dnsovertls = "true";
# domains = [ "~." ];
# fallbackDns = [ "194.242.2.4#base.dns.mullvad.net" ];
# };
# networking.nameservers = ["194.242.2.4#base.dns.mullvad.net"];
# networking.enableIPv6 = false;
services.resolved = {
enable = true;
dnssec = "false";
dnsovertls = "true";
domains = ["~."];
fallbackDns = ["194.242.2.4#base.dns.mullvad.net"];
};
# udev 250 doesn't reliably reinitialize devices after restart
systemd.services.systemd-udevd.restartIfChanged = false;

342
modules/nixos/server/containers/seedbox.nix
View file

@ -17,181 +17,177 @@ in
};
};
config =
mkIf config.mods.server.nginx.enable {
}
// mkIf cfg.enable {
networking.firewall = {
allowedTCPPorts = [port bport];
allowedUDPPorts = [port bport];
};
config = mkIf cfg.enable {
networking.firewall = {
allowedTCPPorts = [port bport];
};
# Runtime
virtualisation.docker = {
enable = true;
autoPrune.enable = true;
};
virtualisation.oci-containers.backend = "docker";
# Runtime
virtualisation.docker = {
enable = true;
autoPrune.enable = true;
};
virtualisation.oci-containers.backend = "docker";
# Containers
virtualisation.oci-containers.containers."seedbox-backend" = {
image = "compose2nix/seedbox-backend";
volumes = [
"seedbox-lite_seedbox_cache:/app/cache:rw"
"seedbox-lite_seedbox_data:/app/data:rw"
];
ports = [
"${toString bport}:3001/tcp"
];
log-driver = "journald";
extraOptions = [
"--network-alias=seedbox-backend"
"--network=seedbox-lite_seedbox-network"
];
environment = {
NODE_ENV = "production";
ACCESS_PASSWORD = "temp_pass";
FRONTEND_URL = "http://localhost:${toString port}";
};
};
systemd.services."docker-seedbox-backend" = {
serviceConfig = {
Restart = lib.mkOverride 90 "always";
RestartMaxDelaySec = lib.mkOverride 90 "1m";
RestartSec = lib.mkOverride 90 "100ms";
RestartSteps = lib.mkOverride 90 9;
};
after = [
"docker-network-seedbox-lite_seedbox-network.service"
"docker-volume-seedbox-lite_seedbox_cache.service"
"docker-volume-seedbox-lite_seedbox_data.service"
];
requires = [
"docker-network-seedbox-lite_seedbox-network.service"
"docker-volume-seedbox-lite_seedbox_cache.service"
"docker-volume-seedbox-lite_seedbox_data.service"
];
partOf = [
"docker-compose-seedbox-lite-root.target"
];
wantedBy = [
"docker-compose-seedbox-lite-root.target"
];
};
virtualisation.oci-containers.containers."seedbox-frontend" = {
image = "compose2nix/seedbox-frontend";
ports = [
"${toString port}:8080/tcp"
];
dependsOn = [
"seedbox-backend"
];
log-driver = "journald";
extraOptions = [
"--network-alias=seedbox-frontend"
"--network=seedbox-lite_seedbox-network"
];
environment = {
NODE_ENV = "production";
ACCESS_PASSWORD = "temp_pass";
};
};
systemd.services."docker-seedbox-frontend" = {
serviceConfig = {
Restart = lib.mkOverride 90 "always";
RestartMaxDelaySec = lib.mkOverride 90 "1m";
RestartSec = lib.mkOverride 90 "100ms";
RestartSteps = lib.mkOverride 90 9;
};
after = [
"docker-network-seedbox-lite_seedbox-network.service"
];
requires = [
"docker-network-seedbox-lite_seedbox-network.service"
];
partOf = [
"docker-compose-seedbox-lite-root.target"
];
wantedBy = [
"docker-compose-seedbox-lite-root.target"
];
};
# Networks
systemd.services."docker-network-seedbox-lite_seedbox-network" = {
path = [pkgs.docker];
serviceConfig = {
Type = "oneshot";
RemainAfterExit = true;
ExecStop = "docker network rm -f seedbox-lite_seedbox-network";
};
script = ''
docker network inspect seedbox-lite_seedbox-network || docker network create seedbox-lite_seedbox-network --driver=bridge
'';
partOf = ["docker-compose-seedbox-lite-root.target"];
wantedBy = ["docker-compose-seedbox-lite-root.target"];
};
# Volumes
systemd.services."docker-volume-seedbox-lite_seedbox_cache" = {
path = [pkgs.docker];
serviceConfig = {
Type = "oneshot";
RemainAfterExit = true;
};
script = ''
docker volume inspect seedbox-lite_seedbox_cache || docker volume create seedbox-lite_seedbox_cache --driver=local
'';
partOf = ["docker-compose-seedbox-lite-root.target"];
wantedBy = ["docker-compose-seedbox-lite-root.target"];
};
systemd.services."docker-volume-seedbox-lite_seedbox_data" = {
path = [pkgs.docker];
serviceConfig = {
Type = "oneshot";
RemainAfterExit = true;
};
script = ''
docker volume inspect seedbox-lite_seedbox_data || docker volume create seedbox-lite_seedbox_data --driver=local
'';
partOf = ["docker-compose-seedbox-lite-root.target"];
wantedBy = ["docker-compose-seedbox-lite-root.target"];
};
# Builds
systemd.services."docker-build-seedbox-backend" = {
path = [pkgs.docker pkgs.git];
serviceConfig = {
Type = "oneshot";
TimeoutSec = 300;
};
script = ''
cd /tmp
git clone https://github.com/hotheadhacker/seedbox-lite.git && cd seedbox-lite/server || cd seedbox-lite/server
podman build -t compose2nix/seedbox-backend .
'';
};
systemd.services."docker-build-seedbox-frontend" = {
path = [pkgs.docker pkgs.git];
serviceConfig = {
Type = "oneshot";
TimeoutSec = 300;
};
script = ''
cd /tmp
git clone https://github.com/hotheadhacker/seedbox-lite.git && cd seedbox-lite/client || cd seedbox-lite/client
podman build -t compose2nix/seedbox-frontend --build-arg VITE_API_BASE_URL=http://localhost:${toString bport} .
'';
};
# Root service
# When started, this will automatically create all resources and start
# the containers. When stopped, this will teardown all resources.
systemd.targets."docker-compose-seedbox-lite-root" = {
unitConfig = {
Description = "Root target generated by compose2nix.";
};
wantedBy = ["multi-user.target"];
# Containers
virtualisation.oci-containers.containers."seedbox-backend" = {
image = "compose2nix/seedbox-backend";
volumes = [
"seedbox-lite_seedbox_cache:/app/cache:rw"
"seedbox-lite_seedbox_data:/app/data:rw"
];
ports = [
"${toString bport}:3000/tcp"
];
log-driver = "journald";
extraOptions = [
"--network-alias=seedbox-backend"
"--network=seedbox-lite_seedbox-network"
];
environment = {
NODE_ENV = "production";
ACCESS_PASSWORD = "temp_pass";
FRONTEND_URL = "http://localhost:${toString port}";
};
};
systemd.services."docker-seedbox-backend" = {
serviceConfig = {
Restart = lib.mkOverride 90 "always";
RestartMaxDelaySec = lib.mkOverride 90 "1m";
RestartSec = lib.mkOverride 90 "100ms";
RestartSteps = lib.mkOverride 90 9;
};
after = [
"docker-network-seedbox-lite_seedbox-network.service"
"docker-volume-seedbox-lite_seedbox_cache.service"
"docker-volume-seedbox-lite_seedbox_data.service"
];
requires = [
"docker-network-seedbox-lite_seedbox-network.service"
"docker-volume-seedbox-lite_seedbox_cache.service"
"docker-volume-seedbox-lite_seedbox_data.service"
];
partOf = [
"docker-compose-seedbox-lite-root.target"
];
wantedBy = [
"docker-compose-seedbox-lite-root.target"
];
};
virtualisation.oci-containers.containers."seedbox-frontend" = {
image = "compose2nix/seedbox-frontend";
ports = [
"${toString port}:8080/tcp"
];
dependsOn = [
"seedbox-backend"
];
log-driver = "journald";
extraOptions = [
"--network-alias=seedbox-frontend"
"--network=seedbox-lite_seedbox-network"
];
environment = {
NODE_ENV = "production";
ACCESS_PASSWORD = "temp_pass";
};
};
systemd.services."docker-seedbox-frontend" = {
serviceConfig = {
Restart = lib.mkOverride 90 "always";
RestartMaxDelaySec = lib.mkOverride 90 "1m";
RestartSec = lib.mkOverride 90 "100ms";
RestartSteps = lib.mkOverride 90 9;
};
after = [
"docker-network-seedbox-lite_seedbox-network.service"
];
requires = [
"docker-network-seedbox-lite_seedbox-network.service"
];
partOf = [
"docker-compose-seedbox-lite-root.target"
];
wantedBy = [
"docker-compose-seedbox-lite-root.target"
];
};
# Networks
systemd.services."docker-network-seedbox-lite_seedbox-network" = {
path = [pkgs.docker];
serviceConfig = {
Type = "oneshot";
RemainAfterExit = true;
ExecStop = "docker network rm -f seedbox-lite_seedbox-network";
};
script = ''
docker network inspect seedbox-lite_seedbox-network || docker network create seedbox-lite_seedbox-network --driver=bridge
'';
partOf = ["docker-compose-seedbox-lite-root.target"];
wantedBy = ["docker-compose-seedbox-lite-root.target"];
};
# Volumes
systemd.services."docker-volume-seedbox-lite_seedbox_cache" = {
path = [pkgs.docker];
serviceConfig = {
Type = "oneshot";
RemainAfterExit = true;
};
script = ''
docker volume inspect seedbox-lite_seedbox_cache || docker volume create seedbox-lite_seedbox_cache --driver=local
'';
partOf = ["docker-compose-seedbox-lite-root.target"];
wantedBy = ["docker-compose-seedbox-lite-root.target"];
};
systemd.services."docker-volume-seedbox-lite_seedbox_data" = {
path = [pkgs.docker];
serviceConfig = {
Type = "oneshot";
RemainAfterExit = true;
};
script = ''
docker volume inspect seedbox-lite_seedbox_data || docker volume create seedbox-lite_seedbox_data --driver=local
'';
partOf = ["docker-compose-seedbox-lite-root.target"];
wantedBy = ["docker-compose-seedbox-lite-root.target"];
};
# Builds
systemd.services."docker-build-seedbox-backend" = {
path = [pkgs.docker pkgs.git];
serviceConfig = {
Type = "oneshot";
TimeoutSec = 300;
};
script = ''
cd /tmp
git clone https://github.com/hotheadhacker/seedbox-lite.git && cd seedbox-lite/server || cd seedbox-lite/server
podman build -t compose2nix/seedbox-backend .
'';
};
systemd.services."docker-build-seedbox-frontend" = {
path = [pkgs.docker pkgs.git];
serviceConfig = {
Type = "oneshot";
TimeoutSec = 300;
};
script = ''
cd /tmp
git clone https://github.com/hotheadhacker/seedbox-lite.git && cd seedbox-lite/client || cd seedbox-lite/client
podman build -t compose2nix/seedbox-frontend --build-arg VITE_API_BASE_URL=http://localhost:${toString bport} .
'';
};
# Root service
# When started, this will automatically create all resources and start
# the containers. When stopped, this will teardown all resources.
systemd.targets."docker-compose-seedbox-lite-root" = {
unitConfig = {
Description = "Root target generated by compose2nix.";
};
wantedBy = ["multi-user.target"];
};
};
}