death916/nixconfig
1
0
Fork 0
mirror of https://github.com/Death916/nixconfig.git synced 2026-04-10 02:54:39 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions

modularize configs

Browse source
This commit is contained in:
death916 2025-06-30 14:32:30 -07:00
parent bc5649390f
commit f4565fcd86
16 changed files with 1045 additions and 651 deletions
Download patch file Download diff file Expand all files Collapse all files

71
README.md Normal file
View file

@ -0,0 +1,71 @@
# NixOS Configuration Refactor
This document outlines the new, modular structure of the NixOS configuration and explains how to revert to the previous setup if necessary.
## New Directory Structure
The configuration has been reorganized to be more modular and easier to manage. Here is an overview of the new structure:
```
.
├── flake.nix
├── home-manager/
│ ├── death916-homelab.nix
│ └── home.nix
├── modules/
│ ├── home-manager/
│ │ └── common.nix
│ └── nixos/
│ ├── common/
│ │ ├── base.nix
│ │ └── tailscale.nix
│ ├── homelab/
│ │ ├── networking.nix
│ │ ├── services.nix
│ │ └── user.nix
│ └── laptop/
│ ├── desktop.nix
│ └── user.nix
├── nixos/
│ ├── configuration.nix
│ └── homelab.nix
├── old_config/ # <-- Your previous configuration is backed up here
└── scripts/
└── nh-push # <-- New helper script
```
### Key Changes
- **Modularization**: The main `configuration.nix` and `homelab.nix` files have been split into smaller, more focused modules located in the `modules/` directory. This makes the code cleaner and easier to navigate.
- **Shared vs. Specific Config**: Common settings shared between both the laptop and homelab are now in `modules/nixos/common/` and `modules/home-manager/common.nix`. Machine-specific configurations are in their respective `laptop/` and `homelab/` subdirectories.
- **`flake.nix`**: The flake now uses `specialArgs` to pass overlays and other shared values to the modules, reducing redundancy.
- **`nh-push` script**: A new script has been added at `scripts/nh-push`. This script wraps the `nh os switch` command and automatically runs `git push` after a successful build, streamlining the update process.
## How to Revert the Changes
If you encounter any issues with the new configuration, you can easily revert to your previous setup. Your old files are safely archived in the `old_config/` directory.
To revert, follow these steps:
1. **Delete the new configuration files**:
```bash
rm -rf flake.nix nixos/ modules/ home-manager/ scripts/
```
2. **Restore the old configuration from the backup**:
```bash
mv old_config/* .
rmdir old_config
```
3. **Rebuild your system**:
After restoring the files, run your usual NixOS rebuild command, for example:
```bash
sudo nixos-rebuild switch --flake .#homelab
```
This will restore your system to the exact state it was in before these changes were made.

57
flake.nix
View file

@ -1,3 +1,4 @@
# ~/Documents/nix-config/flake.nix # ~/Documents/nix-config/flake.nix
{ {
description = "NixOS configurations for laptop and homelab server"; description = "NixOS configurations for laptop and homelab server";
@ -35,41 +36,11 @@
let let
system = "x86_64-linux"; system = "x86_64-linux";
hmLib = home-manager.lib; hmLib = home-manager.lib;
primaryUser = "death916";
# pkgs for the 'nixos' (laptop) configuration overlays = {
pkgsForLaptop = import nixpkgs { rust = rust-overlay.overlays.default;
inherit system; halloy = import ./overlays/halloy-overlay.nix;
overlays = [
rust-overlay.overlays.default
(import ./overlays/halloy-overlay.nix) # Assuming this overlay is general
];
config = {
# Global config for laptop pkgs
allowUnfree = true; # Example, add if needed
};
};
# pkgs for the 'homelab' configuration (main system pkgs)
pkgsForHomelab = import nixpkgs {
# Using the stable nixpkgs for homelab base
inherit system;
overlays = [
];
config = {
# Global config for homelab pkgs
allowUnfree = true; # Example, add if needed
};
};
# Unstable pkgs specifically for Home Assistant on homelab
pkgsUnstableForHA = import nixpkgs-unstable {
inherit system;
config = {
# Global config for unstable pkgs
allowUnfree = true; # Example
# If HA from unstable needs OpenSSL 1.1
permittedInsecurePackages = [ "openssl-1.1.1w" ];
};
}; };
in in
@ -77,16 +48,8 @@
nixosConfigurations = { nixosConfigurations = {
nixos = nixpkgs.lib.nixosSystem { nixos = nixpkgs.lib.nixosSystem {
inherit system; inherit system;
specialArgs = { inherit inputs system; }; # pkgs will be set via module below specialArgs = { inherit inputs system overlays primaryUser; }; # pkgs will be set via module below
modules = [ modules = [
{
nixpkgs.pkgs = pkgsForLaptop; # Use the pkgs definition with overlays for 'nixos'
# nix.settings = {
# substituters = [ "https://cosmic.cachix.org/" ];
# trusted-public-keys = [ "cosmic.cachix.org-1:Dya9IyXD4xdBehWjrkPv6rtxpmMdRel02smYzA85dPE=" ];
# };
}
#: nixos-cosmic.nixosModules.default
./nixos/configuration.nix ./nixos/configuration.nix
home-manager.nixosModules.home-manager home-manager.nixosModules.home-manager
{ {
@ -104,15 +67,11 @@
inherit system; inherit system;
# Pass the unstable pkgs set for HA to the homelab configuration # Pass the unstable pkgs set for HA to the homelab configuration
specialArgs = { specialArgs = {
inherit inputs system; inherit inputs system overlays primaryUser;
unstablePkgsHA = pkgsUnstableForHA; unstablePkgsHA = import nixpkgs-unstable { inherit system; };
}; };
modules = [ modules = [
{ nixpkgs.pkgs = pkgsForHomelab; } # Use the base pkgs definition for 'homelab'
# Import the unstable Home Assistant module
./nixos/homelab.nix # Your main homelab config ./nixos/homelab.nix # Your main homelab config
./nixos/hardware-homelab.nix
# ./modules/home-assistant.nix # Your HA configuration module # ./modules/home-assistant.nix # Your HA configuration module
home-manager.nixosModules.home-manager home-manager.nixosModules.home-manager
{ {

78
home-manager/death916-homelab.nix
View file

@ -1,93 +1,25 @@
# ./home-manager/death916-homelab.nix # ~/nixconfig/home-manager/death916-homelab.nix.new
{ {
config, config,
pkgs, pkgs,
lib, lib,
inputs, inputs,
... ...
}: }:
{ {
imports = [ ../modules/home-manager/common.nix ];
home.username = "death916"; home.username = "death916";
home.homeDirectory = "/home/death916"; home.homeDirectory = "/home/death916";
# Basic shell configuration (can be more elaborate)
programs.bash.enable = true;
programs.git = {
enable = true;
userName = "death916";
userEmail = "mail@trentnelson.dev";
extraConfig = {
credential.helper = "store";
};
};
# Server-specific tools or dotfiles for death916
programs.tmux.enable = true; # Example from your repo image
# Example: Different shell prompt or aliases for server environment
# programs.bash.shellAliases = {
# ll = "ls -alh";
# update-system = "sudo nixos-rebuild switch --flake /etc/nixos#homelab";
# };
programs.helix = {
enable = true;
settings = {
theme = "autumn_night_transparent";
editor = {
cursor-shape = {
normal = "block";
insert = "bar";
select = "underline";
};
true-color = true;
soft-wrap = {
enable = true;
};
};
};
languages.language = [
{
name = "nix";
auto-format = true;
formatter.command = lib.getExe pkgs.nixfmt-rfc-style;
}
# Python configuration
{
name = "python";
language-servers = [ "pylsp" ];
auto-format = true;
}
];
themes = {
autumn_night_transparent = {
"inherits" = "autumn_night";
"ui.background" = { };
};
};
extraPackages = [
pkgs.python3Packages.python-lsp-server # Required for pylsp
];
};
programs.atuin = {
enable = true;
settings = {
search_mode = "fuzzy";
};
};
home.packages = with pkgs; [ home.packages = with pkgs; [
# Any user-specific packages for death916 on the server
fastfetch fastfetch
wget wget
zellij zellij
systemctl-tui systemctl-tui
gemini-cli gemini-cli
]; ];
# Keep this consistent with your system's state version
home.stateVersion = "24.11";
programs.home-manager.enable = true;
} }

77
home-manager/home.nix
View file

@ -1,9 +1,10 @@
# ~/nixconfig/home-manager/home.nix.new
{ {
config, config,
pkgs, pkgs,
lib, lib,
hmLib, hmLib,
... ...
}: }:
let let
@ -11,6 +12,8 @@ let
tmuxai-pkg = pkgs.callPackage tmuxaiPackageDir { }; tmuxai-pkg = pkgs.callPackage tmuxaiPackageDir { };
in in
{ {
imports = [ ../modules/home-manager/common.nix ];
home.username = "death916"; home.username = "death916";
home.homeDirectory = "/home/death916"; home.homeDirectory = "/home/death916";
@ -20,7 +23,6 @@ in
}; };
home.packages = with pkgs; [ home.packages = with pkgs; [
fastfetch
nnn nnn
zip zip
xz xz
@ -65,72 +67,15 @@ in
halloy halloy
tmux tmux
nextcloud-client nextcloud-client
tmuxai-pkg
obsidian obsidian
element-desktop element-desktop
ghostty ghostty
manix manix
zed-editor zed-editor
zellij
aichat aichat
wl-clipboard wl-clipboard
]; ];
programs.helix = {
enable = true;
settings = {
theme = "autumn_night_transparent";
editor = {
cursor-shape = {
normal = "block";
insert = "bar";
select = "underline";
};
true-color = true;
soft-wrap = {
enable = true;
};
};
};
languages.language = [
{
name = "nix";
auto-format = true;
formatter.command = lib.getExe pkgs.nixfmt-rfc-style;
}
# Python configuration
{
name = "python";
language-servers = [ "pylsp" ];
auto-format = true;
}
];
themes = {
autumn_night_transparent = {
"inherits" = "autumn_night";
"ui.background" = { };
};
};
extraPackages = [
pkgs.python3Packages.python-lsp-server # Required for pylsp
];
};
programs.git = {
enable = true;
userName = "death916";
userEmail = "mail@trentnelson.dev";
extraConfig = {
credential.helper = "store";
};
};
programs.atuin = {
enable = true;
settings = {
search_mode = "fuzzy";
};
};
programs.starship = { programs.starship = {
enable = true; enable = true;
enableBashIntegration = true; enableBashIntegration = true;
@ -148,10 +93,9 @@ in
ignore_base = false; ignore_base = false;
disabled = false; disabled = false;
}; };
# In your programs.starship.settings
nix_shell = { nix_shell = {
disabled = false; disabled = false;
symbol = " "; # or "󱄅 " with Nerd Fonts symbol = " ";
style = "blue bold"; style = "blue bold";
format = "[$symbol($state)]($style) "; format = "[$symbol($state)]($style) ";
}; };
@ -176,9 +120,7 @@ in
enable = true; enable = true;
settings = { settings = {
env.TERM = "xterm-256color"; env.TERM = "xterm-256color";
font = { font = { size = 12; };
size = 12;
};
scrolling.multiplier = 5; scrolling.multiplier = 5;
selection.save_to_clipboard = true; selection.save_to_clipboard = true;
}; };
@ -204,11 +146,4 @@ in
urlencode = "python3 -c 'import sys, urllib.parse as ul; print(ul.quote_plus(sys.stdin.read()))'"; urlencode = "python3 -c 'import sys, urllib.parse as ul; print(ul.quote_plus(sys.stdin.read()))'";
}; };
}; };
home.sessionVariables = {
EDITOR = "hx";
};
home.stateVersion = "24.11";
programs.home-manager.enable = true;
} }

135
nixos/configuration.nix
View file

@ -1,135 +1,10 @@
# Edit this configuration file to define what should be installed on # ~/nixconfig/nixos/configuration.nix.new
# your system. Help is available in the configuration.nix(5) man page, on
# https://search.nixos.org/options and in the NixOS manual (`nixos-help`).
{
config,
lib,
pkgs,
inputs,
...
}:
{ {
imports = [ imports = [
# Include the results of the hardware scan.
./hardware-configuration.nix ./hardware-configuration.nix
# Remove this line - overlays are now handled in flake.nix ../modules/nixos/laptop/desktop.nix
# ../overlays/halloy-overlay.nix ../modules/nixos/common/base.nix
../modules/nixos/laptop/user.nix
../modules/nixos/common/tailscale.nix
]; ];
# Use the systemd-boot EFI boot loader.
boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true;
powerManagement.cpuFreqGovernor = "ondemand"; # hopefully fix low cpu freq
hardware.cpu.amd.updateMicrocode = true; # same
# networking.hostName = "nixos"; # Define your hostname.
# Pick only one of the below networking options.
# networking.wireless.enable = true; # Enables wireless support via wpa_supplicant.
# networking.networkmanager.enable = true; # Easiest to use and most distros use this by default.
# Set your time zone.
time.timeZone = "America/Los_Angeles";
users.users.death916 = {
isNormalUser = true;
home = "/home/death916";
description = "Death916";
extraGroups = [
"wheel"
"networkmanager"
];
};
# Configure network proxy if necessary
# networking.proxy.default = "http://user:password@proxy:port/";
# networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain";
# Select internationalisation properties.
# i18n.defaultLocale = "en_US.UTF-8";
# console = {
# font = "Lat2-Terminus16";
# keyMap = "us";
# useXkbConfig = true; # use xkb.options in tty.
# };
# Enable the X11 windowing system.
services.xserver.enable = true;
services.gnome.gnome-keyring.enable = true;
services.dbus.enable = true; # for nextcloud client
# Enable the GNOME Desktop Environment.
services.xserver.displayManager.gdm.enable = false;
services.xserver.desktopManager.gnome.enable = false;
#cosmic instead
services.desktopManager.cosmic.enable = true;
services.displayManager.cosmic-greeter.enable = true;
services.desktopManager.cosmic.xwayland.enable = true;
# Configure keymap in X11
# services.xserver.xkb.layout = "us";
# services.xserver.xkb.options = "eurosign:e,caps:escape";
# Enable CUPS to print documents.
# services.printing.enable = true;
# Enable sound.
# hardware.pulseaudio.enable = true;
# OR
# services.pipewire = {
# enable = true;
# pulse.enable = true;
# };
# Enable touchpad support (enabled default in most desktopManager).
# services.libinput.enable = true;
# add flox repos
nix.settings.trusted-substituters = [ "https://cache.flox.dev" ];
nix.settings.trusted-public-keys = [
"flox-cache-public-1:7F4OyH7ZCnFhcze3fJdfyXYLQw/aV7GEed86nQ7IsOs="
];
# my settings
nix.settings.experimental-features = [
"nix-command"
"flakes"
];
environment.systemPackages = with pkgs; [
# Flakes clones its dependencies through the git command,
# so git must be installed first
git
vim
wget
tailscale
halloy # Add halloy to your system packages
conda
inputs.flox.packages.${pkgs.system}.flox
kopia-ui
stremio
wl-clipboard
tail-tray
];
# to make exit nodes work
networking.firewall.checkReversePath = "loose";
hardware.bluetooth.enable = true;
# hardware.blueman.enable = true;
# hardware.bluetooth.package - pkgs.bluezFull;
hardware.bluetooth.powerOnBoot = true;
# my additions
services.tailscale = {
enable = true;
useRoutingFeatures = "both"; # Or "client", or "both" depending on your needs
# Other Tailscale options...
};
networking.interfaces.tailscale0.mtu = 1500;
programs.firefox.enable = true;
programs.nh = {
enable = true;
clean.enable = true;
clean.extraArgs = "--keep-since 7d --keep 10";
flake = "/home/death916/Documents/nix-config/";
};
services.fprintd.enable = true;
system.stateVersion = "24.11"; # Did you read the comment?
} }

334
nixos/homelab.nix
View file

@ -1,12 +1,4 @@
# ./nixos/homelab.nix # ~/nixconfig/nixos/homelab.nix.new
{
config,
pkgs,
lib,
inputs,
...
}:
{ {
imports = [ imports = [
../modules/nextcloud-setup.nix ../modules/nextcloud-setup.nix
@ -17,324 +9,10 @@
../modules/vms/incus-base.nix ../modules/vms/incus-base.nix
../modules/smb.nix ../modules/smb.nix
# ../modules/opencloud.nix # ../modules/opencloud.nix
../modules/nixos/homelab/networking.nix
../modules/nixos/homelab/services.nix
../modules/nixos/common/base.nix
../modules/nixos/homelab/user.nix
../modules/nixos/common/tailscale.nix
]; ];
arrSuite.enable = true;
services.samba.shares.Media.path = "/media/storage/media";
# nixpkgs.config.allowUnfree = true;
boot.loader.systemd-boot.enable = true; # Or grub, as appropriate for your server
boot.loader.efi.canTouchEfiVariables = true;
powerManagement.cpuFreqGovernor = "ondemand"; # hopefully fix low cpu freq
hardware.cpu.amd.updateMicrocode = true; # same
networking.hostName = "homelab"; # Set the server's hostname
boot.initrd.kernelModules = [
"dm_mod"
"dm_thin_pool"
]; # Device mapper core
boot.initrd.availableKernelModules = [
# For LVM thin provisioning
# Add filesystem types you expect to find on these LVs, e.g., "ext4", "xfs", "zfs" (if using ZFS on LVM)
"ext4"
"xfs"
];
services.lvm.enable = true;
services.lvm.boot.thin.enable = true; # Crucial for thin pools
nix.settings.experimental-features = [
"nix-command"
"flakes"
];
# Mount for your media LV (from /dev/sdd via media VG)
fileSystems."/media" = {
device = "/dev/media/vm-101-disk-0";
fsType = "ext4";
options = [
"defaults"
"nofail"
];
};
time.timeZone = "America/Los_Angeles";
# Mount for your newly formatted storage LV
fileSystems."/storage" = {
device = "/dev/Storage/data_lv"; # Path to your new thick LV
fsType = "ext4"; # Or xfs if you chose that
options = [
"defaults"
"nofail"
];
};
virtualisation.incus.enable = true;
# Basic firewall
networking.nftables.enable = true;
networking.firewall.enable = true;
networking.firewall.allowedTCPPorts = [
22
53
8096 # jellyfin
];
networking.firewall.allowedUDPPorts = [
53 # AdGuard Home DNS over UDP
];
# Bridge configuration for Incus VMs
networking.bridges.br0.interfaces = [ "enp41s0" ];
networking.interfaces.br0 = {
ipv4.addresses = [
{
address = "192.168.0.116"; # <-- SET YOUR SERVER'S DESIRED STATIC IP
prefixLength = 24; # <-- SET YOUR SUBNET MASK (24 = 255.255.255.0)
}
];
};
networking.defaultGateway = "192.168.0.1"; # <-- SET YOUR ROUTER'S IP
networking.nameservers = [
"192.168.0.116"
];
networking.interfaces.enp41s0.useDHCP = false;
# Allow SSH
networking.firewall.trustedInterfaces = [
"tailscale0"
"docker0"
"br0"
]; # <--- ADDED for Tailscale access
# SSH Server configuration
services.openssh = {
enable = true;
ports = [ 22 ];
openFirewall = true;
settings.PasswordAuthentication = false; # Recommended: use SSH keys
settings.PermitRootLogin = "no"; # Recommended
};
# networking.firewall.checkReversePath = "loose";
services.tailscale = {
enable = true;
useRoutingFeatures = "both";
};
networking.firewall.checkReversePath = "loose"; # needed for tailscale nodes
# Define the 'death916' user for the server
#claimTokenFile = "/var/lib/netdata/cloud.d/token";
users.users.death916 = {
isNormalUser = true;
shell = pkgs.bash;
extraGroups = [
"wheel"
"media_services"
"nextcloud"
"docker"
"qbittorent"
"incus-admin"
]; # For sudo access
openssh.authorizedKeys.keys = [
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCte9KjJUSn4xBPEKCk9QER6+jF+C0uBatVl27zIamYsryyHdFrmqK2DAg7OhqTHqzjxID6sp6d57MsJqOUAtwXbUDMLffqBSerUxfTm+1SPDrhL0GSvo0QVjMLVseOEq8d2qXgW1R7dIk412VbO5e9SAump5aJOHI/SzT6VLoUczalmqrjnDacWQMeLu/TSOZHcfrhjYSg+b1xbc1vHp6C4obOb8JIj/anAieT/1P36MhlNW79ow6PWenLemBYeeezFrKtESF1oMc8jmcxogzgLamlqhKYAHlKhOuBF6u0nRneI5IPDbbMF5zwEv5szCEKj8XZJVYUk8uUg7ARyppjcA7yAXuaNKBNxa7tfjqWrDWOACn97ufE5FFJt0XH5JzkXcDh96K8ZSZaWxMRu2s+GlIu/1F415xtVfe1d79HYkWke/ewaQ4NqgOt8f7wRvyzabpQZDzkaXO0UoK65O2HyUur33XWCEmV+1pB6BrS8pD+1I4Tvbnc+rOgtHTTRfKqezKqZmaErEOxClBwvWjvn0PzhGSoClTGXPjhl239/sH0JGY09dTBh8GtAVbfv+jFO6nm6aR7O/OwSaohY3uOdRo8XyxJr4XyGAaBNRdm6BUJRnB4W51J49IQBZzIe2NUkNMHeUT4jkxFpfhkujnSFw2ZnOLkERpwkltAlbwuLw== tavn1992@gmail.com" # <<-- REPLACE THIS WITH YOUR SSH PUBLIC KEY for death916
# Add more keys if needed
];
# If 'death916' needs a password on the server (less secure than key-only)
# initialPassword = "yoursecurepassword"; # Or use hashed password
};
users.users.audiobookshelf = {
isSystemUser = true; # System user, doesn't need a home directory by default for services
group = "media_services"; # Primary group
# extraGroups = [ "media_services" ]; # Alternatively, if you want a different primary group
};
# users.users.nextcloud = {
# This merges with the 'nextcloud' user definition from services.nextcloud in the imported module
# extraGroups = [ "media_services" ];
#};
users.groups.media_services = { };
#users.groups.nextcloud = {};
# homelab services
services.plex = {
enable = true;
openFirewall = true;
user = "death916";
};
services.audiobookshelf = {
enable = true;
user = "audiobookshelf";
group = "media_services";
host = "0.0.0.0"; # <--- ADD THIS LINE to listen on all IPv4 interfaces
port = 13378;
};
#networking.firewall.allowedTCPPorts = [19999];
# services.netdata.package = pkgs.netdata.override { withCloud = true; };
services.netdata = {
# package = pkgs.netdata.override {
# withCloud = true;
# };
enable = true;
# claimTokenFile = "/var/lib/netdata/cloud.d";
config = {
global = {
"memory mode" = "ram";
"debug log" = "none";
"access log" = "none";
"error log" = "syslog";
};
};
};
users.users.qbittorrent.extraGroups = [ "media_services" ];
users.groups.qbittorrent = { };
services.qbittorrent = {
enable = true;
dataDir = "/media/storage/media/downloads/";
user = "qbittorrent";
group = "qbittorrent";
port = 8090;
openFirewall = true;
package = pkgs.qbittorrent-nox;
};
systemd.tmpfiles.rules = [
"d /media/storage/media/downloads/qBittorrent 0775 root media_services - -"
"d /storage/services/qbittorrent 0755 qbittorrent qbittorrent - -"
"d /storage/services/qbittorrent/config 0755 qbittorrent qbittorrent - -"
];
services.jellyfin.enable = true;
services.actual = {
enable = true;
settings = {
port = 5006; # Default
# listenAddress = "127.0.0.1";
};
};
virtualisation.docker.enable = true;
# users.users.death916.extraGroups = [ "docker" ]; # If needed
virtualisation.oci-containers = {
backend = "docker";
containers = {
dufs = {
image = "sigoden/dufs:latest";
ports = [ "5000:5000" ];
volumes = [ "/media/storage/media/:/data" ]; # <-- Remember to change this path
cmd = [
"/data"
"-A"
];
#extraOptions = [ "--restart=unless-stopped" ];
};
c2c-scraper = {
image = "death916/c2cscrape:latest";
volumes = [
"/media/storage/media/books/audio/podcasts/C2C:/downloads"
"/media/storage/media/docker/volumes/c2cscrape:/app/data"
];
environment = {
TZ = "America/Los_Angeles";
};
autoStart = true; # Consider adding if not already present
# removeContainer = false;
extraOptions = [
"--dns=8.8.8.8"
];
};
adguardhome = {
image = "adguard/adguardhome:latest";
autoStart = true;
# ports = [
# "53:53/tcp"
# "53:53/udp"
# "3000:3000/tcp"
# ];
volumes = [
"/storage/services/adguard/work:/opt/adguardhome/work"
"/storage/services/adguard/data:/opt/adguardhome/conf"
];
extraOptions = [
"--network=host"
];
};
};
};
boot.kernel.sysctl = {
"net.ipv4.ip_forward" = 1;
"net.ipv6.conf.all.forwarding" = 1;
};
systemd.services.kopia-backup = {
description = "Kopia backup service for NixOS server";
serviceConfig = {
Type = "oneshot";
User = "root"; # Run as root to access all files and Kopia config
ExecStart = "/usr/local/bin/nixos-kopia-backup.sh";
path = with pkgs; [
coreutils # Provides basic tools like `sh`, `cat`, etc.
kopia # The kopia binary itself
];
};
};
systemd.timers.kopia-backup = {
description = "Daily Kopia backup timer";
wantedBy = [ "timers.target" ];
partOf = [ "kopia-backup.service" ]; # Links timer to the service
timerConfig = {
OnCalendar = "hourly"; # Or "hourly", "*-*-* 02:00:00" for 2 AM daily, etc.
Persistent = true; # Run on next boot if a scheduled run was missed
Unit = "kopia-backup.service";
};
};
users.users.adguardhome = {
isSystemUser = true;
group = "adguardhome";
extraGroups = [ "adgaurdhome-access" ];
};
users.groups.adguardhome-access = { };
users.groups.adguardhome = { };
#services.homeAssistantVM.enable = true;
# Sudo access for the wheel group (which death916 is part of)
security.sudo.wheelNeedsPassword = true; # Or false if you prefer passwordless sudo for wheel
# Essential server packages
environment.systemPackages = with pkgs; [
git
vim
htop
tmux
tailscale
lvm2
rsync
multipath-tools # kpartx
btop
wget
pkgs.jellyfin-web
pkgs.jellyfin-ffmpeg
pkgs.jellyfin
unzip
kopia
manix
nh
qemu
];
# If you use custom overlays specific to this server:
# nixpkgs.overlays = [(import ../overlays/homelab-overlay.nix)];
system.stateVersion = "24.11"; # Set to your NixOS version
} }

135
old_config/configuration.nix Normal file
View file

@ -0,0 +1,135 @@
# Edit this configuration file to define what should be installed on
# your system. Help is available in the configuration.nix(5) man page, on
# https://search.nixos.org/options and in the NixOS manual (`nixos-help`).
{
config,
lib,
pkgs,
inputs,
...
}:
{
imports = [
# Include the results of the hardware scan.
./hardware-configuration.nix
# Remove this line - overlays are now handled in flake.nix
# ../overlays/halloy-overlay.nix
];
# Use the systemd-boot EFI boot loader.
boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true;
powerManagement.cpuFreqGovernor = "ondemand"; # hopefully fix low cpu freq
hardware.cpu.amd.updateMicrocode = true; # same
# networking.hostName = "nixos"; # Define your hostname.
# Pick only one of the below networking options.
# networking.wireless.enable = true; # Enables wireless support via wpa_supplicant.
# networking.networkmanager.enable = true; # Easiest to use and most distros use this by default.
# Set your time zone.
time.timeZone = "America/Los_Angeles";
users.users.death916 = {
isNormalUser = true;
home = "/home/death916";
description = "Death916";
extraGroups = [
"wheel"
"networkmanager"
];
};
# Configure network proxy if necessary
# networking.proxy.default = "http://user:password@proxy:port/";
# networking.proxy.noProxy = "127.0.0.1,localhost,internal.domain";
# Select internationalisation properties.
# i18n.defaultLocale = "en_US.UTF-8";
# console = {
# font = "Lat2-Terminus16";
# keyMap = "us";
# useXkbConfig = true; # use xkb.options in tty.
# };
# Enable the X11 windowing system.
services.xserver.enable = true;
services.gnome.gnome-keyring.enable = true;
services.dbus.enable = true; # for nextcloud client
# Enable the GNOME Desktop Environment.
services.xserver.displayManager.gdm.enable = false;
services.xserver.desktopManager.gnome.enable = false;
#cosmic instead
services.desktopManager.cosmic.enable = true;
services.displayManager.cosmic-greeter.enable = true;
services.desktopManager.cosmic.xwayland.enable = true;
# Configure keymap in X11
# services.xserver.xkb.layout = "us";
# services.xserver.xkb.options = "eurosign:e,caps:escape";
# Enable CUPS to print documents.
# services.printing.enable = true;
# Enable sound.
# hardware.pulseaudio.enable = true;
# OR
# services.pipewire = {
# enable = true;
# pulse.enable = true;
# };
# Enable touchpad support (enabled default in most desktopManager).
# services.libinput.enable = true;
# add flox repos
nix.settings.trusted-substituters = [ "https://cache.flox.dev" ];
nix.settings.trusted-public-keys = [
"flox-cache-public-1:7F4OyH7ZCnFhcze3fJdfyXYLQw/aV7GEed86nQ7IsOs="
];
# my settings
nix.settings.experimental-features = [
"nix-command"
"flakes"
];
environment.systemPackages = with pkgs; [
# Flakes clones its dependencies through the git command,
# so git must be installed first
git
vim
wget
tailscale
halloy # Add halloy to your system packages
conda
inputs.flox.packages.${pkgs.system}.flox
kopia-ui
stremio
wl-clipboard
tail-tray
];
# to make exit nodes work
networking.firewall.checkReversePath = "loose";
hardware.bluetooth.enable = true;
# hardware.blueman.enable = true;
# hardware.bluetooth.package - pkgs.bluezFull;
hardware.bluetooth.powerOnBoot = true;
# my additions
services.tailscale = {
enable = true;
useRoutingFeatures = "both"; # Or "client", or "both" depending on your needs
# Other Tailscale options...
};
networking.interfaces.tailscale0.mtu = 1500;
programs.firefox.enable = true;
programs.nh = {
enable = true;
clean.enable = true;
clean.extraArgs = "--keep-since 7d --keep 10";
flake = "/home/death916/Documents/nix-config/";
};
services.fprintd.enable = true;
system.stateVersion = "24.11"; # Did you read the comment?
}

93
old_config/death916-homelab.nix Normal file
View file

@ -0,0 +1,93 @@
# ./home-manager/death916-homelab.nix
{
config,
pkgs,
lib,
inputs,
...
}:
{
home.username = "death916";
home.homeDirectory = "/home/death916";
# Basic shell configuration (can be more elaborate)
programs.bash.enable = true;
programs.git = {
enable = true;
userName = "death916";
userEmail = "mail@trentnelson.dev";
extraConfig = {
credential.helper = "store";
};
};
# Server-specific tools or dotfiles for death916
programs.tmux.enable = true; # Example from your repo image
# Example: Different shell prompt or aliases for server environment
# programs.bash.shellAliases = {
# ll = "ls -alh";
# update-system = "sudo nixos-rebuild switch --flake /etc/nixos#homelab";
# };
programs.helix = {
enable = true;
settings = {
theme = "autumn_night_transparent";
editor = {
cursor-shape = {
normal = "block";
insert = "bar";
select = "underline";
};
true-color = true;
soft-wrap = {
enable = true;
};
};
};
languages.language = [
{
name = "nix";
auto-format = true;
formatter.command = lib.getExe pkgs.nixfmt-rfc-style;
}
# Python configuration
{
name = "python";
language-servers = [ "pylsp" ];
auto-format = true;
}
];
themes = {
autumn_night_transparent = {
"inherits" = "autumn_night";
"ui.background" = { };
};
};
extraPackages = [
pkgs.python3Packages.python-lsp-server # Required for pylsp
];
};
programs.atuin = {
enable = true;
settings = {
search_mode = "fuzzy";
};
};
home.packages = with pkgs; [
# Any user-specific packages for death916 on the server
fastfetch
wget
zellij
systemctl-tui
gemini-cli
];
# Keep this consistent with your system's state version
home.stateVersion = "24.11";
programs.home-manager.enable = true;
}

130
old_config/flake.nix Normal file
View file

@ -0,0 +1,130 @@
# ~/Documents/nix-config/flake.nix
{
description = "NixOS configurations for laptop and homelab server";
inputs = {
nixpkgs.url = "github:NixOS/nixpkgs/nixos-25.05";
nixpkgs-unstable.url = "github:NixOS/nixpkgs/nixos-unstable"; # Added for Home Assistant
# nixos-cosmic = {
# url = "github:lilyinstarlight/nixos-cosmic";
# inputs.nixpkgs.follows = "nixpkgs";
# };
home-manager = {
url = "github:nix-community/home-manager/release-25.05";
inputs.nixpkgs.follows = "nixpkgs";
};
rust-overlay = {
url = "github:oxalica/rust-overlay";
inputs.nixpkgs.follows = "nixpkgs";
};
flox.url = "github:flox/flox";
};
outputs =
inputs@{
self,
nixpkgs,
nixpkgs-unstable,
home-manager,
# nixos-cosmic,
rust-overlay,
flox,
...
}:
let
system = "x86_64-linux";
hmLib = home-manager.lib;
# pkgs for the 'nixos' (laptop) configuration
pkgsForLaptop = import nixpkgs {
inherit system;
overlays = [
rust-overlay.overlays.default
(import ./overlays/halloy-overlay.nix) # Assuming this overlay is general
];
config = {
# Global config for laptop pkgs
allowUnfree = true; # Example, add if needed
};
};
# pkgs for the 'homelab' configuration (main system pkgs)
pkgsForHomelab = import nixpkgs {
# Using the stable nixpkgs for homelab base
inherit system;
overlays = [
];
config = {
# Global config for homelab pkgs
allowUnfree = true; # Example, add if needed
};
};
# Unstable pkgs specifically for Home Assistant on homelab
pkgsUnstableForHA = import nixpkgs-unstable {
inherit system;
config = {
# Global config for unstable pkgs
allowUnfree = true; # Example
# If HA from unstable needs OpenSSL 1.1
permittedInsecurePackages = [ "openssl-1.1.1w" ];
};
};
in
{
nixosConfigurations = {
nixos = nixpkgs.lib.nixosSystem {
inherit system;
specialArgs = { inherit inputs system; }; # pkgs will be set via module below
modules = [
{
nixpkgs.pkgs = pkgsForLaptop; # Use the pkgs definition with overlays for 'nixos'
# nix.settings = {
# substituters = [ "https://cosmic.cachix.org/" ];
# trusted-public-keys = [ "cosmic.cachix.org-1:Dya9IyXD4xdBehWjrkPv6rtxpmMdRel02smYzA85dPE=" ];
# };
}
#: nixos-cosmic.nixosModules.default
./nixos/configuration.nix
home-manager.nixosModules.home-manager
{
home-manager.useGlobalPkgs = true;
home-manager.useUserPackages = true;
home-manager.extraSpecialArgs = { inherit hmLib; };
home-manager.users.death916 = {
imports = [ ./home-manager/home.nix ];
};
}
];
};
homelab = nixpkgs.lib.nixosSystem {
inherit system;
# Pass the unstable pkgs set for HA to the homelab configuration
specialArgs = {
inherit inputs system;
unstablePkgsHA = pkgsUnstableForHA;
};
modules = [
{ nixpkgs.pkgs = pkgsForHomelab; } # Use the base pkgs definition for 'homelab'
# Import the unstable Home Assistant module
./nixos/homelab.nix # Your main homelab config
./nixos/hardware-homelab.nix
# ./modules/home-assistant.nix # Your HA configuration module
home-manager.nixosModules.home-manager
{
home-manager.useGlobalPkgs = true;
home-manager.useUserPackages = true;
home-manager.extraSpecialArgs = { inherit hmLib; };
home-manager.users.death916 = {
imports = [ ./home-manager/death916-homelab.nix ];
};
}
];
};
};
};
}

0
flake.nix.b4serverconfig → old_config/flake.nix.b4serverconfig
View file

0
flake.nix.old → old_config/flake.nix.old
View file

214
old_config/home.nix Normal file
View file

@ -0,0 +1,214 @@
{
config,
pkgs,
lib,
hmLib,
...
}:
let
tmuxaiPackageDir = ../pkgs/tmuxai;
tmuxai-pkg = pkgs.callPackage tmuxaiPackageDir { };
in
{
home.username = "death916";
home.homeDirectory = "/home/death916";
xresources.properties = {
"Xcursor.size" = 16;
"Xft.dpi" = 172;
};
home.packages = with pkgs; [
fastfetch
nnn
zip
xz
unzip
p7zip
ripgrep
jq
yq-go
eza
fzf
mtr
iperf3
dnsutils
ldns
aria2
socat
nmap
ipcalc
cowsay
file
which
tree
gnused
gnutar
gawk
zstd
gnupg
nix-output-monitor
glow
btop
iotop
iftop
strace
ltrace
lsof
sysstat
lm_sensors
ethtool
pciutils
usbutils
waveterm
halloy
tmux
nextcloud-client
tmuxai-pkg
obsidian
element-desktop
ghostty
manix
zed-editor
zellij
aichat
wl-clipboard
];
programs.helix = {
enable = true;
settings = {
theme = "autumn_night_transparent";
editor = {
cursor-shape = {
normal = "block";
insert = "bar";
select = "underline";
};
true-color = true;
soft-wrap = {
enable = true;
};
};
};
languages.language = [
{
name = "nix";
auto-format = true;
formatter.command = lib.getExe pkgs.nixfmt-rfc-style;
}
# Python configuration
{
name = "python";
language-servers = [ "pylsp" ];
auto-format = true;
}
];
themes = {
autumn_night_transparent = {
"inherits" = "autumn_night";
"ui.background" = { };
};
};
extraPackages = [
pkgs.python3Packages.python-lsp-server # Required for pylsp
];
};
programs.git = {
enable = true;
userName = "death916";
userEmail = "mail@trentnelson.dev";
extraConfig = {
credential.helper = "store";
};
};
programs.atuin = {
enable = true;
settings = {
search_mode = "fuzzy";
};
};
programs.starship = {
enable = true;
enableBashIntegration = true;
settings = {
add_newline = false;
aws.disabled = true;
gcloud.disabled = true;
line_break.disabled = true;
conda = {
truncation_length = 1;
format = ''[$symbol$environment]($style) '';
symbol = " ";
style = "green bold";
ignore_base = false;
disabled = false;
};
# In your programs.starship.settings
nix_shell = {
disabled = false;
symbol = " "; # or "󱄅 " with Nerd Fonts
style = "blue bold";
format = "[$symbol($state)]($style) ";
};
env_var = {
variable = "FLOX_PROMPT_ENVIRONMENTS";
format = "[flox:$env_value]($style) ";
style = "purple bold";
disabled = false;
};
format = ''$nix_shell$directory $git_branch $conda$env_var$cmd_duration$status$character'';
};
};
programs.emacs = {
enable = true;
package = pkgs.emacs;
};
programs.alacritty = {
enable = true;
settings = {
env.TERM = "xterm-256color";
font = {
size = 12;
};
scrolling.multiplier = 5;
selection.save_to_clipboard = true;
};
};
services.gnome-keyring.enable = true;
programs.vscode = {
enable = true;
package = pkgs.vscode.fhs;
};
programs.bash = {
enable = true;
enableCompletion = true;
bashrcExtra = ''
export PATH="$PATH:$HOME/bin:$HOME/.local/bin:$HOME/go/bin"
'';
shellAliases = {
k = "kubectl";
pimox = "tailscale ssh pimox";
homelab = "tailscale ssh homelab";
urldecode = "python3 -c 'import sys, urllib.parse as ul; print(ul.unquote_plus(sys.stdin.read()))'";
urlencode = "python3 -c 'import sys, urllib.parse as ul; print(ul.quote_plus(sys.stdin.read()))'";
};
};
home.sessionVariables = {
EDITOR = "hx";
};
home.stateVersion = "24.11";
programs.home-manager.enable = true;
}

340
old_config/homelab.nix Normal file
View file

@ -0,0 +1,340 @@
# ./nixos/homelab.nix
{
config,
pkgs,
lib,
inputs,
...
}:
{
imports = [
../modules/nextcloud-setup.nix
../modules/media/qbittorrent.nix
../modules/media/arr-suite.nix
# ../modules/home-assistant.nix
# ../modules/home-assistant-vm.nix
../modules/vms/incus-base.nix
../modules/smb.nix
# ../modules/opencloud.nix
];
arrSuite.enable = true;
services.samba.shares.Media.path = "/media/storage/media";
# nixpkgs.config.allowUnfree = true;
boot.loader.systemd-boot.enable = true; # Or grub, as appropriate for your server
boot.loader.efi.canTouchEfiVariables = true;
powerManagement.cpuFreqGovernor = "ondemand"; # hopefully fix low cpu freq
hardware.cpu.amd.updateMicrocode = true; # same
networking.hostName = "homelab"; # Set the server's hostname
boot.initrd.kernelModules = [
"dm_mod"
"dm_thin_pool"
]; # Device mapper core
boot.initrd.availableKernelModules = [
# For LVM thin provisioning
# Add filesystem types you expect to find on these LVs, e.g., "ext4", "xfs", "zfs" (if using ZFS on LVM)
"ext4"
"xfs"
];
services.lvm.enable = true;
services.lvm.boot.thin.enable = true; # Crucial for thin pools
nix.settings.experimental-features = [
"nix-command"
"flakes"
];
# Mount for your media LV (from /dev/sdd via media VG)
fileSystems."/media" = {
device = "/dev/media/vm-101-disk-0";
fsType = "ext4";
options = [
"defaults"
"nofail"
];
};
time.timeZone = "America/Los_Angeles";
# Mount for your newly formatted storage LV
fileSystems."/storage" = {
device = "/dev/Storage/data_lv"; # Path to your new thick LV
fsType = "ext4"; # Or xfs if you chose that
options = [
"defaults"
"nofail"
];
};
virtualisation.incus.enable = true;
# Basic firewall
networking.nftables.enable = true;
networking.firewall.enable = true;
networking.firewall.allowedTCPPorts = [
22
53
8096 # jellyfin
];
networking.firewall.allowedUDPPorts = [
53 # AdGuard Home DNS over UDP
];
# Bridge configuration for Incus VMs
networking.bridges.br0.interfaces = [ "enp41s0" ];
networking.interfaces.br0 = {
ipv4.addresses = [
{
address = "192.168.0.116"; # <-- SET YOUR SERVER'S DESIRED STATIC IP
prefixLength = 24; # <-- SET YOUR SUBNET MASK (24 = 255.255.255.0)
}
];
};
networking.defaultGateway = "192.168.0.1"; # <-- SET YOUR ROUTER'S IP
networking.nameservers = [
"192.168.0.116"
];
networking.interfaces.enp41s0.useDHCP = false;
# Allow SSH
networking.firewall.trustedInterfaces = [
"tailscale0"
"docker0"
"br0"
]; # <--- ADDED for Tailscale access
# SSH Server configuration
services.openssh = {
enable = true;
ports = [ 22 ];
openFirewall = true;
settings.PasswordAuthentication = false; # Recommended: use SSH keys
settings.PermitRootLogin = "no"; # Recommended
};
# networking.firewall.checkReversePath = "loose";
services.tailscale = {
enable = true;
useRoutingFeatures = "both";
};
networking.firewall.checkReversePath = "loose"; # needed for tailscale nodes
# Define the 'death916' user for the server
#claimTokenFile = "/var/lib/netdata/cloud.d/token";
users.users.death916 = {
isNormalUser = true;
shell = pkgs.bash;
extraGroups = [
"wheel"
"media_services"
"nextcloud"
"docker"
"qbittorent"
"incus-admin"
]; # For sudo access
openssh.authorizedKeys.keys = [
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCte9KjJUSn4xBPEKCk9QER6+jF+C0uBatVl27zIamYsryyHdFrmqK2DAg7OhqTHqzjxID6sp6d57MsJqOUAtwXbUDMLffqBSerUxfTm+1SPDrhL0GSvo0QVjMLVseOEq8d2qXgW1R7dIk412VbO5e9SAump5aJOHI/SzT6VLoUczalmqrjnDacWQMeLu/TSOZHcfrhjYSg+b1xbc1vHp6C4obOb8JIj/anAieT/1P36MhlNW79ow6PWenLemBYeeezFrKtESF1oMc8jmcxogzgLamlqhKYAHlKhOuBF6u0nRneI5IPDbbMF5zwEv5szCEKj8XZJVYUk8uUg7ARyppjcA7yAXuaNKBNxa7tfjqWrDWOACn97ufE5FFJt0XH5JzkXcDh96K8ZSZaWxMRu2s+GlIu/1F415xtVfe1d79HYkWke/ewaQ4NqgOt8f7wRvyzabpQZDzkaXO0UoK65O2HyUur33XWCEmV+1pB6BrS8pD+1I4Tvbnc+rOgtHTTRfKqezKqZmaErEOxClBwvWjvn0PzhGSoClTGXPjhl239/sH0JGY09dTBh8GtAVbfv+jFO6nm6aR7O/OwSaohY3uOdRo8XyxJr4XyGAaBNRdm6BUJRnB4W51J49IQBZzIe2NUkNMHeUT4jkxFpfhkujnSFw2ZnOLkERpwkltAlbwuLw== tavn1992@gmail.com" # <<-- REPLACE THIS WITH YOUR SSH PUBLIC KEY for death916
# Add more keys if needed
];
# If 'death916' needs a password on the server (less secure than key-only)
# initialPassword = "yoursecurepassword"; # Or use hashed password
};
users.users.audiobookshelf = {
isSystemUser = true; # System user, doesn't need a home directory by default for services
group = "media_services"; # Primary group
# extraGroups = [ "media_services" ]; # Alternatively, if you want a different primary group
};
# users.users.nextcloud = {
# This merges with the 'nextcloud' user definition from services.nextcloud in the imported module
# extraGroups = [ "media_services" ];
#};
users.groups.media_services = { };
#users.groups.nextcloud = {};
# homelab services
services.plex = {
enable = true;
openFirewall = true;
user = "death916";
};
services.audiobookshelf = {
enable = true;
user = "audiobookshelf";
group = "media_services";
host = "0.0.0.0"; # <--- ADD THIS LINE to listen on all IPv4 interfaces
port = 13378;
};
#networking.firewall.allowedTCPPorts = [19999];
# services.netdata.package = pkgs.netdata.override { withCloud = true; };
services.netdata = {
# package = pkgs.netdata.override {
# withCloud = true;
# };
enable = true;
# claimTokenFile = "/var/lib/netdata/cloud.d";
config = {
global = {
"memory mode" = "ram";
"debug log" = "none";
"access log" = "none";
"error log" = "syslog";
};
};
};
users.users.qbittorrent.extraGroups = [ "media_services" ];
users.groups.qbittorrent = { };
services.qbittorrent = {
enable = true;
dataDir = "/media/storage/media/downloads/";
user = "qbittorrent";
group = "qbittorrent";
port = 8090;
openFirewall = true;
package = pkgs.qbittorrent-nox;
};
systemd.tmpfiles.rules = [
"d /media/storage/media/downloads/qBittorrent 0775 root media_services - -"
"d /storage/services/qbittorrent 0755 qbittorrent qbittorrent - -"
"d /storage/services/qbittorrent/config 0755 qbittorrent qbittorrent - -"
];
services.jellyfin.enable = true;
services.actual = {
enable = true;
settings = {
port = 5006; # Default
# listenAddress = "127.0.0.1";
};
};
virtualisation.docker.enable = true;
# users.users.death916.extraGroups = [ "docker" ]; # If needed
virtualisation.oci-containers = {
backend = "docker";
containers = {
dufs = {
image = "sigoden/dufs:latest";
ports = [ "5000:5000" ];
volumes = [ "/media/storage/media/:/data" ]; # <-- Remember to change this path
cmd = [
"/data"
"-A"
];
#extraOptions = [ "--restart=unless-stopped" ];
};
c2c-scraper = {
image = "death916/c2cscrape:latest";
volumes = [
"/media/storage/media/books/audio/podcasts/C2C:/downloads"
"/media/storage/media/docker/volumes/c2cscrape:/app/data"
];
environment = {
TZ = "America/Los_Angeles";
};
autoStart = true; # Consider adding if not already present
# removeContainer = false;
extraOptions = [
"--dns=8.8.8.8"
];
};
adguardhome = {
image = "adguard/adguardhome:latest";
autoStart = true;
# ports = [
# "53:53/tcp"
# "53:53/udp"
# "3000:3000/tcp"
# ];
volumes = [
"/storage/services/adguard/work:/opt/adguardhome/work"
"/storage/services/adguard/data:/opt/adguardhome/conf"
];
extraOptions = [
"--network=host"
];
};
};
};
boot.kernel.sysctl = {
"net.ipv4.ip_forward" = 1;
"net.ipv6.conf.all.forwarding" = 1;
};
systemd.services.kopia-backup = {
description = "Kopia backup service for NixOS server";
serviceConfig = {
Type = "oneshot";
User = "root"; # Run as root to access all files and Kopia config
ExecStart = "/usr/local/bin/nixos-kopia-backup.sh";
path = with pkgs; [
coreutils # Provides basic tools like `sh`, `cat`, etc.
kopia # The kopia binary itself
];
};
};
systemd.timers.kopia-backup = {
description = "Daily Kopia backup timer";
wantedBy = [ "timers.target" ];
partOf = [ "kopia-backup.service" ]; # Links timer to the service
timerConfig = {
OnCalendar = "hourly"; # Or "hourly", "*-*-* 02:00:00" for 2 AM daily, etc.
Persistent = true; # Run on next boot if a scheduled run was missed
Unit = "kopia-backup.service";
};
};
users.users.adguardhome = {
isSystemUser = true;
group = "adguardhome";
extraGroups = [ "adgaurdhome-access" ];
};
users.groups.adguardhome-access = { };
users.groups.adguardhome = { };
#services.homeAssistantVM.enable = true;
# Sudo access for the wheel group (which death916 is part of)
security.sudo.wheelNeedsPassword = true; # Or false if you prefer passwordless sudo for wheel
# Essential server packages
environment.systemPackages = with pkgs; [
git
vim
htop
tmux
tailscale
lvm2
rsync
multipath-tools # kpartx
btop
wget
pkgs.jellyfin-web
pkgs.jellyfin-ffmpeg
pkgs.jellyfin
unzip
kopia
manix
nh
qemu
];
# If you use custom overlays specific to this server:
# nixpkgs.overlays = [(import ../overlays/homelab-overlay.nix)];
system.stateVersion = "24.11"; # Set to your NixOS version
}

6
old_config/modules/home-manager/default.nix Normal file
View file

@ -0,0 +1,6 @@
# Add your reusable home-manager modules to this directory, on their own file (https://nixos.wiki/wiki/Module).
# These should be stuff you would like to share with others, not your personal configurations.
{
# List your module files here
# my-module = import ./my-module.nix;
}

6
old_config/modules/nixos/default.nix Normal file
View file

@ -0,0 +1,6 @@
# Add your reusable NixOS modules to this directory, on their own file (https://nixos.wiki/wiki/Module).
# These should be stuff you would like to share with others, not your personal configurations.
{
# List your module files here
# my-module = import ./my-module.nix;
}

20
scripts/nh-push Executable file
View file

@ -0,0 +1,20 @@
#!/usr/bin/env bash
#!/usr/bin/env bash
# A wrapper for 'nh' that runs 'git push' on success.
# Exit immediately if a command exits with a non-zero status.
set -e
# Run the 'nh' command with all arguments passed to the script.
# The flake path is hardcoded for convenience.
nh os switch "/home/death916/nixconfig#$@"
# If the above command was successful, proceed to the next lines.
echo "NixOS rebuild successful. Pushing to remote..."
# Push the configuration to the git remote.
git -C /home/death916/nixconfig push
echo "Push complete."