diff --git a/README.md b/README.md new file mode 100644 index 0000000..f93d53c --- /dev/null +++ b/README.md @@ -0,0 +1,71 @@ +# NixOS Configuration Refactor + +This document outlines the new, modular structure of the NixOS configuration and explains how to revert to the previous setup if necessary. + +## New Directory Structure + +The configuration has been reorganized to be more modular and easier to manage. Here is an overview of the new structure: + +``` +. +├── flake.nix +├── home-manager/ +│ ├── death916-homelab.nix +│ └── home.nix +├── modules/ +│ ├── home-manager/ +│ │ └── common.nix +│ └── nixos/ +│ ├── common/ +│ │ ├── base.nix +│ │ └── tailscale.nix +│ ├── homelab/ +│ │ ├── networking.nix +│ │ ├── services.nix +│ │ └── user.nix +│ └── laptop/ +│ ├── desktop.nix +│ └── user.nix +├── nixos/ +│ ├── configuration.nix +│ └── homelab.nix +├── old_config/ # <-- Your previous configuration is backed up here +└── scripts/ + └── nh-push # <-- New helper script +``` + +### Key Changes + +- **Modularization**: The main `configuration.nix` and `homelab.nix` files have been split into smaller, more focused modules located in the `modules/` directory. This makes the code cleaner and easier to navigate. +- **Shared vs. Specific Config**: Common settings shared between both the laptop and homelab are now in `modules/nixos/common/` and `modules/home-manager/common.nix`. Machine-specific configurations are in their respective `laptop/` and `homelab/` subdirectories. +- **`flake.nix`**: The flake now uses `specialArgs` to pass overlays and other shared values to the modules, reducing redundancy. +- **`nh-push` script**: A new script has been added at `scripts/nh-push`. This script wraps the `nh os switch` command and automatically runs `git push` after a successful build, streamlining the update process. + +## How to Revert the Changes + +If you encounter any issues with the new configuration, you can easily revert to your previous setup. Your old files are safely archived in the `old_config/` directory. + +To revert, follow these steps: + +1. **Delete the new configuration files**: + + ```bash + rm -rf flake.nix nixos/ modules/ home-manager/ scripts/ + ``` + +2. **Restore the old configuration from the backup**: + + ```bash + mv old_config/* . + rmdir old_config + ``` + +3. **Rebuild your system**: + + After restoring the files, run your usual NixOS rebuild command, for example: + + ```bash + sudo nixos-rebuild switch --flake .#homelab + ``` + +This will restore your system to the exact state it was in before these changes were made. diff --git a/flake.nix b/flake.nix index eed56fa..fdfa105 100644 --- a/flake.nix +++ b/flake.nix @@ -1,3 +1,4 @@ + # ~/Documents/nix-config/flake.nix { description = "NixOS configurations for laptop and homelab server"; @@ -35,41 +36,11 @@ let system = "x86_64-linux"; hmLib = home-manager.lib; + primaryUser = "death916"; - # pkgs for the 'nixos' (laptop) configuration - pkgsForLaptop = import nixpkgs { - inherit system; - overlays = [ - rust-overlay.overlays.default - (import ./overlays/halloy-overlay.nix) # Assuming this overlay is general - ]; - config = { - # Global config for laptop pkgs - allowUnfree = true; # Example, add if needed - }; - }; - - # pkgs for the 'homelab' configuration (main system pkgs) - pkgsForHomelab = import nixpkgs { - # Using the stable nixpkgs for homelab base - inherit system; - overlays = [ - ]; - config = { - # Global config for homelab pkgs - allowUnfree = true; # Example, add if needed - }; - }; - - # Unstable pkgs specifically for Home Assistant on homelab - pkgsUnstableForHA = import nixpkgs-unstable { - inherit system; - config = { - # Global config for unstable pkgs - allowUnfree = true; # Example - # If HA from unstable needs OpenSSL 1.1 - permittedInsecurePackages = [ "openssl-1.1.1w" ]; - }; + overlays = { + rust = rust-overlay.overlays.default; + halloy = import ./overlays/halloy-overlay.nix; }; in @@ -77,16 +48,8 @@ nixosConfigurations = { nixos = nixpkgs.lib.nixosSystem { inherit system; - specialArgs = { inherit inputs system; }; # pkgs will be set via module below + specialArgs = { inherit inputs system overlays primaryUser; }; # pkgs will be set via module below modules = [ - { - nixpkgs.pkgs = pkgsForLaptop; # Use the pkgs definition with overlays for 'nixos' - # nix.settings = { - # substituters = [ "https://cosmic.cachix.org/" ]; - # trusted-public-keys = [ "cosmic.cachix.org-1:Dya9IyXD4xdBehWjrkPv6rtxpmMdRel02smYzA85dPE=" ]; - # }; - } - #: nixos-cosmic.nixosModules.default ./nixos/configuration.nix home-manager.nixosModules.home-manager { @@ -104,15 +67,11 @@ inherit system; # Pass the unstable pkgs set for HA to the homelab configuration specialArgs = { - inherit inputs system; - unstablePkgsHA = pkgsUnstableForHA; + inherit inputs system overlays primaryUser; + unstablePkgsHA = import nixpkgs-unstable { inherit system; }; }; modules = [ - { nixpkgs.pkgs = pkgsForHomelab; } # Use the base pkgs definition for 'homelab' - # Import the unstable Home Assistant module - ./nixos/homelab.nix # Your main homelab config - ./nixos/hardware-homelab.nix # ./modules/home-assistant.nix # Your HA configuration module home-manager.nixosModules.home-manager { diff --git a/home-manager/death916-homelab.nix b/home-manager/death916-homelab.nix index bbc206f..393fbf2 100644 --- a/home-manager/death916-homelab.nix +++ b/home-manager/death916-homelab.nix @@ -1,93 +1,25 @@ -# ./home-manager/death916-homelab.nix +# ~/nixconfig/home-manager/death916-homelab.nix.new { config, pkgs, lib, inputs, - ... + ... }: { + imports = [ ../modules/home-manager/common.nix ]; + home.username = "death916"; home.homeDirectory = "/home/death916"; - # Basic shell configuration (can be more elaborate) - programs.bash.enable = true; - programs.git = { - enable = true; - userName = "death916"; - userEmail = "mail@trentnelson.dev"; - extraConfig = { - credential.helper = "store"; - }; - }; - - # Server-specific tools or dotfiles for death916 - programs.tmux.enable = true; # Example from your repo image - - # Example: Different shell prompt or aliases for server environment - # programs.bash.shellAliases = { - # ll = "ls -alh"; - # update-system = "sudo nixos-rebuild switch --flake /etc/nixos#homelab"; - # }; - - programs.helix = { - enable = true; - settings = { - theme = "autumn_night_transparent"; - editor = { - cursor-shape = { - normal = "block"; - insert = "bar"; - select = "underline"; - }; - true-color = true; - soft-wrap = { - enable = true; - }; - }; - }; - languages.language = [ - { - name = "nix"; - auto-format = true; - formatter.command = lib.getExe pkgs.nixfmt-rfc-style; - } - # Python configuration - { - name = "python"; - language-servers = [ "pylsp" ]; - auto-format = true; - } - ]; - themes = { - autumn_night_transparent = { - "inherits" = "autumn_night"; - "ui.background" = { }; - }; - }; - extraPackages = [ - pkgs.python3Packages.python-lsp-server # Required for pylsp - ]; - }; - - programs.atuin = { - enable = true; - settings = { - search_mode = "fuzzy"; - }; - }; + home.packages = with pkgs; [ - # Any user-specific packages for death916 on the server fastfetch wget zellij systemctl-tui gemini-cli ]; - - # Keep this consistent with your system's state version - home.stateVersion = "24.11"; - programs.home-manager.enable = true; } diff --git a/home-manager/home.nix b/home-manager/home.nix index 91fb467..69ac08c 100644 --- a/home-manager/home.nix +++ b/home-manager/home.nix @@ -1,9 +1,10 @@ +# ~/nixconfig/home-manager/home.nix.new { config, pkgs, lib, hmLib, - ... + ... }: let @@ -11,6 +12,8 @@ let tmuxai-pkg = pkgs.callPackage tmuxaiPackageDir { }; in { + imports = [ ../modules/home-manager/common.nix ]; + home.username = "death916"; home.homeDirectory = "/home/death916"; @@ -20,7 +23,6 @@ in }; home.packages = with pkgs; [ - fastfetch nnn zip xz @@ -65,72 +67,15 @@ in halloy tmux nextcloud-client - tmuxai-pkg obsidian element-desktop ghostty manix zed-editor - zellij aichat wl-clipboard ]; - programs.helix = { - enable = true; - settings = { - theme = "autumn_night_transparent"; - editor = { - cursor-shape = { - normal = "block"; - insert = "bar"; - select = "underline"; - }; - true-color = true; - soft-wrap = { - enable = true; - }; - }; - }; - languages.language = [ - { - name = "nix"; - auto-format = true; - formatter.command = lib.getExe pkgs.nixfmt-rfc-style; - } - # Python configuration - { - name = "python"; - language-servers = [ "pylsp" ]; - auto-format = true; - } - ]; - themes = { - autumn_night_transparent = { - "inherits" = "autumn_night"; - "ui.background" = { }; - }; - }; - extraPackages = [ - pkgs.python3Packages.python-lsp-server # Required for pylsp - ]; - }; - programs.git = { - enable = true; - userName = "death916"; - userEmail = "mail@trentnelson.dev"; - extraConfig = { - credential.helper = "store"; - }; - }; - - programs.atuin = { - enable = true; - settings = { - search_mode = "fuzzy"; - }; - }; - programs.starship = { enable = true; enableBashIntegration = true; @@ -148,10 +93,9 @@ in ignore_base = false; disabled = false; }; - # In your programs.starship.settings nix_shell = { disabled = false; - symbol = "❄️ "; # or "󱄅 " with Nerd Fonts + symbol = "❄️ "; style = "blue bold"; format = "[$symbol($state)]($style) "; }; @@ -176,9 +120,7 @@ in enable = true; settings = { env.TERM = "xterm-256color"; - font = { - size = 12; - }; + font = { size = 12; }; scrolling.multiplier = 5; selection.save_to_clipboard = true; }; @@ -204,11 +146,4 @@ in urlencode = "python3 -c 'import sys, urllib.parse as ul; print(ul.quote_plus(sys.stdin.read()))'"; }; }; - - home.sessionVariables = { - EDITOR = "hx"; - }; - - home.stateVersion = "24.11"; - programs.home-manager.enable = true; } diff --git a/nixos/configuration.nix b/nixos/configuration.nix index 70b7c62..fd22a39 100644 --- a/nixos/configuration.nix +++ b/nixos/configuration.nix @@ -1,135 +1,10 @@ -# Edit this configuration file to define what should be installed on -# your system. Help is available in the configuration.nix(5) man page, on -# https://search.nixos.org/options and in the NixOS manual (`nixos-help`). - -{ - config, - lib, - pkgs, - inputs, - ... -}: - +# ~/nixconfig/nixos/configuration.nix.new { imports = [ - # Include the results of the hardware scan. ./hardware-configuration.nix - # Remove this line - overlays are now handled in flake.nix - # ../overlays/halloy-overlay.nix + ../modules/nixos/laptop/desktop.nix + ../modules/nixos/common/base.nix + ../modules/nixos/laptop/user.nix + ../modules/nixos/common/tailscale.nix ]; - - # Use the systemd-boot EFI boot loader. - boot.loader.systemd-boot.enable = true; - boot.loader.efi.canTouchEfiVariables = true; - powerManagement.cpuFreqGovernor = "ondemand"; # hopefully fix low cpu freq - hardware.cpu.amd.updateMicrocode = true; # same - # networking.hostName = "nixos"; # Define your hostname. - # Pick only one of the below networking options. - # networking.wireless.enable = true; # Enables wireless support via wpa_supplicant. - # networking.networkmanager.enable = true; # Easiest to use and most distros use this by default. - - # Set your time zone. - time.timeZone = "America/Los_Angeles"; - - users.users.death916 = { - isNormalUser = true; - home = "/home/death916"; - description = "Death916"; - extraGroups = [ - "wheel" - "networkmanager" - ]; - }; - - # Configure network proxy if necessary - # networking.proxy.default = "http://user:password@proxy:port/"; - # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain"; - - # Select internationalisation properties. - # i18n.defaultLocale = "en_US.UTF-8"; - # console = { - # font = "Lat2-Terminus16"; - # keyMap = "us"; - # useXkbConfig = true; # use xkb.options in tty. - # }; - - # Enable the X11 windowing system. - services.xserver.enable = true; - services.gnome.gnome-keyring.enable = true; - services.dbus.enable = true; # for nextcloud client - # Enable the GNOME Desktop Environment. - services.xserver.displayManager.gdm.enable = false; - services.xserver.desktopManager.gnome.enable = false; - #cosmic instead - services.desktopManager.cosmic.enable = true; - services.displayManager.cosmic-greeter.enable = true; - services.desktopManager.cosmic.xwayland.enable = true; - # Configure keymap in X11 - # services.xserver.xkb.layout = "us"; - # services.xserver.xkb.options = "eurosign:e,caps:escape"; - - # Enable CUPS to print documents. - # services.printing.enable = true; - - # Enable sound. - # hardware.pulseaudio.enable = true; - # OR - # services.pipewire = { - # enable = true; - # pulse.enable = true; - # }; - - # Enable touchpad support (enabled default in most desktopManager). - # services.libinput.enable = true; - # add flox repos - nix.settings.trusted-substituters = [ "https://cache.flox.dev" ]; - nix.settings.trusted-public-keys = [ - "flox-cache-public-1:7F4OyH7ZCnFhcze3fJdfyXYLQw/aV7GEed86nQ7IsOs=" - ]; - # my settings - nix.settings.experimental-features = [ - "nix-command" - "flakes" - ]; - environment.systemPackages = with pkgs; [ - # Flakes clones its dependencies through the git command, - # so git must be installed first - git - vim - wget - tailscale - halloy # Add halloy to your system packages - conda - inputs.flox.packages.${pkgs.system}.flox - kopia-ui - stremio - wl-clipboard - tail-tray - ]; - - # to make exit nodes work - networking.firewall.checkReversePath = "loose"; - - hardware.bluetooth.enable = true; - # hardware.blueman.enable = true; - # hardware.bluetooth.package - pkgs.bluezFull; - - hardware.bluetooth.powerOnBoot = true; - # my additions - services.tailscale = { - enable = true; - useRoutingFeatures = "both"; # Or "client", or "both" depending on your needs - # Other Tailscale options... - }; - networking.interfaces.tailscale0.mtu = 1500; - programs.firefox.enable = true; - programs.nh = { - enable = true; - clean.enable = true; - clean.extraArgs = "--keep-since 7d --keep 10"; - flake = "/home/death916/Documents/nix-config/"; - }; - services.fprintd.enable = true; - - system.stateVersion = "24.11"; # Did you read the comment? } diff --git a/nixos/homelab.nix b/nixos/homelab.nix index b5ff941..206d292 100644 --- a/nixos/homelab.nix +++ b/nixos/homelab.nix @@ -1,12 +1,4 @@ -# ./nixos/homelab.nix -{ - config, - pkgs, - lib, - inputs, - ... -}: - +# ~/nixconfig/nixos/homelab.nix.new { imports = [ ../modules/nextcloud-setup.nix @@ -17,324 +9,10 @@ ../modules/vms/incus-base.nix ../modules/smb.nix # ../modules/opencloud.nix + ../modules/nixos/homelab/networking.nix + ../modules/nixos/homelab/services.nix + ../modules/nixos/common/base.nix + ../modules/nixos/homelab/user.nix + ../modules/nixos/common/tailscale.nix ]; - arrSuite.enable = true; - services.samba.shares.Media.path = "/media/storage/media"; - # nixpkgs.config.allowUnfree = true; - boot.loader.systemd-boot.enable = true; # Or grub, as appropriate for your server - boot.loader.efi.canTouchEfiVariables = true; - powerManagement.cpuFreqGovernor = "ondemand"; # hopefully fix low cpu freq - hardware.cpu.amd.updateMicrocode = true; # same - networking.hostName = "homelab"; # Set the server's hostname - boot.initrd.kernelModules = [ - "dm_mod" - "dm_thin_pool" - ]; # Device mapper core - boot.initrd.availableKernelModules = [ - # For LVM thin provisioning - # Add filesystem types you expect to find on these LVs, e.g., "ext4", "xfs", "zfs" (if using ZFS on LVM) - "ext4" - "xfs" - ]; - services.lvm.enable = true; - services.lvm.boot.thin.enable = true; # Crucial for thin pools - nix.settings.experimental-features = [ - "nix-command" - "flakes" - ]; - # Mount for your media LV (from /dev/sdd via media VG) - fileSystems."/media" = { - device = "/dev/media/vm-101-disk-0"; - fsType = "ext4"; - options = [ - "defaults" - "nofail" - ]; - }; - time.timeZone = "America/Los_Angeles"; - # Mount for your newly formatted storage LV - fileSystems."/storage" = { - device = "/dev/Storage/data_lv"; # Path to your new thick LV - fsType = "ext4"; # Or xfs if you chose that - options = [ - "defaults" - "nofail" - ]; - }; - virtualisation.incus.enable = true; - - # Basic firewall - networking.nftables.enable = true; - networking.firewall.enable = true; - networking.firewall.allowedTCPPorts = [ - 22 - 53 - 8096 # jellyfin - ]; - networking.firewall.allowedUDPPorts = [ - 53 # AdGuard Home DNS over UDP - ]; - - # Bridge configuration for Incus VMs - networking.bridges.br0.interfaces = [ "enp41s0" ]; - - networking.interfaces.br0 = { - ipv4.addresses = [ - { - address = "192.168.0.116"; # <-- SET YOUR SERVER'S DESIRED STATIC IP - prefixLength = 24; # <-- SET YOUR SUBNET MASK (24 = 255.255.255.0) - } - ]; - }; - - networking.defaultGateway = "192.168.0.1"; # <-- SET YOUR ROUTER'S IP - networking.nameservers = [ - "192.168.0.116" - - ]; - - networking.interfaces.enp41s0.useDHCP = false; - - # Allow SSH - networking.firewall.trustedInterfaces = [ - "tailscale0" - "docker0" - "br0" - ]; # <--- ADDED for Tailscale access - # SSH Server configuration - services.openssh = { - enable = true; - ports = [ 22 ]; - openFirewall = true; - settings.PasswordAuthentication = false; # Recommended: use SSH keys - settings.PermitRootLogin = "no"; # Recommended - }; - # networking.firewall.checkReversePath = "loose"; - services.tailscale = { - enable = true; - useRoutingFeatures = "both"; - }; - networking.firewall.checkReversePath = "loose"; # needed for tailscale nodes - # Define the 'death916' user for the server - #claimTokenFile = "/var/lib/netdata/cloud.d/token"; - users.users.death916 = { - isNormalUser = true; - shell = pkgs.bash; - extraGroups = [ - "wheel" - "media_services" - "nextcloud" - "docker" - "qbittorent" - "incus-admin" - ]; # For sudo access - openssh.authorizedKeys.keys = [ - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCte9KjJUSn4xBPEKCk9QER6+jF+C0uBatVl27zIamYsryyHdFrmqK2DAg7OhqTHqzjxID6sp6d57MsJqOUAtwXbUDMLffqBSerUxfTm+1SPDrhL0GSvo0QVjMLVseOEq8d2qXgW1R7dIk412VbO5e9SAump5aJOHI/SzT6VLoUczalmqrjnDacWQMeLu/TSOZHcfrhjYSg+b1xbc1vHp6C4obOb8JIj/anAieT/1P36MhlNW79ow6PWenLemBYeeezFrKtESF1oMc8jmcxogzgLamlqhKYAHlKhOuBF6u0nRneI5IPDbbMF5zwEv5szCEKj8XZJVYUk8uUg7ARyppjcA7yAXuaNKBNxa7tfjqWrDWOACn97ufE5FFJt0XH5JzkXcDh96K8ZSZaWxMRu2s+GlIu/1F415xtVfe1d79HYkWke/ewaQ4NqgOt8f7wRvyzabpQZDzkaXO0UoK65O2HyUur33XWCEmV+1pB6BrS8pD+1I4Tvbnc+rOgtHTTRfKqezKqZmaErEOxClBwvWjvn0PzhGSoClTGXPjhl239/sH0JGY09dTBh8GtAVbfv+jFO6nm6aR7O/OwSaohY3uOdRo8XyxJr4XyGAaBNRdm6BUJRnB4W51J49IQBZzIe2NUkNMHeUT4jkxFpfhkujnSFw2ZnOLkERpwkltAlbwuLw== tavn1992@gmail.com" # <<-- REPLACE THIS WITH YOUR SSH PUBLIC KEY for death916 - # Add more keys if needed - ]; - # If 'death916' needs a password on the server (less secure than key-only) - # initialPassword = "yoursecurepassword"; # Or use hashed password - }; - - users.users.audiobookshelf = { - isSystemUser = true; # System user, doesn't need a home directory by default for services - group = "media_services"; # Primary group - # extraGroups = [ "media_services" ]; # Alternatively, if you want a different primary group - }; - - # users.users.nextcloud = { - # This merges with the 'nextcloud' user definition from services.nextcloud in the imported module - # extraGroups = [ "media_services" ]; - #}; - users.groups.media_services = { }; - #users.groups.nextcloud = {}; - # homelab services - - services.plex = { - enable = true; - openFirewall = true; - user = "death916"; - }; - - services.audiobookshelf = { - enable = true; - user = "audiobookshelf"; - group = "media_services"; - host = "0.0.0.0"; # <--- ADD THIS LINE to listen on all IPv4 interfaces - port = 13378; - }; - - #networking.firewall.allowedTCPPorts = [19999]; - # services.netdata.package = pkgs.netdata.override { withCloud = true; }; - services.netdata = { - - # package = pkgs.netdata.override { - # withCloud = true; - # }; - enable = true; - # claimTokenFile = "/var/lib/netdata/cloud.d"; - config = { - global = { - "memory mode" = "ram"; - "debug log" = "none"; - "access log" = "none"; - "error log" = "syslog"; - }; - }; - }; - - users.users.qbittorrent.extraGroups = [ "media_services" ]; - users.groups.qbittorrent = { }; - - services.qbittorrent = { - enable = true; - dataDir = "/media/storage/media/downloads/"; - - user = "qbittorrent"; - group = "qbittorrent"; - port = 8090; - openFirewall = true; - package = pkgs.qbittorrent-nox; - }; - - systemd.tmpfiles.rules = [ - "d /media/storage/media/downloads/qBittorrent 0775 root media_services - -" - "d /storage/services/qbittorrent 0755 qbittorrent qbittorrent - -" - "d /storage/services/qbittorrent/config 0755 qbittorrent qbittorrent - -" - ]; - - services.jellyfin.enable = true; - - services.actual = { - enable = true; - settings = { - port = 5006; # Default - # listenAddress = "127.0.0.1"; - }; - }; - - virtualisation.docker.enable = true; - # users.users.death916.extraGroups = [ "docker" ]; # If needed - - virtualisation.oci-containers = { - backend = "docker"; - containers = { - - dufs = { - image = "sigoden/dufs:latest"; - ports = [ "5000:5000" ]; - volumes = [ "/media/storage/media/:/data" ]; # <-- Remember to change this path - cmd = [ - "/data" - "-A" - ]; - #extraOptions = [ "--restart=unless-stopped" ]; - }; - - c2c-scraper = { - image = "death916/c2cscrape:latest"; - volumes = [ - "/media/storage/media/books/audio/podcasts/C2C:/downloads" - "/media/storage/media/docker/volumes/c2cscrape:/app/data" - ]; - environment = { - TZ = "America/Los_Angeles"; - }; - autoStart = true; # Consider adding if not already present - # removeContainer = false; - extraOptions = [ - "--dns=8.8.8.8" - ]; - }; - - adguardhome = { - image = "adguard/adguardhome:latest"; - autoStart = true; - # ports = [ - # "53:53/tcp" - # "53:53/udp" - # "3000:3000/tcp" - # ]; - volumes = [ - "/storage/services/adguard/work:/opt/adguardhome/work" - "/storage/services/adguard/data:/opt/adguardhome/conf" - ]; - extraOptions = [ - "--network=host" - ]; - - }; - }; - }; - - boot.kernel.sysctl = { - "net.ipv4.ip_forward" = 1; - "net.ipv6.conf.all.forwarding" = 1; - }; - - systemd.services.kopia-backup = { - description = "Kopia backup service for NixOS server"; - serviceConfig = { - Type = "oneshot"; - User = "root"; # Run as root to access all files and Kopia config - ExecStart = "/usr/local/bin/nixos-kopia-backup.sh"; - path = with pkgs; [ - coreutils # Provides basic tools like `sh`, `cat`, etc. - kopia # The kopia binary itself - ]; - - }; - }; - - systemd.timers.kopia-backup = { - description = "Daily Kopia backup timer"; - wantedBy = [ "timers.target" ]; - partOf = [ "kopia-backup.service" ]; # Links timer to the service - timerConfig = { - OnCalendar = "hourly"; # Or "hourly", "*-*-* 02:00:00" for 2 AM daily, etc. - Persistent = true; # Run on next boot if a scheduled run was missed - Unit = "kopia-backup.service"; - }; - }; - - users.users.adguardhome = { - isSystemUser = true; - group = "adguardhome"; - extraGroups = [ "adgaurdhome-access" ]; - }; - users.groups.adguardhome-access = { }; - - users.groups.adguardhome = { }; - - #services.homeAssistantVM.enable = true; - - # Sudo access for the wheel group (which death916 is part of) - security.sudo.wheelNeedsPassword = true; # Or false if you prefer passwordless sudo for wheel - - # Essential server packages - environment.systemPackages = with pkgs; [ - git - vim - htop - tmux - tailscale - lvm2 - rsync - multipath-tools # kpartx - btop - wget - pkgs.jellyfin-web - pkgs.jellyfin-ffmpeg - pkgs.jellyfin - unzip - kopia - manix - nh - qemu - ]; - - # If you use custom overlays specific to this server: - # nixpkgs.overlays = [(import ../overlays/homelab-overlay.nix)]; - - system.stateVersion = "24.11"; # Set to your NixOS version } diff --git a/old_config/configuration.nix b/old_config/configuration.nix new file mode 100644 index 0000000..70b7c62 --- /dev/null +++ b/old_config/configuration.nix @@ -0,0 +1,135 @@ +# Edit this configuration file to define what should be installed on +# your system. Help is available in the configuration.nix(5) man page, on +# https://search.nixos.org/options and in the NixOS manual (`nixos-help`). + +{ + config, + lib, + pkgs, + inputs, + ... +}: + +{ + imports = [ + # Include the results of the hardware scan. + ./hardware-configuration.nix + # Remove this line - overlays are now handled in flake.nix + # ../overlays/halloy-overlay.nix + ]; + + # Use the systemd-boot EFI boot loader. + boot.loader.systemd-boot.enable = true; + boot.loader.efi.canTouchEfiVariables = true; + powerManagement.cpuFreqGovernor = "ondemand"; # hopefully fix low cpu freq + hardware.cpu.amd.updateMicrocode = true; # same + # networking.hostName = "nixos"; # Define your hostname. + # Pick only one of the below networking options. + # networking.wireless.enable = true; # Enables wireless support via wpa_supplicant. + # networking.networkmanager.enable = true; # Easiest to use and most distros use this by default. + + # Set your time zone. + time.timeZone = "America/Los_Angeles"; + + users.users.death916 = { + isNormalUser = true; + home = "/home/death916"; + description = "Death916"; + extraGroups = [ + "wheel" + "networkmanager" + ]; + }; + + # Configure network proxy if necessary + # networking.proxy.default = "http://user:password@proxy:port/"; + # networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain"; + + # Select internationalisation properties. + # i18n.defaultLocale = "en_US.UTF-8"; + # console = { + # font = "Lat2-Terminus16"; + # keyMap = "us"; + # useXkbConfig = true; # use xkb.options in tty. + # }; + + # Enable the X11 windowing system. + services.xserver.enable = true; + services.gnome.gnome-keyring.enable = true; + services.dbus.enable = true; # for nextcloud client + # Enable the GNOME Desktop Environment. + services.xserver.displayManager.gdm.enable = false; + services.xserver.desktopManager.gnome.enable = false; + #cosmic instead + services.desktopManager.cosmic.enable = true; + services.displayManager.cosmic-greeter.enable = true; + services.desktopManager.cosmic.xwayland.enable = true; + # Configure keymap in X11 + # services.xserver.xkb.layout = "us"; + # services.xserver.xkb.options = "eurosign:e,caps:escape"; + + # Enable CUPS to print documents. + # services.printing.enable = true; + + # Enable sound. + # hardware.pulseaudio.enable = true; + # OR + # services.pipewire = { + # enable = true; + # pulse.enable = true; + # }; + + # Enable touchpad support (enabled default in most desktopManager). + # services.libinput.enable = true; + # add flox repos + nix.settings.trusted-substituters = [ "https://cache.flox.dev" ]; + nix.settings.trusted-public-keys = [ + "flox-cache-public-1:7F4OyH7ZCnFhcze3fJdfyXYLQw/aV7GEed86nQ7IsOs=" + ]; + # my settings + nix.settings.experimental-features = [ + "nix-command" + "flakes" + ]; + environment.systemPackages = with pkgs; [ + # Flakes clones its dependencies through the git command, + # so git must be installed first + git + vim + wget + tailscale + halloy # Add halloy to your system packages + conda + inputs.flox.packages.${pkgs.system}.flox + kopia-ui + stremio + wl-clipboard + tail-tray + ]; + + # to make exit nodes work + networking.firewall.checkReversePath = "loose"; + + hardware.bluetooth.enable = true; + # hardware.blueman.enable = true; + # hardware.bluetooth.package - pkgs.bluezFull; + + hardware.bluetooth.powerOnBoot = true; + # my additions + services.tailscale = { + enable = true; + useRoutingFeatures = "both"; # Or "client", or "both" depending on your needs + # Other Tailscale options... + }; + networking.interfaces.tailscale0.mtu = 1500; + programs.firefox.enable = true; + programs.nh = { + enable = true; + clean.enable = true; + clean.extraArgs = "--keep-since 7d --keep 10"; + flake = "/home/death916/Documents/nix-config/"; + }; + services.fprintd.enable = true; + + system.stateVersion = "24.11"; # Did you read the comment? +} diff --git a/old_config/death916-homelab.nix b/old_config/death916-homelab.nix new file mode 100644 index 0000000..bbc206f --- /dev/null +++ b/old_config/death916-homelab.nix @@ -0,0 +1,93 @@ +# ./home-manager/death916-homelab.nix +{ + config, + pkgs, + lib, + inputs, + ... +}: + +{ + home.username = "death916"; + home.homeDirectory = "/home/death916"; + + # Basic shell configuration (can be more elaborate) + programs.bash.enable = true; + programs.git = { + enable = true; + userName = "death916"; + userEmail = "mail@trentnelson.dev"; + extraConfig = { + credential.helper = "store"; + }; + }; + + # Server-specific tools or dotfiles for death916 + programs.tmux.enable = true; # Example from your repo image + + # Example: Different shell prompt or aliases for server environment + # programs.bash.shellAliases = { + # ll = "ls -alh"; + # update-system = "sudo nixos-rebuild switch --flake /etc/nixos#homelab"; + # }; + + programs.helix = { + enable = true; + settings = { + theme = "autumn_night_transparent"; + editor = { + cursor-shape = { + normal = "block"; + insert = "bar"; + select = "underline"; + }; + true-color = true; + soft-wrap = { + enable = true; + }; + }; + }; + languages.language = [ + { + name = "nix"; + auto-format = true; + formatter.command = lib.getExe pkgs.nixfmt-rfc-style; + } + # Python configuration + { + name = "python"; + language-servers = [ "pylsp" ]; + auto-format = true; + } + ]; + themes = { + autumn_night_transparent = { + "inherits" = "autumn_night"; + "ui.background" = { }; + }; + }; + extraPackages = [ + pkgs.python3Packages.python-lsp-server # Required for pylsp + ]; + }; + + programs.atuin = { + enable = true; + settings = { + search_mode = "fuzzy"; + }; + }; + + home.packages = with pkgs; [ + # Any user-specific packages for death916 on the server + fastfetch + wget + zellij + systemctl-tui + gemini-cli + ]; + + # Keep this consistent with your system's state version + home.stateVersion = "24.11"; + programs.home-manager.enable = true; +} diff --git a/old_config/flake.nix b/old_config/flake.nix new file mode 100644 index 0000000..eed56fa --- /dev/null +++ b/old_config/flake.nix @@ -0,0 +1,130 @@ +# ~/Documents/nix-config/flake.nix +{ + description = "NixOS configurations for laptop and homelab server"; + + inputs = { + nixpkgs.url = "github:NixOS/nixpkgs/nixos-25.05"; + nixpkgs-unstable.url = "github:NixOS/nixpkgs/nixos-unstable"; # Added for Home Assistant + + # nixos-cosmic = { + # url = "github:lilyinstarlight/nixos-cosmic"; + # inputs.nixpkgs.follows = "nixpkgs"; + # }; + home-manager = { + url = "github:nix-community/home-manager/release-25.05"; + inputs.nixpkgs.follows = "nixpkgs"; + }; + rust-overlay = { + url = "github:oxalica/rust-overlay"; + inputs.nixpkgs.follows = "nixpkgs"; + }; + flox.url = "github:flox/flox"; + }; + + outputs = + inputs@{ + self, + nixpkgs, + nixpkgs-unstable, + home-manager, + # nixos-cosmic, + rust-overlay, + flox, + ... + }: + let + system = "x86_64-linux"; + hmLib = home-manager.lib; + + # pkgs for the 'nixos' (laptop) configuration + pkgsForLaptop = import nixpkgs { + inherit system; + overlays = [ + rust-overlay.overlays.default + (import ./overlays/halloy-overlay.nix) # Assuming this overlay is general + ]; + config = { + # Global config for laptop pkgs + allowUnfree = true; # Example, add if needed + }; + }; + + # pkgs for the 'homelab' configuration (main system pkgs) + pkgsForHomelab = import nixpkgs { + # Using the stable nixpkgs for homelab base + inherit system; + overlays = [ + ]; + config = { + # Global config for homelab pkgs + allowUnfree = true; # Example, add if needed + }; + }; + + # Unstable pkgs specifically for Home Assistant on homelab + pkgsUnstableForHA = import nixpkgs-unstable { + inherit system; + config = { + # Global config for unstable pkgs + allowUnfree = true; # Example + # If HA from unstable needs OpenSSL 1.1 + permittedInsecurePackages = [ "openssl-1.1.1w" ]; + }; + }; + + in + { + nixosConfigurations = { + nixos = nixpkgs.lib.nixosSystem { + inherit system; + specialArgs = { inherit inputs system; }; # pkgs will be set via module below + modules = [ + { + nixpkgs.pkgs = pkgsForLaptop; # Use the pkgs definition with overlays for 'nixos' + # nix.settings = { + # substituters = [ "https://cosmic.cachix.org/" ]; + # trusted-public-keys = [ "cosmic.cachix.org-1:Dya9IyXD4xdBehWjrkPv6rtxpmMdRel02smYzA85dPE=" ]; + # }; + } + #: nixos-cosmic.nixosModules.default + ./nixos/configuration.nix + home-manager.nixosModules.home-manager + { + home-manager.useGlobalPkgs = true; + home-manager.useUserPackages = true; + home-manager.extraSpecialArgs = { inherit hmLib; }; + home-manager.users.death916 = { + imports = [ ./home-manager/home.nix ]; + }; + } + ]; + }; + + homelab = nixpkgs.lib.nixosSystem { + inherit system; + # Pass the unstable pkgs set for HA to the homelab configuration + specialArgs = { + inherit inputs system; + unstablePkgsHA = pkgsUnstableForHA; + }; + modules = [ + { nixpkgs.pkgs = pkgsForHomelab; } # Use the base pkgs definition for 'homelab' + # Import the unstable Home Assistant module + + ./nixos/homelab.nix # Your main homelab config + ./nixos/hardware-homelab.nix + # ./modules/home-assistant.nix # Your HA configuration module + home-manager.nixosModules.home-manager + { + home-manager.useGlobalPkgs = true; + home-manager.useUserPackages = true; + home-manager.extraSpecialArgs = { inherit hmLib; }; + home-manager.users.death916 = { + imports = [ ./home-manager/death916-homelab.nix ]; + }; + } + ]; + }; + }; + }; +} diff --git a/flake.nix.b4serverconfig b/old_config/flake.nix.b4serverconfig similarity index 100% rename from flake.nix.b4serverconfig rename to old_config/flake.nix.b4serverconfig diff --git a/flake.nix.old b/old_config/flake.nix.old similarity index 100% rename from flake.nix.old rename to old_config/flake.nix.old diff --git a/old_config/home.nix b/old_config/home.nix new file mode 100644 index 0000000..91fb467 --- /dev/null +++ b/old_config/home.nix @@ -0,0 +1,214 @@ +{ + config, + pkgs, + lib, + hmLib, + ... +}: + +let + tmuxaiPackageDir = ../pkgs/tmuxai; + tmuxai-pkg = pkgs.callPackage tmuxaiPackageDir { }; +in +{ + home.username = "death916"; + home.homeDirectory = "/home/death916"; + + xresources.properties = { + "Xcursor.size" = 16; + "Xft.dpi" = 172; + }; + + home.packages = with pkgs; [ + fastfetch + nnn + zip + xz + unzip + p7zip + ripgrep + jq + yq-go + eza + fzf + mtr + iperf3 + dnsutils + ldns + aria2 + socat + nmap + ipcalc + cowsay + file + which + tree + gnused + gnutar + gawk + zstd + gnupg + nix-output-monitor + glow + btop + iotop + iftop + strace + ltrace + lsof + sysstat + lm_sensors + ethtool + pciutils + usbutils + waveterm + halloy + tmux + nextcloud-client + tmuxai-pkg + obsidian + element-desktop + ghostty + manix + zed-editor + zellij + aichat + wl-clipboard + ]; + + programs.helix = { + enable = true; + settings = { + theme = "autumn_night_transparent"; + editor = { + cursor-shape = { + normal = "block"; + insert = "bar"; + select = "underline"; + }; + true-color = true; + soft-wrap = { + enable = true; + }; + }; + }; + languages.language = [ + { + name = "nix"; + auto-format = true; + formatter.command = lib.getExe pkgs.nixfmt-rfc-style; + } + # Python configuration + { + name = "python"; + language-servers = [ "pylsp" ]; + auto-format = true; + } + ]; + themes = { + autumn_night_transparent = { + "inherits" = "autumn_night"; + "ui.background" = { }; + }; + }; + extraPackages = [ + pkgs.python3Packages.python-lsp-server # Required for pylsp + ]; + }; + programs.git = { + enable = true; + userName = "death916"; + userEmail = "mail@trentnelson.dev"; + extraConfig = { + credential.helper = "store"; + }; + }; + + programs.atuin = { + enable = true; + settings = { + search_mode = "fuzzy"; + }; + }; + + programs.starship = { + enable = true; + enableBashIntegration = true; + settings = { + add_newline = false; + aws.disabled = true; + gcloud.disabled = true; + line_break.disabled = true; + + conda = { + truncation_length = 1; + format = ''[$symbol$environment]($style) ''; + symbol = " "; + style = "green bold"; + ignore_base = false; + disabled = false; + }; + # In your programs.starship.settings + nix_shell = { + disabled = false; + symbol = "❄️ "; # or "󱄅 " with Nerd Fonts + style = "blue bold"; + format = "[$symbol($state)]($style) "; + }; + + env_var = { + variable = "FLOX_PROMPT_ENVIRONMENTS"; + format = "[flox:$env_value]($style) "; + style = "purple bold"; + disabled = false; + }; + + format = ''$nix_shell$directory $git_branch $conda$env_var$cmd_duration$status$character''; + }; + }; + + programs.emacs = { + enable = true; + package = pkgs.emacs; + }; + + programs.alacritty = { + enable = true; + settings = { + env.TERM = "xterm-256color"; + font = { + size = 12; + }; + scrolling.multiplier = 5; + selection.save_to_clipboard = true; + }; + }; + services.gnome-keyring.enable = true; + + programs.vscode = { + enable = true; + package = pkgs.vscode.fhs; + }; + + programs.bash = { + enable = true; + enableCompletion = true; + bashrcExtra = '' + export PATH="$PATH:$HOME/bin:$HOME/.local/bin:$HOME/go/bin" + ''; + shellAliases = { + k = "kubectl"; + pimox = "tailscale ssh pimox"; + homelab = "tailscale ssh homelab"; + urldecode = "python3 -c 'import sys, urllib.parse as ul; print(ul.unquote_plus(sys.stdin.read()))'"; + urlencode = "python3 -c 'import sys, urllib.parse as ul; print(ul.quote_plus(sys.stdin.read()))'"; + }; + }; + + home.sessionVariables = { + EDITOR = "hx"; + }; + + home.stateVersion = "24.11"; + programs.home-manager.enable = true; +} diff --git a/old_config/homelab.nix b/old_config/homelab.nix new file mode 100644 index 0000000..b5ff941 --- /dev/null +++ b/old_config/homelab.nix @@ -0,0 +1,340 @@ +# ./nixos/homelab.nix +{ + config, + pkgs, + lib, + inputs, + ... +}: + +{ + imports = [ + ../modules/nextcloud-setup.nix + ../modules/media/qbittorrent.nix + ../modules/media/arr-suite.nix + # ../modules/home-assistant.nix + # ../modules/home-assistant-vm.nix + ../modules/vms/incus-base.nix + ../modules/smb.nix + # ../modules/opencloud.nix + ]; + arrSuite.enable = true; + services.samba.shares.Media.path = "/media/storage/media"; + # nixpkgs.config.allowUnfree = true; + boot.loader.systemd-boot.enable = true; # Or grub, as appropriate for your server + boot.loader.efi.canTouchEfiVariables = true; + powerManagement.cpuFreqGovernor = "ondemand"; # hopefully fix low cpu freq + hardware.cpu.amd.updateMicrocode = true; # same + networking.hostName = "homelab"; # Set the server's hostname + boot.initrd.kernelModules = [ + "dm_mod" + "dm_thin_pool" + ]; # Device mapper core + boot.initrd.availableKernelModules = [ + # For LVM thin provisioning + # Add filesystem types you expect to find on these LVs, e.g., "ext4", "xfs", "zfs" (if using ZFS on LVM) + "ext4" + "xfs" + ]; + services.lvm.enable = true; + services.lvm.boot.thin.enable = true; # Crucial for thin pools + nix.settings.experimental-features = [ + "nix-command" + "flakes" + ]; + # Mount for your media LV (from /dev/sdd via media VG) + fileSystems."/media" = { + device = "/dev/media/vm-101-disk-0"; + fsType = "ext4"; + options = [ + "defaults" + "nofail" + ]; + }; + time.timeZone = "America/Los_Angeles"; + # Mount for your newly formatted storage LV + fileSystems."/storage" = { + device = "/dev/Storage/data_lv"; # Path to your new thick LV + fsType = "ext4"; # Or xfs if you chose that + options = [ + "defaults" + "nofail" + ]; + }; + virtualisation.incus.enable = true; + + # Basic firewall + networking.nftables.enable = true; + networking.firewall.enable = true; + networking.firewall.allowedTCPPorts = [ + 22 + 53 + 8096 # jellyfin + ]; + networking.firewall.allowedUDPPorts = [ + 53 # AdGuard Home DNS over UDP + ]; + + # Bridge configuration for Incus VMs + networking.bridges.br0.interfaces = [ "enp41s0" ]; + + networking.interfaces.br0 = { + ipv4.addresses = [ + { + address = "192.168.0.116"; # <-- SET YOUR SERVER'S DESIRED STATIC IP + prefixLength = 24; # <-- SET YOUR SUBNET MASK (24 = 255.255.255.0) + } + ]; + }; + + networking.defaultGateway = "192.168.0.1"; # <-- SET YOUR ROUTER'S IP + networking.nameservers = [ + "192.168.0.116" + + ]; + + networking.interfaces.enp41s0.useDHCP = false; + + # Allow SSH + networking.firewall.trustedInterfaces = [ + "tailscale0" + "docker0" + "br0" + ]; # <--- ADDED for Tailscale access + # SSH Server configuration + services.openssh = { + enable = true; + ports = [ 22 ]; + openFirewall = true; + settings.PasswordAuthentication = false; # Recommended: use SSH keys + settings.PermitRootLogin = "no"; # Recommended + }; + # networking.firewall.checkReversePath = "loose"; + services.tailscale = { + enable = true; + useRoutingFeatures = "both"; + }; + networking.firewall.checkReversePath = "loose"; # needed for tailscale nodes + # Define the 'death916' user for the server + #claimTokenFile = "/var/lib/netdata/cloud.d/token"; + users.users.death916 = { + isNormalUser = true; + shell = pkgs.bash; + extraGroups = [ + "wheel" + "media_services" + "nextcloud" + "docker" + "qbittorent" + "incus-admin" + ]; # For sudo access + openssh.authorizedKeys.keys = [ + "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCte9KjJUSn4xBPEKCk9QER6+jF+C0uBatVl27zIamYsryyHdFrmqK2DAg7OhqTHqzjxID6sp6d57MsJqOUAtwXbUDMLffqBSerUxfTm+1SPDrhL0GSvo0QVjMLVseOEq8d2qXgW1R7dIk412VbO5e9SAump5aJOHI/SzT6VLoUczalmqrjnDacWQMeLu/TSOZHcfrhjYSg+b1xbc1vHp6C4obOb8JIj/anAieT/1P36MhlNW79ow6PWenLemBYeeezFrKtESF1oMc8jmcxogzgLamlqhKYAHlKhOuBF6u0nRneI5IPDbbMF5zwEv5szCEKj8XZJVYUk8uUg7ARyppjcA7yAXuaNKBNxa7tfjqWrDWOACn97ufE5FFJt0XH5JzkXcDh96K8ZSZaWxMRu2s+GlIu/1F415xtVfe1d79HYkWke/ewaQ4NqgOt8f7wRvyzabpQZDzkaXO0UoK65O2HyUur33XWCEmV+1pB6BrS8pD+1I4Tvbnc+rOgtHTTRfKqezKqZmaErEOxClBwvWjvn0PzhGSoClTGXPjhl239/sH0JGY09dTBh8GtAVbfv+jFO6nm6aR7O/OwSaohY3uOdRo8XyxJr4XyGAaBNRdm6BUJRnB4W51J49IQBZzIe2NUkNMHeUT4jkxFpfhkujnSFw2ZnOLkERpwkltAlbwuLw== tavn1992@gmail.com" # <<-- REPLACE THIS WITH YOUR SSH PUBLIC KEY for death916 + # Add more keys if needed + ]; + # If 'death916' needs a password on the server (less secure than key-only) + # initialPassword = "yoursecurepassword"; # Or use hashed password + }; + + users.users.audiobookshelf = { + isSystemUser = true; # System user, doesn't need a home directory by default for services + group = "media_services"; # Primary group + # extraGroups = [ "media_services" ]; # Alternatively, if you want a different primary group + }; + + # users.users.nextcloud = { + # This merges with the 'nextcloud' user definition from services.nextcloud in the imported module + # extraGroups = [ "media_services" ]; + #}; + users.groups.media_services = { }; + #users.groups.nextcloud = {}; + # homelab services + + services.plex = { + enable = true; + openFirewall = true; + user = "death916"; + }; + + services.audiobookshelf = { + enable = true; + user = "audiobookshelf"; + group = "media_services"; + host = "0.0.0.0"; # <--- ADD THIS LINE to listen on all IPv4 interfaces + port = 13378; + }; + + #networking.firewall.allowedTCPPorts = [19999]; + # services.netdata.package = pkgs.netdata.override { withCloud = true; }; + services.netdata = { + + # package = pkgs.netdata.override { + # withCloud = true; + # }; + enable = true; + # claimTokenFile = "/var/lib/netdata/cloud.d"; + config = { + global = { + "memory mode" = "ram"; + "debug log" = "none"; + "access log" = "none"; + "error log" = "syslog"; + }; + }; + }; + + users.users.qbittorrent.extraGroups = [ "media_services" ]; + users.groups.qbittorrent = { }; + + services.qbittorrent = { + enable = true; + dataDir = "/media/storage/media/downloads/"; + + user = "qbittorrent"; + group = "qbittorrent"; + port = 8090; + openFirewall = true; + package = pkgs.qbittorrent-nox; + }; + + systemd.tmpfiles.rules = [ + "d /media/storage/media/downloads/qBittorrent 0775 root media_services - -" + "d /storage/services/qbittorrent 0755 qbittorrent qbittorrent - -" + "d /storage/services/qbittorrent/config 0755 qbittorrent qbittorrent - -" + ]; + + services.jellyfin.enable = true; + + services.actual = { + enable = true; + settings = { + port = 5006; # Default + # listenAddress = "127.0.0.1"; + }; + }; + + virtualisation.docker.enable = true; + # users.users.death916.extraGroups = [ "docker" ]; # If needed + + virtualisation.oci-containers = { + backend = "docker"; + containers = { + + dufs = { + image = "sigoden/dufs:latest"; + ports = [ "5000:5000" ]; + volumes = [ "/media/storage/media/:/data" ]; # <-- Remember to change this path + cmd = [ + "/data" + "-A" + ]; + #extraOptions = [ "--restart=unless-stopped" ]; + }; + + c2c-scraper = { + image = "death916/c2cscrape:latest"; + volumes = [ + "/media/storage/media/books/audio/podcasts/C2C:/downloads" + "/media/storage/media/docker/volumes/c2cscrape:/app/data" + ]; + environment = { + TZ = "America/Los_Angeles"; + }; + autoStart = true; # Consider adding if not already present + # removeContainer = false; + extraOptions = [ + "--dns=8.8.8.8" + ]; + }; + + adguardhome = { + image = "adguard/adguardhome:latest"; + autoStart = true; + # ports = [ + # "53:53/tcp" + # "53:53/udp" + # "3000:3000/tcp" + # ]; + volumes = [ + "/storage/services/adguard/work:/opt/adguardhome/work" + "/storage/services/adguard/data:/opt/adguardhome/conf" + ]; + extraOptions = [ + "--network=host" + ]; + + }; + }; + }; + + boot.kernel.sysctl = { + "net.ipv4.ip_forward" = 1; + "net.ipv6.conf.all.forwarding" = 1; + }; + + systemd.services.kopia-backup = { + description = "Kopia backup service for NixOS server"; + serviceConfig = { + Type = "oneshot"; + User = "root"; # Run as root to access all files and Kopia config + ExecStart = "/usr/local/bin/nixos-kopia-backup.sh"; + path = with pkgs; [ + coreutils # Provides basic tools like `sh`, `cat`, etc. + kopia # The kopia binary itself + ]; + + }; + }; + + systemd.timers.kopia-backup = { + description = "Daily Kopia backup timer"; + wantedBy = [ "timers.target" ]; + partOf = [ "kopia-backup.service" ]; # Links timer to the service + timerConfig = { + OnCalendar = "hourly"; # Or "hourly", "*-*-* 02:00:00" for 2 AM daily, etc. + Persistent = true; # Run on next boot if a scheduled run was missed + Unit = "kopia-backup.service"; + }; + }; + + users.users.adguardhome = { + isSystemUser = true; + group = "adguardhome"; + extraGroups = [ "adgaurdhome-access" ]; + }; + users.groups.adguardhome-access = { }; + + users.groups.adguardhome = { }; + + #services.homeAssistantVM.enable = true; + + # Sudo access for the wheel group (which death916 is part of) + security.sudo.wheelNeedsPassword = true; # Or false if you prefer passwordless sudo for wheel + + # Essential server packages + environment.systemPackages = with pkgs; [ + git + vim + htop + tmux + tailscale + lvm2 + rsync + multipath-tools # kpartx + btop + wget + pkgs.jellyfin-web + pkgs.jellyfin-ffmpeg + pkgs.jellyfin + unzip + kopia + manix + nh + qemu + ]; + + # If you use custom overlays specific to this server: + # nixpkgs.overlays = [(import ../overlays/homelab-overlay.nix)]; + + system.stateVersion = "24.11"; # Set to your NixOS version +} diff --git a/old_config/modules/home-manager/default.nix b/old_config/modules/home-manager/default.nix new file mode 100644 index 0000000..45aae31 --- /dev/null +++ b/old_config/modules/home-manager/default.nix @@ -0,0 +1,6 @@ +# Add your reusable home-manager modules to this directory, on their own file (https://nixos.wiki/wiki/Module). +# These should be stuff you would like to share with others, not your personal configurations. +{ + # List your module files here + # my-module = import ./my-module.nix; +} diff --git a/old_config/modules/nixos/default.nix b/old_config/modules/nixos/default.nix new file mode 100644 index 0000000..8605069 --- /dev/null +++ b/old_config/modules/nixos/default.nix @@ -0,0 +1,6 @@ +# Add your reusable NixOS modules to this directory, on their own file (https://nixos.wiki/wiki/Module). +# These should be stuff you would like to share with others, not your personal configurations. +{ + # List your module files here + # my-module = import ./my-module.nix; +} diff --git a/scripts/nh-push b/scripts/nh-push new file mode 100755 index 0000000..d46c44b --- /dev/null +++ b/scripts/nh-push @@ -0,0 +1,20 @@ +#!/usr/bin/env bash + +#!/usr/bin/env bash + +# A wrapper for 'nh' that runs 'git push' on success. + +# Exit immediately if a command exits with a non-zero status. +set -e + +# Run the 'nh' command with all arguments passed to the script. +# The flake path is hardcoded for convenience. +nh os switch "/home/death916/nixconfig#$@" + +# If the above command was successful, proceed to the next lines. +echo "NixOS rebuild successful. Pushing to remote..." + +# Push the configuration to the git remote. +git -C /home/death916/nixconfig push + +echo "Push complete."