n8r/nixos
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

added shared server config file and modules

Browse Source
This commit is contained in:
Nathan Anderson 2024-03-17 22:13:28 -06:00
parent 2f9f07b3e0
commit d1facb3be7
10 changed files with 300 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
flake.nix
View File

@ -21,12 +21,20 @@
in in
{ {
nixosConfigurations = { nixosConfigurations = {
nixServer = nixpkgs.lib.nixosSystem { luci = nixpkgs.lib.nixosSystem {
specialArgs = { inherit inputs; }; specialArgs = {
inherit inputs outputs timeZone system;
};
modules = [ modules = [
# nixpkgs.overlays = [ nur.overlay ]; inputs.home-manager.nixosModules.home-manager {
./nixos/server_configuration.nix home-manager.useGlobalPkgs = true;
inputs.home-manager.nixosModules.default home-manager.useUserPackages = true;
home-manager.users.luci = import ./luci/modules/home-manager/home.nix;
home-manager.extraSpecialArgs = {
inherit inputs outputs;
};
}
./luci/default.nix
]; ];
}; };
nate = nixpkgs.lib.nixosSystem { nate = nixpkgs.lib.nixosSystem {

31
luci/default.nix Normal file
View File

@ -0,0 +1,31 @@
{ ... }:
let
userName = "luci";
email = "luci@fosscat.com";
hostName = "luci";
in
{
imports = [
./nixos/hardware-configuration.nix
../shared/nix-gc.nix
../shared/server-configuration.nix
];
srvConfig = {
userName = userName;
hostName = hostName;
hostId = "09e1d908";
email = email;
sshEnable = true;
nfsEnable = true;
};
# deskCfg = {
# userName = userName;
# hostName = hostName;
# de = desktop;
# installGaming = gaming;
# };
nixGc.enable = true;
}

0
luci/modules/home-manager/home.nix Normal file
View File

6
luci/hardware-configuration.nix → luci/nixos/hardware-configuration.nix
View File

@ -38,6 +38,12 @@
fsType = "zfs"; fsType = "zfs";
}; };
# Bind mount for nfs export
fileSystems."/nfs_export" = {
device = "zdata/zdata/nfs";
options = [ "bind" ];
};
swapDevices = [ ]; swapDevices = [ ];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking # Enables DHCP on each ethernet and wireless interface. In case of scripted networking

11
nate/modules/home-manager/home.nix
View File

@ -36,7 +36,8 @@
# #
dbeaver dbeaver
cargo cargo
kakoune helix
# kakoune
# flutter316 # flutter316
docker docker
docker-compose docker-compose
@ -45,8 +46,7 @@
nodejs_21 nodejs_21
zig zig
### LSP's ### LSP's
kak-lsp nil # Nix LSP
rnix-lsp # Nix LSP
openscad-lsp openscad-lsp
nodePackages.typescript-language-server nodePackages.typescript-language-server
vscode-langservers-extracted # provides eslint, markdown, json, css, and html lsp vscode-langservers-extracted # provides eslint, markdown, json, css, and html lsp
@ -146,7 +146,7 @@
# /etc/profiles/per-user/nate/etc/profile.d/hm-session-vars.sh # /etc/profiles/per-user/nate/etc/profile.d/hm-session-vars.sh
# #
home.sessionVariables = { home.sessionVariables = {
EDITOR = "kak"; EDITOR = "hx";
XDG_CURRENT_DESKTOP="sway"; XDG_CURRENT_DESKTOP="sway";
}; };
@ -190,13 +190,14 @@
` `
cd $DIR cd $DIR
} }
alias p="fzf_projects source/" alias p="fzf_projects ~/source/"
alias ls="lsd" alias ls="lsd"
alias l="lsd --almost-all --long" alias l="lsd --almost-all --long"
alias llm="lsd --timesort --long" alias llm="lsd --timesort --long"
alias lS="lsd --oneline --classic" alias lS="lsd --oneline --classic"
alias lt="lsd --tree --depth=2" alias lt="lsd --tree --depth=2"
alias grep="rg"
''; '';
}; };

6
nate/nixos/hardware-configuration.nix
View File

@ -28,6 +28,12 @@
fsType = "ext4"; fsType = "ext4";
}; };
fileSystems."/home/nate/nfs" = {
device = "192.168.1.169:/nfs_export";
fsType = "nfs";
options = [ "nfsvers=4.2" "x-systemd.automount" "noauto" "x-systemd.idle-timeout=600" ]; # lazy mounting and auto disconnect after 600 seconds
};
swapDevices = [ ]; swapDevices = [ ];
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking # Enables DHCP on each ethernet and wireless interface. In case of scripted networking

80
shared/modules/apps/firefox/firefox.nix Normal file
View File

@ -0,0 +1,80 @@
{lib, config, pkgs, inputs, ...}:
let
cfg = config.firefoxApp;
in
{
# imports = [
# inputs.nur.hmModules.nur
# ];
options.firefoxApp = {
enable = lib.mkEnableOption "enable firefox browser";
};
config = lib.mkIf cfg.enable {
programs.firefox = {
# Add pipewire support
package = (pkgs.wrapFirefox (pkgs.firefox-unwrapped.override { pipewireSupport = true;}) {});
enable = true;
profiles = {
default = {
id = 0;
name = "default";
isDefault = true;
extensions = with pkgs; [
nur.repos.rycee.firefox-addons.darkreader
nur.repos.rycee.firefox-addons.keepassxc-browser
nur.repos.crazazy.firefox-addons.ublock-origin
];
search = {
# Replace default firefox search engine config with this one
force = true;
default = "Startpage";
engines = {
"Startpage" = {
urls = [{
template = "https://www.startpage.com/sp/search?query={searchTerms}";
}];
};
"Nix Packages" = {
urls = [{
template = "https://search.nixos.org/packages";
params = [
{ name = "type"; value = "packages"; }
{ name = "query"; value = "{searchTerms}"; }
];
}];
icon = "${pkgs.nixos-icons}/share/icons/hicolor/scalable/apps/nix-snowflake.svg";
definedAliases = [ "@np" ];
};
};
};
settings = {
"browser.startup.blankWindow" = true;
"browser.startup.homepage" = "https://www.startpage.com/do/mypage.pl?prfe=11898a1adf7b7dfb587580692f358773a11ca25e993b8e077476641cec033319e15f2449c345f5be919fd0a082015c3e4ed23143bd4337512466c04c2999831a54abca2eaeb42963c63ff064";
"browser.newtabpage.enabled" = false;
"browser.search.region" = "US";
"browser.search.isUS" = true;
"distribution.searchplugins.defaultLocale" = "en-US";
"general.useragent.locale" = "en-US";
"extensions.activeThemeID" = "{831b8843-7251-4306-9521-e688f18b4aeb}";
"privacy.trackingprotection.enable" = true;
"privacy.trackingprotection.emailtracking.enable" = true;
"privacy.trackingprotection.socialtracking.enable" = true;
"privacy.clearOnShutdown.cookies" = true;
"browser.safebrowsing.passwords.enabled" = false;
"browser.migrate.interactions.passwords" = false;
"pref.privacy.disable_button.view_passwords" = false;
"signon.rememberSignon" = false;
"extensions.formautofill.creditCards.enabled" = false;
"extensions.formautofill.addresses.enabled" = false;
"browser.toolbars.bookmarks.visibility" = "always";
# "browser.newtabpage.pinned" = [{
# title = "NixOS";
# url = "https://nixos.org";
# }];
};
};
};
};
};
}

53
shared/modules/user/main_user.nix Normal file
View File

@ -0,0 +1,53 @@
{ lib, config, pkgs, ... }:
let
cfg = config.main_user;
in
{
options.main_user = {
enable = lib.mkEnableOption "enable user module";
isDesktopUser = lib.mkOption {
default = false;
example = true;
description = "Add additional user groups for desktop users";
};
userName = lib.mkOption {
default = "mainuser";
description = "username";
};
};
config = lib.mkIf cfg.enable {
users.users.${cfg.userName} = lib.mkMerge [
{
isNormalUser = true;
initialPassword = "password";
description = "main user";
shell = pkgs.zsh;
}
(lib.mkIf (!cfg.isDesktopUser) {
extraGroups = [
"wheel"
"networkmanager"
cfg.userName
];
})
(lib.mkIf cfg.isDesktopUser {
extraGroups = [
"wheel"
"networkmanager"
"corectrl"
cfg.userName
"video"
"audio"
# For android
"adbusers"
];
})
];
};
}

28
shared/nix-gc.nix Normal file
View File

@ -0,0 +1,28 @@
{lib, pkgs, config, ...}:
let
cfg = config.nixGc;
in
{
options.nixGc = {
enable = lib.mkEnableOption "enable nix gc default settings";
};
config = lib.mkIf cfg.enable {
# Limit the number of generations to keep
boot.loader.systemd-boot.configurationLimit = 5;
# Perform garbage collection weekly to maintain low disk usage
nix.gc = {
automatic = true;
dates = "weekly";
options = "--delete-older-than 1w";
};
# Optimize storage
# You can also manually optimize the store via:
# nix-store --optimise
# Refer to the following link for more details:
# https://nixos.org/manual/nix/stable/command-ref/conf-file.html#conf-auto-optimise-store
nix.settings.auto-optimise-store = true;
};
}

77
shared/server-configuration.nix Normal file
View File

@ -0,0 +1,77 @@
{ config, lib, pkgs, timeZone, ... }:
let
srvConfig = config.serverConfig;
in
{
options.srvConfig = {
userName = lib.mkOption {
type = lib.types.str;
description = "Main username for system";
};
hostName = lib.mkOption {
type = lib.types.str;
description = "Hostname for system";
};
hostId = lib.mkOption {
type = lib.types.str;
description = "Host ID";
};
email = lib.mkOption {
type = lib.types.str;
description = "Email for server box";
};
sshEnable = lib.mkOption {
default = false;
description = "Whether to enable ssh server";
};
nfsEnable = lib.mkOption {
default = false;
};
};
imports = [
./modules/user/main_user.nix
];
# Enable flakes feature
nix.settings.experimental-features = [
"nix-command" "flakes"
];
boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true;
networking = {
hostId = srvConfig.hostId;
hostName = srvConfig.hostName; # Define your hostname.
# Pick only one of the below networking options.
# networking.wireless.enable = true; # Enables wireless support via wpa_supplicant.
networkmanager.enable = true; # Easiest to use and most distros use this by default.
};
time.timeZone = timeZone;
main_user = {
enable = true;
userName = srvConfig.userName;
isDesktopUser = false;
};
services.openssh = lib.mkIf srvConfig.sshEnable {
enable = true;
};
services.nfs.server = lib.mkIf srvConfig.nfsEnable {
enable = true;
exports = ''
/nfs_export 1192.168.1.149(rw,fsid=0,no_subtree_check)
'';
};
networking.firewall.allowedTCPPorts = [ 2049 ];
# networking.firewall.allowedTCPPorts = [ ... ];
# networking.firewall.allowedUDPPorts = [ ... ];
system.stateVersion = "23.11"; # Did you read the comment?
}