kris/nix
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

a

Browse Source
This commit is contained in:
Kris
2026-03-27 23:01:48 +02:00
parent 5d33a277b3
commit fc729c8aae
3 changed files with 222 additions and 167 deletions
Download Patch File Download Diff File Expand all files Collapse all files

33
hosts/default/packages.nix
View File

@@ -1,4 +1,10 @@
{ inputs, config, pkgs, lib, ... }: {
inputs,
config,
pkgs,
lib,
...
}:
{ {
@@ -27,6 +33,7 @@
# surely they should add programs.discord!! # surely they should add programs.discord!!
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
mosh
(discord.override { (discord.override {
withEquicord = true; withEquicord = true;
}) })
@@ -45,13 +52,17 @@
-bios ${OVMF.fd}/FV/OVMF.fd \ -bios ${OVMF.fd}/FV/OVMF.fd \
"$@" "$@"
'') '')
(writeShellScriptBin "regretevator" ''xdg-open roblox://placeId=4972273297'') (writeShellScriptBin "regretevator" "xdg-open roblox://placeId=4972273297")
(writeShellScriptBin "kaijuparadise" ''xdg-open roblox://placeId=6456351776'') (writeShellScriptBin "kaijuparadise" "xdg-open roblox://placeId=6456351776")
(writeShellScriptBin "sewh" ''xdg-open roblox://placeId=16991287194'') (writeShellScriptBin "sewh" "xdg-open roblox://placeId=16991287194")
(writeShellScriptBin "fix-gtk" ''${inputs.hyprland.packages.${pkgs.stdenv.hostPlatform.system}.hyprland}/bin/hyprctl dispatch exec "${pkgs.xdg-desktop-portal-gtk}/libexec/xdg-desktop-portal-gtk -r"'') (writeShellScriptBin "fix-gtk" ''${
(callPackage ./apps/wl-shimeji.nix {}) inputs.hyprland.packages.${pkgs.stdenv.hostPlatform.system}.hyprland
(writeShellScriptBin "stop-shimejis" ''${inputs.hyprland.packages.${pkgs.stdenv.hostPlatform.system}.hyprland}/bin/hyprctl dispatch exec "shimejictl stop"'') }/bin/hyprctl dispatch exec "${pkgs.xdg-desktop-portal-gtk}/libexec/xdg-desktop-portal-gtk -r"'')
(callPackage ./apps/wl-shimeji.nix { })
(writeShellScriptBin "stop-shimejis" ''${
inputs.hyprland.packages.${pkgs.stdenv.hostPlatform.system}.hyprland
}/bin/hyprctl dispatch exec "shimejictl stop"'')
# (writeShellScriptBin "partynoob" ''shimejictl summon PartyNoob'') # (writeShellScriptBin "partynoob" ''shimejictl summon PartyNoob'')
# inputs.quickshell.packages.${pkgs.stdenv.hostPlatform.system}.default # inputs.quickshell.packages.${pkgs.stdenv.hostPlatform.system}.default
kdePackages.qtdeclarative kdePackages.qtdeclarative
@@ -90,11 +101,13 @@
nodejs nodejs
bun bun
yarn yarn
(python3.withPackages (subpkgs: with subpkgs; [ (python3.withPackages (
subpkgs: with subpkgs; [
requests requests
pypresence pypresence
pygobject3 pygobject3
])) ]
))
# wrangler # wrangler
fontforge fontforge
xclip xclip
@@ -147,7 +160,7 @@
kdePackages.kdialog kdePackages.kdialog
(writeShellScriptBin "roblox-studio-patcher" ''${pkgs.bun}/bin/bun run /home/ocbwoy3/config/scripts/bin/patchInternalRobloxStudio.ts'') (writeShellScriptBin "roblox-studio-patcher" "${pkgs.bun}/bin/bun run /home/ocbwoy3/config/scripts/bin/patchInternalRobloxStudio.ts")
# firefox-devedition # firefox-devedition
]; ];

86
hosts/server/configuration.nix
View File

@@ -5,6 +5,48 @@
... ...
}: }:
let
mkUserService = pkgs.writeShellScriptBin "mk-user-service" ''
set -euo pipefail
if [ "$#" -lt 2 ]; then
echo "Usage: mk-user-service <name> <exec command...>" >&2
exit 1
fi
name="$1"
shift
unitDir="''${XDG_CONFIG_HOME:-$HOME/.config}/systemd/user"
unitFile="$unitDir/$name.service"
mkdir -p "$unitDir"
if [ -e "$unitFile" ]; then
echo "Refusing to overwrite existing unit: $unitFile" >&2
exit 2
fi
cat > "$unitFile" <<EOF
[Unit]
Description=$name
[Service]
Type=simple
ExecStart=$*
Restart=on-failure
RestartSec=2
[Install]
WantedBy=default.target
EOF
echo "Created $unitFile"
echo "Next steps:"
echo " systemctl --user daemon-reload"
echo " systemctl --user enable --now $name.service"
'';
in
{ {
imports = [ imports = [
./modules/atproto-pds.nix ./modules/atproto-pds.nix
@@ -23,27 +65,6 @@
services.vscode-server.enable = true; services.vscode-server.enable = true;
systemd.services.ocbwoy3-start-pm2 = {
enable = true;
description = "Start PM2";
after = [ "network.target" ];
wantedBy = [ "multi-user.target" ];
serviceConfig = {
Type = "forking";
User = "ocbwoy3";
LimitNOFILE = "infinity";
LimitNPROC = "infinity";
LimitCORE = "infinity";
Environment = "PM2_HOME=/home/ocbwoy3/.pm2";
PIDFile = "/home/ocbwoy3/.pm2/pm2.pid";
Restart = "on-failure";
ExecStart = "${pkgs.pm2}/bin/pm2 resurrect";
ExecReload = "${pkgs.pm2}/bin/pm2 reload all";
ExecStop = "${pkgs.pm2}/bin/pm2 kill";
};
};
services.openssh.settings = lib.mkDefault { services.openssh.settings = lib.mkDefault {
PubkeyAuthentication = "yes"; PubkeyAuthentication = "yes";
TrustedUserCAKeys = "/etc/ssh/ca.pub"; TrustedUserCAKeys = "/etc/ssh/ca.pub";
@@ -56,9 +77,11 @@
}; };
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
mosh
fastfetch fastfetch
hyfetch hyfetch
pm2 bash
jdk
steam-run steam-run
opencode opencode
bun bun
@@ -81,6 +104,25 @@
shell = pkgs.zsh; shell = pkgs.zsh;
}; };
users.users.kris = {
initialPassword = "thisisapassword42069!";
isNormalUser = true;
extraGroups = [
"wheel"
"networkmanager"
"docker"
];
shell = pkgs.zsh;
packages = [
pkgs.mrpack-install
mkUserService
];
};
system.activationScripts.enableKrisLinger.text = ''
${pkgs.systemd}/bin/loginctl enable-linger kris || true
'';
nixpkgs.overlays = [ nixpkgs.overlays = [
(final: prev: { (final: prev: {
nixos-rebuild = prev.writeShellScriptBin "nixos-rebuild" '' nixos-rebuild = prev.writeShellScriptBin "nixos-rebuild" ''

12
hosts/server/modules/vaultwarden.nix
View File

@@ -9,10 +9,10 @@
services.vaultwarden = { services.vaultwarden = {
enable = true; enable = true;
dbBackend = "sqlite"; dbBackend = "sqlite";
environmentFile = "/private/vaultwarden/vaultwarden.env"; environmentFile = "/var/lib/vaultwarden/vaultwarden.env";
config = { config = {
# Keep data alongside the secret env file so we can back it up together. # Keep data alongside the secret env file so we can back it up together.
DATA_FOLDER = "/private/vaultwarden/data"; DATA_FOLDER = "/var/lib/vaultwarden/data";
PUSH_RELAY_URI = "https://api.bitwarden.eu"; PUSH_RELAY_URI = "https://api.bitwarden.eu";
PUSH_IDENTITY_URI = "https://identity.bitwarden.eu"; PUSH_IDENTITY_URI = "https://identity.bitwarden.eu";
DOMAIN = "https://vault.ocbwoy3.dev"; DOMAIN = "https://vault.ocbwoy3.dev";
@@ -25,15 +25,15 @@
}; };
}; };
# Allow vaultwarden to write under /private/vaultwarden and ensure the directories exist. # Allow vaultwarden to write under /var/lib/vaultwarden and ensure the directories exist.
systemd.services.vaultwarden.serviceConfig = { systemd.services.vaultwarden.serviceConfig = {
ReadWritePaths = [ "/private/vaultwarden" ]; ReadWritePaths = [ "/var/lib/vaultwarden" ];
}; };
# Create parent/data directories with proper ownership before startup. # Create parent/data directories with proper ownership before startup.
systemd.tmpfiles.rules = [ systemd.tmpfiles.rules = [
"d /private/vaultwarden 0750 vaultwarden vaultwarden -" "d /var/lib/vaultwarden 0750 vaultwarden vaultwarden -"
"d /private/vaultwarden/data 0750 vaultwarden vaultwarden -" "d /var/lib/vaultwarden/data 0750 vaultwarden vaultwarden -"
]; ];
# cloudflared!! # cloudflared!!