kris/nix
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

a

Browse Source
This commit is contained in:
Kris
2026-03-27 23:01:48 +02:00
parent 5d33a277b3
commit fc729c8aae
3 changed files with 222 additions and 167 deletions
Download Patch File Download Diff File Expand all files Collapse all files

291
hosts/default/packages.nix
View File

@@ -1,155 +1,168 @@
{ inputs, config, pkgs, lib, ... }:
{
inputs,
config,
pkgs,
lib,
...
}:
{
fonts.packages = with pkgs; [
noto-fonts
noto-fonts-cjk-sans
noto-fonts-emoji
monaspace
geist-font
# nerdfonts
nerd-fonts.geist-mono
nerd-fonts.monaspace
nerd-fonts.symbols-only
minecraftia
];
programs.seahorse.enable = true;
fonts.packages = with pkgs; [
noto-fonts
noto-fonts-cjk-sans
noto-fonts-emoji
monaspace
geist-font
# nerdfonts
nerd-fonts.geist-mono
nerd-fonts.monaspace
nerd-fonts.symbols-only
minecraftia
];
environment.sessionVariables.LD_LIBRARY_PATH = "${pkgs.gcc15}/lib";
programs.seahorse.enable = true;
security.polkit = {
enable = true;
};
environment.sessionVariables.LD_LIBRARY_PATH = "${pkgs.gcc15}/lib";
security.soteria.enable = true;
security.polkit = {
enable = true;
};
# surely they should add programs.discord!!
environment.systemPackages = with pkgs; [
(discord.override {
withEquicord = true;
})
security.soteria.enable = true;
# hyprland stuff
inputs.hyprlock.packages.${pkgs.stdenv.hostPlatform.system}.hyprlock
inputs.hyprsysteminfo.packages.${pkgs.stdenv.hostPlatform.system}.hyprsysteminfo
# roblox
inputs.tuxstrap.packages.${pkgs.stdenv.hostPlatform.system}.default
# minecraft
qemu
(writeShellScriptBin "qemu-system-x86_64-uefi" ''
qemu-system-x86_64 \
-bios ${OVMF.fd}/FV/OVMF.fd \
"$@"
'')
(writeShellScriptBin "regretevator" ''xdg-open roblox://placeId=4972273297'')
(writeShellScriptBin "kaijuparadise" ''xdg-open roblox://placeId=6456351776'')
(writeShellScriptBin "sewh" ''xdg-open roblox://placeId=16991287194'')
# surely they should add programs.discord!!
environment.systemPackages = with pkgs; [
mosh
(discord.override {
withEquicord = true;
})
(writeShellScriptBin "fix-gtk" ''${inputs.hyprland.packages.${pkgs.stdenv.hostPlatform.system}.hyprland}/bin/hyprctl dispatch exec "${pkgs.xdg-desktop-portal-gtk}/libexec/xdg-desktop-portal-gtk -r"'')
(callPackage ./apps/wl-shimeji.nix {})
(writeShellScriptBin "stop-shimejis" ''${inputs.hyprland.packages.${pkgs.stdenv.hostPlatform.system}.hyprland}/bin/hyprctl dispatch exec "shimejictl stop"'')
# (writeShellScriptBin "partynoob" ''shimejictl summon PartyNoob'')
# inputs.quickshell.packages.${pkgs.stdenv.hostPlatform.system}.default
kdePackages.qtdeclarative
catppuccin-gtk
catppuccin
catppuccin-qt5ct
catppuccin-catwalk
catppuccin-whiskers
mission-center
# nvtopPackages.full
libxkbcommon
ffmpeg-full
gnupg
code-cursor
nix-direnv
htop
nixpkgs-fmt
nixd
catppuccin-cursors.mochaBlue
unzip
libwebp
ifuse
w3m
imagemagick
alacritty
libimobiledevice
direnv
nautilus
kdePackages.dolphin
kdePackages.kservice
qpwgraph
wget
git
fastfetch
vscode
nodejs
bun
yarn
(python3.withPackages (subpkgs: with subpkgs; [
requests
pypresence
pygobject3
]))
# wrangler
fontforge
xclip
gamescope
yt-dlp
fontforge-gtk
deno
wofi
waybar
hyprpaper
dunst
swww
swappy
slurp
grim
wayland-utils
wl-clipboard
github-cli
cliphist
pywal
pavucontrol
wlogout
libnotify
killall
networkmanagerapplet
blueman
arrpc
playerctl
mangohud
jq
github-cli
file
nwg-look
# rhythmbox
hyprpolkitagent
# hyprland stuff
inputs.hyprlock.packages.${pkgs.stdenv.hostPlatform.system}.hyprlock
inputs.hyprsysteminfo.packages.${pkgs.stdenv.hostPlatform.system}.hyprsysteminfo
# important
glib
openssl
nss
glibc # C LIBRARY DO NOT REMOVE VERY IMPORTANT
gobject-introspection
gimp3
mpv
nixfmt-rfc-style
# roblox
inputs.tuxstrap.packages.${pkgs.stdenv.hostPlatform.system}.default
protonvpn-cli
protonvpn-gui
(writeShellScriptBin "protonvpn" ''${pkgs.protonvpn-cli}/bin/protonvpn-cli "$@"'')
# minecraft
qemu
(writeShellScriptBin "qemu-system-x86_64-uefi" ''
qemu-system-x86_64 \
-bios ${OVMF.fd}/FV/OVMF.fd \
"$@"
'')
(writeShellScriptBin "regretevator" "xdg-open roblox://placeId=4972273297")
(writeShellScriptBin "kaijuparadise" "xdg-open roblox://placeId=6456351776")
(writeShellScriptBin "sewh" "xdg-open roblox://placeId=16991287194")
kdePackages.kdialog
(writeShellScriptBin "fix-gtk" ''${
inputs.hyprland.packages.${pkgs.stdenv.hostPlatform.system}.hyprland
}/bin/hyprctl dispatch exec "${pkgs.xdg-desktop-portal-gtk}/libexec/xdg-desktop-portal-gtk -r"'')
(callPackage ./apps/wl-shimeji.nix { })
(writeShellScriptBin "stop-shimejis" ''${
inputs.hyprland.packages.${pkgs.stdenv.hostPlatform.system}.hyprland
}/bin/hyprctl dispatch exec "shimejictl stop"'')
# (writeShellScriptBin "partynoob" ''shimejictl summon PartyNoob'')
# inputs.quickshell.packages.${pkgs.stdenv.hostPlatform.system}.default
kdePackages.qtdeclarative
catppuccin-gtk
catppuccin
catppuccin-qt5ct
catppuccin-catwalk
catppuccin-whiskers
mission-center
# nvtopPackages.full
libxkbcommon
ffmpeg-full
gnupg
code-cursor
nix-direnv
htop
nixpkgs-fmt
nixd
catppuccin-cursors.mochaBlue
unzip
libwebp
ifuse
w3m
imagemagick
alacritty
libimobiledevice
direnv
nautilus
kdePackages.dolphin
kdePackages.kservice
qpwgraph
wget
git
fastfetch
vscode
nodejs
bun
yarn
(python3.withPackages (
subpkgs: with subpkgs; [
requests
pypresence
pygobject3
]
))
# wrangler
fontforge
xclip
gamescope
yt-dlp
fontforge-gtk
deno
wofi
waybar
hyprpaper
dunst
swww
swappy
slurp
grim
wayland-utils
wl-clipboard
github-cli
cliphist
pywal
pavucontrol
wlogout
libnotify
killall
networkmanagerapplet
blueman
arrpc
playerctl
mangohud
jq
github-cli
file
nwg-look
# rhythmbox
hyprpolkitagent
(writeShellScriptBin "roblox-studio-patcher" ''${pkgs.bun}/bin/bun run /home/ocbwoy3/config/scripts/bin/patchInternalRobloxStudio.ts'')
# firefox-devedition
# important
glib
openssl
nss
glibc # C LIBRARY DO NOT REMOVE VERY IMPORTANT
gobject-introspection
gimp3
mpv
nixfmt-rfc-style
];
protonvpn-cli
protonvpn-gui
(writeShellScriptBin "protonvpn" ''${pkgs.protonvpn-cli}/bin/protonvpn-cli "$@"'')
kdePackages.kdialog
(writeShellScriptBin "roblox-studio-patcher" "${pkgs.bun}/bin/bun run /home/ocbwoy3/config/scripts/bin/patchInternalRobloxStudio.ts")
# firefox-devedition
];
}

86
hosts/server/configuration.nix
View File

@@ -5,6 +5,48 @@
...
}:
let
mkUserService = pkgs.writeShellScriptBin "mk-user-service" ''
set -euo pipefail
if [ "$#" -lt 2 ]; then
echo "Usage: mk-user-service <name> <exec command...>" >&2
exit 1
fi
name="$1"
shift
unitDir="''${XDG_CONFIG_HOME:-$HOME/.config}/systemd/user"
unitFile="$unitDir/$name.service"
mkdir -p "$unitDir"
if [ -e "$unitFile" ]; then
echo "Refusing to overwrite existing unit: $unitFile" >&2
exit 2
fi
cat > "$unitFile" <<EOF
[Unit]
Description=$name
[Service]
Type=simple
ExecStart=$*
Restart=on-failure
RestartSec=2
[Install]
WantedBy=default.target
EOF
echo "Created $unitFile"
echo "Next steps:"
echo " systemctl --user daemon-reload"
echo " systemctl --user enable --now $name.service"
'';
in
{
imports = [
./modules/atproto-pds.nix
@@ -23,27 +65,6 @@
services.vscode-server.enable = true;
systemd.services.ocbwoy3-start-pm2 = {
enable = true;
description = "Start PM2";
after = [ "network.target" ];
wantedBy = [ "multi-user.target" ];
serviceConfig = {
Type = "forking";
User = "ocbwoy3";
LimitNOFILE = "infinity";
LimitNPROC = "infinity";
LimitCORE = "infinity";
Environment = "PM2_HOME=/home/ocbwoy3/.pm2";
PIDFile = "/home/ocbwoy3/.pm2/pm2.pid";
Restart = "on-failure";
ExecStart = "${pkgs.pm2}/bin/pm2 resurrect";
ExecReload = "${pkgs.pm2}/bin/pm2 reload all";
ExecStop = "${pkgs.pm2}/bin/pm2 kill";
};
};
services.openssh.settings = lib.mkDefault {
PubkeyAuthentication = "yes";
TrustedUserCAKeys = "/etc/ssh/ca.pub";
@@ -56,9 +77,11 @@
};
environment.systemPackages = with pkgs; [
mosh
fastfetch
hyfetch
pm2
bash
jdk
steam-run
opencode
bun
@@ -81,6 +104,25 @@
shell = pkgs.zsh;
};
users.users.kris = {
initialPassword = "thisisapassword42069!";
isNormalUser = true;
extraGroups = [
"wheel"
"networkmanager"
"docker"
];
shell = pkgs.zsh;
packages = [
pkgs.mrpack-install
mkUserService
];
};
system.activationScripts.enableKrisLinger.text = ''
${pkgs.systemd}/bin/loginctl enable-linger kris || true
'';
nixpkgs.overlays = [
(final: prev: {
nixos-rebuild = prev.writeShellScriptBin "nixos-rebuild" ''

12
hosts/server/modules/vaultwarden.nix
View File

@@ -9,10 +9,10 @@
services.vaultwarden = {
enable = true;
dbBackend = "sqlite";
environmentFile = "/private/vaultwarden/vaultwarden.env";
environmentFile = "/var/lib/vaultwarden/vaultwarden.env";
config = {
# Keep data alongside the secret env file so we can back it up together.
DATA_FOLDER = "/private/vaultwarden/data";
DATA_FOLDER = "/var/lib/vaultwarden/data";
PUSH_RELAY_URI = "https://api.bitwarden.eu";
PUSH_IDENTITY_URI = "https://identity.bitwarden.eu";
DOMAIN = "https://vault.ocbwoy3.dev";
@@ -25,15 +25,15 @@
};
};
# Allow vaultwarden to write under /private/vaultwarden and ensure the directories exist.
# Allow vaultwarden to write under /var/lib/vaultwarden and ensure the directories exist.
systemd.services.vaultwarden.serviceConfig = {
ReadWritePaths = [ "/private/vaultwarden" ];
ReadWritePaths = [ "/var/lib/vaultwarden" ];
};
# Create parent/data directories with proper ownership before startup.
systemd.tmpfiles.rules = [
"d /private/vaultwarden 0750 vaultwarden vaultwarden -"
"d /private/vaultwarden/data 0750 vaultwarden vaultwarden -"
"d /var/lib/vaultwarden 0750 vaultwarden vaultwarden -"
"d /var/lib/vaultwarden/data 0750 vaultwarden vaultwarden -"
];
# cloudflared!!