improvements
This commit is contained in:
parent
8caa32dc30
commit
8eac2df40e
|
|
@ -7,7 +7,6 @@
|
|||
./fonts.nix
|
||||
./fs.nix
|
||||
./gamemode.nix
|
||||
./gtk.nix
|
||||
./hardware.nix
|
||||
./location.nix
|
||||
./mullvad.nix
|
||||
|
|
|
|||
|
|
@ -1,7 +0,0 @@
|
|||
{pkgs, ...}: {
|
||||
xdg.portal.extraPortals = [
|
||||
pkgs.xdg-desktop-portal-gtk
|
||||
];
|
||||
|
||||
programs.dconf.enable = true;
|
||||
}
|
||||
|
|
@ -1,37 +1,39 @@
|
|||
{pkgs, ...}: {
|
||||
services.xserver = {
|
||||
enable = true;
|
||||
{
|
||||
lib,
|
||||
pkgs,
|
||||
...
|
||||
}: {
|
||||
services = {
|
||||
desktopManager.plasma6.enable = true;
|
||||
displayManager = {
|
||||
defaultSession = "plasma";
|
||||
sddm = {
|
||||
xserver = {
|
||||
enable = true;
|
||||
excludePackages = [pkgs.xterm];
|
||||
displayManager.sddm = {
|
||||
enable = true;
|
||||
wayland.enable = true;
|
||||
settings.Theme.CursorTheme = "breeze_cursors";
|
||||
};
|
||||
};
|
||||
excludePackages = [pkgs.xterm];
|
||||
};
|
||||
|
||||
environment = {
|
||||
systemPackages = [
|
||||
pkgs.discover
|
||||
pkgs.kate
|
||||
pkgs.sddm-kcm
|
||||
];
|
||||
systemPackages = with pkgs.kdePackages; [discover kate];
|
||||
sessionVariables = {
|
||||
SUDO_ASKPASS = pkgs.writeShellScript "kdialogaskpass" ''
|
||||
exec ${pkgs.kdialog} --password Askpass
|
||||
exec ${lib.getExe' pkgs.kdialog "kdialog"} --password Askpass
|
||||
'';
|
||||
MOZ_USE_XINPUT2 = "1";
|
||||
GDK_SCALE = "1";
|
||||
};
|
||||
};
|
||||
|
||||
xdg.portal.xdgOpenUsePortal = true;
|
||||
xdg.portal = {
|
||||
xdgOpenUsePortal = true;
|
||||
extraPortals = [pkgs.xdg-desktop-portal-gtk];
|
||||
};
|
||||
|
||||
programs = {
|
||||
kdeconnect.enable = true;
|
||||
partition-manager.enable = true;
|
||||
dconf.enable = true;
|
||||
};
|
||||
}
|
||||
|
|
|
|||
|
|
@ -10,7 +10,7 @@
|
|||
./fs.nix
|
||||
./fwupd.nix
|
||||
./git.nix
|
||||
./myvim.nix
|
||||
./neovim.nix
|
||||
./nix.nix
|
||||
./opengl.nix
|
||||
./readline.nix
|
||||
|
|
|
|||
|
|
@ -1,6 +1,6 @@
|
|||
{
|
||||
lib,
|
||||
inputs,
|
||||
lib,
|
||||
pkgs,
|
||||
...
|
||||
}: {
|
||||
|
|
@ -8,11 +8,6 @@
|
|||
package = inputs.myvim.packages.${pkgs.system}.default;
|
||||
in {
|
||||
systemPackages = [package];
|
||||
variables = let
|
||||
name = builtins.baseNameOf (lib.getExe package);
|
||||
in {
|
||||
EDITOR = name;
|
||||
VISUAL = name;
|
||||
};
|
||||
variables = lib.genAttrs ["EDITOR" "VISUAL"] (_: lib.getExe package);
|
||||
};
|
||||
}
|
||||
182
flake.lock
182
flake.lock
|
|
@ -8,11 +8,11 @@
|
|||
"systems": "systems"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1707830867,
|
||||
"narHash": "sha256-PAdwm5QqdlwIqGrfzzvzZubM+FXtilekQ/FA0cI49/o=",
|
||||
"lastModified": 1712079060,
|
||||
"narHash": "sha256-/JdiT9t+zzjChc5qQiF+jhrVhRt8figYH29rZO7pFe4=",
|
||||
"owner": "ryantm",
|
||||
"repo": "agenix",
|
||||
"rev": "8cb01a0e717311680e0cbca06a76cbceba6f3ed6",
|
||||
"rev": "1381a759b205dff7a6818733118d02253340fd5e",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
|
@ -69,11 +69,11 @@
|
|||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1708939976,
|
||||
"narHash": "sha256-O5+nFozxz2Vubpdl1YZtPrilcIXPcRAjqNdNE8oCRoA=",
|
||||
"lastModified": 1711099426,
|
||||
"narHash": "sha256-HzpgM/wc3aqpnHJJ2oDqPBkNsqWbW0WfWUO8lKu8nGk=",
|
||||
"owner": "numtide",
|
||||
"repo": "devshell",
|
||||
"rev": "5ddecd67edbd568ebe0a55905273e56cc82aabe3",
|
||||
"rev": "2d45b54ca4a183f2fdcf4b19c895b64fbf620ee8",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
|
@ -85,11 +85,11 @@
|
|||
"flake-compat": {
|
||||
"flake": false,
|
||||
"locked": {
|
||||
"lastModified": 1668681692,
|
||||
"narHash": "sha256-Ht91NGdewz8IQLtWZ9LCeNXMSXHUss+9COoqu6JLmXU=",
|
||||
"lastModified": 1696426674,
|
||||
"narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=",
|
||||
"owner": "edolstra",
|
||||
"repo": "flake-compat",
|
||||
"rev": "009399224d5e398d03b22badca40a37ac85412a1",
|
||||
"rev": "0f9255e01c2351cc7d116c072cb317785dd33b33",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
|
@ -133,11 +133,11 @@
|
|||
"nixpkgs-lib": "nixpkgs-lib"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1709336216,
|
||||
"narHash": "sha256-Dt/wOWeW6Sqm11Yh+2+t0dfEWxoMxGBvv3JpIocFl9E=",
|
||||
"lastModified": 1712014858,
|
||||
"narHash": "sha256-sB4SWl2lX95bExY2gMFG5HIzvva5AVMJd4Igm+GpZNw=",
|
||||
"owner": "hercules-ci",
|
||||
"repo": "flake-parts",
|
||||
"rev": "f7b3c975cf067e56e7cda6cb098ebe3fb4d74ca2",
|
||||
"rev": "9126214d0a59633752a136528f5f3b9aa8565b7d",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
|
@ -151,11 +151,11 @@
|
|||
"nixpkgs-lib": "nixpkgs-lib_2"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1709336216,
|
||||
"narHash": "sha256-Dt/wOWeW6Sqm11Yh+2+t0dfEWxoMxGBvv3JpIocFl9E=",
|
||||
"lastModified": 1712014858,
|
||||
"narHash": "sha256-sB4SWl2lX95bExY2gMFG5HIzvva5AVMJd4Igm+GpZNw=",
|
||||
"owner": "hercules-ci",
|
||||
"repo": "flake-parts",
|
||||
"rev": "f7b3c975cf067e56e7cda6cb098ebe3fb4d74ca2",
|
||||
"rev": "9126214d0a59633752a136528f5f3b9aa8565b7d",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
|
@ -188,7 +188,7 @@
|
|||
},
|
||||
"flake-utils": {
|
||||
"inputs": {
|
||||
"systems": "systems_2"
|
||||
"systems": "systems_3"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1701680307,
|
||||
|
|
@ -206,14 +206,14 @@
|
|||
},
|
||||
"flake-utils_2": {
|
||||
"inputs": {
|
||||
"systems": "systems_3"
|
||||
"systems": "systems_4"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1701680307,
|
||||
"narHash": "sha256-kAuep2h5ajznlPMD9rnQyffWG8EM/C73lejGofXvdM8=",
|
||||
"lastModified": 1710146030,
|
||||
"narHash": "sha256-SZ5L6eA7HJ/nmkzGG7/ISclqe6oZdOZTNoesiInkXPQ=",
|
||||
"owner": "numtide",
|
||||
"repo": "flake-utils",
|
||||
"rev": "4022d587cbbfd70fe950c1e2083a02621806a725",
|
||||
"rev": "b1d9ab70662946ef0850d488da1c9019f3a9752a",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
|
@ -232,11 +232,11 @@
|
|||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1703887061,
|
||||
"narHash": "sha256-gGPa9qWNc6eCXT/+Z5/zMkyYOuRZqeFZBDbopNZQkuY=",
|
||||
"lastModified": 1709087332,
|
||||
"narHash": "sha256-HG2cCnktfHsKV0s4XW83gU3F57gaTljL9KNSuG6bnQs=",
|
||||
"owner": "hercules-ci",
|
||||
"repo": "gitignore.nix",
|
||||
"rev": "43e1aa1308018f37118e34d3a9cb4f5e75dc11d5",
|
||||
"rev": "637db329424fd7e46cf4185293b9cc8c88c95394",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
|
@ -247,11 +247,11 @@
|
|||
},
|
||||
"hardware": {
|
||||
"locked": {
|
||||
"lastModified": 1709410583,
|
||||
"narHash": "sha256-esOSUoQ7mblwcsSea0K17McZuwAIjoS6dq/4b83+lvw=",
|
||||
"lastModified": 1711352745,
|
||||
"narHash": "sha256-luvqik+i3HTvCbXQZgB6uggvEcxI9uae0nmrgtXJ17U=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixos-hardware",
|
||||
"rev": "59e37017b9ed31dee303dbbd4531c594df95cfbc",
|
||||
"rev": "9a763a7acc4cfbb8603bb0231fec3eda864f81c0",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
|
@ -290,11 +290,11 @@
|
|||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1709578243,
|
||||
"narHash": "sha256-hF96D+c2PBmAFhymMw3z8hou++lqKtZ7IzpFbYeL1/Y=",
|
||||
"lastModified": 1711625603,
|
||||
"narHash": "sha256-W+9dfqA9bqUIBV5u7jaIARAzMe3kTq/Hp2SpSVXKRQw=",
|
||||
"owner": "nix-community",
|
||||
"repo": "home-manager",
|
||||
"rev": "23ff9821bcaec12981e32049e8687f25f11e5ef3",
|
||||
"rev": "c0ef0dab55611c676ad7539bf4e41b3ec6fa87d2",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
|
@ -323,16 +323,14 @@
|
|||
"blobs": "blobs",
|
||||
"flake-compat": "flake-compat",
|
||||
"nixpkgs": "nixpkgs_2",
|
||||
"nixpkgs-23_05": "nixpkgs-23_05",
|
||||
"nixpkgs-23_11": "nixpkgs-23_11",
|
||||
"utils": "utils"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1709905972,
|
||||
"narHash": "sha256-18OF2/ypr0n4Lp6Fk5SLHPu12ok6jM+Hv3sC0PCim0Q=",
|
||||
"lastModified": 1710449465,
|
||||
"narHash": "sha256-2orO8nfplp6uQJBFqKkj1iyNMC6TysmwbWwbb4osTag=",
|
||||
"owner": "simple-nixos-mailserver",
|
||||
"repo": "nixos-mailserver",
|
||||
"rev": "572c1b4d69deea1093ac231c37927cfa8ccad477",
|
||||
"rev": "79c8cfcd5873a85559da6201b116fb38b490d030",
|
||||
"type": "gitlab"
|
||||
},
|
||||
"original": {
|
||||
|
|
@ -348,11 +346,11 @@
|
|||
"nixvim": "nixvim"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1710094655,
|
||||
"narHash": "sha256-Fu9eyHnh4YdXqXMnfBMfe2NJ13hapLU3QflaSKIZM1E=",
|
||||
"lastModified": 1712249134,
|
||||
"narHash": "sha256-kA0BE1jlr60csxeJ4KxsJmhQRno9ozZ6sFqopPWcNNA=",
|
||||
"owner": "lukaswrz",
|
||||
"repo": "myvim",
|
||||
"rev": "79c22dbccbb4d87b3af6ffc933f71f4ca2d7873f",
|
||||
"rev": "8520c624b044f4652aedc9eb76e84e46099df779",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
|
@ -370,11 +368,11 @@
|
|||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1709554374,
|
||||
"narHash": "sha256-1yYgwxBzia+QrOaQaZ6YKqGFfiQcSBwYLzd9XRsRLQY=",
|
||||
"lastModified": 1711763326,
|
||||
"narHash": "sha256-sXcesZWKXFlEQ8oyGHnfk4xc9f2Ip0X/+YZOq3sKviI=",
|
||||
"owner": "lnl7",
|
||||
"repo": "nix-darwin",
|
||||
"rev": "daa03606dfb5296a22e842acb02b46c1c4e9f5e7",
|
||||
"rev": "36524adc31566655f2f4d55ad6b875fb5c1a4083",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
|
@ -399,44 +397,14 @@
|
|||
"type": "github"
|
||||
}
|
||||
},
|
||||
"nixpkgs-23_05": {
|
||||
"locked": {
|
||||
"lastModified": 1704290814,
|
||||
"narHash": "sha256-LWvKHp7kGxk/GEtlrGYV68qIvPHkU9iToomNFGagixU=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "70bdadeb94ffc8806c0570eb5c2695ad29f0e421",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"id": "nixpkgs",
|
||||
"ref": "nixos-23.05",
|
||||
"type": "indirect"
|
||||
}
|
||||
},
|
||||
"nixpkgs-23_11": {
|
||||
"locked": {
|
||||
"lastModified": 1706098335,
|
||||
"narHash": "sha256-r3dWjT8P9/Ah5m5ul4WqIWD8muj5F+/gbCdjiNVBKmU=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "a77ab169a83a4175169d78684ddd2e54486ac651",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"id": "nixpkgs",
|
||||
"ref": "nixos-23.11",
|
||||
"type": "indirect"
|
||||
}
|
||||
},
|
||||
"nixpkgs-lib": {
|
||||
"locked": {
|
||||
"dir": "lib",
|
||||
"lastModified": 1709237383,
|
||||
"narHash": "sha256-cy6ArO4k5qTx+l5o+0mL9f5fa86tYUX3ozE1S+Txlds=",
|
||||
"lastModified": 1711703276,
|
||||
"narHash": "sha256-iMUFArF0WCatKK6RzfUJknjem0H9m4KgorO/p3Dopkk=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "1536926ef5621b09bba54035ae2bb6d806d72ac8",
|
||||
"rev": "d8fe5e6c92d0d190646fb9f1056741a229980089",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
|
@ -450,11 +418,11 @@
|
|||
"nixpkgs-lib_2": {
|
||||
"locked": {
|
||||
"dir": "lib",
|
||||
"lastModified": 1709237383,
|
||||
"narHash": "sha256-cy6ArO4k5qTx+l5o+0mL9f5fa86tYUX3ozE1S+Txlds=",
|
||||
"lastModified": 1711703276,
|
||||
"narHash": "sha256-iMUFArF0WCatKK6RzfUJknjem0H9m4KgorO/p3Dopkk=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "1536926ef5621b09bba54035ae2bb6d806d72ac8",
|
||||
"rev": "d8fe5e6c92d0d190646fb9f1056741a229980089",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
|
@ -467,11 +435,11 @@
|
|||
},
|
||||
"nixpkgs_2": {
|
||||
"locked": {
|
||||
"lastModified": 1705856552,
|
||||
"narHash": "sha256-JXfnuEf5Yd6bhMs/uvM67/joxYKoysyE3M2k6T3eWbg=",
|
||||
"lastModified": 1709703039,
|
||||
"narHash": "sha256-6hqgQ8OK6gsMu1VtcGKBxKQInRLHtzulDo9Z5jxHEFY=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "612f97239e2cc474c13c9dafa0df378058c5ad8d",
|
||||
"rev": "9df3e30ce24fd28c7b3e2de0d986769db5d6225d",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
|
@ -482,11 +450,11 @@
|
|||
},
|
||||
"nixpkgs_3": {
|
||||
"locked": {
|
||||
"lastModified": 1709703039,
|
||||
"narHash": "sha256-6hqgQ8OK6gsMu1VtcGKBxKQInRLHtzulDo9Z5jxHEFY=",
|
||||
"lastModified": 1712163089,
|
||||
"narHash": "sha256-Um+8kTIrC19vD4/lUCN9/cU9kcOsD1O1m+axJqQPyMM=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "9df3e30ce24fd28c7b3e2de0d986769db5d6225d",
|
||||
"rev": "fd281bd6b7d3e32ddfa399853946f782553163b5",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
|
@ -498,11 +466,11 @@
|
|||
},
|
||||
"nixpkgs_4": {
|
||||
"locked": {
|
||||
"lastModified": 1709479366,
|
||||
"narHash": "sha256-n6F0n8UV6lnTZbYPl1A9q1BS0p4hduAv1mGAP17CVd0=",
|
||||
"lastModified": 1711703276,
|
||||
"narHash": "sha256-iMUFArF0WCatKK6RzfUJknjem0H9m4KgorO/p3Dopkk=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "b8697e57f10292a6165a20f03d2f42920dfaf973",
|
||||
"rev": "d8fe5e6c92d0d190646fb9f1056741a229980089",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
|
@ -514,11 +482,11 @@
|
|||
},
|
||||
"nixpkgs_5": {
|
||||
"locked": {
|
||||
"lastModified": 1709703039,
|
||||
"narHash": "sha256-6hqgQ8OK6gsMu1VtcGKBxKQInRLHtzulDo9Z5jxHEFY=",
|
||||
"lastModified": 1712163089,
|
||||
"narHash": "sha256-Um+8kTIrC19vD4/lUCN9/cU9kcOsD1O1m+axJqQPyMM=",
|
||||
"owner": "NixOS",
|
||||
"repo": "nixpkgs",
|
||||
"rev": "9df3e30ce24fd28c7b3e2de0d986769db5d6225d",
|
||||
"rev": "fd281bd6b7d3e32ddfa399853946f782553163b5",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
|
@ -539,11 +507,11 @@
|
|||
"pre-commit-hooks": "pre-commit-hooks"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1709939045,
|
||||
"narHash": "sha256-cnh6ffM9DtulbQTZozM8ya1i7gjpbG7+n8udSTaYzrM=",
|
||||
"lastModified": 1712234256,
|
||||
"narHash": "sha256-UKt7HrwYc9xab+gDb5C24V75MVKfHW2VsZ6qL28my6Q=",
|
||||
"owner": "nix-community",
|
||||
"repo": "nixvim",
|
||||
"rev": "8569b5c5506247423c39f2b3a0739f12fde41e38",
|
||||
"rev": "2c99cefa913c8afb8fa08e53608c6f8bd5a2e5c4",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
|
@ -569,11 +537,11 @@
|
|||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1708018599,
|
||||
"narHash": "sha256-M+Ng6+SePmA8g06CmUZWi1AjG2tFBX9WCXElBHEKnyM=",
|
||||
"lastModified": 1711760932,
|
||||
"narHash": "sha256-DqUTQ2iAAqSDwMhKBqvi24v0Oc7pD3LCK/0FCG//TdA=",
|
||||
"owner": "cachix",
|
||||
"repo": "pre-commit-hooks.nix",
|
||||
"rev": "5df5a70ad7575f6601d91f0efec95dd9bc619431",
|
||||
"rev": "c11e43aed6f17336c25cd120eac886b96c455731",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
|
@ -638,13 +606,31 @@
|
|||
"type": "github"
|
||||
}
|
||||
},
|
||||
"utils": {
|
||||
"systems_4": {
|
||||
"locked": {
|
||||
"lastModified": 1605370193,
|
||||
"narHash": "sha256-YyMTf3URDL/otKdKgtoMChu4vfVL3vCMkRqpGifhUn0=",
|
||||
"lastModified": 1681028828,
|
||||
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
|
||||
"owner": "nix-systems",
|
||||
"repo": "default",
|
||||
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
"owner": "nix-systems",
|
||||
"repo": "default",
|
||||
"type": "github"
|
||||
}
|
||||
},
|
||||
"utils": {
|
||||
"inputs": {
|
||||
"systems": "systems_2"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1709126324,
|
||||
"narHash": "sha256-q6EQdSeUZOG26WelxqkmR7kArjgWCdw5sfJVHPH/7j8=",
|
||||
"owner": "numtide",
|
||||
"repo": "flake-utils",
|
||||
"rev": "5021eac20303a61fafe17224c087f5519baed54d",
|
||||
"rev": "d465f4819400de7c8d874d50b982301f28a84605",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
|
|
|||
|
|
@ -31,6 +31,7 @@
|
|||
inputs.agenix.nixosModules.default
|
||||
inputs.mailserver.nixosModule
|
||||
|
||||
./modules
|
||||
./common
|
||||
./class/${class}
|
||||
./hosts/${name}
|
||||
|
|
|
|||
67
hosts/abacus/hiraeth.nix
Normal file
67
hosts/abacus/hiraeth.nix
Normal file
|
|
@ -0,0 +1,67 @@
|
|||
{
|
||||
config,
|
||||
lib,
|
||||
...
|
||||
}: {
|
||||
# TODO
|
||||
age.secrets = {
|
||||
hiraeth-jwt-sign-key = {
|
||||
file = ../../secrets/hiraeth-jwt-sign-key.age;
|
||||
owner = "hiraeth";
|
||||
group = "hiraeth";
|
||||
};
|
||||
|
||||
hiraeth-jwt-verify-key = {
|
||||
file = ../../secrets/hiraeth-jwt-verify-key.age;
|
||||
owner = "hiraeth";
|
||||
group = "hiraeth";
|
||||
};
|
||||
};
|
||||
|
||||
services = {
|
||||
postgresql = {
|
||||
enable = lib.mkDefault true;
|
||||
|
||||
ensureDatabases = ["hiraeth"];
|
||||
ensureUsers = [
|
||||
{
|
||||
name = "hiraeth";
|
||||
ensureDBOwnership = true;
|
||||
}
|
||||
];
|
||||
};
|
||||
|
||||
hiraeth = {
|
||||
enable = true;
|
||||
settings = {
|
||||
address = "127.0.0.1:8040";
|
||||
name = "hiraeth";
|
||||
db_type = "postgres";
|
||||
datadir = "/var/lib/hiraeth";
|
||||
dsn = "host=/run/postgresql user=hiraeth";
|
||||
jwt_sign_key_file = config.age.secrets.hiraeth-jwt-sign-key.path;
|
||||
jwt_verify_key_file = config.age.secrets.hiraeth-jwt-verify-key.path;
|
||||
chunk_size = 1024 * 1024 * 128;
|
||||
timeout = 60;
|
||||
inline_types = [
|
||||
"application/pdf"
|
||||
"audio/mpeg"
|
||||
"audio/flac"
|
||||
"audio/vorbis"
|
||||
"image/jpeg"
|
||||
"image/png"
|
||||
"text/plain"
|
||||
"video/mp4"
|
||||
];
|
||||
};
|
||||
};
|
||||
|
||||
nginx.virtualHosts."share.${config.networking.domain}" = {
|
||||
enableACME = true;
|
||||
forceSSL = true;
|
||||
quic = true;
|
||||
|
||||
locations."/".proxyPass = "http://${config.services.hiraeth.settings.address}";
|
||||
};
|
||||
};
|
||||
}
|
||||
5
modules/default.nix
Normal file
5
modules/default.nix
Normal file
|
|
@ -0,0 +1,5 @@
|
|||
{
|
||||
imports = [
|
||||
./hiraeth.nix
|
||||
];
|
||||
}
|
||||
75
modules/hiraeth.nix
Normal file
75
modules/hiraeth.nix
Normal file
|
|
@ -0,0 +1,75 @@
|
|||
{
|
||||
config,
|
||||
lib,
|
||||
pkgs,
|
||||
...
|
||||
}: let
|
||||
cfg = config.services.hiraeth;
|
||||
settingsFormat = pkgs.formats.toml {};
|
||||
in {
|
||||
options.services.hiraeth = {
|
||||
enable = lib.mkEnableOption "hiraeth";
|
||||
package = lib.mkPackageOption pkgs "hiraeth" {};
|
||||
settings = lib.mkOption {
|
||||
type = settingsFormat.type;
|
||||
default = {};
|
||||
};
|
||||
};
|
||||
|
||||
config = lib.mkIf cfg.enable {
|
||||
systemd.services.hiraeth = {
|
||||
description = "Hiraeth File Sharing Service";
|
||||
after = ["network.target"];
|
||||
wantedBy = ["multi-user.target"];
|
||||
|
||||
serviceConfig = {
|
||||
Type = "simple";
|
||||
User = config.users.users.hiraeth.name;
|
||||
Group = config.users.groups.hiraeth.name;
|
||||
StateDirectory = "hiraeth";
|
||||
StateDirectoryMode = "0700";
|
||||
UMask = "0077";
|
||||
WorkingDirectory = "/var/lib/hiraeth";
|
||||
ExecStart = "${pkgs.getExe' cfg.package "hiraeth"} run";
|
||||
Restart = "always";
|
||||
TimeoutSec = 10;
|
||||
ReadOnlyPaths = "/etc/hiraeth/hiraeth.toml";
|
||||
DevicePolicy = "closed";
|
||||
LockPersonality = true;
|
||||
MemoryDenyWriteExecute = true;
|
||||
NoNewPrivileges = true;
|
||||
PrivateDevices = true;
|
||||
ProtectHome = "read-only";
|
||||
PrivateTmp = true;
|
||||
PrivateUsers = true;
|
||||
ProtectControlGroups = true;
|
||||
ProtectHostname = true;
|
||||
ProtectKernelLogs = true;
|
||||
ProtectKernelModules = true;
|
||||
ProtectKernelTunables = true;
|
||||
ProtectSystem = "strict";
|
||||
RemoveIPC = true;
|
||||
RestrictAddressFamilies = ["AF_INET" "AF_INET6"];
|
||||
RestrictNamespaces = true;
|
||||
RestrictRealtime = true;
|
||||
RestrictSUIDSGID = true;
|
||||
};
|
||||
};
|
||||
|
||||
users = {
|
||||
users.hiraeth = {
|
||||
isSystemUser = true;
|
||||
group = config.users.groups.hiraeth.name;
|
||||
};
|
||||
groups.hiraeth = {};
|
||||
};
|
||||
|
||||
environment.etc."hiraeth/hiraeth.toml" = {
|
||||
source = settingsFormat.generate "hiraeth.toml" cfg.settings;
|
||||
|
||||
mode = "0440";
|
||||
user = config.users.users.hiraeth.name;
|
||||
group = config.users.users.hiraeth.group;
|
||||
};
|
||||
};
|
||||
}
|
||||
Loading…
Reference in a new issue