modularize configs

modules/home-manager/common.nix

@@ -0,0 +1,65 @@
+# ~/nixconfig/modules.new/home-manager/common.nix
+{
+  config,
+  pkgs,
+  lib,
+  ... 
+}:
+
+{
+  programs.git = {
+    enable = true;
+    userName = "death916";
+    userEmail = "mail@trentnelson.dev";
+    extraConfig = {
+      credential.helper = "store";
+    };
+  };
+
+  programs.tmux.enable = true;
+
+  programs.helix = {
+    enable = true;
+    settings = {
+      theme = "autumn_night_transparent";
+      editor = {
+        cursor-shape = {
+          normal = "block";
+          insert = "bar";
+          select = "underline";
+        };
+        true-color = true;
+        soft-wrap = { enable = true; };
+      };
+    };
+    languages.language = [
+      {
+        name = "nix";
+        auto-format = true;
+        formatter.command = lib.getExe pkgs.nixfmt-rfc-style;
+      }
+      {
+        name = "python";
+        language-servers = [ "pylsp" ];
+        auto-format = true;
+      }
+    ];
+    themes = {
+      autumn_night_transparent = {
+        "inherits" = "autumn_night";
+        "ui.background" = { };
+      };
+    };
+    extraPackages = [ pkgs.python3Packages.python-lsp-server ];
+  };
+
+  programs.atuin = {
+    enable = true;
+    settings = { search_mode = "fuzzy"; };
+  };
+
+  home.sessionVariables = { EDITOR = "hx"; };
+
+  home.stateVersion = "24.11";
+  programs.home-manager.enable = true;
+}

modules/home-manager/default.nix

@@ -1,6 +0,0 @@
-# Add your reusable home-manager modules to this directory, on their own file (https://nixos.wiki/wiki/Module).
-# These should be stuff you would like to share with others, not your personal configurations.
-{
-  # List your module files here
-  # my-module = import ./my-module.nix;
-}

modules/nixos/common/base.nix

@@ -0,0 +1,21 @@
+# ~/nixconfig/modules.new/nixos/common/base.nix
+{
+  config,
+  lib,
+  pkgs,
+  inputs,
+  ... 
+}:
+
+{
+  boot.loader.systemd-boot.enable = true;
+  boot.loader.efi.canTouchEfiVariables = true;
+  powerManagement.cpuFreqGovernor = "ondemand"; # hopefully fix low cpu freq
+  hardware.cpu.amd.updateMicrocode = true; # same
+
+  time.timeZone = "America/Los_Angeles";
+
+  nix.settings.experimental-features = [ "nix-command" "flakes" ];
+
+  system.stateVersion = "24.11";
+}

modules/nixos/common/tailscale.nix

@@ -0,0 +1,15 @@
+# ~/nixconfig/modules.new/nixos/common/tailscale.nix
+{
+  config,
+  pkgs,
+  ... 
+}:
+
+{
+  services.tailscale = {
+    enable = true;
+    useRoutingFeatures = "both";
+  };
+
+  networking.firewall.checkReversePath = "loose";
+}

modules/nixos/default.nix

@@ -1,6 +0,0 @@
-# Add your reusable NixOS modules to this directory, on their own file (https://nixos.wiki/wiki/Module).
-# These should be stuff you would like to share with others, not your personal configurations.
-{
-  # List your module files here
-  # my-module = import ./my-module.nix;
-}

modules/nixos/homelab/networking.nix

@@ -0,0 +1,64 @@
+# ~/nixconfig/modules.new/nixos/homelab/networking.nix
+{
+  config,
+  pkgs,
+  ... 
+}:
+
+{
+  networking.hostName = "homelab";
+
+  boot.initrd.kernelModules = [ "dm_mod" "dm_thin_pool" ];
+  boot.initrd.availableKernelModules = [ "ext4" "xfs" ];
+
+  services.lvm.enable = true;
+  services.lvm.boot.thin.enable = true;
+
+  fileSystems."/media" = {
+    device = "/dev/media/vm-101-disk-0";
+    fsType = "ext4";
+    options = [ "defaults" "nofail" ];
+  };
+
+  fileSystems."/storage" = {
+    device = "/dev/Storage/data_lv";
+    fsType = "ext4";
+    options = [ "defaults" "nofail" ];
+  };
+
+  networking.nftables.enable = true;
+  networking.firewall.enable = true;
+  networking.firewall.allowedTCPPorts = [ 22 53 8096 ];
+  networking.firewall.allowedUDPPorts = [ 53 ];
+
+  networking.bridges.br0.interfaces = [ "enp41s0" ];
+
+  networking.interfaces.br0 = {
+    ipv4.addresses = [
+      {
+        address = "192.168.0.116";
+        prefixLength = 24;
+      }
+    ];
+  };
+
+  networking.defaultGateway = "192.168.0.1";
+  networking.nameservers = [ "192.168.0.116" ];
+
+  networking.interfaces.enp41s0.useDHCP = false;
+
+  networking.firewall.trustedInterfaces = [ "tailscale0" "docker0" "br0" ];
+
+  services.openssh = {
+    enable = true;
+    ports = [ 22 ];
+    openFirewall = true;
+    settings.PasswordAuthentication = false;
+    settings.PermitRootLogin = "no";
+  };
+
+  boot.kernel.sysctl = {
+    "net.ipv4.ip_forward" = 1;
+    "net.ipv6.conf.all.forwarding" = 1;
+  };
+}

modules/nixos/homelab/services.nix

@@ -0,0 +1,161 @@
+# ~/nixconfig/modules.new/nixos/homelab/services.nix
+{
+  config,
+  pkgs,
+  ... 
+}:
+
+{
+  arrSuite.enable = true;
+  services.samba.shares.Media.path = "/media/storage/media";
+
+  virtualisation.incus.enable = true;
+
+  users.users.death916.extraGroups = config.users.users.death916.extraGroups ++ [ "media_services" "nextcloud" "docker" "qbittorent" "incus-admin" ];
+
+  users.users.audiobookshelf = {
+    isSystemUser = true;
+    group = "media_services";
+  };
+
+  users.groups.media_services = { };
+
+  services.plex = {
+    enable = true;
+    openFirewall = true;
+    user = "death916";
+  };
+
+  services.audiobookshelf = {
+    enable = true;
+    user = "audiobookshelf";
+    group = "media_services";
+    host = "0.0.0.0";
+    port = 13378;
+  };
+
+  services.netdata = {
+    enable = true;
+    config = {
+      global = {
+        "memory mode" = "ram";
+        "debug log" = "none";
+        "access log" = "none";
+        "error log" = "syslog";
+      };
+    };
+  };
+
+  users.users.qbittorrent.extraGroups = [ "media_services" ];
+  users.groups.qbittorrent = { };
+
+  services.qbittorrent = {
+    enable = true;
+    dataDir = "/media/storage/media/downloads/";
+    user = "qbittorrent";
+    group = "qbittorrent";
+    port = 8090;
+    openFirewall = true;
+    package = pkgs.qbittorrent-nox;
+  };
+
+  systemd.tmpfiles.rules = [
+    "d /media/storage/media/downloads/qBittorrent 0775 root media_services - -"
+    "d /storage/services/qbittorrent 0755 qbittorrent qbittorrent - -"
+    "d /storage/services/qbittorrent/config 0755 qbittorrent qbittorrent - -"
+  ];
+
+  services.jellyfin.enable = true;
+
+  services.actual = {
+    enable = true;
+    settings = {
+      port = 5006;
+    };
+  };
+
+  virtualisation.docker.enable = true;
+
+  virtualisation.oci-containers = {
+    backend = "docker";
+    containers = {
+      dufs = {
+        image = "sigoden/dufs:latest";
+        ports = [ "5000:5000" ];
+        volumes = [ "/media/storage/media/:/data" ];
+        cmd = [ "/data" "-A" ];
+      };
+      c2c-scraper = {
+        image = "death916/c2cscrape:latest";
+        volumes = [
+          "/media/storage/media/books/audio/podcasts/C2C:/downloads"
+          "/media/storage/media/docker/volumes/c2cscrape:/app/data"
+        ];
+        environment = { TZ = "America/Los_Angeles"; };
+        autoStart = true;
+        extraOptions = [ "--dns=8.8.8.8" ];
+      };
+      adguardhome = {
+        image = "adguard/adguardhome:latest";
+        autoStart = true;
+        volumes = [
+          "/storage/services/adguard/work:/opt/adguardhome/work"
+          "/storage/services/adguard/data:/opt/adguardhome/conf"
+        ];
+        extraOptions = [ "--network=host" ];
+      };
+    };
+  };
+
+  systemd.services.kopia-backup = {
+    description = "Kopia backup service for NixOS server";
+    serviceConfig = {
+      Type = "oneshot";
+      User = "root";
+      ExecStart = "/usr/local/bin/nixos-kopia-backup.sh";
+      path = with pkgs; [ coreutils kopia ];
+    };
+  };
+
+  systemd.timers.kopia-backup = {
+    description = "Daily Kopia backup timer";
+    wantedBy = [ "timers.target" ];
+    partOf = [ "kopia-backup.service" ];
+    timerConfig = {
+      OnCalendar = "hourly";
+      Persistent = true;
+      Unit = "kopia-backup.service";
+    };
+  };
+
+  users.users.adguardhome = {
+    isSystemUser = true;
+    group = "adguardhome";
+    extraGroups = [ "adgaurdhome-access" ];
+  };
+  users.groups.adguardhome-access = { };
+  users.groups.adguardhome = { };
+
+  security.sudo.wheelNeedsPassword = true;
+
+  environment.systemPackages = with pkgs; [
+    git
+    vim
+    htop
+    tmux
+    tailscale
+    lvm2
+    rsync
+    multipath-tools
+    btop
+    wget
+    pkgs.jellyfin-web
+    pkgs.jellyfin-ffmpeg
+    pkgs.jellyfin
+    unzip
+    kopia
+    manix
+    nh
+    qemu
+  ];
+}

modules/nixos/homelab/user.nix

@@ -0,0 +1,19 @@
+# ~/nixconfig/modules.new/nixos/homelab/user.nix
+{
+  config,
+  pkgs,
+  primaryUser,
+  ... 
+}:
+
+{
+  users.users.${primaryUser} = {
+    isNormalUser = true;
+    home = "/home/${primaryUser}";
+    description = "${primaryUser}";
+    extraGroups = [ "wheel" "media_services" "nextcloud" "docker" "qbittorent" "incus-admin" ];
+    openssh.authorizedKeys.keys = [
+      "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCte9KjJUSn4xBPEKCk9QER6+jF+C0uBatVl27zIamYsryyHdFrmqK2DAg7OhqTHqzjxID6sp6d57MsJqOUAtwXbUDMLffqBSerUxfTm+1SPDrhL0GSvo0QVjMLVseOEq8d2qXgW1R7dIk412VbO5e9SAump5aJOHI/SzT6VLoUczalmqrjnDacWQMeLu/TSOZHcfrhjYSg+b1xbc1vHp6C4obOb8JIj/anAieT/1P36MhlNW79ow6PWenLemBYeeezFrKtESF1oMc8jmcxogzgLamlqhKYAHlKhOuBF6u0nRneI5IPDbbMF5zwEv5szCEKj8XZJVYUk8uUg7ARyppjcA7yAXuaNKBNxa7tfjqWrDWOACn97ufE5FFJt0XH5JzkXcDh96K8ZSZaWxMRu2s+GlIu/1F415xtVfe1d79HYkWke/ewaQ4NqgOt8f7wRvyzabpQZDzkaXO0UoK65O2HyUur33XWCEmV+1pB6BrS8pD+1I4Tvbnc+rOgtHTTRfKqezKqZmaErEOxClBwvWjvn0PzhGSoClTGXPjhl239/sH0JGY09dTBh8GtAVbfv+jFO6nm6aR7O/OwSaohY3uOdRo8XyxJr4XyGAaBNRdm6BUJRnB4W51J49IQBZzIe2NUkNMHeUT4jkxFpfhkujnSFw2ZnOLkERpwkltAlbwuLw== tavn1992@gmail.com"
+    ];
+  };
+}

modules/nixos/laptop/desktop.nix

@@ -0,0 +1,51 @@
+# ~/nixconfig/modules.new/nixos/laptop/desktop.nix
+{
+  config,
+  pkgs,
+  inputs,
+  ... 
+}:
+
+{
+  services.xserver.enable = true;
+  services.gnome.gnome-keyring.enable = true;
+  services.dbus.enable = true; # for nextcloud client
+  # Enable the GNOME Desktop Environment.
+  services.xserver.displayManager.gdm.enable = false;
+  services.xserver.desktopManager.gnome.enable = false;
+  #cosmic instead
+  services.desktopManager.cosmic.enable = true;
+  services.displayManager.cosmic-greeter.enable = true;
+  services.desktopManager.cosmic.xwayland.enable = true;
+
+  nix.settings.trusted-substituters = [ "https://cache.flox.dev" ];
+  nix.settings.trusted-public-keys = [
+    "flox-cache-public-1:7F4OyH7ZCnFhcze3fJdfyXYLQw/aV7GEed86nQ7IsOs="
+  ];
+
+  environment.systemPackages = with pkgs; [
+    git
+    vim
+    wget
+    tailscale
+    halloy # Add halloy to your system packages
+    conda
+    inputs.flox.packages.${pkgs.system}.flox
+    kopia-ui
+    stremio
+    wl-clipboard
+    tail-tray
+  ];
+
+  hardware.bluetooth.enable = true;
+  hardware.bluetooth.powerOnBoot = true;
+
+  programs.firefox.enable = true;
+  programs.nh = {
+    enable = true;
+    clean.enable = true;
+    clean.extraArgs = "--keep-since 7d --keep 10";
+    flake = "/home/death916/Documents/nix-config/";
+  };
+  services.fprintd.enable = true;
+}

modules/nixos/laptop/user.nix

@@ -0,0 +1,16 @@
+# ~/nixconfig/modules.new/nixos/laptop/user.nix
+{
+  config,
+  pkgs,
+  primaryUser,
+  ... 
+}:
+
+{
+  users.users.${primaryUser} = {
+    isNormalUser = true;
+    home = "/home/${primaryUser}";
+    description = "${primaryUser}";
+    extraGroups = [ "wheel" "networkmanager" ];
+  };
+}